summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/Attic/Makefile2
-rw-r--r--src/lib/libcrypto/asn1/Makefile2
-rw-r--r--src/lib/libcrypto/bf/Makefile10
-rw-r--r--src/lib/libcrypto/bio/Makefile2
-rw-r--r--src/lib/libcrypto/bn/Makefile8
-rw-r--r--src/lib/libcrypto/bn/bntest.c56
-rw-r--r--src/lib/libcrypto/bn/expspeed.c2
-rw-r--r--src/lib/libcrypto/bn/exptest.c18
-rw-r--r--src/lib/libcrypto/buffer/Makefile2
-rw-r--r--src/lib/libcrypto/cast/Makefile9
-rw-r--r--src/lib/libcrypto/comp/Makefile2
-rw-r--r--src/lib/libcrypto/conf/Makefile2
-rw-r--r--src/lib/libcrypto/crypto-lib.com23
-rw-r--r--src/lib/libcrypto/des/Makefile2
-rw-r--r--src/lib/libcrypto/dh/Makefile2
-rw-r--r--src/lib/libcrypto/dh/dhtest.c4
-rw-r--r--src/lib/libcrypto/dsa/Makefile2
-rw-r--r--src/lib/libcrypto/dsa/dsatest.c9
-rw-r--r--src/lib/libcrypto/dso/Makefile2
-rw-r--r--src/lib/libcrypto/dso/dso_dl.c35
-rw-r--r--src/lib/libcrypto/dso/dso_win32.c21
-rw-r--r--src/lib/libcrypto/engine/hw_aep.c1
-rw-r--r--src/lib/libcrypto/engine/hw_atalla.c1
-rw-r--r--src/lib/libcrypto/engine/hw_cswift.c204
-rw-r--r--src/lib/libcrypto/engine/hw_ubsec.c1
-rw-r--r--src/lib/libcrypto/err/Makefile2
-rw-r--r--src/lib/libcrypto/evp/Makefile2
-rw-r--r--src/lib/libcrypto/evp/c_alld.c10
-rw-r--r--src/lib/libcrypto/evp/m_sha.c3
-rw-r--r--src/lib/libcrypto/hmac/Makefile2
-rw-r--r--src/lib/libcrypto/idea/Makefile10
-rw-r--r--src/lib/libcrypto/lhash/Makefile2
-rw-r--r--src/lib/libcrypto/md2/Makefile2
-rw-r--r--src/lib/libcrypto/md2/md2_one.c3
-rw-r--r--src/lib/libcrypto/md4/Makefile2
-rw-r--r--src/lib/libcrypto/md5/Makefile2
-rw-r--r--src/lib/libcrypto/mdc2/Makefile2
-rw-r--r--src/lib/libcrypto/objects/Makefile2
-rw-r--r--src/lib/libcrypto/objects/obj_dat.h99
-rw-r--r--src/lib/libcrypto/objects/obj_mac.h65
-rw-r--r--src/lib/libcrypto/pem/Makefile2
-rw-r--r--src/lib/libcrypto/perlasm/x86nasm.pl10
-rw-r--r--src/lib/libcrypto/pkcs12/Makefile2
-rw-r--r--src/lib/libcrypto/pkcs7/Makefile2
-rw-r--r--src/lib/libcrypto/rand/Makefile2
-rw-r--r--src/lib/libcrypto/rc2/Makefile4
-rw-r--r--src/lib/libcrypto/rc2/rc2speed.c6
-rw-r--r--src/lib/libcrypto/rc4/Makefile13
-rw-r--r--src/lib/libcrypto/rc4/asm/rc4-ia64.S65
-rw-r--r--src/lib/libcrypto/rc5/Makefile4
-rw-r--r--src/lib/libcrypto/ripemd/Makefile2
-rw-r--r--src/lib/libcrypto/rsa/Makefile36
-rw-r--r--src/lib/libcrypto/rsa/rsa_test.c5
-rw-r--r--src/lib/libcrypto/sha/Makefile2
-rw-r--r--src/lib/libcrypto/sha/sha_one.c3
-rw-r--r--src/lib/libcrypto/stack/Makefile2
-rw-r--r--src/lib/libcrypto/txt_db/Makefile2
-rw-r--r--src/lib/libcrypto/util/checkhash.pl222
-rw-r--r--src/lib/libcrypto/util/fipslink.pl78
-rw-r--r--src/lib/libcrypto/util/libeay.num42
-rw-r--r--src/lib/libcrypto/util/mk1mf.pl337
-rw-r--r--src/lib/libcrypto/util/mkdef.pl11
-rw-r--r--src/lib/libcrypto/util/mkfiles.pl17
-rw-r--r--src/lib/libcrypto/util/mklink.pl7
-rw-r--r--src/lib/libcrypto/util/pl/BC-32.pl14
-rw-r--r--src/lib/libcrypto/util/pl/OS2-EMX.pl1
-rw-r--r--src/lib/libcrypto/util/pl/VC-32-GMAKE.pl222
-rw-r--r--src/lib/libcrypto/util/pl/VC-32.pl99
-rw-r--r--src/lib/libcrypto/util/pod2man.pl1
-rw-r--r--src/lib/libcrypto/util/selftest.pl26
-rw-r--r--src/lib/libcrypto/x509/Makefile2
-rw-r--r--src/lib/libcrypto/x509v3/Makefile2
-rw-r--r--src/lib/libssl/src/CHANGES114
-rw-r--r--src/lib/libssl/src/Configure147
-rw-r--r--src/lib/libssl/src/FAQ6
-rw-r--r--src/lib/libssl/src/LICENSE2
-rw-r--r--src/lib/libssl/src/Makefile146
-rw-r--r--src/lib/libssl/src/Makefile.org144
-rw-r--r--src/lib/libssl/src/NEWS14
-rw-r--r--src/lib/libssl/src/PROBLEMS56
-rw-r--r--src/lib/libssl/src/README27
-rw-r--r--src/lib/libssl/src/apps/CA.pl15
-rw-r--r--src/lib/libssl/src/apps/CA.pl.in15
-rw-r--r--src/lib/libssl/src/apps/CA.sh8
-rw-r--r--src/lib/libssl/src/apps/Makefile19
-rw-r--r--src/lib/libssl/src/apps/apps.c24
-rw-r--r--src/lib/libssl/src/apps/asn1pars.c2
-rw-r--r--src/lib/libssl/src/apps/ca.c1
-rw-r--r--src/lib/libssl/src/apps/engine.c4
-rw-r--r--src/lib/libssl/src/apps/genrsa.c27
-rw-r--r--src/lib/libssl/src/apps/makeapps.com2
-rw-r--r--src/lib/libssl/src/apps/openssl.c11
-rw-r--r--src/lib/libssl/src/apps/rsautl.c3
-rw-r--r--src/lib/libssl/src/apps/speed.c4
-rw-r--r--src/lib/libssl/src/certs/argena.pem39
-rw-r--r--src/lib/libssl/src/certs/argeng.pem23
-rw-r--r--src/lib/libssl/src/config22
-rw-r--r--src/lib/libssl/src/crypto/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_cbc.c2
-rw-r--r--src/lib/libssl/src/crypto/asn1/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1.h2
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_err.c324
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_dec.c78
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_enc.c9
-rw-r--r--src/lib/libssl/src/crypto/bf/Makefile10
-rw-r--r--src/lib/libssl/src/crypto/bf/bf_skey.c1
-rw-r--r--src/lib/libssl/src/crypto/bio/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/bio/b_print.c8
-rw-r--r--src/lib/libssl/src/crypto/bio/bio_err.c130
-rw-r--r--src/lib/libssl/src/crypto/bio/bss_conn.c2
-rw-r--r--src/lib/libssl/src/crypto/bn/Makefile8
-rw-r--r--src/lib/libssl/src/crypto/bn/asm/ppc.pl23
-rw-r--r--src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S16
-rw-r--r--src/lib/libssl/src/crypto/bn/bn.h34
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_asm.c2
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_err.c92
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_exp.c244
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_lcl.h39
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_mont.c20
-rw-r--r--src/lib/libssl/src/crypto/bn/bntest.c56
-rw-r--r--src/lib/libssl/src/crypto/bn/expspeed.c2
-rw-r--r--src/lib/libssl/src/crypto/bn/exptest.c18
-rw-r--r--src/lib/libssl/src/crypto/buffer/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/buffer/buf_err.c16
-rw-r--r--src/lib/libssl/src/crypto/cast/Makefile9
-rw-r--r--src/lib/libssl/src/crypto/cast/c_skey.c1
-rw-r--r--src/lib/libssl/src/crypto/cast/cast_lcl.h21
-rw-r--r--src/lib/libssl/src/crypto/comp/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/comp/c_zlib.c88
-rw-r--r--src/lib/libssl/src/crypto/conf/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_def.c13
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_err.c78
-rw-r--r--src/lib/libssl/src/crypto/cpt_err.c30
-rw-r--r--src/lib/libssl/src/crypto/cryptlib.c218
-rw-r--r--src/lib/libssl/src/crypto/cryptlib.h4
-rw-r--r--src/lib/libssl/src/crypto/crypto-lib.com23
-rw-r--r--src/lib/libssl/src/crypto/crypto.h5
-rw-r--r--src/lib/libssl/src/crypto/des/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/des/des_locl.h2
-rw-r--r--src/lib/libssl/src/crypto/dh/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/dh/dh.h9
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_err.c26
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_key.c63
-rw-r--r--src/lib/libssl/src/crypto/dh/dhtest.c4
-rw-r--r--src/lib/libssl/src/crypto/dsa/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa.h14
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_err.c42
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_key.c16
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_ossl.c55
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_sign.c6
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_vrf.c3
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsatest.c9
-rw-r--r--src/lib/libssl/src/crypto/dso/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/dso/dso_dl.c35
-rw-r--r--src/lib/libssl/src/crypto/dso/dso_dlfcn.c36
-rw-r--r--src/lib/libssl/src/crypto/dso/dso_err.c96
-rw-r--r--src/lib/libssl/src/crypto/dso/dso_win32.c21
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_err.c124
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_cnf.c2
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_err.c158
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_aep.c1
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_atalla.c1
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_cswift.c204
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_ubsec.c1
-rw-r--r--src/lib/libssl/src/crypto/engine/tb_dsa.c2
-rw-r--r--src/lib/libssl/src/crypto/err/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/err/err.c6
-rw-r--r--src/lib/libssl/src/crypto/err/openssl.ec2
-rw-r--r--src/lib/libssl/src/crypto/evp/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/evp/bio_enc.c2
-rw-r--r--src/lib/libssl/src/crypto/evp/c_alld.c10
-rw-r--r--src/lib/libssl/src/crypto/evp/e_aes.c6
-rw-r--r--src/lib/libssl/src/crypto/evp/encode.c2
-rw-r--r--src/lib/libssl/src/crypto/evp/evp.h20
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_err.c158
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_key.c3
-rw-r--r--src/lib/libssl/src/crypto/evp/m_dss1.c9
-rw-r--r--src/lib/libssl/src/crypto/evp/m_sha.c3
-rw-r--r--src/lib/libssl/src/crypto/evp/m_sha1.c119
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt2.c11
-rw-r--r--src/lib/libssl/src/crypto/hmac/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/hmac/hmac.c12
-rw-r--r--src/lib/libssl/src/crypto/hmac/hmac.h4
-rw-r--r--src/lib/libssl/src/crypto/idea/Makefile10
-rw-r--r--src/lib/libssl/src/crypto/lhash/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/md2/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/md2/md2_one.c3
-rw-r--r--src/lib/libssl/src/crypto/md4/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/md4/md4_one.c3
-rw-r--r--src/lib/libssl/src/crypto/md5/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/md5/md5_one.c3
-rw-r--r--src/lib/libssl/src/crypto/mdc2/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/objects/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_dat.h99
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_err.c28
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_mac.h65
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_mac.num16
-rw-r--r--src/lib/libssl/src/crypto/objects/objects.txt20
-rw-r--r--src/lib/libssl/src/crypto/ocsp/ocsp_err.c104
-rw-r--r--src/lib/libssl/src/crypto/opensslv.h6
-rw-r--r--src/lib/libssl/src/crypto/pem/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_err.c88
-rw-r--r--src/lib/libssl/src/crypto/perlasm/x86asm.pl2
-rw-r--r--src/lib/libssl/src/crypto/perlasm/x86nasm.pl10
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/p12_add.c11
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/p12_crt.c10
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/p12_mutl.c6
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/pk12err.c107
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/pkcs12.h3
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pk7_mime.c24
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pk7_smime.c6
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pkcs7err.c146
-rw-r--r--src/lib/libssl/src/crypto/rand/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/rand/rand_err.c28
-rw-r--r--src/lib/libssl/src/crypto/rand/rand_lib.c26
-rw-r--r--src/lib/libssl/src/crypto/rand/randfile.c2
-rw-r--r--src/lib/libssl/src/crypto/rc2/Makefile4
-rw-r--r--src/lib/libssl/src/crypto/rc2/rc2_skey.c1
-rw-r--r--src/lib/libssl/src/crypto/rc2/rc2speed.c6
-rw-r--r--src/lib/libssl/src/crypto/rc4/Makefile13
-rw-r--r--src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S65
-rw-r--r--src/lib/libssl/src/crypto/rc4/rc4.h4
-rw-r--r--src/lib/libssl/src/crypto/rc4/rc4_enc.c4
-rw-r--r--src/lib/libssl/src/crypto/rc4/rc4_skey.c5
-rw-r--r--src/lib/libssl/src/crypto/rc5/Makefile4
-rw-r--r--src/lib/libssl/src/crypto/ripemd/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/ripemd/rmd_one.c3
-rw-r--r--src/lib/libssl/src/crypto/rsa/Makefile36
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa.h67
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_eay.c247
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_err.c135
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_gen.c3
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_oaep.c32
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_test.c5
-rw-r--r--src/lib/libssl/src/crypto/sha/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/sha/sha1_one.c5
-rw-r--r--src/lib/libssl/src/crypto/sha/sha_one.c3
-rw-r--r--src/lib/libssl/src/crypto/stack/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/stack/safestack.h53
-rw-r--r--src/lib/libssl/src/crypto/txt_db/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/ui/ui_err.c48
-rw-r--r--src/lib/libssl/src/crypto/x509/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/x509/by_dir.c15
-rw-r--r--src/lib/libssl/src/crypto/x509/x509_err.c138
-rw-r--r--src/lib/libssl/src/crypto/x509/x509_vfy.c2
-rw-r--r--src/lib/libssl/src/crypto/x509v3/Makefile2
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_cpols.c9
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3err.c210
-rw-r--r--src/lib/libssl/src/doc/HOWTO/keys.txt6
-rw-r--r--src/lib/libssl/src/doc/apps/CA.pl.pod2
-rw-r--r--src/lib/libssl/src/doc/apps/ca.pod6
-rw-r--r--src/lib/libssl/src/doc/apps/enc.pod16
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod6
-rw-r--r--src/lib/libssl/src/doc/crypto/OPENSSL_config.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/PKCS7_verify.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/hmac.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/threads.pod25
-rw-r--r--src/lib/libssl/src/doc/fingerprints.txt29
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod2
-rw-r--r--src/lib/libssl/src/e_os.h2
-rw-r--r--src/lib/libssl/src/e_os2.h4
-rw-r--r--src/lib/libssl/src/fips-1.0/Makefile242
-rw-r--r--src/lib/libssl/src/fips-1.0/aes/Makefile121
-rw-r--r--src/lib/libssl/src/fips-1.0/aes/asm/fips-ax86-elf.s1711
-rw-r--r--src/lib/libssl/src/fips-1.0/aes/fips_aes_core.c1263
-rw-r--r--src/lib/libssl/src/fips-1.0/aes/fips_aes_locl.h85
-rw-r--r--src/lib/libssl/src/fips-1.0/aes/fips_aes_selftest.c112
-rw-r--r--src/lib/libssl/src/fips-1.0/aes/fips_aesavs.c1005
-rw-r--r--src/lib/libssl/src/fips-1.0/des/Makefile135
-rw-r--r--src/lib/libssl/src/fips-1.0/des/asm/fips-dx86-elf.s2707
-rw-r--r--src/lib/libssl/src/fips-1.0/des/fips_des_enc.c310
-rw-r--r--src/lib/libssl/src/fips-1.0/des/fips_des_locl.h428
-rw-r--r--src/lib/libssl/src/fips-1.0/des/fips_des_selftest.c200
-rw-r--r--src/lib/libssl/src/fips-1.0/des/fips_desmovs.c833
-rw-r--r--src/lib/libssl/src/fips-1.0/des/fips_set_key.c417
-rw-r--r--src/lib/libssl/src/fips-1.0/dh/Makefile104
-rw-r--r--src/lib/libssl/src/fips-1.0/dh/fips_dh_check.c125
-rw-r--r--src/lib/libssl/src/fips-1.0/dh/fips_dh_gen.c186
-rw-r--r--src/lib/libssl/src/fips-1.0/dh/fips_dh_key.c256
-rw-r--r--src/lib/libssl/src/fips-1.0/dsa/Makefile147
-rw-r--r--src/lib/libssl/src/fips-1.0/dsa/fips_dsa_gen.c374
-rw-r--r--src/lib/libssl/src/fips-1.0/dsa/fips_dsa_ossl.c408
-rw-r--r--src/lib/libssl/src/fips-1.0/dsa/fips_dsa_selftest.c168
-rw-r--r--src/lib/libssl/src/fips-1.0/dsa/fips_dsatest.c257
-rw-r--r--src/lib/libssl/src/fips-1.0/dsa/fips_dssvs.c319
-rw-r--r--src/lib/libssl/src/fips-1.0/fips-lib.com1196
-rw-r--r--src/lib/libssl/src/fips-1.0/fips.c313
-rw-r--r--src/lib/libssl/src/fips-1.0/fips.h131
-rw-r--r--src/lib/libssl/src/fips-1.0/fips_canister.c171
-rw-r--r--src/lib/libssl/src/fips-1.0/fips_err.h133
-rw-r--r--src/lib/libssl/src/fips-1.0/fips_err_wrapper.c7
-rw-r--r--src/lib/libssl/src/fips-1.0/fips_locl.h71
-rw-r--r--src/lib/libssl/src/fips-1.0/fips_premain.c171
-rw-r--r--src/lib/libssl/src/fips-1.0/fips_test_suite.c510
-rw-r--r--src/lib/libssl/src/fips-1.0/fipshashes.c43
-rwxr-xr-xsrc/lib/libssl/src/fips-1.0/fipsld147
-rw-r--r--src/lib/libssl/src/fips-1.0/hmac/Makefile155
-rw-r--r--src/lib/libssl/src/fips-1.0/hmac/fips_hmac.c190
-rw-r--r--src/lib/libssl/src/fips-1.0/hmac/fips_hmac_selftest.c135
-rw-r--r--src/lib/libssl/src/fips-1.0/hmac/fips_hmactest.c335
-rw-r--r--src/lib/libssl/src/fips-1.0/install.com57
-rwxr-xr-xsrc/lib/libssl/src/fips-1.0/openssl_fips_fingerprint31
-rw-r--r--src/lib/libssl/src/fips-1.0/rand/Makefile126
-rw-r--r--src/lib/libssl/src/fips-1.0/rand/fips_rand.c359
-rw-r--r--src/lib/libssl/src/fips-1.0/rand/fips_rand.h73
-rw-r--r--src/lib/libssl/src/fips-1.0/rand/fips_rand_selftest.c120
-rw-r--r--src/lib/libssl/src/fips-1.0/rand/fips_randtest.c369
-rw-r--r--src/lib/libssl/src/fips-1.0/rand/fips_rngvs.c234
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/Makefile208
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsa_eay.c788
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsa_gen.c282
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsa_selftest.c251
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsa_x931g.c289
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsagtest.c420
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsastest.c402
-rw-r--r--src/lib/libssl/src/fips-1.0/rsa/fips_rsavtest.c425
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/Makefile200
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/SHAmix.fax129
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/SHAmix.req99
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/asm/fips-sx86-elf.s1568
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_md32_common.h623
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_sha.h186
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_sha1_selftest.c96
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_sha1dgst.c96
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_sha256.c325
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_sha512.c487
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_sha_locl.h482
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_shatest.c399
-rw-r--r--src/lib/libssl/src/fips-1.0/sha/fips_standalone_sha1.c170
-rw-r--r--src/lib/libssl/src/makevms.com16
-rw-r--r--src/lib/libssl/src/ms/do_masm.bat3
-rw-r--r--src/lib/libssl/src/ms/do_ms.bat2
-rw-r--r--src/lib/libssl/src/ms/fipscheck.pl38
-rw-r--r--src/lib/libssl/src/openssl.spec7
-rw-r--r--src/lib/libssl/src/ssl/Makefile2
-rw-r--r--src/lib/libssl/src/ssl/kssl.c6
-rw-r--r--src/lib/libssl/src/ssl/s23_clnt.c225
-rw-r--r--src/lib/libssl/src/ssl/s23_srvr.c9
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c4
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c4
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c6
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c12
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c4
-rw-r--r--src/lib/libssl/src/ssl/ssl-lib.com2
-rw-r--r--src/lib/libssl/src/ssl/ssl.h57
-rw-r--r--src/lib/libssl/src/ssl/ssl_asn1.c2
-rw-r--r--src/lib/libssl/src/ssl/ssl_cert.c16
-rw-r--r--src/lib/libssl/src/ssl/ssl_ciph.c64
-rw-r--r--src/lib/libssl/src/ssl/ssl_err.c745
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c38
-rw-r--r--src/lib/libssl/src/ssl/ssl_locl.h5
-rw-r--r--src/lib/libssl/src/ssl/ssl_sess.c4
-rw-r--r--src/lib/libssl/src/ssl/ssltest.c20
-rw-r--r--src/lib/libssl/src/test/Makefile242
-rw-r--r--src/lib/libssl/src/test/SHAmix.fax129
-rw-r--r--src/lib/libssl/src/test/SHAmix.req99
-rw-r--r--src/lib/libssl/src/test/maketests.com2
-rw-r--r--src/lib/libssl/src/test/tverify.com14
-rw-r--r--src/lib/libssl/src/tools/Makefile2
-rw-r--r--src/lib/libssl/src/util/checkhash.pl222
-rw-r--r--src/lib/libssl/src/util/fipslink.pl78
-rw-r--r--src/lib/libssl/src/util/libeay.num42
-rw-r--r--src/lib/libssl/src/util/mk1mf.pl337
-rw-r--r--src/lib/libssl/src/util/mkdef.pl11
-rw-r--r--src/lib/libssl/src/util/mkerr.pl37
-rw-r--r--src/lib/libssl/src/util/mkfiles.pl17
-rw-r--r--src/lib/libssl/src/util/mklink.pl7
-rw-r--r--src/lib/libssl/src/util/pl/BC-32.pl14
-rw-r--r--src/lib/libssl/src/util/pl/OS2-EMX.pl1
-rw-r--r--src/lib/libssl/src/util/pl/VC-32-GMAKE.pl222
-rw-r--r--src/lib/libssl/src/util/pl/VC-32.pl99
-rw-r--r--src/lib/libssl/src/util/pod2man.pl1
-rw-r--r--src/lib/libssl/src/util/selftest.pl26
-rw-r--r--src/lib/libssl/test/Makefile242
-rw-r--r--src/lib/libssl/test/SHAmix.fax129
-rw-r--r--src/lib/libssl/test/SHAmix.req99
-rw-r--r--src/lib/libssl/test/maketests.com2
-rw-r--r--src/lib/libssl/test/tverify.com14
380 files changed, 32917 insertions, 3153 deletions
diff --git a/src/lib/libcrypto/Attic/Makefile b/src/lib/libcrypto/Attic/Makefile
index cffaeedc5d..cda9de0ac9 100644
--- a/src/lib/libcrypto/Attic/Makefile
+++ b/src/lib/libcrypto/Attic/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/Makefile 2# OpenSSL/crypto/Makefile
3# 3#
4 4
5DIR= crypto 5DIR= crypto
diff --git a/src/lib/libcrypto/asn1/Makefile b/src/lib/libcrypto/asn1/Makefile
index b11298d621..d1c2d8f490 100644
--- a/src/lib/libcrypto/asn1/Makefile
+++ b/src/lib/libcrypto/asn1/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/asn1/Makefile 2# OpenSSL/crypto/asn1/Makefile
3# 3#
4 4
5DIR= asn1 5DIR= asn1
diff --git a/src/lib/libcrypto/bf/Makefile b/src/lib/libcrypto/bf/Makefile
index 0e2121efdc..42e2c050f8 100644
--- a/src/lib/libcrypto/bf/Makefile
+++ b/src/lib/libcrypto/bf/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/blowfish/Makefile 2# OpenSSL/crypto/blowfish/Makefile
3# 3#
4 4
5DIR= bf 5DIR= bf
@@ -110,7 +110,7 @@ bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
110bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h 110bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
111bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c 111bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
112bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h 112bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
113bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h 113bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
114bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 114bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
115bf_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 115bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
116bf_skey.o: bf_locl.h bf_pi.h bf_skey.c 116bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/src/lib/libcrypto/bio/Makefile b/src/lib/libcrypto/bio/Makefile
index 19d9350760..a565154499 100644
--- a/src/lib/libcrypto/bio/Makefile
+++ b/src/lib/libcrypto/bio/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/bio/Makefile 2# OpenSSL/crypto/bio/Makefile
3# 3#
4 4
5DIR= bio 5DIR= bio
diff --git a/src/lib/libcrypto/bn/Makefile b/src/lib/libcrypto/bn/Makefile
index f693d35d87..9969d242cc 100644
--- a/src/lib/libcrypto/bn/Makefile
+++ b/src/lib/libcrypto/bn/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/bn/Makefile 2# OpenSSL/crypto/bn/Makefile
3# 3#
4 4
5DIR= bn 5DIR= bn
@@ -31,12 +31,12 @@ LIB=$(TOP)/libcrypto.a
31LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ 31LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
32 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ 32 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
33 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ 33 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
34 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c 34 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_x931p.c
35 35
36LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ 36LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
37 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ 37 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
38 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ 38 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
39 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o 39 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_x931p.o
40 40
41SRC= $(LIBSRC) 41SRC= $(LIBSRC)
42 42
@@ -329,3 +329,5 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
329bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 329bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
330bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 330bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
331bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c 331bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c
332bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
333bn_x931p.o: ../../include/openssl/opensslconf.h bn_x931p.c
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
index 28cd3339da..685007d330 100644
--- a/src/lib/libcrypto/bn/bntest.c
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -86,6 +86,7 @@ int test_mont(BIO *bp,BN_CTX *ctx);
86int test_mod(BIO *bp,BN_CTX *ctx); 86int test_mod(BIO *bp,BN_CTX *ctx);
87int test_mod_mul(BIO *bp,BN_CTX *ctx); 87int test_mod_mul(BIO *bp,BN_CTX *ctx);
88int test_mod_exp(BIO *bp,BN_CTX *ctx); 88int test_mod_exp(BIO *bp,BN_CTX *ctx);
89int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
89int test_exp(BIO *bp,BN_CTX *ctx); 90int test_exp(BIO *bp,BN_CTX *ctx);
90int test_kron(BIO *bp,BN_CTX *ctx); 91int test_kron(BIO *bp,BN_CTX *ctx);
91int test_sqrt(BIO *bp,BN_CTX *ctx); 92int test_sqrt(BIO *bp,BN_CTX *ctx);
@@ -213,6 +214,10 @@ int main(int argc, char *argv[])
213 if (!test_mod_exp(out,ctx)) goto err; 214 if (!test_mod_exp(out,ctx)) goto err;
214 BIO_flush(out); 215 BIO_flush(out);
215 216
217 message(out,"BN_mod_exp_mont_consttime");
218 if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
219 BIO_flush(out);
220
216 message(out,"BN_exp"); 221 message(out,"BN_exp");
217 if (!test_exp(out,ctx)) goto err; 222 if (!test_exp(out,ctx)) goto err;
218 BIO_flush(out); 223 BIO_flush(out);
@@ -813,6 +818,57 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
813 return(1); 818 return(1);
814 } 819 }
815 820
821int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
822 {
823 BIGNUM *a,*b,*c,*d,*e;
824 int i;
825
826 a=BN_new();
827 b=BN_new();
828 c=BN_new();
829 d=BN_new();
830 e=BN_new();
831
832 BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
833 for (i=0; i<num2; i++)
834 {
835 BN_bntest_rand(a,20+i*5,0,0); /**/
836 BN_bntest_rand(b,2+i,0,0); /**/
837
838 if (!BN_mod_exp_mont_consttime(d,a,b,c,ctx,NULL))
839 return(00);
840
841 if (bp != NULL)
842 {
843 if (!results)
844 {
845 BN_print(bp,a);
846 BIO_puts(bp," ^ ");
847 BN_print(bp,b);
848 BIO_puts(bp," % ");
849 BN_print(bp,c);
850 BIO_puts(bp," - ");
851 }
852 BN_print(bp,d);
853 BIO_puts(bp,"\n");
854 }
855 BN_exp(e,a,b,ctx);
856 BN_sub(e,e,d);
857 BN_div(a,b,e,c,ctx);
858 if(!BN_is_zero(b))
859 {
860 fprintf(stderr,"Modulo exponentiation test failed!\n");
861 return 0;
862 }
863 }
864 BN_free(a);
865 BN_free(b);
866 BN_free(c);
867 BN_free(d);
868 BN_free(e);
869 return(1);
870 }
871
816int test_exp(BIO *bp, BN_CTX *ctx) 872int test_exp(BIO *bp, BN_CTX *ctx)
817 { 873 {
818 BIGNUM *a,*b,*d,*e,*one; 874 BIGNUM *a,*b,*d,*e,*one;
diff --git a/src/lib/libcrypto/bn/expspeed.c b/src/lib/libcrypto/bn/expspeed.c
index 07a1bcf51c..4d5f221f33 100644
--- a/src/lib/libcrypto/bn/expspeed.c
+++ b/src/lib/libcrypto/bn/expspeed.c
@@ -321,7 +321,7 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
321#else /* TEST_SQRT */ 321#else /* TEST_SQRT */
322 "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d" 322 "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
323#endif 323#endif
324 " -> %8.3fms %5.1f (%ld)\n", 324 " -> %8.6fms %5.1f (%ld)\n",
325#ifdef TEST_SQRT 325#ifdef TEST_SQRT
326 P_MOD_64, 326 P_MOD_64,
327#endif 327#endif
diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c
index b09cf88705..28aaac2ac1 100644
--- a/src/lib/libcrypto/bn/exptest.c
+++ b/src/lib/libcrypto/bn/exptest.c
@@ -77,7 +77,7 @@ int main(int argc, char *argv[])
77 BIO *out=NULL; 77 BIO *out=NULL;
78 int i,ret; 78 int i,ret;
79 unsigned char c; 79 unsigned char c;
80 BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m; 80 BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
81 81
82 RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't 82 RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
83 * even check its return value 83 * even check its return value
@@ -88,6 +88,7 @@ int main(int argc, char *argv[])
88 ctx=BN_CTX_new(); 88 ctx=BN_CTX_new();
89 if (ctx == NULL) EXIT(1); 89 if (ctx == NULL) EXIT(1);
90 r_mont=BN_new(); 90 r_mont=BN_new();
91 r_mont_const=BN_new();
91 r_recp=BN_new(); 92 r_recp=BN_new();
92 r_simple=BN_new(); 93 r_simple=BN_new();
93 a=BN_new(); 94 a=BN_new();
@@ -143,8 +144,17 @@ int main(int argc, char *argv[])
143 EXIT(1); 144 EXIT(1);
144 } 145 }
145 146
147 ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
148 if (ret <= 0)
149 {
150 printf("BN_mod_exp_mont_consttime() problems\n");
151 ERR_print_errors(out);
152 EXIT(1);
153 }
154
146 if (BN_cmp(r_simple, r_mont) == 0 155 if (BN_cmp(r_simple, r_mont) == 0
147 && BN_cmp(r_simple,r_recp) == 0) 156 && BN_cmp(r_simple,r_recp) == 0
157 && BN_cmp(r_simple,r_mont_const) == 0)
148 { 158 {
149 printf("."); 159 printf(".");
150 fflush(stdout); 160 fflush(stdout);
@@ -153,6 +163,8 @@ int main(int argc, char *argv[])
153 { 163 {
154 if (BN_cmp(r_simple,r_mont) != 0) 164 if (BN_cmp(r_simple,r_mont) != 0)
155 printf("\nsimple and mont results differ\n"); 165 printf("\nsimple and mont results differ\n");
166 if (BN_cmp(r_simple,r_mont) != 0)
167 printf("\nsimple and mont const time results differ\n");
156 if (BN_cmp(r_simple,r_recp) != 0) 168 if (BN_cmp(r_simple,r_recp) != 0)
157 printf("\nsimple and recp results differ\n"); 169 printf("\nsimple and recp results differ\n");
158 170
@@ -162,11 +174,13 @@ int main(int argc, char *argv[])
162 printf("\nsimple ="); BN_print(out,r_simple); 174 printf("\nsimple ="); BN_print(out,r_simple);
163 printf("\nrecp ="); BN_print(out,r_recp); 175 printf("\nrecp ="); BN_print(out,r_recp);
164 printf("\nmont ="); BN_print(out,r_mont); 176 printf("\nmont ="); BN_print(out,r_mont);
177 printf("\nmont_ct ="); BN_print(out,r_mont_const);
165 printf("\n"); 178 printf("\n");
166 EXIT(1); 179 EXIT(1);
167 } 180 }
168 } 181 }
169 BN_free(r_mont); 182 BN_free(r_mont);
183 BN_free(r_mont_const);
170 BN_free(r_recp); 184 BN_free(r_recp);
171 BN_free(r_simple); 185 BN_free(r_simple);
172 BN_free(a); 186 BN_free(a);
diff --git a/src/lib/libcrypto/buffer/Makefile b/src/lib/libcrypto/buffer/Makefile
index 3911baf513..4b53c595a3 100644
--- a/src/lib/libcrypto/buffer/Makefile
+++ b/src/lib/libcrypto/buffer/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/buffer/Makefile 2# OpenSSL/crypto/buffer/Makefile
3# 3#
4 4
5DIR= buffer 5DIR= buffer
diff --git a/src/lib/libcrypto/cast/Makefile b/src/lib/libcrypto/cast/Makefile
index 8b0d04bb7c..b388f6271c 100644
--- a/src/lib/libcrypto/cast/Makefile
+++ b/src/lib/libcrypto/cast/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/cast/Makefile 2# OpenSSL/crypto/cast/Makefile
3# 3#
4 4
5DIR= cast 5DIR= cast
@@ -115,6 +115,7 @@ c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
115c_ofb64.o: c_ofb64.c cast_lcl.h 115c_ofb64.o: c_ofb64.c cast_lcl.h
116c_skey.o: ../../e_os.h ../../include/openssl/cast.h 116c_skey.o: ../../e_os.h ../../include/openssl/cast.h
117c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 117c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
118c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 118c_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
119c_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 119c_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
120c_skey.o: ../../include/openssl/symhacks.h c_skey.c cast_lcl.h cast_s.h 120c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
121c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/src/lib/libcrypto/comp/Makefile b/src/lib/libcrypto/comp/Makefile
index 68109a8013..df1babec5c 100644
--- a/src/lib/libcrypto/comp/Makefile
+++ b/src/lib/libcrypto/comp/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/comp/Makefile 2# OpenSSL/crypto/comp/Makefile
3# 3#
4 4
5DIR= comp 5DIR= comp
diff --git a/src/lib/libcrypto/conf/Makefile b/src/lib/libcrypto/conf/Makefile
index 6d2f8ffd9a..403d12b28c 100644
--- a/src/lib/libcrypto/conf/Makefile
+++ b/src/lib/libcrypto/conf/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/conf/Makefile 2# OpenSSL/crypto/conf/Makefile
3# 3#
4 4
5DIR= conf 5DIR= conf
diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com
index c044ce0099..427c321f25 100644
--- a/src/lib/libcrypto/crypto-lib.com
+++ b/src/lib/libcrypto/crypto-lib.com
@@ -184,10 +184,10 @@ $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm"
184$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - 184$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
185 "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - 185 "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
186 "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - 186 "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
187 "bn_recp,bn_mont,bn_mpi,bn_exp2" 187 "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_x931p"
188$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - 188$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
189 "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - 189 "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
190 "rsa_asn1" 190 "rsa_pss,rsa_x931,rsa_asn1"
191$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ - 191$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ -
192 "ec_err" 192 "ec_err"
193$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" 193$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl"
@@ -265,10 +265,15 @@ $ LIB_KRB5 = "krb5_asn"
265$! 265$!
266$! Setup exceptional compilations 266$! Setup exceptional compilations
267$! 267$!
268$ ! Add definitions for no threads on OpenVMS 7.1 and higher
268$ COMPILEWITH_CC3 = ",bss_rtcp," 269$ COMPILEWITH_CC3 = ",bss_rtcp,"
270$ ! Disable the DOLLARID warning
269$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," 271$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,"
272$ ! Disable disjoint optimization
270$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - 273$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
271 "sha_dgst,sha1dgst,rmd_dgst,bf_enc," 274 "sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
275$ ! Disable the MIXLINKAGE warning
276$ COMPILEWITH_CC6 = ",enc_read,set_key,"
272$! 277$!
273$! Figure Out What Other Modules We Are To Build. 278$! Figure Out What Other Modules We Are To Build.
274$! 279$!
@@ -497,7 +502,12 @@ $ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
497$ THEN 502$ THEN
498$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE' 503$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
499$ ELSE 504$ ELSE
500$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE' 505$ IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
506$ THEN
507$ CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
508$ ELSE
509$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
510$ ENDIF
501$ ENDIF 511$ ENDIF
502$ ENDIF 512$ ENDIF
503$ ENDIF 513$ ENDIF
@@ -960,7 +970,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS"
960$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS 970$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
961$ CCEXTRAFLAGS = "" 971$ CCEXTRAFLAGS = ""
962$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS 972$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
963$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" 973$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
964$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - 974$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
965 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS 975 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
966$! 976$!
@@ -1077,14 +1087,18 @@ $ THEN
1077$ IF CCDISABLEWARNINGS .EQS. "" 1087$ IF CCDISABLEWARNINGS .EQS. ""
1078$ THEN 1088$ THEN
1079$ CC4DISABLEWARNINGS = "DOLLARID" 1089$ CC4DISABLEWARNINGS = "DOLLARID"
1090$ CC6DISABLEWARNINGS = "MIXLINKAGE"
1080$ ELSE 1091$ ELSE
1081$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID" 1092$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
1093$ CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
1082$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))" 1094$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
1083$ ENDIF 1095$ ENDIF
1084$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))" 1096$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
1097$ CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
1085$ ELSE 1098$ ELSE
1086$ CCDISABLEWARNINGS = "" 1099$ CCDISABLEWARNINGS = ""
1087$ CC4DISABLEWARNINGS = "" 1100$ CC4DISABLEWARNINGS = ""
1101$ CC6DISABLEWARNINGS = ""
1088$ ENDIF 1102$ ENDIF
1089$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS 1103$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
1090$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS 1104$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
@@ -1095,6 +1109,7 @@ $ ELSE
1095$ CC5 = CC + "/NOOPTIMIZE" 1109$ CC5 = CC + "/NOOPTIMIZE"
1096$ ENDIF 1110$ ENDIF
1097$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS 1111$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
1112$ CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
1098$! 1113$!
1099$! Show user the result 1114$! Show user the result
1100$! 1115$!
diff --git a/src/lib/libcrypto/des/Makefile b/src/lib/libcrypto/des/Makefile
index 655f2ea1a8..800af0b123 100644
--- a/src/lib/libcrypto/des/Makefile
+++ b/src/lib/libcrypto/des/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/des/Makefile 2# OpenSSL/crypto/des/Makefile
3# 3#
4 4
5DIR= des 5DIR= des
diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile
index c091a8130a..352678b94a 100644
--- a/src/lib/libcrypto/dh/Makefile
+++ b/src/lib/libcrypto/dh/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/dh/Makefile 2# OpenSSL/crypto/dh/Makefile
3# 3#
4 4
5DIR= dh 5DIR= dh
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
index d75077f9fa..b76dede771 100644
--- a/src/lib/libcrypto/dh/dhtest.c
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -136,6 +136,10 @@ int main(int argc, char *argv[])
136 b->g=BN_dup(a->g); 136 b->g=BN_dup(a->g);
137 if ((b->p == NULL) || (b->g == NULL)) goto err; 137 if ((b->p == NULL) || (b->g == NULL)) goto err;
138 138
139 /* Set a to run with normal modexp and b to use constant time */
140 a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
141 b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
142
139 if (!DH_generate_key(a)) goto err; 143 if (!DH_generate_key(a)) goto err;
140 BIO_puts(out,"pri 1="); 144 BIO_puts(out,"pri 1=");
141 BN_print(out,a->priv_key); 145 BN_print(out,a->priv_key);
diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile
index 3a55058973..4f10278039 100644
--- a/src/lib/libcrypto/dsa/Makefile
+++ b/src/lib/libcrypto/dsa/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/dsa/Makefile 2# OpenSSL/crypto/dsa/Makefile
3# 3#
4 4
5DIR= dsa 5DIR= dsa
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c
index 4734ce4af8..55a3756aff 100644
--- a/src/lib/libcrypto/dsa/dsatest.c
+++ b/src/lib/libcrypto/dsa/dsatest.c
@@ -194,10 +194,19 @@ int main(int argc, char **argv)
194 BIO_printf(bio_err,"g value is wrong\n"); 194 BIO_printf(bio_err,"g value is wrong\n");
195 goto end; 195 goto end;
196 } 196 }
197
198 dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
197 DSA_generate_key(dsa); 199 DSA_generate_key(dsa);
198 DSA_sign(0, str1, 20, sig, &siglen, dsa); 200 DSA_sign(0, str1, 20, sig, &siglen, dsa);
199 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) 201 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
200 ret=1; 202 ret=1;
203
204 dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
205 DSA_generate_key(dsa);
206 DSA_sign(0, str1, 20, sig, &siglen, dsa);
207 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
208 ret=1;
209
201end: 210end:
202 if (!ret) 211 if (!ret)
203 ERR_print_errors(bio_err); 212 ERR_print_errors(bio_err);
diff --git a/src/lib/libcrypto/dso/Makefile b/src/lib/libcrypto/dso/Makefile
index 168951bc3e..c16278c3ff 100644
--- a/src/lib/libcrypto/dso/Makefile
+++ b/src/lib/libcrypto/dso/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/dso/Makefile 2# OpenSSL/crypto/dso/Makefile
3# 3#
4 4
5DIR= dso 5DIR= dso
diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c
index 79d2cb4d8c..f7b4dfc0c3 100644
--- a/src/lib/libcrypto/dso/dso_dl.c
+++ b/src/lib/libcrypto/dso/dso_dl.c
@@ -126,7 +126,8 @@ static int dl_load(DSO *dso)
126 DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); 126 DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME);
127 goto err; 127 goto err;
128 } 128 }
129 ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L); 129 ptr = shl_load(filename, BIND_IMMEDIATE |
130 (dso->flags&DSO_FLAG_NO_NAME_TRANSLATION?0:DYNAMIC_PATH), 0L);
130 if(ptr == NULL) 131 if(ptr == NULL)
131 { 132 {
132 DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); 133 DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);
@@ -281,4 +282,36 @@ static char *dl_name_converter(DSO *dso, const char *filename)
281 return(translated); 282 return(translated);
282 } 283 }
283 284
285#ifdef OPENSSL_FIPS
286static void dl_ref_point(){}
287
288int DSO_pathbyaddr(void *addr,char *path,int sz)
289 {
290 struct shl_descriptor inf;
291 int i,len;
292
293 if (addr == NULL)
294 {
295 union { void(*f)(); void *p; } t = { dl_ref_point };
296 addr = t.p;
297 }
298
299 for (i=-1;shl_get_r(i,&inf)==0;i++)
300 {
301 if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
302 ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend))
303 {
304 len = (int)strlen(inf.filename);
305 if (sz <= 0) return len+1;
306 if (len >= sz) len=sz-1;
307 memcpy(path,inf.filename,len);
308 path[len++] = 0;
309 return len;
310 }
311 }
312
313 return -1;
314 }
315#endif
316
284#endif /* DSO_DL */ 317#endif /* DSO_DL */
diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c
index 3fa90eb27c..cc4ac68696 100644
--- a/src/lib/libcrypto/dso/dso_win32.c
+++ b/src/lib/libcrypto/dso/dso_win32.c
@@ -68,6 +68,25 @@ DSO_METHOD *DSO_METHOD_win32(void)
68 } 68 }
69#else 69#else
70 70
71#ifdef _WIN32_WCE
72# if _WIN32_WCE < 300
73static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName)
74 {
75 WCHAR lpProcNameW[64];
76 int i;
77
78 for (i=0;lpProcName[i] && i<64;i++)
79 lpProcNameW[i] = (WCHAR)lpProcName[i];
80 if (i==64) return NULL;
81 lpProcNameW[i] = 0;
82
83 return GetProcAddressW(hModule,lpProcNameW);
84 }
85# endif
86# undef GetProcAddress
87# define GetProcAddress GetProcAddressA
88#endif
89
71/* Part of the hack in "win32_load" ... */ 90/* Part of the hack in "win32_load" ... */
72#define DSO_MAX_TRANSLATED_SIZE 256 91#define DSO_MAX_TRANSLATED_SIZE 256
73 92
@@ -122,7 +141,7 @@ static int win32_load(DSO *dso)
122 DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME); 141 DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME);
123 goto err; 142 goto err;
124 } 143 }
125 h = LoadLibrary(filename); 144 h = LoadLibraryA(filename);
126 if(h == NULL) 145 if(h == NULL)
127 { 146 {
128 DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED); 147 DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED);
diff --git a/src/lib/libcrypto/engine/hw_aep.c b/src/lib/libcrypto/engine/hw_aep.c
index 8b8380a582..5f1772ea99 100644
--- a/src/lib/libcrypto/engine/hw_aep.c
+++ b/src/lib/libcrypto/engine/hw_aep.c
@@ -474,6 +474,7 @@ static int aep_init(ENGINE *e)
474 474
475 if(aep_dso) 475 if(aep_dso)
476 DSO_free(aep_dso); 476 DSO_free(aep_dso);
477 aep_dso = NULL;
477 478
478 p_AEP_OpenConnection = NULL; 479 p_AEP_OpenConnection = NULL;
479 p_AEP_ModExp = NULL; 480 p_AEP_ModExp = NULL;
diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c
index e9eff9fad1..2b8342bbdd 100644
--- a/src/lib/libcrypto/engine/hw_atalla.c
+++ b/src/lib/libcrypto/engine/hw_atalla.c
@@ -375,6 +375,7 @@ static int atalla_init(ENGINE *e)
375err: 375err:
376 if(atalla_dso) 376 if(atalla_dso)
377 DSO_free(atalla_dso); 377 DSO_free(atalla_dso);
378 atalla_dso = NULL;
378 p_Atalla_GetHardwareConfig = NULL; 379 p_Atalla_GetHardwareConfig = NULL;
379 p_Atalla_RSAPrivateKeyOpFn = NULL; 380 p_Atalla_RSAPrivateKeyOpFn = NULL;
380 p_Atalla_GetPerformanceStatistics = NULL; 381 p_Atalla_GetPerformanceStatistics = NULL;
diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c
index f128ee5a68..1411fd8333 100644
--- a/src/lib/libcrypto/engine/hw_cswift.c
+++ b/src/lib/libcrypto/engine/hw_cswift.c
@@ -90,6 +90,7 @@ static int cswift_destroy(ENGINE *e);
90static int cswift_init(ENGINE *e); 90static int cswift_init(ENGINE *e);
91static int cswift_finish(ENGINE *e); 91static int cswift_finish(ENGINE *e);
92static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 92static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
93static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in);
93 94
94/* BIGNUM stuff */ 95/* BIGNUM stuff */
95static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 96static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
@@ -403,7 +404,10 @@ static int cswift_init(ENGINE *e)
403 return 1; 404 return 1;
404err: 405err:
405 if(cswift_dso) 406 if(cswift_dso)
407 {
406 DSO_free(cswift_dso); 408 DSO_free(cswift_dso);
409 cswift_dso = NULL;
410 }
407 p_CSwift_AcquireAccContext = NULL; 411 p_CSwift_AcquireAccContext = NULL;
408 p_CSwift_AttachKeyParam = NULL; 412 p_CSwift_AttachKeyParam = NULL;
409 p_CSwift_SimpleRequest = NULL; 413 p_CSwift_SimpleRequest = NULL;
@@ -553,6 +557,29 @@ err:
553 return to_return; 557 return to_return;
554 } 558 }
555 559
560
561int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in)
562{
563 int mod;
564 int numbytes = BN_num_bytes(in);
565
566 mod = 0;
567 while( ((out->nbytes = (numbytes+mod)) % 32) )
568 {
569 mod++;
570 }
571 out->value = (unsigned char*)OPENSSL_malloc(out->nbytes);
572 if(!out->value)
573 {
574 return 0;
575 }
576 BN_bn2bin(in, &out->value[mod]);
577 if(mod)
578 memset(out->value, 0, mod);
579
580 return 1;
581}
582
556/* Un petit mod_exp chinois */ 583/* Un petit mod_exp chinois */
557static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 584static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
558 const BIGNUM *q, const BIGNUM *dmp1, 585 const BIGNUM *q, const BIGNUM *dmp1,
@@ -562,15 +589,16 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
562 SW_LARGENUMBER arg, res; 589 SW_LARGENUMBER arg, res;
563 SW_PARAM sw_param; 590 SW_PARAM sw_param;
564 SW_CONTEXT_HANDLE hac; 591 SW_CONTEXT_HANDLE hac;
565 BIGNUM *rsa_p = NULL;
566 BIGNUM *rsa_q = NULL;
567 BIGNUM *rsa_dmp1 = NULL;
568 BIGNUM *rsa_dmq1 = NULL;
569 BIGNUM *rsa_iqmp = NULL;
570 BIGNUM *argument = NULL;
571 BIGNUM *result = NULL; 592 BIGNUM *result = NULL;
593 BIGNUM *argument = NULL;
572 int to_return = 0; /* expect failure */ 594 int to_return = 0; /* expect failure */
573 int acquired = 0; 595 int acquired = 0;
596
597 sw_param.up.crt.p.value = NULL;
598 sw_param.up.crt.q.value = NULL;
599 sw_param.up.crt.dmp1.value = NULL;
600 sw_param.up.crt.dmq1.value = NULL;
601 sw_param.up.crt.iqmp.value = NULL;
574 602
575 if(!get_context(&hac)) 603 if(!get_context(&hac))
576 { 604 {
@@ -578,44 +606,55 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
578 goto err; 606 goto err;
579 } 607 }
580 acquired = 1; 608 acquired = 1;
609
581 /* Prepare the params */ 610 /* Prepare the params */
582 BN_CTX_start(ctx); 611 argument = BN_new();
583 rsa_p = BN_CTX_get(ctx); 612 result = BN_new();
584 rsa_q = BN_CTX_get(ctx); 613 if(!result || !argument)
585 rsa_dmp1 = BN_CTX_get(ctx);
586 rsa_dmq1 = BN_CTX_get(ctx);
587 rsa_iqmp = BN_CTX_get(ctx);
588 argument = BN_CTX_get(ctx);
589 result = BN_CTX_get(ctx);
590 if(!result)
591 { 614 {
592 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL); 615 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
593 goto err; 616 goto err;
594 } 617 }
595 if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) || 618
596 !bn_wexpand(rsa_dmp1, dmp1->top) || 619
597 !bn_wexpand(rsa_dmq1, dmq1->top) || 620 sw_param.type = SW_ALG_CRT;
598 !bn_wexpand(rsa_iqmp, iqmp->top) || 621 /************************************************************************/
599 !bn_wexpand(argument, a->top) || 622 /* 04/02/2003 */
623 /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */
624 /* limitation of cswift with values not a multiple of 32 */
625 /************************************************************************/
626 if(!cswift_bn_32copy(&sw_param.up.crt.p, p))
627 {
628 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
629 goto err;
630 }
631 if(!cswift_bn_32copy(&sw_param.up.crt.q, q))
632 {
633 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
634 goto err;
635 }
636 if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1))
637 {
638 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
639 goto err;
640 }
641 if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1))
642 {
643 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
644 goto err;
645 }
646 if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp))
647 {
648 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
649 goto err;
650 }
651 if( !bn_wexpand(argument, a->top) ||
600 !bn_wexpand(result, p->top + q->top)) 652 !bn_wexpand(result, p->top + q->top))
601 { 653 {
602 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); 654 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
603 goto err; 655 goto err;
604 } 656 }
605 sw_param.type = SW_ALG_CRT; 657
606 sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
607 sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
608 sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
609 sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
610 sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
611 (unsigned char *)rsa_dmp1->d);
612 sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
613 sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
614 (unsigned char *)rsa_dmq1->d);
615 sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
616 sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
617 (unsigned char *)rsa_iqmp->d);
618 sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
619 /* Attach the key params */ 658 /* Attach the key params */
620 sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); 659 sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
621 switch(sw_status) 660 switch(sw_status)
@@ -654,9 +693,22 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
654 BN_bin2bn((unsigned char *)result->d, res.nbytes, r); 693 BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
655 to_return = 1; 694 to_return = 1;
656err: 695err:
696 if(sw_param.up.crt.p.value)
697 OPENSSL_free(sw_param.up.crt.p.value);
698 if(sw_param.up.crt.q.value)
699 OPENSSL_free(sw_param.up.crt.q.value);
700 if(sw_param.up.crt.dmp1.value)
701 OPENSSL_free(sw_param.up.crt.dmp1.value);
702 if(sw_param.up.crt.dmq1.value)
703 OPENSSL_free(sw_param.up.crt.dmq1.value);
704 if(sw_param.up.crt.iqmp.value)
705 OPENSSL_free(sw_param.up.crt.iqmp.value);
706 if(result)
707 BN_free(result);
708 if(argument)
709 BN_free(argument);
657 if(acquired) 710 if(acquired)
658 release_context(hac); 711 release_context(hac);
659 BN_CTX_end(ctx);
660 return to_return; 712 return to_return;
661 } 713 }
662 714
@@ -665,6 +717,27 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
665 { 717 {
666 BN_CTX *ctx; 718 BN_CTX *ctx;
667 int to_return = 0; 719 int to_return = 0;
720 const RSA_METHOD * def_rsa_method;
721
722 /* Try the limits of RSA (2048 bits) */
723 if(BN_num_bytes(rsa->p) > 128 ||
724 BN_num_bytes(rsa->q) > 128 ||
725 BN_num_bytes(rsa->dmp1) > 128 ||
726 BN_num_bytes(rsa->dmq1) > 128 ||
727 BN_num_bytes(rsa->iqmp) > 128)
728 {
729#ifdef RSA_NULL
730 def_rsa_method=RSA_null_method();
731#else
732#if 0
733 def_rsa_method=RSA_PKCS1_RSAref();
734#else
735 def_rsa_method=RSA_PKCS1_SSLeay();
736#endif
737#endif
738 if(def_rsa_method)
739 return def_rsa_method->rsa_mod_exp(r0, I, rsa);
740 }
668 741
669 if((ctx = BN_CTX_new()) == NULL) 742 if((ctx = BN_CTX_new()) == NULL)
670 goto err; 743 goto err;
@@ -686,6 +759,26 @@ err:
686static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 759static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
687 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) 760 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
688 { 761 {
762 const RSA_METHOD * def_rsa_method;
763
764 /* Try the limits of RSA (2048 bits) */
765 if(BN_num_bytes(r) > 256 ||
766 BN_num_bytes(a) > 256 ||
767 BN_num_bytes(m) > 256)
768 {
769#ifdef RSA_NULL
770 def_rsa_method=RSA_null_method();
771#else
772#if 0
773 def_rsa_method=RSA_PKCS1_RSAref();
774#else
775 def_rsa_method=RSA_PKCS1_SSLeay();
776#endif
777#endif
778 if(def_rsa_method)
779 return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
780 }
781
689 return cswift_mod_exp(r, a, p, m, ctx); 782 return cswift_mod_exp(r, a, p, m, ctx);
690 } 783 }
691 784
@@ -930,9 +1023,10 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
930 SW_CONTEXT_HANDLE hac; 1023 SW_CONTEXT_HANDLE hac;
931 SW_STATUS swrc; 1024 SW_STATUS swrc;
932 SW_LARGENUMBER largenum; 1025 SW_LARGENUMBER largenum;
933 size_t nbytes = 0;
934 int acquired = 0; 1026 int acquired = 0;
935 int to_return = 0; /* assume failure */ 1027 int to_return = 0; /* assume failure */
1028 unsigned char buf32[1024];
1029
936 1030
937 if (!get_context(&hac)) 1031 if (!get_context(&hac))
938 { 1032 {
@@ -941,17 +1035,19 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
941 } 1035 }
942 acquired = 1; 1036 acquired = 1;
943 1037
944 while (nbytes < (size_t)num) 1038 /************************************************************************/
1039 /* 04/02/2003 */
1040 /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */
1041 /* limitation of cswift with values not a multiple of 32 */
1042 /************************************************************************/
1043
1044 while(num >= sizeof(buf32))
945 { 1045 {
1046 largenum.value = buf;
1047 largenum.nbytes = sizeof(buf32);
946 /* tell CryptoSwift how many bytes we want and where we want it. 1048 /* tell CryptoSwift how many bytes we want and where we want it.
947 * Note: - CryptoSwift cannot do more than 4096 bytes at a time. 1049 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
948 * - CryptoSwift can only do multiple of 32-bits. */ 1050 * - CryptoSwift can only do multiple of 32-bits. */
949 largenum.value = (SW_BYTE *) buf + nbytes;
950 if (4096 > num - nbytes)
951 largenum.nbytes = num - nbytes;
952 else
953 largenum.nbytes = 4096;
954
955 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); 1051 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
956 if (swrc != SW_OK) 1052 if (swrc != SW_OK)
957 { 1053 {
@@ -961,14 +1057,30 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
961 ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); 1057 ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
962 goto err; 1058 goto err;
963 } 1059 }
964 1060 buf += sizeof(buf32);
965 nbytes += largenum.nbytes; 1061 num -= sizeof(buf32);
1062 }
1063 if(num)
1064 {
1065 largenum.nbytes = sizeof(buf32);
1066 largenum.value = buf32;
1067 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
1068 if (swrc != SW_OK)
1069 {
1070 char tmpbuf[20];
1071 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
1072 sprintf(tmpbuf, "%ld", swrc);
1073 ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
1074 goto err;
1075 }
1076 memcpy(buf, largenum.value, num);
966 } 1077 }
967 to_return = 1; /* success */
968 1078
1079 to_return = 1; /* success */
969err: 1080err:
970 if (acquired) 1081 if (acquired)
971 release_context(hac); 1082 release_context(hac);
1083
972 return to_return; 1084 return to_return;
973} 1085}
974 1086
diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c
index 5234a08a07..8fb834af31 100644
--- a/src/lib/libcrypto/engine/hw_ubsec.c
+++ b/src/lib/libcrypto/engine/hw_ubsec.c
@@ -454,6 +454,7 @@ static int ubsec_init(ENGINE *e)
454err: 454err:
455 if(ubsec_dso) 455 if(ubsec_dso)
456 DSO_free(ubsec_dso); 456 DSO_free(ubsec_dso);
457 ubsec_dso = NULL;
457 p_UBSEC_ubsec_bytes_to_bits = NULL; 458 p_UBSEC_ubsec_bytes_to_bits = NULL;
458 p_UBSEC_ubsec_bits_to_bytes = NULL; 459 p_UBSEC_ubsec_bits_to_bytes = NULL;
459 p_UBSEC_ubsec_open = NULL; 460 p_UBSEC_ubsec_open = NULL;
diff --git a/src/lib/libcrypto/err/Makefile b/src/lib/libcrypto/err/Makefile
index 149f3e0eb9..4adec55302 100644
--- a/src/lib/libcrypto/err/Makefile
+++ b/src/lib/libcrypto/err/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/err/Makefile 2# OpenSSL/crypto/err/Makefile
3# 3#
4 4
5DIR= err 5DIR= err
diff --git a/src/lib/libcrypto/evp/Makefile b/src/lib/libcrypto/evp/Makefile
index 5027a3855a..d1c2a272bb 100644
--- a/src/lib/libcrypto/evp/Makefile
+++ b/src/lib/libcrypto/evp/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/evp/Makefile 2# OpenSSL/crypto/evp/Makefile
3# 3#
4 4
5DIR= evp 5DIR= evp
diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c
index aae7bf7482..929ea56a3e 100644
--- a/src/lib/libcrypto/evp/c_alld.c
+++ b/src/lib/libcrypto/evp/c_alld.c
@@ -100,4 +100,14 @@ void OpenSSL_add_all_digests(void)
100 EVP_add_digest_alias(SN_ripemd160,"ripemd"); 100 EVP_add_digest_alias(SN_ripemd160,"ripemd");
101 EVP_add_digest_alias(SN_ripemd160,"rmd160"); 101 EVP_add_digest_alias(SN_ripemd160,"rmd160");
102#endif 102#endif
103#ifdef OPENSSL_FIPS
104#ifndef OPENSSL_NO_SHA256
105 EVP_add_digest(EVP_sha224());
106 EVP_add_digest(EVP_sha256());
107#endif
108#ifndef OPENSSL_NO_SHA512
109 EVP_add_digest(EVP_sha384());
110 EVP_add_digest(EVP_sha512());
111#endif
112#endif
103 } 113 }
diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c
index d1785e5f74..ed54909b16 100644
--- a/src/lib/libcrypto/evp/m_sha.c
+++ b/src/lib/libcrypto/evp/m_sha.c
@@ -59,6 +59,9 @@
59#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) 59#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
60#include <stdio.h> 60#include <stdio.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62/* Including sha.h prior evp.h masks FIPS SHA declarations, but that's
63 * exactly what we want to achieve here... */
64#include <openssl/sha.h>
62#include <openssl/evp.h> 65#include <openssl/evp.h>
63#include "evp_locl.h" 66#include "evp_locl.h"
64#include <openssl/objects.h> 67#include <openssl/objects.h>
diff --git a/src/lib/libcrypto/hmac/Makefile b/src/lib/libcrypto/hmac/Makefile
index f634dab79d..3d53d8240f 100644
--- a/src/lib/libcrypto/hmac/Makefile
+++ b/src/lib/libcrypto/hmac/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md/Makefile 2# OpenSSL/crypto/md/Makefile
3# 3#
4 4
5DIR= hmac 5DIR= hmac
diff --git a/src/lib/libcrypto/idea/Makefile b/src/lib/libcrypto/idea/Makefile
index f652783027..6b8e530d9d 100644
--- a/src/lib/libcrypto/idea/Makefile
+++ b/src/lib/libcrypto/idea/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/idea/Makefile 2# OpenSSL/crypto/idea/Makefile
3# 3#
4 4
5DIR= idea 5DIR= idea
@@ -86,7 +86,7 @@ i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
86i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h 86i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
87i_ofb64.o: i_ofb64.c idea_lcl.h 87i_ofb64.o: i_ofb64.c idea_lcl.h
88i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 88i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
89i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h 89i_skey.o: ../../include/openssl/fips.h ../../include/openssl/idea.h
90i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 90i_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
91i_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 91i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
92i_skey.o: i_skey.c idea_lcl.h 92i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h
diff --git a/src/lib/libcrypto/lhash/Makefile b/src/lib/libcrypto/lhash/Makefile
index d325a1644d..cdb0e77fad 100644
--- a/src/lib/libcrypto/lhash/Makefile
+++ b/src/lib/libcrypto/lhash/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/lhash/Makefile 2# OpenSSL/crypto/lhash/Makefile
3# 3#
4 4
5DIR= lhash 5DIR= lhash
diff --git a/src/lib/libcrypto/md2/Makefile b/src/lib/libcrypto/md2/Makefile
index 90628511da..9d0351bb2f 100644
--- a/src/lib/libcrypto/md2/Makefile
+++ b/src/lib/libcrypto/md2/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md/Makefile 2# OpenSSL/crypto/md/Makefile
3# 3#
4 4
5DIR= md2 5DIR= md2
diff --git a/src/lib/libcrypto/md2/md2_one.c b/src/lib/libcrypto/md2/md2_one.c
index 835160ef56..8c36ba5779 100644
--- a/src/lib/libcrypto/md2/md2_one.c
+++ b/src/lib/libcrypto/md2/md2_one.c
@@ -69,7 +69,8 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
69 static unsigned char m[MD2_DIGEST_LENGTH]; 69 static unsigned char m[MD2_DIGEST_LENGTH];
70 70
71 if (md == NULL) md=m; 71 if (md == NULL) md=m;
72 MD2_Init(&c); 72 if (!MD2_Init(&c))
73 return NULL;
73#ifndef CHARSET_EBCDIC 74#ifndef CHARSET_EBCDIC
74 MD2_Update(&c,d,n); 75 MD2_Update(&c,d,n);
75#else 76#else
diff --git a/src/lib/libcrypto/md4/Makefile b/src/lib/libcrypto/md4/Makefile
index 0b7c8d7ad8..eeb457f20f 100644
--- a/src/lib/libcrypto/md4/Makefile
+++ b/src/lib/libcrypto/md4/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md4/Makefile 2# OpenSSL/crypto/md4/Makefile
3# 3#
4 4
5DIR= md4 5DIR= md4
diff --git a/src/lib/libcrypto/md5/Makefile b/src/lib/libcrypto/md5/Makefile
index 832446fff2..1ed018526f 100644
--- a/src/lib/libcrypto/md5/Makefile
+++ b/src/lib/libcrypto/md5/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md5/Makefile 2# OpenSSL/crypto/md5/Makefile
3# 3#
4 4
5DIR= md5 5DIR= md5
diff --git a/src/lib/libcrypto/mdc2/Makefile b/src/lib/libcrypto/mdc2/Makefile
index 38c785bf95..b8e9a9a4fa 100644
--- a/src/lib/libcrypto/mdc2/Makefile
+++ b/src/lib/libcrypto/mdc2/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/mdc2/Makefile 2# OpenSSL/crypto/mdc2/Makefile
3# 3#
4 4
5DIR= mdc2 5DIR= mdc2
diff --git a/src/lib/libcrypto/objects/Makefile b/src/lib/libcrypto/objects/Makefile
index e449147129..23b2a69e6d 100644
--- a/src/lib/libcrypto/objects/Makefile
+++ b/src/lib/libcrypto/objects/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/objects/Makefile 2# OpenSSL/crypto/objects/Makefile
3# 3#
4 4
5DIR= objects 5DIR= objects
diff --git a/src/lib/libcrypto/objects/obj_dat.h b/src/lib/libcrypto/objects/obj_dat.h
index 8785127055..cc22152682 100644
--- a/src/lib/libcrypto/objects/obj_dat.h
+++ b/src/lib/libcrypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
62 * [including the GNU Public Licence.] 62 * [including the GNU Public Licence.]
63 */ 63 */
64 64
65#define NUM_NID 668 65#define NUM_NID 676
66#define NUM_SN 660 66#define NUM_SN 669
67#define NUM_LN 660 67#define NUM_LN 669
68#define NUM_OBJ 624 68#define NUM_OBJ 633
69 69
70static unsigned char lvalues[4500]={ 70static unsigned char lvalues[4575]={
710x00, /* [ 0] OBJ_undef */ 710x00, /* [ 0] OBJ_undef */
720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -330,9 +330,9 @@ static unsigned char lvalues[4500]={
3300x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */ 3300x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */
3310x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */ 3310x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */
3320x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */ 3320x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */
3330x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbqp_ipAddrBlock */ 3330x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbgp_ipAddrBlock */
3340x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbqp_autonomousSysNum */ 3340x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbgp_autonomousSysNum */
3350x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbqp_routerIdentifier */ 3350x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbgp_routerIdentifier */
3360x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */ 3360x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */
3370x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */ 3370x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */
3380x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */ 3380x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */
@@ -691,7 +691,16 @@ static unsigned char lvalues[4500]={
6910x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4467] OBJ_proxyCertInfo */ 6910x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4467] OBJ_proxyCertInfo */
6920x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4475] OBJ_id_ppl_anyLanguage */ 6920x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4475] OBJ_id_ppl_anyLanguage */
6930x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4483] OBJ_id_ppl_inheritAll */ 6930x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4483] OBJ_id_ppl_inheritAll */
6940x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4491] OBJ_Independent */ 6940x55,0x1D,0x1E, /* [4491] OBJ_name_constraints */
6950x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4494] OBJ_Independent */
6960x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4502] OBJ_sha256WithRSAEncryption */
6970x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4511] OBJ_sha384WithRSAEncryption */
6980x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4520] OBJ_sha512WithRSAEncryption */
6990x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4529] OBJ_sha224WithRSAEncryption */
7000x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4538] OBJ_sha256 */
7010x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4547] OBJ_sha384 */
7020x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4556] OBJ_sha512 */
7030x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4565] OBJ_sha224 */
695}; 704};
696 705
697static ASN1_OBJECT nid_objs[NUM_NID]={ 706static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1134,12 +1143,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
1134 &(lvalues[2092]),0}, 1143 &(lvalues[2092]),0},
1135{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0}, 1144{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0},
1136{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0}, 1145{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0},
1137{"sbqp-ipAddrBlock","sbqp-ipAddrBlock",NID_sbqp_ipAddrBlock,8, 1146{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
1138 &(lvalues[2116]),0}, 1147 &(lvalues[2116]),0},
1139{"sbqp-autonomousSysNum","sbqp-autonomousSysNum", 1148{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
1140 NID_sbqp_autonomousSysNum,8,&(lvalues[2124]),0}, 1149 NID_sbgp_autonomousSysNum,8,&(lvalues[2124]),0},
1141{"sbqp-routerIdentifier","sbqp-routerIdentifier", 1150{"sbgp-routerIdentifier","sbgp-routerIdentifier",
1142 NID_sbqp_routerIdentifier,8,&(lvalues[2132]),0}, 1151 NID_sbgp_routerIdentifier,8,&(lvalues[2132]),0},
1143{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0}, 1152{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0},
1144{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, 1153{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
1145 &(lvalues[2148]),0}, 1154 &(lvalues[2148]),0},
@@ -1754,8 +1763,21 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
1754 &(lvalues[4475]),0}, 1763 &(lvalues[4475]),0},
1755{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, 1764{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
1756 &(lvalues[4483]),0}, 1765 &(lvalues[4483]),0},
1757{NULL,NULL,NID_undef,0,NULL}, 1766{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
1758{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4491]),0}, 1767 &(lvalues[4491]),0},
1768{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4494]),0},
1769{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
1770 &(lvalues[4502]),0},
1771{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
1772 &(lvalues[4511]),0},
1773{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
1774 &(lvalues[4520]),0},
1775{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
1776 &(lvalues[4529]),0},
1777{"SHA256","sha256",NID_sha256,9,&(lvalues[4538]),0},
1778{"SHA384","sha384",NID_sha384,9,&(lvalues[4547]),0},
1779{"SHA512","sha512",NID_sha512,9,&(lvalues[4556]),0},
1780{"SHA224","sha224",NID_sha224,9,&(lvalues[4565]),0},
1759}; 1781};
1760 1782
1761static ASN1_OBJECT *sn_objs[NUM_SN]={ 1783static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1881,8 +1903,16 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1881&(nid_objs[42]),/* "RSA-SHA" */ 1903&(nid_objs[42]),/* "RSA-SHA" */
1882&(nid_objs[65]),/* "RSA-SHA1" */ 1904&(nid_objs[65]),/* "RSA-SHA1" */
1883&(nid_objs[115]),/* "RSA-SHA1-2" */ 1905&(nid_objs[115]),/* "RSA-SHA1-2" */
1906&(nid_objs[671]),/* "RSA-SHA224" */
1907&(nid_objs[668]),/* "RSA-SHA256" */
1908&(nid_objs[669]),/* "RSA-SHA384" */
1909&(nid_objs[670]),/* "RSA-SHA512" */
1884&(nid_objs[41]),/* "SHA" */ 1910&(nid_objs[41]),/* "SHA" */
1885&(nid_objs[64]),/* "SHA1" */ 1911&(nid_objs[64]),/* "SHA1" */
1912&(nid_objs[675]),/* "SHA224" */
1913&(nid_objs[672]),/* "SHA256" */
1914&(nid_objs[673]),/* "SHA384" */
1915&(nid_objs[674]),/* "SHA512" */
1886&(nid_objs[188]),/* "SMIME" */ 1916&(nid_objs[188]),/* "SMIME" */
1887&(nid_objs[167]),/* "SMIME-CAPS" */ 1917&(nid_objs[167]),/* "SMIME-CAPS" */
1888&(nid_objs[100]),/* "SN" */ 1918&(nid_objs[100]),/* "SN" */
@@ -2182,6 +2212,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
2182&(nid_objs[649]),/* "msUPN" */ 2212&(nid_objs[649]),/* "msUPN" */
2183&(nid_objs[481]),/* "nSRecord" */ 2213&(nid_objs[481]),/* "nSRecord" */
2184&(nid_objs[173]),/* "name" */ 2214&(nid_objs[173]),/* "name" */
2215&(nid_objs[666]),/* "nameConstraints" */
2185&(nid_objs[369]),/* "noCheck" */ 2216&(nid_objs[369]),/* "noCheck" */
2186&(nid_objs[403]),/* "noRevAvail" */ 2217&(nid_objs[403]),/* "noRevAvail" */
2187&(nid_objs[72]),/* "nsBaseUrl" */ 2218&(nid_objs[72]),/* "nsBaseUrl" */
@@ -2254,9 +2285,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
2254&(nid_objs[ 1]),/* "rsadsi" */ 2285&(nid_objs[ 1]),/* "rsadsi" */
2255&(nid_objs[482]),/* "sOARecord" */ 2286&(nid_objs[482]),/* "sOARecord" */
2256&(nid_objs[155]),/* "safeContentsBag" */ 2287&(nid_objs[155]),/* "safeContentsBag" */
2257&(nid_objs[291]),/* "sbqp-autonomousSysNum" */ 2288&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
2258&(nid_objs[290]),/* "sbqp-ipAddrBlock" */ 2289&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
2259&(nid_objs[292]),/* "sbqp-routerIdentifier" */ 2290&(nid_objs[292]),/* "sbgp-routerIdentifier" */
2260&(nid_objs[159]),/* "sdsiCertificate" */ 2291&(nid_objs[159]),/* "sdsiCertificate" */
2261&(nid_objs[154]),/* "secretBag" */ 2292&(nid_objs[154]),/* "secretBag" */
2262&(nid_objs[474]),/* "secretary" */ 2293&(nid_objs[474]),/* "secretary" */
@@ -2517,6 +2548,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2517&(nid_objs[126]),/* "X509v3 Extended Key Usage" */ 2548&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
2518&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ 2549&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
2519&(nid_objs[83]),/* "X509v3 Key Usage" */ 2550&(nid_objs[83]),/* "X509v3 Key Usage" */
2551&(nid_objs[666]),/* "X509v3 Name Constraints" */
2520&(nid_objs[403]),/* "X509v3 No Revocation Available" */ 2552&(nid_objs[403]),/* "X509v3 No Revocation Available" */
2521&(nid_objs[401]),/* "X509v3 Policy Constraints" */ 2553&(nid_objs[401]),/* "X509v3 Policy Constraints" */
2522&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ 2554&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
@@ -2930,9 +2962,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2930&(nid_objs[124]),/* "run length compression" */ 2962&(nid_objs[124]),/* "run length compression" */
2931&(nid_objs[482]),/* "sOARecord" */ 2963&(nid_objs[482]),/* "sOARecord" */
2932&(nid_objs[155]),/* "safeContentsBag" */ 2964&(nid_objs[155]),/* "safeContentsBag" */
2933&(nid_objs[291]),/* "sbqp-autonomousSysNum" */ 2965&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
2934&(nid_objs[290]),/* "sbqp-ipAddrBlock" */ 2966&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
2935&(nid_objs[292]),/* "sbqp-routerIdentifier" */ 2967&(nid_objs[292]),/* "sbgp-routerIdentifier" */
2936&(nid_objs[159]),/* "sdsiCertificate" */ 2968&(nid_objs[159]),/* "sdsiCertificate" */
2937&(nid_objs[154]),/* "secretBag" */ 2969&(nid_objs[154]),/* "secretBag" */
2938&(nid_objs[474]),/* "secretary" */ 2970&(nid_objs[474]),/* "secretary" */
@@ -3059,6 +3091,14 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
3059&(nid_objs[64]),/* "sha1" */ 3091&(nid_objs[64]),/* "sha1" */
3060&(nid_objs[115]),/* "sha1WithRSA" */ 3092&(nid_objs[115]),/* "sha1WithRSA" */
3061&(nid_objs[65]),/* "sha1WithRSAEncryption" */ 3093&(nid_objs[65]),/* "sha1WithRSAEncryption" */
3094&(nid_objs[675]),/* "sha224" */
3095&(nid_objs[671]),/* "sha224WithRSAEncryption" */
3096&(nid_objs[672]),/* "sha256" */
3097&(nid_objs[668]),/* "sha256WithRSAEncryption" */
3098&(nid_objs[673]),/* "sha384" */
3099&(nid_objs[669]),/* "sha384WithRSAEncryption" */
3100&(nid_objs[674]),/* "sha512" */
3101&(nid_objs[670]),/* "sha512WithRSAEncryption" */
3062&(nid_objs[42]),/* "shaWithRSAEncryption" */ 3102&(nid_objs[42]),/* "shaWithRSAEncryption" */
3063&(nid_objs[52]),/* "signingTime" */ 3103&(nid_objs[52]),/* "signingTime" */
3064&(nid_objs[454]),/* "simpleSecurityObject" */ 3104&(nid_objs[454]),/* "simpleSecurityObject" */
@@ -3133,6 +3173,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3133&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */ 3173&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
3134&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */ 3174&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
3135&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */ 3175&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
3176&(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */
3136&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ 3177&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
3137&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ 3178&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
3138&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ 3179&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
@@ -3383,9 +3424,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3383&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */ 3424&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
3384&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */ 3425&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
3385&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */ 3426&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
3386&(nid_objs[290]),/* OBJ_sbqp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */ 3427&(nid_objs[290]),/* OBJ_sbgp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
3387&(nid_objs[291]),/* OBJ_sbqp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */ 3428&(nid_objs[291]),/* OBJ_sbgp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
3388&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */ 3429&(nid_objs[292]),/* OBJ_sbgp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
3389&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */ 3430&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
3390&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */ 3431&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
3391&(nid_objs[663]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */ 3432&(nid_objs[663]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
@@ -3480,6 +3521,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3480&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ 3521&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
3481&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ 3522&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
3482&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */ 3523&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
3524&(nid_objs[668]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
3525&(nid_objs[669]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
3526&(nid_objs[670]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
3527&(nid_objs[671]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
3483&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ 3528&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
3484&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ 3529&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
3485&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ 3530&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
@@ -3544,6 +3589,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3544&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ 3589&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
3545&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */ 3590&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
3546&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */ 3591&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
3592&(nid_objs[672]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
3593&(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
3594&(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
3595&(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
3547&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ 3596&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
3548&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ 3597&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
3549&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ 3598&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
diff --git a/src/lib/libcrypto/objects/obj_mac.h b/src/lib/libcrypto/objects/obj_mac.h
index d28894cf41..51bb50047f 100644
--- a/src/lib/libcrypto/objects/obj_mac.h
+++ b/src/lib/libcrypto/objects/obj_mac.h
@@ -241,6 +241,26 @@
241#define NID_sha1WithRSAEncryption 65 241#define NID_sha1WithRSAEncryption 65
242#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L 242#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
243 243
244#define SN_sha256WithRSAEncryption "RSA-SHA256"
245#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
246#define NID_sha256WithRSAEncryption 668
247#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
248
249#define SN_sha384WithRSAEncryption "RSA-SHA384"
250#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
251#define NID_sha384WithRSAEncryption 669
252#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
253
254#define SN_sha512WithRSAEncryption "RSA-SHA512"
255#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
256#define NID_sha512WithRSAEncryption 670
257#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
258
259#define SN_sha224WithRSAEncryption "RSA-SHA224"
260#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
261#define NID_sha224WithRSAEncryption 671
262#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
263
244#define SN_pkcs3 "pkcs3" 264#define SN_pkcs3 "pkcs3"
245#define NID_pkcs3 27 265#define NID_pkcs3 27
246#define OBJ_pkcs3 OBJ_pkcs,3L 266#define OBJ_pkcs3 OBJ_pkcs,3L
@@ -1048,17 +1068,17 @@
1048#define NID_aaControls 289 1068#define NID_aaControls 289
1049#define OBJ_aaControls OBJ_id_pe,6L 1069#define OBJ_aaControls OBJ_id_pe,6L
1050 1070
1051#define SN_sbqp_ipAddrBlock "sbqp-ipAddrBlock" 1071#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
1052#define NID_sbqp_ipAddrBlock 290 1072#define NID_sbgp_ipAddrBlock 290
1053#define OBJ_sbqp_ipAddrBlock OBJ_id_pe,7L 1073#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L
1054 1074
1055#define SN_sbqp_autonomousSysNum "sbqp-autonomousSysNum" 1075#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
1056#define NID_sbqp_autonomousSysNum 291 1076#define NID_sbgp_autonomousSysNum 291
1057#define OBJ_sbqp_autonomousSysNum OBJ_id_pe,8L 1077#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L
1058 1078
1059#define SN_sbqp_routerIdentifier "sbqp-routerIdentifier" 1079#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
1060#define NID_sbqp_routerIdentifier 292 1080#define NID_sbgp_routerIdentifier 292
1061#define OBJ_sbqp_routerIdentifier OBJ_id_pe,9L 1081#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L
1062 1082
1063#define SN_ac_proxying "ac-proxying" 1083#define SN_ac_proxying "ac-proxying"
1064#define NID_ac_proxying 397 1084#define NID_ac_proxying 397
@@ -1779,6 +1799,11 @@
1779#define NID_delta_crl 140 1799#define NID_delta_crl 140
1780#define OBJ_delta_crl OBJ_id_ce,27L 1800#define OBJ_delta_crl OBJ_id_ce,27L
1781 1801
1802#define SN_name_constraints "nameConstraints"
1803#define LN_name_constraints "X509v3 Name Constraints"
1804#define NID_name_constraints 666
1805#define OBJ_name_constraints OBJ_id_ce,30L
1806
1782#define SN_crl_distribution_points "crlDistributionPoints" 1807#define SN_crl_distribution_points "crlDistributionPoints"
1783#define LN_crl_distribution_points "X509v3 CRL Distribution Points" 1808#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
1784#define NID_crl_distribution_points 103 1809#define NID_crl_distribution_points 103
@@ -2081,6 +2106,28 @@
2081#define LN_des_ede3_cfb8 "des-ede3-cfb8" 2106#define LN_des_ede3_cfb8 "des-ede3-cfb8"
2082#define NID_des_ede3_cfb8 659 2107#define NID_des_ede3_cfb8 659
2083 2108
2109#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
2110
2111#define SN_sha256 "SHA256"
2112#define LN_sha256 "sha256"
2113#define NID_sha256 672
2114#define OBJ_sha256 OBJ_nist_hashalgs,1L
2115
2116#define SN_sha384 "SHA384"
2117#define LN_sha384 "sha384"
2118#define NID_sha384 673
2119#define OBJ_sha384 OBJ_nist_hashalgs,2L
2120
2121#define SN_sha512 "SHA512"
2122#define LN_sha512 "sha512"
2123#define NID_sha512 674
2124#define OBJ_sha512 OBJ_nist_hashalgs,3L
2125
2126#define SN_sha224 "SHA224"
2127#define LN_sha224 "sha224"
2128#define NID_sha224 675
2129#define OBJ_sha224 OBJ_nist_hashalgs,4L
2130
2084#define SN_hold_instruction_code "holdInstructionCode" 2131#define SN_hold_instruction_code "holdInstructionCode"
2085#define LN_hold_instruction_code "Hold Instruction Code" 2132#define LN_hold_instruction_code "Hold Instruction Code"
2086#define NID_hold_instruction_code 430 2133#define NID_hold_instruction_code 430
diff --git a/src/lib/libcrypto/pem/Makefile b/src/lib/libcrypto/pem/Makefile
index f3dfea2ac8..fbc2b5d056 100644
--- a/src/lib/libcrypto/pem/Makefile
+++ b/src/lib/libcrypto/pem/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/pem/Makefile 2# OpenSSL/crypto/pem/Makefile
3# 3#
4 4
5DIR= pem 5DIR= pem
diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl
index 5009acb4b3..4bdb3fe180 100644
--- a/src/lib/libcrypto/perlasm/x86nasm.pl
+++ b/src/lib/libcrypto/perlasm/x86nasm.pl
@@ -221,7 +221,15 @@ sub using486
221 221
222sub main'file 222sub main'file
223 { 223 {
224 push(@out, "segment .text use32\n"); 224 local $tmp;
225 $tmp=<<___;
226%ifdef __omf__
227section code use32 class=code
228%else
229section .text
230%endif
231___
232 push(@out,$tmp);
225 } 233 }
226 234
227sub main'function_begin 235sub main'function_begin
diff --git a/src/lib/libcrypto/pkcs12/Makefile b/src/lib/libcrypto/pkcs12/Makefile
index 854b641f7c..bef4f27912 100644
--- a/src/lib/libcrypto/pkcs12/Makefile
+++ b/src/lib/libcrypto/pkcs12/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/pkcs12/Makefile 2# OpenSSL/crypto/pkcs12/Makefile
3# 3#
4 4
5DIR= pkcs12 5DIR= pkcs12
diff --git a/src/lib/libcrypto/pkcs7/Makefile b/src/lib/libcrypto/pkcs7/Makefile
index f15c65f690..a213ae2227 100644
--- a/src/lib/libcrypto/pkcs7/Makefile
+++ b/src/lib/libcrypto/pkcs7/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/pkcs7/Makefile 2# OpenSSL/crypto/pkcs7/Makefile
3# 3#
4 4
5DIR= pkcs7 5DIR= pkcs7
diff --git a/src/lib/libcrypto/rand/Makefile b/src/lib/libcrypto/rand/Makefile
index 665eaa18e5..b1d1a75f98 100644
--- a/src/lib/libcrypto/rand/Makefile
+++ b/src/lib/libcrypto/rand/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rand/Makefile 2# OpenSSL/crypto/rand/Makefile
3# 3#
4 4
5DIR= rand 5DIR= rand
diff --git a/src/lib/libcrypto/rc2/Makefile b/src/lib/libcrypto/rc2/Makefile
index 18edaca6c6..34080ab741 100644
--- a/src/lib/libcrypto/rc2/Makefile
+++ b/src/lib/libcrypto/rc2/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rc2/Makefile 2# OpenSSL/crypto/rc2/Makefile
3# 3#
4 4
5DIR= rc2 5DIR= rc2
@@ -82,7 +82,7 @@ rc2_cbc.o: rc2_cbc.c rc2_locl.h
82rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 82rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
83rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h 83rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
84rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 84rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
85rc2_skey.o: ../../include/openssl/opensslconf.h 85rc2_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
86rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h 86rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
87rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 87rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
88rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c 88rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c
diff --git a/src/lib/libcrypto/rc2/rc2speed.c b/src/lib/libcrypto/rc2/rc2speed.c
index 47d34b444e..4d0e1242ea 100644
--- a/src/lib/libcrypto/rc2/rc2speed.c
+++ b/src/lib/libcrypto/rc2/rc2speed.c
@@ -102,10 +102,10 @@ OPENSSL_DECLARE_EXIT
102#ifndef HZ 102#ifndef HZ
103#ifndef CLK_TCK 103#ifndef CLK_TCK
104#define HZ 100.0 104#define HZ 100.0
105#endif 105#else /* CLK_TCK */
106#else /* CLK_TCK */
107#define HZ ((double)CLK_TCK) 106#define HZ ((double)CLK_TCK)
108#endif 107#endif /* CLK_TCK */
108#endif /* HZ */
109 109
110#define BUFSIZE ((long)1024) 110#define BUFSIZE ((long)1024)
111long run=0; 111long run=0;
diff --git a/src/lib/libcrypto/rc4/Makefile b/src/lib/libcrypto/rc4/Makefile
index 64e06924f4..20d078ec87 100644
--- a/src/lib/libcrypto/rc4/Makefile
+++ b/src/lib/libcrypto/rc4/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rc4/Makefile 2# OpenSSL/crypto/rc4/Makefile
3# 3#
4 4
5DIR= rc4 5DIR= rc4
@@ -66,10 +66,14 @@ asm/rx86bsdi.o: asm/rx86unix.cpp
66asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl 66asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
67 (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp) 67 (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
68 68
69asm/rc4-amd64.s: asm/rc4-amd64.pl; $(PERL) asm/rc4-amd64.pl $@ 69asm/rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@
70 70
71asm/rc4-ia64.s: asm/rc4-ia64.S 71asm/rc4-ia64.s: asm/rc4-ia64.S
72 $(CC) $(CFLAGS) -E asm/rc4-ia64.S > $@ 72 @case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
73 int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E asm/rc4-ia64.S > $@ ;; \
74 char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E asm/rc4-ia64.S > $@ ;; \
75 *) exit 1 ;; \
76 esac
73 77
74files: 78files:
75 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO 79 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -116,7 +120,8 @@ rc4_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_enc.c rc4_locl.h
116rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h 120rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
117rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 121rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
118rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 122rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
119rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 123rc4_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
124rc4_skey.o: ../../include/openssl/opensslconf.h
120rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h 125rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
121rc4_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 126rc4_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
122rc4_skey.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_locl.h 127rc4_skey.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_locl.h
diff --git a/src/lib/libcrypto/rc4/asm/rc4-ia64.S b/src/lib/libcrypto/rc4/asm/rc4-ia64.S
index b517d2e88f..a322d0c718 100644
--- a/src/lib/libcrypto/rc4/asm/rc4-ia64.S
+++ b/src/lib/libcrypto/rc4/asm/rc4-ia64.S
@@ -7,7 +7,7 @@
7// disclaimed. 7// disclaimed.
8// ==================================================================== 8// ====================================================================
9 9
10.ident "rc4-ia64.S, Version 1.1" 10.ident "rc4-ia64.S, Version 2.0"
11.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>" 11.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
12 12
13// What's wrong with compiler generated code? Because of the nature of 13// What's wrong with compiler generated code? Because of the nature of
@@ -27,17 +27,10 @@
27// Legitimate "collisions" do occur within every 256^2 bytes window. 27// Legitimate "collisions" do occur within every 256^2 bytes window.
28// Fortunately there're enough free instruction slots to keep prior 28// Fortunately there're enough free instruction slots to keep prior
29// reference to key[x+1], detect "collision" and compensate for it. 29// reference to key[x+1], detect "collision" and compensate for it.
30// All this without sacrificing a single clock cycle:-) 30// All this without sacrificing a single clock cycle:-) Throughput is
31// Furthermore. In order to compress loop body to the minimum, I chose 31// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated
32// to deploy deposit instruction, which substitutes for the whole 32// code and +30% - if compared to HP-UX C. Unrolling loop below should
33// key->data+((x&255)<<log2(sizeof(key->data[0]))). This unfortunately 33// give >30% on top of that...
34// requires key->data to be aligned at sizeof(key->data) boundary.
35// This is why you'll find "RC4_INT pad[512-256-2];" addenum to RC4_KEY
36// and "d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));" in
37// rc4_skey.c [and rc4_enc.c, where it's retained for debugging
38// purposes]. Throughput is ~210MBps on 900MHz CPU, which is is >3x
39// faster than gcc generated code and +30% - if compared to HP-UX C.
40// Unrolling loop below should give >30% on top of that...
41 34
42.text 35.text
43.explicit 36.explicit
@@ -48,7 +41,9 @@
48# define ADDP add 41# define ADDP add
49#endif 42#endif
50 43
44#ifndef SZ
51#define SZ 4 // this is set to sizeof(RC4_INT) 45#define SZ 4 // this is set to sizeof(RC4_INT)
46#endif
52// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for 47// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for
53// assembler implementation, while SZ==1 code is ~30% slower. 48// assembler implementation, while SZ==1 code is ~30% slower.
54#if SZ==1 // RC4_INT is unsigned char 49#if SZ==1 // RC4_INT is unsigned char
@@ -101,45 +96,53 @@ RC4:
101 ADDP out=0,in3 96 ADDP out=0,in3
102 brp.loop.imp .Ltop,.Lexit-16 };; 97 brp.loop.imp .Ltop,.Lexit-16 };;
103{ .mmi; LDKEY yy=[key] // load key->y 98{ .mmi; LDKEY yy=[key] // load key->y
104 add ksch=(255+1)*SZ,key // as ksch will be used with 99 add ksch=SZ,key
105 // deposit instruction only,
106 // I don't have to &~255...
107 mov ar.lc=in1 } 100 mov ar.lc=in1 }
108{ .mmi; mov key_y[1]=r0 // guarantee inequality 101{ .mmi; mov key_y[1]=r0 // guarantee inequality
109 // in first iteration 102 // in first iteration
110 add xx=1,xx 103 add xx=1,xx
111 mov pr.rot=1<<16 };; 104 mov pr.rot=1<<16 };;
112{ .mii; nop.m 0 105{ .mii; nop.m 0
113 dep key_x[1]=xx,ksch,OFF,8 106 dep key_x[1]=xx,r0,OFF,8
114 mov ar.ec=3 };; // note that epilogue counter 107 mov ar.ec=3 };; // note that epilogue counter
115 // is off by 1. I compensate 108 // is off by 1. I compensate
116 // for this at exit... 109 // for this at exit...
117.Ltop: 110.Ltop:
118// The loop is scheduled for 3*(n+2) spin-rate on Itanium 2, which 111// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which
119// theoretically gives asymptotic performance of clock frequency 112// theoretically gives asymptotic performance of clock frequency
120// divided by 3 bytes per seconds, or 500MBps on 1.5GHz CPU. Measured 113// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is
121// performance however is distinctly lower than 1/4:-( The culplrit 114// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently
122// seems to be *(out++)=dat, which inadvertently splits the bundle, 115// splits the last bundle and you end up with 5*n spin-rate:-(
123// even though there is M-port available... Unrolling is due... 116// Originally the loop was scheduled for 3*n and relied on key
124// Unrolled loop should collect output with variable shift instruction 117// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But
125// in order to avoid starvation for integer shifter... It should be 118// *(out++)=dat, which maps to st1, had same effect [inadvertent
126// possible to get pretty close to theoretical peak... 119// bundle split] and holded the loop back. Rescheduling for 4*n
127{ .mmi; (p16) LDKEY tx[0]=[key_x[1]] // tx=key[xx] 120// made it possible to eliminate dependence on specific alignment
128 (p17) LDKEY ty[0]=[key_y[1]] // ty=key[yy] 121// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would
129 (p18) dep rnd[1]=rnd[1],ksch,OFF,8} // &key[(tx+ty)&255] 122// require unrolling, sticking to variable shift instruction for
123// collecting output [to avoid starvation for integer shifter] and
124// copying of key schedule to controlled place in stack [so that
125// deposit instruction can serve as substitute for whole
126// key->data+((x&255)<<log2(sizeof(key->data[0])))]...
130{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat 127{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat
131 (p16) add xx=1,xx // x++ 128 (p16) add xx=1,xx // x++
132 (p16) cmp.ne.unc p20,p21=key_x[1],key_y[1] };; 129 (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<<OFF
130{ .mmi; (p16) add key_x[1]=ksch,key_x[1] // &key[xx&255]
131 (p17) add key_y[1]=ksch,key_y[1] };; // &key[yy&255]
132{ .mmi; (p16) LDKEY tx[0]=[key_x[1]] // tx=key[xx]
133 (p17) LDKEY ty[0]=[key_y[1]] // ty=key[yy]
134 (p16) dep key_x[0]=xx,r0,OFF,8 } // (xx&255)<<OFF
135{ .mmi; (p18) add rnd[1]=ksch,rnd[1] // &key[(tx+ty)&255]
136 (p16) cmp.ne.unc p20,p21=key_x[1],key_y[1] };;
133{ .mmi; (p18) LDKEY rnd[1]=[rnd[1]] // rnd=key[(tx+ty)&255] 137{ .mmi; (p18) LDKEY rnd[1]=[rnd[1]] // rnd=key[(tx+ty)&255]
134 (p16) ld1 dat[0]=[inp],1 // dat=*(inp++) 138 (p16) ld1 dat[0]=[inp],1 } // dat=*(inp++)
135 (p16) dep key_x[0]=xx,ksch,OFF,8 } // &key[xx&255]
136.pred.rel "mutex",p20,p21 139.pred.rel "mutex",p20,p21
137{ .mmi; (p21) add yy=yy,tx[1] // (p16) 140{ .mmi; (p21) add yy=yy,tx[1] // (p16)
138 (p20) add yy=yy,tx[0] // (p16) y+=tx 141 (p20) add yy=yy,tx[0] // (p16) y+=tx
139 (p21) mov tx[0]=tx[1] };; // (p16) 142 (p21) mov tx[0]=tx[1] };; // (p16)
140{ .mmi; (p17) STKEY [key_y[1]]=tx[1] // key[yy]=tx 143{ .mmi; (p17) STKEY [key_y[1]]=tx[1] // key[yy]=tx
141 (p17) STKEY [key_x[2]]=ty[0] // key[xx]=ty 144 (p17) STKEY [key_x[2]]=ty[0] // key[xx]=ty
142 (p16) dep key_y[0]=yy,ksch,OFF,8 } // &key[yy&255] 145 (p16) dep key_y[0]=yy,r0,OFF,8 } // &key[yy&255]
143{ .mmb; (p17) add rnd[0]=tx[1],ty[0] // tx+=ty 146{ .mmb; (p17) add rnd[0]=tx[1],ty[0] // tx+=ty
144 (p18) xor dat[2]=dat[2],rnd[1] // dat^=rnd 147 (p18) xor dat[2]=dat[2],rnd[1] // dat^=rnd
145 br.ctop.sptk .Ltop };; 148 br.ctop.sptk .Ltop };;
diff --git a/src/lib/libcrypto/rc5/Makefile b/src/lib/libcrypto/rc5/Makefile
index 3a8d309b29..16e6a60017 100644
--- a/src/lib/libcrypto/rc5/Makefile
+++ b/src/lib/libcrypto/rc5/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rc5/Makefile 2# OpenSSL/crypto/rc5/Makefile
3# 3#
4 4
5DIR= rc5 5DIR= rc5
@@ -102,7 +102,7 @@ rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
102rc5_ecb.o: rc5_ecb.c rc5_locl.h 102rc5_ecb.o: rc5_ecb.c rc5_locl.h
103rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h 103rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h
104rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 104rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
105rc5_skey.o: ../../include/openssl/opensslconf.h 105rc5_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
106rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h 106rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
107rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 107rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
108rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c 108rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c
diff --git a/src/lib/libcrypto/ripemd/Makefile b/src/lib/libcrypto/ripemd/Makefile
index dc086e3434..20c8b4d8db 100644
--- a/src/lib/libcrypto/ripemd/Makefile
+++ b/src/lib/libcrypto/ripemd/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/ripemd/Makefile 2# OpenSSL/crypto/ripemd/Makefile
3# 3#
4 4
5DIR= ripemd 5DIR= ripemd
diff --git a/src/lib/libcrypto/rsa/Makefile b/src/lib/libcrypto/rsa/Makefile
index 5748b0d3d0..8851825250 100644
--- a/src/lib/libcrypto/rsa/Makefile
+++ b/src/lib/libcrypto/rsa/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rsa/Makefile 2# OpenSSL/crypto/rsa/Makefile
3# 3#
4 4
5DIR= rsa 5DIR= rsa
@@ -24,10 +24,10 @@ APPS=
24LIB=$(TOP)/libcrypto.a 24LIB=$(TOP)/libcrypto.a
25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ 25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ 26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
27 rsa_asn1.c 27 rsa_pss.c rsa_x931.c rsa_asn1.c
28LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ 28LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
29 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ 29 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
30 rsa_asn1.o 30 rsa_pss.o rsa_x931.o rsa_asn1.o
31 31
32SRC= $(LIBSRC) 32SRC= $(LIBSRC)
33 33
@@ -184,6 +184,26 @@ rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
184rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h 184rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
185rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 185rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
186rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c 186rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
187rsa_pss.o: ../../e_os.h ../../include/openssl/aes.h
188rsa_pss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
189rsa_pss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
190rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
191rsa_pss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
192rsa_pss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
193rsa_pss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
194rsa_pss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
195rsa_pss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
196rsa_pss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
197rsa_pss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
198rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
199rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
200rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
201rsa_pss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
202rsa_pss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
203rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
204rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
205rsa_pss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
206rsa_pss.o: ../../include/openssl/ui_compat.h ../cryptlib.h rsa_pss.c
187rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h 207rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h
188rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 208rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
189rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 209rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
@@ -237,3 +257,13 @@ rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
237rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h 257rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
238rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 258rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
239rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c 259rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
260rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
261rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
262rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
263rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
264rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
265rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
266rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
267rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
268rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
269rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c
index 924e9ad1f6..218bb2a39b 100644
--- a/src/lib/libcrypto/rsa/rsa_test.c
+++ b/src/lib/libcrypto/rsa/rsa_test.c
@@ -227,10 +227,10 @@ int main(int argc, char *argv[])
227 227
228 plen = sizeof(ptext_ex) - 1; 228 plen = sizeof(ptext_ex) - 1;
229 229
230 for (v = 0; v < 3; v++) 230 for (v = 0; v < 6; v++)
231 { 231 {
232 key = RSA_new(); 232 key = RSA_new();
233 switch (v) { 233 switch (v%3) {
234 case 0: 234 case 0:
235 clen = key1(key, ctext_ex); 235 clen = key1(key, ctext_ex);
236 break; 236 break;
@@ -241,6 +241,7 @@ int main(int argc, char *argv[])
241 clen = key3(key, ctext_ex); 241 clen = key3(key, ctext_ex);
242 break; 242 break;
243 } 243 }
244 if (v/3 > 1) key->flags |= RSA_FLAG_NO_EXP_CONSTTIME;
244 245
245 num = RSA_public_encrypt(plen, ptext_ex, ctext, key, 246 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
246 RSA_PKCS1_PADDING); 247 RSA_PKCS1_PADDING);
diff --git a/src/lib/libcrypto/sha/Makefile b/src/lib/libcrypto/sha/Makefile
index 0426786aa0..46103bbc83 100644
--- a/src/lib/libcrypto/sha/Makefile
+++ b/src/lib/libcrypto/sha/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/sha/Makefile 2# OpenSSL/crypto/sha/Makefile
3# 3#
4 4
5DIR= sha 5DIR= sha
diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c
index e61c63f3e9..d4f4d344df 100644
--- a/src/lib/libcrypto/sha/sha_one.c
+++ b/src/lib/libcrypto/sha/sha_one.c
@@ -68,7 +68,8 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md)
68 static unsigned char m[SHA_DIGEST_LENGTH]; 68 static unsigned char m[SHA_DIGEST_LENGTH];
69 69
70 if (md == NULL) md=m; 70 if (md == NULL) md=m;
71 SHA_Init(&c); 71 if (!SHA_Init(&c))
72 return NULL;
72 SHA_Update(&c,d,n); 73 SHA_Update(&c,d,n);
73 SHA_Final(md,&c); 74 SHA_Final(md,&c);
74 OPENSSL_cleanse(&c,sizeof(c)); 75 OPENSSL_cleanse(&c,sizeof(c));
diff --git a/src/lib/libcrypto/stack/Makefile b/src/lib/libcrypto/stack/Makefile
index 4d5199a000..711b16832a 100644
--- a/src/lib/libcrypto/stack/Makefile
+++ b/src/lib/libcrypto/stack/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/stack/Makefile 2# OpenSSL/crypto/stack/Makefile
3# 3#
4 4
5DIR= stack 5DIR= stack
diff --git a/src/lib/libcrypto/txt_db/Makefile b/src/lib/libcrypto/txt_db/Makefile
index f91a08f006..3cb550a795 100644
--- a/src/lib/libcrypto/txt_db/Makefile
+++ b/src/lib/libcrypto/txt_db/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/txt_db/Makefile 2# OpenSSL/crypto/txt_db/Makefile
3# 3#
4 4
5DIR= txt_db 5DIR= txt_db
diff --git a/src/lib/libcrypto/util/checkhash.pl b/src/lib/libcrypto/util/checkhash.pl
new file mode 100644
index 0000000000..c61fa72178
--- /dev/null
+++ b/src/lib/libcrypto/util/checkhash.pl
@@ -0,0 +1,222 @@
1#!/usr/bin/env perl -w
2
3my $package = caller;
4
5if (!(defined $package))
6 {
7 my $retval = check_hashes(@ARGV);
8 exit $retval;
9 }
10
111;
12
13sub check_hashes
14 {
15
16 my @args = @_;
17
18 my $change_dir = "";
19 my $check_program = "sha/fips_standalone_sha1";
20
21 my $verbose = 0;
22 my $badfiles = 0;
23 my $rebuild = 0;
24 my $force_rewrite = 0;
25 my $hash_file = "fipshashes.c";
26 my $recurse = 0;
27
28 my @fingerprint_files;
29
30 while (@args)
31 {
32 my $arg = $args[0];
33 if ($arg eq "-chdir")
34 {
35 shift @args;
36 $change_dir = shift @args;
37 }
38 elsif ($arg eq "-rebuild")
39 {
40 shift @args;
41 $rebuild = 1;
42 }
43 elsif ($arg eq "-verbose")
44 {
45 shift @args;
46 $verbose = 1;
47 }
48 elsif ($arg eq "-force-rewrite")
49 {
50 shift @args;
51 $force_rewrite = 1;
52 }
53 elsif ($arg eq "-hash_file")
54 {
55 shift @args;
56 $hash_file = shift @args;
57 }
58 elsif ($arg eq "-recurse")
59 {
60 shift @args;
61 $recurse = 1;
62 }
63 elsif ($arg eq "-program_path")
64 {
65 shift @args;
66 $check_program = shift @args;
67 }
68 else
69 {
70 print STDERR "Unknown Option $arg";
71 return 1;
72 }
73
74 }
75
76 chdir $change_dir if $change_dir ne "";
77
78 if ($recurse)
79 {
80 @fingerprint_files = ("fingerprint.sha1",
81 <*/fingerprint.sha1>);
82 }
83 else
84 {
85 push @fingerprint_files, $hash_file;
86 }
87
88 foreach $fp (@fingerprint_files)
89 {
90 if (!open(IN, "$fp"))
91 {
92 print STDERR "Can't open file $fp";
93 return 1;
94 }
95 print STDERR "Opening Fingerprint file $fp\n" if $verbose;
96 my $dir = $fp;
97 $dir =~ s/[^\/]*$//;
98 while (<IN>)
99 {
100 chomp;
101 if (!(($file, $hash) = /^\"HMAC-SHA1\((.*)\)\s*=\s*(\w*)\",$/))
102 {
103 /^\"/ || next;
104 print STDERR "FATAL: Invalid syntax in file $fp\n";
105 print STDERR "Line:\n$_\n";
106 fatal_error();
107 return 1;
108 }
109 if (!$rebuild && length($hash) != 40)
110 {
111 print STDERR "FATAL: Invalid hash length in $fp for file $file\n";
112 fatal_error();
113 return 1;
114 }
115 push @hashed_files, "$dir$file";
116 if (exists $hashes{"$dir$file"})
117 {
118 print STDERR "FATAL: Duplicate Hash file $dir$file\n";
119 fatal_error();
120 return 1;
121 }
122 if (! -r "$dir$file")
123 {
124 print STDERR "FATAL: Can't access $dir$file\n";
125 fatal_error();
126 return 1;
127 }
128 $hashes{"$dir$file"} = $hash;
129 }
130 close IN;
131 }
132
133 @checked_hashes = `$check_program @hashed_files`;
134
135 if ($? != 0)
136 {
137 print STDERR "Error running hash program $check_program\n";
138 fatal_error();
139 return 1;
140 }
141
142 if (@checked_hashes != @hashed_files)
143 {
144 print STDERR "FATAL: hash count incorrect\n";
145 fatal_error();
146 return 1;
147 }
148
149 foreach (@checked_hashes)
150 {
151 chomp;
152 if (!(($file, $hash) = /^HMAC-SHA1\((.*)\)\s*=\s*(\w*)$/))
153 {
154 print STDERR "FATAL: Invalid syntax in file $fp\n";
155 print STDERR "Line:\n$_\n";
156 fatal_error();
157 return 1;
158 }
159 if (length($hash) != 40)
160 {
161 print STDERR "FATAL: Invalid hash length for file $file\n";
162 fatal_error();
163 return 1;
164 }
165 if ($hash ne $hashes{$file})
166 {
167 if ($rebuild)
168 {
169 print STDERR "Updating hash on file $file\n";
170 $hashes{$file} = $hash;
171 }
172 else
173 {
174 print STDERR "Hash check failed for file $file\n";
175 }
176 $badfiles++;
177 }
178 elsif ($verbose)
179 { print "Hash Check OK for $file\n";}
180 }
181
182
183 if ($badfiles && !$rebuild)
184 {
185 print STDERR "FATAL: hash mismatch on $badfiles files\n";
186 fatal_error();
187 return 1;
188 }
189
190 if ($badfiles || $force_rewrite)
191 {
192 print "Updating Hash file $hash_file\n";
193 if (!open(OUT, ">$hash_file"))
194 {
195 print STDERR "Error rewriting $hash_file";
196 return 1;
197 }
198 print OUT "const char * const FIPS_source_hashes[] = {\n";
199 foreach (@hashed_files)
200 {
201 print OUT "\"HMAC-SHA1($_)= $hashes{$_}\",\n";
202 }
203 print OUT "};\n";
204 close OUT;
205 }
206
207 if (!$badfiles)
208 {
209 print "FIPS hash check successful\n";
210 }
211
212 return 0;
213
214 }
215
216
217sub fatal_error
218 {
219 print STDERR "*** Your source code does not match the FIPS validated source ***\n";
220 }
221
222
diff --git a/src/lib/libcrypto/util/fipslink.pl b/src/lib/libcrypto/util/fipslink.pl
new file mode 100644
index 0000000000..a893833c5c
--- /dev/null
+++ b/src/lib/libcrypto/util/fipslink.pl
@@ -0,0 +1,78 @@
1#!/usr/bin/perl
2
3sub check_env
4 {
5 my @ret;
6 foreach (@_)
7 {
8 die "Environment variable $_ not defined!\n" unless exists $ENV{$_};
9 push @ret, $ENV{$_};
10 }
11 return @ret;
12 }
13
14
15my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir, $sha1_exe)
16 = check_env("FIPS_CC", "FIPS_CC_ARGS", "FIPS_LINK", "FIPS_TARGET",
17 "FIPSLIB_D", "FIPS_SHA1_EXE");
18
19
20
21if (exists $ENV{"PREMAIN_DSO_EXE"})
22 {
23 $fips_premain_dso = $ENV{"PREMAIN_DSO_EXE"};
24 }
25 else
26 {
27 $fips_premain_dso = "";
28 }
29
30check_hash($sha1_exe, "fips_premain.c");
31check_hash($sha1_exe, "fipscanister.o");
32
33
34print "Integrity check OK\n";
35
36print "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c\n";
37system "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c";
38die "First stage Compile failure" if $? != 0;
39
40print "$fips_link @ARGV\n";
41system "$fips_link @ARGV";
42die "First stage Link failure" if $? != 0;
43
44
45print "$fips_premain_dso $fips_target\n";
46$fips_hash=`$fips_premain_dso $fips_target`;
47chomp $fips_hash;
48die "Get hash failure" if $? != 0;
49
50
51print "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c\n";
52system "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c";
53die "Second stage Compile failure" if $? != 0;
54
55
56print "$fips_link @ARGV\n";
57system "$fips_link @ARGV";
58die "Second stage Link failure" if $? != 0;
59
60sub check_hash
61 {
62 my ($sha1_exe, $filename) = @_;
63 my ($hashfile, $hashval);
64
65 open(IN, "${fips_libdir}/${filename}.sha1") || die "Cannot open file hash file ${fips_libdir}/${filename}.sha1";
66 $hashfile = <IN>;
67 close IN;
68 $hashval = `$sha1_exe ${fips_libdir}/$filename`;
69 chomp $hashfile;
70 chomp $hashval;
71 $hashfile =~ s/^.*=\s+//;
72 $hashval =~ s/^.*=\s+//;
73 die "Invalid hash syntax in file" if (length($hashfile) != 40);
74 die "Invalid hash received for file" if (length($hashval) != 40);
75 die "***HASH VALUE MISMATCH FOR FILE $filename ***" if ($hashval ne $hashfile);
76 }
77
78
diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num
index 56fb7446e0..4222bef6d6 100644
--- a/src/lib/libcrypto/util/libeay.num
+++ b/src/lib/libcrypto/util/libeay.num
@@ -2811,7 +2811,7 @@ EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
2811FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION: 2811FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION:
2812FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION: 2812FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION:
2813EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES 2813EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
2814FIPS_allow_md5 3256 EXIST:OPENSSL_FIPS:FUNCTION: 2814FIPS_allow_md5 3256 NOEXIST::FUNCTION:
2815DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES 2815DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
2816EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES 2816EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
2817FIPS_rand_seeded 3259 EXIST:OPENSSL_FIPS:FUNCTION: 2817FIPS_rand_seeded 3259 EXIST:OPENSSL_FIPS:FUNCTION:
@@ -2837,7 +2837,7 @@ FIPS_dsa_check 3278 EXIST:OPENSSL_FIPS:FUNCTION:
2837AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES 2837AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
2838EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES 2838EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
2839FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION: 2839FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION:
2840FIPS_md5_allowed 3282 EXIST:OPENSSL_FIPS:FUNCTION: 2840FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
2841FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION: 2841FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION:
2842FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION: 2842FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION:
2843sk_is_sorted 3285 EXIST::FUNCTION: 2843sk_is_sorted 3285 EXIST::FUNCTION:
@@ -2867,3 +2867,41 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA
2867PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: 2867PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
2868PROXY_POLICY_free 3308 EXIST::FUNCTION: 2868PROXY_POLICY_free 3308 EXIST::FUNCTION:
2869PROXY_POLICY_new 3309 EXIST::FUNCTION: 2869PROXY_POLICY_new 3309 EXIST::FUNCTION:
2870BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION:
2871FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION:
2872EVP_sha384 3312 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2873EVP_sha512 3313 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2874EVP_sha224 3314 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2875EVP_sha256 3315 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2876FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION:
2877FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION:
2878BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION:
2879RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA
2880RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA
2881RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
2882RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
2883RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
2884PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
2885BN_X931_generate_Xpq 3325 EXIST:OPENSSL_FIPS:FUNCTION:
2886RSA_X931_generate_key 3326 EXIST:OPENSSL_FIPS:FUNCTION:RSA
2887BN_X931_derive_prime 3327 EXIST:OPENSSL_FIPS:FUNCTION:
2888BN_X931_generate_prime 3328 EXIST:OPENSSL_FIPS:FUNCTION:
2889RSA_X931_derive 3329 EXIST:OPENSSL_FIPS:FUNCTION:RSA
2890SHA512_Update 3356 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2891SHA256_Init 3479 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2892SHA224 3510 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2893SHA384_Update 3551 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2894SHA224_Final 3560 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2895SHA224_Update 3562 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2896SHA512_Final 3581 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2897SHA224_Init 3631 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2898SHA512_Init 3633 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2899SHA256 3654 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2900SHA256_Transform 3664 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2901SHA512 3669 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2902SHA512_Transform 3675 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2903SHA256_Final 3712 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2904SHA384_Init 3737 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2905SHA384_Final 3740 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2906SHA384 3745 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2907SHA256_Update 3765 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl
index 957264c6b5..05a6086164 100644
--- a/src/lib/libcrypto/util/mk1mf.pl
+++ b/src/lib/libcrypto/util/mk1mf.pl
@@ -10,6 +10,20 @@ $OPTIONS="";
10$ssl_version=""; 10$ssl_version="";
11$banner="\t\@echo Building OpenSSL"; 11$banner="\t\@echo Building OpenSSL";
12 12
13local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
14local $zlib_lib = "";
15
16my $fips_canister_path = "";
17my $fips_premain_dso_exe_path = "";
18my $fips_premain_c_path = "";
19my $fips_sha1_exe_path = "";
20
21my $fipslibdir = "";
22my $baseaddr = "";
23
24my $ex_l_libs = "";
25
26
13open(IN,"<Makefile") || die "unable to open Makefile!\n"; 27open(IN,"<Makefile") || die "unable to open Makefile!\n";
14while(<IN>) { 28while(<IN>) {
15 $ssl_version=$1 if (/^VERSION=(.*)$/); 29 $ssl_version=$1 if (/^VERSION=(.*)$/);
@@ -24,6 +38,7 @@ $infile="MINFO";
24 38
25%ops=( 39%ops=(
26 "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", 40 "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X",
41 "VC-WIN32-GMAKE", "Microsoft Visual C++ [4-6] - Windows NT or 9X, GNU make",
27 "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", 42 "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
28 "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", 43 "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY",
29 "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", 44 "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
@@ -43,6 +58,7 @@ $infile="MINFO";
43 ); 58 );
44 59
45$platform=""; 60$platform="";
61my $xcflags="";
46foreach (@ARGV) 62foreach (@ARGV)
47 { 63 {
48 if (!&read_options && !defined($ops{$_})) 64 if (!&read_options && !defined($ops{$_}))
@@ -104,8 +120,12 @@ $inc_def="outinc";
104$tmp_def="tmp"; 120$tmp_def="tmp";
105 121
106$mkdir="-mkdir"; 122$mkdir="-mkdir";
123$mkcanister="ld -r -o";
124
125$ex_build_targets = "";
107 126
108($ssl,$crypto)=("ssl","crypto"); 127($ssl,$crypto)=("ssl","crypto");
128$cryptocompat = "";
109$ranlib="echo ranlib"; 129$ranlib="echo ranlib";
110 130
111$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc'; 131$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
@@ -140,6 +160,10 @@ elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
140 $NT = 1 if $platform eq "VC-NT"; 160 $NT = 1 if $platform eq "VC-NT";
141 require 'VC-32.pl'; 161 require 'VC-32.pl';
142 } 162 }
163elsif ($platform eq "VC-WIN32-GMAKE")
164 {
165 require 'VC-32-GMAKE.pl';
166 }
143elsif ($platform eq "VC-CE") 167elsif ($platform eq "VC-CE")
144 { 168 {
145 require 'VC-CE.pl'; 169 require 'VC-CE.pl';
@@ -210,6 +234,8 @@ $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
210 234
211$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq '')); 235$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
212 236
237$cflags= "$xcflags$cflags" if $xcflags ne "";
238
213$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; 239$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
214$cflags.=" -DOPENSSL_NO_AES" if $no_aes; 240$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
215$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; 241$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
@@ -239,6 +265,9 @@ $cflags.=" -DOPENSSL_NO_HW" if $no_hw;
239$cflags.=" -DOPENSSL_FIPS" if $fips; 265$cflags.=" -DOPENSSL_FIPS" if $fips;
240#$cflags.=" -DRSAref" if $rsaref ne ""; 266#$cflags.=" -DRSAref" if $rsaref ne "";
241 267
268$cflags.= " -DZLIB" if $zlib_opt;
269$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
270
242## if ($unix) 271## if ($unix)
243## { $cflags="$c_flags" if ($c_flags ne ""); } 272## { $cflags="$c_flags" if ($c_flags ne ""); }
244##else 273##else
@@ -246,6 +275,7 @@ $cflags.=" -DOPENSSL_FIPS" if $fips;
246 275
247$ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); 276$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
248 277
278
249%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", 279%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
250 "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); 280 "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
251 281
@@ -262,6 +292,135 @@ $link="$bin_dir$link" if ($link !~ /^\$/);
262 292
263$INSTALLTOP =~ s|/|$o|g; 293$INSTALLTOP =~ s|/|$o|g;
264 294
295#############################################
296# We parse in input file and 'store' info for later printing.
297open(IN,"<$infile") || die "unable to open $infile:$!\n";
298$_=<IN>;
299for (;;)
300 {
301 chop;
302
303 ($key,$val)=/^([^=]+)=(.*)/;
304 if ($key eq "RELATIVE_DIRECTORY")
305 {
306 if ($lib ne "")
307 {
308 if ($fips && $dir =~ /^fips/)
309 {
310 $uc = "FIPS";
311 }
312 else
313 {
314 $uc=$lib;
315 $uc =~ s/^lib(.*)\.a/$1/;
316 $uc =~ tr/a-z/A-Z/;
317 }
318 if (($uc ne "FIPS") || $fips_canister_build)
319 {
320 $lib_nam{$uc}=$uc;
321 $lib_obj{$uc}.=$libobj." ";
322 }
323 }
324 last if ($val eq "FINISHED");
325 $lib="";
326 $libobj="";
327 $dir=$val;
328 }
329
330 if ($key eq "KRB5_INCLUDES")
331 { $cflags .= " $val";}
332
333 if ($key eq "ZLIB_INCLUDE")
334 { $cflags .= " $val" if $val ne "";}
335
336 if ($key eq "LIBZLIB")
337 { $zlib_lib = "$val" if $val ne "";}
338
339 if ($key eq "LIBKRB5")
340 { $ex_libs .= " $val" if $val ne "";}
341
342 if ($key eq "TEST")
343 { $test.=&var_add($dir,$val); }
344
345 if (($key eq "PROGS") || ($key eq "E_OBJ"))
346 { $e_exe.=&var_add($dir,$val); }
347
348 if ($key eq "LIB")
349 {
350 $lib=$val;
351 $lib =~ s/^.*\/([^\/]+)$/$1/;
352 }
353
354 if ($key eq "EXHEADER")
355 { $exheader.=&var_add($dir,$val); }
356
357 if ($key eq "HEADER")
358 { $header.=&var_add($dir,$val); }
359
360 if ($key eq "LIBOBJ")
361 { $libobj=&var_add($dir,$val); }
362
363 if ($key eq "FIPSLIBDIR")
364 { $fipslibdir=$val;}
365
366 if ($key eq "BASEADDR")
367 { $baseaddr=$val;}
368
369 if (!($_=<IN>))
370 { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
371 }
372close(IN);
373
374if ($fips_canister_path eq "")
375 {
376 $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.o";
377 }
378
379if ($fips_premain_c_path eq "")
380 {
381 $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
382 }
383
384if ($fips)
385 {
386 if ($fips_sha1_exe_path eq "")
387 {
388 $fips_sha1_exe_path =
389 "\$(BIN_D)${o}fips_standalone_sha1$exep";
390 }
391 }
392 else
393 {
394 $fips_sha1_exe_path = "";
395 }
396
397if ($fips_premain_dso_exe_path eq "")
398 {
399 $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
400 }
401
402# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
403
404if ($fips)
405 {
406 if (!$shlib)
407 {
408 $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
409 $ex_l_libs .= " \$(O_FIPSCANISTER)";
410 }
411 if ($fipslibdir eq "")
412 {
413 open (IN, "util/fipslib_path.txt") || fipslib_error();
414 $fipslibdir = <IN>;
415 chomp $fipslibdir;
416 close IN;
417 }
418 fips_check_files($fipslibdir,
419 "fipscanister.o", "fipscanister.o.sha1",
420 "fips_premain.c", "fips_premain.c.sha1");
421 }
422
423
265$defs= <<"EOF"; 424$defs= <<"EOF";
266# This makefile has been automatically generated from the OpenSSL distribution. 425# This makefile has been automatically generated from the OpenSSL distribution.
267# This single makefile will build the complete OpenSSL distribution and 426# This single makefile will build the complete OpenSSL distribution and
@@ -286,6 +445,7 @@ if ($platform eq "VC-CE")
286!INCLUDE <\$(WCECOMPAT)/wcedefs.mak> 445!INCLUDE <\$(WCECOMPAT)/wcedefs.mak>
287 446
288EOF 447EOF
448 $ex_libs .= " $zlib_lib" if $zlib_opt == 1;
289 } 449 }
290 450
291$defs.= <<"EOF"; 451$defs.= <<"EOF";
@@ -308,6 +468,8 @@ EX_LIBS=$ex_libs
308SRC_D=$src_dir 468SRC_D=$src_dir
309 469
310LINK=$link 470LINK=$link
471PERL=perl
472FIPSLINK=\$(PERL) util${o}fipslink.pl
311LFLAGS=$lflags 473LFLAGS=$lflags
312 474
313BN_ASM_OBJ=$bn_asm_obj 475BN_ASM_OBJ=$bn_asm_obj
@@ -339,6 +501,9 @@ TMP_D=$tmp_dir
339INC_D=$inc_dir 501INC_D=$inc_dir
340INCO_D=$inc_dir${o}openssl 502INCO_D=$inc_dir${o}openssl
341 503
504# Directory containing FIPS module
505
506
342CP=$cp 507CP=$cp
343RM=$rm 508RM=$rm
344RANLIB=$ranlib 509RANLIB=$ranlib
@@ -346,6 +511,18 @@ MKDIR=$mkdir
346MKLIB=$bin_dir$mklib 511MKLIB=$bin_dir$mklib
347MLFLAGS=$mlflags 512MLFLAGS=$mlflags
348ASM=$bin_dir$asm 513ASM=$bin_dir$asm
514MKCANISTER=$mkcanister
515
516# FIPS validated module and support file locations
517
518E_PREMAIN_DSO=fips_premain_dso
519
520FIPSLIB_D=$fipslibdir
521BASEADDR=$baseaddr
522FIPS_PREMAIN_SRC=$fips_premain_c_path
523O_FIPSCANISTER=$fips_canister_path
524FIPS_SHA1_EXE=$fips_sha1_exe_path
525PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
349 526
350###################################################### 527######################################################
351# You should not need to touch anything below this point 528# You should not need to touch anything below this point
@@ -377,7 +554,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
377L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp 554L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
378L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp 555L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
379 556
380L_LIBS= \$(L_SSL) \$(L_CRYPTO) 557L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
381 558
382###################################################### 559######################################################
383# Don't touch anything below this point 560# Don't touch anything below this point
@@ -387,13 +564,13 @@ INC=-I\$(INC_D) -I\$(INCL_D)
387APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) 564APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
388LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) 565LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
389SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) 566SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
390LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) 567LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep
391 568
392############################################# 569#############################################
393EOF 570EOF
394 571
395$rules=<<"EOF"; 572$rules=<<"EOF";
396all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe 573all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets
397 574
398banner: 575banner:
399$banner 576$banner
@@ -479,57 +656,6 @@ printf OUT " #define DATE \"%s\"\n", scalar gmtime();
479printf OUT "#endif\n"; 656printf OUT "#endif\n";
480close(OUT); 657close(OUT);
481 658
482#############################################
483# We parse in input file and 'store' info for later printing.
484open(IN,"<$infile") || die "unable to open $infile:$!\n";
485$_=<IN>;
486for (;;)
487 {
488 chop;
489
490 ($key,$val)=/^([^=]+)=(.*)/;
491 if ($key eq "RELATIVE_DIRECTORY")
492 {
493 if ($lib ne "")
494 {
495 $uc=$lib;
496 $uc =~ s/^lib(.*)\.a/$1/;
497 $uc =~ tr/a-z/A-Z/;
498 $lib_nam{$uc}=$uc;
499 $lib_obj{$uc}.=$libobj." ";
500 }
501 last if ($val eq "FINISHED");
502 $lib="";
503 $libobj="";
504 $dir=$val;
505 }
506
507 if ($key eq "TEST")
508 { $test.=&var_add($dir,$val); }
509
510 if (($key eq "PROGS") || ($key eq "E_OBJ"))
511 { $e_exe.=&var_add($dir,$val); }
512
513 if ($key eq "LIB")
514 {
515 $lib=$val;
516 $lib =~ s/^.*\/([^\/]+)$/$1/;
517 }
518
519 if ($key eq "EXHEADER")
520 { $exheader.=&var_add($dir,$val); }
521
522 if ($key eq "HEADER")
523 { $header.=&var_add($dir,$val); }
524
525 if ($key eq "LIBOBJ")
526 { $libobj=&var_add($dir,$val); }
527
528 if (!($_=<IN>))
529 { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
530 }
531close(IN);
532
533# Strip of trailing ' ' 659# Strip of trailing ' '
534foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); } 660foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
535$test=&clean_up_ws($test); 661$test=&clean_up_ws($test);
@@ -554,6 +680,29 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
554$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); 680$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
555$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); 681$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
556 682
683# Special case rules for fips_start and fips_end fips_premain_dso
684
685if ($fips)
686 {
687 if ($fips_canister_build)
688 {
689 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
690 "fips-1.0${o}fips_canister.c",
691 "-DFIPS_START \$(SHLIB_CFLAGS)");
692 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
693 "fips-1.0${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
694 }
695 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
696 "fips-1.0${o}sha${o}fips_standalone_sha1.c",
697 "\$(SHLIB_CFLAGS)");
698 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_sha1dgst$obj",
699 "fips-1.0${o}sha${o}fips_sha1dgst.c",
700 "\$(SHLIB_CFLAGS)") unless $fips_canister_build;
701 $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
702 "fips-1.0${o}fips_premain.c",
703 "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)");
704 }
705
557foreach (values %lib_nam) 706foreach (values %lib_nam)
558 { 707 {
559 $lib_obj=$lib_obj{$_}; 708 $lib_obj=$lib_obj{$_};
@@ -630,16 +779,42 @@ foreach (split(/\s+/,$test))
630 } 779 }
631 780
632$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); 781$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
633$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); 782
634 783
635if ($fips) 784if ($fips)
636 { 785 {
637 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)","\$(BIN_D)$o.sha1","\$(BIN_D)$o\$(E_EXE)$exep"); 786 if ($shlib)
787 {
788 $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
789 "\$(O_CRYPTO)",
790 "$crypto",
791 $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
792 }
793 else
794 {
795 $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
796 "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
797 $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
798 "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
799 }
638 } 800 }
639else 801 else
640 { 802 {
641 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); 803 $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
804 "\$(SO_CRYPTO)");
642 } 805 }
806
807
808if ($fips)
809 {
810 $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", "\$(OBJ_D)${o}fips_start$obj \$(FIPSOBJ) \$(OBJ_D)${o}fips_end$obj", "\$(FIPSLIB_D)${o}fips_standalone_sha1$exep", "") if $fips_canister_build;
811 $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
812
813 $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}fips_sha1dgst$obj","","", 1);
814 }
815
816 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)",0);
817
643print $defs; 818print $defs;
644 819
645if ($platform eq "linux-elf") { 820if ($platform eq "linux-elf") {
@@ -935,6 +1110,24 @@ sub read_options
935 elsif (/^shlib$/) { $shlib=1; } 1110 elsif (/^shlib$/) { $shlib=1; }
936 elsif (/^dll$/) { $shlib=1; } 1111 elsif (/^dll$/) { $shlib=1; }
937 elsif (/^shared$/) { } # We just need to ignore it for now... 1112 elsif (/^shared$/) { } # We just need to ignore it for now...
1113 elsif (/^zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
1114 elsif (/^zlib-dynamic$/){ $zlib_opt = 2; }
1115 elsif (/^--with-krb5-flavor=(.*)$/)
1116 {
1117 my $krb5_flavor = $1;
1118 if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
1119 {
1120 $xcflags="-DKRB5_HEIMDAL $xcflags";
1121 }
1122 elsif ($krb5_flavor =~ /^MIT/i)
1123 {
1124 $xcflags="-DKRB5_MIT $xcflags";
1125 if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
1126 {
1127 $xcflags="-DKRB5_MIT_OLD11 $xcflags"
1128 }
1129 }
1130 }
938 elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; } 1131 elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
939 elsif (/^-[lL].*$/) { $l_flags.="$_ "; } 1132 elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
940 elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/) 1133 elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
@@ -942,3 +1135,31 @@ sub read_options
942 else { return(0); } 1135 else { return(0); }
943 return(1); 1136 return(1);
944 } 1137 }
1138
1139sub fipslib_error
1140 {
1141 print STDERR "***FIPS module directory sanity check failed***\n";
1142 print STDERR "FIPS module build failed, or was deleted\n";
1143 print STDERR "Please rebuild FIPS module.\n";
1144 exit 1;
1145 }
1146
1147sub fips_check_files
1148 {
1149 my $dir = shift @_;
1150 my $ret = 1;
1151 if (!-d $dir)
1152 {
1153 print STDERR "FIPS module directory $dir does not exist\n";
1154 fipslib_error();
1155 }
1156 foreach (@_)
1157 {
1158 if (!-f "$dir${o}$_")
1159 {
1160 print STDERR "FIPS module file $_ does not exist!\n";
1161 $ret = 0;
1162 }
1163 }
1164 fipslib_error() if ($ret == 0);
1165 }
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl
index 9918c3d549..6c1e53bb14 100644
--- a/src/lib/libcrypto/util/mkdef.pl
+++ b/src/lib/libcrypto/util/mkdef.pl
@@ -83,7 +83,7 @@ my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); 83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", 84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", 85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
86 "RIPEMD", 86 "SHA256", "SHA512", "RIPEMD",
87 "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES", 87 "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES",
88 # Envelope "algorithms" 88 # Envelope "algorithms"
89 "EVP", "X509", "ASN1_TYPEDEFS", 89 "EVP", "X509", "ASN1_TYPEDEFS",
@@ -267,7 +267,7 @@ $crypto.=" crypto/ocsp/ocsp.h";
267$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; 267$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
268$crypto.=" crypto/krb5/krb5_asn.h"; 268$crypto.=" crypto/krb5/krb5_asn.h";
269$crypto.=" crypto/tmdiff.h"; 269$crypto.=" crypto/tmdiff.h";
270$crypto.=" fips/fips.h fips/rand/fips_rand.h"; 270$crypto.=" fips-1.0/fips.h fips-1.0/rand/fips_rand.h fips-1.0/sha/fips_sha.h";
271 271
272my $symhacks="crypto/symhacks.h"; 272my $symhacks="crypto/symhacks.h";
273 273
@@ -864,6 +864,9 @@ sub do_defs
864 $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); 864 $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
865 $a .= ",RSA" if($s =~ /RSAPrivateKey/); 865 $a .= ",RSA" if($s =~ /RSAPrivateKey/);
866 $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/); 866 $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
867 # SHA2 algorithms only defined in FIPS mode for
868 # OpenSSL 0.9.7
869 $p .= "OPENSSL_FIPS" if($s =~ /SHA[235]/);
867 870
868 $platform{$s} = 871 $platform{$s} =
869 &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p); 872 &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
@@ -1011,7 +1014,7 @@ sub is_valid
1011{ 1014{
1012 my ($keywords_txt,$platforms) = @_; 1015 my ($keywords_txt,$platforms) = @_;
1013 my (@keywords) = split /,/,$keywords_txt; 1016 my (@keywords) = split /,/,$keywords_txt;
1014 my ($falsesum, $truesum) = (0, !grep(/^[^!]/,@keywords)); 1017 my ($falsesum, $truesum) = (0, 1);
1015 1018
1016 # Param: one keyword 1019 # Param: one keyword
1017 sub recognise 1020 sub recognise
@@ -1079,7 +1082,7 @@ sub is_valid
1079 if ($k =~ /^!(.*)$/) { 1082 if ($k =~ /^!(.*)$/) {
1080 $falsesum += &recognise($1,$platforms); 1083 $falsesum += &recognise($1,$platforms);
1081 } else { 1084 } else {
1082 $truesum += &recognise($k,$platforms); 1085 $truesum *= &recognise($k,$platforms);
1083 } 1086 }
1084 } 1087 }
1085 print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug; 1088 print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl
index 928a274303..bc78510f56 100644
--- a/src/lib/libcrypto/util/mkfiles.pl
+++ b/src/lib/libcrypto/util/mkfiles.pl
@@ -51,14 +51,15 @@ my @dirs = (
51"crypto/ocsp", 51"crypto/ocsp",
52"crypto/ui", 52"crypto/ui",
53"crypto/krb5", 53"crypto/krb5",
54"fips", 54"fips-1.0",
55"fips/aes", 55"fips-1.0/aes",
56"fips/des", 56"fips-1.0/des",
57"fips/dsa", 57"fips-1.0/dsa",
58"fips/dh", 58"fips-1.0/dh",
59"fips/rand", 59"fips-1.0/hmac",
60"fips/rsa", 60"fips-1.0/rand",
61"fips/sha1", 61"fips-1.0/rsa",
62"fips-1.0/sha",
62"ssl", 63"ssl",
63"apps", 64"apps",
64"test", 65"test",
diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl
index c8653cecc3..182732d959 100644
--- a/src/lib/libcrypto/util/mklink.pl
+++ b/src/lib/libcrypto/util/mklink.pl
@@ -14,13 +14,16 @@
14# not contain symbolic links and that the parent of / is never referenced. 14# not contain symbolic links and that the parent of / is never referenced.
15# Apart from this, this script should be able to handle even the most 15# Apart from this, this script should be able to handle even the most
16# pathological cases. 16# pathological cases.
17#
18
19use Cwd;
17 20
18my $from = shift; 21my $from = shift;
19my @files = @ARGV; 22my @files = @ARGV;
20 23
21my @from_path = split(/[\\\/]/, $from); 24my @from_path = split(/[\\\/]/, $from);
22my $pwd = `pwd`; 25my $pwd = getcwd();
23chop($pwd); 26chomp($pwd);
24my @pwd_path = split(/[\\\/]/, $pwd); 27my @pwd_path = split(/[\\\/]/, $pwd);
25 28
26my @to_path = (); 29my @to_path = ();
diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl
index 897ae9d824..28869c868d 100644
--- a/src/lib/libcrypto/util/pl/BC-32.pl
+++ b/src/lib/libcrypto/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $out_def="out32";
18$tmp_def="tmp32"; 18$tmp_def="tmp32";
19$inc_def="inc32"; 19$inc_def="inc32";
20#enable max error messages, disable most common warnings 20#enable max error messages, disable most common warnings
21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp "; 21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ";
22if ($debug) 22if ($debug)
23{ 23{
24 $cflags.="-Od -y -v -vi- -D_DEBUG"; 24 $cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -51,7 +51,7 @@ $lfile='';
51$shlib_ex_obj=""; 51$shlib_ex_obj="";
52$app_ex_obj="c0x32.obj"; 52$app_ex_obj="c0x32.obj";
53 53
54$asm='nasmw -f obj'; 54$asm='nasmw -f obj -d__omf__';
55$asm.=" /Zi" if $debug; 55$asm.=" /Zi" if $debug;
56$afile='-o'; 56$afile='-o';
57 57
@@ -106,9 +106,13 @@ sub do_lib_rule
106 $ret.="$target: $objs\n"; 106 $ret.="$target: $objs\n";
107 if (!$shlib) 107 if (!$shlib)
108 { 108 {
109 # $ret.="\t\$(RM) \$(O_$Name)\n"; 109 $ret.=<<___;
110 $ret.="\techo LIB $<\n"; 110 -\$(RM) $lfile$target
111 $ret.="\t&\$(MKLIB) $lfile$target -+\$**\n"; 111 \$(MKLIB) $lfile$target \@&&!
112+\$(**: = &^
113+)
114!
115___
112 } 116 }
113 else 117 else
114 { 118 {
diff --git a/src/lib/libcrypto/util/pl/OS2-EMX.pl b/src/lib/libcrypto/util/pl/OS2-EMX.pl
index 75d72ebbcb..8dbeaa7a08 100644
--- a/src/lib/libcrypto/util/pl/OS2-EMX.pl
+++ b/src/lib/libcrypto/util/pl/OS2-EMX.pl
@@ -68,6 +68,7 @@ if (!$no_asm && !$fips)
68 $sha1_asm_src="crypto/sha/asm/s1-os2.asm"; 68 $sha1_asm_src="crypto/sha/asm/s1-os2.asm";
69 $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj"; 69 $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
70 $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm"; 70 $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
71 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
71 } 72 }
72 73
73if ($shlib) 74if ($shlib)
diff --git a/src/lib/libcrypto/util/pl/VC-32-GMAKE.pl b/src/lib/libcrypto/util/pl/VC-32-GMAKE.pl
new file mode 100644
index 0000000000..b5bbcac6c2
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/VC-32-GMAKE.pl
@@ -0,0 +1,222 @@
1#!/usr/local/bin/perl
2# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
3#
4
5
6if ($fips && !$shlib)
7 {
8 $crypto="libeayfips32";
9 $crypto_compat = "libeaycompat32.lib";
10 }
11else
12 {
13 $crypto="libeay32";
14 }
15$ssl= "ssleay32";
16
17$o='/';
18#$cp='copy nul+'; # Timestamps get stuffed otherwise
19#$rm='del';
20
21$cp='cp';
22$rm='rm';
23
24$zlib_lib="zlib1.lib";
25
26# C compiler stuff
27$cc='cl';
28$cflags=' -MD -W3 -WX -Ox -O2 -Ob2 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
29$cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
30$cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
31$lflags="-nologo -subsystem:console -machine:I386 -opt:ref";
32$mlflags='';
33
34$out_def="gmout32";
35$tmp_def="gmtmp32";
36$inc_def="gminc32";
37
38if ($debug)
39 {
40 $cflags=" -MDd -W3 -WX -Zi -Yd -Od -nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
41 $lflags.=" -debug";
42 $mlflags.=' -debug';
43 }
44$cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1;
45
46$obj='.obj';
47$ofile="-Fo";
48
49# EXE linking stuff
50$link="link";
51$efile="-out:";
52$exep='.exe';
53if ($no_sock)
54 { $ex_libs=""; }
55else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
56
57# static library stuff
58$mklib='lib';
59$ranlib='';
60$plib="";
61$libp=".lib";
62$shlibp=($shlib)?".dll":".lib";
63$lfile='-out:';
64
65$shlib_ex_obj="";
66$app_ex_obj="setargv.obj";
67if ($nasm) {
68 $asm='nasmw -f win32';
69 $afile='-o ';
70} else {
71 $asm='ml -Cp -coff -c -Cx';
72 $asm.=" -Zi" if $debug;
73 $afile='-Fo';
74}
75
76$bn_asm_obj='';
77$bn_asm_src='';
78$des_enc_obj='';
79$des_enc_src='';
80$bf_enc_obj='';
81$bf_enc_src='';
82
83if (!$no_asm && !$fips)
84 {
85 $bn_asm_obj='crypto/bn/asm/bn_win32.obj';
86 $bn_asm_src='crypto/bn/asm/bn_win32.asm';
87 $des_enc_obj='crypto/des/asm/d_win32.obj crypto/des/asm/y_win32.obj';
88 $des_enc_src='crypto/des/asm/d_win32.asm crypto/des/asm/y_win32.asm';
89 $bf_enc_obj='crypto/bf/asm/b_win32.obj';
90 $bf_enc_src='crypto/bf/asm/b_win32.asm';
91 $cast_enc_obj='crypto/cast/asm/c_win32.obj';
92 $cast_enc_src='crypto/cast/asm/c_win32.asm';
93 $rc4_enc_obj='crypto/rc4/asm/r4_win32.obj';
94 $rc4_enc_src='crypto/rc4/asm/r4_win32.asm';
95 $rc5_enc_obj='crypto/rc5/asm/r5_win32.obj';
96 $rc5_enc_src='crypto/rc5/asm/r5_win32.asm';
97 $md5_asm_obj='crypto/md5/asm/m5_win32.obj';
98 $md5_asm_src='crypto/md5/asm/m5_win32.asm';
99 $sha1_asm_obj='crypto/sha/asm/s1_win32.obj';
100 $sha1_asm_src='crypto/sha/asm/s1_win32.asm';
101 $rmd160_asm_obj='crypto/ripemd/asm/rm_win32.obj';
102 $rmd160_asm_src='crypto/ripemd/asm/rm_win32.asm';
103 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
104 }
105
106if ($shlib)
107 {
108 $mlflags.=" $lflags -dll";
109# $cflags =~ s| -MD| -MT|;
110 $lib_cflag=" -D_WINDLL";
111 $out_def="gmout32dll";
112 $tmp_def="gmtmp32dll";
113 }
114
115$cflags.=" -Fd$out_def";
116
117sub do_lib_rule
118 {
119 local($objs,$target,$name,$shlib,$ign,$base_addr, $fips_get_sig, $fips_premain_src)=@_;
120 local($ret,$Name);
121
122 $taget =~ s/\//$o/g if $o ne '/';
123 ($Name=$name) =~ tr/a-z/A-Z/;
124 my $base_arg;
125 if ($base_addr ne "")
126 {
127 $base_arg= " -base:$base_addr";
128 }
129 else
130 {
131 $base_arg = "";
132 }
133
134
135# $target="\$(LIB_D)$o$target";
136 if (!$shlib)
137 {
138# $ret.="\t\$(RM) \$(O_$Name)\n";
139 $ret.="$target: $objs\n";
140 $ex =' advapi32.lib';
141 $ret.="\t\$(MKLIB) $lfile$target $objs $ex\n\n";
142 }
143 else
144 {
145 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
146 $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
147 $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
148 if (defined $fips_get_sig)
149 {
150 $ret.="$target: \$(O_FIPSCANISTER) $objs $fips_get_sig\n";
151 $ret.="\tFIPS_LINK=\$(LINK) ";
152 $ret.="FIPS_CC=\$(CC) ";
153 $ret.="FIPS_CC_ARGS=\"-Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\" ";
154 $ret.="FIPS_PREMAIN_DSO=$fips_get_sig ";
155 $ret.="FIPS_TARGET=$target ";
156 $ret.="FIPS_LIBDIR=\$(FIPSLIB_D) ";
157 $ret.="\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target ";
158 $ret.="-def:ms/${Name}.def \$(SHLIB_EX_OBJ) $objs ";
159 $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n\n";
160 }
161 else
162 {
163 $ret.="$target: $objs\n";
164 $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def \$(SHLIB_EX_OBJ) $objs $ex\n\n";
165 }
166 }
167 $ret.="\n";
168 return($ret);
169 }
170
171sub do_link_rule
172 {
173 local($target,$files,$dep_libs,$libs,$standalone)=@_;
174 local($ret,$_);
175 $file =~ s/\//$o/g if $o ne '/';
176 $n=&bname($targer);
177 if ($standalone)
178 {
179 $ret.="$target: $files $dep_libs\n";
180 $ret.="\t\$(LINK) \$(LFLAGS) $efile$target ";
181 $ret.="$files $libs\n\n";
182 }
183 elsif ($fips && !$shlib)
184 {
185 $ret.="$target: \$(O_FIPSCANISTER) $files $dep_libs\n";
186 $ret.="\tFIPS_LINK=\$(LINK) ";
187 $ret.="FIPS_CC=\$(CC) ";
188 $ret.="FIPS_CC_ARGS=\"-Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\" ";
189 $ret.="FIPS_PREMAIN_DSO= ";
190 $ret.="FIPS_TARGET=$target ";
191 $ret.="FIPS_LIBDIR=\$(FIPSLIB_D) ";
192 $ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target ";
193 $ret.="\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n\n";
194 }
195 else
196 {
197 $ret.="$target: $files $dep_libs\n";
198 $ret.="\t\$(LINK) \$(LFLAGS) $efile$target ";
199 $ret.="\$(APP_EX_OBJ) $files $libs\n\n";
200 }
201 $ret.="\n";
202 return($ret);
203 }
204
205sub do_rlink_rule
206 {
207 local($target,$files,$check_hash, $deps)=@_;
208 local($ret,$_);
209
210 $file =~ s/\//$o/g if $o ne '/';
211 $n=&bname($targer);
212 $ret.="$target: $check_hash $files $deps\n";
213 $ret.="\t\$(PERL) util${o}checkhash.pl -chdir fips-1.0 -program_path ..$o$check_hash\n";
214 $ret.="\t\$(MKCANISTER) $target $files\n";
215 $ret.="\t$check_hash $target > $target.sha1\n";
216 $ret.="\t\$(CP) fips-1.0${o}fips_premain.c \$(FIPSLIB_D)\n";
217 $ret.="\t$check_hash \$(FIPSLIB_D)${o}fips_premain.c > \$(FIPSLIB_D)${o}fips_premain.c.sha1\n\n";
218 return($ret);
219 }
220
221
2221;
diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl
index cf689b9feb..4e97dfa9af 100644
--- a/src/lib/libcrypto/util/pl/VC-32.pl
+++ b/src/lib/libcrypto/util/pl/VC-32.pl
@@ -3,15 +3,28 @@
3# 3#
4 4
5$ssl= "ssleay32"; 5$ssl= "ssleay32";
6$crypto="libeay32"; 6
7if ($fips && !$shlib)
8 {
9 $crypto="libeayfips32";
10 $crypto_compat = "libeaycompat32.lib";
11 }
12else
13 {
14 $crypto="libeay32";
15 }
7 16
8$o='\\'; 17$o='\\';
9$cp='copy nul+'; # Timestamps get stuffed otherwise 18$cp='copy nul+'; # Timestamps get stuffed otherwise
10$rm='del'; 19$rm='del';
11 20
21$zlib_lib="zlib1.lib";
22
12# C compiler stuff 23# C compiler stuff
13$cc='cl'; 24$cc='cl';
14$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; 25$cflags=' /MD /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
26$cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
27$cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
15$lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; 28$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
16$mlflags=''; 29$mlflags='';
17 30
@@ -100,25 +113,56 @@ $cflags.=" /Fd$out_def";
100 113
101sub do_lib_rule 114sub do_lib_rule
102 { 115 {
103 local($objs,$target,$name,$shlib)=@_; 116 local($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
104 local($ret,$Name); 117 local($ret,$Name);
105 118
106 $taget =~ s/\//$o/g if $o ne '/'; 119 $taget =~ s/\//$o/g if $o ne '/';
107 ($Name=$name) =~ tr/a-z/A-Z/; 120 ($Name=$name) =~ tr/a-z/A-Z/;
121 my $base_arg;
122 if ($base_addr ne "")
123 {
124 $base_arg= " /base:$base_addr";
125 }
126 else
127 {
128 $base_arg = "";
129 }
130
108 131
109# $target="\$(LIB_D)$o$target"; 132# $target="\$(LIB_D)$o$target";
110 $ret.="$target: $objs\n";
111 if (!$shlib) 133 if (!$shlib)
112 { 134 {
113# $ret.="\t\$(RM) \$(O_$Name)\n"; 135# $ret.="\t\$(RM) \$(O_$Name)\n";
136 $ret.="$target: $objs\n";
114 $ex =' advapi32.lib'; 137 $ex =' advapi32.lib';
138 $ex.=" \$(FIPSLIB_D)${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/;
115 $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; 139 $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n";
116 } 140 }
117 else 141 else
118 { 142 {
119 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; 143 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
120 $ex.=' wsock32.lib gdi32.lib advapi32.lib'; 144 $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
121 $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; 145 $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
146 if ($fips && $target =~ /O_CRYPTO/)
147 {
148 $ex.=" \$(FIPSLIB_D)${o}_chkstk.o";
149 $ret.="$target: $objs \$(PREMAIN_DSO_EXE)\n";
150 $ret.="\tSET FIPS_LINK=\$(LINK)\n";
151 $ret.="\tSET FIPS_CC=\$(CC)\n";
152 $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
153 $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
154 $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
155 $ret.="\tSET FIPS_TARGET=$target\n";
156 $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
157 $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target ";
158 $ret.="/def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs ";
159 $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
160 }
161 else
162 {
163 $ret.="$target: $objs\n";
164 $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
165 }
122 } 166 }
123 $ret.="\n"; 167 $ret.="\n";
124 return($ret); 168 return($ret);
@@ -126,20 +170,51 @@ sub do_lib_rule
126 170
127sub do_link_rule 171sub do_link_rule
128 { 172 {
129 local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; 173 local($target,$files,$dep_libs,$libs,$standalone)=@_;
130 local($ret,$_); 174 local($ret,$_);
131
132 $file =~ s/\//$o/g if $o ne '/'; 175 $file =~ s/\//$o/g if $o ne '/';
133 $n=&bname($targer); 176 $n=&bname($targer);
134 $ret.="$target: $files $dep_libs\n"; 177 $ret.="$target: $files $dep_libs\n";
135 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n"; 178 if ($standalone)
136 $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; 179 {
137 if (defined $sha1file) 180 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
181 $ret.="\$(FIPSLIB_D)${o}_chkstk.o " if ($files =~ /O_FIPSCANISTER/);
182 $ret.="$files $libs\n<<\n";
183 }
184 elsif ($fips && !$shlib)
138 { 185 {
139 $ret.=" $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; 186 $ret.="\tSET FIPS_LINK=\$(LINK)\n";
187 $ret.="\tSET FIPS_CC=\$(CC)\n";
188 $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
189 $ret.="\tSET PREMAIN_DSO_EXE=\n";
190 $ret.="\tSET FIPS_TARGET=$target\n";
191 $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
192 $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
193 $ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target @<<\n";
194 $ret.=" \$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
140 } 195 }
196 else
197 {
198 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n";
199 $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n";
200 }
201 $ret.="\n";
202 return($ret);
203 }
204
205sub do_rlink_rule
206 {
207 local($target,$files,$dep_libs,$libs)=@_;
208 local($ret,$_);
209
210 $file =~ s/\//$o/g if $o ne '/';
211 $n=&bname($targer);
212 $ret.="$target: $files $dep_libs\n";
213 $ret.=" \$(MKCANISTER) $target <<\n";
214 $ret.="INPUT($files)\n<<\n";
141 $ret.="\n"; 215 $ret.="\n";
142 return($ret); 216 return($ret);
143 } 217 }
144 218
219
1451; 2201;
diff --git a/src/lib/libcrypto/util/pod2man.pl b/src/lib/libcrypto/util/pod2man.pl
index 657e4e264e..546d1ec186 100644
--- a/src/lib/libcrypto/util/pod2man.pl
+++ b/src/lib/libcrypto/util/pod2man.pl
@@ -425,6 +425,7 @@ if ($name ne 'something') {
425 } 425 }
426 next if /^=cut\b/; # DB_File and Net::Ping have =cut before NAME 426 next if /^=cut\b/; # DB_File and Net::Ping have =cut before NAME
427 next if /^=pod\b/; # It is OK to have =pod before NAME 427 next if /^=pod\b/; # It is OK to have =pod before NAME
428 next if /^=for\s+comment\b/; # It is OK to have =for comment before NAME
428 die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax; 429 die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
429 } 430 }
430 die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax; 431 die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
diff --git a/src/lib/libcrypto/util/selftest.pl b/src/lib/libcrypto/util/selftest.pl
index e9d5aa8938..4778c5ab01 100644
--- a/src/lib/libcrypto/util/selftest.pl
+++ b/src/lib/libcrypto/util/selftest.pl
@@ -49,7 +49,7 @@ if (open(IN,"<Makefile")) {
49} 49}
50 50
51$cversion=`$cc -v 2>&1`; 51$cversion=`$cc -v 2>&1`;
52$cversion=`$cc -V 2>&1` if $cversion =~ "usage"; 52$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage";
53$cversion=`$cc -V |head -1` if $cversion =~ "Error"; 53$cversion=`$cc -V |head -1` if $cversion =~ "Error";
54$cversion=`$cc --version` if $cversion eq ""; 54$cversion=`$cc --version` if $cversion eq "";
55$cversion =~ s/Reading specs.*\n//; 55$cversion =~ s/Reading specs.*\n//;
@@ -130,15 +130,21 @@ if (system("make 2>&1 | tee make.log") > 255) {
130 goto err; 130 goto err;
131} 131}
132 132
133$_=$options; 133# Not sure why this is here. The tests themselves can detect if their
134s/no-asm//; 134# particular feature isn't included, and should therefore skip themselves.
135s/no-shared//; 135# To skip *all* tests just because one algorithm isn't included is like
136s/no-krb5//; 136# shooting mosquito with an elephant gun...
137if (/no-/) 137# -- Richard Levitte, inspired by problem report 1089
138{ 138#
139 print OUT "Test skipped.\n"; 139#$_=$options;
140 goto err; 140#s/no-asm//;
141} 141#s/no-shared//;
142#s/no-krb5//;
143#if (/no-/)
144#{
145# print OUT "Test skipped.\n";
146# goto err;
147#}
142 148
143print "Running make test...\n"; 149print "Running make test...\n";
144if (system("make test 2>&1 | tee maketest.log") > 255) 150if (system("make test 2>&1 | tee maketest.log") > 255)
diff --git a/src/lib/libcrypto/x509/Makefile b/src/lib/libcrypto/x509/Makefile
index 5fb774f1c7..ee3f8a4a23 100644
--- a/src/lib/libcrypto/x509/Makefile
+++ b/src/lib/libcrypto/x509/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/x509/Makefile 2# OpenSSL/crypto/x509/Makefile
3# 3#
4 4
5DIR= x509 5DIR= x509
diff --git a/src/lib/libcrypto/x509v3/Makefile b/src/lib/libcrypto/x509v3/Makefile
index ed2f91cbb3..49423f39f7 100644
--- a/src/lib/libcrypto/x509v3/Makefile
+++ b/src/lib/libcrypto/x509v3/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/x509v3/Makefile 2# OpenSSL/crypto/x509v3/Makefile
3# 3#
4 4
5DIR= x509v3 5DIR= x509v3
diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES
index cccc4f812f..2840a36a6d 100644
--- a/src/lib/libssl/src/CHANGES
+++ b/src/lib/libssl/src/CHANGES
@@ -2,8 +2,94 @@
2 OpenSSL CHANGES 2 OpenSSL CHANGES
3 _______________ 3 _______________
4 4
5 Changes between 0.9.7i and 0.9.7j [04 May 2006]
6
7 *) Adapt fipsld and the build system to link against the validated FIPS
8 module in FIPS mode.
9 [Steve Henson]
10
11 *) Fixes for VC++ 2005 build under Windows.
12 [Steve Henson]
13
14 *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make
15 from a Windows bash shell such as MSYS. It is autodetected from the
16 "config" script when run from a VC++ environment. Modify standard VC++
17 build to use fipscanister.o from the GNU make build.
18 [Steve Henson]
19
20 Changes between 0.9.7h and 0.9.7i [14 Oct 2005]
21
22 *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
23 The value now differs depending on if you build for FIPS or not.
24 BEWARE! A program linked with a shared FIPSed libcrypto can't be
25 safely run with a non-FIPSed libcrypto, as it may crash because of
26 the difference induced by this change.
27 [Andy Polyakov]
28
29 Changes between 0.9.7g and 0.9.7h [11 Oct 2005]
30
31 *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
32 (part of SSL_OP_ALL). This option used to disable the
33 countermeasure against man-in-the-middle protocol-version
34 rollback in the SSL 2.0 server implementation, which is a bad
35 idea. (CVE-2005-2969)
36
37 [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
38 for Information Security, National Institute of Advanced Industrial
39 Science and Technology [AIST], Japan)]
40
41 *) Minimal support for X9.31 signatures and PSS padding modes. This is
42 mainly for FIPS compliance and not fully integrated at this stage.
43 [Steve Henson]
44
45 *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
46 the exponentiation using a fixed-length exponent. (Otherwise,
47 the information leaked through timing could expose the secret key
48 after many signatures; cf. Bleichenbacher's attack on DSA with
49 biased k.)
50 [Bodo Moeller]
51
52 *) Make a new fixed-window mod_exp implementation the default for
53 RSA, DSA, and DH private-key operations so that the sequence of
54 squares and multiplies and the memory access pattern are
55 independent of the particular secret key. This will mitigate
56 cache-timing and potential related attacks.
57
58 BN_mod_exp_mont_consttime() is the new exponentiation implementation,
59 and this is automatically used by BN_mod_exp_mont() if the new flag
60 BN_FLG_EXP_CONSTTIME is set for the exponent. RSA, DSA, and DH
61 will use this BN flag for private exponents unless the flag
62 RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
63 DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
64
65 [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
66
67 *) Change the client implementation for SSLv23_method() and
68 SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
69 Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
70 (Previously, the SSL 2.0 backwards compatible Client Hello
71 message format would be used even with SSL_OP_NO_SSLv2.)
72 [Bodo Moeller]
73
74 *) Add support for smime-type MIME parameter in S/MIME messages which some
75 clients need.
76 [Steve Henson]
77
78 *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
79 a threadsafe manner. Modify rsa code to use new function and add calls
80 to dsa and dh code (which had race conditions before).
81 [Steve Henson]
82
83 *) Include the fixed error library code in the C error file definitions
84 instead of fixing them up at runtime. This keeps the error code
85 structures constant.
86 [Steve Henson]
87
5 Changes between 0.9.7f and 0.9.7g [11 Apr 2005] 88 Changes between 0.9.7f and 0.9.7g [11 Apr 2005]
6 89
90 [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
91 OpenSSL 0.9.8.]
92
7 *) Fixes for newer kerberos headers. NB: the casts are needed because 93 *) Fixes for newer kerberos headers. NB: the casts are needed because
8 the 'length' field is signed on one version and unsigned on another 94 the 'length' field is signed on one version and unsigned on another
9 with no (?) obvious way to tell the difference, without these VC++ 95 with no (?) obvious way to tell the difference, without these VC++
@@ -111,11 +197,11 @@
111 Changes between 0.9.7c and 0.9.7d [17 Mar 2004] 197 Changes between 0.9.7c and 0.9.7d [17 Mar 2004]
112 198
113 *) Fix null-pointer assignment in do_change_cipher_spec() revealed 199 *) Fix null-pointer assignment in do_change_cipher_spec() revealed
114 by using the Codenomicon TLS Test Tool (CAN-2004-0079) 200 by using the Codenomicon TLS Test Tool (CVE-2004-0079)
115 [Joe Orton, Steve Henson] 201 [Joe Orton, Steve Henson]
116 202
117 *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites 203 *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
118 (CAN-2004-0112) 204 (CVE-2004-0112)
119 [Joe Orton, Steve Henson] 205 [Joe Orton, Steve Henson]
120 206
121 *) Make it possible to have multiple active certificates with the same 207 *) Make it possible to have multiple active certificates with the same
@@ -158,9 +244,9 @@
158 *) Fix various bugs revealed by running the NISCC test suite: 244 *) Fix various bugs revealed by running the NISCC test suite:
159 245
160 Stop out of bounds reads in the ASN1 code when presented with 246 Stop out of bounds reads in the ASN1 code when presented with
161 invalid tags (CAN-2003-0543 and CAN-2003-0544). 247 invalid tags (CVE-2003-0543 and CVE-2003-0544).
162 248
163 Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545). 249 Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
164 250
165 If verify callback ignores invalid public key errors don't try to check 251 If verify callback ignores invalid public key errors don't try to check
166 certificate signature with the NULL public key. 252 certificate signature with the NULL public key.
@@ -245,7 +331,7 @@
245 via timing by performing a MAC computation even if incorrrect 331 via timing by performing a MAC computation even if incorrrect
246 block cipher padding has been found. This is a countermeasure 332 block cipher padding has been found. This is a countermeasure
247 against active attacks where the attacker has to distinguish 333 against active attacks where the attacker has to distinguish
248 between bad padding and a MAC verification error. (CAN-2003-0078) 334 between bad padding and a MAC verification error. (CVE-2003-0078)
249 335
250 [Bodo Moeller; problem pointed out by Brice Canvel (EPFL), 336 [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
251 Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and 337 Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -462,7 +548,7 @@
462 548
463 Remote buffer overflow in SSL3 protocol - an attacker could 549 Remote buffer overflow in SSL3 protocol - an attacker could
464 supply an oversized master key in Kerberos-enabled versions. 550 supply an oversized master key in Kerberos-enabled versions.
465 (CAN-2002-0657) 551 (CVE-2002-0657)
466 [Ben Laurie (CHATS)] 552 [Ben Laurie (CHATS)]
467 553
468 *) Change the SSL kerb5 codes to match RFC 2712. 554 *) Change the SSL kerb5 codes to match RFC 2712.
@@ -2146,7 +2232,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
2146 Changes between 0.9.6l and 0.9.6m [17 Mar 2004] 2232 Changes between 0.9.6l and 0.9.6m [17 Mar 2004]
2147 2233
2148 *) Fix null-pointer assignment in do_change_cipher_spec() revealed 2234 *) Fix null-pointer assignment in do_change_cipher_spec() revealed
2149 by using the Codenomicon TLS Test Tool (CAN-2004-0079) 2235 by using the Codenomicon TLS Test Tool (CVE-2004-0079)
2150 [Joe Orton, Steve Henson] 2236 [Joe Orton, Steve Henson]
2151 2237
2152 Changes between 0.9.6k and 0.9.6l [04 Nov 2003] 2238 Changes between 0.9.6k and 0.9.6l [04 Nov 2003]
@@ -2154,7 +2240,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
2154 *) Fix additional bug revealed by the NISCC test suite: 2240 *) Fix additional bug revealed by the NISCC test suite:
2155 2241
2156 Stop bug triggering large recursion when presented with 2242 Stop bug triggering large recursion when presented with
2157 certain ASN.1 tags (CAN-2003-0851) 2243 certain ASN.1 tags (CVE-2003-0851)
2158 [Steve Henson] 2244 [Steve Henson]
2159 2245
2160 Changes between 0.9.6j and 0.9.6k [30 Sep 2003] 2246 Changes between 0.9.6j and 0.9.6k [30 Sep 2003]
@@ -2162,7 +2248,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
2162 *) Fix various bugs revealed by running the NISCC test suite: 2248 *) Fix various bugs revealed by running the NISCC test suite:
2163 2249
2164 Stop out of bounds reads in the ASN1 code when presented with 2250 Stop out of bounds reads in the ASN1 code when presented with
2165 invalid tags (CAN-2003-0543 and CAN-2003-0544). 2251 invalid tags (CVE-2003-0543 and CVE-2003-0544).
2166 2252
2167 If verify callback ignores invalid public key errors don't try to check 2253 If verify callback ignores invalid public key errors don't try to check
2168 certificate signature with the NULL public key. 2254 certificate signature with the NULL public key.
@@ -2214,7 +2300,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
2214 via timing by performing a MAC computation even if incorrrect 2300 via timing by performing a MAC computation even if incorrrect
2215 block cipher padding has been found. This is a countermeasure 2301 block cipher padding has been found. This is a countermeasure
2216 against active attacks where the attacker has to distinguish 2302 against active attacks where the attacker has to distinguish
2217 between bad padding and a MAC verification error. (CAN-2003-0078) 2303 between bad padding and a MAC verification error. (CVE-2003-0078)
2218 2304
2219 [Bodo Moeller; problem pointed out by Brice Canvel (EPFL), 2305 [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
2220 Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and 2306 Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -2347,7 +2433,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
2347 *) Add various sanity checks to asn1_get_length() to reject 2433 *) Add various sanity checks to asn1_get_length() to reject
2348 the ASN1 length bytes if they exceed sizeof(long), will appear 2434 the ASN1 length bytes if they exceed sizeof(long), will appear
2349 negative or the content length exceeds the length of the 2435 negative or the content length exceeds the length of the
2350 supplied buffer. (CAN-2002-0659) 2436 supplied buffer. (CVE-2002-0659)
2351 [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>] 2437 [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
2352 2438
2353 *) Assertions for various potential buffer overflows, not known to 2439 *) Assertions for various potential buffer overflows, not known to
@@ -2355,15 +2441,15 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
2355 [Ben Laurie (CHATS)] 2441 [Ben Laurie (CHATS)]
2356 2442
2357 *) Various temporary buffers to hold ASCII versions of integers were 2443 *) Various temporary buffers to hold ASCII versions of integers were
2358 too small for 64 bit platforms. (CAN-2002-0655) 2444 too small for 64 bit platforms. (CVE-2002-0655)
2359 [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)> 2445 [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
2360 2446
2361 *) Remote buffer overflow in SSL3 protocol - an attacker could 2447 *) Remote buffer overflow in SSL3 protocol - an attacker could
2362 supply an oversized session ID to a client. (CAN-2002-0656) 2448 supply an oversized session ID to a client. (CVE-2002-0656)
2363 [Ben Laurie (CHATS)] 2449 [Ben Laurie (CHATS)]
2364 2450
2365 *) Remote buffer overflow in SSL2 protocol - an attacker could 2451 *) Remote buffer overflow in SSL2 protocol - an attacker could
2366 supply an oversized client master key. (CAN-2002-0656) 2452 supply an oversized client master key. (CVE-2002-0656)
2367 [Ben Laurie (CHATS)] 2453 [Ben Laurie (CHATS)]
2368 2454
2369 Changes between 0.9.6c and 0.9.6d [9 May 2002] 2455 Changes between 0.9.6c and 0.9.6d [9 May 2002]
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure
index e0e732c445..a38783dd98 100644
--- a/src/lib/libssl/src/Configure
+++ b/src/lib/libssl/src/Configure
@@ -177,11 +177,11 @@ my %table=(
177# actually recommend to consider using gcc shared build even with vendor 177# actually recommend to consider using gcc shared build even with vendor
178# compiler:-) 178# compiler:-)
179# <appro@fy.chalmers.se> 179# <appro@fy.chalmers.se>
180"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-amd64.o:::dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 180"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
181 181
182#### Solaris x86 with Sun C setups 182#### Solaris x86 with Sun C setups
183"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 183"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
184"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL::::::::::dlfcn:solaris-shared:-KPIC:-xarch=amd64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 184"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL::::::::::dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
185 185
186#### SPARC Solaris with GNU C setups 186#### SPARC Solaris with GNU C setups
187"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 187"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -200,17 +200,17 @@ my %table=(
200 200
201#### SPARC Solaris with Sun C setups 201#### SPARC Solaris with Sun C setups
202# DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests 202# DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests
203"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 203"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
204# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2. 204# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
205# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8 205# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
206# SC5.0 note: Compiler common patch 107357-01 or later is required! 206# SC5.0 note: Compiler common patch 107357-01 or later is required!
207"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 207"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
208"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 208"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
209"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 209"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
210"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs", 210"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
211#### 211####
212"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 212"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
213"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 213"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
214 214
215#### SPARC Linux setups 215#### SPARC Linux setups
216"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::", 216"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
@@ -271,56 +271,56 @@ my %table=(
271# 271#
272#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl", 272#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
273# Since there is mention of this in shlib/hpux10-cc.sh 273# Since there is mention of this in shlib/hpux10-cc.sh
274"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 274"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
275"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 275"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
276"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 276"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
277# 64bit PARISC for GCC without optimization, which seems to make problems. 277# 64bit PARISC for GCC without optimization, which seems to make problems.
278# Submitted by <ross.alexander@uk.neceur.com> 278# Submitted by <ross.alexander@uk.neceur.com>
279"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 279"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
280"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 280"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
281 281
282# IA-64 targets 282# IA-64 targets
283"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 283"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z:-b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
284# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with 284# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
285# with debugging of the following config. 285# with debugging of the following config.
286"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux64-shared:+Z::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 286"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
287 287
288# More attempts at unified 10.X and 11.X targets for HP C compiler. 288# More attempts at unified 10.X and 11.X targets for HP C compiler.
289# 289#
290# Chris Ruemmler <ruemmler@cup.hp.com> 290# Chris Ruemmler <ruemmler@cup.hp.com>
291# Kevin Steves <ks@hp.se> 291# Kevin Steves <ks@hp.se>
292"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 292"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
293"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 293"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
294"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 294"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
295# Isn't the line below meaningless? HP-UX cc optimizes for host by default. 295# Isn't the line below meaningless? HP-UX cc optimizes for host by default.
296# hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro> 296# hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro>
297"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 297"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
298 298
299# HPUX 9.X config. 299# HPUX 9.X config.
300# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or 300# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or
301# egcs. gcc 2.8.1 is also broken. 301# egcs. gcc 2.8.1 is also broken.
302 302
303"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 303"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
304# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise, 304# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise,
305# please report your OS and compiler version to the openssl-bugs@openssl.org 305# please report your OS and compiler version to the openssl-bugs@openssl.org
306# mailing list. 306# mailing list.
307"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 307"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
308 308
309"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 309"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
310# If hpux-gcc fails, try this one: 310# If hpux-gcc fails, try this one:
311"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 311"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
312 312
313# HPUX 9.X on Motorola 68k platforms with gcc 313# HPUX 9.X on Motorola 68k platforms with gcc
314"hpux-m68k-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::", 314"hpux-m68k-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::",
315 315
316# HPUX 10.X config. Supports threads. 316# HPUX 10.X config. Supports threads.
317"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 317"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
318# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG): 318# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG):
319"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 319"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
320 320
321"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 321"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
322# If hpux10-gcc fails, try this one: 322# If hpux10-gcc fails, try this one:
323"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 323"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
324 324
325# HPUX 11.X from www.globus.org. 325# HPUX 11.X from www.globus.org.
326# Only works on PA-RISC 2.0 cpus, and not optimized. Why? 326# Only works on PA-RISC 2.0 cpus, and not optimized. Why?
@@ -409,10 +409,9 @@ my %table=(
409"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::", 409"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
410"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 410"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
411"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 411"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
412"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 412"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
413"linux-ia64-ecc", "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 413"linux-ia64-ecc", "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
414"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-amd64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 414"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
415"linux-em64t", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
416"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 415"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
417"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 416"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
418"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 417"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -530,17 +529,17 @@ my %table=(
530"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", 529"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
531 530
532# MinGW 531# MinGW
533"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll", 532"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_out_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
534 533
535# UWIN 534# UWIN
536"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", 535"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
537 536
538# Cygwin 537# Cygwin
539"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", 538"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
540"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:cygwin-shared:-D_WINDLL::.dll", 539"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:cygwin-shared:-D_WINDLL::.dll.a",
541 540
542# DJGPP 541# DJGPP
543"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::", 542"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
544 543
545# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at> 544# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
546"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::", 545"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
@@ -563,8 +562,8 @@ my %table=(
563 562
564##### MacOS X (a.k.a. Rhapsody or Darwin) setup 563##### MacOS X (a.k.a. Rhapsody or Darwin) setup
565"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", 564"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
566"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/osx_ppc32.o::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", 565"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/osx_ppc32.o:::::::::dlfcn:darwin-shared:-fPIC -fno-common::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
567"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", 566"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
568 567
569##### A/UX 568##### A/UX
570"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", 569"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -622,6 +621,8 @@ my $prefix="";
622my $openssldir=""; 621my $openssldir="";
623my $exe_ext=""; 622my $exe_ext="";
624my $install_prefix=""; 623my $install_prefix="";
624my $fipslibdir="/usr/local/ssl/lib";
625my $baseaddr="0xFB00000";
625my $no_threads=0; 626my $no_threads=0;
626my $no_shared=1; 627my $no_shared=1;
627my $zlib=0; 628my $zlib=0;
@@ -807,7 +808,7 @@ PROCESS_ARGS:
807 { 808 {
808 while (<IN>) 809 while (<IN>)
809 { 810 {
810 chop; 811 chomp;
811 if (/^CONFIGURE_ARGS=(.*)/) 812 if (/^CONFIGURE_ARGS=(.*)/)
812 { 813 {
813 $argvstring=$1; 814 $argvstring=$1;
@@ -866,6 +867,22 @@ PROCESS_ARGS:
866 { 867 {
867 $withargs{"krb5-".$1}=$2; 868 $withargs{"krb5-".$1}=$2;
868 } 869 }
870 elsif (/^--with-zlib-lib=(.*)$/)
871 {
872 $withargs{"zlib-lib"}=$1;
873 }
874 elsif (/^--with-fipslibdir=(.*)$/)
875 {
876 $fipslibdir="$1";
877 }
878 elsif (/^--with-baseaddr=(.*)$/)
879 {
880 $baseaddr="$1";
881 }
882 elsif (/^--with-zlib-include=(.*)$/)
883 {
884 $withargs{"zlib-include"}="-I$1";
885 }
869 else 886 else
870 { 887 {
871 print STDERR $usage; 888 print STDERR $usage;
@@ -879,7 +896,7 @@ PROCESS_ARGS:
879 } 896 }
880 else 897 else
881 { 898 {
882 die "target already defined - $target\n" if ($target ne ""); 899 die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
883 $target=$_; 900 $target=$_;
884 } 901 }
885 unless ($_ eq $target) { 902 unless ($_ eq $target) {
@@ -965,10 +982,26 @@ chop $prefix if $prefix =~ /\/$/;
965$openssldir=$prefix . "/ssl" if $openssldir eq ""; 982$openssldir=$prefix . "/ssl" if $openssldir eq "";
966$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; 983$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
967 984
985if ($fips && ! -f "$fipslibdir/fipscanister.o")
986 {
987 my $fipswinerr = "";
988 $fipswinerr = <<EOF if $IsWindows;
989 Ensure that the correct path to the FIPS module directory
990has been given to the --with-fipslibdir option.
991EOF
992 print STDERR <<EOF;
993The file fipscanister.o could not be located. Please build and install the
994FIPS module using the instructions in the user guide before compiling OpenSSL
995in FIPS mode.$fipswinerr
996EOF
997 exit 1;
998 }
999
968 1000
969print "IsWindows=$IsWindows\n"; 1001print "IsWindows=$IsWindows\n";
970 1002
971my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); 1003my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
1004for (@fields) { s/%([\dA-Fa-f]{2})/chr(hex($1))/eg; }
972my $cc = $fields[$idx_cc]; 1005my $cc = $fields[$idx_cc];
973my $cflags = $fields[$idx_cflags]; 1006my $cflags = $fields[$idx_cflags];
974my $unistd = $fields[$idx_unistd]; 1007my $unistd = $fields[$idx_unistd];
@@ -1027,7 +1060,7 @@ else
1027 if $withargs{"krb5-dir"} eq ""; 1060 if $withargs{"krb5-dir"} eq "";
1028 $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. 1061 $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
1029 "/lib -lgssapi -lkrb5 -lcom_err" 1062 "/lib -lgssapi -lkrb5 -lcom_err"
1030 if $withargs{"krb5-lib"} eq ""; 1063 if $withargs{"krb5-lib"} eq "" && !$IsWindows;
1031 $cflags="-DKRB5_HEIMDAL $cflags"; 1064 $cflags="-DKRB5_HEIMDAL $cflags";
1032 } 1065 }
1033 if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/) 1066 if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
@@ -1036,7 +1069,7 @@ else
1036 if $withargs{"krb5-dir"} eq ""; 1069 if $withargs{"krb5-dir"} eq "";
1037 $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. 1070 $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
1038 "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto" 1071 "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
1039 if $withargs{"krb5-lib"} eq ""; 1072 if $withargs{"krb5-lib"} eq "" && !$IsWindows;
1040 $cflags="-DKRB5_MIT $cflags"; 1073 $cflags="-DKRB5_MIT $cflags";
1041 $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//; 1074 $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
1042 if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/) 1075 if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
@@ -1055,7 +1088,7 @@ else
1055 } 1088 }
1056 } 1089 }
1057 $withargs{"krb5-lib"} .= " -lresolv" 1090 $withargs{"krb5-lib"} .= " -lresolv"
1058 if ("$lresolv" ne ""); 1091 if ("$lresolv" ne "" && !$IsWindows);
1059 $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" 1092 $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
1060 if $withargs{"krb5-include"} eq "" && 1093 if $withargs{"krb5-include"} eq "" &&
1061 $withargs{"krb5-dir"} ne ""; 1094 $withargs{"krb5-dir"} ne "";
@@ -1151,7 +1184,8 @@ if (!$no_shared)
1151 { 1184 {
1152 if ($shared_cflag ne "") 1185 if ($shared_cflag ne "")
1153 { 1186 {
1154 $cflags = "$shared_cflag $cflags"; 1187 $cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
1188 $shared_ldflag = "$shared_ldflag $shared_cflag" if($fips);
1155 } 1189 }
1156 } 1190 }
1157 1191
@@ -1174,16 +1208,22 @@ if ($ranlib eq "")
1174$bn_obj = $bn_asm unless $bn_obj ne ""; 1208$bn_obj = $bn_asm unless $bn_obj ne "";
1175 1209
1176my $fips_des_obj; 1210my $fips_des_obj;
1211my $fips_aes_obj;
1177my $fips_sha1_obj; 1212my $fips_sha1_obj;
1178if ($fips) 1213if ($fips)
1179 { 1214 {
1180 if ($des_obj =~ /\-elf\.o$/ && $no_shared) # FIPS DES module is not PIC 1215 if ($des_obj =~ /\-elf\.o$/)
1181 { 1216 {
1182 $fips_des_obj='asm/fips-dx86-elf.o'; 1217 $fips_des_obj='asm/fips-dx86-elf.o';
1183 $openssl_other_defines.="#define OPENSSL_FIPS_DES_ASM\n"; 1218 $openssl_other_defines.="#define OPENSSL_FIPS_DES_ASM\n";
1219 $fips_aes_obj='asm/fips-ax86-elf.o';
1220 $openssl_other_defines.="#define OPENSSL_FIPS_AES_ASM\n";
1221 }
1222 else {
1223 $fips_des_obj=$fips_des_enc;
1224 $fips_aes_obj='fips_aes_core.o';
1184 } 1225 }
1185 else { $fips_des_obj=$fips_des_enc; } 1226 $fips_sha1_obj='asm/fips-sx86-elf.o' if ($sha1_obj =~ /\-elf\.o$/);
1186 $fips_sha1_obj='asm/sx86-elf.o' if ($sha1_obj =~ /\-elf\.o$/);
1187 $des_obj=$sha1_obj=""; 1227 $des_obj=$sha1_obj="";
1188 $openssl_other_defines.="#define OPENSSL_FIPS\n"; 1228 $openssl_other_defines.="#define OPENSSL_FIPS\n";
1189 } 1229 }
@@ -1255,7 +1295,7 @@ print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
1255my $sdirs=0; 1295my $sdirs=0;
1256while (<IN>) 1296while (<IN>)
1257 { 1297 {
1258 chop; 1298 chomp;
1259 $sdirs = 1 if /^SDIRS=/; 1299 $sdirs = 1 if /^SDIRS=/;
1260 if ($sdirs) { 1300 if ($sdirs) {
1261 my $dir; 1301 my $dir;
@@ -1287,6 +1327,7 @@ while (<IN>)
1287 s/^BN_ASM=.*$/BN_ASM= $bn_obj/; 1327 s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
1288 s/^DES_ENC=.*$/DES_ENC= $des_obj/; 1328 s/^DES_ENC=.*$/DES_ENC= $des_obj/;
1289 s/^FIPS_DES_ENC=.*$/FIPS_DES_ENC= $fips_des_obj/; 1329 s/^FIPS_DES_ENC=.*$/FIPS_DES_ENC= $fips_des_obj/;
1330 s/^FIPS_AES_ENC=.*$/FIPS_AES_ENC= $fips_aes_obj/;
1290 s/^BF_ENC=.*$/BF_ENC= $bf_obj/; 1331 s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
1291 s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/; 1332 s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
1292 s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/; 1333 s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
@@ -1301,6 +1342,10 @@ while (<IN>)
1301 s/^PERL=.*/PERL= $perl/; 1342 s/^PERL=.*/PERL= $perl/;
1302 s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; 1343 s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
1303 s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; 1344 s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
1345 s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
1346 s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
1347 s/^BASEADDR=.*/BASEADDR=$baseaddr/;
1348 s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
1304 s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; 1349 s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
1305 s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; 1350 s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
1306 s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); 1351 s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@@ -1654,12 +1699,13 @@ sub print_table_entry
1654 { 1699 {
1655 my $target = shift; 1700 my $target = shift;
1656 1701
1702 my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
1703 for (@fields) { s/%([\dA-Fa-f]{2})/chr(hex($1))/eg; }
1657 (my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags, 1704 (my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
1658 my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj, 1705 my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
1659 my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj, 1706 my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
1660 my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag, 1707 my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
1661 my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)= 1708 my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=@fields;
1662 split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
1663 1709
1664 print <<EOF 1710 print <<EOF
1665 1711
@@ -1702,6 +1748,7 @@ sub test_sanity
1702 foreach $target (sort keys %table) 1748 foreach $target (sort keys %table)
1703 { 1749 {
1704 @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); 1750 @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
1751 for (@fields) { s/%([\dA-Fa-f]{2})/chr(hex($1))/eg; }
1705 1752
1706 if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/) 1753 if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/)
1707 { 1754 {
diff --git a/src/lib/libssl/src/FAQ b/src/lib/libssl/src/FAQ
index 943fc9d4a3..6545cd72aa 100644
--- a/src/lib/libssl/src/FAQ
+++ b/src/lib/libssl/src/FAQ
@@ -70,7 +70,7 @@ OpenSSL - Frequently Asked Questions
70* Which is the current version of OpenSSL? 70* Which is the current version of OpenSSL?
71 71
72The current version is available from <URL: http://www.openssl.org>. 72The current version is available from <URL: http://www.openssl.org>.
73OpenSSL 0.9.7g was released on April 11, 2005. 73OpenSSL 0.9.7j was released on May 4, 2006.
74 74
75In addition to the current stable release, you can also access daily 75In addition to the current stable release, you can also access daily
76snapshots of the OpenSSL development version at <URL: 76snapshots of the OpenSSL development version at <URL:
@@ -141,8 +141,8 @@ less Unix-centric, it might have been used much earlier.
141 141
142With version 0.9.6 OpenSSL was extended to interface to external crypto 142With version 0.9.6 OpenSSL was extended to interface to external crypto
143hardware. This was realized in a special release '0.9.6-engine'. With 143hardware. This was realized in a special release '0.9.6-engine'. With
144version 0.9.7 (not yet released) the changes were merged into the main 144version 0.9.7 the changes were merged into the main development line,
145development line, so that the special release is no longer necessary. 145so that the special release is no longer necessary.
146 146
147* How do I check the authenticity of the OpenSSL distribution? 147* How do I check the authenticity of the OpenSSL distribution?
148 148
diff --git a/src/lib/libssl/src/LICENSE b/src/lib/libssl/src/LICENSE
index 40277883a5..e6afecc724 100644
--- a/src/lib/libssl/src/LICENSE
+++ b/src/lib/libssl/src/LICENSE
@@ -12,7 +12,7 @@
12 --------------- 12 ---------------
13 13
14/* ==================================================================== 14/* ====================================================================
15 * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. 15 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
16 * 16 *
17 * Redistribution and use in source and binary forms, with or without 17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions 18 * modification, are permitted provided that the following conditions
diff --git a/src/lib/libssl/src/Makefile b/src/lib/libssl/src/Makefile
index 45d2befa5c..398fd3d5fd 100644
--- a/src/lib/libssl/src/Makefile
+++ b/src/lib/libssl/src/Makefile
@@ -4,7 +4,7 @@
4## Makefile for OpenSSL 4## Makefile for OpenSSL
5## 5##
6 6
7VERSION=0.9.7g 7VERSION=0.9.7j
8MAJOR=0 8MAJOR=0
9MINOR=9.7 9MINOR=9.7
10SHLIB_VERSION_NUMBER=0.9.7 10SHLIB_VERSION_NUMBER=0.9.7
@@ -104,6 +104,7 @@ PROCESSOR=
104# Set DES_ENC to des_enc.o if you want to use the C version 104# Set DES_ENC to des_enc.o if you want to use the C version
105#There are 4 x86 assember options. 105#There are 4 x86 assember options.
106FIPS_DES_ENC= 106FIPS_DES_ENC=
107FIPS_AES_ENC=
107DES_ENC= des_enc.o fcrypt_b.o 108DES_ENC= des_enc.o fcrypt_b.o
108#DES_ENC= des_enc.o fcrypt_b.o # C 109#DES_ENC= des_enc.o fcrypt_b.o # C
109#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf 110#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
@@ -173,11 +174,29 @@ RMD160_ASM_OBJ=
173KRB5_INCLUDES= 174KRB5_INCLUDES=
174LIBKRB5= 175LIBKRB5=
175 176
177# Zlib stuff
178ZLIB_INCLUDE=
179LIBZLIB=
180
181# This is the location of fipscanister.o and friends.
182# The FIPS module build will place it $(INSTALLTOP)/lib
183# but since $(INSTALLTOP) can only take the default value
184# when the module is built it will be in /usr/local/ssl/lib
185# $(INSTALLTOP) for this build make be different so hard
186# code the path.
187
188FIPSLIBDIR=/usr/local/ssl/lib
189
190# Shared library base address. Currently only used on Windows.
191#
192
193BASEADDR=0xFB00000
194
176# When we're prepared to use shared libraries in the programs we link here 195# When we're prepared to use shared libraries in the programs we link here
177# we might set SHLIB_MARK to '$(SHARED_LIBS)'. 196# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
178SHLIB_MARK= 197SHLIB_MARK=
179 198
180DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools 199DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
181SHLIBDIRS= crypto ssl 200SHLIBDIRS= crypto ssl
182 201
183# dirs in crypto to build 202# dirs in crypto to build
@@ -188,7 +207,7 @@ SDIRS= objects \
188 buffer bio stack lhash rand err \ 207 buffer bio stack lhash rand err \
189 evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 208 evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
190 209
191FDIRS= sha1 rand des aes dsa rsa dh 210FDIRS= sha rand des aes dsa rsa dh hmac
192 211
193# tests to perform. "alltests" is a special word indicating that all tests 212# tests to perform. "alltests" is a special word indicating that all tests
194# should be performed. 213# should be performed.
@@ -207,7 +226,6 @@ ONEDIRS=out tmp
207EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS 226EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
208WDIRS= windows 227WDIRS= windows
209LIBS= libcrypto.a libssl.a 228LIBS= libcrypto.a libssl.a
210SIGS= libcrypto.a.sha1
211SHARED_CRYPTO=libcrypto$(SHLIB_EXT) 229SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
212SHARED_SSL=libssl$(SHLIB_EXT) 230SHARED_SSL=libssl$(SHLIB_EXT)
213SHARED_LIBS= 231SHARED_LIBS=
@@ -227,19 +245,12 @@ HEADER= e_os.h
227 245
228all: Makefile sub_all openssl.pc 246all: Makefile sub_all openssl.pc
229 247
230sigs: $(SIGS)
231libcrypto.a.sha1: libcrypto.a
232 @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
233 $(RANLIB) libcrypto.a; \
234 fips/sha1/fips_standalone_sha1 libcrypto.a > libcrypto.a.sha1; \
235 fi
236
237sub_all: 248sub_all:
238 @for i in $(DIRS); \ 249 @for i in $(DIRS); \
239 do \ 250 do \
240 if [ -d "$$i" ]; then \ 251 if [ -d "$$i" ]; then \
241 (cd $$i && echo "making all in $$i..." && \ 252 (cd $$i && echo "making all in $$i..." && \
242 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \ 253 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \
243 else \ 254 else \
244 $(MAKE) $$i; \ 255 $(MAKE) $$i; \
245 fi; \ 256 fi; \
@@ -250,7 +261,7 @@ sub_target:
250 do \ 261 do \
251 if [ -d "$$i" ]; then \ 262 if [ -d "$$i" ]; then \
252 (cd $$i && echo "making $(TARGET) in $$i..." && \ 263 (cd $$i && echo "making $(TARGET) in $$i..." && \
253 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \ 264 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \
254 else \ 265 else \
255 $(MAKE) $$i; \ 266 $(MAKE) $$i; \
256 fi; \ 267 fi; \
@@ -306,12 +317,12 @@ do_gnu-shared:
306 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 317 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
307 libs="$(LIBKRB5) $$libs"; \ 318 libs="$(LIBKRB5) $$libs"; \
308 fi; \ 319 fi; \
309 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 320 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
310 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 321 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
311 -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 322 -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
312 -Wl,-Bsymbolic \ 323 -Wl,-Bsymbolic \
313 -Wl,--whole-archive lib$$i.a \ 324 -Wl,--whole-archive lib$$i.a \
314 -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \ 325 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
315 libs="-l$$i $$libs"; \ 326 libs="-l$$i $$libs"; \
316 done 327 done
317 328
@@ -323,7 +334,8 @@ do_darwin-shared:
323 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 334 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
324 libs="$(LIBKRB5) $$libs"; \ 335 libs="$(LIBKRB5) $$libs"; \
325 fi; \ 336 fi; \
326 ( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \ 337 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
338 --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
327 lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \ 339 lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
328 -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \ 340 -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
329 -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \ 341 -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
@@ -340,14 +352,15 @@ do_cygwin-shared:
340 [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \ 352 [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \
341 [ -f apps/$$shlib ] && rm apps/$$shlib; \ 353 [ -f apps/$$shlib ] && rm apps/$$shlib; \
342 [ -f test/$$shlib ] && rm test/$$shlib; \ 354 [ -f test/$$shlib ] && rm test/$$shlib; \
343 base=; [ $$i = "crypto" ] && base=-Wl,--image-base,0xFE00000; \ 355 base=; [ $$i = "crypto" ] && base=-Wl,--image-base,0x63000000; \
344 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 356 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
345 -shared $$base -o $$shlib \ 357 -shared $$base -o $$shlib \
346 -Wl,-Bsymbolic \ 358 -Wl,-Bsymbolic \
347 -Wl,--whole-archive lib$$i.a \ 359 -Wl,--whole-archive lib$$i.a \
348 -Wl,--out-implib,lib$$i.dll.a \ 360 -Wl,--out-implib,lib$$i.dll.a \
349 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \ 361 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
350 cp -p $$shlib apps/; cp -p $$shlib test/; \ 362 cp -p $$shlib apps/; cp -p $$shlib test/; \
363 touch -c lib$$i.dll.a; \
351 libs="-l$$i $$libs"; \ 364 libs="-l$$i $$libs"; \
352 done 365 done
353 366
@@ -360,10 +373,10 @@ do_alpha-osf1-shared:
360 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 373 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
361 libs="$(LIBKRB5) $$libs"; \ 374 libs="$(LIBKRB5) $$libs"; \
362 fi; \ 375 fi; \
363 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 376 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
364 -shared -o lib$$i.so \ 377 -shared -o lib$$i.so \
365 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ 378 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
366 -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ 379 -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
367 libs="-l$$i $$libs"; \ 380 libs="-l$$i $$libs"; \
368 done; \ 381 done; \
369 fi 382 fi
@@ -379,10 +392,10 @@ do_tru64-shared:
379 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 392 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
380 libs="$(LIBKRB5) $$libs"; \ 393 libs="$(LIBKRB5) $$libs"; \
381 fi; \ 394 fi; \
382 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 395 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
383 -shared -msym -o lib$$i.so \ 396 -shared -msym -o lib$$i.so \
384 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ 397 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
385 -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ 398 -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
386 libs="-l$$i $$libs"; \ 399 libs="-l$$i $$libs"; \
387 done; \ 400 done; \
388 fi 401 fi
@@ -398,11 +411,11 @@ do_tru64-shared-rpath:
398 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 411 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
399 libs="$(LIBKRB5) $$libs"; \ 412 libs="$(LIBKRB5) $$libs"; \
400 fi; \ 413 fi; \
401 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 414 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
402 -shared -msym -o lib$$i.so \ 415 -shared -msym -o lib$$i.so \
403 -rpath ${INSTALLTOP}/lib \ 416 -rpath ${INSTALLTOP}/lib \
404 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ 417 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
405 -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ 418 -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
406 libs="-l$$i $$libs"; \ 419 libs="-l$$i $$libs"; \
407 done; \ 420 done; \
408 fi 421 fi
@@ -420,12 +433,12 @@ do_solaris-shared:
420 ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ 433 ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
421 MINUSZ='-z '; \ 434 MINUSZ='-z '; \
422 (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \ 435 (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
423 set -x; ${CC} ${SHARED_LDFLAGS} -G -dy -z text \ 436 set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
424 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 437 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
425 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 438 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
426 -Wl,-Bsymbolic \ 439 -Wl,-Bsymbolic \
427 $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \ 440 $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
428 $$libs ${EX_LIBS} -lc ) || exit 1; \ 441 $$libs ${EX_LIBS} ) || exit 1; \
429 libs="-l$$i $$libs"; \ 442 libs="-l$$i $$libs"; \
430 done; \ 443 done; \
431 fi 444 fi
@@ -445,7 +458,7 @@ do_svr3-shared:
445 for obj in `ar t lib$$i.a` ; do \ 458 for obj in `ar t lib$$i.a` ; do \
446 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ 459 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \
447 done ; \ 460 done ; \
448 set -x; ${CC} ${SHARED_LDFLAGS} \ 461 set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
449 -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 462 -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
450 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 463 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
451 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ 464 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
@@ -471,7 +484,7 @@ do_svr5-shared:
471 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ 484 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \
472 done ; \ 485 done ; \
473 set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \ 486 set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \
474 ${CC} ${SHARED_LDFLAGS} \ 487 $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
475 $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 488 $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
476 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 489 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
477 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ 490 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
@@ -490,24 +503,15 @@ do_irix-shared:
490 fi; \ 503 fi; \
491 ( WHOLELIB="-all lib$$i.a -none"; \ 504 ( WHOLELIB="-all lib$$i.a -none"; \
492 (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \ 505 (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \
493 set -x; ${CC} ${SHARED_LDFLAGS} \ 506 set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
494 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 507 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
495 -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 508 -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
496 $${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \ 509 $${WHOLELIB} $$libs ${EX_LIBS}) || exit 1; \
497 libs="-l$$i $$libs"; \ 510 libs="-l$$i $$libs"; \
498 done; \ 511 done; \
499 fi 512 fi
500 513
501# This assumes that GNU utilities are *not* used 514# This assumes that GNU utilities are *not* used
502# HP-UX includes the full pathname of libs we depend on, so we would get
503# ./libcrypto (with ./ as path information) compiled into libssl, hence
504# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
505# anyway.
506# The object modules are loaded from lib$i.a using the undocumented -Fl
507# option.
508#
509# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH
510# by temporarily specifying "+s"!
511# 515#
512do_hpux-shared: 516do_hpux-shared:
513 for i in ${SHLIBDIRS}; do \ 517 for i in ${SHLIBDIRS}; do \
@@ -520,38 +524,11 @@ do_hpux-shared:
520 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \ 524 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
521 fi; \ 525 fi; \
522 [ -f $$shlib ] && rm -f $$shlib; \ 526 [ -f $$shlib ] && rm -f $$shlib; \
523 ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \ 527 ALLSYMSFLAGS='-Wl,-Fl'; \
524 +vnocompatwarnings \ 528 expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
525 -b -z +s \ 529 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
526 -o $$shlib +h $$shlib \ 530 -Wl,-B,symbolic,+vnocompatwarnings,-z,+h,$$shlib \
527 -Fl lib$$i.a -ldld -lc ) || exit 1; \ 531 -o $$shlib $$ALLSYMSFLAGS,lib$$i.a -ldld ) || exit 1; \
528 chmod a=rx $$shlib; \
529 done
530
531# This assumes that GNU utilities are *not* used
532# HP-UX includes the full pathname of libs we depend on, so we would get
533# ./libcrypto (with ./ as path information) compiled into libssl, hence
534# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
535# anyway.
536#
537# HP-UX in 64bit mode has "+s" enabled by default; it will search for
538# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH.
539#
540do_hpux64-shared:
541 for i in ${SHLIBDIRS}; do \
542 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
543 libs="$(LIBKRB5) $$libs"; \
544 fi; \
545 if expr $(PLATFORM) : '.*ia64' > /dev/null; then \
546 shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
547 else \
548 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
549 fi; \
550 [ -f $$shlib ] && rm -f $$shlib; \
551 ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
552 -b -z \
553 -o $$shlib +h $$shlib \
554 +forceload lib$$i.a -ldl -lc ) || exit 1; \
555 chmod a=rx $$shlib; \ 532 chmod a=rx $$shlib; \
556 done 533 done
557 534
@@ -597,7 +574,7 @@ do_aix-shared:
597 OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ 574 OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
598 ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \ 575 ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
599 ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \ 576 ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
600 $(SHAREDCMD) $(SHAREDFLAGS) \ 577 $${FIPSLD:-${CC}} $(SHAREDFLAGS) \
601 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \ 578 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
602 $$libs ${EX_LIBS} ) ) \ 579 $$libs ${EX_LIBS} ) ) \
603 || exit 1; \ 580 || exit 1; \
@@ -613,7 +590,7 @@ do_reliantunix-shared:
613 ( set -x; \ 590 ( set -x; \
614 ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \ 591 ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
615 cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \ 592 cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \
616 ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \ 593 $${FIPSLD:-${CC}} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \
617 ) || exit 1; \ 594 ) || exit 1; \
618 cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \ 595 cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
619 ) || exit 1; \ 596 ) || exit 1; \
@@ -759,11 +736,15 @@ crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt c
759apps/openssl-vms.cnf: apps/openssl.cnf 736apps/openssl-vms.cnf: apps/openssl.cnf
760 $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf 737 $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
761 738
739crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
740 $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
741
742
762TABLE: Configure 743TABLE: Configure
763 (echo 'Output of `Configure TABLE'"':"; \ 744 (echo 'Output of `Configure TABLE'"':"; \
764 $(PERL) Configure TABLE) > TABLE 745 $(PERL) Configure TABLE) > TABLE
765 746
766update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf TABLE 747update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
767 748
768# Build distribution tar-file. As the list of files returned by "find" is 749# Build distribution tar-file. As the list of files returned by "find" is
769# pretty long, on several platforms a "too many arguments" error or similar 750# pretty long, on several platforms a "too many arguments" error or similar
@@ -868,15 +849,6 @@ install_sw:
868 sed -e '1,/^$$/d' doc/openssl-shared.txt; \ 849 sed -e '1,/^$$/d' doc/openssl-shared.txt; \
869 fi; \ 850 fi; \
870 fi 851 fi
871 @for i in $(SIGS) ;\
872 do \
873 if [ -f "$$i" ]; then \
874 ( echo installing $$i; \
875 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
876 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
877 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
878 fi; \
879 done;
880 cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig 852 cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
881 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc 853 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
882 854
@@ -902,8 +874,8 @@ install_docs:
902 --release=$(VERSION) `basename $$i`") \ 874 --release=$(VERSION) `basename $$i`") \
903 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ 875 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
904 $(PERL) util/extract-names.pl < $$i | \ 876 $(PERL) util/extract-names.pl < $$i | \
905 grep -v $$filecase "^$$fn\$$" | \ 877 (grep -v $$filecase "^$$fn\$$"; true) | \
906 grep -v "[ ]" | \ 878 (grep -v "[ ]"; true) | \
907 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ 879 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
908 while read n; do \ 880 while read n; do \
909 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ 881 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@@ -919,8 +891,8 @@ install_docs:
919 --release=$(VERSION) `basename $$i`") \ 891 --release=$(VERSION) `basename $$i`") \
920 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ 892 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
921 $(PERL) util/extract-names.pl < $$i | \ 893 $(PERL) util/extract-names.pl < $$i | \
922 grep -v $$filecase "^$$fn\$$" | \ 894 (grep -v $$filecase "^$$fn\$$"; true) | \
923 grep -v "[ ]" | \ 895 (grep -v "[ ]"; true) | \
924 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ 896 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
925 while read n; do \ 897 while read n; do \
926 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ 898 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org
index cc4000b148..b9db0dd57d 100644
--- a/src/lib/libssl/src/Makefile.org
+++ b/src/lib/libssl/src/Makefile.org
@@ -102,6 +102,7 @@ PROCESSOR=
102# Set DES_ENC to des_enc.o if you want to use the C version 102# Set DES_ENC to des_enc.o if you want to use the C version
103#There are 4 x86 assember options. 103#There are 4 x86 assember options.
104FIPS_DES_ENC= des_enc.o fcrypt_b.o 104FIPS_DES_ENC= des_enc.o fcrypt_b.o
105FIPS_AES_ENC= fips_aes_core.o
105DES_ENC= asm/dx86-out.o asm/yx86-out.o 106DES_ENC= asm/dx86-out.o asm/yx86-out.o
106#DES_ENC= des_enc.o fcrypt_b.o # C 107#DES_ENC= des_enc.o fcrypt_b.o # C
107#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf 108#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
@@ -171,11 +172,29 @@ RMD160_ASM_OBJ= asm/rm86-out.o
171KRB5_INCLUDES= 172KRB5_INCLUDES=
172LIBKRB5= 173LIBKRB5=
173 174
175# Zlib stuff
176ZLIB_INCLUDE=
177LIBZLIB=
178
179# This is the location of fipscanister.o and friends.
180# The FIPS module build will place it $(INSTALLTOP)/lib
181# but since $(INSTALLTOP) can only take the default value
182# when the module is built it will be in /usr/local/ssl/lib
183# $(INSTALLTOP) for this build make be different so hard
184# code the path.
185
186FIPSLIBDIR=/usr/local/ssl/lib
187
188# Shared library base address. Currently only used on Windows.
189#
190
191BASEADDR=
192
174# When we're prepared to use shared libraries in the programs we link here 193# When we're prepared to use shared libraries in the programs we link here
175# we might set SHLIB_MARK to '$(SHARED_LIBS)'. 194# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
176SHLIB_MARK= 195SHLIB_MARK=
177 196
178DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools 197DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
179SHLIBDIRS= crypto ssl 198SHLIBDIRS= crypto ssl
180 199
181# dirs in crypto to build 200# dirs in crypto to build
@@ -186,7 +205,7 @@ SDIRS= objects \
186 buffer bio stack lhash rand err \ 205 buffer bio stack lhash rand err \
187 evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 206 evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
188 207
189FDIRS= sha1 rand des aes dsa rsa dh 208FDIRS= sha rand des aes dsa rsa dh hmac
190 209
191# tests to perform. "alltests" is a special word indicating that all tests 210# tests to perform. "alltests" is a special word indicating that all tests
192# should be performed. 211# should be performed.
@@ -205,7 +224,6 @@ ONEDIRS=out tmp
205EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS 224EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
206WDIRS= windows 225WDIRS= windows
207LIBS= libcrypto.a libssl.a 226LIBS= libcrypto.a libssl.a
208SIGS= libcrypto.a.sha1
209SHARED_CRYPTO=libcrypto$(SHLIB_EXT) 227SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
210SHARED_SSL=libssl$(SHLIB_EXT) 228SHARED_SSL=libssl$(SHLIB_EXT)
211SHARED_LIBS= 229SHARED_LIBS=
@@ -225,19 +243,12 @@ HEADER= e_os.h
225 243
226all: Makefile sub_all openssl.pc 244all: Makefile sub_all openssl.pc
227 245
228sigs: $(SIGS)
229libcrypto.a.sha1: libcrypto.a
230 @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
231 $(RANLIB) libcrypto.a; \
232 fips/sha1/fips_standalone_sha1 libcrypto.a > libcrypto.a.sha1; \
233 fi
234
235sub_all: 246sub_all:
236 @for i in $(DIRS); \ 247 @for i in $(DIRS); \
237 do \ 248 do \
238 if [ -d "$$i" ]; then \ 249 if [ -d "$$i" ]; then \
239 (cd $$i && echo "making all in $$i..." && \ 250 (cd $$i && echo "making all in $$i..." && \
240 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \ 251 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \
241 else \ 252 else \
242 $(MAKE) $$i; \ 253 $(MAKE) $$i; \
243 fi; \ 254 fi; \
@@ -248,7 +259,7 @@ sub_target:
248 do \ 259 do \
249 if [ -d "$$i" ]; then \ 260 if [ -d "$$i" ]; then \
250 (cd $$i && echo "making $(TARGET) in $$i..." && \ 261 (cd $$i && echo "making $(TARGET) in $$i..." && \
251 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \ 262 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \
252 else \ 263 else \
253 $(MAKE) $$i; \ 264 $(MAKE) $$i; \
254 fi; \ 265 fi; \
@@ -304,12 +315,12 @@ do_gnu-shared:
304 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 315 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
305 libs="$(LIBKRB5) $$libs"; \ 316 libs="$(LIBKRB5) $$libs"; \
306 fi; \ 317 fi; \
307 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 318 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
308 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 319 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
309 -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 320 -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
310 -Wl,-Bsymbolic \ 321 -Wl,-Bsymbolic \
311 -Wl,--whole-archive lib$$i.a \ 322 -Wl,--whole-archive lib$$i.a \
312 -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \ 323 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
313 libs="-l$$i $$libs"; \ 324 libs="-l$$i $$libs"; \
314 done 325 done
315 326
@@ -321,7 +332,8 @@ do_darwin-shared:
321 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 332 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
322 libs="$(LIBKRB5) $$libs"; \ 333 libs="$(LIBKRB5) $$libs"; \
323 fi; \ 334 fi; \
324 ( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \ 335 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
336 --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
325 lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \ 337 lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
326 -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \ 338 -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
327 -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \ 339 -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
@@ -338,14 +350,15 @@ do_cygwin-shared:
338 [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \ 350 [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \
339 [ -f apps/$$shlib ] && rm apps/$$shlib; \ 351 [ -f apps/$$shlib ] && rm apps/$$shlib; \
340 [ -f test/$$shlib ] && rm test/$$shlib; \ 352 [ -f test/$$shlib ] && rm test/$$shlib; \
341 base=; [ $$i = "crypto" ] && base=-Wl,--image-base,0xFE00000; \ 353 base=; [ $$i = "crypto" ] && base=-Wl,--image-base,0x63000000; \
342 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 354 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
343 -shared $$base -o $$shlib \ 355 -shared $$base -o $$shlib \
344 -Wl,-Bsymbolic \ 356 -Wl,-Bsymbolic \
345 -Wl,--whole-archive lib$$i.a \ 357 -Wl,--whole-archive lib$$i.a \
346 -Wl,--out-implib,lib$$i.dll.a \ 358 -Wl,--out-implib,lib$$i.dll.a \
347 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \ 359 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
348 cp -p $$shlib apps/; cp -p $$shlib test/; \ 360 cp -p $$shlib apps/; cp -p $$shlib test/; \
361 touch -c lib$$i.dll.a; \
349 libs="-l$$i $$libs"; \ 362 libs="-l$$i $$libs"; \
350 done 363 done
351 364
@@ -358,10 +371,10 @@ do_alpha-osf1-shared:
358 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 371 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
359 libs="$(LIBKRB5) $$libs"; \ 372 libs="$(LIBKRB5) $$libs"; \
360 fi; \ 373 fi; \
361 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 374 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
362 -shared -o lib$$i.so \ 375 -shared -o lib$$i.so \
363 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ 376 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
364 -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ 377 -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
365 libs="-l$$i $$libs"; \ 378 libs="-l$$i $$libs"; \
366 done; \ 379 done; \
367 fi 380 fi
@@ -377,10 +390,10 @@ do_tru64-shared:
377 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 390 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
378 libs="$(LIBKRB5) $$libs"; \ 391 libs="$(LIBKRB5) $$libs"; \
379 fi; \ 392 fi; \
380 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 393 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
381 -shared -msym -o lib$$i.so \ 394 -shared -msym -o lib$$i.so \
382 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ 395 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
383 -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ 396 -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
384 libs="-l$$i $$libs"; \ 397 libs="-l$$i $$libs"; \
385 done; \ 398 done; \
386 fi 399 fi
@@ -396,11 +409,11 @@ do_tru64-shared-rpath:
396 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ 409 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
397 libs="$(LIBKRB5) $$libs"; \ 410 libs="$(LIBKRB5) $$libs"; \
398 fi; \ 411 fi; \
399 ( set -x; ${CC} ${SHARED_LDFLAGS} \ 412 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
400 -shared -msym -o lib$$i.so \ 413 -shared -msym -o lib$$i.so \
401 -rpath ${INSTALLTOP}/lib \ 414 -rpath ${INSTALLTOP}/lib \
402 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ 415 -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
403 -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ 416 -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
404 libs="-l$$i $$libs"; \ 417 libs="-l$$i $$libs"; \
405 done; \ 418 done; \
406 fi 419 fi
@@ -418,12 +431,12 @@ do_solaris-shared:
418 ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ 431 ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
419 MINUSZ='-z '; \ 432 MINUSZ='-z '; \
420 (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \ 433 (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
421 set -x; ${CC} ${SHARED_LDFLAGS} -G -dy -z text \ 434 set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
422 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 435 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
423 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 436 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
424 -Wl,-Bsymbolic \ 437 -Wl,-Bsymbolic \
425 $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \ 438 $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
426 $$libs ${EX_LIBS} -lc ) || exit 1; \ 439 $$libs ${EX_LIBS} ) || exit 1; \
427 libs="-l$$i $$libs"; \ 440 libs="-l$$i $$libs"; \
428 done; \ 441 done; \
429 fi 442 fi
@@ -443,7 +456,7 @@ do_svr3-shared:
443 for obj in `ar t lib$$i.a` ; do \ 456 for obj in `ar t lib$$i.a` ; do \
444 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ 457 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \
445 done ; \ 458 done ; \
446 set -x; ${CC} ${SHARED_LDFLAGS} \ 459 set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
447 -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 460 -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
448 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 461 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
449 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ 462 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
@@ -469,7 +482,7 @@ do_svr5-shared:
469 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ 482 OBJS="$${OBJS} `grep /$$obj allobjs`" ; \
470 done ; \ 483 done ; \
471 set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \ 484 set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \
472 ${CC} ${SHARED_LDFLAGS} \ 485 $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
473 $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 486 $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
474 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 487 -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
475 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ 488 $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
@@ -488,24 +501,15 @@ do_irix-shared:
488 fi; \ 501 fi; \
489 ( WHOLELIB="-all lib$$i.a -none"; \ 502 ( WHOLELIB="-all lib$$i.a -none"; \
490 (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \ 503 (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \
491 set -x; ${CC} ${SHARED_LDFLAGS} \ 504 set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
492 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 505 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
493 -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 506 -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
494 $${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \ 507 $${WHOLELIB} $$libs ${EX_LIBS}) || exit 1; \
495 libs="-l$$i $$libs"; \ 508 libs="-l$$i $$libs"; \
496 done; \ 509 done; \
497 fi 510 fi
498 511
499# This assumes that GNU utilities are *not* used 512# This assumes that GNU utilities are *not* used
500# HP-UX includes the full pathname of libs we depend on, so we would get
501# ./libcrypto (with ./ as path information) compiled into libssl, hence
502# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
503# anyway.
504# The object modules are loaded from lib$i.a using the undocumented -Fl
505# option.
506#
507# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH
508# by temporarily specifying "+s"!
509# 513#
510do_hpux-shared: 514do_hpux-shared:
511 for i in ${SHLIBDIRS}; do \ 515 for i in ${SHLIBDIRS}; do \
@@ -518,38 +522,11 @@ do_hpux-shared:
518 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \ 522 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
519 fi; \ 523 fi; \
520 [ -f $$shlib ] && rm -f $$shlib; \ 524 [ -f $$shlib ] && rm -f $$shlib; \
521 ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \ 525 ALLSYMSFLAGS='-Wl,-Fl'; \
522 +vnocompatwarnings \ 526 expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
523 -b -z +s \ 527 ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
524 -o $$shlib +h $$shlib \ 528 -Wl,-B,symbolic,+vnocompatwarnings,-z,+h,$$shlib \
525 -Fl lib$$i.a -ldld -lc ) || exit 1; \ 529 -o $$shlib $$ALLSYMSFLAGS,lib$$i.a -ldld ) || exit 1; \
526 chmod a=rx $$shlib; \
527 done
528
529# This assumes that GNU utilities are *not* used
530# HP-UX includes the full pathname of libs we depend on, so we would get
531# ./libcrypto (with ./ as path information) compiled into libssl, hence
532# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
533# anyway.
534#
535# HP-UX in 64bit mode has "+s" enabled by default; it will search for
536# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH.
537#
538do_hpux64-shared:
539 for i in ${SHLIBDIRS}; do \
540 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
541 libs="$(LIBKRB5) $$libs"; \
542 fi; \
543 if expr $(PLATFORM) : '.*ia64' > /dev/null; then \
544 shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
545 else \
546 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
547 fi; \
548 [ -f $$shlib ] && rm -f $$shlib; \
549 ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
550 -b -z \
551 -o $$shlib +h $$shlib \
552 +forceload lib$$i.a -ldl -lc ) || exit 1; \
553 chmod a=rx $$shlib; \ 530 chmod a=rx $$shlib; \
554 done 531 done
555 532
@@ -595,7 +572,7 @@ do_aix-shared:
595 OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ 572 OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
596 ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \ 573 ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
597 ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \ 574 ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
598 $(SHAREDCMD) $(SHAREDFLAGS) \ 575 $${FIPSLD:-${CC}} $(SHAREDFLAGS) \
599 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \ 576 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
600 $$libs ${EX_LIBS} ) ) \ 577 $$libs ${EX_LIBS} ) ) \
601 || exit 1; \ 578 || exit 1; \
@@ -611,7 +588,7 @@ do_reliantunix-shared:
611 ( set -x; \ 588 ( set -x; \
612 ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \ 589 ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
613 cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \ 590 cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \
614 ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \ 591 $${FIPSLD:-${CC}} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \
615 ) || exit 1; \ 592 ) || exit 1; \
616 cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \ 593 cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
617 ) || exit 1; \ 594 ) || exit 1; \
@@ -757,11 +734,15 @@ crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt c
757apps/openssl-vms.cnf: apps/openssl.cnf 734apps/openssl-vms.cnf: apps/openssl.cnf
758 $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf 735 $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
759 736
737crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
738 $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
739
740
760TABLE: Configure 741TABLE: Configure
761 (echo 'Output of `Configure TABLE'"':"; \ 742 (echo 'Output of `Configure TABLE'"':"; \
762 $(PERL) Configure TABLE) > TABLE 743 $(PERL) Configure TABLE) > TABLE
763 744
764update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf TABLE 745update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
765 746
766# Build distribution tar-file. As the list of files returned by "find" is 747# Build distribution tar-file. As the list of files returned by "find" is
767# pretty long, on several platforms a "too many arguments" error or similar 748# pretty long, on several platforms a "too many arguments" error or similar
@@ -866,15 +847,6 @@ install_sw:
866 sed -e '1,/^$$/d' doc/openssl-shared.txt; \ 847 sed -e '1,/^$$/d' doc/openssl-shared.txt; \
867 fi; \ 848 fi; \
868 fi 849 fi
869 @for i in $(SIGS) ;\
870 do \
871 if [ -f "$$i" ]; then \
872 ( echo installing $$i; \
873 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
874 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
875 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
876 fi; \
877 done;
878 cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig 850 cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
879 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc 851 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
880 852
@@ -900,8 +872,8 @@ install_docs:
900 --release=$(VERSION) `basename $$i`") \ 872 --release=$(VERSION) `basename $$i`") \
901 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ 873 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
902 $(PERL) util/extract-names.pl < $$i | \ 874 $(PERL) util/extract-names.pl < $$i | \
903 grep -v $$filecase "^$$fn\$$" | \ 875 (grep -v $$filecase "^$$fn\$$"; true) | \
904 grep -v "[ ]" | \ 876 (grep -v "[ ]"; true) | \
905 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ 877 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
906 while read n; do \ 878 while read n; do \
907 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ 879 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@@ -917,8 +889,8 @@ install_docs:
917 --release=$(VERSION) `basename $$i`") \ 889 --release=$(VERSION) `basename $$i`") \
918 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ 890 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
919 $(PERL) util/extract-names.pl < $$i | \ 891 $(PERL) util/extract-names.pl < $$i | \
920 grep -v $$filecase "^$$fn\$$" | \ 892 (grep -v $$filecase "^$$fn\$$"; true) | \
921 grep -v "[ ]" | \ 893 (grep -v "[ ]"; true) | \
922 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ 894 (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
923 while read n; do \ 895 while read n; do \
924 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ 896 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS
index 8e1ce65a5f..49b443ed4d 100644
--- a/src/lib/libssl/src/NEWS
+++ b/src/lib/libssl/src/NEWS
@@ -5,6 +5,20 @@
5 This file gives a brief overview of the major changes between each OpenSSL 5 This file gives a brief overview of the major changes between each OpenSSL
6 release. For more details please read the CHANGES file. 6 release. For more details please read the CHANGES file.
7 7
8 Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
9
10 o Update Windows build system for FIPS.
11
12 Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
13
14 o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
15
16 Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
17
18 o Fix SSL 2.0 Rollback, CAN-2005-2969
19 o Allow use of fixed-length exponent on DSA signing
20 o Default fixed-window RSA, DSA, DH private-key operations
21
8 Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g: 22 Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
9 23
10 o More compilation issues fixed. 24 o More compilation issues fixed.
diff --git a/src/lib/libssl/src/PROBLEMS b/src/lib/libssl/src/PROBLEMS
index cbefadb40e..6f39eb345d 100644
--- a/src/lib/libssl/src/PROBLEMS
+++ b/src/lib/libssl/src/PROBLEMS
@@ -48,20 +48,28 @@ will interfere with each other and lead to test failure.
48The solution is simple for now: don't run parallell make when testing. 48The solution is simple for now: don't run parallell make when testing.
49 49
50 50
51* Bugs in gcc 3.0 triggered 51* Bugs in gcc triggered
52 52
53According to a problem report, there are bugs in gcc 3.0 that are 53- According to a problem report, there are bugs in gcc 3.0 that are
54triggered by some of the code in OpenSSL, more specifically in 54 triggered by some of the code in OpenSSL, more specifically in
55PEM_get_EVP_CIPHER_INFO(). The triggering code is the following: 55 PEM_get_EVP_CIPHER_INFO(). The triggering code is the following:
56 56
57 header+=11; 57 header+=11;
58 if (*header != '4') return(0); header++; 58 if (*header != '4') return(0); header++;
59 if (*header != ',') return(0); header++; 59 if (*header != ',') return(0); header++;
60 60
61What happens is that gcc might optimize a little too agressively, and 61 What happens is that gcc might optimize a little too agressively, and
62you end up with an extra incrementation when *header != '4'. 62 you end up with an extra incrementation when *header != '4'.
63 63
64We recommend that you upgrade gcc to as high a 3.x version as you can. 64 We recommend that you upgrade gcc to as high a 3.x version as you can.
65
66- According to multiple problem reports, some of our message digest
67 implementations trigger bug[s] in code optimizer in gcc 3.3 for sparc64
68 and gcc 2.96 for ppc. Former fails to complete RIPEMD160 test, while
69 latter - SHA one.
70
71 The recomendation is to upgrade your compiler. This naturally applies to
72 other similar cases.
65 73
66* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler. 74* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler.
67 75
@@ -120,3 +128,37 @@ Any information helping to solve this issue would be deeply
120appreciated. 128appreciated.
121 129
122NOTE: building non-shared doesn't come with this problem. 130NOTE: building non-shared doesn't come with this problem.
131
132* ULTRIX build fails with shell errors, such as "bad substitution"
133 and "test: argument expected"
134
135The problem is caused by ULTRIX /bin/sh supporting only original
136Bourne shell syntax/semantics, and the trouble is that the vast
137majority is so accustomed to more modern syntax, that very few
138people [if any] would recognize the ancient syntax even as valid.
139This inevitably results in non-trivial scripts breaking on ULTRIX,
140and OpenSSL isn't an exclusion. Fortunately there is workaround,
141hire /bin/ksh to do the job /bin/sh fails to do.
142
1431. Trick make(1) to use /bin/ksh by setting up following environ-
144 ment variables *prior* you execute ./Configure and make:
145
146 PROG_ENV=POSIX
147 MAKESHELL=/bin/ksh
148 export PROG_ENV MAKESHELL
149
150 or if your shell is csh-compatible:
151
152 setenv PROG_ENV POSIX
153 setenv MAKESHELL /bin/ksh
154
1552. Trick /bin/sh to use alternative expression evaluator. Create
156 following 'test' script for example in /tmp:
157
158 #!/bin/ksh
159 ${0##*/} "$@"
160
161 Then 'chmod a+x /tmp/test; ln /tmp/test /tmp/[' and *prepend*
162 your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter-
163 natively just replace system /bin/test and /bin/[ with the
164 above script.
diff --git a/src/lib/libssl/src/README b/src/lib/libssl/src/README
index c52c2d94bd..a6a97c8858 100644
--- a/src/lib/libssl/src/README
+++ b/src/lib/libssl/src/README
@@ -1,5 +1,5 @@
1 1
2 OpenSSL 0.9.7g 11 April 2005 2 OpenSSL 0.9.7j 04 May 2006
3 3
4 Copyright (c) 1998-2005 The OpenSSL Project 4 Copyright (c) 1998-2005 The OpenSSL Project
5 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson 5 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -14,13 +14,13 @@
14 protocols as well as a full-strength general purpose cryptography library. 14 protocols as well as a full-strength general purpose cryptography library.
15 The project is managed by a worldwide community of volunteers that use the 15 The project is managed by a worldwide community of volunteers that use the
16 Internet to communicate, plan, and develop the OpenSSL toolkit and its 16 Internet to communicate, plan, and develop the OpenSSL toolkit and its
17 related documentation. 17 related documentation.
18 18
19 OpenSSL is based on the excellent SSLeay library developed from Eric A. Young 19 OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
20 and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the 20 and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the
21 OpenSSL license plus the SSLeay license) situation, which basically means 21 OpenSSL license plus the SSLeay license) situation, which basically means
22 that you are free to get and use it for commercial and non-commercial 22 that you are free to get and use it for commercial and non-commercial
23 purposes as long as you fulfill the conditions of both licenses. 23 purposes as long as you fulfill the conditions of both licenses.
24 24
25 OVERVIEW 25 OVERVIEW
26 -------- 26 --------
@@ -53,11 +53,11 @@
53 MDC2 message digest. A DES based hash that is popular on smart cards. 53 MDC2 message digest. A DES based hash that is popular on smart cards.
54 54
55 Public Key 55 Public Key
56 RSA encryption/decryption/generation. 56 RSA encryption/decryption/generation.
57 There is no limit on the number of bits. 57 There is no limit on the number of bits.
58 DSA encryption/decryption/generation. 58 DSA encryption/decryption/generation.
59 There is no limit on the number of bits. 59 There is no limit on the number of bits.
60 Diffie-Hellman key-exchange/key generation. 60 Diffie-Hellman key-exchange/key generation.
61 There is no limit on the number of bits. 61 There is no limit on the number of bits.
62 62
63 X.509v3 certificates 63 X.509v3 certificates
@@ -80,16 +80,16 @@
80 A simple stack. 80 A simple stack.
81 A Configuration loader that uses a format similar to MS .ini files. 81 A Configuration loader that uses a format similar to MS .ini files.
82 82
83 openssl: 83 openssl:
84 A command line tool that can be used for: 84 A command line tool that can be used for:
85 Creation of RSA, DH and DSA key parameters 85 Creation of RSA, DH and DSA key parameters
86 Creation of X.509 certificates, CSRs and CRLs 86 Creation of X.509 certificates, CSRs and CRLs
87 Calculation of Message Digests 87 Calculation of Message Digests
88 Encryption and Decryption with Ciphers 88 Encryption and Decryption with Ciphers
89 SSL/TLS Client and Server Tests 89 SSL/TLS Client and Server Tests
90 Handling of S/MIME signed or encrypted mail 90 Handling of S/MIME signed or encrypted mail
91 91
92 92
93 PATENTS 93 PATENTS
94 ------- 94 -------
95 95
@@ -104,13 +104,15 @@
104 licensing conditions. Their web page is http://www.rsasecurity.com/. 104 licensing conditions. Their web page is http://www.rsasecurity.com/.
105 105
106 RC4 is a trademark of RSA Security, so use of this label should perhaps 106 RC4 is a trademark of RSA Security, so use of this label should perhaps
107 only be used with RSA Security's permission. 107 only be used with RSA Security's permission.
108 108
109 The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy, 109 The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
110 Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. They 110 Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. They
111 should be contacted if that algorithm is to be used; their web page is 111 should be contacted if that algorithm is to be used; their web page is
112 http://www.ascom.ch/. 112 http://www.ascom.ch/.
113 113
114 The MDC2 algorithm is patented by IBM.
115
114 INSTALLATION 116 INSTALLATION
115 ------------ 117 ------------
116 118
@@ -129,7 +131,7 @@
129 or application author. We try to collect those in doc/PROBLEMS, with current 131 or application author. We try to collect those in doc/PROBLEMS, with current
130 thoughts on how they should be solved in a future of OpenSSL. 132 thoughts on how they should be solved in a future of OpenSSL.
131 133
132 SUPPORT 134 SUPPORT
133 ------- 135 -------
134 136
135 If you have any problems with OpenSSL then please take the following steps 137 If you have any problems with OpenSSL then please take the following steps
@@ -138,7 +140,7 @@
138 - Download the current snapshot from ftp://ftp.openssl.org/snapshot/ 140 - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
139 to see if the problem has already been addressed 141 to see if the problem has already been addressed
140 - Remove ASM versions of libraries 142 - Remove ASM versions of libraries
141 - Remove compiler optimisation flags 143 - Remove compiler optimisation flags
142 144
143 If you wish to report a bug then please include the following information in 145 If you wish to report a bug then please include the following information in
144 any bug report: 146 any bug report:
@@ -191,3 +193,4 @@
191 # ./Configure dist; make clean 193 # ./Configure dist; make clean
192 # cd .. 194 # cd ..
193 # diff -ur openssl-orig openssl-work > mydiffs.patch 195 # diff -ur openssl-orig openssl-work > mydiffs.patch
196
diff --git a/src/lib/libssl/src/apps/CA.pl b/src/lib/libssl/src/apps/CA.pl
index 4f3ba0f08c..9f06cd0232 100644
--- a/src/lib/libssl/src/apps/CA.pl
+++ b/src/lib/libssl/src/apps/CA.pl
@@ -66,19 +66,19 @@ foreach (@ARGV) {
66 exit 0; 66 exit 0;
67 } elsif (/^-newcert$/) { 67 } elsif (/^-newcert$/) {
68 # create a certificate 68 # create a certificate
69 system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); 69 system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
70 $RET=$?; 70 $RET=$?;
71 print "Certificate (and private key) is in newreq.pem\n" 71 print "Certificate is in newcert.pem, private key is in newkey.pem\n"
72 } elsif (/^-newreq$/) { 72 } elsif (/^-newreq$/) {
73 # create a certificate request 73 # create a certificate request
74 system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); 74 system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
75 $RET=$?; 75 $RET=$?;
76 print "Request (and private key) is in newreq.pem\n"; 76 print "Request is in newreq.pem, private key is in newkey.pem\n";
77 } elsif (/^-newreq-nodes$/) { 77 } elsif (/^-newreq-nodes$/) {
78 # create a certificate request 78 # create a certificate request
79 system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); 79 system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
80 $RET=$?; 80 $RET=$?;
81 print "Request (and private key) is in newreq.pem\n"; 81 print "Request is in newreq.pem, private key is in newkey.pem\n";
82 } elsif (/^-newca$/) { 82 } elsif (/^-newca$/) {
83 # if explicitly asked for or it doesn't exist then setup the 83 # if explicitly asked for or it doesn't exist then setup the
84 # directory structure that Eric likes to manage things 84 # directory structure that Eric likes to manage things
@@ -118,10 +118,11 @@ foreach (@ARGV) {
118 } elsif (/^-pkcs12$/) { 118 } elsif (/^-pkcs12$/) {
119 my $cname = $ARGV[1]; 119 my $cname = $ARGV[1];
120 $cname = "My Certificate" unless defined $cname; 120 $cname = "My Certificate" unless defined $cname;
121 system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . 121 system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
122 "-certfile ${CATOP}/$CACERT -out newcert.p12 " . 122 "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
123 "-export -name \"$cname\""); 123 "-export -name \"$cname\"");
124 $RET=$?; 124 $RET=$?;
125 print "PKCS #12 file is in newcert.p12\n";
125 exit $RET; 126 exit $RET;
126 } elsif (/^-xsign$/) { 127 } elsif (/^-xsign$/) {
127 system ("$CA -policy policy_anything -infiles newreq.pem"); 128 system ("$CA -policy policy_anything -infiles newreq.pem");
diff --git a/src/lib/libssl/src/apps/CA.pl.in b/src/lib/libssl/src/apps/CA.pl.in
index 39f267d313..9c99739092 100644
--- a/src/lib/libssl/src/apps/CA.pl.in
+++ b/src/lib/libssl/src/apps/CA.pl.in
@@ -66,19 +66,19 @@ foreach (@ARGV) {
66 exit 0; 66 exit 0;
67 } elsif (/^-newcert$/) { 67 } elsif (/^-newcert$/) {
68 # create a certificate 68 # create a certificate
69 system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); 69 system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
70 $RET=$?; 70 $RET=$?;
71 print "Certificate (and private key) is in newreq.pem\n" 71 print "Certificate is in newcert.pem, private key is in newkey.pem\n"
72 } elsif (/^-newreq$/) { 72 } elsif (/^-newreq$/) {
73 # create a certificate request 73 # create a certificate request
74 system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); 74 system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
75 $RET=$?; 75 $RET=$?;
76 print "Request (and private key) is in newreq.pem\n"; 76 print "Request is in newreq.pem, private key is in newkey.pem\n";
77 } elsif (/^-newreq-nodes$/) { 77 } elsif (/^-newreq-nodes$/) {
78 # create a certificate request 78 # create a certificate request
79 system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); 79 system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
80 $RET=$?; 80 $RET=$?;
81 print "Request (and private key) is in newreq.pem\n"; 81 print "Request is in newreq.pem, private key is in newkey.pem\n";
82 } elsif (/^-newca$/) { 82 } elsif (/^-newca$/) {
83 # if explicitly asked for or it doesn't exist then setup the 83 # if explicitly asked for or it doesn't exist then setup the
84 # directory structure that Eric likes to manage things 84 # directory structure that Eric likes to manage things
@@ -118,10 +118,11 @@ foreach (@ARGV) {
118 } elsif (/^-pkcs12$/) { 118 } elsif (/^-pkcs12$/) {
119 my $cname = $ARGV[1]; 119 my $cname = $ARGV[1];
120 $cname = "My Certificate" unless defined $cname; 120 $cname = "My Certificate" unless defined $cname;
121 system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . 121 system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
122 "-certfile ${CATOP}/$CACERT -out newcert.p12 " . 122 "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
123 "-export -name \"$cname\""); 123 "-export -name \"$cname\"");
124 $RET=$?; 124 $RET=$?;
125 print "PKCS #12 file is in newcert.p12\n";
125 exit $RET; 126 exit $RET;
126 } elsif (/^-xsign$/) { 127 } elsif (/^-xsign$/) {
127 system ("$CA -policy policy_anything -infiles newreq.pem"); 128 system ("$CA -policy policy_anything -infiles newreq.pem");
diff --git a/src/lib/libssl/src/apps/CA.sh b/src/lib/libssl/src/apps/CA.sh
index 030a11fc25..84d7ec0b33 100644
--- a/src/lib/libssl/src/apps/CA.sh
+++ b/src/lib/libssl/src/apps/CA.sh
@@ -51,15 +51,15 @@ case $i in
51 ;; 51 ;;
52-newcert) 52-newcert)
53 # create a certificate 53 # create a certificate
54 $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS 54 $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
55 RET=$? 55 RET=$?
56 echo "Certificate (and private key) is in newreq.pem" 56 echo "Certificate is in newcert.pem, private key is in newkey.pem"
57 ;; 57 ;;
58-newreq) 58-newreq)
59 # create a certificate request 59 # create a certificate request
60 $REQ -new -keyout newreq.pem -out newreq.pem $DAYS 60 $REQ -new -keyout newkey.pem -out newreq.pem $DAYS
61 RET=$? 61 RET=$?
62 echo "Request (and private key) is in newreq.pem" 62 echo "Request is in newreq.pem, private key is in newkey.pem"
63 ;; 63 ;;
64-newca) 64-newca)
65 # if explicitly asked for or it doesn't exist then setup the directory 65 # if explicitly asked for or it doesn't exist then setup the directory
diff --git a/src/lib/libssl/src/apps/Makefile b/src/lib/libssl/src/apps/Makefile
index 93dcf765e6..4daa92382f 100644
--- a/src/lib/libssl/src/apps/Makefile
+++ b/src/lib/libssl/src/apps/Makefile
@@ -101,8 +101,9 @@ install:
101 (echo installing $$i; \ 101 (echo installing $$i; \
102 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ 102 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
103 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ 103 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
104 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ 104 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new \
105 done; 105 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
106 ) done;
106 @for i in $(SCRIPTS); \ 107 @for i in $(SCRIPTS); \
107 do \ 108 do \
108 (echo installing $$i; \ 109 (echo installing $$i; \
@@ -143,17 +144,19 @@ $(DLIBCRYPTO):
143 144
144$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) 145$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
145 $(RM) $(EXE) 146 $(RM) $(EXE)
146 if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ 147 @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
148 FIPSLD_CC=$(CC); CC=$(TOP)/fips-1.0/fipsld; export CC FIPSLD_CC; \
149 fi; \
150 SHARED_LIBS="$(SHARED_LIBS)"; \
151 if [ "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
152 SHARED_LIBS=""; \
153 fi; \
154 if [ -z "$$SHARED_LIBS" ]; then \
147 set -x; $${CC:-$(CC)} -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ 155 set -x; $${CC:-$(CC)} -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
148 elif [ -z "$(SHARED_LIBS)" ]; then \
149 set -x; $${CC:-$(CC)} -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
150 else \ 156 else \
151 set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ 157 set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
152 $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ 158 $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
153 fi 159 fi
154 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
155 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(EXE); \
156 fi
157 -(cd ..; \ 160 -(cd ..; \
158 OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \ 161 OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \
159 $(PERL) tools/c_rehash certs) 162 $(PERL) tools/c_rehash certs)
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index 9157cdfcdc..9b07e913c5 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -361,10 +361,17 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
361 /* The start of something good :-) */ 361 /* The start of something good :-) */
362 if (num >= arg->count) 362 if (num >= arg->count)
363 { 363 {
364 arg->count+=20; 364 char **tmp_p;
365 arg->data=(char **)OPENSSL_realloc(arg->data, 365 int tlen = arg->count + 20;
366 sizeof(char *)*arg->count); 366 tmp_p = (char **)OPENSSL_realloc(arg->data,
367 if (argc == 0) return(0); 367 sizeof(char *)*tlen);
368 if (tmp_p == NULL)
369 return 0;
370 arg->data = tmp_p;
371 arg->count = tlen;
372 /* initialize newly allocated data */
373 for (i = num; i < arg->count; i++)
374 arg->data[i] = NULL;
368 } 375 }
369 arg->data[num++]=p; 376 arg->data[num++]=p;
370 377
@@ -1591,8 +1598,9 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
1591 { 1598 {
1592 if (errno != ENOENT 1599 if (errno != ENOENT
1593#ifdef ENOTDIR 1600#ifdef ENOTDIR
1594 && errno != ENOTDIR) 1601 && errno != ENOTDIR
1595#endif 1602#endif
1603 )
1596 goto err; 1604 goto err;
1597 } 1605 }
1598 else 1606 else
@@ -1893,8 +1901,9 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
1893 { 1901 {
1894 if (errno != ENOENT 1902 if (errno != ENOENT
1895#ifdef ENOTDIR 1903#ifdef ENOTDIR
1896 && errno != ENOTDIR) 1904 && errno != ENOTDIR
1897#endif 1905#endif
1906 )
1898 goto err; 1907 goto err;
1899 } 1908 }
1900 else 1909 else
@@ -1929,8 +1938,9 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
1929 { 1938 {
1930 if (errno != ENOENT 1939 if (errno != ENOENT
1931#ifdef ENOTDIR 1940#ifdef ENOTDIR
1932 && errno != ENOTDIR) 1941 && errno != ENOTDIR
1933#endif 1942#endif
1943 )
1934 goto err; 1944 goto err;
1935 } 1945 }
1936 else 1946 else
diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c
index c89b358b23..a6b6c41f13 100644
--- a/src/lib/libssl/src/apps/asn1pars.c
+++ b/src/lib/libssl/src/apps/asn1pars.c
@@ -182,7 +182,7 @@ int MAIN(int argc, char **argv)
182bad: 182bad:
183 BIO_printf(bio_err,"%s [options] <infile\n",prog); 183 BIO_printf(bio_err,"%s [options] <infile\n",prog);
184 BIO_printf(bio_err,"where options are\n"); 184 BIO_printf(bio_err,"where options are\n");
185 BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); 185 BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
186 BIO_printf(bio_err," -in arg input file\n"); 186 BIO_printf(bio_err," -in arg input file\n");
187 BIO_printf(bio_err," -out arg output file (output format is always DER\n"); 187 BIO_printf(bio_err," -out arg output file (output format is always DER\n");
188 BIO_printf(bio_err," -noout arg don't produce any output\n"); 188 BIO_printf(bio_err," -noout arg don't produce any output\n");
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index e98885d7e3..928c6f7f24 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -943,7 +943,6 @@ bad:
943 if (verbose) BIO_printf(bio_err, 943 if (verbose) BIO_printf(bio_err,
944 "Done. %d entries marked as expired\n",i); 944 "Done. %d entries marked as expired\n",i);
945 } 945 }
946 goto err;
947 } 946 }
948 947
949 /*****************************************************************/ 948 /*****************************************************************/
diff --git a/src/lib/libssl/src/apps/engine.c b/src/lib/libssl/src/apps/engine.c
index 12283d0aed..e8a599f9e5 100644
--- a/src/lib/libssl/src/apps/engine.c
+++ b/src/lib/libssl/src/apps/engine.c
@@ -387,11 +387,15 @@ int MAIN(int argc, char **argv)
387 else if (strcmp(*argv,"-pre") == 0) 387 else if (strcmp(*argv,"-pre") == 0)
388 { 388 {
389 argc--; argv++; 389 argc--; argv++;
390 if (argc == 0)
391 goto skip_arg_loop;
390 sk_push(pre_cmds,*argv); 392 sk_push(pre_cmds,*argv);
391 } 393 }
392 else if (strcmp(*argv,"-post") == 0) 394 else if (strcmp(*argv,"-post") == 0)
393 { 395 {
394 argc--; argv++; 396 argc--; argv++;
397 if (argc == 0)
398 goto skip_arg_loop;
395 sk_push(post_cmds,*argv); 399 sk_push(post_cmds,*argv);
396 } 400 }
397 else if ((strncmp(*argv,"-h",2) == 0) || 401 else if ((strncmp(*argv,"-h",2) == 0) ||
diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c
index 63be873b7b..7dbd0923b6 100644
--- a/src/lib/libssl/src/apps/genrsa.c
+++ b/src/lib/libssl/src/apps/genrsa.c
@@ -88,6 +88,9 @@ int MAIN(int argc, char **argv)
88 RSA *rsa=NULL; 88 RSA *rsa=NULL;
89 int i,num=DEFBITS; 89 int i,num=DEFBITS;
90 long l; 90 long l;
91#ifdef OPENSSL_FIPS
92 int use_x931 = 0;
93#endif
91 const EVP_CIPHER *enc=NULL; 94 const EVP_CIPHER *enc=NULL;
92 unsigned long f4=RSA_F4; 95 unsigned long f4=RSA_F4;
93 char *outfile=NULL; 96 char *outfile=NULL;
@@ -126,6 +129,10 @@ int MAIN(int argc, char **argv)
126 f4=3; 129 f4=3;
127 else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) 130 else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
128 f4=RSA_F4; 131 f4=RSA_F4;
132#ifdef OPENSSL_FIPS
133 else if (strcmp(*argv,"-x931") == 0)
134 use_x931 = 1;
135#endif
129#ifndef OPENSSL_NO_ENGINE 136#ifndef OPENSSL_NO_ENGINE
130 else if (strcmp(*argv,"-engine") == 0) 137 else if (strcmp(*argv,"-engine") == 0)
131 { 138 {
@@ -233,11 +240,27 @@ bad:
233 240
234 BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", 241 BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
235 num); 242 num);
236 rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err); 243#ifdef OPENSSL_FIPS
244 if (use_x931)
245 {
246 BIGNUM *pubexp;
247 pubexp = BN_new();
248 BN_set_word(pubexp, f4);
249 rsa = RSA_X931_generate_key(num, pubexp, genrsa_cb, bio_err);
250 BN_free(pubexp);
251 }
252 else
253#endif
254 rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
237 255
238 app_RAND_write_file(NULL, bio_err); 256 app_RAND_write_file(NULL, bio_err);
239 257
240 if (rsa == NULL) goto err; 258 if (rsa == NULL)
259 {
260 BIO_printf(bio_err, "Key Generation error\n");
261
262 goto err;
263 }
241 264
242 /* We need to do the following for when the base number size is < 265 /* We need to do the following for when the base number size is <
243 * long, esp windows 3.1 :-(. */ 266 * long, esp windows 3.1 :-(. */
diff --git a/src/lib/libssl/src/apps/makeapps.com b/src/lib/libssl/src/apps/makeapps.com
index 2f1af9ec94..7b5ff90c62 100644
--- a/src/lib/libssl/src/apps/makeapps.com
+++ b/src/lib/libssl/src/apps/makeapps.com
@@ -650,7 +650,7 @@ $ CCDEFS = "MONOLITH"
650$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS 650$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
651$ CCEXTRAFLAGS = "" 651$ CCEXTRAFLAGS = ""
652$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS 652$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
653$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" 653$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
654$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - 654$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
655 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS 655 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
656$! 656$!
diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c
index 65a9ee8a66..cb6ee740e7 100644
--- a/src/lib/libssl/src/apps/openssl.c
+++ b/src/lib/libssl/src/apps/openssl.c
@@ -237,21 +237,12 @@ int main(int Argc, char *Argv[])
237 237
238#ifdef OPENSSL_FIPS 238#ifdef OPENSSL_FIPS
239 if(getenv("OPENSSL_FIPS")) { 239 if(getenv("OPENSSL_FIPS")) {
240#if defined(_WIN32) 240 if (!FIPS_mode_set(1)) {
241 char filename[MAX_PATH] = "";
242 GetModuleFileNameA( NULL, filename, MAX_PATH) ;
243 p = filename;
244#else
245 p = Argv[0];
246#endif
247 if (!FIPS_mode_set(1,p)) {
248 ERR_load_crypto_strings(); 241 ERR_load_crypto_strings();
249 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); 242 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
250 EXIT(1); 243 EXIT(1);
251 } 244 }
252 in_FIPS_mode = 1; 245 in_FIPS_mode = 1;
253 if (getenv("OPENSSL_FIPS_MD5"))
254 FIPS_allow_md5(1);
255 } 246 }
256#endif 247#endif
257 if (bio_err == NULL) 248 if (bio_err == NULL)
diff --git a/src/lib/libssl/src/apps/rsautl.c b/src/lib/libssl/src/apps/rsautl.c
index 5db6fe7cd7..bdfbe31c14 100644
--- a/src/lib/libssl/src/apps/rsautl.c
+++ b/src/lib/libssl/src/apps/rsautl.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -147,6 +147,7 @@ int MAIN(int argc, char **argv)
147 else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING; 147 else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
148 else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING; 148 else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
149 else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING; 149 else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
150 else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
150 else if(!strcmp(*argv, "-sign")) { 151 else if(!strcmp(*argv, "-sign")) {
151 rsa_mode = RSA_SIGN; 152 rsa_mode = RSA_SIGN;
152 need_priv = 1; 153 need_priv = 1;
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c
index 5ed510ced6..2fc327c375 100644
--- a/src/lib/libssl/src/apps/speed.c
+++ b/src/lib/libssl/src/apps/speed.c
@@ -1706,7 +1706,7 @@ show_res:
1706 k,rsa_bits[k],rsa_results[k][0], 1706 k,rsa_bits[k],rsa_results[k][0],
1707 rsa_results[k][1]); 1707 rsa_results[k][1]);
1708 else 1708 else
1709 fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n", 1709 fprintf(stdout,"rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
1710 rsa_bits[k],rsa_results[k][0],rsa_results[k][1], 1710 rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
1711 1.0/rsa_results[k][0],1.0/rsa_results[k][1]); 1711 1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
1712 } 1712 }
@@ -1725,7 +1725,7 @@ show_res:
1725 fprintf(stdout,"+F3:%u:%u:%f:%f\n", 1725 fprintf(stdout,"+F3:%u:%u:%f:%f\n",
1726 k,dsa_bits[k],dsa_results[k][0],dsa_results[k][1]); 1726 k,dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
1727 else 1727 else
1728 fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n", 1728 fprintf(stdout,"dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
1729 dsa_bits[k],dsa_results[k][0],dsa_results[k][1], 1729 dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
1730 1.0/dsa_results[k][0],1.0/dsa_results[k][1]); 1730 1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
1731 } 1731 }
diff --git a/src/lib/libssl/src/certs/argena.pem b/src/lib/libssl/src/certs/argena.pem
new file mode 100644
index 0000000000..db730e38dd
--- /dev/null
+++ b/src/lib/libssl/src/certs/argena.pem
@@ -0,0 +1,39 @@
1-----BEGIN CERTIFICATE-----
2MIIG0zCCBbugAwIBAgIBADANBgkqhkiG9w0BAQUFADCBzDELMAkGA1UEBhMCQVQx
3EDAOBgNVBAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTE6MDgGA1UEChMxQVJH
4RSBEQVRFTiAtIEF1c3RyaWFuIFNvY2lldHkgZm9yIERhdGEgUHJvdGVjdGlvbjEl
5MCMGA1UECxMcQS1DRVJUIENlcnRpZmljYXRpb24gU2VydmljZTEYMBYGA1UEAxMP
6QS1DRVJUIEFEVkFOQ0VEMR0wGwYJKoZIhvcNAQkBFg5pbmZvQGEtY2VydC5hdDAe
7Fw0wNDEwMjMxNDE0MTRaFw0xMTEwMjMxNDE0MTRaMIHMMQswCQYDVQQGEwJBVDEQ
8MA4GA1UECBMHQXVzdHJpYTEPMA0GA1UEBxMGVmllbm5hMTowOAYDVQQKEzFBUkdF
9IERBVEVOIC0gQXVzdHJpYW4gU29jaWV0eSBmb3IgRGF0YSBQcm90ZWN0aW9uMSUw
10IwYDVQQLExxBLUNFUlQgQ2VydGlmaWNhdGlvbiBTZXJ2aWNlMRgwFgYDVQQDEw9B
11LUNFUlQgQURWQU5DRUQxHTAbBgkqhkiG9w0BCQEWDmluZm9AYS1jZXJ0LmF0MIIB
12IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3euXIy+mnf6BYKbK+QH5k679
13tUFqeT8jlZxMew8eNiHuw9KoxWBzL6KksK+5uK7Gatw+sbAYntEGE80P+Jg1hADM
14e+Fr5V0bc6QS3gkVtfUCW/RIvfMM39oxvmqJmOgPnJU7H6+nmLtsq61tv9kVJi/2
154Y5wXW3odet72sF57EoG6s78w0BUVLNcMngS9bZZzmdG3/d6JbkGgoNF/8DcgCBJ
16W/t0JrcIzyppXIOVtUzzOrrU86zuUgT3Rtkl5kjG7DEHpFb9H0fTOY1v8+gRoaO6
172gA0PCiysgVZjwgVeYe3KAg11nznyleDv198uK3Dc1oXIGYjJx2FpKWUvAuAEwID
18AQABo4ICvDCCArgwHQYDVR0OBBYEFDd/Pj6ZcWDKJNSRE3nQdCm0qCTYMIH5BgNV
19HSMEgfEwge6AFDd/Pj6ZcWDKJNSRE3nQdCm0qCTYoYHSpIHPMIHMMQswCQYDVQQG
20EwJBVDEQMA4GA1UECBMHQXVzdHJpYTEPMA0GA1UEBxMGVmllbm5hMTowOAYDVQQK
21EzFBUkdFIERBVEVOIC0gQXVzdHJpYW4gU29jaWV0eSBmb3IgRGF0YSBQcm90ZWN0
22aW9uMSUwIwYDVQQLExxBLUNFUlQgQ2VydGlmaWNhdGlvbiBTZXJ2aWNlMRgwFgYD
23VQQDEw9BLUNFUlQgQURWQU5DRUQxHTAbBgkqhkiG9w0BCQEWDmluZm9AYS1jZXJ0
24LmF0ggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgHmMEcGA1UdJQRAMD4G
25CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
26CAYKKwYBBAGCNwoDBDARBglghkgBhvhCAQEEBAMCAP8wUQYDVR0gBEowSDBGBggq
27KAAYAQEBAzA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3LmEtY2VydC5hdC9jZXJ0
28aWZpY2F0ZS1wb2xpY3kuaHRtbDA7BglghkgBhvhCAQgELhYsaHR0cDovL3d3dy5h
29LWNlcnQuYXQvY2VydGlmaWNhdGUtcG9saWN5Lmh0bWwwGQYDVR0RBBIwEIEOaW5m
30b0BhLWNlcnQuYXQwLwYDVR0SBCgwJoEOaW5mb0BhLWNlcnQuYXSGFGh0dHA6Ly93
31d3cuYS1jZXJ0LmF0MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHBzOi8vc2VjdXJlLmEt
32Y2VydC5hdC9jZ2ktYmluL2EtY2VydC1hZHZhbmNlZC5jZ2kwDQYJKoZIhvcNAQEF
33BQADggEBACX1IvgfdG2rvfv35O48vSEvcVaEdlN8USFBHWz3JRAozgzvaBtwHkjK
34Zwt5l/BWOtjbvHfRjDt7ijlBEcxOOrNC1ffyMHwHrXpvff6YpQ5wnxmIYEQcURiG
35HMqruEX0WkuDNgSKwefsgXs27eeBauHgNGVcTYH1rmHu/ZyLpLxOyJQ2PCzA1DzW
363rWkIX92ogJ7lTRdWrbxwUL1XGinxnnaQ74+/y0pI9JNEv7ic2tpkweRMpkedaLW
37msC1+orfKTebsg69aMaCx7o6jNONRmR/7TVaPf8/k6g52cHZ9YWjQvup22b5rWxG
38J5r5LZ4vCPmF4+T4lutjUYAa/lGuQTg=
39-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/argeng.pem b/src/lib/libssl/src/certs/argeng.pem
new file mode 100644
index 0000000000..621e30e208
--- /dev/null
+++ b/src/lib/libssl/src/certs/argeng.pem
@@ -0,0 +1,23 @@
1-----BEGIN CERTIFICATE-----
2MIIDwzCCAyygAwIBAgIBADANBgkqhkiG9w0BAQQFADCBmDELMAkGA1UEBhMCQVQx
3EDAOBgNVBAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTFCMEAGA1UEChM5QXJn
4ZSBEYXRlbiBPZXN0ZXJyZWljaGlzY2hlIEdlc2VsbHNjaGFmdCBmdWVyIERhdGVu
5c2NodXR6MSIwIAYJKoZIhvcNAQkBFhNhLWNlcnRAYXJnZWRhdGVuLmF0MB4XDTAx
6MDIxMjExMzAzMFoXDTA5MDIxMjExMzAzMFowgZgxCzAJBgNVBAYTAkFUMRAwDgYD
7VQQIEwdBdXN0cmlhMQ8wDQYDVQQHEwZWaWVubmExQjBABgNVBAoTOUFyZ2UgRGF0
8ZW4gT2VzdGVycmVpY2hpc2NoZSBHZXNlbGxzY2hhZnQgZnVlciBEYXRlbnNjaHV0
9ejEiMCAGCSqGSIb3DQEJARYTYS1jZXJ0QGFyZ2VkYXRlbi5hdDCBnzANBgkqhkiG
109w0BAQEFAAOBjQAwgYkCgYEAwgsHqoNtmmrJ86+e1I4hOVBaL4kokqKN2IPOIL+1
11XwY8vfOOUfPEdhWpaC0ldt7VYrksgDiUccgH0FROANWK2GkfKMDzjjXHysR04uEb
12Om7Kqjqn0nproOGkFG+QvBZgs+Ws+HXNFJA6V76fU4+JXq4452LSK4Lr5YcBquu3
13NJECAwEAAaOCARkwggEVMB0GA1UdDgQWBBQ0j59zH/G31zRjgK1y2P//tSAWZjCB
14xQYDVR0jBIG9MIG6gBQ0j59zH/G31zRjgK1y2P//tSAWZqGBnqSBmzCBmDELMAkG
15A1UEBhMCQVQxEDAOBgNVBAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTFCMEAG
16A1UEChM5QXJnZSBEYXRlbiBPZXN0ZXJyZWljaGlzY2hlIEdlc2VsbHNjaGFmdCBm
17dWVyIERhdGVuc2NodXR6MSIwIAYJKoZIhvcNAQkBFhNhLWNlcnRAYXJnZWRhdGVu
18LmF0ggEAMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQE
19AwICBDANBgkqhkiG9w0BAQQFAAOBgQBFuJYncqMYB6gXQS3eDOI90BEHfFTKy/dV
20AV+K7QdAYikWmqgBheRdPKddJdccPy/Zl/p3ZT7GhDyC5f3wZjcuu8AJ27BNwbCA
21x54dgxgCNcyPm79nY8MRtEdEpoRGdSsFKJemz6hpXM++MWFciyrRWIIA44XB0Gv3
22US0spjsDPQ==
23-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config
index 0715d378d9..c2f504f59e 100644
--- a/src/lib/libssl/src/config
+++ b/src/lib/libssl/src/config
@@ -54,6 +54,22 @@ SYSTEM=`(uname -s) 2>/dev/null` || SYSTEM="unknown"
54VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown" 54VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
55 55
56 56
57
58
59
60# Check for VC++ presence first.
61#
62#if [ "x$MSVCDIR" != "x" -o "x$VCINSTALLDIR" != "x" ]; then
63# perl Configure VC-WIN32 $*
64# cmd /c ms\\do_masm.bat
65# perl util/mk1mf.pl VC-WIN32-GMAKE >mak.tmp
66# rm Makefile
67# mv mak.tmp Makefile
68# echo "Configured for VC++ using GNU make"
69# exit 0
70#fi
71#
72
57# Now test for ISC and SCO, since it is has a braindamaged uname. 73# Now test for ISC and SCO, since it is has a braindamaged uname.
58# 74#
59# We need to work around FreeBSD 1.1.5.1 75# We need to work around FreeBSD 1.1.5.1
@@ -339,6 +355,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
339 355
340 MINGW*) 356 MINGW*)
341 echo "${MACHINE}-whatever-mingw"; echo 0; 357 echo "${MACHINE}-whatever-mingw"; echo 0;
358 # Save fipslib path so VC++ build can find it
359 (cd /usr/local/ssl/lib ; pwd -W ) > util/fipslib_path.txt
360 # Extract _chkstk.o so VC++ can use it, to avoid __alloca link error
361 (cd ms ; ar x `gcc -print-libgcc-file-name` _chkstk.o)
342 ;; 362 ;;
343 CYGWIN*) 363 CYGWIN*)
344 case "$RELEASE" in 364 case "$RELEASE" in
@@ -407,7 +427,7 @@ if [ "$GCCVER" != "" ]; then
407 CC=gcc 427 CC=gcc
408 # then strip off whatever prefix egcs prepends the number with... 428 # then strip off whatever prefix egcs prepends the number with...
409 # Hopefully, this will work for any future prefixes as well. 429 # Hopefully, this will work for any future prefixes as well.
410 GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z]*\-//'` 430 GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
411 # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion 431 # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
412 # does give us what we want though, so we use that. We just just the 432 # does give us what we want though, so we use that. We just just the
413 # major and minor version numbers. 433 # major and minor version numbers.
diff --git a/src/lib/libssl/src/crypto/Makefile b/src/lib/libssl/src/crypto/Makefile
index cffaeedc5d..cda9de0ac9 100644
--- a/src/lib/libssl/src/crypto/Makefile
+++ b/src/lib/libssl/src/crypto/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/Makefile 2# OpenSSL/crypto/Makefile
3# 3#
4 4
5DIR= crypto 5DIR= crypto
diff --git a/src/lib/libssl/src/crypto/aes/aes_cbc.c b/src/lib/libssl/src/crypto/aes/aes_cbc.c
index d2ba6bcdb4..373864cd4b 100644
--- a/src/lib/libssl/src/crypto/aes/aes_cbc.c
+++ b/src/lib/libssl/src/crypto/aes/aes_cbc.c
@@ -59,6 +59,7 @@
59#include <openssl/aes.h> 59#include <openssl/aes.h>
60#include "aes_locl.h" 60#include "aes_locl.h"
61 61
62#if !defined(OPENSSL_FIPS_AES_ASM)
62void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, 63void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
63 const unsigned long length, const AES_KEY *key, 64 const unsigned long length, const AES_KEY *key,
64 unsigned char *ivec, const int enc) { 65 unsigned char *ivec, const int enc) {
@@ -129,3 +130,4 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
129 } 130 }
130 } 131 }
131} 132}
133#endif
diff --git a/src/lib/libssl/src/crypto/asn1/Makefile b/src/lib/libssl/src/crypto/asn1/Makefile
index b11298d621..d1c2d8f490 100644
--- a/src/lib/libssl/src/crypto/asn1/Makefile
+++ b/src/lib/libssl/src/crypto/asn1/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/asn1/Makefile 2# OpenSSL/crypto/asn1/Makefile
3# 3#
4 4
5DIR= asn1 5DIR= asn1
diff --git a/src/lib/libssl/src/crypto/asn1/asn1.h b/src/lib/libssl/src/crypto/asn1/asn1.h
index ceaeb4cbe3..0184b475a7 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1.h
+++ b/src/lib/libssl/src/crypto/asn1/asn1.h
@@ -962,6 +962,7 @@ void ERR_load_ASN1_strings(void);
962#define ASN1_F_ASN1_DUP 111 962#define ASN1_F_ASN1_DUP 111
963#define ASN1_F_ASN1_ENUMERATED_SET 112 963#define ASN1_F_ASN1_ENUMERATED_SET 112
964#define ASN1_F_ASN1_ENUMERATED_TO_BN 113 964#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
965#define ASN1_F_ASN1_FIND_END 182
965#define ASN1_F_ASN1_GENERALIZEDTIME_SET 178 966#define ASN1_F_ASN1_GENERALIZEDTIME_SET 178
966#define ASN1_F_ASN1_GET_OBJECT 114 967#define ASN1_F_ASN1_GET_OBJECT 114
967#define ASN1_F_ASN1_HEADER_NEW 115 968#define ASN1_F_ASN1_HEADER_NEW 115
@@ -1075,6 +1076,7 @@ void ERR_load_ASN1_strings(void);
1075#define ASN1_R_MISSING_SECOND_NUMBER 138 1076#define ASN1_R_MISSING_SECOND_NUMBER 138
1076#define ASN1_R_MSTRING_NOT_UNIVERSAL 139 1077#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
1077#define ASN1_R_MSTRING_WRONG_TAG 140 1078#define ASN1_R_MSTRING_WRONG_TAG 140
1079#define ASN1_R_NESTED_ASN1_STRING 174
1078#define ASN1_R_NON_HEX_CHARACTERS 141 1080#define ASN1_R_NON_HEX_CHARACTERS 141
1079#define ASN1_R_NOT_ENOUGH_DATA 142 1081#define ASN1_R_NOT_ENOUGH_DATA 142
1080#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 1082#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_err.c b/src/lib/libssl/src/crypto/asn1/asn1_err.c
index 3b57c8fbae..315d0a0807 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_err.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
1/* crypto/asn1/asn1_err.c */ 1/* crypto/asn1/asn1_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,169 +64,175 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
70
67static ERR_STRING_DATA ASN1_str_functs[]= 71static ERR_STRING_DATA ASN1_str_functs[]=
68 { 72 {
69{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"}, 73{ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
70{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"}, 74{ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
71{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, 75{ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
72{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, 76{ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
73{ERR_PACK(0,ASN1_F_ASN1_BIT_STRING_SET_BIT,0), "ASN1_BIT_STRING_set_bit"}, 77{ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
74{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"}, 78{ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"},
75{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"}, 79{ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
76{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"}, 80{ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
77{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, 81{ERR_FUNC(ASN1_F_ASN1_D2I_BIO), "ASN1_d2i_bio"},
78{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"}, 82{ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"},
79{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, 83{ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
80{ERR_PACK(0,ASN1_F_ASN1_DIGEST,0), "ASN1_digest"}, 84{ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
81{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"}, 85{ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"},
82{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, 86{ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
83{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"}, 87{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
84{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"}, 88{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
85{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_SET,0), "ASN1_GENERALIZEDTIME_set"}, 89{ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
86{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, 90{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
87{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, 91{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
88{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, 92{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"},
89{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"}, 93{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
90{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"}, 94{ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
91{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"}, 95{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
92{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0), "ASN1_ITEM_EX_D2I"}, 96{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
93{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0), "ASN1_item_new"}, 97{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
94{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"}, 98{ERR_FUNC(ASN1_F_ASN1_ITEM_NEW), "ASN1_item_new"},
95{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"}, 99{ERR_FUNC(ASN1_F_ASN1_MBSTRING_COPY), "ASN1_mbstring_copy"},
96{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"}, 100{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
97{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0), "ASN1_PBE_SET"}, 101{ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
98{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"}, 102{ERR_FUNC(ASN1_F_ASN1_PBE_SET), "ASN1_PBE_SET"},
99{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"}, 103{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
100{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"}, 104{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
101{ERR_PACK(0,ASN1_F_ASN1_STRING_SET,0), "ASN1_STRING_set"}, 105{ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
102{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"}, 106{ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
103{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, 107{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
104{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, 108{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
105{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"}, 109{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_D2I), "ASN1_TEMPLATE_D2I"},
106{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"}, 110{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
107{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0), "ASN1_TIME_set"}, 111{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
108{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, 112{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
109{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, 113{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"},
110{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, 114{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
111{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_SET,0), "ASN1_UTCTIME_set"}, 115{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
112{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"}, 116{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
113{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"}, 117{ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
114{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, 118{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
115{ERR_PACK(0,ASN1_F_COLLECT_DATA,0), "COLLECT_DATA"}, 119{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
116{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "D2I_ASN1_BIT_STRING"}, 120{ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
117{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, 121{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
118{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, 122{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
119{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"}, 123{ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
120{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, 124{ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
121{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"}, 125{ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "d2i_ASN1_HEADER"},
122{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, 126{ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
123{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, 127{ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
124{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, 128{ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
125{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"}, 129{ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
126{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"}, 130{ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
127{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"}, 131{ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
128{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"}, 132{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
129{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"}, 133{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
130{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"}, 134{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
131{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"}, 135{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
132{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, 136{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
133{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, 137{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
134{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, 138{ERR_FUNC(ASN1_F_D2I_X509_NAME), "D2I_X509_NAME"},
135{ERR_PACK(0,ASN1_F_I2D_ASN1_SET,0), "i2d_ASN1_SET"}, 139{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
136{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, 140{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
137{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"}, 141{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
138{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"}, 142{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
139{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"}, 143{ERR_FUNC(ASN1_F_I2D_NETSCAPE_RSA), "i2d_Netscape_RSA"},
140{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"}, 144{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
141{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"}, 145{ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
142{ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"}, 146{ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
143{ERR_PACK(0,ASN1_F_OID_MODULE_INIT,0), "OID_MODULE_INIT"}, 147{ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
144{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"}, 148{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
145{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"}, 149{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"},
146{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0), "X509_CRL_add0_revoked"}, 150{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
147{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"}, 151{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
148{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"}, 152{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
149{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"}, 153{ERR_FUNC(ASN1_F_X509_NAME_NEW), "X509_NAME_NEW"},
150{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"}, 154{ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
155{ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
151{0,NULL} 156{0,NULL}
152 }; 157 };
153 158
154static ERR_STRING_DATA ASN1_str_reasons[]= 159static ERR_STRING_DATA ASN1_str_reasons[]=
155 { 160 {
156{ASN1_R_ADDING_OBJECT ,"adding object"}, 161{ERR_REASON(ASN1_R_ADDING_OBJECT) ,"adding object"},
157{ASN1_R_AUX_ERROR ,"aux error"}, 162{ERR_REASON(ASN1_R_AUX_ERROR) ,"aux error"},
158{ASN1_R_BAD_CLASS ,"bad class"}, 163{ERR_REASON(ASN1_R_BAD_CLASS) ,"bad class"},
159{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, 164{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"},
160{ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, 165{ERR_REASON(ASN1_R_BAD_PASSWORD_READ) ,"bad password read"},
161{ASN1_R_BAD_TAG ,"bad tag"}, 166{ERR_REASON(ASN1_R_BAD_TAG) ,"bad tag"},
162{ASN1_R_BN_LIB ,"bn lib"}, 167{ERR_REASON(ASN1_R_BN_LIB) ,"bn lib"},
163{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"}, 168{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
164{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, 169{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) ,"buffer too small"},
165{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"}, 170{ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
166{ASN1_R_DATA_IS_WRONG ,"data is wrong"}, 171{ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"},
167{ASN1_R_DECODE_ERROR ,"decode error"}, 172{ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"},
168{ASN1_R_DECODING_ERROR ,"decoding error"}, 173{ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"},
169{ASN1_R_ENCODE_ERROR ,"encode error"}, 174{ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"},
170{ASN1_R_ERROR_GETTING_TIME ,"error getting time"}, 175{ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"},
171{ASN1_R_ERROR_LOADING_SECTION ,"error loading section"}, 176{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"},
172{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, 177{ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),"error parsing set element"},
173{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, 178{ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),"error setting cipher params"},
174{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, 179{ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER) ,"expecting an integer"},
175{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, 180{ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT) ,"expecting an object"},
176{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, 181{ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN) ,"expecting a boolean"},
177{ASN1_R_EXPECTING_A_TIME ,"expecting a time"}, 182{ERR_REASON(ASN1_R_EXPECTING_A_TIME) ,"expecting a time"},
178{ASN1_R_EXPLICIT_LENGTH_MISMATCH ,"explicit length mismatch"}, 183{ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH),"explicit length mismatch"},
179{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ,"explicit tag not constructed"}, 184{ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),"explicit tag not constructed"},
180{ASN1_R_FIELD_MISSING ,"field missing"}, 185{ERR_REASON(ASN1_R_FIELD_MISSING) ,"field missing"},
181{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"}, 186{ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) ,"first num too large"},
182{ASN1_R_HEADER_TOO_LONG ,"header too long"}, 187{ERR_REASON(ASN1_R_HEADER_TOO_LONG) ,"header too long"},
183{ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"}, 188{ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) ,"illegal characters"},
184{ASN1_R_ILLEGAL_NULL ,"illegal null"}, 189{ERR_REASON(ASN1_R_ILLEGAL_NULL) ,"illegal null"},
185{ASN1_R_ILLEGAL_OPTIONAL_ANY ,"illegal optional any"}, 190{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"},
186{ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ,"illegal options on item template"}, 191{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"},
187{ASN1_R_ILLEGAL_TAGGED_ANY ,"illegal tagged any"}, 192{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) ,"illegal tagged any"},
188{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG ,"integer too large for long"}, 193{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
189{ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"}, 194{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
190{ASN1_R_INVALID_DIGIT ,"invalid digit"}, 195{ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
191{ASN1_R_INVALID_SEPARATOR ,"invalid separator"}, 196{ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"},
192{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"}, 197{ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"},
193{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ,"invalid universalstring length"}, 198{ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"},
194{ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"}, 199{ERR_REASON(ASN1_R_INVALID_UTF8STRING) ,"invalid utf8string"},
195{ASN1_R_IV_TOO_LARGE ,"iv too large"}, 200{ERR_REASON(ASN1_R_IV_TOO_LARGE) ,"iv too large"},
196{ASN1_R_LENGTH_ERROR ,"length error"}, 201{ERR_REASON(ASN1_R_LENGTH_ERROR) ,"length error"},
197{ASN1_R_MISSING_EOC ,"missing eoc"}, 202{ERR_REASON(ASN1_R_MISSING_EOC) ,"missing eoc"},
198{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"}, 203{ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"},
199{ASN1_R_MSTRING_NOT_UNIVERSAL ,"mstring not universal"}, 204{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"},
200{ASN1_R_MSTRING_WRONG_TAG ,"mstring wrong tag"}, 205{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) ,"mstring wrong tag"},
201{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"}, 206{ERR_REASON(ASN1_R_NESTED_ASN1_STRING) ,"nested asn1 string"},
202{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"}, 207{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) ,"non hex characters"},
203{ASN1_R_NO_MATCHING_CHOICE_TYPE ,"no matching choice type"}, 208{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"},
204{ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"}, 209{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"},
205{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"}, 210{ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"},
206{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"}, 211{ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) ,"odd number of chars"},
207{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"}, 212{ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"},
208{ASN1_R_SEQUENCE_LENGTH_MISMATCH ,"sequence length mismatch"}, 213{ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"},
209{ASN1_R_SEQUENCE_NOT_CONSTRUCTED ,"sequence not constructed"}, 214{ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"},
210{ASN1_R_SHORT_LINE ,"short line"}, 215{ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"},
211{ASN1_R_STRING_TOO_LONG ,"string too long"}, 216{ERR_REASON(ASN1_R_SHORT_LINE) ,"short line"},
212{ASN1_R_STRING_TOO_SHORT ,"string too short"}, 217{ERR_REASON(ASN1_R_STRING_TOO_LONG) ,"string too long"},
213{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"}, 218{ERR_REASON(ASN1_R_STRING_TOO_SHORT) ,"string too short"},
214{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, 219{ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) ,"tag value too high"},
215{ASN1_R_TOO_LONG ,"too long"}, 220{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
216{ASN1_R_TYPE_NOT_CONSTRUCTED ,"type not constructed"}, 221{ERR_REASON(ASN1_R_TOO_LONG) ,"too long"},
217{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"}, 222{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"},
218{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"}, 223{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
219{ASN1_R_UNEXPECTED_EOC ,"unexpected eoc"}, 224{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
220{ASN1_R_UNKNOWN_FORMAT ,"unknown format"}, 225{ERR_REASON(ASN1_R_UNEXPECTED_EOC) ,"unexpected eoc"},
221{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"}, 226{ERR_REASON(ASN1_R_UNKNOWN_FORMAT) ,"unknown format"},
222{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"}, 227{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
223{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"}, 228{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"},
224{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE ,"unsupported any defined by type"}, 229{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"},
225{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, 230{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"},
226{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"}, 231{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
227{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"}, 232{ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"},
228{ASN1_R_WRONG_TAG ,"wrong tag"}, 233{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"},
229{ASN1_R_WRONG_TYPE ,"wrong type"}, 234{ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"},
235{ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"},
230{0,NULL} 236{0,NULL}
231 }; 237 };
232 238
@@ -240,8 +246,8 @@ void ERR_load_ASN1_strings(void)
240 { 246 {
241 init=0; 247 init=0;
242#ifndef OPENSSL_NO_ERR 248#ifndef OPENSSL_NO_ERR
243 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs); 249 ERR_load_strings(0,ASN1_str_functs);
244 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons); 250 ERR_load_strings(0,ASN1_str_reasons);
245#endif 251#endif
246 252
247 } 253 }
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
index 2426cb6253..c22501fc63 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
@@ -66,6 +66,7 @@
66#include <openssl/err.h> 66#include <openssl/err.h>
67 67
68static int asn1_check_eoc(unsigned char **in, long len); 68static int asn1_check_eoc(unsigned char **in, long len);
69static int asn1_find_end(unsigned char **in, long len, char inf);
69static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass); 70static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass);
70static int collect_data(BUF_MEM *buf, unsigned char **p, long plen); 71static int collect_data(BUF_MEM *buf, unsigned char **p, long plen);
71static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, 72static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
@@ -644,7 +645,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl
644 cont = *in; 645 cont = *in;
645 /* If indefinite length constructed find the real end */ 646 /* If indefinite length constructed find the real end */
646 if(inf) { 647 if(inf) {
647 if(!asn1_collect(NULL, &p, plen, inf, -1, -1)) goto err; 648 if(!asn1_find_end(&p, plen, inf)) goto err;
648 len = p - cont; 649 len = p - cont;
649 } else { 650 } else {
650 len = p - cont + plen; 651 len = p - cont + plen;
@@ -807,12 +808,66 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
807 return ret; 808 return ret;
808} 809}
809 810
811/* This function finds the end of an ASN1 structure when passed its maximum
812 * length, whether it is indefinite length and a pointer to the content.
813 * This is more efficient than calling asn1_collect because it does not
814 * recurse on each indefinite length header.
815 */
816
817static int asn1_find_end(unsigned char **in, long len, char inf)
818 {
819 int expected_eoc;
820 long plen;
821 unsigned char *p = *in, *q;
822 /* If not indefinite length constructed just add length */
823 if (inf == 0)
824 {
825 *in += len;
826 return 1;
827 }
828 expected_eoc = 1;
829 /* Indefinite length constructed form. Find the end when enough EOCs
830 * are found. If more indefinite length constructed headers
831 * are encountered increment the expected eoc count otherwise justi
832 * skip to the end of the data.
833 */
834 while (len > 0)
835 {
836 if(asn1_check_eoc(&p, len))
837 {
838 expected_eoc--;
839 if (expected_eoc == 0)
840 break;
841 len -= 2;
842 continue;
843 }
844 q = p;
845 /* Just read in a header: only care about the length */
846 if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
847 -1, 0, 0, NULL))
848 {
849 ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
850 return 0;
851 }
852 if (inf)
853 expected_eoc++;
854 else
855 p += plen;
856 len -= p - q;
857 }
858 if (expected_eoc)
859 {
860 ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
861 return 0;
862 }
863 *in = p;
864 return 1;
865 }
866
810/* This function collects the asn1 data from a constructred string 867/* This function collects the asn1 data from a constructred string
811 * type into a buffer. The values of 'in' and 'len' should refer 868 * type into a buffer. The values of 'in' and 'len' should refer
812 * to the contents of the constructed type and 'inf' should be set 869 * to the contents of the constructed type and 'inf' should be set
813 * if it is indefinite length. If 'buf' is NULL then we just want 870 * if it is indefinite length.
814 * to find the end of the current structure: useful for indefinite
815 * length constructed stuff.
816 */ 871 */
817 872
818static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass) 873static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass)
@@ -822,11 +877,6 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in
822 char cst, ininf; 877 char cst, ininf;
823 p = *in; 878 p = *in;
824 inf &= 1; 879 inf &= 1;
825 /* If no buffer and not indefinite length constructed just pass over the encoded data */
826 if(!buf && !inf) {
827 *in += len;
828 return 1;
829 }
830 while(len > 0) { 880 while(len > 0) {
831 q = p; 881 q = p;
832 /* Check for EOC */ 882 /* Check for EOC */
@@ -845,9 +895,15 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in
845 } 895 }
846 /* If indefinite length constructed update max length */ 896 /* If indefinite length constructed update max length */
847 if(cst) { 897 if(cst) {
848 if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0; 898#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS
899 if (!asn1_collect(buf, &p, plen, ininf, tag, aclass))
900 return 0;
901#else
902 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
903 return 0;
904#endif
849 } else { 905 } else {
850 if(!collect_data(buf, &p, plen)) return 0; 906 if(plen && !collect_data(buf, &p, plen)) return 0;
851 } 907 }
852 len -= p - q; 908 len -= p - q;
853 } 909 }
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
index f6c8ddef0a..c675c3c832 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
@@ -445,9 +445,12 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
445 case V_ASN1_BOOLEAN: 445 case V_ASN1_BOOLEAN:
446 tbool = (ASN1_BOOLEAN *)pval; 446 tbool = (ASN1_BOOLEAN *)pval;
447 if(*tbool == -1) return -1; 447 if(*tbool == -1) return -1;
448 /* Default handling if value == size field then omit */ 448 if (it->utype != V_ASN1_ANY)
449 if(*tbool && (it->size > 0)) return -1; 449 {
450 if(!*tbool && !it->size) return -1; 450 /* Default handling if value == size field then omit */
451 if(*tbool && (it->size > 0)) return -1;
452 if(!*tbool && !it->size) return -1;
453 }
451 c = (unsigned char)*tbool; 454 c = (unsigned char)*tbool;
452 cont = &c; 455 cont = &c;
453 len = 1; 456 len = 1;
diff --git a/src/lib/libssl/src/crypto/bf/Makefile b/src/lib/libssl/src/crypto/bf/Makefile
index 0e2121efdc..42e2c050f8 100644
--- a/src/lib/libssl/src/crypto/bf/Makefile
+++ b/src/lib/libssl/src/crypto/bf/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/blowfish/Makefile 2# OpenSSL/crypto/blowfish/Makefile
3# 3#
4 4
5DIR= bf 5DIR= bf
@@ -110,7 +110,7 @@ bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
110bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h 110bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
111bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c 111bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
112bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h 112bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
113bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h 113bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
114bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 114bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
115bf_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 115bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
116bf_skey.o: bf_locl.h bf_pi.h bf_skey.c 116bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/src/lib/libssl/src/crypto/bf/bf_skey.c b/src/lib/libssl/src/crypto/bf/bf_skey.c
index fc5bebefce..1931aba83f 100644
--- a/src/lib/libssl/src/crypto/bf/bf_skey.c
+++ b/src/lib/libssl/src/crypto/bf/bf_skey.c
@@ -60,6 +60,7 @@
60#include <string.h> 60#include <string.h>
61#include <openssl/crypto.h> 61#include <openssl/crypto.h>
62#include <openssl/blowfish.h> 62#include <openssl/blowfish.h>
63#include <openssl/fips.h>
63#include "bf_locl.h" 64#include "bf_locl.h"
64#include "bf_pi.h" 65#include "bf_pi.h"
65 66
diff --git a/src/lib/libssl/src/crypto/bio/Makefile b/src/lib/libssl/src/crypto/bio/Makefile
index 19d9350760..a565154499 100644
--- a/src/lib/libssl/src/crypto/bio/Makefile
+++ b/src/lib/libssl/src/crypto/bio/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/bio/Makefile 2# OpenSSL/crypto/bio/Makefile
3# 3#
4 4
5DIR= bio 5DIR= bio
diff --git a/src/lib/libssl/src/crypto/bio/b_print.c b/src/lib/libssl/src/crypto/bio/b_print.c
index c2bb357b4c..165f046295 100644
--- a/src/lib/libssl/src/crypto/bio/b_print.c
+++ b/src/lib/libssl/src/crypto/bio/b_print.c
@@ -576,7 +576,7 @@ abs_val(LDOUBLE value)
576} 576}
577 577
578static LDOUBLE 578static LDOUBLE
579pow10(int in_exp) 579pow_10(int in_exp)
580{ 580{
581 LDOUBLE result = 1; 581 LDOUBLE result = 1;
582 while (in_exp) { 582 while (in_exp) {
@@ -639,11 +639,11 @@ fmtfp(
639 639
640 /* we "cheat" by converting the fractional part to integer by 640 /* we "cheat" by converting the fractional part to integer by
641 multiplying by a factor of 10 */ 641 multiplying by a factor of 10 */
642 fracpart = roundv((pow10(max)) * (ufvalue - intpart)); 642 fracpart = roundv((pow_10(max)) * (ufvalue - intpart));
643 643
644 if (fracpart >= (long)pow10(max)) { 644 if (fracpart >= (long)pow_10(max)) {
645 intpart++; 645 intpart++;
646 fracpart -= (long)pow10(max); 646 fracpart -= (long)pow_10(max);
647 } 647 }
648 648
649 /* convert integer part */ 649 /* convert integer part */
diff --git a/src/lib/libssl/src/crypto/bio/bio_err.c b/src/lib/libssl/src/crypto/bio/bio_err.c
index 68a119d895..8859a58ae4 100644
--- a/src/lib/libssl/src/crypto/bio/bio_err.c
+++ b/src/lib/libssl/src/crypto/bio/bio_err.c
@@ -1,6 +1,6 @@
1/* crypto/bio/bio_err.c */ 1/* crypto/bio/bio_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,73 +64,77 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
70
67static ERR_STRING_DATA BIO_str_functs[]= 71static ERR_STRING_DATA BIO_str_functs[]=
68 { 72 {
69{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"}, 73{ERR_FUNC(BIO_F_ACPT_STATE), "ACPT_STATE"},
70{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"}, 74{ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
71{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"}, 75{ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"},
72{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"}, 76{ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
73{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"}, 77{ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"},
74{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"}, 78{ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
75{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"}, 79{ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
76{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"}, 80{ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
77{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"}, 81{ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
78{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0), "BIO_MAKE_PAIR"}, 82{ERR_FUNC(BIO_F_BIO_MAKE_PAIR), "BIO_MAKE_PAIR"},
79{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"}, 83{ERR_FUNC(BIO_F_BIO_NEW), "BIO_new"},
80{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"}, 84{ERR_FUNC(BIO_F_BIO_NEW_FILE), "BIO_new_file"},
81{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0), "BIO_new_mem_buf"}, 85{ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF), "BIO_new_mem_buf"},
82{ERR_PACK(0,BIO_F_BIO_NREAD,0), "BIO_nread"}, 86{ERR_FUNC(BIO_F_BIO_NREAD), "BIO_nread"},
83{ERR_PACK(0,BIO_F_BIO_NREAD0,0), "BIO_nread0"}, 87{ERR_FUNC(BIO_F_BIO_NREAD0), "BIO_nread0"},
84{ERR_PACK(0,BIO_F_BIO_NWRITE,0), "BIO_nwrite"}, 88{ERR_FUNC(BIO_F_BIO_NWRITE), "BIO_nwrite"},
85{ERR_PACK(0,BIO_F_BIO_NWRITE0,0), "BIO_nwrite0"}, 89{ERR_FUNC(BIO_F_BIO_NWRITE0), "BIO_nwrite0"},
86{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"}, 90{ERR_FUNC(BIO_F_BIO_PUTS), "BIO_puts"},
87{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"}, 91{ERR_FUNC(BIO_F_BIO_READ), "BIO_read"},
88{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"}, 92{ERR_FUNC(BIO_F_BIO_SOCK_INIT), "BIO_sock_init"},
89{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"}, 93{ERR_FUNC(BIO_F_BIO_WRITE), "BIO_write"},
90{ERR_PACK(0,BIO_F_BUFFER_CTRL,0), "BUFFER_CTRL"}, 94{ERR_FUNC(BIO_F_BUFFER_CTRL), "BUFFER_CTRL"},
91{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"}, 95{ERR_FUNC(BIO_F_CONN_CTRL), "CONN_CTRL"},
92{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"}, 96{ERR_FUNC(BIO_F_CONN_STATE), "CONN_STATE"},
93{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"}, 97{ERR_FUNC(BIO_F_FILE_CTRL), "FILE_CTRL"},
94{ERR_PACK(0,BIO_F_FILE_READ,0), "FILE_READ"}, 98{ERR_FUNC(BIO_F_FILE_READ), "FILE_READ"},
95{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"}, 99{ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "LINEBUFFER_CTRL"},
96{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"}, 100{ERR_FUNC(BIO_F_MEM_READ), "MEM_READ"},
97{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"}, 101{ERR_FUNC(BIO_F_MEM_WRITE), "MEM_WRITE"},
98{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_new"}, 102{ERR_FUNC(BIO_F_SSL_NEW), "SSL_new"},
99{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"}, 103{ERR_FUNC(BIO_F_WSASTARTUP), "WSASTARTUP"},
100{0,NULL} 104{0,NULL}
101 }; 105 };
102 106
103static ERR_STRING_DATA BIO_str_reasons[]= 107static ERR_STRING_DATA BIO_str_reasons[]=
104 { 108 {
105{BIO_R_ACCEPT_ERROR ,"accept error"}, 109{ERR_REASON(BIO_R_ACCEPT_ERROR) ,"accept error"},
106{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"}, 110{ERR_REASON(BIO_R_BAD_FOPEN_MODE) ,"bad fopen mode"},
107{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"}, 111{ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP) ,"bad hostname lookup"},
108{BIO_R_BROKEN_PIPE ,"broken pipe"}, 112{ERR_REASON(BIO_R_BROKEN_PIPE) ,"broken pipe"},
109{BIO_R_CONNECT_ERROR ,"connect error"}, 113{ERR_REASON(BIO_R_CONNECT_ERROR) ,"connect error"},
110{BIO_R_EOF_ON_MEMORY_BIO ,"EOF on memory BIO"}, 114{ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO) ,"EOF on memory BIO"},
111{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"}, 115{ERR_REASON(BIO_R_ERROR_SETTING_NBIO) ,"error setting nbio"},
112{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"}, 116{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),"error setting nbio on accepted socket"},
113{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"}, 117{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),"error setting nbio on accept socket"},
114{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"}, 118{ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),"gethostbyname addr is not af inet"},
115{BIO_R_INVALID_ARGUMENT ,"invalid argument"}, 119{ERR_REASON(BIO_R_INVALID_ARGUMENT) ,"invalid argument"},
116{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"}, 120{ERR_REASON(BIO_R_INVALID_IP_ADDRESS) ,"invalid ip address"},
117{BIO_R_IN_USE ,"in use"}, 121{ERR_REASON(BIO_R_IN_USE) ,"in use"},
118{BIO_R_KEEPALIVE ,"keepalive"}, 122{ERR_REASON(BIO_R_KEEPALIVE) ,"keepalive"},
119{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"}, 123{ERR_REASON(BIO_R_NBIO_CONNECT_ERROR) ,"nbio connect error"},
120{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"}, 124{ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED),"no accept port specified"},
121{BIO_R_NO_HOSTNAME_SPECIFIED ,"no hostname specified"}, 125{ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED) ,"no hostname specified"},
122{BIO_R_NO_PORT_DEFINED ,"no port defined"}, 126{ERR_REASON(BIO_R_NO_PORT_DEFINED) ,"no port defined"},
123{BIO_R_NO_PORT_SPECIFIED ,"no port specified"}, 127{ERR_REASON(BIO_R_NO_PORT_SPECIFIED) ,"no port specified"},
124{BIO_R_NO_SUCH_FILE ,"no such file"}, 128{ERR_REASON(BIO_R_NO_SUCH_FILE) ,"no such file"},
125{BIO_R_NULL_PARAMETER ,"null parameter"}, 129{ERR_REASON(BIO_R_NULL_PARAMETER) ,"null parameter"},
126{BIO_R_TAG_MISMATCH ,"tag mismatch"}, 130{ERR_REASON(BIO_R_TAG_MISMATCH) ,"tag mismatch"},
127{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"}, 131{ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET) ,"unable to bind socket"},
128{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"}, 132{ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET),"unable to create socket"},
129{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"}, 133{ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET),"unable to listen socket"},
130{BIO_R_UNINITIALIZED ,"uninitialized"}, 134{ERR_REASON(BIO_R_UNINITIALIZED) ,"uninitialized"},
131{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"}, 135{ERR_REASON(BIO_R_UNSUPPORTED_METHOD) ,"unsupported method"},
132{BIO_R_WRITE_TO_READ_ONLY_BIO ,"write to read only BIO"}, 136{ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO),"write to read only BIO"},
133{BIO_R_WSASTARTUP ,"WSAStartup"}, 137{ERR_REASON(BIO_R_WSASTARTUP) ,"WSAStartup"},
134{0,NULL} 138{0,NULL}
135 }; 139 };
136 140
@@ -144,8 +148,8 @@ void ERR_load_BIO_strings(void)
144 { 148 {
145 init=0; 149 init=0;
146#ifndef OPENSSL_NO_ERR 150#ifndef OPENSSL_NO_ERR
147 ERR_load_strings(ERR_LIB_BIO,BIO_str_functs); 151 ERR_load_strings(0,BIO_str_functs);
148 ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons); 152 ERR_load_strings(0,BIO_str_reasons);
149#endif 153#endif
150 154
151 } 155 }
diff --git a/src/lib/libssl/src/crypto/bio/bss_conn.c b/src/lib/libssl/src/crypto/bio/bss_conn.c
index f5d0e759e2..216780ed5e 100644
--- a/src/lib/libssl/src/crypto/bio/bss_conn.c
+++ b/src/lib/libssl/src/crypto/bio/bss_conn.c
@@ -469,7 +469,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
469 break; 469 break;
470 case BIO_C_DO_STATE_MACHINE: 470 case BIO_C_DO_STATE_MACHINE:
471 /* use this one to start the connection */ 471 /* use this one to start the connection */
472 if (!data->state != BIO_CONN_S_OK) 472 if (data->state != BIO_CONN_S_OK)
473 ret=(long)conn_state(b,data); 473 ret=(long)conn_state(b,data);
474 else 474 else
475 ret=1; 475 ret=1;
diff --git a/src/lib/libssl/src/crypto/bn/Makefile b/src/lib/libssl/src/crypto/bn/Makefile
index f693d35d87..9969d242cc 100644
--- a/src/lib/libssl/src/crypto/bn/Makefile
+++ b/src/lib/libssl/src/crypto/bn/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/bn/Makefile 2# OpenSSL/crypto/bn/Makefile
3# 3#
4 4
5DIR= bn 5DIR= bn
@@ -31,12 +31,12 @@ LIB=$(TOP)/libcrypto.a
31LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ 31LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
32 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ 32 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
33 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ 33 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
34 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c 34 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_x931p.c
35 35
36LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ 36LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
37 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ 37 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
38 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ 38 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
39 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o 39 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_x931p.o
40 40
41SRC= $(LIBSRC) 41SRC= $(LIBSRC)
42 42
@@ -329,3 +329,5 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
329bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 329bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
330bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 330bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
331bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c 331bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c
332bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
333bn_x931p.o: ../../include/openssl/opensslconf.h bn_x931p.c
diff --git a/src/lib/libssl/src/crypto/bn/asm/ppc.pl b/src/lib/libssl/src/crypto/bn/asm/ppc.pl
index 307c7ccb35..08e0053473 100644
--- a/src/lib/libssl/src/crypto/bn/asm/ppc.pl
+++ b/src/lib/libssl/src/crypto/bn/asm/ppc.pl
@@ -116,7 +116,7 @@ if ($opf =~ /32\.s/) {
116 $UDIV= "divwu"; # unsigned divide 116 $UDIV= "divwu"; # unsigned divide
117 $UCMPI= "cmplwi"; # unsigned compare with immediate 117 $UCMPI= "cmplwi"; # unsigned compare with immediate
118 $UCMP= "cmplw"; # unsigned compare 118 $UCMP= "cmplw"; # unsigned compare
119 $COUNTZ="cntlzw"; # count leading zeros 119 $CNTLZ= "cntlzw"; # count leading zeros
120 $SHL= "slw"; # shift left 120 $SHL= "slw"; # shift left
121 $SHR= "srw"; # unsigned shift right 121 $SHR= "srw"; # unsigned shift right
122 $SHRI= "srwi"; # unsigned shift right by immediate 122 $SHRI= "srwi"; # unsigned shift right by immediate
@@ -124,6 +124,7 @@ if ($opf =~ /32\.s/) {
124 $CLRU= "clrlwi"; # clear upper bits 124 $CLRU= "clrlwi"; # clear upper bits
125 $INSR= "insrwi"; # insert right 125 $INSR= "insrwi"; # insert right
126 $ROTL= "rotlwi"; # rotate left by immediate 126 $ROTL= "rotlwi"; # rotate left by immediate
127 $TR= "tw"; # conditional trap
127} elsif ($opf =~ /64\.s/) { 128} elsif ($opf =~ /64\.s/) {
128 $BITS= 64; 129 $BITS= 64;
129 $BNSZ= $BITS/8; 130 $BNSZ= $BITS/8;
@@ -139,7 +140,7 @@ if ($opf =~ /32\.s/) {
139 $UDIV= "divdu"; # unsigned divide 140 $UDIV= "divdu"; # unsigned divide
140 $UCMPI= "cmpldi"; # unsigned compare with immediate 141 $UCMPI= "cmpldi"; # unsigned compare with immediate
141 $UCMP= "cmpld"; # unsigned compare 142 $UCMP= "cmpld"; # unsigned compare
142 $COUNTZ="cntlzd"; # count leading zeros 143 $CNTLZ= "cntlzd"; # count leading zeros
143 $SHL= "sld"; # shift left 144 $SHL= "sld"; # shift left
144 $SHR= "srd"; # unsigned shift right 145 $SHR= "srd"; # unsigned shift right
145 $SHRI= "srdi"; # unsigned shift right by immediate 146 $SHRI= "srdi"; # unsigned shift right by immediate
@@ -147,6 +148,7 @@ if ($opf =~ /32\.s/) {
147 $CLRU= "clrldi"; # clear upper bits 148 $CLRU= "clrldi"; # clear upper bits
148 $INSR= "insrdi"; # insert right 149 $INSR= "insrdi"; # insert right
149 $ROTL= "rotldi"; # rotate left by immediate 150 $ROTL= "rotldi"; # rotate left by immediate
151 $TR= "td"; # conditional trap
150} else { die "nonsense $opf"; } 152} else { die "nonsense $opf"; }
151 153
152( defined shift || open STDOUT,">$opf" ) || die "can't open $opf: $!"; 154( defined shift || open STDOUT,">$opf" ) || die "can't open $opf: $!";
@@ -1710,17 +1712,12 @@ Lppcasm_add_adios:
1710 bclr BO_ALWAYS,CR0_LT 1712 bclr BO_ALWAYS,CR0_LT
1711Lppcasm_div1: 1713Lppcasm_div1:
1712 xor r0,r0,r0 #r0=0 1714 xor r0,r0,r0 #r0=0
1713 $COUNTZ r7,r5 #r7 = num leading 0s in d. 1715 li r8,$BITS
1714 subfic r8,r7,$BITS #r8 = BN_num_bits_word(d) 1716 $CNTLZ. r7,r5 #r7 = num leading 0s in d.
1715 cmpi 0,0,r8,$BITS # 1717 bc BO_IF,CR0_EQ,Lppcasm_div2 #proceed if no leading zeros
1716 bc BO_IF,CR0_EQ,Lppcasm_div2 #proceed if (r8==$BITS) 1718 subf r8,r7,r8 #r8 = BN_num_bits_word(d)
1717 li r9,1 # r9=1 1719 $SHR. r9,r3,r8 #are there any bits above r8'th?
1718 $SHL r10,r9,r8 # r9<<=r8 1720 $TR 16,r9,r0 #if there're, signal to dump core...
1719 $UCMP 0,r3,r10 #
1720 bc BO_IF,CR0_GT,Lppcasm_div2 #or if (h > (1<<r8))
1721 $UDIV r3,r3,r0 #if not assert(0) divide by 0!
1722 #that's how we signal overflow
1723 bclr BO_ALWAYS,CR0_LT #return. NEVER REACHED.
1724Lppcasm_div2: 1721Lppcasm_div2:
1725 $UCMP 0,r3,r5 #h>=d? 1722 $UCMP 0,r3,r5 #h>=d?
1726 bc BO_IF,CR0_LT,Lppcasm_div3 #goto Lppcasm_div3 if not 1723 bc BO_IF,CR0_LT,Lppcasm_div3 #goto Lppcasm_div3 if not
diff --git a/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S b/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
index 0074dfdb75..8c56e2e7e7 100644
--- a/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
+++ b/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
@@ -162,10 +162,14 @@
162 * BN_ULONG w; 162 * BN_ULONG w;
163 */ 163 */
164bn_mul_add_words: 164bn_mul_add_words:
165 sra %o2,%g0,%o2 ! signx %o2
165 brgz,a %o2,.L_bn_mul_add_words_proceed 166 brgz,a %o2,.L_bn_mul_add_words_proceed
166 lduw [%o1],%g2 167 lduw [%o1],%g2
167 retl 168 retl
168 clr %o0 169 clr %o0
170 nop
171 nop
172 nop
169 173
170.L_bn_mul_add_words_proceed: 174.L_bn_mul_add_words_proceed:
171 srl %o3,%g0,%o3 ! clruw %o3 175 srl %o3,%g0,%o3 ! clruw %o3
@@ -260,10 +264,14 @@ bn_mul_add_words:
260 * BN_ULONG w; 264 * BN_ULONG w;
261 */ 265 */
262bn_mul_words: 266bn_mul_words:
267 sra %o2,%g0,%o2 ! signx %o2
263 brgz,a %o2,.L_bn_mul_words_proceeed 268 brgz,a %o2,.L_bn_mul_words_proceeed
264 lduw [%o1],%g2 269 lduw [%o1],%g2
265 retl 270 retl
266 clr %o0 271 clr %o0
272 nop
273 nop
274 nop
267 275
268.L_bn_mul_words_proceeed: 276.L_bn_mul_words_proceeed:
269 srl %o3,%g0,%o3 ! clruw %o3 277 srl %o3,%g0,%o3 ! clruw %o3
@@ -344,10 +352,14 @@ bn_mul_words:
344 * int n; 352 * int n;
345 */ 353 */
346bn_sqr_words: 354bn_sqr_words:
355 sra %o2,%g0,%o2 ! signx %o2
347 brgz,a %o2,.L_bn_sqr_words_proceeed 356 brgz,a %o2,.L_bn_sqr_words_proceeed
348 lduw [%o1],%g2 357 lduw [%o1],%g2
349 retl 358 retl
350 clr %o0 359 clr %o0
360 nop
361 nop
362 nop
351 363
352.L_bn_sqr_words_proceeed: 364.L_bn_sqr_words_proceeed:
353 andcc %o2,-4,%g0 365 andcc %o2,-4,%g0
@@ -445,6 +457,7 @@ bn_div_words:
445 * int n; 457 * int n;
446 */ 458 */
447bn_add_words: 459bn_add_words:
460 sra %o3,%g0,%o3 ! signx %o3
448 brgz,a %o3,.L_bn_add_words_proceed 461 brgz,a %o3,.L_bn_add_words_proceed
449 lduw [%o1],%o4 462 lduw [%o1],%o4
450 retl 463 retl
@@ -454,7 +467,6 @@ bn_add_words:
454 andcc %o3,-4,%g0 467 andcc %o3,-4,%g0
455 bz,pn %icc,.L_bn_add_words_tail 468 bz,pn %icc,.L_bn_add_words_tail
456 addcc %g0,0,%g0 ! clear carry flag 469 addcc %g0,0,%g0 ! clear carry flag
457 nop
458 470
459.L_bn_add_words_loop: ! wow! 32 aligned! 471.L_bn_add_words_loop: ! wow! 32 aligned!
460 dec 4,%o3 472 dec 4,%o3
@@ -523,6 +535,7 @@ bn_add_words:
523 * int n; 535 * int n;
524 */ 536 */
525bn_sub_words: 537bn_sub_words:
538 sra %o3,%g0,%o3 ! signx %o3
526 brgz,a %o3,.L_bn_sub_words_proceed 539 brgz,a %o3,.L_bn_sub_words_proceed
527 lduw [%o1],%o4 540 lduw [%o1],%o4
528 retl 541 retl
@@ -532,7 +545,6 @@ bn_sub_words:
532 andcc %o3,-4,%g0 545 andcc %o3,-4,%g0
533 bz,pn %icc,.L_bn_sub_words_tail 546 bz,pn %icc,.L_bn_sub_words_tail
534 addcc %g0,0,%g0 ! clear carry flag 547 addcc %g0,0,%g0 ! clear carry flag
535 nop
536 548
537.L_bn_sub_words_loop: ! wow! 32 aligned! 549.L_bn_sub_words_loop: ! wow! 32 aligned!
538 dec 4,%o3 550 dec 4,%o3
diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h
index 3da6d8ced9..1251521c54 100644
--- a/src/lib/libssl/src/crypto/bn/bn.h
+++ b/src/lib/libssl/src/crypto/bn/bn.h
@@ -225,10 +225,23 @@ extern "C" {
225 225
226#define BN_FLG_MALLOCED 0x01 226#define BN_FLG_MALLOCED 0x01
227#define BN_FLG_STATIC_DATA 0x02 227#define BN_FLG_STATIC_DATA 0x02
228#define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings
229 * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
228#define BN_FLG_FREE 0x8000 /* used for debuging */ 230#define BN_FLG_FREE 0x8000 /* used for debuging */
229#define BN_set_flags(b,n) ((b)->flags|=(n)) 231#define BN_set_flags(b,n) ((b)->flags|=(n))
230#define BN_get_flags(b,n) ((b)->flags&(n)) 232#define BN_get_flags(b,n) ((b)->flags&(n))
231 233
234/* get a clone of a BIGNUM with changed flags, for *temporary* use only
235 * (the two BIGNUMs cannot not be used in parallel!) */
236#define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
237 (dest)->top=(b)->top, \
238 (dest)->dmax=(b)->dmax, \
239 (dest)->neg=(b)->neg, \
240 (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
241 | ((b)->flags & ~BN_FLG_MALLOCED) \
242 | BN_FLG_STATIC_DATA \
243 | (n)))
244
232typedef struct bignum_st 245typedef struct bignum_st
233 { 246 {
234 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ 247 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
@@ -378,6 +391,8 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
378 const BIGNUM *m,BN_CTX *ctx); 391 const BIGNUM *m,BN_CTX *ctx);
379int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 392int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
380 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 393 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
394int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
395 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
381int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, 396int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
382 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 397 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
383int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, 398int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
@@ -423,6 +438,19 @@ int BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
423 void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, 438 void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
424 int do_trial_division); 439 int do_trial_division);
425 440
441#ifdef OPENSSL_FIPS
442int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
443 void (*cb)(int, int, void *), void *cb_arg,
444 const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
445 const BIGNUM *e, BN_CTX *ctx);
446int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
447int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
448 BIGNUM *Xp1, BIGNUM *Xp2,
449 const BIGNUM *Xp,
450 const BIGNUM *e, BN_CTX *ctx,
451 void (*cb)(int, int, void *), void *cb_arg);
452#endif
453
426BN_MONT_CTX *BN_MONT_CTX_new(void ); 454BN_MONT_CTX *BN_MONT_CTX_new(void );
427void BN_MONT_CTX_init(BN_MONT_CTX *ctx); 455void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
428int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, 456int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
@@ -434,6 +462,8 @@ int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
434void BN_MONT_CTX_free(BN_MONT_CTX *mont); 462void BN_MONT_CTX_free(BN_MONT_CTX *mont);
435int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx); 463int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
436BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); 464BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
465BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
466 const BIGNUM *mod, BN_CTX *ctx);
437 467
438BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); 468BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
439void BN_BLINDING_free(BN_BLINDING *b); 469void BN_BLINDING_free(BN_BLINDING *b);
@@ -510,11 +540,15 @@ void ERR_load_BN_strings(void);
510#define BN_F_BN_CTX_GET 116 540#define BN_F_BN_CTX_GET 116
511#define BN_F_BN_CTX_NEW 106 541#define BN_F_BN_CTX_NEW 106
512#define BN_F_BN_DIV 107 542#define BN_F_BN_DIV 107
543#define BN_F_BN_EXP 123
513#define BN_F_BN_EXPAND2 108 544#define BN_F_BN_EXPAND2 108
514#define BN_F_BN_EXPAND_INTERNAL 120 545#define BN_F_BN_EXPAND_INTERNAL 120
515#define BN_F_BN_MOD_EXP2_MONT 118 546#define BN_F_BN_MOD_EXP2_MONT 118
516#define BN_F_BN_MOD_EXP_MONT 109 547#define BN_F_BN_MOD_EXP_MONT 109
548#define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
517#define BN_F_BN_MOD_EXP_MONT_WORD 117 549#define BN_F_BN_MOD_EXP_MONT_WORD 117
550#define BN_F_BN_MOD_EXP_RECP 125
551#define BN_F_BN_MOD_EXP_SIMPLE 126
518#define BN_F_BN_MOD_INVERSE 110 552#define BN_F_BN_MOD_INVERSE 110
519#define BN_F_BN_MOD_LSHIFT_QUICK 119 553#define BN_F_BN_MOD_LSHIFT_QUICK 119
520#define BN_F_BN_MOD_MUL_RECIPROCAL 111 554#define BN_F_BN_MOD_MUL_RECIPROCAL 111
diff --git a/src/lib/libssl/src/crypto/bn/bn_asm.c b/src/lib/libssl/src/crypto/bn/bn_asm.c
index be8aa3ffc5..19978085b2 100644
--- a/src/lib/libssl/src/crypto/bn/bn_asm.c
+++ b/src/lib/libssl/src/crypto/bn/bn_asm.c
@@ -237,7 +237,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
237 if (d == 0) return(BN_MASK2); 237 if (d == 0) return(BN_MASK2);
238 238
239 i=BN_num_bits_word(d); 239 i=BN_num_bits_word(d);
240 assert((i == BN_BITS2) || (h > (BN_ULONG)1<<i)); 240 assert((i == BN_BITS2) || (h <= (BN_ULONG)1<<i));
241 241
242 i=BN_BITS2-i; 242 i=BN_BITS2-i;
243 if (h >= d) h-=d; 243 if (h >= d) h-=d;
diff --git a/src/lib/libssl/src/crypto/bn/bn_err.c b/src/lib/libssl/src/crypto/bn/bn_err.c
index fb84ee96d8..5dfac00c88 100644
--- a/src/lib/libssl/src/crypto/bn/bn_err.c
+++ b/src/lib/libssl/src/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
1/* crypto/bn/bn_err.c */ 1/* crypto/bn/bn_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,52 +64,60 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
70
67static ERR_STRING_DATA BN_str_functs[]= 71static ERR_STRING_DATA BN_str_functs[]=
68 { 72 {
69{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"}, 73{ERR_FUNC(BN_F_BN_BLINDING_CONVERT), "BN_BLINDING_convert"},
70{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"}, 74{ERR_FUNC(BN_F_BN_BLINDING_INVERT), "BN_BLINDING_invert"},
71{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"}, 75{ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"},
72{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"}, 76{ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"},
73{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"}, 77{ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"},
74{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"}, 78{ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"},
75{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"}, 79{ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"},
76{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, 80{ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
77{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, 81{ERR_FUNC(BN_F_BN_DIV), "BN_div"},
78{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, 82{ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
79{ERR_PACK(0,BN_F_BN_EXPAND_INTERNAL,0), "BN_EXPAND_INTERNAL"}, 83{ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
80{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0), "BN_mod_exp2_mont"}, 84{ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
81{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, 85{ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"},
82{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_mod_exp_mont_word"}, 86{ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"},
83{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, 87{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"},
84{ERR_PACK(0,BN_F_BN_MOD_LSHIFT_QUICK,0), "BN_mod_lshift_quick"}, 88{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD), "BN_mod_exp_mont_word"},
85{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, 89{ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"},
86{ERR_PACK(0,BN_F_BN_MOD_SQRT,0), "BN_mod_sqrt"}, 90{ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"},
87{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, 91{ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
88{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"}, 92{ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
89{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"}, 93{ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
90{ERR_PACK(0,BN_F_BN_RAND_RANGE,0), "BN_rand_range"}, 94{ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
91{ERR_PACK(0,BN_F_BN_USUB,0), "BN_usub"}, 95{ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
96{ERR_FUNC(BN_F_BN_NEW), "BN_new"},
97{ERR_FUNC(BN_F_BN_RAND), "BN_rand"},
98{ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"},
99{ERR_FUNC(BN_F_BN_USUB), "BN_usub"},
92{0,NULL} 100{0,NULL}
93 }; 101 };
94 102
95static ERR_STRING_DATA BN_str_reasons[]= 103static ERR_STRING_DATA BN_str_reasons[]=
96 { 104 {
97{BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"}, 105{ERR_REASON(BN_R_ARG2_LT_ARG3) ,"arg2 lt arg3"},
98{BN_R_BAD_RECIPROCAL ,"bad reciprocal"}, 106{ERR_REASON(BN_R_BAD_RECIPROCAL) ,"bad reciprocal"},
99{BN_R_BIGNUM_TOO_LONG ,"bignum too long"}, 107{ERR_REASON(BN_R_BIGNUM_TOO_LONG) ,"bignum too long"},
100{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"}, 108{ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS),"called with even modulus"},
101{BN_R_DIV_BY_ZERO ,"div by zero"}, 109{ERR_REASON(BN_R_DIV_BY_ZERO) ,"div by zero"},
102{BN_R_ENCODING_ERROR ,"encoding error"}, 110{ERR_REASON(BN_R_ENCODING_ERROR) ,"encoding error"},
103{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"}, 111{ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),"expand on static bignum data"},
104{BN_R_INPUT_NOT_REDUCED ,"input not reduced"}, 112{ERR_REASON(BN_R_INPUT_NOT_REDUCED) ,"input not reduced"},
105{BN_R_INVALID_LENGTH ,"invalid length"}, 113{ERR_REASON(BN_R_INVALID_LENGTH) ,"invalid length"},
106{BN_R_INVALID_RANGE ,"invalid range"}, 114{ERR_REASON(BN_R_INVALID_RANGE) ,"invalid range"},
107{BN_R_NOT_A_SQUARE ,"not a square"}, 115{ERR_REASON(BN_R_NOT_A_SQUARE) ,"not a square"},
108{BN_R_NOT_INITIALIZED ,"not initialized"}, 116{ERR_REASON(BN_R_NOT_INITIALIZED) ,"not initialized"},
109{BN_R_NO_INVERSE ,"no inverse"}, 117{ERR_REASON(BN_R_NO_INVERSE) ,"no inverse"},
110{BN_R_P_IS_NOT_PRIME ,"p is not prime"}, 118{ERR_REASON(BN_R_P_IS_NOT_PRIME) ,"p is not prime"},
111{BN_R_TOO_MANY_ITERATIONS ,"too many iterations"}, 119{ERR_REASON(BN_R_TOO_MANY_ITERATIONS) ,"too many iterations"},
112{BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"}, 120{ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"},
113{0,NULL} 121{0,NULL}
114 }; 122 };
115 123
@@ -123,8 +131,8 @@ void ERR_load_BN_strings(void)
123 { 131 {
124 init=0; 132 init=0;
125#ifndef OPENSSL_NO_ERR 133#ifndef OPENSSL_NO_ERR
126 ERR_load_strings(ERR_LIB_BN,BN_str_functs); 134 ERR_load_strings(0,BN_str_functs);
127 ERR_load_strings(ERR_LIB_BN,BN_str_reasons); 135 ERR_load_strings(0,BN_str_reasons);
128#endif 136#endif
129 137
130 } 138 }
diff --git a/src/lib/libssl/src/crypto/bn/bn_exp.c b/src/lib/libssl/src/crypto/bn/bn_exp.c
index afdfd580fb..9e1e88abe8 100644
--- a/src/lib/libssl/src/crypto/bn/bn_exp.c
+++ b/src/lib/libssl/src/crypto/bn/bn_exp.c
@@ -56,7 +56,7 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ==================================================================== 58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 59 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
60 * 60 *
61 * Redistribution and use in source and binary forms, with or without 61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions 62 * modification, are permitted provided that the following conditions
@@ -113,6 +113,7 @@
113#include "cryptlib.h" 113#include "cryptlib.h"
114#include "bn_lcl.h" 114#include "bn_lcl.h"
115 115
116/* maximum precomputation table size for *variable* sliding windows */
116#define TABLE_SIZE 32 117#define TABLE_SIZE 32
117 118
118/* this one works - simple but works */ 119/* this one works - simple but works */
@@ -121,6 +122,13 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
121 int i,bits,ret=0; 122 int i,bits,ret=0;
122 BIGNUM *v,*rr; 123 BIGNUM *v,*rr;
123 124
125 if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
126 {
127 /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
128 BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
129 return -1;
130 }
131
124 BN_CTX_start(ctx); 132 BN_CTX_start(ctx);
125 if ((r == a) || (r == p)) 133 if ((r == a) || (r == p))
126 rr = BN_CTX_get(ctx); 134 rr = BN_CTX_get(ctx);
@@ -204,7 +212,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
204 if (BN_is_odd(m)) 212 if (BN_is_odd(m))
205 { 213 {
206# ifdef MONT_EXP_WORD 214# ifdef MONT_EXP_WORD
207 if (a->top == 1 && !a->neg) 215 if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) == 0))
208 { 216 {
209 BN_ULONG A = a->d[0]; 217 BN_ULONG A = a->d[0];
210 ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); 218 ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
@@ -234,6 +242,13 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
234 BIGNUM val[TABLE_SIZE]; 242 BIGNUM val[TABLE_SIZE];
235 BN_RECP_CTX recp; 243 BN_RECP_CTX recp;
236 244
245 if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
246 {
247 /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
248 BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
249 return -1;
250 }
251
237 bits=BN_num_bits(p); 252 bits=BN_num_bits(p);
238 253
239 if (bits == 0) 254 if (bits == 0)
@@ -361,6 +376,11 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
361 BIGNUM val[TABLE_SIZE]; 376 BIGNUM val[TABLE_SIZE];
362 BN_MONT_CTX *mont=NULL; 377 BN_MONT_CTX *mont=NULL;
363 378
379 if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
380 {
381 return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
382 }
383
364 bn_check_top(a); 384 bn_check_top(a);
365 bn_check_top(p); 385 bn_check_top(p);
366 bn_check_top(m); 386 bn_check_top(m);
@@ -493,6 +513,212 @@ err:
493 return(ret); 513 return(ret);
494 } 514 }
495 515
516
517/* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout
518 * so that accessing any of these table values shows the same access pattern as far
519 * as cache lines are concerned. The following functions are used to transfer a BIGNUM
520 * from/to that table. */
521
522static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
523 {
524 size_t i, j;
525
526 if (bn_wexpand(b, top) == NULL)
527 return 0;
528 while (b->top < top)
529 {
530 b->d[b->top++] = 0;
531 }
532
533 for (i = 0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
534 {
535 buf[j] = ((unsigned char*)b->d)[i];
536 }
537
538 bn_fix_top(b);
539 return 1;
540 }
541
542static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
543 {
544 size_t i, j;
545
546 if (bn_wexpand(b, top) == NULL)
547 return 0;
548
549 for (i=0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
550 {
551 ((unsigned char*)b->d)[i] = buf[j];
552 }
553
554 b->top = top;
555 bn_fix_top(b);
556 return 1;
557 }
558
559/* Given a pointer value, compute the next address that is a cache line multiple. */
560#define MOD_EXP_CTIME_ALIGN(x_) \
561 ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
562
563/* This variant of BN_mod_exp_mont() uses fixed windows and the special
564 * precomputation memory layout to limit data-dependency to a minimum
565 * to protect secret exponents (cf. the hyper-threading timing attacks
566 * pointed out by Colin Percival,
567 * http://www.daemonology.net/hyperthreading-considered-harmful/)
568 */
569int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
570 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
571 {
572 int i,bits,ret=0,idx,window,wvalue;
573 int top;
574 BIGNUM *r;
575 const BIGNUM *aa;
576 BN_MONT_CTX *mont=NULL;
577
578 int numPowers;
579 unsigned char *powerbufFree=NULL;
580 int powerbufLen = 0;
581 unsigned char *powerbuf=NULL;
582 BIGNUM *computeTemp=NULL, *am=NULL;
583
584 bn_check_top(a);
585 bn_check_top(p);
586 bn_check_top(m);
587
588 top = m->top;
589
590 if (!(m->d[0] & 1))
591 {
592 BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME,BN_R_CALLED_WITH_EVEN_MODULUS);
593 return(0);
594 }
595 bits=BN_num_bits(p);
596 if (bits == 0)
597 {
598 ret = BN_one(rr);
599 return ret;
600 }
601
602 /* Initialize BIGNUM context and allocate intermediate result */
603 BN_CTX_start(ctx);
604 r = BN_CTX_get(ctx);
605 if (r == NULL) goto err;
606
607 /* Allocate a montgomery context if it was not supplied by the caller.
608 * If this is not done, things will break in the montgomery part.
609 */
610 if (in_mont != NULL)
611 mont=in_mont;
612 else
613 {
614 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
615 if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
616 }
617
618 /* Get the window size to use with size of p. */
619 window = BN_window_bits_for_ctime_exponent_size(bits);
620
621 /* Allocate a buffer large enough to hold all of the pre-computed
622 * powers of a.
623 */
624 numPowers = 1 << window;
625 powerbufLen = sizeof(m->d[0])*top*numPowers;
626 if ((powerbufFree=(unsigned char*)OPENSSL_malloc(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
627 goto err;
628
629 powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
630 memset(powerbuf, 0, powerbufLen);
631
632 /* Initialize the intermediate result. Do this early to save double conversion,
633 * once each for a^0 and intermediate result.
634 */
635 if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
636 if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers)) goto err;
637
638 /* Initialize computeTemp as a^1 with montgomery precalcs */
639 computeTemp = BN_CTX_get(ctx);
640 am = BN_CTX_get(ctx);
641 if (computeTemp==NULL || am==NULL) goto err;
642
643 if (a->neg || BN_ucmp(a,m) >= 0)
644 {
645 if (!BN_mod(am,a,m,ctx))
646 goto err;
647 aa= am;
648 }
649 else
650 aa=a;
651 if (!BN_to_montgomery(am,aa,mont,ctx)) goto err;
652 if (!BN_copy(computeTemp, am)) goto err;
653 if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers)) goto err;
654
655 /* If the window size is greater than 1, then calculate
656 * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1)
657 * (even powers could instead be computed as (a^(i/2))^2
658 * to use the slight performance advantage of sqr over mul).
659 */
660 if (window > 1)
661 {
662 for (i=2; i<numPowers; i++)
663 {
664 /* Calculate a^i = a^(i-1) * a */
665 if (!BN_mod_mul_montgomery(computeTemp,am,computeTemp,mont,ctx))
666 goto err;
667 if (!MOD_EXP_CTIME_COPY_TO_PREBUF(computeTemp, top, powerbuf, i, numPowers)) goto err;
668 }
669 }
670
671 /* Adjust the number of bits up to a multiple of the window size.
672 * If the exponent length is not a multiple of the window size, then
673 * this pads the most significant bits with zeros to normalize the
674 * scanning loop to there's no special cases.
675 *
676 * * NOTE: Making the window size a power of two less than the native
677 * * word size ensures that the padded bits won't go past the last
678 * * word in the internal BIGNUM structure. Going past the end will
679 * * still produce the correct result, but causes a different branch
680 * * to be taken in the BN_is_bit_set function.
681 */
682 bits = ((bits+window-1)/window)*window;
683 idx=bits-1; /* The top bit of the window */
684
685 /* Scan the exponent one window at a time starting from the most
686 * significant bits.
687 */
688 while (idx >= 0)
689 {
690 wvalue=0; /* The 'value' of the window */
691
692 /* Scan the window, squaring the result as we go */
693 for (i=0; i<window; i++,idx--)
694 {
695 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx)) goto err;
696 wvalue = (wvalue<<1)+BN_is_bit_set(p,idx);
697 }
698
699 /* Fetch the appropriate pre-computed value from the pre-buf */
700 if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(computeTemp, top, powerbuf, wvalue, numPowers)) goto err;
701
702 /* Multiply the result into the intermediate result */
703 if (!BN_mod_mul_montgomery(r,r,computeTemp,mont,ctx)) goto err;
704 }
705
706 /* Convert the final result from montgomery to standard format */
707 if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
708 ret=1;
709err:
710 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
711 if (powerbuf!=NULL)
712 {
713 OPENSSL_cleanse(powerbuf,powerbufLen);
714 OPENSSL_free(powerbufFree);
715 }
716 if (am!=NULL) BN_clear(am);
717 if (computeTemp!=NULL) BN_clear(computeTemp);
718 BN_CTX_end(ctx);
719 return(ret);
720 }
721
496int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, 722int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
497 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) 723 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
498 { 724 {
@@ -517,6 +743,13 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
517#define BN_TO_MONTGOMERY_WORD(r, w, mont) \ 743#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
518 (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx)) 744 (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
519 745
746 if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
747 {
748 /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
749 BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
750 return -1;
751 }
752
520 bn_check_top(p); 753 bn_check_top(p);
521 bn_check_top(m); 754 bn_check_top(m);
522 755
@@ -644,6 +877,13 @@ int BN_mod_exp_simple(BIGNUM *r,
644 BIGNUM *d; 877 BIGNUM *d;
645 BIGNUM val[TABLE_SIZE]; 878 BIGNUM val[TABLE_SIZE];
646 879
880 if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
881 {
882 /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
883 BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
884 return -1;
885 }
886
647 bits=BN_num_bits(p); 887 bits=BN_num_bits(p);
648 888
649 if (bits == 0) 889 if (bits == 0)
diff --git a/src/lib/libssl/src/crypto/bn/bn_lcl.h b/src/lib/libssl/src/crypto/bn/bn_lcl.h
index 253e195e23..a84998f2bd 100644
--- a/src/lib/libssl/src/crypto/bn/bn_lcl.h
+++ b/src/lib/libssl/src/crypto/bn/bn_lcl.h
@@ -177,6 +177,45 @@ struct bignum_ctx
177 177
178 178
179 179
180/* BN_mod_exp_mont_conttime is based on the assumption that the
181 * L1 data cache line width of the target processor is at least
182 * the following value.
183 */
184#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH ( 64 )
185#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
186
187/* Window sizes optimized for fixed window size modular exponentiation
188 * algorithm (BN_mod_exp_mont_consttime).
189 *
190 * To achieve the security goals of BN_mode_exp_mont_consttime, the
191 * maximum size of the window must not exceed
192 * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH).
193 *
194 * Window size thresholds are defined for cache line sizes of 32 and 64,
195 * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A
196 * window size of 7 should only be used on processors that have a 128
197 * byte or greater cache line size.
198 */
199#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
200
201# define BN_window_bits_for_ctime_exponent_size(b) \
202 ((b) > 937 ? 6 : \
203 (b) > 306 ? 5 : \
204 (b) > 89 ? 4 : \
205 (b) > 22 ? 3 : 1)
206# define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE (6)
207
208#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
209
210# define BN_window_bits_for_ctime_exponent_size(b) \
211 ((b) > 306 ? 5 : \
212 (b) > 89 ? 4 : \
213 (b) > 22 ? 3 : 1)
214# define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE (5)
215
216#endif
217
218
180/* Pentium pro 16,16,16,32,64 */ 219/* Pentium pro 16,16,16,32,64 */
181/* Alpha 16,16,16,16.64 */ 220/* Alpha 16,16,16,16.64 */
182#define BN_MULL_SIZE_NORMAL (16) /* 32 */ 221#define BN_MULL_SIZE_NORMAL (16) /* 32 */
diff --git a/src/lib/libssl/src/crypto/bn/bn_mont.c b/src/lib/libssl/src/crypto/bn/bn_mont.c
index b79b1b60da..3572e5a690 100644
--- a/src/lib/libssl/src/crypto/bn/bn_mont.c
+++ b/src/lib/libssl/src/crypto/bn/bn_mont.c
@@ -347,3 +347,23 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
347 return(to); 347 return(to);
348 } 348 }
349 349
350BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
351 const BIGNUM *mod, BN_CTX *ctx)
352 {
353 if (*pmont)
354 return *pmont;
355 CRYPTO_w_lock(lock);
356 if (!*pmont)
357 {
358 *pmont = BN_MONT_CTX_new();
359 if (*pmont && !BN_MONT_CTX_set(*pmont, mod, ctx))
360 {
361 BN_MONT_CTX_free(*pmont);
362 *pmont = NULL;
363 }
364 }
365 CRYPTO_w_unlock(lock);
366 return *pmont;
367 }
368
369
diff --git a/src/lib/libssl/src/crypto/bn/bntest.c b/src/lib/libssl/src/crypto/bn/bntest.c
index 28cd3339da..685007d330 100644
--- a/src/lib/libssl/src/crypto/bn/bntest.c
+++ b/src/lib/libssl/src/crypto/bn/bntest.c
@@ -86,6 +86,7 @@ int test_mont(BIO *bp,BN_CTX *ctx);
86int test_mod(BIO *bp,BN_CTX *ctx); 86int test_mod(BIO *bp,BN_CTX *ctx);
87int test_mod_mul(BIO *bp,BN_CTX *ctx); 87int test_mod_mul(BIO *bp,BN_CTX *ctx);
88int test_mod_exp(BIO *bp,BN_CTX *ctx); 88int test_mod_exp(BIO *bp,BN_CTX *ctx);
89int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
89int test_exp(BIO *bp,BN_CTX *ctx); 90int test_exp(BIO *bp,BN_CTX *ctx);
90int test_kron(BIO *bp,BN_CTX *ctx); 91int test_kron(BIO *bp,BN_CTX *ctx);
91int test_sqrt(BIO *bp,BN_CTX *ctx); 92int test_sqrt(BIO *bp,BN_CTX *ctx);
@@ -213,6 +214,10 @@ int main(int argc, char *argv[])
213 if (!test_mod_exp(out,ctx)) goto err; 214 if (!test_mod_exp(out,ctx)) goto err;
214 BIO_flush(out); 215 BIO_flush(out);
215 216
217 message(out,"BN_mod_exp_mont_consttime");
218 if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
219 BIO_flush(out);
220
216 message(out,"BN_exp"); 221 message(out,"BN_exp");
217 if (!test_exp(out,ctx)) goto err; 222 if (!test_exp(out,ctx)) goto err;
218 BIO_flush(out); 223 BIO_flush(out);
@@ -813,6 +818,57 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
813 return(1); 818 return(1);
814 } 819 }
815 820
821int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
822 {
823 BIGNUM *a,*b,*c,*d,*e;
824 int i;
825
826 a=BN_new();
827 b=BN_new();
828 c=BN_new();
829 d=BN_new();
830 e=BN_new();
831
832 BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
833 for (i=0; i<num2; i++)
834 {
835 BN_bntest_rand(a,20+i*5,0,0); /**/
836 BN_bntest_rand(b,2+i,0,0); /**/
837
838 if (!BN_mod_exp_mont_consttime(d,a,b,c,ctx,NULL))
839 return(00);
840
841 if (bp != NULL)
842 {
843 if (!results)
844 {
845 BN_print(bp,a);
846 BIO_puts(bp," ^ ");
847 BN_print(bp,b);
848 BIO_puts(bp," % ");
849 BN_print(bp,c);
850 BIO_puts(bp," - ");
851 }
852 BN_print(bp,d);
853 BIO_puts(bp,"\n");
854 }
855 BN_exp(e,a,b,ctx);
856 BN_sub(e,e,d);
857 BN_div(a,b,e,c,ctx);
858 if(!BN_is_zero(b))
859 {
860 fprintf(stderr,"Modulo exponentiation test failed!\n");
861 return 0;
862 }
863 }
864 BN_free(a);
865 BN_free(b);
866 BN_free(c);
867 BN_free(d);
868 BN_free(e);
869 return(1);
870 }
871
816int test_exp(BIO *bp, BN_CTX *ctx) 872int test_exp(BIO *bp, BN_CTX *ctx)
817 { 873 {
818 BIGNUM *a,*b,*d,*e,*one; 874 BIGNUM *a,*b,*d,*e,*one;
diff --git a/src/lib/libssl/src/crypto/bn/expspeed.c b/src/lib/libssl/src/crypto/bn/expspeed.c
index 07a1bcf51c..4d5f221f33 100644
--- a/src/lib/libssl/src/crypto/bn/expspeed.c
+++ b/src/lib/libssl/src/crypto/bn/expspeed.c
@@ -321,7 +321,7 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
321#else /* TEST_SQRT */ 321#else /* TEST_SQRT */
322 "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d" 322 "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
323#endif 323#endif
324 " -> %8.3fms %5.1f (%ld)\n", 324 " -> %8.6fms %5.1f (%ld)\n",
325#ifdef TEST_SQRT 325#ifdef TEST_SQRT
326 P_MOD_64, 326 P_MOD_64,
327#endif 327#endif
diff --git a/src/lib/libssl/src/crypto/bn/exptest.c b/src/lib/libssl/src/crypto/bn/exptest.c
index b09cf88705..28aaac2ac1 100644
--- a/src/lib/libssl/src/crypto/bn/exptest.c
+++ b/src/lib/libssl/src/crypto/bn/exptest.c
@@ -77,7 +77,7 @@ int main(int argc, char *argv[])
77 BIO *out=NULL; 77 BIO *out=NULL;
78 int i,ret; 78 int i,ret;
79 unsigned char c; 79 unsigned char c;
80 BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m; 80 BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
81 81
82 RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't 82 RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
83 * even check its return value 83 * even check its return value
@@ -88,6 +88,7 @@ int main(int argc, char *argv[])
88 ctx=BN_CTX_new(); 88 ctx=BN_CTX_new();
89 if (ctx == NULL) EXIT(1); 89 if (ctx == NULL) EXIT(1);
90 r_mont=BN_new(); 90 r_mont=BN_new();
91 r_mont_const=BN_new();
91 r_recp=BN_new(); 92 r_recp=BN_new();
92 r_simple=BN_new(); 93 r_simple=BN_new();
93 a=BN_new(); 94 a=BN_new();
@@ -143,8 +144,17 @@ int main(int argc, char *argv[])
143 EXIT(1); 144 EXIT(1);
144 } 145 }
145 146
147 ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
148 if (ret <= 0)
149 {
150 printf("BN_mod_exp_mont_consttime() problems\n");
151 ERR_print_errors(out);
152 EXIT(1);
153 }
154
146 if (BN_cmp(r_simple, r_mont) == 0 155 if (BN_cmp(r_simple, r_mont) == 0
147 && BN_cmp(r_simple,r_recp) == 0) 156 && BN_cmp(r_simple,r_recp) == 0
157 && BN_cmp(r_simple,r_mont_const) == 0)
148 { 158 {
149 printf("."); 159 printf(".");
150 fflush(stdout); 160 fflush(stdout);
@@ -153,6 +163,8 @@ int main(int argc, char *argv[])
153 { 163 {
154 if (BN_cmp(r_simple,r_mont) != 0) 164 if (BN_cmp(r_simple,r_mont) != 0)
155 printf("\nsimple and mont results differ\n"); 165 printf("\nsimple and mont results differ\n");
166 if (BN_cmp(r_simple,r_mont) != 0)
167 printf("\nsimple and mont const time results differ\n");
156 if (BN_cmp(r_simple,r_recp) != 0) 168 if (BN_cmp(r_simple,r_recp) != 0)
157 printf("\nsimple and recp results differ\n"); 169 printf("\nsimple and recp results differ\n");
158 170
@@ -162,11 +174,13 @@ int main(int argc, char *argv[])
162 printf("\nsimple ="); BN_print(out,r_simple); 174 printf("\nsimple ="); BN_print(out,r_simple);
163 printf("\nrecp ="); BN_print(out,r_recp); 175 printf("\nrecp ="); BN_print(out,r_recp);
164 printf("\nmont ="); BN_print(out,r_mont); 176 printf("\nmont ="); BN_print(out,r_mont);
177 printf("\nmont_ct ="); BN_print(out,r_mont_const);
165 printf("\n"); 178 printf("\n");
166 EXIT(1); 179 EXIT(1);
167 } 180 }
168 } 181 }
169 BN_free(r_mont); 182 BN_free(r_mont);
183 BN_free(r_mont_const);
170 BN_free(r_recp); 184 BN_free(r_recp);
171 BN_free(r_simple); 185 BN_free(r_simple);
172 BN_free(a); 186 BN_free(a);
diff --git a/src/lib/libssl/src/crypto/buffer/Makefile b/src/lib/libssl/src/crypto/buffer/Makefile
index 3911baf513..4b53c595a3 100644
--- a/src/lib/libssl/src/crypto/buffer/Makefile
+++ b/src/lib/libssl/src/crypto/buffer/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/buffer/Makefile 2# OpenSSL/crypto/buffer/Makefile
3# 3#
4 4
5DIR= buffer 5DIR= buffer
diff --git a/src/lib/libssl/src/crypto/buffer/buf_err.c b/src/lib/libssl/src/crypto/buffer/buf_err.c
index 5eee653e14..1fc32a6861 100644
--- a/src/lib/libssl/src/crypto/buffer/buf_err.c
+++ b/src/lib/libssl/src/crypto/buffer/buf_err.c
@@ -1,6 +1,6 @@
1/* crypto/buffer/buf_err.c */ 1/* crypto/buffer/buf_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,11 +64,15 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
70
67static ERR_STRING_DATA BUF_str_functs[]= 71static ERR_STRING_DATA BUF_str_functs[]=
68 { 72 {
69{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"}, 73{ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"},
70{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"}, 74{ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"},
71{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"}, 75{ERR_FUNC(BUF_F_BUF_STRDUP), "BUF_strdup"},
72{0,NULL} 76{0,NULL}
73 }; 77 };
74 78
@@ -87,8 +91,8 @@ void ERR_load_BUF_strings(void)
87 { 91 {
88 init=0; 92 init=0;
89#ifndef OPENSSL_NO_ERR 93#ifndef OPENSSL_NO_ERR
90 ERR_load_strings(ERR_LIB_BUF,BUF_str_functs); 94 ERR_load_strings(0,BUF_str_functs);
91 ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons); 95 ERR_load_strings(0,BUF_str_reasons);
92#endif 96#endif
93 97
94 } 98 }
diff --git a/src/lib/libssl/src/crypto/cast/Makefile b/src/lib/libssl/src/crypto/cast/Makefile
index 8b0d04bb7c..b388f6271c 100644
--- a/src/lib/libssl/src/crypto/cast/Makefile
+++ b/src/lib/libssl/src/crypto/cast/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/cast/Makefile 2# OpenSSL/crypto/cast/Makefile
3# 3#
4 4
5DIR= cast 5DIR= cast
@@ -115,6 +115,7 @@ c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
115c_ofb64.o: c_ofb64.c cast_lcl.h 115c_ofb64.o: c_ofb64.c cast_lcl.h
116c_skey.o: ../../e_os.h ../../include/openssl/cast.h 116c_skey.o: ../../e_os.h ../../include/openssl/cast.h
117c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 117c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
118c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 118c_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
119c_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 119c_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
120c_skey.o: ../../include/openssl/symhacks.h c_skey.c cast_lcl.h cast_s.h 120c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
121c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/src/lib/libssl/src/crypto/cast/c_skey.c b/src/lib/libssl/src/crypto/cast/c_skey.c
index dc4791a8cf..db9b7573e0 100644
--- a/src/lib/libssl/src/crypto/cast/c_skey.c
+++ b/src/lib/libssl/src/crypto/cast/c_skey.c
@@ -57,6 +57,7 @@
57 */ 57 */
58 58
59#include <openssl/crypto.h> 59#include <openssl/crypto.h>
60#include <openssl/fips.h>
60#include <openssl/cast.h> 61#include <openssl/cast.h>
61 62
62#include "cast_lcl.h" 63#include "cast_lcl.h"
diff --git a/src/lib/libssl/src/crypto/cast/cast_lcl.h b/src/lib/libssl/src/crypto/cast/cast_lcl.h
index 37f41cc6a4..e756021a33 100644
--- a/src/lib/libssl/src/crypto/cast/cast_lcl.h
+++ b/src/lib/libssl/src/crypto/cast/cast_lcl.h
@@ -64,11 +64,6 @@
64#endif 64#endif
65 65
66 66
67#ifdef OPENSSL_BUILD_SHLIBCRYPTO
68# undef OPENSSL_EXTERN
69# define OPENSSL_EXTERN OPENSSL_EXPORT
70#endif
71
72#undef c2l 67#undef c2l
73#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ 68#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
74 l|=((unsigned long)(*((c)++)))<< 8L, \ 69 l|=((unsigned long)(*((c)++)))<< 8L, \
@@ -222,11 +217,11 @@
222 } 217 }
223#endif 218#endif
224 219
225OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256]; 220extern const CAST_LONG CAST_S_table0[256];
226OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256]; 221extern const CAST_LONG CAST_S_table1[256];
227OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256]; 222extern const CAST_LONG CAST_S_table2[256];
228OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256]; 223extern const CAST_LONG CAST_S_table3[256];
229OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256]; 224extern const CAST_LONG CAST_S_table4[256];
230OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256]; 225extern const CAST_LONG CAST_S_table5[256];
231OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256]; 226extern const CAST_LONG CAST_S_table6[256];
232OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256]; 227extern const CAST_LONG CAST_S_table7[256];
diff --git a/src/lib/libssl/src/crypto/comp/Makefile b/src/lib/libssl/src/crypto/comp/Makefile
index 68109a8013..df1babec5c 100644
--- a/src/lib/libssl/src/crypto/comp/Makefile
+++ b/src/lib/libssl/src/crypto/comp/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/comp/Makefile 2# OpenSSL/crypto/comp/Makefile
3# 3#
4 4
5DIR= comp 5DIR= comp
diff --git a/src/lib/libssl/src/crypto/comp/c_zlib.c b/src/lib/libssl/src/crypto/comp/c_zlib.c
index 1bd2850d15..5fcb521ffb 100644
--- a/src/lib/libssl/src/crypto/comp/c_zlib.c
+++ b/src/lib/libssl/src/crypto/comp/c_zlib.c
@@ -51,30 +51,17 @@ static COMP_METHOD zlib_method={
51 */ 51 */
52#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) 52#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
53# include <windows.h> 53# include <windows.h>
54
55# define Z_CALLCONV _stdcall
56# define ZLIB_SHARED
57#else
58# define Z_CALLCONV
59#endif /* !(OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32) */ 54#endif /* !(OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32) */
60 55
61#ifdef ZLIB_SHARED 56#ifdef ZLIB_SHARED
62#include <openssl/dso.h> 57#include <openssl/dso.h>
63 58
64/* Prototypes for built in stubs */
65static int stub_compress(Bytef *dest,uLongf *destLen,
66 const Bytef *source, uLong sourceLen);
67static int stub_inflateEnd(z_streamp strm);
68static int stub_inflate(z_streamp strm, int flush);
69static int stub_inflateInit_(z_streamp strm, const char * version,
70 int stream_size);
71
72/* Function pointers */ 59/* Function pointers */
73typedef int (Z_CALLCONV *compress_ft)(Bytef *dest,uLongf *destLen, 60typedef int (*compress_ft)(Bytef *dest,uLongf *destLen,
74 const Bytef *source, uLong sourceLen); 61 const Bytef *source, uLong sourceLen);
75typedef int (Z_CALLCONV *inflateEnd_ft)(z_streamp strm); 62typedef int (*inflateEnd_ft)(z_streamp strm);
76typedef int (Z_CALLCONV *inflate_ft)(z_streamp strm, int flush); 63typedef int (*inflate_ft)(z_streamp strm, int flush);
77typedef int (Z_CALLCONV *inflateInit__ft)(z_streamp strm, 64typedef int (*inflateInit__ft)(z_streamp strm,
78 const char * version, int stream_size); 65 const char * version, int stream_size);
79static compress_ft p_compress=NULL; 66static compress_ft p_compress=NULL;
80static inflateEnd_ft p_inflateEnd=NULL; 67static inflateEnd_ft p_inflateEnd=NULL;
@@ -84,10 +71,10 @@ static inflateInit__ft p_inflateInit_=NULL;
84static int zlib_loaded = 0; /* only attempt to init func pts once */ 71static int zlib_loaded = 0; /* only attempt to init func pts once */
85static DSO *zlib_dso = NULL; 72static DSO *zlib_dso = NULL;
86 73
87#define compress stub_compress 74#define compress p_compress
88#define inflateEnd stub_inflateEnd 75#define inflateEnd p_inflateEnd
89#define inflate stub_inflate 76#define inflate p_inflate
90#define inflateInit_ stub_inflateInit_ 77#define inflateInit_ p_inflateInit_
91#endif /* ZLIB_SHARED */ 78#endif /* ZLIB_SHARED */
92 79
93static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, 80static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
@@ -191,16 +178,6 @@ COMP_METHOD *COMP_zlib(void)
191 { 178 {
192#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) 179#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
193 zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0); 180 zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0);
194 if (!zlib_dso)
195 {
196 zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0);
197 if (zlib_dso)
198 {
199 /* Clear the errors from the first failed
200 DSO_load() */
201 ERR_clear_error();
202 }
203 }
204#else 181#else
205 zlib_dso = DSO_load(NULL, "z", NULL, 0); 182 zlib_dso = DSO_load(NULL, "z", NULL, 0);
206#endif 183#endif
@@ -218,54 +195,21 @@ COMP_METHOD *COMP_zlib(void)
218 p_inflateInit_ 195 p_inflateInit_
219 = (inflateInit__ft) DSO_bind_func(zlib_dso, 196 = (inflateInit__ft) DSO_bind_func(zlib_dso,
220 "inflateInit_"); 197 "inflateInit_");
221 zlib_loaded++; 198
199 if (p_compress && p_inflateEnd && p_inflate
200 && p_inflateInit_)
201 zlib_loaded++;
222 } 202 }
223 } 203 }
224 204
225#endif 205#endif
206#ifdef ZLIB_SHARED
207 if (zlib_loaded)
208#endif
226#if defined(ZLIB) || defined(ZLIB_SHARED) 209#if defined(ZLIB) || defined(ZLIB_SHARED)
227 meth = &zlib_method; 210 meth = &zlib_method;
228#endif 211#endif
229 212
230 return(meth); 213 return(meth);
231 } 214 }
232 215
233#ifdef ZLIB_SHARED
234/* Stubs for each function to be dynamicly loaded */
235static int
236stub_compress(Bytef *dest,uLongf *destLen,const Bytef *source, uLong sourceLen)
237 {
238 if (p_compress)
239 return(p_compress(dest,destLen,source,sourceLen));
240 else
241 return(Z_MEM_ERROR);
242 }
243
244static int
245stub_inflateEnd(z_streamp strm)
246 {
247 if ( p_inflateEnd )
248 return(p_inflateEnd(strm));
249 else
250 return(Z_MEM_ERROR);
251 }
252
253static int
254stub_inflate(z_streamp strm, int flush)
255 {
256 if ( p_inflate )
257 return(p_inflate(strm,flush));
258 else
259 return(Z_MEM_ERROR);
260 }
261
262static int
263stub_inflateInit_(z_streamp strm, const char * version, int stream_size)
264 {
265 if ( p_inflateInit_ )
266 return(p_inflateInit_(strm,version,stream_size));
267 else
268 return(Z_MEM_ERROR);
269 }
270
271#endif /* ZLIB_SHARED */
diff --git a/src/lib/libssl/src/crypto/conf/Makefile b/src/lib/libssl/src/crypto/conf/Makefile
index 6d2f8ffd9a..403d12b28c 100644
--- a/src/lib/libssl/src/crypto/conf/Makefile
+++ b/src/lib/libssl/src/crypto/conf/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/conf/Makefile 2# OpenSSL/crypto/conf/Makefile
3# 3#
4 4
5DIR= conf 5DIR= conf
diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c
index b5a876ae68..2464f8ed90 100644
--- a/src/lib/libssl/src/crypto/conf/conf_def.c
+++ b/src/lib/libssl/src/crypto/conf/conf_def.c
@@ -613,13 +613,13 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
613 e++; 613 e++;
614 } 614 }
615 /* So at this point we have 615 /* So at this point we have
616 * ns which is the start of the name string which is 616 * np which is the start of the name string which is
617 * '\0' terminated. 617 * '\0' terminated.
618 * cs which is the start of the section string which is 618 * cp which is the start of the section string which is
619 * '\0' terminated. 619 * '\0' terminated.
620 * e is the 'next point after'. 620 * e is the 'next point after'.
621 * r and s are the chars replaced by the '\0' 621 * r and rr are the chars replaced by the '\0'
622 * rp and sp is where 'r' and 's' came from. 622 * rp and rrp is where 'r' and 'rr' came from.
623 */ 623 */
624 p=_CONF_get_string(conf,cp,np); 624 p=_CONF_get_string(conf,cp,np);
625 if (rrp != NULL) *rrp=rr; 625 if (rrp != NULL) *rrp=rr;
@@ -638,6 +638,11 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
638 points at. /RL */ 638 points at. /RL */
639 len -= e-from; 639 len -= e-from;
640 from=e; 640 from=e;
641
642 /* In case there were no braces or parenthesis around
643 the variable reference, we have to put back the
644 character that was replaced with a '\0'. /RL */
645 *rp = r;
641 } 646 }
642 else 647 else
643 buf->data[to++]= *(from++); 648 buf->data[to++]= *(from++);
diff --git a/src/lib/libssl/src/crypto/conf/conf_err.c b/src/lib/libssl/src/crypto/conf/conf_err.c
index ee07bfe9d9..f5e2ca4bf0 100644
--- a/src/lib/libssl/src/crypto/conf/conf_err.c
+++ b/src/lib/libssl/src/crypto/conf/conf_err.c
@@ -1,6 +1,6 @@
1/* crypto/conf/conf_err.c */ 1/* crypto/conf/conf_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,47 +64,51 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
70
67static ERR_STRING_DATA CONF_str_functs[]= 71static ERR_STRING_DATA CONF_str_functs[]=
68 { 72 {
69{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0), "CONF_dump_fp"}, 73{ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
70{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"}, 74{ERR_FUNC(CONF_F_CONF_LOAD), "CONF_load"},
71{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0), "CONF_load_bio"}, 75{ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"},
72{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0), "CONF_load_fp"}, 76{ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
73{ERR_PACK(0,CONF_F_CONF_MODULES_LOAD,0), "CONF_modules_load"}, 77{ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"},
74{ERR_PACK(0,CONF_F_MODULE_INIT,0), "MODULE_INIT"}, 78{ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"},
75{ERR_PACK(0,CONF_F_MODULE_LOAD_DSO,0), "MODULE_LOAD_DSO"}, 79{ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "MODULE_LOAD_DSO"},
76{ERR_PACK(0,CONF_F_MODULE_RUN,0), "MODULE_RUN"}, 80{ERR_FUNC(CONF_F_MODULE_RUN), "MODULE_RUN"},
77{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0), "NCONF_dump_bio"}, 81{ERR_FUNC(CONF_F_NCONF_DUMP_BIO), "NCONF_dump_bio"},
78{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0), "NCONF_dump_fp"}, 82{ERR_FUNC(CONF_F_NCONF_DUMP_FP), "NCONF_dump_fp"},
79{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0), "NCONF_get_number"}, 83{ERR_FUNC(CONF_F_NCONF_GET_NUMBER), "NCONF_get_number"},
80{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER_E,0), "NCONF_get_number_e"}, 84{ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E), "NCONF_get_number_e"},
81{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0), "NCONF_get_section"}, 85{ERR_FUNC(CONF_F_NCONF_GET_SECTION), "NCONF_get_section"},
82{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0), "NCONF_get_string"}, 86{ERR_FUNC(CONF_F_NCONF_GET_STRING), "NCONF_get_string"},
83{ERR_PACK(0,CONF_F_NCONF_LOAD,0), "NCONF_load"}, 87{ERR_FUNC(CONF_F_NCONF_LOAD), "NCONF_load"},
84{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0), "NCONF_load_bio"}, 88{ERR_FUNC(CONF_F_NCONF_LOAD_BIO), "NCONF_load_bio"},
85{ERR_PACK(0,CONF_F_NCONF_LOAD_FP,0), "NCONF_load_fp"}, 89{ERR_FUNC(CONF_F_NCONF_LOAD_FP), "NCONF_load_fp"},
86{ERR_PACK(0,CONF_F_NCONF_NEW,0), "NCONF_new"}, 90{ERR_FUNC(CONF_F_NCONF_NEW), "NCONF_new"},
87{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"}, 91{ERR_FUNC(CONF_F_STR_COPY), "STR_COPY"},
88{0,NULL} 92{0,NULL}
89 }; 93 };
90 94
91static ERR_STRING_DATA CONF_str_reasons[]= 95static ERR_STRING_DATA CONF_str_reasons[]=
92 { 96 {
93{CONF_R_ERROR_LOADING_DSO ,"error loading dso"}, 97{ERR_REASON(CONF_R_ERROR_LOADING_DSO) ,"error loading dso"},
94{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"}, 98{ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),"missing close square bracket"},
95{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"}, 99{ERR_REASON(CONF_R_MISSING_EQUAL_SIGN) ,"missing equal sign"},
96{CONF_R_MISSING_FINISH_FUNCTION ,"missing finish function"}, 100{ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION),"missing finish function"},
97{CONF_R_MISSING_INIT_FUNCTION ,"missing init function"}, 101{ERR_REASON(CONF_R_MISSING_INIT_FUNCTION),"missing init function"},
98{CONF_R_MODULE_INITIALIZATION_ERROR ,"module initialization error"}, 102{ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),"module initialization error"},
99{CONF_R_NO_CLOSE_BRACE ,"no close brace"}, 103{ERR_REASON(CONF_R_NO_CLOSE_BRACE) ,"no close brace"},
100{CONF_R_NO_CONF ,"no conf"}, 104{ERR_REASON(CONF_R_NO_CONF) ,"no conf"},
101{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE ,"no conf or environment variable"}, 105{ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),"no conf or environment variable"},
102{CONF_R_NO_SECTION ,"no section"}, 106{ERR_REASON(CONF_R_NO_SECTION) ,"no section"},
103{CONF_R_NO_SUCH_FILE ,"no such file"}, 107{ERR_REASON(CONF_R_NO_SUCH_FILE) ,"no such file"},
104{CONF_R_NO_VALUE ,"no value"}, 108{ERR_REASON(CONF_R_NO_VALUE) ,"no value"},
105{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"}, 109{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),"unable to create new section"},
106{CONF_R_UNKNOWN_MODULE_NAME ,"unknown module name"}, 110{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME) ,"unknown module name"},
107{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"}, 111{ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE),"variable has no value"},
108{0,NULL} 112{0,NULL}
109 }; 113 };
110 114
@@ -118,8 +122,8 @@ void ERR_load_CONF_strings(void)
118 { 122 {
119 init=0; 123 init=0;
120#ifndef OPENSSL_NO_ERR 124#ifndef OPENSSL_NO_ERR
121 ERR_load_strings(ERR_LIB_CONF,CONF_str_functs); 125 ERR_load_strings(0,CONF_str_functs);
122 ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons); 126 ERR_load_strings(0,CONF_str_reasons);
123#endif 127#endif
124 128
125 } 129 }
diff --git a/src/lib/libssl/src/crypto/cpt_err.c b/src/lib/libssl/src/crypto/cpt_err.c
index 1b4a1cb4d4..06a6109cce 100644
--- a/src/lib/libssl/src/crypto/cpt_err.c
+++ b/src/lib/libssl/src/crypto/cpt_err.c
@@ -1,6 +1,6 @@
1/* crypto/cpt_err.c */ 1/* crypto/cpt_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,23 +64,27 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
70
67static ERR_STRING_DATA CRYPTO_str_functs[]= 71static ERR_STRING_DATA CRYPTO_str_functs[]=
68 { 72 {
69{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0), "CRYPTO_get_ex_new_index"}, 73{ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"},
70{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0), "CRYPTO_get_new_dynlockid"}, 74{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"},
71{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0), "CRYPTO_get_new_lockid"}, 75{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"},
72{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0), "CRYPTO_set_ex_data"}, 76{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
73{ERR_PACK(0,CRYPTO_F_DEF_ADD_INDEX,0), "DEF_ADD_INDEX"}, 77{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
74{ERR_PACK(0,CRYPTO_F_DEF_GET_CLASS,0), "DEF_GET_CLASS"}, 78{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
75{ERR_PACK(0,CRYPTO_F_INT_DUP_EX_DATA,0), "INT_DUP_EX_DATA"}, 79{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
76{ERR_PACK(0,CRYPTO_F_INT_FREE_EX_DATA,0), "INT_FREE_EX_DATA"}, 80{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
77{ERR_PACK(0,CRYPTO_F_INT_NEW_EX_DATA,0), "INT_NEW_EX_DATA"}, 81{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
78{0,NULL} 82{0,NULL}
79 }; 83 };
80 84
81static ERR_STRING_DATA CRYPTO_str_reasons[]= 85static ERR_STRING_DATA CRYPTO_str_reasons[]=
82 { 86 {
83{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK ,"no dynlock create callback"}, 87{ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),"no dynlock create callback"},
84{0,NULL} 88{0,NULL}
85 }; 89 };
86 90
@@ -94,8 +98,8 @@ void ERR_load_CRYPTO_strings(void)
94 { 98 {
95 init=0; 99 init=0;
96#ifndef OPENSSL_NO_ERR 100#ifndef OPENSSL_NO_ERR
97 ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs); 101 ERR_load_strings(0,CRYPTO_str_functs);
98 ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons); 102 ERR_load_strings(0,CRYPTO_str_reasons);
99#endif 103#endif
100 104
101 } 105 }
diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c
index fef0afb29f..e63bbe8dba 100644
--- a/src/lib/libssl/src/crypto/cryptlib.c
+++ b/src/lib/libssl/src/crypto/cryptlib.c
@@ -480,6 +480,8 @@ const char *CRYPTO_get_lock_name(int type)
480 return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); 480 return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
481 } 481 }
482 482
483int OPENSSL_NONPIC_relocated=0;
484
483#if defined(_WIN32) && defined(_WINDLL) 485#if defined(_WIN32) && defined(_WINDLL)
484 486
485/* All we really need to do is remove the 'error' state when a thread 487/* All we really need to do is remove the 'error' state when a thread
@@ -491,6 +493,21 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
491 switch(fdwReason) 493 switch(fdwReason)
492 { 494 {
493 case DLL_PROCESS_ATTACH: 495 case DLL_PROCESS_ATTACH:
496#if defined(_WIN32_WINNT)
497 {
498 IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL;
499 IMAGE_NT_HEADERS *nt_headers;
500
501 if (dos_header->e_magic==IMAGE_DOS_SIGNATURE)
502 {
503 nt_headers = (IMAGE_NT_HEADERS *)((char *)dos_header
504 + dos_header->e_lfanew);
505 if (nt_headers->Signature==IMAGE_NT_SIGNATURE &&
506 hinstDLL!=(HINSTANCE)(nt_headers->OptionalHeader.ImageBase))
507 OPENSSL_NONPIC_relocated=1;
508 }
509 }
510#endif
494 break; 511 break;
495 case DLL_THREAD_ATTACH: 512 case DLL_THREAD_ATTACH:
496 break; 513 break;
@@ -504,18 +521,160 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
504 } 521 }
505#endif 522#endif
506 523
524#if defined(_WIN32)
525#include <tchar.h>
526
527#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
528static int IsService(void)
529{ HWINSTA h;
530 DWORD len;
531 WCHAR *name;
532
533 (void)GetDesktopWindow(); /* return value is ignored */
534
535 h = GetProcessWindowStation();
536 if (h==NULL) return -1;
537
538 if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) ||
539 GetLastError() != ERROR_INSUFFICIENT_BUFFER)
540 return -1;
541
542 if (len>512) return -1; /* paranoia */
543 len++,len&=~1; /* paranoia */
544#ifdef _MSC_VER
545 name=(WCHAR *)_alloca(len+sizeof(WCHAR));
546#else
547 name=(WCHAR *)alloca(len+sizeof(WCHAR));
548#endif
549 if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
550 return -1;
551
552 len++,len&=~1; /* paranoia */
553 name[len/sizeof(WCHAR)]=L'\0'; /* paranoia */
554#if 1
555 /* This doesn't cover "interactive" services [working with real
556 * WinSta0's] nor programs started non-interactively by Task
557 * Scheduler [those are working with SAWinSta]. */
558 if (wcsstr(name,L"Service-0x")) return 1;
559#else
560 /* This covers all non-interactive programs such as services. */
561 if (!wcsstr(name,L"WinSta0")) return 1;
562#endif
563 else return 0;
564}
565#endif
566
567void OPENSSL_showfatal (const char *fmta,...)
568{ va_list ap;
569 TCHAR buf[256];
570 const TCHAR *fmt;
571 HANDLE h;
572
573 if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
574 GetFileType(h)!=FILE_TYPE_UNKNOWN)
575 { /* must be console application */
576 va_start (ap,fmta);
577 vfprintf (stderr,fmta,ap);
578 va_end (ap);
579 return;
580 }
581
582 if (sizeof(TCHAR)==sizeof(char))
583 fmt=(const TCHAR *)fmta;
584 else do
585 { int keepgoing;
586 size_t len_0=strlen(fmta)+1,i;
587 WCHAR *fmtw;
588
589#ifdef _MSC_VER
590 fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR));
591#else
592 fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR));
593#endif
594 if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; }
595
596#ifndef OPENSSL_NO_MULTIBYTE
597 if (!MultiByteToWideChar(CP_ACP,0,fmta,len_0,fmtw,len_0))
598#endif
599 for (i=0;i<len_0;i++) fmtw[i]=(WCHAR)fmta[i];
600
601 for (i=0;i<len_0;i++)
602 { if (fmtw[i]==L'%') do
603 { keepgoing=0;
604 switch (fmtw[i+1])
605 { case L'0': case L'1': case L'2': case L'3': case L'4':
606 case L'5': case L'6': case L'7': case L'8': case L'9':
607 case L'.': case L'*':
608 case L'-': i++; keepgoing=1; break;
609 case L's': fmtw[i+1]=L'S'; break;
610 case L'S': fmtw[i+1]=L's'; break;
611 case L'c': fmtw[i+1]=L'C'; break;
612 case L'C': fmtw[i+1]=L'c'; break;
613 }
614 } while (keepgoing);
615 }
616 fmt = (const TCHAR *)fmtw;
617 } while (0);
618
619 va_start (ap,fmta);
620 _vsntprintf (buf,sizeof(buf)/sizeof(TCHAR)-1,fmt,ap);
621 buf [sizeof(buf)/sizeof(TCHAR)-1] = _T('\0');
622 va_end (ap);
623
624#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
625 /* this -------------v--- guards NT-specific calls */
626 if (GetVersion() < 0x80000000 && IsService())
627 { HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
628 const TCHAR *pmsg=buf;
629 ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
630 DeregisterEventSource(h);
631 }
632 else
633#endif
634 { MSGBOXPARAMS m;
635
636 m.cbSize = sizeof(m);
637 m.hwndOwner = NULL;
638 m.lpszCaption = _T("OpenSSL: FATAL");
639 m.dwStyle = MB_OK;
640 m.hInstance = NULL;
641 m.lpszIcon = IDI_ERROR;
642 m.dwContextHelpId = 0;
643 m.lpfnMsgBoxCallback = NULL;
644 m.dwLanguageId = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US);
645 m.lpszText = buf;
646
647 MessageBoxIndirect (&m);
648 }
649}
650#else
651void OPENSSL_showfatal (const char *fmta,...)
652{ va_list ap;
653
654 va_start (ap,fmta);
655 vfprintf (stderr,fmta,ap);
656 va_end (ap);
657}
658#endif
659
507void OpenSSLDie(const char *file,int line,const char *assertion) 660void OpenSSLDie(const char *file,int line,const char *assertion)
508 { 661 {
509 fprintf(stderr, 662 OPENSSL_showfatal(
510 "%s(%d): OpenSSL internal error, assertion failed: %s\n", 663 "%s(%d): OpenSSL internal error, assertion failed: %s\n",
511 file,line,assertion); 664 file,line,assertion);
512 abort(); 665 abort();
513 } 666 }
514 667
668void *OPENSSL_stderr(void) { return stderr; }
669
515#ifdef OPENSSL_FIPS 670#ifdef OPENSSL_FIPS
671
672void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
673void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
674void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
675void fips_r_unlock(void) { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); }
676
516static int fips_started = 0; 677static int fips_started = 0;
517static int fips_mode = 0;
518static void *fips_rand_check = 0;
519static unsigned long fips_thread = 0; 678static unsigned long fips_thread = 0;
520 679
521void fips_set_started(void) 680void fips_set_started(void)
@@ -576,57 +735,10 @@ int fips_clear_owning_thread(void)
576 return ret; 735 return ret;
577 } 736 }
578 737
579void fips_set_mode(int onoff) 738unsigned char *fips_signature_witness(void)
580 {
581 int owning_thread = fips_is_owning_thread();
582
583 if (fips_is_started())
584 {
585 if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
586 fips_mode = onoff;
587 if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
588 }
589 }
590
591void fips_set_rand_check(void *rand_check)
592 {
593 int owning_thread = fips_is_owning_thread();
594
595 if (fips_is_started())
596 {
597 if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
598 fips_rand_check = rand_check;
599 if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
600 }
601 }
602
603int FIPS_mode(void)
604 {
605 int ret = 0;
606 int owning_thread = fips_is_owning_thread();
607
608 if (fips_is_started())
609 {
610 if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
611 ret = fips_mode;
612 if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
613 }
614 return ret;
615 }
616
617void *FIPS_rand_check(void)
618 { 739 {
619 void *ret = 0; 740 extern unsigned char FIPS_signature[];
620 int owning_thread = fips_is_owning_thread(); 741 return FIPS_signature;
621
622 if (fips_is_started())
623 {
624 if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
625 ret = fips_rand_check;
626 if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
627 }
628 return ret;
629 } 742 }
630
631#endif /* OPENSSL_FIPS */ 743#endif /* OPENSSL_FIPS */
632 744
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h
index 0d6b9d59f0..6f59e08ca6 100644
--- a/src/lib/libssl/src/crypto/cryptlib.h
+++ b/src/lib/libssl/src/crypto/cryptlib.h
@@ -93,6 +93,10 @@ extern "C" {
93#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) 93#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
94#define HEX_SIZE(type) (sizeof(type)*2) 94#define HEX_SIZE(type) (sizeof(type)*2)
95 95
96void OPENSSL_showfatal(const char *,...);
97void *OPENSSL_stderr(void);
98extern int OPENSSL_NONPIC_relocated;
99
96#ifdef __cplusplus 100#ifdef __cplusplus
97} 101}
98#endif 102#endif
diff --git a/src/lib/libssl/src/crypto/crypto-lib.com b/src/lib/libssl/src/crypto/crypto-lib.com
index c044ce0099..427c321f25 100644
--- a/src/lib/libssl/src/crypto/crypto-lib.com
+++ b/src/lib/libssl/src/crypto/crypto-lib.com
@@ -184,10 +184,10 @@ $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm"
184$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - 184$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
185 "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - 185 "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
186 "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - 186 "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
187 "bn_recp,bn_mont,bn_mpi,bn_exp2" 187 "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_x931p"
188$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - 188$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
189 "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - 189 "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
190 "rsa_asn1" 190 "rsa_pss,rsa_x931,rsa_asn1"
191$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ - 191$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ -
192 "ec_err" 192 "ec_err"
193$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" 193$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl"
@@ -265,10 +265,15 @@ $ LIB_KRB5 = "krb5_asn"
265$! 265$!
266$! Setup exceptional compilations 266$! Setup exceptional compilations
267$! 267$!
268$ ! Add definitions for no threads on OpenVMS 7.1 and higher
268$ COMPILEWITH_CC3 = ",bss_rtcp," 269$ COMPILEWITH_CC3 = ",bss_rtcp,"
270$ ! Disable the DOLLARID warning
269$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," 271$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,"
272$ ! Disable disjoint optimization
270$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - 273$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
271 "sha_dgst,sha1dgst,rmd_dgst,bf_enc," 274 "sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
275$ ! Disable the MIXLINKAGE warning
276$ COMPILEWITH_CC6 = ",enc_read,set_key,"
272$! 277$!
273$! Figure Out What Other Modules We Are To Build. 278$! Figure Out What Other Modules We Are To Build.
274$! 279$!
@@ -497,7 +502,12 @@ $ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
497$ THEN 502$ THEN
498$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE' 503$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
499$ ELSE 504$ ELSE
500$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE' 505$ IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
506$ THEN
507$ CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
508$ ELSE
509$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
510$ ENDIF
501$ ENDIF 511$ ENDIF
502$ ENDIF 512$ ENDIF
503$ ENDIF 513$ ENDIF
@@ -960,7 +970,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS"
960$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS 970$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
961$ CCEXTRAFLAGS = "" 971$ CCEXTRAFLAGS = ""
962$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS 972$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
963$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" 973$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
964$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - 974$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
965 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS 975 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
966$! 976$!
@@ -1077,14 +1087,18 @@ $ THEN
1077$ IF CCDISABLEWARNINGS .EQS. "" 1087$ IF CCDISABLEWARNINGS .EQS. ""
1078$ THEN 1088$ THEN
1079$ CC4DISABLEWARNINGS = "DOLLARID" 1089$ CC4DISABLEWARNINGS = "DOLLARID"
1090$ CC6DISABLEWARNINGS = "MIXLINKAGE"
1080$ ELSE 1091$ ELSE
1081$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID" 1092$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
1093$ CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
1082$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))" 1094$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
1083$ ENDIF 1095$ ENDIF
1084$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))" 1096$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
1097$ CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
1085$ ELSE 1098$ ELSE
1086$ CCDISABLEWARNINGS = "" 1099$ CCDISABLEWARNINGS = ""
1087$ CC4DISABLEWARNINGS = "" 1100$ CC4DISABLEWARNINGS = ""
1101$ CC6DISABLEWARNINGS = ""
1088$ ENDIF 1102$ ENDIF
1089$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS 1103$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
1090$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS 1104$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
@@ -1095,6 +1109,7 @@ $ ELSE
1095$ CC5 = CC + "/NOOPTIMIZE" 1109$ CC5 = CC + "/NOOPTIMIZE"
1096$ ENDIF 1110$ ENDIF
1097$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS 1111$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
1112$ CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
1098$! 1113$!
1099$! Show user the result 1114$! Show user the result
1100$! 1115$!
diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h
index 4d1dfac7f1..22fd939e65 100644
--- a/src/lib/libssl/src/crypto/crypto.h
+++ b/src/lib/libssl/src/crypto/crypto.h
@@ -434,12 +434,9 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
434 434
435/* die if we have to */ 435/* die if we have to */
436void OpenSSLDie(const char *file,int line,const char *assertion); 436void OpenSSLDie(const char *file,int line,const char *assertion);
437#define OPENSSL_assert(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) 437#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
438 438
439#ifdef OPENSSL_FIPS 439#ifdef OPENSSL_FIPS
440int FIPS_mode(void);
441void *FIPS_rand_check(void);
442
443#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ 440#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
444 alg " previous FIPS forbidden algorithm error ignored"); 441 alg " previous FIPS forbidden algorithm error ignored");
445 442
diff --git a/src/lib/libssl/src/crypto/des/Makefile b/src/lib/libssl/src/crypto/des/Makefile
index 655f2ea1a8..800af0b123 100644
--- a/src/lib/libssl/src/crypto/des/Makefile
+++ b/src/lib/libssl/src/crypto/des/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/des/Makefile 2# OpenSSL/crypto/des/Makefile
3# 3#
4 4
5DIR= des 5DIR= des
diff --git a/src/lib/libssl/src/crypto/des/des_locl.h b/src/lib/libssl/src/crypto/des/des_locl.h
index e44e8e98b2..8f04b18c50 100644
--- a/src/lib/libssl/src/crypto/des/des_locl.h
+++ b/src/lib/libssl/src/crypto/des/des_locl.h
@@ -421,7 +421,7 @@
421 PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ 421 PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
422 } 422 }
423 423
424OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64]; 424extern const DES_LONG DES_SPtrans[8][64];
425 425
426void fcrypt_body(DES_LONG *out,DES_key_schedule *ks, 426void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
427 DES_LONG Eswap0, DES_LONG Eswap1); 427 DES_LONG Eswap0, DES_LONG Eswap1);
diff --git a/src/lib/libssl/src/crypto/dh/Makefile b/src/lib/libssl/src/crypto/dh/Makefile
index c091a8130a..352678b94a 100644
--- a/src/lib/libssl/src/crypto/dh/Makefile
+++ b/src/lib/libssl/src/crypto/dh/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/dh/Makefile 2# OpenSSL/crypto/dh/Makefile
3# 3#
4 4
5DIR= dh 5DIR= dh
diff --git a/src/lib/libssl/src/crypto/dh/dh.h b/src/lib/libssl/src/crypto/dh/dh.h
index 05851f8429..92c7481e10 100644
--- a/src/lib/libssl/src/crypto/dh/dh.h
+++ b/src/lib/libssl/src/crypto/dh/dh.h
@@ -70,7 +70,14 @@
70#include <openssl/crypto.h> 70#include <openssl/crypto.h>
71#include <openssl/ossl_typ.h> 71#include <openssl/ossl_typ.h>
72 72
73#define DH_FLAG_CACHE_MONT_P 0x01 73#define DH_FLAG_CACHE_MONT_P 0x01
74#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
75 * implementation now uses constant time
76 * modular exponentiation for secret exponents
77 * by default. This flag causes the
78 * faster variable sliding window method to
79 * be used for all exponents.
80 */
74 81
75#ifdef __cplusplus 82#ifdef __cplusplus
76extern "C" { 83extern "C" {
diff --git a/src/lib/libssl/src/crypto/dh/dh_err.c b/src/lib/libssl/src/crypto/dh/dh_err.c
index c2715044c9..83ccb41221 100644
--- a/src/lib/libssl/src/crypto/dh/dh_err.c
+++ b/src/lib/libssl/src/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
1/* crypto/dh/dh_err.c */ 1/* crypto/dh/dh_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,21 +64,25 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
70
67static ERR_STRING_DATA DH_str_functs[]= 71static ERR_STRING_DATA DH_str_functs[]=
68 { 72 {
69{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"}, 73{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
70{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"}, 74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
71{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"}, 75{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
72{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"}, 76{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
73{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"}, 77{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
74{ERR_PACK(0,DH_F_DH_NEW_METHOD,0), "DH_new_method"}, 78{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
75{0,NULL} 79{0,NULL}
76 }; 80 };
77 81
78static ERR_STRING_DATA DH_str_reasons[]= 82static ERR_STRING_DATA DH_str_reasons[]=
79 { 83 {
80{DH_R_BAD_GENERATOR ,"bad generator"}, 84{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
81{DH_R_NO_PRIVATE_VALUE ,"no private value"}, 85{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
82{0,NULL} 86{0,NULL}
83 }; 87 };
84 88
@@ -92,8 +96,8 @@ void ERR_load_DH_strings(void)
92 { 96 {
93 init=0; 97 init=0;
94#ifndef OPENSSL_NO_ERR 98#ifndef OPENSSL_NO_ERR
95 ERR_load_strings(ERR_LIB_DH,DH_str_functs); 99 ERR_load_strings(0,DH_str_functs);
96 ERR_load_strings(ERR_LIB_DH,DH_str_reasons); 100 ERR_load_strings(0,DH_str_reasons);
97#endif 101#endif
98 102
99 } 103 }
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c
index ff125c2296..3a39f7c8ca 100644
--- a/src/lib/libssl/src/crypto/dh/dh_key.c
+++ b/src/lib/libssl/src/crypto/dh/dh_key.c
@@ -105,7 +105,7 @@ static int generate_key(DH *dh)
105 int generate_new_key=0; 105 int generate_new_key=0;
106 unsigned l; 106 unsigned l;
107 BN_CTX *ctx; 107 BN_CTX *ctx;
108 BN_MONT_CTX *mont; 108 BN_MONT_CTX *mont=NULL;
109 BIGNUM *pub_key=NULL,*priv_key=NULL; 109 BIGNUM *pub_key=NULL,*priv_key=NULL;
110 110
111 ctx = BN_CTX_new(); 111 ctx = BN_CTX_new();
@@ -128,21 +128,37 @@ static int generate_key(DH *dh)
128 else 128 else
129 pub_key=dh->pub_key; 129 pub_key=dh->pub_key;
130 130
131 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) 131
132 if (dh->flags & DH_FLAG_CACHE_MONT_P)
132 { 133 {
133 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 134 mont = BN_MONT_CTX_set_locked(
134 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, 135 (BN_MONT_CTX **)&dh->method_mont_p,
135 dh->p,ctx)) goto err; 136 CRYPTO_LOCK_DH, dh->p, ctx);
137 if (!mont)
138 goto err;
136 } 139 }
137 mont=(BN_MONT_CTX *)dh->method_mont_p;
138 140
139 if (generate_new_key) 141 if (generate_new_key)
140 { 142 {
141 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ 143 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
142 if (!BN_rand(priv_key, l, 0, 0)) goto err; 144 if (!BN_rand(priv_key, l, 0, 0)) goto err;
143 } 145 }
144 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont)) 146
145 goto err; 147 {
148 BIGNUM local_prk;
149 BIGNUM *prk;
150
151 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
152 {
153 BN_init(&local_prk);
154 prk = &local_prk;
155 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
156 }
157 else
158 prk = priv_key;
159
160 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
161 }
146 162
147 dh->pub_key=pub_key; 163 dh->pub_key=pub_key;
148 dh->priv_key=priv_key; 164 dh->priv_key=priv_key;
@@ -160,7 +176,7 @@ err:
160static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) 176static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
161 { 177 {
162 BN_CTX *ctx; 178 BN_CTX *ctx;
163 BN_MONT_CTX *mont; 179 BN_MONT_CTX *mont=NULL;
164 BIGNUM *tmp; 180 BIGNUM *tmp;
165 int ret= -1; 181 int ret= -1;
166 182
@@ -174,14 +190,21 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
174 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); 190 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
175 goto err; 191 goto err;
176 } 192 }
177 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) 193
194 if (dh->flags & DH_FLAG_CACHE_MONT_P)
178 { 195 {
179 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 196 mont = BN_MONT_CTX_set_locked(
180 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, 197 (BN_MONT_CTX **)&dh->method_mont_p,
181 dh->p,ctx)) goto err; 198 CRYPTO_LOCK_DH, dh->p, ctx);
199 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
200 {
201 /* XXX */
202 BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
203 }
204 if (!mont)
205 goto err;
182 } 206 }
183 207
184 mont=(BN_MONT_CTX *)dh->method_mont_p;
185 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) 208 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
186 { 209 {
187 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); 210 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
@@ -190,8 +213,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
190 213
191 ret=BN_bn2bin(tmp,key); 214 ret=BN_bn2bin(tmp,key);
192err: 215err:
193 BN_CTX_end(ctx); 216 if (ctx != NULL)
194 BN_CTX_free(ctx); 217 {
218 BN_CTX_end(ctx);
219 BN_CTX_free(ctx);
220 }
195 return(ret); 221 return(ret);
196 } 222 }
197 223
@@ -200,7 +226,10 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
200 const BIGNUM *m, BN_CTX *ctx, 226 const BIGNUM *m, BN_CTX *ctx,
201 BN_MONT_CTX *m_ctx) 227 BN_MONT_CTX *m_ctx)
202 { 228 {
203 if (a->top == 1) 229 /* If a is only one word long and constant time is false, use the faster
230 * exponenentiation function.
231 */
232 if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
204 { 233 {
205 BN_ULONG A = a->d[0]; 234 BN_ULONG A = a->d[0];
206 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); 235 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
diff --git a/src/lib/libssl/src/crypto/dh/dhtest.c b/src/lib/libssl/src/crypto/dh/dhtest.c
index d75077f9fa..b76dede771 100644
--- a/src/lib/libssl/src/crypto/dh/dhtest.c
+++ b/src/lib/libssl/src/crypto/dh/dhtest.c
@@ -136,6 +136,10 @@ int main(int argc, char *argv[])
136 b->g=BN_dup(a->g); 136 b->g=BN_dup(a->g);
137 if ((b->p == NULL) || (b->g == NULL)) goto err; 137 if ((b->p == NULL) || (b->g == NULL)) goto err;
138 138
139 /* Set a to run with normal modexp and b to use constant time */
140 a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
141 b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
142
139 if (!DH_generate_key(a)) goto err; 143 if (!DH_generate_key(a)) goto err;
140 BIO_puts(out,"pri 1="); 144 BIO_puts(out,"pri 1=");
141 BN_print(out,a->priv_key); 145 BN_print(out,a->priv_key);
diff --git a/src/lib/libssl/src/crypto/dsa/Makefile b/src/lib/libssl/src/crypto/dsa/Makefile
index 3a55058973..4f10278039 100644
--- a/src/lib/libssl/src/crypto/dsa/Makefile
+++ b/src/lib/libssl/src/crypto/dsa/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/dsa/Makefile 2# OpenSSL/crypto/dsa/Makefile
3# 3#
4 4
5DIR= dsa 5DIR= dsa
diff --git a/src/lib/libssl/src/crypto/dsa/dsa.h b/src/lib/libssl/src/crypto/dsa/dsa.h
index 225ff391f9..851e3f0445 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa.h
+++ b/src/lib/libssl/src/crypto/dsa/dsa.h
@@ -80,6 +80,20 @@
80#endif 80#endif
81 81
82#define DSA_FLAG_CACHE_MONT_P 0x01 82#define DSA_FLAG_CACHE_MONT_P 0x01
83#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
84 * implementation now uses constant time
85 * modular exponentiation for secret exponents
86 * by default. This flag causes the
87 * faster variable sliding window method to
88 * be used for all exponents.
89 */
90
91/* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode
92 * it is then the applications responsibility to ensure the external method
93 * is compliant.
94 */
95
96#define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW 0x04
83 97
84#if defined(OPENSSL_FIPS) 98#if defined(OPENSSL_FIPS)
85#define FIPS_DSA_SIZE_T int 99#define FIPS_DSA_SIZE_T int
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_err.c b/src/lib/libssl/src/crypto/dsa/dsa_err.c
index 79aa4ff526..fd42053572 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_err.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
1/* crypto/dsa/dsa_err.c */ 1/* crypto/dsa/dsa_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,29 +64,33 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
70
67static ERR_STRING_DATA DSA_str_functs[]= 71static ERR_STRING_DATA DSA_str_functs[]=
68 { 72 {
69{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"}, 73{ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
70{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"}, 74{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
71{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"}, 75{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
72{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"}, 76{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
73{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"}, 77{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
74{ERR_PACK(0,DSA_F_DSA_NEW_METHOD,0), "DSA_new_method"}, 78{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
75{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"}, 79{ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"},
76{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"}, 80{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
77{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"}, 81{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
78{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"}, 82{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
79{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"}, 83{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
80{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"}, 84{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
81{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"}, 85{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
82{ERR_PACK(0,DSA_F_SIG_CB,0), "SIG_CB"}, 86{ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"},
83{0,NULL} 87{0,NULL}
84 }; 88 };
85 89
86static ERR_STRING_DATA DSA_str_reasons[]= 90static ERR_STRING_DATA DSA_str_reasons[]=
87 { 91 {
88{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, 92{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
89{DSA_R_MISSING_PARAMETERS ,"missing parameters"}, 93{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
90{0,NULL} 94{0,NULL}
91 }; 95 };
92 96
@@ -100,8 +104,8 @@ void ERR_load_DSA_strings(void)
100 { 104 {
101 init=0; 105 init=0;
102#ifndef OPENSSL_NO_ERR 106#ifndef OPENSSL_NO_ERR
103 ERR_load_strings(ERR_LIB_DSA,DSA_str_functs); 107 ERR_load_strings(0,DSA_str_functs);
104 ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons); 108 ERR_load_strings(0,DSA_str_reasons);
105#endif 109#endif
106 110
107 } 111 }
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c
index 30607ca579..980b6dc2d3 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_key.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c
@@ -90,8 +90,22 @@ int DSA_generate_key(DSA *dsa)
90 } 90 }
91 else 91 else
92 pub_key=dsa->pub_key; 92 pub_key=dsa->pub_key;
93
94 {
95 BIGNUM local_prk;
96 BIGNUM *prk;
97
98 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
99 {
100 BN_init(&local_prk);
101 prk = &local_prk;
102 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
103 }
104 else
105 prk = priv_key;
93 106
94 if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; 107 if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err;
108 }
95 109
96 dsa->priv_key=priv_key; 110 dsa->priv_key=priv_key;
97 dsa->pub_key=pub_key; 111 dsa->pub_key=pub_key;
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
index f1a85afcde..12509a7083 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
@@ -172,7 +172,7 @@ err:
172static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) 172static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
173 { 173 {
174 BN_CTX *ctx; 174 BN_CTX *ctx;
175 BIGNUM k,*kinv=NULL,*r=NULL; 175 BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
176 int ret=0; 176 int ret=0;
177 177
178 if (!dsa->p || !dsa->q || !dsa->g) 178 if (!dsa->p || !dsa->q || !dsa->g)
@@ -182,6 +182,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
182 } 182 }
183 183
184 BN_init(&k); 184 BN_init(&k);
185 BN_init(&kq);
185 186
186 if (ctx_in == NULL) 187 if (ctx_in == NULL)
187 { 188 {
@@ -191,22 +192,49 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
191 ctx=ctx_in; 192 ctx=ctx_in;
192 193
193 if ((r=BN_new()) == NULL) goto err; 194 if ((r=BN_new()) == NULL) goto err;
194 kinv=NULL;
195 195
196 /* Get random k */ 196 /* Get random k */
197 do 197 do
198 if (!BN_rand_range(&k, dsa->q)) goto err; 198 if (!BN_rand_range(&k, dsa->q)) goto err;
199 while (BN_is_zero(&k)); 199 while (BN_is_zero(&k));
200 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
201 {
202 BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
203 }
200 204
201 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) 205 if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
202 { 206 {
203 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 207 if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
204 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, 208 CRYPTO_LOCK_DSA,
205 dsa->p,ctx)) goto err; 209 dsa->p, ctx))
210 goto err;
206 } 211 }
207 212
208 /* Compute r = (g^k mod p) mod q */ 213 /* Compute r = (g^k mod p) mod q */
209 if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, 214
215 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
216 {
217 if (!BN_copy(&kq, &k)) goto err;
218
219 /* We do not want timing information to leak the length of k,
220 * so we compute g^k using an equivalent exponent of fixed length.
221 *
222 * (This is a kludge that we need because the BN_mod_exp_mont()
223 * does not let us specify the desired timing behaviour.) */
224
225 if (!BN_add(&kq, &kq, dsa->q)) goto err;
226 if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
227 {
228 if (!BN_add(&kq, &kq, dsa->q)) goto err;
229 }
230
231 K = &kq;
232 }
233 else
234 {
235 K = &k;
236 }
237 if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx,
210 (BN_MONT_CTX *)dsa->method_mont_p)) goto err; 238 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
211 if (!BN_mod(r,r,dsa->q,ctx)) goto err; 239 if (!BN_mod(r,r,dsa->q,ctx)) goto err;
212 240
@@ -229,6 +257,7 @@ err:
229 if (ctx_in == NULL) BN_CTX_free(ctx); 257 if (ctx_in == NULL) BN_CTX_free(ctx);
230 if (kinv != NULL) BN_clear_free(kinv); 258 if (kinv != NULL) BN_clear_free(kinv);
231 BN_clear_free(&k); 259 BN_clear_free(&k);
260 BN_clear_free(&kq);
232 return(ret); 261 return(ret);
233 } 262 }
234 263
@@ -275,13 +304,15 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
275 /* u2 = r * w mod q */ 304 /* u2 = r * w mod q */
276 if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; 305 if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
277 306
278 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) 307
308 if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
279 { 309 {
280 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 310 mont = BN_MONT_CTX_set_locked(
281 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, 311 (BN_MONT_CTX **)&dsa->method_mont_p,
282 dsa->p,ctx)) goto err; 312 CRYPTO_LOCK_DSA, dsa->p, ctx);
313 if (!mont)
314 goto err;
283 } 315 }
284 mont=(BN_MONT_CTX *)dsa->method_mont_p;
285 316
286#if 0 317#if 0
287 { 318 {
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
index 3c9753bac3..37c65efb20 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_sign.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
@@ -72,7 +72,8 @@
72DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) 72DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
73 { 73 {
74#ifdef OPENSSL_FIPS 74#ifdef OPENSSL_FIPS
75 if(FIPS_mode() && !FIPS_dsa_check(dsa)) 75 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
76 && !FIPS_dsa_check(dsa))
76 return NULL; 77 return NULL;
77#endif 78#endif
78 return dsa->meth->dsa_do_sign(dgst, dlen, dsa); 79 return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
@@ -96,7 +97,8 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
96int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) 97int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
97 { 98 {
98#ifdef OPENSSL_FIPS 99#ifdef OPENSSL_FIPS
99 if(FIPS_mode() && !FIPS_dsa_check(dsa)) 100 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
101 && !FIPS_dsa_check(dsa))
100 return 0; 102 return 0;
101#endif 103#endif
102 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); 104 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
index 8ef0c45025..c9784bed48 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
@@ -74,7 +74,8 @@ int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
74 DSA *dsa) 74 DSA *dsa)
75 { 75 {
76#ifdef OPENSSL_FIPS 76#ifdef OPENSSL_FIPS
77 if(FIPS_mode() && !FIPS_dsa_check(dsa)) 77 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
78 && !FIPS_dsa_check(dsa))
78 return -1; 79 return -1;
79#endif 80#endif
80 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); 81 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
diff --git a/src/lib/libssl/src/crypto/dsa/dsatest.c b/src/lib/libssl/src/crypto/dsa/dsatest.c
index 4734ce4af8..55a3756aff 100644
--- a/src/lib/libssl/src/crypto/dsa/dsatest.c
+++ b/src/lib/libssl/src/crypto/dsa/dsatest.c
@@ -194,10 +194,19 @@ int main(int argc, char **argv)
194 BIO_printf(bio_err,"g value is wrong\n"); 194 BIO_printf(bio_err,"g value is wrong\n");
195 goto end; 195 goto end;
196 } 196 }
197
198 dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
197 DSA_generate_key(dsa); 199 DSA_generate_key(dsa);
198 DSA_sign(0, str1, 20, sig, &siglen, dsa); 200 DSA_sign(0, str1, 20, sig, &siglen, dsa);
199 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) 201 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
200 ret=1; 202 ret=1;
203
204 dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
205 DSA_generate_key(dsa);
206 DSA_sign(0, str1, 20, sig, &siglen, dsa);
207 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
208 ret=1;
209
201end: 210end:
202 if (!ret) 211 if (!ret)
203 ERR_print_errors(bio_err); 212 ERR_print_errors(bio_err);
diff --git a/src/lib/libssl/src/crypto/dso/Makefile b/src/lib/libssl/src/crypto/dso/Makefile
index 168951bc3e..c16278c3ff 100644
--- a/src/lib/libssl/src/crypto/dso/Makefile
+++ b/src/lib/libssl/src/crypto/dso/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/dso/Makefile 2# OpenSSL/crypto/dso/Makefile
3# 3#
4 4
5DIR= dso 5DIR= dso
diff --git a/src/lib/libssl/src/crypto/dso/dso_dl.c b/src/lib/libssl/src/crypto/dso/dso_dl.c
index 79d2cb4d8c..f7b4dfc0c3 100644
--- a/src/lib/libssl/src/crypto/dso/dso_dl.c
+++ b/src/lib/libssl/src/crypto/dso/dso_dl.c
@@ -126,7 +126,8 @@ static int dl_load(DSO *dso)
126 DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); 126 DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME);
127 goto err; 127 goto err;
128 } 128 }
129 ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L); 129 ptr = shl_load(filename, BIND_IMMEDIATE |
130 (dso->flags&DSO_FLAG_NO_NAME_TRANSLATION?0:DYNAMIC_PATH), 0L);
130 if(ptr == NULL) 131 if(ptr == NULL)
131 { 132 {
132 DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); 133 DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);
@@ -281,4 +282,36 @@ static char *dl_name_converter(DSO *dso, const char *filename)
281 return(translated); 282 return(translated);
282 } 283 }
283 284
285#ifdef OPENSSL_FIPS
286static void dl_ref_point(){}
287
288int DSO_pathbyaddr(void *addr,char *path,int sz)
289 {
290 struct shl_descriptor inf;
291 int i,len;
292
293 if (addr == NULL)
294 {
295 union { void(*f)(); void *p; } t = { dl_ref_point };
296 addr = t.p;
297 }
298
299 for (i=-1;shl_get_r(i,&inf)==0;i++)
300 {
301 if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
302 ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend))
303 {
304 len = (int)strlen(inf.filename);
305 if (sz <= 0) return len+1;
306 if (len >= sz) len=sz-1;
307 memcpy(path,inf.filename,len);
308 path[len++] = 0;
309 return len;
310 }
311 }
312
313 return -1;
314 }
315#endif
316
284#endif /* DSO_DL */ 317#endif /* DSO_DL */
diff --git a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
index 9d49ebc253..0422a4859a 100644
--- a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
+++ b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
@@ -56,6 +56,10 @@
56 * 56 *
57 */ 57 */
58 58
59#ifdef __linux
60#define _GNU_SOURCE
61#endif
62
59#include <stdio.h> 63#include <stdio.h>
60#include "cryptlib.h" 64#include "cryptlib.h"
61#include <openssl/dso.h> 65#include <openssl/dso.h>
@@ -228,7 +232,7 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname)
228static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) 232static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
229 { 233 {
230 void *ptr; 234 void *ptr;
231 DSO_FUNC_TYPE sym; 235 DSO_FUNC_TYPE sym, *tsym = &sym;
232 236
233 if((dso == NULL) || (symname == NULL)) 237 if((dso == NULL) || (symname == NULL))
234 { 238 {
@@ -246,7 +250,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
246 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); 250 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
247 return(NULL); 251 return(NULL);
248 } 252 }
249 sym = (DSO_FUNC_TYPE)dlsym(ptr, symname); 253 *(void**)(tsym) = dlsym(ptr, symname);
250 if(sym == NULL) 254 if(sym == NULL)
251 { 255 {
252 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); 256 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
@@ -290,4 +294,32 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
290 return(translated); 294 return(translated);
291 } 295 }
292 296
297#ifdef OPENSSL_FIPS
298static void dlfcn_ref_point(){}
299
300int DSO_pathbyaddr(void *addr,char *path,int sz)
301 {
302 Dl_info dli;
303 int len;
304
305 if (addr == NULL)
306 {
307 union { void(*f)(void); void *p; } t = { dlfcn_ref_point };
308 addr = t.p;
309 }
310
311 if (dladdr(addr,&dli))
312 {
313 len = (int)strlen(dli.dli_fname);
314 if (sz <= 0) return len+1;
315 if (len >= sz) len=sz-1;
316 memcpy(path,dli.dli_fname,len);
317 path[len++]=0;
318 return len;
319 }
320
321 ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror());
322 return -1;
323 }
324#endif
293#endif /* DSO_DLFCN */ 325#endif /* DSO_DLFCN */
diff --git a/src/lib/libssl/src/crypto/dso/dso_err.c b/src/lib/libssl/src/crypto/dso/dso_err.c
index cf452de1aa..581677cc36 100644
--- a/src/lib/libssl/src/crypto/dso/dso_err.c
+++ b/src/lib/libssl/src/crypto/dso/dso_err.c
@@ -1,6 +1,6 @@
1/* crypto/dso/dso_err.c */ 1/* crypto/dso/dso_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,56 +64,60 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
70
67static ERR_STRING_DATA DSO_str_functs[]= 71static ERR_STRING_DATA DSO_str_functs[]=
68 { 72 {
69{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0), "DLFCN_BIND_FUNC"}, 73{ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"},
70{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0), "DLFCN_BIND_VAR"}, 74{ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"},
71{ERR_PACK(0,DSO_F_DLFCN_LOAD,0), "DLFCN_LOAD"}, 75{ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"},
72{ERR_PACK(0,DSO_F_DLFCN_NAME_CONVERTER,0), "DLFCN_NAME_CONVERTER"}, 76{ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "DLFCN_NAME_CONVERTER"},
73{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0), "DLFCN_UNLOAD"}, 77{ERR_FUNC(DSO_F_DLFCN_UNLOAD), "DLFCN_UNLOAD"},
74{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0), "DL_BIND_FUNC"}, 78{ERR_FUNC(DSO_F_DL_BIND_FUNC), "DL_BIND_FUNC"},
75{ERR_PACK(0,DSO_F_DL_BIND_VAR,0), "DL_BIND_VAR"}, 79{ERR_FUNC(DSO_F_DL_BIND_VAR), "DL_BIND_VAR"},
76{ERR_PACK(0,DSO_F_DL_LOAD,0), "DL_LOAD"}, 80{ERR_FUNC(DSO_F_DL_LOAD), "DL_LOAD"},
77{ERR_PACK(0,DSO_F_DL_NAME_CONVERTER,0), "DL_NAME_CONVERTER"}, 81{ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "DL_NAME_CONVERTER"},
78{ERR_PACK(0,DSO_F_DL_UNLOAD,0), "DL_UNLOAD"}, 82{ERR_FUNC(DSO_F_DL_UNLOAD), "DL_UNLOAD"},
79{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0), "DSO_bind_func"}, 83{ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"},
80{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0), "DSO_bind_var"}, 84{ERR_FUNC(DSO_F_DSO_BIND_VAR), "DSO_bind_var"},
81{ERR_PACK(0,DSO_F_DSO_CONVERT_FILENAME,0), "DSO_convert_filename"}, 85{ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME), "DSO_convert_filename"},
82{ERR_PACK(0,DSO_F_DSO_CTRL,0), "DSO_ctrl"}, 86{ERR_FUNC(DSO_F_DSO_CTRL), "DSO_ctrl"},
83{ERR_PACK(0,DSO_F_DSO_FREE,0), "DSO_free"}, 87{ERR_FUNC(DSO_F_DSO_FREE), "DSO_free"},
84{ERR_PACK(0,DSO_F_DSO_GET_FILENAME,0), "DSO_get_filename"}, 88{ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"},
85{ERR_PACK(0,DSO_F_DSO_GET_LOADED_FILENAME,0), "DSO_get_loaded_filename"}, 89{ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"},
86{ERR_PACK(0,DSO_F_DSO_LOAD,0), "DSO_load"}, 90{ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"},
87{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0), "DSO_new_method"}, 91{ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"},
88{ERR_PACK(0,DSO_F_DSO_SET_FILENAME,0), "DSO_set_filename"}, 92{ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"},
89{ERR_PACK(0,DSO_F_DSO_SET_NAME_CONVERTER,0), "DSO_set_name_converter"}, 93{ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"},
90{ERR_PACK(0,DSO_F_DSO_UP_REF,0), "DSO_up_ref"}, 94{ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"},
91{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0), "VMS_BIND_VAR"}, 95{ERR_FUNC(DSO_F_VMS_BIND_VAR), "VMS_BIND_VAR"},
92{ERR_PACK(0,DSO_F_VMS_LOAD,0), "VMS_LOAD"}, 96{ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"},
93{ERR_PACK(0,DSO_F_VMS_UNLOAD,0), "VMS_UNLOAD"}, 97{ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"},
94{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0), "WIN32_BIND_FUNC"}, 98{ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"},
95{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0), "WIN32_BIND_VAR"}, 99{ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"},
96{ERR_PACK(0,DSO_F_WIN32_LOAD,0), "WIN32_LOAD"}, 100{ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"},
97{ERR_PACK(0,DSO_F_WIN32_NAME_CONVERTER,0), "WIN32_NAME_CONVERTER"}, 101{ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"},
98{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0), "WIN32_UNLOAD"}, 102{ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"},
99{0,NULL} 103{0,NULL}
100 }; 104 };
101 105
102static ERR_STRING_DATA DSO_str_reasons[]= 106static ERR_STRING_DATA DSO_str_reasons[]=
103 { 107 {
104{DSO_R_CTRL_FAILED ,"control command failed"}, 108{ERR_REASON(DSO_R_CTRL_FAILED) ,"control command failed"},
105{DSO_R_DSO_ALREADY_LOADED ,"dso already loaded"}, 109{ERR_REASON(DSO_R_DSO_ALREADY_LOADED) ,"dso already loaded"},
106{DSO_R_FILENAME_TOO_BIG ,"filename too big"}, 110{ERR_REASON(DSO_R_FILENAME_TOO_BIG) ,"filename too big"},
107{DSO_R_FINISH_FAILED ,"cleanup method function failed"}, 111{ERR_REASON(DSO_R_FINISH_FAILED) ,"cleanup method function failed"},
108{DSO_R_LOAD_FAILED ,"could not load the shared library"}, 112{ERR_REASON(DSO_R_LOAD_FAILED) ,"could not load the shared library"},
109{DSO_R_NAME_TRANSLATION_FAILED ,"name translation failed"}, 113{ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED),"name translation failed"},
110{DSO_R_NO_FILENAME ,"no filename"}, 114{ERR_REASON(DSO_R_NO_FILENAME) ,"no filename"},
111{DSO_R_NULL_HANDLE ,"a null shared library handle was used"}, 115{ERR_REASON(DSO_R_NULL_HANDLE) ,"a null shared library handle was used"},
112{DSO_R_SET_FILENAME_FAILED ,"set filename failed"}, 116{ERR_REASON(DSO_R_SET_FILENAME_FAILED) ,"set filename failed"},
113{DSO_R_STACK_ERROR ,"the meth_data stack is corrupt"}, 117{ERR_REASON(DSO_R_STACK_ERROR) ,"the meth_data stack is corrupt"},
114{DSO_R_SYM_FAILURE ,"could not bind to the requested symbol name"}, 118{ERR_REASON(DSO_R_SYM_FAILURE) ,"could not bind to the requested symbol name"},
115{DSO_R_UNLOAD_FAILED ,"could not unload the shared library"}, 119{ERR_REASON(DSO_R_UNLOAD_FAILED) ,"could not unload the shared library"},
116{DSO_R_UNSUPPORTED ,"functionality not supported"}, 120{ERR_REASON(DSO_R_UNSUPPORTED) ,"functionality not supported"},
117{0,NULL} 121{0,NULL}
118 }; 122 };
119 123
@@ -127,8 +131,8 @@ void ERR_load_DSO_strings(void)
127 { 131 {
128 init=0; 132 init=0;
129#ifndef OPENSSL_NO_ERR 133#ifndef OPENSSL_NO_ERR
130 ERR_load_strings(ERR_LIB_DSO,DSO_str_functs); 134 ERR_load_strings(0,DSO_str_functs);
131 ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons); 135 ERR_load_strings(0,DSO_str_reasons);
132#endif 136#endif
133 137
134 } 138 }
diff --git a/src/lib/libssl/src/crypto/dso/dso_win32.c b/src/lib/libssl/src/crypto/dso/dso_win32.c
index 3fa90eb27c..cc4ac68696 100644
--- a/src/lib/libssl/src/crypto/dso/dso_win32.c
+++ b/src/lib/libssl/src/crypto/dso/dso_win32.c
@@ -68,6 +68,25 @@ DSO_METHOD *DSO_METHOD_win32(void)
68 } 68 }
69#else 69#else
70 70
71#ifdef _WIN32_WCE
72# if _WIN32_WCE < 300
73static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName)
74 {
75 WCHAR lpProcNameW[64];
76 int i;
77
78 for (i=0;lpProcName[i] && i<64;i++)
79 lpProcNameW[i] = (WCHAR)lpProcName[i];
80 if (i==64) return NULL;
81 lpProcNameW[i] = 0;
82
83 return GetProcAddressW(hModule,lpProcNameW);
84 }
85# endif
86# undef GetProcAddress
87# define GetProcAddress GetProcAddressA
88#endif
89
71/* Part of the hack in "win32_load" ... */ 90/* Part of the hack in "win32_load" ... */
72#define DSO_MAX_TRANSLATED_SIZE 256 91#define DSO_MAX_TRANSLATED_SIZE 256
73 92
@@ -122,7 +141,7 @@ static int win32_load(DSO *dso)
122 DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME); 141 DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME);
123 goto err; 142 goto err;
124 } 143 }
125 h = LoadLibrary(filename); 144 h = LoadLibraryA(filename);
126 if(h == NULL) 145 if(h == NULL)
127 { 146 {
128 DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED); 147 DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED);
diff --git a/src/lib/libssl/src/crypto/ec/ec_err.c b/src/lib/libssl/src/crypto/ec/ec_err.c
index d37b6aba87..5b70f94382 100644
--- a/src/lib/libssl/src/crypto/ec/ec_err.c
+++ b/src/lib/libssl/src/crypto/ec/ec_err.c
@@ -1,6 +1,6 @@
1/* crypto/ec/ec_err.c */ 1/* crypto/ec/ec_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,70 +64,74 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
70
67static ERR_STRING_DATA EC_str_functs[]= 71static ERR_STRING_DATA EC_str_functs[]=
68 { 72 {
69{ERR_PACK(0,EC_F_COMPUTE_WNAF,0), "COMPUTE_WNAF"}, 73{ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
70{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_DECODE,0), "ec_GFp_mont_field_decode"}, 74{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"},
71{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_ENCODE,0), "ec_GFp_mont_field_encode"}, 75{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"},
72{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_MUL,0), "ec_GFp_mont_field_mul"}, 76{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"},
73{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_SQR,0), "ec_GFp_mont_field_sqr"}, 77{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
74{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP,0), "ec_GFp_simple_group_set_curve_GFp"}, 78{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP), "ec_GFp_simple_group_set_curve_GFp"},
75{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR,0), "ec_GFp_simple_group_set_generator"}, 79{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR), "ec_GFp_simple_group_set_generator"},
76{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_MAKE_AFFINE,0), "ec_GFp_simple_make_affine"}, 80{ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
77{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_OCT2POINT,0), "ec_GFp_simple_oct2point"}, 81{ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
78{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT2OCT,0), "ec_GFp_simple_point2oct"}, 82{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
79{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE,0), "ec_GFp_simple_points_make_affine"}, 83{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE), "ec_GFp_simple_points_make_affine"},
80{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP,0), "ec_GFp_simple_point_get_affine_coordinates_GFp"}, 84{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_get_affine_coordinates_GFp"},
81{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP,0), "ec_GFp_simple_point_set_affine_coordinates_GFp"}, 85{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_set_affine_coordinates_GFp"},
82{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP,0), "ec_GFp_simple_set_compressed_coordinates_GFp"}, 86{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP), "ec_GFp_simple_set_compressed_coordinates_GFp"},
83{ERR_PACK(0,EC_F_EC_GROUP_COPY,0), "EC_GROUP_copy"}, 87{ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
84{ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0), "EC_GROUP_get0_generator"}, 88{ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"},
85{ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0), "EC_GROUP_get_cofactor"}, 89{ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"},
86{ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0), "EC_GROUP_get_curve_GFp"}, 90{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
87{ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"}, 91{ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"},
88{ERR_PACK(0,EC_F_EC_GROUP_NEW,0), "EC_GROUP_new"}, 92{ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"},
89{ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0), "EC_GROUP_precompute_mult"}, 93{ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"},
90{ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0), "EC_GROUP_set_curve_GFp"}, 94{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
91{ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0), "EC_GROUP_set_extra_data"}, 95{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_set_extra_data"},
92{ERR_PACK(0,EC_F_EC_GROUP_SET_GENERATOR,0), "EC_GROUP_set_generator"}, 96{ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
93{ERR_PACK(0,EC_F_EC_POINTS_MAKE_AFFINE,0), "EC_POINTs_make_affine"}, 97{ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
94{ERR_PACK(0,EC_F_EC_POINTS_MUL,0), "EC_POINTs_mul"}, 98{ERR_FUNC(EC_F_EC_POINTS_MUL), "EC_POINTs_mul"},
95{ERR_PACK(0,EC_F_EC_POINT_ADD,0), "EC_POINT_add"}, 99{ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
96{ERR_PACK(0,EC_F_EC_POINT_CMP,0), "EC_POINT_cmp"}, 100{ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
97{ERR_PACK(0,EC_F_EC_POINT_COPY,0), "EC_POINT_copy"}, 101{ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"},
98{ERR_PACK(0,EC_F_EC_POINT_DBL,0), "EC_POINT_dbl"}, 102{ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"},
99{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,0), "EC_POINT_get_affine_coordinates_GFp"}, 103{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP), "EC_POINT_get_affine_coordinates_GFp"},
100{ERR_PACK(0,EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,0), "EC_POINT_get_Jprojective_coordinates_GFp"}, 104{ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_get_Jprojective_coordinates_GFp"},
101{ERR_PACK(0,EC_F_EC_POINT_IS_AT_INFINITY,0), "EC_POINT_is_at_infinity"}, 105{ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
102{ERR_PACK(0,EC_F_EC_POINT_IS_ON_CURVE,0), "EC_POINT_is_on_curve"}, 106{ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
103{ERR_PACK(0,EC_F_EC_POINT_MAKE_AFFINE,0), "EC_POINT_make_affine"}, 107{ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
104{ERR_PACK(0,EC_F_EC_POINT_NEW,0), "EC_POINT_new"}, 108{ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
105{ERR_PACK(0,EC_F_EC_POINT_OCT2POINT,0), "EC_POINT_oct2point"}, 109{ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
106{ERR_PACK(0,EC_F_EC_POINT_POINT2OCT,0), "EC_POINT_point2oct"}, 110{ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
107{ERR_PACK(0,EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,0), "EC_POINT_set_affine_coordinates_GFp"}, 111{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP), "EC_POINT_set_affine_coordinates_GFp"},
108{ERR_PACK(0,EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,0), "EC_POINT_set_compressed_coordinates_GFp"}, 112{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP), "EC_POINT_set_compressed_coordinates_GFp"},
109{ERR_PACK(0,EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,0), "EC_POINT_set_Jprojective_coordinates_GFp"}, 113{ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_set_Jprojective_coordinates_GFp"},
110{ERR_PACK(0,EC_F_EC_POINT_SET_TO_INFINITY,0), "EC_POINT_set_to_infinity"}, 114{ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
111{ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE_GFP,0), "GFP_MONT_GROUP_SET_CURVE_GFP"}, 115{ERR_FUNC(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP), "GFP_MONT_GROUP_SET_CURVE_GFP"},
112{0,NULL} 116{0,NULL}
113 }; 117 };
114 118
115static ERR_STRING_DATA EC_str_reasons[]= 119static ERR_STRING_DATA EC_str_reasons[]=
116 { 120 {
117{EC_R_BUFFER_TOO_SMALL ,"buffer too small"}, 121{ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"},
118{EC_R_INCOMPATIBLE_OBJECTS ,"incompatible objects"}, 122{ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS) ,"incompatible objects"},
119{EC_R_INVALID_ARGUMENT ,"invalid argument"}, 123{ERR_REASON(EC_R_INVALID_ARGUMENT) ,"invalid argument"},
120{EC_R_INVALID_COMPRESSED_POINT ,"invalid compressed point"}, 124{ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"},
121{EC_R_INVALID_COMPRESSION_BIT ,"invalid compression bit"}, 125{ERR_REASON(EC_R_INVALID_COMPRESSION_BIT),"invalid compression bit"},
122{EC_R_INVALID_ENCODING ,"invalid encoding"}, 126{ERR_REASON(EC_R_INVALID_ENCODING) ,"invalid encoding"},
123{EC_R_INVALID_FIELD ,"invalid field"}, 127{ERR_REASON(EC_R_INVALID_FIELD) ,"invalid field"},
124{EC_R_INVALID_FORM ,"invalid form"}, 128{ERR_REASON(EC_R_INVALID_FORM) ,"invalid form"},
125{EC_R_NOT_INITIALIZED ,"not initialized"}, 129{ERR_REASON(EC_R_NOT_INITIALIZED) ,"not initialized"},
126{EC_R_POINT_AT_INFINITY ,"point at infinity"}, 130{ERR_REASON(EC_R_POINT_AT_INFINITY) ,"point at infinity"},
127{EC_R_POINT_IS_NOT_ON_CURVE ,"point is not on curve"}, 131{ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE) ,"point is not on curve"},
128{EC_R_SLOT_FULL ,"slot full"}, 132{ERR_REASON(EC_R_SLOT_FULL) ,"slot full"},
129{EC_R_UNDEFINED_GENERATOR ,"undefined generator"}, 133{ERR_REASON(EC_R_UNDEFINED_GENERATOR) ,"undefined generator"},
130{EC_R_UNKNOWN_ORDER ,"unknown order"}, 134{ERR_REASON(EC_R_UNKNOWN_ORDER) ,"unknown order"},
131{0,NULL} 135{0,NULL}
132 }; 136 };
133 137
@@ -141,8 +145,8 @@ void ERR_load_EC_strings(void)
141 { 145 {
142 init=0; 146 init=0;
143#ifndef OPENSSL_NO_ERR 147#ifndef OPENSSL_NO_ERR
144 ERR_load_strings(ERR_LIB_EC,EC_str_functs); 148 ERR_load_strings(0,EC_str_functs);
145 ERR_load_strings(ERR_LIB_EC,EC_str_reasons); 149 ERR_load_strings(0,EC_str_reasons);
146#endif 150#endif
147 151
148 } 152 }
diff --git a/src/lib/libssl/src/crypto/engine/eng_cnf.c b/src/lib/libssl/src/crypto/engine/eng_cnf.c
index cdf670901a..4225760af1 100644
--- a/src/lib/libssl/src/crypto/engine/eng_cnf.c
+++ b/src/lib/libssl/src/crypto/engine/eng_cnf.c
@@ -158,7 +158,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
158 */ 158 */
159 if (!strcmp(ctrlvalue, "EMPTY")) 159 if (!strcmp(ctrlvalue, "EMPTY"))
160 ctrlvalue = NULL; 160 ctrlvalue = NULL;
161 else if (!strcmp(ctrlname, "init")) 161 if (!strcmp(ctrlname, "init"))
162 { 162 {
163 if (!NCONF_get_number_e(cnf, value, "init", &do_init)) 163 if (!NCONF_get_number_e(cnf, value, "init", &do_init))
164 goto err; 164 goto err;
diff --git a/src/lib/libssl/src/crypto/engine/eng_err.c b/src/lib/libssl/src/crypto/engine/eng_err.c
index 814d95ee32..fdc0e7be0f 100644
--- a/src/lib/libssl/src/crypto/engine/eng_err.c
+++ b/src/lib/libssl/src/crypto/engine/eng_err.c
@@ -1,6 +1,6 @@
1/* crypto/engine/eng_err.c */ 1/* crypto/engine/eng_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,87 +64,91 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
70
67static ERR_STRING_DATA ENGINE_str_functs[]= 71static ERR_STRING_DATA ENGINE_str_functs[]=
68 { 72 {
69{ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0), "DYNAMIC_CTRL"}, 73{ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"},
70{ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0), "DYNAMIC_GET_DATA_CTX"}, 74{ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"},
71{ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0), "DYNAMIC_LOAD"}, 75{ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"},
72{ERR_PACK(0,ENGINE_F_ENGINE_ADD,0), "ENGINE_add"}, 76{ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"},
73{ERR_PACK(0,ENGINE_F_ENGINE_BY_ID,0), "ENGINE_by_id"}, 77{ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"},
74{ERR_PACK(0,ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,0), "ENGINE_cmd_is_executable"}, 78{ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"},
75{ERR_PACK(0,ENGINE_F_ENGINE_CTRL,0), "ENGINE_ctrl"}, 79{ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"},
76{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD,0), "ENGINE_ctrl_cmd"}, 80{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"},
77{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0), "ENGINE_ctrl_cmd_string"}, 81{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"},
78{ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0), "ENGINE_finish"}, 82{ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
79{ERR_PACK(0,ENGINE_F_ENGINE_FREE,0), "ENGINE_free"}, 83{ERR_FUNC(ENGINE_F_ENGINE_FREE), "ENGINE_free"},
80{ERR_PACK(0,ENGINE_F_ENGINE_GET_CIPHER,0), "ENGINE_get_cipher"}, 84{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
81{ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0), "ENGINE_GET_DEFAULT_TYPE"}, 85{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
82{ERR_PACK(0,ENGINE_F_ENGINE_GET_DIGEST,0), "ENGINE_get_digest"}, 86{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
83{ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0), "ENGINE_get_next"}, 87{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
84{ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0), "ENGINE_get_prev"}, 88{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"},
85{ERR_PACK(0,ENGINE_F_ENGINE_INIT,0), "ENGINE_init"}, 89{ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"},
86{ERR_PACK(0,ENGINE_F_ENGINE_LIST_ADD,0), "ENGINE_LIST_ADD"}, 90{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"},
87{ERR_PACK(0,ENGINE_F_ENGINE_LIST_REMOVE,0), "ENGINE_LIST_REMOVE"}, 91{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"},
88{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,0), "ENGINE_load_private_key"}, 92{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"},
89{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,0), "ENGINE_load_public_key"}, 93{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"},
90{ERR_PACK(0,ENGINE_F_ENGINE_MODULE_INIT,0), "ENGINE_MODULE_INIT"}, 94{ERR_FUNC(ENGINE_F_ENGINE_MODULE_INIT), "ENGINE_MODULE_INIT"},
91{ERR_PACK(0,ENGINE_F_ENGINE_NEW,0), "ENGINE_new"}, 95{ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"},
92{ERR_PACK(0,ENGINE_F_ENGINE_REMOVE,0), "ENGINE_remove"}, 96{ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
93{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_STRING,0), "ENGINE_set_default_string"}, 97{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"},
94{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0), "ENGINE_SET_DEFAULT_TYPE"}, 98{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"},
95{ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0), "ENGINE_set_id"}, 99{ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
96{ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"}, 100{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
97{ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"}, 101{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"},
98{ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"}, 102{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"},
99{ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0), "ENGINE_up_ref"}, 103{ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"},
100{ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"}, 104{ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"},
101{ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0), "INT_ENGINE_CONFIGURE"}, 105{ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"},
102{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"}, 106{ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"},
103{ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0), "SET_DATA_CTX"}, 107{ERR_FUNC(ENGINE_F_SET_DATA_CTX), "SET_DATA_CTX"},
104{0,NULL} 108{0,NULL}
105 }; 109 };
106 110
107static ERR_STRING_DATA ENGINE_str_reasons[]= 111static ERR_STRING_DATA ENGINE_str_reasons[]=
108 { 112 {
109{ENGINE_R_ALREADY_LOADED ,"already loaded"}, 113{ERR_REASON(ENGINE_R_ALREADY_LOADED) ,"already loaded"},
110{ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER ,"argument is not a number"}, 114{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),"argument is not a number"},
111{ENGINE_R_CMD_NOT_EXECUTABLE ,"cmd not executable"}, 115{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) ,"cmd not executable"},
112{ENGINE_R_COMMAND_TAKES_INPUT ,"command takes input"}, 116{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT),"command takes input"},
113{ENGINE_R_COMMAND_TAKES_NO_INPUT ,"command takes no input"}, 117{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT),"command takes no input"},
114{ENGINE_R_CONFLICTING_ENGINE_ID ,"conflicting engine id"}, 118{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID),"conflicting engine id"},
115{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, 119{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
116{ENGINE_R_DH_NOT_IMPLEMENTED ,"dh not implemented"}, 120{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) ,"dh not implemented"},
117{ENGINE_R_DSA_NOT_IMPLEMENTED ,"dsa not implemented"}, 121{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED),"dsa not implemented"},
118{ENGINE_R_DSO_FAILURE ,"DSO failure"}, 122{ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"},
119{ENGINE_R_DSO_NOT_FOUND ,"dso not found"}, 123{ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"},
120{ENGINE_R_ENGINES_SECTION_ERROR ,"engines section error"}, 124{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"},
121{ENGINE_R_ENGINE_IS_NOT_IN_LIST ,"engine is not in the list"}, 125{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"},
122{ENGINE_R_ENGINE_SECTION_ERROR ,"engine section error"}, 126{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"},
123{ENGINE_R_FAILED_LOADING_PRIVATE_KEY ,"failed loading private key"}, 127{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"},
124{ENGINE_R_FAILED_LOADING_PUBLIC_KEY ,"failed loading public key"}, 128{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"},
125{ENGINE_R_FINISH_FAILED ,"finish failed"}, 129{ERR_REASON(ENGINE_R_FINISH_FAILED) ,"finish failed"},
126{ENGINE_R_GET_HANDLE_FAILED ,"could not obtain hardware handle"}, 130{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) ,"could not obtain hardware handle"},
127{ENGINE_R_ID_OR_NAME_MISSING ,"'id' or 'name' missing"}, 131{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) ,"'id' or 'name' missing"},
128{ENGINE_R_INIT_FAILED ,"init failed"}, 132{ERR_REASON(ENGINE_R_INIT_FAILED) ,"init failed"},
129{ENGINE_R_INTERNAL_LIST_ERROR ,"internal list error"}, 133{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR),"internal list error"},
130{ENGINE_R_INVALID_ARGUMENT ,"invalid argument"}, 134{ERR_REASON(ENGINE_R_INVALID_ARGUMENT) ,"invalid argument"},
131{ENGINE_R_INVALID_CMD_NAME ,"invalid cmd name"}, 135{ERR_REASON(ENGINE_R_INVALID_CMD_NAME) ,"invalid cmd name"},
132{ENGINE_R_INVALID_CMD_NUMBER ,"invalid cmd number"}, 136{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) ,"invalid cmd number"},
133{ENGINE_R_INVALID_INIT_VALUE ,"invalid init value"}, 137{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) ,"invalid init value"},
134{ENGINE_R_INVALID_STRING ,"invalid string"}, 138{ERR_REASON(ENGINE_R_INVALID_STRING) ,"invalid string"},
135{ENGINE_R_NOT_INITIALISED ,"not initialised"}, 139{ERR_REASON(ENGINE_R_NOT_INITIALISED) ,"not initialised"},
136{ENGINE_R_NOT_LOADED ,"not loaded"}, 140{ERR_REASON(ENGINE_R_NOT_LOADED) ,"not loaded"},
137{ENGINE_R_NO_CONTROL_FUNCTION ,"no control function"}, 141{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION),"no control function"},
138{ENGINE_R_NO_INDEX ,"no index"}, 142{ERR_REASON(ENGINE_R_NO_INDEX) ,"no index"},
139{ENGINE_R_NO_LOAD_FUNCTION ,"no load function"}, 143{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) ,"no load function"},
140{ENGINE_R_NO_REFERENCE ,"no reference"}, 144{ERR_REASON(ENGINE_R_NO_REFERENCE) ,"no reference"},
141{ENGINE_R_NO_SUCH_ENGINE ,"no such engine"}, 145{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) ,"no such engine"},
142{ENGINE_R_NO_UNLOAD_FUNCTION ,"no unload function"}, 146{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) ,"no unload function"},
143{ENGINE_R_PROVIDE_PARAMETERS ,"provide parameters"}, 147{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) ,"provide parameters"},
144{ENGINE_R_RSA_NOT_IMPLEMENTED ,"rsa not implemented"}, 148{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"},
145{ENGINE_R_UNIMPLEMENTED_CIPHER ,"unimplemented cipher"}, 149{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"},
146{ENGINE_R_UNIMPLEMENTED_DIGEST ,"unimplemented digest"}, 150{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"},
147{ENGINE_R_VERSION_INCOMPATIBILITY ,"version incompatibility"}, 151{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"},
148{0,NULL} 152{0,NULL}
149 }; 153 };
150 154
@@ -158,8 +162,8 @@ void ERR_load_ENGINE_strings(void)
158 { 162 {
159 init=0; 163 init=0;
160#ifndef OPENSSL_NO_ERR 164#ifndef OPENSSL_NO_ERR
161 ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_functs); 165 ERR_load_strings(0,ENGINE_str_functs);
162 ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_reasons); 166 ERR_load_strings(0,ENGINE_str_reasons);
163#endif 167#endif
164 168
165 } 169 }
diff --git a/src/lib/libssl/src/crypto/engine/hw_aep.c b/src/lib/libssl/src/crypto/engine/hw_aep.c
index 8b8380a582..5f1772ea99 100644
--- a/src/lib/libssl/src/crypto/engine/hw_aep.c
+++ b/src/lib/libssl/src/crypto/engine/hw_aep.c
@@ -474,6 +474,7 @@ static int aep_init(ENGINE *e)
474 474
475 if(aep_dso) 475 if(aep_dso)
476 DSO_free(aep_dso); 476 DSO_free(aep_dso);
477 aep_dso = NULL;
477 478
478 p_AEP_OpenConnection = NULL; 479 p_AEP_OpenConnection = NULL;
479 p_AEP_ModExp = NULL; 480 p_AEP_ModExp = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/hw_atalla.c b/src/lib/libssl/src/crypto/engine/hw_atalla.c
index e9eff9fad1..2b8342bbdd 100644
--- a/src/lib/libssl/src/crypto/engine/hw_atalla.c
+++ b/src/lib/libssl/src/crypto/engine/hw_atalla.c
@@ -375,6 +375,7 @@ static int atalla_init(ENGINE *e)
375err: 375err:
376 if(atalla_dso) 376 if(atalla_dso)
377 DSO_free(atalla_dso); 377 DSO_free(atalla_dso);
378 atalla_dso = NULL;
378 p_Atalla_GetHardwareConfig = NULL; 379 p_Atalla_GetHardwareConfig = NULL;
379 p_Atalla_RSAPrivateKeyOpFn = NULL; 380 p_Atalla_RSAPrivateKeyOpFn = NULL;
380 p_Atalla_GetPerformanceStatistics = NULL; 381 p_Atalla_GetPerformanceStatistics = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/hw_cswift.c b/src/lib/libssl/src/crypto/engine/hw_cswift.c
index f128ee5a68..1411fd8333 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cswift.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cswift.c
@@ -90,6 +90,7 @@ static int cswift_destroy(ENGINE *e);
90static int cswift_init(ENGINE *e); 90static int cswift_init(ENGINE *e);
91static int cswift_finish(ENGINE *e); 91static int cswift_finish(ENGINE *e);
92static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 92static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
93static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in);
93 94
94/* BIGNUM stuff */ 95/* BIGNUM stuff */
95static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 96static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
@@ -403,7 +404,10 @@ static int cswift_init(ENGINE *e)
403 return 1; 404 return 1;
404err: 405err:
405 if(cswift_dso) 406 if(cswift_dso)
407 {
406 DSO_free(cswift_dso); 408 DSO_free(cswift_dso);
409 cswift_dso = NULL;
410 }
407 p_CSwift_AcquireAccContext = NULL; 411 p_CSwift_AcquireAccContext = NULL;
408 p_CSwift_AttachKeyParam = NULL; 412 p_CSwift_AttachKeyParam = NULL;
409 p_CSwift_SimpleRequest = NULL; 413 p_CSwift_SimpleRequest = NULL;
@@ -553,6 +557,29 @@ err:
553 return to_return; 557 return to_return;
554 } 558 }
555 559
560
561int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in)
562{
563 int mod;
564 int numbytes = BN_num_bytes(in);
565
566 mod = 0;
567 while( ((out->nbytes = (numbytes+mod)) % 32) )
568 {
569 mod++;
570 }
571 out->value = (unsigned char*)OPENSSL_malloc(out->nbytes);
572 if(!out->value)
573 {
574 return 0;
575 }
576 BN_bn2bin(in, &out->value[mod]);
577 if(mod)
578 memset(out->value, 0, mod);
579
580 return 1;
581}
582
556/* Un petit mod_exp chinois */ 583/* Un petit mod_exp chinois */
557static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 584static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
558 const BIGNUM *q, const BIGNUM *dmp1, 585 const BIGNUM *q, const BIGNUM *dmp1,
@@ -562,15 +589,16 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
562 SW_LARGENUMBER arg, res; 589 SW_LARGENUMBER arg, res;
563 SW_PARAM sw_param; 590 SW_PARAM sw_param;
564 SW_CONTEXT_HANDLE hac; 591 SW_CONTEXT_HANDLE hac;
565 BIGNUM *rsa_p = NULL;
566 BIGNUM *rsa_q = NULL;
567 BIGNUM *rsa_dmp1 = NULL;
568 BIGNUM *rsa_dmq1 = NULL;
569 BIGNUM *rsa_iqmp = NULL;
570 BIGNUM *argument = NULL;
571 BIGNUM *result = NULL; 592 BIGNUM *result = NULL;
593 BIGNUM *argument = NULL;
572 int to_return = 0; /* expect failure */ 594 int to_return = 0; /* expect failure */
573 int acquired = 0; 595 int acquired = 0;
596
597 sw_param.up.crt.p.value = NULL;
598 sw_param.up.crt.q.value = NULL;
599 sw_param.up.crt.dmp1.value = NULL;
600 sw_param.up.crt.dmq1.value = NULL;
601 sw_param.up.crt.iqmp.value = NULL;
574 602
575 if(!get_context(&hac)) 603 if(!get_context(&hac))
576 { 604 {
@@ -578,44 +606,55 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
578 goto err; 606 goto err;
579 } 607 }
580 acquired = 1; 608 acquired = 1;
609
581 /* Prepare the params */ 610 /* Prepare the params */
582 BN_CTX_start(ctx); 611 argument = BN_new();
583 rsa_p = BN_CTX_get(ctx); 612 result = BN_new();
584 rsa_q = BN_CTX_get(ctx); 613 if(!result || !argument)
585 rsa_dmp1 = BN_CTX_get(ctx);
586 rsa_dmq1 = BN_CTX_get(ctx);
587 rsa_iqmp = BN_CTX_get(ctx);
588 argument = BN_CTX_get(ctx);
589 result = BN_CTX_get(ctx);
590 if(!result)
591 { 614 {
592 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL); 615 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
593 goto err; 616 goto err;
594 } 617 }
595 if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) || 618
596 !bn_wexpand(rsa_dmp1, dmp1->top) || 619
597 !bn_wexpand(rsa_dmq1, dmq1->top) || 620 sw_param.type = SW_ALG_CRT;
598 !bn_wexpand(rsa_iqmp, iqmp->top) || 621 /************************************************************************/
599 !bn_wexpand(argument, a->top) || 622 /* 04/02/2003 */
623 /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */
624 /* limitation of cswift with values not a multiple of 32 */
625 /************************************************************************/
626 if(!cswift_bn_32copy(&sw_param.up.crt.p, p))
627 {
628 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
629 goto err;
630 }
631 if(!cswift_bn_32copy(&sw_param.up.crt.q, q))
632 {
633 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
634 goto err;
635 }
636 if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1))
637 {
638 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
639 goto err;
640 }
641 if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1))
642 {
643 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
644 goto err;
645 }
646 if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp))
647 {
648 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
649 goto err;
650 }
651 if( !bn_wexpand(argument, a->top) ||
600 !bn_wexpand(result, p->top + q->top)) 652 !bn_wexpand(result, p->top + q->top))
601 { 653 {
602 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); 654 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
603 goto err; 655 goto err;
604 } 656 }
605 sw_param.type = SW_ALG_CRT; 657
606 sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
607 sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
608 sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
609 sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
610 sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
611 (unsigned char *)rsa_dmp1->d);
612 sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
613 sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
614 (unsigned char *)rsa_dmq1->d);
615 sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
616 sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
617 (unsigned char *)rsa_iqmp->d);
618 sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
619 /* Attach the key params */ 658 /* Attach the key params */
620 sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); 659 sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
621 switch(sw_status) 660 switch(sw_status)
@@ -654,9 +693,22 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
654 BN_bin2bn((unsigned char *)result->d, res.nbytes, r); 693 BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
655 to_return = 1; 694 to_return = 1;
656err: 695err:
696 if(sw_param.up.crt.p.value)
697 OPENSSL_free(sw_param.up.crt.p.value);
698 if(sw_param.up.crt.q.value)
699 OPENSSL_free(sw_param.up.crt.q.value);
700 if(sw_param.up.crt.dmp1.value)
701 OPENSSL_free(sw_param.up.crt.dmp1.value);
702 if(sw_param.up.crt.dmq1.value)
703 OPENSSL_free(sw_param.up.crt.dmq1.value);
704 if(sw_param.up.crt.iqmp.value)
705 OPENSSL_free(sw_param.up.crt.iqmp.value);
706 if(result)
707 BN_free(result);
708 if(argument)
709 BN_free(argument);
657 if(acquired) 710 if(acquired)
658 release_context(hac); 711 release_context(hac);
659 BN_CTX_end(ctx);
660 return to_return; 712 return to_return;
661 } 713 }
662 714
@@ -665,6 +717,27 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
665 { 717 {
666 BN_CTX *ctx; 718 BN_CTX *ctx;
667 int to_return = 0; 719 int to_return = 0;
720 const RSA_METHOD * def_rsa_method;
721
722 /* Try the limits of RSA (2048 bits) */
723 if(BN_num_bytes(rsa->p) > 128 ||
724 BN_num_bytes(rsa->q) > 128 ||
725 BN_num_bytes(rsa->dmp1) > 128 ||
726 BN_num_bytes(rsa->dmq1) > 128 ||
727 BN_num_bytes(rsa->iqmp) > 128)
728 {
729#ifdef RSA_NULL
730 def_rsa_method=RSA_null_method();
731#else
732#if 0
733 def_rsa_method=RSA_PKCS1_RSAref();
734#else
735 def_rsa_method=RSA_PKCS1_SSLeay();
736#endif
737#endif
738 if(def_rsa_method)
739 return def_rsa_method->rsa_mod_exp(r0, I, rsa);
740 }
668 741
669 if((ctx = BN_CTX_new()) == NULL) 742 if((ctx = BN_CTX_new()) == NULL)
670 goto err; 743 goto err;
@@ -686,6 +759,26 @@ err:
686static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 759static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
687 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) 760 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
688 { 761 {
762 const RSA_METHOD * def_rsa_method;
763
764 /* Try the limits of RSA (2048 bits) */
765 if(BN_num_bytes(r) > 256 ||
766 BN_num_bytes(a) > 256 ||
767 BN_num_bytes(m) > 256)
768 {
769#ifdef RSA_NULL
770 def_rsa_method=RSA_null_method();
771#else
772#if 0
773 def_rsa_method=RSA_PKCS1_RSAref();
774#else
775 def_rsa_method=RSA_PKCS1_SSLeay();
776#endif
777#endif
778 if(def_rsa_method)
779 return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
780 }
781
689 return cswift_mod_exp(r, a, p, m, ctx); 782 return cswift_mod_exp(r, a, p, m, ctx);
690 } 783 }
691 784
@@ -930,9 +1023,10 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
930 SW_CONTEXT_HANDLE hac; 1023 SW_CONTEXT_HANDLE hac;
931 SW_STATUS swrc; 1024 SW_STATUS swrc;
932 SW_LARGENUMBER largenum; 1025 SW_LARGENUMBER largenum;
933 size_t nbytes = 0;
934 int acquired = 0; 1026 int acquired = 0;
935 int to_return = 0; /* assume failure */ 1027 int to_return = 0; /* assume failure */
1028 unsigned char buf32[1024];
1029
936 1030
937 if (!get_context(&hac)) 1031 if (!get_context(&hac))
938 { 1032 {
@@ -941,17 +1035,19 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
941 } 1035 }
942 acquired = 1; 1036 acquired = 1;
943 1037
944 while (nbytes < (size_t)num) 1038 /************************************************************************/
1039 /* 04/02/2003 */
1040 /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */
1041 /* limitation of cswift with values not a multiple of 32 */
1042 /************************************************************************/
1043
1044 while(num >= sizeof(buf32))
945 { 1045 {
1046 largenum.value = buf;
1047 largenum.nbytes = sizeof(buf32);
946 /* tell CryptoSwift how many bytes we want and where we want it. 1048 /* tell CryptoSwift how many bytes we want and where we want it.
947 * Note: - CryptoSwift cannot do more than 4096 bytes at a time. 1049 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
948 * - CryptoSwift can only do multiple of 32-bits. */ 1050 * - CryptoSwift can only do multiple of 32-bits. */
949 largenum.value = (SW_BYTE *) buf + nbytes;
950 if (4096 > num - nbytes)
951 largenum.nbytes = num - nbytes;
952 else
953 largenum.nbytes = 4096;
954
955 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); 1051 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
956 if (swrc != SW_OK) 1052 if (swrc != SW_OK)
957 { 1053 {
@@ -961,14 +1057,30 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
961 ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); 1057 ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
962 goto err; 1058 goto err;
963 } 1059 }
964 1060 buf += sizeof(buf32);
965 nbytes += largenum.nbytes; 1061 num -= sizeof(buf32);
1062 }
1063 if(num)
1064 {
1065 largenum.nbytes = sizeof(buf32);
1066 largenum.value = buf32;
1067 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
1068 if (swrc != SW_OK)
1069 {
1070 char tmpbuf[20];
1071 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
1072 sprintf(tmpbuf, "%ld", swrc);
1073 ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
1074 goto err;
1075 }
1076 memcpy(buf, largenum.value, num);
966 } 1077 }
967 to_return = 1; /* success */
968 1078
1079 to_return = 1; /* success */
969err: 1080err:
970 if (acquired) 1081 if (acquired)
971 release_context(hac); 1082 release_context(hac);
1083
972 return to_return; 1084 return to_return;
973} 1085}
974 1086
diff --git a/src/lib/libssl/src/crypto/engine/hw_ubsec.c b/src/lib/libssl/src/crypto/engine/hw_ubsec.c
index 5234a08a07..8fb834af31 100644
--- a/src/lib/libssl/src/crypto/engine/hw_ubsec.c
+++ b/src/lib/libssl/src/crypto/engine/hw_ubsec.c
@@ -454,6 +454,7 @@ static int ubsec_init(ENGINE *e)
454err: 454err:
455 if(ubsec_dso) 455 if(ubsec_dso)
456 DSO_free(ubsec_dso); 456 DSO_free(ubsec_dso);
457 ubsec_dso = NULL;
457 p_UBSEC_ubsec_bytes_to_bits = NULL; 458 p_UBSEC_ubsec_bytes_to_bits = NULL;
458 p_UBSEC_ubsec_bits_to_bytes = NULL; 459 p_UBSEC_ubsec_bits_to_bytes = NULL;
459 p_UBSEC_ubsec_open = NULL; 460 p_UBSEC_ubsec_open = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/tb_dsa.c b/src/lib/libssl/src/crypto/engine/tb_dsa.c
index 80170591f2..7efe181927 100644
--- a/src/lib/libssl/src/crypto/engine/tb_dsa.c
+++ b/src/lib/libssl/src/crypto/engine/tb_dsa.c
@@ -94,7 +94,7 @@ int ENGINE_set_default_DSA(ENGINE *e)
94 { 94 {
95 if(e->dsa_meth) 95 if(e->dsa_meth)
96 return engine_table_register(&dsa_table, 96 return engine_table_register(&dsa_table,
97 engine_unregister_all_DSA, e, &dummy_nid, 1, 0); 97 engine_unregister_all_DSA, e, &dummy_nid, 1, 1);
98 return 1; 98 return 1;
99 } 99 }
100 100
diff --git a/src/lib/libssl/src/crypto/err/Makefile b/src/lib/libssl/src/crypto/err/Makefile
index 149f3e0eb9..4adec55302 100644
--- a/src/lib/libssl/src/crypto/err/Makefile
+++ b/src/lib/libssl/src/crypto/err/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/err/Makefile 2# OpenSSL/crypto/err/Makefile
3# 3#
4 4
5DIR= err 5DIR= err
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c
index c78790a54c..53687d79ab 100644
--- a/src/lib/libssl/src/crypto/err/err.c
+++ b/src/lib/libssl/src/crypto/err/err.c
@@ -621,7 +621,8 @@ static void err_load_strings(int lib, ERR_STRING_DATA *str)
621 { 621 {
622 while (str->error) 622 while (str->error)
623 { 623 {
624 str->error|=ERR_PACK(lib,0,0); 624 if (lib)
625 str->error|=ERR_PACK(lib,0,0);
625 ERRFN(err_set_item)(str); 626 ERRFN(err_set_item)(str);
626 str++; 627 str++;
627 } 628 }
@@ -637,7 +638,8 @@ void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
637 { 638 {
638 while (str->error) 639 while (str->error)
639 { 640 {
640 str->error|=ERR_PACK(lib,0,0); 641 if (lib)
642 str->error|=ERR_PACK(lib,0,0);
641 ERRFN(err_del_item)(str); 643 ERRFN(err_del_item)(str);
642 str++; 644 str++;
643 } 645 }
diff --git a/src/lib/libssl/src/crypto/err/openssl.ec b/src/lib/libssl/src/crypto/err/openssl.ec
index 447a7f87ed..f8cd6937e7 100644
--- a/src/lib/libssl/src/crypto/err/openssl.ec
+++ b/src/lib/libssl/src/crypto/err/openssl.ec
@@ -27,7 +27,7 @@ L DSO crypto/dso/dso.h crypto/dso/dso_err.c
27L ENGINE crypto/engine/engine.h crypto/engine/eng_err.c 27L ENGINE crypto/engine/engine.h crypto/engine/eng_err.c
28L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c 28L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c
29L UI crypto/ui/ui.h crypto/ui/ui_err.c 29L UI crypto/ui/ui.h crypto/ui/ui_err.c
30L FIPS fips/fips.h fips/fips_err.h 30L FIPS fips-1.0/fips.h fips-1.0/fips_err.h
31 31
32# additional header files to be scanned for function names 32# additional header files to be scanned for function names
33L NONE crypto/x509/x509_vfy.h NONE 33L NONE crypto/x509/x509_vfy.h NONE
diff --git a/src/lib/libssl/src/crypto/evp/Makefile b/src/lib/libssl/src/crypto/evp/Makefile
index 5027a3855a..d1c2a272bb 100644
--- a/src/lib/libssl/src/crypto/evp/Makefile
+++ b/src/lib/libssl/src/crypto/evp/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/evp/Makefile 2# OpenSSL/crypto/evp/Makefile
3# 3#
4 4
5DIR= evp 5DIR= evp
diff --git a/src/lib/libssl/src/crypto/evp/bio_enc.c b/src/lib/libssl/src/crypto/evp/bio_enc.c
index ab81851503..b8cda1a9f0 100644
--- a/src/lib/libssl/src/crypto/evp/bio_enc.c
+++ b/src/lib/libssl/src/crypto/evp/bio_enc.c
@@ -71,7 +71,7 @@ static int enc_new(BIO *h);
71static int enc_free(BIO *data); 71static int enc_free(BIO *data);
72static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps); 72static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
73#define ENC_BLOCK_SIZE (1024*4) 73#define ENC_BLOCK_SIZE (1024*4)
74#define BUF_OFFSET EVP_MAX_BLOCK_LENGTH 74#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
75 75
76typedef struct enc_struct 76typedef struct enc_struct
77 { 77 {
diff --git a/src/lib/libssl/src/crypto/evp/c_alld.c b/src/lib/libssl/src/crypto/evp/c_alld.c
index aae7bf7482..929ea56a3e 100644
--- a/src/lib/libssl/src/crypto/evp/c_alld.c
+++ b/src/lib/libssl/src/crypto/evp/c_alld.c
@@ -100,4 +100,14 @@ void OpenSSL_add_all_digests(void)
100 EVP_add_digest_alias(SN_ripemd160,"ripemd"); 100 EVP_add_digest_alias(SN_ripemd160,"ripemd");
101 EVP_add_digest_alias(SN_ripemd160,"rmd160"); 101 EVP_add_digest_alias(SN_ripemd160,"rmd160");
102#endif 102#endif
103#ifdef OPENSSL_FIPS
104#ifndef OPENSSL_NO_SHA256
105 EVP_add_digest(EVP_sha224());
106 EVP_add_digest(EVP_sha256());
107#endif
108#ifndef OPENSSL_NO_SHA512
109 EVP_add_digest(EVP_sha384());
110 EVP_add_digest(EVP_sha512());
111#endif
112#endif
103 } 113 }
diff --git a/src/lib/libssl/src/crypto/evp/e_aes.c b/src/lib/libssl/src/crypto/evp/e_aes.c
index f35036c9d7..7b67984fa1 100644
--- a/src/lib/libssl/src/crypto/evp/e_aes.c
+++ b/src/lib/libssl/src/crypto/evp/e_aes.c
@@ -86,9 +86,9 @@ IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
86 86
87#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) 87#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
88 88
89IMPLEMENT_AES_CFBR(128,1,0) 89IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS)
90IMPLEMENT_AES_CFBR(192,1,0) 90IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS)
91IMPLEMENT_AES_CFBR(256,1,0) 91IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS)
92 92
93IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) 93IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS)
94IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) 94IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS)
diff --git a/src/lib/libssl/src/crypto/evp/encode.c b/src/lib/libssl/src/crypto/evp/encode.c
index 08209357ce..33e540087d 100644
--- a/src/lib/libssl/src/crypto/evp/encode.c
+++ b/src/lib/libssl/src/crypto/evp/encode.c
@@ -313,7 +313,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
313 /* There will never be more than two '=' */ 313 /* There will never be more than two '=' */
314 } 314 }
315 315
316 if ((v == B64_EOF) || (n >= 64)) 316 if ((v == B64_EOF && (n&3) == 0) || (n >= 64))
317 { 317 {
318 /* This is needed to work correctly on 64 byte input 318 /* This is needed to work correctly on 64 byte input
319 * lines. We process the line and then need to 319 * lines. We process the line and then need to
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index 5cde88ae76..56eec23fef 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -84,7 +84,11 @@
84#include <openssl/md5.h> 84#include <openssl/md5.h>
85#endif 85#endif
86#ifndef OPENSSL_NO_SHA 86#ifndef OPENSSL_NO_SHA
87#ifndef OPENSSL_FIPS
87#include <openssl/sha.h> 88#include <openssl/sha.h>
89#else
90#include <openssl/fips_sha.h>
91#endif
88#endif 92#endif
89#ifndef OPENSSL_NO_RIPEMD 93#ifndef OPENSSL_NO_RIPEMD
90#include <openssl/ripemd.h> 94#include <openssl/ripemd.h>
@@ -128,7 +132,11 @@
128#define EVP_CAST5_KEY_SIZE 16 132#define EVP_CAST5_KEY_SIZE 16
129#define EVP_RC5_32_12_16_KEY_SIZE 16 133#define EVP_RC5_32_12_16_KEY_SIZE 16
130*/ 134*/
131#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ 135#ifdef OPENSSL_FIPS
136#define EVP_MAX_MD_SIZE 64 /* longest known SHA512 */
137#else
138#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
139#endif
132#define EVP_MAX_KEY_LENGTH 32 140#define EVP_MAX_KEY_LENGTH 32
133#define EVP_MAX_IV_LENGTH 16 141#define EVP_MAX_IV_LENGTH 16
134#define EVP_MAX_BLOCK_LENGTH 32 142#define EVP_MAX_BLOCK_LENGTH 32
@@ -642,6 +650,16 @@ const EVP_MD *EVP_sha(void);
642const EVP_MD *EVP_sha1(void); 650const EVP_MD *EVP_sha1(void);
643const EVP_MD *EVP_dss(void); 651const EVP_MD *EVP_dss(void);
644const EVP_MD *EVP_dss1(void); 652const EVP_MD *EVP_dss1(void);
653#ifdef OPENSSL_FIPS
654#ifndef OPENSSL_NO_SHA256
655const EVP_MD *EVP_sha224(void);
656const EVP_MD *EVP_sha256(void);
657#endif
658#ifndef OPENSSL_NO_SHA512
659const EVP_MD *EVP_sha384(void);
660const EVP_MD *EVP_sha512(void);
661#endif
662#endif
645#endif 663#endif
646#ifndef OPENSSL_NO_MDC2 664#ifndef OPENSSL_NO_MDC2
647const EVP_MD *EVP_mdc2(void); 665const EVP_MD *EVP_mdc2(void);
diff --git a/src/lib/libssl/src/crypto/evp/evp_err.c b/src/lib/libssl/src/crypto/evp/evp_err.c
index 40135d0729..77eee070d3 100644
--- a/src/lib/libssl/src/crypto/evp/evp_err.c
+++ b/src/lib/libssl/src/crypto/evp/evp_err.c
@@ -64,88 +64,92 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
70
67static ERR_STRING_DATA EVP_str_functs[]= 71static ERR_STRING_DATA EVP_str_functs[]=
68 { 72 {
69{ERR_PACK(0,EVP_F_AES_INIT_KEY,0), "AES_INIT_KEY"}, 73{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
70{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, 74{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
71{ERR_PACK(0,EVP_F_EVP_ADD_CIPHER,0), "EVP_add_cipher"}, 75{ERR_FUNC(EVP_F_EVP_ADD_CIPHER), "EVP_add_cipher"},
72{ERR_PACK(0,EVP_F_EVP_ADD_DIGEST,0), "EVP_add_digest"}, 76{ERR_FUNC(EVP_F_EVP_ADD_DIGEST), "EVP_add_digest"},
73{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"}, 77{ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"},
74{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"}, 78{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
75{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"}, 79{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
76{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, 80{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL), "EVP_DecryptFinal"},
77{ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0), "EVP_DigestInit"}, 81{ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"},
78{ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0), "EVP_EncryptFinal"}, 82{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL), "EVP_EncryptFinal"},
79{ERR_PACK(0,EVP_F_EVP_GET_CIPHERBYNAME,0), "EVP_get_cipherbyname"}, 83{ERR_FUNC(EVP_F_EVP_GET_CIPHERBYNAME), "EVP_get_cipherbyname"},
80{ERR_PACK(0,EVP_F_EVP_GET_DIGESTBYNAME,0), "EVP_get_digestbyname"}, 84{ERR_FUNC(EVP_F_EVP_GET_DIGESTBYNAME), "EVP_get_digestbyname"},
81{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"}, 85{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY), "EVP_MD_CTX_copy"},
82{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"}, 86{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
83{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0), "EVP_PBE_alg_add"}, 87{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
84{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0), "EVP_PBE_CipherInit"}, 88{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
85{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0), "EVP_PKCS82PKEY"}, 89{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
86{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0), "EVP_PKCS8_SET_BROKEN"}, 90{ERR_FUNC(EVP_F_EVP_PKCS8_SET_BROKEN), "EVP_PKCS8_SET_BROKEN"},
87{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0), "EVP_PKEY2PKCS8"}, 91{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8), "EVP_PKEY2PKCS8"},
88{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"}, 92{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
89{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"}, 93{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
90{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"}, 94{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
91{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"}, 95{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
92{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"}, 96{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
93{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"}, 97{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
94{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, 98{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
95{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0), "EVP_RIJNDAEL"}, 99{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
96{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"}, 100{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
97{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"}, 101{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
98{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"}, 102{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
99{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"}, 103{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
100{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"}, 104{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
101{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"}, 105{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
102{0,NULL} 106{0,NULL}
103 }; 107 };
104 108
105static ERR_STRING_DATA EVP_str_reasons[]= 109static ERR_STRING_DATA EVP_str_reasons[]=
106 { 110 {
107{EVP_R_AES_KEY_SETUP_FAILED ,"aes key setup failed"}, 111{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"},
108{EVP_R_BAD_BLOCK_LENGTH ,"bad block length"}, 112{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"},
109{EVP_R_BAD_DECRYPT ,"bad decrypt"}, 113{ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"},
110{EVP_R_BAD_KEY_LENGTH ,"bad key length"}, 114{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"},
111{EVP_R_BN_DECODE_ERROR ,"bn decode error"}, 115{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"},
112{EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"}, 116{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"},
113{EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"}, 117{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
114{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"}, 118{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"},
115{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"}, 119{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"},
116{EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"}, 120{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"},
117{EVP_R_DECODE_ERROR ,"decode error"}, 121{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"},
118{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, 122{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"},
119{EVP_R_DISABLED_FOR_FIPS ,"disabled for fips"}, 123{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"},
120{EVP_R_ENCODE_ERROR ,"encode error"}, 124{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
121{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"}, 125{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
122{EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"}, 126{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
123{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"}, 127{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
124{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"}, 128{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
125{EVP_R_INITIALIZATION_ERROR ,"initialization error"}, 129{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
126{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"}, 130{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
127{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"}, 131{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
128{EVP_R_IV_TOO_LARGE ,"iv too large"}, 132{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
129{EVP_R_KEYGEN_FAILURE ,"keygen failure"}, 133{ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"},
130{EVP_R_MISSING_PARAMETERS ,"missing parameters"}, 134{ERR_REASON(EVP_R_MISSING_PARAMETERS) ,"missing parameters"},
131{EVP_R_NO_CIPHER_SET ,"no cipher set"}, 135{ERR_REASON(EVP_R_NO_CIPHER_SET) ,"no cipher set"},
132{EVP_R_NO_DIGEST_SET ,"no digest set"}, 136{ERR_REASON(EVP_R_NO_DIGEST_SET) ,"no digest set"},
133{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"}, 137{ERR_REASON(EVP_R_NO_DSA_PARAMETERS) ,"no dsa parameters"},
134{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"}, 138{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"},
135{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"}, 139{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"},
136{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"}, 140{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"},
137{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, 141{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
138{EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"}, 142{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
139{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"}, 143{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
140{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, 144{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
141{EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"}, 145{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"},
142{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"}, 146{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"},
143{EVP_R_UNSUPPORTED_KEY_SIZE ,"unsupported key size"}, 147{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) ,"unsupported key size"},
144{EVP_R_UNSUPPORTED_PRF ,"unsupported prf"}, 148{ERR_REASON(EVP_R_UNSUPPORTED_PRF) ,"unsupported prf"},
145{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"}, 149{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"},
146{EVP_R_UNSUPPORTED_SALT_TYPE ,"unsupported salt type"}, 150{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"},
147{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"}, 151{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"},
148{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"}, 152{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"},
149{0,NULL} 153{0,NULL}
150 }; 154 };
151 155
@@ -159,8 +163,8 @@ void ERR_load_EVP_strings(void)
159 { 163 {
160 init=0; 164 init=0;
161#ifndef OPENSSL_NO_ERR 165#ifndef OPENSSL_NO_ERR
162 ERR_load_strings(ERR_LIB_EVP,EVP_str_functs); 166 ERR_load_strings(0,EVP_str_functs);
163 ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons); 167 ERR_load_strings(0,EVP_str_reasons);
164#endif 168#endif
165 169
166 } 170 }
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c
index 5f387a94d3..f8650d5df6 100644
--- a/src/lib/libssl/src/crypto/evp/evp_key.c
+++ b/src/lib/libssl/src/crypto/evp/evp_key.c
@@ -126,7 +126,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
126 EVP_MD_CTX_init(&c); 126 EVP_MD_CTX_init(&c);
127 for (;;) 127 for (;;)
128 { 128 {
129 EVP_DigestInit_ex(&c,md, NULL); 129 if (!EVP_DigestInit_ex(&c,md, NULL))
130 return 0;
130 if (addmd++) 131 if (addmd++)
131 EVP_DigestUpdate(&c,&(md_buf[0]),mds); 132 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
132 EVP_DigestUpdate(&c,data,datal); 133 EVP_DigestUpdate(&c,data,datal);
diff --git a/src/lib/libssl/src/crypto/evp/m_dss1.c b/src/lib/libssl/src/crypto/evp/m_dss1.c
index f5668ebda0..23b90d0538 100644
--- a/src/lib/libssl/src/crypto/evp/m_dss1.c
+++ b/src/lib/libssl/src/crypto/evp/m_dss1.c
@@ -67,7 +67,14 @@ static int init(EVP_MD_CTX *ctx)
67 { return SHA1_Init(ctx->md_data); } 67 { return SHA1_Init(ctx->md_data); }
68 68
69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) 69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
70#ifndef OPENSSL_FIPS
70 { return SHA1_Update(ctx->md_data,data,count); } 71 { return SHA1_Update(ctx->md_data,data,count); }
72#else
73 {
74 OPENSSL_assert(sizeof(count)<=sizeof(size_t));
75 return SHA1_Update(ctx->md_data,data,count);
76 }
77#endif
71 78
72static int final(EVP_MD_CTX *ctx,unsigned char *md) 79static int final(EVP_MD_CTX *ctx,unsigned char *md)
73 { return SHA1_Final(md,ctx->md_data); } 80 { return SHA1_Final(md,ctx->md_data); }
@@ -77,7 +84,7 @@ static const EVP_MD dss1_md=
77 NID_dsa, 84 NID_dsa,
78 NID_dsaWithSHA1, 85 NID_dsaWithSHA1,
79 SHA_DIGEST_LENGTH, 86 SHA_DIGEST_LENGTH,
80 0, 87 EVP_MD_FLAG_FIPS,
81 init, 88 init,
82 update, 89 update,
83 final, 90 final,
diff --git a/src/lib/libssl/src/crypto/evp/m_sha.c b/src/lib/libssl/src/crypto/evp/m_sha.c
index d1785e5f74..ed54909b16 100644
--- a/src/lib/libssl/src/crypto/evp/m_sha.c
+++ b/src/lib/libssl/src/crypto/evp/m_sha.c
@@ -59,6 +59,9 @@
59#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) 59#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
60#include <stdio.h> 60#include <stdio.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62/* Including sha.h prior evp.h masks FIPS SHA declarations, but that's
63 * exactly what we want to achieve here... */
64#include <openssl/sha.h>
62#include <openssl/evp.h> 65#include <openssl/evp.h>
63#include "evp_locl.h" 66#include "evp_locl.h"
64#include <openssl/objects.h> 67#include <openssl/objects.h>
diff --git a/src/lib/libssl/src/crypto/evp/m_sha1.c b/src/lib/libssl/src/crypto/evp/m_sha1.c
index fe4402389a..60da93873c 100644
--- a/src/lib/libssl/src/crypto/evp/m_sha1.c
+++ b/src/lib/libssl/src/crypto/evp/m_sha1.c
@@ -67,7 +67,14 @@ static int init(EVP_MD_CTX *ctx)
67 { return SHA1_Init(ctx->md_data); } 67 { return SHA1_Init(ctx->md_data); }
68 68
69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) 69static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
70#ifndef OPENSSL_FIPS
70 { return SHA1_Update(ctx->md_data,data,count); } 71 { return SHA1_Update(ctx->md_data,data,count); }
72#else
73 {
74 OPENSSL_assert(sizeof(count)<=sizeof(size_t));
75 return SHA1_Update(ctx->md_data,data,count);
76 }
77#endif
71 78
72static int final(EVP_MD_CTX *ctx,unsigned char *md) 79static int final(EVP_MD_CTX *ctx,unsigned char *md)
73 { return SHA1_Final(md,ctx->md_data); } 80 { return SHA1_Final(md,ctx->md_data); }
@@ -93,3 +100,115 @@ const EVP_MD *EVP_sha1(void)
93 return(&sha1_md); 100 return(&sha1_md);
94 } 101 }
95#endif 102#endif
103
104#ifdef OPENSSL_FIPS
105#ifndef OPENSSL_NO_SHA256
106static int init224(EVP_MD_CTX *ctx)
107 { return SHA224_Init(ctx->md_data); }
108static int init256(EVP_MD_CTX *ctx)
109 { return SHA256_Init(ctx->md_data); }
110/*
111 * Even though there're separate SHA224_[Update|Final], we call
112 * SHA256 functions even in SHA224 context. This is what happens
113 * there anyway, so we can spare few CPU cycles:-)
114 */
115static int update256(EVP_MD_CTX *ctx,const void *data,unsigned long count)
116 {
117 OPENSSL_assert(sizeof(count)<=sizeof(size_t));
118 return SHA256_Update(ctx->md_data,data,count);
119 }
120static int final256(EVP_MD_CTX *ctx,unsigned char *md)
121 { return SHA256_Final(md,ctx->md_data); }
122
123static const EVP_MD sha224_md=
124 {
125 NID_sha224,
126 NID_sha224WithRSAEncryption,
127 SHA224_DIGEST_LENGTH,
128 EVP_MD_FLAG_FIPS,
129 init224,
130 update256,
131 final256,
132 NULL,
133 NULL,
134 EVP_PKEY_RSA_method,
135 SHA256_CBLOCK,
136 sizeof(EVP_MD *)+sizeof(SHA256_CTX),
137 };
138
139const EVP_MD *EVP_sha224(void)
140 { return(&sha224_md); }
141
142static const EVP_MD sha256_md=
143 {
144 NID_sha256,
145 NID_sha256WithRSAEncryption,
146 SHA256_DIGEST_LENGTH,
147 EVP_MD_FLAG_FIPS,
148 init256,
149 update256,
150 final256,
151 NULL,
152 NULL,
153 EVP_PKEY_RSA_method,
154 SHA256_CBLOCK,
155 sizeof(EVP_MD *)+sizeof(SHA256_CTX),
156 };
157
158const EVP_MD *EVP_sha256(void)
159 { return(&sha256_md); }
160#endif /* ifndef OPENSSL_NO_SHA256 */
161
162#ifndef OPENSSL_NO_SHA512
163static int init384(EVP_MD_CTX *ctx)
164 { return SHA384_Init(ctx->md_data); }
165static int init512(EVP_MD_CTX *ctx)
166 { return SHA512_Init(ctx->md_data); }
167/* See comment in SHA224/256 section */
168static int update512(EVP_MD_CTX *ctx,const void *data,unsigned long count)
169 {
170 OPENSSL_assert(sizeof(count)<=sizeof(size_t));
171 return SHA512_Update(ctx->md_data,data,count);
172 }
173static int final512(EVP_MD_CTX *ctx,unsigned char *md)
174 { return SHA512_Final(md,ctx->md_data); }
175
176static const EVP_MD sha384_md=
177 {
178 NID_sha384,
179 NID_sha384WithRSAEncryption,
180 SHA384_DIGEST_LENGTH,
181 EVP_MD_FLAG_FIPS,
182 init384,
183 update512,
184 final512,
185 NULL,
186 NULL,
187 EVP_PKEY_RSA_method,
188 SHA512_CBLOCK,
189 sizeof(EVP_MD *)+sizeof(SHA512_CTX),
190 };
191
192const EVP_MD *EVP_sha384(void)
193 { return(&sha384_md); }
194
195static const EVP_MD sha512_md=
196 {
197 NID_sha512,
198 NID_sha512WithRSAEncryption,
199 SHA512_DIGEST_LENGTH,
200 EVP_MD_FLAG_FIPS,
201 init512,
202 update512,
203 final512,
204 NULL,
205 NULL,
206 EVP_PKEY_RSA_method,
207 SHA512_CBLOCK,
208 sizeof(EVP_MD *)+sizeof(SHA512_CTX),
209 };
210
211const EVP_MD *EVP_sha512(void)
212 { return(&sha512_md); }
213#endif /* ifndef OPENSSL_NO_SHA512 */
214#endif /* ifdef OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
index 1f94e1ef88..1d5fabc4b2 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
@@ -194,11 +194,16 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
194 194
195 /* Now decode key derivation function */ 195 /* Now decode key derivation function */
196 196
197 if(!pbe2->keyfunc->parameter ||
198 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
199 {
200 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
201 goto err;
202 }
203
197 pbuf = pbe2->keyfunc->parameter->value.sequence->data; 204 pbuf = pbe2->keyfunc->parameter->value.sequence->data;
198 plen = pbe2->keyfunc->parameter->value.sequence->length; 205 plen = pbe2->keyfunc->parameter->value.sequence->length;
199 if(!pbe2->keyfunc->parameter || 206 if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
200 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
201 !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
202 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 207 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
203 goto err; 208 goto err;
204 } 209 }
diff --git a/src/lib/libssl/src/crypto/hmac/Makefile b/src/lib/libssl/src/crypto/hmac/Makefile
index f634dab79d..3d53d8240f 100644
--- a/src/lib/libssl/src/crypto/hmac/Makefile
+++ b/src/lib/libssl/src/crypto/hmac/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md/Makefile 2# OpenSSL/crypto/md/Makefile
3# 3#
4 4
5DIR= hmac 5DIR= hmac
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c
index 06ee80761f..6c110bd52b 100644
--- a/src/lib/libssl/src/crypto/hmac/hmac.c
+++ b/src/lib/libssl/src/crypto/hmac/hmac.c
@@ -61,6 +61,8 @@
61#include <openssl/hmac.h> 61#include <openssl/hmac.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63 63
64#ifndef OPENSSL_FIPS
65
64void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, 66void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
65 const EVP_MD *md, ENGINE *impl) 67 const EVP_MD *md, ENGINE *impl)
66 { 68 {
@@ -77,15 +79,6 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
77 79
78 if (key != NULL) 80 if (key != NULL)
79 { 81 {
80#ifdef OPENSSL_FIPS
81 if (FIPS_mode() && !(md->flags & EVP_MD_FLAG_FIPS)
82 && (!(ctx->md_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
83 || !(ctx->i_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
84 || !(ctx->o_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)))
85 OpenSSLDie(__FILE__,__LINE__,
86 "HMAC: digest not allowed in FIPS mode");
87#endif
88
89 reset=1; 82 reset=1;
90 j=EVP_MD_block_size(md); 83 j=EVP_MD_block_size(md);
91 OPENSSL_assert(j <= sizeof ctx->key); 84 OPENSSL_assert(j <= sizeof ctx->key);
@@ -187,3 +180,4 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
187 EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); 180 EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
188 } 181 }
189 182
183#endif
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.h b/src/lib/libssl/src/crypto/hmac/hmac.h
index 294ab3b36a..c6489c04c8 100644
--- a/src/lib/libssl/src/crypto/hmac/hmac.h
+++ b/src/lib/libssl/src/crypto/hmac/hmac.h
@@ -64,7 +64,11 @@
64 64
65#include <openssl/evp.h> 65#include <openssl/evp.h>
66 66
67#ifdef OPENSSL_FIPS
68#define HMAC_MAX_MD_CBLOCK 128
69#else
67#define HMAC_MAX_MD_CBLOCK 64 70#define HMAC_MAX_MD_CBLOCK 64
71#endif
68 72
69#ifdef __cplusplus 73#ifdef __cplusplus
70extern "C" { 74extern "C" {
diff --git a/src/lib/libssl/src/crypto/idea/Makefile b/src/lib/libssl/src/crypto/idea/Makefile
index f652783027..6b8e530d9d 100644
--- a/src/lib/libssl/src/crypto/idea/Makefile
+++ b/src/lib/libssl/src/crypto/idea/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/idea/Makefile 2# OpenSSL/crypto/idea/Makefile
3# 3#
4 4
5DIR= idea 5DIR= idea
@@ -86,7 +86,7 @@ i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
86i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h 86i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
87i_ofb64.o: i_ofb64.c idea_lcl.h 87i_ofb64.o: i_ofb64.c idea_lcl.h
88i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 88i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
89i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h 89i_skey.o: ../../include/openssl/fips.h ../../include/openssl/idea.h
90i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 90i_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
91i_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 91i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
92i_skey.o: i_skey.c idea_lcl.h 92i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h
diff --git a/src/lib/libssl/src/crypto/lhash/Makefile b/src/lib/libssl/src/crypto/lhash/Makefile
index d325a1644d..cdb0e77fad 100644
--- a/src/lib/libssl/src/crypto/lhash/Makefile
+++ b/src/lib/libssl/src/crypto/lhash/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/lhash/Makefile 2# OpenSSL/crypto/lhash/Makefile
3# 3#
4 4
5DIR= lhash 5DIR= lhash
diff --git a/src/lib/libssl/src/crypto/md2/Makefile b/src/lib/libssl/src/crypto/md2/Makefile
index 90628511da..9d0351bb2f 100644
--- a/src/lib/libssl/src/crypto/md2/Makefile
+++ b/src/lib/libssl/src/crypto/md2/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md/Makefile 2# OpenSSL/crypto/md/Makefile
3# 3#
4 4
5DIR= md2 5DIR= md2
diff --git a/src/lib/libssl/src/crypto/md2/md2_one.c b/src/lib/libssl/src/crypto/md2/md2_one.c
index 835160ef56..8c36ba5779 100644
--- a/src/lib/libssl/src/crypto/md2/md2_one.c
+++ b/src/lib/libssl/src/crypto/md2/md2_one.c
@@ -69,7 +69,8 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
69 static unsigned char m[MD2_DIGEST_LENGTH]; 69 static unsigned char m[MD2_DIGEST_LENGTH];
70 70
71 if (md == NULL) md=m; 71 if (md == NULL) md=m;
72 MD2_Init(&c); 72 if (!MD2_Init(&c))
73 return NULL;
73#ifndef CHARSET_EBCDIC 74#ifndef CHARSET_EBCDIC
74 MD2_Update(&c,d,n); 75 MD2_Update(&c,d,n);
75#else 76#else
diff --git a/src/lib/libssl/src/crypto/md4/Makefile b/src/lib/libssl/src/crypto/md4/Makefile
index 0b7c8d7ad8..eeb457f20f 100644
--- a/src/lib/libssl/src/crypto/md4/Makefile
+++ b/src/lib/libssl/src/crypto/md4/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md4/Makefile 2# OpenSSL/crypto/md4/Makefile
3# 3#
4 4
5DIR= md4 5DIR= md4
diff --git a/src/lib/libssl/src/crypto/md4/md4_one.c b/src/lib/libssl/src/crypto/md4/md4_one.c
index 00565507e4..50f79352f6 100644
--- a/src/lib/libssl/src/crypto/md4/md4_one.c
+++ b/src/lib/libssl/src/crypto/md4/md4_one.c
@@ -71,7 +71,8 @@ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
71 static unsigned char m[MD4_DIGEST_LENGTH]; 71 static unsigned char m[MD4_DIGEST_LENGTH];
72 72
73 if (md == NULL) md=m; 73 if (md == NULL) md=m;
74 MD4_Init(&c); 74 if (!MD4_Init(&c))
75 return NULL;
75#ifndef CHARSET_EBCDIC 76#ifndef CHARSET_EBCDIC
76 MD4_Update(&c,d,n); 77 MD4_Update(&c,d,n);
77#else 78#else
diff --git a/src/lib/libssl/src/crypto/md5/Makefile b/src/lib/libssl/src/crypto/md5/Makefile
index 832446fff2..1ed018526f 100644
--- a/src/lib/libssl/src/crypto/md5/Makefile
+++ b/src/lib/libssl/src/crypto/md5/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/md5/Makefile 2# OpenSSL/crypto/md5/Makefile
3# 3#
4 4
5DIR= md5 5DIR= md5
diff --git a/src/lib/libssl/src/crypto/md5/md5_one.c b/src/lib/libssl/src/crypto/md5/md5_one.c
index c5dd2d81db..44c6c455d1 100644
--- a/src/lib/libssl/src/crypto/md5/md5_one.c
+++ b/src/lib/libssl/src/crypto/md5/md5_one.c
@@ -71,7 +71,8 @@ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
71 static unsigned char m[MD5_DIGEST_LENGTH]; 71 static unsigned char m[MD5_DIGEST_LENGTH];
72 72
73 if (md == NULL) md=m; 73 if (md == NULL) md=m;
74 MD5_Init(&c); 74 if (!MD5_Init(&c))
75 return NULL;
75#ifndef CHARSET_EBCDIC 76#ifndef CHARSET_EBCDIC
76 MD5_Update(&c,d,n); 77 MD5_Update(&c,d,n);
77#else 78#else
diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile b/src/lib/libssl/src/crypto/mdc2/Makefile
index 38c785bf95..b8e9a9a4fa 100644
--- a/src/lib/libssl/src/crypto/mdc2/Makefile
+++ b/src/lib/libssl/src/crypto/mdc2/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/mdc2/Makefile 2# OpenSSL/crypto/mdc2/Makefile
3# 3#
4 4
5DIR= mdc2 5DIR= mdc2
diff --git a/src/lib/libssl/src/crypto/objects/Makefile b/src/lib/libssl/src/crypto/objects/Makefile
index e449147129..23b2a69e6d 100644
--- a/src/lib/libssl/src/crypto/objects/Makefile
+++ b/src/lib/libssl/src/crypto/objects/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/objects/Makefile 2# OpenSSL/crypto/objects/Makefile
3# 3#
4 4
5DIR= objects 5DIR= objects
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h
index 8785127055..cc22152682 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.h
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
62 * [including the GNU Public Licence.] 62 * [including the GNU Public Licence.]
63 */ 63 */
64 64
65#define NUM_NID 668 65#define NUM_NID 676
66#define NUM_SN 660 66#define NUM_SN 669
67#define NUM_LN 660 67#define NUM_LN 669
68#define NUM_OBJ 624 68#define NUM_OBJ 633
69 69
70static unsigned char lvalues[4500]={ 70static unsigned char lvalues[4575]={
710x00, /* [ 0] OBJ_undef */ 710x00, /* [ 0] OBJ_undef */
720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -330,9 +330,9 @@ static unsigned char lvalues[4500]={
3300x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */ 3300x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */
3310x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */ 3310x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */
3320x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */ 3320x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */
3330x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbqp_ipAddrBlock */ 3330x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbgp_ipAddrBlock */
3340x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbqp_autonomousSysNum */ 3340x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbgp_autonomousSysNum */
3350x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbqp_routerIdentifier */ 3350x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbgp_routerIdentifier */
3360x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */ 3360x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */
3370x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */ 3370x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */
3380x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */ 3380x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */
@@ -691,7 +691,16 @@ static unsigned char lvalues[4500]={
6910x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4467] OBJ_proxyCertInfo */ 6910x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4467] OBJ_proxyCertInfo */
6920x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4475] OBJ_id_ppl_anyLanguage */ 6920x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4475] OBJ_id_ppl_anyLanguage */
6930x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4483] OBJ_id_ppl_inheritAll */ 6930x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4483] OBJ_id_ppl_inheritAll */
6940x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4491] OBJ_Independent */ 6940x55,0x1D,0x1E, /* [4491] OBJ_name_constraints */
6950x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4494] OBJ_Independent */
6960x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4502] OBJ_sha256WithRSAEncryption */
6970x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4511] OBJ_sha384WithRSAEncryption */
6980x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4520] OBJ_sha512WithRSAEncryption */
6990x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4529] OBJ_sha224WithRSAEncryption */
7000x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4538] OBJ_sha256 */
7010x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4547] OBJ_sha384 */
7020x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4556] OBJ_sha512 */
7030x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4565] OBJ_sha224 */
695}; 704};
696 705
697static ASN1_OBJECT nid_objs[NUM_NID]={ 706static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1134,12 +1143,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
1134 &(lvalues[2092]),0}, 1143 &(lvalues[2092]),0},
1135{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0}, 1144{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0},
1136{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0}, 1145{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0},
1137{"sbqp-ipAddrBlock","sbqp-ipAddrBlock",NID_sbqp_ipAddrBlock,8, 1146{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
1138 &(lvalues[2116]),0}, 1147 &(lvalues[2116]),0},
1139{"sbqp-autonomousSysNum","sbqp-autonomousSysNum", 1148{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
1140 NID_sbqp_autonomousSysNum,8,&(lvalues[2124]),0}, 1149 NID_sbgp_autonomousSysNum,8,&(lvalues[2124]),0},
1141{"sbqp-routerIdentifier","sbqp-routerIdentifier", 1150{"sbgp-routerIdentifier","sbgp-routerIdentifier",
1142 NID_sbqp_routerIdentifier,8,&(lvalues[2132]),0}, 1151 NID_sbgp_routerIdentifier,8,&(lvalues[2132]),0},
1143{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0}, 1152{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0},
1144{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, 1153{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
1145 &(lvalues[2148]),0}, 1154 &(lvalues[2148]),0},
@@ -1754,8 +1763,21 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
1754 &(lvalues[4475]),0}, 1763 &(lvalues[4475]),0},
1755{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, 1764{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
1756 &(lvalues[4483]),0}, 1765 &(lvalues[4483]),0},
1757{NULL,NULL,NID_undef,0,NULL}, 1766{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
1758{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4491]),0}, 1767 &(lvalues[4491]),0},
1768{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4494]),0},
1769{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
1770 &(lvalues[4502]),0},
1771{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
1772 &(lvalues[4511]),0},
1773{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
1774 &(lvalues[4520]),0},
1775{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
1776 &(lvalues[4529]),0},
1777{"SHA256","sha256",NID_sha256,9,&(lvalues[4538]),0},
1778{"SHA384","sha384",NID_sha384,9,&(lvalues[4547]),0},
1779{"SHA512","sha512",NID_sha512,9,&(lvalues[4556]),0},
1780{"SHA224","sha224",NID_sha224,9,&(lvalues[4565]),0},
1759}; 1781};
1760 1782
1761static ASN1_OBJECT *sn_objs[NUM_SN]={ 1783static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1881,8 +1903,16 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1881&(nid_objs[42]),/* "RSA-SHA" */ 1903&(nid_objs[42]),/* "RSA-SHA" */
1882&(nid_objs[65]),/* "RSA-SHA1" */ 1904&(nid_objs[65]),/* "RSA-SHA1" */
1883&(nid_objs[115]),/* "RSA-SHA1-2" */ 1905&(nid_objs[115]),/* "RSA-SHA1-2" */
1906&(nid_objs[671]),/* "RSA-SHA224" */
1907&(nid_objs[668]),/* "RSA-SHA256" */
1908&(nid_objs[669]),/* "RSA-SHA384" */
1909&(nid_objs[670]),/* "RSA-SHA512" */
1884&(nid_objs[41]),/* "SHA" */ 1910&(nid_objs[41]),/* "SHA" */
1885&(nid_objs[64]),/* "SHA1" */ 1911&(nid_objs[64]),/* "SHA1" */
1912&(nid_objs[675]),/* "SHA224" */
1913&(nid_objs[672]),/* "SHA256" */
1914&(nid_objs[673]),/* "SHA384" */
1915&(nid_objs[674]),/* "SHA512" */
1886&(nid_objs[188]),/* "SMIME" */ 1916&(nid_objs[188]),/* "SMIME" */
1887&(nid_objs[167]),/* "SMIME-CAPS" */ 1917&(nid_objs[167]),/* "SMIME-CAPS" */
1888&(nid_objs[100]),/* "SN" */ 1918&(nid_objs[100]),/* "SN" */
@@ -2182,6 +2212,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
2182&(nid_objs[649]),/* "msUPN" */ 2212&(nid_objs[649]),/* "msUPN" */
2183&(nid_objs[481]),/* "nSRecord" */ 2213&(nid_objs[481]),/* "nSRecord" */
2184&(nid_objs[173]),/* "name" */ 2214&(nid_objs[173]),/* "name" */
2215&(nid_objs[666]),/* "nameConstraints" */
2185&(nid_objs[369]),/* "noCheck" */ 2216&(nid_objs[369]),/* "noCheck" */
2186&(nid_objs[403]),/* "noRevAvail" */ 2217&(nid_objs[403]),/* "noRevAvail" */
2187&(nid_objs[72]),/* "nsBaseUrl" */ 2218&(nid_objs[72]),/* "nsBaseUrl" */
@@ -2254,9 +2285,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
2254&(nid_objs[ 1]),/* "rsadsi" */ 2285&(nid_objs[ 1]),/* "rsadsi" */
2255&(nid_objs[482]),/* "sOARecord" */ 2286&(nid_objs[482]),/* "sOARecord" */
2256&(nid_objs[155]),/* "safeContentsBag" */ 2287&(nid_objs[155]),/* "safeContentsBag" */
2257&(nid_objs[291]),/* "sbqp-autonomousSysNum" */ 2288&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
2258&(nid_objs[290]),/* "sbqp-ipAddrBlock" */ 2289&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
2259&(nid_objs[292]),/* "sbqp-routerIdentifier" */ 2290&(nid_objs[292]),/* "sbgp-routerIdentifier" */
2260&(nid_objs[159]),/* "sdsiCertificate" */ 2291&(nid_objs[159]),/* "sdsiCertificate" */
2261&(nid_objs[154]),/* "secretBag" */ 2292&(nid_objs[154]),/* "secretBag" */
2262&(nid_objs[474]),/* "secretary" */ 2293&(nid_objs[474]),/* "secretary" */
@@ -2517,6 +2548,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2517&(nid_objs[126]),/* "X509v3 Extended Key Usage" */ 2548&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
2518&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ 2549&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
2519&(nid_objs[83]),/* "X509v3 Key Usage" */ 2550&(nid_objs[83]),/* "X509v3 Key Usage" */
2551&(nid_objs[666]),/* "X509v3 Name Constraints" */
2520&(nid_objs[403]),/* "X509v3 No Revocation Available" */ 2552&(nid_objs[403]),/* "X509v3 No Revocation Available" */
2521&(nid_objs[401]),/* "X509v3 Policy Constraints" */ 2553&(nid_objs[401]),/* "X509v3 Policy Constraints" */
2522&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ 2554&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
@@ -2930,9 +2962,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2930&(nid_objs[124]),/* "run length compression" */ 2962&(nid_objs[124]),/* "run length compression" */
2931&(nid_objs[482]),/* "sOARecord" */ 2963&(nid_objs[482]),/* "sOARecord" */
2932&(nid_objs[155]),/* "safeContentsBag" */ 2964&(nid_objs[155]),/* "safeContentsBag" */
2933&(nid_objs[291]),/* "sbqp-autonomousSysNum" */ 2965&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
2934&(nid_objs[290]),/* "sbqp-ipAddrBlock" */ 2966&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
2935&(nid_objs[292]),/* "sbqp-routerIdentifier" */ 2967&(nid_objs[292]),/* "sbgp-routerIdentifier" */
2936&(nid_objs[159]),/* "sdsiCertificate" */ 2968&(nid_objs[159]),/* "sdsiCertificate" */
2937&(nid_objs[154]),/* "secretBag" */ 2969&(nid_objs[154]),/* "secretBag" */
2938&(nid_objs[474]),/* "secretary" */ 2970&(nid_objs[474]),/* "secretary" */
@@ -3059,6 +3091,14 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
3059&(nid_objs[64]),/* "sha1" */ 3091&(nid_objs[64]),/* "sha1" */
3060&(nid_objs[115]),/* "sha1WithRSA" */ 3092&(nid_objs[115]),/* "sha1WithRSA" */
3061&(nid_objs[65]),/* "sha1WithRSAEncryption" */ 3093&(nid_objs[65]),/* "sha1WithRSAEncryption" */
3094&(nid_objs[675]),/* "sha224" */
3095&(nid_objs[671]),/* "sha224WithRSAEncryption" */
3096&(nid_objs[672]),/* "sha256" */
3097&(nid_objs[668]),/* "sha256WithRSAEncryption" */
3098&(nid_objs[673]),/* "sha384" */
3099&(nid_objs[669]),/* "sha384WithRSAEncryption" */
3100&(nid_objs[674]),/* "sha512" */
3101&(nid_objs[670]),/* "sha512WithRSAEncryption" */
3062&(nid_objs[42]),/* "shaWithRSAEncryption" */ 3102&(nid_objs[42]),/* "shaWithRSAEncryption" */
3063&(nid_objs[52]),/* "signingTime" */ 3103&(nid_objs[52]),/* "signingTime" */
3064&(nid_objs[454]),/* "simpleSecurityObject" */ 3104&(nid_objs[454]),/* "simpleSecurityObject" */
@@ -3133,6 +3173,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3133&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */ 3173&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
3134&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */ 3174&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
3135&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */ 3175&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
3176&(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */
3136&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ 3177&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
3137&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ 3178&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
3138&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ 3179&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
@@ -3383,9 +3424,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3383&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */ 3424&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
3384&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */ 3425&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
3385&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */ 3426&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
3386&(nid_objs[290]),/* OBJ_sbqp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */ 3427&(nid_objs[290]),/* OBJ_sbgp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
3387&(nid_objs[291]),/* OBJ_sbqp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */ 3428&(nid_objs[291]),/* OBJ_sbgp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
3388&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */ 3429&(nid_objs[292]),/* OBJ_sbgp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
3389&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */ 3430&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
3390&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */ 3431&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
3391&(nid_objs[663]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */ 3432&(nid_objs[663]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
@@ -3480,6 +3521,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3480&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ 3521&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
3481&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ 3522&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
3482&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */ 3523&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
3524&(nid_objs[668]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
3525&(nid_objs[669]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
3526&(nid_objs[670]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
3527&(nid_objs[671]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
3483&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ 3528&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
3484&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ 3529&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
3485&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ 3530&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
@@ -3544,6 +3589,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
3544&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ 3589&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
3545&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */ 3590&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
3546&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */ 3591&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
3592&(nid_objs[672]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
3593&(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
3594&(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
3595&(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
3547&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ 3596&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
3548&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ 3597&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
3549&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ 3598&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
diff --git a/src/lib/libssl/src/crypto/objects/obj_err.c b/src/lib/libssl/src/crypto/objects/obj_err.c
index 2b5f43e3cc..0682979b38 100644
--- a/src/lib/libssl/src/crypto/objects/obj_err.c
+++ b/src/lib/libssl/src/crypto/objects/obj_err.c
@@ -1,6 +1,6 @@
1/* crypto/objects/obj_err.c */ 1/* crypto/objects/obj_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,22 +64,26 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
70
67static ERR_STRING_DATA OBJ_str_functs[]= 71static ERR_STRING_DATA OBJ_str_functs[]=
68 { 72 {
69{ERR_PACK(0,OBJ_F_OBJ_ADD_OBJECT,0), "OBJ_add_object"}, 73{ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT), "OBJ_add_object"},
70{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"}, 74{ERR_FUNC(OBJ_F_OBJ_CREATE), "OBJ_create"},
71{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"}, 75{ERR_FUNC(OBJ_F_OBJ_DUP), "OBJ_dup"},
72{ERR_PACK(0,OBJ_F_OBJ_NAME_NEW_INDEX,0), "OBJ_NAME_new_index"}, 76{ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX), "OBJ_NAME_new_index"},
73{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"}, 77{ERR_FUNC(OBJ_F_OBJ_NID2LN), "OBJ_nid2ln"},
74{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"}, 78{ERR_FUNC(OBJ_F_OBJ_NID2OBJ), "OBJ_nid2obj"},
75{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"}, 79{ERR_FUNC(OBJ_F_OBJ_NID2SN), "OBJ_nid2sn"},
76{0,NULL} 80{0,NULL}
77 }; 81 };
78 82
79static ERR_STRING_DATA OBJ_str_reasons[]= 83static ERR_STRING_DATA OBJ_str_reasons[]=
80 { 84 {
81{OBJ_R_MALLOC_FAILURE ,"malloc failure"}, 85{ERR_REASON(OBJ_R_MALLOC_FAILURE) ,"malloc failure"},
82{OBJ_R_UNKNOWN_NID ,"unknown nid"}, 86{ERR_REASON(OBJ_R_UNKNOWN_NID) ,"unknown nid"},
83{0,NULL} 87{0,NULL}
84 }; 88 };
85 89
@@ -93,8 +97,8 @@ void ERR_load_OBJ_strings(void)
93 { 97 {
94 init=0; 98 init=0;
95#ifndef OPENSSL_NO_ERR 99#ifndef OPENSSL_NO_ERR
96 ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs); 100 ERR_load_strings(0,OBJ_str_functs);
97 ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons); 101 ERR_load_strings(0,OBJ_str_reasons);
98#endif 102#endif
99 103
100 } 104 }
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.h b/src/lib/libssl/src/crypto/objects/obj_mac.h
index d28894cf41..51bb50047f 100644
--- a/src/lib/libssl/src/crypto/objects/obj_mac.h
+++ b/src/lib/libssl/src/crypto/objects/obj_mac.h
@@ -241,6 +241,26 @@
241#define NID_sha1WithRSAEncryption 65 241#define NID_sha1WithRSAEncryption 65
242#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L 242#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
243 243
244#define SN_sha256WithRSAEncryption "RSA-SHA256"
245#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
246#define NID_sha256WithRSAEncryption 668
247#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
248
249#define SN_sha384WithRSAEncryption "RSA-SHA384"
250#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
251#define NID_sha384WithRSAEncryption 669
252#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
253
254#define SN_sha512WithRSAEncryption "RSA-SHA512"
255#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
256#define NID_sha512WithRSAEncryption 670
257#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
258
259#define SN_sha224WithRSAEncryption "RSA-SHA224"
260#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
261#define NID_sha224WithRSAEncryption 671
262#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
263
244#define SN_pkcs3 "pkcs3" 264#define SN_pkcs3 "pkcs3"
245#define NID_pkcs3 27 265#define NID_pkcs3 27
246#define OBJ_pkcs3 OBJ_pkcs,3L 266#define OBJ_pkcs3 OBJ_pkcs,3L
@@ -1048,17 +1068,17 @@
1048#define NID_aaControls 289 1068#define NID_aaControls 289
1049#define OBJ_aaControls OBJ_id_pe,6L 1069#define OBJ_aaControls OBJ_id_pe,6L
1050 1070
1051#define SN_sbqp_ipAddrBlock "sbqp-ipAddrBlock" 1071#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
1052#define NID_sbqp_ipAddrBlock 290 1072#define NID_sbgp_ipAddrBlock 290
1053#define OBJ_sbqp_ipAddrBlock OBJ_id_pe,7L 1073#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L
1054 1074
1055#define SN_sbqp_autonomousSysNum "sbqp-autonomousSysNum" 1075#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
1056#define NID_sbqp_autonomousSysNum 291 1076#define NID_sbgp_autonomousSysNum 291
1057#define OBJ_sbqp_autonomousSysNum OBJ_id_pe,8L 1077#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L
1058 1078
1059#define SN_sbqp_routerIdentifier "sbqp-routerIdentifier" 1079#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
1060#define NID_sbqp_routerIdentifier 292 1080#define NID_sbgp_routerIdentifier 292
1061#define OBJ_sbqp_routerIdentifier OBJ_id_pe,9L 1081#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L
1062 1082
1063#define SN_ac_proxying "ac-proxying" 1083#define SN_ac_proxying "ac-proxying"
1064#define NID_ac_proxying 397 1084#define NID_ac_proxying 397
@@ -1779,6 +1799,11 @@
1779#define NID_delta_crl 140 1799#define NID_delta_crl 140
1780#define OBJ_delta_crl OBJ_id_ce,27L 1800#define OBJ_delta_crl OBJ_id_ce,27L
1781 1801
1802#define SN_name_constraints "nameConstraints"
1803#define LN_name_constraints "X509v3 Name Constraints"
1804#define NID_name_constraints 666
1805#define OBJ_name_constraints OBJ_id_ce,30L
1806
1782#define SN_crl_distribution_points "crlDistributionPoints" 1807#define SN_crl_distribution_points "crlDistributionPoints"
1783#define LN_crl_distribution_points "X509v3 CRL Distribution Points" 1808#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
1784#define NID_crl_distribution_points 103 1809#define NID_crl_distribution_points 103
@@ -2081,6 +2106,28 @@
2081#define LN_des_ede3_cfb8 "des-ede3-cfb8" 2106#define LN_des_ede3_cfb8 "des-ede3-cfb8"
2082#define NID_des_ede3_cfb8 659 2107#define NID_des_ede3_cfb8 659
2083 2108
2109#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
2110
2111#define SN_sha256 "SHA256"
2112#define LN_sha256 "sha256"
2113#define NID_sha256 672
2114#define OBJ_sha256 OBJ_nist_hashalgs,1L
2115
2116#define SN_sha384 "SHA384"
2117#define LN_sha384 "sha384"
2118#define NID_sha384 673
2119#define OBJ_sha384 OBJ_nist_hashalgs,2L
2120
2121#define SN_sha512 "SHA512"
2122#define LN_sha512 "sha512"
2123#define NID_sha512 674
2124#define OBJ_sha512 OBJ_nist_hashalgs,3L
2125
2126#define SN_sha224 "SHA224"
2127#define LN_sha224 "sha224"
2128#define NID_sha224 675
2129#define OBJ_sha224 OBJ_nist_hashalgs,4L
2130
2084#define SN_hold_instruction_code "holdInstructionCode" 2131#define SN_hold_instruction_code "holdInstructionCode"
2085#define LN_hold_instruction_code "Hold Instruction Code" 2132#define LN_hold_instruction_code "Hold Instruction Code"
2086#define NID_hold_instruction_code 430 2133#define NID_hold_instruction_code 430
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.num b/src/lib/libssl/src/crypto/objects/obj_mac.num
index 0e64a929ba..84555d936e 100644
--- a/src/lib/libssl/src/crypto/objects/obj_mac.num
+++ b/src/lib/libssl/src/crypto/objects/obj_mac.num
@@ -287,9 +287,9 @@ qcStatements 286
287ac_auditEntity 287 287ac_auditEntity 287
288ac_targeting 288 288ac_targeting 288
289aaControls 289 289aaControls 289
290sbqp_ipAddrBlock 290 290sbgp_ipAddrBlock 290
291sbqp_autonomousSysNum 291 291sbgp_autonomousSysNum 291
292sbqp_routerIdentifier 292 292sbgp_routerIdentifier 292
293textNotice 293 293textNotice 293
294ipsecEndSystem 294 294ipsecEndSystem 294
295ipsecTunnel 295 295ipsecTunnel 295
@@ -663,5 +663,13 @@ id_ppl 662
663proxyCertInfo 663 663proxyCertInfo 663
664id_ppl_anyLanguage 664 664id_ppl_anyLanguage 664
665id_ppl_inheritAll 665 665id_ppl_inheritAll 665
666id_ppl_independent 666 666name_constraints 666
667Independent 667 667Independent 667
668sha256WithRSAEncryption 668
669sha384WithRSAEncryption 669
670sha512WithRSAEncryption 670
671sha224WithRSAEncryption 671
672sha256 672
673sha384 673
674sha512 674
675sha224 675
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt
index 50e9031e61..2635c4e667 100644
--- a/src/lib/libssl/src/crypto/objects/objects.txt
+++ b/src/lib/libssl/src/crypto/objects/objects.txt
@@ -63,6 +63,11 @@ pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
63pkcs1 3 : RSA-MD4 : md4WithRSAEncryption 63pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
64pkcs1 4 : RSA-MD5 : md5WithRSAEncryption 64pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
65pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption 65pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
66# According to PKCS #1 version 2.1
67pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
68pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
69pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
70pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption
66 71
67pkcs 3 : pkcs3 72pkcs 3 : pkcs3
68pkcs3 1 : : dhKeyAgreement 73pkcs3 1 : : dhKeyAgreement
@@ -341,9 +346,9 @@ id-pe 3 : qcStatements
341id-pe 4 : ac-auditEntity 346id-pe 4 : ac-auditEntity
342id-pe 5 : ac-targeting 347id-pe 5 : ac-targeting
343id-pe 6 : aaControls 348id-pe 6 : aaControls
344id-pe 7 : sbqp-ipAddrBlock 349id-pe 7 : sbgp-ipAddrBlock
345id-pe 8 : sbqp-autonomousSysNum 350id-pe 8 : sbgp-autonomousSysNum
346id-pe 9 : sbqp-routerIdentifier 351id-pe 9 : sbgp-routerIdentifier
347id-pe 10 : ac-proxying 352id-pe 10 : ac-proxying
348!Cname sinfo-access 353!Cname sinfo-access
349id-pe 11 : subjectInfoAccess : Subject Information Access 354id-pe 11 : subjectInfoAccess : Subject Information Access
@@ -584,6 +589,8 @@ id-ce 21 : CRLReason : X509v3 CRL Reason Code
584id-ce 24 : invalidityDate : Invalidity Date 589id-ce 24 : invalidityDate : Invalidity Date
585!Cname delta-crl 590!Cname delta-crl
586id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator 591id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
592!Cname name-constraints
593id-ce 30 : nameConstraints : X509v3 Name Constraints
587!Cname crl-distribution-points 594!Cname crl-distribution-points
588id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points 595id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
589!Cname certificate-policies 596!Cname certificate-policies
@@ -703,6 +710,13 @@ aes 44 : AES-256-CFB : aes-256-cfb
703 : DES-EDE3-CFB1 : des-ede3-cfb1 710 : DES-EDE3-CFB1 : des-ede3-cfb1
704 : DES-EDE3-CFB8 : des-ede3-cfb8 711 : DES-EDE3-CFB8 : des-ede3-cfb8
705 712
713# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
714!Alias nist_hashalgs nistAlgorithms 2
715nist_hashalgs 1 : SHA256 : sha256
716nist_hashalgs 2 : SHA384 : sha384
717nist_hashalgs 3 : SHA512 : sha512
718nist_hashalgs 4 : SHA224 : sha224
719
706# Hold instruction CRL entry extension 720# Hold instruction CRL entry extension
707!Cname hold-instruction-code 721!Cname hold-instruction-code
708id-ce 23 : holdInstructionCode : Hold Instruction Code 722id-ce 23 : holdInstructionCode : Hold Instruction Code
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_err.c b/src/lib/libssl/src/crypto/ocsp/ocsp_err.c
index 4c4d8306f8..65e6093fbc 100644
--- a/src/lib/libssl/src/crypto/ocsp/ocsp_err.c
+++ b/src/lib/libssl/src/crypto/ocsp/ocsp_err.c
@@ -1,6 +1,6 @@
1/* crypto/ocsp/ocsp_err.c */ 1/* crypto/ocsp/ocsp_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,60 +64,64 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
70
67static ERR_STRING_DATA OCSP_str_functs[]= 71static ERR_STRING_DATA OCSP_str_functs[]=
68 { 72 {
69{ERR_PACK(0,OCSP_F_ASN1_STRING_ENCODE,0), "ASN1_STRING_encode"}, 73{ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"},
70{ERR_PACK(0,OCSP_F_CERT_ID_NEW,0), "CERT_ID_NEW"}, 74{ERR_FUNC(OCSP_F_CERT_ID_NEW), "CERT_ID_NEW"},
71{ERR_PACK(0,OCSP_F_D2I_OCSP_NONCE,0), "D2I_OCSP_NONCE"}, 75{ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "D2I_OCSP_NONCE"},
72{ERR_PACK(0,OCSP_F_OCSP_BASIC_ADD1_STATUS,0), "OCSP_basic_add1_status"}, 76{ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"},
73{ERR_PACK(0,OCSP_F_OCSP_BASIC_SIGN,0), "OCSP_basic_sign"}, 77{ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"},
74{ERR_PACK(0,OCSP_F_OCSP_BASIC_VERIFY,0), "OCSP_basic_verify"}, 78{ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"},
75{ERR_PACK(0,OCSP_F_OCSP_CHECK_DELEGATED,0), "OCSP_CHECK_DELEGATED"}, 79{ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"},
76{ERR_PACK(0,OCSP_F_OCSP_CHECK_IDS,0), "OCSP_CHECK_IDS"}, 80{ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "OCSP_CHECK_IDS"},
77{ERR_PACK(0,OCSP_F_OCSP_CHECK_ISSUER,0), "OCSP_CHECK_ISSUER"}, 81{ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "OCSP_CHECK_ISSUER"},
78{ERR_PACK(0,OCSP_F_OCSP_CHECK_VALIDITY,0), "OCSP_check_validity"}, 82{ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY), "OCSP_check_validity"},
79{ERR_PACK(0,OCSP_F_OCSP_MATCH_ISSUERID,0), "OCSP_MATCH_ISSUERID"}, 83{ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID), "OCSP_MATCH_ISSUERID"},
80{ERR_PACK(0,OCSP_F_OCSP_PARSE_URL,0), "OCSP_parse_url"}, 84{ERR_FUNC(OCSP_F_OCSP_PARSE_URL), "OCSP_parse_url"},
81{ERR_PACK(0,OCSP_F_OCSP_REQUEST_SIGN,0), "OCSP_request_sign"}, 85{ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN), "OCSP_request_sign"},
82{ERR_PACK(0,OCSP_F_OCSP_REQUEST_VERIFY,0), "OCSP_request_verify"}, 86{ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
83{ERR_PACK(0,OCSP_F_OCSP_RESPONSE_GET1_BASIC,0), "OCSP_response_get1_basic"}, 87{ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
84{ERR_PACK(0,OCSP_F_OCSP_SENDREQ_BIO,0), "OCSP_sendreq_bio"}, 88{ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"},
85{ERR_PACK(0,OCSP_F_REQUEST_VERIFY,0), "REQUEST_VERIFY"}, 89{ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"},
86{0,NULL} 90{0,NULL}
87 }; 91 };
88 92
89static ERR_STRING_DATA OCSP_str_reasons[]= 93static ERR_STRING_DATA OCSP_str_reasons[]=
90 { 94 {
91{OCSP_R_BAD_DATA ,"bad data"}, 95{ERR_REASON(OCSP_R_BAD_DATA) ,"bad data"},
92{OCSP_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"}, 96{ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
93{OCSP_R_DIGEST_ERR ,"digest err"}, 97{ERR_REASON(OCSP_R_DIGEST_ERR) ,"digest err"},
94{OCSP_R_ERROR_IN_NEXTUPDATE_FIELD ,"error in nextupdate field"}, 98{ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),"error in nextupdate field"},
95{OCSP_R_ERROR_IN_THISUPDATE_FIELD ,"error in thisupdate field"}, 99{ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD),"error in thisupdate field"},
96{OCSP_R_ERROR_PARSING_URL ,"error parsing url"}, 100{ERR_REASON(OCSP_R_ERROR_PARSING_URL) ,"error parsing url"},
97{OCSP_R_MISSING_OCSPSIGNING_USAGE ,"missing ocspsigning usage"}, 101{ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE),"missing ocspsigning usage"},
98{OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE ,"nextupdate before thisupdate"}, 102{ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),"nextupdate before thisupdate"},
99{OCSP_R_NOT_BASIC_RESPONSE ,"not basic response"}, 103{ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE) ,"not basic response"},
100{OCSP_R_NO_CERTIFICATES_IN_CHAIN ,"no certificates in chain"}, 104{ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN),"no certificates in chain"},
101{OCSP_R_NO_CONTENT ,"no content"}, 105{ERR_REASON(OCSP_R_NO_CONTENT) ,"no content"},
102{OCSP_R_NO_PUBLIC_KEY ,"no public key"}, 106{ERR_REASON(OCSP_R_NO_PUBLIC_KEY) ,"no public key"},
103{OCSP_R_NO_RESPONSE_DATA ,"no response data"}, 107{ERR_REASON(OCSP_R_NO_RESPONSE_DATA) ,"no response data"},
104{OCSP_R_NO_REVOKED_TIME ,"no revoked time"}, 108{ERR_REASON(OCSP_R_NO_REVOKED_TIME) ,"no revoked time"},
105{OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"}, 109{ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
106{OCSP_R_REQUEST_NOT_SIGNED ,"request not signed"}, 110{ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED) ,"request not signed"},
107{OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA,"response contains no revocation data"}, 111{ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),"response contains no revocation data"},
108{OCSP_R_ROOT_CA_NOT_TRUSTED ,"root ca not trusted"}, 112{ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED) ,"root ca not trusted"},
109{OCSP_R_SERVER_READ_ERROR ,"server read error"}, 113{ERR_REASON(OCSP_R_SERVER_READ_ERROR) ,"server read error"},
110{OCSP_R_SERVER_RESPONSE_ERROR ,"server response error"}, 114{ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR),"server response error"},
111{OCSP_R_SERVER_RESPONSE_PARSE_ERROR ,"server response parse error"}, 115{ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),"server response parse error"},
112{OCSP_R_SERVER_WRITE_ERROR ,"server write error"}, 116{ERR_REASON(OCSP_R_SERVER_WRITE_ERROR) ,"server write error"},
113{OCSP_R_SIGNATURE_FAILURE ,"signature failure"}, 117{ERR_REASON(OCSP_R_SIGNATURE_FAILURE) ,"signature failure"},
114{OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND ,"signer certificate not found"}, 118{ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
115{OCSP_R_STATUS_EXPIRED ,"status expired"}, 119{ERR_REASON(OCSP_R_STATUS_EXPIRED) ,"status expired"},
116{OCSP_R_STATUS_NOT_YET_VALID ,"status not yet valid"}, 120{ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID) ,"status not yet valid"},
117{OCSP_R_STATUS_TOO_OLD ,"status too old"}, 121{ERR_REASON(OCSP_R_STATUS_TOO_OLD) ,"status too old"},
118{OCSP_R_UNKNOWN_MESSAGE_DIGEST ,"unknown message digest"}, 122{ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST),"unknown message digest"},
119{OCSP_R_UNKNOWN_NID ,"unknown nid"}, 123{ERR_REASON(OCSP_R_UNKNOWN_NID) ,"unknown nid"},
120{OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE ,"unsupported requestorname type"}, 124{ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),"unsupported requestorname type"},
121{0,NULL} 125{0,NULL}
122 }; 126 };
123 127
@@ -131,8 +135,8 @@ void ERR_load_OCSP_strings(void)
131 { 135 {
132 init=0; 136 init=0;
133#ifndef OPENSSL_NO_ERR 137#ifndef OPENSSL_NO_ERR
134 ERR_load_strings(ERR_LIB_OCSP,OCSP_str_functs); 138 ERR_load_strings(0,OCSP_str_functs);
135 ERR_load_strings(ERR_LIB_OCSP,OCSP_str_reasons); 139 ERR_load_strings(0,OCSP_str_reasons);
136#endif 140#endif
137 141
138 } 142 }
diff --git a/src/lib/libssl/src/crypto/opensslv.h b/src/lib/libssl/src/crypto/opensslv.h
index 5d5f688edd..e50c1baf00 100644
--- a/src/lib/libssl/src/crypto/opensslv.h
+++ b/src/lib/libssl/src/crypto/opensslv.h
@@ -25,11 +25,11 @@
25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for 25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
26 * major minor fix final patch/beta) 26 * major minor fix final patch/beta)
27 */ 27 */
28#define OPENSSL_VERSION_NUMBER 0x0090707fL 28#define OPENSSL_VERSION_NUMBER 0x009070afL
29#ifdef OPENSSL_FIPS 29#ifdef OPENSSL_FIPS
30#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7g-fips 11 Apr 2005" 30#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7j-fips 04 May 2006"
31#else 31#else
32#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7g 11 Apr 2005" 32#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7j 04 May 2006"
33#endif 33#endif
34#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT 34#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
35 35
diff --git a/src/lib/libssl/src/crypto/pem/Makefile b/src/lib/libssl/src/crypto/pem/Makefile
index f3dfea2ac8..fbc2b5d056 100644
--- a/src/lib/libssl/src/crypto/pem/Makefile
+++ b/src/lib/libssl/src/crypto/pem/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/pem/Makefile 2# OpenSSL/crypto/pem/Makefile
3# 3#
4 4
5DIR= pem 5DIR= pem
diff --git a/src/lib/libssl/src/crypto/pem/pem_err.c b/src/lib/libssl/src/crypto/pem/pem_err.c
index 3b39b84d66..8527028ebc 100644
--- a/src/lib/libssl/src/crypto/pem/pem_err.c
+++ b/src/lib/libssl/src/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
1/* crypto/pem/pem_err.c */ 1/* crypto/pem/pem_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,52 +64,56 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
70
67static ERR_STRING_DATA PEM_str_functs[]= 71static ERR_STRING_DATA PEM_str_functs[]=
68 { 72 {
69{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0), "d2i_PKCS8PrivateKey_bio"}, 73{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
70{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0), "d2i_PKCS8PrivateKey_fp"}, 74{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
71{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"}, 75{ERR_FUNC(PEM_F_DEF_CALLBACK), "DEF_CALLBACK"},
72{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"}, 76{ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
73{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"}, 77{ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
74{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"}, 78{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
75{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"}, 79{ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
76{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"}, 80{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
77{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"}, 81{ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
78{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0), "PEM_F_DO_PK8KEY_FP"}, 82{ERR_FUNC(PEM_F_PEM_F_DO_PK8KEY_FP), "PEM_F_DO_PK8KEY_FP"},
79{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, 83{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
80{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"}, 84{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
81{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"}, 85{ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
82{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"}, 86{ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
83{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"}, 87{ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
84{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"}, 88{ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
85{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"}, 89{ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
86{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"}, 90{ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
87{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"}, 91{ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
88{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0), "PEM_write_bio_PKCS8PrivateKey"}, 92{ERR_FUNC(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY), "PEM_write_bio_PKCS8PrivateKey"},
89{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"}, 93{ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
90{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"}, 94{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
91{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"}, 95{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
92{0,NULL} 96{0,NULL}
93 }; 97 };
94 98
95static ERR_STRING_DATA PEM_str_reasons[]= 99static ERR_STRING_DATA PEM_str_reasons[]=
96 { 100 {
97{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"}, 101{ERR_REASON(PEM_R_BAD_BASE64_DECODE) ,"bad base64 decode"},
98{PEM_R_BAD_DECRYPT ,"bad decrypt"}, 102{ERR_REASON(PEM_R_BAD_DECRYPT) ,"bad decrypt"},
99{PEM_R_BAD_END_LINE ,"bad end line"}, 103{ERR_REASON(PEM_R_BAD_END_LINE) ,"bad end line"},
100{PEM_R_BAD_IV_CHARS ,"bad iv chars"}, 104{ERR_REASON(PEM_R_BAD_IV_CHARS) ,"bad iv chars"},
101{PEM_R_BAD_PASSWORD_READ ,"bad password read"}, 105{ERR_REASON(PEM_R_BAD_PASSWORD_READ) ,"bad password read"},
102{PEM_R_ERROR_CONVERTING_PRIVATE_KEY ,"error converting private key"}, 106{ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),"error converting private key"},
103{PEM_R_NOT_DEK_INFO ,"not dek info"}, 107{ERR_REASON(PEM_R_NOT_DEK_INFO) ,"not dek info"},
104{PEM_R_NOT_ENCRYPTED ,"not encrypted"}, 108{ERR_REASON(PEM_R_NOT_ENCRYPTED) ,"not encrypted"},
105{PEM_R_NOT_PROC_TYPE ,"not proc type"}, 109{ERR_REASON(PEM_R_NOT_PROC_TYPE) ,"not proc type"},
106{PEM_R_NO_START_LINE ,"no start line"}, 110{ERR_REASON(PEM_R_NO_START_LINE) ,"no start line"},
107{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"}, 111{ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),"problems getting password"},
108{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"}, 112{ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA) ,"public key no rsa"},
109{PEM_R_READ_KEY ,"read key"}, 113{ERR_REASON(PEM_R_READ_KEY) ,"read key"},
110{PEM_R_SHORT_HEADER ,"short header"}, 114{ERR_REASON(PEM_R_SHORT_HEADER) ,"short header"},
111{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, 115{ERR_REASON(PEM_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
112{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"}, 116{ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION),"unsupported encryption"},
113{0,NULL} 117{0,NULL}
114 }; 118 };
115 119
@@ -123,8 +127,8 @@ void ERR_load_PEM_strings(void)
123 { 127 {
124 init=0; 128 init=0;
125#ifndef OPENSSL_NO_ERR 129#ifndef OPENSSL_NO_ERR
126 ERR_load_strings(ERR_LIB_PEM,PEM_str_functs); 130 ERR_load_strings(0,PEM_str_functs);
127 ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons); 131 ERR_load_strings(0,PEM_str_reasons);
128#endif 132#endif
129 133
130 } 134 }
diff --git a/src/lib/libssl/src/crypto/perlasm/x86asm.pl b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
index bef2667079..ea54a1edc5 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86asm.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
@@ -90,7 +90,7 @@ $tmp
90#ifdef OUT 90#ifdef OUT
91#define OK 1 91#define OK 1
92#define ALIGN 4 92#define ALIGN 4
93#if defined(__CYGWIN__) || defined(__DJGPP__) 93#if defined(__CYGWIN__) || defined(__DJGPP__) || defined(__MINGW32__)
94#undef SIZE 94#undef SIZE
95#undef TYPE 95#undef TYPE
96#define SIZE(a,b) 96#define SIZE(a,b)
diff --git a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
index 5009acb4b3..4bdb3fe180 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
@@ -221,7 +221,15 @@ sub using486
221 221
222sub main'file 222sub main'file
223 { 223 {
224 push(@out, "segment .text use32\n"); 224 local $tmp;
225 $tmp=<<___;
226%ifdef __omf__
227section code use32 class=code
228%else
229section .text
230%endif
231___
232 push(@out,$tmp);
225 } 233 }
226 234
227sub main'function_begin 235sub main'function_begin
diff --git a/src/lib/libssl/src/crypto/pkcs12/Makefile b/src/lib/libssl/src/crypto/pkcs12/Makefile
index 854b641f7c..bef4f27912 100644
--- a/src/lib/libssl/src/crypto/pkcs12/Makefile
+++ b/src/lib/libssl/src/crypto/pkcs12/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/pkcs12/Makefile 2# OpenSSL/crypto/pkcs12/Makefile
3# 3#
4 4
5DIR= pkcs12 5DIR= pkcs12
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_add.c b/src/lib/libssl/src/crypto/pkcs12/p12_add.c
index 1909f28506..27015dd8c3 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_add.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_add.c
@@ -148,7 +148,11 @@ PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
148/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */ 148/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
149STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7) 149STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
150{ 150{
151 if(!PKCS7_type_is_data(p7)) return NULL; 151 if(!PKCS7_type_is_data(p7))
152 {
153 PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA);
154 return NULL;
155 }
152 return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS)); 156 return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
153} 157}
154 158
@@ -211,5 +215,10 @@ int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
211 215
212STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12) 216STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
213{ 217{
218 if (!PKCS7_type_is_data(p12->authsafes))
219 {
220 PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA);
221 return NULL;
222 }
214 return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES)); 223 return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
215} 224}
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c
index 4c36c643ce..40340a7bef 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c
@@ -76,7 +76,15 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
76 unsigned int keyidlen; 76 unsigned int keyidlen;
77 77
78 /* Set defaults */ 78 /* Set defaults */
79 if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; 79 if(!nid_cert)
80 {
81#ifdef OPENSSL_FIPS
82 if (FIPS_mode())
83 nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
84 else
85#endif
86 nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
87 }
80 if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; 88 if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
81 if(!iter) iter = PKCS12_DEFAULT_ITER; 89 if(!iter) iter = PKCS12_DEFAULT_ITER;
82 if(!mac_iter) mac_iter = 1; 90 if(!mac_iter) mac_iter = 1;
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
index 4886b9b289..140d21155e 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
@@ -72,6 +72,12 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
72 unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt; 72 unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
73 int saltlen, iter; 73 int saltlen, iter;
74 74
75 if (!PKCS7_type_is_data(p12->authsafes))
76 {
77 PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_CONTENT_TYPE_NOT_DATA);
78 return 0;
79 }
80
75 salt = p12->mac->salt->data; 81 salt = p12->mac->salt->data;
76 saltlen = p12->mac->salt->length; 82 saltlen = p12->mac->salt->length;
77 if (!p12->mac->iter) iter = 1; 83 if (!p12->mac->iter) iter = 1;
diff --git a/src/lib/libssl/src/crypto/pkcs12/pk12err.c b/src/lib/libssl/src/crypto/pkcs12/pk12err.c
index 10ab80502c..a33b37b1c7 100644
--- a/src/lib/libssl/src/crypto/pkcs12/pk12err.c
+++ b/src/lib/libssl/src/crypto/pkcs12/pk12err.c
@@ -1,6 +1,6 @@
1/* crypto/pkcs12/pk12err.c */ 1/* crypto/pkcs12/pk12err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,60 +64,67 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
70
67static ERR_STRING_DATA PKCS12_str_functs[]= 71static ERR_STRING_DATA PKCS12_str_functs[]=
68 { 72 {
69{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0), "PARSE_BAGS"}, 73{ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"},
70{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0), "PKCS12_ADD_FRIENDLYNAME"}, 74{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"},
71{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0), "PKCS12_add_friendlyname_asc"}, 75{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC), "PKCS12_add_friendlyname_asc"},
72{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0), "PKCS12_add_friendlyname_uni"}, 76{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI), "PKCS12_add_friendlyname_uni"},
73{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0), "PKCS12_add_localkeyid"}, 77{ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"},
74{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0), "PKCS12_create"}, 78{ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"},
75{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0), "PKCS12_decrypt_d2i"}, 79{ERR_FUNC(PKCS12_F_PKCS12_DECRYPT_D2I), "PKCS12_DECRYPT_D2I"},
76{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0), "PKCS12_gen_mac"}, 80{ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"},
77{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0), "PKCS12_i2d_encrypt"}, 81{ERR_FUNC(PKCS12_F_PKCS12_I2D_ENCRYPT), "PKCS12_I2D_ENCRYPT"},
78{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0), "PKCS12_init"}, 82{ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"},
79{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0), "PKCS12_key_gen_asc"}, 83{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"},
80{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0), "PKCS12_key_gen_uni"}, 84{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"},
81{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0), "PKCS12_MAKE_KEYBAG"}, 85{ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"},
82{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0), "PKCS12_MAKE_SHKEYBAG"}, 86{ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG), "PKCS12_MAKE_SHKEYBAG"},
83{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0), "PKCS12_newpass"}, 87{ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"},
84{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0), "PKCS12_pack_p7data"}, 88{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"},
85{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0), "PKCS12_pack_p7encdata"}, 89{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"},
86{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0), "PKCS12_pack_safebag"}, 90{ERR_FUNC(PKCS12_F_PKCS12_PACK_SAFEBAG), "PKCS12_PACK_SAFEBAG"},
87{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0), "PKCS12_parse"}, 91{ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"},
88{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0), "PKCS12_pbe_crypt"}, 92{ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"},
89{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0), "PKCS12_PBE_keyivgen"}, 93{ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"},
90{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0), "PKCS12_setup_mac"}, 94{ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"},
91{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0), "PKCS12_set_mac"}, 95{ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"},
92{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0), "PKCS8_add_keyusage"}, 96{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
93{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0), "PKCS8_encrypt"}, 97{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"},
94{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0), "VERIFY_MAC"}, 98{ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"},
99{ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"},
100{ERR_FUNC(PKCS12_F_VERIFY_MAC), "VERIFY_MAC"},
95{0,NULL} 101{0,NULL}
96 }; 102 };
97 103
98static ERR_STRING_DATA PKCS12_str_reasons[]= 104static ERR_STRING_DATA PKCS12_str_reasons[]=
99 { 105 {
100{PKCS12_R_CANT_PACK_STRUCTURE ,"cant pack structure"}, 106{ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE),"cant pack structure"},
101{PKCS12_R_DECODE_ERROR ,"decode error"}, 107{ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA),"content type not data"},
102{PKCS12_R_ENCODE_ERROR ,"encode error"}, 108{ERR_REASON(PKCS12_R_DECODE_ERROR) ,"decode error"},
103{PKCS12_R_ENCRYPT_ERROR ,"encrypt error"}, 109{ERR_REASON(PKCS12_R_ENCODE_ERROR) ,"encode error"},
104{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"}, 110{ERR_REASON(PKCS12_R_ENCRYPT_ERROR) ,"encrypt error"},
105{PKCS12_R_INVALID_NULL_ARGUMENT ,"invalid null argument"}, 111{ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),"error setting encrypted data type"},
106{PKCS12_R_INVALID_NULL_PKCS12_POINTER ,"invalid null pkcs12 pointer"}, 112{ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
107{PKCS12_R_IV_GEN_ERROR ,"iv gen error"}, 113{ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER),"invalid null pkcs12 pointer"},
108{PKCS12_R_KEY_GEN_ERROR ,"key gen error"}, 114{ERR_REASON(PKCS12_R_IV_GEN_ERROR) ,"iv gen error"},
109{PKCS12_R_MAC_ABSENT ,"mac absent"}, 115{ERR_REASON(PKCS12_R_KEY_GEN_ERROR) ,"key gen error"},
110{PKCS12_R_MAC_GENERATION_ERROR ,"mac generation error"}, 116{ERR_REASON(PKCS12_R_MAC_ABSENT) ,"mac absent"},
111{PKCS12_R_MAC_SETUP_ERROR ,"mac setup error"}, 117{ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR),"mac generation error"},
112{PKCS12_R_MAC_STRING_SET_ERROR ,"mac string set error"}, 118{ERR_REASON(PKCS12_R_MAC_SETUP_ERROR) ,"mac setup error"},
113{PKCS12_R_MAC_VERIFY_ERROR ,"mac verify error"}, 119{ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR),"mac string set error"},
114{PKCS12_R_MAC_VERIFY_FAILURE ,"mac verify failure"}, 120{ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR) ,"mac verify error"},
115{PKCS12_R_PARSE_ERROR ,"parse error"}, 121{ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE) ,"mac verify failure"},
116{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR ,"pkcs12 algor cipherinit error"}, 122{ERR_REASON(PKCS12_R_PARSE_ERROR) ,"parse error"},
117{PKCS12_R_PKCS12_CIPHERFINAL_ERROR ,"pkcs12 cipherfinal error"}, 123{ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),"pkcs12 algor cipherinit error"},
118{PKCS12_R_PKCS12_PBE_CRYPT_ERROR ,"pkcs12 pbe crypt error"}, 124{ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR),"pkcs12 cipherfinal error"},
119{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM ,"unknown digest algorithm"}, 125{ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR),"pkcs12 pbe crypt error"},
120{PKCS12_R_UNSUPPORTED_PKCS12_MODE ,"unsupported pkcs12 mode"}, 126{ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),"unknown digest algorithm"},
127{ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE),"unsupported pkcs12 mode"},
121{0,NULL} 128{0,NULL}
122 }; 129 };
123 130
@@ -131,8 +138,8 @@ void ERR_load_PKCS12_strings(void)
131 { 138 {
132 init=0; 139 init=0;
133#ifndef OPENSSL_NO_ERR 140#ifndef OPENSSL_NO_ERR
134 ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs); 141 ERR_load_strings(0,PKCS12_str_functs);
135 ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons); 142 ERR_load_strings(0,PKCS12_str_reasons);
136#endif 143#endif
137 144
138 } 145 }
diff --git a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
index dd338f266c..fb8af82d4f 100644
--- a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
+++ b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
@@ -287,12 +287,15 @@ void ERR_load_PKCS12_strings(void);
287#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 287#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
288#define PKCS12_F_PKCS12_SETUP_MAC 122 288#define PKCS12_F_PKCS12_SETUP_MAC 122
289#define PKCS12_F_PKCS12_SET_MAC 123 289#define PKCS12_F_PKCS12_SET_MAC 123
290#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 129
291#define PKCS12_F_PKCS12_UNPACK_P7DATA 130
290#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 292#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
291#define PKCS12_F_PKCS8_ENCRYPT 125 293#define PKCS12_F_PKCS8_ENCRYPT 125
292#define PKCS12_F_VERIFY_MAC 126 294#define PKCS12_F_VERIFY_MAC 126
293 295
294/* Reason codes. */ 296/* Reason codes. */
295#define PKCS12_R_CANT_PACK_STRUCTURE 100 297#define PKCS12_R_CANT_PACK_STRUCTURE 100
298#define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
296#define PKCS12_R_DECODE_ERROR 101 299#define PKCS12_R_DECODE_ERROR 101
297#define PKCS12_R_ENCODE_ERROR 102 300#define PKCS12_R_ENCODE_ERROR 102
298#define PKCS12_R_ENCRYPT_ERROR 103 301#define PKCS12_R_ENCRYPT_ERROR 103
diff --git a/src/lib/libssl/src/crypto/pkcs7/Makefile b/src/lib/libssl/src/crypto/pkcs7/Makefile
index f15c65f690..a213ae2227 100644
--- a/src/lib/libssl/src/crypto/pkcs7/Makefile
+++ b/src/lib/libssl/src/crypto/pkcs7/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/pkcs7/Makefile 2# OpenSSL/crypto/pkcs7/Makefile
3# 3#
4 4
5DIR= pkcs7 5DIR= pkcs7
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c
index 5d2a97839d..927b88c3e7 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c
@@ -3,7 +3,7 @@
3 * project 1999. 3 * project 1999.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -152,11 +152,12 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
152{ 152{
153 char bound[33], c; 153 char bound[33], c;
154 int i; 154 int i;
155 char *mime_prefix, *mime_eol; 155 char *mime_prefix, *mime_eol, *msg_type=NULL;
156 if (flags & PKCS7_NOOLDMIMETYPE) 156 if (flags & PKCS7_NOOLDMIMETYPE)
157 mime_prefix = "application/pkcs7-"; 157 mime_prefix = "application/pkcs7-";
158 else 158 else
159 mime_prefix = "application/x-pkcs7-"; 159 mime_prefix = "application/x-pkcs7-";
160
160 if (flags & PKCS7_CRLFEOL) 161 if (flags & PKCS7_CRLFEOL)
161 mime_eol = "\r\n"; 162 mime_eol = "\r\n";
162 else 163 else
@@ -198,11 +199,30 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
198 mime_eol, mime_eol); 199 mime_eol, mime_eol);
199 return 1; 200 return 1;
200 } 201 }
202
203 /* Determine smime-type header */
204
205 if (PKCS7_type_is_enveloped(p7))
206 msg_type = "enveloped-data";
207 else if (PKCS7_type_is_signed(p7))
208 {
209 /* If we have any signers it is signed-data othewise
210 * certs-only.
211 */
212 STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
213 sinfos = PKCS7_get_signer_info(p7);
214 if (sk_PKCS7_SIGNER_INFO_num(sinfos) > 0)
215 msg_type = "signed-data";
216 else
217 msg_type = "certs-only";
218 }
201 /* MIME headers */ 219 /* MIME headers */
202 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); 220 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
203 BIO_printf(bio, "Content-Disposition: attachment;"); 221 BIO_printf(bio, "Content-Disposition: attachment;");
204 BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol); 222 BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol);
205 BIO_printf(bio, "Content-Type: %smime;", mime_prefix); 223 BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
224 if (msg_type)
225 BIO_printf(bio, " smime-type=%s;", msg_type);
206 BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol); 226 BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol);
207 BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s", 227 BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
208 mime_eol, mime_eol); 228 mime_eol, mime_eol);
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c
index a852b49235..99a0d63f38 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c
@@ -296,11 +296,9 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
296 296
297 if (tmpin == indata) 297 if (tmpin == indata)
298 { 298 {
299 if(indata) BIO_pop(p7bio); 299 if (indata) BIO_pop(p7bio);
300 BIO_free_all(p7bio);
301 } 300 }
302 else 301 BIO_free_all(p7bio);
303 BIO_free_all(tmpin);
304 302
305 sk_X509_free(signers); 303 sk_X509_free(signers);
306 304
diff --git a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
index 5e51527a40..19894c80a4 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
@@ -1,6 +1,6 @@
1/* crypto/pkcs7/pkcs7err.c */ 1/* crypto/pkcs7/pkcs7err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,81 +64,85 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
70
67static ERR_STRING_DATA PKCS7_str_functs[]= 71static ERR_STRING_DATA PKCS7_str_functs[]=
68 { 72 {
69{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0), "B64_READ_PKCS7"}, 73{ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
70{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0), "B64_WRITE_PKCS7"}, 74{ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
71{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0), "PKCS7_add_attrib_smimecap"}, 75{ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP), "PKCS7_add_attrib_smimecap"},
72{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"}, 76{ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
73{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"}, 77{ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
74{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"}, 78{ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
75{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"}, 79{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"},
76{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"}, 80{ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"},
77{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0), "PKCS7_dataDecode"}, 81{ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
78{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"}, 82{ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
79{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_DATASIGN"}, 83{ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
80{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"}, 84{ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
81{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0), "PKCS7_decrypt"}, 85{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
82{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0), "PKCS7_encrypt"}, 86{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"},
83{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0), "PKCS7_get0_signers"}, 87{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"},
84{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"}, 88{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"},
85{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"}, 89{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"},
86{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"}, 90{ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"},
87{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0), "PKCS7_sign"}, 91{ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"},
88{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0), "PKCS7_signatureVerify"}, 92{ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"},
89{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0), "PKCS7_simple_smimecap"}, 93{ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
90{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0), "PKCS7_verify"}, 94{ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
91{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0), "SMIME_read_PKCS7"}, 95{ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
92{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0), "SMIME_text"}, 96{ERR_FUNC(PKCS7_F_SMIME_TEXT), "SMIME_text"},
93{0,NULL} 97{0,NULL}
94 }; 98 };
95 99
96static ERR_STRING_DATA PKCS7_str_reasons[]= 100static ERR_STRING_DATA PKCS7_str_reasons[]=
97 { 101 {
98{PKCS7_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"}, 102{ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
99{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"}, 103{ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
100{PKCS7_R_CIPHER_NOT_INITIALIZED ,"cipher not initialized"}, 104{ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED),"cipher not initialized"},
101{PKCS7_R_CONTENT_AND_DATA_PRESENT ,"content and data present"}, 105{ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),"content and data present"},
102{PKCS7_R_DECODE_ERROR ,"decode error"}, 106{ERR_REASON(PKCS7_R_DECODE_ERROR) ,"decode error"},
103{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH ,"decrypted key is wrong length"}, 107{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),"decrypted key is wrong length"},
104{PKCS7_R_DECRYPT_ERROR ,"decrypt error"}, 108{ERR_REASON(PKCS7_R_DECRYPT_ERROR) ,"decrypt error"},
105{PKCS7_R_DIGEST_FAILURE ,"digest failure"}, 109{ERR_REASON(PKCS7_R_DIGEST_FAILURE) ,"digest failure"},
106{PKCS7_R_ERROR_ADDING_RECIPIENT ,"error adding recipient"}, 110{ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT),"error adding recipient"},
107{PKCS7_R_ERROR_SETTING_CIPHER ,"error setting cipher"}, 111{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error setting cipher"},
108{PKCS7_R_INVALID_MIME_TYPE ,"invalid mime type"}, 112{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE) ,"invalid mime type"},
109{PKCS7_R_INVALID_NULL_POINTER ,"invalid null pointer"}, 113{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER),"invalid null pointer"},
110{PKCS7_R_MIME_NO_CONTENT_TYPE ,"mime no content type"}, 114{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE),"mime no content type"},
111{PKCS7_R_MIME_PARSE_ERROR ,"mime parse error"}, 115{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR) ,"mime parse error"},
112{PKCS7_R_MIME_SIG_PARSE_ERROR ,"mime sig parse error"}, 116{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR),"mime sig parse error"},
113{PKCS7_R_MISSING_CERIPEND_INFO ,"missing ceripend info"}, 117{ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO),"missing ceripend info"},
114{PKCS7_R_NO_CONTENT ,"no content"}, 118{ERR_REASON(PKCS7_R_NO_CONTENT) ,"no content"},
115{PKCS7_R_NO_CONTENT_TYPE ,"no content type"}, 119{ERR_REASON(PKCS7_R_NO_CONTENT_TYPE) ,"no content type"},
116{PKCS7_R_NO_MULTIPART_BODY_FAILURE ,"no multipart body failure"}, 120{ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
117{PKCS7_R_NO_MULTIPART_BOUNDARY ,"no multipart boundary"}, 121{ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
118{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"}, 122{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"},
119{PKCS7_R_NO_SIGNATURES_ON_DATA ,"no signatures on data"}, 123{ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"},
120{PKCS7_R_NO_SIGNERS ,"no signers"}, 124{ERR_REASON(PKCS7_R_NO_SIGNERS) ,"no signers"},
121{PKCS7_R_NO_SIG_CONTENT_TYPE ,"no sig content type"}, 125{ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"},
122{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"}, 126{ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"},
123{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ,"pkcs7 add signature error"}, 127{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"},
124{PKCS7_R_PKCS7_DATAFINAL_ERROR ,"pkcs7 datafinal error"}, 128{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"},
125{PKCS7_R_PKCS7_DATASIGN ,"pkcs7 datasign"}, 129{ERR_REASON(PKCS7_R_PKCS7_DATASIGN) ,"pkcs7 datasign"},
126{PKCS7_R_PKCS7_PARSE_ERROR ,"pkcs7 parse error"}, 130{ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR) ,"pkcs7 parse error"},
127{PKCS7_R_PKCS7_SIG_PARSE_ERROR ,"pkcs7 sig parse error"}, 131{ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR),"pkcs7 sig parse error"},
128{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"}, 132{ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
129{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"}, 133{ERR_REASON(PKCS7_R_SIGNATURE_FAILURE) ,"signature failure"},
130{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ,"signer certificate not found"}, 134{ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
131{PKCS7_R_SIG_INVALID_MIME_TYPE ,"sig invalid mime type"}, 135{ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"},
132{PKCS7_R_SMIME_TEXT_ERROR ,"smime text error"}, 136{ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR) ,"smime text error"},
133{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"}, 137{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),"unable to find certificate"},
134{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"}, 138{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO),"unable to find mem bio"},
135{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"}, 139{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),"unable to find message digest"},
136{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"}, 140{ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE) ,"unknown digest type"},
137{PKCS7_R_UNKNOWN_OPERATION ,"unknown operation"}, 141{ERR_REASON(PKCS7_R_UNKNOWN_OPERATION) ,"unknown operation"},
138{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"}, 142{ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE),"unsupported cipher type"},
139{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"}, 143{ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
140{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"}, 144{ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE) ,"wrong content type"},
141{PKCS7_R_WRONG_PKCS7_TYPE ,"wrong pkcs7 type"}, 145{ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE) ,"wrong pkcs7 type"},
142{0,NULL} 146{0,NULL}
143 }; 147 };
144 148
@@ -152,8 +156,8 @@ void ERR_load_PKCS7_strings(void)
152 { 156 {
153 init=0; 157 init=0;
154#ifndef OPENSSL_NO_ERR 158#ifndef OPENSSL_NO_ERR
155 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs); 159 ERR_load_strings(0,PKCS7_str_functs);
156 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons); 160 ERR_load_strings(0,PKCS7_str_reasons);
157#endif 161#endif
158 162
159 } 163 }
diff --git a/src/lib/libssl/src/crypto/rand/Makefile b/src/lib/libssl/src/crypto/rand/Makefile
index 665eaa18e5..b1d1a75f98 100644
--- a/src/lib/libssl/src/crypto/rand/Makefile
+++ b/src/lib/libssl/src/crypto/rand/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rand/Makefile 2# OpenSSL/crypto/rand/Makefile
3# 3#
4 4
5DIR= rand 5DIR= rand
diff --git a/src/lib/libssl/src/crypto/rand/rand_err.c b/src/lib/libssl/src/crypto/rand/rand_err.c
index 95574659ac..97f96e1aee 100644
--- a/src/lib/libssl/src/crypto/rand/rand_err.c
+++ b/src/lib/libssl/src/crypto/rand/rand_err.c
@@ -1,6 +1,6 @@
1/* crypto/rand/rand_err.c */ 1/* crypto/rand/rand_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,22 +64,26 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
70
67static ERR_STRING_DATA RAND_str_functs[]= 71static ERR_STRING_DATA RAND_str_functs[]=
68 { 72 {
69{ERR_PACK(0,RAND_F_FIPS_RAND_BYTES,0), "FIPS_RAND_BYTES"}, 73{ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"},
70{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0), "RAND_get_rand_method"}, 74{ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
71{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"}, 75{ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
72{0,NULL} 76{0,NULL}
73 }; 77 };
74 78
75static ERR_STRING_DATA RAND_str_reasons[]= 79static ERR_STRING_DATA RAND_str_reasons[]=
76 { 80 {
77{RAND_R_NON_FIPS_METHOD ,"non fips method"}, 81{ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"},
78{RAND_R_PRNG_ASKING_FOR_TOO_MUCH ,"prng asking for too much"}, 82{ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"},
79{RAND_R_PRNG_NOT_REKEYED ,"prng not rekeyed"}, 83{ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"},
80{RAND_R_PRNG_NOT_RESEEDED ,"prng not reseeded"}, 84{ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"},
81{RAND_R_PRNG_NOT_SEEDED ,"PRNG not seeded"}, 85{ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"},
82{RAND_R_PRNG_STUCK ,"prng stuck"}, 86{ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"},
83{0,NULL} 87{0,NULL}
84 }; 88 };
85 89
@@ -93,8 +97,8 @@ void ERR_load_RAND_strings(void)
93 { 97 {
94 init=0; 98 init=0;
95#ifndef OPENSSL_NO_ERR 99#ifndef OPENSSL_NO_ERR
96 ERR_load_strings(ERR_LIB_RAND,RAND_str_functs); 100 ERR_load_strings(0,RAND_str_functs);
97 ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons); 101 ERR_load_strings(0,RAND_str_reasons);
98#endif 102#endif
99 103
100 } 104 }
diff --git a/src/lib/libssl/src/crypto/rand/rand_lib.c b/src/lib/libssl/src/crypto/rand/rand_lib.c
index 88f1b56d91..a21bde79de 100644
--- a/src/lib/libssl/src/crypto/rand/rand_lib.c
+++ b/src/lib/libssl/src/crypto/rand/rand_lib.c
@@ -87,16 +87,6 @@ int RAND_set_rand_method(const RAND_METHOD *meth)
87 87
88const RAND_METHOD *RAND_get_rand_method(void) 88const RAND_METHOD *RAND_get_rand_method(void)
89 { 89 {
90#ifdef OPENSSL_FIPS
91 if(FIPS_mode()
92 && default_RAND_meth != FIPS_rand_check())
93 {
94 RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
95 return 0;
96 }
97#endif
98
99
100 if (!default_RAND_meth) 90 if (!default_RAND_meth)
101 { 91 {
102#ifndef OPENSSL_NO_ENGINE 92#ifndef OPENSSL_NO_ENGINE
@@ -114,8 +104,22 @@ const RAND_METHOD *RAND_get_rand_method(void)
114 funct_ref = e; 104 funct_ref = e;
115 else 105 else
116#endif 106#endif
117 default_RAND_meth = RAND_SSLeay(); 107#ifdef OPENSSL_FIPS
108 if(FIPS_mode())
109 default_RAND_meth=FIPS_rand_method();
110 else
111#endif
112 default_RAND_meth = RAND_SSLeay();
118 } 113 }
114
115#ifdef OPENSSL_FIPS
116 if(FIPS_mode()
117 && default_RAND_meth != FIPS_rand_check())
118 {
119 RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
120 return 0;
121 }
122#endif
119 return default_RAND_meth; 123 return default_RAND_meth;
120 } 124 }
121 125
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c
index c7fba496a8..7183fa32e4 100644
--- a/src/lib/libssl/src/crypto/rand/randfile.c
+++ b/src/lib/libssl/src/crypto/rand/randfile.c
@@ -57,7 +57,7 @@
57 */ 57 */
58 58
59/* We need to define this to get macros like S_IFBLK and S_IFCHR */ 59/* We need to define this to get macros like S_IFBLK and S_IFCHR */
60#define _XOPEN_SOURCE 1 60#define _XOPEN_SOURCE 500
61 61
62#include <errno.h> 62#include <errno.h>
63#include <stdio.h> 63#include <stdio.h>
diff --git a/src/lib/libssl/src/crypto/rc2/Makefile b/src/lib/libssl/src/crypto/rc2/Makefile
index 18edaca6c6..34080ab741 100644
--- a/src/lib/libssl/src/crypto/rc2/Makefile
+++ b/src/lib/libssl/src/crypto/rc2/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rc2/Makefile 2# OpenSSL/crypto/rc2/Makefile
3# 3#
4 4
5DIR= rc2 5DIR= rc2
@@ -82,7 +82,7 @@ rc2_cbc.o: rc2_cbc.c rc2_locl.h
82rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 82rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
83rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h 83rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
84rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 84rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
85rc2_skey.o: ../../include/openssl/opensslconf.h 85rc2_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
86rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h 86rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
87rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 87rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
88rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c 88rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_skey.c b/src/lib/libssl/src/crypto/rc2/rc2_skey.c
index 22f372f85c..9652865188 100644
--- a/src/lib/libssl/src/crypto/rc2/rc2_skey.c
+++ b/src/lib/libssl/src/crypto/rc2/rc2_skey.c
@@ -58,6 +58,7 @@
58 58
59#include <openssl/rc2.h> 59#include <openssl/rc2.h>
60#include <openssl/crypto.h> 60#include <openssl/crypto.h>
61#include <openssl/fips.h>
61#include "rc2_locl.h" 62#include "rc2_locl.h"
62 63
63static unsigned char key_table[256]={ 64static unsigned char key_table[256]={
diff --git a/src/lib/libssl/src/crypto/rc2/rc2speed.c b/src/lib/libssl/src/crypto/rc2/rc2speed.c
index 47d34b444e..4d0e1242ea 100644
--- a/src/lib/libssl/src/crypto/rc2/rc2speed.c
+++ b/src/lib/libssl/src/crypto/rc2/rc2speed.c
@@ -102,10 +102,10 @@ OPENSSL_DECLARE_EXIT
102#ifndef HZ 102#ifndef HZ
103#ifndef CLK_TCK 103#ifndef CLK_TCK
104#define HZ 100.0 104#define HZ 100.0
105#endif 105#else /* CLK_TCK */
106#else /* CLK_TCK */
107#define HZ ((double)CLK_TCK) 106#define HZ ((double)CLK_TCK)
108#endif 107#endif /* CLK_TCK */
108#endif /* HZ */
109 109
110#define BUFSIZE ((long)1024) 110#define BUFSIZE ((long)1024)
111long run=0; 111long run=0;
diff --git a/src/lib/libssl/src/crypto/rc4/Makefile b/src/lib/libssl/src/crypto/rc4/Makefile
index 64e06924f4..20d078ec87 100644
--- a/src/lib/libssl/src/crypto/rc4/Makefile
+++ b/src/lib/libssl/src/crypto/rc4/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rc4/Makefile 2# OpenSSL/crypto/rc4/Makefile
3# 3#
4 4
5DIR= rc4 5DIR= rc4
@@ -66,10 +66,14 @@ asm/rx86bsdi.o: asm/rx86unix.cpp
66asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl 66asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
67 (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp) 67 (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
68 68
69asm/rc4-amd64.s: asm/rc4-amd64.pl; $(PERL) asm/rc4-amd64.pl $@ 69asm/rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@
70 70
71asm/rc4-ia64.s: asm/rc4-ia64.S 71asm/rc4-ia64.s: asm/rc4-ia64.S
72 $(CC) $(CFLAGS) -E asm/rc4-ia64.S > $@ 72 @case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
73 int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E asm/rc4-ia64.S > $@ ;; \
74 char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E asm/rc4-ia64.S > $@ ;; \
75 *) exit 1 ;; \
76 esac
73 77
74files: 78files:
75 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO 79 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -116,7 +120,8 @@ rc4_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_enc.c rc4_locl.h
116rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h 120rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
117rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 121rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
118rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 122rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
119rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 123rc4_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
124rc4_skey.o: ../../include/openssl/opensslconf.h
120rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h 125rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
121rc4_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 126rc4_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
122rc4_skey.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_locl.h 127rc4_skey.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_locl.h
diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S b/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S
index b517d2e88f..a322d0c718 100644
--- a/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S
+++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S
@@ -7,7 +7,7 @@
7// disclaimed. 7// disclaimed.
8// ==================================================================== 8// ====================================================================
9 9
10.ident "rc4-ia64.S, Version 1.1" 10.ident "rc4-ia64.S, Version 2.0"
11.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>" 11.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
12 12
13// What's wrong with compiler generated code? Because of the nature of 13// What's wrong with compiler generated code? Because of the nature of
@@ -27,17 +27,10 @@
27// Legitimate "collisions" do occur within every 256^2 bytes window. 27// Legitimate "collisions" do occur within every 256^2 bytes window.
28// Fortunately there're enough free instruction slots to keep prior 28// Fortunately there're enough free instruction slots to keep prior
29// reference to key[x+1], detect "collision" and compensate for it. 29// reference to key[x+1], detect "collision" and compensate for it.
30// All this without sacrificing a single clock cycle:-) 30// All this without sacrificing a single clock cycle:-) Throughput is
31// Furthermore. In order to compress loop body to the minimum, I chose 31// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated
32// to deploy deposit instruction, which substitutes for the whole 32// code and +30% - if compared to HP-UX C. Unrolling loop below should
33// key->data+((x&255)<<log2(sizeof(key->data[0]))). This unfortunately 33// give >30% on top of that...
34// requires key->data to be aligned at sizeof(key->data) boundary.
35// This is why you'll find "RC4_INT pad[512-256-2];" addenum to RC4_KEY
36// and "d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));" in
37// rc4_skey.c [and rc4_enc.c, where it's retained for debugging
38// purposes]. Throughput is ~210MBps on 900MHz CPU, which is is >3x
39// faster than gcc generated code and +30% - if compared to HP-UX C.
40// Unrolling loop below should give >30% on top of that...
41 34
42.text 35.text
43.explicit 36.explicit
@@ -48,7 +41,9 @@
48# define ADDP add 41# define ADDP add
49#endif 42#endif
50 43
44#ifndef SZ
51#define SZ 4 // this is set to sizeof(RC4_INT) 45#define SZ 4 // this is set to sizeof(RC4_INT)
46#endif
52// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for 47// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for
53// assembler implementation, while SZ==1 code is ~30% slower. 48// assembler implementation, while SZ==1 code is ~30% slower.
54#if SZ==1 // RC4_INT is unsigned char 49#if SZ==1 // RC4_INT is unsigned char
@@ -101,45 +96,53 @@ RC4:
101 ADDP out=0,in3 96 ADDP out=0,in3
102 brp.loop.imp .Ltop,.Lexit-16 };; 97 brp.loop.imp .Ltop,.Lexit-16 };;
103{ .mmi; LDKEY yy=[key] // load key->y 98{ .mmi; LDKEY yy=[key] // load key->y
104 add ksch=(255+1)*SZ,key // as ksch will be used with 99 add ksch=SZ,key
105 // deposit instruction only,
106 // I don't have to &~255...
107 mov ar.lc=in1 } 100 mov ar.lc=in1 }
108{ .mmi; mov key_y[1]=r0 // guarantee inequality 101{ .mmi; mov key_y[1]=r0 // guarantee inequality
109 // in first iteration 102 // in first iteration
110 add xx=1,xx 103 add xx=1,xx
111 mov pr.rot=1<<16 };; 104 mov pr.rot=1<<16 };;
112{ .mii; nop.m 0 105{ .mii; nop.m 0
113 dep key_x[1]=xx,ksch,OFF,8 106 dep key_x[1]=xx,r0,OFF,8
114 mov ar.ec=3 };; // note that epilogue counter 107 mov ar.ec=3 };; // note that epilogue counter
115 // is off by 1. I compensate 108 // is off by 1. I compensate
116 // for this at exit... 109 // for this at exit...
117.Ltop: 110.Ltop:
118// The loop is scheduled for 3*(n+2) spin-rate on Itanium 2, which 111// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which
119// theoretically gives asymptotic performance of clock frequency 112// theoretically gives asymptotic performance of clock frequency
120// divided by 3 bytes per seconds, or 500MBps on 1.5GHz CPU. Measured 113// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is
121// performance however is distinctly lower than 1/4:-( The culplrit 114// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently
122// seems to be *(out++)=dat, which inadvertently splits the bundle, 115// splits the last bundle and you end up with 5*n spin-rate:-(
123// even though there is M-port available... Unrolling is due... 116// Originally the loop was scheduled for 3*n and relied on key
124// Unrolled loop should collect output with variable shift instruction 117// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But
125// in order to avoid starvation for integer shifter... It should be 118// *(out++)=dat, which maps to st1, had same effect [inadvertent
126// possible to get pretty close to theoretical peak... 119// bundle split] and holded the loop back. Rescheduling for 4*n
127{ .mmi; (p16) LDKEY tx[0]=[key_x[1]] // tx=key[xx] 120// made it possible to eliminate dependence on specific alignment
128 (p17) LDKEY ty[0]=[key_y[1]] // ty=key[yy] 121// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would
129 (p18) dep rnd[1]=rnd[1],ksch,OFF,8} // &key[(tx+ty)&255] 122// require unrolling, sticking to variable shift instruction for
123// collecting output [to avoid starvation for integer shifter] and
124// copying of key schedule to controlled place in stack [so that
125// deposit instruction can serve as substitute for whole
126// key->data+((x&255)<<log2(sizeof(key->data[0])))]...
130{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat 127{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat
131 (p16) add xx=1,xx // x++ 128 (p16) add xx=1,xx // x++
132 (p16) cmp.ne.unc p20,p21=key_x[1],key_y[1] };; 129 (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<<OFF
130{ .mmi; (p16) add key_x[1]=ksch,key_x[1] // &key[xx&255]
131 (p17) add key_y[1]=ksch,key_y[1] };; // &key[yy&255]
132{ .mmi; (p16) LDKEY tx[0]=[key_x[1]] // tx=key[xx]
133 (p17) LDKEY ty[0]=[key_y[1]] // ty=key[yy]
134 (p16) dep key_x[0]=xx,r0,OFF,8 } // (xx&255)<<OFF
135{ .mmi; (p18) add rnd[1]=ksch,rnd[1] // &key[(tx+ty)&255]
136 (p16) cmp.ne.unc p20,p21=key_x[1],key_y[1] };;
133{ .mmi; (p18) LDKEY rnd[1]=[rnd[1]] // rnd=key[(tx+ty)&255] 137{ .mmi; (p18) LDKEY rnd[1]=[rnd[1]] // rnd=key[(tx+ty)&255]
134 (p16) ld1 dat[0]=[inp],1 // dat=*(inp++) 138 (p16) ld1 dat[0]=[inp],1 } // dat=*(inp++)
135 (p16) dep key_x[0]=xx,ksch,OFF,8 } // &key[xx&255]
136.pred.rel "mutex",p20,p21 139.pred.rel "mutex",p20,p21
137{ .mmi; (p21) add yy=yy,tx[1] // (p16) 140{ .mmi; (p21) add yy=yy,tx[1] // (p16)
138 (p20) add yy=yy,tx[0] // (p16) y+=tx 141 (p20) add yy=yy,tx[0] // (p16) y+=tx
139 (p21) mov tx[0]=tx[1] };; // (p16) 142 (p21) mov tx[0]=tx[1] };; // (p16)
140{ .mmi; (p17) STKEY [key_y[1]]=tx[1] // key[yy]=tx 143{ .mmi; (p17) STKEY [key_y[1]]=tx[1] // key[yy]=tx
141 (p17) STKEY [key_x[2]]=ty[0] // key[xx]=ty 144 (p17) STKEY [key_x[2]]=ty[0] // key[xx]=ty
142 (p16) dep key_y[0]=yy,ksch,OFF,8 } // &key[yy&255] 145 (p16) dep key_y[0]=yy,r0,OFF,8 } // &key[yy&255]
143{ .mmb; (p17) add rnd[0]=tx[1],ty[0] // tx+=ty 146{ .mmb; (p17) add rnd[0]=tx[1],ty[0] // tx+=ty
144 (p18) xor dat[2]=dat[2],rnd[1] // dat^=rnd 147 (p18) xor dat[2]=dat[2],rnd[1] // dat^=rnd
145 br.ctop.sptk .Ltop };; 148 br.ctop.sptk .Ltop };;
diff --git a/src/lib/libssl/src/crypto/rc4/rc4.h b/src/lib/libssl/src/crypto/rc4/rc4.h
index dd90d9fde0..ae0cea75b8 100644
--- a/src/lib/libssl/src/crypto/rc4/rc4.h
+++ b/src/lib/libssl/src/crypto/rc4/rc4.h
@@ -73,10 +73,6 @@ typedef struct rc4_key_st
73 { 73 {
74 RC4_INT x,y; 74 RC4_INT x,y;
75 RC4_INT data[256]; 75 RC4_INT data[256];
76#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
77 /* see crypto/rc4/asm/rc4-ia64.S for further details... */
78 RC4_INT pad[512-256-2];
79#endif
80 } RC4_KEY; 76 } RC4_KEY;
81 77
82 78
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_enc.c b/src/lib/libssl/src/crypto/rc4/rc4_enc.c
index 81a97ea3b7..d5f18a3a70 100644
--- a/src/lib/libssl/src/crypto/rc4/rc4_enc.c
+++ b/src/lib/libssl/src/crypto/rc4/rc4_enc.c
@@ -77,10 +77,6 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
77 x=key->x; 77 x=key->x;
78 y=key->y; 78 y=key->y;
79 d=key->data; 79 d=key->data;
80#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
81 /* see crypto/rc4/asm/rc4-ia64.S for further details... */
82 d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
83#endif
84 80
85#if defined(RC4_CHUNK) 81#if defined(RC4_CHUNK)
86 /* 82 /*
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_skey.c b/src/lib/libssl/src/crypto/rc4/rc4_skey.c
index 07234f061a..60510624fd 100644
--- a/src/lib/libssl/src/crypto/rc4/rc4_skey.c
+++ b/src/lib/libssl/src/crypto/rc4/rc4_skey.c
@@ -58,6 +58,7 @@
58 58
59#include <openssl/rc4.h> 59#include <openssl/rc4.h>
60#include <openssl/crypto.h> 60#include <openssl/crypto.h>
61#include <openssl/fips.h>
61#include "rc4_locl.h" 62#include "rc4_locl.h"
62#include <openssl/opensslv.h> 63#include <openssl/opensslv.h>
63 64
@@ -94,10 +95,6 @@ FIPS_NON_FIPS_VCIPHER_Init(RC4)
94 unsigned int i; 95 unsigned int i;
95 96
96 d= &(key->data[0]); 97 d= &(key->data[0]);
97#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
98 /* see crypto/rc4/asm/rc4-ia64.S for further details... */
99 d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
100#endif
101 98
102 for (i=0; i<256; i++) 99 for (i=0; i<256; i++)
103 d[i]=i; 100 d[i]=i;
diff --git a/src/lib/libssl/src/crypto/rc5/Makefile b/src/lib/libssl/src/crypto/rc5/Makefile
index 3a8d309b29..16e6a60017 100644
--- a/src/lib/libssl/src/crypto/rc5/Makefile
+++ b/src/lib/libssl/src/crypto/rc5/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rc5/Makefile 2# OpenSSL/crypto/rc5/Makefile
3# 3#
4 4
5DIR= rc5 5DIR= rc5
@@ -102,7 +102,7 @@ rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
102rc5_ecb.o: rc5_ecb.c rc5_locl.h 102rc5_ecb.o: rc5_ecb.c rc5_locl.h
103rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h 103rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h
104rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 104rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
105rc5_skey.o: ../../include/openssl/opensslconf.h 105rc5_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
106rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h 106rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
107rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 107rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
108rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c 108rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c
diff --git a/src/lib/libssl/src/crypto/ripemd/Makefile b/src/lib/libssl/src/crypto/ripemd/Makefile
index dc086e3434..20c8b4d8db 100644
--- a/src/lib/libssl/src/crypto/ripemd/Makefile
+++ b/src/lib/libssl/src/crypto/ripemd/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/ripemd/Makefile 2# OpenSSL/crypto/ripemd/Makefile
3# 3#
4 4
5DIR= ripemd 5DIR= ripemd
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_one.c b/src/lib/libssl/src/crypto/ripemd/rmd_one.c
index f8b580c33a..b88446b267 100644
--- a/src/lib/libssl/src/crypto/ripemd/rmd_one.c
+++ b/src/lib/libssl/src/crypto/ripemd/rmd_one.c
@@ -68,7 +68,8 @@ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
68 static unsigned char m[RIPEMD160_DIGEST_LENGTH]; 68 static unsigned char m[RIPEMD160_DIGEST_LENGTH];
69 69
70 if (md == NULL) md=m; 70 if (md == NULL) md=m;
71 RIPEMD160_Init(&c); 71 if (!RIPEMD160_Init(&c))
72 return NULL;
72 RIPEMD160_Update(&c,d,n); 73 RIPEMD160_Update(&c,d,n);
73 RIPEMD160_Final(md,&c); 74 RIPEMD160_Final(md,&c);
74 OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ 75 OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
diff --git a/src/lib/libssl/src/crypto/rsa/Makefile b/src/lib/libssl/src/crypto/rsa/Makefile
index 5748b0d3d0..8851825250 100644
--- a/src/lib/libssl/src/crypto/rsa/Makefile
+++ b/src/lib/libssl/src/crypto/rsa/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/rsa/Makefile 2# OpenSSL/crypto/rsa/Makefile
3# 3#
4 4
5DIR= rsa 5DIR= rsa
@@ -24,10 +24,10 @@ APPS=
24LIB=$(TOP)/libcrypto.a 24LIB=$(TOP)/libcrypto.a
25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ 25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ 26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
27 rsa_asn1.c 27 rsa_pss.c rsa_x931.c rsa_asn1.c
28LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ 28LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
29 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ 29 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
30 rsa_asn1.o 30 rsa_pss.o rsa_x931.o rsa_asn1.o
31 31
32SRC= $(LIBSRC) 32SRC= $(LIBSRC)
33 33
@@ -184,6 +184,26 @@ rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
184rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h 184rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
185rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 185rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
186rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c 186rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
187rsa_pss.o: ../../e_os.h ../../include/openssl/aes.h
188rsa_pss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
189rsa_pss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
190rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
191rsa_pss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
192rsa_pss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
193rsa_pss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
194rsa_pss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
195rsa_pss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
196rsa_pss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
197rsa_pss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
198rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
199rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
200rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
201rsa_pss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
202rsa_pss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
203rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
204rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
205rsa_pss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
206rsa_pss.o: ../../include/openssl/ui_compat.h ../cryptlib.h rsa_pss.c
187rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h 207rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h
188rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 208rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
189rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 209rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
@@ -237,3 +257,13 @@ rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
237rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h 257rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
238rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 258rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
239rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c 259rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
260rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
261rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
262rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
263rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
264rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
265rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
266rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
267rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
268rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
269rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h
index fc3bb5f86d..0b639cd37f 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa.h
+++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -157,33 +157,41 @@ struct rsa_st
157#define RSA_3 0x3L 157#define RSA_3 0x3L
158#define RSA_F4 0x10001L 158#define RSA_F4 0x10001L
159 159
160#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */ 160#define RSA_METHOD_FLAG_NO_CHECK 0x0001 /* don't check pub/private match */
161 161
162#define RSA_FLAG_CACHE_PUBLIC 0x02 162#define RSA_FLAG_CACHE_PUBLIC 0x0002
163#define RSA_FLAG_CACHE_PRIVATE 0x04 163#define RSA_FLAG_CACHE_PRIVATE 0x0004
164#define RSA_FLAG_BLINDING 0x08 164#define RSA_FLAG_BLINDING 0x0008
165#define RSA_FLAG_THREAD_SAFE 0x10 165#define RSA_FLAG_THREAD_SAFE 0x0010
166/* This flag means the private key operations will be handled by rsa_mod_exp 166/* This flag means the private key operations will be handled by rsa_mod_exp
167 * and that they do not depend on the private key components being present: 167 * and that they do not depend on the private key components being present:
168 * for example a key stored in external hardware. Without this flag bn_mod_exp 168 * for example a key stored in external hardware. Without this flag bn_mod_exp
169 * gets called when private key components are absent. 169 * gets called when private key components are absent.
170 */ 170 */
171#define RSA_FLAG_EXT_PKEY 0x20 171#define RSA_FLAG_EXT_PKEY 0x0020
172 172
173/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. 173/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
174 */ 174 */
175#define RSA_FLAG_SIGN_VER 0x40 175#define RSA_FLAG_SIGN_VER 0x0040
176 176
177#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in 177#define RSA_FLAG_NO_BLINDING 0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
178 * RSA implementation now uses blinding by 178 * RSA implementation now uses blinding by
179 * default (ignoring RSA_FLAG_BLINDING), 179 * default (ignoring RSA_FLAG_BLINDING),
180 * but other engines might not need it 180 * but other engines might not need it
181 */ 181 */
182#define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA
183 * implementation now uses constant time
184 * modular exponentiation for secret exponents
185 * by default. This flag causes the
186 * faster variable sliding window method to
187 * be used for all exponents.
188 */
182 189
183#define RSA_PKCS1_PADDING 1 190#define RSA_PKCS1_PADDING 1
184#define RSA_SSLV23_PADDING 2 191#define RSA_SSLV23_PADDING 2
185#define RSA_NO_PADDING 3 192#define RSA_NO_PADDING 3
186#define RSA_PKCS1_OAEP_PADDING 4 193#define RSA_PKCS1_OAEP_PADDING 4
194#define RSA_X931_PADDING 5
187 195
188#define RSA_PKCS1_PADDING_SIZE 11 196#define RSA_PKCS1_PADDING_SIZE 11
189 197
@@ -196,6 +204,15 @@ int RSA_size(const RSA *);
196RSA * RSA_generate_key(int bits, unsigned long e,void 204RSA * RSA_generate_key(int bits, unsigned long e,void
197 (*callback)(int,int,void *),void *cb_arg); 205 (*callback)(int,int,void *),void *cb_arg);
198int RSA_check_key(const RSA *); 206int RSA_check_key(const RSA *);
207#ifdef OPENSSL_FIPS
208int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
209 void (*cb)(int, int, void *), void *cb_arg,
210 const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp,
211 const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq,
212 const BIGNUM *e);
213RSA *RSA_X931_generate_key(int bits, const BIGNUM *e,
214 void (*cb)(int,int,void *), void *cb_arg);
215#endif
199 /* next 4 return -1 on error */ 216 /* next 4 return -1 on error */
200int RSA_public_encrypt(int flen, const unsigned char *from, 217int RSA_public_encrypt(int flen, const unsigned char *from,
201 unsigned char *to, RSA *rsa,int padding); 218 unsigned char *to, RSA *rsa,int padding);
@@ -268,6 +285,8 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
268 const unsigned char *f,int fl); 285 const unsigned char *f,int fl);
269int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, 286int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
270 const unsigned char *f,int fl,int rsa_len); 287 const unsigned char *f,int fl,int rsa_len);
288int PKCS1_MGF1(unsigned char *mask, long len,
289 const unsigned char *seed, long seedlen, const EVP_MD *dgst);
271int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, 290int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
272 const unsigned char *f,int fl, 291 const unsigned char *f,int fl,
273 const unsigned char *p,int pl); 292 const unsigned char *p,int pl);
@@ -282,6 +301,17 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
282 const unsigned char *f,int fl); 301 const unsigned char *f,int fl);
283int RSA_padding_check_none(unsigned char *to,int tlen, 302int RSA_padding_check_none(unsigned char *to,int tlen,
284 const unsigned char *f,int fl,int rsa_len); 303 const unsigned char *f,int fl,int rsa_len);
304int RSA_padding_add_X931(unsigned char *to,int tlen,
305 const unsigned char *f,int fl);
306int RSA_padding_check_X931(unsigned char *to,int tlen,
307 const unsigned char *f,int fl,int rsa_len);
308int RSA_X931_hash_id(int nid);
309
310int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
311 const EVP_MD *Hash, const unsigned char *EM, int sLen);
312int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
313 const unsigned char *mHash,
314 const EVP_MD *Hash, int sLen);
285 315
286int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 316int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
287 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 317 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -311,20 +341,24 @@ void ERR_load_RSA_strings(void);
311#define RSA_F_RSA_NULL 124 341#define RSA_F_RSA_NULL 124
312#define RSA_F_RSA_PADDING_ADD_NONE 107 342#define RSA_F_RSA_PADDING_ADD_NONE 107
313#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 343#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
344#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
314#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 345#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
315#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 346#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
316#define RSA_F_RSA_PADDING_ADD_SSLV23 110 347#define RSA_F_RSA_PADDING_ADD_SSLV23 110
348#define RSA_F_RSA_PADDING_ADD_X931 127
317#define RSA_F_RSA_PADDING_CHECK_NONE 111 349#define RSA_F_RSA_PADDING_CHECK_NONE 111
318#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 350#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
319#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 351#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
320#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 352#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
321#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 353#define RSA_F_RSA_PADDING_CHECK_SSLV23 114
354#define RSA_F_RSA_PADDING_CHECK_X931 128
322#define RSA_F_RSA_PRINT 115 355#define RSA_F_RSA_PRINT 115
323#define RSA_F_RSA_PRINT_FP 116 356#define RSA_F_RSA_PRINT_FP 116
324#define RSA_F_RSA_SIGN 117 357#define RSA_F_RSA_SIGN 117
325#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 358#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
326#define RSA_F_RSA_VERIFY 119 359#define RSA_F_RSA_VERIFY 119
327#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 360#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
361#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
328 362
329/* Reason codes. */ 363/* Reason codes. */
330#define RSA_R_ALGORITHM_MISMATCH 100 364#define RSA_R_ALGORITHM_MISMATCH 100
@@ -344,9 +378,14 @@ void ERR_load_RSA_strings(void);
344#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 378#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
345#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 379#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
346#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 380#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
381#define RSA_R_FIRST_OCTET_INVALID 133
382#define RSA_R_INVALID_HEADER 137
347#define RSA_R_INVALID_MESSAGE_LENGTH 131 383#define RSA_R_INVALID_MESSAGE_LENGTH 131
384#define RSA_R_INVALID_PADDING 138
385#define RSA_R_INVALID_TRAILER 139
348#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 386#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
349#define RSA_R_KEY_SIZE_TOO_SMALL 120 387#define RSA_R_KEY_SIZE_TOO_SMALL 120
388#define RSA_R_LAST_OCTET_INVALID 134
350#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 389#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
351#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 390#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
352#define RSA_R_OAEP_DECODING_ERROR 121 391#define RSA_R_OAEP_DECODING_ERROR 121
@@ -354,6 +393,8 @@ void ERR_load_RSA_strings(void);
354#define RSA_R_P_NOT_PRIME 128 393#define RSA_R_P_NOT_PRIME 128
355#define RSA_R_Q_NOT_PRIME 129 394#define RSA_R_Q_NOT_PRIME 129
356#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 395#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
396#define RSA_R_SLEN_CHECK_FAILED 136
397#define RSA_R_SLEN_RECOVERY_FAILED 135
357#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 398#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
358#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 399#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
359#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 400#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
index d4caab3f95..be4ac96ce3 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -55,6 +55,59 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
58 111
59#include <stdio.h> 112#include <stdio.h>
60#include "cryptlib.h" 113#include "cryptlib.h"
@@ -145,30 +198,13 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
145 goto err; 198 goto err;
146 } 199 }
147 200
148 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) 201 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
149 { 202 {
150 BN_MONT_CTX* bn_mont_ctx; 203 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
151 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) 204 CRYPTO_LOCK_RSA, rsa->n, ctx))
152 goto err;
153 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
154 {
155 BN_MONT_CTX_free(bn_mont_ctx);
156 goto err; 205 goto err;
157 }
158 if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
159 {
160 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
161 if (rsa->_method_mod_n == NULL)
162 {
163 rsa->_method_mod_n = bn_mont_ctx;
164 bn_mont_ctx = NULL;
165 }
166 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
167 }
168 if (bn_mont_ctx)
169 BN_MONT_CTX_free(bn_mont_ctx);
170 } 206 }
171 207
172 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, 208 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
173 rsa->_method_mod_n)) goto err; 209 rsa->_method_mod_n)) goto err;
174 210
@@ -249,7 +285,7 @@ err:
249static int RSA_eay_private_encrypt(int flen, const unsigned char *from, 285static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
250 unsigned char *to, RSA *rsa, int padding) 286 unsigned char *to, RSA *rsa, int padding)
251 { 287 {
252 BIGNUM f,ret; 288 BIGNUM f,ret, *res;
253 int i,j,k,num=0,r= -1; 289 int i,j,k,num=0,r= -1;
254 unsigned char *buf=NULL; 290 unsigned char *buf=NULL;
255 BN_CTX *ctx=NULL; 291 BN_CTX *ctx=NULL;
@@ -331,19 +367,43 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
331 (rsa->dmp1 != NULL) && 367 (rsa->dmp1 != NULL) &&
332 (rsa->dmq1 != NULL) && 368 (rsa->dmq1 != NULL) &&
333 (rsa->iqmp != NULL)) ) 369 (rsa->iqmp != NULL)) )
334 { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } 370 {
371 if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err;
372 }
335 else 373 else
336 { 374 {
337 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; 375 BIGNUM local_d;
376 BIGNUM *d = NULL;
377
378 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
379 {
380 BN_init(&local_d);
381 d = &local_d;
382 BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
383 }
384 else
385 d = rsa->d;
386 if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) goto err;
338 } 387 }
339 388
340 if (blinding) 389 if (blinding)
341 if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; 390 if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
342 391
392 if (padding == RSA_X931_PADDING)
393 {
394 BN_sub(&f, rsa->n, &ret);
395 if (BN_cmp(&ret, &f))
396 res = &f;
397 else
398 res = &ret;
399 }
400 else
401 res = &ret;
402
343 /* put in leading 0 bytes if the number is less than the 403 /* put in leading 0 bytes if the number is less than the
344 * length of the modulus */ 404 * length of the modulus */
345 j=BN_num_bytes(&ret); 405 j=BN_num_bytes(res);
346 i=BN_bn2bin(&ret,&(to[num-j])); 406 i=BN_bn2bin(res,&(to[num-j]));
347 for (k=0; k<(num-i); k++) 407 for (k=0; k<(num-i); k++)
348 to[k]=0; 408 to[k]=0;
349 409
@@ -444,10 +504,22 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
444 (rsa->dmp1 != NULL) && 504 (rsa->dmp1 != NULL) &&
445 (rsa->dmq1 != NULL) && 505 (rsa->dmq1 != NULL) &&
446 (rsa->iqmp != NULL)) ) 506 (rsa->iqmp != NULL)) )
447 { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } 507 {
508 if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err;
509 }
448 else 510 else
449 { 511 {
450 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) 512 BIGNUM local_d;
513 BIGNUM *d = NULL;
514
515 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
516 {
517 d = &local_d;
518 BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
519 }
520 else
521 d = rsa->d;
522 if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL))
451 goto err; 523 goto err;
452 } 524 }
453 525
@@ -534,33 +606,20 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
534 } 606 }
535 607
536 /* do the decrypt */ 608 /* do the decrypt */
537 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) 609
610 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
538 { 611 {
539 BN_MONT_CTX* bn_mont_ctx; 612 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
540 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) 613 CRYPTO_LOCK_RSA, rsa->n, ctx))
541 goto err;
542 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
543 {
544 BN_MONT_CTX_free(bn_mont_ctx);
545 goto err; 614 goto err;
546 }
547 if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
548 {
549 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
550 if (rsa->_method_mod_n == NULL)
551 {
552 rsa->_method_mod_n = bn_mont_ctx;
553 bn_mont_ctx = NULL;
554 }
555 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
556 }
557 if (bn_mont_ctx)
558 BN_MONT_CTX_free(bn_mont_ctx);
559 } 615 }
560 616
561 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, 617 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
562 rsa->_method_mod_n)) goto err; 618 rsa->_method_mod_n)) goto err;
563 619
620 if ((padding == RSA_X931_PADDING) && ((ret.d[0] & 0xf) != 12))
621 BN_sub(&ret, rsa->n, &ret);
622
564 p=buf; 623 p=buf;
565 i=BN_bn2bin(&ret,p); 624 i=BN_bn2bin(&ret,p);
566 625
@@ -594,6 +653,8 @@ err:
594static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) 653static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
595 { 654 {
596 BIGNUM r1,m1,vrfy; 655 BIGNUM r1,m1,vrfy;
656 BIGNUM local_dmp1, local_dmq1;
657 BIGNUM *dmp1, *dmq1;
597 int ret=0; 658 int ret=0;
598 BN_CTX *ctx; 659 BN_CTX *ctx;
599 660
@@ -604,61 +665,34 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
604 665
605 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) 666 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
606 { 667 {
607 if (rsa->_method_mod_p == NULL) 668 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p,
608 { 669 CRYPTO_LOCK_RSA, rsa->p, ctx))
609 BN_MONT_CTX* bn_mont_ctx; 670 goto err;
610 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) 671 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q,
611 goto err; 672 CRYPTO_LOCK_RSA, rsa->q, ctx))
612 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx)) 673 goto err;
613 {
614 BN_MONT_CTX_free(bn_mont_ctx);
615 goto err;
616 }
617 if (rsa->_method_mod_p == NULL) /* other thread may have finished first */
618 {
619 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
620 if (rsa->_method_mod_p == NULL)
621 {
622 rsa->_method_mod_p = bn_mont_ctx;
623 bn_mont_ctx = NULL;
624 }
625 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
626 }
627 if (bn_mont_ctx)
628 BN_MONT_CTX_free(bn_mont_ctx);
629 }
630
631 if (rsa->_method_mod_q == NULL)
632 {
633 BN_MONT_CTX* bn_mont_ctx;
634 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
635 goto err;
636 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
637 {
638 BN_MONT_CTX_free(bn_mont_ctx);
639 goto err;
640 }
641 if (rsa->_method_mod_q == NULL) /* other thread may have finished first */
642 {
643 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
644 if (rsa->_method_mod_q == NULL)
645 {
646 rsa->_method_mod_q = bn_mont_ctx;
647 bn_mont_ctx = NULL;
648 }
649 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
650 }
651 if (bn_mont_ctx)
652 BN_MONT_CTX_free(bn_mont_ctx);
653 }
654 } 674 }
655 675
656 if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; 676 if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
657 if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, 677 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
678 {
679 dmq1 = &local_dmq1;
680 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_EXP_CONSTTIME);
681 }
682 else
683 dmq1 = rsa->dmq1;
684 if (!rsa->meth->bn_mod_exp(&m1,&r1,dmq1,rsa->q,ctx,
658 rsa->_method_mod_q)) goto err; 685 rsa->_method_mod_q)) goto err;
659 686
660 if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; 687 if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
661 if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, 688 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
689 {
690 dmp1 = &local_dmp1;
691 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_EXP_CONSTTIME);
692 }
693 else
694 dmp1 = rsa->dmp1;
695 if (!rsa->meth->bn_mod_exp(r0,&r1,dmp1,rsa->p,ctx,
662 rsa->_method_mod_p)) goto err; 696 rsa->_method_mod_p)) goto err;
663 697
664 if (!BN_sub(r0,r0,&m1)) goto err; 698 if (!BN_sub(r0,r0,&m1)) goto err;
@@ -693,10 +727,23 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
693 if (vrfy.neg) 727 if (vrfy.neg)
694 if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; 728 if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err;
695 if (!BN_is_zero(&vrfy)) 729 if (!BN_is_zero(&vrfy))
730 {
696 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak 731 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak
697 * miscalculated CRT output, just do a raw (slower) 732 * miscalculated CRT output, just do a raw (slower)
698 * mod_exp and return that instead. */ 733 * mod_exp and return that instead. */
699 if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; 734
735 BIGNUM local_d;
736 BIGNUM *d = NULL;
737
738 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
739 {
740 d = &local_d;
741 BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
742 }
743 else
744 d = rsa->d;
745 if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,NULL)) goto err;
746 }
700 } 747 }
701 ret=1; 748 ret=1;
702err: 749err:
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_err.c b/src/lib/libssl/src/crypto/rsa/rsa_err.c
index a7766c3b76..2ec4b30ff7 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_err.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
1/* crypto/rsa/rsa_err.c */ 1/* crypto/rsa/rsa_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,70 +64,85 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
70
67static ERR_STRING_DATA RSA_str_functs[]= 71static ERR_STRING_DATA RSA_str_functs[]=
68 { 72 {
69{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"}, 73{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
70{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"}, 74{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
71{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"}, 75{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
72{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"}, 76{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
73{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"}, 77{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
74{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"}, 78{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
75{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"}, 79{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
76{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"}, 80{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
77{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"}, 81{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
78{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"}, 82{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
79{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"}, 83{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
80{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"}, 84{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
81{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"}, 85{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
82{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"}, 86{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
83{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"}, 87{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
84{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0), "RSA_padding_check_PKCS1_OAEP"}, 88{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
85{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"}, 89{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
86{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"}, 90{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"},
87{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"}, 91{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"},
88{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"}, 92{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"},
89{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"}, 93{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
90{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"}, 94{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
91{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"}, 95{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
92{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"}, 96{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
93{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"}, 97{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
98{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
99{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
100{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
101{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
94{0,NULL} 102{0,NULL}
95 }; 103 };
96 104
97static ERR_STRING_DATA RSA_str_reasons[]= 105static ERR_STRING_DATA RSA_str_reasons[]=
98 { 106 {
99{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"}, 107{ERR_REASON(RSA_R_ALGORITHM_MISMATCH) ,"algorithm mismatch"},
100{RSA_R_BAD_E_VALUE ,"bad e value"}, 108{ERR_REASON(RSA_R_BAD_E_VALUE) ,"bad e value"},
101{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"}, 109{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT),"bad fixed header decrypt"},
102{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"}, 110{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT) ,"bad pad byte count"},
103{RSA_R_BAD_SIGNATURE ,"bad signature"}, 111{ERR_REASON(RSA_R_BAD_SIGNATURE) ,"bad signature"},
104{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"}, 112{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01) ,"block type is not 01"},
105{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"}, 113{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02) ,"block type is not 02"},
106{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"}, 114{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),"data greater than mod len"},
107{RSA_R_DATA_TOO_LARGE ,"data too large"}, 115{ERR_REASON(RSA_R_DATA_TOO_LARGE) ,"data too large"},
108{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, 116{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
109{RSA_R_DATA_TOO_LARGE_FOR_MODULUS ,"data too large for modulus"}, 117{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),"data too large for modulus"},
110{RSA_R_DATA_TOO_SMALL ,"data too small"}, 118{ERR_REASON(RSA_R_DATA_TOO_SMALL) ,"data too small"},
111{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"}, 119{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),"data too small for key size"},
112{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"}, 120{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),"digest too big for rsa key"},
113{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"}, 121{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
114{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"}, 122{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
115{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"}, 123{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
116{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"}, 124{ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"},
117{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"}, 125{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
118{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"}, 126{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
119{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, 127{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
120{RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"}, 128{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"},
121{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"}, 129{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
122{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"}, 130{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
123{RSA_R_P_NOT_PRIME ,"p not prime"}, 131{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
124{RSA_R_Q_NOT_PRIME ,"q not prime"}, 132{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
125{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"}, 133{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},
126{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"}, 134{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"},
127{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, 135{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"},
128{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"}, 136{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"},
129{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"}, 137{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
130{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, 138{ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"},
139{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},
140{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
141{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
142{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
143{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
144{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
145{ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"},
131{0,NULL} 146{0,NULL}
132 }; 147 };
133 148
@@ -141,8 +156,8 @@ void ERR_load_RSA_strings(void)
141 { 156 {
142 init=0; 157 init=0;
143#ifndef OPENSSL_NO_ERR 158#ifndef OPENSSL_NO_ERR
144 ERR_load_strings(ERR_LIB_RSA,RSA_str_functs); 159 ERR_load_strings(0,RSA_str_functs);
145 ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons); 160 ERR_load_strings(0,RSA_str_reasons);
146#endif 161#endif
147 162
148 } 163 }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
index adb5e34da5..dd1422cc98 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_gen.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
@@ -184,7 +184,8 @@ err:
184 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); 184 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
185 ok=0; 185 ok=0;
186 } 186 }
187 BN_CTX_end(ctx); 187 if (ctx != NULL)
188 BN_CTX_end(ctx);
188 BN_CTX_free(ctx); 189 BN_CTX_free(ctx);
189 BN_CTX_free(ctx2); 190 BN_CTX_free(ctx2);
190 191
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c
index e3f7c608ec..d43ecaca63 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c
@@ -28,9 +28,6 @@
28#include <openssl/rand.h> 28#include <openssl/rand.h>
29#include <openssl/sha.h> 29#include <openssl/sha.h>
30 30
31int MGF1(unsigned char *mask, long len,
32 const unsigned char *seed, long seedlen);
33
34int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, 31int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
35 const unsigned char *from, int flen, 32 const unsigned char *from, int flen,
36 const unsigned char *param, int plen) 33 const unsigned char *param, int plen)
@@ -76,11 +73,13 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
76 20); 73 20);
77#endif 74#endif
78 75
79 MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); 76 PKCS1_MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH,
77 EVP_sha1());
80 for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) 78 for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
81 db[i] ^= dbmask[i]; 79 db[i] ^= dbmask[i];
82 80
83 MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); 81 PKCS1_MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH,
82 EVP_sha1());
84 for (i = 0; i < SHA_DIGEST_LENGTH; i++) 83 for (i = 0; i < SHA_DIGEST_LENGTH; i++)
85 seed[i] ^= seedmask[i]; 84 seed[i] ^= seedmask[i];
86 85
@@ -126,11 +125,11 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
126 return -1; 125 return -1;
127 } 126 }
128 127
129 MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); 128 PKCS1_MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen, EVP_sha1());
130 for (i = lzero; i < SHA_DIGEST_LENGTH; i++) 129 for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
131 seed[i] ^= from[i - lzero]; 130 seed[i] ^= from[i - lzero];
132 131
133 MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); 132 PKCS1_MGF1(db, dblen, seed, SHA_DIGEST_LENGTH, EVP_sha1());
134 for (i = 0; i < dblen; i++) 133 for (i = 0; i < dblen; i++)
135 db[i] ^= maskeddb[i]; 134 db[i] ^= maskeddb[i];
136 135
@@ -170,28 +169,30 @@ decoding_err:
170 return -1; 169 return -1;
171 } 170 }
172 171
173int MGF1(unsigned char *mask, long len, 172int PKCS1_MGF1(unsigned char *mask, long len,
174 const unsigned char *seed, long seedlen) 173 const unsigned char *seed, long seedlen, const EVP_MD *dgst)
175 { 174 {
176 long i, outlen = 0; 175 long i, outlen = 0;
177 unsigned char cnt[4]; 176 unsigned char cnt[4];
178 EVP_MD_CTX c; 177 EVP_MD_CTX c;
179 unsigned char md[SHA_DIGEST_LENGTH]; 178 unsigned char md[EVP_MAX_MD_SIZE];
179 int mdlen;
180 180
181 EVP_MD_CTX_init(&c); 181 EVP_MD_CTX_init(&c);
182 mdlen = EVP_MD_size(dgst);
182 for (i = 0; outlen < len; i++) 183 for (i = 0; outlen < len; i++)
183 { 184 {
184 cnt[0] = (unsigned char)((i >> 24) & 255); 185 cnt[0] = (unsigned char)((i >> 24) & 255);
185 cnt[1] = (unsigned char)((i >> 16) & 255); 186 cnt[1] = (unsigned char)((i >> 16) & 255);
186 cnt[2] = (unsigned char)((i >> 8)) & 255; 187 cnt[2] = (unsigned char)((i >> 8)) & 255;
187 cnt[3] = (unsigned char)(i & 255); 188 cnt[3] = (unsigned char)(i & 255);
188 EVP_DigestInit_ex(&c,EVP_sha1(), NULL); 189 EVP_DigestInit_ex(&c,dgst, NULL);
189 EVP_DigestUpdate(&c, seed, seedlen); 190 EVP_DigestUpdate(&c, seed, seedlen);
190 EVP_DigestUpdate(&c, cnt, 4); 191 EVP_DigestUpdate(&c, cnt, 4);
191 if (outlen + SHA_DIGEST_LENGTH <= len) 192 if (outlen + mdlen <= len)
192 { 193 {
193 EVP_DigestFinal_ex(&c, mask + outlen, NULL); 194 EVP_DigestFinal_ex(&c, mask + outlen, NULL);
194 outlen += SHA_DIGEST_LENGTH; 195 outlen += mdlen;
195 } 196 }
196 else 197 else
197 { 198 {
@@ -203,4 +204,9 @@ int MGF1(unsigned char *mask, long len,
203 EVP_MD_CTX_cleanup(&c); 204 EVP_MD_CTX_cleanup(&c);
204 return 0; 205 return 0;
205 } 206 }
207
208int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen)
209 {
210 return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
211 }
206#endif 212#endif
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_test.c b/src/lib/libssl/src/crypto/rsa/rsa_test.c
index 924e9ad1f6..218bb2a39b 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_test.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_test.c
@@ -227,10 +227,10 @@ int main(int argc, char *argv[])
227 227
228 plen = sizeof(ptext_ex) - 1; 228 plen = sizeof(ptext_ex) - 1;
229 229
230 for (v = 0; v < 3; v++) 230 for (v = 0; v < 6; v++)
231 { 231 {
232 key = RSA_new(); 232 key = RSA_new();
233 switch (v) { 233 switch (v%3) {
234 case 0: 234 case 0:
235 clen = key1(key, ctext_ex); 235 clen = key1(key, ctext_ex);
236 break; 236 break;
@@ -241,6 +241,7 @@ int main(int argc, char *argv[])
241 clen = key3(key, ctext_ex); 241 clen = key3(key, ctext_ex);
242 break; 242 break;
243 } 243 }
244 if (v/3 > 1) key->flags |= RSA_FLAG_NO_EXP_CONSTTIME;
244 245
245 num = RSA_public_encrypt(plen, ptext_ex, ctext, key, 246 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
246 RSA_PKCS1_PADDING); 247 RSA_PKCS1_PADDING);
diff --git a/src/lib/libssl/src/crypto/sha/Makefile b/src/lib/libssl/src/crypto/sha/Makefile
index 0426786aa0..46103bbc83 100644
--- a/src/lib/libssl/src/crypto/sha/Makefile
+++ b/src/lib/libssl/src/crypto/sha/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/sha/Makefile 2# OpenSSL/crypto/sha/Makefile
3# 3#
4 4
5DIR= sha 5DIR= sha
diff --git a/src/lib/libssl/src/crypto/sha/sha1_one.c b/src/lib/libssl/src/crypto/sha/sha1_one.c
index 20e660c71d..f4694b701b 100644
--- a/src/lib/libssl/src/crypto/sha/sha1_one.c
+++ b/src/lib/libssl/src/crypto/sha/sha1_one.c
@@ -61,14 +61,15 @@
61#include <openssl/sha.h> 61#include <openssl/sha.h>
62#include <openssl/crypto.h> 62#include <openssl/crypto.h>
63 63
64#ifndef OPENSSL_NO_SHA1 64#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_FIPS)
65unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) 65unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md)
66 { 66 {
67 SHA_CTX c; 67 SHA_CTX c;
68 static unsigned char m[SHA_DIGEST_LENGTH]; 68 static unsigned char m[SHA_DIGEST_LENGTH];
69 69
70 if (md == NULL) md=m; 70 if (md == NULL) md=m;
71 SHA1_Init(&c); 71 if (!SHA1_Init(&c))
72 return NULL;
72 SHA1_Update(&c,d,n); 73 SHA1_Update(&c,d,n);
73 SHA1_Final(md,&c); 74 SHA1_Final(md,&c);
74 OPENSSL_cleanse(&c,sizeof(c)); 75 OPENSSL_cleanse(&c,sizeof(c));
diff --git a/src/lib/libssl/src/crypto/sha/sha_one.c b/src/lib/libssl/src/crypto/sha/sha_one.c
index e61c63f3e9..d4f4d344df 100644
--- a/src/lib/libssl/src/crypto/sha/sha_one.c
+++ b/src/lib/libssl/src/crypto/sha/sha_one.c
@@ -68,7 +68,8 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md)
68 static unsigned char m[SHA_DIGEST_LENGTH]; 68 static unsigned char m[SHA_DIGEST_LENGTH];
69 69
70 if (md == NULL) md=m; 70 if (md == NULL) md=m;
71 SHA_Init(&c); 71 if (!SHA_Init(&c))
72 return NULL;
72 SHA_Update(&c,d,n); 73 SHA_Update(&c,d,n);
73 SHA_Final(md,&c); 74 SHA_Final(md,&c);
74 OPENSSL_cleanse(&c,sizeof(c)); 75 OPENSSL_cleanse(&c,sizeof(c));
diff --git a/src/lib/libssl/src/crypto/stack/Makefile b/src/lib/libssl/src/crypto/stack/Makefile
index 4d5199a000..711b16832a 100644
--- a/src/lib/libssl/src/crypto/stack/Makefile
+++ b/src/lib/libssl/src/crypto/stack/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/stack/Makefile 2# OpenSSL/crypto/stack/Makefile
3# 3#
4 4
5DIR= stack 5DIR= stack
diff --git a/src/lib/libssl/src/crypto/stack/safestack.h b/src/lib/libssl/src/crypto/stack/safestack.h
index bd1121c279..6010b7f122 100644
--- a/src/lib/libssl/src/crypto/stack/safestack.h
+++ b/src/lib/libssl/src/crypto/stack/safestack.h
@@ -55,6 +55,9 @@
55#ifndef HEADER_SAFESTACK_H 55#ifndef HEADER_SAFESTACK_H
56#define HEADER_SAFESTACK_H 56#define HEADER_SAFESTACK_H
57 57
58typedef void (*openssl_fptr)(void);
59#define openssl_fcast(f) ((openssl_fptr)f)
60
58#include <openssl/stack.h> 61#include <openssl/stack.h>
59 62
60#ifdef DEBUG_SAFESTACK 63#ifdef DEBUG_SAFESTACK
@@ -73,74 +76,74 @@ STACK_OF(type) \
73/* SKM_sk_... stack macros are internal to safestack.h: 76/* SKM_sk_... stack macros are internal to safestack.h:
74 * never use them directly, use sk_<type>_... instead */ 77 * never use them directly, use sk_<type>_... instead */
75#define SKM_sk_new(type, cmp) \ 78#define SKM_sk_new(type, cmp) \
76 ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp) 79 ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))openssl_fcast(sk_new))(cmp)
77#define SKM_sk_new_null(type) \ 80#define SKM_sk_new_null(type) \
78 ((STACK_OF(type) * (*)(void))sk_new_null)() 81 ((STACK_OF(type) * (*)(void))openssl_fcast(sk_new_null))()
79#define SKM_sk_free(type, st) \ 82#define SKM_sk_free(type, st) \
80 ((void (*)(STACK_OF(type) *))sk_free)(st) 83 ((void (*)(STACK_OF(type) *))openssl_fcast(sk_free))(st)
81#define SKM_sk_num(type, st) \ 84#define SKM_sk_num(type, st) \
82 ((int (*)(const STACK_OF(type) *))sk_num)(st) 85 ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_num))(st)
83#define SKM_sk_value(type, st,i) \ 86#define SKM_sk_value(type, st,i) \
84 ((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i) 87 ((type * (*)(const STACK_OF(type) *, int))openssl_fcast(sk_value))(st, i)
85#define SKM_sk_set(type, st,i,val) \ 88#define SKM_sk_set(type, st,i,val) \
86 ((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val) 89 ((type * (*)(STACK_OF(type) *, int, type *))openssl_fcast(sk_set))(st, i, val)
87#define SKM_sk_zero(type, st) \ 90#define SKM_sk_zero(type, st) \
88 ((void (*)(STACK_OF(type) *))sk_zero)(st) 91 ((void (*)(STACK_OF(type) *))openssl_fcast(sk_zero))(st)
89#define SKM_sk_push(type, st,val) \ 92#define SKM_sk_push(type, st,val) \
90 ((int (*)(STACK_OF(type) *, type *))sk_push)(st, val) 93 ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_push))(st, val)
91#define SKM_sk_unshift(type, st,val) \ 94#define SKM_sk_unshift(type, st,val) \
92 ((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val) 95 ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_unshift))(st, val)
93#define SKM_sk_find(type, st,val) \ 96#define SKM_sk_find(type, st,val) \
94 ((int (*)(STACK_OF(type) *, type *))sk_find)(st, val) 97 ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_find))(st, val)
95#define SKM_sk_delete(type, st,i) \ 98#define SKM_sk_delete(type, st,i) \
96 ((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i) 99 ((type * (*)(STACK_OF(type) *, int))openssl_fcast(sk_delete))(st, i)
97#define SKM_sk_delete_ptr(type, st,ptr) \ 100#define SKM_sk_delete_ptr(type, st,ptr) \
98 ((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr) 101 ((type * (*)(STACK_OF(type) *, type *))openssl_fcast(sk_delete_ptr))(st, ptr)
99#define SKM_sk_insert(type, st,val,i) \ 102#define SKM_sk_insert(type, st,val,i) \
100 ((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i) 103 ((int (*)(STACK_OF(type) *, type *, int))openssl_fcast(sk_insert))(st, val, i)
101#define SKM_sk_set_cmp_func(type, st,cmp) \ 104#define SKM_sk_set_cmp_func(type, st,cmp) \
102 ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \ 105 ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
103 (const type * const *, const type * const *))sk_set_cmp_func)\ 106 (const type * const *, const type * const *))openssl_fcast(sk_set_cmp_func))\
104 (st, cmp) 107 (st, cmp)
105#define SKM_sk_dup(type, st) \ 108#define SKM_sk_dup(type, st) \
106 ((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st) 109 ((STACK_OF(type) *(*)(STACK_OF(type) *))openssl_fcast(sk_dup))(st)
107#define SKM_sk_pop_free(type, st,free_func) \ 110#define SKM_sk_pop_free(type, st,free_func) \
108 ((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\ 111 ((void (*)(STACK_OF(type) *, void (*)(type *)))openssl_fcast(sk_pop_free))\
109 (st, free_func) 112 (st, free_func)
110#define SKM_sk_shift(type, st) \ 113#define SKM_sk_shift(type, st) \
111 ((type * (*)(STACK_OF(type) *))sk_shift)(st) 114 ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_shift))(st)
112#define SKM_sk_pop(type, st) \ 115#define SKM_sk_pop(type, st) \
113 ((type * (*)(STACK_OF(type) *))sk_pop)(st) 116 ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_pop))(st)
114#define SKM_sk_sort(type, st) \ 117#define SKM_sk_sort(type, st) \
115 ((void (*)(STACK_OF(type) *))sk_sort)(st) 118 ((void (*)(STACK_OF(type) *))openssl_fcast(sk_sort))(st)
116#define SKM_sk_is_sorted(type, st) \ 119#define SKM_sk_is_sorted(type, st) \
117 ((int (*)(const STACK_OF(type) *))sk_is_sorted)(st) 120 ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_is_sorted))(st)
118 121
119#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ 122#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
120 ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \ 123 ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \
121 type *(*)(type **, unsigned char **,long), \ 124 type *(*)(type **, unsigned char **,long), \
122 void (*)(type *), int ,int )) d2i_ASN1_SET) \ 125 void (*)(type *), int ,int )) openssl_fcast(d2i_ASN1_SET)) \
123 (st,pp,length, d2i_func, free_func, ex_tag,ex_class) 126 (st,pp,length, d2i_func, free_func, ex_tag,ex_class)
124#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ 127#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
125 ((int (*)(STACK_OF(type) *,unsigned char **, \ 128 ((int (*)(STACK_OF(type) *,unsigned char **, \
126 int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \ 129 int (*)(type *,unsigned char **), int , int , int)) openssl_fcast(i2d_ASN1_SET)) \
127 (st,pp,i2d_func,ex_tag,ex_class,is_set) 130 (st,pp,i2d_func,ex_tag,ex_class,is_set)
128 131
129#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ 132#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
130 ((unsigned char *(*)(STACK_OF(type) *, \ 133 ((unsigned char *(*)(STACK_OF(type) *, \
131 int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \ 134 int (*)(type *,unsigned char **), unsigned char **,int *)) openssl_fcast(ASN1_seq_pack)) \
132 (st, i2d_func, buf, len) 135 (st, i2d_func, buf, len)
133#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ 136#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
134 ((STACK_OF(type) * (*)(unsigned char *,int, \ 137 ((STACK_OF(type) * (*)(unsigned char *,int, \
135 type *(*)(type **,unsigned char **, long), \ 138 type *(*)(type **,unsigned char **, long), \
136 void (*)(type *)))ASN1_seq_unpack) \ 139 void (*)(type *)))openssl_fcast(ASN1_seq_unpack)) \
137 (buf,len,d2i_func, free_func) 140 (buf,len,d2i_func, free_func)
138 141
139#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ 142#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
140 ((STACK_OF(type) * (*)(X509_ALGOR *, \ 143 ((STACK_OF(type) * (*)(X509_ALGOR *, \
141 type *(*)(type **, unsigned char **, long), void (*)(type *), \ 144 type *(*)(type **, unsigned char **, long), void (*)(type *), \
142 const char *, int, \ 145 const char *, int, \
143 ASN1_STRING *, int))PKCS12_decrypt_d2i) \ 146 ASN1_STRING *, int))openssl_fcast(PKCS12_decrypt_d2i)) \
144 (algor,d2i_func,free_func,pass,passlen,oct,seq) 147 (algor,d2i_func,free_func,pass,passlen,oct,seq)
145 148
146#else 149#else
diff --git a/src/lib/libssl/src/crypto/txt_db/Makefile b/src/lib/libssl/src/crypto/txt_db/Makefile
index f91a08f006..3cb550a795 100644
--- a/src/lib/libssl/src/crypto/txt_db/Makefile
+++ b/src/lib/libssl/src/crypto/txt_db/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/txt_db/Makefile 2# OpenSSL/crypto/txt_db/Makefile
3# 3#
4 4
5DIR= txt_db 5DIR= txt_db
diff --git a/src/lib/libssl/src/crypto/ui/ui_err.c b/src/lib/libssl/src/crypto/ui/ui_err.c
index 39a62ae737..d983cdd66f 100644
--- a/src/lib/libssl/src/crypto/ui/ui_err.c
+++ b/src/lib/libssl/src/crypto/ui/ui_err.c
@@ -1,6 +1,6 @@
1/* crypto/ui/ui_err.c */ 1/* crypto/ui/ui_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,32 +64,36 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
70
67static ERR_STRING_DATA UI_str_functs[]= 71static ERR_STRING_DATA UI_str_functs[]=
68 { 72 {
69{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_BOOLEAN,0), "GENERAL_ALLOCATE_BOOLEAN"}, 73{ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "GENERAL_ALLOCATE_BOOLEAN"},
70{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_PROMPT,0), "GENERAL_ALLOCATE_PROMPT"}, 74{ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "GENERAL_ALLOCATE_PROMPT"},
71{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_STRING,0), "GENERAL_ALLOCATE_STRING"}, 75{ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"},
72{ERR_PACK(0,UI_F_UI_CTRL,0), "UI_ctrl"}, 76{ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
73{ERR_PACK(0,UI_F_UI_DUP_ERROR_STRING,0), "UI_dup_error_string"}, 77{ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
74{ERR_PACK(0,UI_F_UI_DUP_INFO_STRING,0), "UI_dup_info_string"}, 78{ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"},
75{ERR_PACK(0,UI_F_UI_DUP_INPUT_BOOLEAN,0), "UI_dup_input_boolean"}, 79{ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN), "UI_dup_input_boolean"},
76{ERR_PACK(0,UI_F_UI_DUP_INPUT_STRING,0), "UI_dup_input_string"}, 80{ERR_FUNC(UI_F_UI_DUP_INPUT_STRING), "UI_dup_input_string"},
77{ERR_PACK(0,UI_F_UI_DUP_VERIFY_STRING,0), "UI_dup_verify_string"}, 81{ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING), "UI_dup_verify_string"},
78{ERR_PACK(0,UI_F_UI_GET0_RESULT,0), "UI_get0_result"}, 82{ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
79{ERR_PACK(0,UI_F_UI_NEW_METHOD,0), "UI_new_method"}, 83{ERR_FUNC(UI_F_UI_NEW_METHOD), "UI_new_method"},
80{ERR_PACK(0,UI_F_UI_SET_RESULT,0), "UI_set_result"}, 84{ERR_FUNC(UI_F_UI_SET_RESULT), "UI_set_result"},
81{0,NULL} 85{0,NULL}
82 }; 86 };
83 87
84static ERR_STRING_DATA UI_str_reasons[]= 88static ERR_STRING_DATA UI_str_reasons[]=
85 { 89 {
86{UI_R_COMMON_OK_AND_CANCEL_CHARACTERS ,"common ok and cancel characters"}, 90{ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),"common ok and cancel characters"},
87{UI_R_INDEX_TOO_LARGE ,"index too large"}, 91{ERR_REASON(UI_R_INDEX_TOO_LARGE) ,"index too large"},
88{UI_R_INDEX_TOO_SMALL ,"index too small"}, 92{ERR_REASON(UI_R_INDEX_TOO_SMALL) ,"index too small"},
89{UI_R_NO_RESULT_BUFFER ,"no result buffer"}, 93{ERR_REASON(UI_R_NO_RESULT_BUFFER) ,"no result buffer"},
90{UI_R_RESULT_TOO_LARGE ,"result too large"}, 94{ERR_REASON(UI_R_RESULT_TOO_LARGE) ,"result too large"},
91{UI_R_RESULT_TOO_SMALL ,"result too small"}, 95{ERR_REASON(UI_R_RESULT_TOO_SMALL) ,"result too small"},
92{UI_R_UNKNOWN_CONTROL_COMMAND ,"unknown control command"}, 96{ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND),"unknown control command"},
93{0,NULL} 97{0,NULL}
94 }; 98 };
95 99
@@ -103,8 +107,8 @@ void ERR_load_UI_strings(void)
103 { 107 {
104 init=0; 108 init=0;
105#ifndef OPENSSL_NO_ERR 109#ifndef OPENSSL_NO_ERR
106 ERR_load_strings(ERR_LIB_UI,UI_str_functs); 110 ERR_load_strings(0,UI_str_functs);
107 ERR_load_strings(ERR_LIB_UI,UI_str_reasons); 111 ERR_load_strings(0,UI_str_reasons);
108#endif 112#endif
109 113
110 } 114 }
diff --git a/src/lib/libssl/src/crypto/x509/Makefile b/src/lib/libssl/src/crypto/x509/Makefile
index 5fb774f1c7..ee3f8a4a23 100644
--- a/src/lib/libssl/src/crypto/x509/Makefile
+++ b/src/lib/libssl/src/crypto/x509/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/x509/Makefile 2# OpenSSL/crypto/x509/Makefile
3# 3#
4 4
5DIR= x509 5DIR= x509
diff --git a/src/lib/libssl/src/crypto/x509/by_dir.c b/src/lib/libssl/src/crypto/x509/by_dir.c
index 6207340472..ea689aed1a 100644
--- a/src/lib/libssl/src/crypto/x509/by_dir.c
+++ b/src/lib/libssl/src/crypto/x509/by_dir.c
@@ -114,7 +114,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
114 { 114 {
115 int ret=0; 115 int ret=0;
116 BY_DIR *ld; 116 BY_DIR *ld;
117 char *dir; 117 char *dir = NULL;
118 118
119 ld=(BY_DIR *)ctx->method_data; 119 ld=(BY_DIR *)ctx->method_data;
120 120
@@ -123,17 +123,16 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
123 case X509_L_ADD_DIR: 123 case X509_L_ADD_DIR:
124 if (argl == X509_FILETYPE_DEFAULT) 124 if (argl == X509_FILETYPE_DEFAULT)
125 { 125 {
126 ret=add_cert_dir(ld,X509_get_default_cert_dir(), 126 dir=(char *)Getenv(X509_get_default_cert_dir_env());
127 X509_FILETYPE_PEM); 127 if (dir)
128 ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
129 else
130 ret=add_cert_dir(ld,X509_get_default_cert_dir(),
131 X509_FILETYPE_PEM);
128 if (!ret) 132 if (!ret)
129 { 133 {
130 X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); 134 X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
131 } 135 }
132 else
133 {
134 dir=(char *)Getenv(X509_get_default_cert_dir_env());
135 ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
136 }
137 } 136 }
138 else 137 else
139 ret=add_cert_dir(ld,argp,(int)argl); 138 ret=add_cert_dir(ld,argp,(int)argl);
diff --git a/src/lib/libssl/src/crypto/x509/x509_err.c b/src/lib/libssl/src/crypto/x509/x509_err.c
index 5bbf4acf76..d44d046027 100644
--- a/src/lib/libssl/src/crypto/x509/x509_err.c
+++ b/src/lib/libssl/src/crypto/x509/x509_err.c
@@ -1,6 +1,6 @@
1/* crypto/x509/x509_err.c */ 1/* crypto/x509/x509_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,77 +64,81 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
70
67static ERR_STRING_DATA X509_str_functs[]= 71static ERR_STRING_DATA X509_str_functs[]=
68 { 72 {
69{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"}, 73{ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
70{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"}, 74{ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
71{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"}, 75{ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
72{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"}, 76{ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
73{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0), "NETSCAPE_SPKI_b64_decode"}, 77{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
74{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0), "NETSCAPE_SPKI_b64_encode"}, 78{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
75{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"}, 79{ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
76{ERR_PACK(0,X509_F_X509_ADD_ATTR,0), "X509_ADD_ATTR"}, 80{ERR_FUNC(X509_F_X509_ADD_ATTR), "X509_ADD_ATTR"},
77{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0), "X509_ATTRIBUTE_create_by_NID"}, 81{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"},
78{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0), "X509_ATTRIBUTE_create_by_OBJ"}, 82{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"},
79{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0), "X509_ATTRIBUTE_create_by_txt"}, 83{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"},
80{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0), "X509_ATTRIBUTE_get0_data"}, 84{ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
81{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0), "X509_ATTRIBUTE_set1_data"}, 85{ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
82{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"}, 86{ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
83{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"}, 87{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"},
84{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"}, 88{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"},
85{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"}, 89{ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"},
86{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0), "X509_load_cert_crl_file"}, 90{ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
87{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"}, 91{ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
88{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"}, 92{ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
89{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"}, 93{ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
90{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"}, 94{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID), "X509_NAME_ENTRY_create_by_NID"},
91{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0), "X509_NAME_ENTRY_create_by_txt"}, 95{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT), "X509_NAME_ENTRY_create_by_txt"},
92{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"}, 96{ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"},
93{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"}, 97{ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
94{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"}, 98{ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
95{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"}, 99{ERR_FUNC(X509_F_X509_PRINT_FP), "X509_print_fp"},
96{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"}, 100{ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
97{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"}, 101{ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
98{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"}, 102{ERR_FUNC(X509_F_X509_REQ_PRINT), "X509_REQ_print"},
99{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"}, 103{ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
100{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"}, 104{ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
101{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"}, 105{ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
102{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"}, 106{ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
103{ERR_PACK(0,X509_F_X509_STORE_CTX_INIT,0), "X509_STORE_CTX_init"}, 107{ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
104{ERR_PACK(0,X509_F_X509_STORE_CTX_NEW,0), "X509_STORE_CTX_new"}, 108{ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
105{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0), "X509_STORE_CTX_purpose_inherit"}, 109{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"},
106{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, 110{ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
107{ERR_PACK(0,X509_F_X509_TRUST_ADD,0), "X509_TRUST_add"}, 111{ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
108{ERR_PACK(0,X509_F_X509_TRUST_SET,0), "X509_TRUST_set"}, 112{ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
109{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, 113{ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
110{0,NULL} 114{0,NULL}
111 }; 115 };
112 116
113static ERR_STRING_DATA X509_str_reasons[]= 117static ERR_STRING_DATA X509_str_reasons[]=
114 { 118 {
115{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"}, 119{ERR_REASON(X509_R_BAD_X509_FILETYPE) ,"bad x509 filetype"},
116{X509_R_BASE64_DECODE_ERROR ,"base64 decode error"}, 120{ERR_REASON(X509_R_BASE64_DECODE_ERROR) ,"base64 decode error"},
117{X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"}, 121{ERR_REASON(X509_R_CANT_CHECK_DH_KEY) ,"cant check dh key"},
118{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"}, 122{ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),"cert already in hash table"},
119{X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, 123{ERR_REASON(X509_R_ERR_ASN1_LIB) ,"err asn1 lib"},
120{X509_R_INVALID_DIRECTORY ,"invalid directory"}, 124{ERR_REASON(X509_R_INVALID_DIRECTORY) ,"invalid directory"},
121{X509_R_INVALID_FIELD_NAME ,"invalid field name"}, 125{ERR_REASON(X509_R_INVALID_FIELD_NAME) ,"invalid field name"},
122{X509_R_INVALID_TRUST ,"invalid trust"}, 126{ERR_REASON(X509_R_INVALID_TRUST) ,"invalid trust"},
123{X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"}, 127{ERR_REASON(X509_R_KEY_TYPE_MISMATCH) ,"key type mismatch"},
124{X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"}, 128{ERR_REASON(X509_R_KEY_VALUES_MISMATCH) ,"key values mismatch"},
125{X509_R_LOADING_CERT_DIR ,"loading cert dir"}, 129{ERR_REASON(X509_R_LOADING_CERT_DIR) ,"loading cert dir"},
126{X509_R_LOADING_DEFAULTS ,"loading defaults"}, 130{ERR_REASON(X509_R_LOADING_DEFAULTS) ,"loading defaults"},
127{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"}, 131{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),"no cert set for us to verify"},
128{X509_R_SHOULD_RETRY ,"should retry"}, 132{ERR_REASON(X509_R_SHOULD_RETRY) ,"should retry"},
129{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"}, 133{ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),"unable to find parameters in chain"},
130{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"}, 134{ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),"unable to get certs public key"},
131{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"}, 135{ERR_REASON(X509_R_UNKNOWN_KEY_TYPE) ,"unknown key type"},
132{X509_R_UNKNOWN_NID ,"unknown nid"}, 136{ERR_REASON(X509_R_UNKNOWN_NID) ,"unknown nid"},
133{X509_R_UNKNOWN_PURPOSE_ID ,"unknown purpose id"}, 137{ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID) ,"unknown purpose id"},
134{X509_R_UNKNOWN_TRUST_ID ,"unknown trust id"}, 138{ERR_REASON(X509_R_UNKNOWN_TRUST_ID) ,"unknown trust id"},
135{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"}, 139{ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM),"unsupported algorithm"},
136{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"}, 140{ERR_REASON(X509_R_WRONG_LOOKUP_TYPE) ,"wrong lookup type"},
137{X509_R_WRONG_TYPE ,"wrong type"}, 141{ERR_REASON(X509_R_WRONG_TYPE) ,"wrong type"},
138{0,NULL} 142{0,NULL}
139 }; 143 };
140 144
@@ -148,8 +152,8 @@ void ERR_load_X509_strings(void)
148 { 152 {
149 init=0; 153 init=0;
150#ifndef OPENSSL_NO_ERR 154#ifndef OPENSSL_NO_ERR
151 ERR_load_strings(ERR_LIB_X509,X509_str_functs); 155 ERR_load_strings(0,X509_str_functs);
152 ERR_load_strings(ERR_LIB_X509,X509_str_reasons); 156 ERR_load_strings(0,X509_str_reasons);
153#endif 157#endif
154 158
155 } 159 }
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c
index e43c861ee7..383e082aba 100644
--- a/src/lib/libssl/src/crypto/x509/x509_vfy.c
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c
@@ -944,7 +944,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
944 offset=0; 944 offset=0;
945 else 945 else
946 { 946 {
947 if ((*str != '+') && (str[5] != '-')) 947 if ((*str != '+') && (*str != '-'))
948 return 0; 948 return 0;
949 offset=((str[1]-'0')*10+(str[2]-'0'))*60; 949 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
950 offset+=(str[3]-'0')*10+(str[4]-'0'); 950 offset+=(str[3]-'0')*10+(str[4]-'0');
diff --git a/src/lib/libssl/src/crypto/x509v3/Makefile b/src/lib/libssl/src/crypto/x509v3/Makefile
index ed2f91cbb3..49423f39f7 100644
--- a/src/lib/libssl/src/crypto/x509v3/Makefile
+++ b/src/lib/libssl/src/crypto/x509v3/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/crypto/x509v3/Makefile 2# OpenSSL/crypto/x509v3/Makefile
3# 3#
4 4
5DIR= x509v3 5DIR= x509v3
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c
index 0d554f3a2c..867525f336 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c
@@ -137,7 +137,15 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
137 CONF_VALUE *cnf; 137 CONF_VALUE *cnf;
138 int i, ia5org; 138 int i, ia5org;
139 pols = sk_POLICYINFO_new_null(); 139 pols = sk_POLICYINFO_new_null();
140 if (pols == NULL) {
141 X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
142 return NULL;
143 }
140 vals = X509V3_parse_list(value); 144 vals = X509V3_parse_list(value);
145 if (vals == NULL) {
146 X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
147 goto err;
148 }
141 ia5org = 0; 149 ia5org = 0;
142 for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { 150 for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
143 cnf = sk_CONF_VALUE_value(vals, i); 151 cnf = sk_CONF_VALUE_value(vals, i);
@@ -176,6 +184,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
176 sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); 184 sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
177 return pols; 185 return pols;
178 err: 186 err:
187 sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
179 sk_POLICYINFO_pop_free(pols, POLICYINFO_free); 188 sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
180 return NULL; 189 return NULL;
181} 190}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3err.c b/src/lib/libssl/src/crypto/x509v3/v3err.c
index 2df0c3ef01..e1edaf5248 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3err.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3err.c
@@ -64,114 +64,118 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
70
67static ERR_STRING_DATA X509V3_str_functs[]= 71static ERR_STRING_DATA X509V3_str_functs[]=
68 { 72 {
69{ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"}, 73{ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
70{ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"}, 74{ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
71{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"}, 75{ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
72{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"}, 76{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
73{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"}, 77{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
74{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"}, 78{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
75{ERR_PACK(0,X509V3_F_I2S_ASN1_IA5STRING,0), "I2S_ASN1_IA5STRING"}, 79{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
76{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"}, 80{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
77{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"}, 81{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
78{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"}, 82{ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
79{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"}, 83{ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
80{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"}, 84{ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
81{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"}, 85{ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
82{ERR_PACK(0,X509V3_F_R2I_PCI,0), "R2I_PCI"}, 86{ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
83{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"}, 87{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
84{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"}, 88{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
85{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"}, 89{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
86{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0), "S2I_ASN1_SKEY_ID"}, 90{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
87{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0), "S2I_S2I_SKEY_ID"}, 91{ERR_FUNC(X509V3_F_S2I_S2I_SKEY_ID), "S2I_S2I_SKEY_ID"},
88{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0), "string_to_hex"}, 92{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
89{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0), "SXNET_ADD_ASC"}, 93{ERR_FUNC(X509V3_F_SXNET_ADD_ASC), "SXNET_ADD_ASC"},
90{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0), "SXNET_add_id_INTEGER"}, 94{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
91{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0), "SXNET_add_id_ulong"}, 95{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
92{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"}, 96{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
93{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"}, 97{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
94{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"}, 98{ERR_FUNC(X509V3_F_V2I_ACCESS_DESCRIPTION), "V2I_ACCESS_DESCRIPTION"},
95{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"}, 99{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "V2I_ASN1_BIT_STRING"},
96{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"}, 100{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
97{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"}, 101{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
98{ERR_PACK(0,X509V3_F_V2I_CRLD,0), "V2I_CRLD"}, 102{ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
99{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0), "V2I_EXT_KU"}, 103{ERR_FUNC(X509V3_F_V2I_EXT_KU), "V2I_EXT_KU"},
100{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"}, 104{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME), "v2i_GENERAL_NAME"},
101{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"}, 105{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
102{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"}, 106{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
103{ERR_PACK(0,X509V3_F_X509V3_ADD_I2D,0), "X509V3_ADD_I2D"}, 107{ERR_FUNC(X509V3_F_X509V3_ADD_I2D), "X509V3_ADD_I2D"},
104{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"}, 108{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
105{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"}, 109{ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
106{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"}, 110{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
107{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"}, 111{ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
108{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"}, 112{ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
109{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"}, 113{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
110{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"}, 114{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
111{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"}, 115{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
112{ERR_PACK(0,X509V3_F_X509_PURPOSE_SET,0), "X509_PURPOSE_set"}, 116{ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
113{0,NULL} 117{0,NULL}
114 }; 118 };
115 119
116static ERR_STRING_DATA X509V3_str_reasons[]= 120static ERR_STRING_DATA X509V3_str_reasons[]=
117 { 121 {
118{X509V3_R_BAD_IP_ADDRESS ,"bad ip address"}, 122{ERR_REASON(X509V3_R_BAD_IP_ADDRESS) ,"bad ip address"},
119{X509V3_R_BAD_OBJECT ,"bad object"}, 123{ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"},
120{X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"}, 124{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"},
121{X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"}, 125{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"},
122{X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"}, 126{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"},
123{X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"}, 127{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"},
124{X509V3_R_ERROR_CREATING_EXTENSION ,"error creating extension"}, 128{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"},
125{X509V3_R_ERROR_IN_EXTENSION ,"error in extension"}, 129{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"},
126{X509V3_R_EXPECTED_A_SECTION_NAME ,"expected a section name"}, 130{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"},
127{X509V3_R_EXTENSION_EXISTS ,"extension exists"}, 131{ERR_REASON(X509V3_R_EXTENSION_EXISTS) ,"extension exists"},
128{X509V3_R_EXTENSION_NAME_ERROR ,"extension name error"}, 132{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"},
129{X509V3_R_EXTENSION_NOT_FOUND ,"extension not found"}, 133{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"},
130{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"}, 134{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"},
131{X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"}, 135{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"},
132{X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"}, 136{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"},
133{X509V3_R_INCORRECT_POLICY_SYNTAX_TAG ,"incorrect policy syntax tag"}, 137{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"},
134{X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"}, 138{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"},
135{X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"}, 139{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"},
136{X509V3_R_INVALID_NAME ,"invalid name"}, 140{ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"},
137{X509V3_R_INVALID_NULL_ARGUMENT ,"invalid null argument"}, 141{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
138{X509V3_R_INVALID_NULL_NAME ,"invalid null name"}, 142{ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"},
139{X509V3_R_INVALID_NULL_VALUE ,"invalid null value"}, 143{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"},
140{X509V3_R_INVALID_NUMBER ,"invalid number"}, 144{ERR_REASON(X509V3_R_INVALID_NUMBER) ,"invalid number"},
141{X509V3_R_INVALID_NUMBERS ,"invalid numbers"}, 145{ERR_REASON(X509V3_R_INVALID_NUMBERS) ,"invalid numbers"},
142{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"}, 146{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"},
143{X509V3_R_INVALID_OPTION ,"invalid option"}, 147{ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"},
144{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"}, 148{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"},
145{X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER,"invalid proxy policy identifier"}, 149{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER),"invalid proxy policy identifier"},
146{X509V3_R_INVALID_PROXY_POLICY_SETTING ,"invalid proxy policy setting"}, 150{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"},
147{X509V3_R_INVALID_PURPOSE ,"invalid purpose"}, 151{ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"},
148{X509V3_R_INVALID_SECTION ,"invalid section"}, 152{ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"},
149{X509V3_R_INVALID_SYNTAX ,"invalid syntax"}, 153{ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"},
150{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"}, 154{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"},
151{X509V3_R_MISSING_VALUE ,"missing value"}, 155{ERR_REASON(X509V3_R_MISSING_VALUE) ,"missing value"},
152{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ,"need organization and numbers"}, 156{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"},
153{X509V3_R_NO_CONFIG_DATABASE ,"no config database"}, 157{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"},
154{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"}, 158{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"},
155{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"}, 159{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) ,"no issuer details"},
156{X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"}, 160{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"},
157{X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED,"no proxy cert policy language defined"}, 161{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"},
158{X509V3_R_NO_PUBLIC_KEY ,"no public key"}, 162{ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"},
159{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"}, 163{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"},
160{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"}, 164{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"},
161{X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED,"policy language alreadty defined"}, 165{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),"policy language alreadty defined"},
162{X509V3_R_POLICY_PATH_LENGTH ,"policy path length"}, 166{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"},
163{X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED,"policy path length alreadty defined"}, 167{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),"policy path length alreadty defined"},
164{X509V3_R_POLICY_SYNTAX_NOT ,"policy syntax not"}, 168{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT) ,"policy syntax not"},
165{X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED,"policy syntax not currently supported"}, 169{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"},
166{X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY,"policy when proxy language requires no policy"}, 170{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"},
167{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"}, 171{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"},
168{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"}, 172{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"},
169{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"}, 173{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"},
170{X509V3_R_UNKNOWN_EXTENSION ,"unknown extension"}, 174{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) ,"unknown extension"},
171{X509V3_R_UNKNOWN_EXTENSION_NAME ,"unknown extension name"}, 175{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
172{X509V3_R_UNKNOWN_OPTION ,"unknown option"}, 176{ERR_REASON(X509V3_R_UNKNOWN_OPTION) ,"unknown option"},
173{X509V3_R_UNSUPPORTED_OPTION ,"unsupported option"}, 177{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
174{X509V3_R_USER_TOO_LONG ,"user too long"}, 178{ERR_REASON(X509V3_R_USER_TOO_LONG) ,"user too long"},
175{0,NULL} 179{0,NULL}
176 }; 180 };
177 181
@@ -185,8 +189,8 @@ void ERR_load_X509V3_strings(void)
185 { 189 {
186 init=0; 190 init=0;
187#ifndef OPENSSL_NO_ERR 191#ifndef OPENSSL_NO_ERR
188 ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs); 192 ERR_load_strings(0,X509V3_str_functs);
189 ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons); 193 ERR_load_strings(0,X509V3_str_reasons);
190#endif 194#endif
191 195
192 } 196 }
diff --git a/src/lib/libssl/src/doc/HOWTO/keys.txt b/src/lib/libssl/src/doc/HOWTO/keys.txt
index 45f42eaaf1..7ae2a3a118 100644
--- a/src/lib/libssl/src/doc/HOWTO/keys.txt
+++ b/src/lib/libssl/src/doc/HOWTO/keys.txt
@@ -40,9 +40,9 @@ consider insecure or to be insecure pretty soon.
40 40
413. To generate a DSA key 413. To generate a DSA key
42 42
43A DSA key can be used both for signing only. This is important to 43A DSA key can be used for signing only. This is important to keep
44keep in mind to know what kind of purposes a certificate request with 44in mind to know what kind of purposes a certificate request with a
45a DSA key can really be used for. 45DSA key can really be used for.
46 46
47Generating a key for the DSA algorithm is a two-step process. First, 47Generating a key for the DSA algorithm is a two-step process. First,
48you have to generate parameters from which to generate the key: 48you have to generate parameters from which to generate the key:
diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod
index 58e0f52001..ed69952f37 100644
--- a/src/lib/libssl/src/doc/apps/CA.pl.pod
+++ b/src/lib/libssl/src/doc/apps/CA.pl.pod
@@ -47,7 +47,7 @@ written to the file "newreq.pem".
47creates a new certificate request. The private key and request are 47creates a new certificate request. The private key and request are
48written to the file "newreq.pem". 48written to the file "newreq.pem".
49 49
50=item B<-newreq-nowdes> 50=item B<-newreq-nodes>
51 51
52is like B<-newreq> except that the private key will not be encrypted. 52is like B<-newreq> except that the private key will not be encrypted.
53 53
diff --git a/src/lib/libssl/src/doc/apps/ca.pod b/src/lib/libssl/src/doc/apps/ca.pod
index 74f45ca2f9..f15df49d4f 100644
--- a/src/lib/libssl/src/doc/apps/ca.pod
+++ b/src/lib/libssl/src/doc/apps/ca.pod
@@ -391,7 +391,7 @@ the same as B<-msie_hack>
391the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section 391the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section
392for more information. 392for more information.
393 393
394=item B<nameopt>, B<certopt> 394=item B<name_opt>, B<cert_opt>
395 395
396these options allow the format used to display the certificate details 396these options allow the format used to display the certificate details
397when asking the user to confirm signing. All the options supported by 397when asking the user to confirm signing. All the options supported by
@@ -513,8 +513,8 @@ A sample configuration file with the relevant sections for B<ca>:
513 policy = policy_any # default policy 513 policy = policy_any # default policy
514 email_in_dn = no # Don't add the email into cert DN 514 email_in_dn = no # Don't add the email into cert DN
515 515
516 nameopt = ca_default # Subject name display option 516 name_opt = ca_default # Subject name display option
517 certopt = ca_default # Certificate display option 517 cert_opt = ca_default # Certificate display option
518 copy_extensions = none # Don't copy extensions from request 518 copy_extensions = none # Don't copy extensions from request
519 519
520 [ policy_any ] 520 [ policy_any ]
diff --git a/src/lib/libssl/src/doc/apps/enc.pod b/src/lib/libssl/src/doc/apps/enc.pod
index 18fe7c81c7..c43da5b3f1 100644
--- a/src/lib/libssl/src/doc/apps/enc.pod
+++ b/src/lib/libssl/src/doc/apps/enc.pod
@@ -191,12 +191,12 @@ Blowfish and RC5 algorithms use a 128 bit key.
191 des-ecb DES in ECB mode 191 des-ecb DES in ECB mode
192 192
193 des-ede-cbc Two key triple DES EDE in CBC mode 193 des-ede-cbc Two key triple DES EDE in CBC mode
194 des-ede Alias for des-ede 194 des-ede Two key triple DES EDE in ECB mode
195 des-ede-cfb Two key triple DES EDE in CFB mode 195 des-ede-cfb Two key triple DES EDE in CFB mode
196 des-ede-ofb Two key triple DES EDE in OFB mode 196 des-ede-ofb Two key triple DES EDE in OFB mode
197 197
198 des-ede3-cbc Three key triple DES EDE in CBC mode 198 des-ede3-cbc Three key triple DES EDE in CBC mode
199 des-ede3 Alias for des-ede3-cbc 199 des-ede3 Three key triple DES EDE in ECB mode
200 des3 Alias for des-ede3-cbc 200 des3 Alias for des-ede3-cbc
201 des-ede3-cfb Three key triple DES EDE CFB mode 201 des-ede3-cfb Three key triple DES EDE CFB mode
202 des-ede3-ofb Three key triple DES EDE in OFB mode 202 des-ede3-ofb Three key triple DES EDE in OFB mode
@@ -211,9 +211,9 @@ Blowfish and RC5 algorithms use a 128 bit key.
211 211
212 rc2-cbc 128 bit RC2 in CBC mode 212 rc2-cbc 128 bit RC2 in CBC mode
213 rc2 Alias for rc2-cbc 213 rc2 Alias for rc2-cbc
214 rc2-cfb 128 bit RC2 in CBC mode 214 rc2-cfb 128 bit RC2 in CFB mode
215 rc2-ecb 128 bit RC2 in CBC mode 215 rc2-ecb 128 bit RC2 in ECB mode
216 rc2-ofb 128 bit RC2 in CBC mode 216 rc2-ofb 128 bit RC2 in OFB mode
217 rc2-64-cbc 64 bit RC2 in CBC mode 217 rc2-64-cbc 64 bit RC2 in CBC mode
218 rc2-40-cbc 40 bit RC2 in CBC mode 218 rc2-40-cbc 40 bit RC2 in CBC mode
219 219
@@ -223,9 +223,9 @@ Blowfish and RC5 algorithms use a 128 bit key.
223 223
224 rc5-cbc RC5 cipher in CBC mode 224 rc5-cbc RC5 cipher in CBC mode
225 rc5 Alias for rc5-cbc 225 rc5 Alias for rc5-cbc
226 rc5-cfb RC5 cipher in CBC mode 226 rc5-cfb RC5 cipher in CFB mode
227 rc5-ecb RC5 cipher in CBC mode 227 rc5-ecb RC5 cipher in ECB mode
228 rc5-ofb RC5 cipher in CBC mode 228 rc5-ofb RC5 cipher in OFB mode
229 229
230=head1 EXAMPLES 230=head1 EXAMPLES
231 231
diff --git a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
index 40e525dd56..8271d3dfc4 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
@@ -22,7 +22,7 @@ EVP_CIPHER_CTX_set_padding - EVP cipher routines
22 22
23 #include <openssl/evp.h> 23 #include <openssl/evp.h>
24 24
25 int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); 25 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
26 26
27 int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, 27 int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
28 ENGINE *impl, unsigned char *key, unsigned char *iv); 28 ENGINE *impl, unsigned char *key, unsigned char *iv);
@@ -236,8 +236,8 @@ RC5 can be set.
236 236
237=head1 RETURN VALUES 237=head1 RETURN VALUES
238 238
239EVP_CIPHER_CTX_init, EVP_EncryptInit_ex(), EVP_EncryptUpdate() and 239EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex()
240EVP_EncryptFinal_ex() return 1 for success and 0 for failure. 240return 1 for success and 0 for failure.
241 241
242EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. 242EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
243EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success. 243EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.
diff --git a/src/lib/libssl/src/doc/crypto/OPENSSL_config.pod b/src/lib/libssl/src/doc/crypto/OPENSSL_config.pod
index 16600620cc..e7bba2aaca 100644
--- a/src/lib/libssl/src/doc/crypto/OPENSSL_config.pod
+++ b/src/lib/libssl/src/doc/crypto/OPENSSL_config.pod
@@ -35,7 +35,7 @@ calls OPENSSL_add_all_algorithms() by compiling an application with the
35preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration 35preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
36can be added without source changes. 36can be added without source changes.
37 37
38The environment variable B<OPENSSL_CONFIG> can be set to specify the location 38The environment variable B<OPENSSL_CONF> can be set to specify the location
39of the configuration file. 39of the configuration file.
40 40
41Currently ASN1 OBJECTs and ENGINE configuration can be performed future 41Currently ASN1 OBJECTs and ENGINE configuration can be performed future
diff --git a/src/lib/libssl/src/doc/crypto/PKCS7_verify.pod b/src/lib/libssl/src/doc/crypto/PKCS7_verify.pod
index 07c9fdad40..3490b5dc82 100644
--- a/src/lib/libssl/src/doc/crypto/PKCS7_verify.pod
+++ b/src/lib/libssl/src/doc/crypto/PKCS7_verify.pod
@@ -8,7 +8,7 @@ PKCS7_verify - verify a PKCS#7 signedData structure
8 8
9int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); 9int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
10 10
11int PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); 11STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
12 12
13=head1 DESCRIPTION 13=head1 DESCRIPTION
14 14
diff --git a/src/lib/libssl/src/doc/crypto/hmac.pod b/src/lib/libssl/src/doc/crypto/hmac.pod
index 3976baf226..0bd79a6d3a 100644
--- a/src/lib/libssl/src/doc/crypto/hmac.pod
+++ b/src/lib/libssl/src/doc/crypto/hmac.pod
@@ -18,7 +18,7 @@ authentication code
18 void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, 18 void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
19 const EVP_MD *md); 19 const EVP_MD *md);
20 void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, 20 void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
21 const EVP_MD *md); 21 const EVP_MD *md, ENGINE *impl);
22 void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); 22 void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
23 void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); 23 void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
24 24
diff --git a/src/lib/libssl/src/doc/crypto/threads.pod b/src/lib/libssl/src/doc/crypto/threads.pod
index afa45cd76c..3df4ecd776 100644
--- a/src/lib/libssl/src/doc/crypto/threads.pod
+++ b/src/lib/libssl/src/doc/crypto/threads.pod
@@ -65,9 +65,10 @@ B<CRYPTO_LOCK>, and releases it otherwise.
65B<file> and B<line> are the file number of the function setting the 65B<file> and B<line> are the file number of the function setting the
66lock. They can be useful for debugging. 66lock. They can be useful for debugging.
67 67
68id_function(void) is a function that returns a thread ID. It is not 68id_function(void) is a function that returns a thread ID, for example
69pthread_self() if it returns an integer (see NOTES below). It isn't
69needed on Windows nor on platforms where getpid() returns a different 70needed on Windows nor on platforms where getpid() returns a different
70ID for each thread (most notably Linux). 71ID for each thread (see NOTES below).
71 72
72Additionally, OpenSSL supports dynamic locks, and sometimes, some parts 73Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
73of OpenSSL need it for better performance. To enable this, the following 74of OpenSSL need it for better performance. To enable this, the following
@@ -124,13 +125,13 @@ CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
124 125
125The other functions return no values. 126The other functions return no values.
126 127
127=head1 NOTE 128=head1 NOTES
128 129
129You can find out if OpenSSL was configured with thread support: 130You can find out if OpenSSL was configured with thread support:
130 131
131 #define OPENSSL_THREAD_DEFINES 132 #define OPENSSL_THREAD_DEFINES
132 #include <openssl/opensslconf.h> 133 #include <openssl/opensslconf.h>
133 #if defined(THREADS) 134 #if defined(OPENSSL_THREADS)
134 // thread support enabled 135 // thread support enabled
135 #else 136 #else
136 // no thread support 137 // no thread support
@@ -139,6 +140,22 @@ You can find out if OpenSSL was configured with thread support:
139Also, dynamic locks are currently not used internally by OpenSSL, but 140Also, dynamic locks are currently not used internally by OpenSSL, but
140may do so in the future. 141may do so in the future.
141 142
143Defining id_function(void) has it's own issues. Generally speaking,
144pthread_self() should be used, even on platforms where getpid() gives
145different answers in each thread, since that may depend on the machine
146the program is run on, not the machine where the program is being
147compiled. For instance, Red Hat 8 Linux and earlier used
148LinuxThreads, whose getpid() returns a different value for each
149thread. Red Hat 9 Linux and later use NPTL, which is
150Posix-conformant, and has a getpid() that returns the same value for
151all threads in a process. A program compiled on Red Hat 8 and run on
152Red Hat 9 will therefore see getpid() returning the same value for
153all threads.
154
155There is still the issue of platforms where pthread_self() returns
156something other than an integer. This is a bit unusual, and this
157manual has no cookbook solution for that case.
158
142=head1 EXAMPLES 159=head1 EXAMPLES
143 160
144B<crypto/threads/mttest.c> shows examples of the callback functions on 161B<crypto/threads/mttest.c> shows examples of the callback functions on
diff --git a/src/lib/libssl/src/doc/fingerprints.txt b/src/lib/libssl/src/doc/fingerprints.txt
index c350d381eb..7d05a85594 100644
--- a/src/lib/libssl/src/doc/fingerprints.txt
+++ b/src/lib/libssl/src/doc/fingerprints.txt
@@ -26,3 +26,32 @@ pub 1024R/49A563D9 1997-02-24
26uid Mark Cox <mjc@redhat.com> 26uid Mark Cox <mjc@redhat.com>
27uid Mark Cox <mark@awe.com> 27uid Mark Cox <mark@awe.com>
28uid Mark Cox <mjc@apache.org> 28uid Mark Cox <mjc@apache.org>
29
30pub 1024R/26BB437D 1997-04-28
31 Key fingerprint = 00 C9 21 8E D1 AB 70 37 DD 67 A2 3A 0A 6F 8D A5
32uid Ralf S. Engelschall <rse@engelschall.com>
33
34pub 1024R/9C58A66D 1997-04-03
35 Key fingerprint = 13 D0 B8 9D 37 30 C3 ED AC 9C 24 7D 45 8C 17 67
36uid jaenicke@openssl.org
37uid Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
38
39pub 1024D/2118CF83 1998-07-13
40 Key fingerprint = 7656 55DE 62E3 96FF 2587 EB6C 4F6D E156 2118 CF83
41uid Ben Laurie <ben@thebunker.net>
42uid Ben Laurie <ben@cryptix.org>
43uid Ben Laurie <ben@algroup.co.uk>
44sub 4096g/1F5143E7 1998-07-13
45
46pub 1024R/5A6A9B85 1994-03-22
47 Key fingerprint = C7 AC 7E AD 56 6A 65 EC F6 16 66 83 7E 86 68 28
48uid Bodo Moeller <2005@bmoeller.de>
49uid Bodo Moeller <2003@bmoeller.de>
50uid Bodo Moeller <2004@bmoeller.de>
51uid Bodo Moeller <bmoeller@acm.org>
52uid Bodo Moeller <bodo@openssl.org>
53uid Bodo Moeller <bm@ulf.mali.sub.org>
54uid Bodo Moeller <3moeller@informatik.uni-hamburg.de>
55uid Bodo Moeller <Bodo_Moeller@public.uni-hamburg.de>
56uid Bodo Moeller <3moeller@rzdspc5.informatik.uni-hamburg.de>
57
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
index 5ab1b32f93..fa63263601 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
@@ -86,7 +86,7 @@ doing a re-connect, always takes the first cipher in the cipher list.
86 86
87=item SSL_OP_MSIE_SSLV2_RSA_PADDING 87=item SSL_OP_MSIE_SSLV2_RSA_PADDING
88 88
89... 89As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
90 90
91=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG 91=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
92 92
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h
index 5a328b7fa8..e2b6561066 100644
--- a/src/lib/libssl/src/e_os.h
+++ b/src/lib/libssl/src/e_os.h
@@ -214,6 +214,8 @@ extern "C" {
214# define _setmode setmode 214# define _setmode setmode
215# define _O_TEXT O_TEXT 215# define _O_TEXT O_TEXT
216# define _O_BINARY O_BINARY 216# define _O_BINARY O_BINARY
217# undef DEVRANDOM
218# define DEVRANDOM "/dev/urandom\x24"
217# endif /* __DJGPP__ */ 219# endif /* __DJGPP__ */
218 220
219# ifndef S_IFDIR 221# ifndef S_IFDIR
diff --git a/src/lib/libssl/src/e_os2.h b/src/lib/libssl/src/e_os2.h
index 4ca79a4d65..d8de8beead 100644
--- a/src/lib/libssl/src/e_os2.h
+++ b/src/lib/libssl/src/e_os2.h
@@ -237,8 +237,8 @@ extern "C" {
237# define OPENSSL_IMPORT globalref 237# define OPENSSL_IMPORT globalref
238# define OPENSSL_GLOBAL globaldef 238# define OPENSSL_GLOBAL globaldef
239#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL) 239#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
240# define OPENSSL_EXPORT extern _declspec(dllexport) 240# define OPENSSL_EXPORT extern __declspec(dllexport)
241# define OPENSSL_IMPORT extern _declspec(dllimport) 241# define OPENSSL_IMPORT extern __declspec(dllimport)
242# define OPENSSL_GLOBAL 242# define OPENSSL_GLOBAL
243#else 243#else
244# define OPENSSL_EXPORT extern 244# define OPENSSL_EXPORT extern
diff --git a/src/lib/libssl/src/fips-1.0/Makefile b/src/lib/libssl/src/fips-1.0/Makefile
new file mode 100644
index 0000000000..891a40b36a
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/Makefile
@@ -0,0 +1,242 @@
1#
2# OpenSSL/fips-1.0/Makefile
3#
4
5DIR= fips-1.0
6TOP= ..
7CC= cc
8INCLUDE= -I. -I$(TOP) -I../include
9INCLUDES= -I.. -I../.. -I../../include
10CFLAG= -g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP= /usr/local/ssl
14MAKEFILE= Makefile
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17PERL= perl
18RM= rm -f
19AR= ar r
20
21PEX_LIBS=
22EX_LIBS=
23
24CFLAGS= $(INCLUDE) $(CFLAG) -DHMAC_EXT=\"$${HMAC_EXT:-sha1}\"
25
26
27LIBS=
28
29FDIRS=sha rand des aes dsa rsa dh hmac
30
31GENERAL=Makefile README fips-lib.com install.com
32
33LIB= $(TOP)/libcrypto.a
34SHARED_LIB= libcrypto$(SHLIB_EXT)
35LIBSRC=fips.c fips_err_wrapper.c fipshashes.c
36LIBOBJ=fips.o fips_err_wrapper.o fipshashes.o
37
38FIPS_OBJ_LISTS=sha/lib hmac/lib rand/lib des/lib aes/lib dsa/lib rsa/lib dh/lib
39
40SRC= $(LIBSRC)
41
42EXHEADER=fips.h
43HEADER=$(EXHEADER) fips_err.h
44EXE=fipsld
45TEST=fips_test_suite.c
46
47ALL= $(GENERAL) $(SRC) $(HEADER)
48
49top:
50 @(cd ..; $(MAKE) DIRS=$(DIR) all)
51
52all:
53 @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
54 $(MAKE) -e subdirs check lib shared; \
55 fi
56
57check:
58# $(PERL) ../util/checkhash.pl || (rm fipscanister.o* 2>/dev/null; exit 1)
59 echo FIPS module not built: no check done
60
61# Idea behind fipscanister.o is to "seize" the sequestered code between
62# known symbols for fingerprinting purposes, which would be commonly
63# done with ld -r start.o ... end.o. The latter however presents a minor
64# challenge on multi-ABI platforms. As just implied, we'd rather use ld,
65# but the trouble is that we don't generally know how ABI-selection
66# compiler flag is translated to corresponding linker flag. All compiler
67# drivers seem to recognize -r flag and pass it down to linker, but some
68# of them, including gcc, erroneously add -lc, as well as run-time
69# components, such as crt1.o and alike. Fortunately among those vendor
70# compilers which were observed to misinterpret -r flag multi-ABI ones
71# are equipped with smart linkers, which don't require any ABI-selection
72# flag and simply assume that all objects are of the same type as first
73# one in command line. So the idea is to identify gcc and deficient
74# vendor compiler drivers...
75
76fipscanister.o: fips_start.o $(LIBOBJ) $(FIPS_OBJ_LISTS) fips_end.o
77 @objs="fips_start.o $(LIBOBJ)"; \
78 for i in $(FIPS_OBJ_LISTS); do \
79 dir=`dirname $$i`; script="s|^|$$dir/|;s| | $$dir/|g"; \
80 objs="$$objs `sed "$$script" $$i`"; \
81 done; \
82 objs="$$objs fips_end.o" ; \
83 if [ -n "${FIPS_SITE_LD}" ]; then \
84 set -x; ${FIPS_SITE_LD} -r -o $@ $$objs; \
85 elif $(CC) -dumpversion >/dev/null 2>&1; then \
86 set -x; $(CC) $(CFLAGS) -r -nostdlib -o $@ $$objs ; \
87 else case "`(uname -s) 2>/dev/null`" in \
88 HP-UX|OSF1|SunOS) set -x; /usr/ccs/bin/ld -r -o $@ $$objs ;; \
89 *) set -x; $(CC) $(CFLAGS) -r -o $@ $$objs ;; \
90 esac fi
91 sha/fips_standalone_sha1 fipscanister.o > fipscanister.o.sha1
92
93# If another exception is immediately required, assign approprite
94# site-specific ld command to FIPS_SITE_LD environment variable.
95
96fips_start.o: fips_canister.c
97 $(CC) $(CFLAGS) -DFIPS_START -c -o $@ fips_canister.c
98fips_end.o: fips_canister.c
99 $(CC) $(CFLAGS) -DFIPS_END -c -o $@ fips_canister.c
100fips_premain_dso$(EXE_EXT): fips_premain.c
101 $(CC) $(CFLAGS) -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ fips_premain.c \
102 ../libcrypto.a $(EX_LIBS)
103
104subdirs:
105 @for i in $(FDIRS) ;\
106 do \
107 (cd $$i && echo "making all in fips/$$i..." && \
108 $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
109 done;
110
111sub_target:
112 @for i in $(FDIRS) ;\
113 do \
114 (cd $$i && echo "making $(TARGET) in fips/$$i..." && \
115 $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' $(TARGET) ) || exit 1; \
116 done;
117
118files:
119 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
120 @for i in $(FDIRS) ;\
121 do \
122 (cd $$i && echo "making 'files' in fips/$$i..." && \
123 $(MAKE) PERL='${PERL}' files ); \
124 done;
125
126links:
127 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
128 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
129 @for i in $(FDIRS); do \
130 (cd $$i && echo "making links in fips/$$i..." && \
131 $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
132 done;
133
134lib: $(FIPSLIBDIR)/fipscanister.o
135 $(AR) $(LIB) $(FIPSLIBDIR)/fipscanister.o
136 $(RANLIB) $(LIB) || echo Never mind.
137 @touch lib
138
139shared: fips_premain_dso$(EXE_EXT)
140 if [ -n "$(SHARED_LIBS)" ]; then \
141 (cd ..; $(MAKE) FIPSLD_CC=$(CC) FIPSLD=fips-1.0/fipsld $(SHARED_LIB)); \
142 fi
143
144libs:
145 @for i in $(FDIRS) ;\
146 do \
147 (cd $$i && echo "making libs in fips/$$i..." && \
148 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
149 done;
150
151tests:
152 (cd ..; make DIRS=test)
153
154fips_test: top tests
155 -cd testvectors && perl -p -i -e 's/COUNT=/COUNT = /' des[23]/req/*.req
156 @for i in dsa sha aes des hmac rand rsa; \
157 do \
158 (cd $$i && echo "making fips_test in fips/$$i..." && $(MAKE) fips_test) \
159 done;
160
161install:
162 @headerlist="$(EXHEADER)"; for i in $$headerlist ;\
163 do \
164 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
165 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
166 done;
167 @for i in $(FDIRS) ;\
168 do \
169 (cd $$i && echo "making install in fips/$$i..." && \
170 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
171 done;
172 @for i in $(EXE) ; \
173 do \
174 echo "installing $$i"; \
175 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
176 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
177 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
178 done
179 @cp -p -f fipscanister.o fipscanister.o.sha1 fips_premain.c \
180 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \
181 strings fipscanister.o | grep "HMAC-SHA1(fips_premain\\.c)" > \
182 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips_premain.c.sha1; \
183 chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips*
184
185lint:
186 @for i in $(FDIRS) ;\
187 do \
188 (cd $$i && echo "making lint in fips/$$i..." && \
189 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
190 done;
191
192depend:
193 if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist
194 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(SRC)
195 if [ ! -s buildinf.h ]; then rm buildinf.h; fi
196 @for i in $(FDIRS) ;\
197 do \
198 (cd $$i && echo "making depend in fips/$$i..." && \
199 $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \
200 done;
201
202clean:
203 rm -f buildinf.h *.o *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff
204 @for i in $(FDIRS) ;\
205 do \
206 (cd $$i && echo "making clean in fips/$$i..." && \
207 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
208 done;
209
210dclean:
211 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
212 mv -f Makefile.new $(MAKEFILE)
213 @for i in $(FDIRS) ;\
214 do \
215 (cd $$i && echo "making dclean in fips/$$i..." && \
216 $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
217 done;
218
219# DO NOT DELETE THIS LINE -- make depend depends on it.
220
221fips.o: ../include/openssl/aes.h ../include/openssl/asn1.h
222fips.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
223fips.o: ../include/openssl/bn.h ../include/openssl/cast.h
224fips.o: ../include/openssl/crypto.h ../include/openssl/des.h
225fips.o: ../include/openssl/des_old.h ../include/openssl/dh.h
226fips.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
227fips.o: ../include/openssl/err.h ../include/openssl/evp.h
228fips.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h
229fips.o: ../include/openssl/hmac.h ../include/openssl/idea.h
230fips.o: ../include/openssl/lhash.h ../include/openssl/md2.h
231fips.o: ../include/openssl/md4.h ../include/openssl/md5.h
232fips.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
233fips.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
234fips.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
235fips.o: ../include/openssl/rand.h ../include/openssl/rc2.h
236fips.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
237fips.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
238fips.o: ../include/openssl/safestack.h ../include/openssl/sha.h
239fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
240fips.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h fips.c
241fips.o: fips_locl.h
242fips_err_wrapper.o: ../include/openssl/opensslconf.h fips_err_wrapper.c
diff --git a/src/lib/libssl/src/fips-1.0/aes/Makefile b/src/lib/libssl/src/fips-1.0/aes/Makefile
new file mode 100644
index 0000000000..d2a72b3988
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/aes/Makefile
@@ -0,0 +1,121 @@
1#
2# OpenSSL/fips-1.0/aes/Makefile
3#
4
5DIR= aes
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18FIPS_AES_ENC=fips_aes_core.o
19
20CFLAGS= $(INCLUDES) $(CFLAG)
21
22GENERAL=Makefile
23TEST=fips_aesavs.c
24TESTDATA=fips_aes_data
25APPS=
26
27LIB=$(TOP)/libcrypto.a
28LIBSRC=fips_aes_core.c asm/fips-ax86-elf.s fips_aes_selftest.c
29LIBOBJ=$(FIPS_AES_ENC) fips_aes_selftest.o
30
31SRC= $(LIBSRC)
32
33EXHEADER=
34HEADER= $(EXHEADER) fips_aes_locl.h
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 @echo $(LIBOBJ) > lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
48
49links:
50 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
51 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
52 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TESTDATA)
53 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
54
55install:
56 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67fips_test:
68 -find ../testvectors/aes/req -name '*.req' > testlist
69 -rm -rf ../testvectors/aes/rsp
70 mkdir ../testvectors/aes/rsp
71 if [ -s testlist ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_aesavs -d testlist; fi
72
73lint:
74 lint -DLINT $(INCLUDES) $(SRC)>fluff
75
76depend:
77 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \
78 $(SRC) $(TEST)
79
80dclean:
81 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
82 mv -f Makefile.new $(MAKEFILE)
83
84clean:
85 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
86# DO NOT DELETE THIS LINE -- make depend depends on it.
87
88fips_aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
89fips_aes_core.o: ../../include/openssl/fips.h
90fips_aes_core.o: ../../include/openssl/opensslconf.h fips_aes_core.c
91fips_aes_core.o: fips_aes_locl.h
92fips_aes_selftest.o: ../../include/openssl/aes.h ../../include/openssl/bio.h
93fips_aes_selftest.o: ../../include/openssl/crypto.h
94fips_aes_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
95fips_aes_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
96fips_aes_selftest.o: ../../include/openssl/opensslconf.h
97fips_aes_selftest.o: ../../include/openssl/opensslv.h
98fips_aes_selftest.o: ../../include/openssl/safestack.h
99fips_aes_selftest.o: ../../include/openssl/stack.h
100fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c
101fips_aesavs.o: ../../e_os.h ../../include/openssl/aes.h
102fips_aesavs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
103fips_aesavs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
104fips_aesavs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
105fips_aesavs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
106fips_aesavs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
107fips_aesavs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
108fips_aesavs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
109fips_aesavs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
110fips_aesavs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
111fips_aesavs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
112fips_aesavs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
113fips_aesavs.o: ../../include/openssl/opensslconf.h
114fips_aesavs.o: ../../include/openssl/opensslv.h
115fips_aesavs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
116fips_aesavs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
117fips_aesavs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
118fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
119fips_aesavs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
120fips_aesavs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
121fips_aesavs.o: fips_aesavs.c
diff --git a/src/lib/libssl/src/fips-1.0/aes/asm/fips-ax86-elf.s b/src/lib/libssl/src/fips-1.0/aes/asm/fips-ax86-elf.s
new file mode 100644
index 0000000000..a3aa8fa9d9
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/aes/asm/fips-ax86-elf.s
@@ -0,0 +1,1711 @@
1
2
3
4
5
6
7 .file "aes-586.s"
8.globl AES_Te
9.text
10.globl _x86_AES_encrypt
11.type _x86_AES_encrypt,@function
12.align 16
13_x86_AES_encrypt:
14 movl %edi, 12(%esp)
15 xorl (%edi), %eax
16 xorl 4(%edi), %ebx
17 xorl 8(%edi), %ecx
18 xorl 12(%edi), %edx
19 movl 240(%edi), %esi
20 leal -2(%esi,%esi), %esi
21 leal (%edi,%esi,8), %esi
22 movl %esi, 16(%esp)
23.align 4
24.L000loop:
25 movl %eax, %esi
26 andl $255, %esi
27 movl (%ebp,%esi,8), %esi
28 movzbl %bh, %edi
29 xorl 3(%ebp,%edi,8), %esi
30 movl %ecx, %edi
31 shrl $16, %edi
32 andl $255, %edi
33 xorl 2(%ebp,%edi,8), %esi
34 movl %edx, %edi
35 shrl $24, %edi
36 xorl 1(%ebp,%edi,8), %esi
37 movl %esi, 4(%esp)
38
39 movl %ebx, %esi
40 andl $255, %esi
41 shrl $16, %ebx
42 movl (%ebp,%esi,8), %esi
43 movzbl %ch, %edi
44 xorl 3(%ebp,%edi,8), %esi
45 movl %edx, %edi
46 shrl $16, %edi
47 andl $255, %edi
48 xorl 2(%ebp,%edi,8), %esi
49 movl %eax, %edi
50 shrl $24, %edi
51 xorl 1(%ebp,%edi,8), %esi
52 movl %esi, 8(%esp)
53
54 movl %ecx, %esi
55 andl $255, %esi
56 shrl $24, %ecx
57 movl (%ebp,%esi,8), %esi
58 movzbl %dh, %edi
59 xorl 3(%ebp,%edi,8), %esi
60 movl %eax, %edi
61 shrl $16, %edi
62 andl $255, %edx
63 andl $255, %edi
64 xorl 2(%ebp,%edi,8), %esi
65 movzbl %bh, %edi
66 xorl 1(%ebp,%edi,8), %esi
67
68 movl 12(%esp), %edi
69 movl (%ebp,%edx,8), %edx
70 movzbl %ah, %eax
71 xorl 3(%ebp,%eax,8), %edx
72 movl 4(%esp), %eax
73 andl $255, %ebx
74 xorl 2(%ebp,%ebx,8), %edx
75 movl 8(%esp), %ebx
76 xorl 1(%ebp,%ecx,8), %edx
77 movl %esi, %ecx
78
79 addl $16, %edi
80 xorl (%edi), %eax
81 xorl 4(%edi), %ebx
82 xorl 8(%edi), %ecx
83 xorl 12(%edi), %edx
84 cmpl 16(%esp), %edi
85 movl %edi, 12(%esp)
86 jb .L000loop
87 movl %eax, %esi
88 andl $255, %esi
89 movl 2(%ebp,%esi,8), %esi
90 andl $255, %esi
91 movzbl %bh, %edi
92 movl (%ebp,%edi,8), %edi
93 andl $65280, %edi
94 xorl %edi, %esi
95 movl %ecx, %edi
96 shrl $16, %edi
97 andl $255, %edi
98 movl (%ebp,%edi,8), %edi
99 andl $16711680, %edi
100 xorl %edi, %esi
101 movl %edx, %edi
102 shrl $24, %edi
103 movl 2(%ebp,%edi,8), %edi
104 andl $4278190080, %edi
105 xorl %edi, %esi
106 movl %esi, 4(%esp)
107 movl %ebx, %esi
108 andl $255, %esi
109 shrl $16, %ebx
110 movl 2(%ebp,%esi,8), %esi
111 andl $255, %esi
112 movzbl %ch, %edi
113 movl (%ebp,%edi,8), %edi
114 andl $65280, %edi
115 xorl %edi, %esi
116 movl %edx, %edi
117 shrl $16, %edi
118 andl $255, %edi
119 movl (%ebp,%edi,8), %edi
120 andl $16711680, %edi
121 xorl %edi, %esi
122 movl %eax, %edi
123 shrl $24, %edi
124 movl 2(%ebp,%edi,8), %edi
125 andl $4278190080, %edi
126 xorl %edi, %esi
127 movl %esi, 8(%esp)
128 movl %ecx, %esi
129 andl $255, %esi
130 shrl $24, %ecx
131 movl 2(%ebp,%esi,8), %esi
132 andl $255, %esi
133 movzbl %dh, %edi
134 movl (%ebp,%edi,8), %edi
135 andl $65280, %edi
136 xorl %edi, %esi
137 movl %eax, %edi
138 shrl $16, %edi
139 andl $255, %edx
140 andl $255, %edi
141 movl (%ebp,%edi,8), %edi
142 andl $16711680, %edi
143 xorl %edi, %esi
144 movzbl %bh, %edi
145 movl 2(%ebp,%edi,8), %edi
146 andl $4278190080, %edi
147 xorl %edi, %esi
148 movl 12(%esp), %edi
149 andl $255, %edx
150 movl 2(%ebp,%edx,8), %edx
151 andl $255, %edx
152 movzbl %ah, %eax
153 movl (%ebp,%eax,8), %eax
154 andl $65280, %eax
155 xorl %eax, %edx
156 movl 4(%esp), %eax
157 andl $255, %ebx
158 movl (%ebp,%ebx,8), %ebx
159 andl $16711680, %ebx
160 xorl %ebx, %edx
161 movl 8(%esp), %ebx
162 movl 2(%ebp,%ecx,8), %ecx
163 andl $4278190080, %ecx
164 xorl %ecx, %edx
165 movl %esi, %ecx
166 addl $16, %edi
167 xorl (%edi), %eax
168 xorl 4(%edi), %ebx
169 xorl 8(%edi), %ecx
170 xorl 12(%edi), %edx
171 ret
172.align 64
173AES_Te:
174 .long 2774754246,2774754246
175 .long 2222750968,2222750968
176 .long 2574743534,2574743534
177 .long 2373680118,2373680118
178 .long 234025727,234025727
179 .long 3177933782,3177933782
180 .long 2976870366,2976870366
181 .long 1422247313,1422247313
182 .long 1345335392,1345335392
183 .long 50397442,50397442
184 .long 2842126286,2842126286
185 .long 2099981142,2099981142
186 .long 436141799,436141799
187 .long 1658312629,1658312629
188 .long 3870010189,3870010189
189 .long 2591454956,2591454956
190 .long 1170918031,1170918031
191 .long 2642575903,2642575903
192 .long 1086966153,1086966153
193 .long 2273148410,2273148410
194 .long 368769775,368769775
195 .long 3948501426,3948501426
196 .long 3376891790,3376891790
197 .long 200339707,200339707
198 .long 3970805057,3970805057
199 .long 1742001331,1742001331
200 .long 4255294047,4255294047
201 .long 3937382213,3937382213
202 .long 3214711843,3214711843
203 .long 4154762323,4154762323
204 .long 2524082916,2524082916
205 .long 1539358875,1539358875
206 .long 3266819957,3266819957
207 .long 486407649,486407649
208 .long 2928907069,2928907069
209 .long 1780885068,1780885068
210 .long 1513502316,1513502316
211 .long 1094664062,1094664062
212 .long 49805301,49805301
213 .long 1338821763,1338821763
214 .long 1546925160,1546925160
215 .long 4104496465,4104496465
216 .long 887481809,887481809
217 .long 150073849,150073849
218 .long 2473685474,2473685474
219 .long 1943591083,1943591083
220 .long 1395732834,1395732834
221 .long 1058346282,1058346282
222 .long 201589768,201589768
223 .long 1388824469,1388824469
224 .long 1696801606,1696801606
225 .long 1589887901,1589887901
226 .long 672667696,672667696
227 .long 2711000631,2711000631
228 .long 251987210,251987210
229 .long 3046808111,3046808111
230 .long 151455502,151455502
231 .long 907153956,907153956
232 .long 2608889883,2608889883
233 .long 1038279391,1038279391
234 .long 652995533,652995533
235 .long 1764173646,1764173646
236 .long 3451040383,3451040383
237 .long 2675275242,2675275242
238 .long 453576978,453576978
239 .long 2659418909,2659418909
240 .long 1949051992,1949051992
241 .long 773462580,773462580
242 .long 756751158,756751158
243 .long 2993581788,2993581788
244 .long 3998898868,3998898868
245 .long 4221608027,4221608027
246 .long 4132590244,4132590244
247 .long 1295727478,1295727478
248 .long 1641469623,1641469623
249 .long 3467883389,3467883389
250 .long 2066295122,2066295122
251 .long 1055122397,1055122397
252 .long 1898917726,1898917726
253 .long 2542044179,2542044179
254 .long 4115878822,4115878822
255 .long 1758581177,1758581177
256 .long 0,0
257 .long 753790401,753790401
258 .long 1612718144,1612718144
259 .long 536673507,536673507
260 .long 3367088505,3367088505
261 .long 3982187446,3982187446
262 .long 3194645204,3194645204
263 .long 1187761037,1187761037
264 .long 3653156455,3653156455
265 .long 1262041458,1262041458
266 .long 3729410708,3729410708
267 .long 3561770136,3561770136
268 .long 3898103984,3898103984
269 .long 1255133061,1255133061
270 .long 1808847035,1808847035
271 .long 720367557,720367557
272 .long 3853167183,3853167183
273 .long 385612781,385612781
274 .long 3309519750,3309519750
275 .long 3612167578,3612167578
276 .long 1429418854,1429418854
277 .long 2491778321,2491778321
278 .long 3477423498,3477423498
279 .long 284817897,284817897
280 .long 100794884,100794884
281 .long 2172616702,2172616702
282 .long 4031795360,4031795360
283 .long 1144798328,1144798328
284 .long 3131023141,3131023141
285 .long 3819481163,3819481163
286 .long 4082192802,4082192802
287 .long 4272137053,4272137053
288 .long 3225436288,3225436288
289 .long 2324664069,2324664069
290 .long 2912064063,2912064063
291 .long 3164445985,3164445985
292 .long 1211644016,1211644016
293 .long 83228145,83228145
294 .long 3753688163,3753688163
295 .long 3249976951,3249976951
296 .long 1977277103,1977277103
297 .long 1663115586,1663115586
298 .long 806359072,806359072
299 .long 452984805,452984805
300 .long 250868733,250868733
301 .long 1842533055,1842533055
302 .long 1288555905,1288555905
303 .long 336333848,336333848
304 .long 890442534,890442534
305 .long 804056259,804056259
306 .long 3781124030,3781124030
307 .long 2727843637,2727843637
308 .long 3427026056,3427026056
309 .long 957814574,957814574
310 .long 1472513171,1472513171
311 .long 4071073621,4071073621
312 .long 2189328124,2189328124
313 .long 1195195770,1195195770
314 .long 2892260552,2892260552
315 .long 3881655738,3881655738
316 .long 723065138,723065138
317 .long 2507371494,2507371494
318 .long 2690670784,2690670784
319 .long 2558624025,2558624025
320 .long 3511635870,3511635870
321 .long 2145180835,2145180835
322 .long 1713513028,1713513028
323 .long 2116692564,2116692564
324 .long 2878378043,2878378043
325 .long 2206763019,2206763019
326 .long 3393603212,3393603212
327 .long 703524551,703524551
328 .long 3552098411,3552098411
329 .long 1007948840,1007948840
330 .long 2044649127,2044649127
331 .long 3797835452,3797835452
332 .long 487262998,487262998
333 .long 1994120109,1994120109
334 .long 1004593371,1004593371
335 .long 1446130276,1446130276
336 .long 1312438900,1312438900
337 .long 503974420,503974420
338 .long 3679013266,3679013266
339 .long 168166924,168166924
340 .long 1814307912,1814307912
341 .long 3831258296,3831258296
342 .long 1573044895,1573044895
343 .long 1859376061,1859376061
344 .long 4021070915,4021070915
345 .long 2791465668,2791465668
346 .long 2828112185,2828112185
347 .long 2761266481,2761266481
348 .long 937747667,937747667
349 .long 2339994098,2339994098
350 .long 854058965,854058965
351 .long 1137232011,1137232011
352 .long 1496790894,1496790894
353 .long 3077402074,3077402074
354 .long 2358086913,2358086913
355 .long 1691735473,1691735473
356 .long 3528347292,3528347292
357 .long 3769215305,3769215305
358 .long 3027004632,3027004632
359 .long 4199962284,4199962284
360 .long 133494003,133494003
361 .long 636152527,636152527
362 .long 2942657994,2942657994
363 .long 2390391540,2390391540
364 .long 3920539207,3920539207
365 .long 403179536,403179536
366 .long 3585784431,3585784431
367 .long 2289596656,2289596656
368 .long 1864705354,1864705354
369 .long 1915629148,1915629148
370 .long 605822008,605822008
371 .long 4054230615,4054230615
372 .long 3350508659,3350508659
373 .long 1371981463,1371981463
374 .long 602466507,602466507
375 .long 2094914977,2094914977
376 .long 2624877800,2624877800
377 .long 555687742,555687742
378 .long 3712699286,3712699286
379 .long 3703422305,3703422305
380 .long 2257292045,2257292045
381 .long 2240449039,2240449039
382 .long 2423288032,2423288032
383 .long 1111375484,1111375484
384 .long 3300242801,3300242801
385 .long 2858837708,2858837708
386 .long 3628615824,3628615824
387 .long 84083462,84083462
388 .long 32962295,32962295
389 .long 302911004,302911004
390 .long 2741068226,2741068226
391 .long 1597322602,1597322602
392 .long 4183250862,4183250862
393 .long 3501832553,3501832553
394 .long 2441512471,2441512471
395 .long 1489093017,1489093017
396 .long 656219450,656219450
397 .long 3114180135,3114180135
398 .long 954327513,954327513
399 .long 335083755,335083755
400 .long 3013122091,3013122091
401 .long 856756514,856756514
402 .long 3144247762,3144247762
403 .long 1893325225,1893325225
404 .long 2307821063,2307821063
405 .long 2811532339,2811532339
406 .long 3063651117,3063651117
407 .long 572399164,572399164
408 .long 2458355477,2458355477
409 .long 552200649,552200649
410 .long 1238290055,1238290055
411 .long 4283782570,4283782570
412 .long 2015897680,2015897680
413 .long 2061492133,2061492133
414 .long 2408352771,2408352771
415 .long 4171342169,4171342169
416 .long 2156497161,2156497161
417 .long 386731290,386731290
418 .long 3669999461,3669999461
419 .long 837215959,837215959
420 .long 3326231172,3326231172
421 .long 3093850320,3093850320
422 .long 3275833730,3275833730
423 .long 2962856233,2962856233
424 .long 1999449434,1999449434
425 .long 286199582,286199582
426 .long 3417354363,3417354363
427 .long 4233385128,4233385128
428 .long 3602627437,3602627437
429 .long 974525996,974525996
430 .long 1,2,4,8
431 .long 16,32,64,128
432 .long 27,54,0,0,
433 .long 0,0,0,0
434.L__x86_AES_encrypt_end:
435.size _x86_AES_encrypt,.L__x86_AES_encrypt_end-_x86_AES_encrypt
436.ident "_x86_AES_encrypt"
437.globl AES_Te
438.text
439.globl AES_encrypt
440.type AES_encrypt,@function
441.align 16
442AES_encrypt:
443 pushl %ebp
444 pushl %ebx
445 pushl %esi
446 pushl %edi
447
448 movl 20(%esp), %esi
449 movl 28(%esp), %edi
450 movl %esp, %eax
451 subl $24, %esp
452 andl $-64, %esp
453 addl $4, %esp
454 movl %eax, 16(%esp)
455 call .L001pic_point
456.L001pic_point:
457 popl %ebp
458 leal AES_Te-.L001pic_point(%ebp),%ebp
459 movl (%esi), %eax
460 movl 4(%esi), %ebx
461 movl 8(%esi), %ecx
462 movl 12(%esi), %edx
463 call _x86_AES_encrypt
464 movl 16(%esp), %esp
465 movl 24(%esp), %esi
466 movl %eax, (%esi)
467 movl %ebx, 4(%esi)
468 movl %ecx, 8(%esi)
469 movl %edx, 12(%esi)
470 popl %edi
471 popl %esi
472 popl %ebx
473 popl %ebp
474 ret
475.L_AES_encrypt_end:
476.size AES_encrypt,.L_AES_encrypt_end-AES_encrypt
477.ident "AES_encrypt"
478.globl AES_Td
479.text
480.globl _x86_AES_decrypt
481.type _x86_AES_decrypt,@function
482.align 16
483_x86_AES_decrypt:
484 movl %edi, 12(%esp)
485 xorl (%edi), %eax
486 xorl 4(%edi), %ebx
487 xorl 8(%edi), %ecx
488 xorl 12(%edi), %edx
489 movl 240(%edi), %esi
490 leal -2(%esi,%esi), %esi
491 leal (%edi,%esi,8), %esi
492 movl %esi, 16(%esp)
493.align 4
494.L002loop:
495 movl %eax, %esi
496 andl $255, %esi
497 movl (%ebp,%esi,8), %esi
498 movzbl %dh, %edi
499 xorl 3(%ebp,%edi,8), %esi
500 movl %ecx, %edi
501 shrl $16, %edi
502 andl $255, %edi
503 xorl 2(%ebp,%edi,8), %esi
504 movl %ebx, %edi
505 shrl $24, %edi
506 xorl 1(%ebp,%edi,8), %esi
507 movl %esi, 4(%esp)
508
509 movl %ebx, %esi
510 andl $255, %esi
511 movl (%ebp,%esi,8), %esi
512 movzbl %ah, %edi
513 xorl 3(%ebp,%edi,8), %esi
514 movl %edx, %edi
515 shrl $16, %edi
516 andl $255, %edi
517 xorl 2(%ebp,%edi,8), %esi
518 movl %ecx, %edi
519 shrl $24, %edi
520 xorl 1(%ebp,%edi,8), %esi
521 movl %esi, 8(%esp)
522
523 movl %ecx, %esi
524 andl $255, %esi
525 movl (%ebp,%esi,8), %esi
526 movzbl %bh, %edi
527 xorl 3(%ebp,%edi,8), %esi
528 movl %eax, %edi
529 shrl $16, %edi
530 andl $255, %edi
531 xorl 2(%ebp,%edi,8), %esi
532 movl %edx, %edi
533 shrl $24, %edi
534 xorl 1(%ebp,%edi,8), %esi
535
536 movl 12(%esp), %edi
537 andl $255, %edx
538 movl (%ebp,%edx,8), %edx
539 movzbl %ch, %ecx
540 xorl 3(%ebp,%ecx,8), %edx
541 movl %esi, %ecx
542 shrl $16, %ebx
543 andl $255, %ebx
544 xorl 2(%ebp,%ebx,8), %edx
545 movl 8(%esp), %ebx
546 shrl $24, %eax
547 xorl 1(%ebp,%eax,8), %edx
548 movl 4(%esp), %eax
549
550 addl $16, %edi
551 xorl (%edi), %eax
552 xorl 4(%edi), %ebx
553 xorl 8(%edi), %ecx
554 xorl 12(%edi), %edx
555 cmpl 16(%esp), %edi
556 movl %edi, 12(%esp)
557 jb .L002loop
558 movl %eax, %esi
559 andl $255, %esi
560 movl 2048(%ebp,%esi,4),%esi
561 andl $255, %esi
562 movzbl %dh, %edi
563 movl 2048(%ebp,%edi,4),%edi
564 andl $65280, %edi
565 xorl %edi, %esi
566 movl %ecx, %edi
567 shrl $16, %edi
568 andl $255, %edi
569 movl 2048(%ebp,%edi,4),%edi
570 andl $16711680, %edi
571 xorl %edi, %esi
572 movl %ebx, %edi
573 shrl $24, %edi
574 movl 2048(%ebp,%edi,4),%edi
575 andl $4278190080, %edi
576 xorl %edi, %esi
577 movl %esi, 4(%esp)
578 movl %ebx, %esi
579 andl $255, %esi
580 movl 2048(%ebp,%esi,4),%esi
581 andl $255, %esi
582 movzbl %ah, %edi
583 movl 2048(%ebp,%edi,4),%edi
584 andl $65280, %edi
585 xorl %edi, %esi
586 movl %edx, %edi
587 shrl $16, %edi
588 andl $255, %edi
589 movl 2048(%ebp,%edi,4),%edi
590 andl $16711680, %edi
591 xorl %edi, %esi
592 movl %ecx, %edi
593 shrl $24, %edi
594 movl 2048(%ebp,%edi,4),%edi
595 andl $4278190080, %edi
596 xorl %edi, %esi
597 movl %esi, 8(%esp)
598 movl %ecx, %esi
599 andl $255, %esi
600 movl 2048(%ebp,%esi,4),%esi
601 andl $255, %esi
602 movzbl %bh, %edi
603 movl 2048(%ebp,%edi,4),%edi
604 andl $65280, %edi
605 xorl %edi, %esi
606 movl %eax, %edi
607 shrl $16, %edi
608 andl $255, %edi
609 movl 2048(%ebp,%edi,4),%edi
610 andl $16711680, %edi
611 xorl %edi, %esi
612 movl %edx, %edi
613 shrl $24, %edi
614 movl 2048(%ebp,%edi,4),%edi
615 andl $4278190080, %edi
616 xorl %edi, %esi
617 movl 12(%esp), %edi
618 andl $255, %edx
619 movl 2048(%ebp,%edx,4),%edx
620 andl $255, %edx
621 movzbl %ch, %ecx
622 movl 2048(%ebp,%ecx,4),%ecx
623 andl $65280, %ecx
624 xorl %ecx, %edx
625 movl %esi, %ecx
626 shrl $16, %ebx
627 andl $255, %ebx
628 movl 2048(%ebp,%ebx,4),%ebx
629 andl $16711680, %ebx
630 xorl %ebx, %edx
631 movl 8(%esp), %ebx
632 shrl $24, %eax
633 movl 2048(%ebp,%eax,4),%eax
634 andl $4278190080, %eax
635 xorl %eax, %edx
636 movl 4(%esp), %eax
637 addl $16, %edi
638 xorl (%edi), %eax
639 xorl 4(%edi), %ebx
640 xorl 8(%edi), %ecx
641 xorl 12(%edi), %edx
642 ret
643.align 64
644AES_Td:
645 .long 1353184337,1353184337
646 .long 1399144830,1399144830
647 .long 3282310938,3282310938
648 .long 2522752826,2522752826
649 .long 3412831035,3412831035
650 .long 4047871263,4047871263
651 .long 2874735276,2874735276
652 .long 2466505547,2466505547
653 .long 1442459680,1442459680
654 .long 4134368941,4134368941
655 .long 2440481928,2440481928
656 .long 625738485,625738485
657 .long 4242007375,4242007375
658 .long 3620416197,3620416197
659 .long 2151953702,2151953702
660 .long 2409849525,2409849525
661 .long 1230680542,1230680542
662 .long 1729870373,1729870373
663 .long 2551114309,2551114309
664 .long 3787521629,3787521629
665 .long 41234371,41234371
666 .long 317738113,317738113
667 .long 2744600205,2744600205
668 .long 3338261355,3338261355
669 .long 3881799427,3881799427
670 .long 2510066197,2510066197
671 .long 3950669247,3950669247
672 .long 3663286933,3663286933
673 .long 763608788,763608788
674 .long 3542185048,3542185048
675 .long 694804553,694804553
676 .long 1154009486,1154009486
677 .long 1787413109,1787413109
678 .long 2021232372,2021232372
679 .long 1799248025,1799248025
680 .long 3715217703,3715217703
681 .long 3058688446,3058688446
682 .long 397248752,397248752
683 .long 1722556617,1722556617
684 .long 3023752829,3023752829
685 .long 407560035,407560035
686 .long 2184256229,2184256229
687 .long 1613975959,1613975959
688 .long 1165972322,1165972322
689 .long 3765920945,3765920945
690 .long 2226023355,2226023355
691 .long 480281086,480281086
692 .long 2485848313,2485848313
693 .long 1483229296,1483229296
694 .long 436028815,436028815
695 .long 2272059028,2272059028
696 .long 3086515026,3086515026
697 .long 601060267,601060267
698 .long 3791801202,3791801202
699 .long 1468997603,1468997603
700 .long 715871590,715871590
701 .long 120122290,120122290
702 .long 63092015,63092015
703 .long 2591802758,2591802758
704 .long 2768779219,2768779219
705 .long 4068943920,4068943920
706 .long 2997206819,2997206819
707 .long 3127509762,3127509762
708 .long 1552029421,1552029421
709 .long 723308426,723308426
710 .long 2461301159,2461301159
711 .long 4042393587,4042393587
712 .long 2715969870,2715969870
713 .long 3455375973,3455375973
714 .long 3586000134,3586000134
715 .long 526529745,526529745
716 .long 2331944644,2331944644
717 .long 2639474228,2639474228
718 .long 2689987490,2689987490
719 .long 853641733,853641733
720 .long 1978398372,1978398372
721 .long 971801355,971801355
722 .long 2867814464,2867814464
723 .long 111112542,111112542
724 .long 1360031421,1360031421
725 .long 4186579262,4186579262
726 .long 1023860118,1023860118
727 .long 2919579357,2919579357
728 .long 1186850381,1186850381
729 .long 3045938321,3045938321
730 .long 90031217,90031217
731 .long 1876166148,1876166148
732 .long 4279586912,4279586912
733 .long 620468249,620468249
734 .long 2548678102,2548678102
735 .long 3426959497,3426959497
736 .long 2006899047,2006899047
737 .long 3175278768,3175278768
738 .long 2290845959,2290845959
739 .long 945494503,945494503
740 .long 3689859193,3689859193
741 .long 1191869601,1191869601
742 .long 3910091388,3910091388
743 .long 3374220536,3374220536
744 .long 0,0
745 .long 2206629897,2206629897
746 .long 1223502642,1223502642
747 .long 2893025566,2893025566
748 .long 1316117100,1316117100
749 .long 4227796733,4227796733
750 .long 1446544655,1446544655
751 .long 517320253,517320253
752 .long 658058550,658058550
753 .long 1691946762,1691946762
754 .long 564550760,564550760
755 .long 3511966619,3511966619
756 .long 976107044,976107044
757 .long 2976320012,2976320012
758 .long 266819475,266819475
759 .long 3533106868,3533106868
760 .long 2660342555,2660342555
761 .long 1338359936,1338359936
762 .long 2720062561,2720062561
763 .long 1766553434,1766553434
764 .long 370807324,370807324
765 .long 179999714,179999714
766 .long 3844776128,3844776128
767 .long 1138762300,1138762300
768 .long 488053522,488053522
769 .long 185403662,185403662
770 .long 2915535858,2915535858
771 .long 3114841645,3114841645
772 .long 3366526484,3366526484
773 .long 2233069911,2233069911
774 .long 1275557295,1275557295
775 .long 3151862254,3151862254
776 .long 4250959779,4250959779
777 .long 2670068215,2670068215
778 .long 3170202204,3170202204
779 .long 3309004356,3309004356
780 .long 880737115,880737115
781 .long 1982415755,1982415755
782 .long 3703972811,3703972811
783 .long 1761406390,1761406390
784 .long 1676797112,1676797112
785 .long 3403428311,3403428311
786 .long 277177154,277177154
787 .long 1076008723,1076008723
788 .long 538035844,538035844
789 .long 2099530373,2099530373
790 .long 4164795346,4164795346
791 .long 288553390,288553390
792 .long 1839278535,1839278535
793 .long 1261411869,1261411869
794 .long 4080055004,4080055004
795 .long 3964831245,3964831245
796 .long 3504587127,3504587127
797 .long 1813426987,1813426987
798 .long 2579067049,2579067049
799 .long 4199060497,4199060497
800 .long 577038663,577038663
801 .long 3297574056,3297574056
802 .long 440397984,440397984
803 .long 3626794326,3626794326
804 .long 4019204898,4019204898
805 .long 3343796615,3343796615
806 .long 3251714265,3251714265
807 .long 4272081548,4272081548
808 .long 906744984,906744984
809 .long 3481400742,3481400742
810 .long 685669029,685669029
811 .long 646887386,646887386
812 .long 2764025151,2764025151
813 .long 3835509292,3835509292
814 .long 227702864,227702864
815 .long 2613862250,2613862250
816 .long 1648787028,1648787028
817 .long 3256061430,3256061430
818 .long 3904428176,3904428176
819 .long 1593260334,1593260334
820 .long 4121936770,4121936770
821 .long 3196083615,3196083615
822 .long 2090061929,2090061929
823 .long 2838353263,2838353263
824 .long 3004310991,3004310991
825 .long 999926984,999926984
826 .long 2809993232,2809993232
827 .long 1852021992,1852021992
828 .long 2075868123,2075868123
829 .long 158869197,158869197
830 .long 4095236462,4095236462
831 .long 28809964,28809964
832 .long 2828685187,2828685187
833 .long 1701746150,1701746150
834 .long 2129067946,2129067946
835 .long 147831841,147831841
836 .long 3873969647,3873969647
837 .long 3650873274,3650873274
838 .long 3459673930,3459673930
839 .long 3557400554,3557400554
840 .long 3598495785,3598495785
841 .long 2947720241,2947720241
842 .long 824393514,824393514
843 .long 815048134,815048134
844 .long 3227951669,3227951669
845 .long 935087732,935087732
846 .long 2798289660,2798289660
847 .long 2966458592,2966458592
848 .long 366520115,366520115
849 .long 1251476721,1251476721
850 .long 4158319681,4158319681
851 .long 240176511,240176511
852 .long 804688151,804688151
853 .long 2379631990,2379631990
854 .long 1303441219,1303441219
855 .long 1414376140,1414376140
856 .long 3741619940,3741619940
857 .long 3820343710,3820343710
858 .long 461924940,461924940
859 .long 3089050817,3089050817
860 .long 2136040774,2136040774
861 .long 82468509,82468509
862 .long 1563790337,1563790337
863 .long 1937016826,1937016826
864 .long 776014843,776014843
865 .long 1511876531,1511876531
866 .long 1389550482,1389550482
867 .long 861278441,861278441
868 .long 323475053,323475053
869 .long 2355222426,2355222426
870 .long 2047648055,2047648055
871 .long 2383738969,2383738969
872 .long 2302415851,2302415851
873 .long 3995576782,3995576782
874 .long 902390199,902390199
875 .long 3991215329,3991215329
876 .long 1018251130,1018251130
877 .long 1507840668,1507840668
878 .long 1064563285,1064563285
879 .long 2043548696,2043548696
880 .long 3208103795,3208103795
881 .long 3939366739,3939366739
882 .long 1537932639,1537932639
883 .long 342834655,342834655
884 .long 2262516856,2262516856
885 .long 2180231114,2180231114
886 .long 1053059257,1053059257
887 .long 741614648,741614648
888 .long 1598071746,1598071746
889 .long 1925389590,1925389590
890 .long 203809468,203809468
891 .long 2336832552,2336832552
892 .long 1100287487,1100287487
893 .long 1895934009,1895934009
894 .long 3736275976,3736275976
895 .long 2632234200,2632234200
896 .long 2428589668,2428589668
897 .long 1636092795,1636092795
898 .long 1890988757,1890988757
899 .long 1952214088,1952214088
900 .long 1113045200,1113045200
901 .long 1381126738,151587081,1785358954,3587560917
902 .long 808464432,909522486,2779096485,943208504
903 .long 3217014719,1077952576,2745410467,2661195422
904 .long 2172748161,4092851187,3621246935,4227595259
905 .long 2088533116,3823363043,960051513,2189591170
906 .long 2610666395,791621423,4294967295,2273806215
907 .long 875836468,2391707278,1128481603,1145324612
908 .long 3301229764,3739147998,3924421097,3419130827
909 .long 1414812756,2071690107,2492765332,842150450
910 .long 2795939494,3267543746,589505315,1027423549
911 .long 4008636142,1280068684,2509608341,185273099
912 .long 1111638594,4210752250,3284386755,1313754702
913 .long 134744072,774778414,2711724449,1717986918
914 .long 673720360,3654932953,606348324,2998055602
915 .long 1987475062,1532713819,2728567458,1229539657
916 .long 1835887981,2341178251,3520188881,623191333
917 .long 1920103026,4177066232,4143380214,1684300900
918 .long 2256963206,1751672936,2560137368,370546198
919 .long 3570717908,2762253476,1549556828,3435973836
920 .long 1566399837,1701143909,3065427638,2459079314
921 .long 1819044972,1886417008,1212696648,1347440720
922 .long 4261281277,3991793133,3115956665,3671775962
923 .long 1583242846,353703189,1179010630,1465341783
924 .long 2812782503,2374864269,2644352413,2223277188
925 .long 2425393296,3638089944,2880154539,0
926 .long 2358021260,3166485692,3553874899,168430090
927 .long 4160223223,3840206052,1482184792,84215045
928 .long 3099113656,3014898611,1162167621,101058054
929 .long 3503345872,741092396,505290270,2408550287
930 .long 3402287818,1061109567,252645135,33686018
931 .long 3250700737,2947526575,3183328701,50529027
932 .long 16843009,320017171,2324335242,1802201963
933 .long 976894522,2442236305,286331153,1094795585
934 .long 1330597711,1734829927,3705461980,3941264106
935 .long 2543294359,4076008178,3486502863,3469659854
936 .long 4042322160,3031741620,3873892070,1936946035
937 .long 2526451350,2896997548,1953789044,572662306
938 .long 3890735079,2913840557,892679477,2240120197
939 .long 3806520034,4193909241,926365495,3907578088
940 .long 471604252,1970632053,3755991007,1852730990
941 .long 1195853639,4059165169,437918234,1903260017
942 .long 488447261,690563369,3318072773,2307492233
943 .long 1869573999,3082270647,1650614882,235802126
944 .long 2863311530,404232216,3200171710,454761243
945 .long 4244438268,1448498774,1044266558,1263225675
946 .long 3334915782,3537031890,2038004089,538976288
947 .long 2593823386,3688618971,3233857728,4278124286
948 .long 2021161080,3452816845,1515870810,4109694196
949 .long 522133279,3722304989,2829625512,858993459
950 .long 2290649224,117901063,3351758791,825307441
951 .long 2981212593,303174162,269488144,1499027801
952 .long 656877351,2155905152,3974950124,1600085855
953 .long 1616928864,1364283729,2139062143,2846468521
954 .long 421075225,3048584629,1246382666,218959117
955 .long 757935405,3857049061,2054847098,2678038431
956 .long 2475922323,3385444809,2627509404,4025479151
957 .long 2694881440,3772834016,993737531,1296911693
958 .long 2930683566,707406378,4126537205,2964369584
959 .long 3368601800,3958107115,3149642683,1010580540
960 .long 2206434179,1397969747,2576980377,1633771873
961 .long 387389207,724249387,67372036,2122219134
962 .long 3132799674,2004318071,3604403926,640034342
963 .long 3789677025,1768515945,336860180,1667457891
964 .long 1431655765,555819297,202116108,2105376125
965.L__x86_AES_decrypt_end:
966.size _x86_AES_decrypt,.L__x86_AES_decrypt_end-_x86_AES_decrypt
967.ident "_x86_AES_decrypt"
968.globl AES_Td
969.text
970.globl AES_decrypt
971.type AES_decrypt,@function
972.align 16
973AES_decrypt:
974 pushl %ebp
975 pushl %ebx
976 pushl %esi
977 pushl %edi
978
979 movl 20(%esp), %esi
980 movl 28(%esp), %edi
981 movl %esp, %eax
982 subl $24, %esp
983 andl $-64, %esp
984 addl $4, %esp
985 movl %eax, 16(%esp)
986 call .L003pic_point
987.L003pic_point:
988 popl %ebp
989 leal AES_Td-.L003pic_point(%ebp),%ebp
990 movl (%esi), %eax
991 movl 4(%esi), %ebx
992 movl 8(%esi), %ecx
993 movl 12(%esi), %edx
994 call _x86_AES_decrypt
995 movl 16(%esp), %esp
996 movl 24(%esp), %esi
997 movl %eax, (%esi)
998 movl %ebx, 4(%esi)
999 movl %ecx, 8(%esi)
1000 movl %edx, 12(%esi)
1001 popl %edi
1002 popl %esi
1003 popl %ebx
1004 popl %ebp
1005 ret
1006.L_AES_decrypt_end:
1007.size AES_decrypt,.L_AES_decrypt_end-AES_decrypt
1008.ident "AES_decrypt"
1009.globl AES_Te
1010.globl AES_Td
1011.text
1012.globl AES_cbc_encrypt
1013.type AES_cbc_encrypt,@function
1014.align 16
1015AES_cbc_encrypt:
1016 pushl %ebp
1017 pushl %ebx
1018 pushl %esi
1019 pushl %edi
1020
1021 movl 28(%esp), %ecx
1022 cmpl $0, %ecx
1023 je .L004enc_out
1024 call .L005pic_point
1025.L005pic_point:
1026 popl %ebp
1027 pushfl
1028 cld
1029 cmpl $0, 44(%esp)
1030 je .L006DECRYPT
1031 leal AES_Te-.L005pic_point(%ebp),%ebp
1032 leal -308(%esp), %edi
1033 andl $-64, %edi
1034 movl %ebp, %eax
1035 leal 2048(%ebp), %ebx
1036 movl %edi, %edx
1037 andl $4095, %eax
1038 andl $4095, %ebx
1039 andl $4095, %edx
1040 cmpl %ebx, %edx
1041 jb .L007te_break_out
1042 subl %ebx, %edx
1043 subl %edx, %edi
1044 jmp .L008te_ok
1045.L007te_break_out:
1046 subl %eax, %edx
1047 andl $4095, %edx
1048 addl $320, %edx
1049 subl %edx, %edi
1050.align 4
1051.L008te_ok:
1052 movl 24(%esp), %eax
1053 movl 28(%esp), %ebx
1054 movl 36(%esp), %edx
1055 movl 40(%esp), %esi
1056 xchgl %edi, %esp
1057 addl $4, %esp
1058 movl %edi, 16(%esp)
1059 movl %eax, 20(%esp)
1060 movl %ebx, 24(%esp)
1061 movl %ecx, 28(%esp)
1062 movl %edx, 32(%esp)
1063 movl %esi, 36(%esp)
1064 movl $61, %ecx
1065 movl %edx, %esi
1066 leal 60(%esp), %edi
1067 movl %edi, 32(%esp)
1068.align 4
1069 .long 4136216051
1070 movl %eax, %esi
1071 movl $16, %edi
1072.align 4
1073.L009prefetch_te:
1074 movl (%ebp), %eax
1075 movl 32(%ebp), %ebx
1076 movl 64(%ebp), %ecx
1077 movl 96(%ebp), %edx
1078 leal 128(%ebp), %ebp
1079 decl %edi
1080 jnz .L009prefetch_te
1081 subl $2048, %ebp
1082 movl 28(%esp), %ecx
1083 movl 36(%esp), %edi
1084 testl $4294967280, %ecx
1085 jz .L010enc_tail
1086 movl (%edi), %eax
1087 movl 4(%edi), %ebx
1088.align 4
1089.L011enc_loop:
1090 movl 8(%edi), %ecx
1091 movl 12(%edi), %edx
1092 xorl (%esi), %eax
1093 xorl 4(%esi), %ebx
1094 xorl 8(%esi), %ecx
1095 xorl 12(%esi), %edx
1096 movl 32(%esp), %edi
1097 call _x86_AES_encrypt
1098 movl 20(%esp), %esi
1099 movl 24(%esp), %edi
1100 movl %eax, (%edi)
1101 movl %ebx, 4(%edi)
1102 movl %ecx, 8(%edi)
1103 movl %edx, 12(%edi)
1104 movl 28(%esp), %ecx
1105 leal 16(%esi), %esi
1106 movl %esi, 20(%esp)
1107 leal 16(%edi), %edx
1108 movl %edx, 24(%esp)
1109 subl $16, %ecx
1110 testl $4294967280, %ecx
1111 movl %ecx, 28(%esp)
1112 jnz .L011enc_loop
1113 testl $15, %ecx
1114 jnz .L010enc_tail
1115 movl 36(%esp), %esi
1116 movl 8(%edi), %ecx
1117 movl 12(%edi), %edx
1118 movl %eax, (%esi)
1119 movl %ebx, 4(%esi)
1120 movl %ecx, 8(%esi)
1121 movl %edx, 12(%esi)
1122 movl 32(%esp), %edi
1123 movl 16(%esp), %esp
1124 movl $60, %ecx
1125 xorl %eax, %eax
1126.align 4
1127 .long 4136217587
1128 popfl
1129.L004enc_out:
1130 popl %edi
1131 popl %esi
1132 popl %ebx
1133 popl %ebp
1134 ret
1135 pushfl
1136.align 4
1137.L010enc_tail:
1138 pushl %edi
1139 movl 24(%esp), %edi
1140 movl $16, %ebx
1141 subl %ecx, %ebx
1142 cmpl %esi, %edi
1143 je .L012enc_in_place
1144.align 4
1145 .long 4136215795
1146 jmp .L013enc_skip_in_place
1147.L012enc_in_place:
1148 leal (%edi,%ecx), %edi
1149.L013enc_skip_in_place:
1150 movl %ebx, %ecx
1151 xorl %eax, %eax
1152.align 4
1153 .long 4136217331
1154 popl %edi
1155 movl 24(%esp), %esi
1156 movl (%edi), %eax
1157 movl 4(%edi), %ebx
1158 movl $16, 28(%esp)
1159 jmp .L011enc_loop
1160.align 4
1161.L006DECRYPT:
1162 leal AES_Td-.L005pic_point(%ebp),%ebp
1163 leal -308(%esp), %edi
1164 andl $-64, %edi
1165 movl %ebp, %eax
1166 leal 3072(%ebp), %ebx
1167 movl %edi, %edx
1168 andl $4095, %eax
1169 andl $4095, %ebx
1170 andl $4095, %edx
1171 cmpl %ebx, %edx
1172 jb .L014td_break_out
1173 subl %ebx, %edx
1174 subl %edx, %edi
1175 jmp .L015td_ok
1176.L014td_break_out:
1177 subl %eax, %edx
1178 andl $4095, %edx
1179 addl $320, %edx
1180 subl %edx, %edi
1181.align 4
1182.L015td_ok:
1183 movl 24(%esp), %eax
1184 movl 28(%esp), %ebx
1185 movl 36(%esp), %edx
1186 movl 40(%esp), %esi
1187 xchgl %edi, %esp
1188 addl $4, %esp
1189 movl %edi, 16(%esp)
1190 movl %eax, 20(%esp)
1191 movl %ebx, 24(%esp)
1192 movl %ecx, 28(%esp)
1193 movl %edx, 32(%esp)
1194 movl %esi, 36(%esp)
1195 movl $61, %ecx
1196 movl %edx, %esi
1197 leal 60(%esp), %edi
1198 movl %edi, 32(%esp)
1199.align 4
1200 .long 4136216051
1201 movl %eax, %esi
1202 movl $24, %edi
1203.align 4
1204.L016prefetch_td:
1205 movl (%ebp), %eax
1206 movl 32(%ebp), %ebx
1207 movl 64(%ebp), %ecx
1208 movl 96(%ebp), %edx
1209 leal 128(%ebp), %ebp
1210 decl %edi
1211 jnz .L016prefetch_td
1212 subl $3072, %ebp
1213 cmpl 24(%esp), %esi
1214 je .L017dec_in_place
1215 movl 36(%esp), %edi
1216 movl %edi, 40(%esp)
1217.align 4
1218.L018dec_loop:
1219 movl (%esi), %eax
1220 movl 4(%esi), %ebx
1221 movl 8(%esi), %ecx
1222 movl 12(%esi), %edx
1223 movl 32(%esp), %edi
1224 call _x86_AES_decrypt
1225 movl 40(%esp), %edi
1226 movl 28(%esp), %esi
1227 xorl (%edi), %eax
1228 xorl 4(%edi), %ebx
1229 xorl 8(%edi), %ecx
1230 xorl 12(%edi), %edx
1231 subl $16, %esi
1232 jc .L019dec_partial
1233 movl %esi, 28(%esp)
1234 movl 20(%esp), %esi
1235 movl 24(%esp), %edi
1236 movl %eax, (%edi)
1237 movl %ebx, 4(%edi)
1238 movl %ecx, 8(%edi)
1239 movl %edx, 12(%edi)
1240 movl %esi, 40(%esp)
1241 leal 16(%esi), %esi
1242 movl %esi, 20(%esp)
1243 leal 16(%edi), %edi
1244 movl %edi, 24(%esp)
1245 jnz .L018dec_loop
1246 movl 40(%esp), %edi
1247.L020dec_end:
1248 movl 36(%esp), %esi
1249 movl (%edi), %eax
1250 movl 4(%edi), %ebx
1251 movl 8(%edi), %ecx
1252 movl 12(%edi), %edx
1253 movl %eax, (%esi)
1254 movl %ebx, 4(%esi)
1255 movl %ecx, 8(%esi)
1256 movl %edx, 12(%esi)
1257 jmp .L021dec_out
1258.align 4
1259.L019dec_partial:
1260 leal 44(%esp), %edi
1261 movl %eax, (%edi)
1262 movl %ebx, 4(%edi)
1263 movl %ecx, 8(%edi)
1264 movl %edx, 12(%edi)
1265 leal 16(%esi), %ecx
1266 movl %edi, %esi
1267 movl 24(%esp), %edi
1268 .long 4136215795
1269 movl 20(%esp), %edi
1270 jmp .L020dec_end
1271.align 4
1272.L017dec_in_place:
1273.L022dec_in_place_loop:
1274 leal 44(%esp), %edi
1275 movl (%esi), %eax
1276 movl 4(%esi), %ebx
1277 movl 8(%esi), %ecx
1278 movl 12(%esi), %edx
1279 movl %eax, (%edi)
1280 movl %ebx, 4(%edi)
1281 movl %ecx, 8(%edi)
1282 movl %edx, 12(%edi)
1283 movl 32(%esp), %edi
1284 call _x86_AES_decrypt
1285 movl 36(%esp), %edi
1286 movl 24(%esp), %esi
1287 xorl (%edi), %eax
1288 xorl 4(%edi), %ebx
1289 xorl 8(%edi), %ecx
1290 xorl 12(%edi), %edx
1291 movl %eax, (%esi)
1292 movl %ebx, 4(%esi)
1293 movl %ecx, 8(%esi)
1294 movl %edx, 12(%esi)
1295 leal 16(%esi), %esi
1296 movl %esi, 24(%esp)
1297 leal 44(%esp), %esi
1298 movl (%esi), %eax
1299 movl 4(%esi), %ebx
1300 movl 8(%esi), %ecx
1301 movl 12(%esi), %edx
1302 movl %eax, (%edi)
1303 movl %ebx, 4(%edi)
1304 movl %ecx, 8(%edi)
1305 movl %edx, 12(%edi)
1306 movl 20(%esp), %esi
1307 leal 16(%esi), %esi
1308 movl %esi, 20(%esp)
1309 movl 28(%esp), %ecx
1310 subl $16, %ecx
1311 jc .L023dec_in_place_partial
1312 movl %ecx, 28(%esp)
1313 jnz .L022dec_in_place_loop
1314 jmp .L021dec_out
1315.align 4
1316.L023dec_in_place_partial:
1317 movl 24(%esp), %edi
1318 leal 44(%esp), %esi
1319 leal (%edi,%ecx), %edi
1320 leal 16(%esi,%ecx), %esi
1321 negl %ecx
1322 .long 4136215795
1323.align 4
1324.L021dec_out:
1325 movl 32(%esp), %edi
1326 movl 16(%esp), %esp
1327 movl $60, %ecx
1328 xorl %eax, %eax
1329.align 4
1330 .long 4136217587
1331 popfl
1332 popl %edi
1333 popl %esi
1334 popl %ebx
1335 popl %ebp
1336 ret
1337.L_AES_cbc_encrypt_end:
1338.size AES_cbc_encrypt,.L_AES_cbc_encrypt_end-AES_cbc_encrypt
1339.ident "AES_cbc_encrypt"
1340.globl AES_Te
1341.text
1342.globl AES_set_encrypt_key
1343.type AES_set_encrypt_key,@function
1344.align 16
1345AES_set_encrypt_key:
1346 pushl %ebp
1347 pushl %ebx
1348 pushl %esi
1349 pushl %edi
1350
1351 call FIPS_selftest_failed
1352 cmpl $0,%eax
1353 mov $-3,%eax
1354 jne .L029exit
1355
1356 movl 20(%esp), %esi
1357 movl 28(%esp), %edi
1358 testl $-1, %esi
1359 jz .L024badpointer
1360 testl $-1, %edi
1361 jz .L024badpointer
1362 call .L025pic_point
1363.L025pic_point:
1364 popl %ebp
1365 leal AES_Te-.L025pic_point(%ebp),%ebp
1366 movl 24(%esp), %ecx
1367 cmpl $128, %ecx
1368 je .L02610rounds
1369 cmpl $192, %ecx
1370 je .L02712rounds
1371 cmpl $256, %ecx
1372 je .L02814rounds
1373 movl $-2, %eax
1374 jmp .L029exit
1375.L02610rounds:
1376 movl (%esi), %eax
1377 movl 4(%esi), %ebx
1378 movl 8(%esi), %ecx
1379 movl 12(%esi), %edx
1380 movl %eax, (%edi)
1381 movl %ebx, 4(%edi)
1382 movl %ecx, 8(%edi)
1383 movl %edx, 12(%edi)
1384 xorl %ecx, %ecx
1385 jmp .L03010shortcut
1386.align 4
1387.L03110loop:
1388 movl (%edi), %eax
1389 movl 12(%edi), %edx
1390.L03010shortcut:
1391 movzbl %dl, %esi
1392 movl 2(%ebp,%esi,8), %ebx
1393 movzbl %dh, %esi
1394 andl $4278190080, %ebx
1395 xorl %ebx, %eax
1396 movl 2(%ebp,%esi,8), %ebx
1397 shrl $16, %edx
1398 andl $255, %ebx
1399 movzbl %dl, %esi
1400 xorl %ebx, %eax
1401 movl (%ebp,%esi,8), %ebx
1402 movzbl %dh, %esi
1403 andl $65280, %ebx
1404 xorl %ebx, %eax
1405 movl (%ebp,%esi,8), %ebx
1406 andl $16711680, %ebx
1407 xorl %ebx, %eax
1408 xorl 2048(%ebp,%ecx,4),%eax
1409 movl %eax, 16(%edi)
1410 xorl 4(%edi), %eax
1411 movl %eax, 20(%edi)
1412 xorl 8(%edi), %eax
1413 movl %eax, 24(%edi)
1414 xorl 12(%edi), %eax
1415 movl %eax, 28(%edi)
1416 incl %ecx
1417 addl $16, %edi
1418 cmpl $10, %ecx
1419 jl .L03110loop
1420 movl $10, 80(%edi)
1421 xorl %eax, %eax
1422 jmp .L029exit
1423.L02712rounds:
1424 movl (%esi), %eax
1425 movl 4(%esi), %ebx
1426 movl 8(%esi), %ecx
1427 movl 12(%esi), %edx
1428 movl %eax, (%edi)
1429 movl %ebx, 4(%edi)
1430 movl %ecx, 8(%edi)
1431 movl %edx, 12(%edi)
1432 movl 16(%esi), %ecx
1433 movl 20(%esi), %edx
1434 movl %ecx, 16(%edi)
1435 movl %edx, 20(%edi)
1436 xorl %ecx, %ecx
1437 jmp .L03212shortcut
1438.align 4
1439.L03312loop:
1440 movl (%edi), %eax
1441 movl 20(%edi), %edx
1442.L03212shortcut:
1443 movzbl %dl, %esi
1444 movl 2(%ebp,%esi,8), %ebx
1445 movzbl %dh, %esi
1446 andl $4278190080, %ebx
1447 xorl %ebx, %eax
1448 movl 2(%ebp,%esi,8), %ebx
1449 shrl $16, %edx
1450 andl $255, %ebx
1451 movzbl %dl, %esi
1452 xorl %ebx, %eax
1453 movl (%ebp,%esi,8), %ebx
1454 movzbl %dh, %esi
1455 andl $65280, %ebx
1456 xorl %ebx, %eax
1457 movl (%ebp,%esi,8), %ebx
1458 andl $16711680, %ebx
1459 xorl %ebx, %eax
1460 xorl 2048(%ebp,%ecx,4),%eax
1461 movl %eax, 24(%edi)
1462 xorl 4(%edi), %eax
1463 movl %eax, 28(%edi)
1464 xorl 8(%edi), %eax
1465 movl %eax, 32(%edi)
1466 xorl 12(%edi), %eax
1467 movl %eax, 36(%edi)
1468 cmpl $7, %ecx
1469 je .L03412break
1470 incl %ecx
1471 xorl 16(%edi), %eax
1472 movl %eax, 40(%edi)
1473 xorl 20(%edi), %eax
1474 movl %eax, 44(%edi)
1475 addl $24, %edi
1476 jmp .L03312loop
1477.L03412break:
1478 movl $12, 72(%edi)
1479 xorl %eax, %eax
1480 jmp .L029exit
1481.L02814rounds:
1482 movl (%esi), %eax
1483 movl 4(%esi), %ebx
1484 movl 8(%esi), %ecx
1485 movl 12(%esi), %edx
1486 movl %eax, (%edi)
1487 movl %ebx, 4(%edi)
1488 movl %ecx, 8(%edi)
1489 movl %edx, 12(%edi)
1490 movl 16(%esi), %eax
1491 movl 20(%esi), %ebx
1492 movl 24(%esi), %ecx
1493 movl 28(%esi), %edx
1494 movl %eax, 16(%edi)
1495 movl %ebx, 20(%edi)
1496 movl %ecx, 24(%edi)
1497 movl %edx, 28(%edi)
1498 xorl %ecx, %ecx
1499 jmp .L03514shortcut
1500.align 4
1501.L03614loop:
1502 movl 28(%edi), %edx
1503.L03514shortcut:
1504 movl (%edi), %eax
1505 movzbl %dl, %esi
1506 movl 2(%ebp,%esi,8), %ebx
1507 movzbl %dh, %esi
1508 andl $4278190080, %ebx
1509 xorl %ebx, %eax
1510 movl 2(%ebp,%esi,8), %ebx
1511 shrl $16, %edx
1512 andl $255, %ebx
1513 movzbl %dl, %esi
1514 xorl %ebx, %eax
1515 movl (%ebp,%esi,8), %ebx
1516 movzbl %dh, %esi
1517 andl $65280, %ebx
1518 xorl %ebx, %eax
1519 movl (%ebp,%esi,8), %ebx
1520 andl $16711680, %ebx
1521 xorl %ebx, %eax
1522 xorl 2048(%ebp,%ecx,4),%eax
1523 movl %eax, 32(%edi)
1524 xorl 4(%edi), %eax
1525 movl %eax, 36(%edi)
1526 xorl 8(%edi), %eax
1527 movl %eax, 40(%edi)
1528 xorl 12(%edi), %eax
1529 movl %eax, 44(%edi)
1530 cmpl $6, %ecx
1531 je .L03714break
1532 incl %ecx
1533 movl %eax, %edx
1534 movl 16(%edi), %eax
1535 movzbl %dl, %esi
1536 movl 2(%ebp,%esi,8), %ebx
1537 movzbl %dh, %esi
1538 andl $255, %ebx
1539 xorl %ebx, %eax
1540 movl (%ebp,%esi,8), %ebx
1541 shrl $16, %edx
1542 andl $65280, %ebx
1543 movzbl %dl, %esi
1544 xorl %ebx, %eax
1545 movl (%ebp,%esi,8), %ebx
1546 movzbl %dh, %esi
1547 andl $16711680, %ebx
1548 xorl %ebx, %eax
1549 movl 2(%ebp,%esi,8), %ebx
1550 andl $4278190080, %ebx
1551 xorl %ebx, %eax
1552 movl %eax, 48(%edi)
1553 xorl 20(%edi), %eax
1554 movl %eax, 52(%edi)
1555 xorl 24(%edi), %eax
1556 movl %eax, 56(%edi)
1557 xorl 28(%edi), %eax
1558 movl %eax, 60(%edi)
1559 addl $32, %edi
1560 jmp .L03614loop
1561.L03714break:
1562 movl $14, 48(%edi)
1563 xorl %eax, %eax
1564 jmp .L029exit
1565.L024badpointer:
1566 movl $-1, %eax
1567.L029exit:
1568 popl %edi
1569 popl %esi
1570 popl %ebx
1571 popl %ebp
1572 ret
1573.L_AES_set_encrypt_key_end:
1574.size AES_set_encrypt_key,.L_AES_set_encrypt_key_end-AES_set_encrypt_key
1575.ident "AES_set_encrypt_key"
1576.globl AES_Td
1577.globl AES_Te
1578.text
1579.globl AES_set_decrypt_key
1580.type AES_set_decrypt_key,@function
1581.align 16
1582AES_set_decrypt_key:
1583 movl 4(%esp), %eax
1584 movl 8(%esp), %ecx
1585 movl 12(%esp), %edx
1586 subl $12, %esp
1587 movl %eax, (%esp)
1588 movl %ecx, 4(%esp)
1589 movl %edx, 8(%esp)
1590 call AES_set_encrypt_key
1591 addl $12, %esp
1592 cmpl $0, %eax
1593 je .L038proceed
1594 ret
1595.L038proceed:
1596 pushl %ebp
1597 pushl %ebx
1598 pushl %esi
1599 pushl %edi
1600 movl 28(%esp), %esi
1601 movl 240(%esi), %ecx
1602 leal (,%ecx,4), %ecx
1603 leal (%esi,%ecx,4), %edi
1604.align 4
1605.L039invert:
1606 movl (%esi), %eax
1607 movl 4(%esi), %ebx
1608 movl (%edi), %ecx
1609 movl 4(%edi), %edx
1610 movl %eax, (%edi)
1611 movl %ebx, 4(%edi)
1612 movl %ecx, (%esi)
1613 movl %edx, 4(%esi)
1614 movl 8(%esi), %eax
1615 movl 12(%esi), %ebx
1616 movl 8(%edi), %ecx
1617 movl 12(%edi), %edx
1618 movl %eax, 8(%edi)
1619 movl %ebx, 12(%edi)
1620 movl %ecx, 8(%esi)
1621 movl %edx, 12(%esi)
1622 addl $16, %esi
1623 subl $16, %edi
1624 cmpl %edi, %esi
1625 jne .L039invert
1626 call .L040pic_point
1627.L040pic_point:
1628 popl %ebp
1629 leal AES_Td-.L040pic_point(%ebp),%edi
1630 leal AES_Te-.L040pic_point(%ebp),%ebp
1631 movl 28(%esp), %esi
1632 movl 240(%esi), %ecx
1633 decl %ecx
1634.align 4
1635.L041permute:
1636 addl $16, %esi
1637 movl (%esi), %eax
1638 movl %eax, %edx
1639 movzbl %ah, %ebx
1640 shrl $16, %edx
1641 andl $255, %eax
1642 movzbl 2(%ebp,%eax,8), %eax
1643 movzbl 2(%ebp,%ebx,8), %ebx
1644 movl (%edi,%eax,8), %eax
1645 xorl 3(%edi,%ebx,8), %eax
1646 movzbl %dh, %ebx
1647 andl $255, %edx
1648 movzbl 2(%ebp,%edx,8), %edx
1649 movzbl 2(%ebp,%ebx,8), %ebx
1650 xorl 2(%edi,%edx,8), %eax
1651 xorl 1(%edi,%ebx,8), %eax
1652 movl %eax, (%esi)
1653 movl 4(%esi), %eax
1654 movl %eax, %edx
1655 movzbl %ah, %ebx
1656 shrl $16, %edx
1657 andl $255, %eax
1658 movzbl 2(%ebp,%eax,8), %eax
1659 movzbl 2(%ebp,%ebx,8), %ebx
1660 movl (%edi,%eax,8), %eax
1661 xorl 3(%edi,%ebx,8), %eax
1662 movzbl %dh, %ebx
1663 andl $255, %edx
1664 movzbl 2(%ebp,%edx,8), %edx
1665 movzbl 2(%ebp,%ebx,8), %ebx
1666 xorl 2(%edi,%edx,8), %eax
1667 xorl 1(%edi,%ebx,8), %eax
1668 movl %eax, 4(%esi)
1669 movl 8(%esi), %eax
1670 movl %eax, %edx
1671 movzbl %ah, %ebx
1672 shrl $16, %edx
1673 andl $255, %eax
1674 movzbl 2(%ebp,%eax,8), %eax
1675 movzbl 2(%ebp,%ebx,8), %ebx
1676 movl (%edi,%eax,8), %eax
1677 xorl 3(%edi,%ebx,8), %eax
1678 movzbl %dh, %ebx
1679 andl $255, %edx
1680 movzbl 2(%ebp,%edx,8), %edx
1681 movzbl 2(%ebp,%ebx,8), %ebx
1682 xorl 2(%edi,%edx,8), %eax
1683 xorl 1(%edi,%ebx,8), %eax
1684 movl %eax, 8(%esi)
1685 movl 12(%esi), %eax
1686 movl %eax, %edx
1687 movzbl %ah, %ebx
1688 shrl $16, %edx
1689 andl $255, %eax
1690 movzbl 2(%ebp,%eax,8), %eax
1691 movzbl 2(%ebp,%ebx,8), %ebx
1692 movl (%edi,%eax,8), %eax
1693 xorl 3(%edi,%ebx,8), %eax
1694 movzbl %dh, %ebx
1695 andl $255, %edx
1696 movzbl 2(%ebp,%edx,8), %edx
1697 movzbl 2(%ebp,%ebx,8), %ebx
1698 xorl 2(%edi,%edx,8), %eax
1699 xorl 1(%edi,%ebx,8), %eax
1700 movl %eax, 12(%esi)
1701 decl %ecx
1702 jnz .L041permute
1703 xorl %eax, %eax
1704 popl %edi
1705 popl %esi
1706 popl %ebx
1707 popl %ebp
1708 ret
1709.L_AES_set_decrypt_key_end:
1710.size AES_set_decrypt_key,.L_AES_set_decrypt_key_end-AES_set_decrypt_key
1711.ident "AES_set_decrypt_key"
diff --git a/src/lib/libssl/src/fips-1.0/aes/fips_aes_core.c b/src/lib/libssl/src/fips-1.0/aes/fips_aes_core.c
new file mode 100644
index 0000000000..82199c92e6
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/aes/fips_aes_core.c
@@ -0,0 +1,1263 @@
1/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
2/**
3 * rijndael-alg-fst.c
4 *
5 * @version 3.0 (December 2000)
6 *
7 * Optimised ANSI C code for the Rijndael cipher (now AES)
8 *
9 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
10 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
11 * @author Paulo Barreto <paulo.barreto@terra.com.br>
12 *
13 * This code is hereby placed in the public domain.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
16 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
19 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
22 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
24 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
25 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28/* Note: rewritten a little bit to provide error control and an OpenSSL-
29 compatible API */
30
31#ifndef AES_DEBUG
32# ifndef NDEBUG
33# define NDEBUG
34# endif
35#endif
36#include <assert.h>
37
38#include <stdlib.h>
39#include <openssl/aes.h>
40#include "fips_aes_locl.h"
41#include <openssl/fips.h>
42
43#ifdef OPENSSL_FIPS
44
45/*
46Te0[x] = S [x].[02, 01, 01, 03];
47Te1[x] = S [x].[03, 02, 01, 01];
48Te2[x] = S [x].[01, 03, 02, 01];
49Te3[x] = S [x].[01, 01, 03, 02];
50Te4[x] = S [x].[01, 01, 01, 01];
51
52Td0[x] = Si[x].[0e, 09, 0d, 0b];
53Td1[x] = Si[x].[0b, 0e, 09, 0d];
54Td2[x] = Si[x].[0d, 0b, 0e, 09];
55Td3[x] = Si[x].[09, 0d, 0b, 0e];
56Td4[x] = Si[x].[01, 01, 01, 01];
57*/
58
59static const u32 Te0[256] = {
60 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
61 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
62 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
63 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
64 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
65 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
66 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
67 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
68 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
69 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
70 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
71 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
72 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
73 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
74 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
75 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
76 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
77 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
78 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
79 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
80 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
81 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
82 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
83 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
84 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
85 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
86 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
87 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
88 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
89 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
90 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
91 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
92 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
93 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
94 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
95 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
96 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
97 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
98 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
99 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
100 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
101 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
102 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
103 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
104 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
105 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
106 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
107 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
108 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
109 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
110 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
111 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
112 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
113 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
114 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
115 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
116 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
117 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
118 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
119 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
120 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
121 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
122 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
123 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
124};
125static const u32 Te1[256] = {
126 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
127 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
128 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
129 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
130 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
131 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
132 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
133 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
134 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
135 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
136 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
137 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
138 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
139 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
140 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
141 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
142 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
143 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
144 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
145 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
146 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
147 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
148 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
149 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
150 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
151 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
152 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
153 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
154 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
155 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
156 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
157 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
158 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
159 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
160 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
161 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
162 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
163 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
164 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
165 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
166 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
167 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
168 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
169 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
170 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
171 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
172 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
173 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
174 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
175 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
176 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
177 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
178 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
179 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
180 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
181 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
182 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
183 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
184 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
185 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
186 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
187 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
188 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
189 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
190};
191static const u32 Te2[256] = {
192 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
193 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
194 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
195 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
196 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
197 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
198 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
199 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
200 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
201 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
202 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
203 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
204 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
205 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
206 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
207 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
208 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
209 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
210 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
211 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
212 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
213 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
214 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
215 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
216 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
217 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
218 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
219 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
220 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
221 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
222 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
223 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
224 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
225 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
226 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
227 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
228 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
229 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
230 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
231 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
232 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
233 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
234 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
235 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
236 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
237 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
238 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
239 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
240 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
241 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
242 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
243 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
244 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
245 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
246 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
247 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
248 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
249 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
250 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
251 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
252 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
253 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
254 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
255 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
256};
257static const u32 Te3[256] = {
258
259 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
260 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
261 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
262 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
263 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
264 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
265 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
266 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
267 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
268 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
269 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
270 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
271 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
272 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
273 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
274 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
275 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
276 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
277 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
278 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
279 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
280 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
281 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
282 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
283 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
284 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
285 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
286 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
287 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
288 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
289 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
290 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
291 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
292 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
293 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
294 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
295 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
296 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
297 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
298 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
299 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
300 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
301 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
302 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
303 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
304 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
305 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
306 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
307 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
308 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
309 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
310 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
311 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
312 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
313 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
314 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
315 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
316 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
317 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
318 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
319 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
320 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
321 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
322 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
323};
324static const u32 Te4[256] = {
325 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
326 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
327 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
328 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
329 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
330 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
331 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
332 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
333 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
334 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
335 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
336 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
337 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
338 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
339 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
340 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
341 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
342 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
343 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
344 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
345 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
346 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
347 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
348 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
349 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
350 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
351 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
352 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
353 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
354 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
355 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
356 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
357 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
358 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
359 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
360 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
361 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
362 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
363 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
364 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
365 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
366 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
367 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
368 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
369 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
370 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
371 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
372 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
373 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
374 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
375 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
376 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
377 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
378 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
379 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
380 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
381 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
382 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
383 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
384 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
385 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
386 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
387 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
388 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
389};
390static const u32 Td0[256] = {
391 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
392 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
393 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
394 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
395 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
396 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
397 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
398 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
399 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
400 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
401 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
402 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
403 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
404 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
405 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
406 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
407 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
408 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
409 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
410 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
411 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
412 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
413 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
414 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
415 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
416 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
417 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
418 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
419 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
420 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
421 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
422 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
423 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
424 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
425 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
426 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
427 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
428 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
429 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
430 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
431 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
432 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
433 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
434 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
435 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
436 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
437 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
438 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
439 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
440 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
441 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
442 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
443 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
444 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
445 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
446 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
447 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
448 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
449 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
450 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
451 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
452 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
453 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
454 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
455};
456static const u32 Td1[256] = {
457 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
458 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
459 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
460 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
461 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
462 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
463 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
464 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
465 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
466 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
467 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
468 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
469 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
470 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
471 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
472 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
473 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
474 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
475 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
476 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
477 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
478 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
479 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
480 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
481 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
482 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
483 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
484 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
485 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
486 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
487 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
488 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
489 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
490 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
491 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
492 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
493 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
494 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
495 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
496 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
497 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
498 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
499 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
500 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
501 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
502 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
503 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
504 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
505 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
506 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
507 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
508 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
509 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
510 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
511 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
512 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
513 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
514 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
515 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
516 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
517 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
518 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
519 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
520 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
521};
522static const u32 Td2[256] = {
523 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
524 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
525 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
526 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
527 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
528 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
529 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
530 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
531 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
532 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
533 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
534 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
535 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
536 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
537 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
538 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
539 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
540 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
541 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
542 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
543
544 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
545 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
546 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
547 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
548 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
549 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
550 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
551 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
552 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
553 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
554 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
555 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
556 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
557 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
558 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
559 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
560 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
561 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
562 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
563 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
564 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
565 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
566 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
567 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
568 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
569 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
570 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
571 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
572 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
573 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
574 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
575 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
576 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
577 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
578 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
579 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
580 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
581 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
582 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
583 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
584 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
585 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
586 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
587 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
588};
589static const u32 Td3[256] = {
590 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
591 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
592 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
593 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
594 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
595 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
596 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
597 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
598 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
599 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
600 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
601 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
602 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
603 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
604 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
605 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
606 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
607 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
608 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
609 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
610 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
611 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
612 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
613 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
614 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
615 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
616 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
617 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
618 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
619 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
620 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
621 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
622 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
623 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
624 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
625 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
626 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
627 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
628 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
629 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
630 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
631 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
632 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
633 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
634 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
635 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
636 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
637 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
638 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
639 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
640 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
641 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
642 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
643 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
644 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
645 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
646 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
647 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
648 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
649 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
650 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
651 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
652 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
653 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
654};
655static const u32 Td4[256] = {
656 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
657 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
658 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
659 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
660 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
661 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
662 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
663 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
664 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
665 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
666 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
667 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
668 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
669 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
670 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
671 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
672 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
673 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
674 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
675 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
676 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
677 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
678 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
679 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
680 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
681 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
682 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
683 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
684 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
685 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
686 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
687 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
688 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
689 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
690 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
691 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
692 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
693 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
694 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
695 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
696 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
697 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
698 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
699 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
700 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
701 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
702 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
703 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
704 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
705 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
706 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
707 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
708 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
709 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
710 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
711 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
712 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
713 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
714 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
715 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
716 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
717 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
718 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
719 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
720};
721static const u32 rcon[] = {
722 0x01000000, 0x02000000, 0x04000000, 0x08000000,
723 0x10000000, 0x20000000, 0x40000000, 0x80000000,
724 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
725};
726
727/**
728 * Expand the cipher key into the encryption key schedule.
729 */
730int AES_set_encrypt_key(const unsigned char *userKey,
731 const FIPS_AES_SIZE_T bits, AES_KEY *key) {
732
733 u32 *rk;
734 int i = 0;
735 u32 temp;
736
737 if (!userKey || !key)
738 return -1;
739 if (bits != 128 && bits != 192 && bits != 256)
740 return -2;
741 if(FIPS_selftest_failed())
742 return -3;
743
744 rk = key->rd_key;
745
746 if (bits==128)
747 key->rounds = 10;
748 else if (bits==192)
749 key->rounds = 12;
750 else
751 key->rounds = 14;
752
753 rk[0] = GETU32(userKey );
754 rk[1] = GETU32(userKey + 4);
755 rk[2] = GETU32(userKey + 8);
756 rk[3] = GETU32(userKey + 12);
757 if (bits == 128) {
758 while (1) {
759 temp = rk[3];
760 rk[4] = rk[0] ^
761 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
762 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
763 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
764 (Te4[(temp >> 24) ] & 0x000000ff) ^
765 rcon[i];
766 rk[5] = rk[1] ^ rk[4];
767 rk[6] = rk[2] ^ rk[5];
768 rk[7] = rk[3] ^ rk[6];
769 if (++i == 10) {
770 return 0;
771 }
772 rk += 4;
773 }
774 }
775 rk[4] = GETU32(userKey + 16);
776 rk[5] = GETU32(userKey + 20);
777 if (bits == 192) {
778 while (1) {
779 temp = rk[ 5];
780 rk[ 6] = rk[ 0] ^
781 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
782 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
783 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
784 (Te4[(temp >> 24) ] & 0x000000ff) ^
785 rcon[i];
786 rk[ 7] = rk[ 1] ^ rk[ 6];
787 rk[ 8] = rk[ 2] ^ rk[ 7];
788 rk[ 9] = rk[ 3] ^ rk[ 8];
789 if (++i == 8) {
790 return 0;
791 }
792 rk[10] = rk[ 4] ^ rk[ 9];
793 rk[11] = rk[ 5] ^ rk[10];
794 rk += 6;
795 }
796 }
797 rk[6] = GETU32(userKey + 24);
798 rk[7] = GETU32(userKey + 28);
799 if (bits == 256) {
800 while (1) {
801 temp = rk[ 7];
802 rk[ 8] = rk[ 0] ^
803 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
804 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
805 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
806 (Te4[(temp >> 24) ] & 0x000000ff) ^
807 rcon[i];
808 rk[ 9] = rk[ 1] ^ rk[ 8];
809 rk[10] = rk[ 2] ^ rk[ 9];
810 rk[11] = rk[ 3] ^ rk[10];
811 if (++i == 7) {
812 return 0;
813 }
814 temp = rk[11];
815 rk[12] = rk[ 4] ^
816 (Te4[(temp >> 24) ] & 0xff000000) ^
817 (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
818 (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
819 (Te4[(temp ) & 0xff] & 0x000000ff);
820 rk[13] = rk[ 5] ^ rk[12];
821 rk[14] = rk[ 6] ^ rk[13];
822 rk[15] = rk[ 7] ^ rk[14];
823
824 rk += 8;
825 }
826 }
827 return 0;
828}
829
830/**
831 * Expand the cipher key into the decryption key schedule.
832 */
833int AES_set_decrypt_key(const unsigned char *userKey,
834 const FIPS_AES_SIZE_T bits, AES_KEY *key) {
835
836 u32 *rk;
837 int i, j, status;
838 u32 temp;
839
840 /* first, start with an encryption schedule */
841 status = AES_set_encrypt_key(userKey, bits, key);
842 if (status < 0)
843 return status;
844
845 rk = key->rd_key;
846
847 /* invert the order of the round keys: */
848 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
849 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
850 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
851 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
852 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
853 }
854 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
855 for (i = 1; i < (key->rounds); i++) {
856 rk += 4;
857 rk[0] =
858 Td0[Te4[(rk[0] >> 24) ] & 0xff] ^
859 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
860 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
861 Td3[Te4[(rk[0] ) & 0xff] & 0xff];
862 rk[1] =
863 Td0[Te4[(rk[1] >> 24) ] & 0xff] ^
864 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
865 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
866 Td3[Te4[(rk[1] ) & 0xff] & 0xff];
867 rk[2] =
868 Td0[Te4[(rk[2] >> 24) ] & 0xff] ^
869 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
870 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
871 Td3[Te4[(rk[2] ) & 0xff] & 0xff];
872 rk[3] =
873 Td0[Te4[(rk[3] >> 24) ] & 0xff] ^
874 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
875 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
876 Td3[Te4[(rk[3] ) & 0xff] & 0xff];
877 }
878 return 0;
879}
880
881/*
882 * Encrypt a single block
883 * in and out can overlap
884 */
885void AES_encrypt(const unsigned char *in, unsigned char *out,
886 const AES_KEY *key) {
887
888 const u32 *rk;
889 u32 s0, s1, s2, s3, t0, t1, t2, t3;
890#ifndef FULL_UNROLL
891 int r;
892#endif /* ?FULL_UNROLL */
893
894 assert(in && out && key);
895 rk = key->rd_key;
896
897 /*
898 * map byte array block to cipher state
899 * and add initial round key:
900 */
901 s0 = GETU32(in ) ^ rk[0];
902 s1 = GETU32(in + 4) ^ rk[1];
903 s2 = GETU32(in + 8) ^ rk[2];
904 s3 = GETU32(in + 12) ^ rk[3];
905#ifdef FULL_UNROLL
906 /* round 1: */
907 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
908 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
909 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
910 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
911 /* round 2: */
912 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
913 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
914 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
915 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
916 /* round 3: */
917 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
918 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
919 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
920 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
921 /* round 4: */
922 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
923 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
924 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
925 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
926 /* round 5: */
927 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
928 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
929 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
930 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
931 /* round 6: */
932 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
933 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
934 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
935 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
936 /* round 7: */
937 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
938 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
939 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
940 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
941 /* round 8: */
942 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
943 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
944 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
945 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
946 /* round 9: */
947 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
948 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
949 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
950 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
951 if (key->rounds > 10) {
952 /* round 10: */
953 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
954 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
955 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
956 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
957 /* round 11: */
958 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
959 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
960 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
961 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
962 if (key->rounds > 12) {
963 /* round 12: */
964 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
965 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
966 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
967 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
968 /* round 13: */
969 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
970 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
971 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
972 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
973 }
974 }
975 rk += key->rounds << 2;
976#else /* !FULL_UNROLL */
977 /*
978 * Nr - 1 full rounds:
979 */
980 r = key->rounds >> 1;
981 for (;;) {
982 t0 =
983 Te0[(s0 >> 24) ] ^
984 Te1[(s1 >> 16) & 0xff] ^
985 Te2[(s2 >> 8) & 0xff] ^
986 Te3[(s3 ) & 0xff] ^
987 rk[4];
988 t1 =
989 Te0[(s1 >> 24) ] ^
990 Te1[(s2 >> 16) & 0xff] ^
991 Te2[(s3 >> 8) & 0xff] ^
992 Te3[(s0 ) & 0xff] ^
993 rk[5];
994 t2 =
995 Te0[(s2 >> 24) ] ^
996 Te1[(s3 >> 16) & 0xff] ^
997 Te2[(s0 >> 8) & 0xff] ^
998 Te3[(s1 ) & 0xff] ^
999 rk[6];
1000 t3 =
1001 Te0[(s3 >> 24) ] ^
1002 Te1[(s0 >> 16) & 0xff] ^
1003 Te2[(s1 >> 8) & 0xff] ^
1004 Te3[(s2 ) & 0xff] ^
1005 rk[7];
1006
1007 rk += 8;
1008 if (--r == 0) {
1009 break;
1010 }
1011
1012 s0 =
1013 Te0[(t0 >> 24) ] ^
1014 Te1[(t1 >> 16) & 0xff] ^
1015 Te2[(t2 >> 8) & 0xff] ^
1016 Te3[(t3 ) & 0xff] ^
1017 rk[0];
1018 s1 =
1019 Te0[(t1 >> 24) ] ^
1020 Te1[(t2 >> 16) & 0xff] ^
1021 Te2[(t3 >> 8) & 0xff] ^
1022 Te3[(t0 ) & 0xff] ^
1023 rk[1];
1024 s2 =
1025 Te0[(t2 >> 24) ] ^
1026 Te1[(t3 >> 16) & 0xff] ^
1027 Te2[(t0 >> 8) & 0xff] ^
1028 Te3[(t1 ) & 0xff] ^
1029 rk[2];
1030 s3 =
1031 Te0[(t3 >> 24) ] ^
1032 Te1[(t0 >> 16) & 0xff] ^
1033 Te2[(t1 >> 8) & 0xff] ^
1034 Te3[(t2 ) & 0xff] ^
1035 rk[3];
1036 }
1037#endif /* ?FULL_UNROLL */
1038 /*
1039 * apply last round and
1040 * map cipher state to byte array block:
1041 */
1042 s0 =
1043 (Te4[(t0 >> 24) ] & 0xff000000) ^
1044 (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1045 (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1046 (Te4[(t3 ) & 0xff] & 0x000000ff) ^
1047 rk[0];
1048 PUTU32(out , s0);
1049 s1 =
1050 (Te4[(t1 >> 24) ] & 0xff000000) ^
1051 (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1052 (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1053 (Te4[(t0 ) & 0xff] & 0x000000ff) ^
1054 rk[1];
1055 PUTU32(out + 4, s1);
1056 s2 =
1057 (Te4[(t2 >> 24) ] & 0xff000000) ^
1058 (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1059 (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1060 (Te4[(t1 ) & 0xff] & 0x000000ff) ^
1061 rk[2];
1062 PUTU32(out + 8, s2);
1063 s3 =
1064 (Te4[(t3 >> 24) ] & 0xff000000) ^
1065 (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1066 (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1067 (Te4[(t2 ) & 0xff] & 0x000000ff) ^
1068 rk[3];
1069 PUTU32(out + 12, s3);
1070}
1071
1072/*
1073 * Decrypt a single block
1074 * in and out can overlap
1075 */
1076void AES_decrypt(const unsigned char *in, unsigned char *out,
1077 const AES_KEY *key) {
1078
1079 const u32 *rk;
1080 u32 s0, s1, s2, s3, t0, t1, t2, t3;
1081#ifndef FULL_UNROLL
1082 int r;
1083#endif /* ?FULL_UNROLL */
1084
1085 assert(in && out && key);
1086 rk = key->rd_key;
1087
1088 /*
1089 * map byte array block to cipher state
1090 * and add initial round key:
1091 */
1092 s0 = GETU32(in ) ^ rk[0];
1093 s1 = GETU32(in + 4) ^ rk[1];
1094 s2 = GETU32(in + 8) ^ rk[2];
1095 s3 = GETU32(in + 12) ^ rk[3];
1096#ifdef FULL_UNROLL
1097 /* round 1: */
1098 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
1099 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
1100 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
1101 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
1102 /* round 2: */
1103 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
1104 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
1105 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
1106 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
1107 /* round 3: */
1108 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
1109 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
1110 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
1111 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
1112 /* round 4: */
1113 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
1114 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
1115 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
1116 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
1117 /* round 5: */
1118 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
1119 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
1120 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
1121 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
1122 /* round 6: */
1123 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
1124 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
1125 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
1126 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
1127 /* round 7: */
1128 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
1129 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
1130 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
1131 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
1132 /* round 8: */
1133 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
1134 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
1135 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
1136 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
1137 /* round 9: */
1138 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
1139 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
1140 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
1141 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
1142 if (key->rounds > 10) {
1143 /* round 10: */
1144 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
1145 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
1146 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
1147 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
1148 /* round 11: */
1149 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
1150 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
1151 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
1152 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
1153 if (key->rounds > 12) {
1154 /* round 12: */
1155 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
1156 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
1157 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
1158 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
1159 /* round 13: */
1160 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
1161 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
1162 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
1163 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
1164 }
1165 }
1166 rk += key->rounds << 2;
1167#else /* !FULL_UNROLL */
1168 /*
1169 * Nr - 1 full rounds:
1170 */
1171 r = key->rounds >> 1;
1172 for (;;) {
1173 t0 =
1174 Td0[(s0 >> 24) ] ^
1175 Td1[(s3 >> 16) & 0xff] ^
1176 Td2[(s2 >> 8) & 0xff] ^
1177 Td3[(s1 ) & 0xff] ^
1178 rk[4];
1179 t1 =
1180 Td0[(s1 >> 24) ] ^
1181 Td1[(s0 >> 16) & 0xff] ^
1182 Td2[(s3 >> 8) & 0xff] ^
1183 Td3[(s2 ) & 0xff] ^
1184 rk[5];
1185 t2 =
1186 Td0[(s2 >> 24) ] ^
1187 Td1[(s1 >> 16) & 0xff] ^
1188 Td2[(s0 >> 8) & 0xff] ^
1189 Td3[(s3 ) & 0xff] ^
1190 rk[6];
1191 t3 =
1192 Td0[(s3 >> 24) ] ^
1193 Td1[(s2 >> 16) & 0xff] ^
1194 Td2[(s1 >> 8) & 0xff] ^
1195 Td3[(s0 ) & 0xff] ^
1196 rk[7];
1197
1198 rk += 8;
1199 if (--r == 0) {
1200 break;
1201 }
1202
1203 s0 =
1204 Td0[(t0 >> 24) ] ^
1205 Td1[(t3 >> 16) & 0xff] ^
1206 Td2[(t2 >> 8) & 0xff] ^
1207 Td3[(t1 ) & 0xff] ^
1208 rk[0];
1209 s1 =
1210 Td0[(t1 >> 24) ] ^
1211 Td1[(t0 >> 16) & 0xff] ^
1212 Td2[(t3 >> 8) & 0xff] ^
1213 Td3[(t2 ) & 0xff] ^
1214 rk[1];
1215 s2 =
1216 Td0[(t2 >> 24) ] ^
1217 Td1[(t1 >> 16) & 0xff] ^
1218 Td2[(t0 >> 8) & 0xff] ^
1219 Td3[(t3 ) & 0xff] ^
1220 rk[2];
1221 s3 =
1222 Td0[(t3 >> 24) ] ^
1223 Td1[(t2 >> 16) & 0xff] ^
1224 Td2[(t1 >> 8) & 0xff] ^
1225 Td3[(t0 ) & 0xff] ^
1226 rk[3];
1227 }
1228#endif /* ?FULL_UNROLL */
1229 /*
1230 * apply last round and
1231 * map cipher state to byte array block:
1232 */
1233 s0 =
1234 (Td4[(t0 >> 24) ] & 0xff000000) ^
1235 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1236 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1237 (Td4[(t1 ) & 0xff] & 0x000000ff) ^
1238 rk[0];
1239 PUTU32(out , s0);
1240 s1 =
1241 (Td4[(t1 >> 24) ] & 0xff000000) ^
1242 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1243 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1244 (Td4[(t2 ) & 0xff] & 0x000000ff) ^
1245 rk[1];
1246 PUTU32(out + 4, s1);
1247 s2 =
1248 (Td4[(t2 >> 24) ] & 0xff000000) ^
1249 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1250 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1251 (Td4[(t3 ) & 0xff] & 0x000000ff) ^
1252 rk[2];
1253 PUTU32(out + 8, s2);
1254 s3 =
1255 (Td4[(t3 >> 24) ] & 0xff000000) ^
1256 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1257 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1258 (Td4[(t0 ) & 0xff] & 0x000000ff) ^
1259 rk[3];
1260 PUTU32(out + 12, s3);
1261}
1262
1263#endif /* def OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips-1.0/aes/fips_aes_locl.h b/src/lib/libssl/src/fips-1.0/aes/fips_aes_locl.h
new file mode 100644
index 0000000000..4184729e34
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/aes/fips_aes_locl.h
@@ -0,0 +1,85 @@
1/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 */
51
52#ifndef HEADER_AES_LOCL_H
53#define HEADER_AES_LOCL_H
54
55#include <openssl/e_os2.h>
56
57#ifdef OPENSSL_NO_AES
58#error AES is disabled.
59#endif
60
61#include <stdio.h>
62#include <stdlib.h>
63#include <string.h>
64
65#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE)
66# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
67# define GETU32(p) SWAP(*((u32 *)(p)))
68# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
69#else
70# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
71# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
72#endif
73
74typedef unsigned long u32;
75typedef unsigned short u16;
76typedef unsigned char u8;
77
78#define MAXKC (256/32)
79#define MAXKB (256/8)
80#define MAXNR 14
81
82/* This controls loop-unrolling in aes_core.c */
83#undef FULL_UNROLL
84
85#endif /* !HEADER_AES_LOCL_H */
diff --git a/src/lib/libssl/src/fips-1.0/aes/fips_aes_selftest.c b/src/lib/libssl/src/fips-1.0/aes/fips_aes_selftest.c
new file mode 100644
index 0000000000..0e53d21bd0
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/aes/fips_aes_selftest.c
@@ -0,0 +1,112 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <string.h>
51#include <openssl/err.h>
52#include <openssl/fips.h>
53#include <openssl/aes.h>
54
55#ifdef OPENSSL_FIPS
56static struct
57 {
58 unsigned char key[16];
59 unsigned char plaintext[16];
60 unsigned char ciphertext[16];
61 } tests[]=
62 {
63 {
64 { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
65 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F },
66 { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
67 0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF },
68 { 0x69,0xC4,0xE0,0xD8,0x6A,0x7B,0x04,0x30,
69 0xD8,0xCD,0xB7,0x80,0x70,0xB4,0xC5,0x5A },
70 },
71 };
72
73void FIPS_corrupt_aes()
74 {
75 tests[0].key[0]++;
76 }
77
78int FIPS_selftest_aes()
79 {
80 int n;
81
82 /* Encrypt and check against known ciphertext */
83 for(n=0 ; n < 1 ; ++n)
84 {
85 AES_KEY key;
86 unsigned char buf[16];
87
88 AES_set_encrypt_key(tests[n].key,128,&key);
89 AES_encrypt(tests[n].plaintext,buf,&key);
90 if(memcmp(buf,tests[n].ciphertext,sizeof buf))
91 {
92 FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED);
93 return 0;
94 }
95 }
96 /* Decrypt and check against known plaintext */
97 for(n=0 ; n < 1 ; ++n)
98 {
99 AES_KEY key;
100 unsigned char buf[16];
101
102 AES_set_decrypt_key(tests[n].key,128,&key);
103 AES_decrypt(tests[n].ciphertext,buf,&key);
104 if(memcmp(buf,tests[n].plaintext,sizeof buf))
105 {
106 FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED);
107 return 0;
108 }
109 }
110 return 1;
111 }
112#endif
diff --git a/src/lib/libssl/src/fips-1.0/aes/fips_aesavs.c b/src/lib/libssl/src/fips-1.0/aes/fips_aesavs.c
new file mode 100644
index 0000000000..6bb9b899c8
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/aes/fips_aesavs.c
@@ -0,0 +1,1005 @@
1/* ====================================================================
2 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49/*---------------------------------------------
50 NIST AES Algorithm Validation Suite
51 Test Program
52
53 Donated to OpenSSL by:
54 V-ONE Corporation
55 20250 Century Blvd, Suite 300
56 Germantown, MD 20874
57 U.S.A.
58 ----------------------------------------------*/
59
60#include <stdio.h>
61#include <stdlib.h>
62#include <string.h>
63#include <errno.h>
64#include <assert.h>
65
66#include <openssl/aes.h>
67#include <openssl/evp.h>
68#include <openssl/fips.h>
69#include <openssl/err.h>
70#include "e_os.h"
71
72#define AES_BLOCK_SIZE 16
73
74#define VERBOSE 1
75
76/*-----------------------------------------------*/
77
78int AESTest(EVP_CIPHER_CTX *ctx,
79 char *amode, int akeysz, unsigned char *aKey,
80 unsigned char *iVec,
81 int dir, /* 0 = decrypt, 1 = encrypt */
82 unsigned char *plaintext, unsigned char *ciphertext, int len)
83 {
84 const EVP_CIPHER *cipher = NULL;
85 int ret = 1;
86 int kt = 0;
87
88 if (ctx)
89 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
90
91 if (strcasecmp(amode, "CBC") == 0)
92 kt = 1000;
93 else if (strcasecmp(amode, "ECB") == 0)
94 kt = 2000;
95 else if (strcasecmp(amode, "CFB128") == 0)
96 kt = 3000;
97 else if (strncasecmp(amode, "OFB", 3) == 0)
98 kt = 4000;
99 else if(!strcasecmp(amode,"CFB1"))
100 kt=5000;
101 else if(!strcasecmp(amode,"CFB8"))
102 kt=6000;
103 else
104 {
105 printf("Unknown mode: %s\n", amode);
106 EXIT(1);
107 }
108 if (ret)
109 {
110 if ((akeysz != 128) && (akeysz != 192) && (akeysz != 256))
111 {
112 printf("Invalid key size: %d\n", akeysz);
113 ret = 0;
114 }
115 else
116 {
117 kt += akeysz;
118 switch (kt)
119 {
120 case 1128: /* CBC 128 */
121 cipher = EVP_aes_128_cbc();
122 break;
123 case 1192: /* CBC 192 */
124 cipher = EVP_aes_192_cbc();
125 break;
126 case 1256: /* CBC 256 */
127 cipher = EVP_aes_256_cbc();
128 break;
129 case 2128: /* ECB 128 */
130 cipher = EVP_aes_128_ecb();
131 break;
132 case 2192: /* ECB 192 */
133 cipher = EVP_aes_192_ecb();
134 break;
135 case 2256: /* ECB 256 */
136 cipher = EVP_aes_256_ecb();
137 break;
138 case 3128: /* CFB 128 */
139 cipher = EVP_aes_128_cfb();
140 break;
141 case 3192: /* CFB 192 */
142 cipher = EVP_aes_192_cfb();
143 break;
144 case 3256: /* CFB 256 */
145 cipher = EVP_aes_256_cfb();
146 break;
147 case 4128: /* OFB 128 */
148 cipher = EVP_aes_128_ofb();
149 break;
150 case 4192: /* OFB 192 */
151 cipher = EVP_aes_192_ofb();
152 break;
153 case 4256: /* OFB 256 */
154 cipher = EVP_aes_256_ofb();
155 break;
156 case 5128:
157 cipher=EVP_aes_128_cfb1();
158 break;
159 case 5192:
160 cipher=EVP_aes_192_cfb1();
161 break;
162 case 5256:
163 cipher=EVP_aes_256_cfb1();
164 break;
165 case 6128:
166 cipher=EVP_aes_128_cfb8();
167 break;
168 case 6192:
169 cipher=EVP_aes_192_cfb8();
170 break;
171 case 6256:
172 cipher=EVP_aes_256_cfb8();
173 break;
174 default:
175 printf("Didn't handle mode %d\n",kt);
176 EXIT(1);
177 }
178 if (dir)
179 { /* encrypt */
180 if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_ENCRYPT))
181 {
182 ERR_print_errors_fp(stderr);
183 EXIT(1);
184 }
185
186 EVP_Cipher(ctx, ciphertext, (unsigned char*)plaintext, len);
187 }
188 else
189 { /* decrypt */
190 if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_DECRYPT))
191 {
192 ERR_print_errors_fp(stderr);
193 EXIT(1);
194 }
195 EVP_Cipher(ctx, (unsigned char*)plaintext, ciphertext, len);
196 }
197 }
198 }
199 return ret;
200 }
201
202/*-----------------------------------------------*/
203
204int hex2bin(char *in, int len, unsigned char *out)
205{
206 int n1, n2;
207 unsigned char ch;
208
209 for (n1 = 0, n2 = 0; n1 < len; )
210 { /* first byte */
211 if ((in[n1] >= '0') && (in[n1] <= '9'))
212 ch = in[n1++] - '0';
213 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
214 ch = in[n1++] - 'A' + 10;
215 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
216 ch = in[n1++] - 'a' + 10;
217 else
218 return -1;
219 if(len == 1)
220 {
221 out[n2++]=ch;
222 break;
223 }
224 out[n2] = ch << 4;
225 /* second byte */
226 if ((in[n1] >= '0') && (in[n1] <= '9'))
227 ch = in[n1++] - '0';
228 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
229 ch = in[n1++] - 'A' + 10;
230 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
231 ch = in[n1++] - 'a' + 10;
232 else
233 return -1;
234 out[n2++] |= ch;
235 }
236 return n2;
237}
238
239/*-----------------------------------------------*/
240
241int bin2hex(unsigned char *in, int len, char *out)
242{
243 int n1, n2;
244 unsigned char ch;
245
246 for (n1 = 0, n2 = 0; n1 < len; ++n1)
247 {
248 /* first nibble */
249 ch = in[n1] >> 4;
250 if (ch <= 0x09)
251 out[n2++] = ch + '0';
252 else
253 out[n2++] = ch - 10 + 'a';
254 /* second nibble */
255 ch = in[n1] & 0x0f;
256 if (ch <= 0x09)
257 out[n2++] = ch + '0';
258 else
259 out[n2++] = ch - 10 + 'a';
260 }
261 return n2;
262}
263
264/* NB: this return the number of _bits_ read */
265int bint2bin(const char *in, int len, unsigned char *out)
266 {
267 int n;
268
269 memset(out,0,len);
270 for(n=0 ; n < len ; ++n)
271 if(in[n] == '1')
272 out[n/8]|=(0x80 >> (n%8));
273 return len;
274 }
275
276int bin2bint(const unsigned char *in,int len,char *out)
277 {
278 int n;
279
280 for(n=0 ; n < len ; ++n)
281 out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0';
282 return n;
283 }
284
285/*-----------------------------------------------*/
286
287void PrintValue(char *tag, unsigned char *val, int len)
288{
289#if VERBOSE
290 char obuf[2048];
291 int olen;
292 olen = bin2hex(val, len, obuf);
293 printf("%s = %.*s\n", tag, olen, obuf);
294#endif
295}
296
297void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode)
298 {
299 char obuf[2048];
300 int olen;
301
302 if(bitmode)
303 olen=bin2bint(val,len,obuf);
304 else
305 olen=bin2hex(val,len,obuf);
306
307 fprintf(rfp, "%s = %.*s\n", tag, olen, obuf);
308#if VERBOSE
309 printf("%s = %.*s\n", tag, olen, obuf);
310#endif
311 }
312
313/*-----------------------------------------------*/
314char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
315char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB128"};
316enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB128};
317enum XCrypt {XDECRYPT, XENCRYPT};
318
319/*=============================*/
320/* Monte Carlo Tests */
321/*-----------------------------*/
322
323/*#define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)*/
324/*#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) << ((b)%8)))*/
325
326#define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1)
327#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8)))
328
329int do_mct(char *amode,
330 int akeysz, unsigned char *aKey,unsigned char *iVec,
331 int dir, unsigned char *text, int len,
332 FILE *rfp)
333 {
334 int ret = 0;
335 unsigned char key[101][32];
336 unsigned char iv[101][AES_BLOCK_SIZE];
337 unsigned char ptext[1001][32];
338 unsigned char ctext[1001][32];
339 unsigned char ciphertext[64+4];
340 int i, j, n, n1, n2;
341 int imode = 0, nkeysz = akeysz/8;
342 EVP_CIPHER_CTX ctx;
343
344 if (len > 32)
345 {
346 printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n",
347 amode, akeysz);
348 return -1;
349 }
350 for (imode = 0; imode < 6; ++imode)
351 if (strcmp(amode, t_mode[imode]) == 0)
352 break;
353 if (imode == 6)
354 {
355 printf("Unrecognized mode: %s\n", amode);
356 return -1;
357 }
358
359 memcpy(key[0], aKey, nkeysz);
360 if (iVec)
361 memcpy(iv[0], iVec, AES_BLOCK_SIZE);
362 if (dir == XENCRYPT)
363 memcpy(ptext[0], text, len);
364 else
365 memcpy(ctext[0], text, len);
366 for (i = 0; i < 100; ++i)
367 {
368 /* printf("Iteration %d\n", i); */
369 if (i > 0)
370 {
371 fprintf(rfp,"COUNT = %d\n",i);
372 OutputValue("KEY",key[i],nkeysz,rfp,0);
373 if (imode != ECB) /* ECB */
374 OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0);
375 /* Output Ciphertext | Plaintext */
376 OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp,
377 imode == CFB1);
378 }
379 for (j = 0; j < 1000; ++j)
380 {
381 switch (imode)
382 {
383 case ECB:
384 if (j == 0)
385 { /* set up encryption */
386 ret = AESTest(&ctx, amode, akeysz, key[i], NULL,
387 dir, /* 0 = decrypt, 1 = encrypt */
388 ptext[j], ctext[j], len);
389 if (dir == XENCRYPT)
390 memcpy(ptext[j+1], ctext[j], len);
391 else
392 memcpy(ctext[j+1], ptext[j], len);
393 }
394 else
395 {
396 if (dir == XENCRYPT)
397 {
398 EVP_Cipher(&ctx, ctext[j], ptext[j], len);
399 memcpy(ptext[j+1], ctext[j], len);
400 }
401 else
402 {
403 EVP_Cipher(&ctx, ptext[j], ctext[j], len);
404 memcpy(ctext[j+1], ptext[j], len);
405 }
406 }
407 break;
408
409 case CBC:
410 case OFB:
411 case CFB128:
412 if (j == 0)
413 {
414 ret = AESTest(&ctx, amode, akeysz, key[i], iv[i],
415 dir, /* 0 = decrypt, 1 = encrypt */
416 ptext[j], ctext[j], len);
417 if (dir == XENCRYPT)
418 memcpy(ptext[j+1], iv[i], len);
419 else
420 memcpy(ctext[j+1], iv[i], len);
421 }
422 else
423 {
424 if (dir == XENCRYPT)
425 {
426 EVP_Cipher(&ctx, ctext[j], ptext[j], len);
427 memcpy(ptext[j+1], ctext[j-1], len);
428 }
429 else
430 {
431 EVP_Cipher(&ctx, ptext[j], ctext[j], len);
432 memcpy(ctext[j+1], ptext[j-1], len);
433 }
434 }
435 break;
436
437 case CFB8:
438 if (j == 0)
439 {
440 ret = AESTest(&ctx, amode, akeysz, key[i], iv[i],
441 dir, /* 0 = decrypt, 1 = encrypt */
442 ptext[j], ctext[j], len);
443 }
444 else
445 {
446 if (dir == XENCRYPT)
447 EVP_Cipher(&ctx, ctext[j], ptext[j], len);
448 else
449 EVP_Cipher(&ctx, ptext[j], ctext[j], len);
450 }
451 if (dir == XENCRYPT)
452 {
453 if (j < 16)
454 memcpy(ptext[j+1], &iv[i][j], len);
455 else
456 memcpy(ptext[j+1], ctext[j-16], len);
457 }
458 else
459 {
460 if (j < 16)
461 memcpy(ctext[j+1], &iv[i][j], len);
462 else
463 memcpy(ctext[j+1], ptext[j-16], len);
464 }
465 break;
466
467 case CFB1:
468 if(j == 0)
469 {
470 /* compensate for wrong endianness of input file */
471 if(i == 0)
472 ptext[0][0]<<=7;
473 ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
474 ptext[j], ctext[j], len);
475 }
476 else
477 {
478 if (dir == XENCRYPT)
479 EVP_Cipher(&ctx, ctext[j], ptext[j], len);
480 else
481 EVP_Cipher(&ctx, ptext[j], ctext[j], len);
482
483 }
484 if(dir == XENCRYPT)
485 {
486 if(j < 128)
487 sb(ptext[j+1],0,gb(iv[i],j));
488 else
489 sb(ptext[j+1],0,gb(ctext[j-128],0));
490 }
491 else
492 {
493 if(j < 128)
494 sb(ctext[j+1],0,gb(iv[i],j));
495 else
496 sb(ctext[j+1],0,gb(ptext[j-128],0));
497 }
498 break;
499 }
500 }
501 --j; /* reset to last of range */
502 /* Output Ciphertext | Plaintext */
503 OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp,
504 imode == CFB1);
505 fprintf(rfp, "\n"); /* add separator */
506
507 /* Compute next KEY */
508 if (dir == XENCRYPT)
509 {
510 if (imode == CFB8)
511 { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */
512 for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2)
513 ciphertext[n1] = ctext[j-n2][0];
514 }
515 else if(imode == CFB1)
516 {
517 for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2)
518 sb(ciphertext,n1,gb(ctext[j-n2],0));
519 }
520 else
521 switch (akeysz)
522 {
523 case 128:
524 memcpy(ciphertext, ctext[j], 16);
525 break;
526 case 192:
527 memcpy(ciphertext, ctext[j-1]+8, 8);
528 memcpy(ciphertext+8, ctext[j], 16);
529 break;
530 case 256:
531 memcpy(ciphertext, ctext[j-1], 16);
532 memcpy(ciphertext+16, ctext[j], 16);
533 break;
534 }
535 }
536 else
537 {
538 if (imode == CFB8)
539 { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */
540 for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2)
541 ciphertext[n1] = ptext[j-n2][0];
542 }
543 else if(imode == CFB1)
544 {
545 for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2)
546 sb(ciphertext,n1,gb(ptext[j-n2],0));
547 }
548 else
549 switch (akeysz)
550 {
551 case 128:
552 memcpy(ciphertext, ptext[j], 16);
553 break;
554 case 192:
555 memcpy(ciphertext, ptext[j-1]+8, 8);
556 memcpy(ciphertext+8, ptext[j], 16);
557 break;
558 case 256:
559 memcpy(ciphertext, ptext[j-1], 16);
560 memcpy(ciphertext+16, ptext[j], 16);
561 break;
562 }
563 }
564 /* Compute next key: Key[i+1] = Key[i] xor ct */
565 for (n = 0; n < nkeysz; ++n)
566 key[i+1][n] = key[i][n] ^ ciphertext[n];
567
568 /* Compute next IV and text */
569 if (dir == XENCRYPT)
570 {
571 switch (imode)
572 {
573 case ECB:
574 memcpy(ptext[0], ctext[j], AES_BLOCK_SIZE);
575 break;
576 case CBC:
577 case OFB:
578 case CFB128:
579 memcpy(iv[i+1], ctext[j], AES_BLOCK_SIZE);
580 memcpy(ptext[0], ctext[j-1], AES_BLOCK_SIZE);
581 break;
582 case CFB8:
583 /* IV[i+1] = ct */
584 for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2)
585 iv[i+1][n1] = ctext[j-n2][0];
586 ptext[0][0] = ctext[j-16][0];
587 break;
588 case CFB1:
589 for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2)
590 sb(iv[i+1],n1,gb(ctext[j-n2],0));
591 ptext[0][0]=ctext[j-128][0]&0x80;
592 break;
593 }
594 }
595 else
596 {
597 switch (imode)
598 {
599 case ECB:
600 memcpy(ctext[0], ptext[j], AES_BLOCK_SIZE);
601 break;
602 case CBC:
603 case OFB:
604 case CFB128:
605 memcpy(iv[i+1], ptext[j], AES_BLOCK_SIZE);
606 memcpy(ctext[0], ptext[j-1], AES_BLOCK_SIZE);
607 break;
608 case CFB8:
609 for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2)
610 iv[i+1][n1] = ptext[j-n2][0];
611 ctext[0][0] = ptext[j-16][0];
612 break;
613 case CFB1:
614 for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2)
615 sb(iv[i+1],n1,gb(ptext[j-n2],0));
616 ctext[0][0]=ptext[j-128][0]&0x80;
617 break;
618 }
619 }
620 }
621
622 return ret;
623 }
624
625/*================================================*/
626/*----------------------------
627 # Config info for v-one
628 # AESVS MMT test data for ECB
629 # State : Encrypt and Decrypt
630 # Key Length : 256
631 # Fri Aug 30 04:07:22 PM
632 ----------------------------*/
633
634int proc_file(char *rqfile)
635 {
636 char afn[256], rfn[256];
637 FILE *afp = NULL, *rfp = NULL;
638 char ibuf[2048];
639 int ilen, len, ret = 0;
640 char algo[8] = "";
641 char amode[8] = "";
642 char atest[8] = "";
643 int akeysz = 0;
644 unsigned char iVec[20], aKey[40];
645 int dir = -1, err = 0, step = 0;
646 unsigned char plaintext[2048];
647 unsigned char ciphertext[2048];
648 char *rp;
649 EVP_CIPHER_CTX ctx;
650
651 if (!rqfile || !(*rqfile))
652 {
653 printf("No req file\n");
654 return -1;
655 }
656 strcpy(afn, rqfile);
657
658 if ((afp = fopen(afn, "r")) == NULL)
659 {
660 printf("Cannot open file: %s, %s\n",
661 afn, strerror(errno));
662 return -1;
663 }
664 strcpy(rfn,afn);
665 rp=strstr(rfn,"req/");
666 assert(rp);
667 memcpy(rp,"rsp",3);
668 rp = strstr(rfn, ".req");
669 memcpy(rp, ".rsp", 4);
670 if ((rfp = fopen(rfn, "w")) == NULL)
671 {
672 printf("Cannot open file: %s, %s\n",
673 rfn, strerror(errno));
674 fclose(afp);
675 afp = NULL;
676 return -1;
677 }
678 while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
679 {
680 ilen = strlen(ibuf);
681 /* printf("step=%d ibuf=%s",step,ibuf); */
682 switch (step)
683 {
684 case 0: /* read preamble */
685 if (ibuf[0] == '\n')
686 { /* end of preamble */
687 if ((*algo == '\0') ||
688 (*amode == '\0') ||
689 (akeysz == 0))
690 {
691 printf("Missing Algorithm, Mode or KeySize (%s/%s/%d)\n",
692 algo,amode,akeysz);
693 err = 1;
694 }
695 else
696 {
697 fputs(ibuf, rfp);
698 ++ step;
699 }
700 }
701 else if (ibuf[0] != '#')
702 {
703 printf("Invalid preamble item: %s\n", ibuf);
704 err = 1;
705 }
706 else
707 { /* process preamble */
708 char *xp, *pp = ibuf+2;
709 int n;
710 if (akeysz)
711 { /* insert current time & date */
712 time_t rtim = time(0);
713 fprintf(rfp, "# %s", ctime(&rtim));
714 }
715 else
716 {
717 fputs(ibuf, rfp);
718 if (strncmp(pp, "AESVS ", 6) == 0)
719 {
720 strcpy(algo, "AES");
721 /* get test type */
722 pp += 6;
723 xp = strchr(pp, ' ');
724 n = xp-pp;
725 strncpy(atest, pp, n);
726 atest[n] = '\0';
727 /* get mode */
728 xp = strrchr(pp, ' '); /* get mode" */
729 n = strlen(xp+1)-1;
730 strncpy(amode, xp+1, n);
731 amode[n] = '\0';
732 /* amode[3] = '\0'; */
733 printf("Test = %s, Mode = %s\n", atest, amode);
734 }
735 else if (strncasecmp(pp, "Key Length : ", 13) == 0)
736 {
737 akeysz = atoi(pp+13);
738 printf("Key size = %d\n", akeysz);
739 }
740 }
741 }
742 break;
743
744 case 1: /* [ENCRYPT] | [DECRYPT] */
745 if (ibuf[0] == '[')
746 {
747 fputs(ibuf, rfp);
748 ++step;
749 if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
750 dir = 1;
751 else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
752 dir = 0;
753 else
754 {
755 printf("Invalid keyword: %s\n", ibuf);
756 err = 1;
757 }
758 break;
759 }
760 else if (dir == -1)
761 {
762 err = 1;
763 printf("Missing ENCRYPT/DECRYPT keyword\n");
764 break;
765 }
766 else
767 step = 2;
768
769 case 2: /* KEY = xxxx */
770 fputs(ibuf, rfp);
771 if(*ibuf == '\n')
772 break;
773 if(!strncasecmp(ibuf,"COUNT = ",8))
774 break;
775
776 if (strncasecmp(ibuf, "KEY = ", 6) != 0)
777 {
778 printf("Missing KEY\n");
779 err = 1;
780 }
781 else
782 {
783 len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey);
784 if (len < 0)
785 {
786 printf("Invalid KEY\n");
787 err =1;
788 break;
789 }
790 PrintValue("KEY", aKey, len);
791 if (strcmp(amode, "ECB") == 0)
792 {
793 memset(iVec, 0, sizeof(iVec));
794 step = (dir)? 4: 5; /* no ivec for ECB */
795 }
796 else
797 ++step;
798 }
799 break;
800
801 case 3: /* IV = xxxx */
802 fputs(ibuf, rfp);
803 if (strncasecmp(ibuf, "IV = ", 5) != 0)
804 {
805 printf("Missing IV\n");
806 err = 1;
807 }
808 else
809 {
810 len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec);
811 if (len < 0)
812 {
813 printf("Invalid IV\n");
814 err =1;
815 break;
816 }
817 PrintValue("IV", iVec, len);
818 step = (dir)? 4: 5;
819 }
820 break;
821
822 case 4: /* PLAINTEXT = xxxx */
823 fputs(ibuf, rfp);
824 if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0)
825 {
826 printf("Missing PLAINTEXT\n");
827 err = 1;
828 }
829 else
830 {
831 int nn = strlen(ibuf+12);
832 if(!strcmp(amode,"CFB1"))
833 len=bint2bin(ibuf+12,nn-1,plaintext);
834 else
835 len=hex2bin(ibuf+12, nn-1,plaintext);
836 if (len < 0)
837 {
838 printf("Invalid PLAINTEXT: %s", ibuf+12);
839 err =1;
840 break;
841 }
842 if (len >= sizeof(plaintext))
843 {
844 printf("Buffer overflow\n");
845 }
846 PrintValue("PLAINTEXT", (unsigned char*)plaintext, len);
847 if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */
848 {
849 if(do_mct(amode, akeysz, aKey, iVec,
850 dir, (unsigned char*)plaintext, len,
851 rfp) < 0)
852 EXIT(1);
853 }
854 else
855 {
856 ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
857 dir, /* 0 = decrypt, 1 = encrypt */
858 plaintext, ciphertext, len);
859 OutputValue("CIPHERTEXT",ciphertext,len,rfp,
860 !strcmp(amode,"CFB1"));
861 }
862 step = 6;
863 }
864 break;
865
866 case 5: /* CIPHERTEXT = xxxx */
867 fputs(ibuf, rfp);
868 if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0)
869 {
870 printf("Missing KEY\n");
871 err = 1;
872 }
873 else
874 {
875 if(!strcmp(amode,"CFB1"))
876 len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext);
877 else
878 len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext);
879 if (len < 0)
880 {
881 printf("Invalid CIPHERTEXT\n");
882 err =1;
883 break;
884 }
885
886 PrintValue("CIPHERTEXT", ciphertext, len);
887 if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */
888 {
889 do_mct(amode, akeysz, aKey, iVec,
890 dir, ciphertext, len, rfp);
891 }
892 else
893 {
894 ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
895 dir, /* 0 = decrypt, 1 = encrypt */
896 plaintext, ciphertext, len);
897 OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
898 !strcmp(amode,"CFB1"));
899 }
900 step = 6;
901 }
902 break;
903
904 case 6:
905 if (ibuf[0] != '\n')
906 {
907 err = 1;
908 printf("Missing terminator\n");
909 }
910 else if (strcmp(atest, "MCT") != 0)
911 { /* MCT already added terminating nl */
912 fputs(ibuf, rfp);
913 }
914 step = 1;
915 break;
916 }
917 }
918 if (rfp)
919 fclose(rfp);
920 if (afp)
921 fclose(afp);
922 return err;
923 }
924
925/*--------------------------------------------------
926 Processes either a single file or
927 a set of files whose names are passed in a file.
928 A single file is specified as:
929 aes_test -f xxx.req
930 A set of files is specified as:
931 aes_test -d xxxxx.xxx
932 The default is: -d req.txt
933--------------------------------------------------*/
934int main(int argc, char **argv)
935 {
936 char *rqlist = "req.txt";
937 FILE *fp = NULL;
938 char fn[250] = "", rfn[256] = "";
939 int f_opt = 0, d_opt = 1;
940
941#ifdef OPENSSL_FIPS
942 if(!FIPS_mode_set(1))
943 {
944 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
945 EXIT(1);
946 }
947#endif
948 ERR_load_crypto_strings();
949 if (argc > 1)
950 {
951 if (strcasecmp(argv[1], "-d") == 0)
952 {
953 d_opt = 1;
954 }
955 else if (strcasecmp(argv[1], "-f") == 0)
956 {
957 f_opt = 1;
958 d_opt = 0;
959 }
960 else
961 {
962 printf("Invalid parameter: %s\n", argv[1]);
963 return 0;
964 }
965 if (argc < 3)
966 {
967 printf("Missing parameter\n");
968 return 0;
969 }
970 if (d_opt)
971 rqlist = argv[2];
972 else
973 strcpy(fn, argv[2]);
974 }
975 if (d_opt)
976 { /* list of files (directory) */
977 if (!(fp = fopen(rqlist, "r")))
978 {
979 printf("Cannot open req list file\n");
980 return -1;
981 }
982 while (fgets(fn, sizeof(fn), fp))
983 {
984 strtok(fn, "\r\n");
985 strcpy(rfn, fn);
986 printf("Processing: %s\n", rfn);
987 if (proc_file(rfn))
988 {
989 printf(">>> Processing failed for: %s <<<\n", rfn);
990 EXIT(1);
991 }
992 }
993 fclose(fp);
994 }
995 else /* single file */
996 {
997 printf("Processing: %s\n", fn);
998 if (proc_file(fn))
999 {
1000 printf(">>> Processing failed for: %s <<<\n", fn);
1001 }
1002 }
1003 EXIT(0);
1004 return 0;
1005 }
diff --git a/src/lib/libssl/src/fips-1.0/des/Makefile b/src/lib/libssl/src/fips-1.0/des/Makefile
new file mode 100644
index 0000000000..772d775790
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/Makefile
@@ -0,0 +1,135 @@
1#
2# OpenSSL/fips-1.0/des/Makefile
3#
4
5DIR= des
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18FIPS_DES_ENC=fips_des_enc.o
19
20CFLAGS= $(INCLUDES) $(CFLAG)
21
22GENERAL=Makefile
23TEST= fips_desmovs.c
24APPS=
25
26LIB=$(TOP)/libcrypto.a
27LIBSRC=fips_des_enc.c asm/fips-dx86-elf.s fips_des_selftest.c fips_set_key.c
28LIBOBJ=$(FIPS_DES_ENC) fips_des_selftest.o fips_set_key.o
29
30SRC= $(LIBSRC)
31
32EXHEADER=
33HEADER= $(EXHEADER) fips_des_locl.h
34
35ALL= $(GENERAL) $(SRC) $(HEADER)
36
37top:
38 (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
39
40all: lib
41
42lib: $(LIBOBJ)
43 @echo $(LIBOBJ) > lib
44
45files:
46 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
47
48links:
49 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
50 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
51 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
52
53install:
54 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
55 do \
56 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
57 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
58 done
59
60tags:
61 ctags $(SRC)
62
63tests:
64
65fips_test:
66 -find ../testvectors/tdes/req -name '*.req' > testlist
67 -rm -rf ../testvectors/tdes/rsp
68 mkdir ../testvectors/tdes/rsp
69 if [ -s testlist ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_desmovs -d testlist; fi
70
71lint:
72 lint -DLINT $(INCLUDES) $(SRC)>fluff
73
74depend:
75 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \
76 $(SRC) $(TEST)
77dclean:
78 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
79 mv -f Makefile.new $(MAKEFILE)
80
81clean:
82 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85fips_des_enc.o: ../../e_os.h ../../include/openssl/crypto.h
86fips_des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
87fips_des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
88fips_des_enc.o: ../../include/openssl/opensslconf.h
89fips_des_enc.o: ../../include/openssl/opensslv.h
90fips_des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
91fips_des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
92fips_des_enc.o: ../../include/openssl/ui_compat.h fips_des_enc.c
93fips_des_enc.o: fips_des_locl.h
94fips_des_selftest.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
95fips_des_selftest.o: ../../include/openssl/des.h
96fips_des_selftest.o: ../../include/openssl/des_old.h
97fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
98fips_des_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
99fips_des_selftest.o: ../../include/openssl/opensslconf.h
100fips_des_selftest.o: ../../include/openssl/opensslv.h
101fips_des_selftest.o: ../../include/openssl/safestack.h
102fips_des_selftest.o: ../../include/openssl/stack.h
103fips_des_selftest.o: ../../include/openssl/symhacks.h
104fips_des_selftest.o: ../../include/openssl/ui.h
105fips_des_selftest.o: ../../include/openssl/ui_compat.h fips_des_selftest.c
106fips_desmovs.o: ../../e_os.h ../../include/openssl/aes.h
107fips_desmovs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
108fips_desmovs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
109fips_desmovs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
110fips_desmovs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
111fips_desmovs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
112fips_desmovs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
113fips_desmovs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
114fips_desmovs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
115fips_desmovs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
116fips_desmovs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
117fips_desmovs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
118fips_desmovs.o: ../../include/openssl/opensslconf.h
119fips_desmovs.o: ../../include/openssl/opensslv.h
120fips_desmovs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
121fips_desmovs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
122fips_desmovs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
123fips_desmovs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
124fips_desmovs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
125fips_desmovs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
126fips_desmovs.o: fips_desmovs.c
127fips_set_key.o: ../../e_os.h ../../include/openssl/crypto.h
128fips_set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
129fips_set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
130fips_set_key.o: ../../include/openssl/opensslconf.h
131fips_set_key.o: ../../include/openssl/opensslv.h
132fips_set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
133fips_set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
134fips_set_key.o: ../../include/openssl/ui_compat.h fips_des_locl.h
135fips_set_key.o: fips_set_key.c
diff --git a/src/lib/libssl/src/fips-1.0/des/asm/fips-dx86-elf.s b/src/lib/libssl/src/fips-1.0/des/asm/fips-dx86-elf.s
new file mode 100644
index 0000000000..7b4b11f0f3
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/asm/fips-dx86-elf.s
@@ -0,0 +1,2707 @@
1
2
3
4
5
6
7 .file "des-586.s"
8 .version "01.01"
9gcc2_compiled.:
10.text
11 .align 16
12.globl DES_encrypt1
13 .type DES_encrypt1,@function
14DES_encrypt1:
15 pushl %esi
16 pushl %edi
17
18
19 movl 12(%esp), %esi
20 xorl %ecx, %ecx
21 pushl %ebx
22 pushl %ebp
23 movl (%esi), %eax
24 movl 28(%esp), %ebx
25 movl 4(%esi), %edi
26
27
28 roll $4, %eax
29 movl %eax, %esi
30 xorl %edi, %eax
31 andl $0xf0f0f0f0, %eax
32 xorl %eax, %esi
33 xorl %eax, %edi
34
35 roll $20, %edi
36 movl %edi, %eax
37 xorl %esi, %edi
38 andl $0xfff0000f, %edi
39 xorl %edi, %eax
40 xorl %edi, %esi
41
42 roll $14, %eax
43 movl %eax, %edi
44 xorl %esi, %eax
45 andl $0x33333333, %eax
46 xorl %eax, %edi
47 xorl %eax, %esi
48
49 roll $22, %esi
50 movl %esi, %eax
51 xorl %edi, %esi
52 andl $0x03fc03fc, %esi
53 xorl %esi, %eax
54 xorl %esi, %edi
55
56 roll $9, %eax
57 movl %eax, %esi
58 xorl %edi, %eax
59 andl $0xaaaaaaaa, %eax
60 xorl %eax, %esi
61 xorl %eax, %edi
62
63.byte 209
64.byte 199
65 .align 8
66 call .L000PIC_me_up
67.L000PIC_me_up:
68 popl %ebp
69 addl $_GLOBAL_OFFSET_TABLE_+[.-.L000PIC_me_up],%ebp
70 movl DES_SPtrans@GOT(%ebp),%ebp
71 movl 24(%esp), %ecx
72 cmpl $0, %ebx
73 je .L001start_decrypt
74
75
76 movl (%ecx), %eax
77 xorl %ebx, %ebx
78 movl 4(%ecx), %edx
79 xorl %esi, %eax
80 xorl %ecx, %ecx
81 xorl %esi, %edx
82 andl $0xfcfcfcfc, %eax
83 andl $0xcfcfcfcf, %edx
84 movb %al, %bl
85 movb %ah, %cl
86 rorl $4, %edx
87 xorl (%ebp,%ebx),%edi
88 movb %dl, %bl
89 xorl 0x200(%ebp,%ecx),%edi
90 movb %dh, %cl
91 shrl $16, %eax
92 xorl 0x100(%ebp,%ebx),%edi
93 movb %ah, %bl
94 shrl $16, %edx
95 xorl 0x300(%ebp,%ecx),%edi
96 movb %dh, %cl
97 andl $0xff, %eax
98 andl $0xff, %edx
99 xorl 0x600(%ebp,%ebx),%edi
100 xorl 0x700(%ebp,%ecx),%edi
101 movl 24(%esp), %ecx
102 xorl 0x400(%ebp,%eax),%edi
103 xorl 0x500(%ebp,%edx),%edi
104
105
106 movl 8(%ecx), %eax
107 xorl %ebx, %ebx
108 movl 12(%ecx), %edx
109 xorl %edi, %eax
110 xorl %ecx, %ecx
111 xorl %edi, %edx
112 andl $0xfcfcfcfc, %eax
113 andl $0xcfcfcfcf, %edx
114 movb %al, %bl
115 movb %ah, %cl
116 rorl $4, %edx
117 xorl (%ebp,%ebx),%esi
118 movb %dl, %bl
119 xorl 0x200(%ebp,%ecx),%esi
120 movb %dh, %cl
121 shrl $16, %eax
122 xorl 0x100(%ebp,%ebx),%esi
123 movb %ah, %bl
124 shrl $16, %edx
125 xorl 0x300(%ebp,%ecx),%esi
126 movb %dh, %cl
127 andl $0xff, %eax
128 andl $0xff, %edx
129 xorl 0x600(%ebp,%ebx),%esi
130 xorl 0x700(%ebp,%ecx),%esi
131 movl 24(%esp), %ecx
132 xorl 0x400(%ebp,%eax),%esi
133 xorl 0x500(%ebp,%edx),%esi
134
135
136 movl 16(%ecx), %eax
137 xorl %ebx, %ebx
138 movl 20(%ecx), %edx
139 xorl %esi, %eax
140 xorl %ecx, %ecx
141 xorl %esi, %edx
142 andl $0xfcfcfcfc, %eax
143 andl $0xcfcfcfcf, %edx
144 movb %al, %bl
145 movb %ah, %cl
146 rorl $4, %edx
147 xorl (%ebp,%ebx),%edi
148 movb %dl, %bl
149 xorl 0x200(%ebp,%ecx),%edi
150 movb %dh, %cl
151 shrl $16, %eax
152 xorl 0x100(%ebp,%ebx),%edi
153 movb %ah, %bl
154 shrl $16, %edx
155 xorl 0x300(%ebp,%ecx),%edi
156 movb %dh, %cl
157 andl $0xff, %eax
158 andl $0xff, %edx
159 xorl 0x600(%ebp,%ebx),%edi
160 xorl 0x700(%ebp,%ecx),%edi
161 movl 24(%esp), %ecx
162 xorl 0x400(%ebp,%eax),%edi
163 xorl 0x500(%ebp,%edx),%edi
164
165
166 movl 24(%ecx), %eax
167 xorl %ebx, %ebx
168 movl 28(%ecx), %edx
169 xorl %edi, %eax
170 xorl %ecx, %ecx
171 xorl %edi, %edx
172 andl $0xfcfcfcfc, %eax
173 andl $0xcfcfcfcf, %edx
174 movb %al, %bl
175 movb %ah, %cl
176 rorl $4, %edx
177 xorl (%ebp,%ebx),%esi
178 movb %dl, %bl
179 xorl 0x200(%ebp,%ecx),%esi
180 movb %dh, %cl
181 shrl $16, %eax
182 xorl 0x100(%ebp,%ebx),%esi
183 movb %ah, %bl
184 shrl $16, %edx
185 xorl 0x300(%ebp,%ecx),%esi
186 movb %dh, %cl
187 andl $0xff, %eax
188 andl $0xff, %edx
189 xorl 0x600(%ebp,%ebx),%esi
190 xorl 0x700(%ebp,%ecx),%esi
191 movl 24(%esp), %ecx
192 xorl 0x400(%ebp,%eax),%esi
193 xorl 0x500(%ebp,%edx),%esi
194
195
196 movl 32(%ecx), %eax
197 xorl %ebx, %ebx
198 movl 36(%ecx), %edx
199 xorl %esi, %eax
200 xorl %ecx, %ecx
201 xorl %esi, %edx
202 andl $0xfcfcfcfc, %eax
203 andl $0xcfcfcfcf, %edx
204 movb %al, %bl
205 movb %ah, %cl
206 rorl $4, %edx
207 xorl (%ebp,%ebx),%edi
208 movb %dl, %bl
209 xorl 0x200(%ebp,%ecx),%edi
210 movb %dh, %cl
211 shrl $16, %eax
212 xorl 0x100(%ebp,%ebx),%edi
213 movb %ah, %bl
214 shrl $16, %edx
215 xorl 0x300(%ebp,%ecx),%edi
216 movb %dh, %cl
217 andl $0xff, %eax
218 andl $0xff, %edx
219 xorl 0x600(%ebp,%ebx),%edi
220 xorl 0x700(%ebp,%ecx),%edi
221 movl 24(%esp), %ecx
222 xorl 0x400(%ebp,%eax),%edi
223 xorl 0x500(%ebp,%edx),%edi
224
225
226 movl 40(%ecx), %eax
227 xorl %ebx, %ebx
228 movl 44(%ecx), %edx
229 xorl %edi, %eax
230 xorl %ecx, %ecx
231 xorl %edi, %edx
232 andl $0xfcfcfcfc, %eax
233 andl $0xcfcfcfcf, %edx
234 movb %al, %bl
235 movb %ah, %cl
236 rorl $4, %edx
237 xorl (%ebp,%ebx),%esi
238 movb %dl, %bl
239 xorl 0x200(%ebp,%ecx),%esi
240 movb %dh, %cl
241 shrl $16, %eax
242 xorl 0x100(%ebp,%ebx),%esi
243 movb %ah, %bl
244 shrl $16, %edx
245 xorl 0x300(%ebp,%ecx),%esi
246 movb %dh, %cl
247 andl $0xff, %eax
248 andl $0xff, %edx
249 xorl 0x600(%ebp,%ebx),%esi
250 xorl 0x700(%ebp,%ecx),%esi
251 movl 24(%esp), %ecx
252 xorl 0x400(%ebp,%eax),%esi
253 xorl 0x500(%ebp,%edx),%esi
254
255
256 movl 48(%ecx), %eax
257 xorl %ebx, %ebx
258 movl 52(%ecx), %edx
259 xorl %esi, %eax
260 xorl %ecx, %ecx
261 xorl %esi, %edx
262 andl $0xfcfcfcfc, %eax
263 andl $0xcfcfcfcf, %edx
264 movb %al, %bl
265 movb %ah, %cl
266 rorl $4, %edx
267 xorl (%ebp,%ebx),%edi
268 movb %dl, %bl
269 xorl 0x200(%ebp,%ecx),%edi
270 movb %dh, %cl
271 shrl $16, %eax
272 xorl 0x100(%ebp,%ebx),%edi
273 movb %ah, %bl
274 shrl $16, %edx
275 xorl 0x300(%ebp,%ecx),%edi
276 movb %dh, %cl
277 andl $0xff, %eax
278 andl $0xff, %edx
279 xorl 0x600(%ebp,%ebx),%edi
280 xorl 0x700(%ebp,%ecx),%edi
281 movl 24(%esp), %ecx
282 xorl 0x400(%ebp,%eax),%edi
283 xorl 0x500(%ebp,%edx),%edi
284
285
286 movl 56(%ecx), %eax
287 xorl %ebx, %ebx
288 movl 60(%ecx), %edx
289 xorl %edi, %eax
290 xorl %ecx, %ecx
291 xorl %edi, %edx
292 andl $0xfcfcfcfc, %eax
293 andl $0xcfcfcfcf, %edx
294 movb %al, %bl
295 movb %ah, %cl
296 rorl $4, %edx
297 xorl (%ebp,%ebx),%esi
298 movb %dl, %bl
299 xorl 0x200(%ebp,%ecx),%esi
300 movb %dh, %cl
301 shrl $16, %eax
302 xorl 0x100(%ebp,%ebx),%esi
303 movb %ah, %bl
304 shrl $16, %edx
305 xorl 0x300(%ebp,%ecx),%esi
306 movb %dh, %cl
307 andl $0xff, %eax
308 andl $0xff, %edx
309 xorl 0x600(%ebp,%ebx),%esi
310 xorl 0x700(%ebp,%ecx),%esi
311 movl 24(%esp), %ecx
312 xorl 0x400(%ebp,%eax),%esi
313 xorl 0x500(%ebp,%edx),%esi
314
315
316 movl 64(%ecx), %eax
317 xorl %ebx, %ebx
318 movl 68(%ecx), %edx
319 xorl %esi, %eax
320 xorl %ecx, %ecx
321 xorl %esi, %edx
322 andl $0xfcfcfcfc, %eax
323 andl $0xcfcfcfcf, %edx
324 movb %al, %bl
325 movb %ah, %cl
326 rorl $4, %edx
327 xorl (%ebp,%ebx),%edi
328 movb %dl, %bl
329 xorl 0x200(%ebp,%ecx),%edi
330 movb %dh, %cl
331 shrl $16, %eax
332 xorl 0x100(%ebp,%ebx),%edi
333 movb %ah, %bl
334 shrl $16, %edx
335 xorl 0x300(%ebp,%ecx),%edi
336 movb %dh, %cl
337 andl $0xff, %eax
338 andl $0xff, %edx
339 xorl 0x600(%ebp,%ebx),%edi
340 xorl 0x700(%ebp,%ecx),%edi
341 movl 24(%esp), %ecx
342 xorl 0x400(%ebp,%eax),%edi
343 xorl 0x500(%ebp,%edx),%edi
344
345
346 movl 72(%ecx), %eax
347 xorl %ebx, %ebx
348 movl 76(%ecx), %edx
349 xorl %edi, %eax
350 xorl %ecx, %ecx
351 xorl %edi, %edx
352 andl $0xfcfcfcfc, %eax
353 andl $0xcfcfcfcf, %edx
354 movb %al, %bl
355 movb %ah, %cl
356 rorl $4, %edx
357 xorl (%ebp,%ebx),%esi
358 movb %dl, %bl
359 xorl 0x200(%ebp,%ecx),%esi
360 movb %dh, %cl
361 shrl $16, %eax
362 xorl 0x100(%ebp,%ebx),%esi
363 movb %ah, %bl
364 shrl $16, %edx
365 xorl 0x300(%ebp,%ecx),%esi
366 movb %dh, %cl
367 andl $0xff, %eax
368 andl $0xff, %edx
369 xorl 0x600(%ebp,%ebx),%esi
370 xorl 0x700(%ebp,%ecx),%esi
371 movl 24(%esp), %ecx
372 xorl 0x400(%ebp,%eax),%esi
373 xorl 0x500(%ebp,%edx),%esi
374
375
376 movl 80(%ecx), %eax
377 xorl %ebx, %ebx
378 movl 84(%ecx), %edx
379 xorl %esi, %eax
380 xorl %ecx, %ecx
381 xorl %esi, %edx
382 andl $0xfcfcfcfc, %eax
383 andl $0xcfcfcfcf, %edx
384 movb %al, %bl
385 movb %ah, %cl
386 rorl $4, %edx
387 xorl (%ebp,%ebx),%edi
388 movb %dl, %bl
389 xorl 0x200(%ebp,%ecx),%edi
390 movb %dh, %cl
391 shrl $16, %eax
392 xorl 0x100(%ebp,%ebx),%edi
393 movb %ah, %bl
394 shrl $16, %edx
395 xorl 0x300(%ebp,%ecx),%edi
396 movb %dh, %cl
397 andl $0xff, %eax
398 andl $0xff, %edx
399 xorl 0x600(%ebp,%ebx),%edi
400 xorl 0x700(%ebp,%ecx),%edi
401 movl 24(%esp), %ecx
402 xorl 0x400(%ebp,%eax),%edi
403 xorl 0x500(%ebp,%edx),%edi
404
405
406 movl 88(%ecx), %eax
407 xorl %ebx, %ebx
408 movl 92(%ecx), %edx
409 xorl %edi, %eax
410 xorl %ecx, %ecx
411 xorl %edi, %edx
412 andl $0xfcfcfcfc, %eax
413 andl $0xcfcfcfcf, %edx
414 movb %al, %bl
415 movb %ah, %cl
416 rorl $4, %edx
417 xorl (%ebp,%ebx),%esi
418 movb %dl, %bl
419 xorl 0x200(%ebp,%ecx),%esi
420 movb %dh, %cl
421 shrl $16, %eax
422 xorl 0x100(%ebp,%ebx),%esi
423 movb %ah, %bl
424 shrl $16, %edx
425 xorl 0x300(%ebp,%ecx),%esi
426 movb %dh, %cl
427 andl $0xff, %eax
428 andl $0xff, %edx
429 xorl 0x600(%ebp,%ebx),%esi
430 xorl 0x700(%ebp,%ecx),%esi
431 movl 24(%esp), %ecx
432 xorl 0x400(%ebp,%eax),%esi
433 xorl 0x500(%ebp,%edx),%esi
434
435
436 movl 96(%ecx), %eax
437 xorl %ebx, %ebx
438 movl 100(%ecx), %edx
439 xorl %esi, %eax
440 xorl %ecx, %ecx
441 xorl %esi, %edx
442 andl $0xfcfcfcfc, %eax
443 andl $0xcfcfcfcf, %edx
444 movb %al, %bl
445 movb %ah, %cl
446 rorl $4, %edx
447 xorl (%ebp,%ebx),%edi
448 movb %dl, %bl
449 xorl 0x200(%ebp,%ecx),%edi
450 movb %dh, %cl
451 shrl $16, %eax
452 xorl 0x100(%ebp,%ebx),%edi
453 movb %ah, %bl
454 shrl $16, %edx
455 xorl 0x300(%ebp,%ecx),%edi
456 movb %dh, %cl
457 andl $0xff, %eax
458 andl $0xff, %edx
459 xorl 0x600(%ebp,%ebx),%edi
460 xorl 0x700(%ebp,%ecx),%edi
461 movl 24(%esp), %ecx
462 xorl 0x400(%ebp,%eax),%edi
463 xorl 0x500(%ebp,%edx),%edi
464
465
466 movl 104(%ecx), %eax
467 xorl %ebx, %ebx
468 movl 108(%ecx), %edx
469 xorl %edi, %eax
470 xorl %ecx, %ecx
471 xorl %edi, %edx
472 andl $0xfcfcfcfc, %eax
473 andl $0xcfcfcfcf, %edx
474 movb %al, %bl
475 movb %ah, %cl
476 rorl $4, %edx
477 xorl (%ebp,%ebx),%esi
478 movb %dl, %bl
479 xorl 0x200(%ebp,%ecx),%esi
480 movb %dh, %cl
481 shrl $16, %eax
482 xorl 0x100(%ebp,%ebx),%esi
483 movb %ah, %bl
484 shrl $16, %edx
485 xorl 0x300(%ebp,%ecx),%esi
486 movb %dh, %cl
487 andl $0xff, %eax
488 andl $0xff, %edx
489 xorl 0x600(%ebp,%ebx),%esi
490 xorl 0x700(%ebp,%ecx),%esi
491 movl 24(%esp), %ecx
492 xorl 0x400(%ebp,%eax),%esi
493 xorl 0x500(%ebp,%edx),%esi
494
495
496 movl 112(%ecx), %eax
497 xorl %ebx, %ebx
498 movl 116(%ecx), %edx
499 xorl %esi, %eax
500 xorl %ecx, %ecx
501 xorl %esi, %edx
502 andl $0xfcfcfcfc, %eax
503 andl $0xcfcfcfcf, %edx
504 movb %al, %bl
505 movb %ah, %cl
506 rorl $4, %edx
507 xorl (%ebp,%ebx),%edi
508 movb %dl, %bl
509 xorl 0x200(%ebp,%ecx),%edi
510 movb %dh, %cl
511 shrl $16, %eax
512 xorl 0x100(%ebp,%ebx),%edi
513 movb %ah, %bl
514 shrl $16, %edx
515 xorl 0x300(%ebp,%ecx),%edi
516 movb %dh, %cl
517 andl $0xff, %eax
518 andl $0xff, %edx
519 xorl 0x600(%ebp,%ebx),%edi
520 xorl 0x700(%ebp,%ecx),%edi
521 movl 24(%esp), %ecx
522 xorl 0x400(%ebp,%eax),%edi
523 xorl 0x500(%ebp,%edx),%edi
524
525
526 movl 120(%ecx), %eax
527 xorl %ebx, %ebx
528 movl 124(%ecx), %edx
529 xorl %edi, %eax
530 xorl %ecx, %ecx
531 xorl %edi, %edx
532 andl $0xfcfcfcfc, %eax
533 andl $0xcfcfcfcf, %edx
534 movb %al, %bl
535 movb %ah, %cl
536 rorl $4, %edx
537 xorl (%ebp,%ebx),%esi
538 movb %dl, %bl
539 xorl 0x200(%ebp,%ecx),%esi
540 movb %dh, %cl
541 shrl $16, %eax
542 xorl 0x100(%ebp,%ebx),%esi
543 movb %ah, %bl
544 shrl $16, %edx
545 xorl 0x300(%ebp,%ecx),%esi
546 movb %dh, %cl
547 andl $0xff, %eax
548 andl $0xff, %edx
549 xorl 0x600(%ebp,%ebx),%esi
550 xorl 0x700(%ebp,%ecx),%esi
551 movl 24(%esp), %ecx
552 xorl 0x400(%ebp,%eax),%esi
553 xorl 0x500(%ebp,%edx),%esi
554 jmp .L002end
555.L001start_decrypt:
556
557
558 movl 120(%ecx), %eax
559 xorl %ebx, %ebx
560 movl 124(%ecx), %edx
561 xorl %esi, %eax
562 xorl %ecx, %ecx
563 xorl %esi, %edx
564 andl $0xfcfcfcfc, %eax
565 andl $0xcfcfcfcf, %edx
566 movb %al, %bl
567 movb %ah, %cl
568 rorl $4, %edx
569 xorl (%ebp,%ebx),%edi
570 movb %dl, %bl
571 xorl 0x200(%ebp,%ecx),%edi
572 movb %dh, %cl
573 shrl $16, %eax
574 xorl 0x100(%ebp,%ebx),%edi
575 movb %ah, %bl
576 shrl $16, %edx
577 xorl 0x300(%ebp,%ecx),%edi
578 movb %dh, %cl
579 andl $0xff, %eax
580 andl $0xff, %edx
581 xorl 0x600(%ebp,%ebx),%edi
582 xorl 0x700(%ebp,%ecx),%edi
583 movl 24(%esp), %ecx
584 xorl 0x400(%ebp,%eax),%edi
585 xorl 0x500(%ebp,%edx),%edi
586
587
588 movl 112(%ecx), %eax
589 xorl %ebx, %ebx
590 movl 116(%ecx), %edx
591 xorl %edi, %eax
592 xorl %ecx, %ecx
593 xorl %edi, %edx
594 andl $0xfcfcfcfc, %eax
595 andl $0xcfcfcfcf, %edx
596 movb %al, %bl
597 movb %ah, %cl
598 rorl $4, %edx
599 xorl (%ebp,%ebx),%esi
600 movb %dl, %bl
601 xorl 0x200(%ebp,%ecx),%esi
602 movb %dh, %cl
603 shrl $16, %eax
604 xorl 0x100(%ebp,%ebx),%esi
605 movb %ah, %bl
606 shrl $16, %edx
607 xorl 0x300(%ebp,%ecx),%esi
608 movb %dh, %cl
609 andl $0xff, %eax
610 andl $0xff, %edx
611 xorl 0x600(%ebp,%ebx),%esi
612 xorl 0x700(%ebp,%ecx),%esi
613 movl 24(%esp), %ecx
614 xorl 0x400(%ebp,%eax),%esi
615 xorl 0x500(%ebp,%edx),%esi
616
617
618 movl 104(%ecx), %eax
619 xorl %ebx, %ebx
620 movl 108(%ecx), %edx
621 xorl %esi, %eax
622 xorl %ecx, %ecx
623 xorl %esi, %edx
624 andl $0xfcfcfcfc, %eax
625 andl $0xcfcfcfcf, %edx
626 movb %al, %bl
627 movb %ah, %cl
628 rorl $4, %edx
629 xorl (%ebp,%ebx),%edi
630 movb %dl, %bl
631 xorl 0x200(%ebp,%ecx),%edi
632 movb %dh, %cl
633 shrl $16, %eax
634 xorl 0x100(%ebp,%ebx),%edi
635 movb %ah, %bl
636 shrl $16, %edx
637 xorl 0x300(%ebp,%ecx),%edi
638 movb %dh, %cl
639 andl $0xff, %eax
640 andl $0xff, %edx
641 xorl 0x600(%ebp,%ebx),%edi
642 xorl 0x700(%ebp,%ecx),%edi
643 movl 24(%esp), %ecx
644 xorl 0x400(%ebp,%eax),%edi
645 xorl 0x500(%ebp,%edx),%edi
646
647
648 movl 96(%ecx), %eax
649 xorl %ebx, %ebx
650 movl 100(%ecx), %edx
651 xorl %edi, %eax
652 xorl %ecx, %ecx
653 xorl %edi, %edx
654 andl $0xfcfcfcfc, %eax
655 andl $0xcfcfcfcf, %edx
656 movb %al, %bl
657 movb %ah, %cl
658 rorl $4, %edx
659 xorl (%ebp,%ebx),%esi
660 movb %dl, %bl
661 xorl 0x200(%ebp,%ecx),%esi
662 movb %dh, %cl
663 shrl $16, %eax
664 xorl 0x100(%ebp,%ebx),%esi
665 movb %ah, %bl
666 shrl $16, %edx
667 xorl 0x300(%ebp,%ecx),%esi
668 movb %dh, %cl
669 andl $0xff, %eax
670 andl $0xff, %edx
671 xorl 0x600(%ebp,%ebx),%esi
672 xorl 0x700(%ebp,%ecx),%esi
673 movl 24(%esp), %ecx
674 xorl 0x400(%ebp,%eax),%esi
675 xorl 0x500(%ebp,%edx),%esi
676
677
678 movl 88(%ecx), %eax
679 xorl %ebx, %ebx
680 movl 92(%ecx), %edx
681 xorl %esi, %eax
682 xorl %ecx, %ecx
683 xorl %esi, %edx
684 andl $0xfcfcfcfc, %eax
685 andl $0xcfcfcfcf, %edx
686 movb %al, %bl
687 movb %ah, %cl
688 rorl $4, %edx
689 xorl (%ebp,%ebx),%edi
690 movb %dl, %bl
691 xorl 0x200(%ebp,%ecx),%edi
692 movb %dh, %cl
693 shrl $16, %eax
694 xorl 0x100(%ebp,%ebx),%edi
695 movb %ah, %bl
696 shrl $16, %edx
697 xorl 0x300(%ebp,%ecx),%edi
698 movb %dh, %cl
699 andl $0xff, %eax
700 andl $0xff, %edx
701 xorl 0x600(%ebp,%ebx),%edi
702 xorl 0x700(%ebp,%ecx),%edi
703 movl 24(%esp), %ecx
704 xorl 0x400(%ebp,%eax),%edi
705 xorl 0x500(%ebp,%edx),%edi
706
707
708 movl 80(%ecx), %eax
709 xorl %ebx, %ebx
710 movl 84(%ecx), %edx
711 xorl %edi, %eax
712 xorl %ecx, %ecx
713 xorl %edi, %edx
714 andl $0xfcfcfcfc, %eax
715 andl $0xcfcfcfcf, %edx
716 movb %al, %bl
717 movb %ah, %cl
718 rorl $4, %edx
719 xorl (%ebp,%ebx),%esi
720 movb %dl, %bl
721 xorl 0x200(%ebp,%ecx),%esi
722 movb %dh, %cl
723 shrl $16, %eax
724 xorl 0x100(%ebp,%ebx),%esi
725 movb %ah, %bl
726 shrl $16, %edx
727 xorl 0x300(%ebp,%ecx),%esi
728 movb %dh, %cl
729 andl $0xff, %eax
730 andl $0xff, %edx
731 xorl 0x600(%ebp,%ebx),%esi
732 xorl 0x700(%ebp,%ecx),%esi
733 movl 24(%esp), %ecx
734 xorl 0x400(%ebp,%eax),%esi
735 xorl 0x500(%ebp,%edx),%esi
736
737
738 movl 72(%ecx), %eax
739 xorl %ebx, %ebx
740 movl 76(%ecx), %edx
741 xorl %esi, %eax
742 xorl %ecx, %ecx
743 xorl %esi, %edx
744 andl $0xfcfcfcfc, %eax
745 andl $0xcfcfcfcf, %edx
746 movb %al, %bl
747 movb %ah, %cl
748 rorl $4, %edx
749 xorl (%ebp,%ebx),%edi
750 movb %dl, %bl
751 xorl 0x200(%ebp,%ecx),%edi
752 movb %dh, %cl
753 shrl $16, %eax
754 xorl 0x100(%ebp,%ebx),%edi
755 movb %ah, %bl
756 shrl $16, %edx
757 xorl 0x300(%ebp,%ecx),%edi
758 movb %dh, %cl
759 andl $0xff, %eax
760 andl $0xff, %edx
761 xorl 0x600(%ebp,%ebx),%edi
762 xorl 0x700(%ebp,%ecx),%edi
763 movl 24(%esp), %ecx
764 xorl 0x400(%ebp,%eax),%edi
765 xorl 0x500(%ebp,%edx),%edi
766
767
768 movl 64(%ecx), %eax
769 xorl %ebx, %ebx
770 movl 68(%ecx), %edx
771 xorl %edi, %eax
772 xorl %ecx, %ecx
773 xorl %edi, %edx
774 andl $0xfcfcfcfc, %eax
775 andl $0xcfcfcfcf, %edx
776 movb %al, %bl
777 movb %ah, %cl
778 rorl $4, %edx
779 xorl (%ebp,%ebx),%esi
780 movb %dl, %bl
781 xorl 0x200(%ebp,%ecx),%esi
782 movb %dh, %cl
783 shrl $16, %eax
784 xorl 0x100(%ebp,%ebx),%esi
785 movb %ah, %bl
786 shrl $16, %edx
787 xorl 0x300(%ebp,%ecx),%esi
788 movb %dh, %cl
789 andl $0xff, %eax
790 andl $0xff, %edx
791 xorl 0x600(%ebp,%ebx),%esi
792 xorl 0x700(%ebp,%ecx),%esi
793 movl 24(%esp), %ecx
794 xorl 0x400(%ebp,%eax),%esi
795 xorl 0x500(%ebp,%edx),%esi
796
797
798 movl 56(%ecx), %eax
799 xorl %ebx, %ebx
800 movl 60(%ecx), %edx
801 xorl %esi, %eax
802 xorl %ecx, %ecx
803 xorl %esi, %edx
804 andl $0xfcfcfcfc, %eax
805 andl $0xcfcfcfcf, %edx
806 movb %al, %bl
807 movb %ah, %cl
808 rorl $4, %edx
809 xorl (%ebp,%ebx),%edi
810 movb %dl, %bl
811 xorl 0x200(%ebp,%ecx),%edi
812 movb %dh, %cl
813 shrl $16, %eax
814 xorl 0x100(%ebp,%ebx),%edi
815 movb %ah, %bl
816 shrl $16, %edx
817 xorl 0x300(%ebp,%ecx),%edi
818 movb %dh, %cl
819 andl $0xff, %eax
820 andl $0xff, %edx
821 xorl 0x600(%ebp,%ebx),%edi
822 xorl 0x700(%ebp,%ecx),%edi
823 movl 24(%esp), %ecx
824 xorl 0x400(%ebp,%eax),%edi
825 xorl 0x500(%ebp,%edx),%edi
826
827
828 movl 48(%ecx), %eax
829 xorl %ebx, %ebx
830 movl 52(%ecx), %edx
831 xorl %edi, %eax
832 xorl %ecx, %ecx
833 xorl %edi, %edx
834 andl $0xfcfcfcfc, %eax
835 andl $0xcfcfcfcf, %edx
836 movb %al, %bl
837 movb %ah, %cl
838 rorl $4, %edx
839 xorl (%ebp,%ebx),%esi
840 movb %dl, %bl
841 xorl 0x200(%ebp,%ecx),%esi
842 movb %dh, %cl
843 shrl $16, %eax
844 xorl 0x100(%ebp,%ebx),%esi
845 movb %ah, %bl
846 shrl $16, %edx
847 xorl 0x300(%ebp,%ecx),%esi
848 movb %dh, %cl
849 andl $0xff, %eax
850 andl $0xff, %edx
851 xorl 0x600(%ebp,%ebx),%esi
852 xorl 0x700(%ebp,%ecx),%esi
853 movl 24(%esp), %ecx
854 xorl 0x400(%ebp,%eax),%esi
855 xorl 0x500(%ebp,%edx),%esi
856
857
858 movl 40(%ecx), %eax
859 xorl %ebx, %ebx
860 movl 44(%ecx), %edx
861 xorl %esi, %eax
862 xorl %ecx, %ecx
863 xorl %esi, %edx
864 andl $0xfcfcfcfc, %eax
865 andl $0xcfcfcfcf, %edx
866 movb %al, %bl
867 movb %ah, %cl
868 rorl $4, %edx
869 xorl (%ebp,%ebx),%edi
870 movb %dl, %bl
871 xorl 0x200(%ebp,%ecx),%edi
872 movb %dh, %cl
873 shrl $16, %eax
874 xorl 0x100(%ebp,%ebx),%edi
875 movb %ah, %bl
876 shrl $16, %edx
877 xorl 0x300(%ebp,%ecx),%edi
878 movb %dh, %cl
879 andl $0xff, %eax
880 andl $0xff, %edx
881 xorl 0x600(%ebp,%ebx),%edi
882 xorl 0x700(%ebp,%ecx),%edi
883 movl 24(%esp), %ecx
884 xorl 0x400(%ebp,%eax),%edi
885 xorl 0x500(%ebp,%edx),%edi
886
887
888 movl 32(%ecx), %eax
889 xorl %ebx, %ebx
890 movl 36(%ecx), %edx
891 xorl %edi, %eax
892 xorl %ecx, %ecx
893 xorl %edi, %edx
894 andl $0xfcfcfcfc, %eax
895 andl $0xcfcfcfcf, %edx
896 movb %al, %bl
897 movb %ah, %cl
898 rorl $4, %edx
899 xorl (%ebp,%ebx),%esi
900 movb %dl, %bl
901 xorl 0x200(%ebp,%ecx),%esi
902 movb %dh, %cl
903 shrl $16, %eax
904 xorl 0x100(%ebp,%ebx),%esi
905 movb %ah, %bl
906 shrl $16, %edx
907 xorl 0x300(%ebp,%ecx),%esi
908 movb %dh, %cl
909 andl $0xff, %eax
910 andl $0xff, %edx
911 xorl 0x600(%ebp,%ebx),%esi
912 xorl 0x700(%ebp,%ecx),%esi
913 movl 24(%esp), %ecx
914 xorl 0x400(%ebp,%eax),%esi
915 xorl 0x500(%ebp,%edx),%esi
916
917
918 movl 24(%ecx), %eax
919 xorl %ebx, %ebx
920 movl 28(%ecx), %edx
921 xorl %esi, %eax
922 xorl %ecx, %ecx
923 xorl %esi, %edx
924 andl $0xfcfcfcfc, %eax
925 andl $0xcfcfcfcf, %edx
926 movb %al, %bl
927 movb %ah, %cl
928 rorl $4, %edx
929 xorl (%ebp,%ebx),%edi
930 movb %dl, %bl
931 xorl 0x200(%ebp,%ecx),%edi
932 movb %dh, %cl
933 shrl $16, %eax
934 xorl 0x100(%ebp,%ebx),%edi
935 movb %ah, %bl
936 shrl $16, %edx
937 xorl 0x300(%ebp,%ecx),%edi
938 movb %dh, %cl
939 andl $0xff, %eax
940 andl $0xff, %edx
941 xorl 0x600(%ebp,%ebx),%edi
942 xorl 0x700(%ebp,%ecx),%edi
943 movl 24(%esp), %ecx
944 xorl 0x400(%ebp,%eax),%edi
945 xorl 0x500(%ebp,%edx),%edi
946
947
948 movl 16(%ecx), %eax
949 xorl %ebx, %ebx
950 movl 20(%ecx), %edx
951 xorl %edi, %eax
952 xorl %ecx, %ecx
953 xorl %edi, %edx
954 andl $0xfcfcfcfc, %eax
955 andl $0xcfcfcfcf, %edx
956 movb %al, %bl
957 movb %ah, %cl
958 rorl $4, %edx
959 xorl (%ebp,%ebx),%esi
960 movb %dl, %bl
961 xorl 0x200(%ebp,%ecx),%esi
962 movb %dh, %cl
963 shrl $16, %eax
964 xorl 0x100(%ebp,%ebx),%esi
965 movb %ah, %bl
966 shrl $16, %edx
967 xorl 0x300(%ebp,%ecx),%esi
968 movb %dh, %cl
969 andl $0xff, %eax
970 andl $0xff, %edx
971 xorl 0x600(%ebp,%ebx),%esi
972 xorl 0x700(%ebp,%ecx),%esi
973 movl 24(%esp), %ecx
974 xorl 0x400(%ebp,%eax),%esi
975 xorl 0x500(%ebp,%edx),%esi
976
977
978 movl 8(%ecx), %eax
979 xorl %ebx, %ebx
980 movl 12(%ecx), %edx
981 xorl %esi, %eax
982 xorl %ecx, %ecx
983 xorl %esi, %edx
984 andl $0xfcfcfcfc, %eax
985 andl $0xcfcfcfcf, %edx
986 movb %al, %bl
987 movb %ah, %cl
988 rorl $4, %edx
989 xorl (%ebp,%ebx),%edi
990 movb %dl, %bl
991 xorl 0x200(%ebp,%ecx),%edi
992 movb %dh, %cl
993 shrl $16, %eax
994 xorl 0x100(%ebp,%ebx),%edi
995 movb %ah, %bl
996 shrl $16, %edx
997 xorl 0x300(%ebp,%ecx),%edi
998 movb %dh, %cl
999 andl $0xff, %eax
1000 andl $0xff, %edx
1001 xorl 0x600(%ebp,%ebx),%edi
1002 xorl 0x700(%ebp,%ecx),%edi
1003 movl 24(%esp), %ecx
1004 xorl 0x400(%ebp,%eax),%edi
1005 xorl 0x500(%ebp,%edx),%edi
1006
1007
1008 movl (%ecx), %eax
1009 xorl %ebx, %ebx
1010 movl 4(%ecx), %edx
1011 xorl %edi, %eax
1012 xorl %ecx, %ecx
1013 xorl %edi, %edx
1014 andl $0xfcfcfcfc, %eax
1015 andl $0xcfcfcfcf, %edx
1016 movb %al, %bl
1017 movb %ah, %cl
1018 rorl $4, %edx
1019 xorl (%ebp,%ebx),%esi
1020 movb %dl, %bl
1021 xorl 0x200(%ebp,%ecx),%esi
1022 movb %dh, %cl
1023 shrl $16, %eax
1024 xorl 0x100(%ebp,%ebx),%esi
1025 movb %ah, %bl
1026 shrl $16, %edx
1027 xorl 0x300(%ebp,%ecx),%esi
1028 movb %dh, %cl
1029 andl $0xff, %eax
1030 andl $0xff, %edx
1031 xorl 0x600(%ebp,%ebx),%esi
1032 xorl 0x700(%ebp,%ecx),%esi
1033 movl 24(%esp), %ecx
1034 xorl 0x400(%ebp,%eax),%esi
1035 xorl 0x500(%ebp,%edx),%esi
1036.L002end:
1037
1038
1039 movl 20(%esp), %edx
1040.byte 209
1041.byte 206
1042 movl %edi, %eax
1043 xorl %esi, %edi
1044 andl $0xaaaaaaaa, %edi
1045 xorl %edi, %eax
1046 xorl %edi, %esi
1047
1048 roll $23, %eax
1049 movl %eax, %edi
1050 xorl %esi, %eax
1051 andl $0x03fc03fc, %eax
1052 xorl %eax, %edi
1053 xorl %eax, %esi
1054
1055 roll $10, %edi
1056 movl %edi, %eax
1057 xorl %esi, %edi
1058 andl $0x33333333, %edi
1059 xorl %edi, %eax
1060 xorl %edi, %esi
1061
1062 roll $18, %esi
1063 movl %esi, %edi
1064 xorl %eax, %esi
1065 andl $0xfff0000f, %esi
1066 xorl %esi, %edi
1067 xorl %esi, %eax
1068
1069 roll $12, %edi
1070 movl %edi, %esi
1071 xorl %eax, %edi
1072 andl $0xf0f0f0f0, %edi
1073 xorl %edi, %esi
1074 xorl %edi, %eax
1075
1076 rorl $4, %eax
1077 movl %eax, (%edx)
1078 movl %esi, 4(%edx)
1079 popl %ebp
1080 popl %ebx
1081 popl %edi
1082 popl %esi
1083 ret
1084.L_DES_encrypt1_end:
1085 .size DES_encrypt1,.L_DES_encrypt1_end-DES_encrypt1
1086.ident "desasm.pl"
1087.text
1088 .align 16
1089.globl DES_encrypt2
1090 .type DES_encrypt2,@function
1091DES_encrypt2:
1092 pushl %esi
1093 pushl %edi
1094
1095
1096 movl 12(%esp), %eax
1097 xorl %ecx, %ecx
1098 pushl %ebx
1099 pushl %ebp
1100 movl (%eax), %esi
1101 movl 28(%esp), %ebx
1102 roll $3, %esi
1103 movl 4(%eax), %edi
1104 roll $3, %edi
1105 .align 8
1106 call .L003PIC_me_up
1107.L003PIC_me_up:
1108 popl %ebp
1109 addl $_GLOBAL_OFFSET_TABLE_+[.-.L003PIC_me_up],%ebp
1110 movl DES_SPtrans@GOT(%ebp),%ebp
1111 movl 24(%esp), %ecx
1112 cmpl $0, %ebx
1113 je .L004start_decrypt
1114
1115
1116 movl (%ecx), %eax
1117 xorl %ebx, %ebx
1118 movl 4(%ecx), %edx
1119 xorl %esi, %eax
1120 xorl %ecx, %ecx
1121 xorl %esi, %edx
1122 andl $0xfcfcfcfc, %eax
1123 andl $0xcfcfcfcf, %edx
1124 movb %al, %bl
1125 movb %ah, %cl
1126 rorl $4, %edx
1127 xorl (%ebp,%ebx),%edi
1128 movb %dl, %bl
1129 xorl 0x200(%ebp,%ecx),%edi
1130 movb %dh, %cl
1131 shrl $16, %eax
1132 xorl 0x100(%ebp,%ebx),%edi
1133 movb %ah, %bl
1134 shrl $16, %edx
1135 xorl 0x300(%ebp,%ecx),%edi
1136 movb %dh, %cl
1137 andl $0xff, %eax
1138 andl $0xff, %edx
1139 xorl 0x600(%ebp,%ebx),%edi
1140 xorl 0x700(%ebp,%ecx),%edi
1141 movl 24(%esp), %ecx
1142 xorl 0x400(%ebp,%eax),%edi
1143 xorl 0x500(%ebp,%edx),%edi
1144
1145
1146 movl 8(%ecx), %eax
1147 xorl %ebx, %ebx
1148 movl 12(%ecx), %edx
1149 xorl %edi, %eax
1150 xorl %ecx, %ecx
1151 xorl %edi, %edx
1152 andl $0xfcfcfcfc, %eax
1153 andl $0xcfcfcfcf, %edx
1154 movb %al, %bl
1155 movb %ah, %cl
1156 rorl $4, %edx
1157 xorl (%ebp,%ebx),%esi
1158 movb %dl, %bl
1159 xorl 0x200(%ebp,%ecx),%esi
1160 movb %dh, %cl
1161 shrl $16, %eax
1162 xorl 0x100(%ebp,%ebx),%esi
1163 movb %ah, %bl
1164 shrl $16, %edx
1165 xorl 0x300(%ebp,%ecx),%esi
1166 movb %dh, %cl
1167 andl $0xff, %eax
1168 andl $0xff, %edx
1169 xorl 0x600(%ebp,%ebx),%esi
1170 xorl 0x700(%ebp,%ecx),%esi
1171 movl 24(%esp), %ecx
1172 xorl 0x400(%ebp,%eax),%esi
1173 xorl 0x500(%ebp,%edx),%esi
1174
1175
1176 movl 16(%ecx), %eax
1177 xorl %ebx, %ebx
1178 movl 20(%ecx), %edx
1179 xorl %esi, %eax
1180 xorl %ecx, %ecx
1181 xorl %esi, %edx
1182 andl $0xfcfcfcfc, %eax
1183 andl $0xcfcfcfcf, %edx
1184 movb %al, %bl
1185 movb %ah, %cl
1186 rorl $4, %edx
1187 xorl (%ebp,%ebx),%edi
1188 movb %dl, %bl
1189 xorl 0x200(%ebp,%ecx),%edi
1190 movb %dh, %cl
1191 shrl $16, %eax
1192 xorl 0x100(%ebp,%ebx),%edi
1193 movb %ah, %bl
1194 shrl $16, %edx
1195 xorl 0x300(%ebp,%ecx),%edi
1196 movb %dh, %cl
1197 andl $0xff, %eax
1198 andl $0xff, %edx
1199 xorl 0x600(%ebp,%ebx),%edi
1200 xorl 0x700(%ebp,%ecx),%edi
1201 movl 24(%esp), %ecx
1202 xorl 0x400(%ebp,%eax),%edi
1203 xorl 0x500(%ebp,%edx),%edi
1204
1205
1206 movl 24(%ecx), %eax
1207 xorl %ebx, %ebx
1208 movl 28(%ecx), %edx
1209 xorl %edi, %eax
1210 xorl %ecx, %ecx
1211 xorl %edi, %edx
1212 andl $0xfcfcfcfc, %eax
1213 andl $0xcfcfcfcf, %edx
1214 movb %al, %bl
1215 movb %ah, %cl
1216 rorl $4, %edx
1217 xorl (%ebp,%ebx),%esi
1218 movb %dl, %bl
1219 xorl 0x200(%ebp,%ecx),%esi
1220 movb %dh, %cl
1221 shrl $16, %eax
1222 xorl 0x100(%ebp,%ebx),%esi
1223 movb %ah, %bl
1224 shrl $16, %edx
1225 xorl 0x300(%ebp,%ecx),%esi
1226 movb %dh, %cl
1227 andl $0xff, %eax
1228 andl $0xff, %edx
1229 xorl 0x600(%ebp,%ebx),%esi
1230 xorl 0x700(%ebp,%ecx),%esi
1231 movl 24(%esp), %ecx
1232 xorl 0x400(%ebp,%eax),%esi
1233 xorl 0x500(%ebp,%edx),%esi
1234
1235
1236 movl 32(%ecx), %eax
1237 xorl %ebx, %ebx
1238 movl 36(%ecx), %edx
1239 xorl %esi, %eax
1240 xorl %ecx, %ecx
1241 xorl %esi, %edx
1242 andl $0xfcfcfcfc, %eax
1243 andl $0xcfcfcfcf, %edx
1244 movb %al, %bl
1245 movb %ah, %cl
1246 rorl $4, %edx
1247 xorl (%ebp,%ebx),%edi
1248 movb %dl, %bl
1249 xorl 0x200(%ebp,%ecx),%edi
1250 movb %dh, %cl
1251 shrl $16, %eax
1252 xorl 0x100(%ebp,%ebx),%edi
1253 movb %ah, %bl
1254 shrl $16, %edx
1255 xorl 0x300(%ebp,%ecx),%edi
1256 movb %dh, %cl
1257 andl $0xff, %eax
1258 andl $0xff, %edx
1259 xorl 0x600(%ebp,%ebx),%edi
1260 xorl 0x700(%ebp,%ecx),%edi
1261 movl 24(%esp), %ecx
1262 xorl 0x400(%ebp,%eax),%edi
1263 xorl 0x500(%ebp,%edx),%edi
1264
1265
1266 movl 40(%ecx), %eax
1267 xorl %ebx, %ebx
1268 movl 44(%ecx), %edx
1269 xorl %edi, %eax
1270 xorl %ecx, %ecx
1271 xorl %edi, %edx
1272 andl $0xfcfcfcfc, %eax
1273 andl $0xcfcfcfcf, %edx
1274 movb %al, %bl
1275 movb %ah, %cl
1276 rorl $4, %edx
1277 xorl (%ebp,%ebx),%esi
1278 movb %dl, %bl
1279 xorl 0x200(%ebp,%ecx),%esi
1280 movb %dh, %cl
1281 shrl $16, %eax
1282 xorl 0x100(%ebp,%ebx),%esi
1283 movb %ah, %bl
1284 shrl $16, %edx
1285 xorl 0x300(%ebp,%ecx),%esi
1286 movb %dh, %cl
1287 andl $0xff, %eax
1288 andl $0xff, %edx
1289 xorl 0x600(%ebp,%ebx),%esi
1290 xorl 0x700(%ebp,%ecx),%esi
1291 movl 24(%esp), %ecx
1292 xorl 0x400(%ebp,%eax),%esi
1293 xorl 0x500(%ebp,%edx),%esi
1294
1295
1296 movl 48(%ecx), %eax
1297 xorl %ebx, %ebx
1298 movl 52(%ecx), %edx
1299 xorl %esi, %eax
1300 xorl %ecx, %ecx
1301 xorl %esi, %edx
1302 andl $0xfcfcfcfc, %eax
1303 andl $0xcfcfcfcf, %edx
1304 movb %al, %bl
1305 movb %ah, %cl
1306 rorl $4, %edx
1307 xorl (%ebp,%ebx),%edi
1308 movb %dl, %bl
1309 xorl 0x200(%ebp,%ecx),%edi
1310 movb %dh, %cl
1311 shrl $16, %eax
1312 xorl 0x100(%ebp,%ebx),%edi
1313 movb %ah, %bl
1314 shrl $16, %edx
1315 xorl 0x300(%ebp,%ecx),%edi
1316 movb %dh, %cl
1317 andl $0xff, %eax
1318 andl $0xff, %edx
1319 xorl 0x600(%ebp,%ebx),%edi
1320 xorl 0x700(%ebp,%ecx),%edi
1321 movl 24(%esp), %ecx
1322 xorl 0x400(%ebp,%eax),%edi
1323 xorl 0x500(%ebp,%edx),%edi
1324
1325
1326 movl 56(%ecx), %eax
1327 xorl %ebx, %ebx
1328 movl 60(%ecx), %edx
1329 xorl %edi, %eax
1330 xorl %ecx, %ecx
1331 xorl %edi, %edx
1332 andl $0xfcfcfcfc, %eax
1333 andl $0xcfcfcfcf, %edx
1334 movb %al, %bl
1335 movb %ah, %cl
1336 rorl $4, %edx
1337 xorl (%ebp,%ebx),%esi
1338 movb %dl, %bl
1339 xorl 0x200(%ebp,%ecx),%esi
1340 movb %dh, %cl
1341 shrl $16, %eax
1342 xorl 0x100(%ebp,%ebx),%esi
1343 movb %ah, %bl
1344 shrl $16, %edx
1345 xorl 0x300(%ebp,%ecx),%esi
1346 movb %dh, %cl
1347 andl $0xff, %eax
1348 andl $0xff, %edx
1349 xorl 0x600(%ebp,%ebx),%esi
1350 xorl 0x700(%ebp,%ecx),%esi
1351 movl 24(%esp), %ecx
1352 xorl 0x400(%ebp,%eax),%esi
1353 xorl 0x500(%ebp,%edx),%esi
1354
1355
1356 movl 64(%ecx), %eax
1357 xorl %ebx, %ebx
1358 movl 68(%ecx), %edx
1359 xorl %esi, %eax
1360 xorl %ecx, %ecx
1361 xorl %esi, %edx
1362 andl $0xfcfcfcfc, %eax
1363 andl $0xcfcfcfcf, %edx
1364 movb %al, %bl
1365 movb %ah, %cl
1366 rorl $4, %edx
1367 xorl (%ebp,%ebx),%edi
1368 movb %dl, %bl
1369 xorl 0x200(%ebp,%ecx),%edi
1370 movb %dh, %cl
1371 shrl $16, %eax
1372 xorl 0x100(%ebp,%ebx),%edi
1373 movb %ah, %bl
1374 shrl $16, %edx
1375 xorl 0x300(%ebp,%ecx),%edi
1376 movb %dh, %cl
1377 andl $0xff, %eax
1378 andl $0xff, %edx
1379 xorl 0x600(%ebp,%ebx),%edi
1380 xorl 0x700(%ebp,%ecx),%edi
1381 movl 24(%esp), %ecx
1382 xorl 0x400(%ebp,%eax),%edi
1383 xorl 0x500(%ebp,%edx),%edi
1384
1385
1386 movl 72(%ecx), %eax
1387 xorl %ebx, %ebx
1388 movl 76(%ecx), %edx
1389 xorl %edi, %eax
1390 xorl %ecx, %ecx
1391 xorl %edi, %edx
1392 andl $0xfcfcfcfc, %eax
1393 andl $0xcfcfcfcf, %edx
1394 movb %al, %bl
1395 movb %ah, %cl
1396 rorl $4, %edx
1397 xorl (%ebp,%ebx),%esi
1398 movb %dl, %bl
1399 xorl 0x200(%ebp,%ecx),%esi
1400 movb %dh, %cl
1401 shrl $16, %eax
1402 xorl 0x100(%ebp,%ebx),%esi
1403 movb %ah, %bl
1404 shrl $16, %edx
1405 xorl 0x300(%ebp,%ecx),%esi
1406 movb %dh, %cl
1407 andl $0xff, %eax
1408 andl $0xff, %edx
1409 xorl 0x600(%ebp,%ebx),%esi
1410 xorl 0x700(%ebp,%ecx),%esi
1411 movl 24(%esp), %ecx
1412 xorl 0x400(%ebp,%eax),%esi
1413 xorl 0x500(%ebp,%edx),%esi
1414
1415
1416 movl 80(%ecx), %eax
1417 xorl %ebx, %ebx
1418 movl 84(%ecx), %edx
1419 xorl %esi, %eax
1420 xorl %ecx, %ecx
1421 xorl %esi, %edx
1422 andl $0xfcfcfcfc, %eax
1423 andl $0xcfcfcfcf, %edx
1424 movb %al, %bl
1425 movb %ah, %cl
1426 rorl $4, %edx
1427 xorl (%ebp,%ebx),%edi
1428 movb %dl, %bl
1429 xorl 0x200(%ebp,%ecx),%edi
1430 movb %dh, %cl
1431 shrl $16, %eax
1432 xorl 0x100(%ebp,%ebx),%edi
1433 movb %ah, %bl
1434 shrl $16, %edx
1435 xorl 0x300(%ebp,%ecx),%edi
1436 movb %dh, %cl
1437 andl $0xff, %eax
1438 andl $0xff, %edx
1439 xorl 0x600(%ebp,%ebx),%edi
1440 xorl 0x700(%ebp,%ecx),%edi
1441 movl 24(%esp), %ecx
1442 xorl 0x400(%ebp,%eax),%edi
1443 xorl 0x500(%ebp,%edx),%edi
1444
1445
1446 movl 88(%ecx), %eax
1447 xorl %ebx, %ebx
1448 movl 92(%ecx), %edx
1449 xorl %edi, %eax
1450 xorl %ecx, %ecx
1451 xorl %edi, %edx
1452 andl $0xfcfcfcfc, %eax
1453 andl $0xcfcfcfcf, %edx
1454 movb %al, %bl
1455 movb %ah, %cl
1456 rorl $4, %edx
1457 xorl (%ebp,%ebx),%esi
1458 movb %dl, %bl
1459 xorl 0x200(%ebp,%ecx),%esi
1460 movb %dh, %cl
1461 shrl $16, %eax
1462 xorl 0x100(%ebp,%ebx),%esi
1463 movb %ah, %bl
1464 shrl $16, %edx
1465 xorl 0x300(%ebp,%ecx),%esi
1466 movb %dh, %cl
1467 andl $0xff, %eax
1468 andl $0xff, %edx
1469 xorl 0x600(%ebp,%ebx),%esi
1470 xorl 0x700(%ebp,%ecx),%esi
1471 movl 24(%esp), %ecx
1472 xorl 0x400(%ebp,%eax),%esi
1473 xorl 0x500(%ebp,%edx),%esi
1474
1475
1476 movl 96(%ecx), %eax
1477 xorl %ebx, %ebx
1478 movl 100(%ecx), %edx
1479 xorl %esi, %eax
1480 xorl %ecx, %ecx
1481 xorl %esi, %edx
1482 andl $0xfcfcfcfc, %eax
1483 andl $0xcfcfcfcf, %edx
1484 movb %al, %bl
1485 movb %ah, %cl
1486 rorl $4, %edx
1487 xorl (%ebp,%ebx),%edi
1488 movb %dl, %bl
1489 xorl 0x200(%ebp,%ecx),%edi
1490 movb %dh, %cl
1491 shrl $16, %eax
1492 xorl 0x100(%ebp,%ebx),%edi
1493 movb %ah, %bl
1494 shrl $16, %edx
1495 xorl 0x300(%ebp,%ecx),%edi
1496 movb %dh, %cl
1497 andl $0xff, %eax
1498 andl $0xff, %edx
1499 xorl 0x600(%ebp,%ebx),%edi
1500 xorl 0x700(%ebp,%ecx),%edi
1501 movl 24(%esp), %ecx
1502 xorl 0x400(%ebp,%eax),%edi
1503 xorl 0x500(%ebp,%edx),%edi
1504
1505
1506 movl 104(%ecx), %eax
1507 xorl %ebx, %ebx
1508 movl 108(%ecx), %edx
1509 xorl %edi, %eax
1510 xorl %ecx, %ecx
1511 xorl %edi, %edx
1512 andl $0xfcfcfcfc, %eax
1513 andl $0xcfcfcfcf, %edx
1514 movb %al, %bl
1515 movb %ah, %cl
1516 rorl $4, %edx
1517 xorl (%ebp,%ebx),%esi
1518 movb %dl, %bl
1519 xorl 0x200(%ebp,%ecx),%esi
1520 movb %dh, %cl
1521 shrl $16, %eax
1522 xorl 0x100(%ebp,%ebx),%esi
1523 movb %ah, %bl
1524 shrl $16, %edx
1525 xorl 0x300(%ebp,%ecx),%esi
1526 movb %dh, %cl
1527 andl $0xff, %eax
1528 andl $0xff, %edx
1529 xorl 0x600(%ebp,%ebx),%esi
1530 xorl 0x700(%ebp,%ecx),%esi
1531 movl 24(%esp), %ecx
1532 xorl 0x400(%ebp,%eax),%esi
1533 xorl 0x500(%ebp,%edx),%esi
1534
1535
1536 movl 112(%ecx), %eax
1537 xorl %ebx, %ebx
1538 movl 116(%ecx), %edx
1539 xorl %esi, %eax
1540 xorl %ecx, %ecx
1541 xorl %esi, %edx
1542 andl $0xfcfcfcfc, %eax
1543 andl $0xcfcfcfcf, %edx
1544 movb %al, %bl
1545 movb %ah, %cl
1546 rorl $4, %edx
1547 xorl (%ebp,%ebx),%edi
1548 movb %dl, %bl
1549 xorl 0x200(%ebp,%ecx),%edi
1550 movb %dh, %cl
1551 shrl $16, %eax
1552 xorl 0x100(%ebp,%ebx),%edi
1553 movb %ah, %bl
1554 shrl $16, %edx
1555 xorl 0x300(%ebp,%ecx),%edi
1556 movb %dh, %cl
1557 andl $0xff, %eax
1558 andl $0xff, %edx
1559 xorl 0x600(%ebp,%ebx),%edi
1560 xorl 0x700(%ebp,%ecx),%edi
1561 movl 24(%esp), %ecx
1562 xorl 0x400(%ebp,%eax),%edi
1563 xorl 0x500(%ebp,%edx),%edi
1564
1565
1566 movl 120(%ecx), %eax
1567 xorl %ebx, %ebx
1568 movl 124(%ecx), %edx
1569 xorl %edi, %eax
1570 xorl %ecx, %ecx
1571 xorl %edi, %edx
1572 andl $0xfcfcfcfc, %eax
1573 andl $0xcfcfcfcf, %edx
1574 movb %al, %bl
1575 movb %ah, %cl
1576 rorl $4, %edx
1577 xorl (%ebp,%ebx),%esi
1578 movb %dl, %bl
1579 xorl 0x200(%ebp,%ecx),%esi
1580 movb %dh, %cl
1581 shrl $16, %eax
1582 xorl 0x100(%ebp,%ebx),%esi
1583 movb %ah, %bl
1584 shrl $16, %edx
1585 xorl 0x300(%ebp,%ecx),%esi
1586 movb %dh, %cl
1587 andl $0xff, %eax
1588 andl $0xff, %edx
1589 xorl 0x600(%ebp,%ebx),%esi
1590 xorl 0x700(%ebp,%ecx),%esi
1591 movl 24(%esp), %ecx
1592 xorl 0x400(%ebp,%eax),%esi
1593 xorl 0x500(%ebp,%edx),%esi
1594 jmp .L005end
1595.L004start_decrypt:
1596
1597
1598 movl 120(%ecx), %eax
1599 xorl %ebx, %ebx
1600 movl 124(%ecx), %edx
1601 xorl %esi, %eax
1602 xorl %ecx, %ecx
1603 xorl %esi, %edx
1604 andl $0xfcfcfcfc, %eax
1605 andl $0xcfcfcfcf, %edx
1606 movb %al, %bl
1607 movb %ah, %cl
1608 rorl $4, %edx
1609 xorl (%ebp,%ebx),%edi
1610 movb %dl, %bl
1611 xorl 0x200(%ebp,%ecx),%edi
1612 movb %dh, %cl
1613 shrl $16, %eax
1614 xorl 0x100(%ebp,%ebx),%edi
1615 movb %ah, %bl
1616 shrl $16, %edx
1617 xorl 0x300(%ebp,%ecx),%edi
1618 movb %dh, %cl
1619 andl $0xff, %eax
1620 andl $0xff, %edx
1621 xorl 0x600(%ebp,%ebx),%edi
1622 xorl 0x700(%ebp,%ecx),%edi
1623 movl 24(%esp), %ecx
1624 xorl 0x400(%ebp,%eax),%edi
1625 xorl 0x500(%ebp,%edx),%edi
1626
1627
1628 movl 112(%ecx), %eax
1629 xorl %ebx, %ebx
1630 movl 116(%ecx), %edx
1631 xorl %edi, %eax
1632 xorl %ecx, %ecx
1633 xorl %edi, %edx
1634 andl $0xfcfcfcfc, %eax
1635 andl $0xcfcfcfcf, %edx
1636 movb %al, %bl
1637 movb %ah, %cl
1638 rorl $4, %edx
1639 xorl (%ebp,%ebx),%esi
1640 movb %dl, %bl
1641 xorl 0x200(%ebp,%ecx),%esi
1642 movb %dh, %cl
1643 shrl $16, %eax
1644 xorl 0x100(%ebp,%ebx),%esi
1645 movb %ah, %bl
1646 shrl $16, %edx
1647 xorl 0x300(%ebp,%ecx),%esi
1648 movb %dh, %cl
1649 andl $0xff, %eax
1650 andl $0xff, %edx
1651 xorl 0x600(%ebp,%ebx),%esi
1652 xorl 0x700(%ebp,%ecx),%esi
1653 movl 24(%esp), %ecx
1654 xorl 0x400(%ebp,%eax),%esi
1655 xorl 0x500(%ebp,%edx),%esi
1656
1657
1658 movl 104(%ecx), %eax
1659 xorl %ebx, %ebx
1660 movl 108(%ecx), %edx
1661 xorl %esi, %eax
1662 xorl %ecx, %ecx
1663 xorl %esi, %edx
1664 andl $0xfcfcfcfc, %eax
1665 andl $0xcfcfcfcf, %edx
1666 movb %al, %bl
1667 movb %ah, %cl
1668 rorl $4, %edx
1669 xorl (%ebp,%ebx),%edi
1670 movb %dl, %bl
1671 xorl 0x200(%ebp,%ecx),%edi
1672 movb %dh, %cl
1673 shrl $16, %eax
1674 xorl 0x100(%ebp,%ebx),%edi
1675 movb %ah, %bl
1676 shrl $16, %edx
1677 xorl 0x300(%ebp,%ecx),%edi
1678 movb %dh, %cl
1679 andl $0xff, %eax
1680 andl $0xff, %edx
1681 xorl 0x600(%ebp,%ebx),%edi
1682 xorl 0x700(%ebp,%ecx),%edi
1683 movl 24(%esp), %ecx
1684 xorl 0x400(%ebp,%eax),%edi
1685 xorl 0x500(%ebp,%edx),%edi
1686
1687
1688 movl 96(%ecx), %eax
1689 xorl %ebx, %ebx
1690 movl 100(%ecx), %edx
1691 xorl %edi, %eax
1692 xorl %ecx, %ecx
1693 xorl %edi, %edx
1694 andl $0xfcfcfcfc, %eax
1695 andl $0xcfcfcfcf, %edx
1696 movb %al, %bl
1697 movb %ah, %cl
1698 rorl $4, %edx
1699 xorl (%ebp,%ebx),%esi
1700 movb %dl, %bl
1701 xorl 0x200(%ebp,%ecx),%esi
1702 movb %dh, %cl
1703 shrl $16, %eax
1704 xorl 0x100(%ebp,%ebx),%esi
1705 movb %ah, %bl
1706 shrl $16, %edx
1707 xorl 0x300(%ebp,%ecx),%esi
1708 movb %dh, %cl
1709 andl $0xff, %eax
1710 andl $0xff, %edx
1711 xorl 0x600(%ebp,%ebx),%esi
1712 xorl 0x700(%ebp,%ecx),%esi
1713 movl 24(%esp), %ecx
1714 xorl 0x400(%ebp,%eax),%esi
1715 xorl 0x500(%ebp,%edx),%esi
1716
1717
1718 movl 88(%ecx), %eax
1719 xorl %ebx, %ebx
1720 movl 92(%ecx), %edx
1721 xorl %esi, %eax
1722 xorl %ecx, %ecx
1723 xorl %esi, %edx
1724 andl $0xfcfcfcfc, %eax
1725 andl $0xcfcfcfcf, %edx
1726 movb %al, %bl
1727 movb %ah, %cl
1728 rorl $4, %edx
1729 xorl (%ebp,%ebx),%edi
1730 movb %dl, %bl
1731 xorl 0x200(%ebp,%ecx),%edi
1732 movb %dh, %cl
1733 shrl $16, %eax
1734 xorl 0x100(%ebp,%ebx),%edi
1735 movb %ah, %bl
1736 shrl $16, %edx
1737 xorl 0x300(%ebp,%ecx),%edi
1738 movb %dh, %cl
1739 andl $0xff, %eax
1740 andl $0xff, %edx
1741 xorl 0x600(%ebp,%ebx),%edi
1742 xorl 0x700(%ebp,%ecx),%edi
1743 movl 24(%esp), %ecx
1744 xorl 0x400(%ebp,%eax),%edi
1745 xorl 0x500(%ebp,%edx),%edi
1746
1747
1748 movl 80(%ecx), %eax
1749 xorl %ebx, %ebx
1750 movl 84(%ecx), %edx
1751 xorl %edi, %eax
1752 xorl %ecx, %ecx
1753 xorl %edi, %edx
1754 andl $0xfcfcfcfc, %eax
1755 andl $0xcfcfcfcf, %edx
1756 movb %al, %bl
1757 movb %ah, %cl
1758 rorl $4, %edx
1759 xorl (%ebp,%ebx),%esi
1760 movb %dl, %bl
1761 xorl 0x200(%ebp,%ecx),%esi
1762 movb %dh, %cl
1763 shrl $16, %eax
1764 xorl 0x100(%ebp,%ebx),%esi
1765 movb %ah, %bl
1766 shrl $16, %edx
1767 xorl 0x300(%ebp,%ecx),%esi
1768 movb %dh, %cl
1769 andl $0xff, %eax
1770 andl $0xff, %edx
1771 xorl 0x600(%ebp,%ebx),%esi
1772 xorl 0x700(%ebp,%ecx),%esi
1773 movl 24(%esp), %ecx
1774 xorl 0x400(%ebp,%eax),%esi
1775 xorl 0x500(%ebp,%edx),%esi
1776
1777
1778 movl 72(%ecx), %eax
1779 xorl %ebx, %ebx
1780 movl 76(%ecx), %edx
1781 xorl %esi, %eax
1782 xorl %ecx, %ecx
1783 xorl %esi, %edx
1784 andl $0xfcfcfcfc, %eax
1785 andl $0xcfcfcfcf, %edx
1786 movb %al, %bl
1787 movb %ah, %cl
1788 rorl $4, %edx
1789 xorl (%ebp,%ebx),%edi
1790 movb %dl, %bl
1791 xorl 0x200(%ebp,%ecx),%edi
1792 movb %dh, %cl
1793 shrl $16, %eax
1794 xorl 0x100(%ebp,%ebx),%edi
1795 movb %ah, %bl
1796 shrl $16, %edx
1797 xorl 0x300(%ebp,%ecx),%edi
1798 movb %dh, %cl
1799 andl $0xff, %eax
1800 andl $0xff, %edx
1801 xorl 0x600(%ebp,%ebx),%edi
1802 xorl 0x700(%ebp,%ecx),%edi
1803 movl 24(%esp), %ecx
1804 xorl 0x400(%ebp,%eax),%edi
1805 xorl 0x500(%ebp,%edx),%edi
1806
1807
1808 movl 64(%ecx), %eax
1809 xorl %ebx, %ebx
1810 movl 68(%ecx), %edx
1811 xorl %edi, %eax
1812 xorl %ecx, %ecx
1813 xorl %edi, %edx
1814 andl $0xfcfcfcfc, %eax
1815 andl $0xcfcfcfcf, %edx
1816 movb %al, %bl
1817 movb %ah, %cl
1818 rorl $4, %edx
1819 xorl (%ebp,%ebx),%esi
1820 movb %dl, %bl
1821 xorl 0x200(%ebp,%ecx),%esi
1822 movb %dh, %cl
1823 shrl $16, %eax
1824 xorl 0x100(%ebp,%ebx),%esi
1825 movb %ah, %bl
1826 shrl $16, %edx
1827 xorl 0x300(%ebp,%ecx),%esi
1828 movb %dh, %cl
1829 andl $0xff, %eax
1830 andl $0xff, %edx
1831 xorl 0x600(%ebp,%ebx),%esi
1832 xorl 0x700(%ebp,%ecx),%esi
1833 movl 24(%esp), %ecx
1834 xorl 0x400(%ebp,%eax),%esi
1835 xorl 0x500(%ebp,%edx),%esi
1836
1837
1838 movl 56(%ecx), %eax
1839 xorl %ebx, %ebx
1840 movl 60(%ecx), %edx
1841 xorl %esi, %eax
1842 xorl %ecx, %ecx
1843 xorl %esi, %edx
1844 andl $0xfcfcfcfc, %eax
1845 andl $0xcfcfcfcf, %edx
1846 movb %al, %bl
1847 movb %ah, %cl
1848 rorl $4, %edx
1849 xorl (%ebp,%ebx),%edi
1850 movb %dl, %bl
1851 xorl 0x200(%ebp,%ecx),%edi
1852 movb %dh, %cl
1853 shrl $16, %eax
1854 xorl 0x100(%ebp,%ebx),%edi
1855 movb %ah, %bl
1856 shrl $16, %edx
1857 xorl 0x300(%ebp,%ecx),%edi
1858 movb %dh, %cl
1859 andl $0xff, %eax
1860 andl $0xff, %edx
1861 xorl 0x600(%ebp,%ebx),%edi
1862 xorl 0x700(%ebp,%ecx),%edi
1863 movl 24(%esp), %ecx
1864 xorl 0x400(%ebp,%eax),%edi
1865 xorl 0x500(%ebp,%edx),%edi
1866
1867
1868 movl 48(%ecx), %eax
1869 xorl %ebx, %ebx
1870 movl 52(%ecx), %edx
1871 xorl %edi, %eax
1872 xorl %ecx, %ecx
1873 xorl %edi, %edx
1874 andl $0xfcfcfcfc, %eax
1875 andl $0xcfcfcfcf, %edx
1876 movb %al, %bl
1877 movb %ah, %cl
1878 rorl $4, %edx
1879 xorl (%ebp,%ebx),%esi
1880 movb %dl, %bl
1881 xorl 0x200(%ebp,%ecx),%esi
1882 movb %dh, %cl
1883 shrl $16, %eax
1884 xorl 0x100(%ebp,%ebx),%esi
1885 movb %ah, %bl
1886 shrl $16, %edx
1887 xorl 0x300(%ebp,%ecx),%esi
1888 movb %dh, %cl
1889 andl $0xff, %eax
1890 andl $0xff, %edx
1891 xorl 0x600(%ebp,%ebx),%esi
1892 xorl 0x700(%ebp,%ecx),%esi
1893 movl 24(%esp), %ecx
1894 xorl 0x400(%ebp,%eax),%esi
1895 xorl 0x500(%ebp,%edx),%esi
1896
1897
1898 movl 40(%ecx), %eax
1899 xorl %ebx, %ebx
1900 movl 44(%ecx), %edx
1901 xorl %esi, %eax
1902 xorl %ecx, %ecx
1903 xorl %esi, %edx
1904 andl $0xfcfcfcfc, %eax
1905 andl $0xcfcfcfcf, %edx
1906 movb %al, %bl
1907 movb %ah, %cl
1908 rorl $4, %edx
1909 xorl (%ebp,%ebx),%edi
1910 movb %dl, %bl
1911 xorl 0x200(%ebp,%ecx),%edi
1912 movb %dh, %cl
1913 shrl $16, %eax
1914 xorl 0x100(%ebp,%ebx),%edi
1915 movb %ah, %bl
1916 shrl $16, %edx
1917 xorl 0x300(%ebp,%ecx),%edi
1918 movb %dh, %cl
1919 andl $0xff, %eax
1920 andl $0xff, %edx
1921 xorl 0x600(%ebp,%ebx),%edi
1922 xorl 0x700(%ebp,%ecx),%edi
1923 movl 24(%esp), %ecx
1924 xorl 0x400(%ebp,%eax),%edi
1925 xorl 0x500(%ebp,%edx),%edi
1926
1927
1928 movl 32(%ecx), %eax
1929 xorl %ebx, %ebx
1930 movl 36(%ecx), %edx
1931 xorl %edi, %eax
1932 xorl %ecx, %ecx
1933 xorl %edi, %edx
1934 andl $0xfcfcfcfc, %eax
1935 andl $0xcfcfcfcf, %edx
1936 movb %al, %bl
1937 movb %ah, %cl
1938 rorl $4, %edx
1939 xorl (%ebp,%ebx),%esi
1940 movb %dl, %bl
1941 xorl 0x200(%ebp,%ecx),%esi
1942 movb %dh, %cl
1943 shrl $16, %eax
1944 xorl 0x100(%ebp,%ebx),%esi
1945 movb %ah, %bl
1946 shrl $16, %edx
1947 xorl 0x300(%ebp,%ecx),%esi
1948 movb %dh, %cl
1949 andl $0xff, %eax
1950 andl $0xff, %edx
1951 xorl 0x600(%ebp,%ebx),%esi
1952 xorl 0x700(%ebp,%ecx),%esi
1953 movl 24(%esp), %ecx
1954 xorl 0x400(%ebp,%eax),%esi
1955 xorl 0x500(%ebp,%edx),%esi
1956
1957
1958 movl 24(%ecx), %eax
1959 xorl %ebx, %ebx
1960 movl 28(%ecx), %edx
1961 xorl %esi, %eax
1962 xorl %ecx, %ecx
1963 xorl %esi, %edx
1964 andl $0xfcfcfcfc, %eax
1965 andl $0xcfcfcfcf, %edx
1966 movb %al, %bl
1967 movb %ah, %cl
1968 rorl $4, %edx
1969 xorl (%ebp,%ebx),%edi
1970 movb %dl, %bl
1971 xorl 0x200(%ebp,%ecx),%edi
1972 movb %dh, %cl
1973 shrl $16, %eax
1974 xorl 0x100(%ebp,%ebx),%edi
1975 movb %ah, %bl
1976 shrl $16, %edx
1977 xorl 0x300(%ebp,%ecx),%edi
1978 movb %dh, %cl
1979 andl $0xff, %eax
1980 andl $0xff, %edx
1981 xorl 0x600(%ebp,%ebx),%edi
1982 xorl 0x700(%ebp,%ecx),%edi
1983 movl 24(%esp), %ecx
1984 xorl 0x400(%ebp,%eax),%edi
1985 xorl 0x500(%ebp,%edx),%edi
1986
1987
1988 movl 16(%ecx), %eax
1989 xorl %ebx, %ebx
1990 movl 20(%ecx), %edx
1991 xorl %edi, %eax
1992 xorl %ecx, %ecx
1993 xorl %edi, %edx
1994 andl $0xfcfcfcfc, %eax
1995 andl $0xcfcfcfcf, %edx
1996 movb %al, %bl
1997 movb %ah, %cl
1998 rorl $4, %edx
1999 xorl (%ebp,%ebx),%esi
2000 movb %dl, %bl
2001 xorl 0x200(%ebp,%ecx),%esi
2002 movb %dh, %cl
2003 shrl $16, %eax
2004 xorl 0x100(%ebp,%ebx),%esi
2005 movb %ah, %bl
2006 shrl $16, %edx
2007 xorl 0x300(%ebp,%ecx),%esi
2008 movb %dh, %cl
2009 andl $0xff, %eax
2010 andl $0xff, %edx
2011 xorl 0x600(%ebp,%ebx),%esi
2012 xorl 0x700(%ebp,%ecx),%esi
2013 movl 24(%esp), %ecx
2014 xorl 0x400(%ebp,%eax),%esi
2015 xorl 0x500(%ebp,%edx),%esi
2016
2017
2018 movl 8(%ecx), %eax
2019 xorl %ebx, %ebx
2020 movl 12(%ecx), %edx
2021 xorl %esi, %eax
2022 xorl %ecx, %ecx
2023 xorl %esi, %edx
2024 andl $0xfcfcfcfc, %eax
2025 andl $0xcfcfcfcf, %edx
2026 movb %al, %bl
2027 movb %ah, %cl
2028 rorl $4, %edx
2029 xorl (%ebp,%ebx),%edi
2030 movb %dl, %bl
2031 xorl 0x200(%ebp,%ecx),%edi
2032 movb %dh, %cl
2033 shrl $16, %eax
2034 xorl 0x100(%ebp,%ebx),%edi
2035 movb %ah, %bl
2036 shrl $16, %edx
2037 xorl 0x300(%ebp,%ecx),%edi
2038 movb %dh, %cl
2039 andl $0xff, %eax
2040 andl $0xff, %edx
2041 xorl 0x600(%ebp,%ebx),%edi
2042 xorl 0x700(%ebp,%ecx),%edi
2043 movl 24(%esp), %ecx
2044 xorl 0x400(%ebp,%eax),%edi
2045 xorl 0x500(%ebp,%edx),%edi
2046
2047
2048 movl (%ecx), %eax
2049 xorl %ebx, %ebx
2050 movl 4(%ecx), %edx
2051 xorl %edi, %eax
2052 xorl %ecx, %ecx
2053 xorl %edi, %edx
2054 andl $0xfcfcfcfc, %eax
2055 andl $0xcfcfcfcf, %edx
2056 movb %al, %bl
2057 movb %ah, %cl
2058 rorl $4, %edx
2059 xorl (%ebp,%ebx),%esi
2060 movb %dl, %bl
2061 xorl 0x200(%ebp,%ecx),%esi
2062 movb %dh, %cl
2063 shrl $16, %eax
2064 xorl 0x100(%ebp,%ebx),%esi
2065 movb %ah, %bl
2066 shrl $16, %edx
2067 xorl 0x300(%ebp,%ecx),%esi
2068 movb %dh, %cl
2069 andl $0xff, %eax
2070 andl $0xff, %edx
2071 xorl 0x600(%ebp,%ebx),%esi
2072 xorl 0x700(%ebp,%ecx),%esi
2073 movl 24(%esp), %ecx
2074 xorl 0x400(%ebp,%eax),%esi
2075 xorl 0x500(%ebp,%edx),%esi
2076.L005end:
2077
2078
2079 rorl $3, %edi
2080 movl 20(%esp), %eax
2081 rorl $3, %esi
2082 movl %edi, (%eax)
2083 movl %esi, 4(%eax)
2084 popl %ebp
2085 popl %ebx
2086 popl %edi
2087 popl %esi
2088 ret
2089.L_DES_encrypt2_end:
2090 .size DES_encrypt2,.L_DES_encrypt2_end-DES_encrypt2
2091.ident "desasm.pl"
2092.text
2093 .align 16
2094.globl DES_encrypt3
2095 .type DES_encrypt3,@function
2096DES_encrypt3:
2097 pushl %ebx
2098 movl 8(%esp), %ebx
2099 pushl %ebp
2100 pushl %esi
2101 pushl %edi
2102
2103
2104 movl (%ebx), %edi
2105 movl 4(%ebx), %esi
2106 subl $12, %esp
2107
2108
2109 roll $4, %edi
2110 movl %edi, %edx
2111 xorl %esi, %edi
2112 andl $0xf0f0f0f0, %edi
2113 xorl %edi, %edx
2114 xorl %edi, %esi
2115
2116 roll $20, %esi
2117 movl %esi, %edi
2118 xorl %edx, %esi
2119 andl $0xfff0000f, %esi
2120 xorl %esi, %edi
2121 xorl %esi, %edx
2122
2123 roll $14, %edi
2124 movl %edi, %esi
2125 xorl %edx, %edi
2126 andl $0x33333333, %edi
2127 xorl %edi, %esi
2128 xorl %edi, %edx
2129
2130 roll $22, %edx
2131 movl %edx, %edi
2132 xorl %esi, %edx
2133 andl $0x03fc03fc, %edx
2134 xorl %edx, %edi
2135 xorl %edx, %esi
2136
2137 roll $9, %edi
2138 movl %edi, %edx
2139 xorl %esi, %edi
2140 andl $0xaaaaaaaa, %edi
2141 xorl %edi, %edx
2142 xorl %edi, %esi
2143
2144 rorl $3, %edx
2145 rorl $2, %esi
2146 movl %esi, 4(%ebx)
2147 movl 36(%esp), %eax
2148 movl %edx, (%ebx)
2149 movl 40(%esp), %edi
2150 movl 44(%esp), %esi
2151 movl $1, 8(%esp)
2152 movl %eax, 4(%esp)
2153 movl %ebx, (%esp)
2154 call DES_encrypt2
2155 movl $0, 8(%esp)
2156 movl %edi, 4(%esp)
2157 movl %ebx, (%esp)
2158 call DES_encrypt2
2159 movl $1, 8(%esp)
2160 movl %esi, 4(%esp)
2161 movl %ebx, (%esp)
2162 call DES_encrypt2
2163 addl $12, %esp
2164 movl (%ebx), %edi
2165 movl 4(%ebx), %esi
2166
2167
2168 roll $2, %esi
2169 roll $3, %edi
2170 movl %edi, %eax
2171 xorl %esi, %edi
2172 andl $0xaaaaaaaa, %edi
2173 xorl %edi, %eax
2174 xorl %edi, %esi
2175
2176 roll $23, %eax
2177 movl %eax, %edi
2178 xorl %esi, %eax
2179 andl $0x03fc03fc, %eax
2180 xorl %eax, %edi
2181 xorl %eax, %esi
2182
2183 roll $10, %edi
2184 movl %edi, %eax
2185 xorl %esi, %edi
2186 andl $0x33333333, %edi
2187 xorl %edi, %eax
2188 xorl %edi, %esi
2189
2190 roll $18, %esi
2191 movl %esi, %edi
2192 xorl %eax, %esi
2193 andl $0xfff0000f, %esi
2194 xorl %esi, %edi
2195 xorl %esi, %eax
2196
2197 roll $12, %edi
2198 movl %edi, %esi
2199 xorl %eax, %edi
2200 andl $0xf0f0f0f0, %edi
2201 xorl %edi, %esi
2202 xorl %edi, %eax
2203
2204 rorl $4, %eax
2205 movl %eax, (%ebx)
2206 movl %esi, 4(%ebx)
2207 popl %edi
2208 popl %esi
2209 popl %ebp
2210 popl %ebx
2211 ret
2212.L_DES_encrypt3_end:
2213 .size DES_encrypt3,.L_DES_encrypt3_end-DES_encrypt3
2214.ident "desasm.pl"
2215.text
2216 .align 16
2217.globl DES_decrypt3
2218 .type DES_decrypt3,@function
2219DES_decrypt3:
2220 pushl %ebx
2221 movl 8(%esp), %ebx
2222 pushl %ebp
2223 pushl %esi
2224 pushl %edi
2225
2226
2227 movl (%ebx), %edi
2228 movl 4(%ebx), %esi
2229 subl $12, %esp
2230
2231
2232 roll $4, %edi
2233 movl %edi, %edx
2234 xorl %esi, %edi
2235 andl $0xf0f0f0f0, %edi
2236 xorl %edi, %edx
2237 xorl %edi, %esi
2238
2239 roll $20, %esi
2240 movl %esi, %edi
2241 xorl %edx, %esi
2242 andl $0xfff0000f, %esi
2243 xorl %esi, %edi
2244 xorl %esi, %edx
2245
2246 roll $14, %edi
2247 movl %edi, %esi
2248 xorl %edx, %edi
2249 andl $0x33333333, %edi
2250 xorl %edi, %esi
2251 xorl %edi, %edx
2252
2253 roll $22, %edx
2254 movl %edx, %edi
2255 xorl %esi, %edx
2256 andl $0x03fc03fc, %edx
2257 xorl %edx, %edi
2258 xorl %edx, %esi
2259
2260 roll $9, %edi
2261 movl %edi, %edx
2262 xorl %esi, %edi
2263 andl $0xaaaaaaaa, %edi
2264 xorl %edi, %edx
2265 xorl %edi, %esi
2266
2267 rorl $3, %edx
2268 rorl $2, %esi
2269 movl %esi, 4(%ebx)
2270 movl 36(%esp), %esi
2271 movl %edx, (%ebx)
2272 movl 40(%esp), %edi
2273 movl 44(%esp), %eax
2274 movl $0, 8(%esp)
2275 movl %eax, 4(%esp)
2276 movl %ebx, (%esp)
2277 call DES_encrypt2
2278 movl $1, 8(%esp)
2279 movl %edi, 4(%esp)
2280 movl %ebx, (%esp)
2281 call DES_encrypt2
2282 movl $0, 8(%esp)
2283 movl %esi, 4(%esp)
2284 movl %ebx, (%esp)
2285 call DES_encrypt2
2286 addl $12, %esp
2287 movl (%ebx), %edi
2288 movl 4(%ebx), %esi
2289
2290
2291 roll $2, %esi
2292 roll $3, %edi
2293 movl %edi, %eax
2294 xorl %esi, %edi
2295 andl $0xaaaaaaaa, %edi
2296 xorl %edi, %eax
2297 xorl %edi, %esi
2298
2299 roll $23, %eax
2300 movl %eax, %edi
2301 xorl %esi, %eax
2302 andl $0x03fc03fc, %eax
2303 xorl %eax, %edi
2304 xorl %eax, %esi
2305
2306 roll $10, %edi
2307 movl %edi, %eax
2308 xorl %esi, %edi
2309 andl $0x33333333, %edi
2310 xorl %edi, %eax
2311 xorl %edi, %esi
2312
2313 roll $18, %esi
2314 movl %esi, %edi
2315 xorl %eax, %esi
2316 andl $0xfff0000f, %esi
2317 xorl %esi, %edi
2318 xorl %esi, %eax
2319
2320 roll $12, %edi
2321 movl %edi, %esi
2322 xorl %eax, %edi
2323 andl $0xf0f0f0f0, %edi
2324 xorl %edi, %esi
2325 xorl %edi, %eax
2326
2327 rorl $4, %eax
2328 movl %eax, (%ebx)
2329 movl %esi, 4(%ebx)
2330 popl %edi
2331 popl %esi
2332 popl %ebp
2333 popl %ebx
2334 ret
2335.L_DES_decrypt3_end:
2336 .size DES_decrypt3,.L_DES_decrypt3_end-DES_decrypt3
2337.ident "desasm.pl"
2338.text
2339 .align 16
2340.globl DES_ncbc_encrypt
2341 .type DES_ncbc_encrypt,@function
2342DES_ncbc_encrypt:
2343
2344 pushl %ebp
2345 pushl %ebx
2346 pushl %esi
2347 pushl %edi
2348 movl 28(%esp), %ebp
2349
2350 movl 36(%esp), %ebx
2351 movl (%ebx), %esi
2352 movl 4(%ebx), %edi
2353 pushl %edi
2354 pushl %esi
2355 pushl %edi
2356 pushl %esi
2357 movl %esp, %ebx
2358 movl 36(%esp), %esi
2359 movl 40(%esp), %edi
2360
2361 movl 56(%esp), %ecx
2362
2363 pushl %ecx
2364
2365 movl 52(%esp), %eax
2366 pushl %eax
2367 pushl %ebx
2368 cmpl $0, %ecx
2369 jz .L006decrypt
2370 andl $4294967288, %ebp
2371 movl 12(%esp), %eax
2372 movl 16(%esp), %ebx
2373 jz .L007encrypt_finish
2374.L008encrypt_loop:
2375 movl (%esi), %ecx
2376 movl 4(%esi), %edx
2377 xorl %ecx, %eax
2378 xorl %edx, %ebx
2379 movl %eax, 12(%esp)
2380 movl %ebx, 16(%esp)
2381 call DES_encrypt1
2382 movl 12(%esp), %eax
2383 movl 16(%esp), %ebx
2384 movl %eax, (%edi)
2385 movl %ebx, 4(%edi)
2386 addl $8, %esi
2387 addl $8, %edi
2388 subl $8, %ebp
2389 jnz .L008encrypt_loop
2390.L007encrypt_finish:
2391 movl 56(%esp), %ebp
2392 andl $7, %ebp
2393 jz .L009finish
2394 call .L010PIC_point
2395.L010PIC_point:
2396 popl %edx
2397 leal .L011cbc_enc_jmp_table-.L010PIC_point(%edx),%ecx
2398 movl (%ecx,%ebp,4), %ebp
2399 addl %edx, %ebp
2400 xorl %ecx, %ecx
2401 xorl %edx, %edx
2402 jmp *%ebp
2403.L012ej7:
2404 movb 6(%esi), %dh
2405 sall $8, %edx
2406.L013ej6:
2407 movb 5(%esi), %dh
2408.L014ej5:
2409 movb 4(%esi), %dl
2410.L015ej4:
2411 movl (%esi), %ecx
2412 jmp .L016ejend
2413.L017ej3:
2414 movb 2(%esi), %ch
2415 sall $8, %ecx
2416.L018ej2:
2417 movb 1(%esi), %ch
2418.L019ej1:
2419 movb (%esi), %cl
2420.L016ejend:
2421 xorl %ecx, %eax
2422 xorl %edx, %ebx
2423 movl %eax, 12(%esp)
2424 movl %ebx, 16(%esp)
2425 call DES_encrypt1
2426 movl 12(%esp), %eax
2427 movl 16(%esp), %ebx
2428 movl %eax, (%edi)
2429 movl %ebx, 4(%edi)
2430 jmp .L009finish
2431.align 16
2432.L006decrypt:
2433 andl $4294967288, %ebp
2434 movl 20(%esp), %eax
2435 movl 24(%esp), %ebx
2436 jz .L020decrypt_finish
2437.L021decrypt_loop:
2438 movl (%esi), %eax
2439 movl 4(%esi), %ebx
2440 movl %eax, 12(%esp)
2441 movl %ebx, 16(%esp)
2442 call DES_encrypt1
2443 movl 12(%esp), %eax
2444 movl 16(%esp), %ebx
2445 movl 20(%esp), %ecx
2446 movl 24(%esp), %edx
2447 xorl %eax, %ecx
2448 xorl %ebx, %edx
2449 movl (%esi), %eax
2450 movl 4(%esi), %ebx
2451 movl %ecx, (%edi)
2452 movl %edx, 4(%edi)
2453 movl %eax, 20(%esp)
2454 movl %ebx, 24(%esp)
2455 addl $8, %esi
2456 addl $8, %edi
2457 subl $8, %ebp
2458 jnz .L021decrypt_loop
2459.L020decrypt_finish:
2460 movl 56(%esp), %ebp
2461 andl $7, %ebp
2462 jz .L009finish
2463 movl (%esi), %eax
2464 movl 4(%esi), %ebx
2465 movl %eax, 12(%esp)
2466 movl %ebx, 16(%esp)
2467 call DES_encrypt1
2468 movl 12(%esp), %eax
2469 movl 16(%esp), %ebx
2470 movl 20(%esp), %ecx
2471 movl 24(%esp), %edx
2472 xorl %eax, %ecx
2473 xorl %ebx, %edx
2474 movl (%esi), %eax
2475 movl 4(%esi), %ebx
2476.L022dj7:
2477 rorl $16, %edx
2478 movb %dl, 6(%edi)
2479 shrl $16, %edx
2480.L023dj6:
2481 movb %dh, 5(%edi)
2482.L024dj5:
2483 movb %dl, 4(%edi)
2484.L025dj4:
2485 movl %ecx, (%edi)
2486 jmp .L026djend
2487.L027dj3:
2488 rorl $16, %ecx
2489 movb %cl, 2(%edi)
2490 sall $16, %ecx
2491.L028dj2:
2492 movb %ch, 1(%esi)
2493.L029dj1:
2494 movb %cl, (%esi)
2495.L026djend:
2496 jmp .L009finish
2497.align 16
2498.L009finish:
2499 movl 64(%esp), %ecx
2500 addl $28, %esp
2501 movl %eax, (%ecx)
2502 movl %ebx, 4(%ecx)
2503 popl %edi
2504 popl %esi
2505 popl %ebx
2506 popl %ebp
2507 ret
2508.align 16
2509.L011cbc_enc_jmp_table:
2510 .long 0
2511 .long .L019ej1-.L010PIC_point
2512 .long .L018ej2-.L010PIC_point
2513 .long .L017ej3-.L010PIC_point
2514 .long .L015ej4-.L010PIC_point
2515 .long .L014ej5-.L010PIC_point
2516 .long .L013ej6-.L010PIC_point
2517 .long .L012ej7-.L010PIC_point
2518.L_DES_ncbc_encrypt_end:
2519 .size DES_ncbc_encrypt,.L_DES_ncbc_encrypt_end-DES_ncbc_encrypt
2520.ident "desasm.pl"
2521.text
2522 .align 16
2523.globl DES_ede3_cbc_encrypt
2524 .type DES_ede3_cbc_encrypt,@function
2525DES_ede3_cbc_encrypt:
2526
2527 pushl %ebp
2528 pushl %ebx
2529 pushl %esi
2530 pushl %edi
2531 movl 28(%esp), %ebp
2532
2533 movl 44(%esp), %ebx
2534 movl (%ebx), %esi
2535 movl 4(%ebx), %edi
2536 pushl %edi
2537 pushl %esi
2538 pushl %edi
2539 pushl %esi
2540 movl %esp, %ebx
2541 movl 36(%esp), %esi
2542 movl 40(%esp), %edi
2543
2544 movl 64(%esp), %ecx
2545
2546 movl 56(%esp), %eax
2547 pushl %eax
2548
2549 movl 56(%esp), %eax
2550 pushl %eax
2551
2552 movl 56(%esp), %eax
2553 pushl %eax
2554 pushl %ebx
2555 cmpl $0, %ecx
2556 jz .L030decrypt
2557 andl $4294967288, %ebp
2558 movl 16(%esp), %eax
2559 movl 20(%esp), %ebx
2560 jz .L031encrypt_finish
2561.L032encrypt_loop:
2562 movl (%esi), %ecx
2563 movl 4(%esi), %edx
2564 xorl %ecx, %eax
2565 xorl %edx, %ebx
2566 movl %eax, 16(%esp)
2567 movl %ebx, 20(%esp)
2568 call DES_encrypt3
2569 movl 16(%esp), %eax
2570 movl 20(%esp), %ebx
2571 movl %eax, (%edi)
2572 movl %ebx, 4(%edi)
2573 addl $8, %esi
2574 addl $8, %edi
2575 subl $8, %ebp
2576 jnz .L032encrypt_loop
2577.L031encrypt_finish:
2578 movl 60(%esp), %ebp
2579 andl $7, %ebp
2580 jz .L033finish
2581 call .L034PIC_point
2582.L034PIC_point:
2583 popl %edx
2584 leal .L035cbc_enc_jmp_table-.L034PIC_point(%edx),%ecx
2585 movl (%ecx,%ebp,4), %ebp
2586 addl %edx, %ebp
2587 xorl %ecx, %ecx
2588 xorl %edx, %edx
2589 jmp *%ebp
2590.L036ej7:
2591 movb 6(%esi), %dh
2592 sall $8, %edx
2593.L037ej6:
2594 movb 5(%esi), %dh
2595.L038ej5:
2596 movb 4(%esi), %dl
2597.L039ej4:
2598 movl (%esi), %ecx
2599 jmp .L040ejend
2600.L041ej3:
2601 movb 2(%esi), %ch
2602 sall $8, %ecx
2603.L042ej2:
2604 movb 1(%esi), %ch
2605.L043ej1:
2606 movb (%esi), %cl
2607.L040ejend:
2608 xorl %ecx, %eax
2609 xorl %edx, %ebx
2610 movl %eax, 16(%esp)
2611 movl %ebx, 20(%esp)
2612 call DES_encrypt3
2613 movl 16(%esp), %eax
2614 movl 20(%esp), %ebx
2615 movl %eax, (%edi)
2616 movl %ebx, 4(%edi)
2617 jmp .L033finish
2618.align 16
2619.L030decrypt:
2620 andl $4294967288, %ebp
2621 movl 24(%esp), %eax
2622 movl 28(%esp), %ebx
2623 jz .L044decrypt_finish
2624.L045decrypt_loop:
2625 movl (%esi), %eax
2626 movl 4(%esi), %ebx
2627 movl %eax, 16(%esp)
2628 movl %ebx, 20(%esp)
2629 call DES_decrypt3
2630 movl 16(%esp), %eax
2631 movl 20(%esp), %ebx
2632 movl 24(%esp), %ecx
2633 movl 28(%esp), %edx
2634 xorl %eax, %ecx
2635 xorl %ebx, %edx
2636 movl (%esi), %eax
2637 movl 4(%esi), %ebx
2638 movl %ecx, (%edi)
2639 movl %edx, 4(%edi)
2640 movl %eax, 24(%esp)
2641 movl %ebx, 28(%esp)
2642 addl $8, %esi
2643 addl $8, %edi
2644 subl $8, %ebp
2645 jnz .L045decrypt_loop
2646.L044decrypt_finish:
2647 movl 60(%esp), %ebp
2648 andl $7, %ebp
2649 jz .L033finish
2650 movl (%esi), %eax
2651 movl 4(%esi), %ebx
2652 movl %eax, 16(%esp)
2653 movl %ebx, 20(%esp)
2654 call DES_decrypt3
2655 movl 16(%esp), %eax
2656 movl 20(%esp), %ebx
2657 movl 24(%esp), %ecx
2658 movl 28(%esp), %edx
2659 xorl %eax, %ecx
2660 xorl %ebx, %edx
2661 movl (%esi), %eax
2662 movl 4(%esi), %ebx
2663.L046dj7:
2664 rorl $16, %edx
2665 movb %dl, 6(%edi)
2666 shrl $16, %edx
2667.L047dj6:
2668 movb %dh, 5(%edi)
2669.L048dj5:
2670 movb %dl, 4(%edi)
2671.L049dj4:
2672 movl %ecx, (%edi)
2673 jmp .L050djend
2674.L051dj3:
2675 rorl $16, %ecx
2676 movb %cl, 2(%edi)
2677 sall $16, %ecx
2678.L052dj2:
2679 movb %ch, 1(%esi)
2680.L053dj1:
2681 movb %cl, (%esi)
2682.L050djend:
2683 jmp .L033finish
2684.align 16
2685.L033finish:
2686 movl 76(%esp), %ecx
2687 addl $32, %esp
2688 movl %eax, (%ecx)
2689 movl %ebx, 4(%ecx)
2690 popl %edi
2691 popl %esi
2692 popl %ebx
2693 popl %ebp
2694 ret
2695.align 16
2696.L035cbc_enc_jmp_table:
2697 .long 0
2698 .long .L043ej1-.L034PIC_point
2699 .long .L042ej2-.L034PIC_point
2700 .long .L041ej3-.L034PIC_point
2701 .long .L039ej4-.L034PIC_point
2702 .long .L038ej5-.L034PIC_point
2703 .long .L037ej6-.L034PIC_point
2704 .long .L036ej7-.L034PIC_point
2705.L_DES_ede3_cbc_encrypt_end:
2706 .size DES_ede3_cbc_encrypt,.L_DES_ede3_cbc_encrypt_end-DES_ede3_cbc_encrypt
2707.ident "desasm.pl"
diff --git a/src/lib/libssl/src/fips-1.0/des/fips_des_enc.c b/src/lib/libssl/src/fips-1.0/des/fips_des_enc.c
new file mode 100644
index 0000000000..40e25efa58
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/fips_des_enc.c
@@ -0,0 +1,310 @@
1/* crypto/des/des_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "fips_des_locl.h"
60#include <openssl/fips.h>
61
62#ifdef OPENSSL_FIPS
63
64void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
65 {
66 register DES_LONG l,r,t,u;
67#ifdef DES_PTR
68 register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
69#endif
70#ifndef DES_UNROLL
71 register int i;
72#endif
73 register DES_LONG *s;
74
75 if(FIPS_selftest_failed())
76 {
77 data[0]=data[1]=0;
78 return;
79 }
80
81 r=data[0];
82 l=data[1];
83
84 IP(r,l);
85 /* Things have been modified so that the initial rotate is
86 * done outside the loop. This required the
87 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
88 * One perl script later and things have a 5% speed up on a sparc2.
89 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
90 * for pointing this out. */
91 /* clear the top bits on machines with 8byte longs */
92 /* shift left by 2 */
93 r=ROTATE(r,29)&0xffffffffL;
94 l=ROTATE(l,29)&0xffffffffL;
95
96 s=ks->ks->deslong;
97 /* I don't know if it is worth the effort of loop unrolling the
98 * inner loop */
99 if (enc)
100 {
101#ifdef DES_UNROLL
102 D_ENCRYPT(l,r, 0); /* 1 */
103 D_ENCRYPT(r,l, 2); /* 2 */
104 D_ENCRYPT(l,r, 4); /* 3 */
105 D_ENCRYPT(r,l, 6); /* 4 */
106 D_ENCRYPT(l,r, 8); /* 5 */
107 D_ENCRYPT(r,l,10); /* 6 */
108 D_ENCRYPT(l,r,12); /* 7 */
109 D_ENCRYPT(r,l,14); /* 8 */
110 D_ENCRYPT(l,r,16); /* 9 */
111 D_ENCRYPT(r,l,18); /* 10 */
112 D_ENCRYPT(l,r,20); /* 11 */
113 D_ENCRYPT(r,l,22); /* 12 */
114 D_ENCRYPT(l,r,24); /* 13 */
115 D_ENCRYPT(r,l,26); /* 14 */
116 D_ENCRYPT(l,r,28); /* 15 */
117 D_ENCRYPT(r,l,30); /* 16 */
118#else
119 for (i=0; i<32; i+=8)
120 {
121 D_ENCRYPT(l,r,i+0); /* 1 */
122 D_ENCRYPT(r,l,i+2); /* 2 */
123 D_ENCRYPT(l,r,i+4); /* 3 */
124 D_ENCRYPT(r,l,i+6); /* 4 */
125 }
126#endif
127 }
128 else
129 {
130#ifdef DES_UNROLL
131 D_ENCRYPT(l,r,30); /* 16 */
132 D_ENCRYPT(r,l,28); /* 15 */
133 D_ENCRYPT(l,r,26); /* 14 */
134 D_ENCRYPT(r,l,24); /* 13 */
135 D_ENCRYPT(l,r,22); /* 12 */
136 D_ENCRYPT(r,l,20); /* 11 */
137 D_ENCRYPT(l,r,18); /* 10 */
138 D_ENCRYPT(r,l,16); /* 9 */
139 D_ENCRYPT(l,r,14); /* 8 */
140 D_ENCRYPT(r,l,12); /* 7 */
141 D_ENCRYPT(l,r,10); /* 6 */
142 D_ENCRYPT(r,l, 8); /* 5 */
143 D_ENCRYPT(l,r, 6); /* 4 */
144 D_ENCRYPT(r,l, 4); /* 3 */
145 D_ENCRYPT(l,r, 2); /* 2 */
146 D_ENCRYPT(r,l, 0); /* 1 */
147#else
148 for (i=30; i>0; i-=8)
149 {
150 D_ENCRYPT(l,r,i-0); /* 16 */
151 D_ENCRYPT(r,l,i-2); /* 15 */
152 D_ENCRYPT(l,r,i-4); /* 14 */
153 D_ENCRYPT(r,l,i-6); /* 13 */
154 }
155#endif
156 }
157
158 /* rotate and clear the top bits on machines with 8byte longs */
159 l=ROTATE(l,3)&0xffffffffL;
160 r=ROTATE(r,3)&0xffffffffL;
161
162 FP(r,l);
163 data[0]=l;
164 data[1]=r;
165 l=r=t=u=0;
166 }
167
168void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
169 {
170 register DES_LONG l,r,t,u;
171#ifdef DES_PTR
172 register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
173#endif
174#ifndef DES_UNROLL
175 register int i;
176#endif
177 register DES_LONG *s;
178
179 if(FIPS_selftest_failed())
180 {
181 data[0]=data[1]=0;
182 return;
183 }
184
185 r=data[0];
186 l=data[1];
187
188 /* Things have been modified so that the initial rotate is
189 * done outside the loop. This required the
190 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
191 * One perl script later and things have a 5% speed up on a sparc2.
192 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
193 * for pointing this out. */
194 /* clear the top bits on machines with 8byte longs */
195 r=ROTATE(r,29)&0xffffffffL;
196 l=ROTATE(l,29)&0xffffffffL;
197
198 s=ks->ks->deslong;
199 /* I don't know if it is worth the effort of loop unrolling the
200 * inner loop */
201 if (enc)
202 {
203#ifdef DES_UNROLL
204 D_ENCRYPT(l,r, 0); /* 1 */
205 D_ENCRYPT(r,l, 2); /* 2 */
206 D_ENCRYPT(l,r, 4); /* 3 */
207 D_ENCRYPT(r,l, 6); /* 4 */
208 D_ENCRYPT(l,r, 8); /* 5 */
209 D_ENCRYPT(r,l,10); /* 6 */
210 D_ENCRYPT(l,r,12); /* 7 */
211 D_ENCRYPT(r,l,14); /* 8 */
212 D_ENCRYPT(l,r,16); /* 9 */
213 D_ENCRYPT(r,l,18); /* 10 */
214 D_ENCRYPT(l,r,20); /* 11 */
215 D_ENCRYPT(r,l,22); /* 12 */
216 D_ENCRYPT(l,r,24); /* 13 */
217 D_ENCRYPT(r,l,26); /* 14 */
218 D_ENCRYPT(l,r,28); /* 15 */
219 D_ENCRYPT(r,l,30); /* 16 */
220#else
221 for (i=0; i<32; i+=8)
222 {
223 D_ENCRYPT(l,r,i+0); /* 1 */
224 D_ENCRYPT(r,l,i+2); /* 2 */
225 D_ENCRYPT(l,r,i+4); /* 3 */
226 D_ENCRYPT(r,l,i+6); /* 4 */
227 }
228#endif
229 }
230 else
231 {
232#ifdef DES_UNROLL
233 D_ENCRYPT(l,r,30); /* 16 */
234 D_ENCRYPT(r,l,28); /* 15 */
235 D_ENCRYPT(l,r,26); /* 14 */
236 D_ENCRYPT(r,l,24); /* 13 */
237 D_ENCRYPT(l,r,22); /* 12 */
238 D_ENCRYPT(r,l,20); /* 11 */
239 D_ENCRYPT(l,r,18); /* 10 */
240 D_ENCRYPT(r,l,16); /* 9 */
241 D_ENCRYPT(l,r,14); /* 8 */
242 D_ENCRYPT(r,l,12); /* 7 */
243 D_ENCRYPT(l,r,10); /* 6 */
244 D_ENCRYPT(r,l, 8); /* 5 */
245 D_ENCRYPT(l,r, 6); /* 4 */
246 D_ENCRYPT(r,l, 4); /* 3 */
247 D_ENCRYPT(l,r, 2); /* 2 */
248 D_ENCRYPT(r,l, 0); /* 1 */
249#else
250 for (i=30; i>0; i-=8)
251 {
252 D_ENCRYPT(l,r,i-0); /* 16 */
253 D_ENCRYPT(r,l,i-2); /* 15 */
254 D_ENCRYPT(l,r,i-4); /* 14 */
255 D_ENCRYPT(r,l,i-6); /* 13 */
256 }
257#endif
258 }
259 /* rotate and clear the top bits on machines with 8byte longs */
260 data[0]=ROTATE(l,3)&0xffffffffL;
261 data[1]=ROTATE(r,3)&0xffffffffL;
262 l=r=t=u=0;
263 }
264
265void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
266 DES_key_schedule *ks2, DES_key_schedule *ks3)
267 {
268 register DES_LONG l,r;
269
270 l=data[0];
271 r=data[1];
272 IP(l,r);
273 data[0]=l;
274 data[1]=r;
275 DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
276 DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
277 DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
278 l=data[0];
279 r=data[1];
280 FP(r,l);
281 data[0]=l;
282 data[1]=r;
283 }
284
285void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
286 DES_key_schedule *ks2, DES_key_schedule *ks3)
287 {
288 register DES_LONG l,r;
289
290 l=data[0];
291 r=data[1];
292 IP(l,r);
293 data[0]=l;
294 data[1]=r;
295 DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
296 DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
297 DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
298 l=data[0];
299 r=data[1];
300 FP(r,l);
301 data[0]=l;
302 data[1]=r;
303 }
304
305#else /* ndef OPENSSL_FIPS */
306
307static void *dummy=&dummy;
308
309#endif /* ndef OPENSSL_FIPS */
310
diff --git a/src/lib/libssl/src/fips-1.0/des/fips_des_locl.h b/src/lib/libssl/src/fips-1.0/des/fips_des_locl.h
new file mode 100644
index 0000000000..5c466a5561
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/fips_des_locl.h
@@ -0,0 +1,428 @@
1/* crypto/des/des_locl.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DES_LOCL_H
60#define HEADER_DES_LOCL_H
61
62#include "e_os.h"
63
64#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
65#ifndef OPENSSL_SYS_MSDOS
66#define OPENSSL_SYS_MSDOS
67#endif
68#endif
69
70#include <stdio.h>
71#include <stdlib.h>
72
73#ifndef OPENSSL_SYS_MSDOS
74#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
75#ifdef OPENSSL_UNISTD
76# include OPENSSL_UNISTD
77#else
78# include <unistd.h>
79#endif
80#include <math.h>
81#endif
82#endif
83#include <openssl/des.h>
84
85#ifdef OPENSSL_SYS_MSDOS /* Visual C++ 2.1 (Windows NT/95) */
86#include <stdlib.h>
87#include <errno.h>
88#include <time.h>
89#include <io.h>
90#endif
91
92#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
93#include <string.h>
94#endif
95
96#ifdef OPENSSL_BUILD_SHLIBCRYPTO
97# undef OPENSSL_EXTERN
98# define OPENSSL_EXTERN OPENSSL_EXPORT
99#endif
100
101#define ITERATIONS 16
102#define HALF_ITERATIONS 8
103
104/* used in des_read and des_write */
105#define MAXWRITE (1024*16)
106#define BSIZE (MAXWRITE+4)
107
108#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
109 l|=((DES_LONG)(*((c)++)))<< 8L, \
110 l|=((DES_LONG)(*((c)++)))<<16L, \
111 l|=((DES_LONG)(*((c)++)))<<24L)
112
113/* NOTE - c is not incremented as per c2l */
114#define c2ln(c,l1,l2,n) { \
115 c+=n; \
116 l1=l2=0; \
117 switch (n) { \
118 case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
119 case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
120 case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
121 case 5: l2|=((DES_LONG)(*(--(c)))); \
122 case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
123 case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
124 case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
125 case 1: l1|=((DES_LONG)(*(--(c)))); \
126 } \
127 }
128
129#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
130 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
131 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
132 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
133
134/* replacements for htonl and ntohl since I have no idea what to do
135 * when faced with machines with 8 byte longs. */
136#define HDRSIZE 4
137
138#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
139 l|=((DES_LONG)(*((c)++)))<<16L, \
140 l|=((DES_LONG)(*((c)++)))<< 8L, \
141 l|=((DES_LONG)(*((c)++))))
142
143#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
144 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
145 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
146 *((c)++)=(unsigned char)(((l) )&0xff))
147
148/* NOTE - c is not incremented as per l2c */
149#define l2cn(l1,l2,c,n) { \
150 c+=n; \
151 switch (n) { \
152 case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
153 case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
154 case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
155 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
156 case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
157 case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
158 case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
159 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
160 } \
161 }
162
163#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
164#define ROTATE(a,n) (_lrotr(a,n))
165#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
166# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
167# define ROTATE(a,n) ({ register unsigned int ret; \
168 asm ("rorl %1,%0" \
169 : "=r"(ret) \
170 : "I"(n),"0"(a) \
171 : "cc"); \
172 ret; \
173 })
174# endif
175#endif
176#ifndef ROTATE
177#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
178#endif
179
180/* Don't worry about the LOAD_DATA() stuff, that is used by
181 * fcrypt() to add it's little bit to the front */
182
183#ifdef DES_FCRYPT
184
185#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
186 { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
187
188#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
189 t=R^(R>>16L); \
190 u=t&E0; t&=E1; \
191 tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
192 tmp=(t<<16); t^=R^s[S+1]; t^=tmp
193#else
194#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
195#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
196 u=R^s[S ]; \
197 t=R^s[S+1]
198#endif
199
200/* The changes to this macro may help or hinder, depending on the
201 * compiler and the architecture. gcc2 always seems to do well :-).
202 * Inspired by Dana How <how@isl.stanford.edu>
203 * DO NOT use the alternative version on machines with 8 byte longs.
204 * It does not seem to work on the Alpha, even when DES_LONG is 4
205 * bytes, probably an issue of accessing non-word aligned objects :-( */
206#ifdef DES_PTR
207
208/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
209 * is no reason to not xor all the sub items together. This potentially
210 * saves a register since things can be xored directly into L */
211
212#if defined(DES_RISC1) || defined(DES_RISC2)
213#ifdef DES_RISC1
214#define D_ENCRYPT(LL,R,S) { \
215 unsigned int u1,u2,u3; \
216 LOAD_DATA(R,S,u,t,E0,E1,u1); \
217 u2=(int)u>>8L; \
218 u1=(int)u&0xfc; \
219 u2&=0xfc; \
220 t=ROTATE(t,4); \
221 u>>=16L; \
222 LL^= *(const DES_LONG *)(des_SP +u1); \
223 LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
224 u3=(int)(u>>8L); \
225 u1=(int)u&0xfc; \
226 u3&=0xfc; \
227 LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
228 LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
229 u2=(int)t>>8L; \
230 u1=(int)t&0xfc; \
231 u2&=0xfc; \
232 t>>=16L; \
233 LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
234 LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
235 u3=(int)t>>8L; \
236 u1=(int)t&0xfc; \
237 u3&=0xfc; \
238 LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
239 LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
240#endif
241#ifdef DES_RISC2
242#define D_ENCRYPT(LL,R,S) { \
243 unsigned int u1,u2,s1,s2; \
244 LOAD_DATA(R,S,u,t,E0,E1,u1); \
245 u2=(int)u>>8L; \
246 u1=(int)u&0xfc; \
247 u2&=0xfc; \
248 t=ROTATE(t,4); \
249 LL^= *(const DES_LONG *)(des_SP +u1); \
250 LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
251 s1=(int)(u>>16L); \
252 s2=(int)(u>>24L); \
253 s1&=0xfc; \
254 s2&=0xfc; \
255 LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
256 LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
257 u2=(int)t>>8L; \
258 u1=(int)t&0xfc; \
259 u2&=0xfc; \
260 LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
261 LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
262 s1=(int)(t>>16L); \
263 s2=(int)(t>>24L); \
264 s1&=0xfc; \
265 s2&=0xfc; \
266 LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
267 LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
268#endif
269#else
270#define D_ENCRYPT(LL,R,S) { \
271 LOAD_DATA_tmp(R,S,u,t,E0,E1); \
272 t=ROTATE(t,4); \
273 LL^= \
274 *(const DES_LONG *)(des_SP +((u )&0xfc))^ \
275 *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
276 *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
277 *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
278 *(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \
279 *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
280 *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
281 *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
282#endif
283
284#else /* original version */
285
286#if defined(DES_RISC1) || defined(DES_RISC2)
287#ifdef DES_RISC1
288#define D_ENCRYPT(LL,R,S) {\
289 unsigned int u1,u2,u3; \
290 LOAD_DATA(R,S,u,t,E0,E1,u1); \
291 u>>=2L; \
292 t=ROTATE(t,6); \
293 u2=(int)u>>8L; \
294 u1=(int)u&0x3f; \
295 u2&=0x3f; \
296 u>>=16L; \
297 LL^=DES_SPtrans[0][u1]; \
298 LL^=DES_SPtrans[2][u2]; \
299 u3=(int)u>>8L; \
300 u1=(int)u&0x3f; \
301 u3&=0x3f; \
302 LL^=DES_SPtrans[4][u1]; \
303 LL^=DES_SPtrans[6][u3]; \
304 u2=(int)t>>8L; \
305 u1=(int)t&0x3f; \
306 u2&=0x3f; \
307 t>>=16L; \
308 LL^=DES_SPtrans[1][u1]; \
309 LL^=DES_SPtrans[3][u2]; \
310 u3=(int)t>>8L; \
311 u1=(int)t&0x3f; \
312 u3&=0x3f; \
313 LL^=DES_SPtrans[5][u1]; \
314 LL^=DES_SPtrans[7][u3]; }
315#endif
316#ifdef DES_RISC2
317#define D_ENCRYPT(LL,R,S) {\
318 unsigned int u1,u2,s1,s2; \
319 LOAD_DATA(R,S,u,t,E0,E1,u1); \
320 u>>=2L; \
321 t=ROTATE(t,6); \
322 u2=(int)u>>8L; \
323 u1=(int)u&0x3f; \
324 u2&=0x3f; \
325 LL^=DES_SPtrans[0][u1]; \
326 LL^=DES_SPtrans[2][u2]; \
327 s1=(int)u>>16L; \
328 s2=(int)u>>24L; \
329 s1&=0x3f; \
330 s2&=0x3f; \
331 LL^=DES_SPtrans[4][s1]; \
332 LL^=DES_SPtrans[6][s2]; \
333 u2=(int)t>>8L; \
334 u1=(int)t&0x3f; \
335 u2&=0x3f; \
336 LL^=DES_SPtrans[1][u1]; \
337 LL^=DES_SPtrans[3][u2]; \
338 s1=(int)t>>16; \
339 s2=(int)t>>24L; \
340 s1&=0x3f; \
341 s2&=0x3f; \
342 LL^=DES_SPtrans[5][s1]; \
343 LL^=DES_SPtrans[7][s2]; }
344#endif
345
346#else
347
348#define D_ENCRYPT(LL,R,S) {\
349 LOAD_DATA_tmp(R,S,u,t,E0,E1); \
350 t=ROTATE(t,4); \
351 LL^=\
352 DES_SPtrans[0][(u>> 2L)&0x3f]^ \
353 DES_SPtrans[2][(u>>10L)&0x3f]^ \
354 DES_SPtrans[4][(u>>18L)&0x3f]^ \
355 DES_SPtrans[6][(u>>26L)&0x3f]^ \
356 DES_SPtrans[1][(t>> 2L)&0x3f]^ \
357 DES_SPtrans[3][(t>>10L)&0x3f]^ \
358 DES_SPtrans[5][(t>>18L)&0x3f]^ \
359 DES_SPtrans[7][(t>>26L)&0x3f]; }
360#endif
361#endif
362
363 /* IP and FP
364 * The problem is more of a geometric problem that random bit fiddling.
365 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
366 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
367 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
368 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
369
370 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
371 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
372 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
373 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
374
375 The output has been subject to swaps of the form
376 0 1 -> 3 1 but the odd and even bits have been put into
377 2 3 2 0
378 different words. The main trick is to remember that
379 t=((l>>size)^r)&(mask);
380 r^=t;
381 l^=(t<<size);
382 can be used to swap and move bits between words.
383
384 So l = 0 1 2 3 r = 16 17 18 19
385 4 5 6 7 20 21 22 23
386 8 9 10 11 24 25 26 27
387 12 13 14 15 28 29 30 31
388 becomes (for size == 2 and mask == 0x3333)
389 t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
390 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
391 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
392 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
393
394 Thanks for hints from Richard Outerbridge - he told me IP&FP
395 could be done in 15 xor, 10 shifts and 5 ands.
396 When I finally started to think of the problem in 2D
397 I first got ~42 operations without xors. When I remembered
398 how to use xors :-) I got it to its final state.
399 */
400#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
401 (b)^=(t),\
402 (a)^=((t)<<(n)))
403
404#define IP(l,r) \
405 { \
406 register DES_LONG tt; \
407 PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
408 PERM_OP(l,r,tt,16,0x0000ffffL); \
409 PERM_OP(r,l,tt, 2,0x33333333L); \
410 PERM_OP(l,r,tt, 8,0x00ff00ffL); \
411 PERM_OP(r,l,tt, 1,0x55555555L); \
412 }
413
414#define FP(l,r) \
415 { \
416 register DES_LONG tt; \
417 PERM_OP(l,r,tt, 1,0x55555555L); \
418 PERM_OP(r,l,tt, 8,0x00ff00ffL); \
419 PERM_OP(l,r,tt, 2,0x33333333L); \
420 PERM_OP(r,l,tt,16,0x0000ffffL); \
421 PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
422 }
423
424extern const DES_LONG DES_SPtrans[8][64];
425
426void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
427 DES_LONG Eswap0, DES_LONG Eswap1);
428#endif
diff --git a/src/lib/libssl/src/fips-1.0/des/fips_des_selftest.c b/src/lib/libssl/src/fips-1.0/des/fips_des_selftest.c
new file mode 100644
index 0000000000..3e0778eb5e
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/fips_des_selftest.c
@@ -0,0 +1,200 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <string.h>
51#include <openssl/err.h>
52#include <openssl/fips.h>
53#include <openssl/des.h>
54#include <openssl/opensslconf.h>
55
56#ifdef OPENSSL_FIPS
57static struct
58 {
59 DES_cblock key;
60 unsigned char plaintext[8];
61 unsigned char ciphertext[8];
62 } tests[]=
63 {
64 {
65 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
66 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
67 { 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7 }
68 },
69 {
70 { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 },
71 { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
72 { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 },
73 },
74 };
75
76static struct
77 {
78 DES_cblock key1;
79 DES_cblock key2;
80 unsigned char plaintext[8];
81 unsigned char ciphertext[8];
82 } tests2[]=
83 {
84 {
85 { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec },
86 { 0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 },
87 { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef },
88 { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd }
89 },
90 {
91 { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34 },
92 { 0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 },
93 { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e },
94 { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff },
95 }
96 };
97
98static struct
99 {
100 DES_cblock key1;
101 DES_cblock key2;
102 DES_cblock key3;
103 unsigned char plaintext[8];
104 unsigned char ciphertext[8];
105 } tests3[]=
106 {
107 {
108 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
109 { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 },
110 { 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 },
111 { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c},
112 { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b},
113 },
114 {
115 { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE },
116 { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
117 { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 },
118 { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
119 { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 },
120 },
121 };
122
123void FIPS_corrupt_des()
124 {
125 tests[0].plaintext[0]++;
126 }
127
128int FIPS_selftest_des()
129 {
130 int n;
131
132 /* Encrypt/decrypt with DES and compare to known answers */
133 for(n=0 ; n < 2 ; ++n)
134 {
135 DES_key_schedule key;
136 DES_cblock buf;
137
138 DES_set_key(&tests[n].key,&key);
139 DES_ecb_encrypt(&tests[n].plaintext,&buf,&key,1);
140 if(memcmp(buf,tests[n].ciphertext,sizeof buf))
141 {
142 FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
143 return 0;
144 }
145 DES_ecb_encrypt(&tests[n].ciphertext,&buf,&key,0);
146 if(memcmp(buf,tests[n].plaintext,sizeof buf))
147 {
148 FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
149 return 0;
150 }
151 }
152
153 /* Encrypt/decrypt with 2-key 3DES and compare to known answers */
154 for(n=0 ; n < 2 ; ++n)
155 {
156 DES_key_schedule key1, key2;
157 unsigned char buf[8];
158
159 DES_set_key(&tests2[n].key1,&key1);
160 DES_set_key(&tests2[n].key2,&key2);
161 DES_ecb2_encrypt(tests2[n].plaintext,buf,&key1,&key2,1);
162 if(memcmp(buf,tests2[n].ciphertext,sizeof buf))
163 {
164 FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
165 return 0;
166 }
167 DES_ecb2_encrypt(tests2[n].ciphertext,buf,&key1,&key2,0);
168 if(memcmp(buf,tests2[n].plaintext,sizeof buf))
169 {
170 FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
171 return 0;
172 }
173 }
174
175 /* Encrypt/decrypt with 3DES and compare to known answers */
176 for(n=0 ; n < 2 ; ++n)
177 {
178 DES_key_schedule key1, key2, key3;
179 unsigned char buf[8];
180
181 DES_set_key(&tests3[n].key1,&key1);
182 DES_set_key(&tests3[n].key2,&key2);
183 DES_set_key(&tests3[n].key3,&key3);
184 DES_ecb3_encrypt(tests3[n].plaintext,buf,&key1,&key2,&key3,1);
185 if(memcmp(buf,tests3[n].ciphertext,sizeof buf))
186 {
187 FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
188 return 0;
189 }
190 DES_ecb3_encrypt(tests3[n].ciphertext,buf,&key1,&key2,&key3,0);
191 if(memcmp(buf,tests3[n].plaintext,sizeof buf))
192 {
193 FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
194 return 0;
195 }
196 }
197
198 return 1;
199 }
200#endif
diff --git a/src/lib/libssl/src/fips-1.0/des/fips_desmovs.c b/src/lib/libssl/src/fips-1.0/des/fips_desmovs.c
new file mode 100644
index 0000000000..5eb55726e3
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/fips_desmovs.c
@@ -0,0 +1,833 @@
1/* ====================================================================
2 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49/*---------------------------------------------
50 NIST DES Modes of Operation Validation System
51 Test Program
52
53 Based on the AES Validation Suite, which was:
54 Donated to OpenSSL by:
55 V-ONE Corporation
56 20250 Century Blvd, Suite 300
57 Germantown, MD 20874
58 U.S.A.
59 ----------------------------------------------*/
60
61#include <stdio.h>
62#include <stdlib.h>
63#include <string.h>
64#include <errno.h>
65#include <assert.h>
66
67#include <openssl/des.h>
68#include <openssl/evp.h>
69#include <openssl/fips.h>
70#include <openssl/err.h>
71#include "e_os.h"
72
73/*#define AES_BLOCK_SIZE 16*/
74
75#define VERBOSE 0
76
77/*-----------------------------------------------*/
78
79int DESTest(EVP_CIPHER_CTX *ctx,
80 char *amode, int akeysz, unsigned char *aKey,
81 unsigned char *iVec,
82 int dir, /* 0 = decrypt, 1 = encrypt */
83 unsigned char *out, unsigned char *in, int len)
84 {
85 const EVP_CIPHER *cipher = NULL;
86 int kt = 0;
87
88 if (ctx)
89 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
90
91 if (strcasecmp(amode, "CBC") == 0)
92 kt = 1000;
93 else if (strcasecmp(amode, "ECB") == 0)
94 kt = 2000;
95 else if (strcasecmp(amode, "CFB64") == 0)
96 kt = 3000;
97 else if (strncasecmp(amode, "OFB", 3) == 0)
98 kt = 4000;
99 else if(!strcasecmp(amode,"CFB1"))
100 kt=5000;
101 else if(!strcasecmp(amode,"CFB8"))
102 kt=6000;
103 else
104 {
105 printf("Unknown mode: %s\n", amode);
106 EXIT(1);
107 }
108 if (akeysz != 64 && akeysz != 192)
109 {
110 printf("Invalid key size: %d\n", akeysz);
111 EXIT(1);
112 }
113 else
114 {
115 kt += akeysz;
116 switch (kt)
117 {
118 case 1064:
119 cipher=EVP_des_cbc();
120 break;
121 case 1192:
122 cipher=EVP_des_ede3_cbc();
123 break;
124 case 2064:
125 cipher=EVP_des_ecb();
126 break;
127 case 2192:
128 cipher=EVP_des_ede3_ecb();
129 break;
130 case 3064:
131 cipher=EVP_des_cfb64();
132 break;
133 case 3192:
134 cipher=EVP_des_ede3_cfb64();
135 break;
136 case 4064:
137 cipher=EVP_des_ofb();
138 break;
139 case 4192:
140 cipher=EVP_des_ede3_ofb();
141 break;
142 case 5064:
143 cipher=EVP_des_cfb1();
144 break;
145 case 5192:
146 cipher=EVP_des_ede3_cfb1();
147 break;
148 case 6064:
149 cipher=EVP_des_cfb8();
150 break;
151 case 6192:
152 cipher=EVP_des_ede3_cfb8();
153 break;
154 default:
155 printf("Didn't handle mode %d\n",kt);
156 EXIT(1);
157 }
158 if(!EVP_CipherInit(ctx, cipher, aKey, iVec, dir))
159 {
160 ERR_print_errors_fp(stderr);
161 EXIT(1);
162 }
163 EVP_Cipher(ctx, out, in, len);
164 }
165 return 1;
166 }
167
168/*-----------------------------------------------*/
169
170int hex2bin(char *in, int len, unsigned char *out)
171 {
172 int n1, n2;
173 unsigned char ch;
174
175 for (n1 = 0, n2 = 0; n1 < len; )
176 { /* first byte */
177 if ((in[n1] >= '0') && (in[n1] <= '9'))
178 ch = in[n1++] - '0';
179 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
180 ch = in[n1++] - 'A' + 10;
181 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
182 ch = in[n1++] - 'a' + 10;
183 else
184 return -1;
185 if(len == 1)
186 {
187 out[n2++]=ch;
188 break;
189 }
190 out[n2] = ch << 4;
191 /* second byte */
192 if ((in[n1] >= '0') && (in[n1] <= '9'))
193 ch = in[n1++] - '0';
194 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
195 ch = in[n1++] - 'A' + 10;
196 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
197 ch = in[n1++] - 'a' + 10;
198 else
199 return -1;
200 out[n2++] |= ch;
201 }
202 return n2;
203 }
204
205/*-----------------------------------------------*/
206
207int bin2hex(unsigned char *in, int len, char *out)
208 {
209 int n1, n2;
210 unsigned char ch;
211
212 for (n1 = 0, n2 = 0; n1 < len; ++n1)
213 {
214 /* first nibble */
215 ch = in[n1] >> 4;
216 if (ch <= 0x09)
217 out[n2++] = ch + '0';
218 else
219 out[n2++] = ch - 10 + 'a';
220 /* second nibble */
221 ch = in[n1] & 0x0f;
222 if (ch <= 0x09)
223 out[n2++] = ch + '0';
224 else
225 out[n2++] = ch - 10 + 'a';
226 }
227 return n2;
228 }
229
230/* NB: this return the number of _bits_ read */
231int bint2bin(const char *in, int len, unsigned char *out)
232 {
233 int n;
234
235 memset(out,0,len);
236 for(n=0 ; n < len ; ++n)
237 if(in[n] == '1')
238 out[n/8]|=(0x80 >> (n%8));
239 return len;
240 }
241
242int bin2bint(const unsigned char *in,int len,char *out)
243 {
244 int n;
245
246 for(n=0 ; n < len ; ++n)
247 out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0';
248 return n;
249 }
250
251/*-----------------------------------------------*/
252
253void PrintValue(char *tag, unsigned char *val, int len)
254 {
255#if VERBOSE
256 char obuf[2048];
257 int olen;
258 olen = bin2hex(val, len, obuf);
259 printf("%s = %.*s\n", tag, olen, obuf);
260#endif
261 }
262
263void DebugValue(char *tag, unsigned char *val, int len)
264 {
265 char obuf[2048];
266 int olen;
267 olen = bin2hex(val, len, obuf);
268 printf("%s = %.*s\n", tag, olen, obuf);
269 }
270
271void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode)
272 {
273 char obuf[2048];
274 int olen;
275
276 if(bitmode)
277 olen=bin2bint(val,len,obuf);
278 else
279 olen=bin2hex(val,len,obuf);
280
281 fprintf(rfp, "%s = %.*s\n", tag, olen, obuf);
282#if VERBOSE
283 printf("%s = %.*s\n", tag, olen, obuf);
284#endif
285 }
286
287void shiftin(unsigned char *dst,unsigned char *src,int nbits)
288 {
289 int n;
290
291 /* move the bytes... */
292 memmove(dst,dst+nbits/8,3*8-nbits/8);
293 /* append new data */
294 memcpy(dst+3*8-nbits/8,src,(nbits+7)/8);
295 /* left shift the bits */
296 if(nbits%8)
297 for(n=0 ; n < 3*8 ; ++n)
298 dst[n]=(dst[n] << (nbits%8))|(dst[n+1] >> (8-nbits%8));
299 }
300
301/*-----------------------------------------------*/
302char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
303char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"};
304enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64};
305int Sizes[6]={64,64,64,1,8,64};
306
307void do_mct(char *amode,
308 int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec,
309 int dir, unsigned char *text, int len,
310 FILE *rfp)
311 {
312 int i,imode;
313 unsigned char nk[4*8]; /* longest key+8 */
314 unsigned char text0[8];
315
316 for (imode=0 ; imode < 6 ; ++imode)
317 if(!strcmp(amode,t_mode[imode]))
318 break;
319 if (imode == 6)
320 {
321 printf("Unrecognized mode: %s\n", amode);
322 EXIT(1);
323 }
324
325 for(i=0 ; i < 400 ; ++i)
326 {
327 int j;
328 int n;
329 EVP_CIPHER_CTX ctx;
330 int kp=akeysz/64;
331 unsigned char old_iv[8];
332
333 fprintf(rfp,"\nCOUNT = %d\n",i);
334 if(kp == 1)
335 OutputValue("KEY",akey,8,rfp,0);
336 else
337 for(n=0 ; n < kp ; ++n)
338 {
339 fprintf(rfp,"KEY%d",n+1);
340 OutputValue("",akey+n*8,8,rfp,0);
341 }
342
343 if(imode != ECB)
344 OutputValue("IV",ivec,8,rfp,0);
345 OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1);
346
347 /* compensate for endianness */
348 if(imode == CFB1)
349 text[0]<<=7;
350
351 memcpy(text0,text,8);
352
353 for(j=0 ; j < 10000 ; ++j)
354 {
355 unsigned char old_text[8];
356
357 memcpy(old_text,text,8);
358 if(j == 0)
359 {
360 memcpy(old_iv,ivec,8);
361 DESTest(&ctx,amode,akeysz,akey,ivec,dir,text,text,len);
362 }
363 else
364 {
365 memcpy(old_iv,ctx.iv,8);
366 EVP_Cipher(&ctx,text,text,len);
367 }
368 if(j == 9999)
369 {
370 OutputValue(t_tag[dir],text,len,rfp,imode == CFB1);
371 /* memcpy(ivec,text,8); */
372 }
373 /* DebugValue("iv",ctx.iv,8); */
374 /* accumulate material for the next key */
375 shiftin(nk,text,Sizes[imode]);
376 /* DebugValue("nk",nk,24);*/
377 if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64
378 || imode == CBC)) || imode == OFB)
379 memcpy(text,old_iv,8);
380
381 if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64))
382 {
383 /* the test specifies using the output of the raw DES operation
384 which we don't have, so reconstruct it... */
385 for(n=0 ; n < 8 ; ++n)
386 text[n]^=old_text[n];
387 }
388 }
389 for(n=0 ; n < 8 ; ++n)
390 akey[n]^=nk[16+n];
391 for(n=0 ; n < 8 ; ++n)
392 akey[8+n]^=nk[8+n];
393 for(n=0 ; n < 8 ; ++n)
394 akey[16+n]^=nk[n];
395 if(numkeys < 3)
396 memcpy(&akey[2*8],akey,8);
397 if(numkeys < 2)
398 memcpy(&akey[8],akey,8);
399 DES_set_odd_parity((DES_cblock *)akey);
400 DES_set_odd_parity((DES_cblock *)(akey+8));
401 DES_set_odd_parity((DES_cblock *)(akey+16));
402 memcpy(ivec,ctx.iv,8);
403
404 /* pointless exercise - the final text doesn't depend on the
405 initial text in OFB mode, so who cares what it is? (Who
406 designed these tests?) */
407 if(imode == OFB)
408 for(n=0 ; n < 8 ; ++n)
409 text[n]=text0[n]^old_iv[n];
410 }
411 }
412
413int proc_file(char *rqfile)
414 {
415 char afn[256], rfn[256];
416 FILE *afp = NULL, *rfp = NULL;
417 char ibuf[2048];
418 int ilen, len, ret = 0;
419 char amode[8] = "";
420 char atest[100] = "";
421 int akeysz=0;
422 unsigned char iVec[20], aKey[40];
423 int dir = -1, err = 0, step = 0;
424 unsigned char plaintext[2048];
425 unsigned char ciphertext[2048];
426 char *rp;
427 EVP_CIPHER_CTX ctx;
428 int numkeys=1;
429
430 if (!rqfile || !(*rqfile))
431 {
432 printf("No req file\n");
433 return -1;
434 }
435 strcpy(afn, rqfile);
436
437 if ((afp = fopen(afn, "r")) == NULL)
438 {
439 printf("Cannot open file: %s, %s\n",
440 afn, strerror(errno));
441 return -1;
442 }
443 strcpy(rfn,afn);
444 rp=strstr(rfn,"req/");
445 assert(rp);
446 memcpy(rp,"rsp",3);
447 rp = strstr(rfn, ".req");
448 memcpy(rp, ".rsp", 4);
449 if ((rfp = fopen(rfn, "w")) == NULL)
450 {
451 printf("Cannot open file: %s, %s\n",
452 rfn, strerror(errno));
453 fclose(afp);
454 afp = NULL;
455 return -1;
456 }
457 while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
458 {
459 ilen = strlen(ibuf);
460 /* printf("step=%d ibuf=%s",step,ibuf);*/
461 if(step == 3 && !strcmp(amode,"ECB"))
462 {
463 memset(iVec, 0, sizeof(iVec));
464 step = (dir)? 4: 5; /* no ivec for ECB */
465 }
466 switch (step)
467 {
468 case 0: /* read preamble */
469 if (ibuf[0] == '\n')
470 { /* end of preamble */
471 if (*amode == '\0')
472 {
473 printf("Missing Mode\n");
474 err = 1;
475 }
476 else
477 {
478 fputs(ibuf, rfp);
479 ++ step;
480 }
481 }
482 else if (ibuf[0] != '#')
483 {
484 printf("Invalid preamble item: %s\n", ibuf);
485 err = 1;
486 }
487 else
488 { /* process preamble */
489 char *xp, *pp = ibuf+2;
490 int n;
491 if(*amode)
492 { /* insert current time & date */
493 time_t rtim = time(0);
494 fprintf(rfp, "# %s", ctime(&rtim));
495 }
496 else
497 {
498 fputs(ibuf, rfp);
499 if(!strncmp(pp,"INVERSE ",8) || !strncmp(pp,"DES ",4)
500 || !strncmp(pp,"TDES ",5)
501 || !strncmp(pp,"PERMUTATION ",12)
502 || !strncmp(pp,"SUBSTITUTION ",13)
503 || !strncmp(pp,"VARIABLE ",9))
504 {
505 /* get test type */
506 if(!strncmp(pp,"DES ",4))
507 pp+=4;
508 else if(!strncmp(pp,"TDES ",5))
509 pp+=5;
510 xp = strchr(pp, ' ');
511 n = xp-pp;
512 strncpy(atest, pp, n);
513 atest[n] = '\0';
514 /* get mode */
515 xp = strrchr(pp, ' '); /* get mode" */
516 n = strlen(xp+1)-1;
517 strncpy(amode, xp+1, n);
518 amode[n] = '\0';
519 /* amode[3] = '\0'; */
520 printf("Test=%s, Mode=%s\n",atest,amode);
521 }
522 }
523 }
524 break;
525
526 case 1: /* [ENCRYPT] | [DECRYPT] */
527 if(ibuf[0] == '\n')
528 break;
529 if (ibuf[0] == '[')
530 {
531 fputs(ibuf, rfp);
532 ++step;
533 if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
534 dir = 1;
535 else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
536 dir = 0;
537 else
538 {
539 printf("Invalid keyword: %s\n", ibuf);
540 err = 1;
541 }
542 break;
543 }
544 else if (dir == -1)
545 {
546 err = 1;
547 printf("Missing ENCRYPT/DECRYPT keyword\n");
548 break;
549 }
550 else
551 step = 2;
552
553 case 2: /* KEY = xxxx */
554 if(*ibuf == '\n')
555 {
556 fputs(ibuf, rfp);
557 break;
558 }
559 if(!strncasecmp(ibuf,"COUNT = ",8))
560 {
561 fputs(ibuf, rfp);
562 break;
563 }
564 if(!strncasecmp(ibuf,"COUNT=",6))
565 {
566 fputs(ibuf, rfp);
567 break;
568 }
569 if(!strncasecmp(ibuf,"NumKeys = ",10))
570 {
571 numkeys=atoi(ibuf+10);
572 break;
573 }
574
575 fputs(ibuf, rfp);
576 if(!strncasecmp(ibuf,"KEY = ",6))
577 {
578 akeysz=64;
579 len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey);
580 if (len < 0)
581 {
582 printf("Invalid KEY\n");
583 err=1;
584 break;
585 }
586 PrintValue("KEY", aKey, len);
587 ++step;
588 }
589 else if(!strncasecmp(ibuf,"KEYs = ",7))
590 {
591 akeysz=64*3;
592 len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey);
593 if(len != 8)
594 {
595 printf("Invalid KEY\n");
596 err=1;
597 break;
598 }
599 memcpy(aKey+8,aKey,8);
600 memcpy(aKey+16,aKey,8);
601 ibuf[4]='\0';
602 PrintValue("KEYs",aKey,len);
603 ++step;
604 }
605 else if(!strncasecmp(ibuf,"KEY",3))
606 {
607 int n=ibuf[3]-'1';
608
609 akeysz=64*3;
610 len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey+n*8);
611 if(len != 8)
612 {
613 printf("Invalid KEY\n");
614 err=1;
615 break;
616 }
617 ibuf[4]='\0';
618 PrintValue(ibuf,aKey,len);
619 if(n == 2)
620 ++step;
621 }
622 else
623 {
624 printf("Missing KEY\n");
625 err = 1;
626 }
627 break;
628
629 case 3: /* IV = xxxx */
630 fputs(ibuf, rfp);
631 if (strncasecmp(ibuf, "IV = ", 5) != 0)
632 {
633 printf("Missing IV\n");
634 err = 1;
635 }
636 else
637 {
638 len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec);
639 if (len < 0)
640 {
641 printf("Invalid IV\n");
642 err =1;
643 break;
644 }
645 PrintValue("IV", iVec, len);
646 step = (dir)? 4: 5;
647 }
648 break;
649
650 case 4: /* PLAINTEXT = xxxx */
651 fputs(ibuf, rfp);
652 if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0)
653 {
654 printf("Missing PLAINTEXT\n");
655 err = 1;
656 }
657 else
658 {
659 int nn = strlen(ibuf+12);
660 if(!strcmp(amode,"CFB1"))
661 len=bint2bin(ibuf+12,nn-1,plaintext);
662 else
663 len=hex2bin(ibuf+12, nn-1,plaintext);
664 if (len < 0)
665 {
666 printf("Invalid PLAINTEXT: %s", ibuf+12);
667 err =1;
668 break;
669 }
670 if (len >= sizeof(plaintext))
671 {
672 printf("Buffer overflow\n");
673 }
674 PrintValue("PLAINTEXT", (unsigned char*)plaintext, len);
675 if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */
676 {
677 do_mct(amode,akeysz,numkeys,aKey,iVec,dir,plaintext,len,rfp);
678 }
679 else
680 {
681 assert(dir == 1);
682 ret = DESTest(&ctx, amode, akeysz, aKey, iVec,
683 dir, /* 0 = decrypt, 1 = encrypt */
684 ciphertext, plaintext, len);
685 OutputValue("CIPHERTEXT",ciphertext,len,rfp,
686 !strcmp(amode,"CFB1"));
687 }
688 step = 6;
689 }
690 break;
691
692 case 5: /* CIPHERTEXT = xxxx */
693 fputs(ibuf, rfp);
694 if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0)
695 {
696 printf("Missing KEY\n");
697 err = 1;
698 }
699 else
700 {
701 if(!strcmp(amode,"CFB1"))
702 len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext);
703 else
704 len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext);
705 if (len < 0)
706 {
707 printf("Invalid CIPHERTEXT\n");
708 err =1;
709 break;
710 }
711
712 PrintValue("CIPHERTEXT", ciphertext, len);
713 if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */
714 {
715 do_mct(amode, akeysz, numkeys, aKey, iVec,
716 dir, ciphertext, len, rfp);
717 }
718 else
719 {
720 assert(dir == 0);
721 ret = DESTest(&ctx, amode, akeysz, aKey, iVec,
722 dir, /* 0 = decrypt, 1 = encrypt */
723 plaintext, ciphertext, len);
724 OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
725 !strcmp(amode,"CFB1"));
726 }
727 step = 6;
728 }
729 break;
730
731 case 6:
732 if (ibuf[0] != '\n')
733 {
734 err = 1;
735 printf("Missing terminator\n");
736 }
737 else if (strcmp(atest, "MCT") != 0)
738 { /* MCT already added terminating nl */
739 fputs(ibuf, rfp);
740 }
741 step = 1;
742 break;
743 }
744 }
745 if (rfp)
746 fclose(rfp);
747 if (afp)
748 fclose(afp);
749 return err;
750 }
751
752/*--------------------------------------------------
753 Processes either a single file or
754 a set of files whose names are passed in a file.
755 A single file is specified as:
756 aes_test -f xxx.req
757 A set of files is specified as:
758 aes_test -d xxxxx.xxx
759 The default is: -d req.txt
760--------------------------------------------------*/
761int main(int argc, char **argv)
762 {
763 char *rqlist = "req.txt";
764 FILE *fp = NULL;
765 char fn[250] = "", rfn[256] = "";
766 int f_opt = 0, d_opt = 1;
767
768#ifdef OPENSSL_FIPS
769 if(!FIPS_mode_set(1))
770 {
771 ERR_load_crypto_strings();
772 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
773 EXIT(1);
774 }
775#endif
776 ERR_load_crypto_strings();
777 if (argc > 1)
778 {
779 if (strcasecmp(argv[1], "-d") == 0)
780 {
781 d_opt = 1;
782 }
783 else if (strcasecmp(argv[1], "-f") == 0)
784 {
785 f_opt = 1;
786 d_opt = 0;
787 }
788 else
789 {
790 printf("Invalid parameter: %s\n", argv[1]);
791 return 0;
792 }
793 if (argc < 3)
794 {
795 printf("Missing parameter\n");
796 return 0;
797 }
798 if (d_opt)
799 rqlist = argv[2];
800 else
801 strcpy(fn, argv[2]);
802 }
803 if (d_opt)
804 { /* list of files (directory) */
805 if (!(fp = fopen(rqlist, "r")))
806 {
807 printf("Cannot open req list file\n");
808 return -1;
809 }
810 while (fgets(fn, sizeof(fn), fp))
811 {
812 strtok(fn, "\r\n");
813 strcpy(rfn, fn);
814 printf("Processing: %s\n", rfn);
815 if (proc_file(rfn))
816 {
817 printf(">>> Processing failed for: %s <<<\n", rfn);
818 EXIT(1);
819 }
820 }
821 fclose(fp);
822 }
823 else /* single file */
824 {
825 printf("Processing: %s\n", fn);
826 if (proc_file(fn))
827 {
828 printf(">>> Processing failed for: %s <<<\n", fn);
829 }
830 }
831 EXIT(0);
832 return 0;
833 }
diff --git a/src/lib/libssl/src/fips-1.0/des/fips_set_key.c b/src/lib/libssl/src/fips-1.0/des/fips_set_key.c
new file mode 100644
index 0000000000..a508ee5acb
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/des/fips_set_key.c
@@ -0,0 +1,417 @@
1/* crypto/des/set_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* set_key.c v 1.4 eay 24/9/91
60 * 1.4 Speed up by 400% :-)
61 * 1.3 added register declarations.
62 * 1.2 unrolled make_key_sched a bit more
63 * 1.1 added norm_expand_bits
64 * 1.0 First working version
65 */
66#include "fips_des_locl.h"
67#include <openssl/fips.h>
68
69#ifdef OPENSSL_FIPS
70
71OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */
72
73static const unsigned char odd_parity[256]={
74 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
75 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
76 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
77 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
78 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
79 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
80 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
81112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
82128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
83145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
84161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
85176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
86193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
87208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
88224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
89241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
90
91void DES_set_odd_parity(DES_cblock *key)
92 {
93 int i;
94
95 for (i=0; i<DES_KEY_SZ; i++)
96 (*key)[i]=odd_parity[(*key)[i]];
97 }
98
99int DES_check_key_parity(const_DES_cblock *key)
100 {
101 int i;
102
103 for (i=0; i<DES_KEY_SZ; i++)
104 {
105 if ((*key)[i] != odd_parity[(*key)[i]])
106 return(0);
107 }
108 return(1);
109 }
110
111/* Weak and semi week keys as take from
112 * %A D.W. Davies
113 * %A W.L. Price
114 * %T Security for Computer Networks
115 * %I John Wiley & Sons
116 * %D 1984
117 * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
118 * (and actual cblock values).
119 */
120#define NUM_WEAK_KEY 16
121static const DES_cblock weak_keys[NUM_WEAK_KEY]={
122 /* weak keys */
123 {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
124 {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
125 {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
126 {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
127 /* semi-weak keys */
128 {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
129 {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
130 {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
131 {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
132 {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
133 {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
134 {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
135 {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
136 {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
137 {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
138 {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
139 {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
140
141int DES_is_weak_key(const_DES_cblock *key)
142 {
143 int i;
144
145 for (i=0; i<NUM_WEAK_KEY; i++)
146 /* Added == 0 to comparison, I obviously don't run
147 * this section very often :-(, thanks to
148 * engineering@MorningStar.Com for the fix
149 * eay 93/06/29
150 * Another problem, I was comparing only the first 4
151 * bytes, 97/03/18 */
152 if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
153 return(0);
154 }
155
156/* NOW DEFINED IN des_local.h
157 * See ecb_encrypt.c for a pseudo description of these macros.
158 * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
159 * (b)^=(t),\
160 * (a)=((a)^((t)<<(n))))
161 */
162
163#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
164 (a)=(a)^(t)^(t>>(16-(n))))
165
166static const DES_LONG des_skb[8][64]={
167 {
168 /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
169 0x00000000L,0x00000010L,0x20000000L,0x20000010L,
170 0x00010000L,0x00010010L,0x20010000L,0x20010010L,
171 0x00000800L,0x00000810L,0x20000800L,0x20000810L,
172 0x00010800L,0x00010810L,0x20010800L,0x20010810L,
173 0x00000020L,0x00000030L,0x20000020L,0x20000030L,
174 0x00010020L,0x00010030L,0x20010020L,0x20010030L,
175 0x00000820L,0x00000830L,0x20000820L,0x20000830L,
176 0x00010820L,0x00010830L,0x20010820L,0x20010830L,
177 0x00080000L,0x00080010L,0x20080000L,0x20080010L,
178 0x00090000L,0x00090010L,0x20090000L,0x20090010L,
179 0x00080800L,0x00080810L,0x20080800L,0x20080810L,
180 0x00090800L,0x00090810L,0x20090800L,0x20090810L,
181 0x00080020L,0x00080030L,0x20080020L,0x20080030L,
182 0x00090020L,0x00090030L,0x20090020L,0x20090030L,
183 0x00080820L,0x00080830L,0x20080820L,0x20080830L,
184 0x00090820L,0x00090830L,0x20090820L,0x20090830L,
185 },{
186 /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
187 0x00000000L,0x02000000L,0x00002000L,0x02002000L,
188 0x00200000L,0x02200000L,0x00202000L,0x02202000L,
189 0x00000004L,0x02000004L,0x00002004L,0x02002004L,
190 0x00200004L,0x02200004L,0x00202004L,0x02202004L,
191 0x00000400L,0x02000400L,0x00002400L,0x02002400L,
192 0x00200400L,0x02200400L,0x00202400L,0x02202400L,
193 0x00000404L,0x02000404L,0x00002404L,0x02002404L,
194 0x00200404L,0x02200404L,0x00202404L,0x02202404L,
195 0x10000000L,0x12000000L,0x10002000L,0x12002000L,
196 0x10200000L,0x12200000L,0x10202000L,0x12202000L,
197 0x10000004L,0x12000004L,0x10002004L,0x12002004L,
198 0x10200004L,0x12200004L,0x10202004L,0x12202004L,
199 0x10000400L,0x12000400L,0x10002400L,0x12002400L,
200 0x10200400L,0x12200400L,0x10202400L,0x12202400L,
201 0x10000404L,0x12000404L,0x10002404L,0x12002404L,
202 0x10200404L,0x12200404L,0x10202404L,0x12202404L,
203 },{
204 /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
205 0x00000000L,0x00000001L,0x00040000L,0x00040001L,
206 0x01000000L,0x01000001L,0x01040000L,0x01040001L,
207 0x00000002L,0x00000003L,0x00040002L,0x00040003L,
208 0x01000002L,0x01000003L,0x01040002L,0x01040003L,
209 0x00000200L,0x00000201L,0x00040200L,0x00040201L,
210 0x01000200L,0x01000201L,0x01040200L,0x01040201L,
211 0x00000202L,0x00000203L,0x00040202L,0x00040203L,
212 0x01000202L,0x01000203L,0x01040202L,0x01040203L,
213 0x08000000L,0x08000001L,0x08040000L,0x08040001L,
214 0x09000000L,0x09000001L,0x09040000L,0x09040001L,
215 0x08000002L,0x08000003L,0x08040002L,0x08040003L,
216 0x09000002L,0x09000003L,0x09040002L,0x09040003L,
217 0x08000200L,0x08000201L,0x08040200L,0x08040201L,
218 0x09000200L,0x09000201L,0x09040200L,0x09040201L,
219 0x08000202L,0x08000203L,0x08040202L,0x08040203L,
220 0x09000202L,0x09000203L,0x09040202L,0x09040203L,
221 },{
222 /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
223 0x00000000L,0x00100000L,0x00000100L,0x00100100L,
224 0x00000008L,0x00100008L,0x00000108L,0x00100108L,
225 0x00001000L,0x00101000L,0x00001100L,0x00101100L,
226 0x00001008L,0x00101008L,0x00001108L,0x00101108L,
227 0x04000000L,0x04100000L,0x04000100L,0x04100100L,
228 0x04000008L,0x04100008L,0x04000108L,0x04100108L,
229 0x04001000L,0x04101000L,0x04001100L,0x04101100L,
230 0x04001008L,0x04101008L,0x04001108L,0x04101108L,
231 0x00020000L,0x00120000L,0x00020100L,0x00120100L,
232 0x00020008L,0x00120008L,0x00020108L,0x00120108L,
233 0x00021000L,0x00121000L,0x00021100L,0x00121100L,
234 0x00021008L,0x00121008L,0x00021108L,0x00121108L,
235 0x04020000L,0x04120000L,0x04020100L,0x04120100L,
236 0x04020008L,0x04120008L,0x04020108L,0x04120108L,
237 0x04021000L,0x04121000L,0x04021100L,0x04121100L,
238 0x04021008L,0x04121008L,0x04021108L,0x04121108L,
239 },{
240 /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
241 0x00000000L,0x10000000L,0x00010000L,0x10010000L,
242 0x00000004L,0x10000004L,0x00010004L,0x10010004L,
243 0x20000000L,0x30000000L,0x20010000L,0x30010000L,
244 0x20000004L,0x30000004L,0x20010004L,0x30010004L,
245 0x00100000L,0x10100000L,0x00110000L,0x10110000L,
246 0x00100004L,0x10100004L,0x00110004L,0x10110004L,
247 0x20100000L,0x30100000L,0x20110000L,0x30110000L,
248 0x20100004L,0x30100004L,0x20110004L,0x30110004L,
249 0x00001000L,0x10001000L,0x00011000L,0x10011000L,
250 0x00001004L,0x10001004L,0x00011004L,0x10011004L,
251 0x20001000L,0x30001000L,0x20011000L,0x30011000L,
252 0x20001004L,0x30001004L,0x20011004L,0x30011004L,
253 0x00101000L,0x10101000L,0x00111000L,0x10111000L,
254 0x00101004L,0x10101004L,0x00111004L,0x10111004L,
255 0x20101000L,0x30101000L,0x20111000L,0x30111000L,
256 0x20101004L,0x30101004L,0x20111004L,0x30111004L,
257 },{
258 /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
259 0x00000000L,0x08000000L,0x00000008L,0x08000008L,
260 0x00000400L,0x08000400L,0x00000408L,0x08000408L,
261 0x00020000L,0x08020000L,0x00020008L,0x08020008L,
262 0x00020400L,0x08020400L,0x00020408L,0x08020408L,
263 0x00000001L,0x08000001L,0x00000009L,0x08000009L,
264 0x00000401L,0x08000401L,0x00000409L,0x08000409L,
265 0x00020001L,0x08020001L,0x00020009L,0x08020009L,
266 0x00020401L,0x08020401L,0x00020409L,0x08020409L,
267 0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
268 0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
269 0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
270 0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
271 0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
272 0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
273 0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
274 0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
275 },{
276 /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
277 0x00000000L,0x00000100L,0x00080000L,0x00080100L,
278 0x01000000L,0x01000100L,0x01080000L,0x01080100L,
279 0x00000010L,0x00000110L,0x00080010L,0x00080110L,
280 0x01000010L,0x01000110L,0x01080010L,0x01080110L,
281 0x00200000L,0x00200100L,0x00280000L,0x00280100L,
282 0x01200000L,0x01200100L,0x01280000L,0x01280100L,
283 0x00200010L,0x00200110L,0x00280010L,0x00280110L,
284 0x01200010L,0x01200110L,0x01280010L,0x01280110L,
285 0x00000200L,0x00000300L,0x00080200L,0x00080300L,
286 0x01000200L,0x01000300L,0x01080200L,0x01080300L,
287 0x00000210L,0x00000310L,0x00080210L,0x00080310L,
288 0x01000210L,0x01000310L,0x01080210L,0x01080310L,
289 0x00200200L,0x00200300L,0x00280200L,0x00280300L,
290 0x01200200L,0x01200300L,0x01280200L,0x01280300L,
291 0x00200210L,0x00200310L,0x00280210L,0x00280310L,
292 0x01200210L,0x01200310L,0x01280210L,0x01280310L,
293 },{
294 /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
295 0x00000000L,0x04000000L,0x00040000L,0x04040000L,
296 0x00000002L,0x04000002L,0x00040002L,0x04040002L,
297 0x00002000L,0x04002000L,0x00042000L,0x04042000L,
298 0x00002002L,0x04002002L,0x00042002L,0x04042002L,
299 0x00000020L,0x04000020L,0x00040020L,0x04040020L,
300 0x00000022L,0x04000022L,0x00040022L,0x04040022L,
301 0x00002020L,0x04002020L,0x00042020L,0x04042020L,
302 0x00002022L,0x04002022L,0x00042022L,0x04042022L,
303 0x00000800L,0x04000800L,0x00040800L,0x04040800L,
304 0x00000802L,0x04000802L,0x00040802L,0x04040802L,
305 0x00002800L,0x04002800L,0x00042800L,0x04042800L,
306 0x00002802L,0x04002802L,0x00042802L,0x04042802L,
307 0x00000820L,0x04000820L,0x00040820L,0x04040820L,
308 0x00000822L,0x04000822L,0x00040822L,0x04040822L,
309 0x00002820L,0x04002820L,0x00042820L,0x04042820L,
310 0x00002822L,0x04002822L,0x00042822L,0x04042822L,
311 }};
312
313int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
314 {
315 if (FIPS_selftest_failed())
316 return -3;
317 if (DES_check_key)
318 {
319 return DES_set_key_checked(key, schedule);
320 }
321 else
322 {
323 DES_set_key_unchecked(key, schedule);
324 return 0;
325 }
326 }
327
328/* return 0 if key parity is odd (correct),
329 * return -1 if key parity error,
330 * return -2 if illegal weak key.
331 */
332int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
333 {
334 if (!DES_check_key_parity(key))
335 return(-1);
336 if (DES_is_weak_key(key))
337 return(-2);
338 if (FIPS_selftest_failed())
339 return -3;
340
341 DES_set_key_unchecked(key, schedule);
342 return 0;
343 }
344
345void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
346 {
347 static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
348 register DES_LONG c,d,t,s,t2;
349 register const unsigned char *in;
350 register DES_LONG *k;
351 register int i;
352
353#ifdef OPENBSD_DEV_CRYPTO
354 memcpy(schedule->key,key,sizeof schedule->key);
355 schedule->session=NULL;
356#endif
357 k = &schedule->ks->deslong[0];
358 in = &(*key)[0];
359
360 c2l(in,c);
361 c2l(in,d);
362
363 /* do PC1 in 47 simple operations :-)
364 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
365 * for the inspiration. :-) */
366 PERM_OP (d,c,t,4,0x0f0f0f0fL);
367 HPERM_OP(c,t,-2,0xcccc0000L);
368 HPERM_OP(d,t,-2,0xcccc0000L);
369 PERM_OP (d,c,t,1,0x55555555L);
370 PERM_OP (c,d,t,8,0x00ff00ffL);
371 PERM_OP (d,c,t,1,0x55555555L);
372 d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
373 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
374 c&=0x0fffffffL;
375
376 for (i=0; i<ITERATIONS; i++)
377 {
378 if (shifts2[i])
379 { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
380 else
381 { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
382 c&=0x0fffffffL;
383 d&=0x0fffffffL;
384 /* could be a few less shifts but I am to lazy at this
385 * point in time to investigate */
386 s= des_skb[0][ (c )&0x3f ]|
387 des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
388 des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
389 des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
390 ((c>>22L)&0x38)];
391 t= des_skb[4][ (d )&0x3f ]|
392 des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
393 des_skb[6][ (d>>15L)&0x3f ]|
394 des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
395
396 /* table contained 0213 4657 */
397 t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
398 *(k++)=ROTATE(t2,30)&0xffffffffL;
399
400 t2=((s>>16L)|(t&0xffff0000L));
401 *(k++)=ROTATE(t2,26)&0xffffffffL;
402 }
403 }
404
405int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
406 {
407 return(DES_set_key(key,schedule));
408 }
409/*
410#undef des_fixup_key_parity
411void des_fixup_key_parity(des_cblock *key)
412 {
413 des_set_odd_parity(key);
414 }
415*/
416
417#endif /* def OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips-1.0/dh/Makefile b/src/lib/libssl/src/fips-1.0/dh/Makefile
new file mode 100644
index 0000000000..1166ca6e84
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dh/Makefile
@@ -0,0 +1,104 @@
1#
2# OpenSSL/fips-1.0/dh/Makefile
3#
4
5DIR= dh
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST=
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=fips_dh_check.c fips_dh_gen.c fips_dh_key.c
26LIBOBJ=fips_dh_check.o fips_dh_gen.o fips_dh_key.o
27
28SRC= $(LIBSRC)
29
30EXHEADER=
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 @echo $(LIBOBJ) > lib
42
43files:
44 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
45
46links:
47 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
48 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
49 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
50
51install:
52 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
68
69dclean:
70 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
71 mv -f Makefile.new $(MAKEFILE)
72
73clean:
74 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
75
76# DO NOT DELETE THIS LINE -- make depend depends on it.
77
78fips_dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
79fips_dh_check.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
80fips_dh_check.o: ../../include/openssl/e_os2.h
81fips_dh_check.o: ../../include/openssl/opensslconf.h
82fips_dh_check.o: ../../include/openssl/opensslv.h
83fips_dh_check.o: ../../include/openssl/ossl_typ.h
84fips_dh_check.o: ../../include/openssl/safestack.h
85fips_dh_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
86fips_dh_check.o: fips_dh_check.c
87fips_dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
88fips_dh_gen.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
89fips_dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
90fips_dh_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
91fips_dh_gen.o: ../../include/openssl/opensslconf.h
92fips_dh_gen.o: ../../include/openssl/opensslv.h
93fips_dh_gen.o: ../../include/openssl/ossl_typ.h
94fips_dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
95fips_dh_gen.o: ../../include/openssl/symhacks.h fips_dh_gen.c
96fips_dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
97fips_dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
98fips_dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
99fips_dh_key.o: ../../include/openssl/lhash.h
100fips_dh_key.o: ../../include/openssl/opensslconf.h
101fips_dh_key.o: ../../include/openssl/opensslv.h
102fips_dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
103fips_dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
104fips_dh_key.o: ../../include/openssl/symhacks.h fips_dh_key.c
diff --git a/src/lib/libssl/src/fips-1.0/dh/fips_dh_check.c b/src/lib/libssl/src/fips-1.0/dh/fips_dh_check.c
new file mode 100644
index 0000000000..874920b466
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dh/fips_dh_check.c
@@ -0,0 +1,125 @@
1/* crypto/dh/dh_check.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#ifndef OPENSSL_NO_DH
62#include <openssl/dh.h>
63
64#ifdef OPENSSL_FIPS
65
66/* Check that p is a safe prime and
67 * if g is 2, 3 or 5, check that is is a suitable generator
68 * where
69 * for 2, p mod 24 == 11
70 * for 3, p mod 12 == 5
71 * for 5, p mod 10 == 3 or 7
72 * should hold.
73 */
74
75int DH_check(const DH *dh, int *ret)
76 {
77 int ok=0;
78 BN_CTX *ctx=NULL;
79 BN_ULONG l;
80 BIGNUM *q=NULL;
81
82 *ret=0;
83 ctx=BN_CTX_new();
84 if (ctx == NULL) goto err;
85 q=BN_new();
86 if (q == NULL) goto err;
87
88 if (BN_is_word(dh->g,DH_GENERATOR_2))
89 {
90 l=BN_mod_word(dh->p,24);
91 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
92 }
93#if 0
94 else if (BN_is_word(dh->g,DH_GENERATOR_3))
95 {
96 l=BN_mod_word(dh->p,12);
97 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
98 }
99#endif
100 else if (BN_is_word(dh->g,DH_GENERATOR_5))
101 {
102 l=BN_mod_word(dh->p,10);
103 if ((l != 3) && (l != 7))
104 *ret|=DH_NOT_SUITABLE_GENERATOR;
105 }
106 else
107 *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
108
109 if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
110 *ret|=DH_CHECK_P_NOT_PRIME;
111 else
112 {
113 if (!BN_rshift1(q,dh->p)) goto err;
114 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
115 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
116 }
117 ok=1;
118err:
119 if (ctx != NULL) BN_CTX_free(ctx);
120 if (q != NULL) BN_free(q);
121 return(ok);
122 }
123
124#endif
125#endif
diff --git a/src/lib/libssl/src/fips-1.0/dh/fips_dh_gen.c b/src/lib/libssl/src/fips-1.0/dh/fips_dh_gen.c
new file mode 100644
index 0000000000..b569e3912d
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dh/fips_dh_gen.c
@@ -0,0 +1,186 @@
1/* crypto/dh/dh_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/err.h>
62#include <openssl/bn.h>
63#ifndef OPENSSL_NO_DH
64#include <openssl/dh.h>
65#endif
66#include <openssl/fips.h>
67
68#ifndef OPENSSL_NO_DH
69#ifdef OPENSSL_FIPS
70
71/* We generate DH parameters as follows
72 * find a prime q which is prime_len/2 bits long.
73 * p=(2*q)+1 or (p-1)/2 = q
74 * For this case, g is a generator if
75 * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
76 * Since the factors of p-1 are q and 2, we just need to check
77 * g^2 mod p != 1 and g^q mod p != 1.
78 *
79 * Having said all that,
80 * there is another special case method for the generators 2, 3 and 5.
81 * for 2, p mod 24 == 11
82 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
83 * for 5, p mod 10 == 3 or 7
84 *
85 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
86 * special generators and for answering some of my questions.
87 *
88 * I've implemented the second simple method :-).
89 * Since DH should be using a safe prime (both p and q are prime),
90 * this generator function can take a very very long time to run.
91 */
92/* Actually there is no reason to insist that 'generator' be a generator.
93 * It's just as OK (and in some sense better) to use a generator of the
94 * order-q subgroup.
95 */
96
97DH *DH_generate_parameters(int prime_len, int generator,
98 void (*callback)(int,int,void *), void *cb_arg)
99 {
100 BIGNUM *p=NULL,*t1,*t2;
101 DH *ret=NULL;
102 int g,ok= -1;
103 BN_CTX *ctx=NULL;
104
105 if(FIPS_selftest_failed())
106 {
107 FIPSerr(FIPS_F_DH_GENERATE_PARAMETERS,FIPS_R_FIPS_SELFTEST_FAILED);
108 return NULL;
109 }
110
111 ret=DH_new();
112 if (ret == NULL) goto err;
113 ctx=BN_CTX_new();
114 if (ctx == NULL) goto err;
115 BN_CTX_start(ctx);
116 t1 = BN_CTX_get(ctx);
117 t2 = BN_CTX_get(ctx);
118 if (t1 == NULL || t2 == NULL) goto err;
119
120 if (generator <= 1)
121 {
122 DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR);
123 goto err;
124 }
125 if (generator == DH_GENERATOR_2)
126 {
127 if (!BN_set_word(t1,24)) goto err;
128 if (!BN_set_word(t2,11)) goto err;
129 g=2;
130 }
131#if 0 /* does not work for safe primes */
132 else if (generator == DH_GENERATOR_3)
133 {
134 if (!BN_set_word(t1,12)) goto err;
135 if (!BN_set_word(t2,5)) goto err;
136 g=3;
137 }
138#endif
139 else if (generator == DH_GENERATOR_5)
140 {
141 if (!BN_set_word(t1,10)) goto err;
142 if (!BN_set_word(t2,3)) goto err;
143 /* BN_set_word(t3,7); just have to miss
144 * out on these ones :-( */
145 g=5;
146 }
147 else
148 {
149 /* in the general case, don't worry if 'generator' is a
150 * generator or not: since we are using safe primes,
151 * it will generate either an order-q or an order-2q group,
152 * which both is OK */
153 if (!BN_set_word(t1,2)) goto err;
154 if (!BN_set_word(t2,1)) goto err;
155 g=generator;
156 }
157
158 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
159 if (p == NULL) goto err;
160 if (callback != NULL) callback(3,0,cb_arg);
161 ret->p=p;
162 ret->g=BN_new();
163 if (!BN_set_word(ret->g,g)) goto err;
164 ok=1;
165err:
166 if (ok == -1)
167 {
168 DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
169 ok=0;
170 }
171
172 if (ctx != NULL)
173 {
174 BN_CTX_end(ctx);
175 BN_CTX_free(ctx);
176 }
177 if (!ok && (ret != NULL))
178 {
179 DH_free(ret);
180 ret=NULL;
181 }
182 return(ret);
183 }
184
185#endif
186#endif
diff --git a/src/lib/libssl/src/fips-1.0/dh/fips_dh_key.c b/src/lib/libssl/src/fips-1.0/dh/fips_dh_key.c
new file mode 100644
index 0000000000..79c10404d5
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dh/fips_dh_key.c
@@ -0,0 +1,256 @@
1/* crypto/dh/dh_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/err.h>
61#include <openssl/bn.h>
62#ifndef OPENSSL_NO_RAND
63#include <openssl/rand.h>
64#endif
65#ifndef OPENSSL_NO_DH
66#include <openssl/dh.h>
67
68#ifdef OPENSSL_FIPS
69
70static int generate_key(DH *dh);
71static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
72static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
73 const BIGNUM *a, const BIGNUM *p,
74 const BIGNUM *m, BN_CTX *ctx,
75 BN_MONT_CTX *m_ctx);
76static int dh_init(DH *dh);
77static int dh_finish(DH *dh);
78
79int DH_generate_key(DH *dh)
80 {
81 return dh->meth->generate_key(dh);
82 }
83
84int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
85 {
86 return dh->meth->compute_key(key, pub_key, dh);
87 }
88
89static const DH_METHOD dh_ossl = {
90"OpenSSL DH Method",
91generate_key,
92compute_key,
93dh_bn_mod_exp,
94dh_init,
95dh_finish,
960,
97NULL
98};
99
100const DH_METHOD *DH_OpenSSL(void)
101{
102 return &dh_ossl;
103}
104
105static int generate_key(DH *dh)
106 {
107 int ok=0;
108 int generate_new_key=0;
109 unsigned l;
110 BN_CTX *ctx;
111 BN_MONT_CTX *mont=NULL;
112 BIGNUM *pub_key=NULL,*priv_key=NULL;
113
114 ctx = BN_CTX_new();
115 if (ctx == NULL) goto err;
116
117 if (dh->priv_key == NULL)
118 {
119 priv_key=BN_new();
120 if (priv_key == NULL) goto err;
121 generate_new_key=1;
122 }
123 else
124 priv_key=dh->priv_key;
125
126 if (dh->pub_key == NULL)
127 {
128 pub_key=BN_new();
129 if (pub_key == NULL) goto err;
130 }
131 else
132 pub_key=dh->pub_key;
133
134 if (dh->flags & DH_FLAG_CACHE_MONT_P)
135 {
136 mont = BN_MONT_CTX_set_locked(
137 (BN_MONT_CTX **)&dh->method_mont_p,
138 CRYPTO_LOCK_DH, dh->p, ctx);
139 if (!mont)
140 goto err;
141 }
142
143 if (generate_new_key)
144 {
145 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
146 if (!BN_rand(priv_key, l, 0, 0)) goto err;
147 }
148
149 {
150 BIGNUM local_prk;
151 BIGNUM *prk;
152
153 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
154 {
155 BN_init(&local_prk);
156 prk = &local_prk;
157 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
158 }
159 else
160 prk = priv_key;
161
162 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))
163 goto err;
164 }
165
166 dh->pub_key=pub_key;
167 dh->priv_key=priv_key;
168 ok=1;
169err:
170 if (ok != 1)
171 DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
172
173 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
174 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
175 BN_CTX_free(ctx);
176 return(ok);
177 }
178
179static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
180 {
181 BN_CTX *ctx;
182 BN_MONT_CTX *mont=NULL;
183 BIGNUM *tmp;
184 int ret= -1;
185
186 ctx = BN_CTX_new();
187 if (ctx == NULL) goto err;
188 BN_CTX_start(ctx);
189 tmp = BN_CTX_get(ctx);
190
191 if (dh->priv_key == NULL)
192 {
193 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
194 goto err;
195 }
196
197 if (dh->flags & DH_FLAG_CACHE_MONT_P)
198 {
199 mont = BN_MONT_CTX_set_locked(
200 (BN_MONT_CTX **)&dh->method_mont_p,
201 CRYPTO_LOCK_DH, dh->p, ctx);
202 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
203 {
204 /* XXX */
205 BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
206 }
207 if (!mont)
208 goto err;
209 }
210
211 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
212 {
213 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
214 goto err;
215 }
216
217 ret=BN_bn2bin(tmp,key);
218err:
219 BN_CTX_end(ctx);
220 BN_CTX_free(ctx);
221 return(ret);
222 }
223
224static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
225 const BIGNUM *a, const BIGNUM *p,
226 const BIGNUM *m, BN_CTX *ctx,
227 BN_MONT_CTX *m_ctx)
228 {
229 /* If a is only one word long and constant time is false, use the faster
230 * exponenentiation function.
231 */
232 if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
233 {
234 BN_ULONG A = a->d[0];
235 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
236 }
237 else
238 return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
239 }
240
241
242static int dh_init(DH *dh)
243 {
244 dh->flags |= DH_FLAG_CACHE_MONT_P;
245 return(1);
246 }
247
248static int dh_finish(DH *dh)
249 {
250 if(dh->method_mont_p)
251 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
252 return(1);
253 }
254
255#endif
256#endif
diff --git a/src/lib/libssl/src/fips-1.0/dsa/Makefile b/src/lib/libssl/src/fips-1.0/dsa/Makefile
new file mode 100644
index 0000000000..aeb08b5943
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dsa/Makefile
@@ -0,0 +1,147 @@
1#
2# OpenSSL/fips-1.0/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST=fips_dsatest.c fips_dssvs.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c
26LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o
27
28SRC= $(LIBSRC)
29
30EXHEADER=
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 @echo $(LIBOBJ) > lib
42
43files:
44 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
45
46links:
47 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
48 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
49 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
50
51install:
52 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63Q=../testvectors/dsa/req
64A=../testvectors/dsa/rsp
65
66fips_test:
67 -rm -rf $A
68 mkdir $A
69 if [ -f $(Q)/PQGGen.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs pqg < $(Q)/PQGGen.req > $(A)/PQGGen.rsp; fi
70 if [ -f $(Q)/KeyPair.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs keypair < $(Q)/KeyPair.req > $(A)/KeyPair.rsp; fi
71 if [ -f $(Q)/SigGen.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs siggen < $(Q)/SigGen.req > $(A)/SigGen.rsp; fi
72 if [ -f $(Q)/SigVer.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs sigver < $Q/SigVer.req > $A/SigVer.rsp; fi
73
74lint:
75 lint -DLINT $(INCLUDES) $(SRC)>fluff
76
77depend:
78 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
79
80dclean:
81 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
82 mv -f Makefile.new $(MAKEFILE)
83
84clean:
85 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
86# DO NOT DELETE THIS LINE -- make depend depends on it.
87
88fips_dsa_gen.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
89fips_dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
90fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
91fips_dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
92fips_dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
93fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
94fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
95fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/fips_sha.h
96fips_dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
97fips_dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
98fips_dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
99fips_dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
100fips_dsa_gen.o: ../../include/openssl/opensslconf.h
101fips_dsa_gen.o: ../../include/openssl/opensslv.h
102fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
103fips_dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
104fips_dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
105fips_dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
106fips_dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
107fips_dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
108fips_dsa_gen.o: ../../include/openssl/ui_compat.h fips_dsa_gen.c
109fips_dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
110fips_dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
111fips_dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
112fips_dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
113fips_dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/fips.h
114fips_dsa_ossl.o: ../../include/openssl/lhash.h
115fips_dsa_ossl.o: ../../include/openssl/opensslconf.h
116fips_dsa_ossl.o: ../../include/openssl/opensslv.h
117fips_dsa_ossl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
118fips_dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
119fips_dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
120fips_dsa_ossl.o: ../../include/openssl/ui.h fips_dsa_ossl.c
121fips_dsa_selftest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
122fips_dsa_selftest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
123fips_dsa_selftest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
124fips_dsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/fips.h
125fips_dsa_selftest.o: ../../include/openssl/lhash.h
126fips_dsa_selftest.o: ../../include/openssl/opensslconf.h
127fips_dsa_selftest.o: ../../include/openssl/opensslv.h
128fips_dsa_selftest.o: ../../include/openssl/ossl_typ.h
129fips_dsa_selftest.o: ../../include/openssl/safestack.h
130fips_dsa_selftest.o: ../../include/openssl/stack.h
131fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c
132fips_dsatest.o: ../../e_os.h ../../include/openssl/asn1.h
133fips_dsatest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
134fips_dsatest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
135fips_dsatest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
136fips_dsatest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
137fips_dsatest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
138fips_dsatest.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h
139fips_dsatest.o: ../../include/openssl/lhash.h
140fips_dsatest.o: ../../include/openssl/opensslconf.h
141fips_dsatest.o: ../../include/openssl/opensslv.h
142fips_dsatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
143fips_dsatest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
144fips_dsatest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
145fips_dsatest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
146fips_dsatest.o: fips_dsatest.c
147fips_dssvs.o: ../../include/openssl/opensslconf.h fips_dssvs.c
diff --git a/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_gen.c b/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_gen.c
new file mode 100644
index 0000000000..8ed1de0195
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_gen.c
@@ -0,0 +1,374 @@
1/* crypto/dsa/dsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#undef GENUINE_DSA
60
61#ifdef GENUINE_DSA
62/* Parameter generation follows the original release of FIPS PUB 186,
63 * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */
64#define HASH EVP_sha()
65#else
66/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
67 * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in
68 * FIPS PUB 180-1) */
69#define HASH EVP_sha1()
70#endif
71
72#include <stdio.h>
73#include <string.h>
74#include <time.h>
75/*#include "cryptlib.h"*/
76#include <openssl/evp.h>
77#include <openssl/bn.h>
78#ifndef OPENSSL_NO_DSA
79#include <openssl/dsa.h>
80#endif
81#ifndef OPENSSL_NO_RAND
82#include <openssl/rand.h>
83#endif
84#ifndef OPENSSL_NO_SHA
85#include <openssl/fips_sha.h>
86#endif
87#include <openssl/fips.h>
88#include <openssl/err.h>
89
90#ifndef OPENSSL_NO_DSA
91#ifdef OPENSSL_FIPS
92
93static int fips_check_dsa(DSA *dsa)
94 {
95 static const unsigned char str1[]="12345678901234567890";
96 unsigned char sig[256];
97 unsigned int siglen;
98
99 DSA_sign(0, str1, 20, sig, &siglen, dsa);
100 if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1)
101 {
102 FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);
103 return 0;
104 }
105 return 1;
106 }
107
108DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits,
109 unsigned char *seed_in, FIPS_DSA_SIZE_T seed_len,
110 int *counter_ret, unsigned long *h_ret,
111 void (*callback)(int, int, void *),
112 void *cb_arg)
113 {
114 int ok=0;
115 unsigned char seed[SHA_DIGEST_LENGTH];
116 unsigned char md[SHA_DIGEST_LENGTH];
117 unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
118 BIGNUM *r0,*W,*X,*c,*test;
119 BIGNUM *g=NULL,*q=NULL,*p=NULL;
120 BN_MONT_CTX *mont=NULL;
121 int k,n=0,i,b,m=0;
122 int counter=0;
123 int r=0;
124 BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
125 unsigned int h=2;
126 DSA *ret=NULL;
127 unsigned char *seed_out=seed_in;
128
129 if(FIPS_selftest_failed())
130 {
131 FIPSerr(FIPS_F_DSA_GENERATE_PARAMETERS,
132 FIPS_R_FIPS_SELFTEST_FAILED);
133 goto err;
134 }
135
136 if (bits < 512) bits=512;
137 bits=(bits+63)/64*64;
138
139 if (seed_len < 20)
140 seed_in = NULL; /* seed buffer too small -- ignore */
141 if (seed_len > 20)
142 seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
143 * but our internal buffers are restricted to 160 bits*/
144 if ((seed_in != NULL) && (seed_len == 20))
145 memcpy(seed,seed_in,seed_len);
146
147 if ((ctx=BN_CTX_new()) == NULL) goto err;
148 if ((ctx2=BN_CTX_new()) == NULL) goto err;
149 if ((ctx3=BN_CTX_new()) == NULL) goto err;
150 if ((ret=DSA_new()) == NULL) goto err;
151
152 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
153
154 BN_CTX_start(ctx2);
155 r0 = BN_CTX_get(ctx2);
156 g = BN_CTX_get(ctx2);
157 W = BN_CTX_get(ctx2);
158 q = BN_CTX_get(ctx2);
159 X = BN_CTX_get(ctx2);
160 c = BN_CTX_get(ctx2);
161 p = BN_CTX_get(ctx2);
162 test = BN_CTX_get(ctx2);
163
164 BN_lshift(test,BN_value_one(),bits-1);
165
166 for (;;)
167 {
168 for (;;) /* find q */
169 {
170 int seed_is_random;
171
172 /* step 1 */
173 if (callback != NULL) callback(0,m++,cb_arg);
174
175 if (!seed_len)
176 {
177 if(RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH) < 0)
178 goto err;
179 seed_is_random = 1;
180 }
181 else
182 {
183 seed_is_random = 0;
184 seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
185 }
186 memcpy(buf,seed,SHA_DIGEST_LENGTH);
187 memcpy(buf2,seed,SHA_DIGEST_LENGTH);
188 /* precompute "SEED + 1" for step 7: */
189 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
190 {
191 buf[i]++;
192 if (buf[i] != 0) break;
193 }
194
195 /* step 2 */
196 EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
197 EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL);
198 for (i=0; i<SHA_DIGEST_LENGTH; i++)
199 md[i]^=buf2[i];
200
201 /* step 3 */
202 md[0]|=0x80;
203 md[SHA_DIGEST_LENGTH-1]|=0x01;
204 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
205
206 /* step 4 */
207 r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
208 if (r > 0)
209 break;
210 if (r != 0)
211 goto err;
212
213 /* do a callback call */
214 /* step 5 */
215 }
216
217 if (callback != NULL) callback(2,0,cb_arg);
218 if (callback != NULL) callback(3,0,cb_arg);
219
220 /* step 6 */
221 counter=0;
222 /* "offset = 2" */
223
224 n=(bits-1)/160;
225 b=(bits-1)-n*160;
226
227 for (;;)
228 {
229 if (callback != NULL && counter != 0)
230 callback(0,counter,cb_arg);
231
232 /* step 7 */
233 BN_zero(W);
234 /* now 'buf' contains "SEED + offset - 1" */
235 for (k=0; k<=n; k++)
236 {
237 /* obtain "SEED + offset + k" by incrementing: */
238 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
239 {
240 buf[i]++;
241 if (buf[i] != 0) break;
242 }
243
244 EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
245
246 /* step 8 */
247 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
248 goto err;
249 BN_lshift(r0,r0,160*k);
250 BN_add(W,W,r0);
251 }
252
253 /* more of step 8 */
254 BN_mask_bits(W,bits-1);
255 BN_copy(X,W); /* this should be ok */
256 BN_add(X,X,test); /* this should be ok */
257
258 /* step 9 */
259 BN_lshift1(r0,q);
260 BN_mod(c,X,r0,ctx);
261 BN_sub(r0,c,BN_value_one());
262 BN_sub(p,X,r0);
263
264 /* step 10 */
265 if (BN_cmp(p,test) >= 0)
266 {
267 /* step 11 */
268 r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
269 if (r > 0)
270 goto end; /* found it */
271 if (r != 0)
272 goto err;
273 }
274
275 /* step 13 */
276 counter++;
277 /* "offset = offset + n + 1" */
278
279 /* step 14 */
280 if (counter >= 4096) break;
281 }
282 }
283end:
284 if (callback != NULL) callback(2,1,cb_arg);
285
286 /* We now need to generate g */
287 /* Set r0=(p-1)/q */
288 BN_sub(test,p,BN_value_one());
289 BN_div(r0,NULL,test,q,ctx);
290
291 BN_set_word(test,h);
292 BN_MONT_CTX_set(mont,p,ctx);
293
294 for (;;)
295 {
296 /* g=test^r0%p */
297 BN_mod_exp_mont(g,test,r0,p,ctx,mont);
298 if (!BN_is_one(g)) break;
299 BN_add(test,test,BN_value_one());
300 h++;
301 }
302
303 if (callback != NULL) callback(3,1,cb_arg);
304
305 ok=1;
306err:
307 if (!ok)
308 {
309 if (ret != NULL) DSA_free(ret);
310 }
311 else
312 {
313 ret->p=BN_dup(p);
314 ret->q=BN_dup(q);
315 ret->g=BN_dup(g);
316 if(seed_out != NULL) memcpy(seed_out,seed,20);
317 if (counter_ret != NULL) *counter_ret=counter;
318 if (h_ret != NULL) *h_ret=h;
319 }
320 if (ctx != NULL) BN_CTX_free(ctx);
321 if (ctx2 != NULL)
322 {
323 BN_CTX_end(ctx2);
324 BN_CTX_free(ctx2);
325 }
326 if (ctx3 != NULL) BN_CTX_free(ctx3);
327 if (mont != NULL) BN_MONT_CTX_free(mont);
328 return(ok?ret:NULL);
329 }
330
331int DSA_generate_key(DSA *dsa)
332 {
333 int ok=0;
334 BN_CTX *ctx=NULL;
335 BIGNUM *pub_key=NULL,*priv_key=NULL;
336
337 if ((ctx=BN_CTX_new()) == NULL) goto err;
338
339 if (dsa->priv_key == NULL)
340 {
341 if ((priv_key=BN_new()) == NULL) goto err;
342 }
343 else
344 priv_key=dsa->priv_key;
345
346 do
347 if (!BN_rand_range(priv_key,dsa->q)) goto err;
348 while (BN_is_zero(priv_key));
349
350 if (dsa->pub_key == NULL)
351 {
352 if ((pub_key=BN_new()) == NULL) goto err;
353 }
354 else
355 pub_key=dsa->pub_key;
356
357 if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
358
359 dsa->priv_key=priv_key;
360 dsa->pub_key=pub_key;
361
362 if(!fips_check_dsa(dsa))
363 goto err;
364
365 ok=1;
366
367err:
368 if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
369 if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
370 if (ctx != NULL) BN_CTX_free(ctx);
371 return(ok);
372 }
373#endif
374#endif
diff --git a/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_ossl.c b/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_ossl.c
new file mode 100644
index 0000000000..f8f3a39343
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_ossl.c
@@ -0,0 +1,408 @@
1/* crypto/dsa/dsa_ossl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include <openssl/bn.h>
63#include <openssl/dsa.h>
64#include <openssl/rand.h>
65#include <openssl/asn1.h>
66#ifndef OPENSSL_NO_ENGINE
67#include <openssl/engine.h>
68#endif
69#include <openssl/fips.h>
70
71#ifdef OPENSSL_FIPS
72
73static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa);
74static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
75static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig,
76 DSA *dsa);
77static int dsa_init(DSA *dsa);
78static int dsa_finish(DSA *dsa);
79static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
80 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
81 BN_MONT_CTX *in_mont);
82static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
83 const BIGNUM *m, BN_CTX *ctx,
84 BN_MONT_CTX *m_ctx);
85
86static const DSA_METHOD openssl_dsa_meth = {
87"OpenSSL FIPS DSA method",
88dsa_do_sign,
89dsa_sign_setup,
90dsa_do_verify,
91dsa_mod_exp,
92dsa_bn_mod_exp,
93dsa_init,
94dsa_finish,
950,
96NULL
97};
98
99int FIPS_dsa_check(struct dsa_st *dsa)
100 {
101 if(dsa->meth != &openssl_dsa_meth || dsa->meth->dsa_do_sign != dsa_do_sign
102 || dsa->meth->dsa_sign_setup != dsa_sign_setup
103 || dsa->meth->dsa_mod_exp != dsa_mod_exp
104 || dsa->meth->bn_mod_exp != dsa_bn_mod_exp
105 || dsa->meth->init != dsa_init
106 || dsa->meth->finish != dsa_finish)
107 {
108 FIPSerr(FIPS_F_FIPS_DSA_CHECK,FIPS_R_NON_FIPS_METHOD);
109 return 0;
110 }
111 return 1;
112 }
113
114const DSA_METHOD *DSA_OpenSSL(void)
115{
116 return &openssl_dsa_meth;
117}
118
119static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa)
120 {
121 BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
122 BIGNUM m;
123 BIGNUM xr;
124 BN_CTX *ctx=NULL;
125 int i,reason=ERR_R_BN_LIB;
126 DSA_SIG *ret=NULL;
127
128 if(FIPS_selftest_failed())
129 {
130 FIPSerr(FIPS_F_DSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED);
131 return NULL;
132 }
133
134 BN_init(&m);
135 BN_init(&xr);
136
137 if (!dsa->p || !dsa->q || !dsa->g)
138 {
139 reason=DSA_R_MISSING_PARAMETERS;
140 goto err;
141 }
142
143 s=BN_new();
144 if (s == NULL) goto err;
145
146 i=BN_num_bytes(dsa->q); /* should be 20 */
147 if ((dlen > i) || (dlen > 50))
148 {
149 reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
150 goto err;
151 }
152
153 ctx=BN_CTX_new();
154 if (ctx == NULL) goto err;
155
156 if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
157
158 if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
159
160 /* Compute s = inv(k) (m + xr) mod q */
161 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
162 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
163 if (BN_cmp(s,dsa->q) > 0)
164 BN_sub(s,s,dsa->q);
165 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
166
167 ret=DSA_SIG_new();
168 if (ret == NULL) goto err;
169 ret->r = r;
170 ret->s = s;
171
172err:
173 if (!ret)
174 {
175 DSAerr(DSA_F_DSA_DO_SIGN,reason);
176 BN_free(r);
177 BN_free(s);
178 }
179 if (ctx != NULL) BN_CTX_free(ctx);
180 BN_clear_free(&m);
181 BN_clear_free(&xr);
182 if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
183 BN_clear_free(kinv);
184 return(ret);
185 }
186
187static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
188 {
189 BN_CTX *ctx;
190 BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
191 int ret=0;
192
193 if (!dsa->p || !dsa->q || !dsa->g)
194 {
195 DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
196 return 0;
197 }
198
199 BN_init(&k);
200 BN_init(&kq);
201
202 if (ctx_in == NULL)
203 {
204 if ((ctx=BN_CTX_new()) == NULL) goto err;
205 }
206 else
207 ctx=ctx_in;
208
209 if ((r=BN_new()) == NULL) goto err;
210
211 /* Get random k */
212 do
213 if (!BN_rand_range(&k, dsa->q)) goto err;
214 while (BN_is_zero(&k));
215 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
216 {
217 BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
218 }
219
220 if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
221 {
222 if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
223 CRYPTO_LOCK_DSA,
224 dsa->p, ctx))
225 goto err;
226 }
227
228 /* Compute r = (g^k mod p) mod q */
229
230 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
231 {
232 if (!BN_copy(&kq, &k)) goto err;
233
234 /* We do not want timing information to leak the length of k,
235 * so we compute g^k using an equivalent exponent of fixed length.
236 *
237 * (This is a kludge that we need because the BN_mod_exp_mont()
238 * does not let us specify the desired timing behaviour.) */
239
240 if (!BN_add(&kq, &kq, dsa->q)) goto err;
241 if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
242 {
243 if (!BN_add(&kq, &kq, dsa->q)) goto err;
244 }
245
246 K = &kq;
247 }
248 else
249 {
250 K = &k;
251 }
252 if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx,
253 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
254 if (!BN_mod(r,r,dsa->q,ctx)) goto err;
255
256 /* Compute part of 's = inv(k) (m + xr) mod q' */
257 if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
258
259 if (*kinvp != NULL) BN_clear_free(*kinvp);
260 *kinvp=kinv;
261 kinv=NULL;
262 if (*rp != NULL) BN_clear_free(*rp);
263 *rp=r;
264 ret=1;
265err:
266 if (!ret)
267 {
268 DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
269 if (kinv != NULL) BN_clear_free(kinv);
270 if (r != NULL) BN_clear_free(r);
271 }
272 if (ctx_in == NULL) BN_CTX_free(ctx);
273 if (kinv != NULL) BN_clear_free(kinv);
274 BN_clear_free(&k);
275 BN_clear_free(&kq);
276 return(ret);
277 }
278
279static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig,
280 DSA *dsa)
281 {
282 BN_CTX *ctx;
283 BIGNUM u1,u2,t1;
284 BN_MONT_CTX *mont=NULL;
285 int ret = -1;
286
287 if (!dsa->p || !dsa->q || !dsa->g)
288 {
289 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS);
290 return -1;
291 }
292
293 if(FIPS_selftest_failed())
294 {
295 FIPSerr(FIPS_F_DSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
296 return -1;
297 }
298
299 BN_init(&u1);
300 BN_init(&u2);
301 BN_init(&t1);
302
303 if ((ctx=BN_CTX_new()) == NULL) goto err;
304
305 if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
306 {
307 ret = 0;
308 goto err;
309 }
310 if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
311 {
312 ret = 0;
313 goto err;
314 }
315
316 /* Calculate W = inv(S) mod Q
317 * save W in u2 */
318 if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
319
320 /* save M in u1 */
321 if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
322
323 /* u1 = M * w mod q */
324 if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
325
326 /* u2 = r * w mod q */
327 if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
328
329
330 if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
331 {
332 mont = BN_MONT_CTX_set_locked(
333 (BN_MONT_CTX **)&dsa->method_mont_p,
334 CRYPTO_LOCK_DSA, dsa->p, ctx);
335 if (!mont)
336 goto err;
337 }
338
339#if 0
340 {
341 BIGNUM t2;
342
343 BN_init(&t2);
344 /* v = ( g^u1 * y^u2 mod p ) mod q */
345 /* let t1 = g ^ u1 mod p */
346 if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
347 /* let t2 = y ^ u2 mod p */
348 if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
349 /* let u1 = t1 * t2 mod p */
350 if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
351 BN_free(&t2);
352 }
353 /* let u1 = u1 mod q */
354 if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
355#else
356 {
357 if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
358 dsa->p,ctx,mont)) goto err;
359 /* BN_copy(&u1,&t1); */
360 /* let u1 = u1 mod q */
361 if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
362 }
363#endif
364 /* V is now in u1. If the signature is correct, it will be
365 * equal to R. */
366 ret=(BN_ucmp(&u1, sig->r) == 0);
367
368 err:
369 if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
370 if (ctx != NULL) BN_CTX_free(ctx);
371 BN_free(&u1);
372 BN_free(&u2);
373 BN_free(&t1);
374 return(ret);
375 }
376
377static int dsa_init(DSA *dsa)
378{
379 dsa->flags|=DSA_FLAG_CACHE_MONT_P;
380 return(1);
381}
382
383static int dsa_finish(DSA *dsa)
384{
385 if(dsa->method_mont_p)
386 BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
387 return(1);
388}
389
390static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
391 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
392 BN_MONT_CTX *in_mont)
393{
394 return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
395}
396
397static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
398 const BIGNUM *m, BN_CTX *ctx,
399 BN_MONT_CTX *m_ctx)
400{
401 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
402}
403
404#else /* ndef OPENSSL_FIPS */
405
406static void *dummy=&dummy;
407
408#endif /* ndef OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_selftest.c b/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_selftest.c
new file mode 100644
index 0000000000..795fda9587
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dsa/fips_dsa_selftest.c
@@ -0,0 +1,168 @@
1/* crypto/dsa/dsatest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <string.h>
60#include <openssl/crypto.h>
61#include <openssl/dsa.h>
62#include <openssl/fips.h>
63#include <openssl/err.h>
64
65#ifdef OPENSSL_FIPS
66
67/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
68 * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
69static unsigned char seed[20]={
70 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
71 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
72 };
73
74static const unsigned char out_p[]={
75 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
76 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
77 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
78 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
79 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
80 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
81 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
82 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
83 };
84
85static const unsigned char out_q[]={
86 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
87 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
88 0xda,0xce,0x91,0x5f,
89 };
90
91static const unsigned char out_g[]={
92 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
93 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
94 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
95 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
96 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
97 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
98 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
99 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
100 };
101
102static const unsigned char str1[]="12345678901234567890";
103
104void FIPS_corrupt_dsa()
105 {
106 ++seed[0];
107 }
108
109int FIPS_selftest_dsa()
110 {
111 DSA *dsa=NULL;
112 int counter,i,j;
113 unsigned char buf[256];
114 unsigned long h;
115 unsigned char sig[256];
116 unsigned int siglen;
117
118 dsa=DSA_generate_parameters(512,seed,20,&counter,&h,NULL,NULL);
119
120 if(dsa == NULL)
121 {
122 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
123 return 0;
124 }
125 if (counter != 105)
126 {
127 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
128 return 0;
129 }
130 if (h != 2)
131 {
132 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
133 return 0;
134 }
135 i=BN_bn2bin(dsa->q,buf);
136 j=sizeof(out_q);
137 if (i != j || memcmp(buf,out_q,i) != 0)
138 {
139 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
140 return 0;
141 }
142
143 i=BN_bn2bin(dsa->p,buf);
144 j=sizeof(out_p);
145 if (i != j || memcmp(buf,out_p,i) != 0)
146 {
147 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
148 return 0;
149 }
150
151 i=BN_bn2bin(dsa->g,buf);
152 j=sizeof(out_g);
153 if (i != j || memcmp(buf,out_g,i) != 0)
154 {
155 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
156 return 0;
157 }
158 DSA_generate_key(dsa);
159 DSA_sign(0, str1, 20, sig, &siglen, dsa);
160 if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1)
161 {
162 FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
163 return 0;
164 }
165 DSA_free(dsa);
166 return 1;
167 }
168#endif
diff --git a/src/lib/libssl/src/fips-1.0/dsa/fips_dsatest.c b/src/lib/libssl/src/fips-1.0/dsa/fips_dsatest.c
new file mode 100644
index 0000000000..5970b201e9
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dsa/fips_dsatest.c
@@ -0,0 +1,257 @@
1/* crypto/dsa/dsatest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <sys/types.h>
63#include <sys/stat.h>
64
65#include "e_os.h"
66
67#include <openssl/crypto.h>
68#include <openssl/rand.h>
69#include <openssl/bio.h>
70#include <openssl/err.h>
71#ifndef OPENSSL_NO_ENGINE
72#include <openssl/engine.h>
73#endif
74#include <openssl/fips.h>
75#include <openssl/fips_rand.h>
76
77#if defined(OPENSSL_NO_DSA) || !defined(OPENSSL_FIPS)
78int main(int argc, char *argv[])
79{
80 printf("No FIPS DSA support\n");
81 return(0);
82}
83#else
84#include <openssl/dsa.h>
85
86#ifdef OPENSSL_SYS_WIN16
87#define MS_CALLBACK _far _loadds
88#else
89#define MS_CALLBACK
90#endif
91
92static void MS_CALLBACK dsa_cb(int p, int n, void *arg);
93
94/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
95 * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
96static unsigned char seed[20]={
97 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
98 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
99 };
100
101static unsigned char out_p[]={
102 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
103 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
104 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
105 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
106 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
107 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
108 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
109 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
110 };
111
112static unsigned char out_q[]={
113 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
114 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
115 0xda,0xce,0x91,0x5f,
116 };
117
118static unsigned char out_g[]={
119 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
120 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
121 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
122 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
123 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
124 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
125 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
126 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
127 };
128
129static const unsigned char str1[]="12345678901234567890";
130
131static const char rnd_seed[] = "string to make the random number generator think it has entropy";
132static const unsigned char rnd_key1[]="12345678";
133static const unsigned char rnd_key2[]="abcdefgh";
134
135static BIO *bio_err=NULL;
136
137int main(int argc, char **argv)
138 {
139 DSA *dsa=NULL;
140 int counter,ret=0,i,j;
141 unsigned char buf[256];
142 unsigned long h;
143 unsigned char sig[256];
144 unsigned int siglen;
145
146 if (bio_err == NULL)
147 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
148
149#ifdef OPENSSL_FIPS
150 if(!FIPS_mode_set(1))
151 {
152 ERR_print_errors(bio_err);
153 EXIT(1);
154 }
155#endif
156 CRYPTO_malloc_debug_init();
157 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
158 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
159
160 ERR_load_crypto_strings();
161 FIPS_set_prng_key(rnd_key1,rnd_key2);
162 RAND_seed(rnd_seed, sizeof rnd_seed);
163
164 BIO_printf(bio_err,"test generation of DSA parameters\n");
165
166 dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
167
168 BIO_printf(bio_err,"seed\n");
169 for (i=0; i<20; i+=4)
170 {
171 BIO_printf(bio_err,"%02X%02X%02X%02X ",
172 seed[i],seed[i+1],seed[i+2],seed[i+3]);
173 }
174 BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
175
176 if (dsa == NULL) goto end;
177 DSA_print(bio_err,dsa,0);
178 if (counter != 105)
179 {
180 BIO_printf(bio_err,"counter should be 105\n");
181 goto end;
182 }
183 if (h != 2)
184 {
185 BIO_printf(bio_err,"h should be 2\n");
186 goto end;
187 }
188
189 i=BN_bn2bin(dsa->q,buf);
190 j=sizeof(out_q);
191 if ((i != j) || (memcmp(buf,out_q,i) != 0))
192 {
193 BIO_printf(bio_err,"q value is wrong\n");
194 goto end;
195 }
196
197 i=BN_bn2bin(dsa->p,buf);
198 j=sizeof(out_p);
199 if ((i != j) || (memcmp(buf,out_p,i) != 0))
200 {
201 BIO_printf(bio_err,"p value is wrong\n");
202 goto end;
203 }
204
205 i=BN_bn2bin(dsa->g,buf);
206 j=sizeof(out_g);
207 if ((i != j) || (memcmp(buf,out_g,i) != 0))
208 {
209 BIO_printf(bio_err,"g value is wrong\n");
210 goto end;
211 }
212 DSA_generate_key(dsa);
213 DSA_sign(0, str1, 20, sig, &siglen, dsa);
214 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
215 ret=1;
216end:
217 if (!ret)
218 ERR_print_errors(bio_err);
219 if (dsa != NULL) DSA_free(dsa);
220 CRYPTO_cleanup_all_ex_data();
221 ERR_remove_state(0);
222 ERR_free_strings();
223 CRYPTO_mem_leaks(bio_err);
224 if (bio_err != NULL)
225 {
226 BIO_free(bio_err);
227 bio_err = NULL;
228 }
229 EXIT(!ret);
230 return(!ret);
231 }
232
233static int cb_exit(int ec)
234 {
235 EXIT(ec);
236 return(0); /* To keep some compilers quiet */
237 }
238
239static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
240 {
241 char c='*';
242 static int ok=0,num=0;
243
244 if (p == 0) { c='.'; num++; };
245 if (p == 1) c='+';
246 if (p == 2) { c='*'; ok++; }
247 if (p == 3) c='\n';
248 BIO_write(arg,&c,1);
249 (void)BIO_flush(arg);
250
251 if (!ok && (p == 0) && (num > 1))
252 {
253 BIO_printf((BIO *)arg,"error in dsatest\n");
254 cb_exit(1);
255 }
256 }
257#endif
diff --git a/src/lib/libssl/src/fips-1.0/dsa/fips_dssvs.c b/src/lib/libssl/src/fips-1.0/dsa/fips_dssvs.c
new file mode 100644
index 0000000000..560d635981
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/dsa/fips_dssvs.c
@@ -0,0 +1,319 @@
1#include <openssl/opensslconf.h>
2
3#ifndef OPENSSL_FIPS
4#include <stdio.h>
5
6int main()
7{
8 printf("No FIPS DSA support\n");
9 return(0);
10}
11#else
12
13#include <openssl/bn.h>
14#include <openssl/dsa.h>
15#include <openssl/fips.h>
16#include <openssl/err.h>
17#include <openssl/fips_sha.h>
18#include <string.h>
19
20int hex2bin(const char *in, unsigned char *out)
21 {
22 int n1, n2;
23 unsigned char ch;
24
25 for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
26 { /* first byte */
27 if ((in[n1] >= '0') && (in[n1] <= '9'))
28 ch = in[n1++] - '0';
29 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
30 ch = in[n1++] - 'A' + 10;
31 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
32 ch = in[n1++] - 'a' + 10;
33 else
34 return -1;
35 if(!in[n1])
36 {
37 out[n2++]=ch;
38 break;
39 }
40 out[n2] = ch << 4;
41 /* second byte */
42 if ((in[n1] >= '0') && (in[n1] <= '9'))
43 ch = in[n1++] - '0';
44 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
45 ch = in[n1++] - 'A' + 10;
46 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
47 ch = in[n1++] - 'a' + 10;
48 else
49 return -1;
50 out[n2++] |= ch;
51 }
52 return n2;
53 }
54
55BIGNUM *hex2bn(const char *in)
56 {
57 BIGNUM *p=BN_new();
58
59 BN_hex2bn(&p,in);
60
61 return p;
62 }
63
64int bin2hex(const unsigned char *in,int len,char *out)
65 {
66 int n1, n2;
67 unsigned char ch;
68
69 for (n1=0,n2=0 ; n1 < len ; ++n1)
70 {
71 ch=in[n1] >> 4;
72 if (ch <= 0x09)
73 out[n2++]=ch+'0';
74 else
75 out[n2++]=ch-10+'a';
76 ch=in[n1] & 0x0f;
77 if(ch <= 0x09)
78 out[n2++]=ch+'0';
79 else
80 out[n2++]=ch-10+'a';
81 }
82 out[n2]='\0';
83 return n2;
84 }
85
86void pv(const char *tag,const unsigned char *val,int len)
87 {
88 char obuf[2048];
89
90 bin2hex(val,len,obuf);
91 printf("%s = %s\n",tag,obuf);
92 }
93
94void pbn(const char *tag,const BIGNUM *val)
95 {
96 printf("%s = %s\n",tag,BN_bn2hex(val));
97 }
98
99void primes()
100 {
101 char buf[10240];
102
103 while(fgets(buf,sizeof buf,stdin) != NULL)
104 {
105 fputs(buf,stdout);
106 if(!strncmp(buf,"Prime= ",7))
107 {
108 BIGNUM *pp;
109
110 pp=BN_new();
111 BN_hex2bn(&pp,buf+7);
112 printf("result= %c\n",
113 BN_is_prime(pp,20,NULL,NULL,NULL) ? 'P' : 'F');
114 }
115 }
116 }
117
118void pqg()
119 {
120 char buf[1024];
121 int nmod=0;
122
123 while(fgets(buf,sizeof buf,stdin) != NULL)
124 {
125 if(!strncmp(buf,"[mod = ",7))
126 nmod=atoi(buf+7);
127 else if(!strncmp(buf,"N = ",4))
128 {
129 int n=atoi(buf+4);
130
131 printf("[mod = %d]\n\n",nmod);
132
133 while(n--)
134 {
135 unsigned char seed[20];
136 DSA *dsa;
137 int counter;
138 unsigned long h;
139
140 dsa=DSA_generate_parameters(nmod,seed,0,&counter,&h,NULL,NULL);
141 printf("P = %s\n",BN_bn2hex(dsa->p));
142 printf("Q = %s\n",BN_bn2hex(dsa->q));
143 printf("G = %s\n",BN_bn2hex(dsa->g));
144 pv("Seed",seed,20);
145 printf("c = %d\n",counter);
146 printf("H = %lx\n",h);
147 putc('\n',stdout);
148 }
149 }
150 else
151 fputs(buf,stdout);
152 }
153 }
154
155void keypair()
156 {
157 char buf[1024];
158 int nmod=0;
159
160 while(fgets(buf,sizeof buf,stdin) != NULL)
161 {
162 if(!strncmp(buf,"[mod = ",7))
163 nmod=atoi(buf+7);
164 else if(!strncmp(buf,"N = ",4))
165 {
166 DSA *dsa;
167 int n=atoi(buf+4);
168
169 printf("[mod = %d]\n\n",nmod);
170
171 dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);
172 pbn("P",dsa->p);
173 pbn("Q",dsa->q);
174 pbn("G",dsa->g);
175 putc('\n',stdout);
176
177 while(n--)
178 {
179 DSA_generate_key(dsa);
180
181 pbn("X",dsa->priv_key);
182 pbn("Y",dsa->pub_key);
183 putc('\n',stdout);
184 }
185 }
186 }
187 }
188
189void siggen()
190 {
191 char buf[1024];
192 int nmod=0;
193 DSA *dsa=NULL;
194
195 while(fgets(buf,sizeof buf,stdin) != NULL)
196 {
197 if(!strncmp(buf,"[mod = ",7))
198 {
199 nmod=atoi(buf+7);
200 printf("[mod = %d]\n\n",nmod);
201
202 dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);
203 pbn("P",dsa->p);
204 pbn("Q",dsa->q);
205 pbn("G",dsa->g);
206 putc('\n',stdout);
207 }
208 else if(!strncmp(buf,"Msg = ",6))
209 {
210 unsigned char msg[1024];
211 unsigned char hash[20];
212 int n;
213 DSA_SIG *sig;
214
215 n=hex2bin(buf+6,msg);
216 pv("Msg",msg,n);
217
218 DSA_generate_key(dsa);
219 pbn("Y",dsa->pub_key);
220
221 SHA1(msg,n,hash);
222 sig=DSA_do_sign(hash,sizeof hash,dsa);
223 pbn("R",sig->r);
224 pbn("S",sig->s);
225 putc('\n',stdout);
226 }
227 }
228 }
229
230void sigver()
231 {
232 DSA *dsa=NULL;
233 char buf[1024];
234 int nmod=0;
235 unsigned char hash[20];
236 DSA_SIG *sig=DSA_SIG_new();
237
238 while(fgets(buf,sizeof buf,stdin) != NULL)
239 {
240 if(!strncmp(buf,"[mod = ",7))
241 {
242 nmod=atoi(buf+7);
243 if(dsa)
244 DSA_free(dsa);
245 dsa=DSA_new();
246 }
247 else if(!strncmp(buf,"P = ",4))
248 dsa->p=hex2bn(buf+4);
249 else if(!strncmp(buf,"Q = ",4))
250 dsa->q=hex2bn(buf+4);
251 else if(!strncmp(buf,"G = ",4))
252 {
253 dsa->g=hex2bn(buf+4);
254
255 printf("[mod = %d]\n\n",nmod);
256 pbn("P",dsa->p);
257 pbn("Q",dsa->q);
258 pbn("G",dsa->g);
259 putc('\n',stdout);
260 }
261 else if(!strncmp(buf,"Msg = ",6))
262 {
263 unsigned char msg[1024];
264 int n;
265
266 n=hex2bin(buf+6,msg);
267 pv("Msg",msg,n);
268 SHA1(msg,n,hash);
269 }
270 else if(!strncmp(buf,"Y = ",4))
271 dsa->pub_key=hex2bn(buf+4);
272 else if(!strncmp(buf,"R = ",4))
273 sig->r=hex2bn(buf+4);
274 else if(!strncmp(buf,"S = ",4))
275 {
276 sig->s=hex2bn(buf+4);
277
278 pbn("Y",dsa->pub_key);
279 pbn("R",sig->r);
280 pbn("S",sig->s);
281 printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa)
282 ? 'P' : 'F');
283 putc('\n',stdout);
284 }
285 }
286 }
287
288int main(int argc,char **argv)
289 {
290 if(argc != 2)
291 {
292 fprintf(stderr,"%s [prime|pqg]\n",argv[0]);
293 exit(1);
294 }
295 if(!FIPS_mode_set(1))
296 {
297 ERR_load_crypto_strings();
298 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
299 exit(1);
300 }
301 if(!strcmp(argv[1],"prime"))
302 primes();
303 else if(!strcmp(argv[1],"pqg"))
304 pqg();
305 else if(!strcmp(argv[1],"keypair"))
306 keypair();
307 else if(!strcmp(argv[1],"siggen"))
308 siggen();
309 else if(!strcmp(argv[1],"sigver"))
310 sigver();
311 else
312 {
313 fprintf(stderr,"Don't know how to %s.\n",argv[1]);
314 exit(1);
315 }
316
317 return 0;
318 }
319#endif
diff --git a/src/lib/libssl/src/fips-1.0/fips-lib.com b/src/lib/libssl/src/fips-1.0/fips-lib.com
new file mode 100644
index 0000000000..539117b2ed
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips-lib.com
@@ -0,0 +1,1196 @@
1$!
2$! FIPS-LIB.COM
3$! Written By: Robert Byer
4$! Vice-President
5$! A-Com Computing, Inc.
6$! byer@mail.all-net.net
7$!
8$! Changes by Richard Levitte <richard@levitte.org>
9$!
10$! This command files compiles and creates the FIPS parts of the
11$! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library for OpenSSL. The "xxx"
12$! denotes the machine architecture of AXP or VAX.
13$!
14$! It was re-written so it would try to determine what "C" compiler to use
15$! or you can specify which "C" compiler to use.
16$!
17$! Specify the following as P1 to build just that part or ALL to just
18$! build everything.
19$!
20$! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
21$! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE
22$! ALL To do both LIBRARY and APPS
23$!
24$! Specify DEBUG or NODEBUG as P2 to compile with or without debugger
25$! information.
26$!
27$! Specify which compiler at P3 to try to compile under.
28$!
29$! VAXC For VAX C.
30$! DECC For DEC C.
31$! GNUC For GNU C.
32$!
33$! If you don't speficy a compiler, it will try to determine which
34$! "C" compiler to use.
35$!
36$! P4, if defined, sets a TCP/IP library to use, through one of the following
37$! keywords:
38$!
39$! UCX for UCX
40$! TCPIP for TCPIP (post UCX)
41$! SOCKETSHR for SOCKETSHR+NETLIB
42$!
43$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
44$!
45$! P6, if defined, sets a choice of crypto methods to compile.
46$! WARNING: this should only be done to recompile some part of an already
47$! fully compiled library.
48$!
49$!
50$! Define A TCP/IP Library That We Will Need To Link To.
51$! (That Is, If We Need To Link To One.)
52$!
53$ TCPIP_LIB = ""
54$!
55$! Check Which Architecture We Are Using.
56$!
57$ IF (F$GETSYI("CPU").GE.128)
58$ THEN
59$!
60$! The Architecture Is AXP
61$!
62$ ARCH := AXP
63$!
64$! Else...
65$!
66$ ELSE
67$!
68$! The Architecture Is VAX.
69$!
70$ ARCH := VAX
71$!
72$! End The Architecture Check.
73$!
74$ ENDIF
75$!
76$! Define The Different Encryption Types.
77$!
78$ ENCRYPT_TYPES = "Basic,SHA,RAND,DES,AES,DSA,RSA,DH,HMAC"
79$!
80$! Check To Make Sure We Have Valid Command Line Parameters.
81$!
82$ GOSUB CHECK_OPTIONS
83$!
84$! Initialise logical names and such
85$!
86$ GOSUB INITIALISE
87$!
88$! Tell The User What Kind of Machine We Run On.
89$!
90$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
91$!
92$! Define The OBJ Directory.
93$!
94$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO]
95$!
96$! Check To See If The Architecture Specific OBJ Directory Exists.
97$!
98$ IF (F$PARSE(OBJ_DIR).EQS."")
99$ THEN
100$!
101$! It Dosen't Exist, So Create It.
102$!
103$ CREATE/DIR 'OBJ_DIR'
104$!
105$! End The Architecture Specific OBJ Directory Check.
106$!
107$ ENDIF
108$!
109$! Define The EXE Directory.
110$!
111$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]
112$!
113$! Check To See If The Architecture Specific Directory Exists.
114$!
115$ IF (F$PARSE(EXE_DIR).EQS."")
116$ THEN
117$!
118$! It Dosen't Exist, So Create It.
119$!
120$ CREATE/DIRECTORY 'EXE_DIR'
121$!
122$! End The Architecture Specific Directory Check.
123$!
124$ ENDIF
125$!
126$! Define The Library Name.
127$!
128$ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB
129$!
130$! Define The CRYPTO-LIB We Are To Use.
131$!
132$ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB
133$!
134$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library...
135$!
136$ IF (F$SEARCH(LIB_NAME).EQS."")
137$ THEN
138$!
139$! Guess Not, Create The Library.
140$!
141$ LIBRARY/CREATE/OBJECT 'LIB_NAME'
142$!
143$! End The Library Check.
144$!
145$ ENDIF
146$!
147$! Build our options file for the application
148$!
149$ GOSUB CHECK_OPT_FILE
150$!
151$! Define The Different Encryption "library" Strings.
152$!
153$ LIB_ = "fips,fips_err_wrapper"
154$ LIB_SHA = "fips_sha1dgst,fips_sha1_selftest,fips_sha256,fips_sha512"
155$ LIB_RAND = "fips_rand,fips_rand_selftest"
156$ LIB_DES = "fips_des_enc,fips_des_selftest,fips_set_key"
157$ LIB_AES = "fips_aes_core,fips_aes_selftest"
158$ LIB_DSA = "fips_dsa_ossl,fips_dsa_gen,fips_dsa_selftest"
159$ LIB_RSA = "fips_rsa_eay,fips_rsa_gen,fips_rsa_selftest,fips_rsa_x931g"
160$ LIB_DH = "fips_dh_check,fips_dh_gen,fips_dh_key"
161$ LIB_HMAC = "fips_hmac,fips_hmac_selftest"
162$!
163$! Setup exceptional compilations
164$!
165$ ! Add definitions for no threads on OpenVMS 7.1 and higher
166$ COMPILEWITH_CC3 = ",bss_rtcp,"
167$ ! Disable the DOLLARID warning
168$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,"
169$ ! Disable disjoint optimization
170$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
171 "sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
172$ ! Disable the MIXLINKAGE warning
173$ COMPILEWITH_CC6 = ",fips_set_key,"
174$!
175$! Figure Out What Other Modules We Are To Build.
176$!
177$ BUILD_SET:
178$!
179$! Define A Module Counter.
180$!
181$ MODULE_COUNTER = 0
182$!
183$! Top Of The Loop.
184$!
185$ MODULE_NEXT:
186$!
187$! Extract The Module Name From The Encryption List.
188$!
189$ MODULE_NAME = F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES)
190$ IF MODULE_NAME.EQS."Basic" THEN MODULE_NAME = ""
191$ MODULE_NAME1 = MODULE_NAME
192$!
193$! Check To See If We Are At The End Of The Module List.
194$!
195$ IF (MODULE_NAME.EQS.",")
196$ THEN
197$!
198$! We Are At The End Of The Module List, Go To MODULE_DONE.
199$!
200$ GOTO MODULE_DONE
201$!
202$! End The Module List Check.
203$!
204$ ENDIF
205$!
206$! Increment The Moudle Counter.
207$!
208$ MODULE_COUNTER = MODULE_COUNTER + 1
209$!
210$! Create The Library and Apps Module Names.
211$!
212$ LIB_MODULE = "LIB_" + MODULE_NAME
213$ APPS_MODULE = "APPS_" + MODULE_NAME
214$ IF (MODULE_NAME.EQS."ASN1_2")
215$ THEN
216$ MODULE_NAME = "ASN1"
217$ ENDIF
218$ IF (MODULE_NAME.EQS."EVP_2")
219$ THEN
220$ MODULE_NAME = "EVP"
221$ ENDIF
222$!
223$! Set state (can be LIB and APPS)
224$!
225$ STATE = "LIB"
226$ IF BUILDALL .EQS. "APPS" THEN STATE = "APPS"
227$!
228$! Check if the library module name actually is defined
229$!
230$ IF F$TYPE('LIB_MODULE') .EQS. ""
231$ THEN
232$ WRITE SYS$ERROR ""
233$ WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist. Continuing..."
234$ WRITE SYS$ERROR ""
235$ GOTO MODULE_NEXT
236$ ENDIF
237$!
238$! Top Of The Module Loop.
239$!
240$ MODULE_AGAIN:
241$!
242$! Tell The User What Module We Are Building.
243$!
244$ IF (MODULE_NAME1.NES."")
245$ THEN
246$ IF STATE .EQS. "LIB"
247$ THEN
248$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Library Files. (",BUILDALL,",",STATE,")"
249$ ELSE IF F$TYPE('APPS_MODULE') .NES. ""
250$ THEN
251$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Applications. (",BUILDALL,",",STATE,")"
252$ ENDIF
253$ ENDIF
254$ ENDIF
255$!
256$! Define A File Counter And Set It To "0".
257$!
258$ FILE_COUNTER = 0
259$ APPLICATION = ""
260$ APPLICATION_COUNTER = 0
261$!
262$! Top Of The File Loop.
263$!
264$ NEXT_FILE:
265$!
266$! Look in the LIB_MODULE is we're in state LIB
267$!
268$ IF STATE .EQS. "LIB"
269$ THEN
270$!
271$! O.K, Extract The File Name From The File List.
272$!
273$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE')
274$!
275$! else
276$!
277$ ELSE
278$ FILE_NAME = ","
279$!
280$ IF F$TYPE('APPS_MODULE') .NES. ""
281$ THEN
282$!
283$! Extract The File Name From The File List.
284$! This part is a bit more complicated.
285$!
286$ IF APPLICATION .EQS. ""
287$ THEN
288$ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE')
289$ APPLICATION_COUNTER = APPLICATION_COUNTER + 1
290$ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION)
291$ APPLICATION = F$ELEMENT(0,"/",APPLICATION)
292$ FILE_COUNTER = 0
293$ ENDIF
294$
295$! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*"
296$! SHOW SYMBOL APPLICATION*
297$!
298$ IF APPLICATION .NES. ";"
299$ THEN
300$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS)
301$ IF FILE_NAME .EQS. ","
302$ THEN
303$ APPLICATION = ""
304$ GOTO NEXT_FILE
305$ ENDIF
306$ ENDIF
307$ ENDIF
308$ ENDIF
309$!
310$! Check To See If We Are At The End Of The File List.
311$!
312$ IF (FILE_NAME.EQS.",")
313$ THEN
314$!
315$! We Are At The End Of The File List, Change State Or Goto FILE_DONE.
316$!
317$ IF STATE .EQS. "LIB" .AND. BUILDALL .NES. "LIBRARY"
318$ THEN
319$ STATE = "APPS"
320$ GOTO MODULE_AGAIN
321$ ELSE
322$ GOTO FILE_DONE
323$ ENDIF
324$!
325$! End The File List Check.
326$!
327$ ENDIF
328$!
329$! Increment The Counter.
330$!
331$ FILE_COUNTER = FILE_COUNTER + 1
332$!
333$! Create The Source File Name.
334$!
335$ TMP_FILE_NAME = F$ELEMENT(1,"]",FILE_NAME)
336$ IF TMP_FILE_NAME .EQS. "]" THEN TMP_FILE_NAME = FILE_NAME
337$ IF F$ELEMENT(0,".",TMP_FILE_NAME) .EQS. TMP_FILE_NAME THEN -
338 FILE_NAME = FILE_NAME + ".c"
339$ IF (MODULE_NAME.NES."")
340$ THEN
341$ SOURCE_FILE = "SYS$DISK:[." + MODULE_NAME+ "]" + FILE_NAME
342$ ELSE
343$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME
344$ ENDIF
345$ SOURCE_FILE = SOURCE_FILE - "]["
346$!
347$! Create The Object File Name.
348$!
349$ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ"
350$ ON WARNING THEN GOTO NEXT_FILE
351$!
352$! Check To See If The File We Want To Compile Is Actually There.
353$!
354$ IF (F$SEARCH(SOURCE_FILE).EQS."")
355$ THEN
356$!
357$! Tell The User That The File Doesn't Exist.
358$!
359$ WRITE SYS$OUTPUT ""
360$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist."
361$ WRITE SYS$OUTPUT ""
362$!
363$! Exit The Build.
364$!
365$ GOTO EXIT
366$!
367$! End The File Exist Check.
368$!
369$ ENDIF
370$!
371$! Tell The User We Are Compiling The File.
372$!
373$ IF (MODULE_NAME.EQS."")
374$ THEN
375$ WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File. (",BUILDALL,",",STATE,")"
376$ ENDIF
377$ IF (MODULE_NAME.NES."")
378$ THEN
379$ WRITE SYS$OUTPUT " ",FILE_NAME,""
380$ ENDIF
381$!
382$! Compile The File.
383$!
384$ ON ERROR THEN GOTO NEXT_FILE
385$ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME)
386$ IF FILE_NAME - ".mar" .NES. FILE_NAME
387$ THEN
388$ MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
389$ ELSE
390$ IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3
391$ THEN
392$ CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
393$ ELSE
394$ IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4
395$ THEN
396$ CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
397$ ELSE
398$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
399$ THEN
400$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
401$ ELSE
402$ IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
403$ THEN
404$ CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
405$ ELSE
406$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
407$ ENDIF
408$ ENDIF
409$ ENDIF
410$ ENDIF
411$ ENDIF
412$ IF STATE .EQS. "LIB"
413$ THEN
414$!
415$! Add It To The Library.
416$!
417$ LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE'
418$!
419$! Time To Clean Up The Object File.
420$!
421$ DELETE 'OBJECT_FILE';*
422$ ENDIF
423$!
424$! Go Back And Do It Again.
425$!
426$ GOTO NEXT_FILE
427$!
428$! All Done With This Library Part.
429$!
430$ FILE_DONE:
431$!
432$! Time To Build Some Applications
433$!
434$ IF F$TYPE('APPS_MODULE') .NES. "" .AND. BUILDALL .NES. "LIBRARY"
435$ THEN
436$ APPLICATION_COUNTER = 0
437$ NEXT_APPLICATION:
438$ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE')
439$ IF APPLICATION .EQS. ";" THEN GOTO APPLICATION_DONE
440$
441$ APPLICATION_COUNTER = APPLICATION_COUNTER + 1
442$ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION)
443$ APPLICATION = F$ELEMENT(0,"/",APPLICATION)
444$
445$! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*"
446$! SHOW SYMBOL APPLICATION*
447$!
448$! Tell the user what happens
449$!
450$ WRITE SYS$OUTPUT " ",APPLICATION,".exe"
451$!
452$! Link The Program.
453$!
454$ ON ERROR THEN GOTO NEXT_APPLICATION
455$!
456$! Check To See If We Are To Link With A Specific TCP/IP Library.
457$!
458$ IF (TCPIP_LIB.NES."")
459$ THEN
460$!
461$! Link With A TCP/IP Library.
462$!
463$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE -
464 'OBJ_DIR''APPLICATION_OBJECTS', -
465 'CRYPTO_LIB'/LIBRARY, -
466 'TCPIP_LIB','OPT_FILE'/OPTION
467$!
468$! Else...
469$!
470$ ELSE
471$!
472$! Don't Link With A TCP/IP Library.
473$!
474$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE -
475 'OBJ_DIR''APPLICATION_OBJECTS',-
476 'CRYPTO_LIB'/LIBRARY, -
477 'OPT_FILE'/OPTION
478$!
479$! End The TCP/IP Library Check.
480$!
481$ ENDIF
482$ GOTO NEXT_APPLICATION
483$ APPLICATION_DONE:
484$ ENDIF
485$!
486$! Go Back And Get The Next Module.
487$!
488$ GOTO MODULE_NEXT
489$!
490$! All Done With This Module.
491$!
492$ MODULE_DONE:
493$!
494$! Tell The User That We Are All Done.
495$!
496$ WRITE SYS$OUTPUT "All Done..."
497$ EXIT:
498$ GOSUB CLEANUP
499$ EXIT
500$!
501$! Check For The Link Option FIle.
502$!
503$ CHECK_OPT_FILE:
504$!
505$! Check To See If We Need To Make A VAX C Option File.
506$!
507$ IF (COMPILER.EQS."VAXC")
508$ THEN
509$!
510$! Check To See If We Already Have A VAX C Linker Option File.
511$!
512$ IF (F$SEARCH(OPT_FILE).EQS."")
513$ THEN
514$!
515$! We Need A VAX C Linker Option File.
516$!
517$ CREATE 'OPT_FILE'
518$DECK
519!
520! Default System Options File To Link Agianst
521! The Sharable VAX C Runtime Library.
522!
523SYS$SHARE:VAXCRTL.EXE/SHARE
524$EOD
525$!
526$! End The Option File Check.
527$!
528$ ENDIF
529$!
530$! End The VAXC Check.
531$!
532$ ENDIF
533$!
534$! Check To See If We Need A GNU C Option File.
535$!
536$ IF (COMPILER.EQS."GNUC")
537$ THEN
538$!
539$! Check To See If We Already Have A GNU C Linker Option File.
540$!
541$ IF (F$SEARCH(OPT_FILE).EQS."")
542$ THEN
543$!
544$! We Need A GNU C Linker Option File.
545$!
546$ CREATE 'OPT_FILE'
547$DECK
548!
549! Default System Options File To Link Agianst
550! The Sharable C Runtime Library.
551!
552GNU_CC:[000000]GCCLIB/LIBRARY
553SYS$SHARE:VAXCRTL/SHARE
554$EOD
555$!
556$! End The Option File Check.
557$!
558$ ENDIF
559$!
560$! End The GNU C Check.
561$!
562$ ENDIF
563$!
564$! Check To See If We Need A DEC C Option File.
565$!
566$ IF (COMPILER.EQS."DECC")
567$ THEN
568$!
569$! Check To See If We Already Have A DEC C Linker Option File.
570$!
571$ IF (F$SEARCH(OPT_FILE).EQS."")
572$ THEN
573$!
574$! Figure Out If We Need An AXP Or A VAX Linker Option File.
575$!
576$ IF ARCH .EQS. "VAX"
577$ THEN
578$!
579$! We Need A DEC C Linker Option File For VAX.
580$!
581$ CREATE 'OPT_FILE'
582$DECK
583!
584! Default System Options File To Link Agianst
585! The Sharable DEC C Runtime Library.
586!
587SYS$SHARE:DECC$SHR.EXE/SHARE
588$EOD
589$!
590$! Else...
591$!
592$ ELSE
593$!
594$! Create The AXP Linker Option File.
595$!
596$ CREATE 'OPT_FILE'
597$DECK
598!
599! Default System Options File For AXP To Link Agianst
600! The Sharable C Runtime Library.
601!
602SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
603SYS$SHARE:CMA$OPEN_RTL/SHARE
604$EOD
605$!
606$! End The VAX/AXP DEC C Option File Check.
607$!
608$ ENDIF
609$!
610$! End The Option File Search.
611$!
612$ ENDIF
613$!
614$! End The DEC C Check.
615$!
616$ ENDIF
617$!
618$! Tell The User What Linker Option File We Are Using.
619$!
620$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."
621$!
622$! Time To RETURN.
623$!
624$ RETURN
625$!
626$! Check The User's Options.
627$!
628$ CHECK_OPTIONS:
629$!
630$! Check To See If P1 Is Blank.
631$!
632$ IF (P1.EQS."ALL")
633$ THEN
634$!
635$! P1 Is Blank, So Build Everything.
636$!
637$ BUILDALL = "TRUE"
638$!
639$! Else...
640$!
641$ ELSE
642$!
643$! Else, Check To See If P1 Has A Valid Arguement.
644$!
645$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS")
646$ THEN
647$!
648$! A Valid Arguement.
649$!
650$ BUILDALL = P1
651$!
652$! Else...
653$!
654$ ELSE
655$!
656$! Tell The User We Don't Know What They Want.
657$!
658$ WRITE SYS$OUTPUT ""
659$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
660$ WRITE SYS$OUTPUT ""
661$ WRITE SYS$OUTPUT " ALL : Just Build Everything."
662$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
663$ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.CRYPTO]*.EXE Programs."
664$ WRITE SYS$OUTPUT ""
665$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
666$ WRITE SYS$OUTPUT ""
667$ WRITE SYS$OUTPUT " AXP : Alpha Architecture."
668$ WRITE SYS$OUTPUT " VAX : VAX Architecture."
669$ WRITE SYS$OUTPUT ""
670$!
671$! Time To EXIT.
672$!
673$ EXIT
674$!
675$! End The Valid Arguement Check.
676$!
677$ ENDIF
678$!
679$! End The P1 Check.
680$!
681$ ENDIF
682$!
683$! Check To See If P2 Is Blank.
684$!
685$ IF (P2.EQS."NODEBUG")
686$ THEN
687$!
688$! P2 Is NODEBUG, So Compile Without The Debugger Information.
689$!
690$ DEBUGGER = "NODEBUG"
691$ TRACEBACK = "NOTRACEBACK"
692$ GCC_OPTIMIZE = "OPTIMIZE"
693$ CC_OPTIMIZE = "OPTIMIZE"
694$ MACRO_OPTIMIZE = "OPTIMIZE"
695$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
696$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
697$ ELSE
698$!
699$! Check To See If We Are To Compile With Debugger Information.
700$!
701$ IF (P2.EQS."DEBUG")
702$ THEN
703$!
704$! Compile With Debugger Information.
705$!
706$ DEBUGGER = "DEBUG"
707$ TRACEBACK = "TRACEBACK"
708$ GCC_OPTIMIZE = "NOOPTIMIZE"
709$ CC_OPTIMIZE = "NOOPTIMIZE"
710$ MACRO_OPTIMIZE = "NOOPTIMIZE"
711$ WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
712$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
713$ ELSE
714$!
715$! They Entered An Invalid Option..
716$!
717$ WRITE SYS$OUTPUT ""
718$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:"
719$ WRITE SYS$OUTPUT ""
720$ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information."
721$ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information."
722$ WRITE SYS$OUTPUT ""
723$!
724$! Time To EXIT.
725$!
726$ EXIT
727$!
728$! End The Valid Arguement Check.
729$!
730$ ENDIF
731$!
732$! End The P2 Check.
733$!
734$ ENDIF
735$!
736$! Special Threads For OpenVMS v7.1 Or Later
737$!
738$! Written By: Richard Levitte
739$! richard@levitte.org
740$!
741$!
742$! Check To See If We Have A Option For P5.
743$!
744$ IF (P5.EQS."")
745$ THEN
746$!
747$! Get The Version Of VMS We Are Using.
748$!
749$ ISSEVEN :=
750$ TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
751$ TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
752$!
753$! Check To See If The VMS Version Is v7.1 Or Later.
754$!
755$ IF (TMP.GE.71)
756$ THEN
757$!
758$! We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
759$!
760$ ISSEVEN := ,PTHREAD_USE_D4
761$!
762$! End The VMS Version Check.
763$!
764$ ENDIF
765$!
766$! End The P5 Check.
767$!
768$ ENDIF
769$!
770$! Check To See If P3 Is Blank.
771$!
772$ IF (P3.EQS."")
773$ THEN
774$!
775$! O.K., The User Didn't Specify A Compiler, Let's Try To
776$! Find Out Which One To Use.
777$!
778$! Check To See If We Have GNU C.
779$!
780$ IF (F$TRNLNM("GNU_CC").NES."")
781$ THEN
782$!
783$! Looks Like GNUC, Set To Use GNUC.
784$!
785$ P3 = "GNUC"
786$!
787$! Else...
788$!
789$ ELSE
790$!
791$! Check To See If We Have VAXC Or DECC.
792$!
793$ IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
794$ THEN
795$!
796$! Looks Like DECC, Set To Use DECC.
797$!
798$ P3 = "DECC"
799$!
800$! Else...
801$!
802$ ELSE
803$!
804$! Looks Like VAXC, Set To Use VAXC.
805$!
806$ P3 = "VAXC"
807$!
808$! End The VAXC Compiler Check.
809$!
810$ ENDIF
811$!
812$! End The DECC & VAXC Compiler Check.
813$!
814$ ENDIF
815$!
816$! End The Compiler Check.
817$!
818$ ENDIF
819$!
820$! Check To See If We Have A Option For P4.
821$!
822$ IF (P4.EQS."")
823$ THEN
824$!
825$! Find out what socket library we have available
826$!
827$ IF F$PARSE("SOCKETSHR:") .NES. ""
828$ THEN
829$!
830$! We have SOCKETSHR, and it is my opinion that it's the best to use.
831$!
832$ P4 = "SOCKETSHR"
833$!
834$! Tell the user
835$!
836$ WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
837$!
838$! Else, let's look for something else
839$!
840$ ELSE
841$!
842$! Like UCX (the reason to do this before Multinet is that the UCX
843$! emulation is easier to use...)
844$!
845$ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
846 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
847 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
848$ THEN
849$!
850$! Last resort: a UCX or UCX-compatible library
851$!
852$ P4 = "UCX"
853$!
854$! Tell the user
855$!
856$ WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
857$!
858$! That was all...
859$!
860$ ENDIF
861$ ENDIF
862$ ENDIF
863$!
864$! Set Up Initial CC Definitions, Possibly With User Ones
865$!
866$ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS"
867$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
868$ CCEXTRAFLAGS = ""
869$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
870$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
871$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
872 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
873$!
874$! Check To See If The User Entered A Valid Paramter.
875$!
876$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
877$ THEN
878$!
879$! Check To See If The User Wanted DECC.
880$!
881$ IF (P3.EQS."DECC")
882$ THEN
883$!
884$! Looks Like DECC, Set To Use DECC.
885$!
886$ COMPILER = "DECC"
887$!
888$! Tell The User We Are Using DECC.
889$!
890$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
891$!
892$! Use DECC...
893$!
894$ CC = "CC"
895$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
896 THEN CC = "CC/DECC"
897$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
898 "/NOLIST/PREFIX=ALL" + -
899 "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + -
900 CCEXTRAFLAGS
901$!
902$! Define The Linker Options File Name.
903$!
904$ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
905$!
906$! End DECC Check.
907$!
908$ ENDIF
909$!
910$! Check To See If We Are To Use VAXC.
911$!
912$ IF (P3.EQS."VAXC")
913$ THEN
914$!
915$! Looks Like VAXC, Set To Use VAXC.
916$!
917$ COMPILER = "VAXC"
918$!
919$! Tell The User We Are Using VAX C.
920$!
921$ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
922$!
923$! Compile Using VAXC.
924$!
925$ CC = "CC"
926$ IF ARCH.EQS."AXP"
927$ THEN
928$ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
929$ EXIT
930$ ENDIF
931$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
932$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
933 "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + -
934 CCEXTRAFLAGS
935$ CCDEFS = """VAXC""," + CCDEFS
936$!
937$! Define <sys> As SYS$COMMON:[SYSLIB]
938$!
939$ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
940$!
941$! Define The Linker Options File Name.
942$!
943$ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
944$!
945$! End VAXC Check
946$!
947$ ENDIF
948$!
949$! Check To See If We Are To Use GNU C.
950$!
951$ IF (P3.EQS."GNUC")
952$ THEN
953$!
954$! Looks Like GNUC, Set To Use GNUC.
955$!
956$ COMPILER = "GNUC"
957$!
958$! Tell The User We Are Using GNUC.
959$!
960$ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
961$!
962$! Use GNU C...
963$!
964$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
965 "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + -
966 CCEXTRAFLAGS
967$!
968$! Define The Linker Options File Name.
969$!
970$ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
971$!
972$! End The GNU C Check.
973$!
974$ ENDIF
975$!
976$! Set up default defines
977$!
978$ CCDEFS = """FLAT_INC=1""," + CCDEFS
979$!
980$! Finish up the definition of CC.
981$!
982$ IF COMPILER .EQS. "DECC"
983$ THEN
984$ IF CCDISABLEWARNINGS .EQS. ""
985$ THEN
986$ CC4DISABLEWARNINGS = "DOLLARID"
987$ CC6DISABLEWARNINGS = "MIXLINKAGE"
988$ ELSE
989$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
990$ CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
991$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
992$ ENDIF
993$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
994$ CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
995$ ELSE
996$ CCDISABLEWARNINGS = ""
997$ CC4DISABLEWARNINGS = ""
998$ CC6DISABLEWARNINGS = ""
999$ ENDIF
1000$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
1001$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
1002$ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG"
1003$ THEN
1004$ CC5 = CC + "/OPTIMIZE=NODISJOINT"
1005$ ELSE
1006$ CC5 = CC + "/NOOPTIMIZE"
1007$ ENDIF
1008$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
1009$ CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
1010$!
1011$! Show user the result
1012$!
1013$ WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC
1014$!
1015$! Else The User Entered An Invalid Arguement.
1016$!
1017$ ELSE
1018$!
1019$! Tell The User We Don't Know What They Want.
1020$!
1021$ WRITE SYS$OUTPUT ""
1022$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:"
1023$ WRITE SYS$OUTPUT ""
1024$ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C."
1025$ WRITE SYS$OUTPUT " DECC : To Compile With DEC C."
1026$ WRITE SYS$OUTPUT " GNUC : To Compile With GNU C."
1027$ WRITE SYS$OUTPUT ""
1028$!
1029$! Time To EXIT.
1030$!
1031$ EXIT
1032$!
1033$! End The Valid Arguement Check.
1034$!
1035$ ENDIF
1036$!
1037$! Build a MACRO command for the architecture at hand
1038$!
1039$ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'"
1040$ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
1041$!
1042$! Show user the result
1043$!
1044$ WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO
1045$!
1046$! Time to check the contents, and to make sure we get the correct library.
1047$!
1048$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
1049 .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
1050$ THEN
1051$!
1052$! Check to see if SOCKETSHR was chosen
1053$!
1054$ IF P4.EQS."SOCKETSHR"
1055$ THEN
1056$!
1057$! Set the library to use SOCKETSHR
1058$!
1059$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
1060$!
1061$! Done with SOCKETSHR
1062$!
1063$ ENDIF
1064$!
1065$! Check to see if MULTINET was chosen
1066$!
1067$ IF P4.EQS."MULTINET"
1068$ THEN
1069$!
1070$! Set the library to use UCX emulation.
1071$!
1072$ P4 = "UCX"
1073$!
1074$! Done with MULTINET
1075$!
1076$ ENDIF
1077$!
1078$! Check to see if UCX was chosen
1079$!
1080$ IF P4.EQS."UCX"
1081$ THEN
1082$!
1083$! Set the library to use UCX.
1084$!
1085$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
1086$ IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
1087$ THEN
1088$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
1089$ ELSE
1090$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
1091 TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
1092$ ENDIF
1093$!
1094$! Done with UCX
1095$!
1096$ ENDIF
1097$!
1098$! Check to see if TCPIP was chosen
1099$!
1100$ IF P4.EQS."TCPIP"
1101$ THEN
1102$!
1103$! Set the library to use TCPIP (post UCX).
1104$!
1105$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
1106$!
1107$! Done with TCPIP
1108$!
1109$ ENDIF
1110$!
1111$! Check to see if NONE was chosen
1112$!
1113$ IF P4.EQS."NONE"
1114$ THEN
1115$!
1116$! Do not use a TCPIP library.
1117$!
1118$ TCPIP_LIB = ""
1119$!
1120$! Done with TCPIP
1121$!
1122$ ENDIF
1123$!
1124$! Print info
1125$!
1126$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
1127$!
1128$! Else The User Entered An Invalid Arguement.
1129$!
1130$ ELSE
1131$!
1132$! Tell The User We Don't Know What They Want.
1133$!
1134$ WRITE SYS$OUTPUT ""
1135$ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:"
1136$ WRITE SYS$OUTPUT ""
1137$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library."
1138$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library."
1139$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library."
1140$ WRITE SYS$OUTPUT ""
1141$!
1142$! Time To EXIT.
1143$!
1144$ EXIT
1145$!
1146$! Done with TCP/IP libraries
1147$!
1148$ ENDIF
1149$!
1150$! Check if the user wanted to compile just a subset of all the encryption
1151$! methods.
1152$!
1153$ IF P6 .NES. ""
1154$ THEN
1155$ ENCRYPT_TYPES = P6
1156$ ENDIF
1157$!
1158$! Time To RETURN...
1159$!
1160$ RETURN
1161$!
1162$ INITIALISE:
1163$!
1164$! Save old value of the logical name OPENSSL
1165$!
1166$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
1167$!
1168$! Save directory information
1169$!
1170$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
1171$ __HERE = F$EDIT(__HERE,"UPCASE")
1172$ __TOP = __HERE - "FIPS-1_0]"
1173$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
1174$!
1175$! Set up the logical name OPENSSL to point at the include directory
1176$!
1177$ DEFINE OPENSSL/NOLOG '__INCLUDE'
1178$!
1179$! Done
1180$!
1181$ RETURN
1182$!
1183$ CLEANUP:
1184$!
1185$! Restore the logical name OPENSSL if it had a value
1186$!
1187$ IF __SAVE_OPENSSL .EQS. ""
1188$ THEN
1189$ DEASSIGN OPENSSL
1190$ ELSE
1191$ DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
1192$ ENDIF
1193$!
1194$! Done
1195$!
1196$ RETURN
diff --git a/src/lib/libssl/src/fips-1.0/fips.c b/src/lib/libssl/src/fips-1.0/fips.c
new file mode 100644
index 0000000000..bb833bfa2c
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips.c
@@ -0,0 +1,313 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <openssl/fips.h>
51#include <openssl/rand.h>
52#include <openssl/fips_rand.h>
53#include <openssl/err.h>
54#include <openssl/bio.h>
55#include <openssl/hmac.h>
56#include <string.h>
57#include <limits.h>
58#include "fips_locl.h"
59
60#ifdef OPENSSL_FIPS
61
62#ifndef PATH_MAX
63#define PATH_MAX 1024
64#endif
65
66static int fips_selftest_fail;
67static int fips_mode;
68static const void *fips_rand_check;
69
70static void fips_set_mode(int onoff)
71 {
72 int owning_thread = fips_is_owning_thread();
73
74 if (fips_is_started())
75 {
76 if (!owning_thread) fips_w_lock();
77 fips_mode = onoff;
78 if (!owning_thread) fips_w_unlock();
79 }
80 }
81
82static void fips_set_rand_check(const void *rand_check)
83 {
84 int owning_thread = fips_is_owning_thread();
85
86 if (fips_is_started())
87 {
88 if (!owning_thread) fips_w_lock();
89 fips_rand_check = rand_check;
90 if (!owning_thread) fips_w_unlock();
91 }
92 }
93
94int FIPS_mode(void)
95 {
96 int ret = 0;
97 int owning_thread = fips_is_owning_thread();
98
99 if (fips_is_started())
100 {
101 if (!owning_thread) fips_r_lock();
102 ret = fips_mode;
103 if (!owning_thread) fips_r_unlock();
104 }
105 return ret;
106 }
107
108const void *FIPS_rand_check(void)
109 {
110 const void *ret = 0;
111 int owning_thread = fips_is_owning_thread();
112
113 if (fips_is_started())
114 {
115 if (!owning_thread) fips_r_lock();
116 ret = fips_rand_check;
117 if (!owning_thread) fips_r_unlock();
118 }
119 return ret;
120 }
121
122int FIPS_selftest_failed(void)
123 {
124 int ret = 0;
125 if (fips_is_started())
126 {
127 int owning_thread = fips_is_owning_thread();
128
129 if (!owning_thread) fips_r_lock();
130 ret = fips_selftest_fail;
131 if (!owning_thread) fips_r_unlock();
132 }
133 return ret;
134 }
135
136int FIPS_selftest()
137 {
138 ERR_load_crypto_strings();
139
140 return FIPS_selftest_sha1()
141 && FIPS_selftest_hmac()
142 && FIPS_selftest_aes()
143 && FIPS_selftest_des()
144 && FIPS_selftest_rsa()
145 && FIPS_selftest_dsa();
146 }
147
148extern const void *FIPS_text_start(), *FIPS_text_end();
149extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
150unsigned char FIPS_signature [20] = { 0 };
151static const char FIPS_hmac_key[]="etaonrishdlcupfm";
152
153unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len)
154 {
155 const unsigned char *p1 = FIPS_text_start();
156 const unsigned char *p2 = FIPS_text_end();
157 const unsigned char *p3 = FIPS_rodata_start;
158 const unsigned char *p4 = FIPS_rodata_end;
159 HMAC_CTX c;
160
161 HMAC_CTX_init(&c);
162 HMAC_Init(&c,FIPS_hmac_key,strlen(FIPS_hmac_key),EVP_sha1());
163
164 /* detect overlapping regions */
165 if (p1<=p3 && p2>=p3)
166 p3=p1, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;
167 else if (p3<=p1 && p4>=p1)
168 p3=p3, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;
169
170 if (p1)
171 HMAC_Update(&c,p1,(size_t)p2-(size_t)p1);
172
173 if (FIPS_signature>=p3 && FIPS_signature<p4)
174 {
175 /* "punch" hole */
176 HMAC_Update(&c,p3,(size_t)FIPS_signature-(size_t)p3);
177 p3 = FIPS_signature+sizeof(FIPS_signature);
178 if (p3<p4)
179 HMAC_Update(&c,p3,(size_t)p4-(size_t)p3);
180 }
181 else
182 HMAC_Update(&c,p3,(size_t)p4-(size_t)p3);
183
184 HMAC_Final(&c,sig,&len);
185 HMAC_CTX_cleanup(&c);
186
187 return len;
188 }
189
190int FIPS_check_incore_fingerprint(void)
191 {
192 unsigned char sig[EVP_MAX_MD_SIZE];
193 unsigned int len;
194 extern int OPENSSL_NONPIC_relocated;
195
196 if (FIPS_text_start()==NULL)
197 {
198 FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_UNSUPPORTED_PLATFORM);
199 return 0;
200 }
201
202 len=FIPS_incore_fingerprint (sig,sizeof(sig));
203
204 if (len!=sizeof(FIPS_signature) ||
205 memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
206 {
207 if (FIPS_signature>=FIPS_rodata_start && FIPS_signature<FIPS_rodata_end)
208 FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING);
209 else if (OPENSSL_NONPIC_relocated)
210 FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED);
211 else
212 FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
213 return 0;
214 }
215
216 return 1;
217 }
218
219int FIPS_mode_set(int onoff)
220 {
221 int fips_set_owning_thread();
222 int fips_clear_owning_thread();
223 int ret = 0;
224
225 fips_w_lock();
226 fips_set_started();
227 fips_set_owning_thread();
228
229 if(onoff)
230 {
231 unsigned char buf[24];
232
233 fips_selftest_fail = 0;
234
235 /* Don't go into FIPS mode twice, just so we can do automagic
236 seeding */
237 if(FIPS_mode())
238 {
239 FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FIPS_MODE_ALREADY_SET);
240 fips_selftest_fail = 1;
241 ret = 0;
242 goto end;
243 }
244
245 if(fips_signature_witness() != FIPS_signature)
246 {
247 FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_CONTRADICTING_EVIDENCE);
248 fips_selftest_fail = 1;
249 ret = 0;
250 goto end;
251 }
252
253 if(!FIPS_check_incore_fingerprint())
254 {
255 fips_selftest_fail = 1;
256 ret = 0;
257 goto end;
258 }
259
260 /* Perform RNG KAT before seeding */
261 if (!FIPS_selftest_rng())
262 {
263 fips_selftest_fail = 1;
264 ret = 0;
265 goto end;
266 }
267
268 /* automagically seed PRNG if not already seeded */
269 if(!FIPS_rand_seeded())
270 {
271 if(RAND_bytes(buf,sizeof buf) <= 0)
272 {
273 fips_selftest_fail = 1;
274 ret = 0;
275 goto end;
276 }
277 FIPS_set_prng_key(buf,buf+8);
278 FIPS_rand_seed(buf+16,8);
279 }
280
281 /* now switch into FIPS mode */
282 fips_set_rand_check(FIPS_rand_method());
283 RAND_set_rand_method(FIPS_rand_method());
284 if(FIPS_selftest())
285 fips_set_mode(1);
286 else
287 {
288 fips_selftest_fail = 1;
289 ret = 0;
290 goto end;
291 }
292 ret = 1;
293 goto end;
294 }
295 fips_set_mode(0);
296 fips_selftest_fail = 0;
297 ret = 1;
298end:
299 fips_clear_owning_thread();
300 fips_w_unlock();
301 return ret;
302 }
303
304#if 0
305/* here just to cause error codes to exist */
306static void dummy()
307 {
308 FIPSerr(FIPS_F_HASH_FINAL,FIPS_F_NON_FIPS_METHOD);
309 FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_FIPS_SELFTEST_FAILED);
310 }
311#endif
312
313#endif
diff --git a/src/lib/libssl/src/fips-1.0/fips.h b/src/lib/libssl/src/fips-1.0/fips.h
new file mode 100644
index 0000000000..f67bb885c8
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips.h
@@ -0,0 +1,131 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <openssl/opensslconf.h>
51
52#ifdef OPENSSL_FIPS
53
54#ifdef __cplusplus
55extern "C" {
56#endif
57
58struct dsa_st;
59
60int FIPS_mode_set(int onoff);
61int FIPS_mode(void);
62const void *FIPS_rand_check(void);
63int FIPS_selftest_failed(void);
64int FIPS_dsa_check(struct dsa_st *dsa);
65void FIPS_corrupt_sha1(void);
66int FIPS_selftest_sha1(void);
67void FIPS_corrupt_aes(void);
68int FIPS_selftest_aes(void);
69void FIPS_corrupt_des(void);
70int FIPS_selftest_des(void);
71void FIPS_corrupt_rsa(void);
72int FIPS_selftest_rsa(void);
73void FIPS_corrupt_dsa(void);
74int FIPS_selftest_dsa(void);
75void FIPS_corrupt_rng(void);
76int FIPS_selftest_rng(void);
77int FIPS_selftest_hmac(void);
78
79/* BEGIN ERROR CODES */
80/* The following lines are auto generated by the script mkerr.pl. Any changes
81 * made after this point may be overwritten when the script is next run.
82 */
83void ERR_load_FIPS_strings(void);
84
85/* Error codes for the FIPS functions. */
86
87/* Function codes. */
88#define FIPS_F_DH_GENERATE_PARAMETERS 117
89#define FIPS_F_DSA_DO_SIGN 111
90#define FIPS_F_DSA_DO_VERIFY 112
91#define FIPS_F_DSA_GENERATE_PARAMETERS 110
92#define FIPS_F_FIPS_CHECK_DSA 116
93#define FIPS_F_FIPS_CHECK_EXE 106
94#define FIPS_F_FIPS_CHECK_FINGERPRINT 120
95#define FIPS_F_FIPS_CHECK_RSA 115
96#define FIPS_F_FIPS_DSA_CHECK 102
97#define FIPS_F_FIPS_MODE_SET 105
98#define FIPS_F_FIPS_SELFTEST_AES 104
99#define FIPS_F_FIPS_SELFTEST_DES 107
100#define FIPS_F_FIPS_SELFTEST_DSA 109
101#define FIPS_F_FIPS_SELFTEST_RNG 118
102#define FIPS_F_FIPS_SELFTEST_RSA 108
103#define FIPS_F_FIPS_SELFTEST_SHA 103
104#define FIPS_F_HASH_FINAL 100
105#define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 114
106#define FIPS_F_RSA_GENERATE_KEY 113
107#define FIPS_F_RSA_X931_GENERATE_KEY 119
108#define FIPS_F_SSLEAY_RAND_BYTES 101
109#define FIPS_F_FIPS_CHECK_DSO 120
110
111/* Reason codes. */
112#define FIPS_R_CANNOT_READ_EXE 103
113#define FIPS_R_CANNOT_READ_EXE_DIGEST 104
114#define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105
115#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110
116#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 111
117#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 112
118#define FIPS_R_FIPS_MODE_ALREADY_SET 102
119#define FIPS_R_FIPS_SELFTEST_FAILED 106
120#define FIPS_R_INVALID_KEY_LENGTH 109
121#define FIPS_R_KEY_TOO_SHORT 108
122#define FIPS_R_NON_FIPS_METHOD 100
123#define FIPS_R_PAIRWISE_TEST_FAILED 107
124#define FIPS_R_SELFTEST_FAILED 101
125#define FIPS_R_UNSUPPORTED_PLATFORM 113
126#define FIPS_R_CONTRADICTING_EVIDENCE 114
127
128#ifdef __cplusplus
129}
130#endif
131#endif
diff --git a/src/lib/libssl/src/fips-1.0/fips_canister.c b/src/lib/libssl/src/fips-1.0/fips_canister.c
new file mode 100644
index 0000000000..7dec62bb64
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips_canister.c
@@ -0,0 +1,171 @@
1/* ====================================================================
2 * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
3 * and usage in source and binary forms are granted according to the
4 * OpenSSL license.
5 */
6
7#include <stdio.h>
8#if defined(__DECC)
9# include <c_asm.h>
10# pragma __nostandard
11#endif
12
13#include "e_os.h"
14
15#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION)
16# if (defined(__sun) && (defined(__sparc) || defined(__sparcv9))) || \
17 (defined(__sgi) && (defined(__mips) || defined(mips))) || \
18 (defined(__osf__) && defined(__alpha)) || \
19 (defined(__linux) && (defined(__arm) || defined(__arm__))) || \
20 (defined(__i386) || defined(__i386__)) || \
21 (defined(__x86_64) || defined(__x86_64__)) || \
22 (defined(vax) || defined(__vax__))
23# define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION
24# endif
25#endif
26
27#ifdef FIPS_START
28#define FIPS_ref_point FIPS_text_start
29/* Some compilers put string literals into a separate segment. As we
30 * are mostly interested to hash AES tables in .rodata, we declare
31 * reference points accordingly. In case you wonder, the values are
32 * big-endian encoded variable names, just to prevent these arrays
33 * from being merged by linker. */
34const unsigned int FIPS_rodata_start[]=
35 { 0x46495053, 0x5f726f64, 0x6174615f, 0x73746172 };
36#else
37#define FIPS_ref_point FIPS_text_end
38const unsigned int FIPS_rodata_end[]=
39 { 0x46495053, 0x5f726f64, 0x6174615f, 0x656e645b };
40#endif
41
42/*
43 * I declare reference function as static in order to avoid certain
44 * pitfalls in -dynamic linker behaviour...
45 */
46static void *instruction_pointer(void)
47{ void *ret=NULL;
48/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means
49 * that they are designed to work under any OS running on particular
50 * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in
51 * this function. */
52#if defined(INSTRUCTION_POINTER_IMPLEMENTED)
53 INSTRUCTION_POINTER_IMPLEMENTED(ret);
54#elif defined(__GNUC__) && __GNUC__>=2
55# if defined(__alpha) || defined(__alpha__)
56# define INSTRUCTION_POINTER_IMPLEMENTED
57 __asm __volatile ( "br %0,1f\n1:" : "=r"(ret) );
58# elif defined(__i386) || defined(__i386__)
59# define INSTRUCTION_POINTER_IMPLEMENTED
60 __asm __volatile ( "call 1f\n1: popl %0" : "=r"(ret) );
61 ret = (void *)((size_t)ret&~3UL); /* align for better performance */
62# elif defined(__ia64) || defined(__ia64__)
63# define INSTRUCTION_POINTER_IMPLEMENTED
64 __asm __volatile ( "mov %0=ip" : "=r"(ret) );
65# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc)
66# define INSTRUCTION_POINTER_IMPLEMENTED
67 __asm __volatile ( "blr %%r0,%0\n\tnop" : "=r"(ret) );
68 ret = (void *)((size_t)ret&~3UL); /* mask privilege level */
69# elif defined(__mips) || defined(__mips__)
70# define INSTRUCTION_POINTER_IMPLEMENTED
71 void *scratch;
72 __asm __volatile ( "move %1,$31\n\t" /* save ra */
73 "bal .+8; nop\n\t"
74 "move %0,$31\n\t"
75 "move $31,%1" /* restore ra */
76 : "=r"(ret),"=r"(scratch) );
77# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \
78 defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \
79 defined(__PPC64__) || defined(__powerpc64__)
80# define INSTRUCTION_POINTER_IMPLEMENTED
81 void *scratch;
82 __asm __volatile ( "mfspr %1,8\n\t" /* save lr */
83 "bl .+4\n\t"
84 "mfspr %0,8\n\t" /* mflr ret */
85 "mtspr 8,%1" /* restore lr */
86 : "=r"(ret),"=r"(scratch) );
87# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9)
88# define INSTRUCTION_POINTER_IMPLEMENTED
89 void *scratch;
90 __asm __volatile ( "mov %%o7,%1\n\t"
91 "call .+8; nop\n\t"
92 "mov %%o7,%0\n\t"
93 "mov %1,%%o7"
94 : "=r"(ret),"=r"(scratch) );
95# elif defined(__x86_64) || defined(__x86_64__)
96# define INSTRUCTION_POINTER_IMPLEMENTED
97 __asm __volatile ( "leaq 0(%%rip),%0" : "=r"(ret) );
98 ret = (void *)((size_t)ret&~3UL); /* align for better performance */
99# endif
100#elif defined(__DECC) && defined(__alpha)
101# define INSTRUCTION_POINTER_IMPLEMENTED
102 ret = (void *)(size_t)asm("br %v0,1f\n1:");
103#elif defined(_MSC_VER) && defined(_M_IX86)
104# undef INSTRUCTION_POINTER_IMPLEMENTED
105 void *scratch;
106 _asm {
107 call self
108 self: pop eax
109 mov scratch,eax
110 }
111 ret = (void *)((size_t)scratch&~3UL);
112#endif
113 return ret;
114}
115
116/*
117 * This function returns pointer to an instruction in the vicinity of
118 * its entry point, but not outside this object module. This guarantees
119 * that sequestered code is covered...
120 */
121void *FIPS_ref_point()
122{
123#if defined(INSTRUCTION_POINTER_IMPLEMENTED)
124 return instruction_pointer();
125/* Below we essentially cover vendor compilers which do not support
126 * inline assembler... */
127#elif defined(_AIX)
128 struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer;
129 return p->ip;
130#elif defined(_HPUX_SOURCE)
131# if defined(__hppa) || defined(__hppa__)
132 struct { void *i[4]; } *p = (void *)FIPS_ref_point;
133
134 if (sizeof(p) == 8) /* 64-bit */
135 return p->i[2];
136 else if ((size_t)p & 2)
137 { p = (void *)((size_t)p&~3UL);
138 return p->i[0];
139 }
140 else
141 return (void *)p;
142# elif defined(__ia64) || defined(__ia64__)
143 struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer;
144 return (void *)(size_t)p->ip;
145# endif
146#elif (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__))
147 /* applies to both alpha and ia64 */
148 struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer;
149 return (void *)(size_t)p->ip;
150#elif defined(__VOS__)
151 /* applies to both pa-risc and ia32 */
152 struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer;
153 return p->ip;
154#elif defined(_WIN32)
155# if defined(_WIN64) && defined(_M_IA64)
156 struct { void *ip,*gp; } *p = (void *)FIPS_ref_point;
157 return p->ip;
158# else
159 return (void *)FIPS_ref_point;
160# endif
161/*
162 * In case you wonder why there is no #ifdef __linux. All Linux targets
163 * are GCC-based and therefore are covered by instruction_pointer above
164 * [well, some are covered by by the one below]...
165 */
166#elif defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION)
167 return (void *)instruction_pointer;
168#else
169 return NULL;
170#endif
171}
diff --git a/src/lib/libssl/src/fips-1.0/fips_err.h b/src/lib/libssl/src/fips-1.0/fips_err.h
new file mode 100644
index 0000000000..c57aebf8a3
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips_err.h
@@ -0,0 +1,133 @@
1/* fips/fips_err.h */
2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/fips.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason)
70
71static ERR_STRING_DATA FIPS_str_functs[]=
72 {
73{ERR_FUNC(FIPS_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
74{ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"},
75{ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"},
76{ERR_FUNC(FIPS_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"},
77{ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"},
78{ERR_FUNC(FIPS_F_FIPS_CHECK_EXE), "FIPS_CHECK_EXE"},
79{ERR_FUNC(FIPS_F_FIPS_CHECK_FINGERPRINT), "FIPS_CHECK_FINGERPRINT"},
80{ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "FIPS_CHECK_RSA"},
81{ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_dsa_check"},
82{ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"},
83{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
84{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
85{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
86{ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"},
87{ERR_FUNC(FIPS_F_FIPS_SELFTEST_RSA), "FIPS_selftest_rsa"},
88{ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA), "FIPS_SELFTEST_SHA"},
89{ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"},
90{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
91{ERR_FUNC(FIPS_F_RSA_GENERATE_KEY), "RSA_generate_key"},
92{ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY), "RSA_X931_generate_key"},
93{ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
94{ERR_FUNC(FIPS_F_FIPS_CHECK_DSO), "FIPS_check_dso"},
95{0,NULL}
96 };
97
98static ERR_STRING_DATA FIPS_str_reasons[]=
99 {
100{ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot access executable object"},
101{ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot access detached digest"},
102{ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),"detached digest verification failed"},
103{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),"fingerprint does not match"},
104{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),"fingerprint does not match, possibly because non-PIC was relocated"},
105{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match, invalid segment aliasing"},
106{ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET),"fips mode already set"},
107{ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED) ,"fips selftest failed"},
108{ERR_REASON(FIPS_R_INVALID_KEY_LENGTH) ,"invalid key length"},
109{ERR_REASON(FIPS_R_KEY_TOO_SHORT) ,"key too short"},
110{ERR_REASON(FIPS_R_NON_FIPS_METHOD) ,"non fips method"},
111{ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED) ,"pairwise test failed"},
112{ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"},
113{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM) ,"unsupported platform"},
114{ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"duplicate code detected, check your linking procedure"},
115{0,NULL}
116 };
117
118#endif
119
120void ERR_load_FIPS_strings(void)
121 {
122 static int init;
123
124 if (!init)
125 {
126 init=1;
127#ifndef OPENSSL_NO_ERR
128 ERR_load_strings(0,FIPS_str_functs);
129 ERR_load_strings(0,FIPS_str_reasons);
130#endif
131
132 }
133 }
diff --git a/src/lib/libssl/src/fips-1.0/fips_err_wrapper.c b/src/lib/libssl/src/fips-1.0/fips_err_wrapper.c
new file mode 100644
index 0000000000..09f11748f6
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips_err_wrapper.c
@@ -0,0 +1,7 @@
1#include <openssl/opensslconf.h>
2
3#ifdef OPENSSL_FIPS
4# include "fips_err.h"
5#else
6static void *dummy=&dummy;
7#endif
diff --git a/src/lib/libssl/src/fips-1.0/fips_locl.h b/src/lib/libssl/src/fips-1.0/fips_locl.h
new file mode 100644
index 0000000000..bbddfaab82
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips_locl.h
@@ -0,0 +1,71 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#ifdef OPENSSL_FIPS
51
52#ifdef __cplusplus
53extern "C" {
54#endif
55
56/* These are trampolines implemented in crypto/cryptlib.c */
57void fips_w_lock(void);
58void fips_w_unlock(void);
59void fips_r_lock(void);
60void fips_r_unlock(void);
61int fips_is_started(void);
62void fips_set_started(void);
63int fips_is_owning_thread(void);
64int fips_set_owning_thread(void);
65int fips_clear_owning_thread(void);
66unsigned char *fips_signature_witness(void);
67
68#ifdef __cplusplus
69}
70#endif
71#endif
diff --git a/src/lib/libssl/src/fips-1.0/fips_premain.c b/src/lib/libssl/src/fips-1.0/fips_premain.c
new file mode 100644
index 0000000000..6a75d909eb
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips_premain.c
@@ -0,0 +1,171 @@
1/* ====================================================================
2 * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
3 * and usage in source and binary forms are granted according to the
4 * OpenSSL license.
5 */
6
7#include <stdio.h>
8#include <stdlib.h>
9#include <string.h>
10#if defined(__unix) || defined(__unix__)
11#include <unistd.h>
12#endif
13
14#ifndef FINGERPRINT_PREMAIN_DSO_LOAD
15
16#if defined(__GNUC__) && __GNUC__>=2
17 void FINGERPRINT_premain(void) __attribute__((constructor));
18 /* Most commonly this results in pointer to premain to be dropped
19 * to .ctors segment, which is traversed by GCC crtbegin.o upon
20 * program startup. Except on a.out OpenBSD where it results in
21 * _GLOBAL_$I$premain() {premain();} being auto-generated by
22 * compiler... But one way or another this is believed to cover
23 * *all* GCC targets. */
24#elif defined(_MSC_VER)
25# ifdef _WINDLL
26 __declspec(dllexport) /* this is essentially cosmetics... */
27# endif
28 void FINGERPRINT_premain(void);
29 static int premain_wrapper(void) { FINGERPRINT_premain(); return 0; }
30# pragma data_seg(".CRT$XCU")
31 static int (*p)(void) = premain_wrapper;
32 /* This results in pointer to premain to appear in .CRT segment,
33 * which is traversed by Visual C run-time initialization code.
34 * This applies to both Win32 and [all flavors of] Win64. */
35# pragma data_seg()
36#elif defined(__SUNPRO_C)
37 void FINGERPRINT_premain(void);
38# pragma init(FINGERPRINT_premain)
39 /* This results in a call to premain to appear in .init segment. */
40#elif defined(__DECC) && (defined(__VMS) || defined(VMS))
41 void FINGERPRINT_premain(void);
42# pragma __nostandard
43 globaldef { "LIB$INITIALIZ" } readonly _align (LONGWORD)
44 int spare[8] = {0};
45 globaldef { "LIB$INITIALIZE" } readonly _align (LONGWORD)
46 void (*x_FINGERPRINT_premain)(void) = FINGERPRINT_premain;
47 /* Refer to LIB$INITIALIZE to ensure it exists in the image. */
48 int lib$initialize();
49 globaldef int (*lib_init_ref)() = lib$initialize;
50# pragma __standard
51#elif 0
52 The rest has to be taken care of through command line:
53
54 -Wl,-init,FINGERPRINT_premain on OSF1 and IRIX
55 -Wl,+init,FINGERPRINT_premain on HP-UX
56 -Wl,-binitfini:FINGERPRINT_premain on AIX
57
58 On ELF platforms this results in a call to premain to appear in
59 .init segment...
60#endif
61
62#ifndef HMAC_SHA1_SIG
63#define HMAC_SHA1_SIG "?have to make sure this string is unique"
64#endif
65
66static const unsigned char FINGERPRINT_ascii_value[40] = HMAC_SHA1_SIG;
67
68#define atox(c) ((c)>='a'?((c)-'a'+10):((c)>='A'?(c)-'A'+10:(c)-'0'))
69
70extern const void *FIPS_text_start(), *FIPS_text_end();
71extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
72extern unsigned char FIPS_signature[20];
73extern unsigned int FIPS_incore_fingerprint(unsigned char *,unsigned int);
74
75/*
76 * As name suggests this code is executed prior main(). We use this
77 * opportunity to fingerprint sequestered code in virtual address
78 * space of target application.
79 */
80void FINGERPRINT_premain(void)
81{ unsigned char sig[sizeof(FIPS_signature)];
82 const unsigned char *p=FINGERPRINT_ascii_value;
83 unsigned int len=sizeof(sig),i;
84
85 /* "volatilization" is done to disengage unwanted optimization... */
86 if (*((volatile unsigned char *)p)=='?')
87 { if (FIPS_text_start()==NULL)
88 { fprintf(stderr,"FIPS_text_start() returns NULL\n");
89 _exit(1);
90 }
91#if defined(DEBUG_FINGERPRINT_PREMAIN)
92 fprintf(stderr,".text:%p+%d=%p\n",FIPS_text_start(),
93 (int)((size_t)FIPS_text_end()-(size_t)FIPS_text_start()),
94 FIPS_text_end());
95 fprintf(stderr,".rodata:%p+%d=%p\n",FIPS_rodata_start,
96 (int)((size_t)FIPS_rodata_end-(size_t)FIPS_rodata_start),
97 FIPS_rodata_end);
98#endif
99
100 len=FIPS_incore_fingerprint(sig,sizeof(sig));
101
102 if (len!=sizeof(sig))
103 { fprintf(stderr,"fingerprint length mismatch: %u\n",len);
104 _exit(1);
105 }
106
107 for (i=0;i<len;i++) printf("%02x",sig[i]);
108 printf("\n");
109 fflush(stdout);
110 _exit(0);
111 }
112 else if (FIPS_signature[0]=='\0') do
113 { for (i=0;i<sizeof(FIPS_signature);i++,p+=2)
114 FIPS_signature[i] = (atox(p[0])<<4)|atox(p[1]);
115
116#if defined(DEBUG_FINGERPRINT_PREMAIN)
117 if (getenv("OPENSSL_FIPS")==NULL) break;
118
119 len=FIPS_incore_fingerprint(sig,sizeof(sig));
120
121 if (memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
122 { fprintf(stderr,"FINGERPRINT_premain: FIPS_signature mismatch\n");
123 _exit(1);
124 }
125#endif
126 } while(0);
127}
128
129#else
130
131#include <openssl/bio.h>
132#include <openssl/dso.h>
133#include <openssl/err.h>
134
135int main(int argc,char *argv[])
136{ DSO *dso;
137 DSO_FUNC_TYPE func;
138 BIO *bio_err;
139
140 if (argc < 2)
141 { fprintf (stderr,"usage: %s libcrypto.dso\n",argv[0]);
142 return 1;
143 }
144
145 if ((bio_err=BIO_new(BIO_s_file())) == NULL)
146 { fprintf (stderr,"unable to allocate BIO\n");
147 return 1;
148 }
149 BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
150 ERR_load_crypto_strings();
151
152 dso = DSO_load(NULL,argv[1],NULL,DSO_FLAG_NO_NAME_TRANSLATION);
153 if (dso == NULL)
154 { ERR_print_errors(bio_err);
155 return 1;
156 }
157
158 /* This is not normally reached, because FINGERPRINT_premain should
159 * have executed and terminated application already upon DSO_load... */
160 func = DSO_bind_func(dso,"FINGERPRINT_premain");
161 if (func == NULL)
162 { ERR_print_errors(bio_err);
163 return 1;
164 }
165
166 (*func)();
167
168 return 0;
169}
170
171#endif
diff --git a/src/lib/libssl/src/fips-1.0/fips_test_suite.c b/src/lib/libssl/src/fips-1.0/fips_test_suite.c
new file mode 100644
index 0000000000..904ff97577
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fips_test_suite.c
@@ -0,0 +1,510 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 *
5 * This command is intended as a test driver for the FIPS-140 testing
6 * lab performing FIPS-140 validation. It demonstrates the use of the
7 * OpenSSL library ito perform a variety of common cryptographic
8 * functions. A power-up self test is demonstrated by deliberately
9 * pointing to an invalid executable hash
10 *
11 * Contributed by Steve Marquess.
12 *
13 */
14#include <stdio.h>
15#include <assert.h>
16#include <ctype.h>
17#include <string.h>
18#include <stdlib.h>
19#include <openssl/aes.h>
20#include <openssl/des.h>
21#include <openssl/rsa.h>
22#include <openssl/dsa.h>
23#include <openssl/hmac.h>
24#include <openssl/fips_sha.h>
25#include <openssl/md5.h>
26#include <openssl/err.h>
27#include <openssl/fips.h>
28#include <openssl/bn.h>
29#include <openssl/rand.h>
30#ifndef OPENSSL_FIPS
31int main(int argc, char *argv[])
32 {
33 printf("No FIPS support\n");
34 return(0);
35 }
36#else
37
38/* AES: encrypt and decrypt known plaintext, verify result matches original plaintext
39*/
40static int FIPS_aes_test()
41 {
42 unsigned char userkey[16] = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d };
43 unsigned char plaintext[16] = "etaonrishdlcu";
44 unsigned char ciphertext[16];
45 unsigned char buf[16];
46 AES_KEY key;
47 AES_KEY dkey;
48
49 ERR_clear_error();
50 if (AES_set_encrypt_key( userkey, 128, &key ))
51 return 0;
52 AES_encrypt( plaintext, ciphertext, &key);
53 if (AES_set_decrypt_key( userkey, 128, &dkey ))
54 return 0;
55 AES_decrypt( ciphertext, buf, &dkey);
56 if (memcmp(buf, plaintext, sizeof(buf)))
57 return 0;
58 return 1;
59 }
60
61/* DES: encrypt and decrypt known plaintext, verify result matches original plaintext
62*/
63static int FIPS_des_test()
64 {
65 DES_cblock userkey = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d };
66 DES_cblock plaintext = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' };
67
68 DES_key_schedule key;
69 DES_cblock ciphertext;
70 DES_cblock buf;
71
72 ERR_clear_error();
73 if (DES_set_key(&userkey, &key) < 0)
74 return 0;
75 DES_ecb_encrypt( &plaintext, &ciphertext, &key, 1);
76 DES_ecb_encrypt( &ciphertext, &buf, &key, 0);
77 if (memcmp(buf, plaintext, sizeof(buf)))
78 return 0;
79 return 1;
80 }
81
82/* DSA: generate key and sign a known digest, then verify the signature
83 * against the digest
84*/
85static int FIPS_dsa_test()
86 {
87 DSA *dsa = NULL;
88 unsigned char dgst[] = "etaonrishdlc";
89 unsigned char sig[256];
90 unsigned int siglen;
91
92 ERR_clear_error();
93 dsa = DSA_generate_parameters(512,NULL,0,NULL,NULL,NULL,NULL);
94 if (!dsa)
95 return 0;
96 if (!DSA_generate_key(dsa))
97 return 0;
98 if ( DSA_sign(0,dgst,sizeof(dgst) - 1,sig,&siglen,dsa) != 1 )
99 return 0;
100 if ( DSA_verify(0,dgst,sizeof(dgst) - 1,sig,siglen,dsa) != 1 )
101 return 0;
102 DSA_free(dsa);
103 return 1;
104 }
105
106/* RSA: generate keys and encrypt and decrypt known plaintext, verify result
107 * matches the original plaintext
108*/
109static int FIPS_rsa_test()
110 {
111 RSA *key;
112 unsigned char input_ptext[] = "etaonrishdlc";
113 unsigned char ctext[256];
114 unsigned char ptext[256];
115 int n;
116
117 ERR_clear_error();
118 key = RSA_generate_key(1024,65537,NULL,NULL);
119 if (!key)
120 return 0;
121 n = RSA_size(key);
122 n = RSA_public_encrypt(sizeof(input_ptext) - 1,input_ptext,ctext,key,RSA_PKCS1_PADDING);
123 if (n < 0)
124 return 0;
125 n = RSA_private_decrypt(n,ctext,ptext,key,RSA_PKCS1_PADDING);
126 if (n < 0)
127 return 0;
128 RSA_free(key);
129 if (memcmp(input_ptext,ptext,sizeof(input_ptext) - 1))
130 return 0;
131 return 1;
132 }
133
134/* SHA1: generate hash of known digest value and compare to known
135 precomputed correct hash
136*/
137static int FIPS_sha1_test()
138 {
139 unsigned char digest[SHA_DIGEST_LENGTH] =
140 { 0x11, 0xf1, 0x9a, 0x3a, 0xec, 0x1a, 0x1e, 0x8e, 0x65, 0xd4, 0x9a, 0x38, 0x0c, 0x8b, 0x1e, 0x2c, 0xe8, 0xb3, 0xc5, 0x18 };
141 unsigned char str[] = "etaonrishd";
142
143 unsigned char md[SHA_DIGEST_LENGTH];
144
145 ERR_clear_error();
146 if (!SHA1(str,sizeof(str) - 1,md)) return 0;
147 if (memcmp(md,digest,sizeof(md)))
148 return 0;
149 return 1;
150 }
151
152/* SHA256: generate hash of known digest value and compare to known
153 precomputed correct hash
154*/
155static int FIPS_sha256_test()
156 {
157 unsigned char digest[SHA256_DIGEST_LENGTH] =
158 {0xf5, 0x53, 0xcd, 0xb8, 0xcf, 0x1, 0xee, 0x17, 0x9b, 0x93, 0xc9, 0x68, 0xc0, 0xea, 0x40, 0x91,
159 0x6, 0xec, 0x8e, 0x11, 0x96, 0xc8, 0x5d, 0x1c, 0xaf, 0x64, 0x22, 0xe6, 0x50, 0x4f, 0x47, 0x57};
160 unsigned char str[] = "etaonrishd";
161
162 unsigned char md[SHA256_DIGEST_LENGTH];
163
164 ERR_clear_error();
165 if (!SHA256(str,sizeof(str) - 1,md)) return 0;
166 if (memcmp(md,digest,sizeof(md)))
167 return 0;
168 return 1;
169 }
170
171/* SHA512: generate hash of known digest value and compare to known
172 precomputed correct hash
173*/
174static int FIPS_sha512_test()
175 {
176 unsigned char digest[SHA512_DIGEST_LENGTH] =
177 {0x99, 0xc9, 0xe9, 0x5b, 0x88, 0xd4, 0x78, 0x88, 0xdf, 0x88, 0x5f, 0x94, 0x71, 0x64, 0x28, 0xca,
178 0x16, 0x1f, 0x3d, 0xf4, 0x1f, 0xf3, 0x0f, 0xc5, 0x03, 0x99, 0xb2, 0xd0, 0xe7, 0x0b, 0x94, 0x4a,
179 0x45, 0xd2, 0x6c, 0x4f, 0x20, 0x06, 0xef, 0x71, 0xa9, 0x25, 0x7f, 0x24, 0xb1, 0xd9, 0x40, 0x22,
180 0x49, 0x54, 0x10, 0xc2, 0x22, 0x9d, 0x27, 0xfe, 0xbd, 0xd6, 0xd6, 0xeb, 0x2d, 0x42, 0x1d, 0xa3};
181 unsigned char str[] = "etaonrishd";
182
183 unsigned char md[SHA512_DIGEST_LENGTH];
184
185 ERR_clear_error();
186 if (!SHA512(str,sizeof(str) - 1,md)) return 0;
187 if (memcmp(md,digest,sizeof(md)))
188 return 0;
189 return 1;
190 }
191
192/* HMAC-SHA1: generate hash of known digest value and compare to known
193 precomputed correct hash
194*/
195static int FIPS_hmac_sha1_test()
196 {
197 unsigned char key[] = "etaonrishd";
198 unsigned char iv[] = "Sample text";
199 unsigned char kaval[EVP_MAX_MD_SIZE] =
200 {0x73, 0xf7, 0xa0, 0x48, 0xf8, 0x94, 0xed, 0xdd, 0x0a, 0xea, 0xea, 0x56, 0x1b, 0x61, 0x2e, 0x70,
201 0xb2, 0xfb, 0xec, 0xc6};
202
203 unsigned char out[EVP_MAX_MD_SIZE];
204 unsigned int outlen;
205
206 ERR_clear_error();
207 if (!HMAC(EVP_sha1(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
208 if (memcmp(out,kaval,outlen))
209 return 0;
210 return 1;
211 }
212
213/* HMAC-SHA224: generate hash of known digest value and compare to known
214 precomputed correct hash
215*/
216static int FIPS_hmac_sha224_test()
217 {
218 unsigned char key[] = "etaonrishd";
219 unsigned char iv[] = "Sample text";
220 unsigned char kaval[EVP_MAX_MD_SIZE] =
221 {0x75, 0x58, 0xd5, 0xbd, 0x55, 0x6d, 0x87, 0x0f, 0x75, 0xff, 0xbe, 0x1c, 0xb2, 0xf0, 0x20, 0x35,
222 0xe5, 0x62, 0x49, 0xb6, 0x94, 0xb9, 0xfc, 0x65, 0x34, 0x33, 0x3a, 0x19};
223
224 unsigned char out[EVP_MAX_MD_SIZE];
225 unsigned int outlen;
226
227 ERR_clear_error();
228 if (!HMAC(EVP_sha224(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
229 if (memcmp(out,kaval,outlen))
230 return 0;
231 return 1;
232 }
233
234/* HMAC-SHA256: generate hash of known digest value and compare to known
235 precomputed correct hash
236*/
237static int FIPS_hmac_sha256_test()
238 {
239 unsigned char key[] = "etaonrishd";
240 unsigned char iv[] = "Sample text";
241 unsigned char kaval[EVP_MAX_MD_SIZE] =
242 {0xe9, 0x17, 0xc1, 0x7b, 0x4c, 0x6b, 0x77, 0xda, 0xd2, 0x30, 0x36, 0x02, 0xf5, 0x72, 0x33, 0x87,
243 0x9f, 0xc6, 0x6e, 0x7b, 0x7e, 0xa8, 0xea, 0xaa, 0x9f, 0xba, 0xee, 0x51, 0xff, 0xda, 0x24, 0xf4};
244
245 unsigned char out[EVP_MAX_MD_SIZE];
246 unsigned int outlen;
247
248 ERR_clear_error();
249 if (!HMAC(EVP_sha256(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
250 if (memcmp(out,kaval,outlen))
251 return 0;
252 return 1;
253 }
254
255/* HMAC-SHA384: generate hash of known digest value and compare to known
256 precomputed correct hash
257*/
258static int FIPS_hmac_sha384_test()
259 {
260 unsigned char key[] = "etaonrishd";
261 unsigned char iv[] = "Sample text";
262 unsigned char kaval[EVP_MAX_MD_SIZE] =
263 {0xb2, 0x9d, 0x40, 0x58, 0x32, 0xc4, 0xe3, 0x31, 0xb6, 0x63, 0x08, 0x26, 0x99, 0xef, 0x3b, 0x10,
264 0xe2, 0xdf, 0xf8, 0xff, 0xc6, 0xe1, 0x03, 0x29, 0x81, 0x2a, 0x1b, 0xac, 0xb0, 0x07, 0x39, 0x08,
265 0xf3, 0x91, 0x35, 0x11, 0x76, 0xd6, 0x4c, 0x20, 0xfb, 0x4d, 0xc3, 0xf3, 0xb8, 0x9b, 0x88, 0x1c};
266
267 unsigned char out[EVP_MAX_MD_SIZE];
268 unsigned int outlen;
269
270 ERR_clear_error();
271 if (!HMAC(EVP_sha384(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
272 if (memcmp(out,kaval,outlen))
273 return 0;
274 return 1;
275 }
276
277/* HMAC-SHA512: generate hash of known digest value and compare to known
278 precomputed correct hash
279*/
280static int FIPS_hmac_sha512_test()
281 {
282 unsigned char key[] = "etaonrishd";
283 unsigned char iv[] = "Sample text";
284 unsigned char kaval[EVP_MAX_MD_SIZE] =
285 {0xcd, 0x3e, 0xb9, 0x51, 0xb8, 0xbc, 0x7f, 0x9a, 0x23, 0xaf, 0xf3, 0x77, 0x59, 0x85, 0xa9, 0xe6,
286 0xf7, 0xd1, 0x51, 0x96, 0x17, 0xe0, 0x92, 0xd8, 0xa6, 0x3b, 0xc1, 0xad, 0x7e, 0x24, 0xca, 0xb1,
287 0xd7, 0x79, 0x0a, 0xa5, 0xea, 0x2c, 0x02, 0x58, 0x0b, 0xa6, 0x52, 0x6b, 0x61, 0x7f, 0xeb, 0x9c,
288 0x47, 0x86, 0x5d, 0x74, 0x2b, 0x88, 0xdf, 0xee, 0x46, 0x69, 0x96, 0x3d, 0xa6, 0xd9, 0x2a, 0x53};
289
290 unsigned char out[EVP_MAX_MD_SIZE];
291 unsigned int outlen;
292
293 ERR_clear_error();
294 if (!HMAC(EVP_sha512(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
295 if (memcmp(out,kaval,outlen))
296 return 0;
297 return 1;
298 }
299
300/* MD5: generate hash of known digest value and compare to known
301 precomputed correct hash
302*/
303static int md5_test()
304 {
305 unsigned char digest[MD5_DIGEST_LENGTH] =
306 { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 };
307 unsigned char str[] = "etaonrishd";
308
309 unsigned char md[MD5_DIGEST_LENGTH];
310
311 ERR_clear_error();
312 if (!MD5(str,sizeof(str) - 1,md))
313 return 0;
314 if (memcmp(md,digest,sizeof(md)))
315 return 0;
316 return 1;
317 }
318
319/* DH: generate shared parameters
320*/
321static int dh_test()
322 {
323 DH *dh;
324
325 ERR_clear_error();
326 dh = DH_generate_parameters(256, 2, NULL, NULL);
327 if (dh)
328 return 1;
329 return 0;
330 }
331
332/* Zeroize
333*/
334static int Zeroize()
335 {
336 RSA *key;
337 unsigned char userkey[16] =
338 { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 };
339 int i, n;
340
341 key = RSA_generate_key(1024,65537,NULL,NULL);
342 if (!key)
343 return 0;
344 n = BN_num_bytes(key->d);
345 printf(" Generated %d byte RSA private key\n", n);
346 printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d));
347 BN_rand(key->d,n*8,-1,0);
348 printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d));
349
350 printf("\tchar buffer key before overwriting: \n\t\t");
351 for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
352 printf("\n");
353 RAND_bytes(userkey, sizeof userkey);
354 printf("\tchar buffer key after overwriting: \n\t\t");
355 for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
356 printf("\n");
357
358 return 1;
359 }
360
361static int Error;
362const char * Fail(const char *msg)
363 {
364 Error++;
365 return msg;
366 }
367
368int main(int argc,char **argv)
369 {
370
371 printf("\tFIPS-mode test application\n\n");
372
373 /* Load entropy from external file, if any */
374 RAND_load_file(".rnd", 1024);
375
376 if (argv[1]) {
377 /* Corrupted KAT tests */
378 if (!strcmp(argv[1], "aes")) {
379 FIPS_corrupt_aes();
380 printf("AES encryption/decryption with corrupted KAT...\n");
381 } else if (!strcmp(argv[1], "des")) {
382 FIPS_corrupt_des();
383 printf("DES-ECB encryption/decryption with corrupted KAT...\n");
384 } else if (!strcmp(argv[1], "dsa")) {
385 FIPS_corrupt_dsa();
386 printf("DSA key generation and signature validation with corrupted KAT...\n");
387 } else if (!strcmp(argv[1], "rsa")) {
388 FIPS_corrupt_rsa();
389 printf("RSA key generation and encryption/decryption with corrupted KAT...\n");
390 } else if (!strcmp(argv[1], "sha1")) {
391 FIPS_corrupt_sha1();
392 printf("SHA-1 hash with corrupted KAT...\n");
393 } else if (!strcmp(argv[1], "rng")) {
394 FIPS_corrupt_rng();
395 printf("RNG test with corrupted KAT...\n");
396 } else {
397 printf("Bad argument \"%s\"\n", argv[1]);
398 exit(1);
399 }
400 if (!FIPS_mode_set(1))
401 {
402 ERR_load_crypto_strings();
403 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
404 printf("Power-up self test failed\n");
405 exit(1);
406 }
407 printf("Power-up self test successful\n");
408 exit(0);
409 }
410
411 /* Non-Approved cryptographic operation
412 */
413 printf("1. Non-Approved cryptographic operation test...\n");
414 printf("\ta. Excluded algorithm (MD5)...");
415 printf( md5_test() ? "successful\n" : Fail("FAILED!\n") );
416 printf("\tb. Included algorithm (D-H)...");
417 printf( dh_test() ? "successful\n" : Fail("FAILED!\n") );
418
419 /* Power-up self test
420 */
421 ERR_clear_error();
422 printf("2. Automatic power-up self test...");
423 if (!FIPS_mode_set(1))
424 {
425 ERR_load_crypto_strings();
426 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
427 printf(Fail("FAILED!\n"));
428 exit(1);
429 }
430 printf("successful\n");
431
432 /* AES encryption/decryption
433 */
434 printf("3. AES encryption/decryption...");
435 printf( FIPS_aes_test() ? "successful\n" : Fail("FAILED!\n") );
436
437 /* RSA key generation and encryption/decryption
438 */
439 printf("4. RSA key generation and encryption/decryption...");
440 printf( FIPS_rsa_test() ? "successful\n" : Fail("FAILED!\n") );
441
442 /* DES-CBC encryption/decryption
443 */
444 printf("5. DES-ECB encryption/decryption...");
445 printf( FIPS_des_test() ? "successful\n" : Fail("FAILED!\n") );
446
447 /* DSA key generation and signature validation
448 */
449 printf("6. DSA key generation and signature validation...");
450 printf( FIPS_dsa_test() ? "successful\n" : Fail("FAILED!\n") );
451
452 /* SHA-1 hash
453 */
454 printf("7a. SHA-1 hash...");
455 printf( FIPS_sha1_test() ? "successful\n" : Fail("FAILED!\n") );
456
457 /* SHA-256 hash
458 */
459 printf("7b. SHA-256 hash...");
460 printf( FIPS_sha256_test() ? "successful\n" : Fail("FAILED!\n") );
461
462 /* SHA-512 hash
463 */
464 printf("7c. SHA-512 hash...");
465 printf( FIPS_sha512_test() ? "successful\n" : Fail("FAILED!\n") );
466
467 /* HMAC-SHA-1 hash
468 */
469 printf("7d. SHA-1 hash...");
470 printf( FIPS_hmac_sha1_test() ? "successful\n" : Fail("FAILED!\n") );
471
472 /* HMAC-SHA-224 hash
473 */
474 printf("7e. SHA-224 hash...");
475 printf( FIPS_hmac_sha224_test() ? "successful\n" : Fail("FAILED!\n") );
476
477 /* HMAC-SHA-256 hash
478 */
479 printf("7f. SHA-256 hash...");
480 printf( FIPS_hmac_sha256_test() ? "successful\n" : Fail("FAILED!\n") );
481
482 /* HMAC-SHA-384 hash
483 */
484 printf("7g. SHA-384 hash...");
485 printf( FIPS_hmac_sha384_test() ? "successful\n" : Fail("FAILED!\n") );
486
487 /* HMAC-SHA-512 hash
488 */
489 printf("7h. SHA-512 hash...");
490 printf( FIPS_hmac_sha512_test() ? "successful\n" : Fail("FAILED!\n") );
491
492 /* Non-Approved cryptographic operation
493 */
494 printf("8. Non-Approved cryptographic operation test...\n");
495 printf("\ta. Excluded algorithm (MD5)...");
496 printf( md5_test() ? Fail("passed INCORRECTLY!\n")
497 : "failed as expected\n" );
498 printf("\tb. Included algorithm (D-H)...");
499 printf( dh_test() ? "successful as expected\n"
500 : Fail("failed INCORRECTLY!\n") );
501
502 /* Zeroization
503 */
504 printf("9. Zero-ization...\n");
505 Zeroize();
506
507 printf("\nAll tests completed with %d errors\n", Error);
508 return 0;
509 }
510#endif
diff --git a/src/lib/libssl/src/fips-1.0/fipshashes.c b/src/lib/libssl/src/fips-1.0/fipshashes.c
new file mode 100644
index 0000000000..b96fe2c51c
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fipshashes.c
@@ -0,0 +1,43 @@
1const char * const FIPS_source_hashes[] = {
2"HMAC-SHA1(Makefile)= 369e2e023b73789e6af4b8fa2503a7b909c4c3f0",
3"HMAC-SHA1(fips.c)= 3a2deb3c319512952bf5547ed92116a7e0db472b",
4"HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898",
5"HMAC-SHA1(fips.h)= 57d602d18efe0594f806fbcc64269e9440638ef4",
6"HMAC-SHA1(fips_err.h)= e0649ee1d60c8162f7eeb293f89f3b63ac85202a",
7"HMAC-SHA1(fips_locl.h)= f90a23c7f68642727012bbfd48ed58706383ad71",
8"HMAC-SHA1(fips_canister.c)= da6d0f5daf9594881fd060773a5f3e057ba302ff",
9"HMAC-SHA1(fips_premain.c)= 6a08d15c578f1258246181bf52134ae974aa5a80",
10"HMAC-SHA1(aes/fips_aes_core.c)= b70bbbd675efe0613da0d57055310926a0104d55",
11"HMAC-SHA1(aes/asm/fips-ax86-elf.s)= f797b524a79196e7f59458a5b223432fcfd4a868",
12"HMAC-SHA1(aes/fips_aes_selftest.c)= 98b01502221e7fe529fd981222f2cbb52eb4cbe0",
13"HMAC-SHA1(aes/fips_aes_locl.h)= a98eb0aa449f1d95b8064e261b2ac2b1f328685e",
14"HMAC-SHA1(des/fips_des_enc.c)= 9527f8ea81602358f1aa11348237fdb1e9eeff32",
15"HMAC-SHA1(des/asm/fips-dx86-elf.s)= 9570b03422ffbe5d3d090f91758ebfd46acd5d57",
16"HMAC-SHA1(des/fips_des_selftest.c)= 3bc574e51647c5f5ab45d1007b2cf461d67764a9",
17"HMAC-SHA1(des/fips_set_key.c)= cd1ba25d29376849523a9ddc194c3156a8a7a913",
18"HMAC-SHA1(des/fips_des_locl.h)= e008da40dc6913e374edd66a20d44e1752f00583",
19"HMAC-SHA1(dh/fips_dh_check.c)= 63347e2007e224381d4a7b6d871633889de72cf3",
20"HMAC-SHA1(dh/fips_dh_gen.c)= 93fe69b758ca9d70d70cda1c57fff4eb5c668e85",
21"HMAC-SHA1(dh/fips_dh_key.c)= 2d79eb8d59929ec129d34f53b5aded4a290a28ca",
22"HMAC-SHA1(dsa/fips_dsa_ossl.c)= 2fadb271897a775f023393aa22ddede8a76eec0d",
23"HMAC-SHA1(dsa/fips_dsa_gen.c)= 78c879484fd849312ca4828b957df3842b70efc0",
24"HMAC-SHA1(dsa/fips_dsa_selftest.c)= 7c2ba8d82feda2aadc8b769a3b6c4c25a6356e01",
25"HMAC-SHA1(rand/fips_rand.c)= 7e3964447a81cfe4e75df981827d14a5fe0c2923",
26"HMAC-SHA1(rand/fips_rand.h)= bf009ea8963e79b1e414442ede9ae7010a03160b",
27"HMAC-SHA1(rand/fips_rand_selftest.c)= 5661f383decf0708d0230409fe1564223e834a3b",
28"HMAC-SHA1(rsa/fips_rsa_eay.c)= 2512f849a220daa083f346b10effdb2ee96d4395",
29"HMAC-SHA1(rsa/fips_rsa_gen.c)= 577466931c054d99caf4ac2aefff0e35efd94024",
30"HMAC-SHA1(rsa/fips_rsa_selftest.c)= a9dc47bd1001f795d1565111d26433c300101e06",
31"HMAC-SHA1(rsa/fips_rsa_x931g.c)= 1827d381bb21c53a38a7194cb1c428a2b5f1e3ab",
32"HMAC-SHA1(sha/fips_sha1dgst.c)= 26e529d630b5e754b4a29bd1bb697e991e7fdc04",
33"HMAC-SHA1(sha/fips_standalone_sha1.c)= 46a66875e68398eabca2e933958a2d865149ca1b",
34"HMAC-SHA1(sha/fips_sha1_selftest.c)= a08f9c1e2c0f63b9aa96b927c0333a03b020749f",
35"HMAC-SHA1(sha/asm/fips-sx86-elf.s)= ae66fb23ab8e1a2287e87a0a2dd30a4b9039fe63",
36"HMAC-SHA1(sha/fips_sha_locl.h)= 30b6d6bdbdc9db0d66dc89010c1f4fe1c7b60574",
37"HMAC-SHA1(sha/fips_md32_common.h)= c34d8b7785d3194ff968cf6d3efdd2bfcaec1fad",
38"HMAC-SHA1(sha/fips_sha.h)= cbe98c211cff1684adfa3fe6e6225e92a0a25f6c",
39"HMAC-SHA1(sha/fips_sha256.c)= 97e6dee22a1fe993cc48aa8ff37af10701d7f599",
40"HMAC-SHA1(sha/fips_sha512.c)= 74e6ef26de96f774d233888b831289e69834dd79",
41"HMAC-SHA1(hmac/fips_hmac.c)= a477cec1da76c0092979c4a875b6469339bff7ef",
42"HMAC-SHA1(hmac/fips_hmac_selftest.c)= ebb32b205babf4300017de767fd6e3f1879765c9",
43};
diff --git a/src/lib/libssl/src/fips-1.0/fipsld b/src/lib/libssl/src/fips-1.0/fipsld
new file mode 100755
index 0000000000..819f68731f
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/fipsld
@@ -0,0 +1,147 @@
1#!/bin/sh -e
2#
3# Copyright (c) 2005 The OpenSSL Project.
4#
5# Depending on output file name, the script either embeds fingerprint
6# into libcrypto.so or static application. "Static" refers to static
7# libcrypto.a, not [necessarily] application per se.
8#
9# Even though this script is called fipsld, it expects C compiler
10# command line syntax and $FIPSLD_CC or $CC environment variable set
11# and can even be used to compile source files.
12
13#set -x
14
15CC=${FIPSLD_CC:-${CC}}
16[ -n "${CC}" ] || { echo '$CC is not defined'; exit 1; }
17
18# Initially -c wasn't intended to be interpreted here, but it might
19# make life easier for those who want to build FIPS-ified applications
20# with minimal [if any] modifications to their Makefiles...
21( while [ "x$1" != "x" -a "x$1" != "x-c" ]; do shift; done;
22 [ $# -ge 1 ]
23) && exec ${CC} "$@"
24
25# Turn on debugging output?
26( while [ "x$1" != "x" -a "x$1" != "x-DDEBUG_FINGERPRINT_PREMAIN" ]; do shift; done;
27 [ $# -ge 1 ]
28) && set -x
29
30TARGET=`(while [ "x$1" != "x" -a "x$1" != "x-o" ]; do shift; done; echo $2)`
31[ -n "${TARGET}" ] || { echo 'no -o specified'; exit 1; }
32
33THERE="`echo $0 | sed -e 's|[^/]*$||'`"..
34
35# Location of installed validated FIPS module
36FIPSLIBDIR=${FIPSLIBDIR:-/usr/local/ssl/lib}
37# If this is a build from a validated tarball use this instead
38# FIPSLIBDIR=${THERE}/fips-1.0
39
40[ -f "${FIPSLIBDIR}/fipscanister.o" ] ||
41 { echo "fipscanister.o not found"; exit 1; }
42
43HMAC_KEY="etaonrishdlcupfm"
44
45case "`(uname -s) 2>/dev/null`" in
46OSF1|IRIX*) _WL_PREMAIN="-Wl,-init,FINGERPRINT_premain" ;;
47HP-UX) _WL_PREMAIN="-Wl,+init,FINGERPRINT_premain" ;;
48AIX) _WL_PREMAIN="-Wl,-binitfini:FINGERPRINT_premain";;
49Darwin) ( while [ "x$1" != "x" -a "x$1" != "x-dynamiclib" ]; do shift; done;
50 [ $# -ge 1 ]
51 ) && _WL_PREMAIN="-Wl,-init,_FINGERPRINT_premain" ;;
52esac
53
54case "${TARGET}" in
55[!/]*) TARGET=./${TARGET} ;;
56esac
57
58case "${TARGET}" in
59*libcrypto*|*.dll) # must be linking a shared lib...
60 # Shared lib creation can be taking place in the source
61 # directory only!!!
62 FINGERTYPE="${THERE}/fips-1.0/sha/fips_standalone_sha1"
63 CANISTER_O="${FIPSLIBDIR}/fipscanister.o"
64 PREMAIN_C="${FIPSLIBDIR}/fips_premain.c"
65
66echo Canister: $CANISTER_O
67
68 # verify fipscanister.o against its detached signature...
69 ${FINGERTYPE} "${CANISTER_O}" | sed "s/(.*\//(/" | \
70 diff -w "${CANISTER_O}.sha1" - || \
71 { echo "${CANISTER_O} fingerprint mismatch"; exit 1; }
72
73 # verify fips_premain.c against its signature embedded into
74 # fipscanister.o...
75 SIG=`${FINGERTYPE} "${PREMAIN_C}" | sed -n "s/(.*\//(/;/^./p"`
76 REF=`strings "${CANISTER_O}" | grep "HMAC-SHA1(fips_premain\\.c)"`
77 [ "${SIG}" = "${REF}" ] || \
78 { echo "${PREMAIN_C} fingerprint mismatch"; exit 1; }
79
80 # Temporarily remove fipscanister.o from libcrypto.a!
81 # We are required to use the standalone copy...
82 trap 'ar r "${THERE}/libcrypto.a" "${CANISTER_O}";
83 (ranlib "${THERE}/libcrypto.a") 2>/dev/null;
84 sleep 1;
85 touch -c "${TARGET}"' 0
86
87 ar d "${THERE}/libcrypto.a" fipscanister.o 2>&1 > /dev/null || :
88 (ranlib "${THERE}/libcrypto.a") 2>/dev/null || :
89
90 ${CC} "${CANISTER_O}" \
91 "${PREMAIN_C}" \
92 ${_WL_PREMAIN} "$@"
93
94 # generate signature...
95 SIG=`("${THERE}/fips-1.0/fips_premain_dso" "${TARGET}" || rm "${TARGET}")`
96 if [ -z "${SIG}" ]; then
97 echo "unable to collect signature"; exit 1
98 fi
99
100 # recompile with signature...
101 ${CC} "${CANISTER_O}" \
102 -DHMAC_SHA1_SIG=\"${SIG}\" "${PREMAIN_C}" \
103 ${_WL_PREMAIN} "$@"
104 ;;
105
106*) # must be linking statically...
107 # Static linking can be taking place either in the source
108 # directory or off the installed binary target destination.
109 if [ -x "${THERE}/fips-1.0/sha/fips_standalone_sha1" ]; then
110 FINGERTYPE="${THERE}/fips-1.0/sha/fips_standalone_sha1"
111 else # Installed tree is expected to contain
112 # lib/fipscanister.o, lib/fipscanister.o.sha1 and
113 # lib/fips_premain.c [not to mention bin/openssl].
114 FINGERTYPE="${THERE}/bin/openssl sha1 -hmac ${HMAC_KEY}"
115 fi
116
117 CANISTER_O="${FIPSLIBDIR}/fipscanister.o"
118 PREMAIN_C="${FIPSLIBDIR}/fips_premain.c"
119
120 # verify fipscanister.o against its detached signature...
121 ${FINGERTYPE} "${CANISTER_O}" | sed "s/(.*\//(/" | \
122 diff -w "${CANISTER_O}.sha1" - || \
123 { echo "${CANISTER_O} fingerprint mismatch"; exit 1; }
124
125 # verify fips_premain.c against its signature embedded into
126 # fipscanister.o...
127 SIG=`${FINGERTYPE} "${PREMAIN_C}" | sed -n "s/(.*\//(/;/^./p"`
128 REF=`strings "${CANISTER_O}" | grep "HMAC-SHA1(fips_premain\\.c)"`
129 [ "${SIG}" = "${REF}" ] || \
130 { echo "${PREMAIN_C} fingerprint mismatch"; exit 1; }
131
132 ${CC} "${CANISTER_O}" \
133 "${PREMAIN_C}" \
134 ${_WL_PREMAIN} "$@"
135
136 # generate signature...
137 SIG=`("${TARGET}" || /bin/rm "${TARGET}")`
138 if [ -z "${SIG}" ]; then
139 echo "unable to collect signature"; exit 1
140 fi
141
142 # recompile with signature...
143 ${CC} "${CANISTER_O}" \
144 -DHMAC_SHA1_SIG=\"${SIG}\" "${PREMAIN_C}" \
145 ${_WL_PREMAIN} "$@"
146 ;;
147esac
diff --git a/src/lib/libssl/src/fips-1.0/hmac/Makefile b/src/lib/libssl/src/fips-1.0/hmac/Makefile
new file mode 100644
index 0000000000..a5e777f71a
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/hmac/Makefile
@@ -0,0 +1,155 @@
1#
2# OpenSSL/fips-1.0/hmac/Makefile
3#
4
5DIR= hmac
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST=fips_hmactest.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=fips_hmac.c fips_hmac_selftest.c
26LIBOBJ=fips_hmac.o fips_hmac_selftest.o
27
28SRC= $(LIBSRC)
29
30EXHEADER=
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 @echo $(LIBOBJ) > lib
42
43files:
44 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
45
46links:
47 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
48 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
49 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
50
51install:
52 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63Q=../testvectors/hmac/req
64A=../testvectors/hmac/rsp
65
66fips_test:
67 -rm -rf $(A)
68 mkdir $(A)
69 if [ -f $(Q)/HMAC.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_hmactest < $(Q)/HMAC.req > $(A)/HMAC.rsp; fi
70
71lint:
72 lint -DLINT $(INCLUDES) $(SRC)>fluff
73
74depend:
75 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
76
77dclean:
78 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
79 mv -f Makefile.new $(MAKEFILE)
80
81clean:
82 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85fips_hmac.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
86fips_hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
87fips_hmac.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
88fips_hmac.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
89fips_hmac.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
90fips_hmac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
91fips_hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
92fips_hmac.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
93fips_hmac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
94fips_hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
95fips_hmac.o: ../../include/openssl/objects.h
96fips_hmac.o: ../../include/openssl/opensslconf.h
97fips_hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
98fips_hmac.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
99fips_hmac.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
100fips_hmac.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
101fips_hmac.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
102fips_hmac.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
103fips_hmac.o: ../../include/openssl/ui_compat.h fips_hmac.c
104fips_hmac_selftest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
105fips_hmac_selftest.o: ../../include/openssl/bio.h
106fips_hmac_selftest.o: ../../include/openssl/blowfish.h
107fips_hmac_selftest.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
108fips_hmac_selftest.o: ../../include/openssl/crypto.h
109fips_hmac_selftest.o: ../../include/openssl/des.h
110fips_hmac_selftest.o: ../../include/openssl/des_old.h
111fips_hmac_selftest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
112fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
113fips_hmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
114fips_hmac_selftest.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
115fips_hmac_selftest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
116fips_hmac_selftest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
117fips_hmac_selftest.o: ../../include/openssl/mdc2.h
118fips_hmac_selftest.o: ../../include/openssl/obj_mac.h
119fips_hmac_selftest.o: ../../include/openssl/objects.h
120fips_hmac_selftest.o: ../../include/openssl/opensslconf.h
121fips_hmac_selftest.o: ../../include/openssl/opensslv.h
122fips_hmac_selftest.o: ../../include/openssl/ossl_typ.h
123fips_hmac_selftest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
124fips_hmac_selftest.o: ../../include/openssl/rc5.h
125fips_hmac_selftest.o: ../../include/openssl/ripemd.h
126fips_hmac_selftest.o: ../../include/openssl/rsa.h
127fips_hmac_selftest.o: ../../include/openssl/safestack.h
128fips_hmac_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
129fips_hmac_selftest.o: ../../include/openssl/symhacks.h
130fips_hmac_selftest.o: ../../include/openssl/ui.h
131fips_hmac_selftest.o: ../../include/openssl/ui_compat.h fips_hmac_selftest.c
132fips_hmactest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
133fips_hmactest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
134fips_hmactest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
135fips_hmactest.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
136fips_hmactest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
137fips_hmactest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
138fips_hmactest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
139fips_hmactest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
140fips_hmactest.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
141fips_hmactest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
142fips_hmactest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
143fips_hmactest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
144fips_hmactest.o: ../../include/openssl/objects.h
145fips_hmactest.o: ../../include/openssl/opensslconf.h
146fips_hmactest.o: ../../include/openssl/opensslv.h
147fips_hmactest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
148fips_hmactest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
149fips_hmactest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
150fips_hmactest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
151fips_hmactest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
152fips_hmactest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
153fips_hmactest.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
154fips_hmactest.o: ../../include/openssl/x509_vfy.h
155fips_hmactest.o: ../../include/openssl/x509v3.h fips_hmactest.c
diff --git a/src/lib/libssl/src/fips-1.0/hmac/fips_hmac.c b/src/lib/libssl/src/fips-1.0/hmac/fips_hmac.c
new file mode 100644
index 0000000000..b36f163748
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/hmac/fips_hmac.c
@@ -0,0 +1,190 @@
1/* crypto/hmac/hmac.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#include <stdio.h>
59#include <stdlib.h>
60#include <string.h>
61#include <openssl/hmac.h>
62
63#ifdef OPENSSL_FIPS
64
65void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
66 const EVP_MD *md, ENGINE *impl)
67 {
68 int i,j,reset=0;
69 unsigned char pad[HMAC_MAX_MD_CBLOCK];
70
71 if (md != NULL)
72 {
73 reset=1;
74 ctx->md=md;
75 }
76 else
77 md=ctx->md;
78
79 if (key != NULL)
80 {
81 if (FIPS_mode() && !(md->flags & EVP_MD_FLAG_FIPS)
82 && (!(ctx->md_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
83 || !(ctx->i_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
84 || !(ctx->o_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)))
85 OpenSSLDie(__FILE__,__LINE__,
86 "HMAC: digest not allowed in FIPS mode");
87
88 reset=1;
89 j=EVP_MD_block_size(md);
90 OPENSSL_assert(j <= sizeof ctx->key);
91 if (j < len)
92 {
93 EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
94 EVP_DigestUpdate(&ctx->md_ctx,key,len);
95 EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
96 &ctx->key_length);
97 }
98 else
99 {
100 OPENSSL_assert(len <= sizeof ctx->key);
101 memcpy(ctx->key,key,len);
102 ctx->key_length=len;
103 }
104 if(ctx->key_length != HMAC_MAX_MD_CBLOCK)
105 memset(&ctx->key[ctx->key_length], 0,
106 HMAC_MAX_MD_CBLOCK - ctx->key_length);
107 }
108
109 if (reset)
110 {
111 for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
112 pad[i]=0x36^ctx->key[i];
113 EVP_DigestInit_ex(&ctx->i_ctx,md, impl);
114 EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
115
116 for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
117 pad[i]=0x5c^ctx->key[i];
118 EVP_DigestInit_ex(&ctx->o_ctx,md, impl);
119 EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
120 }
121 EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx);
122 }
123
124void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
125 const EVP_MD *md)
126 {
127 if(key && md)
128 HMAC_CTX_init(ctx);
129 HMAC_Init_ex(ctx,key,len,md, NULL);
130 }
131
132void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len)
133 {
134 EVP_DigestUpdate(&ctx->md_ctx,data,len);
135 }
136
137void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
138 {
139 int j;
140 unsigned int i;
141 unsigned char buf[EVP_MAX_MD_SIZE];
142
143 j=EVP_MD_block_size(ctx->md);
144
145 EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i);
146 EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx);
147 EVP_DigestUpdate(&ctx->md_ctx,buf,i);
148 EVP_DigestFinal_ex(&ctx->md_ctx,md,len);
149 }
150
151void HMAC_CTX_init(HMAC_CTX *ctx)
152 {
153 EVP_MD_CTX_init(&ctx->i_ctx);
154 EVP_MD_CTX_init(&ctx->o_ctx);
155 EVP_MD_CTX_init(&ctx->md_ctx);
156 }
157
158void HMAC_CTX_cleanup(HMAC_CTX *ctx)
159 {
160 EVP_MD_CTX_cleanup(&ctx->i_ctx);
161 EVP_MD_CTX_cleanup(&ctx->o_ctx);
162 EVP_MD_CTX_cleanup(&ctx->md_ctx);
163 memset(ctx,0,sizeof *ctx);
164 }
165
166unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
167 const unsigned char *d, int n, unsigned char *md,
168 unsigned int *md_len)
169 {
170 HMAC_CTX c;
171 static unsigned char m[EVP_MAX_MD_SIZE];
172
173 if (md == NULL) md=m;
174 HMAC_CTX_init(&c);
175 HMAC_Init(&c,key,key_len,evp_md);
176 HMAC_Update(&c,d,n);
177 HMAC_Final(&c,md,md_len);
178 HMAC_CTX_cleanup(&c);
179 return(md);
180 }
181
182void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
183 {
184 EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
185 EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
186 EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
187 }
188
189#endif
190
diff --git a/src/lib/libssl/src/fips-1.0/hmac/fips_hmac_selftest.c b/src/lib/libssl/src/fips-1.0/hmac/fips_hmac_selftest.c
new file mode 100644
index 0000000000..fc599b75ef
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/hmac/fips_hmac_selftest.c
@@ -0,0 +1,135 @@
1/* ====================================================================
2 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <string.h>
51#include <openssl/err.h>
52#include <openssl/fips.h>
53#include <openssl/hmac.h>
54
55#ifdef OPENSSL_FIPS
56typedef struct {
57 const EVP_MD *(*alg)(void);
58 const char *key, *iv;
59 unsigned char kaval[EVP_MAX_MD_SIZE];
60} HMAC_KAT;
61
62static const HMAC_KAT vector[] = {
63 { EVP_sha1,
64 /* from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf */
65 "0123456789:;<=>?@ABC",
66 "Sample #2",
67 { 0x09,0x22,0xd3,0x40,0x5f,0xaa,0x3d,0x19,
68 0x4f,0x82,0xa4,0x58,0x30,0x73,0x7d,0x5c,
69 0xc6,0xc7,0x5d,0x24 }
70 },
71 { EVP_sha224,
72 /* just keep extending the above... */
73 "0123456789:;<=>?@ABC",
74 "Sample #2",
75 { 0xdd,0xef,0x0a,0x40,0xcb,0x7d,0x50,0xfb,
76 0x6e,0xe6,0xce,0xa1,0x20,0xba,0x26,0xaa,
77 0x08,0xf3,0x07,0x75,0x87,0xb8,0xad,0x1b,
78 0x8c,0x8d,0x12,0xc7 }
79 },
80 { EVP_sha256,
81 "0123456789:;<=>?@ABC",
82 "Sample #2",
83 { 0xb8,0xf2,0x0d,0xb5,0x41,0xea,0x43,0x09,
84 0xca,0x4e,0xa9,0x38,0x0c,0xd0,0xe8,0x34,
85 0xf7,0x1f,0xbe,0x91,0x74,0xa2,0x61,0x38,
86 0x0d,0xc1,0x7e,0xae,0x6a,0x34,0x51,0xd9 }
87 },
88 { EVP_sha384,
89 "0123456789:;<=>?@ABC",
90 "Sample #2",
91 { 0x08,0xbc,0xb0,0xda,0x49,0x1e,0x87,0xad,
92 0x9a,0x1d,0x6a,0xce,0x23,0xc5,0x0b,0xf6,
93 0xb7,0x18,0x06,0xa5,0x77,0xcd,0x49,0x04,
94 0x89,0xf1,0xe6,0x23,0x44,0x51,0x51,0x9f,
95 0x85,0x56,0x80,0x79,0x0c,0xbd,0x4d,0x50,
96 0xa4,0x5f,0x29,0xe3,0x93,0xf0,0xe8,0x7f }
97 },
98 { EVP_sha512,
99 "0123456789:;<=>?@ABC",
100 "Sample #2",
101 { 0x80,0x9d,0x44,0x05,0x7c,0x5b,0x95,0x41,
102 0x05,0xbd,0x04,0x13,0x16,0xdb,0x0f,0xac,
103 0x44,0xd5,0xa4,0xd5,0xd0,0x89,0x2b,0xd0,
104 0x4e,0x86,0x64,0x12,0xc0,0x90,0x77,0x68,
105 0xf1,0x87,0xb7,0x7c,0x4f,0xae,0x2c,0x2f,
106 0x21,0xa5,0xb5,0x65,0x9a,0x4f,0x4b,0xa7,
107 0x47,0x02,0xa3,0xde,0x9b,0x51,0xf1,0x45,
108 0xbd,0x4f,0x25,0x27,0x42,0x98,0x99,0x05 }
109 },
110};
111
112int FIPS_selftest_hmac()
113 {
114 int n;
115 unsigned int outlen;
116 unsigned char out[EVP_MAX_MD_SIZE];
117 const EVP_MD *md;
118 const HMAC_KAT *t;
119
120 for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
121 {
122 md = (*t->alg)();
123 HMAC(md,t->key,strlen(t->key),
124 (const unsigned char *)t->iv,strlen(t->iv),
125 out,&outlen);
126
127 if(memcmp(out,t->kaval,outlen))
128 {
129 FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED);
130 return 0;
131 }
132 }
133 return 1;
134 }
135#endif
diff --git a/src/lib/libssl/src/fips-1.0/hmac/fips_hmactest.c b/src/lib/libssl/src/fips-1.0/hmac/fips_hmactest.c
new file mode 100644
index 0000000000..e26e33ee3f
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/hmac/fips_hmactest.c
@@ -0,0 +1,335 @@
1/* fips_hmactest.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include <string.h>
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65#include <openssl/err.h>
66#include <openssl/x509v3.h>
67
68#ifndef OPENSSL_FIPS
69
70int main(int argc, char *argv[])
71{
72 printf("No FIPS HMAC support\n");
73 return(0);
74}
75
76#else
77
78static int hmac_test(BIO *err, const EVP_MD *md, BIO *out, BIO *in);
79static int print_hmac(BIO *err, const EVP_MD *md, BIO *out,
80 unsigned char *Key, int Klen,
81 unsigned char *Msg, int Msglen, int Tlen);
82
83int main(int argc, char **argv)
84 {
85 BIO *in = NULL, *out = NULL, *err = NULL;
86
87 int ret = 1;
88
89 ERR_load_crypto_strings();
90
91 err = BIO_new_fp(stderr, BIO_NOCLOSE);
92
93 if (!err)
94 {
95 fprintf(stderr, "FATAL stderr initialization error\n");
96 goto end;
97 }
98
99 if(!FIPS_mode_set(1))
100 {
101 ERR_print_errors(err);
102 goto end;
103 }
104
105 if (argc == 1)
106 in = BIO_new_fp(stdin, BIO_NOCLOSE);
107 else
108 in = BIO_new_file(argv[1], "r");
109
110 if (argc < 2)
111 out = BIO_new_fp(stdout, BIO_NOCLOSE);
112 else
113 out = BIO_new_file(argv[2], "w");
114
115 if (!in)
116 {
117 BIO_printf(err, "FATAL input initialization error\n");
118 goto end;
119 }
120
121 if (!out)
122 {
123 fprintf(stderr, "FATAL output initialization error\n");
124 goto end;
125 }
126
127 if (!hmac_test(err, EVP_sha1(), out, in))
128 {
129 fprintf(stderr, "FATAL hmac file processing error\n");
130 goto end;
131 }
132 else
133 ret = 0;
134
135 end:
136
137 if (ret && err)
138 ERR_print_errors(err);
139
140 if (in)
141 BIO_free(in);
142 if (out)
143 BIO_free(out);
144 if (err)
145 BIO_free(err);
146
147 return ret;
148
149 }
150
151#define HMAC_TEST_MAXLINELEN 1024
152
153int hmac_test(BIO *err, const EVP_MD *md, BIO *out, BIO *in)
154 {
155 char *linebuf, *olinebuf, *p, *q;
156 char *keyword, *value;
157 unsigned char *Key = NULL, *Msg = NULL;
158 int Count, Klen, Tlen;
159 long Keylen, Msglen;
160 int ret = 0;
161 int lnum = 0;
162
163 olinebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN);
164 linebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN);
165
166 if (!linebuf || !olinebuf)
167 goto error;
168
169 Count = -1;
170 Klen = -1;
171 Tlen = -1;
172
173 while (BIO_gets(in, olinebuf, HMAC_TEST_MAXLINELEN) > 0)
174 {
175 lnum++;
176 strcpy(linebuf, olinebuf);
177 keyword = linebuf;
178 /* Skip leading space */
179 while (isspace((unsigned char)*keyword))
180 keyword++;
181
182 /* Look for = sign */
183 p = strchr(linebuf, '=');
184
185 /* If no = or starts with [ (for [L=20] line) just copy */
186 if (!p)
187 {
188 if (!BIO_puts(out, olinebuf))
189 goto error;
190 continue;
191 }
192
193 q = p - 1;
194
195 /* Remove trailing space */
196 while (isspace((unsigned char)*q))
197 *q-- = 0;
198
199 *p = 0;
200 value = p + 1;
201
202 /* Remove leading space from value */
203 while (isspace((unsigned char)*value))
204 value++;
205
206 /* Remove trailing space from value */
207 p = value + strlen(value) - 1;
208
209 while (*p == '\n' || isspace((unsigned char)*p))
210 *p-- = 0;
211
212 if (!strcmp(keyword,"[L") && *p==']')
213 {
214 switch (atoi(value))
215 {
216 case 20: md=EVP_sha1(); break;
217 case 28: md=EVP_sha224(); break;
218 case 32: md=EVP_sha256(); break;
219 case 48: md=EVP_sha384(); break;
220 case 64: md=EVP_sha512(); break;
221 default: goto parse_error;
222 }
223 }
224 else if (!strcmp(keyword, "Count"))
225 {
226 if (Count != -1)
227 goto parse_error;
228 Count = atoi(value);
229 if (Count < 0)
230 goto parse_error;
231 }
232 else if (!strcmp(keyword, "Klen"))
233 {
234 if (Klen != -1)
235 goto parse_error;
236 Klen = atoi(value);
237 if (Klen < 0)
238 goto parse_error;
239 }
240 else if (!strcmp(keyword, "Tlen"))
241 {
242 if (Tlen != -1)
243 goto parse_error;
244 Tlen = atoi(value);
245 if (Tlen < 0)
246 goto parse_error;
247 }
248 else if (!strcmp(keyword, "Msg"))
249 {
250 if (Msg)
251 goto parse_error;
252 Msg = string_to_hex(value, &Msglen);
253 if (!Msg)
254 goto parse_error;
255 }
256 else if (!strcmp(keyword, "Key"))
257 {
258 if (Key)
259 goto parse_error;
260 Key = string_to_hex(value, &Keylen);
261 if (!Key)
262 goto parse_error;
263 }
264 else if (!strcmp(keyword, "Mac"))
265 continue;
266 else
267 goto parse_error;
268
269 BIO_puts(out, olinebuf);
270
271 if (Key && Msg && (Tlen > 0) && (Klen > 0))
272 {
273 if (!print_hmac(err, md, out, Key, Klen, Msg, Msglen, Tlen))
274 goto error;
275 OPENSSL_free(Key);
276 Key = NULL;
277 OPENSSL_free(Msg);
278 Msg = NULL;
279 Klen = -1;
280 Tlen = -1;
281 Count = -1;
282 }
283
284 }
285
286
287 ret = 1;
288
289
290 error:
291
292 if (olinebuf)
293 OPENSSL_free(olinebuf);
294 if (linebuf)
295 OPENSSL_free(linebuf);
296 if (Key)
297 OPENSSL_free(Key);
298 if (Msg)
299 OPENSSL_free(Msg);
300
301 return ret;
302
303 parse_error:
304
305 BIO_printf(err, "FATAL parse error processing line %d\n", lnum);
306
307 goto error;
308
309 }
310
311static int print_hmac(BIO *err, const EVP_MD *emd, BIO *out,
312 unsigned char *Key, int Klen,
313 unsigned char *Msg, int Msglen, int Tlen)
314 {
315 int i, mdlen;
316 unsigned char md[EVP_MAX_MD_SIZE];
317 if (!HMAC(emd, Key, Klen, Msg, Msglen, md,
318 (unsigned int *)&mdlen))
319 {
320 BIO_puts(err, "Error calculating HMAC\n");
321 return 0;
322 }
323 if (Tlen > mdlen)
324 {
325 BIO_puts(err, "Parameter error, Tlen > HMAC length\n");
326 return 0;
327 }
328 BIO_puts(out, "Mac = ");
329 for (i = 0; i < Tlen; i++)
330 BIO_printf(out, "%02x", md[i]);
331 BIO_puts(out, "\n");
332 return 1;
333 }
334
335#endif
diff --git a/src/lib/libssl/src/fips-1.0/install.com b/src/lib/libssl/src/fips-1.0/install.com
new file mode 100644
index 0000000000..8867fcf4c0
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/install.com
@@ -0,0 +1,57 @@
1$! INSTALL.COM -- Installs the files in a given directory tree
2$!
3$! Author: Richard Levitte <richard@levitte.org>
4$! Time of creation: 27-MAY-2004 11:47
5$!
6$! P1 root of the directory tree
7$!
8$ IF P1 .EQS. ""
9$ THEN
10$ WRITE SYS$OUTPUT "First argument missing."
11$ WRITE SYS$OUTPUT "Should be the directory where you want things installed."
12$ EXIT
13$ ENDIF
14$
15$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
16$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
17$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
18 - "[000000." - "][" - "[" - "]"
19$ ROOT = ROOT_DEV + "[" + ROOT_DIR
20$
21$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
22$ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
23$
24$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
25 CREATE/DIR/LOG WRK_SSLROOT:[000000]
26$ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
27 CREATE/DIR/LOG WRK_SSLINCLUDE:
28$
29$ FDIRS := ,RAND,SHA1,DES,AES,DSA,RSA,DH,HMAC
30$ EXHEADER_ := fips.h
31$ EXHEADER_SHA := fips_sha.h
32$ EXHEADER_RAND := fips_rand.h
33$ EXHEADER_DES :=
34$ EXHEADER_AES :=
35$ EXHEADER_DSA :=
36$ EXHEADER_RSA :=
37$ EXHEADER_DH :=
38$ EXHEADER_HMAC :=
39$
40$ I = 0
41$ LOOP_FDIRS:
42$ D = F$EDIT(F$ELEMENT(I, ",", FDIRS),"TRIM")
43$ I = I + 1
44$ IF D .EQS. "," THEN GOTO LOOP_FDIRS_END
45$ tmp = EXHEADER_'D'
46$ IF tmp .EQS. "" THEN GOTO LOOP_FDIRS
47$ IF D .EQS. ""
48$ THEN
49$ COPY 'tmp' WRK_SSLINCLUDE: /LOG
50$ ELSE
51$ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG
52$ ENDIF
53$ SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'tmp'
54$ GOTO LOOP_FDIRS
55$ LOOP_FDIRS_END:
56$
57$ EXIT
diff --git a/src/lib/libssl/src/fips-1.0/openssl_fips_fingerprint b/src/lib/libssl/src/fips-1.0/openssl_fips_fingerprint
new file mode 100755
index 0000000000..f59a67d537
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/openssl_fips_fingerprint
@@ -0,0 +1,31 @@
1#!/bin/sh
2#
3# Check the library fingerprint and generate an executable fingerprint, or
4# return an error
5
6lib=$1
7exe=$2
8ext=${HMAC_EXT:-sha1}
9
10# deal with the case where we're run from within the build and OpenSSL is
11# not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in
12# case shared libraries are built.
13if [ "X$TOP" != "X" ]
14then
15 if test "$OSTYPE" = msdosdjgpp; then
16 PATH="$TOP/apps;$TOP;$PATH"
17 else
18 PATH="$TOP/apps:$TOP:$PATH"
19 fi
20 LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH
21else
22 LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH
23fi
24
25echo "Checking library fingerprint for $lib"
26openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; }
27
28[ -x $exe.exe ] && exe=$exe.exe
29
30echo "Making fingerprint for $exe"
31openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.$ext || rm $exe.$ext
diff --git a/src/lib/libssl/src/fips-1.0/rand/Makefile b/src/lib/libssl/src/fips-1.0/rand/Makefile
new file mode 100644
index 0000000000..6820f3a205
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rand/Makefile
@@ -0,0 +1,126 @@
1#
2# OpenSSL/fips-1.0/rand/Makefile
3#
4
5DIR= rand
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST= fips_randtest.c fips_rngvs.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=fips_rand.c fips_rand_selftest.c
26LIBOBJ=fips_rand.o fips_rand_selftest.o
27
28SRC= $(LIBSRC)
29
30EXHEADER= fips_rand.h
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 @echo $(LIBOBJ) > lib
42
43files:
44 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
45
46links:
47 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
48 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
49 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
50
51install:
52 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63Q=../testvectors/rng/req
64A=../testvectors/rng/rsp
65
66fips_test:
67 -rm -rf $(A)
68 mkdir $(A)
69 if [ -f $(Q)/ANSI931_TDES2MCT.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs mct < $(Q)/ANSI931_TDES2MCT.req > $(A)/ANSI931_TDES2MCT.rsp; fi
70 if [ -f $(Q)/ANSI931_TDES2VST.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs vst < $(Q)/ANSI931_TDES2VST.req > $(A)/ANSI931_TDES2VST.rsp; fi
71
72lint:
73 lint -DLINT $(INCLUDES) $(SRC)>fluff
74
75depend:
76 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
77
78dclean:
79 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
80 mv -f Makefile.new $(MAKEFILE)
81
82clean:
83 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
84
85# DO NOT DELETE THIS LINE -- make depend depends on it.
86
87fips_rand.o: ../../e_os.h ../../include/openssl/bio.h
88fips_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
89fips_rand.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
90fips_rand.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h
91fips_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
92fips_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
93fips_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
94fips_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
95fips_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
96fips_rand.o: fips_rand.c
97fips_rand_selftest.o: ../../include/openssl/bio.h
98fips_rand_selftest.o: ../../include/openssl/crypto.h
99fips_rand_selftest.o: ../../include/openssl/des.h
100fips_rand_selftest.o: ../../include/openssl/des_old.h
101fips_rand_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
102fips_rand_selftest.o: ../../include/openssl/fips.h
103fips_rand_selftest.o: ../../include/openssl/fips_rand.h
104fips_rand_selftest.o: ../../include/openssl/lhash.h
105fips_rand_selftest.o: ../../include/openssl/opensslconf.h
106fips_rand_selftest.o: ../../include/openssl/opensslv.h
107fips_rand_selftest.o: ../../include/openssl/ossl_typ.h
108fips_rand_selftest.o: ../../include/openssl/rand.h
109fips_rand_selftest.o: ../../include/openssl/safestack.h
110fips_rand_selftest.o: ../../include/openssl/stack.h
111fips_rand_selftest.o: ../../include/openssl/symhacks.h
112fips_rand_selftest.o: ../../include/openssl/ui.h
113fips_rand_selftest.o: ../../include/openssl/ui_compat.h fips_rand_selftest.c
114fips_randtest.o: ../../e_os.h ../../include/openssl/bio.h
115fips_randtest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
116fips_randtest.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
117fips_randtest.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h
118fips_randtest.o: ../../include/openssl/lhash.h
119fips_randtest.o: ../../include/openssl/opensslconf.h
120fips_randtest.o: ../../include/openssl/opensslv.h
121fips_randtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
122fips_randtest.o: ../../include/openssl/safestack.h
123fips_randtest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
124fips_randtest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
125fips_randtest.o: fips_randtest.c
126fips_rngvs.o: ../../include/openssl/opensslconf.h fips_rngvs.c
diff --git a/src/lib/libssl/src/fips-1.0/rand/fips_rand.c b/src/lib/libssl/src/fips-1.0/rand/fips_rand.c
new file mode 100644
index 0000000000..7df2dc804e
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rand/fips_rand.c
@@ -0,0 +1,359 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50/*
51 * This is a FIPS approved PRNG, ANSI X9.31 A.2.4.
52 */
53
54#include "e_os.h"
55
56/* If we don't define _XOPEN_SOURCE_EXTENDED, struct timeval won't
57 be defined and gettimeofday() won't be declared with strict compilers
58 like DEC C in ANSI C mode. */
59#ifndef _XOPEN_SOURCE_EXTENDED
60#define _XOPEN_SOURCE_EXTENDED 1
61#endif
62
63#include <openssl/des.h>
64#include <openssl/rand.h>
65#include <openssl/err.h>
66#include <openssl/fips_rand.h>
67#ifndef OPENSSL_SYS_WIN32
68#include <sys/time.h>
69#endif
70#include <assert.h>
71#ifndef OPENSSL_SYS_WIN32
72# ifdef OPENSSL_UNISTD
73# include OPENSSL_UNISTD
74# else
75# include <unistd.h>
76# endif
77#endif
78#include <string.h>
79
80void *OPENSSL_stderr(void);
81
82#ifdef OPENSSL_FIPS
83
84#define SEED_SIZE 8
85
86static unsigned char seed[SEED_SIZE];
87static FIPS_RAND_SIZE_T n_seed;
88static FIPS_RAND_SIZE_T o_seed;
89static DES_cblock key1;
90static DES_cblock key2;
91static DES_key_schedule ks1,ks2;
92static int key_set;
93static int key_init;
94static int test_mode;
95static unsigned char test_faketime[8];
96
97#ifndef GETPID_IS_MEANINGLESS
98static int seed_pid;
99static int key_pid;
100#endif
101
102static void fips_rand_cleanup(void);
103static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy);
104static int fips_rand_bytes(unsigned char *buf, FIPS_RAND_SIZE_T num);
105static int fips_rand_status(void);
106
107static const RAND_METHOD rand_fips_meth=
108 {
109 FIPS_rand_seed,
110 fips_rand_bytes,
111 fips_rand_cleanup,
112 fips_rand_add,
113 fips_rand_bytes,
114 fips_rand_status
115 };
116
117static int second;
118
119const RAND_METHOD *FIPS_rand_method(void)
120{
121 return &rand_fips_meth;
122}
123
124void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8])
125 {
126 memcpy(&key1,k1,sizeof key1);
127 memcpy(&key2,k2,sizeof key2);
128 key_set=1;
129#ifndef GETPID_IS_MEANINGLESS
130 key_pid=getpid();
131#endif
132 second=0;
133 }
134
135void FIPS_test_mode(int test,const unsigned char faketime[8])
136 {
137 test_mode=test;
138 if(!test_mode)
139 return;
140 memcpy(test_faketime,faketime,sizeof test_faketime);
141 }
142
143/* NB: this returns true if _partially_ seeded */
144int FIPS_rand_seeded()
145 { return key_set || n_seed; }
146
147static void fips_gettime(unsigned char buf[8])
148 {
149#ifdef OPENSSL_SYS_WIN32
150 FILETIME ft;
151#else
152 struct timeval tv;
153#endif
154
155 if(test_mode)
156 {
157 /* fprintf(OPENSSL_stderr(),"WARNING!!! PRNG IN TEST MODE!!!\n"); */
158 memcpy(buf,test_faketime,sizeof test_faketime);
159 return;
160 }
161#ifdef OPENSSL_SYS_WIN32
162 GetSystemTimeAsFileTime(&ft);
163 buf[0] = (unsigned char) (ft.dwHighDateTime & 0xff);
164 buf[1] = (unsigned char) ((ft.dwHighDateTime >> 8) & 0xff);
165 buf[2] = (unsigned char) ((ft.dwHighDateTime >> 16) & 0xff);
166 buf[3] = (unsigned char) ((ft.dwHighDateTime >> 24) & 0xff);
167 buf[4] = (unsigned char) (ft.dwLowDateTime & 0xff);
168 buf[5] = (unsigned char) ((ft.dwLowDateTime >> 8) & 0xff);
169 buf[6] = (unsigned char) ((ft.dwLowDateTime >> 16) & 0xff);
170 buf[7] = (unsigned char) ((ft.dwLowDateTime >> 24) & 0xff);
171#else
172 gettimeofday(&tv,NULL);
173 buf[0] = (unsigned char) (tv.tv_sec & 0xff);
174 buf[1] = (unsigned char) ((tv.tv_sec >> 8) & 0xff);
175 buf[2] = (unsigned char) ((tv.tv_sec >> 16) & 0xff);
176 buf[3] = (unsigned char) ((tv.tv_sec >> 24) & 0xff);
177 buf[4] = (unsigned char) (tv.tv_usec & 0xff);
178 buf[5] = (unsigned char) ((tv.tv_usec >> 8) & 0xff);
179 buf[6] = (unsigned char) ((tv.tv_usec >> 16) & 0xff);
180 buf[7] = (unsigned char) ((tv.tv_usec >> 24) & 0xff);
181#endif
182
183#if 0 /* This eminently sensible strategy is not acceptable to NIST. Sigh. */
184#ifndef GETPID_IS_MEANINGLESS
185 /* we mix in the PID to ensure that after a fork the children don't give
186 * the same results as each other
187 */
188 pid=getpid();
189 /* make sure we shift the pid to the MSB */
190 if((pid&0xffff0000) == 0)
191 pid<<=16;
192 *(long *)&buf[0]^=pid;
193#endif
194#endif
195 }
196
197static void fips_rand_encrypt(unsigned char *out,const unsigned char *in)
198 {
199 DES_ecb2_encrypt(in,out,&ks1,&ks2,1);
200 }
201
202static void fips_rand_cleanup(void)
203 {
204 OPENSSL_cleanse(seed,sizeof seed);
205 n_seed=0;
206 o_seed=0;
207 key_init=0;
208 }
209
210void FIPS_rand_seed(const void *buf_, FIPS_RAND_SIZE_T num)
211 {
212 const char *buf=buf_;
213 FIPS_RAND_SIZE_T n;
214
215 /* If the key hasn't been set, we can't seed! */
216 if(!key_set)
217 return;
218
219 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
220 if(!key_init)
221 {
222 key_init=1;
223 DES_set_key(&key1,&ks1);
224 DES_set_key(&key2,&ks2);
225 }
226
227 /*
228 * This algorithm only uses 64 bits of seed, so ensure that we use
229 * the most recent 64 bits.
230 */
231 for(n=0 ; n < num ; )
232 {
233 FIPS_RAND_SIZE_T t=num-n;
234
235 if(o_seed+t > sizeof seed)
236 t=sizeof seed-o_seed;
237 memcpy(seed+o_seed,buf+n,t);
238 n+=t;
239 o_seed+=t;
240 if(o_seed == sizeof seed)
241 o_seed=0;
242 if(n_seed < sizeof seed)
243 n_seed+=t;
244 }
245
246#ifndef GETPID_IS_MEANINGLESS
247 seed_pid=getpid();
248#endif
249
250 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
251 }
252
253static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy)
254 {
255 FIPS_rand_seed(buf,num);
256 }
257
258static int fips_rand_bytes(unsigned char *buf,FIPS_RAND_SIZE_T num)
259 {
260 FIPS_RAND_SIZE_T n;
261 unsigned char timeseed[8];
262 unsigned char intermediate[SEED_SIZE];
263 unsigned char output[SEED_SIZE];
264 static unsigned char previous[SEED_SIZE];
265#ifndef GETPID_IS_MEANINGLESS
266 int pid;
267#endif
268
269 if(n_seed < sizeof seed)
270 {
271 RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
272 return 0;
273 }
274
275#ifdef FIPS_RAND_MAX_SIZE_T
276 if (num > FIPS_RAND_MAX_SIZE_T)
277 {
278#ifdef RAND_R_PRNG_ASKING_FOR_TOO_MUCH
279 RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_ASKING_FOR_TOO_MUCH);
280 return 0;
281#else
282 return -1; /* signal "not supported" condition */
283#endif
284 }
285#endif
286
287#ifndef GETPID_IS_MEANINGLESS
288 pid=getpid();
289 if(pid != seed_pid)
290 {
291 RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_RESEEDED);
292 return 0;
293 }
294 if(pid != key_pid)
295 {
296 RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_REKEYED);
297 return 0;
298 }
299#endif
300
301 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
302
303 for(n=0 ; n < num ; )
304 {
305 unsigned char t[SEED_SIZE];
306 FIPS_RAND_SIZE_T l;
307
308 /* ANS X9.31 A.2.4: I = ede*K(DT)
309 timeseed == DT
310 intermediate == I
311 */
312 fips_gettime(timeseed);
313 fips_rand_encrypt(intermediate,timeseed);
314
315 /* ANS X9.31 A.2.4: R = ede*K(I^V)
316 intermediate == I
317 seed == V
318 output == R
319 */
320 for(l=0 ; l < sizeof t ; ++l)
321 t[l]=intermediate[l]^seed[l];
322 fips_rand_encrypt(output,t);
323
324 /* ANS X9.31 A.2.4: V = ede*K(R^I)
325 output == R
326 intermediate == I
327 seed == V
328 */
329 for(l=0 ; l < sizeof t ; ++l)
330 t[l]=output[l]^intermediate[l];
331 fips_rand_encrypt(seed,t);
332
333 if(second && !memcmp(output,previous,sizeof previous))
334 {
335 RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_STUCK);
336 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
337 return 0;
338 }
339 memcpy(previous,output,sizeof previous);
340 second=1;
341
342 /* Successive values of R may be concatenated to produce a
343 pseudo random number of the desired length */
344 l=SEED_SIZE < num-n ? SEED_SIZE : num-n;
345 memcpy(buf+n,output,l);
346 n+=l;
347 }
348
349 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
350
351 return 1;
352 }
353
354static int fips_rand_status(void)
355 {
356 return n_seed == sizeof seed;
357 }
358
359#endif /* OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips-1.0/rand/fips_rand.h b/src/lib/libssl/src/fips-1.0/rand/fips_rand.h
new file mode 100644
index 0000000000..093727240e
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rand/fips_rand.h
@@ -0,0 +1,73 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#ifndef HEADER_FIPS_RAND_H
51#define HEADER_FIPS_RAND_H
52
53#include "des.h"
54
55#ifdef OPENSSL_FIPS
56
57#ifdef __cplusplus
58extern "C" {
59#endif
60
61void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]);
62void FIPS_test_mode(int test,const unsigned char faketime[8]);
63void FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num);
64/* NB: this returns true if _partially_ seeded */
65int FIPS_rand_seeded(void);
66
67const RAND_METHOD *FIPS_rand_method(void);
68
69#ifdef __cplusplus
70}
71#endif
72#endif
73#endif
diff --git a/src/lib/libssl/src/fips-1.0/rand/fips_rand_selftest.c b/src/lib/libssl/src/fips-1.0/rand/fips_rand_selftest.c
new file mode 100644
index 0000000000..691b929d71
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rand/fips_rand_selftest.c
@@ -0,0 +1,120 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <string.h>
51#include <openssl/err.h>
52#include <openssl/fips.h>
53#include <openssl/rand.h>
54#include <openssl/fips_rand.h>
55
56#ifdef OPENSSL_FIPS
57static struct
58 {
59 unsigned char key1[8];
60 unsigned char key2[8];
61 unsigned char seed[8];
62 unsigned char dt[8];
63 } init_iv[] =
64 {
65 {
66 { 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
67 { 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
68 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
69 { 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x3c },
70 },
71 {
72 { 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
73 { 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
74 { 0xf8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
75 { 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x40 },
76 },
77 {
78 { 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
79 { 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
80 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
81 { 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x7b },
82 },
83 };
84
85static const unsigned char expected_ret[][8]=
86 {
87 { 0x94, 0x4d, 0xc7, 0x21, 0x0d, 0x6d, 0x7f, 0xd7 },
88 { 0x02, 0x43, 0x3c, 0x94, 0x17, 0xa3, 0x32, 0x6f },
89 { 0xe7, 0xe2, 0xb2, 0x96, 0x4f, 0x36, 0xed, 0x41 },
90 };
91
92void FIPS_corrupt_rng()
93 {
94 init_iv[0].dt[0]++;
95 }
96
97int FIPS_selftest_rng()
98 {
99 int n;
100
101 for(n=0 ; n < 3 ; ++n)
102 {
103 unsigned char actual_ret[8];
104
105 FIPS_rand_method()->cleanup();
106 FIPS_set_prng_key(init_iv[n].key1,init_iv[n].key2);
107 FIPS_rand_seed(init_iv[n].seed,8);
108 FIPS_test_mode(1,init_iv[n].dt);
109 if ((FIPS_rand_method()->bytes(actual_ret, 8) <=0) || (memcmp(actual_ret,expected_ret[n],sizeof actual_ret)))
110 {
111 FIPS_test_mode(0,NULL);
112 FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
113 return 0;
114 }
115 }
116 FIPS_test_mode(0,NULL);
117 return 1;
118 }
119
120#endif
diff --git a/src/lib/libssl/src/fips-1.0/rand/fips_randtest.c b/src/lib/libssl/src/fips-1.0/rand/fips_randtest.c
new file mode 100644
index 0000000000..6165944e56
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rand/fips_randtest.c
@@ -0,0 +1,369 @@
1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
56 */
57/* ====================================================================
58 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
59 *
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
62 * are met:
63 *
64 * 1. Redistributions of source code must retain the above copyright
65 * notice, this list of conditions and the following disclaimer.
66 *
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
70 * distribution.
71 *
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76 *
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
81 *
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
85 *
86 * 6. Redistributions of any form whatsoever must retain the following
87 * acknowledgment:
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90 *
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 *
104 */
105
106#include <stdio.h>
107#include <stdlib.h>
108#include <openssl/rand.h>
109#include <openssl/fips_rand.h>
110#include <openssl/err.h>
111
112#include "e_os.h"
113
114#ifndef OPENSSL_FIPS
115int main(int argc, char *argv[])
116{
117 printf("No FIPS RAND support\n");
118 return(0);
119}
120
121#else
122
123/* some FIPS 140-1 random number test */
124/* some simple tests */
125
126static DES_cblock prng_key1={0x21,0x58,0x47,0xb7,0xc2,0x97,0x5a,0x8e};
127static DES_cblock prng_key2={0x61,0x23,0x05,0x96,0x18,0x91,0x86,0xac};
128static unsigned char prng_seed[8]={0x6b,0xa3,0x4f,0x07,0xe4,0x2a,0xb0,0xc};
129
130typedef struct
131 {
132 DES_cblock keys[2];
133 const unsigned char time[8];
134 const unsigned char seed[8];
135 const unsigned char block1[8];
136 const unsigned char block100[8];
137 } PRNGtest;
138
139/* FIXME: these test vectors are made up! */
140static PRNGtest t1=
141 {
142 { { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 },
143 { 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f },
144 },
145 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
146 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
147 { 0x33,0xc3,0xdf,0xfe,0x60,0x60,0x49,0x9e },
148 { 0xcd,0x2b,0x41,0xaf,0x80,0x51,0x37,0xd8 }
149 };
150static PRNGtest t2=
151 {
152 { { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff },
153 { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff } },
154 { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff },
155 { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff },
156 { 0x65,0xf1,0xa4,0x07,0x42,0x38,0xd5,0x25 },
157 { 0xbb,0x75,0x84,0x20,0x7a,0x44,0xf0,0xa0 }
158 };
159
160static void dump(const unsigned char *b,int n)
161 {
162 while(n-- > 0)
163 {
164 printf(" %02x",*b++);
165 }
166 }
167
168static void compare(const unsigned char *result,const unsigned char *expected,
169 int n)
170 {
171 int i;
172
173 for(i=0 ; i < n ; ++i)
174 if(result[i] != expected[i])
175 {
176 puts("Random test failed, got:");
177 dump(result,8);
178 puts("\n expected:");
179 dump(expected,8);
180 putchar('\n');
181 EXIT(1);
182 }
183 }
184
185static void run_test(const PRNGtest *t)
186 {
187 unsigned char buf[8];
188 int n;
189
190 FIPS_set_prng_key(t->keys[0],t->keys[1]);
191 FIPS_test_mode(1,t->time);
192 RAND_seed(t->seed,sizeof t->seed);
193
194 if(RAND_bytes(buf,8) <= 0)
195 {
196 ERR_print_errors_fp(stderr);
197 EXIT(2);
198 }
199 compare(buf,t->block1,8);
200 for(n=0 ; n < 99 ; ++n)
201 if(RAND_bytes(buf,8) <= 0)
202 {
203 ERR_print_errors_fp(stderr);
204 EXIT(2);
205 }
206 compare(buf,t->block100,8);
207 FIPS_test_mode(0,NULL);
208 }
209
210int main()
211 {
212 unsigned char buf[2500];
213 int i,j,k,s,sign,nsign,err=0;
214 unsigned long n1;
215 unsigned long n2[16];
216 unsigned long runs[2][34];
217 /*double d; */
218 long d;
219
220 ERR_load_crypto_strings();
221 RAND_set_rand_method(FIPS_rand_method());
222
223 run_test(&t1);
224 run_test(&t2);
225
226 FIPS_set_prng_key(prng_key1,prng_key2);
227 RAND_seed(prng_seed,sizeof prng_seed);
228
229 i = RAND_pseudo_bytes(buf,2500);
230 if (i <= 0)
231 {
232 printf ("init failed, the rand method is not properly installed\n");
233 err++;
234 goto err;
235 }
236
237 n1=0;
238 for (i=0; i<16; i++) n2[i]=0;
239 for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
240
241 /* test 1 and 2 */
242 sign=0;
243 nsign=0;
244 for (i=0; i<2500; i++)
245 {
246 j=buf[i];
247
248 n2[j&0x0f]++;
249 n2[(j>>4)&0x0f]++;
250
251 for (k=0; k<8; k++)
252 {
253 s=(j&0x01);
254 if (s == sign)
255 nsign++;
256 else
257 {
258 if (nsign > 34) nsign=34;
259 if (nsign != 0)
260 {
261 runs[sign][nsign-1]++;
262 if (nsign > 6)
263 runs[sign][5]++;
264 }
265 sign=s;
266 nsign=1;
267 }
268
269 if (s) n1++;
270 j>>=1;
271 }
272 }
273 if (nsign > 34) nsign=34;
274 if (nsign != 0) runs[sign][nsign-1]++;
275
276 /* test 1 */
277 if (!((9654 < n1) && (n1 < 10346)))
278 {
279 printf("test 1 failed, X=%lu\n",n1);
280 err++;
281 }
282 printf("test 1 done\n");
283
284 /* test 2 */
285#ifdef undef
286 d=0;
287 for (i=0; i<16; i++)
288 d+=n2[i]*n2[i];
289 d=d*16.0/5000.0-5000.0;
290 if (!((1.03 < d) && (d < 57.4)))
291 {
292 printf("test 2 failed, X=%.2f\n",d);
293 err++;
294 }
295#endif
296 d=0;
297 for (i=0; i<16; i++)
298 d+=n2[i]*n2[i];
299 d=(d*8)/25-500000;
300 if (!((103 < d) && (d < 5740)))
301 {
302 printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
303 err++;
304 }
305 printf("test 2 done\n");
306
307 /* test 3 */
308 for (i=0; i<2; i++)
309 {
310 if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
311 {
312 printf("test 3 failed, bit=%d run=%d num=%lu\n",
313 i,1,runs[i][0]);
314 err++;
315 }
316 if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
317 {
318 printf("test 3 failed, bit=%d run=%d num=%lu\n",
319 i,2,runs[i][1]);
320 err++;
321 }
322 if (!(( 502 < runs[i][2]) && (runs[i][2] < 748)))
323 {
324 printf("test 3 failed, bit=%d run=%d num=%lu\n",
325 i,3,runs[i][2]);
326 err++;
327 }
328 if (!(( 223 < runs[i][3]) && (runs[i][3] < 402)))
329 {
330 printf("test 3 failed, bit=%d run=%d num=%lu\n",
331 i,4,runs[i][3]);
332 err++;
333 }
334 if (!(( 90 < runs[i][4]) && (runs[i][4] < 223)))
335 {
336 printf("test 3 failed, bit=%d run=%d num=%lu\n",
337 i,5,runs[i][4]);
338 err++;
339 }
340 if (!(( 90 < runs[i][5]) && (runs[i][5] < 223)))
341 {
342 printf("test 3 failed, bit=%d run=%d num=%lu\n",
343 i,6,runs[i][5]);
344 err++;
345 }
346 }
347 printf("test 3 done\n");
348
349 /* test 4 */
350 if (runs[0][33] != 0)
351 {
352 printf("test 4 failed, bit=%d run=%d num=%lu\n",
353 0,34,runs[0][33]);
354 err++;
355 }
356 if (runs[1][33] != 0)
357 {
358 printf("test 4 failed, bit=%d run=%d num=%lu\n",
359 1,34,runs[1][33]);
360 err++;
361 }
362 printf("test 4 done\n");
363 err:
364 err=((err)?1:0);
365 EXIT(err);
366 return(err);
367 }
368
369#endif
diff --git a/src/lib/libssl/src/fips-1.0/rand/fips_rngvs.c b/src/lib/libssl/src/fips-1.0/rand/fips_rngvs.c
new file mode 100644
index 0000000000..2c3fdbcca7
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rand/fips_rngvs.c
@@ -0,0 +1,234 @@
1/*
2 * Crude test driver for processing the VST and MCT testvector files
3 * generated by the CMVP RNGVS product.
4 *
5 * Note the input files are assumed to have a _very_ specific format
6 * as described in the NIST document "The Random Number Generator
7 * Validation System (RNGVS)", May 25, 2004.
8 *
9 */
10#include <openssl/opensslconf.h>
11
12#ifndef OPENSSL_FIPS
13#include <stdio.h>
14int main()
15{
16 printf("No FIPS RNG support\n");
17 return 0;
18}
19#else
20
21#include <openssl/bn.h>
22#include <openssl/dsa.h>
23#include <openssl/fips.h>
24#include <openssl/err.h>
25#include <openssl/rand.h>
26#include <openssl/fips_rand.h>
27#include <string.h>
28
29int hex2bin(const char *in, unsigned char *out)
30 {
31 int n1, n2;
32 unsigned char ch;
33
34 for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
35 { /* first byte */
36 if ((in[n1] >= '0') && (in[n1] <= '9'))
37 ch = in[n1++] - '0';
38 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
39 ch = in[n1++] - 'A' + 10;
40 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
41 ch = in[n1++] - 'a' + 10;
42 else
43 return -1;
44 if(!in[n1])
45 {
46 out[n2++]=ch;
47 break;
48 }
49 out[n2] = ch << 4;
50 /* second byte */
51 if ((in[n1] >= '0') && (in[n1] <= '9'))
52 ch = in[n1++] - '0';
53 else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
54 ch = in[n1++] - 'A' + 10;
55 else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
56 ch = in[n1++] - 'a' + 10;
57 else
58 return -1;
59 out[n2++] |= ch;
60 }
61 return n2;
62 }
63
64int bin2hex(const unsigned char *in,int len,char *out)
65 {
66 int n1, n2;
67 unsigned char ch;
68
69 for (n1=0,n2=0 ; n1 < len ; ++n1)
70 {
71 ch=in[n1] >> 4;
72 if (ch <= 0x09)
73 out[n2++]=ch+'0';
74 else
75 out[n2++]=ch-10+'a';
76 ch=in[n1] & 0x0f;
77 if(ch <= 0x09)
78 out[n2++]=ch+'0';
79 else
80 out[n2++]=ch-10+'a';
81 }
82 out[n2]='\0';
83 return n2;
84 }
85
86void pv(const char *tag,const unsigned char *val,int len)
87 {
88 char obuf[2048];
89
90 bin2hex(val,len,obuf);
91 printf("%s = %s\n",tag,obuf);
92 }
93
94void vst()
95 {
96 unsigned char key1[8];
97 unsigned char key2[8];
98 unsigned char v[8];
99 unsigned char dt[8];
100 unsigned char ret[8];
101 char buf[1024];
102 int n;
103
104 while(fgets(buf,sizeof buf,stdin) != NULL)
105 {
106 if(!strncmp(buf,"Key1 = ",7))
107 {
108 n=hex2bin(buf+7,key1);
109 pv("Key1",key1,n);
110 }
111 else if(!strncmp(buf,"Key2 = ",7))
112 {
113 n=hex2bin(buf+7,key2);
114 pv("Key1",key2,n);
115 }
116 else if(!strncmp(buf,"DT = ",5))
117 {
118 n=hex2bin(buf+5,dt);
119 pv("DT",dt,n);
120 }
121 else if(!strncmp(buf,"V = ",4))
122 {
123 n=hex2bin(buf+4,v);
124 pv("V",v,n);
125
126 FIPS_rand_method()->cleanup();
127 FIPS_set_prng_key(key1,key2);
128 FIPS_rand_seed(v,8);
129 FIPS_test_mode(1,dt);
130 if (FIPS_rand_method()->bytes(ret,8) <= 0)
131 {
132 FIPS_test_mode(0,NULL);
133 FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
134 return;
135 }
136
137 pv("R",ret,8);
138 putc('\n',stdout);
139 }
140 else
141 fputs(buf,stdout);
142 }
143 }
144
145
146void mct()
147 {
148 unsigned char key1[8];
149 unsigned char key2[8];
150 unsigned char v[8];
151 unsigned char dt[8];
152 unsigned char ret[8];
153 char buf[1024];
154 int n;
155
156 BIGNUM *bn;
157 BIGNUM *pbn;
158 bn = BN_new();
159
160 while(fgets(buf,sizeof buf,stdin) != NULL)
161 {
162 if(!strncmp(buf,"Key1 = ",7))
163 {
164 n=hex2bin(buf+7,key1);
165 pv("Key1",key1,n);
166 }
167 else if(!strncmp(buf,"Key2 = ",7))
168 {
169 n=hex2bin(buf+7,key2);
170 pv("Key1",key2,n);
171 }
172 else if(!strncmp(buf,"DT = ",5))
173 {
174 n=hex2bin(buf+5,dt);
175 pv("DT",dt,n);
176 }
177 else if(!strncmp(buf,"V = ",4))
178 {
179 int iter;
180 n=hex2bin(buf+4,v);
181 pv("V",v,n);
182
183 FIPS_rand_method()->cleanup();
184 FIPS_set_prng_key(key1,key2);
185 FIPS_rand_seed(v,8);
186 for (iter=0; iter < 10000; ++iter)
187 {
188 FIPS_test_mode(1,dt);
189 if (FIPS_rand_method()->bytes(ret,8) <= 0)
190 {
191 FIPS_test_mode(0,NULL);
192 FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
193 return;
194 }
195 pbn = BN_bin2bn(dt,8,bn);
196 n = BN_add(bn,bn,BN_value_one());
197 n = BN_bn2bin(bn,dt);
198 }
199
200 pv("R",ret,8);
201 putc('\n',stdout);
202 }
203 else
204 fputs(buf,stdout);
205 }
206 BN_free(bn);
207 }
208
209int main(int argc,char **argv)
210 {
211 if(argc != 2)
212 {
213 fprintf(stderr,"%s [mct|vst]\n",argv[0]);
214 exit(1);
215 }
216 if(!FIPS_mode_set(1))
217 {
218 ERR_load_crypto_strings();
219 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
220 exit(1);
221 }
222 if(!strcmp(argv[1],"mct"))
223 mct();
224 else if(!strcmp(argv[1],"vst"))
225 vst();
226 else
227 {
228 fprintf(stderr,"Don't know how to %s.\n",argv[1]);
229 exit(1);
230 }
231
232 return 0;
233 }
234#endif
diff --git a/src/lib/libssl/src/fips-1.0/rsa/Makefile b/src/lib/libssl/src/fips-1.0/rsa/Makefile
new file mode 100644
index 0000000000..179df4758a
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/Makefile
@@ -0,0 +1,208 @@
1#
2# OpenSSL/fips-1.0/rsa/Makefile
3#
4
5DIR= rsa
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST= fips_rsavtest.c fips_rsastest.c fips_rsagtest.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c fips_rsa_x931g.c
26LIBOBJ=fips_rsa_eay.o fips_rsa_gen.o fips_rsa_selftest.o fips_rsa_x931g.o
27
28SRC= $(LIBSRC)
29
30EXHEADER=
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 @echo $(LIBOBJ) > lib
42
43files:
44 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
45
46links:
47 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
48 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
49 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
50
51install:
52 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63Q=../testvectors/rsa/req
64A=../testvectors/rsa/rsp
65Q62=../testvectors/rsa_salt_62/req
66A62=../testvectors/rsa_salt_62/rsp
67
68fips_test:
69 -rm -rf $(A) $(A62)
70 mkdir $(A) $(A62)
71 if [ -f $(Q)/SigGen15.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest < $(Q)/SigGen15.req > $(A)/SigGen15.rsp; fi
72 if [ -f $(Q)/SigVer15.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest < $(Q)/SigVer15.req > $(A)/SigVer15.rsp; fi
73 if [ -f $(Q)/SigGenPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest -saltlen 0 < $(Q)/SigGenPSS.req > $(A)/SigGenPSS.rsp; fi
74 if [ -f $(Q)/SigVerPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest -saltlen 0 < $(Q)/SigVerPSS.req > $(A)/SigVerPSS.rsp; fi
75 if [ -f $(Q)/SigGenRSA.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest -x931 < $(Q)/SigGenRSA.req > $(A)/SigGenRSA.rsp; fi
76 if [ -f $(Q)/SigVerRSA.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest -x931 < $(Q)/SigVerRSA.req > $(A)/SigVerRSA.rsp; fi
77 if [ -f $(Q62)/SigGenPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest -saltlen 62 < $(Q62)/SigGenPSS.req >$(A62)/SigGenPSS.rsp; fi
78 if [ -f $(Q62)/SigVerPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest -saltlen 62 <$(Q62)/SigVerPSS.req >$(A62)/SigVerPSS.rsp; fi
79 if [ -f $(Q)/KeyGenRSA.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsagtest < $(Q)/KeyGenRSA.req > $(A)/KeyGenRSA.rsp; fi
80
81lint:
82 lint -DLINT $(INCLUDES) $(SRC)>fluff
83
84depend:
85 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
86
87dclean:
88 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
89 mv -f Makefile.new $(MAKEFILE)
90
91clean:
92 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
93# DO NOT DELETE THIS LINE -- make depend depends on it.
94
95fips_rsa_eay.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
96fips_rsa_eay.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
97fips_rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
98fips_rsa_eay.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
99fips_rsa_eay.o: ../../include/openssl/opensslconf.h
100fips_rsa_eay.o: ../../include/openssl/opensslv.h
101fips_rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
102fips_rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
103fips_rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
104fips_rsa_eay.o: fips_rsa_eay.c
105fips_rsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
106fips_rsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
107fips_rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
108fips_rsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
109fips_rsa_gen.o: ../../include/openssl/opensslconf.h
110fips_rsa_gen.o: ../../include/openssl/opensslv.h
111fips_rsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
112fips_rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
113fips_rsa_gen.o: ../../include/openssl/symhacks.h fips_rsa_gen.c
114fips_rsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
115fips_rsa_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
116fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
117fips_rsa_selftest.o: ../../include/openssl/fips.h
118fips_rsa_selftest.o: ../../include/openssl/fips_sha.h
119fips_rsa_selftest.o: ../../include/openssl/lhash.h
120fips_rsa_selftest.o: ../../include/openssl/opensslconf.h
121fips_rsa_selftest.o: ../../include/openssl/opensslv.h
122fips_rsa_selftest.o: ../../include/openssl/ossl_typ.h
123fips_rsa_selftest.o: ../../include/openssl/rsa.h
124fips_rsa_selftest.o: ../../include/openssl/safestack.h
125fips_rsa_selftest.o: ../../include/openssl/stack.h
126fips_rsa_selftest.o: ../../include/openssl/symhacks.h fips_rsa_selftest.c
127fips_rsa_x931g.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
128fips_rsa_x931g.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
129fips_rsa_x931g.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
130fips_rsa_x931g.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
131fips_rsa_x931g.o: ../../include/openssl/opensslconf.h
132fips_rsa_x931g.o: ../../include/openssl/opensslv.h
133fips_rsa_x931g.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
134fips_rsa_x931g.o: ../../include/openssl/safestack.h
135fips_rsa_x931g.o: ../../include/openssl/stack.h
136fips_rsa_x931g.o: ../../include/openssl/symhacks.h fips_rsa_x931g.c
137fips_rsagtest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
138fips_rsagtest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
139fips_rsagtest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
140fips_rsagtest.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
141fips_rsagtest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
142fips_rsagtest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
143fips_rsagtest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
144fips_rsagtest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
145fips_rsagtest.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
146fips_rsagtest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
147fips_rsagtest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
148fips_rsagtest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
149fips_rsagtest.o: ../../include/openssl/objects.h
150fips_rsagtest.o: ../../include/openssl/opensslconf.h
151fips_rsagtest.o: ../../include/openssl/opensslv.h
152fips_rsagtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
153fips_rsagtest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
154fips_rsagtest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
155fips_rsagtest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
156fips_rsagtest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
157fips_rsagtest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
158fips_rsagtest.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
159fips_rsagtest.o: ../../include/openssl/x509_vfy.h
160fips_rsagtest.o: ../../include/openssl/x509v3.h fips_rsagtest.c
161fips_rsastest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
162fips_rsastest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
163fips_rsastest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
164fips_rsastest.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
165fips_rsastest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
166fips_rsastest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
167fips_rsastest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
168fips_rsastest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
169fips_rsastest.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
170fips_rsastest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
171fips_rsastest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
172fips_rsastest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
173fips_rsastest.o: ../../include/openssl/objects.h
174fips_rsastest.o: ../../include/openssl/opensslconf.h
175fips_rsastest.o: ../../include/openssl/opensslv.h
176fips_rsastest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
177fips_rsastest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
178fips_rsastest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
179fips_rsastest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
180fips_rsastest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
181fips_rsastest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
182fips_rsastest.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
183fips_rsastest.o: ../../include/openssl/x509_vfy.h
184fips_rsastest.o: ../../include/openssl/x509v3.h fips_rsastest.c
185fips_rsavtest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
186fips_rsavtest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
187fips_rsavtest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
188fips_rsavtest.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
189fips_rsavtest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
190fips_rsavtest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
191fips_rsavtest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
192fips_rsavtest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
193fips_rsavtest.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
194fips_rsavtest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
195fips_rsavtest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
196fips_rsavtest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
197fips_rsavtest.o: ../../include/openssl/objects.h
198fips_rsavtest.o: ../../include/openssl/opensslconf.h
199fips_rsavtest.o: ../../include/openssl/opensslv.h
200fips_rsavtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
201fips_rsavtest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
202fips_rsavtest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
203fips_rsavtest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
204fips_rsavtest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
205fips_rsavtest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
206fips_rsavtest.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
207fips_rsavtest.o: ../../include/openssl/x509_vfy.h
208fips_rsavtest.o: ../../include/openssl/x509v3.h fips_rsavtest.c
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_eay.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_eay.c
new file mode 100644
index 0000000000..2d0d973f1e
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_eay.c
@@ -0,0 +1,788 @@
1/* crypto/rsa/rsa_eay.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/err.h>
114#include <openssl/bn.h>
115#include <openssl/rsa.h>
116#include <openssl/rand.h>
117#include <openssl/fips.h>
118
119#if !defined(RSA_NULL) && defined(OPENSSL_FIPS)
120
121static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
122 unsigned char *to, RSA *rsa,int padding);
123static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
124 unsigned char *to, RSA *rsa,int padding);
125static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
126 unsigned char *to, RSA *rsa,int padding);
127static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
128 unsigned char *to, RSA *rsa,int padding);
129static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa);
130static int RSA_eay_init(RSA *rsa);
131static int RSA_eay_finish(RSA *rsa);
132static const RSA_METHOD rsa_pkcs1_eay_meth={
133 "Eric Young's PKCS#1 RSA",
134 RSA_eay_public_encrypt,
135 RSA_eay_public_decrypt, /* signature verification */
136 RSA_eay_private_encrypt, /* signing */
137 RSA_eay_private_decrypt,
138 RSA_eay_mod_exp,
139 BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */
140 RSA_eay_init,
141 RSA_eay_finish,
142 0, /* flags */
143 NULL,
144 0, /* rsa_sign */
145 0 /* rsa_verify */
146 };
147
148const RSA_METHOD *RSA_PKCS1_SSLeay(void)
149 {
150 return(&rsa_pkcs1_eay_meth);
151 }
152
153static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
154 unsigned char *to, RSA *rsa, int padding)
155 {
156 BIGNUM f,ret;
157 int i,j,k,num=0,r= -1;
158 unsigned char *buf=NULL;
159 BN_CTX *ctx=NULL;
160
161 BN_init(&f);
162 BN_init(&ret);
163
164 if(FIPS_selftest_failed())
165 {
166 FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
167 goto err;
168 }
169
170 if ((ctx=BN_CTX_new()) == NULL) goto err;
171 num=BN_num_bytes(rsa->n);
172 if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
173 {
174 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
175 goto err;
176 }
177
178 switch (padding)
179 {
180 case RSA_PKCS1_PADDING:
181 i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
182 break;
183#ifndef OPENSSL_NO_SHA
184 case RSA_PKCS1_OAEP_PADDING:
185 i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
186 break;
187#endif
188 case RSA_SSLV23_PADDING:
189 i=RSA_padding_add_SSLv23(buf,num,from,flen);
190 break;
191 case RSA_NO_PADDING:
192 i=RSA_padding_add_none(buf,num,from,flen);
193 break;
194 default:
195 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
196 goto err;
197 }
198 if (i <= 0) goto err;
199
200 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
201
202 if (BN_ucmp(&f, rsa->n) >= 0)
203 {
204 /* usually the padding functions would catch this */
205 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
206 goto err;
207 }
208
209 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
210 {
211 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
212 CRYPTO_LOCK_RSA, rsa->n, ctx))
213 goto err;
214 }
215
216 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
217 rsa->_method_mod_n)) goto err;
218
219 /* put in leading 0 bytes if the number is less than the
220 * length of the modulus */
221 j=BN_num_bytes(&ret);
222 i=BN_bn2bin(&ret,&(to[num-j]));
223 for (k=0; k<(num-i); k++)
224 to[k]=0;
225
226 r=num;
227err:
228 if (ctx != NULL) BN_CTX_free(ctx);
229 BN_clear_free(&f);
230 BN_clear_free(&ret);
231 if (buf != NULL)
232 {
233 OPENSSL_cleanse(buf,num);
234 OPENSSL_free(buf);
235 }
236 return(r);
237 }
238
239static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
240 {
241 int ret = 1;
242 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
243 /* Check again inside the lock - the macro's check is racey */
244 if(rsa->blinding == NULL)
245 ret = RSA_blinding_on(rsa, ctx);
246 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
247 return ret;
248 }
249
250#define BLINDING_HELPER(rsa, ctx, err_instr) \
251 do { \
252 if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \
253 ((rsa)->blinding == NULL) && \
254 !rsa_eay_blinding(rsa, ctx)) \
255 err_instr \
256 } while(0)
257
258static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx)
259 {
260 BIGNUM *A, *Ai;
261 BN_BLINDING *ret = NULL;
262
263 /* added in OpenSSL 0.9.6j and 0.9.7b */
264
265 /* NB: similar code appears in RSA_blinding_on (rsa_lib.c);
266 * this should be placed in a new function of its own, but for reasons
267 * of binary compatibility can't */
268
269 BN_CTX_start(ctx);
270 A = BN_CTX_get(ctx);
271 if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
272 {
273 /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
274 RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0);
275 if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
276 }
277 else
278 {
279 if (!BN_rand_range(A,rsa->n)) goto err;
280 }
281 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
282
283 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
284 goto err;
285 ret = BN_BLINDING_new(A,Ai,rsa->n);
286 BN_free(Ai);
287err:
288 BN_CTX_end(ctx);
289 return ret;
290 }
291
292/* signing */
293static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
294 unsigned char *to, RSA *rsa, int padding)
295 {
296 BIGNUM f,ret, *res;
297 int i,j,k,num=0,r= -1;
298 unsigned char *buf=NULL;
299 BN_CTX *ctx=NULL;
300 int local_blinding = 0;
301 BN_BLINDING *blinding = NULL;
302
303 BN_init(&f);
304 BN_init(&ret);
305
306 if ((ctx=BN_CTX_new()) == NULL) goto err;
307 num=BN_num_bytes(rsa->n);
308 if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
309 {
310 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
311 goto err;
312 }
313
314 switch (padding)
315 {
316 case RSA_PKCS1_PADDING:
317 i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
318 break;
319 case RSA_NO_PADDING:
320 i=RSA_padding_add_none(buf,num,from,flen);
321 break;
322 case RSA_X931_PADDING:
323 i=RSA_padding_add_X931(buf,num,from,flen);
324 break;
325 case RSA_SSLV23_PADDING:
326 default:
327 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
328 goto err;
329 }
330 if (i <= 0) goto err;
331
332 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
333
334 if (BN_ucmp(&f, rsa->n) >= 0)
335 {
336 /* usually the padding functions would catch this */
337 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
338 goto err;
339 }
340
341 BLINDING_HELPER(rsa, ctx, goto err;);
342 blinding = rsa->blinding;
343
344 /* Now unless blinding is disabled, 'blinding' is non-NULL.
345 * But the BN_BLINDING object may be owned by some other thread
346 * (we don't want to keep it constant and we don't want to use
347 * lots of locking to avoid race conditions, so only a single
348 * thread can use it; other threads have to use local blinding
349 * factors) */
350 if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
351 {
352 if (blinding == NULL)
353 {
354 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
355 goto err;
356 }
357 }
358
359 if (blinding != NULL)
360 {
361 if (blinding->thread_id != CRYPTO_thread_id())
362 {
363 /* we need a local one-time blinding factor */
364
365 blinding = setup_blinding(rsa, ctx);
366 if (blinding == NULL)
367 goto err;
368 local_blinding = 1;
369 }
370 }
371
372 if (blinding)
373 if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err;
374
375 if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
376 ((rsa->p != NULL) &&
377 (rsa->q != NULL) &&
378 (rsa->dmp1 != NULL) &&
379 (rsa->dmq1 != NULL) &&
380 (rsa->iqmp != NULL)) )
381 {
382 if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err;
383 }
384 else
385 {
386 BIGNUM local_d;
387 BIGNUM *d = NULL;
388
389 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
390 {
391 BN_init(&local_d);
392 d = &local_d;
393 BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
394 }
395 else
396 d = rsa->d;
397 if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) goto err;
398 }
399
400 if (blinding)
401 if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
402
403 if (padding == RSA_X931_PADDING)
404 {
405 BN_sub(&f, rsa->n, &ret);
406 if (BN_cmp(&ret, &f))
407 res = &f;
408 else
409 res = &ret;
410 }
411 else
412 res = &ret;
413
414 /* put in leading 0 bytes if the number is less than the
415 * length of the modulus */
416 j=BN_num_bytes(res);
417 i=BN_bn2bin(res,&(to[num-j]));
418 for (k=0; k<(num-i); k++)
419 to[k]=0;
420
421 r=num;
422err:
423 if (ctx != NULL) BN_CTX_free(ctx);
424 BN_clear_free(&ret);
425 BN_clear_free(&f);
426 if (local_blinding)
427 BN_BLINDING_free(blinding);
428 if (buf != NULL)
429 {
430 OPENSSL_cleanse(buf,num);
431 OPENSSL_free(buf);
432 }
433 return(r);
434 }
435
436static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
437 unsigned char *to, RSA *rsa, int padding)
438 {
439 BIGNUM f,ret;
440 int j,num=0,r= -1;
441 unsigned char *p;
442 unsigned char *buf=NULL;
443 BN_CTX *ctx=NULL;
444 int local_blinding = 0;
445 BN_BLINDING *blinding = NULL;
446
447 BN_init(&f);
448 BN_init(&ret);
449 ctx=BN_CTX_new();
450 if (ctx == NULL) goto err;
451
452 num=BN_num_bytes(rsa->n);
453
454 if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
455 {
456 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
457 goto err;
458 }
459
460 /* This check was for equality but PGP does evil things
461 * and chops off the top '0' bytes */
462 if (flen > num)
463 {
464 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
465 goto err;
466 }
467
468 /* make data into a big number */
469 if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
470
471 if (BN_ucmp(&f, rsa->n) >= 0)
472 {
473 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
474 goto err;
475 }
476
477 BLINDING_HELPER(rsa, ctx, goto err;);
478 blinding = rsa->blinding;
479
480 /* Now unless blinding is disabled, 'blinding' is non-NULL.
481 * But the BN_BLINDING object may be owned by some other thread
482 * (we don't want to keep it constant and we don't want to use
483 * lots of locking to avoid race conditions, so only a single
484 * thread can use it; other threads have to use local blinding
485 * factors) */
486 if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
487 {
488 if (blinding == NULL)
489 {
490 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
491 goto err;
492 }
493 }
494
495 if (blinding != NULL)
496 {
497 if (blinding->thread_id != CRYPTO_thread_id())
498 {
499 /* we need a local one-time blinding factor */
500
501 blinding = setup_blinding(rsa, ctx);
502 if (blinding == NULL)
503 goto err;
504 local_blinding = 1;
505 }
506 }
507
508 if (blinding)
509 if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err;
510
511 /* do the decrypt */
512 if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
513 ((rsa->p != NULL) &&
514 (rsa->q != NULL) &&
515 (rsa->dmp1 != NULL) &&
516 (rsa->dmq1 != NULL) &&
517 (rsa->iqmp != NULL)) )
518 {
519 if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err;
520 }
521 else
522 {
523 BIGNUM local_d;
524 BIGNUM *d = NULL;
525
526 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
527 {
528 d = &local_d;
529 BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
530 }
531 else
532 d = rsa->d;
533 if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL))
534 goto err;
535 }
536
537 if (blinding)
538 if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
539
540 p=buf;
541 j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
542
543 switch (padding)
544 {
545 case RSA_PKCS1_PADDING:
546 r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
547 break;
548#ifndef OPENSSL_NO_SHA
549 case RSA_PKCS1_OAEP_PADDING:
550 r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
551 break;
552#endif
553 case RSA_SSLV23_PADDING:
554 r=RSA_padding_check_SSLv23(to,num,buf,j,num);
555 break;
556 case RSA_NO_PADDING:
557 r=RSA_padding_check_none(to,num,buf,j,num);
558 break;
559 default:
560 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
561 goto err;
562 }
563 if (r < 0)
564 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
565
566err:
567 if (ctx != NULL) BN_CTX_free(ctx);
568 BN_clear_free(&f);
569 BN_clear_free(&ret);
570 if (local_blinding)
571 BN_BLINDING_free(blinding);
572 if (buf != NULL)
573 {
574 OPENSSL_cleanse(buf,num);
575 OPENSSL_free(buf);
576 }
577 return(r);
578 }
579
580/* signature verification */
581static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
582 unsigned char *to, RSA *rsa, int padding)
583 {
584 BIGNUM f,ret;
585 int i,num=0,r= -1;
586 unsigned char *p;
587 unsigned char *buf=NULL;
588 BN_CTX *ctx=NULL;
589
590 BN_init(&f);
591 BN_init(&ret);
592 ctx=BN_CTX_new();
593 if (ctx == NULL) goto err;
594
595 num=BN_num_bytes(rsa->n);
596 buf=(unsigned char *)OPENSSL_malloc(num);
597 if (buf == NULL)
598 {
599 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
600 goto err;
601 }
602
603 /* This check was for equality but PGP does evil things
604 * and chops off the top '0' bytes */
605 if (flen > num)
606 {
607 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
608 goto err;
609 }
610
611 if (BN_bin2bn(from,flen,&f) == NULL) goto err;
612
613 if (BN_ucmp(&f, rsa->n) >= 0)
614 {
615 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
616 goto err;
617 }
618
619 /* do the decrypt */
620
621 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
622 {
623 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
624 CRYPTO_LOCK_RSA, rsa->n, ctx))
625 goto err;
626 }
627
628 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
629 rsa->_method_mod_n)) goto err;
630
631 if ((padding == RSA_X931_PADDING) && ((ret.d[0] & 0xf) != 12))
632 BN_sub(&ret, rsa->n, &ret);
633
634 p=buf;
635 i=BN_bn2bin(&ret,p);
636
637 switch (padding)
638 {
639 case RSA_PKCS1_PADDING:
640 r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
641 break;
642 case RSA_X931_PADDING:
643 r=RSA_padding_check_X931(to,num,buf,i,num);
644 break;
645 case RSA_NO_PADDING:
646 r=RSA_padding_check_none(to,num,buf,i,num);
647 break;
648 default:
649 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
650 goto err;
651 }
652 if (r < 0)
653 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
654
655err:
656 if (ctx != NULL) BN_CTX_free(ctx);
657 BN_clear_free(&f);
658 BN_clear_free(&ret);
659 if (buf != NULL)
660 {
661 OPENSSL_cleanse(buf,num);
662 OPENSSL_free(buf);
663 }
664 return(r);
665 }
666
667static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
668 {
669 BIGNUM r1,m1,vrfy;
670 BIGNUM local_dmp1, local_dmq1;
671 BIGNUM *dmp1, *dmq1;
672 int ret=0;
673 BN_CTX *ctx;
674
675 BN_init(&m1);
676 BN_init(&r1);
677 BN_init(&vrfy);
678 if ((ctx=BN_CTX_new()) == NULL) goto err;
679
680 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
681 {
682 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p,
683 CRYPTO_LOCK_RSA, rsa->p, ctx))
684 goto err;
685 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q,
686 CRYPTO_LOCK_RSA, rsa->q, ctx))
687 goto err;
688 }
689
690 if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
691 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
692 {
693 dmq1 = &local_dmq1;
694 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_EXP_CONSTTIME);
695 }
696 else
697 dmq1 = rsa->dmq1;
698 if (!rsa->meth->bn_mod_exp(&m1,&r1,dmq1,rsa->q,ctx,
699 rsa->_method_mod_q)) goto err;
700
701 if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
702 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
703 {
704 dmp1 = &local_dmp1;
705 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_EXP_CONSTTIME);
706 }
707 else
708 dmp1 = rsa->dmp1;
709 if (!rsa->meth->bn_mod_exp(r0,&r1,dmp1,rsa->p,ctx,
710 rsa->_method_mod_p)) goto err;
711
712 if (!BN_sub(r0,r0,&m1)) goto err;
713 /* This will help stop the size of r0 increasing, which does
714 * affect the multiply if it optimised for a power of 2 size */
715 if (r0->neg)
716 if (!BN_add(r0,r0,rsa->p)) goto err;
717
718 if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err;
719 if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err;
720 /* If p < q it is occasionally possible for the correction of
721 * adding 'p' if r0 is negative above to leave the result still
722 * negative. This can break the private key operations: the following
723 * second correction should *always* correct this rare occurrence.
724 * This will *never* happen with OpenSSL generated keys because
725 * they ensure p > q [steve]
726 */
727 if (r0->neg)
728 if (!BN_add(r0,r0,rsa->p)) goto err;
729 if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
730 if (!BN_add(r0,&r1,&m1)) goto err;
731
732 if (rsa->e && rsa->n)
733 {
734 if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
735 /* If 'I' was greater than (or equal to) rsa->n, the operation
736 * will be equivalent to using 'I mod n'. However, the result of
737 * the verify will *always* be less than 'n' so we don't check
738 * for absolute equality, just congruency. */
739 if (!BN_sub(&vrfy, &vrfy, I)) goto err;
740 if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err;
741 if (vrfy.neg)
742 if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err;
743 if (!BN_is_zero(&vrfy))
744 {
745 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak
746 * miscalculated CRT output, just do a raw (slower)
747 * mod_exp and return that instead. */
748
749 BIGNUM local_d;
750 BIGNUM *d = NULL;
751
752 if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
753 {
754 d = &local_d;
755 BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
756 }
757 else
758 d = rsa->d;
759 if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,NULL)) goto err;
760 }
761 }
762 ret=1;
763err:
764 BN_clear_free(&m1);
765 BN_clear_free(&r1);
766 BN_clear_free(&vrfy);
767 BN_CTX_free(ctx);
768 return(ret);
769 }
770
771static int RSA_eay_init(RSA *rsa)
772 {
773 rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
774 return(1);
775 }
776
777static int RSA_eay_finish(RSA *rsa)
778 {
779 if (rsa->_method_mod_n != NULL)
780 BN_MONT_CTX_free(rsa->_method_mod_n);
781 if (rsa->_method_mod_p != NULL)
782 BN_MONT_CTX_free(rsa->_method_mod_p);
783 if (rsa->_method_mod_q != NULL)
784 BN_MONT_CTX_free(rsa->_method_mod_q);
785 return(1);
786 }
787
788#endif
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_gen.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_gen.c
new file mode 100644
index 0000000000..3f50746733
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_gen.c
@@ -0,0 +1,282 @@
1/* crypto/rsa/rsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <time.h>
62#include <openssl/err.h>
63#include <openssl/bn.h>
64#include <openssl/rsa.h>
65#include <openssl/fips.h>
66
67void *OPENSSL_stderr(void);
68
69#ifdef OPENSSL_FIPS
70
71int fips_check_rsa(RSA *rsa)
72 {
73 int n, ret = 0;
74 unsigned char tctext[256], *ctext = tctext;
75 unsigned char tptext[256], *ptext = tptext;
76 /* The longest we can have with PKCS#1 v1.5 padding and a 512 bit key,
77 * namely 512/8-11-1 = 52 bytes */
78 static const unsigned char original_ptext[] =
79 "\x01\x23\x45\x67\x89\xab\xcd\xef\x01\x23\x45\x67\x89\xab\xcd\xef"
80 "\x01\x23\x45\x67\x89\xab\xcd\xef\x01\x23\x45\x67\x89\xab\xcd\xef"
81 "\x01\x23\x45\x67\x89\xab\xcd\xef\x01\x23\x45\x67\x89\xab\xcd\xef"
82 "\x01\x23\x45\x67";
83
84 if (RSA_size(rsa) > sizeof(tctext))
85 {
86 ctext = OPENSSL_malloc(RSA_size(rsa));
87 ptext = OPENSSL_malloc(RSA_size(rsa));
88 if (!ctext || !ptext)
89 {
90 ERR_print_errors_fp(OPENSSL_stderr());
91 exit(1);
92 }
93 }
94
95
96 /* this will fail for keys shorter than 512 bits */
97 n=RSA_private_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa,
98 RSA_PKCS1_PADDING);
99 if(n < 0)
100 {
101 ERR_print_errors_fp(OPENSSL_stderr());
102 exit(1);
103 }
104 if(!memcmp(ctext,original_ptext,n))
105 {
106 FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
107 goto error;
108 }
109 n=RSA_public_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_PADDING);
110 if(n < 0)
111 {
112 ERR_print_errors_fp(OPENSSL_stderr());
113 exit(1);
114 }
115 if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n))
116 {
117 FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
118 goto error;
119 }
120
121 ret = 1;
122
123 error:
124
125 if (RSA_size(rsa) > sizeof(tctext))
126 {
127 OPENSSL_free(ctext);
128 OPENSSL_free(ptext);
129 }
130
131 return ret;
132 }
133
134RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value,
135 void (*callback)(int,int,void *), void *cb_arg)
136 {
137 RSA *rsa=NULL;
138 BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
139 int bitsp,bitsq,ok= -1,n=0,i;
140 BN_CTX *ctx=NULL,*ctx2=NULL;
141
142 if (bits < 512)
143 {
144 FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT);
145 return NULL;
146 }
147
148 if(FIPS_selftest_failed())
149 {
150 FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
151 return NULL;
152 }
153
154 ctx=BN_CTX_new();
155 if (ctx == NULL) goto err;
156 ctx2=BN_CTX_new();
157 if (ctx2 == NULL) goto err;
158 BN_CTX_start(ctx);
159 r0 = BN_CTX_get(ctx);
160 r1 = BN_CTX_get(ctx);
161 r2 = BN_CTX_get(ctx);
162 r3 = BN_CTX_get(ctx);
163 if (r3 == NULL) goto err;
164
165 bitsp=(bits+1)/2;
166 bitsq=bits-bitsp;
167 rsa=RSA_new();
168 if (rsa == NULL) goto err;
169
170 /* set e */
171 rsa->e=BN_new();
172 if (rsa->e == NULL) goto err;
173
174#if 1
175 /* The problem is when building with 8, 16, or 32 BN_ULONG,
176 * unsigned long can be larger */
177 for (i=0; i<sizeof(unsigned long)*8; i++)
178 {
179 if (e_value & (1UL<<i))
180 BN_set_bit(rsa->e,i);
181 }
182#else
183 if (!BN_set_word(rsa->e,e_value)) goto err;
184#endif
185
186 /* generate p and q */
187 for (;;)
188 {
189 rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
190 if (rsa->p == NULL) goto err;
191 if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
192 if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
193 if (BN_is_one(r1)) break;
194 if (callback != NULL) callback(2,n++,cb_arg);
195 BN_free(rsa->p);
196 }
197 if (callback != NULL) callback(3,0,cb_arg);
198 for (;;)
199 {
200 rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg);
201 if (rsa->q == NULL) goto err;
202 if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
203 if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
204 if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
205 break;
206 if (callback != NULL) callback(2,n++,cb_arg);
207 BN_free(rsa->q);
208 }
209 if (callback != NULL) callback(3,1,cb_arg);
210 if (BN_cmp(rsa->p,rsa->q) < 0)
211 {
212 tmp=rsa->p;
213 rsa->p=rsa->q;
214 rsa->q=tmp;
215 }
216
217 /* calculate n */
218 rsa->n=BN_new();
219 if (rsa->n == NULL) goto err;
220 if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err;
221
222 /* calculate d */
223 if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */
224 if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */
225 if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
226
227/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
228/* for (;;)
229 {
230 if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
231 if (BN_is_one(r3)) break;
232
233 if (1)
234 {
235 if (!BN_add_word(rsa->e,2L)) goto err;
236 continue;
237 }
238 RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
239 goto err;
240 }
241*/
242 rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */
243 if (rsa->d == NULL) goto err;
244
245 /* calculate d mod (p-1) */
246 rsa->dmp1=BN_new();
247 if (rsa->dmp1 == NULL) goto err;
248 if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
249
250 /* calculate d mod (q-1) */
251 rsa->dmq1=BN_new();
252 if (rsa->dmq1 == NULL) goto err;
253 if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
254
255 /* calculate inverse of q mod p */
256 rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
257 if (rsa->iqmp == NULL) goto err;
258
259 if(!fips_check_rsa(rsa))
260 goto err;
261
262 ok=1;
263err:
264 if (ok == -1)
265 {
266 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
267 ok=0;
268 }
269 BN_CTX_end(ctx);
270 BN_CTX_free(ctx);
271 BN_CTX_free(ctx2);
272
273 if (!ok)
274 {
275 if (rsa != NULL) RSA_free(rsa);
276 return(NULL);
277 }
278 else
279 return(rsa);
280 }
281
282#endif
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_selftest.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_selftest.c
new file mode 100644
index 0000000000..0b620c717b
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_selftest.c
@@ -0,0 +1,251 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <string.h>
51#include <openssl/err.h>
52#include <openssl/fips.h>
53#include <openssl/rsa.h>
54#include <openssl/fips_sha.h>
55#include <openssl/opensslconf.h>
56
57#ifdef OPENSSL_FIPS
58#define SetKey \
59 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
60 key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
61 key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
62 key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
63 key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
64 key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
65 key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
66 key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
67 memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
68 return (sizeof(ctext_ex) - 1);
69
70static unsigned char n[] =
71"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
72"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
73"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
74"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
75"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
76"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
77"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
78"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
79"\xCB";
80
81
82static int setrsakey(RSA *key, unsigned char *c)
83 {
84 static const unsigned char e[] = "\x11";
85
86 static const unsigned char d[] =
87"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
88"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
89"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
90"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
91"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
92"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
93"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
94"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
95"\xC1";
96
97 static const unsigned char p[] =
98"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
99"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
100"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
101"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
102"\x99";
103
104 static const unsigned char q[] =
105"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
106"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
107"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
108"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
109"\x03";
110
111 static const unsigned char dmp1[] =
112"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
113"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
114"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
115"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
116
117 static const unsigned char dmq1[] =
118"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
119"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
120"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
121"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
122
123 static const unsigned char iqmp[] =
124"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
125"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
126"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
127"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
128"\xF7";
129
130 static const unsigned char ctext_ex[] =
131"\x42\x4b\xc9\x51\x61\xd4\xca\xa0\x18\x6c\x4d\xca\x61\x8f\x2d\x07"
132"\x8c\x63\xc5\x6b\xa2\x4c\x32\xb1\xda\xb7\xdd\x32\xb6\x51\x68\xc3"
133"\x6e\x98\x46\xd6\xbb\x1a\xd5\x99\x05\x92\x7c\xd7\xbc\x08\x9e\xe4"
134"\xc3\x70\x4d\xe6\x99\x7e\x61\x31\x07\x7a\x19\xdb\x3e\x11\xfa\x3d"
135"\x7c\x61\xd7\x78\x14\x3f\x05\x16\xa0\xc4\xbf\xcd\xee\xca\x67\x4c"
136"\x80\x4e\xca\x43\x2f\x35\x43\x58\xa7\x50\x7e\x3e\x52\x82\xab\xac"
137"\xa6\x50\xe8\x39\x9f\xe0\x7f\x58\x1d\x1b\x90\x93\x04\xec\xb3\xf9"
138"\x24\xd3\x75\x3e\x39\xd1\x14\xc6\x33\xce\xd6\xee\x20\x47\xec\xe4";
139
140 SetKey;
141 }
142
143void FIPS_corrupt_rsa()
144 {
145 n[0]++;
146 }
147
148int FIPS_selftest_rsa()
149 {
150 int clen;
151 RSA *key;
152 unsigned char expected_ctext[256];
153 unsigned char ctext[256];
154 unsigned char ptext[256];
155 static const unsigned char original_ptext[] =
156 "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0"
157 "\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12"
158 "\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34"
159 "\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56"
160 "\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78"
161 "\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a"
162 "\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc"
163 "\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde"
164 "\xf0\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde";
165 unsigned char md[SHA_DIGEST_LENGTH];
166 static const unsigned char mdkat[SHA_DIGEST_LENGTH] =
167 "\x2d\x57\x1d\x6f\x5c\x37\xf9\xf0\x3b\xb4\x3c\xe8\x2c\x4c\xb3\x04"
168 "\x75\xa2\x0e\xfb";
169 static const unsigned char ctextkat[] =
170 "\x3e\xc5\x0a\xbe\x29\xa2\xca\x9a\x35\x14\x17\x26\xa4\x0f\xa3\x03"
171 "\x65\xb5\x37\xf5\x6a\xaa\xb\xf\x2c\x0d\x8\xc0\x73\x8\x3c\x88\x85"
172 "\x36\x68\x16\xfe\x2f\x59\x77\x7e\x2a\x76\x9a\xc7\x27\x19\x9b\x54"
173 "\x14\x87\xf3\xe0\xce\x1e\x68\x10\x40\x14\xac\xbc\xe6\x6f\x26\x1f"
174 "\x55\xd1\x15\x81\x48\x10\xf4\x89\xe5\x67\x52\x42\x87\x04\x74\x4e"
175 "\x96\x14\x7c\x53\xc9\x1e\x84\x11\x7d\x7d\x23\xbd\xff\x6c\xcb\x00"
176 "\x96\x2e\x7d\xfb\x47\xea\x78\xcd\xd8\x04\x3a\x98\x06\x13\x68\x39"
177 "\xa1\xe2\xbc\x9f\x64\xc7\x62\xf0\x74\x4d\x42\xe0\x0b\xcf\x24\x48";
178 int i;
179
180 /* Perform pairwise consistency test by: ... */
181
182 key=RSA_new();
183 clen=setrsakey(key,expected_ctext);
184 /* ...1) apply public key to plaintext, resulting ciphertext must be
185 * different
186 */
187 i=RSA_public_encrypt(128,original_ptext,ctext,key,
188 RSA_NO_PADDING);
189 if(i != clen || memcmp(ctext,expected_ctext,i))
190 {
191 FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
192 return 0;
193 }
194 if(!memcmp(ctext,original_ptext,i))
195 {
196 FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
197 return 0;
198 }
199 /* ...2) apply private key to ciphertext and compare result to
200 * original plaintext; results must be equal
201 */
202 i=RSA_private_decrypt(i,ctext,ptext,key,RSA_NO_PADDING);
203 if(i != 128 || memcmp(ptext,original_ptext,i))
204 {
205 FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
206 return 0;
207 }
208
209 /* Perform sign and verify Known Answer Test by... */
210
211 /* ...1) using the same RSA key to encrypt the SHA-1 hash of a
212 * plaintext value larger than the RSA key size
213 */
214 if (RSA_size(key) >= sizeof(original_ptext) - 1)
215 {
216 FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
217 return 0;
218 }
219 /* ...2) then generate the SHA-1 digest of plaintext, and compare the
220 * digest to the Known Answer (note here we duplicate the SHA-1 KAT)
221 */
222 SHA1(original_ptext,sizeof(original_ptext) - 1,md);
223 if(memcmp(md,mdkat,SHA_DIGEST_LENGTH))
224 {
225 FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED);
226 return 0;
227 }
228 /* ...3) then encrypt the digest, and compare the ciphertext
229 * to the Known Answer
230 */
231 i=RSA_private_encrypt(sizeof(md),md,ctext,key,RSA_PKCS1_PADDING);
232 if(i != clen || memcmp(ctextkat,ctext,i))
233 {
234 FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
235 return 0;
236 }
237 /* ...4) and finally decrypt the signed digest and compare with
238 * the original Known Answer
239 */
240 i=RSA_public_decrypt(i,ctext,md,key,RSA_PKCS1_PADDING);
241 if(i != sizeof(md) || memcmp(mdkat,md,i))
242 {
243 FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
244 return 0;
245 }
246
247 RSA_free(key);
248 return 1;
249 }
250
251#endif /* def OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_x931g.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_x931g.c
new file mode 100644
index 0000000000..41e1473bca
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsa_x931g.c
@@ -0,0 +1,289 @@
1/* crypto/rsa/rsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <time.h>
62#include <openssl/err.h>
63#include <openssl/bn.h>
64#include <openssl/rsa.h>
65#include <openssl/fips.h>
66
67#ifdef OPENSSL_FIPS
68
69extern int fips_check_rsa(RSA *rsa);
70
71
72/* X9.31 RSA key derivation and generation */
73
74int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
75 void (*cb)(int, int, void *), void *cb_arg,
76 const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp,
77 const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq,
78 const BIGNUM *e)
79 {
80 BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL;
81 BN_CTX *ctx=NULL,*ctx2=NULL;
82
83 if (!rsa)
84 goto err;
85
86 ctx = BN_CTX_new();
87 BN_CTX_start(ctx);
88 if (!ctx)
89 goto err;
90
91 r0 = BN_CTX_get(ctx);
92 r1 = BN_CTX_get(ctx);
93 r2 = BN_CTX_get(ctx);
94 r3 = BN_CTX_get(ctx);
95
96 if (r3 == NULL)
97 goto err;
98 if (!rsa->e)
99 {
100 rsa->e = BN_dup(e);
101 if (!rsa->e)
102 goto err;
103 }
104 else
105 e = rsa->e;
106
107 /* If not all parameters present only calculate what we can.
108 * This allows test programs to output selective parameters.
109 */
110
111 if (Xp && !rsa->p)
112 {
113 rsa->p = BN_new();
114 if (!rsa->p)
115 goto err;
116
117 if (!BN_X931_derive_prime(rsa->p, p1, p2, cb, cb_arg,
118 Xp, Xp1, Xp2, e, ctx))
119 goto err;
120 }
121
122 if (Xq && !rsa->q)
123 {
124 rsa->q = BN_new();
125 if (!rsa->q)
126 goto err;
127 if (!BN_X931_derive_prime(rsa->q, q1, q2, cb, cb_arg,
128 Xq, Xq1, Xq2, e, ctx))
129 goto err;
130 }
131
132 if (!rsa->p || !rsa->q)
133 {
134 BN_CTX_end(ctx);
135 BN_CTX_free(ctx);
136 return 2;
137 }
138
139 /* Since both primes are set we can now calculate all remaining
140 * components.
141 */
142
143 /* calculate n */
144 rsa->n=BN_new();
145 if (rsa->n == NULL)
146 goto err;
147 if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx))
148 goto err;
149
150 /* calculate d */
151 if (!BN_sub(r1,rsa->p,BN_value_one()))
152 goto err; /* p-1 */
153 if (!BN_sub(r2,rsa->q,BN_value_one()))
154 goto err; /* q-1 */
155 if (!BN_mul(r0,r1,r2,ctx))
156 goto err; /* (p-1)(q-1) */
157
158 if (!BN_gcd(r3, r1, r2, ctx))
159 goto err;
160
161 if (!BN_div(r0, NULL, r0, r3, ctx))
162 goto err; /* LCM((p-1)(q-1)) */
163
164 ctx2 = BN_CTX_new();
165 if (!ctx2)
166 goto err;
167
168 rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */
169 if (rsa->d == NULL)
170 goto err;
171
172 /* calculate d mod (p-1) */
173 rsa->dmp1=BN_new();
174 if (rsa->dmp1 == NULL)
175 goto err;
176 if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx))
177 goto err;
178
179 /* calculate d mod (q-1) */
180 rsa->dmq1=BN_new();
181 if (rsa->dmq1 == NULL)
182 goto err;
183 if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx))
184 goto err;
185
186 /* calculate inverse of q mod p */
187 rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
188
189 err:
190 if (ctx)
191 {
192 BN_CTX_end(ctx);
193 BN_CTX_free(ctx);
194 }
195 if (ctx2)
196 BN_CTX_free(ctx2);
197 /* If this is set all calls successful */
198 if (rsa->iqmp != NULL)
199 return 1;
200
201 return 0;
202
203 }
204
205RSA *RSA_X931_generate_key(FIPS_RSA_SIZE_T bits, const BIGNUM *e,
206 void (*cb)(int,int,void *), void *cb_arg)
207 {
208 RSA *rsa = NULL;
209 int ok = 0;
210 BIGNUM *Xp = NULL, *Xq = NULL;
211 BN_CTX *ctx = NULL;
212
213 if (bits < 1024)
214 {
215 FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT);
216 return NULL;
217 }
218
219 if (bits & 0xff)
220 {
221 FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_INVALID_KEY_LENGTH);
222 return NULL;
223 }
224
225 if(FIPS_selftest_failed())
226 {
227 FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
228 return NULL;
229 }
230
231 ctx = BN_CTX_new();
232 if (!ctx)
233 goto error;
234
235 BN_CTX_start(ctx);
236 Xp = BN_CTX_get(ctx);
237 Xq = BN_CTX_get(ctx);
238 if (!BN_X931_generate_Xpq(Xp, Xq, bits, ctx))
239 goto error;
240
241 rsa = RSA_new();
242 if (!rsa)
243 goto error;
244 rsa->p = BN_new();
245 rsa->q = BN_new();
246 if (!rsa->p || !rsa->q)
247 goto error;
248
249 /* Generate two primes from Xp, Xq */
250
251 if (!BN_X931_generate_prime(rsa->p, NULL, NULL, NULL, NULL, Xp,
252 e, ctx, cb, cb_arg))
253 goto error;
254
255 if (!BN_X931_generate_prime(rsa->q, NULL, NULL, NULL, NULL, Xq,
256 e, ctx, cb, cb_arg))
257 goto error;
258
259 /* Since rsa->p and rsa->q are valid this call will just derive
260 * remaining RSA components.
261 */
262
263 if (!RSA_X931_derive(rsa, NULL, NULL, NULL, NULL, cb, cb_arg,
264 NULL, NULL, NULL, NULL, NULL, NULL, e))
265 goto error;
266
267 if(!fips_check_rsa(rsa))
268 goto error;
269
270 ok = 1;
271
272 error:
273 if (ctx)
274 {
275 BN_CTX_end(ctx);
276 BN_CTX_free(ctx);
277 }
278
279 if (ok)
280 return rsa;
281
282 if (rsa)
283 RSA_free(rsa);
284
285 return NULL;
286
287 }
288
289#endif
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsagtest.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsagtest.c
new file mode 100644
index 0000000000..15d3225d53
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsagtest.c
@@ -0,0 +1,420 @@
1/* fips_rsagtest.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include <string.h>
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65#include <openssl/err.h>
66#include <openssl/x509v3.h>
67
68#ifndef OPENSSL_FIPS
69
70int main(int argc, char *argv[])
71{
72 printf("No FIPS RSA support\n");
73 return(0);
74}
75
76#else
77
78extern int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
79 void (*cb)(int, int, void *), void *cb_arg,
80 const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp,
81 const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq,
82 const BIGNUM *e);
83
84int rsa_test(BIO *err, BIO *out, BIO *in);
85static int rsa_printkey1(BIO *err, BIO *out, RSA *rsa,
86 BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp,
87 BIGNUM *e);
88static int rsa_printkey2(BIO *err, BIO *out, RSA *rsa,
89 BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq);
90
91int main(int argc, char **argv)
92 {
93 BIO *in = NULL, *out = NULL, *err = NULL;
94
95 int ret = 1;
96 ERR_load_crypto_strings();
97
98 err = BIO_new_fp(stderr, BIO_NOCLOSE);
99
100 if (!err)
101 {
102 fprintf(stderr, "FATAL stderr initialization error\n");
103 goto end;
104 }
105
106 if(!FIPS_mode_set(1))
107 {
108 ERR_print_errors(err);
109 goto end;
110 }
111
112 if (argc == 1)
113 in = BIO_new_fp(stdin, BIO_NOCLOSE);
114 else
115 in = BIO_new_file(argv[1], "r");
116
117 if (argc < 2)
118 out = BIO_new_fp(stdout, BIO_NOCLOSE);
119 else
120 out = BIO_new_file(argv[2], "w");
121
122 if (!in)
123 {
124 BIO_printf(err, "FATAL input initialization error\n");
125 goto end;
126 }
127
128 if (!out)
129 {
130 fprintf(stderr, "FATAL output initialization error\n");
131 goto end;
132 }
133
134 if (!rsa_test(err, out, in))
135 {
136 fprintf(stderr, "FATAL RSAVTEST file processing error\n");
137 goto end;
138 }
139 else
140 ret = 0;
141
142 end:
143
144 if (ret && err)
145 ERR_print_errors(err);
146
147 if (in)
148 BIO_free(in);
149 if (out)
150 BIO_free(out);
151 if (err)
152 BIO_free(err);
153
154 return ret;
155
156 }
157
158
159static void do_bn_print(BIO *out, const char *name, BIGNUM *b)
160 {
161 char *htmp, *p;
162 /* Can't use BN_print_fp because it uses upper case so
163 * use BN_bn2hex() and convert.
164 */
165 htmp = BN_bn2hex(b);
166 for(p = htmp; *p; p++)
167 {
168 if (isupper(*p))
169 *p = tolower(*p);
170 }
171 BIO_printf(out, "%s = %s\n", name, htmp);
172 OPENSSL_free(htmp);
173 }
174
175#define RSA_TEST_MAXLINELEN 10240
176
177int rsa_test(BIO *err, BIO *out, BIO *in)
178 {
179 char *linebuf, *olinebuf, *p, *q;
180 char *keyword, *value;
181 RSA *rsa = NULL;
182 BIGNUM *Xp1 = NULL, *Xp2 = NULL, *Xp = NULL;
183 BIGNUM *Xq1 = NULL, *Xq2 = NULL, *Xq = NULL;
184 BIGNUM *e = NULL;
185 int ret = 0;
186 int lnum = 0;
187
188 olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
189 linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
190
191 if (!linebuf || !olinebuf)
192 goto error;
193
194 while (BIO_gets(in, olinebuf, RSA_TEST_MAXLINELEN) > 0)
195 {
196 lnum++;
197 strcpy(linebuf, olinebuf);
198 keyword = linebuf;
199 /* Skip leading space */
200 while (isspace((unsigned char)*keyword))
201 keyword++;
202
203 /* Look for = sign */
204 p = strchr(linebuf, '=');
205
206 /* If no = or starts with [ (for [foo = bar] line) just copy */
207 if (!p || *keyword=='[')
208 {
209 if (!BIO_puts(out, olinebuf))
210 goto error;
211 continue;
212 }
213
214 q = p - 1;
215
216 /* Remove trailing space */
217 while (isspace((unsigned char)*q))
218 *q-- = 0;
219
220
221 value = p + 1;
222
223 /* Remove leading space from value */
224 while (isspace((unsigned char)*value))
225 value++;
226
227 /* Remove trailing space from value */
228 p = value + strlen(value) - 1;
229
230 while (*p == '\n' || isspace((unsigned char)*p))
231 *p-- = 0;
232
233 if (!strcmp(keyword, "xp1"))
234 {
235 if (Xp1 || !BN_hex2bn(&Xp1,value))
236 goto parse_error;
237 }
238 else if (!strcmp(keyword, "xp2"))
239 {
240 if (Xp2 || !BN_hex2bn(&Xp2,value))
241 goto parse_error;
242 }
243 else if (!strcmp(keyword, "Xp"))
244 {
245 if (Xp || !BN_hex2bn(&Xp,value))
246 goto parse_error;
247 }
248 else if (!strcmp(keyword, "xq1"))
249 {
250 if (Xq1 || !BN_hex2bn(&Xq1,value))
251 goto parse_error;
252 }
253 else if (!strcmp(keyword, "xq2"))
254 {
255 if (Xq2 || !BN_hex2bn(&Xq2,value))
256 goto parse_error;
257 }
258 else if (!strcmp(keyword, "Xq"))
259 {
260 if (Xq || !BN_hex2bn(&Xq,value))
261 goto parse_error;
262 }
263 else if (!strcmp(keyword, "e"))
264 {
265 if (e || !BN_hex2bn(&e,value))
266 goto parse_error;
267 }
268 else if (!strcmp(keyword, "p1"))
269 continue;
270 else if (!strcmp(keyword, "p2"))
271 continue;
272 else if (!strcmp(keyword, "p"))
273 continue;
274 else if (!strcmp(keyword, "q1"))
275 continue;
276 else if (!strcmp(keyword, "q2"))
277 continue;
278 else if (!strcmp(keyword, "q"))
279 continue;
280 else if (!strcmp(keyword, "n"))
281 continue;
282 else if (!strcmp(keyword, "d"))
283 continue;
284 else
285 goto parse_error;
286
287 BIO_puts(out, olinebuf);
288
289 if (e && Xp1 && Xp2 && Xp)
290 {
291 rsa = RSA_new();
292 if (!rsa)
293 goto error;
294 if (!rsa_printkey1(err, out, rsa, Xp1, Xp2, Xp, e))
295 goto error;
296 BN_free(Xp1);
297 Xp1 = NULL;
298 BN_free(Xp2);
299 Xp2 = NULL;
300 BN_free(Xp);
301 Xp = NULL;
302 BN_free(e);
303 e = NULL;
304 }
305
306 if (rsa && Xq1 && Xq2 && Xq)
307 {
308 if (!rsa_printkey2(err, out, rsa, Xq1, Xq2, Xq))
309 goto error;
310 BN_free(Xq1);
311 Xq1 = NULL;
312 BN_free(Xq2);
313 Xq2 = NULL;
314 BN_free(Xq);
315 Xq = NULL;
316 RSA_free(rsa);
317 rsa = NULL;
318 }
319 }
320
321 ret = 1;
322
323 error:
324
325 if (olinebuf)
326 OPENSSL_free(olinebuf);
327 if (linebuf)
328 OPENSSL_free(linebuf);
329
330 if (Xp1)
331 BN_free(Xp1);
332 if (Xp2)
333 BN_free(Xp2);
334 if (Xp)
335 BN_free(Xp);
336 if (Xq1)
337 BN_free(Xq1);
338 if (Xq1)
339 BN_free(Xq1);
340 if (Xq2)
341 BN_free(Xq2);
342 if (Xq)
343 BN_free(Xq);
344 if (e)
345 BN_free(e);
346 if (rsa)
347 RSA_free(rsa);
348
349 return ret;
350
351 parse_error:
352
353 BIO_printf(err, "FATAL parse error processing line %d\n", lnum);
354
355 goto error;
356
357 }
358
359static int rsa_printkey1(BIO *err, BIO *out, RSA *rsa,
360 BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp,
361 BIGNUM *e)
362 {
363 int ret = 0;
364 BIGNUM *p1 = NULL, *p2 = NULL;
365 p1 = BN_new();
366 p2 = BN_new();
367 if (!p1 || !p2)
368 goto error;
369
370 if (!RSA_X931_derive(rsa, p1, p2, NULL, NULL, 0, NULL, Xp1, Xp2, Xp,
371 NULL, NULL, NULL, e))
372 goto error;
373
374 do_bn_print(out, "p1", p1);
375 do_bn_print(out, "p2", p2);
376 do_bn_print(out, "p", rsa->p);
377
378 ret = 1;
379
380 error:
381 if (p1)
382 BN_free(p1);
383 if (p2)
384 BN_free(p2);
385
386 return ret;
387 }
388
389static int rsa_printkey2(BIO *err, BIO *out, RSA *rsa,
390 BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq)
391 {
392 int ret = 0;
393 BIGNUM *q1 = NULL, *q2 = NULL;
394 q1 = BN_new();
395 q2 = BN_new();
396 if (!q1 || !q2)
397 goto error;
398
399 if (!RSA_X931_derive(rsa, NULL, NULL, q1, q2, 0, NULL, NULL, NULL, NULL,
400 Xq1, Xq2, Xq, NULL))
401 goto error;
402
403 do_bn_print(out, "q1", q1);
404 do_bn_print(out, "q2", q2);
405 do_bn_print(out, "q", rsa->q);
406 do_bn_print(out, "n", rsa->n);
407 do_bn_print(out, "d", rsa->d);
408
409 ret = 1;
410
411 error:
412 if (q1)
413 BN_free(q1);
414 if (q2)
415 BN_free(q2);
416
417 return ret;
418 }
419
420#endif
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsastest.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsastest.c
new file mode 100644
index 0000000000..880dd636a7
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsastest.c
@@ -0,0 +1,402 @@
1/* fips_rsastest.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include <string.h>
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65#include <openssl/err.h>
66#include <openssl/x509v3.h>
67
68#ifndef OPENSSL_FIPS
69
70int main(int argc, char *argv[])
71{
72 printf("No FIPS RSA support\n");
73 return(0);
74}
75
76#else
77
78static int rsa_stest(BIO *err, BIO *out, BIO *in, int Saltlen);
79static int rsa_printsig(BIO *err, BIO *out, RSA *rsa, const EVP_MD *dgst,
80 unsigned char *Msg, long Msglen, int Saltlen);
81
82int main(int argc, char **argv)
83 {
84 BIO *in = NULL, *out = NULL, *err = NULL;
85
86 int ret = 1, Saltlen = -1;
87 ERR_load_crypto_strings();
88
89 err = BIO_new_fp(stderr, BIO_NOCLOSE);
90
91 if (!err)
92 {
93 fprintf(stderr, "FATAL stderr initialization error\n");
94 goto end;
95 }
96
97 if(!FIPS_mode_set(1))
98 {
99 ERR_print_errors(err);
100 goto end;
101 }
102
103 if ((argc > 2) && !strcmp("-saltlen", argv[1]))
104 {
105 Saltlen = atoi(argv[2]);
106 if (Saltlen < 0)
107 {
108 BIO_printf(err, "FATAL: Invalid salt length\n");
109 goto end;
110 }
111 argc -= 2;
112 argv += 2;
113 }
114 else if ((argc > 1) && !strcmp("-x931", argv[1]))
115 {
116 Saltlen = -2;
117 argc--;
118 argv++;
119 }
120
121 if (argc == 1)
122 in = BIO_new_fp(stdin, BIO_NOCLOSE);
123 else
124 in = BIO_new_file(argv[1], "r");
125
126 if (argc < 2)
127 out = BIO_new_fp(stdout, BIO_NOCLOSE);
128 else
129 out = BIO_new_file(argv[2], "w");
130
131 if (!in)
132 {
133 BIO_printf(err, "FATAL input initialization error\n");
134 goto end;
135 }
136
137 if (!out)
138 {
139 fprintf(stderr, "FATAL output initialization error\n");
140 goto end;
141 }
142
143 if (!rsa_stest(err, out, in, Saltlen))
144 {
145 fprintf(stderr, "FATAL RSAVTEST file processing error\n");
146 goto end;
147 }
148 else
149 ret = 0;
150
151 end:
152
153 if (ret && err)
154 ERR_print_errors(err);
155
156 if (in)
157 BIO_free(in);
158 if (out)
159 BIO_free(out);
160 if (err)
161 BIO_free(err);
162
163 return ret;
164
165 }
166
167#define RSA_TEST_MAXLINELEN 10240
168
169int rsa_stest(BIO *err, BIO *out, BIO *in, int Saltlen)
170 {
171 char *linebuf, *olinebuf, *p, *q;
172 char *keyword, *value;
173 RSA *rsa = NULL;
174 const EVP_MD *dgst = NULL;
175 unsigned char *Msg = NULL;
176 long Msglen;
177 int keylen = -1, current_keylen = -1;
178 int ret = 0;
179 int lnum = 0;
180
181 olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
182 linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
183
184 if (!linebuf || !olinebuf)
185 goto error;
186
187 while (BIO_gets(in, olinebuf, RSA_TEST_MAXLINELEN) > 0)
188 {
189 lnum++;
190 strcpy(linebuf, olinebuf);
191 keyword = linebuf;
192 /* Skip leading space */
193 while (isspace((unsigned char)*keyword))
194 keyword++;
195
196 /* Look for = sign */
197 p = strchr(linebuf, '=');
198
199 /* If no = just copy */
200 if (!p)
201 {
202 if (!BIO_puts(out, olinebuf))
203 goto error;
204 continue;
205 }
206
207 q = p - 1;
208
209 /* Remove trailing space */
210 while (isspace((unsigned char)*q))
211 *q-- = 0;
212
213
214 value = p + 1;
215
216 /* Remove leading space from value */
217 while (isspace((unsigned char)*value))
218 value++;
219
220 /* Remove trailing space from value */
221 p = value + strlen(value) - 1;
222
223 while (*p == '\n' || isspace((unsigned char)*p))
224 *p-- = 0;
225
226 /* Look for [mod = XXX] for key length */
227
228 if (!strcmp(keyword, "[mod"))
229 {
230 p = value + strlen(value) - 1;
231 if (*p != ']')
232 goto parse_error;
233 *p = 0;
234 keylen = atoi(value);
235 if (keylen < 0)
236 goto parse_error;
237 }
238 else if (!strcmp(keyword, "SHAAlg"))
239 {
240 if (!strcmp(value, "SHA1"))
241 dgst = EVP_sha1();
242 else if (!strcmp(value, "SHA224"))
243 dgst = EVP_sha224();
244 else if (!strcmp(value, "SHA256"))
245 dgst = EVP_sha256();
246 else if (!strcmp(value, "SHA384"))
247 dgst = EVP_sha384();
248 else if (!strcmp(value, "SHA512"))
249 dgst = EVP_sha512();
250 else
251 {
252 BIO_printf(err,
253 "FATAL: unsupported algorithm \"%s\"\n",
254 value);
255 goto parse_error;
256 }
257 }
258 else if (!strcmp(keyword, "Msg"))
259 {
260 if (Msg)
261 goto parse_error;
262 if (strlen(value) & 1)
263 *(--value) = '0';
264 Msg = string_to_hex(value, &Msglen);
265 if (!Msg)
266 goto parse_error;
267 }
268
269 BIO_puts(out, olinebuf);
270
271 /* If key length has changed, generate and output public
272 * key components of new RSA private key.
273 */
274
275 if (keylen != current_keylen)
276 {
277 if (rsa)
278 RSA_free(rsa);
279 rsa = RSA_generate_key(keylen, 0x1001, 0, NULL);
280 if (!rsa)
281 goto error;
282 BIO_puts(out, "n = ");
283 BN_print(out, rsa->n);
284 BIO_puts(out, "\ne = ");
285 BN_print(out, rsa->e);
286 BIO_puts(out, "\n");
287 current_keylen = keylen;
288 }
289
290 if (Msg && dgst)
291 {
292 if (!rsa_printsig(err, out, rsa, dgst, Msg, Msglen,
293 Saltlen))
294 goto error;
295 OPENSSL_free(Msg);
296 Msg = NULL;
297 }
298
299 }
300
301 ret = 1;
302
303 error:
304
305 if (olinebuf)
306 OPENSSL_free(olinebuf);
307 if (linebuf)
308 OPENSSL_free(linebuf);
309 if (rsa)
310 RSA_free(rsa);
311
312 return ret;
313
314 parse_error:
315
316 BIO_printf(err, "FATAL parse error processing line %d\n", lnum);
317
318 goto error;
319
320 }
321
322static int rsa_printsig(BIO *err, BIO *out, RSA *rsa, const EVP_MD *dgst,
323 unsigned char *Msg, long Msglen, int Saltlen)
324 {
325 int ret = 0;
326 unsigned char *sigbuf = NULL;
327 int i, siglen;
328 /* EVP_PKEY structure */
329 EVP_PKEY *key = NULL;
330 EVP_MD_CTX ctx;
331 key = EVP_PKEY_new();
332 if (!key)
333 goto error;
334 if (!EVP_PKEY_set1_RSA(key, rsa))
335 goto error;
336
337 siglen = EVP_PKEY_size(key);
338 sigbuf = OPENSSL_malloc(siglen);
339 if (!sigbuf)
340 goto error;
341
342 EVP_MD_CTX_init(&ctx);
343
344 if (Saltlen != -1)
345 {
346 unsigned int mdlen;
347 unsigned char mdtmp[EVP_MAX_MD_SIZE + 1];
348
349 if (!EVP_DigestInit_ex(&ctx, dgst, NULL))
350 goto error;
351 if (!EVP_DigestUpdate(&ctx, Msg, Msglen))
352 goto error;
353 if (!EVP_DigestFinal(&ctx, mdtmp, &mdlen))
354 goto error;
355
356 if (Saltlen == -2)
357 {
358 mdtmp[mdlen] = RSA_X931_hash_id(EVP_MD_type(dgst));
359 siglen = RSA_private_encrypt(mdlen + 1, mdtmp,
360 sigbuf, rsa, RSA_X931_PADDING);
361 if (siglen <= 0)
362 goto error;
363 }
364 else
365 {
366 if (!RSA_padding_add_PKCS1_PSS(rsa, sigbuf, mdtmp,
367 dgst, Saltlen))
368 goto error;
369 siglen = RSA_private_encrypt(siglen, sigbuf, sigbuf,
370 rsa, RSA_NO_PADDING);
371 if (siglen <= 0)
372 goto error;
373 }
374 }
375 else
376 {
377 if (!EVP_SignInit_ex(&ctx, dgst, NULL))
378 goto error;
379 if (!EVP_SignUpdate(&ctx, Msg, Msglen))
380 goto error;
381 if (!EVP_SignFinal(&ctx, sigbuf, (unsigned int *)&siglen, key))
382 goto error;
383 }
384
385 EVP_MD_CTX_cleanup(&ctx);
386
387 BIO_puts(out, "S = ");
388
389 for (i = 0; i < siglen; i++)
390 BIO_printf(out, "%02X", sigbuf[i]);
391
392 BIO_puts(out, "\n");
393
394 ret = 1;
395
396 error:
397 if (key)
398 EVP_PKEY_free(key);
399
400 return ret;
401 }
402#endif
diff --git a/src/lib/libssl/src/fips-1.0/rsa/fips_rsavtest.c b/src/lib/libssl/src/fips-1.0/rsa/fips_rsavtest.c
new file mode 100644
index 0000000000..7e2c40424d
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/rsa/fips_rsavtest.c
@@ -0,0 +1,425 @@
1/* fips_rsavtest.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include <string.h>
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65#include <openssl/err.h>
66#include <openssl/x509v3.h>
67
68#ifndef OPENSSL_FIPS
69
70int main(int argc, char *argv[])
71{
72 printf("No FIPS RSA support\n");
73 return(0);
74}
75
76#else
77
78int rsa_test(BIO *err, BIO *out, BIO *in, int saltlen);
79static int rsa_printver(BIO *err, BIO *out,
80 BIGNUM *n, BIGNUM *e,
81 const EVP_MD *dgst,
82 unsigned char *Msg, long Msglen,
83 unsigned char *S, long Slen, int Saltlen);
84
85int main(int argc, char **argv)
86 {
87 BIO *in = NULL, *out = NULL, *err = NULL;
88
89 int ret = 1;
90 int Saltlen = -1;
91 ERR_load_crypto_strings();
92
93 err = BIO_new_fp(stderr, BIO_NOCLOSE);
94
95 if (!err)
96 {
97 fprintf(stderr, "FATAL stderr initialization error\n");
98 goto end;
99 }
100
101 if(!FIPS_mode_set(1))
102 {
103 ERR_print_errors(err);
104 goto end;
105 }
106
107 if ((argc > 2) && !strcmp("-saltlen", argv[1]))
108 {
109 Saltlen = atoi(argv[2]);
110 if (Saltlen < 0)
111 {
112 BIO_printf(err, "FATAL: Invalid salt length\n");
113 goto end;
114 }
115 argc -= 2;
116 argv += 2;
117 }
118 else if ((argc > 1) && !strcmp("-x931", argv[1]))
119 {
120 Saltlen = -2;
121 argc--;
122 argv++;
123 }
124
125 if (argc == 1)
126 in = BIO_new_fp(stdin, BIO_NOCLOSE);
127 else
128 in = BIO_new_file(argv[1], "r");
129
130 if (argc < 2)
131 out = BIO_new_fp(stdout, BIO_NOCLOSE);
132 else
133 out = BIO_new_file(argv[2], "w");
134
135 if (!in)
136 {
137 BIO_printf(err, "FATAL input initialization error\n");
138 goto end;
139 }
140
141 if (!out)
142 {
143 fprintf(stderr, "FATAL output initialization error\n");
144 goto end;
145 }
146
147 if (!rsa_test(err, out, in, Saltlen))
148 {
149 fprintf(stderr, "FATAL RSAVTEST file processing error\n");
150 goto end;
151 }
152 else
153 ret = 0;
154
155 end:
156
157 if (ret && err)
158 ERR_print_errors(err);
159
160 if (in)
161 BIO_free(in);
162 if (out)
163 BIO_free(out);
164 if (err)
165 BIO_free(err);
166
167 return ret;
168
169 }
170
171#define RSA_TEST_MAXLINELEN 10240
172
173int rsa_test(BIO *err, BIO *out, BIO *in, int Saltlen)
174 {
175 char *linebuf, *olinebuf, *p, *q;
176 char *keyword, *value;
177 const EVP_MD *dgst = NULL;
178 BIGNUM *n = NULL, *e = NULL;
179 unsigned char *Msg = NULL, *S = NULL;
180 long Msglen, Slen;
181 int ret = 0;
182 int lnum = 0;
183
184 olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
185 linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
186
187 if (!linebuf || !olinebuf)
188 goto error;
189
190 while (BIO_gets(in, olinebuf, RSA_TEST_MAXLINELEN) > 0)
191 {
192 lnum++;
193 strcpy(linebuf, olinebuf);
194 keyword = linebuf;
195 /* Skip leading space */
196 while (isspace((unsigned char)*keyword))
197 keyword++;
198
199 /* Look for = sign */
200 p = strchr(linebuf, '=');
201
202 /* If no = or starts with [ (for [foo = bar] line) just copy */
203 if (!p || *keyword=='[')
204 {
205 if (!BIO_puts(out, olinebuf))
206 goto error;
207 continue;
208 }
209
210 q = p - 1;
211
212 /* Remove trailing space */
213 while (isspace((unsigned char)*q))
214 *q-- = 0;
215
216
217 value = p + 1;
218
219 /* Remove leading space from value */
220 while (isspace((unsigned char)*value))
221 value++;
222
223 /* Remove trailing space from value */
224 p = value + strlen(value) - 1;
225
226 while (*p == '\n' || isspace((unsigned char)*p))
227 *p-- = 0;
228
229 if (!strcmp(keyword, "n"))
230 {
231 if (!BN_hex2bn(&n,value))
232 goto parse_error;
233 }
234 else if (!strcmp(keyword, "e"))
235 {
236 if (!BN_hex2bn(&e,value))
237 goto parse_error;
238 }
239 else if (!strcmp(keyword, "SHAAlg"))
240 {
241 if (!strcmp(value, "SHA1"))
242 dgst = EVP_sha1();
243 else if (!strcmp(value, "SHA224"))
244 dgst = EVP_sha224();
245 else if (!strcmp(value, "SHA256"))
246 dgst = EVP_sha256();
247 else if (!strcmp(value, "SHA384"))
248 dgst = EVP_sha384();
249 else if (!strcmp(value, "SHA512"))
250 dgst = EVP_sha512();
251 else
252 {
253 BIO_printf(err,
254 "FATAL: unsupported algorithm \"%s\"\n",
255 value);
256 goto parse_error;
257 }
258 }
259 else if (!strcmp(keyword, "Msg"))
260 {
261 if (Msg)
262 goto parse_error;
263 if (strlen(value) & 1)
264 *(--value) = '0';
265 Msg = string_to_hex(value, &Msglen);
266 if (!Msg)
267 goto parse_error;
268 }
269 else if (!strcmp(keyword, "S"))
270 {
271 if (S)
272 goto parse_error;
273 if (strlen(value) & 1)
274 *(--value) = '0';
275 S = string_to_hex(value, &Slen);
276 if (!S)
277 goto parse_error;
278 }
279 else if (!strcmp(keyword, "Result"))
280 continue;
281 else
282 goto parse_error;
283
284 BIO_puts(out, olinebuf);
285
286 if (n && e && Msg && S && dgst)
287 {
288 if (!rsa_printver(err, out, n, e, dgst,
289 Msg, Msglen, S, Slen, Saltlen))
290 goto error;
291 OPENSSL_free(Msg);
292 Msg = NULL;
293 OPENSSL_free(S);
294 S = NULL;
295 }
296
297 }
298
299
300 ret = 1;
301
302
303 error:
304
305 if (olinebuf)
306 OPENSSL_free(olinebuf);
307 if (linebuf)
308 OPENSSL_free(linebuf);
309 if (n)
310 BN_free(n);
311 if (e)
312 BN_free(e);
313
314 return ret;
315
316 parse_error:
317
318 BIO_printf(err, "FATAL parse error processing line %d\n", lnum);
319
320 goto error;
321
322 }
323
324static int rsa_printver(BIO *err, BIO *out,
325 BIGNUM *n, BIGNUM *e,
326 const EVP_MD *dgst,
327 unsigned char *Msg, long Msglen,
328 unsigned char *S, long Slen, int Saltlen)
329 {
330 int ret = 0, r;
331 /* Setup RSA and EVP_PKEY structures */
332 RSA *rsa_pubkey = NULL;
333 EVP_PKEY *pubkey = NULL;
334 EVP_MD_CTX ctx;
335 unsigned char *buf = NULL;
336 rsa_pubkey = RSA_new();
337 pubkey = EVP_PKEY_new();
338 if (!rsa_pubkey || !pubkey)
339 goto error;
340 rsa_pubkey->n = BN_dup(n);
341 rsa_pubkey->e = BN_dup(e);
342 if (!rsa_pubkey->n || !rsa_pubkey->e)
343 goto error;
344 if (!EVP_PKEY_set1_RSA(pubkey, rsa_pubkey))
345 goto error;
346
347 EVP_MD_CTX_init(&ctx);
348
349 if (Saltlen != -1)
350 {
351 int pad;
352 unsigned char mdtmp[EVP_MAX_MD_SIZE];
353 buf = OPENSSL_malloc(RSA_size(rsa_pubkey));
354 if (Saltlen == -2)
355 pad = RSA_X931_PADDING;
356 else
357 pad = RSA_NO_PADDING;
358 if (!buf)
359 goto error;
360 r = RSA_public_decrypt(Slen, S, buf, rsa_pubkey, pad);
361
362 if (r > 0)
363 {
364 EVP_DigestInit_ex(&ctx, dgst, NULL);
365 if (!EVP_DigestUpdate(&ctx, Msg, Msglen))
366 goto error;
367 if (!EVP_DigestFinal_ex(&ctx, mdtmp, NULL))
368 goto error;
369 if (pad == RSA_X931_PADDING)
370 {
371 int mdlen = EVP_MD_size(dgst);
372 if (r != mdlen + 1)
373 r = 0;
374 else if (buf[mdlen] !=
375 RSA_X931_hash_id(EVP_MD_type(dgst)))
376 r = 0;
377 else if (memcmp(buf, mdtmp, mdlen))
378 r = 0;
379 else
380 r = 1;
381 }
382 else
383 r = RSA_verify_PKCS1_PSS(rsa_pubkey,
384 mdtmp, dgst,
385 buf, Saltlen);
386 }
387 if (r < 0)
388 r = 0;
389 }
390 else
391 {
392
393 if (!EVP_VerifyInit_ex(&ctx, dgst, NULL))
394 goto error;
395 if (!EVP_VerifyUpdate(&ctx, Msg, Msglen))
396 goto error;
397
398 r = EVP_VerifyFinal(&ctx, S, Slen, pubkey);
399
400 }
401
402 EVP_MD_CTX_cleanup(&ctx);
403
404 if (r < 0)
405 goto error;
406 ERR_clear_error();
407
408 if (r == 0)
409 BIO_puts(out, "Result = F\n");
410 else
411 BIO_puts(out, "Result = P\n");
412
413 ret = 1;
414
415 error:
416 if (rsa_pubkey)
417 RSA_free(rsa_pubkey);
418 if (pubkey)
419 EVP_PKEY_free(pubkey);
420 if (buf)
421 OPENSSL_free(buf);
422
423 return ret;
424 }
425#endif
diff --git a/src/lib/libssl/src/fips-1.0/sha/Makefile b/src/lib/libssl/src/fips-1.0/sha/Makefile
new file mode 100644
index 0000000000..31556697ce
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/Makefile
@@ -0,0 +1,200 @@
1#
2# OpenSSL/fips-1.0/sha/Makefile
3#
4
5DIR= sha
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17EXE_EXT=
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST= fips_shatest.c
23TESTDATA= SHAmix.req SHAmix.fax
24APPS=
25EXE= fips_standalone_sha1$(EXE_EXT)
26
27LIB=$(TOP)/libcrypto.a
28LIBSRC=fips_sha1dgst.c fips_sha1_selftest.c asm/fips-sx86-elf.s \
29 fips_sha256.c fips_sha512.c
30LIBOBJ=fips_sha1dgst.o fips_sha1_selftest.o $(FIPS_SHA1_ASM_OBJ) \
31 fips_sha256.o fips_sha512.o
32
33SRC= $(LIBSRC) fips_standalone_sha1.c
34
35EXHEADER=fips_sha.h
36HEADER= $(EXHEADER) fips_sha_locl.h fips_md32_common.h
37
38ALL= $(GENERAL) $(SRC) $(HEADER)
39
40top:
41 (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all)
42
43all: fips_standalone_sha1$(EXE_EXT) lib
44
45lib: $(LIBOBJ)
46 @echo $(LIBOBJ) > lib
47
48fips_standalone_sha1$(EXE_EXT): fips_standalone_sha1.o fips_sha1dgst.o $(FIPS_SHA1_ASM_OBJ)
49 $(CC) -o fips_standalone_sha1$(EXE_EXT) $(CFLAGS) \
50 fips_standalone_sha1.o fips_sha1dgst.o $(FIPS_SHA1_ASM_OBJ)
51
52files:
53 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
54
55links:
56 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
57 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
58 cp $(TESTDATA) $(TOP)/test
59 @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
60
61install:
62 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
63 do \
64 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
65 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
66 done
67
68tags:
69 ctags $(SRC)
70
71tests:
72
73Q=../testvectors/sha/req
74A=../testvectors/sha/rsp
75
76VECTORS = SHA1LongMsg \
77 SHA1Monte \
78 SHA1ShortMsg \
79 SHA224LongMsg \
80 SHA224Monte \
81 SHA224ShortMsg \
82 SHA256LongMsg \
83 SHA256Monte \
84 SHA256ShortMsg \
85 SHA384LongMsg \
86 SHA384Monte \
87 SHA384ShortMsg \
88 SHA512LongMsg \
89 SHA512Monte \
90 SHA512ShortMsg
91
92fips_test:
93 -rm -rf $(A)
94 mkdir $(A)
95 for file in $(VECTORS); do \
96 if [ -f $(Q)/$$file.req ]; then \
97 $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_shatest $(Q)/$$file.req $(A)/$$file.rsp; \
98 fi; \
99 done
100
101lint:
102 lint -DLINT $(INCLUDES) $(SRC)>fluff
103
104depend:
105 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
106
107dclean:
108 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
109 mv -f Makefile.new $(MAKEFILE)
110
111clean:
112 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
113
114# DO NOT DELETE THIS LINE -- make depend depends on it.
115
116fips_sha1_selftest.o: ../../include/openssl/bio.h
117fips_sha1_selftest.o: ../../include/openssl/crypto.h
118fips_sha1_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
119fips_sha1_selftest.o: ../../include/openssl/fips.h
120fips_sha1_selftest.o: ../../include/openssl/fips_sha.h
121fips_sha1_selftest.o: ../../include/openssl/lhash.h
122fips_sha1_selftest.o: ../../include/openssl/opensslconf.h
123fips_sha1_selftest.o: ../../include/openssl/opensslv.h
124fips_sha1_selftest.o: ../../include/openssl/safestack.h
125fips_sha1_selftest.o: ../../include/openssl/stack.h
126fips_sha1_selftest.o: ../../include/openssl/symhacks.h fips_sha1_selftest.c
127fips_sha1dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
128fips_sha1dgst.o: ../../include/openssl/opensslconf.h
129fips_sha1dgst.o: ../../include/openssl/opensslv.h
130fips_sha1dgst.o: ../../include/openssl/safestack.h
131fips_sha1dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
132fips_sha1dgst.o: fips_sha1dgst.c
133fips_sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
134fips_sha256.o: ../../include/openssl/fips.h ../../include/openssl/fips_sha.h
135fips_sha256.o: ../../include/openssl/opensslconf.h
136fips_sha256.o: ../../include/openssl/opensslv.h
137fips_sha256.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
138fips_sha256.o: ../../include/openssl/symhacks.h fips_sha256.c
139fips_sha512.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
140fips_sha512.o: ../../include/openssl/fips.h ../../include/openssl/fips_sha.h
141fips_sha512.o: ../../include/openssl/opensslconf.h
142fips_sha512.o: ../../include/openssl/opensslv.h
143fips_sha512.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
144fips_sha512.o: ../../include/openssl/symhacks.h fips_sha512.c
145fips_shatest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
146fips_shatest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
147fips_shatest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
148fips_shatest.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
149fips_shatest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
150fips_shatest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
151fips_shatest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
152fips_shatest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
153fips_shatest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
154fips_shatest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
155fips_shatest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
156fips_shatest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
157fips_shatest.o: ../../include/openssl/opensslconf.h
158fips_shatest.o: ../../include/openssl/opensslv.h
159fips_shatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
160fips_shatest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
161fips_shatest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
162fips_shatest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
163fips_shatest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
164fips_shatest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
165fips_shatest.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
166fips_shatest.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
167fips_shatest.o: fips_shatest.c
168fips_standalone_sha1.o: ../../include/openssl/aes.h
169fips_standalone_sha1.o: ../../include/openssl/asn1.h
170fips_standalone_sha1.o: ../../include/openssl/bio.h
171fips_standalone_sha1.o: ../../include/openssl/blowfish.h
172fips_standalone_sha1.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
173fips_standalone_sha1.o: ../../include/openssl/crypto.h
174fips_standalone_sha1.o: ../../include/openssl/des.h
175fips_standalone_sha1.o: ../../include/openssl/des_old.h
176fips_standalone_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
177fips_standalone_sha1.o: ../../include/openssl/e_os2.h
178fips_standalone_sha1.o: ../../include/openssl/evp.h
179fips_standalone_sha1.o: ../../include/openssl/fips_sha.h
180fips_standalone_sha1.o: ../../include/openssl/hmac.h
181fips_standalone_sha1.o: ../../include/openssl/idea.h
182fips_standalone_sha1.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
183fips_standalone_sha1.o: ../../include/openssl/md5.h
184fips_standalone_sha1.o: ../../include/openssl/mdc2.h
185fips_standalone_sha1.o: ../../include/openssl/obj_mac.h
186fips_standalone_sha1.o: ../../include/openssl/objects.h
187fips_standalone_sha1.o: ../../include/openssl/opensslconf.h
188fips_standalone_sha1.o: ../../include/openssl/opensslv.h
189fips_standalone_sha1.o: ../../include/openssl/ossl_typ.h
190fips_standalone_sha1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
191fips_standalone_sha1.o: ../../include/openssl/rc5.h
192fips_standalone_sha1.o: ../../include/openssl/ripemd.h
193fips_standalone_sha1.o: ../../include/openssl/rsa.h
194fips_standalone_sha1.o: ../../include/openssl/safestack.h
195fips_standalone_sha1.o: ../../include/openssl/sha.h
196fips_standalone_sha1.o: ../../include/openssl/stack.h
197fips_standalone_sha1.o: ../../include/openssl/symhacks.h
198fips_standalone_sha1.o: ../../include/openssl/ui.h
199fips_standalone_sha1.o: ../../include/openssl/ui_compat.h
200fips_standalone_sha1.o: fips_standalone_sha1.c
diff --git a/src/lib/libssl/src/fips-1.0/sha/SHAmix.fax b/src/lib/libssl/src/fips-1.0/sha/SHAmix.fax
new file mode 100644
index 0000000000..83bcb14126
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/SHAmix.fax
@@ -0,0 +1,129 @@
1[L = 64]
2
3Len = 16
4Msg = 98a1
5MD = 74d78642f70ca830bec75fc60a585917e388cfa4cd1d23daab1c4d9ff1010cac3e67275df64db5a6a7c7d0fda24f1fc3eb272678a7c8becff6743ee812129078
6
7Len = 104
8Msg = 35a37a46df4ccbadd815942249
9MD = 6f5589ea195e745654885d50de687d7fe682affc8da1fb09e681540525f04ecb93022361a27759b9e272c883564223c5e4ecafeb0daaf1abce6caa4bd4153379
10
11Len = 352
12Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
13MD = 66a16799d606c569d2fcd70d7d8321ec90ef61711481aaf7d747744ebfd08ec2e7aead49429af7b4ceec6d8e147ed018e034efbe07982699e818db5fc4b1d71a
14
15Len = 1016
16Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
17MD = 790bc4844e9aeef8938df0ccda17890556a4151817111a526a88919cfb172f0b03c216080c1b60210eb1942097f17b6d0691bf5b018b6d959198d6a694b922c9
18
19Len = 13696
20Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
21MD = a86e07bcd19080d4a83e1384bd8189f60a7dd7a6998406ade0bf03f805375bd823c7656dd51cd9d63e542f8ade41f16d73794d60d0906424133778156ee54b95
22
23Len = 100816
24Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
25MD = be3cfa6c965b2ee4e6fb0236665b0b95f66c8da8b338375b7393672283b0e50b96112d7cb76fffaa6db8ea4a7687fc6234dc1ee52e764d69ba8ac40c0f51beba
26
27[L = 48]
28
29Len = 16
30Msg = 3a35
31MD = 87bea682792f6bb4977fe1b92e0cc7017413dd263732c3604f0ebd63c2817ce5ddc5d78c0137f614a06e72ab1cab2f4c
32
33Len = 104
34Msg = 7db15b3ee240b45d4610950996
35MD = 7311a6356ab38a690c0b3a1581c3e7b6de418996c05e79849891b061c51d53dffc0fff2b8ad1c1eff165aee5ef6e18ff
36
37Len = 352
38Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
39MD = adb1778360ec659e90609e74b6af219a01a024f216b68aa944841429ed5b03b139444b8b848f73fd5f350ef02d46b6ce
40
41Len = 1016
42Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
43MD = 0cbec7be7299f48f043c3d1aacf833b4258c32190a21a8ac2471666b4a51b63cc77fff6e081aaf5ef21b1b7523d65763
44
45Len = 13696
46Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
47MD = 70e1259106fc7a7c6be11d95fb673bfaf0074e342fdaefb458faf4619e7f0edbd68d509b9ca7243d2e5e039d42ee3b47
48
49Len = 100816
50Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
51MD = b70acba01bd715f542859a4224d035eb177fe7b34d5447e099acd1716ba6d00f515bd02021b5b3015d736b04687544de
52
53[L = 32]
54
55Len = 16
56Msg = 43cd
57MD = 7c5f9ed821a021ef1850dd4e0b179a656fbe27b104463720f467db32bbfab5a4
58
59Len = 104
60Msg = 5f75a437ce0698a7d8151c3fe0
61MD = 774782a9c3023dcef8b2cb83f7994324e3cca35323419b3914a9b6bc3ace5ce1
62
63Len = 352
64Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
65MD = f114f1a390bfc30f34652751f3a38e8bdc9597625e363689459b80082eb34009
66
67Len = 488
68Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
69MD = 7d00fe393c308eadb8c0a4f771d409e17c9a796e63b45fc8e84c0cb2bdb62532
70
71Len = 13976
72Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
73MD = 6e5905b22cb95e48b73c5a885f5463f554d81257bd26301c4393d57fff1c8323
74
75Len = 48824
76Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
77MD = d7c901f0d92a868dced7e2659e90121108611dd7781325fc57e5c336c2279510
78
79[L = 28]
80
81Len = 16
82Msg = 3dd2
83MD = b7399529fe614af98f9ecd73e45790406883cb22e3bdcdf28fadd033
84
85Len = 104
86Msg = 3d232201038fe7d846ac1bd4c6
87MD = d0aee5482c509540a4ea4b902bf42fc8df3af6de42fb14e903d1b2e4
88
89Len = 352
90Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
91MD = 56c22e6066cd4c4d6415c5a225257e7f888b317ba4e98eadb72b4be0
92
93Len = 504
94Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
95MD = 33a84e66cf1ce6970c35807db25e05ca05809e53d4e34cda9bfc0045
96
97Len = 13976
98Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
99MD = 60700d4ef068822d0fe6df450b4aa8e206b2790d6dcf973229a59889
100
101Len = 48824
102Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
103MD = 85747c796a910421ecb364b4b4f0e68b49e9217944f6586eac4993ec
104
105[L = 20]
106
107Len = 16
108Msg = 8a61
109MD = 60bdeabf39efdf21ba9c0f94af6552d2ffe699e1
110
111Len = 104
112Msg = 37487aa02b03bdbc6bc62e7e26
113MD = f146072f92dc4a551721a10bf0b01564cc2b43df
114
115Len = 352
116Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
117MD = b0a2d6033cf1d8ff120a605b745d736ee4aa06d2
118
119Len = 504
120Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
121MD = 395dd2989edc854746e384f339f0808c515747be
122
123Len = 13976
124Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
125MD = 1adccf11e5b7ce2a3ddf71e920138c8647ad699c
126
127Len = 48824
128Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
129MD = 2cbc07b9b9c819b8fd38d8a614a8a9c3fa7e40ee
diff --git a/src/lib/libssl/src/fips-1.0/sha/SHAmix.req b/src/lib/libssl/src/fips-1.0/sha/SHAmix.req
new file mode 100644
index 0000000000..453fce20ce
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/SHAmix.req
@@ -0,0 +1,99 @@
1[L = 64]
2
3Len = 16
4Msg = 98a1
5
6Len = 104
7Msg = 35a37a46df4ccbadd815942249
8
9Len = 352
10Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
11
12Len = 1016
13Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
14
15Len = 13696
16Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
17
18Len = 100816
19Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
20
21[L = 48]
22
23Len = 16
24Msg = 3a35
25
26Len = 104
27Msg = 7db15b3ee240b45d4610950996
28
29Len = 352
30Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
31
32Len = 1016
33Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
34
35Len = 13696
36Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
37
38Len = 100816
39Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
40
41[L = 32]
42
43Len = 16
44Msg = 43cd
45
46Len = 104
47Msg = 5f75a437ce0698a7d8151c3fe0
48
49Len = 352
50Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
51
52Len = 488
53Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
54
55Len = 13976
56Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
57
58Len = 48824
59Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
60
61[L = 28]
62
63Len = 16
64Msg = 3dd2
65
66Len = 104
67Msg = 3d232201038fe7d846ac1bd4c6
68
69Len = 352
70Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
71
72Len = 504
73Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
74
75Len = 13976
76Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
77
78Len = 48824
79Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
80
81[L = 20]
82
83Len = 16
84Msg = 8a61
85
86Len = 104
87Msg = 37487aa02b03bdbc6bc62e7e26
88
89Len = 352
90Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
91
92Len = 504
93Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
94
95Len = 13976
96Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
97
98Len = 48824
99Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
diff --git a/src/lib/libssl/src/fips-1.0/sha/asm/fips-sx86-elf.s b/src/lib/libssl/src/fips-1.0/sha/asm/fips-sx86-elf.s
new file mode 100644
index 0000000000..2a4d98791d
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/asm/fips-sx86-elf.s
@@ -0,0 +1,1568 @@
1
2
3
4
5
6
7 .file "sha1-586.s"
8 .version "01.01"
9gcc2_compiled.:
10.text
11 .align 16
12.globl sha1_block_asm_data_order
13 .type sha1_block_asm_data_order,@function
14sha1_block_asm_data_order:
15 movl 12(%esp), %ecx
16 pushl %esi
17 sall $6, %ecx
18 movl 12(%esp), %esi
19 pushl %ebp
20 addl %esi, %ecx
21 pushl %ebx
22 movl 16(%esp), %ebp
23 pushl %edi
24 movl 12(%ebp), %edx
25 subl $108, %esp
26 movl 16(%ebp), %edi
27 movl 8(%ebp), %ebx
28 movl %ecx, 68(%esp)
29
30.L000start:
31
32 movl (%esi), %eax
33 movl 4(%esi), %ecx
34
35 xchgb %al, %ah
36 rorl $16, %eax
37 xchgb %al, %ah
38
39 xchgb %cl, %ch
40 rorl $16, %ecx
41 xchgb %cl, %ch
42 movl %eax, (%esp)
43 movl %ecx, 4(%esp)
44 movl 8(%esi), %eax
45 movl 12(%esi), %ecx
46
47 xchgb %al, %ah
48 rorl $16, %eax
49 xchgb %al, %ah
50
51 xchgb %cl, %ch
52 rorl $16, %ecx
53 xchgb %cl, %ch
54 movl %eax, 8(%esp)
55 movl %ecx, 12(%esp)
56 movl 16(%esi), %eax
57 movl 20(%esi), %ecx
58
59 xchgb %al, %ah
60 rorl $16, %eax
61 xchgb %al, %ah
62
63 xchgb %cl, %ch
64 rorl $16, %ecx
65 xchgb %cl, %ch
66 movl %eax, 16(%esp)
67 movl %ecx, 20(%esp)
68 movl 24(%esi), %eax
69 movl 28(%esi), %ecx
70
71 xchgb %al, %ah
72 rorl $16, %eax
73 xchgb %al, %ah
74
75 xchgb %cl, %ch
76 rorl $16, %ecx
77 xchgb %cl, %ch
78 movl %eax, 24(%esp)
79 movl %ecx, 28(%esp)
80 movl 32(%esi), %eax
81 movl 36(%esi), %ecx
82
83 xchgb %al, %ah
84 rorl $16, %eax
85 xchgb %al, %ah
86
87 xchgb %cl, %ch
88 rorl $16, %ecx
89 xchgb %cl, %ch
90 movl %eax, 32(%esp)
91 movl %ecx, 36(%esp)
92 movl 40(%esi), %eax
93 movl 44(%esi), %ecx
94
95 xchgb %al, %ah
96 rorl $16, %eax
97 xchgb %al, %ah
98
99 xchgb %cl, %ch
100 rorl $16, %ecx
101 xchgb %cl, %ch
102 movl %eax, 40(%esp)
103 movl %ecx, 44(%esp)
104 movl 48(%esi), %eax
105 movl 52(%esi), %ecx
106
107 xchgb %al, %ah
108 rorl $16, %eax
109 xchgb %al, %ah
110
111 xchgb %cl, %ch
112 rorl $16, %ecx
113 xchgb %cl, %ch
114 movl %eax, 48(%esp)
115 movl %ecx, 52(%esp)
116 movl 56(%esi), %eax
117 movl 60(%esi), %ecx
118
119 xchgb %al, %ah
120 rorl $16, %eax
121 xchgb %al, %ah
122
123 xchgb %cl, %ch
124 rorl $16, %ecx
125 xchgb %cl, %ch
126 movl %eax, 56(%esp)
127 movl %ecx, 60(%esp)
128
129
130 movl %esi, 132(%esp)
131.L001shortcut:
132
133
134 movl (%ebp), %eax
135 movl 4(%ebp), %ecx
136
137 movl %eax, %ebp
138 movl %ebx, %esi
139 roll $5, %ebp
140 xorl %edx, %esi
141 andl %ecx, %esi
142 rorl $2, %ecx
143 addl %edi, %ebp
144 movl (%esp), %edi
145 xorl %edx, %esi
146 leal 1518500249(%ebp,%edi,1),%ebp
147 addl %ebp, %esi
148
149 movl %esi, %ebp
150 movl %ecx, %edi
151 roll $5, %ebp
152 xorl %ebx, %edi
153 andl %eax, %edi
154 rorl $2, %eax
155 addl %edx, %ebp
156 movl 4(%esp), %edx
157 xorl %ebx, %edi
158 leal 1518500249(%ebp,%edx,1),%ebp
159 addl %ebp, %edi
160
161 movl %edi, %ebp
162 movl %eax, %edx
163 roll $5, %ebp
164 xorl %ecx, %edx
165 andl %esi, %edx
166 rorl $2, %esi
167 addl %ebx, %ebp
168 movl 8(%esp), %ebx
169 xorl %ecx, %edx
170 leal 1518500249(%ebp,%ebx,1),%ebp
171 addl %ebp, %edx
172
173 movl %edx, %ebp
174 movl %esi, %ebx
175 roll $5, %ebp
176 xorl %eax, %ebx
177 andl %edi, %ebx
178 rorl $2, %edi
179 addl %ecx, %ebp
180 movl 12(%esp), %ecx
181 xorl %eax, %ebx
182 leal 1518500249(%ebp,%ecx,1),%ebp
183 addl %ebp, %ebx
184
185 movl %ebx, %ebp
186 movl %edi, %ecx
187 roll $5, %ebp
188 xorl %esi, %ecx
189 andl %edx, %ecx
190 rorl $2, %edx
191 addl %eax, %ebp
192 movl 16(%esp), %eax
193 xorl %esi, %ecx
194 leal 1518500249(%ebp,%eax,1),%ebp
195 addl %ebp, %ecx
196
197 movl %ecx, %ebp
198 movl %edx, %eax
199 roll $5, %ebp
200 xorl %edi, %eax
201 andl %ebx, %eax
202 rorl $2, %ebx
203 addl %esi, %ebp
204 movl 20(%esp), %esi
205 xorl %edi, %eax
206 leal 1518500249(%ebp,%esi,1),%ebp
207 addl %ebp, %eax
208
209 movl %eax, %ebp
210 movl %ebx, %esi
211 roll $5, %ebp
212 xorl %edx, %esi
213 andl %ecx, %esi
214 rorl $2, %ecx
215 addl %edi, %ebp
216 movl 24(%esp), %edi
217 xorl %edx, %esi
218 leal 1518500249(%ebp,%edi,1),%ebp
219 addl %ebp, %esi
220
221 movl %esi, %ebp
222 movl %ecx, %edi
223 roll $5, %ebp
224 xorl %ebx, %edi
225 andl %eax, %edi
226 rorl $2, %eax
227 addl %edx, %ebp
228 movl 28(%esp), %edx
229 xorl %ebx, %edi
230 leal 1518500249(%ebp,%edx,1),%ebp
231 addl %ebp, %edi
232
233 movl %edi, %ebp
234 movl %eax, %edx
235 roll $5, %ebp
236 xorl %ecx, %edx
237 andl %esi, %edx
238 rorl $2, %esi
239 addl %ebx, %ebp
240 movl 32(%esp), %ebx
241 xorl %ecx, %edx
242 leal 1518500249(%ebp,%ebx,1),%ebp
243 addl %ebp, %edx
244
245 movl %edx, %ebp
246 movl %esi, %ebx
247 roll $5, %ebp
248 xorl %eax, %ebx
249 andl %edi, %ebx
250 rorl $2, %edi
251 addl %ecx, %ebp
252 movl 36(%esp), %ecx
253 xorl %eax, %ebx
254 leal 1518500249(%ebp,%ecx,1),%ebp
255 addl %ebp, %ebx
256
257 movl %ebx, %ebp
258 movl %edi, %ecx
259 roll $5, %ebp
260 xorl %esi, %ecx
261 andl %edx, %ecx
262 rorl $2, %edx
263 addl %eax, %ebp
264 movl 40(%esp), %eax
265 xorl %esi, %ecx
266 leal 1518500249(%ebp,%eax,1),%ebp
267 addl %ebp, %ecx
268
269 movl %ecx, %ebp
270 movl %edx, %eax
271 roll $5, %ebp
272 xorl %edi, %eax
273 andl %ebx, %eax
274 rorl $2, %ebx
275 addl %esi, %ebp
276 movl 44(%esp), %esi
277 xorl %edi, %eax
278 leal 1518500249(%ebp,%esi,1),%ebp
279 addl %ebp, %eax
280
281 movl %eax, %ebp
282 movl %ebx, %esi
283 roll $5, %ebp
284 xorl %edx, %esi
285 andl %ecx, %esi
286 rorl $2, %ecx
287 addl %edi, %ebp
288 movl 48(%esp), %edi
289 xorl %edx, %esi
290 leal 1518500249(%ebp,%edi,1),%ebp
291 addl %ebp, %esi
292
293 movl %esi, %ebp
294 movl %ecx, %edi
295 roll $5, %ebp
296 xorl %ebx, %edi
297 andl %eax, %edi
298 rorl $2, %eax
299 addl %edx, %ebp
300 movl 52(%esp), %edx
301 xorl %ebx, %edi
302 leal 1518500249(%ebp,%edx,1),%ebp
303 addl %ebp, %edi
304
305 movl %edi, %ebp
306 movl %eax, %edx
307 roll $5, %ebp
308 xorl %ecx, %edx
309 andl %esi, %edx
310 rorl $2, %esi
311 addl %ebx, %ebp
312 movl 56(%esp), %ebx
313 xorl %ecx, %edx
314 leal 1518500249(%ebp,%ebx,1),%ebp
315 addl %ebp, %edx
316
317 movl %edx, %ebp
318 movl %esi, %ebx
319 roll $5, %ebp
320 xorl %eax, %ebx
321 andl %edi, %ebx
322 rorl $2, %edi
323 addl %ecx, %ebp
324 movl 60(%esp), %ecx
325 xorl %eax, %ebx
326 leal 1518500249(%ebp,%ecx,1),%ebp
327 addl %ebp, %ebx
328
329 movl 8(%esp), %ecx
330 movl %edi, %ebp
331 xorl (%esp), %ecx
332 xorl %esi, %ebp
333 xorl 32(%esp), %ecx
334 andl %edx, %ebp
335 xorl 52(%esp), %ecx
336 rorl $2, %edx
337 xorl %esi, %ebp
338.byte 209
339.byte 193
340 movl %ecx, (%esp)
341 leal 1518500249(%ecx,%eax,1),%ecx
342 movl %ebx, %eax
343 addl %ebp, %ecx
344 roll $5, %eax
345 addl %eax, %ecx
346
347 movl 12(%esp), %eax
348 movl %edx, %ebp
349 xorl 4(%esp), %eax
350 xorl %edi, %ebp
351 xorl 36(%esp), %eax
352 andl %ebx, %ebp
353 xorl 56(%esp), %eax
354 rorl $2, %ebx
355 xorl %edi, %ebp
356.byte 209
357.byte 192
358 movl %eax, 4(%esp)
359 leal 1518500249(%eax,%esi,1),%eax
360 movl %ecx, %esi
361 addl %ebp, %eax
362 roll $5, %esi
363 addl %esi, %eax
364
365 movl 16(%esp), %esi
366 movl %ebx, %ebp
367 xorl 8(%esp), %esi
368 xorl %edx, %ebp
369 xorl 40(%esp), %esi
370 andl %ecx, %ebp
371 xorl 60(%esp), %esi
372 rorl $2, %ecx
373 xorl %edx, %ebp
374.byte 209
375.byte 198
376 movl %esi, 8(%esp)
377 leal 1518500249(%esi,%edi,1),%esi
378 movl %eax, %edi
379 addl %ebp, %esi
380 roll $5, %edi
381 addl %edi, %esi
382
383 movl 20(%esp), %edi
384 movl %ecx, %ebp
385 xorl 12(%esp), %edi
386 xorl %ebx, %ebp
387 xorl 44(%esp), %edi
388 andl %eax, %ebp
389 xorl (%esp), %edi
390 rorl $2, %eax
391 xorl %ebx, %ebp
392.byte 209
393.byte 199
394 movl %edi, 12(%esp)
395 leal 1518500249(%edi,%edx,1),%edi
396 movl %esi, %edx
397 addl %ebp, %edi
398 roll $5, %edx
399 addl %edx, %edi
400
401 movl 16(%esp), %edx
402 movl %esi, %ebp
403 xorl 24(%esp), %edx
404 rorl $2, %esi
405 xorl 48(%esp), %edx
406 xorl %eax, %ebp
407 xorl 4(%esp), %edx
408 xorl %ecx, %ebp
409.byte 209
410.byte 194
411 movl %edx, 16(%esp)
412 leal 1859775393(%edx,%ebx,1),%edx
413 movl %edi, %ebx
414 roll $5, %ebx
415 addl %ebp, %edx
416 addl %ebx, %edx
417
418 movl 20(%esp), %ebx
419 movl %edi, %ebp
420 xorl 28(%esp), %ebx
421 rorl $2, %edi
422 xorl 52(%esp), %ebx
423 xorl %esi, %ebp
424 xorl 8(%esp), %ebx
425 xorl %eax, %ebp
426.byte 209
427.byte 195
428 movl %ebx, 20(%esp)
429 leal 1859775393(%ebx,%ecx,1),%ebx
430 movl %edx, %ecx
431 roll $5, %ecx
432 addl %ebp, %ebx
433 addl %ecx, %ebx
434
435 movl 24(%esp), %ecx
436 movl %edx, %ebp
437 xorl 32(%esp), %ecx
438 rorl $2, %edx
439 xorl 56(%esp), %ecx
440 xorl %edi, %ebp
441 xorl 12(%esp), %ecx
442 xorl %esi, %ebp
443.byte 209
444.byte 193
445 movl %ecx, 24(%esp)
446 leal 1859775393(%ecx,%eax,1),%ecx
447 movl %ebx, %eax
448 roll $5, %eax
449 addl %ebp, %ecx
450 addl %eax, %ecx
451
452 movl 28(%esp), %eax
453 movl %ebx, %ebp
454 xorl 36(%esp), %eax
455 rorl $2, %ebx
456 xorl 60(%esp), %eax
457 xorl %edx, %ebp
458 xorl 16(%esp), %eax
459 xorl %edi, %ebp
460.byte 209
461.byte 192
462 movl %eax, 28(%esp)
463 leal 1859775393(%eax,%esi,1),%eax
464 movl %ecx, %esi
465 roll $5, %esi
466 addl %ebp, %eax
467 addl %esi, %eax
468
469 movl 32(%esp), %esi
470 movl %ecx, %ebp
471 xorl 40(%esp), %esi
472 rorl $2, %ecx
473 xorl (%esp), %esi
474 xorl %ebx, %ebp
475 xorl 20(%esp), %esi
476 xorl %edx, %ebp
477.byte 209
478.byte 198
479 movl %esi, 32(%esp)
480 leal 1859775393(%esi,%edi,1),%esi
481 movl %eax, %edi
482 roll $5, %edi
483 addl %ebp, %esi
484 addl %edi, %esi
485
486 movl 36(%esp), %edi
487 movl %eax, %ebp
488 xorl 44(%esp), %edi
489 rorl $2, %eax
490 xorl 4(%esp), %edi
491 xorl %ecx, %ebp
492 xorl 24(%esp), %edi
493 xorl %ebx, %ebp
494.byte 209
495.byte 199
496 movl %edi, 36(%esp)
497 leal 1859775393(%edi,%edx,1),%edi
498 movl %esi, %edx
499 roll $5, %edx
500 addl %ebp, %edi
501 addl %edx, %edi
502
503 movl 40(%esp), %edx
504 movl %esi, %ebp
505 xorl 48(%esp), %edx
506 rorl $2, %esi
507 xorl 8(%esp), %edx
508 xorl %eax, %ebp
509 xorl 28(%esp), %edx
510 xorl %ecx, %ebp
511.byte 209
512.byte 194
513 movl %edx, 40(%esp)
514 leal 1859775393(%edx,%ebx,1),%edx
515 movl %edi, %ebx
516 roll $5, %ebx
517 addl %ebp, %edx
518 addl %ebx, %edx
519
520 movl 44(%esp), %ebx
521 movl %edi, %ebp
522 xorl 52(%esp), %ebx
523 rorl $2, %edi
524 xorl 12(%esp), %ebx
525 xorl %esi, %ebp
526 xorl 32(%esp), %ebx
527 xorl %eax, %ebp
528.byte 209
529.byte 195
530 movl %ebx, 44(%esp)
531 leal 1859775393(%ebx,%ecx,1),%ebx
532 movl %edx, %ecx
533 roll $5, %ecx
534 addl %ebp, %ebx
535 addl %ecx, %ebx
536
537 movl 48(%esp), %ecx
538 movl %edx, %ebp
539 xorl 56(%esp), %ecx
540 rorl $2, %edx
541 xorl 16(%esp), %ecx
542 xorl %edi, %ebp
543 xorl 36(%esp), %ecx
544 xorl %esi, %ebp
545.byte 209
546.byte 193
547 movl %ecx, 48(%esp)
548 leal 1859775393(%ecx,%eax,1),%ecx
549 movl %ebx, %eax
550 roll $5, %eax
551 addl %ebp, %ecx
552 addl %eax, %ecx
553
554 movl 52(%esp), %eax
555 movl %ebx, %ebp
556 xorl 60(%esp), %eax
557 rorl $2, %ebx
558 xorl 20(%esp), %eax
559 xorl %edx, %ebp
560 xorl 40(%esp), %eax
561 xorl %edi, %ebp
562.byte 209
563.byte 192
564 movl %eax, 52(%esp)
565 leal 1859775393(%eax,%esi,1),%eax
566 movl %ecx, %esi
567 roll $5, %esi
568 addl %ebp, %eax
569 addl %esi, %eax
570
571 movl 56(%esp), %esi
572 movl %ecx, %ebp
573 xorl (%esp), %esi
574 rorl $2, %ecx
575 xorl 24(%esp), %esi
576 xorl %ebx, %ebp
577 xorl 44(%esp), %esi
578 xorl %edx, %ebp
579.byte 209
580.byte 198
581 movl %esi, 56(%esp)
582 leal 1859775393(%esi,%edi,1),%esi
583 movl %eax, %edi
584 roll $5, %edi
585 addl %ebp, %esi
586 addl %edi, %esi
587
588 movl 60(%esp), %edi
589 movl %eax, %ebp
590 xorl 4(%esp), %edi
591 rorl $2, %eax
592 xorl 28(%esp), %edi
593 xorl %ecx, %ebp
594 xorl 48(%esp), %edi
595 xorl %ebx, %ebp
596.byte 209
597.byte 199
598 movl %edi, 60(%esp)
599 leal 1859775393(%edi,%edx,1),%edi
600 movl %esi, %edx
601 roll $5, %edx
602 addl %ebp, %edi
603 addl %edx, %edi
604
605 movl (%esp), %edx
606 movl %esi, %ebp
607 xorl 8(%esp), %edx
608 rorl $2, %esi
609 xorl 32(%esp), %edx
610 xorl %eax, %ebp
611 xorl 52(%esp), %edx
612 xorl %ecx, %ebp
613.byte 209
614.byte 194
615 movl %edx, (%esp)
616 leal 1859775393(%edx,%ebx,1),%edx
617 movl %edi, %ebx
618 roll $5, %ebx
619 addl %ebp, %edx
620 addl %ebx, %edx
621
622 movl 4(%esp), %ebx
623 movl %edi, %ebp
624 xorl 12(%esp), %ebx
625 rorl $2, %edi
626 xorl 36(%esp), %ebx
627 xorl %esi, %ebp
628 xorl 56(%esp), %ebx
629 xorl %eax, %ebp
630.byte 209
631.byte 195
632 movl %ebx, 4(%esp)
633 leal 1859775393(%ebx,%ecx,1),%ebx
634 movl %edx, %ecx
635 roll $5, %ecx
636 addl %ebp, %ebx
637 addl %ecx, %ebx
638
639 movl 8(%esp), %ecx
640 movl %edx, %ebp
641 xorl 16(%esp), %ecx
642 rorl $2, %edx
643 xorl 40(%esp), %ecx
644 xorl %edi, %ebp
645 xorl 60(%esp), %ecx
646 xorl %esi, %ebp
647.byte 209
648.byte 193
649 movl %ecx, 8(%esp)
650 leal 1859775393(%ecx,%eax,1),%ecx
651 movl %ebx, %eax
652 roll $5, %eax
653 addl %ebp, %ecx
654 addl %eax, %ecx
655
656 movl 12(%esp), %eax
657 movl %ebx, %ebp
658 xorl 20(%esp), %eax
659 rorl $2, %ebx
660 xorl 44(%esp), %eax
661 xorl %edx, %ebp
662 xorl (%esp), %eax
663 xorl %edi, %ebp
664.byte 209
665.byte 192
666 movl %eax, 12(%esp)
667 leal 1859775393(%eax,%esi,1),%eax
668 movl %ecx, %esi
669 roll $5, %esi
670 addl %ebp, %eax
671 addl %esi, %eax
672
673 movl 16(%esp), %esi
674 movl %ecx, %ebp
675 xorl 24(%esp), %esi
676 rorl $2, %ecx
677 xorl 48(%esp), %esi
678 xorl %ebx, %ebp
679 xorl 4(%esp), %esi
680 xorl %edx, %ebp
681.byte 209
682.byte 198
683 movl %esi, 16(%esp)
684 leal 1859775393(%esi,%edi,1),%esi
685 movl %eax, %edi
686 roll $5, %edi
687 addl %ebp, %esi
688 addl %edi, %esi
689
690 movl 20(%esp), %edi
691 movl %eax, %ebp
692 xorl 28(%esp), %edi
693 rorl $2, %eax
694 xorl 52(%esp), %edi
695 xorl %ecx, %ebp
696 xorl 8(%esp), %edi
697 xorl %ebx, %ebp
698.byte 209
699.byte 199
700 movl %edi, 20(%esp)
701 leal 1859775393(%edi,%edx,1),%edi
702 movl %esi, %edx
703 roll $5, %edx
704 addl %ebp, %edi
705 addl %edx, %edi
706
707 movl 24(%esp), %edx
708 movl %esi, %ebp
709 xorl 32(%esp), %edx
710 rorl $2, %esi
711 xorl 56(%esp), %edx
712 xorl %eax, %ebp
713 xorl 12(%esp), %edx
714 xorl %ecx, %ebp
715.byte 209
716.byte 194
717 movl %edx, 24(%esp)
718 leal 1859775393(%edx,%ebx,1),%edx
719 movl %edi, %ebx
720 roll $5, %ebx
721 addl %ebp, %edx
722 addl %ebx, %edx
723
724 movl 28(%esp), %ebx
725 movl %edi, %ebp
726 xorl 36(%esp), %ebx
727 rorl $2, %edi
728 xorl 60(%esp), %ebx
729 xorl %esi, %ebp
730 xorl 16(%esp), %ebx
731 xorl %eax, %ebp
732.byte 209
733.byte 195
734 movl %ebx, 28(%esp)
735 leal 1859775393(%ebx,%ecx,1),%ebx
736 movl %edx, %ecx
737 roll $5, %ecx
738 addl %ebp, %ebx
739 addl %ecx, %ebx
740
741 movl 32(%esp), %ecx
742 movl %edx, %ebp
743 xorl 40(%esp), %ecx
744 orl %edi, %ebp
745 xorl (%esp), %ecx
746 andl %esi, %ebp
747 xorl 20(%esp), %ecx
748.byte 209
749.byte 193
750 movl %ecx, 32(%esp)
751 leal 2400959708(%ecx,%eax,1),%ecx
752 movl %edx, %eax
753 rorl $2, %edx
754 andl %edi, %eax
755 orl %eax, %ebp
756 movl %ebx, %eax
757 roll $5, %eax
758 addl %eax, %ebp
759 addl %ebp, %ecx
760
761 movl 36(%esp), %eax
762 movl %ebx, %ebp
763 xorl 44(%esp), %eax
764 orl %edx, %ebp
765 xorl 4(%esp), %eax
766 andl %edi, %ebp
767 xorl 24(%esp), %eax
768.byte 209
769.byte 192
770 movl %eax, 36(%esp)
771 leal 2400959708(%eax,%esi,1),%eax
772 movl %ebx, %esi
773 rorl $2, %ebx
774 andl %edx, %esi
775 orl %esi, %ebp
776 movl %ecx, %esi
777 roll $5, %esi
778 addl %esi, %ebp
779 addl %ebp, %eax
780
781 movl 40(%esp), %esi
782 movl %ecx, %ebp
783 xorl 48(%esp), %esi
784 orl %ebx, %ebp
785 xorl 8(%esp), %esi
786 andl %edx, %ebp
787 xorl 28(%esp), %esi
788.byte 209
789.byte 198
790 movl %esi, 40(%esp)
791 leal 2400959708(%esi,%edi,1),%esi
792 movl %ecx, %edi
793 rorl $2, %ecx
794 andl %ebx, %edi
795 orl %edi, %ebp
796 movl %eax, %edi
797 roll $5, %edi
798 addl %edi, %ebp
799 addl %ebp, %esi
800
801 movl 44(%esp), %edi
802 movl %eax, %ebp
803 xorl 52(%esp), %edi
804 orl %ecx, %ebp
805 xorl 12(%esp), %edi
806 andl %ebx, %ebp
807 xorl 32(%esp), %edi
808.byte 209
809.byte 199
810 movl %edi, 44(%esp)
811 leal 2400959708(%edi,%edx,1),%edi
812 movl %eax, %edx
813 rorl $2, %eax
814 andl %ecx, %edx
815 orl %edx, %ebp
816 movl %esi, %edx
817 roll $5, %edx
818 addl %edx, %ebp
819 addl %ebp, %edi
820
821 movl 48(%esp), %edx
822 movl %esi, %ebp
823 xorl 56(%esp), %edx
824 orl %eax, %ebp
825 xorl 16(%esp), %edx
826 andl %ecx, %ebp
827 xorl 36(%esp), %edx
828.byte 209
829.byte 194
830 movl %edx, 48(%esp)
831 leal 2400959708(%edx,%ebx,1),%edx
832 movl %esi, %ebx
833 rorl $2, %esi
834 andl %eax, %ebx
835 orl %ebx, %ebp
836 movl %edi, %ebx
837 roll $5, %ebx
838 addl %ebx, %ebp
839 addl %ebp, %edx
840
841 movl 52(%esp), %ebx
842 movl %edi, %ebp
843 xorl 60(%esp), %ebx
844 orl %esi, %ebp
845 xorl 20(%esp), %ebx
846 andl %eax, %ebp
847 xorl 40(%esp), %ebx
848.byte 209
849.byte 195
850 movl %ebx, 52(%esp)
851 leal 2400959708(%ebx,%ecx,1),%ebx
852 movl %edi, %ecx
853 rorl $2, %edi
854 andl %esi, %ecx
855 orl %ecx, %ebp
856 movl %edx, %ecx
857 roll $5, %ecx
858 addl %ecx, %ebp
859 addl %ebp, %ebx
860
861 movl 56(%esp), %ecx
862 movl %edx, %ebp
863 xorl (%esp), %ecx
864 orl %edi, %ebp
865 xorl 24(%esp), %ecx
866 andl %esi, %ebp
867 xorl 44(%esp), %ecx
868.byte 209
869.byte 193
870 movl %ecx, 56(%esp)
871 leal 2400959708(%ecx,%eax,1),%ecx
872 movl %edx, %eax
873 rorl $2, %edx
874 andl %edi, %eax
875 orl %eax, %ebp
876 movl %ebx, %eax
877 roll $5, %eax
878 addl %eax, %ebp
879 addl %ebp, %ecx
880
881 movl 60(%esp), %eax
882 movl %ebx, %ebp
883 xorl 4(%esp), %eax
884 orl %edx, %ebp
885 xorl 28(%esp), %eax
886 andl %edi, %ebp
887 xorl 48(%esp), %eax
888.byte 209
889.byte 192
890 movl %eax, 60(%esp)
891 leal 2400959708(%eax,%esi,1),%eax
892 movl %ebx, %esi
893 rorl $2, %ebx
894 andl %edx, %esi
895 orl %esi, %ebp
896 movl %ecx, %esi
897 roll $5, %esi
898 addl %esi, %ebp
899 addl %ebp, %eax
900
901 movl (%esp), %esi
902 movl %ecx, %ebp
903 xorl 8(%esp), %esi
904 orl %ebx, %ebp
905 xorl 32(%esp), %esi
906 andl %edx, %ebp
907 xorl 52(%esp), %esi
908.byte 209
909.byte 198
910 movl %esi, (%esp)
911 leal 2400959708(%esi,%edi,1),%esi
912 movl %ecx, %edi
913 rorl $2, %ecx
914 andl %ebx, %edi
915 orl %edi, %ebp
916 movl %eax, %edi
917 roll $5, %edi
918 addl %edi, %ebp
919 addl %ebp, %esi
920
921 movl 4(%esp), %edi
922 movl %eax, %ebp
923 xorl 12(%esp), %edi
924 orl %ecx, %ebp
925 xorl 36(%esp), %edi
926 andl %ebx, %ebp
927 xorl 56(%esp), %edi
928.byte 209
929.byte 199
930 movl %edi, 4(%esp)
931 leal 2400959708(%edi,%edx,1),%edi
932 movl %eax, %edx
933 rorl $2, %eax
934 andl %ecx, %edx
935 orl %edx, %ebp
936 movl %esi, %edx
937 roll $5, %edx
938 addl %edx, %ebp
939 addl %ebp, %edi
940
941 movl 8(%esp), %edx
942 movl %esi, %ebp
943 xorl 16(%esp), %edx
944 orl %eax, %ebp
945 xorl 40(%esp), %edx
946 andl %ecx, %ebp
947 xorl 60(%esp), %edx
948.byte 209
949.byte 194
950 movl %edx, 8(%esp)
951 leal 2400959708(%edx,%ebx,1),%edx
952 movl %esi, %ebx
953 rorl $2, %esi
954 andl %eax, %ebx
955 orl %ebx, %ebp
956 movl %edi, %ebx
957 roll $5, %ebx
958 addl %ebx, %ebp
959 addl %ebp, %edx
960
961 movl 12(%esp), %ebx
962 movl %edi, %ebp
963 xorl 20(%esp), %ebx
964 orl %esi, %ebp
965 xorl 44(%esp), %ebx
966 andl %eax, %ebp
967 xorl (%esp), %ebx
968.byte 209
969.byte 195
970 movl %ebx, 12(%esp)
971 leal 2400959708(%ebx,%ecx,1),%ebx
972 movl %edi, %ecx
973 rorl $2, %edi
974 andl %esi, %ecx
975 orl %ecx, %ebp
976 movl %edx, %ecx
977 roll $5, %ecx
978 addl %ecx, %ebp
979 addl %ebp, %ebx
980
981 movl 16(%esp), %ecx
982 movl %edx, %ebp
983 xorl 24(%esp), %ecx
984 orl %edi, %ebp
985 xorl 48(%esp), %ecx
986 andl %esi, %ebp
987 xorl 4(%esp), %ecx
988.byte 209
989.byte 193
990 movl %ecx, 16(%esp)
991 leal 2400959708(%ecx,%eax,1),%ecx
992 movl %edx, %eax
993 rorl $2, %edx
994 andl %edi, %eax
995 orl %eax, %ebp
996 movl %ebx, %eax
997 roll $5, %eax
998 addl %eax, %ebp
999 addl %ebp, %ecx
1000
1001 movl 20(%esp), %eax
1002 movl %ebx, %ebp
1003 xorl 28(%esp), %eax
1004 orl %edx, %ebp
1005 xorl 52(%esp), %eax
1006 andl %edi, %ebp
1007 xorl 8(%esp), %eax
1008.byte 209
1009.byte 192
1010 movl %eax, 20(%esp)
1011 leal 2400959708(%eax,%esi,1),%eax
1012 movl %ebx, %esi
1013 rorl $2, %ebx
1014 andl %edx, %esi
1015 orl %esi, %ebp
1016 movl %ecx, %esi
1017 roll $5, %esi
1018 addl %esi, %ebp
1019 addl %ebp, %eax
1020
1021 movl 24(%esp), %esi
1022 movl %ecx, %ebp
1023 xorl 32(%esp), %esi
1024 orl %ebx, %ebp
1025 xorl 56(%esp), %esi
1026 andl %edx, %ebp
1027 xorl 12(%esp), %esi
1028.byte 209
1029.byte 198
1030 movl %esi, 24(%esp)
1031 leal 2400959708(%esi,%edi,1),%esi
1032 movl %ecx, %edi
1033 rorl $2, %ecx
1034 andl %ebx, %edi
1035 orl %edi, %ebp
1036 movl %eax, %edi
1037 roll $5, %edi
1038 addl %edi, %ebp
1039 addl %ebp, %esi
1040
1041 movl 28(%esp), %edi
1042 movl %eax, %ebp
1043 xorl 36(%esp), %edi
1044 orl %ecx, %ebp
1045 xorl 60(%esp), %edi
1046 andl %ebx, %ebp
1047 xorl 16(%esp), %edi
1048.byte 209
1049.byte 199
1050 movl %edi, 28(%esp)
1051 leal 2400959708(%edi,%edx,1),%edi
1052 movl %eax, %edx
1053 rorl $2, %eax
1054 andl %ecx, %edx
1055 orl %edx, %ebp
1056 movl %esi, %edx
1057 roll $5, %edx
1058 addl %edx, %ebp
1059 addl %ebp, %edi
1060
1061 movl 32(%esp), %edx
1062 movl %esi, %ebp
1063 xorl 40(%esp), %edx
1064 orl %eax, %ebp
1065 xorl (%esp), %edx
1066 andl %ecx, %ebp
1067 xorl 20(%esp), %edx
1068.byte 209
1069.byte 194
1070 movl %edx, 32(%esp)
1071 leal 2400959708(%edx,%ebx,1),%edx
1072 movl %esi, %ebx
1073 rorl $2, %esi
1074 andl %eax, %ebx
1075 orl %ebx, %ebp
1076 movl %edi, %ebx
1077 roll $5, %ebx
1078 addl %ebx, %ebp
1079 addl %ebp, %edx
1080
1081 movl 36(%esp), %ebx
1082 movl %edi, %ebp
1083 xorl 44(%esp), %ebx
1084 orl %esi, %ebp
1085 xorl 4(%esp), %ebx
1086 andl %eax, %ebp
1087 xorl 24(%esp), %ebx
1088.byte 209
1089.byte 195
1090 movl %ebx, 36(%esp)
1091 leal 2400959708(%ebx,%ecx,1),%ebx
1092 movl %edi, %ecx
1093 rorl $2, %edi
1094 andl %esi, %ecx
1095 orl %ecx, %ebp
1096 movl %edx, %ecx
1097 roll $5, %ecx
1098 addl %ecx, %ebp
1099 addl %ebp, %ebx
1100
1101 movl 40(%esp), %ecx
1102 movl %edx, %ebp
1103 xorl 48(%esp), %ecx
1104 orl %edi, %ebp
1105 xorl 8(%esp), %ecx
1106 andl %esi, %ebp
1107 xorl 28(%esp), %ecx
1108.byte 209
1109.byte 193
1110 movl %ecx, 40(%esp)
1111 leal 2400959708(%ecx,%eax,1),%ecx
1112 movl %edx, %eax
1113 rorl $2, %edx
1114 andl %edi, %eax
1115 orl %eax, %ebp
1116 movl %ebx, %eax
1117 roll $5, %eax
1118 addl %eax, %ebp
1119 addl %ebp, %ecx
1120
1121 movl 44(%esp), %eax
1122 movl %ebx, %ebp
1123 xorl 52(%esp), %eax
1124 orl %edx, %ebp
1125 xorl 12(%esp), %eax
1126 andl %edi, %ebp
1127 xorl 32(%esp), %eax
1128.byte 209
1129.byte 192
1130 movl %eax, 44(%esp)
1131 leal 2400959708(%eax,%esi,1),%eax
1132 movl %ebx, %esi
1133 rorl $2, %ebx
1134 andl %edx, %esi
1135 orl %esi, %ebp
1136 movl %ecx, %esi
1137 roll $5, %esi
1138 addl %esi, %ebp
1139 addl %ebp, %eax
1140
1141 movl 48(%esp), %esi
1142 movl %ecx, %ebp
1143 xorl 56(%esp), %esi
1144 rorl $2, %ecx
1145 xorl 16(%esp), %esi
1146 xorl %ebx, %ebp
1147 xorl 36(%esp), %esi
1148 xorl %edx, %ebp
1149.byte 209
1150.byte 198
1151 movl %esi, 48(%esp)
1152 leal 3395469782(%esi,%edi,1),%esi
1153 movl %eax, %edi
1154 roll $5, %edi
1155 addl %ebp, %esi
1156 addl %edi, %esi
1157
1158 movl 52(%esp), %edi
1159 movl %eax, %ebp
1160 xorl 60(%esp), %edi
1161 rorl $2, %eax
1162 xorl 20(%esp), %edi
1163 xorl %ecx, %ebp
1164 xorl 40(%esp), %edi
1165 xorl %ebx, %ebp
1166.byte 209
1167.byte 199
1168 movl %edi, 52(%esp)
1169 leal 3395469782(%edi,%edx,1),%edi
1170 movl %esi, %edx
1171 roll $5, %edx
1172 addl %ebp, %edi
1173 addl %edx, %edi
1174
1175 movl 56(%esp), %edx
1176 movl %esi, %ebp
1177 xorl (%esp), %edx
1178 rorl $2, %esi
1179 xorl 24(%esp), %edx
1180 xorl %eax, %ebp
1181 xorl 44(%esp), %edx
1182 xorl %ecx, %ebp
1183.byte 209
1184.byte 194
1185 movl %edx, 56(%esp)
1186 leal 3395469782(%edx,%ebx,1),%edx
1187 movl %edi, %ebx
1188 roll $5, %ebx
1189 addl %ebp, %edx
1190 addl %ebx, %edx
1191
1192 movl 60(%esp), %ebx
1193 movl %edi, %ebp
1194 xorl 4(%esp), %ebx
1195 rorl $2, %edi
1196 xorl 28(%esp), %ebx
1197 xorl %esi, %ebp
1198 xorl 48(%esp), %ebx
1199 xorl %eax, %ebp
1200.byte 209
1201.byte 195
1202 movl %ebx, 60(%esp)
1203 leal 3395469782(%ebx,%ecx,1),%ebx
1204 movl %edx, %ecx
1205 roll $5, %ecx
1206 addl %ebp, %ebx
1207 addl %ecx, %ebx
1208
1209 movl (%esp), %ecx
1210 movl %edx, %ebp
1211 xorl 8(%esp), %ecx
1212 rorl $2, %edx
1213 xorl 32(%esp), %ecx
1214 xorl %edi, %ebp
1215 xorl 52(%esp), %ecx
1216 xorl %esi, %ebp
1217.byte 209
1218.byte 193
1219 movl %ecx, (%esp)
1220 leal 3395469782(%ecx,%eax,1),%ecx
1221 movl %ebx, %eax
1222 roll $5, %eax
1223 addl %ebp, %ecx
1224 addl %eax, %ecx
1225
1226 movl 4(%esp), %eax
1227 movl %ebx, %ebp
1228 xorl 12(%esp), %eax
1229 rorl $2, %ebx
1230 xorl 36(%esp), %eax
1231 xorl %edx, %ebp
1232 xorl 56(%esp), %eax
1233 xorl %edi, %ebp
1234.byte 209
1235.byte 192
1236 movl %eax, 4(%esp)
1237 leal 3395469782(%eax,%esi,1),%eax
1238 movl %ecx, %esi
1239 roll $5, %esi
1240 addl %ebp, %eax
1241 addl %esi, %eax
1242
1243 movl 8(%esp), %esi
1244 movl %ecx, %ebp
1245 xorl 16(%esp), %esi
1246 rorl $2, %ecx
1247 xorl 40(%esp), %esi
1248 xorl %ebx, %ebp
1249 xorl 60(%esp), %esi
1250 xorl %edx, %ebp
1251.byte 209
1252.byte 198
1253 movl %esi, 8(%esp)
1254 leal 3395469782(%esi,%edi,1),%esi
1255 movl %eax, %edi
1256 roll $5, %edi
1257 addl %ebp, %esi
1258 addl %edi, %esi
1259
1260 movl 12(%esp), %edi
1261 movl %eax, %ebp
1262 xorl 20(%esp), %edi
1263 rorl $2, %eax
1264 xorl 44(%esp), %edi
1265 xorl %ecx, %ebp
1266 xorl (%esp), %edi
1267 xorl %ebx, %ebp
1268.byte 209
1269.byte 199
1270 movl %edi, 12(%esp)
1271 leal 3395469782(%edi,%edx,1),%edi
1272 movl %esi, %edx
1273 roll $5, %edx
1274 addl %ebp, %edi
1275 addl %edx, %edi
1276
1277 movl 16(%esp), %edx
1278 movl %esi, %ebp
1279 xorl 24(%esp), %edx
1280 rorl $2, %esi
1281 xorl 48(%esp), %edx
1282 xorl %eax, %ebp
1283 xorl 4(%esp), %edx
1284 xorl %ecx, %ebp
1285.byte 209
1286.byte 194
1287 movl %edx, 16(%esp)
1288 leal 3395469782(%edx,%ebx,1),%edx
1289 movl %edi, %ebx
1290 roll $5, %ebx
1291 addl %ebp, %edx
1292 addl %ebx, %edx
1293
1294 movl 20(%esp), %ebx
1295 movl %edi, %ebp
1296 xorl 28(%esp), %ebx
1297 rorl $2, %edi
1298 xorl 52(%esp), %ebx
1299 xorl %esi, %ebp
1300 xorl 8(%esp), %ebx
1301 xorl %eax, %ebp
1302.byte 209
1303.byte 195
1304 movl %ebx, 20(%esp)
1305 leal 3395469782(%ebx,%ecx,1),%ebx
1306 movl %edx, %ecx
1307 roll $5, %ecx
1308 addl %ebp, %ebx
1309 addl %ecx, %ebx
1310
1311 movl 24(%esp), %ecx
1312 movl %edx, %ebp
1313 xorl 32(%esp), %ecx
1314 rorl $2, %edx
1315 xorl 56(%esp), %ecx
1316 xorl %edi, %ebp
1317 xorl 12(%esp), %ecx
1318 xorl %esi, %ebp
1319.byte 209
1320.byte 193
1321 movl %ecx, 24(%esp)
1322 leal 3395469782(%ecx,%eax,1),%ecx
1323 movl %ebx, %eax
1324 roll $5, %eax
1325 addl %ebp, %ecx
1326 addl %eax, %ecx
1327
1328 movl 28(%esp), %eax
1329 movl %ebx, %ebp
1330 xorl 36(%esp), %eax
1331 rorl $2, %ebx
1332 xorl 60(%esp), %eax
1333 xorl %edx, %ebp
1334 xorl 16(%esp), %eax
1335 xorl %edi, %ebp
1336.byte 209
1337.byte 192
1338 movl %eax, 28(%esp)
1339 leal 3395469782(%eax,%esi,1),%eax
1340 movl %ecx, %esi
1341 roll $5, %esi
1342 addl %ebp, %eax
1343 addl %esi, %eax
1344
1345 movl 32(%esp), %esi
1346 movl %ecx, %ebp
1347 xorl 40(%esp), %esi
1348 rorl $2, %ecx
1349 xorl (%esp), %esi
1350 xorl %ebx, %ebp
1351 xorl 20(%esp), %esi
1352 xorl %edx, %ebp
1353.byte 209
1354.byte 198
1355 movl %esi, 32(%esp)
1356 leal 3395469782(%esi,%edi,1),%esi
1357 movl %eax, %edi
1358 roll $5, %edi
1359 addl %ebp, %esi
1360 addl %edi, %esi
1361
1362 movl 36(%esp), %edi
1363 movl %eax, %ebp
1364 xorl 44(%esp), %edi
1365 rorl $2, %eax
1366 xorl 4(%esp), %edi
1367 xorl %ecx, %ebp
1368 xorl 24(%esp), %edi
1369 xorl %ebx, %ebp
1370.byte 209
1371.byte 199
1372 movl %edi, 36(%esp)
1373 leal 3395469782(%edi,%edx,1),%edi
1374 movl %esi, %edx
1375 roll $5, %edx
1376 addl %ebp, %edi
1377 addl %edx, %edi
1378
1379 movl 40(%esp), %edx
1380 movl %esi, %ebp
1381 xorl 48(%esp), %edx
1382 rorl $2, %esi
1383 xorl 8(%esp), %edx
1384 xorl %eax, %ebp
1385 xorl 28(%esp), %edx
1386 xorl %ecx, %ebp
1387.byte 209
1388.byte 194
1389 movl %edx, 40(%esp)
1390 leal 3395469782(%edx,%ebx,1),%edx
1391 movl %edi, %ebx
1392 roll $5, %ebx
1393 addl %ebp, %edx
1394 addl %ebx, %edx
1395
1396 movl 44(%esp), %ebx
1397 movl %edi, %ebp
1398 xorl 52(%esp), %ebx
1399 rorl $2, %edi
1400 xorl 12(%esp), %ebx
1401 xorl %esi, %ebp
1402 xorl 32(%esp), %ebx
1403 xorl %eax, %ebp
1404.byte 209
1405.byte 195
1406 movl %ebx, 44(%esp)
1407 leal 3395469782(%ebx,%ecx,1),%ebx
1408 movl %edx, %ecx
1409 roll $5, %ecx
1410 addl %ebp, %ebx
1411 addl %ecx, %ebx
1412
1413 movl 48(%esp), %ecx
1414 movl %edx, %ebp
1415 xorl 56(%esp), %ecx
1416 rorl $2, %edx
1417 xorl 16(%esp), %ecx
1418 xorl %edi, %ebp
1419 xorl 36(%esp), %ecx
1420 xorl %esi, %ebp
1421.byte 209
1422.byte 193
1423 movl %ecx, 48(%esp)
1424 leal 3395469782(%ecx,%eax,1),%ecx
1425 movl %ebx, %eax
1426 roll $5, %eax
1427 addl %ebp, %ecx
1428 addl %eax, %ecx
1429
1430 movl 52(%esp), %eax
1431 movl %ebx, %ebp
1432 xorl 60(%esp), %eax
1433 rorl $2, %ebx
1434 xorl 20(%esp), %eax
1435 xorl %edx, %ebp
1436 xorl 40(%esp), %eax
1437 xorl %edi, %ebp
1438.byte 209
1439.byte 192
1440 movl %eax, 52(%esp)
1441 leal 3395469782(%eax,%esi,1),%eax
1442 movl %ecx, %esi
1443 roll $5, %esi
1444 addl %ebp, %eax
1445 addl %esi, %eax
1446
1447 movl 56(%esp), %esi
1448 movl %ecx, %ebp
1449 xorl (%esp), %esi
1450 rorl $2, %ecx
1451 xorl 24(%esp), %esi
1452 xorl %ebx, %ebp
1453 xorl 44(%esp), %esi
1454 xorl %edx, %ebp
1455.byte 209
1456.byte 198
1457 movl %esi, 56(%esp)
1458 leal 3395469782(%esi,%edi,1),%esi
1459 movl %eax, %edi
1460 roll $5, %edi
1461 addl %ebp, %esi
1462 addl %edi, %esi
1463
1464 movl 60(%esp), %edi
1465 movl %eax, %ebp
1466 xorl 4(%esp), %edi
1467 rorl $2, %eax
1468 xorl 28(%esp), %edi
1469 xorl %ecx, %ebp
1470 xorl 48(%esp), %edi
1471 xorl %ebx, %ebp
1472.byte 209
1473.byte 199
1474 movl %edi, 60(%esp)
1475 leal 3395469782(%edi,%edx,1),%edi
1476 movl %esi, %edx
1477 roll $5, %edx
1478 addl %ebp, %edi
1479 addl %edx, %edi
1480
1481
1482 movl 128(%esp), %ebp
1483 movl 12(%ebp), %edx
1484 addl %ecx, %edx
1485 movl 4(%ebp), %ecx
1486 addl %esi, %ecx
1487 movl %eax, %esi
1488 movl (%ebp), %eax
1489 movl %edx, 12(%ebp)
1490 addl %edi, %eax
1491 movl 16(%ebp), %edi
1492 addl %ebx, %edi
1493 movl 8(%ebp), %ebx
1494 addl %esi, %ebx
1495 movl %eax, (%ebp)
1496 movl 132(%esp), %esi
1497 movl %ebx, 8(%ebp)
1498 addl $64, %esi
1499 movl 68(%esp), %eax
1500 movl %edi, 16(%ebp)
1501 cmpl %eax, %esi
1502 movl %ecx, 4(%ebp)
1503 jb .L000start
1504 addl $108, %esp
1505 popl %edi
1506 popl %ebx
1507 popl %ebp
1508 popl %esi
1509 ret
1510.L_sha1_block_asm_data_order_end:
1511 .size sha1_block_asm_data_order,.L_sha1_block_asm_data_order_end-sha1_block_asm_data_order
1512.ident "desasm.pl"
1513.text
1514 .align 16
1515.globl sha1_block_asm_host_order
1516 .type sha1_block_asm_host_order,@function
1517sha1_block_asm_host_order:
1518 movl 12(%esp), %ecx
1519 pushl %esi
1520 sall $6, %ecx
1521 movl 12(%esp), %esi
1522 pushl %ebp
1523 addl %esi, %ecx
1524 pushl %ebx
1525 movl 16(%esp), %ebp
1526 pushl %edi
1527 movl 12(%ebp), %edx
1528 subl $108, %esp
1529 movl 16(%ebp), %edi
1530 movl 8(%ebp), %ebx
1531 movl %ecx, 68(%esp)
1532
1533 movl (%esi), %eax
1534 movl 4(%esi), %ecx
1535 movl %eax, (%esp)
1536 movl %ecx, 4(%esp)
1537 movl 8(%esi), %eax
1538 movl 12(%esi), %ecx
1539 movl %eax, 8(%esp)
1540 movl %ecx, 12(%esp)
1541 movl 16(%esi), %eax
1542 movl 20(%esi), %ecx
1543 movl %eax, 16(%esp)
1544 movl %ecx, 20(%esp)
1545 movl 24(%esi), %eax
1546 movl 28(%esi), %ecx
1547 movl %eax, 24(%esp)
1548 movl %ecx, 28(%esp)
1549 movl 32(%esi), %eax
1550 movl 36(%esi), %ecx
1551 movl %eax, 32(%esp)
1552 movl %ecx, 36(%esp)
1553 movl 40(%esi), %eax
1554 movl 44(%esi), %ecx
1555 movl %eax, 40(%esp)
1556 movl %ecx, 44(%esp)
1557 movl 48(%esi), %eax
1558 movl 52(%esi), %ecx
1559 movl %eax, 48(%esp)
1560 movl %ecx, 52(%esp)
1561 movl 56(%esi), %eax
1562 movl 60(%esi), %ecx
1563 movl %eax, 56(%esp)
1564 movl %ecx, 60(%esp)
1565 jmp .L001shortcut
1566.L_sha1_block_asm_host_order_end:
1567 .size sha1_block_asm_host_order,.L_sha1_block_asm_host_order_end-sha1_block_asm_host_order
1568.ident "desasm.pl"
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_md32_common.h b/src/lib/libssl/src/fips-1.0/sha/fips_md32_common.h
new file mode 100644
index 0000000000..b5ad231e3a
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_md32_common.h
@@ -0,0 +1,623 @@
1/* crypto/md32_common.h */
2/* ====================================================================
3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/*
57 * This is a generic 32 bit "collector" for message digest algorithms.
58 * Whenever needed it collects input character stream into chunks of
59 * 32 bit values and invokes a block function that performs actual hash
60 * calculations.
61 *
62 * Porting guide.
63 *
64 * Obligatory macros:
65 *
66 * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
67 * this macro defines byte order of input stream.
68 * HASH_CBLOCK
69 * size of a unit chunk HASH_BLOCK operates on.
70 * HASH_LONG
71 * has to be at lest 32 bit wide, if it's wider, then
72 * HASH_LONG_LOG2 *has to* be defined along
73 * HASH_CTX
74 * context structure that at least contains following
75 * members:
76 * typedef struct {
77 * ...
78 * HASH_LONG Nl,Nh;
79 * HASH_LONG data[HASH_LBLOCK];
80 * unsigned int num;
81 * ...
82 * } HASH_CTX;
83 * HASH_UPDATE
84 * name of "Update" function, implemented here.
85 * HASH_TRANSFORM
86 * name of "Transform" function, implemented here.
87 * HASH_FINAL
88 * name of "Final" function, implemented here.
89 * HASH_BLOCK_HOST_ORDER
90 * name of "block" function treating *aligned* input message
91 * in host byte order, implemented externally.
92 * HASH_BLOCK_DATA_ORDER
93 * name of "block" function treating *unaligned* input message
94 * in original (data) byte order, implemented externally (it
95 * actually is optional if data and host are of the same
96 * "endianess").
97 * HASH_MAKE_STRING
98 * macro convering context variables to an ASCII hash string.
99 *
100 * Optional macros:
101 *
102 * B_ENDIAN or L_ENDIAN
103 * defines host byte-order.
104 * HASH_LONG_LOG2
105 * defaults to 2 if not states otherwise.
106 * HASH_LBLOCK
107 * assumed to be HASH_CBLOCK/4 if not stated otherwise.
108 * HASH_BLOCK_DATA_ORDER_ALIGNED
109 * alternative "block" function capable of treating
110 * aligned input message in original (data) order,
111 * implemented externally.
112 *
113 * MD5 example:
114 *
115 * #define DATA_ORDER_IS_LITTLE_ENDIAN
116 *
117 * #define HASH_LONG MD5_LONG
118 * #define HASH_LONG_LOG2 MD5_LONG_LOG2
119 * #define HASH_CTX MD5_CTX
120 * #define HASH_CBLOCK MD5_CBLOCK
121 * #define HASH_LBLOCK MD5_LBLOCK
122 * #define HASH_UPDATE MD5_Update
123 * #define HASH_TRANSFORM MD5_Transform
124 * #define HASH_FINAL MD5_Final
125 * #define HASH_BLOCK_HOST_ORDER md5_block_host_order
126 * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
127 *
128 * <appro@fy.chalmers.se>
129 */
130
131#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
132#error "DATA_ORDER must be defined!"
133#endif
134
135#ifndef HASH_CBLOCK
136#error "HASH_CBLOCK must be defined!"
137#endif
138#ifndef HASH_LONG
139#error "HASH_LONG must be defined!"
140#endif
141#ifndef HASH_CTX
142#error "HASH_CTX must be defined!"
143#endif
144
145#ifndef HASH_UPDATE
146#error "HASH_UPDATE must be defined!"
147#endif
148#ifndef HASH_TRANSFORM
149#error "HASH_TRANSFORM must be defined!"
150#endif
151#ifndef HASH_FINAL
152#error "HASH_FINAL must be defined!"
153#endif
154
155#ifndef HASH_BLOCK_HOST_ORDER
156#error "HASH_BLOCK_HOST_ORDER must be defined!"
157#endif
158
159#if 0
160/*
161 * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
162 * isn't defined.
163 */
164#ifndef HASH_BLOCK_DATA_ORDER
165#error "HASH_BLOCK_DATA_ORDER must be defined!"
166#endif
167#endif
168
169#ifndef HASH_LBLOCK
170#define HASH_LBLOCK (HASH_CBLOCK/4)
171#endif
172
173#ifndef HASH_LONG_LOG2
174#define HASH_LONG_LOG2 2
175#endif
176
177/*
178 * Engage compiler specific rotate intrinsic function if available.
179 */
180#undef ROTATE
181#ifndef PEDANTIC
182# if defined(_MSC_VER) || defined(__ICC)
183# define ROTATE(a,n) _lrotl(a,n)
184# elif defined(__MWERKS__)
185# if defined(__POWERPC__)
186# define ROTATE(a,n) __rlwinm(a,n,0,31)
187# elif defined(__MC68K__)
188 /* Motorola specific tweak. <appro@fy.chalmers.se> */
189# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) )
190# else
191# define ROTATE(a,n) __rol(a,n)
192# endif
193# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
194 /*
195 * Some GNU C inline assembler templates. Note that these are
196 * rotates by *constant* number of bits! But that's exactly
197 * what we need here...
198 * <appro@fy.chalmers.se>
199 */
200# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
201# define ROTATE(a,n) ({ register unsigned int ret; \
202 asm ( \
203 "roll %1,%0" \
204 : "=r"(ret) \
205 : "I"(n), "0"(a) \
206 : "cc"); \
207 ret; \
208 })
209# elif defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
210# define ROTATE(a,n) ({ register unsigned int ret; \
211 asm ( \
212 "rlwinm %0,%1,%2,0,31" \
213 : "=r"(ret) \
214 : "r"(a), "I"(n)); \
215 ret; \
216 })
217# endif
218# endif
219#endif /* PEDANTIC */
220
221#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */
222/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
223#ifdef ROTATE
224/* 5 instructions with rotate instruction, else 9 */
225#define REVERSE_FETCH32(a,l) ( \
226 l=*(const HASH_LONG *)(a), \
227 ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \
228 )
229#else
230/* 6 instructions with rotate instruction, else 8 */
231#define REVERSE_FETCH32(a,l) ( \
232 l=*(const HASH_LONG *)(a), \
233 l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \
234 ROTATE(l,16) \
235 )
236/*
237 * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
238 * It's rewritten as above for two reasons:
239 * - RISCs aren't good at long constants and have to explicitely
240 * compose 'em with several (well, usually 2) instructions in a
241 * register before performing the actual operation and (as you
242 * already realized:-) having same constant should inspire the
243 * compiler to permanently allocate the only register for it;
244 * - most modern CPUs have two ALUs, but usually only one has
245 * circuitry for shifts:-( this minor tweak inspires compiler
246 * to schedule shift instructions in a better way...
247 *
248 * <appro@fy.chalmers.se>
249 */
250#endif
251#endif
252
253#ifndef ROTATE
254#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
255#endif
256
257/*
258 * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
259 * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
260 * and host are of the same "endianess". It's possible to mask
261 * this with blank #define HASH_BLOCK_DATA_ORDER though...
262 *
263 * <appro@fy.chalmers.se>
264 */
265#if defined(B_ENDIAN)
266# if defined(DATA_ORDER_IS_BIG_ENDIAN)
267# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
268# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
269# endif
270# endif
271#elif defined(L_ENDIAN)
272# if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
273# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
274# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
275# endif
276# endif
277#endif
278
279#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
280#ifndef HASH_BLOCK_DATA_ORDER
281#error "HASH_BLOCK_DATA_ORDER must be defined!"
282#endif
283#endif
284
285#if defined(DATA_ORDER_IS_BIG_ENDIAN)
286
287#ifndef PEDANTIC
288# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
289# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
290 /*
291 * This gives ~30-40% performance improvement in SHA-256 compiled
292 * with gcc [on P4]. Well, first macro to be frank. We can pull
293 * this trick on x86* platforms only, because these CPUs can fetch
294 * unaligned data without raising an exception.
295 */
296# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \
297 asm ("bswapl %0":"=r"(r):"0"(r)); \
298 (c)+=4; (l)=r; })
299# define HOST_l2c(l,c) ({ unsigned int r=(l); \
300 asm ("bswapl %0":"=r"(r):"0"(r)); \
301 *((unsigned int *)(c))=r; (c)+=4; r; })
302# endif
303# endif
304#endif
305
306#ifndef HOST_c2l
307#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
308 l|=(((unsigned long)(*((c)++)))<<16), \
309 l|=(((unsigned long)(*((c)++)))<< 8), \
310 l|=(((unsigned long)(*((c)++))) ), \
311 l)
312#endif
313#define HOST_p_c2l(c,l,n) { \
314 switch (n) { \
315 case 0: l =((unsigned long)(*((c)++)))<<24; \
316 case 1: l|=((unsigned long)(*((c)++)))<<16; \
317 case 2: l|=((unsigned long)(*((c)++)))<< 8; \
318 case 3: l|=((unsigned long)(*((c)++))); \
319 } }
320#define HOST_p_c2l_p(c,l,sc,len) { \
321 switch (sc) { \
322 case 0: l =((unsigned long)(*((c)++)))<<24; \
323 if (--len == 0) break; \
324 case 1: l|=((unsigned long)(*((c)++)))<<16; \
325 if (--len == 0) break; \
326 case 2: l|=((unsigned long)(*((c)++)))<< 8; \
327 } }
328/* NOTE the pointer is not incremented at the end of this */
329#define HOST_c2l_p(c,l,n) { \
330 l=0; (c)+=n; \
331 switch (n) { \
332 case 3: l =((unsigned long)(*(--(c))))<< 8; \
333 case 2: l|=((unsigned long)(*(--(c))))<<16; \
334 case 1: l|=((unsigned long)(*(--(c))))<<24; \
335 } }
336#ifndef HOST_l2c
337#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
338 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
339 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
340 *((c)++)=(unsigned char)(((l) )&0xff), \
341 l)
342#endif
343
344#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
345
346#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
347 /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
348# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
349# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l)
350#endif
351
352#ifndef HOST_c2l
353#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
354 l|=(((unsigned long)(*((c)++)))<< 8), \
355 l|=(((unsigned long)(*((c)++)))<<16), \
356 l|=(((unsigned long)(*((c)++)))<<24), \
357 l)
358#endif
359#define HOST_p_c2l(c,l,n) { \
360 switch (n) { \
361 case 0: l =((unsigned long)(*((c)++))); \
362 case 1: l|=((unsigned long)(*((c)++)))<< 8; \
363 case 2: l|=((unsigned long)(*((c)++)))<<16; \
364 case 3: l|=((unsigned long)(*((c)++)))<<24; \
365 } }
366#define HOST_p_c2l_p(c,l,sc,len) { \
367 switch (sc) { \
368 case 0: l =((unsigned long)(*((c)++))); \
369 if (--len == 0) break; \
370 case 1: l|=((unsigned long)(*((c)++)))<< 8; \
371 if (--len == 0) break; \
372 case 2: l|=((unsigned long)(*((c)++)))<<16; \
373 } }
374/* NOTE the pointer is not incremented at the end of this */
375#define HOST_c2l_p(c,l,n) { \
376 l=0; (c)+=n; \
377 switch (n) { \
378 case 3: l =((unsigned long)(*(--(c))))<<16; \
379 case 2: l|=((unsigned long)(*(--(c))))<< 8; \
380 case 1: l|=((unsigned long)(*(--(c)))); \
381 } }
382#ifndef HOST_l2c
383#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
384 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
385 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
386 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
387 l)
388#endif
389
390#endif
391
392/*
393 * Time for some action:-)
394 */
395
396int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
397 {
398 const unsigned char *data=data_;
399 register HASH_LONG * p;
400 register HASH_LONG l;
401 size_t sw,sc,ew,ec;
402
403 if(FIPS_selftest_failed())
404 return 0;
405
406 if (len==0) return 1;
407
408 l=(c->Nl+(((HASH_LONG)len)<<3))&0xffffffffUL;
409 /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
410 * Wei Dai <weidai@eskimo.com> for pointing it out. */
411 if (l < c->Nl) /* overflow */
412 c->Nh++;
413 c->Nh+=(len>>29); /* might cause compiler warning on 16-bit */
414 c->Nl=l;
415
416 if (c->num != 0)
417 {
418 p=c->data;
419 sw=c->num>>2;
420 sc=c->num&0x03;
421
422 if ((c->num+len) >= HASH_CBLOCK)
423 {
424 l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
425 for (; sw<HASH_LBLOCK; sw++)
426 {
427 HOST_c2l(data,l); p[sw]=l;
428 }
429 HASH_BLOCK_HOST_ORDER (c,p,1);
430 len-=(HASH_CBLOCK-c->num);
431 c->num=0;
432 /* drop through and do the rest */
433 }
434 else
435 {
436 c->num+=(unsigned int)len;
437 if ((sc+len) < 4) /* ugly, add char's to a word */
438 {
439 l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
440 }
441 else
442 {
443 ew=(c->num>>2);
444 ec=(c->num&0x03);
445 if (sc)
446 l=p[sw];
447 HOST_p_c2l(data,l,sc);
448 p[sw++]=l;
449 for (; sw < ew; sw++)
450 {
451 HOST_c2l(data,l); p[sw]=l;
452 }
453 if (ec)
454 {
455 HOST_c2l_p(data,l,ec); p[sw]=l;
456 }
457 }
458 return 1;
459 }
460 }
461
462 sw=len/HASH_CBLOCK;
463 if (sw > 0)
464 {
465#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
466 /*
467 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
468 * only if sizeof(HASH_LONG)==4.
469 */
470 if ((((size_t)data)%4) == 0)
471 {
472 /* data is properly aligned so that we can cast it: */
473 HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,sw);
474 sw*=HASH_CBLOCK;
475 data+=sw;
476 len-=sw;
477 }
478 else
479#if !defined(HASH_BLOCK_DATA_ORDER)
480 while (sw--)
481 {
482 memcpy (p=c->data,data,HASH_CBLOCK);
483 HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
484 data+=HASH_CBLOCK;
485 len-=HASH_CBLOCK;
486 }
487#endif
488#endif
489#if defined(HASH_BLOCK_DATA_ORDER)
490 {
491 HASH_BLOCK_DATA_ORDER(c,data,sw);
492 sw*=HASH_CBLOCK;
493 data+=sw;
494 len-=sw;
495 }
496#endif
497 }
498
499 if (len!=0)
500 {
501 p = c->data;
502 c->num = len;
503 ew=len>>2; /* words to copy */
504 ec=len&0x03;
505 for (; ew; ew--,p++)
506 {
507 HOST_c2l(data,l); *p=l;
508 }
509 HOST_c2l_p(data,l,ec);
510 *p=l;
511 }
512 return 1;
513 }
514
515
516void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
517 {
518#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
519 if ((((size_t)data)%4) == 0)
520 /* data is properly aligned so that we can cast it: */
521 HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,1);
522 else
523#if !defined(HASH_BLOCK_DATA_ORDER)
524 {
525 memcpy (c->data,data,HASH_CBLOCK);
526 HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
527 }
528#endif
529#endif
530#if defined(HASH_BLOCK_DATA_ORDER)
531 HASH_BLOCK_DATA_ORDER (c,data,1);
532#endif
533 }
534
535
536int HASH_FINAL (unsigned char *md, HASH_CTX *c)
537 {
538 register HASH_LONG *p;
539 register unsigned long l;
540 register int i,j;
541 static const unsigned char end[4]={0x80,0x00,0x00,0x00};
542 const unsigned char *cp=end;
543
544 /* c->num should definitly have room for at least one more byte. */
545 p=c->data;
546 i=c->num>>2;
547 j=c->num&0x03;
548
549#if 0
550 /* purify often complains about the following line as an
551 * Uninitialized Memory Read. While this can be true, the
552 * following p_c2l macro will reset l when that case is true.
553 * This is because j&0x03 contains the number of 'valid' bytes
554 * already in p[i]. If and only if j&0x03 == 0, the UMR will
555 * occur but this is also the only time p_c2l will do
556 * l= *(cp++) instead of l|= *(cp++)
557 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
558 * 'potential bug' */
559#ifdef PURIFY
560 if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
561#endif
562 l=p[i];
563#else
564 l = (j==0) ? 0 : p[i];
565#endif
566 HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
567
568 if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
569 {
570 if (i<HASH_LBLOCK) p[i]=0;
571 HASH_BLOCK_HOST_ORDER (c,p,1);
572 i=0;
573 }
574 for (; i<(HASH_LBLOCK-2); i++)
575 p[i]=0;
576
577#if defined(DATA_ORDER_IS_BIG_ENDIAN)
578 p[HASH_LBLOCK-2]=c->Nh;
579 p[HASH_LBLOCK-1]=c->Nl;
580#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
581 p[HASH_LBLOCK-2]=c->Nl;
582 p[HASH_LBLOCK-1]=c->Nh;
583#endif
584 HASH_BLOCK_HOST_ORDER (c,p,1);
585
586#ifndef HASH_MAKE_STRING
587#error "HASH_MAKE_STRING must be defined!"
588#else
589 HASH_MAKE_STRING(c,md);
590#endif
591
592 c->num=0;
593 /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
594 * but I'm not worried :-)
595 OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
596 */
597 return 1;
598 }
599
600#ifndef MD32_REG_T
601#define MD32_REG_T long
602/*
603 * This comment was originaly written for MD5, which is why it
604 * discusses A-D. But it basically applies to all 32-bit digests,
605 * which is why it was moved to common header file.
606 *
607 * In case you wonder why A-D are declared as long and not
608 * as MD5_LONG. Doing so results in slight performance
609 * boost on LP64 architectures. The catch is we don't
610 * really care if 32 MSBs of a 64-bit register get polluted
611 * with eventual overflows as we *save* only 32 LSBs in
612 * *either* case. Now declaring 'em long excuses the compiler
613 * from keeping 32 MSBs zeroed resulting in 13% performance
614 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
615 * Well, to be honest it should say that this *prevents*
616 * performance degradation.
617 * <appro@fy.chalmers.se>
618 * Apparently there're LP64 compilers that generate better
619 * code if A-D are declared int. Most notably GCC-x86_64
620 * generates better code.
621 * <appro@fy.chalmers.se>
622 */
623#endif
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_sha.h b/src/lib/libssl/src/fips-1.0/sha/fips_sha.h
new file mode 100644
index 0000000000..4520b06ce1
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_sha.h
@@ -0,0 +1,186 @@
1/* fips/sha1/fips_sha.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SHA_H
60#define HEADER_SHA_H
61
62#include <openssl/e_os2.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68#if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
69#error SHA is disabled.
70#endif
71
72/*
73 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
74 * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
75 * ! SHA_LONG_LOG2 has to be defined along. !
76 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
77 */
78
79#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
80#define SHA_LONG unsigned long
81#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
82#define SHA_LONG unsigned long
83#define SHA_LONG_LOG2 3
84#else
85#define SHA_LONG unsigned int
86#endif
87
88#define SHA_LBLOCK 16
89#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a
90 * contiguous array of 32 bit
91 * wide big-endian values. */
92#define SHA_LAST_BLOCK (SHA_CBLOCK-8)
93#define SHA_DIGEST_LENGTH 20
94
95typedef struct SHAstate_st
96 {
97 SHA_LONG h0,h1,h2,h3,h4;
98 SHA_LONG Nl,Nh;
99 SHA_LONG data[SHA_LBLOCK];
100 unsigned int num;
101 } SHA_CTX;
102
103#ifndef OPENSSL_NO_SHA1
104int SHA1_Init(SHA_CTX *c);
105int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
106int SHA1_Final(unsigned char *md, SHA_CTX *c);
107unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
108void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
109#endif
110
111#define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a
112 * contiguous array of 32 bit
113 * wide big-endian values. */
114#define SHA224_DIGEST_LENGTH 28
115#define SHA256_DIGEST_LENGTH 32
116
117typedef struct SHA256state_st
118 {
119 SHA_LONG h[8];
120 SHA_LONG Nl,Nh;
121 SHA_LONG data[SHA_LBLOCK];
122 unsigned int num,md_len;
123 } SHA256_CTX;
124
125#ifndef OPENSSL_NO_SHA256
126int SHA224_Init(SHA256_CTX *c);
127int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
128int SHA224_Final(unsigned char *md, SHA256_CTX *c);
129unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md);
130int SHA256_Init(SHA256_CTX *c);
131int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
132int SHA256_Final(unsigned char *md, SHA256_CTX *c);
133unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md);
134void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
135#endif
136
137#define SHA384_DIGEST_LENGTH 48
138#define SHA512_DIGEST_LENGTH 64
139
140/*
141 * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
142 * being exactly 64-bit wide. See Implementation Notes in sha512.c
143 * for further details.
144 */
145#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a
146 * contiguous array of 64 bit
147 * wide big-endian values. */
148#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
149#define SHA_LONG64 unsigned __int64
150#define U64(C) C##UI64
151#elif defined(__arch64__)
152#define SHA_LONG64 unsigned long
153#define U64(C) C##UL
154#else
155#define SHA_LONG64 unsigned long long
156#define U64(C) C##ULL
157#endif
158
159typedef struct SHA512state_st
160 {
161 SHA_LONG64 h[8];
162 SHA_LONG64 Nl,Nh;
163 union {
164 SHA_LONG64 d[SHA_LBLOCK];
165 unsigned char p[SHA512_CBLOCK];
166 } u;
167 unsigned int num,md_len;
168 } SHA512_CTX;
169
170#ifndef OPENSSL_NO_SHA512
171int SHA384_Init(SHA512_CTX *c);
172int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
173int SHA384_Final(unsigned char *md, SHA512_CTX *c);
174unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md);
175int SHA512_Init(SHA512_CTX *c);
176int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
177int SHA512_Final(unsigned char *md, SHA512_CTX *c);
178unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md);
179void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
180#endif
181
182#ifdef __cplusplus
183}
184#endif
185
186#endif
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_sha1_selftest.c b/src/lib/libssl/src/fips-1.0/sha/fips_sha1_selftest.c
new file mode 100644
index 0000000000..73a65cdc06
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_sha1_selftest.c
@@ -0,0 +1,96 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <string.h>
51#include <openssl/err.h>
52#include <openssl/fips.h>
53#include <openssl/fips_sha.h>
54
55#ifdef OPENSSL_FIPS
56static char test[][60]=
57 {
58 "",
59 "abc",
60 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
61 };
62
63static const unsigned char ret[][SHA_DIGEST_LENGTH]=
64 {
65 { 0xda,0x39,0xa3,0xee,0x5e,0x6b,0x4b,0x0d,0x32,0x55,
66 0xbf,0xef,0x95,0x60,0x18,0x90,0xaf,0xd8,0x07,0x09 },
67 { 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e,
68 0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d },
69 { 0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae,
70 0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1 },
71 };
72
73void FIPS_corrupt_sha1()
74 {
75 test[2][0]++;
76 }
77
78int FIPS_selftest_sha1()
79 {
80 int n;
81
82 for(n=0 ; n<sizeof(test)/sizeof(test[0]) ; ++n)
83 {
84 unsigned char md[SHA_DIGEST_LENGTH];
85
86 SHA1((unsigned char*)test[n],strlen(test[n]),md);
87 if(memcmp(md,ret[n],sizeof md))
88 {
89 FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED);
90 return 0;
91 }
92 }
93 return 1;
94 }
95
96#endif
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_sha1dgst.c b/src/lib/libssl/src/fips-1.0/sha/fips_sha1dgst.c
new file mode 100644
index 0000000000..fb9e15453c
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_sha1dgst.c
@@ -0,0 +1,96 @@
1/* crypto/sha/sha1dgst.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
60
61#undef SHA_0
62#define SHA_1
63
64#include <openssl/opensslv.h>
65#include <openssl/opensslconf.h>
66#include <openssl/crypto.h>
67
68#ifdef OPENSSL_FIPS
69const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT;
70
71/* The implementation is in fips_md32_common.h */
72#include "fips_sha_locl.h"
73
74unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
75 {
76 SHA_CTX c;
77 static unsigned char m[SHA_DIGEST_LENGTH];
78
79 OPENSSL_assert(sizeof(unsigned long)<=sizeof(size_t));
80 if (md == NULL) md=m;
81 if (!SHA1_Init(&c))
82 return NULL;
83 SHA1_Update(&c,d,n);
84 SHA1_Final(md,&c);
85 OPENSSL_cleanse(&c,sizeof(c));
86 return(md);
87 }
88
89#else /* ndef OPENSSL_FIPS */
90
91static void *dummy=&dummy;
92
93#endif /* ndef OPENSSL_FIPS */
94
95#endif
96
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_sha256.c b/src/lib/libssl/src/fips-1.0/sha/fips_sha256.c
new file mode 100644
index 0000000000..b5a1ca0cac
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_sha256.c
@@ -0,0 +1,325 @@
1/* crypto/sha/sha256.c */
2/* ====================================================================
3 * Copyright (c) 2004 The OpenSSL Project. All rights reserved
4 * according to the OpenSSL license [found in ../../LICENSE].
5 * ====================================================================
6 */
7#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
8
9#include <stdlib.h>
10#include <string.h>
11
12#include <openssl/opensslconf.h>
13#include <openssl/crypto.h>
14#include <openssl/fips_sha.h>
15#include <openssl/fips.h>
16#include <openssl/opensslv.h>
17
18#ifdef OPENSSL_FIPS
19
20const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT;
21
22int SHA224_Init (SHA256_CTX *c)
23 {
24 c->h[0]=0xc1059ed8UL; c->h[1]=0x367cd507UL;
25 c->h[2]=0x3070dd17UL; c->h[3]=0xf70e5939UL;
26 c->h[4]=0xffc00b31UL; c->h[5]=0x68581511UL;
27 c->h[6]=0x64f98fa7UL; c->h[7]=0xbefa4fa4UL;
28 c->Nl=0; c->Nh=0;
29 c->num=0; c->md_len=SHA224_DIGEST_LENGTH;
30 return 1;
31 }
32
33int SHA256_Init (SHA256_CTX *c)
34 {
35 c->h[0]=0x6a09e667UL; c->h[1]=0xbb67ae85UL;
36 c->h[2]=0x3c6ef372UL; c->h[3]=0xa54ff53aUL;
37 c->h[4]=0x510e527fUL; c->h[5]=0x9b05688cUL;
38 c->h[6]=0x1f83d9abUL; c->h[7]=0x5be0cd19UL;
39 c->Nl=0; c->Nh=0;
40 c->num=0; c->md_len=SHA256_DIGEST_LENGTH;
41 return 1;
42 }
43
44unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
45 {
46 SHA256_CTX c;
47 static unsigned char m[SHA224_DIGEST_LENGTH];
48
49 if (md == NULL) md=m;
50 SHA224_Init(&c);
51 SHA256_Update(&c,d,n);
52 SHA256_Final(md,&c);
53 OPENSSL_cleanse(&c,sizeof(c));
54 return(md);
55 }
56
57unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
58 {
59 SHA256_CTX c;
60 static unsigned char m[SHA256_DIGEST_LENGTH];
61
62 if (md == NULL) md=m;
63 SHA256_Init(&c);
64 SHA256_Update(&c,d,n);
65 SHA256_Final(md,&c);
66 OPENSSL_cleanse(&c,sizeof(c));
67 return(md);
68 }
69
70int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
71{ return SHA256_Update (c,data,len); }
72int SHA224_Final (unsigned char *md, SHA256_CTX *c)
73{ return SHA256_Final (md,c); }
74
75#ifndef SHA_LONG_LOG2
76#define SHA_LONG_LOG2 2 /* default to 32 bits */
77#endif
78
79#define DATA_ORDER_IS_BIG_ENDIAN
80
81#define HASH_LONG SHA_LONG
82#define HASH_LONG_LOG2 SHA_LONG_LOG2
83#define HASH_CTX SHA256_CTX
84#define HASH_CBLOCK SHA_CBLOCK
85#define HASH_LBLOCK SHA_LBLOCK
86/*
87 * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
88 * default: case below covers for it. It's not clear however if it's
89 * permitted to truncate to amount of bytes not divisible by 4. I bet not,
90 * but if it is, then default: case shall be extended. For reference.
91 * Idea behind separate cases for pre-defined lenghts is to let the
92 * compiler decide if it's appropriate to unroll small loops.
93 */
94#define HASH_MAKE_STRING(c,s) do { \
95 unsigned long ll; \
96 unsigned int n; \
97 switch ((c)->md_len) \
98 { case SHA224_DIGEST_LENGTH: \
99 for (n=0;n<SHA224_DIGEST_LENGTH/4;n++) \
100 { ll=(c)->h[n]; HOST_l2c(ll,(s)); } \
101 break; \
102 case SHA256_DIGEST_LENGTH: \
103 for (n=0;n<SHA256_DIGEST_LENGTH/4;n++) \
104 { ll=(c)->h[n]; HOST_l2c(ll,(s)); } \
105 break; \
106 default: \
107 if ((c)->md_len > SHA256_DIGEST_LENGTH) \
108 return 0; \
109 for (n=0;n<(c)->md_len/4;n++) \
110 { ll=(c)->h[n]; HOST_l2c(ll,(s)); } \
111 break; \
112 } \
113 } while (0)
114
115#define HASH_UPDATE SHA256_Update
116#define HASH_TRANSFORM SHA256_Transform
117#define HASH_FINAL SHA256_Final
118#define HASH_BLOCK_HOST_ORDER sha256_block_host_order
119#define HASH_BLOCK_DATA_ORDER sha256_block_data_order
120void sha256_block_host_order (SHA256_CTX *ctx, const void *in, size_t num);
121void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
122
123#include "fips_md32_common.h"
124
125#ifdef SHA256_ASM
126void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host);
127#else
128static const SHA_LONG K256[64] = {
129 0x428a2f98UL,0x71374491UL,0xb5c0fbcfUL,0xe9b5dba5UL,
130 0x3956c25bUL,0x59f111f1UL,0x923f82a4UL,0xab1c5ed5UL,
131 0xd807aa98UL,0x12835b01UL,0x243185beUL,0x550c7dc3UL,
132 0x72be5d74UL,0x80deb1feUL,0x9bdc06a7UL,0xc19bf174UL,
133 0xe49b69c1UL,0xefbe4786UL,0x0fc19dc6UL,0x240ca1ccUL,
134 0x2de92c6fUL,0x4a7484aaUL,0x5cb0a9dcUL,0x76f988daUL,
135 0x983e5152UL,0xa831c66dUL,0xb00327c8UL,0xbf597fc7UL,
136 0xc6e00bf3UL,0xd5a79147UL,0x06ca6351UL,0x14292967UL,
137 0x27b70a85UL,0x2e1b2138UL,0x4d2c6dfcUL,0x53380d13UL,
138 0x650a7354UL,0x766a0abbUL,0x81c2c92eUL,0x92722c85UL,
139 0xa2bfe8a1UL,0xa81a664bUL,0xc24b8b70UL,0xc76c51a3UL,
140 0xd192e819UL,0xd6990624UL,0xf40e3585UL,0x106aa070UL,
141 0x19a4c116UL,0x1e376c08UL,0x2748774cUL,0x34b0bcb5UL,
142 0x391c0cb3UL,0x4ed8aa4aUL,0x5b9cca4fUL,0x682e6ff3UL,
143 0x748f82eeUL,0x78a5636fUL,0x84c87814UL,0x8cc70208UL,
144 0x90befffaUL,0xa4506cebUL,0xbef9a3f7UL,0xc67178f2UL };
145
146/*
147 * FIPS specification refers to right rotations, while our ROTATE macro
148 * is left one. This is why you might notice that rotation coefficients
149 * differ from those observed in FIPS document by 32-N...
150 */
151#define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
152#define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
153#define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
154#define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
155
156#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
157#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
158
159#ifdef OPENSSL_SMALL_FOOTPRINT
160
161static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
162 {
163 unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1,T2;
164 SHA_LONG X[16];
165 int i;
166 const unsigned char *data=in;
167
168 while (num--) {
169
170 a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
171 e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
172
173 if (host)
174 {
175 const SHA_LONG *W=(const SHA_LONG *)data;
176
177 for (i=0;i<16;i++)
178 {
179 T1 = X[i] = W[i];
180 T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
181 T2 = Sigma0(a) + Maj(a,b,c);
182 h = g; g = f; f = e; e = d + T1;
183 d = c; c = b; b = a; a = T1 + T2;
184 }
185
186 data += SHA256_CBLOCK;
187 }
188 else
189 {
190 SHA_LONG l;
191
192 for (i=0;i<16;i++)
193 {
194 HOST_c2l(data,l); T1 = X[i] = l;
195 T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
196 T2 = Sigma0(a) + Maj(a,b,c);
197 h = g; g = f; f = e; e = d + T1;
198 d = c; c = b; b = a; a = T1 + T2;
199 }
200 }
201
202 for (;i<64;i++)
203 {
204 s0 = X[(i+1)&0x0f]; s0 = sigma0(s0);
205 s1 = X[(i+14)&0x0f]; s1 = sigma1(s1);
206
207 T1 = X[i&0xf] += s0 + s1 + X[(i+9)&0xf];
208 T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
209 T2 = Sigma0(a) + Maj(a,b,c);
210 h = g; g = f; f = e; e = d + T1;
211 d = c; c = b; b = a; a = T1 + T2;
212 }
213
214 ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
215 ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
216
217 }
218}
219
220#else
221
222#define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
223 T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i]; \
224 h = Sigma0(a) + Maj(a,b,c); \
225 d += T1; h += T1; } while (0)
226
227#define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \
228 s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \
229 s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \
230 T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \
231 ROUND_00_15(i,a,b,c,d,e,f,g,h); } while (0)
232
233static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
234 {
235 unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1;
236 SHA_LONG X[16];
237 int i;
238 const unsigned char *data=in;
239
240 while (num--) {
241
242 a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
243 e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
244
245 if (host)
246 {
247 const SHA_LONG *W=(const SHA_LONG *)data;
248
249 T1 = X[0] = W[0]; ROUND_00_15(0,a,b,c,d,e,f,g,h);
250 T1 = X[1] = W[1]; ROUND_00_15(1,h,a,b,c,d,e,f,g);
251 T1 = X[2] = W[2]; ROUND_00_15(2,g,h,a,b,c,d,e,f);
252 T1 = X[3] = W[3]; ROUND_00_15(3,f,g,h,a,b,c,d,e);
253 T1 = X[4] = W[4]; ROUND_00_15(4,e,f,g,h,a,b,c,d);
254 T1 = X[5] = W[5]; ROUND_00_15(5,d,e,f,g,h,a,b,c);
255 T1 = X[6] = W[6]; ROUND_00_15(6,c,d,e,f,g,h,a,b);
256 T1 = X[7] = W[7]; ROUND_00_15(7,b,c,d,e,f,g,h,a);
257 T1 = X[8] = W[8]; ROUND_00_15(8,a,b,c,d,e,f,g,h);
258 T1 = X[9] = W[9]; ROUND_00_15(9,h,a,b,c,d,e,f,g);
259 T1 = X[10] = W[10]; ROUND_00_15(10,g,h,a,b,c,d,e,f);
260 T1 = X[11] = W[11]; ROUND_00_15(11,f,g,h,a,b,c,d,e);
261 T1 = X[12] = W[12]; ROUND_00_15(12,e,f,g,h,a,b,c,d);
262 T1 = X[13] = W[13]; ROUND_00_15(13,d,e,f,g,h,a,b,c);
263 T1 = X[14] = W[14]; ROUND_00_15(14,c,d,e,f,g,h,a,b);
264 T1 = X[15] = W[15]; ROUND_00_15(15,b,c,d,e,f,g,h,a);
265
266 data += SHA256_CBLOCK;
267 }
268 else
269 {
270 SHA_LONG l;
271
272 HOST_c2l(data,l); T1 = X[0] = l; ROUND_00_15(0,a,b,c,d,e,f,g,h);
273 HOST_c2l(data,l); T1 = X[1] = l; ROUND_00_15(1,h,a,b,c,d,e,f,g);
274 HOST_c2l(data,l); T1 = X[2] = l; ROUND_00_15(2,g,h,a,b,c,d,e,f);
275 HOST_c2l(data,l); T1 = X[3] = l; ROUND_00_15(3,f,g,h,a,b,c,d,e);
276 HOST_c2l(data,l); T1 = X[4] = l; ROUND_00_15(4,e,f,g,h,a,b,c,d);
277 HOST_c2l(data,l); T1 = X[5] = l; ROUND_00_15(5,d,e,f,g,h,a,b,c);
278 HOST_c2l(data,l); T1 = X[6] = l; ROUND_00_15(6,c,d,e,f,g,h,a,b);
279 HOST_c2l(data,l); T1 = X[7] = l; ROUND_00_15(7,b,c,d,e,f,g,h,a);
280 HOST_c2l(data,l); T1 = X[8] = l; ROUND_00_15(8,a,b,c,d,e,f,g,h);
281 HOST_c2l(data,l); T1 = X[9] = l; ROUND_00_15(9,h,a,b,c,d,e,f,g);
282 HOST_c2l(data,l); T1 = X[10] = l; ROUND_00_15(10,g,h,a,b,c,d,e,f);
283 HOST_c2l(data,l); T1 = X[11] = l; ROUND_00_15(11,f,g,h,a,b,c,d,e);
284 HOST_c2l(data,l); T1 = X[12] = l; ROUND_00_15(12,e,f,g,h,a,b,c,d);
285 HOST_c2l(data,l); T1 = X[13] = l; ROUND_00_15(13,d,e,f,g,h,a,b,c);
286 HOST_c2l(data,l); T1 = X[14] = l; ROUND_00_15(14,c,d,e,f,g,h,a,b);
287 HOST_c2l(data,l); T1 = X[15] = l; ROUND_00_15(15,b,c,d,e,f,g,h,a);
288 }
289
290 for (i=16;i<64;i+=8)
291 {
292 ROUND_16_63(i+0,a,b,c,d,e,f,g,h,X);
293 ROUND_16_63(i+1,h,a,b,c,d,e,f,g,X);
294 ROUND_16_63(i+2,g,h,a,b,c,d,e,f,X);
295 ROUND_16_63(i+3,f,g,h,a,b,c,d,e,X);
296 ROUND_16_63(i+4,e,f,g,h,a,b,c,d,X);
297 ROUND_16_63(i+5,d,e,f,g,h,a,b,c,X);
298 ROUND_16_63(i+6,c,d,e,f,g,h,a,b,X);
299 ROUND_16_63(i+7,b,c,d,e,f,g,h,a,X);
300 }
301
302 ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
303 ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
304
305 }
306 }
307
308#endif
309#endif /* SHA256_ASM */
310
311/*
312 * Idea is to trade couple of cycles for some space. On IA-32 we save
313 * about 4K in "big footprint" case. In "small footprint" case any gain
314 * is appreciated:-)
315 */
316void HASH_BLOCK_HOST_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
317{ sha256_block (ctx,in,num,1); }
318
319void HASH_BLOCK_DATA_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
320{ sha256_block (ctx,in,num,0); }
321
322#endif
323
324#endif /* OPENSSL_NO_SHA256 */
325
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_sha512.c b/src/lib/libssl/src/fips-1.0/sha/fips_sha512.c
new file mode 100644
index 0000000000..9e906af315
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_sha512.c
@@ -0,0 +1,487 @@
1/* crypto/sha/sha512.c */
2/* ====================================================================
3 * Copyright (c) 2004 The OpenSSL Project. All rights reserved
4 * according to the OpenSSL license [found in ../../LICENSE].
5 * ====================================================================
6 */
7#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
8/*
9 * IMPLEMENTATION NOTES.
10 *
11 * As you might have noticed 32-bit hash algorithms:
12 *
13 * - permit SHA_LONG to be wider than 32-bit (case on CRAY);
14 * - optimized versions implement two transform functions: one operating
15 * on [aligned] data in host byte order and one - on data in input
16 * stream byte order;
17 * - share common byte-order neutral collector and padding function
18 * implementations, ../md32_common.h;
19 *
20 * Neither of the above applies to this SHA-512 implementations. Reasons
21 * [in reverse order] are:
22 *
23 * - it's the only 64-bit hash algorithm for the moment of this writing,
24 * there is no need for common collector/padding implementation [yet];
25 * - by supporting only one transform function [which operates on
26 * *aligned* data in input stream byte order, big-endian in this case]
27 * we minimize burden of maintenance in two ways: a) collector/padding
28 * function is simpler; b) only one transform function to stare at;
29 * - SHA_LONG64 is required to be exactly 64-bit in order to be able to
30 * apply a number of optimizations to mitigate potential performance
31 * penalties caused by previous design decision;
32 *
33 * Caveat lector.
34 *
35 * Implementation relies on the fact that "long long" is 64-bit on
36 * both 32- and 64-bit platforms. If some compiler vendor comes up
37 * with 128-bit long long, adjustment to sha.h would be required.
38 * As this implementation relies on 64-bit integer type, it's totally
39 * inappropriate for platforms which don't support it, most notably
40 * 16-bit platforms.
41 * <appro@fy.chalmers.se>
42 */
43#include <stdlib.h>
44#include <string.h>
45
46#include <openssl/opensslconf.h>
47#include <openssl/crypto.h>
48#include <openssl/fips_sha.h>
49#include <openssl/fips.h>
50#include <openssl/opensslv.h>
51
52#ifdef OPENSSL_FIPS
53
54const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT;
55
56#if defined(_M_IX86) || defined(_M_AMD64) || defined(__i386) || defined(__x86_64)
57#define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
58#endif
59
60int SHA384_Init (SHA512_CTX *c)
61 {
62 c->h[0]=U64(0xcbbb9d5dc1059ed8);
63 c->h[1]=U64(0x629a292a367cd507);
64 c->h[2]=U64(0x9159015a3070dd17);
65 c->h[3]=U64(0x152fecd8f70e5939);
66 c->h[4]=U64(0x67332667ffc00b31);
67 c->h[5]=U64(0x8eb44a8768581511);
68 c->h[6]=U64(0xdb0c2e0d64f98fa7);
69 c->h[7]=U64(0x47b5481dbefa4fa4);
70 c->Nl=0; c->Nh=0;
71 c->num=0; c->md_len=SHA384_DIGEST_LENGTH;
72 return 1;
73 }
74
75int SHA512_Init (SHA512_CTX *c)
76 {
77 c->h[0]=U64(0x6a09e667f3bcc908);
78 c->h[1]=U64(0xbb67ae8584caa73b);
79 c->h[2]=U64(0x3c6ef372fe94f82b);
80 c->h[3]=U64(0xa54ff53a5f1d36f1);
81 c->h[4]=U64(0x510e527fade682d1);
82 c->h[5]=U64(0x9b05688c2b3e6c1f);
83 c->h[6]=U64(0x1f83d9abfb41bd6b);
84 c->h[7]=U64(0x5be0cd19137e2179);
85 c->Nl=0; c->Nh=0;
86 c->num=0; c->md_len=SHA512_DIGEST_LENGTH;
87 return 1;
88 }
89
90#ifndef SHA512_ASM
91static
92#endif
93void sha512_block (SHA512_CTX *ctx, const void *in, size_t num);
94
95int SHA512_Final (unsigned char *md, SHA512_CTX *c)
96 {
97 unsigned char *p=(unsigned char *)c->u.p;
98 size_t n=c->num;
99
100 p[n]=0x80; /* There always is a room for one */
101 n++;
102 if (n > (sizeof(c->u)-16))
103 memset (p+n,0,sizeof(c->u)-n), n=0,
104 sha512_block (c,p,1);
105
106 memset (p+n,0,sizeof(c->u)-16-n);
107#ifdef B_ENDIAN
108 c->u.d[SHA_LBLOCK-2] = c->Nh;
109 c->u.d[SHA_LBLOCK-1] = c->Nl;
110#else
111 p[sizeof(c->u)-1] = (unsigned char)(c->Nl);
112 p[sizeof(c->u)-2] = (unsigned char)(c->Nl>>8);
113 p[sizeof(c->u)-3] = (unsigned char)(c->Nl>>16);
114 p[sizeof(c->u)-4] = (unsigned char)(c->Nl>>24);
115 p[sizeof(c->u)-5] = (unsigned char)(c->Nl>>32);
116 p[sizeof(c->u)-6] = (unsigned char)(c->Nl>>40);
117 p[sizeof(c->u)-7] = (unsigned char)(c->Nl>>48);
118 p[sizeof(c->u)-8] = (unsigned char)(c->Nl>>56);
119 p[sizeof(c->u)-9] = (unsigned char)(c->Nh);
120 p[sizeof(c->u)-10] = (unsigned char)(c->Nh>>8);
121 p[sizeof(c->u)-11] = (unsigned char)(c->Nh>>16);
122 p[sizeof(c->u)-12] = (unsigned char)(c->Nh>>24);
123 p[sizeof(c->u)-13] = (unsigned char)(c->Nh>>32);
124 p[sizeof(c->u)-14] = (unsigned char)(c->Nh>>40);
125 p[sizeof(c->u)-15] = (unsigned char)(c->Nh>>48);
126 p[sizeof(c->u)-16] = (unsigned char)(c->Nh>>56);
127#endif
128
129 sha512_block (c,p,1);
130
131 if (md==0) return 0;
132
133 switch (c->md_len)
134 {
135 /* Let compiler decide if it's appropriate to unroll... */
136 case SHA384_DIGEST_LENGTH:
137 for (n=0;n<SHA384_DIGEST_LENGTH/8;n++)
138 {
139 SHA_LONG64 t = c->h[n];
140
141 *(md++) = (unsigned char)(t>>56);
142 *(md++) = (unsigned char)(t>>48);
143 *(md++) = (unsigned char)(t>>40);
144 *(md++) = (unsigned char)(t>>32);
145 *(md++) = (unsigned char)(t>>24);
146 *(md++) = (unsigned char)(t>>16);
147 *(md++) = (unsigned char)(t>>8);
148 *(md++) = (unsigned char)(t);
149 }
150 break;
151 case SHA512_DIGEST_LENGTH:
152 for (n=0;n<SHA512_DIGEST_LENGTH/8;n++)
153 {
154 SHA_LONG64 t = c->h[n];
155
156 *(md++) = (unsigned char)(t>>56);
157 *(md++) = (unsigned char)(t>>48);
158 *(md++) = (unsigned char)(t>>40);
159 *(md++) = (unsigned char)(t>>32);
160 *(md++) = (unsigned char)(t>>24);
161 *(md++) = (unsigned char)(t>>16);
162 *(md++) = (unsigned char)(t>>8);
163 *(md++) = (unsigned char)(t);
164 }
165 break;
166 /* ... as well as make sure md_len is not abused. */
167 default: return 0;
168 }
169
170 return 1;
171 }
172
173int SHA384_Final (unsigned char *md,SHA512_CTX *c)
174{ return SHA512_Final (md,c); }
175
176int SHA512_Update (SHA512_CTX *c, const void *_data, size_t len)
177 {
178 SHA_LONG64 l;
179 unsigned char *p=c->u.p;
180 const unsigned char *data=(const unsigned char *)_data;
181
182 if(FIPS_selftest_failed())
183 return 0;
184
185 if (len==0) return 1;
186
187 l = (c->Nl+(((SHA_LONG64)len)<<3))&U64(0xffffffffffffffff);
188 if (l < c->Nl) c->Nh++;
189 if (sizeof(len)>=8) c->Nh+=(((SHA_LONG64)len)>>61);
190 c->Nl=l;
191
192 if (c->num != 0)
193 {
194 size_t n = sizeof(c->u) - c->num;
195
196 if (len < n)
197 {
198 memcpy (p+c->num,data,len), c->num += len;
199 return 1;
200 }
201 else {
202 memcpy (p+c->num,data,n), c->num = 0;
203 len-=n, data+=n;
204 sha512_block (c,p,1);
205 }
206 }
207
208 if (len >= sizeof(c->u))
209 {
210#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
211 if ((size_t)data%sizeof(c->u.d[0]) != 0)
212 while (len >= sizeof(c->u))
213 memcpy (p,data,sizeof(c->u)),
214 sha512_block (c,p,1),
215 len -= sizeof(c->u),
216 data += sizeof(c->u);
217 else
218#endif
219 sha512_block (c,data,len/sizeof(c->u)),
220 data += len,
221 len %= sizeof(c->u),
222 data -= len;
223 }
224
225 if (len != 0) memcpy (p,data,len), c->num = (int)len;
226
227 return 1;
228 }
229
230int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
231{ return SHA512_Update (c,data,len); }
232
233void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
234{ sha512_block (c,data,1); }
235
236unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
237 {
238 SHA512_CTX c;
239 static unsigned char m[SHA384_DIGEST_LENGTH];
240
241 if (md == NULL) md=m;
242 SHA384_Init(&c);
243 SHA512_Update(&c,d,n);
244 SHA512_Final(md,&c);
245 OPENSSL_cleanse(&c,sizeof(c));
246 return(md);
247 }
248
249unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
250 {
251 SHA512_CTX c;
252 static unsigned char m[SHA512_DIGEST_LENGTH];
253
254 if (md == NULL) md=m;
255 SHA512_Init(&c);
256 SHA512_Update(&c,d,n);
257 SHA512_Final(md,&c);
258 OPENSSL_cleanse(&c,sizeof(c));
259 return(md);
260 }
261
262#ifndef SHA512_ASM
263static const SHA_LONG64 K512[80] = {
264 U64(0x428a2f98d728ae22),U64(0x7137449123ef65cd),
265 U64(0xb5c0fbcfec4d3b2f),U64(0xe9b5dba58189dbbc),
266 U64(0x3956c25bf348b538),U64(0x59f111f1b605d019),
267 U64(0x923f82a4af194f9b),U64(0xab1c5ed5da6d8118),
268 U64(0xd807aa98a3030242),U64(0x12835b0145706fbe),
269 U64(0x243185be4ee4b28c),U64(0x550c7dc3d5ffb4e2),
270 U64(0x72be5d74f27b896f),U64(0x80deb1fe3b1696b1),
271 U64(0x9bdc06a725c71235),U64(0xc19bf174cf692694),
272 U64(0xe49b69c19ef14ad2),U64(0xefbe4786384f25e3),
273 U64(0x0fc19dc68b8cd5b5),U64(0x240ca1cc77ac9c65),
274 U64(0x2de92c6f592b0275),U64(0x4a7484aa6ea6e483),
275 U64(0x5cb0a9dcbd41fbd4),U64(0x76f988da831153b5),
276 U64(0x983e5152ee66dfab),U64(0xa831c66d2db43210),
277 U64(0xb00327c898fb213f),U64(0xbf597fc7beef0ee4),
278 U64(0xc6e00bf33da88fc2),U64(0xd5a79147930aa725),
279 U64(0x06ca6351e003826f),U64(0x142929670a0e6e70),
280 U64(0x27b70a8546d22ffc),U64(0x2e1b21385c26c926),
281 U64(0x4d2c6dfc5ac42aed),U64(0x53380d139d95b3df),
282 U64(0x650a73548baf63de),U64(0x766a0abb3c77b2a8),
283 U64(0x81c2c92e47edaee6),U64(0x92722c851482353b),
284 U64(0xa2bfe8a14cf10364),U64(0xa81a664bbc423001),
285 U64(0xc24b8b70d0f89791),U64(0xc76c51a30654be30),
286 U64(0xd192e819d6ef5218),U64(0xd69906245565a910),
287 U64(0xf40e35855771202a),U64(0x106aa07032bbd1b8),
288 U64(0x19a4c116b8d2d0c8),U64(0x1e376c085141ab53),
289 U64(0x2748774cdf8eeb99),U64(0x34b0bcb5e19b48a8),
290 U64(0x391c0cb3c5c95a63),U64(0x4ed8aa4ae3418acb),
291 U64(0x5b9cca4f7763e373),U64(0x682e6ff3d6b2b8a3),
292 U64(0x748f82ee5defb2fc),U64(0x78a5636f43172f60),
293 U64(0x84c87814a1f0ab72),U64(0x8cc702081a6439ec),
294 U64(0x90befffa23631e28),U64(0xa4506cebde82bde9),
295 U64(0xbef9a3f7b2c67915),U64(0xc67178f2e372532b),
296 U64(0xca273eceea26619c),U64(0xd186b8c721c0c207),
297 U64(0xeada7dd6cde0eb1e),U64(0xf57d4f7fee6ed178),
298 U64(0x06f067aa72176fba),U64(0x0a637dc5a2c898a6),
299 U64(0x113f9804bef90dae),U64(0x1b710b35131c471b),
300 U64(0x28db77f523047d84),U64(0x32caab7b40c72493),
301 U64(0x3c9ebe0a15c9bebc),U64(0x431d67c49c100d4c),
302 U64(0x4cc5d4becb3e42b6),U64(0x597f299cfc657e2a),
303 U64(0x5fcb6fab3ad6faec),U64(0x6c44198c4a475817) };
304
305#ifndef PEDANTIC
306# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
307# if defined(__x86_64) || defined(__x86_64__)
308# define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x))); \
309 asm ("bswapq %0" \
310 : "=r"(ret) \
311 : "0"(ret)); ret; })
312# endif
313# endif
314#endif
315
316#ifndef PULL64
317#define B(x,j) (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
318#define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
319#endif
320
321#ifndef PEDANTIC
322# if defined(_MSC_VER)
323# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
324# define ROTR(a,n) _rotr64((a),n)
325# endif
326# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
327# if defined(__x86_64) || defined(__x86_64__)
328# define ROTR(a,n) ({ unsigned long ret; \
329 asm ("rorq %1,%0" \
330 : "=r"(ret) \
331 : "J"(n),"0"(a) \
332 : "cc"); ret; })
333# elif defined(_ARCH_PPC) && defined(__64BIT__)
334# define ROTR(a,n) ({ unsigned long ret; \
335 asm ("rotrdi %0,%1,%2" \
336 : "=r"(ret) \
337 : "r"(a),"K"(n)); ret; })
338# endif
339# endif
340#endif
341
342#ifndef ROTR
343#define ROTR(x,s) (((x)>>s) | (x)<<(64-s))
344#endif
345
346#define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
347#define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
348#define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
349#define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
350
351#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
352#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
353
354#ifdef OPENSSL_SMALL_FOOTPRINT
355
356static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
357 {
358 const SHA_LONG64 *W=in;
359 SHA_LONG64 a,b,c,d,e,f,g,h,s0,s1,T1,T2;
360 SHA_LONG64 X[16];
361 int i;
362
363 while (num--) {
364
365 a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
366 e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
367
368 for (i=0;i<16;i++)
369 {
370#ifdef B_ENDIAN
371 T1 = X[i] = W[i];
372#else
373 T1 = X[i] = PULL64(W[i]);
374#endif
375 T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];
376 T2 = Sigma0(a) + Maj(a,b,c);
377 h = g; g = f; f = e; e = d + T1;
378 d = c; c = b; b = a; a = T1 + T2;
379 }
380
381 for (;i<80;i++)
382 {
383 s0 = X[(i+1)&0x0f]; s0 = sigma0(s0);
384 s1 = X[(i+14)&0x0f]; s1 = sigma1(s1);
385
386 T1 = X[i&0xf] += s0 + s1 + X[(i+9)&0xf];
387 T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];
388 T2 = Sigma0(a) + Maj(a,b,c);
389 h = g; g = f; f = e; e = d + T1;
390 d = c; c = b; b = a; a = T1 + T2;
391 }
392
393 ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
394 ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
395
396 W+=SHA_LBLOCK;
397 }
398 }
399
400#else
401
402#define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
403 T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i]; \
404 h = Sigma0(a) + Maj(a,b,c); \
405 d += T1; h += T1; } while (0)
406
407#define ROUND_16_80(i,a,b,c,d,e,f,g,h,X) do { \
408 s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \
409 s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \
410 T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \
411 ROUND_00_15(i,a,b,c,d,e,f,g,h); } while (0)
412
413static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
414 {
415 const SHA_LONG64 *W=in;
416 SHA_LONG64 a,b,c,d,e,f,g,h,s0,s1,T1;
417 SHA_LONG64 X[16];
418 int i;
419
420 while (num--) {
421
422 a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
423 e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
424
425#ifdef B_ENDIAN
426 T1 = X[0] = W[0]; ROUND_00_15(0,a,b,c,d,e,f,g,h);
427 T1 = X[1] = W[1]; ROUND_00_15(1,h,a,b,c,d,e,f,g);
428 T1 = X[2] = W[2]; ROUND_00_15(2,g,h,a,b,c,d,e,f);
429 T1 = X[3] = W[3]; ROUND_00_15(3,f,g,h,a,b,c,d,e);
430 T1 = X[4] = W[4]; ROUND_00_15(4,e,f,g,h,a,b,c,d);
431 T1 = X[5] = W[5]; ROUND_00_15(5,d,e,f,g,h,a,b,c);
432 T1 = X[6] = W[6]; ROUND_00_15(6,c,d,e,f,g,h,a,b);
433 T1 = X[7] = W[7]; ROUND_00_15(7,b,c,d,e,f,g,h,a);
434 T1 = X[8] = W[8]; ROUND_00_15(8,a,b,c,d,e,f,g,h);
435 T1 = X[9] = W[9]; ROUND_00_15(9,h,a,b,c,d,e,f,g);
436 T1 = X[10] = W[10]; ROUND_00_15(10,g,h,a,b,c,d,e,f);
437 T1 = X[11] = W[11]; ROUND_00_15(11,f,g,h,a,b,c,d,e);
438 T1 = X[12] = W[12]; ROUND_00_15(12,e,f,g,h,a,b,c,d);
439 T1 = X[13] = W[13]; ROUND_00_15(13,d,e,f,g,h,a,b,c);
440 T1 = X[14] = W[14]; ROUND_00_15(14,c,d,e,f,g,h,a,b);
441 T1 = X[15] = W[15]; ROUND_00_15(15,b,c,d,e,f,g,h,a);
442#else
443 T1 = X[0] = PULL64(W[0]); ROUND_00_15(0,a,b,c,d,e,f,g,h);
444 T1 = X[1] = PULL64(W[1]); ROUND_00_15(1,h,a,b,c,d,e,f,g);
445 T1 = X[2] = PULL64(W[2]); ROUND_00_15(2,g,h,a,b,c,d,e,f);
446 T1 = X[3] = PULL64(W[3]); ROUND_00_15(3,f,g,h,a,b,c,d,e);
447 T1 = X[4] = PULL64(W[4]); ROUND_00_15(4,e,f,g,h,a,b,c,d);
448 T1 = X[5] = PULL64(W[5]); ROUND_00_15(5,d,e,f,g,h,a,b,c);
449 T1 = X[6] = PULL64(W[6]); ROUND_00_15(6,c,d,e,f,g,h,a,b);
450 T1 = X[7] = PULL64(W[7]); ROUND_00_15(7,b,c,d,e,f,g,h,a);
451 T1 = X[8] = PULL64(W[8]); ROUND_00_15(8,a,b,c,d,e,f,g,h);
452 T1 = X[9] = PULL64(W[9]); ROUND_00_15(9,h,a,b,c,d,e,f,g);
453 T1 = X[10] = PULL64(W[10]); ROUND_00_15(10,g,h,a,b,c,d,e,f);
454 T1 = X[11] = PULL64(W[11]); ROUND_00_15(11,f,g,h,a,b,c,d,e);
455 T1 = X[12] = PULL64(W[12]); ROUND_00_15(12,e,f,g,h,a,b,c,d);
456 T1 = X[13] = PULL64(W[13]); ROUND_00_15(13,d,e,f,g,h,a,b,c);
457 T1 = X[14] = PULL64(W[14]); ROUND_00_15(14,c,d,e,f,g,h,a,b);
458 T1 = X[15] = PULL64(W[15]); ROUND_00_15(15,b,c,d,e,f,g,h,a);
459#endif
460
461 for (i=16;i<80;i+=8)
462 {
463 ROUND_16_80(i+0,a,b,c,d,e,f,g,h,X);
464 ROUND_16_80(i+1,h,a,b,c,d,e,f,g,X);
465 ROUND_16_80(i+2,g,h,a,b,c,d,e,f,X);
466 ROUND_16_80(i+3,f,g,h,a,b,c,d,e,X);
467 ROUND_16_80(i+4,e,f,g,h,a,b,c,d,X);
468 ROUND_16_80(i+5,d,e,f,g,h,a,b,c,X);
469 ROUND_16_80(i+6,c,d,e,f,g,h,a,b,X);
470 ROUND_16_80(i+7,b,c,d,e,f,g,h,a,X);
471 }
472
473 ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
474 ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
475
476 W+=SHA_LBLOCK;
477 }
478 }
479
480#endif
481
482#endif /* SHA512_ASM */
483
484#endif
485
486#endif /* OPENSSL_NO_SHA512 */
487
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_sha_locl.h b/src/lib/libssl/src/fips-1.0/sha/fips_sha_locl.h
new file mode 100644
index 0000000000..bf31d3b845
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_sha_locl.h
@@ -0,0 +1,482 @@
1/* crypto/sha/sha_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdlib.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63#include <openssl/fips_sha.h>
64#include <openssl/fips.h>
65
66#ifndef SHA_LONG_LOG2
67#define SHA_LONG_LOG2 2 /* default to 32 bits */
68#endif
69
70#define DATA_ORDER_IS_BIG_ENDIAN
71
72#define HASH_LONG SHA_LONG
73#define HASH_LONG_LOG2 SHA_LONG_LOG2
74#define HASH_CTX SHA_CTX
75#define HASH_CBLOCK SHA_CBLOCK
76#define HASH_LBLOCK SHA_LBLOCK
77#define HASH_MAKE_STRING(c,s) do { \
78 unsigned long ll; \
79 ll=(c)->h0; HOST_l2c(ll,(s)); \
80 ll=(c)->h1; HOST_l2c(ll,(s)); \
81 ll=(c)->h2; HOST_l2c(ll,(s)); \
82 ll=(c)->h3; HOST_l2c(ll,(s)); \
83 ll=(c)->h4; HOST_l2c(ll,(s)); \
84 } while (0)
85
86#if defined(SHA_0)
87
88# define HASH_UPDATE SHA_Update
89# define HASH_TRANSFORM SHA_Transform
90# define HASH_FINAL SHA_Final
91# define HASH_INIT SHA_Init
92# define HASH_BLOCK_HOST_ORDER sha_block_host_order
93# define HASH_BLOCK_DATA_ORDER sha_block_data_order
94# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id))
95
96 void sha_block_host_order (SHA_CTX *c, const void *p,size_t num);
97 void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
98
99#elif defined(SHA_1)
100
101# define HASH_UPDATE SHA1_Update
102# define HASH_TRANSFORM SHA1_Transform
103# define HASH_FINAL SHA1_Final
104# define HASH_INIT SHA1_Init
105# define HASH_BLOCK_HOST_ORDER sha1_block_host_order
106# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
107# if defined(__MWERKS__) && defined(__MC68K__)
108 /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
109# define Xupdate(a,ix,ia,ib,ic,id) do { (a)=(ia^ib^ic^id); \
110 ix=(a)=ROTATE((a),1); \
111 } while (0)
112# else
113# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
114 ix=(a)=ROTATE((a),1) \
115 )
116# endif
117
118# ifdef SHA1_ASM
119# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
120# define sha1_block_host_order sha1_block_asm_host_order
121# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
122# define sha1_block_data_order sha1_block_asm_data_order
123# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
124# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order
125# endif
126# endif
127 void sha1_block_host_order (SHA_CTX *c, const void *p,size_t num);
128 void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
129
130#else
131# error "Either SHA_0 or SHA_1 must be defined."
132#endif
133
134#include "fips_md32_common.h"
135
136#define INIT_DATA_h0 0x67452301UL
137#define INIT_DATA_h1 0xefcdab89UL
138#define INIT_DATA_h2 0x98badcfeUL
139#define INIT_DATA_h3 0x10325476UL
140#define INIT_DATA_h4 0xc3d2e1f0UL
141
142int HASH_INIT (SHA_CTX *c)
143 {
144 /* This assert denotes binary compatibility in 0.9.7 context
145 and commonly optimized away by compiler. */
146 OPENSSL_assert(sizeof(unsigned long)<=sizeof(size_t));
147 c->h0=INIT_DATA_h0;
148 c->h1=INIT_DATA_h1;
149 c->h2=INIT_DATA_h2;
150 c->h3=INIT_DATA_h3;
151 c->h4=INIT_DATA_h4;
152 c->Nl=0;
153 c->Nh=0;
154 c->num=0;
155 return 1;
156 }
157
158#define K_00_19 0x5a827999UL
159#define K_20_39 0x6ed9eba1UL
160#define K_40_59 0x8f1bbcdcUL
161#define K_60_79 0xca62c1d6UL
162
163/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
164 * simplified to the code in F_00_19. Wei attributes these optimisations
165 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
166 * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
167 * I've just become aware of another tweak to be made, again from Wei Dai,
168 * in F_40_59, (x&a)|(y&a) -> (x|y)&a
169 */
170#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
171#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
172#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
173#define F_60_79(b,c,d) F_20_39(b,c,d)
174
175#define BODY_00_15(i,a,b,c,d,e,f,xi) \
176 (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
177 (b)=ROTATE((b),30);
178
179#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
180 Xupdate(f,xi,xa,xb,xc,xd); \
181 (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
182 (b)=ROTATE((b),30);
183
184#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
185 Xupdate(f,xi,xa,xb,xc,xd); \
186 (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
187 (b)=ROTATE((b),30);
188
189#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
190 Xupdate(f,xa,xa,xb,xc,xd); \
191 (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
192 (b)=ROTATE((b),30);
193
194#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
195 Xupdate(f,xa,xa,xb,xc,xd); \
196 (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
197 (b)=ROTATE((b),30);
198
199#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
200 Xupdate(f,xa,xa,xb,xc,xd); \
201 (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
202 (b)=ROTATE((b),30);
203
204#ifdef X
205#undef X
206#endif
207#ifndef MD32_XARRAY
208 /*
209 * Originally X was an array. As it's automatic it's natural
210 * to expect RISC compiler to accomodate at least part of it in
211 * the register bank, isn't it? Unfortunately not all compilers
212 * "find" this expectation reasonable:-( On order to make such
213 * compilers generate better code I replace X[] with a bunch of
214 * X0, X1, etc. See the function body below...
215 * <appro@fy.chalmers.se>
216 */
217# define X(i) XX##i
218#else
219 /*
220 * However! Some compilers (most notably HP C) get overwhelmed by
221 * that many local variables so that we have to have the way to
222 * fall down to the original behavior.
223 */
224# define X(i) XX[i]
225#endif
226
227#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
228void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, size_t num)
229 {
230 const SHA_LONG *W=d;
231 register unsigned MD32_REG_T A,B,C,D,E,T;
232#ifndef MD32_XARRAY
233 unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
234 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
235#else
236 SHA_LONG XX[16];
237#endif
238
239 if(FIPS_selftest_failed())
240 return;
241
242 A=c->h0;
243 B=c->h1;
244 C=c->h2;
245 D=c->h3;
246 E=c->h4;
247
248 for (;;)
249 {
250 BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
251 BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
252 BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
253 BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
254 BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
255 BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
256 BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
257 BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
258 BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
259 BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
260 BODY_00_15(10,C,D,E,T,A,B,W[10]);
261 BODY_00_15(11,B,C,D,E,T,A,W[11]);
262 BODY_00_15(12,A,B,C,D,E,T,W[12]);
263 BODY_00_15(13,T,A,B,C,D,E,W[13]);
264 BODY_00_15(14,E,T,A,B,C,D,W[14]);
265 BODY_00_15(15,D,E,T,A,B,C,W[15]);
266
267 BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
268 BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
269 BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
270 BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
271
272 BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
273 BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
274 BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
275 BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
276 BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
277 BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
278 BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
279 BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
280 BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
281 BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
282 BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
283 BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
284
285 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
286 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
287 BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
288 BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
289 BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
290 BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
291 BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
292 BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
293
294 BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
295 BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
296 BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
297 BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
298 BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
299 BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
300 BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
301 BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
302 BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
303 BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
304 BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
305 BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
306 BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
307 BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
308 BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
309 BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
310 BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
311 BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
312 BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
313 BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
314
315 BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
316 BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
317 BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
318 BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
319 BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
320 BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
321 BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
322 BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
323 BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
324 BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
325 BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
326 BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
327 BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
328 BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
329 BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
330 BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
331 BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
332 BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
333 BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
334 BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
335
336 c->h0=(c->h0+E)&0xffffffffL;
337 c->h1=(c->h1+T)&0xffffffffL;
338 c->h2=(c->h2+A)&0xffffffffL;
339 c->h3=(c->h3+B)&0xffffffffL;
340 c->h4=(c->h4+C)&0xffffffffL;
341
342 if (--num == 0) break;
343
344 A=c->h0;
345 B=c->h1;
346 C=c->h2;
347 D=c->h3;
348 E=c->h4;
349
350 W+=SHA_LBLOCK;
351 }
352 }
353#endif
354
355#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
356void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
357 {
358 const unsigned char *data=p;
359 register unsigned MD32_REG_T A,B,C,D,E,T,l;
360#ifndef MD32_XARRAY
361 unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
362 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
363#else
364 SHA_LONG XX[16];
365#endif
366
367 if(FIPS_selftest_failed())
368 return;
369
370 A=c->h0;
371 B=c->h1;
372 C=c->h2;
373 D=c->h3;
374 E=c->h4;
375
376 for (;;)
377 {
378
379 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
380 BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
381 BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
382 BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
383 BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
384 BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
385 BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
386 BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
387 BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
388 BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
389 BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
390 BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
391 BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
392 BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
393 BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
394 BODY_00_15(14,E,T,A,B,C,D,X(14));
395 BODY_00_15(15,D,E,T,A,B,C,X(15));
396
397 BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
398 BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
399 BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
400 BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
401
402 BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
403 BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
404 BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
405 BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
406 BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
407 BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
408 BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
409 BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
410 BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
411 BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
412 BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
413 BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
414
415 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
416 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
417 BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
418 BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
419 BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
420 BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
421 BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
422 BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
423
424 BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
425 BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
426 BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
427 BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
428 BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
429 BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
430 BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
431 BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
432 BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
433 BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
434 BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
435 BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
436 BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
437 BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
438 BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
439 BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
440 BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
441 BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
442 BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
443 BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
444
445 BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
446 BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
447 BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
448 BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
449 BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
450 BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
451 BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
452 BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
453 BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
454 BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
455 BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
456 BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
457 BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
458 BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
459 BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
460 BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
461 BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
462 BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
463 BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
464 BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
465
466 c->h0=(c->h0+E)&0xffffffffL;
467 c->h1=(c->h1+T)&0xffffffffL;
468 c->h2=(c->h2+A)&0xffffffffL;
469 c->h3=(c->h3+B)&0xffffffffL;
470 c->h4=(c->h4+C)&0xffffffffL;
471
472 if (--num == 0) break;
473
474 A=c->h0;
475 B=c->h1;
476 C=c->h2;
477 D=c->h3;
478 E=c->h4;
479
480 }
481 }
482#endif
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_shatest.c b/src/lib/libssl/src/fips-1.0/sha/fips_shatest.c
new file mode 100644
index 0000000000..4896b467e4
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_shatest.c
@@ -0,0 +1,399 @@
1/* fips_shatest.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include <string.h>
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/err.h>
65#include <openssl/x509v3.h>
66
67#ifndef OPENSSL_FIPS
68
69int main(int argc, char *argv[])
70{
71 printf("No FIPS SHAXXX support\n");
72 return(0);
73}
74
75#else
76
77static int dgst_test(BIO *err, BIO *out, BIO *in);
78static int print_dgst(BIO *err, const EVP_MD *md, BIO *out,
79 unsigned char *Msg, int Msglen);
80static int print_monte(BIO *err, const EVP_MD *md, BIO *out,
81 unsigned char *Seed, int SeedLen);
82
83int main(int argc, char **argv)
84 {
85 BIO *in = NULL, *out = NULL, *err = NULL;
86
87 int ret = 1;
88
89 ERR_load_crypto_strings();
90
91 err = BIO_new_fp(stderr, BIO_NOCLOSE);
92
93 if (!err)
94 {
95 fprintf(stderr, "FATAL stderr initialization error\n");
96 goto end;
97 }
98
99 if(!FIPS_mode_set(1))
100 {
101 ERR_print_errors(err);
102 goto end;
103 }
104
105 if (argc == 1)
106 in = BIO_new_fp(stdin, BIO_NOCLOSE);
107 else
108 in = BIO_new_file(argv[1], "r");
109
110 if (argc < 2)
111 out = BIO_new_fp(stdout, BIO_NOCLOSE);
112 else
113 out = BIO_new_file(argv[2], "w");
114
115 if (!in)
116 {
117 BIO_printf(err, "FATAL input initialization error\n");
118 goto end;
119 }
120
121 if (!out)
122 {
123 fprintf(stderr, "FATAL output initialization error\n");
124 goto end;
125 }
126
127 if (!dgst_test(err, out, in))
128 {
129 fprintf(stderr, "FATAL digest file processing error\n");
130 goto end;
131 }
132 else
133 ret = 0;
134
135 end:
136
137 if (ret && err)
138 ERR_print_errors(err);
139
140 if (in)
141 BIO_free(in);
142 if (out)
143 BIO_free(out);
144 if (err)
145 BIO_free(err);
146
147 return ret;
148
149 }
150
151#define SHA_TEST_MAX_BITS 102400
152#define SHA_TEST_MAXLINELEN (((SHA_TEST_MAX_BITS >> 3) * 2) + 10)
153
154int dgst_test(BIO *err, BIO *out, BIO *in)
155 {
156 const EVP_MD *md = NULL;
157 char *linebuf, *olinebuf, *p, *q;
158 char *keyword, *value;
159 unsigned char *Msg = NULL, *Seed = NULL;
160 long MsgLen = -1, Len = -1, SeedLen = -1;
161 int ret = 0;
162 int lnum = 0;
163
164 olinebuf = OPENSSL_malloc(SHA_TEST_MAXLINELEN);
165 linebuf = OPENSSL_malloc(SHA_TEST_MAXLINELEN);
166
167 if (!linebuf || !olinebuf)
168 goto error;
169
170
171 while (BIO_gets(in, olinebuf, SHA_TEST_MAXLINELEN) > 0)
172 {
173 lnum++;
174 strcpy(linebuf, olinebuf);
175 keyword = linebuf;
176 /* Skip leading space */
177 while (isspace((unsigned char)*keyword))
178 keyword++;
179
180 /* Look for = sign */
181 p = strchr(linebuf, '=');
182
183 /* If no = or starts with [ (for [L=20] line) just copy */
184 if (!p)
185 {
186 if (!BIO_puts(out, olinebuf))
187 goto error;
188 continue;
189 }
190
191 q = p - 1;
192
193 /* Remove trailing space */
194 while (isspace((unsigned char)*q))
195 *q-- = 0;
196
197 *p = 0;
198 value = p + 1;
199
200 /* Remove leading space from value */
201 while (isspace((unsigned char)*value))
202 value++;
203
204 /* Remove trailing space from value */
205 p = value + strlen(value) - 1;
206
207 while (*p == '\n' || isspace((unsigned char)*p))
208 *p-- = 0;
209
210 if (!strcmp(keyword,"[L") && *p==']')
211 {
212 switch (atoi(value))
213 {
214 case 20: md=EVP_sha1(); break;
215 case 28: md=EVP_sha224(); break;
216 case 32: md=EVP_sha256(); break;
217 case 48: md=EVP_sha384(); break;
218 case 64: md=EVP_sha512(); break;
219 default: goto parse_error;
220 }
221 }
222 else if (!strcmp(keyword, "Len"))
223 {
224 if (Len != -1)
225 goto parse_error;
226 Len = atoi(value);
227 if (Len < 0)
228 goto parse_error;
229 /* Only handle multiples of 8 bits */
230 if (Len & 0x7)
231 goto parse_error;
232 if (Len > SHA_TEST_MAX_BITS)
233 goto parse_error;
234 MsgLen = Len >> 3;
235 }
236
237 else if (!strcmp(keyword, "Msg"))
238 {
239 long tmplen;
240 if (strlen(value) & 1)
241 *(--value) = '0';
242 if (Msg)
243 goto parse_error;
244 Msg = string_to_hex(value, &tmplen);
245 if (!Msg)
246 goto parse_error;
247 }
248 else if (!strcmp(keyword, "Seed"))
249 {
250 if (strlen(value) & 1)
251 *(--value) = '0';
252 if (Seed)
253 goto parse_error;
254 Seed = string_to_hex(value, &SeedLen);
255 if (!Seed)
256 goto parse_error;
257 }
258 else if (!strcmp(keyword, "MD"))
259 continue;
260 else
261 goto parse_error;
262
263 BIO_puts(out, olinebuf);
264
265 if (md && Msg && (MsgLen >= 0))
266 {
267 if (!print_dgst(err, md, out, Msg, MsgLen))
268 goto error;
269 OPENSSL_free(Msg);
270 Msg = NULL;
271 MsgLen = -1;
272 Len = -1;
273 }
274 else if (md && Seed && (SeedLen > 0))
275 {
276 if (!print_monte(err, md, out, Seed, SeedLen))
277 goto error;
278 OPENSSL_free(Seed);
279 Seed = NULL;
280 SeedLen = -1;
281 }
282
283
284 }
285
286
287 ret = 1;
288
289
290 error:
291
292 if (olinebuf)
293 OPENSSL_free(olinebuf);
294 if (linebuf)
295 OPENSSL_free(linebuf);
296 if (Msg)
297 OPENSSL_free(Msg);
298 if (Seed)
299 OPENSSL_free(Seed);
300
301 return ret;
302
303 parse_error:
304
305 BIO_printf(err, "FATAL parse error processing line %d\n", lnum);
306
307 goto error;
308
309 }
310
311static int print_dgst(BIO *err, const EVP_MD *emd, BIO *out,
312 unsigned char *Msg, int Msglen)
313 {
314 int i, mdlen;
315 unsigned char md[EVP_MAX_MD_SIZE];
316 if (!EVP_Digest(Msg, Msglen, md, (unsigned int *)&mdlen, emd, NULL))
317 {
318 BIO_puts(err, "Error calculating HASH\n");
319 return 0;
320 }
321 BIO_puts(out, "MD = ");
322 for (i = 0; i < mdlen; i++)
323 BIO_printf(out, "%02x", md[i]);
324 BIO_puts(out, "\n");
325 return 1;
326 }
327
328static int print_monte(BIO *err, const EVP_MD *md, BIO *out,
329 unsigned char *Seed, int SeedLen)
330 {
331 unsigned int i, j, k;
332 int ret = 0;
333 EVP_MD_CTX ctx;
334 unsigned char *m1, *m2, *m3, *p;
335 unsigned int mlen, m1len, m2len, m3len;
336
337 EVP_MD_CTX_init(&ctx);
338
339 if (SeedLen > EVP_MAX_MD_SIZE)
340 mlen = SeedLen;
341 else
342 mlen = EVP_MAX_MD_SIZE;
343
344 m1 = OPENSSL_malloc(mlen);
345 m2 = OPENSSL_malloc(mlen);
346 m3 = OPENSSL_malloc(mlen);
347
348 if (!m1 || !m2 || !m3)
349 goto mc_error;
350
351 m1len = m2len = m3len = SeedLen;
352 memcpy(m1, Seed, SeedLen);
353 memcpy(m2, Seed, SeedLen);
354 memcpy(m3, Seed, SeedLen);
355
356 BIO_puts(out, "\n");
357
358 for (j = 0; j < 100; j++)
359 {
360 for (i = 0; i < 1000; i++)
361 {
362 EVP_DigestInit_ex(&ctx, md, NULL);
363 EVP_DigestUpdate(&ctx, m1, m1len);
364 EVP_DigestUpdate(&ctx, m2, m2len);
365 EVP_DigestUpdate(&ctx, m3, m3len);
366 p = m1;
367 m1 = m2;
368 m1len = m2len;
369 m2 = m3;
370 m2len = m3len;
371 m3 = p;
372 EVP_DigestFinal_ex(&ctx, m3, &m3len);
373 }
374 BIO_printf(out, "COUNT = %d\n", j);
375 BIO_puts(out, "MD = ");
376 for (k = 0; k < m3len; k++)
377 BIO_printf(out, "%02x", m3[k]);
378 BIO_puts(out, "\n\n");
379 memcpy(m1, m3, m3len);
380 memcpy(m2, m3, m3len);
381 m1len = m2len = m3len;
382 }
383
384 ret = 1;
385
386 mc_error:
387 if (m1)
388 OPENSSL_free(m1);
389 if (m2)
390 OPENSSL_free(m2);
391 if (m3)
392 OPENSSL_free(m3);
393
394 EVP_MD_CTX_cleanup(&ctx);
395
396 return ret;
397 }
398
399#endif
diff --git a/src/lib/libssl/src/fips-1.0/sha/fips_standalone_sha1.c b/src/lib/libssl/src/fips-1.0/sha/fips_standalone_sha1.c
new file mode 100644
index 0000000000..8c10c2cd83
--- /dev/null
+++ b/src/lib/libssl/src/fips-1.0/sha/fips_standalone_sha1.c
@@ -0,0 +1,170 @@
1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 *
48 */
49
50#include <stdio.h>
51#include <stdlib.h>
52#include <string.h>
53#include <openssl/opensslconf.h>
54#include <openssl/fips_sha.h>
55#include <openssl/hmac.h>
56
57int FIPS_selftest_failed() { return 0; }
58void OPENSSL_cleanse(void *p,size_t len) {}
59
60#ifdef OPENSSL_FIPS
61
62static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx,
63 const char *key)
64 {
65 int len=strlen(key);
66 int i;
67 unsigned char keymd[HMAC_MAX_MD_CBLOCK];
68 unsigned char pad[HMAC_MAX_MD_CBLOCK];
69
70 if (len > SHA_CBLOCK)
71 {
72 SHA1_Init(md_ctx);
73 SHA1_Update(md_ctx,key,len);
74 SHA1_Final(keymd,md_ctx);
75 len=20;
76 }
77 else
78 memcpy(keymd,key,len);
79 memset(&keymd[len],'\0',HMAC_MAX_MD_CBLOCK-len);
80
81 for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
82 pad[i]=0x36^keymd[i];
83 SHA1_Init(md_ctx);
84 SHA1_Update(md_ctx,pad,SHA_CBLOCK);
85
86 for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
87 pad[i]=0x5c^keymd[i];
88 SHA1_Init(o_ctx);
89 SHA1_Update(o_ctx,pad,SHA_CBLOCK);
90 }
91
92static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx)
93 {
94 unsigned char buf[20];
95
96 SHA1_Final(buf,md_ctx);
97 SHA1_Update(o_ctx,buf,sizeof buf);
98 SHA1_Final(md,o_ctx);
99 }
100
101#endif
102
103int main(int argc,char **argv)
104 {
105#ifdef OPENSSL_FIPS
106 static char key[]="etaonrishdlcupfm";
107 int n,binary=0;
108
109 if(argc < 2)
110 {
111 fprintf(stderr,"%s [<file>]+\n",argv[0]);
112 exit(1);
113 }
114
115 n=1;
116 if (!strcmp(argv[n],"-binary"))
117 {
118 n++;
119 binary=1; /* emit binary fingerprint... */
120 }
121
122 for(; n < argc ; ++n)
123 {
124 FILE *f=fopen(argv[n],"rb");
125 SHA_CTX md_ctx,o_ctx;
126 unsigned char md[20];
127 int i;
128
129 if(!f)
130 {
131 perror(argv[n]);
132 exit(2);
133 }
134
135 hmac_init(&md_ctx,&o_ctx,key);
136 for( ; ; )
137 {
138 char buf[1024];
139 int l=fread(buf,1,sizeof buf,f);
140
141 if(l == 0)
142 {
143 if(ferror(f))
144 {
145 perror(argv[n]);
146 exit(3);
147 }
148 else
149 break;
150 }
151 SHA1_Update(&md_ctx,buf,l);
152 }
153 hmac_final(md,&md_ctx,&o_ctx);
154
155 if (binary)
156 {
157 fwrite(md,20,1,stdout);
158 break; /* ... for single(!) file */
159 }
160
161 printf("HMAC-SHA1(%s)= ",argv[n]);
162 for(i=0 ; i < 20 ; ++i)
163 printf("%02x",md[i]);
164 printf("\n");
165 }
166#endif
167 return 0;
168 }
169
170
diff --git a/src/lib/libssl/src/makevms.com b/src/lib/libssl/src/makevms.com
index d892fe9f0d..a739625302 100644
--- a/src/lib/libssl/src/makevms.com
+++ b/src/lib/libssl/src/makevms.com
@@ -480,16 +480,18 @@ $!
480$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h 480$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h
481$ COPY SYS$DISK:[.SSL]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] 481$ COPY SYS$DISK:[.SSL]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL]
482$! 482$!
483$! Copy All The ".H" Files From The [.FIPS] Directories. 483$! Copy All The ".H" Files From The [.FIPS-1_0] Directories.
484$! 484$!
485$ FDIRS := ,SHA1,RAND,DES,AES,DSA,RSA 485$ FDIRS := ,SHA,RAND,DES,AES,DSA,RSA,DH,HMAC
486$ EXHEADER_ := fips.h 486$ EXHEADER_ := fips.h
487$ EXHEADER_SHA1 := 487$ EXHEADER_SHA := fips_sha.h
488$ EXHEADER_RAND := fips_rand.h 488$ EXHEADER_RAND := fips_rand.h
489$ EXHEADER_DES := 489$ EXHEADER_DES :=
490$ EXHEADER_AES := 490$ EXHEADER_AES :=
491$ EXHEADER_DSA := 491$ EXHEADER_DSA :=
492$ EXHEADER_RSA := 492$ EXHEADER_RSA :=
493$ EXHEADER_DH :=
494$ EXHEADER_HMAC :=
493$ 495$
494$ I = 0 496$ I = 0
495$ LOOP_FDIRS: 497$ LOOP_FDIRS:
@@ -500,9 +502,9 @@ $ tmp = EXHEADER_'D'
500$ IF tmp .EQS. "" THEN GOTO LOOP_FDIRS 502$ IF tmp .EQS. "" THEN GOTO LOOP_FDIRS
501$ IF D .EQS. "" 503$ IF D .EQS. ""
502$ THEN 504$ THEN
503$ COPY [.FIPS]'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG 505$ COPY [.FIPS-1_0]'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG
504$ ELSE 506$ ELSE
505$ COPY [.FIPS.'D']'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG 507$ COPY [.FIPS-1_0.'D']'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG
506$ ENDIF 508$ ENDIF
507$ GOTO LOOP_FDIRS 509$ GOTO LOOP_FDIRS
508$ LOOP_FDIRS_END: 510$ LOOP_FDIRS_END:
@@ -536,9 +538,9 @@ $! Go Back To The Main Directory.
536$! 538$!
537$ SET DEFAULT [-] 539$ SET DEFAULT [-]
538$! 540$!
539$! Go To The [.FIPS] Directory. 541$! Go To The [.FIPS-1_0] Directory.
540$! 542$!
541$ SET DEFAULT SYS$DISK:[.FIPS] 543$ SET DEFAULT SYS$DISK:[.FIPS-1_0]
542$! 544$!
543$! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. 545$! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
544$! 546$!
diff --git a/src/lib/libssl/src/ms/do_masm.bat b/src/lib/libssl/src/ms/do_masm.bat
index 61c52562f7..ce22a44305 100644
--- a/src/lib/libssl/src/ms/do_masm.bat
+++ b/src/lib/libssl/src/ms/do_masm.bat
@@ -1,4 +1,3 @@
1rem use "fips" as the first argument to make a proper FIPS build.
2 1
3@echo off 2@echo off
4echo Generating x86 for MASM assember 3echo Generating x86 for MASM assember
@@ -60,7 +59,7 @@ echo on
60perl util\mkfiles.pl >MINFO 59perl util\mkfiles.pl >MINFO
61rem perl util\mk1mf.pl no-sock %1 VC-MSDOS >ms\msdos.mak 60rem perl util\mk1mf.pl no-sock %1 VC-MSDOS >ms\msdos.mak
62rem perl util\mk1mf.pl %1 VC-W31-32 >ms\w31.mak 61rem perl util\mk1mf.pl %1 VC-W31-32 >ms\w31.mak
63perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak 62rem perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak
64perl util\mk1mf.pl %1 VC-WIN32 >ms\nt.mak 63perl util\mk1mf.pl %1 VC-WIN32 >ms\nt.mak
65perl util\mk1mf.pl dll %1 VC-WIN32 >ms\ntdll.mak 64perl util\mk1mf.pl dll %1 VC-WIN32 >ms\ntdll.mak
66 65
diff --git a/src/lib/libssl/src/ms/do_ms.bat b/src/lib/libssl/src/ms/do_ms.bat
index 72179708bf..4a76921298 100644
--- a/src/lib/libssl/src/ms/do_ms.bat
+++ b/src/lib/libssl/src/ms/do_ms.bat
@@ -2,7 +2,7 @@
2perl util\mkfiles.pl >MINFO 2perl util\mkfiles.pl >MINFO
3rem perl util\mk1mf.pl no-sock %1 VC-MSDOS >ms\msdos.mak 3rem perl util\mk1mf.pl no-sock %1 VC-MSDOS >ms\msdos.mak
4rem perl util\mk1mf.pl %1 VC-W31-32 >ms\w31.mak 4rem perl util\mk1mf.pl %1 VC-W31-32 >ms\w31.mak
5perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak 5rem perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak
6perl util\mk1mf.pl no-asm %1 VC-WIN32 >ms\nt.mak 6perl util\mk1mf.pl no-asm %1 VC-WIN32 >ms\nt.mak
7perl util\mk1mf.pl dll no-asm %1 VC-WIN32 >ms\ntdll.mak 7perl util\mk1mf.pl dll no-asm %1 VC-WIN32 >ms\ntdll.mak
8perl util\mk1mf.pl no-asm %1 VC-CE >ms\ce.mak 8perl util\mk1mf.pl no-asm %1 VC-CE >ms\ce.mak
diff --git a/src/lib/libssl/src/ms/fipscheck.pl b/src/lib/libssl/src/ms/fipscheck.pl
new file mode 100644
index 0000000000..80ffbd15ae
--- /dev/null
+++ b/src/lib/libssl/src/ms/fipscheck.pl
@@ -0,0 +1,38 @@
1#!/usr/bin/perl
2
3# fipscheck.pl
4# sample perl script to check integrity of critical FIPS files
5
6my ($fipsdir) = @ARGV;
7
8die "Directory $fipsdir not found or invalid" unless -d $fipsdir;
9
10die "Standalone SHA1 check program ${fipsdir}/fips_standalone_sha1.exe not found" unless -f "${fipsdir}/fips_standalone_sha1.exe";
11
12check_hash("fips_premain.c", $fipsdir);
13check_hash("fipscanister.o", $fipsdir);
14
15sub check_hash
16 {
17 my ($filename, $dir) = @_;
18 my ($hashfile, $hashval);
19
20 $filename = "$dir/$filename";
21
22 die "File $filename does not exist" unless -f $filename;
23 die "File ${filename}.sha1 does not exist" unless -f "${filename}.sha1";
24
25 open(IN, "${filename}.sha1") || die "Cannot open file hash file ${filename}.sha1";
26 $hashfile = <IN>;
27 close IN;
28 $hashval = `${dir}/fips_standalone_sha1.exe $filename`;
29 chomp $hashfile;
30 chomp $hashval;
31 $hashfile =~ s/^.*=\s+//;
32 $hashval =~ s/^.*=\s+//;
33 die "Invalid hash syntax in file" if (length($hashfile) != 40);
34 die "Invalid hash received for file" if (length($hashval) != 40);
35 die "*** HASH VALUE MISMATCH FOR FILE $filename ***" if ($hashval ne $hashfile);
36 }
37
38
diff --git a/src/lib/libssl/src/openssl.spec b/src/lib/libssl/src/openssl.spec
index 98ef153e3b..3dad37d49b 100644
--- a/src/lib/libssl/src/openssl.spec
+++ b/src/lib/libssl/src/openssl.spec
@@ -1,8 +1,8 @@
1%define libmaj 0 1%define libmaj 0
2%define libmin 9 2%define libmin 9
3%define librel 7 3%define librel 7
4%define librev g 4%define librev j
5Release: 1 5Release: 2
6 6
7%define openssldir /var/ssl 7%define openssldir /var/ssl
8 8
@@ -121,7 +121,6 @@ rm -rf $RPM_BUILD_ROOT
121 121
122%config %attr(0644,root,root) %{openssldir}/openssl.cnf 122%config %attr(0644,root,root) %{openssldir}/openssl.cnf
123%dir %attr(0755,root,root) %{openssldir}/certs 123%dir %attr(0755,root,root) %{openssldir}/certs
124%dir %attr(0755,root,root) %{openssldir}/lib
125%dir %attr(0755,root,root) %{openssldir}/misc 124%dir %attr(0755,root,root) %{openssldir}/misc
126%dir %attr(0750,root,root) %{openssldir}/private 125%dir %attr(0750,root,root) %{openssldir}/private
127 126
@@ -146,6 +145,8 @@ ldconfig
146ldconfig 145ldconfig
147 146
148%changelog 147%changelog
148* Sun Jun 6 2005 Richard Levitte <richard@levitte.org>
149- Remove the incorrect installation of '%{openssldir}/lib'.
149* Wed May 7 2003 Richard Levitte <richard@levitte.org> 150* Wed May 7 2003 Richard Levitte <richard@levitte.org>
150- Add /usr/lib/pkgconfig/openssl.pc to the development section. 151- Add /usr/lib/pkgconfig/openssl.pc to the development section.
151* Thu Mar 22 2001 Richard Levitte <richard@levitte.org> 152* Thu Mar 22 2001 Richard Levitte <richard@levitte.org>
diff --git a/src/lib/libssl/src/ssl/Makefile b/src/lib/libssl/src/ssl/Makefile
index baf191b909..14a89e77b2 100644
--- a/src/lib/libssl/src/ssl/Makefile
+++ b/src/lib/libssl/src/ssl/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/ssl/Makefile 2# OpenSSL/ssl/Makefile
3# 3#
4 4
5DIR= ssl 5DIR= ssl
diff --git a/src/lib/libssl/src/ssl/kssl.c b/src/lib/libssl/src/ssl/kssl.c
index 3afa95f3fa..9a41769e75 100644
--- a/src/lib/libssl/src/ssl/kssl.c
+++ b/src/lib/libssl/src/ssl/kssl.c
@@ -68,9 +68,11 @@
68 68
69#include <openssl/opensslconf.h> 69#include <openssl/opensslconf.h>
70 70
71#define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */ 71#define _XOPEN_SOURCE 500 /* glibc2 needs this to declare strptime() */
72#include <time.h> 72#include <time.h>
73#if 0 /* Experimental */
73#undef _XOPEN_SOURCE /* To avoid clashes with anything else... */ 74#undef _XOPEN_SOURCE /* To avoid clashes with anything else... */
75#endif
74#include <string.h> 76#include <string.h>
75 77
76#define KRB5_PRIVATE 1 78#define KRB5_PRIVATE 1
@@ -295,7 +297,7 @@ load_krb5_dll(void)
295 HANDLE hKRB5_32; 297 HANDLE hKRB5_32;
296 298
297 krb5_loaded++; 299 krb5_loaded++;
298 hKRB5_32 = LoadLibrary("KRB5_32"); 300 hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
299 if (!hKRB5_32) 301 if (!hKRB5_32)
300 return; 302 return;
301 303
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 779e94a35c..86356731ea 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -106,7 +106,7 @@ SSL_METHOD *SSLv23_client_method(void)
106int ssl23_connect(SSL *s) 106int ssl23_connect(SSL *s)
107 { 107 {
108 BUF_MEM *buf=NULL; 108 BUF_MEM *buf=NULL;
109 unsigned long Time=time(NULL); 109 unsigned long Time=(unsigned long)time(NULL);
110 void (*cb)(const SSL *ssl,int type,int val)=NULL; 110 void (*cb)(const SSL *ssl,int type,int val)=NULL;
111 int ret= -1; 111 int ret= -1;
112 int new_state,state; 112 int new_state,state;
@@ -220,9 +220,28 @@ static int ssl23_client_hello(SSL *s)
220 { 220 {
221 unsigned char *buf; 221 unsigned char *buf;
222 unsigned char *p,*d; 222 unsigned char *p,*d;
223 int i,ch_len; 223 int i,j,ch_len;
224 unsigned long Time,l;
225 int ssl2_compat;
226 int version = 0, version_major, version_minor;
227 SSL_COMP *comp;
224 int ret; 228 int ret;
225 229
230 ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
231
232 if (!(s->options & SSL_OP_NO_TLSv1))
233 {
234 version = TLS1_VERSION;
235 }
236 else if (!(s->options & SSL_OP_NO_SSLv3))
237 {
238 version = SSL3_VERSION;
239 }
240 else if (!(s->options & SSL_OP_NO_SSLv2))
241 {
242 version = SSL2_VERSION;
243 }
244
226 buf=(unsigned char *)s->init_buf->data; 245 buf=(unsigned char *)s->init_buf->data;
227 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) 246 if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
228 { 247 {
@@ -235,19 +254,15 @@ static int ssl23_client_hello(SSL *s)
235#endif 254#endif
236 255
237 p=s->s3->client_random; 256 p=s->s3->client_random;
238 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0) 257 Time=(unsigned long)time(NULL); /* Time */
239 return -1; 258 l2n(Time,p);
240 259 if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
241 /* Do the message type and length last */ 260 return -1;
242 d= &(buf[2]);
243 p=d+9;
244 261
245 *(d++)=SSL2_MT_CLIENT_HELLO; 262 if (version == TLS1_VERSION)
246 if (!(s->options & SSL_OP_NO_TLSv1))
247 { 263 {
248 *(d++)=TLS1_VERSION_MAJOR; 264 version_major = TLS1_VERSION_MAJOR;
249 *(d++)=TLS1_VERSION_MINOR; 265 version_minor = TLS1_VERSION_MINOR;
250 s->client_version=TLS1_VERSION;
251 } 266 }
252#ifdef OPENSSL_FIPS 267#ifdef OPENSSL_FIPS
253 else if(FIPS_mode()) 268 else if(FIPS_mode())
@@ -257,17 +272,15 @@ static int ssl23_client_hello(SSL *s)
257 return -1; 272 return -1;
258 } 273 }
259#endif 274#endif
260 else if (!(s->options & SSL_OP_NO_SSLv3)) 275 else if (version == SSL3_VERSION)
261 { 276 {
262 *(d++)=SSL3_VERSION_MAJOR; 277 version_major = SSL3_VERSION_MAJOR;
263 *(d++)=SSL3_VERSION_MINOR; 278 version_minor = SSL3_VERSION_MINOR;
264 s->client_version=SSL3_VERSION;
265 } 279 }
266 else if (!(s->options & SSL_OP_NO_SSLv2)) 280 else if (version == SSL2_VERSION)
267 { 281 {
268 *(d++)=SSL2_VERSION_MAJOR; 282 version_major = SSL2_VERSION_MAJOR;
269 *(d++)=SSL2_VERSION_MINOR; 283 version_minor = SSL2_VERSION_MINOR;
270 s->client_version=SSL2_VERSION;
271 } 284 }
272 else 285 else
273 { 286 {
@@ -275,59 +288,153 @@ static int ssl23_client_hello(SSL *s)
275 return(-1); 288 return(-1);
276 } 289 }
277 290
278 /* Ciphers supported */ 291 s->client_version = version;
279 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p); 292
280 if (i == 0) 293 if (ssl2_compat)
281 { 294 {
282 /* no ciphers */ 295 /* create SSL 2.0 compatible Client Hello */
283 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); 296
284 return(-1); 297 /* two byte record header will be written last */
285 } 298 d = &(buf[2]);
286 s2n(i,d); 299 p = d + 9; /* leave space for message type, version, individual length fields */
287 p+=i;
288 300
289 /* put in the session-id, zero since there is no 301 *(d++) = SSL2_MT_CLIENT_HELLO;
290 * reuse. */ 302 *(d++) = version_major;
303 *(d++) = version_minor;
304
305 /* Ciphers supported */
306 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0);
307 if (i == 0)
308 {
309 /* no ciphers */
310 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
311 return -1;
312 }
313 s2n(i,d);
314 p+=i;
315
316 /* put in the session-id length (zero since there is no reuse) */
291#if 0 317#if 0
292 s->session->session_id_length=0; 318 s->session->session_id_length=0;
293#endif 319#endif
294 s2n(0,d); 320 s2n(0,d);
295 321
296 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) 322 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
297 ch_len=SSL2_CHALLENGE_LENGTH; 323 ch_len=SSL2_CHALLENGE_LENGTH;
324 else
325 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
326
327 /* write out sslv2 challenge */
328 if (SSL3_RANDOM_SIZE < ch_len)
329 i=SSL3_RANDOM_SIZE;
330 else
331 i=ch_len;
332 s2n(i,d);
333 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
334 if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
335 return -1;
336
337 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
338 p+=i;
339
340 i= p- &(buf[2]);
341 buf[0]=((i>>8)&0xff)|0x80;
342 buf[1]=(i&0xff);
343
344 /* number of bytes to write */
345 s->init_num=i+2;
346 s->init_off=0;
347
348 ssl3_finish_mac(s,&(buf[2]),i);
349 }
298 else 350 else
299 ch_len=SSL2_MAX_CHALLENGE_LENGTH; 351 {
352 /* create Client Hello in SSL 3.0/TLS 1.0 format */
300 353
301 /* write out sslv2 challenge */ 354 /* do the record header (5 bytes) and handshake message header (4 bytes) last */
302 if (SSL3_RANDOM_SIZE < ch_len) 355 d = p = &(buf[9]);
303 i=SSL3_RANDOM_SIZE; 356
304 else 357 *(p++) = version_major;
305 i=ch_len; 358 *(p++) = version_minor;
306 s2n(i,d); 359
307 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); 360 /* Random stuff */
308 if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0) 361 memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
309 return -1; 362 p += SSL3_RANDOM_SIZE;
363
364 /* Session ID (zero since there is no reuse) */
365 *(p++) = 0;
366
367 /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
368 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
369 if (i == 0)
370 {
371 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
372 return -1;
373 }
374 s2n(i,p);
375 p+=i;
376
377 /* COMPRESSION */
378 if (s->ctx->comp_methods == NULL)
379 j=0;
380 else
381 j=sk_SSL_COMP_num(s->ctx->comp_methods);
382 *(p++)=1+j;
383 for (i=0; i<j; i++)
384 {
385 comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
386 *(p++)=comp->id;
387 }
388 *(p++)=0; /* Add the NULL method */
389
390 l = p-d;
391 *p = 42;
310 392
311 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 393 /* fill in 4-byte handshake header */
312 p+=i; 394 d=&(buf[5]);
395 *(d++)=SSL3_MT_CLIENT_HELLO;
396 l2n3(l,d);
313 397
314 i= p- &(buf[2]); 398 l += 4;
315 buf[0]=((i>>8)&0xff)|0x80; 399
316 buf[1]=(i&0xff); 400 if (l > SSL3_RT_MAX_PLAIN_LENGTH)
401 {
402 SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
403 return -1;
404 }
405
406 /* fill in 5-byte record header */
407 d=buf;
408 *(d++) = SSL3_RT_HANDSHAKE;
409 *(d++) = version_major;
410 *(d++) = version_minor; /* arguably we should send the *lowest* suported version here
411 * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
412 s2n((int)l,d);
413
414 /* number of bytes to write */
415 s->init_num=p-buf;
416 s->init_off=0;
417
418 ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
419 }
317 420
318 s->state=SSL23_ST_CW_CLNT_HELLO_B; 421 s->state=SSL23_ST_CW_CLNT_HELLO_B;
319 /* number of bytes to write */
320 s->init_num=i+2;
321 s->init_off=0; 422 s->init_off=0;
322
323 ssl3_finish_mac(s,&(buf[2]),i);
324 } 423 }
325 424
326 /* SSL3_ST_CW_CLNT_HELLO_B */ 425 /* SSL3_ST_CW_CLNT_HELLO_B */
327 ret = ssl23_write_bytes(s); 426 ret = ssl23_write_bytes(s);
328 if (ret >= 2) 427
329 if (s->msg_callback) 428 if ((ret >= 2) && s->msg_callback)
330 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ 429 {
430 /* Client Hello has been sent; tell msg_callback */
431
432 if (ssl2_compat)
433 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
434 else
435 s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
436 }
437
331 return ret; 438 return ret;
332 } 439 }
333 440
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 92f3391f60..b73abc448f 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -158,7 +158,7 @@ SSL_METHOD *SSLv23_server_method(void)
158int ssl23_accept(SSL *s) 158int ssl23_accept(SSL *s)
159 { 159 {
160 BUF_MEM *buf; 160 BUF_MEM *buf;
161 unsigned long Time=time(NULL); 161 unsigned long Time=(unsigned long)time(NULL);
162 void (*cb)(const SSL *ssl,int type,int val)=NULL; 162 void (*cb)(const SSL *ssl,int type,int val)=NULL;
163 int ret= -1; 163 int ret= -1;
164 int new_state,state; 164 int new_state,state;
@@ -268,9 +268,6 @@ int ssl23_get_client_hello(SSL *s)
268 int n=0,j; 268 int n=0,j;
269 int type=0; 269 int type=0;
270 int v[2]; 270 int v[2];
271#ifndef OPENSSL_NO_RSA
272 int use_sslv2_strong=0;
273#endif
274 271
275 if (s->state == SSL23_ST_SR_CLNT_HELLO_A) 272 if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
276 { 273 {
@@ -528,9 +525,7 @@ int ssl23_get_client_hello(SSL *s)
528 } 525 }
529 526
530 s->state=SSL2_ST_GET_CLIENT_HELLO_A; 527 s->state=SSL2_ST_GET_CLIENT_HELLO_A;
531 if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || 528 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
532 use_sslv2_strong ||
533 (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
534 s->s2->ssl2_rollback=0; 529 s->s2->ssl2_rollback=0;
535 else 530 else
536 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 531 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
index c67829f495..eba04c715b 100644
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -162,7 +162,7 @@ SSL_METHOD *SSLv2_client_method(void)
162 162
163int ssl2_connect(SSL *s) 163int ssl2_connect(SSL *s)
164 { 164 {
165 unsigned long l=time(NULL); 165 unsigned long l=(unsigned long)time(NULL);
166 BUF_MEM *buf=NULL; 166 BUF_MEM *buf=NULL;
167 int ret= -1; 167 int ret= -1;
168 void (*cb)(const SSL *ssl,int type,int val)=NULL; 168 void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -584,7 +584,7 @@ static int client_hello(SSL *s)
584 s2n(SSL2_VERSION,p); /* version */ 584 s2n(SSL2_VERSION,p); /* version */
585 n=j=0; 585 n=j=0;
586 586
587 n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d); 587 n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0);
588 d+=n; 588 d+=n;
589 589
590 if (n == 0) 590 if (n == 0)
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
index 853871f28c..7a4992b7aa 100644
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -162,7 +162,7 @@ SSL_METHOD *SSLv2_server_method(void)
162 162
163int ssl2_accept(SSL *s) 163int ssl2_accept(SSL *s)
164 { 164 {
165 unsigned long l=time(NULL); 165 unsigned long l=(unsigned long)time(NULL);
166 BUF_MEM *buf=NULL; 166 BUF_MEM *buf=NULL;
167 int ret= -1; 167 int ret= -1;
168 long num1; 168 long num1;
@@ -797,7 +797,7 @@ static int server_hello(SSL *s)
797 /* lets send out the ciphers we like in the 797 /* lets send out the ciphers we like in the
798 * prefered order */ 798 * prefered order */
799 sk= s->session->ciphers; 799 sk= s->session->ciphers;
800 n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d); 800 n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
801 d+=n; 801 d+=n;
802 s2n(n,p); /* add cipher length */ 802 s2n(n,p); /* add cipher length */
803 } 803 }
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 0969476b25..05194fdb31 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -165,7 +165,7 @@ SSL_METHOD *SSLv3_client_method(void)
165int ssl3_connect(SSL *s) 165int ssl3_connect(SSL *s)
166 { 166 {
167 BUF_MEM *buf=NULL; 167 BUF_MEM *buf=NULL;
168 unsigned long Time=time(NULL),l; 168 unsigned long Time=(unsigned long)time(NULL),l;
169 long num1; 169 long num1;
170 void (*cb)(const SSL *ssl,int type,int val)=NULL; 170 void (*cb)(const SSL *ssl,int type,int val)=NULL;
171 int ret= -1; 171 int ret= -1;
@@ -533,7 +533,7 @@ static int ssl3_client_hello(SSL *s)
533 /* else use the pre-loaded session */ 533 /* else use the pre-loaded session */
534 534
535 p=s->s3->client_random; 535 p=s->s3->client_random;
536 Time=time(NULL); /* Time */ 536 Time=(unsigned long)time(NULL); /* Time */
537 l2n(Time,p); 537 l2n(Time,p);
538 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) 538 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
539 goto err; 539 goto err;
@@ -567,7 +567,7 @@ static int ssl3_client_hello(SSL *s)
567 } 567 }
568 568
569 /* Ciphers supported */ 569 /* Ciphers supported */
570 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2])); 570 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),0);
571 if (i == 0) 571 if (i == 0)
572 { 572 {
573 SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); 573 SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 9bf1dbec06..a77588e725 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -835,7 +835,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
835 TLS1_TXT_RSA_WITH_AES_128_SHA, 835 TLS1_TXT_RSA_WITH_AES_128_SHA,
836 TLS1_CK_RSA_WITH_AES_128_SHA, 836 TLS1_CK_RSA_WITH_AES_128_SHA,
837 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, 837 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
838 SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS, 838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
839 0, 839 0,
840 128, 840 128,
841 128, 841 128,
@@ -848,7 +848,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
848 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 848 TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
849 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 849 TLS1_CK_DH_DSS_WITH_AES_128_SHA,
850 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, 850 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
851 SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS, 851 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
852 0, 852 0,
853 128, 853 128,
854 128, 854 128,
@@ -861,7 +861,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
861 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 861 TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
862 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 862 TLS1_CK_DH_RSA_WITH_AES_128_SHA,
863 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, 863 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
864 SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS, 864 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
865 0, 865 0,
866 128, 866 128,
867 128, 867 128,
@@ -874,7 +874,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
874 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 874 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
875 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 875 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
876 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, 876 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
877 SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS, 877 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
878 0, 878 0,
879 128, 879 128,
880 128, 880 128,
@@ -887,7 +887,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
887 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 887 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
888 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 888 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
889 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, 889 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
890 SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS, 890 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
891 0, 891 0,
892 128, 892 128,
893 128, 893 128,
@@ -900,7 +900,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
900 TLS1_TXT_ADH_WITH_AES_128_SHA, 900 TLS1_TXT_ADH_WITH_AES_128_SHA,
901 TLS1_CK_ADH_WITH_AES_128_SHA, 901 TLS1_CK_ADH_WITH_AES_128_SHA,
902 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, 902 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
903 SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS, 903 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
904 0, 904 0,
905 128, 905 128,
906 128, 906 128,
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index c4a1a71523..36fc39d7f8 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -173,7 +173,7 @@ SSL_METHOD *SSLv3_server_method(void)
173int ssl3_accept(SSL *s) 173int ssl3_accept(SSL *s)
174 { 174 {
175 BUF_MEM *buf; 175 BUF_MEM *buf;
176 unsigned long l,Time=time(NULL); 176 unsigned long l,Time=(unsigned long)time(NULL);
177 void (*cb)(const SSL *ssl,int type,int val)=NULL; 177 void (*cb)(const SSL *ssl,int type,int val)=NULL;
178 long num1; 178 long num1;
179 int ret= -1; 179 int ret= -1;
@@ -954,7 +954,7 @@ static int ssl3_send_server_hello(SSL *s)
954 { 954 {
955 buf=(unsigned char *)s->init_buf->data; 955 buf=(unsigned char *)s->init_buf->data;
956 p=s->s3->server_random; 956 p=s->s3->server_random;
957 Time=time(NULL); /* Time */ 957 Time=(unsigned long)time(NULL); /* Time */
958 l2n(Time,p); 958 l2n(Time,p);
959 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) 959 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
960 return -1; 960 return -1;
diff --git a/src/lib/libssl/src/ssl/ssl-lib.com b/src/lib/libssl/src/ssl/ssl-lib.com
index 163ade9f7a..f0665c6b86 100644
--- a/src/lib/libssl/src/ssl/ssl-lib.com
+++ b/src/lib/libssl/src/ssl/ssl-lib.com
@@ -749,7 +749,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4'"
749$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS 749$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
750$ CCEXTRAFLAGS = "" 750$ CCEXTRAFLAGS = ""
751$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS 751$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
752$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" 752$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
753$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - 753$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
754 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS 754 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
755$! 755$!
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 3161f532cf..99e188086b 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -467,7 +467,7 @@ typedef struct ssl_session_st
467#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L 467#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
468#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L 468#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
469#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L 469#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
470#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L 470#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */
471#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L 471#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
472#define SSL_OP_TLS_D5_BUG 0x00000100L 472#define SSL_OP_TLS_D5_BUG 0x00000100L
473#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L 473#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
@@ -1567,6 +1567,7 @@ void ERR_load_SSL_strings(void);
1567#define SSL_F_SSL_CTRL 232 1567#define SSL_F_SSL_CTRL 232
1568#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 1568#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1569#define SSL_F_SSL_CTX_NEW 169 1569#define SSL_F_SSL_CTX_NEW 169
1570#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
1570#define SSL_F_SSL_CTX_SET_PURPOSE 226 1571#define SSL_F_SSL_CTX_SET_PURPOSE 226
1571#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 1572#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
1572#define SSL_F_SSL_CTX_SET_SSL_VERSION 170 1573#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
@@ -1596,6 +1597,7 @@ void ERR_load_SSL_strings(void);
1596#define SSL_F_SSL_SESSION_PRINT_FP 190 1597#define SSL_F_SSL_SESSION_PRINT_FP 190
1597#define SSL_F_SSL_SESS_CERT_NEW 225 1598#define SSL_F_SSL_SESS_CERT_NEW 225
1598#define SSL_F_SSL_SET_CERT 191 1599#define SSL_F_SSL_SET_CERT 191
1600#define SSL_F_SSL_SET_CIPHER_LIST 271
1599#define SSL_F_SSL_SET_FD 192 1601#define SSL_F_SSL_SET_FD 192
1600#define SSL_F_SSL_SET_PKEY 193 1602#define SSL_F_SSL_SET_PKEY 193
1601#define SSL_F_SSL_SET_PURPOSE 227 1603#define SSL_F_SSL_SET_PURPOSE 227
@@ -1674,40 +1676,39 @@ void ERR_load_SSL_strings(void);
1674#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 1676#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
1675#define SSL_R_DATA_LENGTH_TOO_LONG 146 1677#define SSL_R_DATA_LENGTH_TOO_LONG 146
1676#define SSL_R_DECRYPTION_FAILED 147 1678#define SSL_R_DECRYPTION_FAILED 147
1677#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 1109 1679#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
1678#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 1680#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
1679#define SSL_R_DIGEST_CHECK_FAILED 149 1681#define SSL_R_DIGEST_CHECK_FAILED 149
1680#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 1682#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
1681#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092 1683#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
1682#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 1684#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
1683#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 1685#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
1684#define SSL_R_EXTRA_DATA_IN_MESSAGE 153 1686#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
1685#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 1687#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
1686#define SSL_R_HTTPS_PROXY_REQUEST 155 1688#define SSL_R_HTTPS_PROXY_REQUEST 155
1687#define SSL_R_HTTP_REQUEST 156 1689#define SSL_R_HTTP_REQUEST 156
1688#define SSL_R_ILLEGAL_PADDING 1110 1690#define SSL_R_ILLEGAL_PADDING 283
1689#define SSL_R_INVALID_CHALLENGE_LENGTH 158 1691#define SSL_R_INVALID_CHALLENGE_LENGTH 158
1690#define SSL_R_INVALID_COMMAND 280 1692#define SSL_R_INVALID_COMMAND 280
1691#define SSL_R_INVALID_PURPOSE 278 1693#define SSL_R_INVALID_PURPOSE 278
1692#define SSL_R_INVALID_TRUST 279 1694#define SSL_R_INVALID_TRUST 279
1693#define SSL_R_KEY_ARG_TOO_LONG 1112 1695#define SSL_R_KEY_ARG_TOO_LONG 284
1694#define SSL_R_KRB5 1104 1696#define SSL_R_KRB5 285
1695#define SSL_R_KRB5_C_CC_PRINC 1094 1697#define SSL_R_KRB5_C_CC_PRINC 286
1696#define SSL_R_KRB5_C_GET_CRED 1095 1698#define SSL_R_KRB5_C_GET_CRED 287
1697#define SSL_R_KRB5_C_INIT 1096 1699#define SSL_R_KRB5_C_INIT 288
1698#define SSL_R_KRB5_C_MK_REQ 1097 1700#define SSL_R_KRB5_C_MK_REQ 289
1699#define SSL_R_KRB5_S_BAD_TICKET 1098 1701#define SSL_R_KRB5_S_BAD_TICKET 290
1700#define SSL_R_KRB5_S_INIT 1099 1702#define SSL_R_KRB5_S_INIT 291
1701#define SSL_R_KRB5_S_RD_REQ 1108 1703#define SSL_R_KRB5_S_RD_REQ 292
1702#define SSL_R_KRB5_S_TKT_EXPIRED 1105 1704#define SSL_R_KRB5_S_TKT_EXPIRED 293
1703#define SSL_R_KRB5_S_TKT_NYV 1106 1705#define SSL_R_KRB5_S_TKT_NYV 294
1704#define SSL_R_KRB5_S_TKT_SKEW 1107 1706#define SSL_R_KRB5_S_TKT_SKEW 295
1705#define SSL_R_LENGTH_MISMATCH 159 1707#define SSL_R_LENGTH_MISMATCH 159
1706#define SSL_R_LENGTH_TOO_SHORT 160 1708#define SSL_R_LENGTH_TOO_SHORT 160
1707#define SSL_R_LIBRARY_BUG 274 1709#define SSL_R_LIBRARY_BUG 274
1708#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 1710#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
1709#define SSL_R_MASTER_KEY_TOO_LONG 1112 1711#define SSL_R_MESSAGE_TOO_LONG 296
1710#define SSL_R_MESSAGE_TOO_LONG 1111
1711#define SSL_R_MISSING_DH_DSA_CERT 162 1712#define SSL_R_MISSING_DH_DSA_CERT 162
1712#define SSL_R_MISSING_DH_KEY 163 1713#define SSL_R_MISSING_DH_KEY 163
1713#define SSL_R_MISSING_DH_RSA_CERT 164 1714#define SSL_R_MISSING_DH_RSA_CERT 164
@@ -1744,7 +1745,7 @@ void ERR_load_SSL_strings(void);
1744#define SSL_R_NULL_SSL_CTX 195 1745#define SSL_R_NULL_SSL_CTX 195
1745#define SSL_R_NULL_SSL_METHOD_PASSED 196 1746#define SSL_R_NULL_SSL_METHOD_PASSED 196
1746#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 1747#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
1747#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 1115 1748#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
1748#define SSL_R_PACKET_LENGTH_TOO_LONG 198 1749#define SSL_R_PACKET_LENGTH_TOO_LONG 198
1749#define SSL_R_PATH_TOO_LONG 270 1750#define SSL_R_PATH_TOO_LONG 270
1750#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 1751#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
@@ -1763,7 +1764,7 @@ void ERR_load_SSL_strings(void);
1763#define SSL_R_READ_WRONG_PACKET_TYPE 212 1764#define SSL_R_READ_WRONG_PACKET_TYPE 212
1764#define SSL_R_RECORD_LENGTH_MISMATCH 213 1765#define SSL_R_RECORD_LENGTH_MISMATCH 213
1765#define SSL_R_RECORD_TOO_LARGE 214 1766#define SSL_R_RECORD_TOO_LARGE 214
1766#define SSL_R_RECORD_TOO_SMALL 1093 1767#define SSL_R_RECORD_TOO_SMALL 298
1767#define SSL_R_REQUIRED_CIPHER_MISSING 215 1768#define SSL_R_REQUIRED_CIPHER_MISSING 215
1768#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 1769#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
1769#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 1770#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
@@ -1772,8 +1773,8 @@ void ERR_load_SSL_strings(void);
1772#define SSL_R_SHORT_READ 219 1773#define SSL_R_SHORT_READ 219
1773#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 1774#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
1774#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 1775#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
1775#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 1114 1776#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
1776#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 1777#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
1777#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 1778#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
1778#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 1779#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
1779#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 1780#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
@@ -1784,20 +1785,15 @@ void ERR_load_SSL_strings(void);
1784#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 1785#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
1785#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 1786#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
1786#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 1787#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
1787#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223
1788#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224
1789#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225
1790#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
1791#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 1788#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
1792#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227
1793#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 1789#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
1794#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228 1790#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
1795#define SSL_R_SSL_HANDSHAKE_FAILURE 229 1791#define SSL_R_SSL_HANDSHAKE_FAILURE 229
1796#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230 1792#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
1797#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 1102 1793#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
1798#define SSL_R_SSL_SESSION_ID_CONFLICT 1103 1794#define SSL_R_SSL_SESSION_ID_CONFLICT 302
1799#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 1795#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
1800#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 1101 1796#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
1801#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 1797#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
1802#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 1798#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
1803#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 1799#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
@@ -1838,7 +1834,6 @@ void ERR_load_SSL_strings(void);
1838#define SSL_R_UNKNOWN_STATE 255 1834#define SSL_R_UNKNOWN_STATE 255
1839#define SSL_R_UNSUPPORTED_CIPHER 256 1835#define SSL_R_UNSUPPORTED_CIPHER 256
1840#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 1836#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
1841#define SSL_R_UNSUPPORTED_OPTION 1091
1842#define SSL_R_UNSUPPORTED_PROTOCOL 258 1837#define SSL_R_UNSUPPORTED_PROTOCOL 258
1843#define SSL_R_UNSUPPORTED_SSL_VERSION 259 1838#define SSL_R_UNSUPPORTED_SSL_VERSION 259
1844#define SSL_R_WRITE_BIO_NOT_SET 260 1839#define SSL_R_WRITE_BIO_NOT_SET 260
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c
index 4d5900ad2f..fc5fcce108 100644
--- a/src/lib/libssl/src/ssl/ssl_asn1.c
+++ b/src/lib/libssl/src/ssl/ssl_asn1.c
@@ -344,7 +344,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char * const *pp,
344 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; 344 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
345 } 345 }
346 else 346 else
347 ret->time=time(NULL); 347 ret->time=(unsigned long)time(NULL);
348 348
349 ai.length=0; 349 ai.length=0;
350 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2); 350 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c
index b8b9bc2390..b779e6bb4d 100644
--- a/src/lib/libssl/src/ssl/ssl_cert.c
+++ b/src/lib/libssl/src/ssl/ssl_cert.c
@@ -616,14 +616,13 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
616 BIO *in; 616 BIO *in;
617 X509 *x=NULL; 617 X509 *x=NULL;
618 X509_NAME *xn=NULL; 618 X509_NAME *xn=NULL;
619 STACK_OF(X509_NAME) *ret,*sk; 619 STACK_OF(X509_NAME) *ret = NULL,*sk;
620 620
621 ret=sk_X509_NAME_new_null();
622 sk=sk_X509_NAME_new(xname_cmp); 621 sk=sk_X509_NAME_new(xname_cmp);
623 622
624 in=BIO_new(BIO_s_file_internal()); 623 in=BIO_new(BIO_s_file_internal());
625 624
626 if ((ret == NULL) || (sk == NULL) || (in == NULL)) 625 if ((sk == NULL) || (in == NULL))
627 { 626 {
628 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE); 627 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
629 goto err; 628 goto err;
@@ -636,6 +635,15 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
636 { 635 {
637 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL) 636 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
638 break; 637 break;
638 if (ret == NULL)
639 {
640 ret = sk_X509_NAME_new_null();
641 if (ret == NULL)
642 {
643 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
644 goto err;
645 }
646 }
639 if ((xn=X509_get_subject_name(x)) == NULL) goto err; 647 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
640 /* check for duplicates */ 648 /* check for duplicates */
641 xn=X509_NAME_dup(xn); 649 xn=X509_NAME_dup(xn);
@@ -658,6 +666,8 @@ err:
658 if (sk != NULL) sk_X509_NAME_free(sk); 666 if (sk != NULL) sk_X509_NAME_free(sk);
659 if (in != NULL) BIO_free(in); 667 if (in != NULL) BIO_free(in);
660 if (x != NULL) X509_free(x); 668 if (x != NULL) X509_free(x);
669 if (ret != NULL)
670 ERR_clear_error();
661 return(ret); 671 return(ret);
662 } 672 }
663#endif 673#endif
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c
index b68ed81e52..3df5e2fa80 100644
--- a/src/lib/libssl/src/ssl/ssl_ciph.c
+++ b/src/lib/libssl/src/ssl/ssl_ciph.c
@@ -700,9 +700,18 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
700 if (!found) 700 if (!found)
701 break; /* ignore this entry */ 701 break; /* ignore this entry */
702 702
703 algorithms |= ca_list[j]->algorithms; 703 /* New algorithms:
704 * 1 - any old restrictions apply outside new mask
705 * 2 - any new restrictions apply outside old mask
706 * 3 - enforce old & new where masks intersect
707 */
708 algorithms = (algorithms & ~ca_list[j]->mask) | /* 1 */
709 (ca_list[j]->algorithms & ~mask) | /* 2 */
710 (algorithms & ca_list[j]->algorithms); /* 3 */
704 mask |= ca_list[j]->mask; 711 mask |= ca_list[j]->mask;
705 algo_strength |= ca_list[j]->algo_strength; 712 algo_strength = (algo_strength & ~ca_list[j]->mask_strength) |
713 (ca_list[j]->algo_strength & ~mask_strength) |
714 (algo_strength & ca_list[j]->algo_strength);
706 mask_strength |= ca_list[j]->mask_strength; 715 mask_strength |= ca_list[j]->mask_strength;
707 716
708 if (!multi) break; 717 if (!multi) break;
@@ -756,7 +765,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
756 { 765 {
757 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; 766 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
758 unsigned long disabled_mask; 767 unsigned long disabled_mask;
759 STACK_OF(SSL_CIPHER) *cipherstack; 768 STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
760 const char *rule_p; 769 const char *rule_p;
761 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; 770 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
762 SSL_CIPHER **ca_list = NULL; 771 SSL_CIPHER **ca_list = NULL;
@@ -764,7 +773,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
764 /* 773 /*
765 * Return with error if nothing to do. 774 * Return with error if nothing to do.
766 */ 775 */
767 if (rule_str == NULL) return(NULL); 776 if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
777 return NULL;
768 778
769 if (init_ciphers) 779 if (init_ciphers)
770 { 780 {
@@ -875,46 +885,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
875 } 885 }
876 OPENSSL_free(co_list); /* Not needed any longer */ 886 OPENSSL_free(co_list); /* Not needed any longer */
877 887
878 /* 888 tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
879 * The following passage is a little bit odd. If pointer variables 889 if (tmp_cipher_list == NULL)
880 * were supplied to hold STACK_OF(SSL_CIPHER) return information,
881 * the old memory pointed to is free()ed. Then, however, the
882 * cipher_list entry will be assigned just a copy of the returned
883 * cipher stack. For cipher_list_by_id a copy of the cipher stack
884 * will be created. See next comment...
885 */
886 if (cipher_list != NULL)
887 {
888 if (*cipher_list != NULL)
889 sk_SSL_CIPHER_free(*cipher_list);
890 *cipher_list = cipherstack;
891 }
892
893 if (cipher_list_by_id != NULL)
894 {
895 if (*cipher_list_by_id != NULL)
896 sk_SSL_CIPHER_free(*cipher_list_by_id);
897 *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
898 }
899
900 /*
901 * Now it is getting really strange. If something failed during
902 * the previous pointer assignment or if one of the pointers was
903 * not requested, the error condition is met. That might be
904 * discussable. The strange thing is however that in this case
905 * the memory "ret" pointed to is "free()ed" and hence the pointer
906 * cipher_list becomes wild. The memory reserved for
907 * cipher_list_by_id however is not "free()ed" and stays intact.
908 */
909 if ( (cipher_list_by_id == NULL) ||
910 (*cipher_list_by_id == NULL) ||
911 (cipher_list == NULL) ||
912 (*cipher_list == NULL))
913 { 890 {
914 sk_SSL_CIPHER_free(cipherstack); 891 sk_SSL_CIPHER_free(cipherstack);
915 return(NULL); 892 return NULL;
916 } 893 }
917 894 if (*cipher_list != NULL)
895 sk_SSL_CIPHER_free(*cipher_list);
896 *cipher_list = cipherstack;
897 if (*cipher_list_by_id != NULL)
898 sk_SSL_CIPHER_free(*cipher_list_by_id);
899 *cipher_list_by_id = tmp_cipher_list;
918 sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); 900 sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
919 901
920 return(cipherstack); 902 return(cipherstack);
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c
index 29b8ff4788..4bcf591298 100644
--- a/src/lib/libssl/src/ssl/ssl_err.c
+++ b/src/lib/libssl/src/ssl/ssl_err.c
@@ -64,384 +64,383 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
70
67static ERR_STRING_DATA SSL_str_functs[]= 71static ERR_STRING_DATA SSL_str_functs[]=
68 { 72 {
69{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"}, 73{ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
70{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0), "CLIENT_FINISHED"}, 74{ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
71{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"}, 75{ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
72{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"}, 76{ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
73{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"}, 77{ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
74{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"}, 78{ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
75{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"}, 79{ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
76{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"}, 80{ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
77{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"}, 81{ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
78{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"}, 82{ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
79{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"}, 83{ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
80{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"}, 84{ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
81{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"}, 85{ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
82{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"}, 86{ERR_FUNC(SSL_F_READ_N), "READ_N"},
83{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"}, 87{ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
84{ERR_PACK(0,SSL_F_SERVER_FINISH,0), "SERVER_FINISH"}, 88{ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
85{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"}, 89{ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
86{ERR_PACK(0,SSL_F_SERVER_VERIFY,0), "SERVER_VERIFY"}, 90{ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
87{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"}, 91{ERR_FUNC(SSL_F_SSL23_ACCEPT), "SSL23_ACCEPT"},
88{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"}, 92{ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
89{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"}, 93{ERR_FUNC(SSL_F_SSL23_CONNECT), "SSL23_CONNECT"},
90{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"}, 94{ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
91{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"}, 95{ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
92{ERR_PACK(0,SSL_F_SSL23_PEEK,0), "SSL23_PEEK"}, 96{ERR_FUNC(SSL_F_SSL23_PEEK), "SSL23_PEEK"},
93{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"}, 97{ERR_FUNC(SSL_F_SSL23_READ), "SSL23_READ"},
94{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"}, 98{ERR_FUNC(SSL_F_SSL23_WRITE), "SSL23_WRITE"},
95{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"}, 99{ERR_FUNC(SSL_F_SSL2_ACCEPT), "SSL2_ACCEPT"},
96{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"}, 100{ERR_FUNC(SSL_F_SSL2_CONNECT), "SSL2_CONNECT"},
97{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"}, 101{ERR_FUNC(SSL_F_SSL2_ENC_INIT), "SSL2_ENC_INIT"},
98{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0), "SSL2_GENERATE_KEY_MATERIAL"}, 102{ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL), "SSL2_GENERATE_KEY_MATERIAL"},
99{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"}, 103{ERR_FUNC(SSL_F_SSL2_PEEK), "SSL2_PEEK"},
100{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"}, 104{ERR_FUNC(SSL_F_SSL2_READ), "SSL2_READ"},
101{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0), "SSL2_READ_INTERNAL"}, 105{ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
102{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"}, 106{ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "SSL2_SET_CERTIFICATE"},
103{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"}, 107{ERR_FUNC(SSL_F_SSL2_WRITE), "SSL2_WRITE"},
104{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"}, 108{ERR_FUNC(SSL_F_SSL3_ACCEPT), "SSL3_ACCEPT"},
105{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0), "SSL3_CALLBACK_CTRL"}, 109{ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "SSL3_CALLBACK_CTRL"},
106{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"}, 110{ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "SSL3_CHANGE_CIPHER_STATE"},
107{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"}, 111{ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM), "SSL3_CHECK_CERT_AND_ALGORITHM"},
108{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"}, 112{ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "SSL3_CLIENT_HELLO"},
109{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"}, 113{ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
110{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"}, 114{ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
111{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"}, 115{ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
112{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"}, 116{ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
113{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0), "SSL3_GENERATE_KEY_BLOCK"}, 117{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
114{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"}, 118{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"},
115{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"}, 119{ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "SSL3_GET_CERT_VERIFY"},
116{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"}, 120{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE), "SSL3_GET_CLIENT_CERTIFICATE"},
117{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"}, 121{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "SSL3_GET_CLIENT_HELLO"},
118{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"}, 122{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
119{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"}, 123{ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "SSL3_GET_FINISHED"},
120{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"}, 124{ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
121{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"}, 125{ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
122{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"}, 126{ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
123{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"}, 127{ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE), "SSL3_GET_SERVER_CERTIFICATE"},
124{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"}, 128{ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
125{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"}, 129{ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
126{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"}, 130{ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "SSL3_OUTPUT_CERT_CHAIN"},
127{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"}, 131{ERR_FUNC(SSL_F_SSL3_PEEK), "SSL3_PEEK"},
128{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"}, 132{ERR_FUNC(SSL_F_SSL3_READ_BYTES), "SSL3_READ_BYTES"},
129{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"}, 133{ERR_FUNC(SSL_F_SSL3_READ_N), "SSL3_READ_N"},
130{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"}, 134{ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST), "SSL3_SEND_CERTIFICATE_REQUEST"},
131{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"}, 135{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE), "SSL3_SEND_CLIENT_CERTIFICATE"},
132{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"}, 136{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
133{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"}, 137{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "SSL3_SEND_CLIENT_VERIFY"},
134{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"}, 138{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE), "SSL3_SEND_SERVER_CERTIFICATE"},
135{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0), "SSL3_SEND_SERVER_HELLO"}, 139{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "SSL3_SEND_SERVER_HELLO"},
136{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"}, 140{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
137{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"}, 141{ERR_FUNC(SSL_F_SSL3_SETUP_BUFFERS), "SSL3_SETUP_BUFFERS"},
138{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"}, 142{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
139{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"}, 143{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
140{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"}, 144{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
141{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0), "SSL_add_dir_cert_subjects_to_stack"}, 145{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK), "SSL_add_dir_cert_subjects_to_stack"},
142{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0), "SSL_add_file_cert_subjects_to_stack"}, 146{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK), "SSL_add_file_cert_subjects_to_stack"},
143{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"}, 147{ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
144{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"}, 148{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
145{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0), "SSL_CERT_DUP"}, 149{ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
146{ERR_PACK(0,SSL_F_SSL_CERT_INST,0), "SSL_CERT_INST"}, 150{ERR_FUNC(SSL_F_SSL_CERT_INST), "SSL_CERT_INST"},
147{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0), "SSL_CERT_INSTANTIATE"}, 151{ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
148{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"}, 152{ERR_FUNC(SSL_F_SSL_CERT_NEW), "SSL_CERT_NEW"},
149{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"}, 153{ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
150{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0), "SSL_CIPHER_PROCESS_RULESTR"}, 154{ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "SSL_CIPHER_PROCESS_RULESTR"},
151{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0), "SSL_CIPHER_STRENGTH_SORT"}, 155{ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
152{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"}, 156{ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
153{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0), "SSL_COMP_add_compression_method"}, 157{ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD), "SSL_COMP_add_compression_method"},
154{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"}, 158{ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
155{ERR_PACK(0,SSL_F_SSL_CTRL,0), "SSL_ctrl"}, 159{ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
156{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"}, 160{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
157{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"}, 161{ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
158{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0), "SSL_CTX_set_purpose"}, 162{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
159{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"}, 163{ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
160{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"}, 164{ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"},
161{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"}, 165{ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
162{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"}, 166{ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
163{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"}, 167{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
164{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0), "SSL_CTX_use_certificate_chain_file"}, 168{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1), "SSL_CTX_use_certificate_ASN1"},
165{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"}, 169{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE), "SSL_CTX_use_certificate_chain_file"},
166{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"}, 170{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE), "SSL_CTX_use_certificate_file"},
167{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"}, 171{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
168{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"}, 172{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1), "SSL_CTX_use_PrivateKey_ASN1"},
169{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"}, 173{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE), "SSL_CTX_use_PrivateKey_file"},
170{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"}, 174{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
171{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"}, 175{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1), "SSL_CTX_use_RSAPrivateKey_ASN1"},
172{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"}, 176{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE), "SSL_CTX_use_RSAPrivateKey_file"},
173{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"}, 177{ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
174{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0), "SSL_GET_PREV_SESSION"}, 178{ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "SSL_GET_NEW_SESSION"},
175{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"}, 179{ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "SSL_GET_PREV_SESSION"},
176{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"}, 180{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
177{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"}, 181{ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"},
178{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"}, 182{ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"},
179{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"}, 183{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
180{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"}, 184{ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
181{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"}, 185{ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
182{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"}, 186{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
183{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"}, 187{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
184{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"}, 188{ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
185{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"}, 189{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
186{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"}, 190{ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
187{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"}, 191{ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
188{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"}, 192{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
189{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0), "SSL_set_purpose"}, 193{ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
190{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"}, 194{ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
191{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"}, 195{ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
192{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"}, 196{ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
193{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0), "SSL_set_trust"}, 197{ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
194{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"}, 198{ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT), "SSL_set_session_id_context"},
195{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"}, 199{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
196{ERR_PACK(0,SSL_F_SSL_UNDEFINED_CONST_FUNCTION,0), "SSL_UNDEFINED_CONST_FUNCTION"}, 200{ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
197{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"}, 201{ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
198{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"}, 202{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION), "SSL_UNDEFINED_CONST_FUNCTION"},
199{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"}, 203{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
200{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"}, 204{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
201{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"}, 205{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
202{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"}, 206{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
203{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"}, 207{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
204{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"}, 208{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
205{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"}, 209{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
206{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"}, 210{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
207{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"}, 211{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1), "SSL_use_RSAPrivateKey_ASN1"},
208{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"}, 212{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE), "SSL_use_RSAPrivateKey_file"},
209{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"}, 213{ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
210{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"}, 214{ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
211{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"}, 215{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
212{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"}, 216{ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
217{ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"},
218{ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
213{0,NULL} 219{0,NULL}
214 }; 220 };
215 221
216static ERR_STRING_DATA SSL_str_reasons[]= 222static ERR_STRING_DATA SSL_str_reasons[]=
217 { 223 {
218{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"}, 224{ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) ,"app data in handshake"},
219{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"}, 225{ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),"attempt to reuse session in different context"},
220{SSL_R_BAD_ALERT_RECORD ,"bad alert record"}, 226{ERR_REASON(SSL_R_BAD_ALERT_RECORD) ,"bad alert record"},
221{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"}, 227{ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE),"bad authentication type"},
222{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"}, 228{ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC),"bad change cipher spec"},
223{SSL_R_BAD_CHECKSUM ,"bad checksum"}, 229{ERR_REASON(SSL_R_BAD_CHECKSUM) ,"bad checksum"},
224{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"}, 230{ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),"bad data returned by callback"},
225{SSL_R_BAD_DECOMPRESSION ,"bad decompression"}, 231{ERR_REASON(SSL_R_BAD_DECOMPRESSION) ,"bad decompression"},
226{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"}, 232{ERR_REASON(SSL_R_BAD_DH_G_LENGTH) ,"bad dh g length"},
227{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"}, 233{ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) ,"bad dh pub key length"},
228{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"}, 234{ERR_REASON(SSL_R_BAD_DH_P_LENGTH) ,"bad dh p length"},
229{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"}, 235{ERR_REASON(SSL_R_BAD_DIGEST_LENGTH) ,"bad digest length"},
230{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"}, 236{ERR_REASON(SSL_R_BAD_DSA_SIGNATURE) ,"bad dsa signature"},
231{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"}, 237{ERR_REASON(SSL_R_BAD_HELLO_REQUEST) ,"bad hello request"},
232{SSL_R_BAD_LENGTH ,"bad length"}, 238{ERR_REASON(SSL_R_BAD_LENGTH) ,"bad length"},
233{SSL_R_BAD_MAC_DECODE ,"bad mac decode"}, 239{ERR_REASON(SSL_R_BAD_MAC_DECODE) ,"bad mac decode"},
234{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"}, 240{ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) ,"bad message type"},
235{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"}, 241{ERR_REASON(SSL_R_BAD_PACKET_LENGTH) ,"bad packet length"},
236{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"}, 242{ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),"bad protocol version number"},
237{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"}, 243{ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) ,"bad response argument"},
238{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"}, 244{ERR_REASON(SSL_R_BAD_RSA_DECRYPT) ,"bad rsa decrypt"},
239{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"}, 245{ERR_REASON(SSL_R_BAD_RSA_ENCRYPT) ,"bad rsa encrypt"},
240{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"}, 246{ERR_REASON(SSL_R_BAD_RSA_E_LENGTH) ,"bad rsa e length"},
241{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"}, 247{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH),"bad rsa modulus length"},
242{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"}, 248{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) ,"bad rsa signature"},
243{SSL_R_BAD_SIGNATURE ,"bad signature"}, 249{ERR_REASON(SSL_R_BAD_SIGNATURE) ,"bad signature"},
244{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"}, 250{ERR_REASON(SSL_R_BAD_SSL_FILETYPE) ,"bad ssl filetype"},
245{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"}, 251{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"},
246{SSL_R_BAD_STATE ,"bad state"}, 252{ERR_REASON(SSL_R_BAD_STATE) ,"bad state"},
247{SSL_R_BAD_WRITE_RETRY ,"bad write retry"}, 253{ERR_REASON(SSL_R_BAD_WRITE_RETRY) ,"bad write retry"},
248{SSL_R_BIO_NOT_SET ,"bio not set"}, 254{ERR_REASON(SSL_R_BIO_NOT_SET) ,"bio not set"},
249{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"}, 255{ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),"block cipher pad is wrong"},
250{SSL_R_BN_LIB ,"bn lib"}, 256{ERR_REASON(SSL_R_BN_LIB) ,"bn lib"},
251{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"}, 257{ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) ,"ca dn length mismatch"},
252{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"}, 258{ERR_REASON(SSL_R_CA_DN_TOO_LONG) ,"ca dn too long"},
253{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"}, 259{ERR_REASON(SSL_R_CCS_RECEIVED_EARLY) ,"ccs received early"},
254{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"}, 260{ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),"certificate verify failed"},
255{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"}, 261{ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH) ,"cert length mismatch"},
256{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"}, 262{ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT),"challenge is different"},
257{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"}, 263{ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH),"cipher code wrong length"},
258{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"}, 264{ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),"cipher or hash unavailable"},
259{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"}, 265{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
260{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"}, 266{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
261{SSL_R_COMPRESSION_FAILURE ,"compression failure"}, 267{ERR_REASON(SSL_R_COMPRESSION_FAILURE) ,"compression failure"},
262{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"}, 268{ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),"compression library error"},
263{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"}, 269{ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),"connection id is different"},
264{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"}, 270{ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET),"connection type not set"},
265{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"}, 271{ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),"data between ccs and finished"},
266{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"}, 272{ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG) ,"data length too long"},
267{SSL_R_DECRYPTION_FAILED ,"decryption failed"}, 273{ERR_REASON(SSL_R_DECRYPTION_FAILED) ,"decryption failed"},
268{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"}, 274{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),"decryption failed or bad record mac"},
269{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"}, 275{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),"dh public value length is wrong"},
270{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"}, 276{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED) ,"digest check failed"},
271{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"}, 277{ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),"encrypted length too long"},
272{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"}, 278{ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),"error generating tmp rsa key"},
273{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"}, 279{ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),"error in received cipher list"},
274{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"}, 280{ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE),"excessive message size"},
275{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"}, 281{ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) ,"extra data in message"},
276{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, 282{ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS),"got a fin before a ccs"},
277{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"}, 283{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"},
278{SSL_R_HTTP_REQUEST ,"http request"}, 284{ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"},
279{SSL_R_ILLEGAL_PADDING ,"illegal padding"}, 285{ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"},
280{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"}, 286{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"},
281{SSL_R_INVALID_COMMAND ,"invalid command"}, 287{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"},
282{SSL_R_INVALID_PURPOSE ,"invalid purpose"}, 288{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid purpose"},
283{SSL_R_INVALID_TRUST ,"invalid trust"}, 289{ERR_REASON(SSL_R_INVALID_TRUST) ,"invalid trust"},
284{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"}, 290{ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) ,"key arg too long"},
285{SSL_R_KRB5 ,"krb5"}, 291{ERR_REASON(SSL_R_KRB5) ,"krb5"},
286{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"}, 292{ERR_REASON(SSL_R_KRB5_C_CC_PRINC) ,"krb5 client cc principal (no tkt?)"},
287{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"}, 293{ERR_REASON(SSL_R_KRB5_C_GET_CRED) ,"krb5 client get cred"},
288{SSL_R_KRB5_C_INIT ,"krb5 client init"}, 294{ERR_REASON(SSL_R_KRB5_C_INIT) ,"krb5 client init"},
289{SSL_R_KRB5_C_MK_REQ ,"krb5 client mk_req (expired tkt?)"}, 295{ERR_REASON(SSL_R_KRB5_C_MK_REQ) ,"krb5 client mk_req (expired tkt?)"},
290{SSL_R_KRB5_S_BAD_TICKET ,"krb5 server bad ticket"}, 296{ERR_REASON(SSL_R_KRB5_S_BAD_TICKET) ,"krb5 server bad ticket"},
291{SSL_R_KRB5_S_INIT ,"krb5 server init"}, 297{ERR_REASON(SSL_R_KRB5_S_INIT) ,"krb5 server init"},
292{SSL_R_KRB5_S_RD_REQ ,"krb5 server rd_req (keytab perms?)"}, 298{ERR_REASON(SSL_R_KRB5_S_RD_REQ) ,"krb5 server rd_req (keytab perms?)"},
293{SSL_R_KRB5_S_TKT_EXPIRED ,"krb5 server tkt expired"}, 299{ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED) ,"krb5 server tkt expired"},
294{SSL_R_KRB5_S_TKT_NYV ,"krb5 server tkt not yet valid"}, 300{ERR_REASON(SSL_R_KRB5_S_TKT_NYV) ,"krb5 server tkt not yet valid"},
295{SSL_R_KRB5_S_TKT_SKEW ,"krb5 server tkt skew"}, 301{ERR_REASON(SSL_R_KRB5_S_TKT_SKEW) ,"krb5 server tkt skew"},
296{SSL_R_LENGTH_MISMATCH ,"length mismatch"}, 302{ERR_REASON(SSL_R_LENGTH_MISMATCH) ,"length mismatch"},
297{SSL_R_LENGTH_TOO_SHORT ,"length too short"}, 303{ERR_REASON(SSL_R_LENGTH_TOO_SHORT) ,"length too short"},
298{SSL_R_LIBRARY_BUG ,"library bug"}, 304{ERR_REASON(SSL_R_LIBRARY_BUG) ,"library bug"},
299{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, 305{ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS),"library has no ciphers"},
300{SSL_R_MASTER_KEY_TOO_LONG ,"master key too long"}, 306{ERR_REASON(SSL_R_MESSAGE_TOO_LONG) ,"message too long"},
301{SSL_R_MESSAGE_TOO_LONG ,"message too long"}, 307{ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) ,"missing dh dsa cert"},
302{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, 308{ERR_REASON(SSL_R_MISSING_DH_KEY) ,"missing dh key"},
303{SSL_R_MISSING_DH_KEY ,"missing dh key"}, 309{ERR_REASON(SSL_R_MISSING_DH_RSA_CERT) ,"missing dh rsa cert"},
304{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"}, 310{ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT),"missing dsa signing cert"},
305{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"}, 311{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),"missing export tmp dh key"},
306{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"}, 312{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),"missing export tmp rsa key"},
307{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"}, 313{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE),"missing rsa certificate"},
308{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"}, 314{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),"missing rsa encrypting cert"},
309{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"}, 315{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT),"missing rsa signing cert"},
310{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"}, 316{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) ,"missing tmp dh key"},
311{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"}, 317{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) ,"missing tmp rsa key"},
312{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"}, 318{ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) ,"missing tmp rsa pkey"},
313{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"}, 319{ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE),"missing verify message"},
314{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"}, 320{ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET),"non sslv2 initial packet"},
315{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"}, 321{ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED),"no certificates returned"},
316{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"}, 322{ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED),"no certificate assigned"},
317{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"}, 323{ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED),"no certificate returned"},
318{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"}, 324{ERR_REASON(SSL_R_NO_CERTIFICATE_SET) ,"no certificate set"},
319{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"}, 325{ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED),"no certificate specified"},
320{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"}, 326{ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE) ,"no ciphers available"},
321{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"}, 327{ERR_REASON(SSL_R_NO_CIPHERS_PASSED) ,"no ciphers passed"},
322{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"}, 328{ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) ,"no ciphers specified"},
323{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"}, 329{ERR_REASON(SSL_R_NO_CIPHER_LIST) ,"no cipher list"},
324{SSL_R_NO_CIPHER_LIST ,"no cipher list"}, 330{ERR_REASON(SSL_R_NO_CIPHER_MATCH) ,"no cipher match"},
325{SSL_R_NO_CIPHER_MATCH ,"no cipher match"}, 331{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"},
326{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"}, 332{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"},
327{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"}, 333{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"},
328{SSL_R_NO_METHOD_SPECIFIED ,"no method specified"}, 334{ERR_REASON(SSL_R_NO_PRIVATEKEY) ,"no privatekey"},
329{SSL_R_NO_PRIVATEKEY ,"no privatekey"}, 335{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"},
330{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"}, 336{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"},
331{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"}, 337{ERR_REASON(SSL_R_NO_PUBLICKEY) ,"no publickey"},
332{SSL_R_NO_PUBLICKEY ,"no publickey"}, 338{ERR_REASON(SSL_R_NO_SHARED_CIPHER) ,"no shared cipher"},
333{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"}, 339{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) ,"no verify callback"},
334{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"}, 340{ERR_REASON(SSL_R_NULL_SSL_CTX) ,"null ssl ctx"},
335{SSL_R_NULL_SSL_CTX ,"null ssl ctx"}, 341{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"},
336{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"}, 342{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),"old session cipher not returned"},
337{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"}, 343{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),"only tls allowed in fips mode"},
338{SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE ,"only tls allowed in fips mode"}, 344{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG),"packet length too long"},
339{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"}, 345{ERR_REASON(SSL_R_PATH_TOO_LONG) ,"path too long"},
340{SSL_R_PATH_TOO_LONG ,"path too long"}, 346{ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),"peer did not return a certificate"},
341{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"}, 347{ERR_REASON(SSL_R_PEER_ERROR) ,"peer error"},
342{SSL_R_PEER_ERROR ,"peer error"}, 348{ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE),"peer error certificate"},
343{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"}, 349{ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),"peer error no certificate"},
344{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"}, 350{ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) ,"peer error no cipher"},
345{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"}, 351{ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"peer error unsupported certificate type"},
346{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"}, 352{ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG),"pre mac length too long"},
347{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"}, 353{ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),"problems mapping cipher functions"},
348{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"}, 354{ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) ,"protocol is shutdown"},
349{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"}, 355{ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR),"public key encrypt error"},
350{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"}, 356{ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) ,"public key is not rsa"},
351{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"}, 357{ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
352{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, 358{ERR_REASON(SSL_R_READ_BIO_NOT_SET) ,"read bio not set"},
353{SSL_R_READ_BIO_NOT_SET ,"read bio not set"}, 359{ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE),"read wrong packet type"},
354{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"}, 360{ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH),"record length mismatch"},
355{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"}, 361{ERR_REASON(SSL_R_RECORD_TOO_LARGE) ,"record too large"},
356{SSL_R_RECORD_TOO_LARGE ,"record too large"}, 362{ERR_REASON(SSL_R_RECORD_TOO_SMALL) ,"record too small"},
357{SSL_R_RECORD_TOO_SMALL ,"record too small"}, 363{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING),"required cipher missing"},
358{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"}, 364{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
359{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"}, 365{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
360{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"}, 366{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
361{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"}, 367{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
362{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"}, 368{ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
363{SSL_R_SHORT_READ ,"short read"}, 369{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
364{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, 370{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
365{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, 371{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"},
366{SSL_R_SSL2_CONNECTION_ID_TOO_LONG ,"ssl2 connection id too long"}, 372{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG),"ssl3 session id too long"},
367{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"}, 373{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),"ssl3 session id too short"},
368{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, 374{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),"sslv3 alert bad certificate"},
369{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, 375{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),"sslv3 alert bad record mac"},
370{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, 376{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),"sslv3 alert certificate expired"},
371{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"}, 377{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),"sslv3 alert certificate revoked"},
372{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"}, 378{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),"sslv3 alert certificate unknown"},
373{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"}, 379{ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),"sslv3 alert decompression failure"},
374{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"}, 380{ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),"sslv3 alert handshake failure"},
375{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"}, 381{ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),"sslv3 alert illegal parameter"},
376{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"}, 382{ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),"sslv3 alert no certificate"},
377{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"}, 383{ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),"sslv3 alert unexpected message"},
378{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"}, 384{ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),"sslv3 alert unsupported certificate"},
379{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"}, 385{ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),"ssl ctx has no default ssl version"},
380{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"}, 386{ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) ,"ssl handshake failure"},
381{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"}, 387{ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),"ssl library has no ciphers"},
382{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"}, 388{ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),"ssl session id callback failed"},
383{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"}, 389{ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT),"ssl session id conflict"},
384{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"}, 390{ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),"ssl session id context too long"},
385{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"}, 391{ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),"ssl session id has bad length"},
386{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"}, 392{ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),"ssl session id is different"},
387{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"}, 393{ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),"tlsv1 alert access denied"},
388{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED ,"ssl session id callback failed"}, 394{ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR),"tlsv1 alert decode error"},
389{SSL_R_SSL_SESSION_ID_CONFLICT ,"ssl session id conflict"}, 395{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),"tlsv1 alert decryption failed"},
390{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ,"ssl session id context too long"}, 396{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),"tlsv1 alert decrypt error"},
391{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH ,"ssl session id has bad length"}, 397{ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),"tlsv1 alert export restriction"},
392{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"}, 398{ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),"tlsv1 alert insufficient security"},
393{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"}, 399{ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),"tlsv1 alert internal error"},
394{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"}, 400{ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),"tlsv1 alert no renegotiation"},
395{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"}, 401{ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),"tlsv1 alert protocol version"},
396{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"}, 402{ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),"tlsv1 alert record overflow"},
397{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"}, 403{ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA),"tlsv1 alert unknown ca"},
398{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"}, 404{ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),"tlsv1 alert user cancelled"},
399{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"}, 405{ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),"tls client cert req with anon cipher"},
400{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"}, 406{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},
401{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"}, 407{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"},
402{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"}, 408{ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"},
403{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"}, 409{ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"},
404{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"}, 410{ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),"unable to extract public key"},
405{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"}, 411{ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),"unable to find dh parameters"},
406{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"}, 412{ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),"unable to find public key parameters"},
407{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"}, 413{ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),"unable to find ssl method"},
408{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"}, 414{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),"unable to load ssl2 md5 routines"},
409{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"}, 415{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),"unable to load ssl3 md5 routines"},
410{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"}, 416{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),"unable to load ssl3 sha1 routines"},
411{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"}, 417{ERR_REASON(SSL_R_UNEXPECTED_MESSAGE) ,"unexpected message"},
412{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"}, 418{ERR_REASON(SSL_R_UNEXPECTED_RECORD) ,"unexpected record"},
413{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"}, 419{ERR_REASON(SSL_R_UNINITIALIZED) ,"uninitialized"},
414{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"}, 420{ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE) ,"unknown alert type"},
415{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"}, 421{ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE),"unknown certificate type"},
416{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"}, 422{ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED),"unknown cipher returned"},
417{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"}, 423{ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE) ,"unknown cipher type"},
418{SSL_R_UNEXPECTED_RECORD ,"unexpected record"}, 424{ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),"unknown key exchange type"},
419{SSL_R_UNINITIALIZED ,"uninitialized"}, 425{ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE) ,"unknown pkey type"},
420{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"}, 426{ERR_REASON(SSL_R_UNKNOWN_PROTOCOL) ,"unknown protocol"},
421{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"}, 427{ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),"unknown remote error type"},
422{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"}, 428{ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) ,"unknown ssl version"},
423{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"}, 429{ERR_REASON(SSL_R_UNKNOWN_STATE) ,"unknown state"},
424{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"}, 430{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
425{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"}, 431{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
426{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"}, 432{ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) ,"unsupported protocol"},
427{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"}, 433{ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION),"unsupported ssl version"},
428{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"}, 434{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) ,"write bio not set"},
429{SSL_R_UNKNOWN_STATE ,"unknown state"}, 435{ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) ,"wrong cipher returned"},
430{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, 436{ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) ,"wrong message type"},
431{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"}, 437{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS),"wrong number of key bits"},
432{SSL_R_UNSUPPORTED_OPTION ,"unsupported option"}, 438{ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
433{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"}, 439{ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) ,"wrong signature size"},
434{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"}, 440{ERR_REASON(SSL_R_WRONG_SSL_VERSION) ,"wrong ssl version"},
435{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"}, 441{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) ,"wrong version number"},
436{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"}, 442{ERR_REASON(SSL_R_X509_LIB) ,"x509 lib"},
437{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"}, 443{ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),"x509 verification setup problems"},
438{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
439{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
440{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
441{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
442{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
443{SSL_R_X509_LIB ,"x509 lib"},
444{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"},
445{0,NULL} 444{0,NULL}
446 }; 445 };
447 446
@@ -455,8 +454,8 @@ void ERR_load_SSL_strings(void)
455 { 454 {
456 init=0; 455 init=0;
457#ifndef OPENSSL_NO_ERR 456#ifndef OPENSSL_NO_ERR
458 ERR_load_strings(ERR_LIB_SSL,SSL_str_functs); 457 ERR_load_strings(0,SSL_str_functs);
459 ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons); 458 ERR_load_strings(0,SSL_str_reasons);
460#endif 459#endif
461 460
462 } 461 }
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index 631229558f..2bd9a5af86 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -125,7 +125,7 @@
125 125
126const char *SSL_version_str=OPENSSL_VERSION_TEXT; 126const char *SSL_version_str=OPENSSL_VERSION_TEXT;
127 127
128OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={ 128SSL3_ENC_METHOD ssl3_undef_enc_method={
129 /* evil casts, but these functions are only called if there's a library bug */ 129 /* evil casts, but these functions are only called if there's a library bug */
130 (int (*)(SSL *,int))ssl_undefined_function, 130 (int (*)(SSL *,int))ssl_undefined_function,
131 (int (*)(SSL *, unsigned char *, int))ssl_undefined_function, 131 (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
@@ -1130,8 +1130,21 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1130 1130
1131 sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list, 1131 sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
1132 &ctx->cipher_list_by_id,str); 1132 &ctx->cipher_list_by_id,str);
1133/* XXXX */ 1133 /* ssl_create_cipher_list may return an empty stack if it
1134 return((sk == NULL)?0:1); 1134 * was unable to find a cipher matching the given rule string
1135 * (for example if the rule string specifies a cipher which
1136 * has been disabled). This is not an error as far as
1137 * ssl_create_cipher_list is concerned, and hence
1138 * ctx->cipher_list and ctx->cipher_list_by_id has been
1139 * updated. */
1140 if (sk == NULL)
1141 return 0;
1142 else if (sk_SSL_CIPHER_num(sk) == 0)
1143 {
1144 SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1145 return 0;
1146 }
1147 return 1;
1135 } 1148 }
1136 1149
1137/** specify the ciphers to be used by the SSL */ 1150/** specify the ciphers to be used by the SSL */
@@ -1141,8 +1154,15 @@ int SSL_set_cipher_list(SSL *s,const char *str)
1141 1154
1142 sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list, 1155 sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
1143 &s->cipher_list_by_id,str); 1156 &s->cipher_list_by_id,str);
1144/* XXXX */ 1157 /* see comment in SSL_CTX_set_cipher_list */
1145 return((sk == NULL)?0:1); 1158 if (sk == NULL)
1159 return 0;
1160 else if (sk_SSL_CIPHER_num(sk) == 0)
1161 {
1162 SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1163 return 0;
1164 }
1165 return 1;
1146 } 1166 }
1147 1167
1148/* works well for SSLv2, not so good for SSLv3 */ 1168/* works well for SSLv2, not so good for SSLv3 */
@@ -1181,7 +1201,8 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
1181 return(buf); 1201 return(buf);
1182 } 1202 }
1183 1203
1184int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p) 1204int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
1205 int (*put_cb)(const SSL_CIPHER *, unsigned char *))
1185 { 1206 {
1186 int i,j=0; 1207 int i,j=0;
1187 SSL_CIPHER *c; 1208 SSL_CIPHER *c;
@@ -1200,7 +1221,8 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
1200 if ((c->algorithms & SSL_KRB5) && nokrb5) 1221 if ((c->algorithms & SSL_KRB5) && nokrb5)
1201 continue; 1222 continue;
1202#endif /* OPENSSL_NO_KRB5 */ 1223#endif /* OPENSSL_NO_KRB5 */
1203 j=ssl_put_cipher_by_char(s,c,p); 1224
1225 j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
1204 p+=j; 1226 p+=j;
1205 } 1227 }
1206 return(p-q); 1228 return(p-q);
@@ -1694,7 +1716,7 @@ void ssl_update_cache(SSL *s,int mode)
1694 ?s->ctx->stats.sess_connect_good 1716 ?s->ctx->stats.sess_connect_good
1695 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff) 1717 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
1696 { 1718 {
1697 SSL_CTX_flush_sessions(s->ctx,time(NULL)); 1719 SSL_CTX_flush_sessions(s->ctx,(unsigned long)time(NULL));
1698 } 1720 }
1699 } 1721 }
1700 } 1722 }
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 25a144a0d0..6a0b7595f4 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -462,7 +462,7 @@ typedef struct ssl3_comp_st
462 COMP_METHOD *method; /* The method :-) */ 462 COMP_METHOD *method; /* The method :-) */
463 } SSL3_COMP; 463 } SSL3_COMP;
464 464
465OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method; 465extern SSL3_ENC_METHOD ssl3_undef_enc_method;
466OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[]; 466OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
467OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[]; 467OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
468 468
@@ -493,7 +493,8 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
493 const SSL_CIPHER * const *bp); 493 const SSL_CIPHER * const *bp);
494STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, 494STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
495 STACK_OF(SSL_CIPHER) **skp); 495 STACK_OF(SSL_CIPHER) **skp);
496int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p); 496int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
497 int (*put_cb)(const SSL_CIPHER *, unsigned char *));
497STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, 498STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
498 STACK_OF(SSL_CIPHER) **pref, 499 STACK_OF(SSL_CIPHER) **pref,
499 STACK_OF(SSL_CIPHER) **sorted, 500 STACK_OF(SSL_CIPHER) **sorted,
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c
index 5f12aa361c..2ba8b9612e 100644
--- a/src/lib/libssl/src/ssl/ssl_sess.c
+++ b/src/lib/libssl/src/ssl/ssl_sess.c
@@ -118,7 +118,7 @@ SSL_SESSION *SSL_SESSION_new(void)
118 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ 118 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
119 ss->references=1; 119 ss->references=1;
120 ss->timeout=60*5+4; /* 5 minute timeout by default */ 120 ss->timeout=60*5+4; /* 5 minute timeout by default */
121 ss->time=time(NULL); 121 ss->time=(unsigned long)time(NULL);
122 ss->prev=NULL; 122 ss->prev=NULL;
123 ss->next=NULL; 123 ss->next=NULL;
124 ss->compress_meth=0; 124 ss->compress_meth=0;
@@ -377,7 +377,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
377 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); 377 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
378#endif 378#endif
379 379
380 if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */ 380 if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
381 { 381 {
382 s->ctx->stats.sess_timeout++; 382 s->ctx->stats.sess_timeout++;
383 /* remove it from the cache */ 383 /* remove it from the cache */
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
index 02878981f1..9845ef99ed 100644
--- a/src/lib/libssl/src/ssl/ssltest.c
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -119,11 +119,14 @@
119#include <stdlib.h> 119#include <stdlib.h>
120#include <string.h> 120#include <string.h>
121#include <time.h> 121#include <time.h>
122#include <ctype.h>
123 122
124#define USE_SOCKETS 123#define USE_SOCKETS
125#include "e_os.h" 124#include "e_os.h"
126 125
126#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
127 VMS (at least with DECompHP C). */
128#include <ctype.h>
129
127#include <openssl/bio.h> 130#include <openssl/bio.h>
128#include <openssl/crypto.h> 131#include <openssl/crypto.h>
129#include <openssl/evp.h> 132#include <openssl/evp.h>
@@ -388,7 +391,6 @@ int main(int argc, char *argv[])
388 COMP_METHOD *cm = NULL; 391 COMP_METHOD *cm = NULL;
389#ifdef OPENSSL_FIPS 392#ifdef OPENSSL_FIPS
390 int fips_mode=0; 393 int fips_mode=0;
391 const char *path=argv[0];
392#endif 394#endif
393 395
394 verbose = 0; 396 verbose = 0;
@@ -591,7 +593,7 @@ bad:
591#ifdef OPENSSL_FIPS 593#ifdef OPENSSL_FIPS
592 if(fips_mode) 594 if(fips_mode)
593 { 595 {
594 if(!FIPS_mode_set(1,path)) 596 if(!FIPS_mode_set(1))
595 { 597 {
596 ERR_load_crypto_strings(); 598 ERR_load_crypto_strings();
597 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); 599 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
@@ -1926,8 +1928,8 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
1926 1928
1927 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1929 fprintf(stderr, "In app_verify_callback, allowing cert. ");
1928 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1930 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
1929 fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n", 1931 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
1930 (unsigned int)ctx, (unsigned int)ctx->cert); 1932 (void *)ctx, (void *)ctx->cert);
1931 if (ctx->cert) 1933 if (ctx->cert)
1932 s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256); 1934 s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
1933 if (s != NULL) 1935 if (s != NULL)
@@ -1975,15 +1977,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
1975 } 1977 }
1976 1978
1977#ifndef OPENSSL_NO_X509_VERIFY 1979#ifndef OPENSSL_NO_X509_VERIFY
1978# ifdef OPENSSL_FIPS
1979 if(s->version == TLS1_VERSION)
1980 FIPS_allow_md5(1);
1981# endif
1982 ok = X509_verify_cert(ctx); 1980 ok = X509_verify_cert(ctx);
1983# ifdef OPENSSL_FIPS
1984 if(s->version == TLS1_VERSION)
1985 FIPS_allow_md5(0);
1986# endif
1987#endif 1981#endif
1988 1982
1989 if (cb_arg->proxy_auth) 1983 if (cb_arg->proxy_auth)
diff --git a/src/lib/libssl/src/test/Makefile b/src/lib/libssl/src/test/Makefile
index 6aeedf7fa3..189d14ed49 100644
--- a/src/lib/libssl/src/test/Makefile
+++ b/src/lib/libssl/src/test/Makefile
@@ -39,7 +39,7 @@ EXPTEST= exptest
39IDEATEST= ideatest 39IDEATEST= ideatest
40SHATEST= shatest 40SHATEST= shatest
41SHA1TEST= sha1test 41SHA1TEST= sha1test
42FIPS_SHA1TEST= fips_sha1test 42FIPS_SHATEST= fips_shatest
43MDC2TEST= mdc2test 43MDC2TEST= mdc2test
44RMDTEST= rmdtest 44RMDTEST= rmdtest
45MD2TEST= md2test 45MD2TEST= md2test
@@ -64,32 +64,47 @@ RSATEST= rsa_test
64ENGINETEST= enginetest 64ENGINETEST= enginetest
65EVPTEST= evp_test 65EVPTEST= evp_test
66FIPS_AESTEST= fips_aesavs 66FIPS_AESTEST= fips_aesavs
67FIPS_HMACTEST= fips_hmactest
68FIPS_RSAVTEST= fips_rsavtest
69FIPS_RSASTEST= fips_rsastest
70FIPS_RSAGTEST= fips_rsagtest
71FIPS_DSSVS= fips_dssvs
72FIPS_RNGVS= fips_rngvs
73FIPS_TEST_SUITE=fips_test_suite
67 74
68TESTS= alltests 75TESTS= alltests
69 76
70EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) \ 77EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) \
71 $(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \ 78 $(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
72 $(DESTEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(FIPS_SHA1TEST)$(EXE_EXT) $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ 79 $(DESTEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(FIPS_SHATEST)$(EXE_EXT) $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
73 $(RANDTEST)$(EXE_EXT) $(FIPS_RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ 80 $(RANDTEST)$(EXE_EXT) $(FIPS_RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
74 $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ 81 $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
75 $(EVPTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) 82 $(EVPTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) \
83 $(FIPS_HMACTEST)$(EXE_EXT) $(FIPS_RSAVTEST)$(EXE_EXT) \
84 $(FIPS_RSASTEST)$(EXE_EXT) $(FIPS_RSAGTEST)$(EXE_EXT) \
85 $(FIPS_DSSVS)$(EXE_EXT) $(FIPS_RNGVS)$(EXE_EXT) \
86 $(FIPS_TEST_SUITE)$(EXE_EXT)
76 87
77# $(METHTEST)$(EXE_EXT) 88# $(METHTEST)$(EXE_EXT)
78 89
79OBJ= $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \ 90OBJ= $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
80 $(HMACTEST).o \ 91 $(HMACTEST).o \
81 $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \ 92 $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
82 $(DESTEST).o $(FIPS_DESTEST).o $(SHATEST).o $(SHA1TEST).o $(FIPS_SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \ 93 $(DESTEST).o $(FIPS_DESTEST).o $(SHATEST).o $(SHA1TEST).o $(FIPS_SHATEST).o $(MDC2TEST).o $(RMDTEST).o \
83 $(RANDTEST).o $(FIPS_RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ 94 $(RANDTEST).o $(FIPS_RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
84 $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(FIPS_DSATEST).o $(EXPTEST).o $(RSATEST).o \ 95 $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(FIPS_DSATEST).o $(EXPTEST).o $(RSATEST).o \
85 $(EVPTEST).o $(FIPS_AESTEST).o 96 $(EVPTEST).o $(FIPS_AESTEST).o $(FIPS_HMACTEST).o $(FIPS_RSAVTEST).o \
97 $(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o $(FIPS_DSSVS).o $(FIPS_RNGVS).o \
98 $(FIPS_TEST_SUITE).o
86SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ 99SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
87 $(HMACTEST).c \ 100 $(HMACTEST).c \
88 $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \ 101 $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
89 $(DESTEST).c $(FIPS_DESTEST).c $(SHATEST).c $(SHA1TEST).c $(FIPS_SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \ 102 $(DESTEST).c $(FIPS_DESTEST).c $(SHATEST).c $(SHA1TEST).c $(FIPS_SHATEST).c $(MDC2TEST).c $(RMDTEST).c \
90 $(RANDTEST).c $(FIPS_RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ 103 $(RANDTEST).c $(FIPS_RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
91 $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(FIPS_DSATEST).c $(EXPTEST).c $(RSATEST).c \ 104 $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(FIPS_DSATEST).c $(EXPTEST).c $(RSATEST).c \
92 $(EVPTEST).c $(FIPS_AESTEST).c 105 $(EVPTEST).c $(FIPS_AESTEST).c $(FIPS_HMACTEST).c $(FIPS_RSAVTEST).c \
106 $(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c $(FIPS_DSSVS).c $(FIPS_RNGVS).c \
107 $(FIPS_TEST_SUITE).c
93 108
94EXHEADER= 109EXHEADER=
95HEADER= $(EXHEADER) 110HEADER= $(EXHEADER)
@@ -153,7 +168,7 @@ test_sha:
153 ../util/shlib_wrap.sh ./$(SHATEST) 168 ../util/shlib_wrap.sh ./$(SHATEST)
154 ../util/shlib_wrap.sh ./$(SHA1TEST) 169 ../util/shlib_wrap.sh ./$(SHA1TEST)
155 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ 170 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
156 ../util/shlib_wrap.sh ./$(FIPS_SHA1TEST) sha1vectors.txt | sed s/Strings/Hashes/ | cmp sha1hashes.txt - ; \ 171 ../util/shlib_wrap.sh ./$(FIPS_SHATEST) < SHAmix.req | diff -w SHAmix.fax - ; \
157 fi 172 fi
158 173
159test_mdc2: 174test_mdc2:
@@ -311,20 +326,43 @@ $(DLIBSSL):
311$(DLIBCRYPTO): 326$(DLIBCRYPTO):
312 (cd ..; $(MAKE) DIRS=crypto all) 327 (cd ..; $(MAKE) DIRS=crypto all)
313 328
314BUILD_CMD=if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ 329BUILD_CMD=SHARED_LIBS="$(SHARED_LIBS)"; \
330 if [ "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
331 SHARED_LIBS=""; \
332 fi; \
333 if [ -z "$$SHARED_LIBS" ]; then \
315 set -x; $${CC:-$(CC)} -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ 334 set -x; $${CC:-$(CC)} -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
316 elif [ -z "$(SHARED_LIBS)" ]; then \ 335 else set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
317 set -x; $${CC:-$(CC)} -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
318 else \
319 set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
320 $(CC) -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ 336 $(CC) -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
321 fi; 337 fi
338
339FIPS_BUILD_CMD=if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
340 FIPSLD_CC=$(CC); CC=$(TOP)/fips-1.0/fipsld; export CC FIPSLD_CC; \
341 fi; $(BUILD_CMD)
322 342
323$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO) 343$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO)
324 @target=$(FIPS_AESTEST); $(BUILD_CMD) 344 @target=$(FIPS_AESTEST); $(FIPS_BUILD_CMD)
325 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ 345
326 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_AESTEST); \ 346$(FIPS_HMACTEST)$(EXE_EXT): $(FIPS_HMACTEST).o $(DLIBCRYPTO)
327 fi 347 @target=$(FIPS_HMACTEST); $(FIPS_BUILD_CMD)
348
349$(FIPS_RSAVTEST)$(EXE_EXT): $(FIPS_RSAVTEST).o $(DLIBCRYPTO)
350 @target=$(FIPS_RSAVTEST); $(FIPS_BUILD_CMD)
351
352$(FIPS_RSASTEST)$(EXE_EXT): $(FIPS_RSASTEST).o $(DLIBCRYPTO)
353 @target=$(FIPS_RSASTEST); $(FIPS_BUILD_CMD)
354
355$(FIPS_RSAGTEST)$(EXE_EXT): $(FIPS_RSAGTEST).o $(DLIBCRYPTO)
356 @target=$(FIPS_RSAGTEST); $(FIPS_BUILD_CMD)
357
358$(FIPS_DSSVS)$(EXE_EXT): $(FIPS_DSSVS).o $(DLIBCRYPTO)
359 @target=$(FIPS_DSSVS); $(FIPS_BUILD_CMD)
360
361$(FIPS_RNGVS)$(EXE_EXT): $(FIPS_RNGVS).o $(DLIBCRYPTO)
362 @target=$(FIPS_RNGVS); $(FIPS_BUILD_CMD)
363
364$(FIPS_TEST_SUITE)$(EXE_EXT): $(FIPS_TEST_SUITE).o $(DLIBCRYPTO)
365 @target=$(FIPS_TEST_SUITE); $(FIPS_BUILD_CMD)
328 366
329$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) 367$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
330 @target=$(RSATEST); $(BUILD_CMD) 368 @target=$(RSATEST); $(BUILD_CMD)
@@ -350,11 +388,8 @@ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
350$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) 388$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
351 @target=$(SHA1TEST); $(BUILD_CMD) 389 @target=$(SHA1TEST); $(BUILD_CMD)
352 390
353$(FIPS_SHA1TEST)$(EXE_EXT): $(FIPS_SHA1TEST).o $(DLIBCRYPTO) 391$(FIPS_SHATEST)$(EXE_EXT): $(FIPS_SHATEST).o $(DLIBCRYPTO)
354 @target=$(FIPS_SHA1TEST); $(BUILD_CMD) 392 @target=$(FIPS_SHATEST); $(FIPS_BUILD_CMD)
355 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
356 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_SHA1TEST); \
357 fi
358 393
359$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) 394$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
360 @target=$(RMDTEST); $(BUILD_CMD) 395 @target=$(RMDTEST); $(BUILD_CMD)
@@ -390,19 +425,13 @@ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
390 @target=$(DESTEST); $(BUILD_CMD) 425 @target=$(DESTEST); $(BUILD_CMD)
391 426
392$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO) 427$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO)
393 @target=$(FIPS_DESTEST); $(BUILD_CMD) 428 @target=$(FIPS_DESTEST); $(FIPS_BUILD_CMD)
394 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
395 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_DESTEST); \
396 fi
397 429
398$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) 430$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
399 @target=$(RANDTEST); $(BUILD_CMD) 431 @target=$(RANDTEST); $(BUILD_CMD)
400 432
401$(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO) 433$(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO)
402 @target=$(FIPS_RANDTEST); $(BUILD_CMD) 434 @target=$(FIPS_RANDTEST); $(FIPS_BUILD_CMD)
403 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
404 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_RANDTEST); \
405 fi
406 435
407$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) 436$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
408 @target=$(DHTEST); $(BUILD_CMD) 437 @target=$(DHTEST); $(BUILD_CMD)
@@ -411,19 +440,13 @@ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
411 @target=$(DSATEST); $(BUILD_CMD) 440 @target=$(DSATEST); $(BUILD_CMD)
412 441
413$(FIPS_DSATEST)$(EXE_EXT): $(FIPS_DSATEST).o $(DLIBCRYPTO) 442$(FIPS_DSATEST)$(EXE_EXT): $(FIPS_DSATEST).o $(DLIBCRYPTO)
414 @target=$(FIPS_DSATEST); $(BUILD_CMD) 443 @target=$(FIPS_DSATEST); $(FIPS_BUILD_CMD)
415 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
416 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_DSATEST); \
417 fi
418 444
419$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) 445$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
420 @target=$(METHTEST); $(BUILD_CMD) 446 @target=$(METHTEST); $(BUILD_CMD)
421 447
422$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) 448$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
423 @target=$(SSLTEST); $(BUILD_CMD) 449 @target=$(SSLTEST); $(FIPS_BUILD_CMD)
424 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
425 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(SSLTEST); \
426 fi
427 450
428$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) 451$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
429 @target=$(ENGINETEST); $(BUILD_CMD) 452 @target=$(ENGINETEST); $(BUILD_CMD)
@@ -587,6 +610,29 @@ fips_dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
587fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h 610fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
588fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h 611fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
589fips_dsatest.o: fips_dsatest.c 612fips_dsatest.o: fips_dsatest.c
613fips_dssvs.o: ../include/openssl/opensslconf.h fips_dssvs.c
614fips_hmactest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
615fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
616fips_hmactest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
617fips_hmactest.o: ../include/openssl/cast.h ../include/openssl/conf.h
618fips_hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h
619fips_hmactest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
620fips_hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
621fips_hmactest.o: ../include/openssl/err.h ../include/openssl/evp.h
622fips_hmactest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
623fips_hmactest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
624fips_hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
625fips_hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
626fips_hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
627fips_hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
628fips_hmactest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
629fips_hmactest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
630fips_hmactest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
631fips_hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
632fips_hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
633fips_hmactest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
634fips_hmactest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
635fips_hmactest.o: ../include/openssl/x509v3.h fips_hmactest.c
590fips_randtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h 636fips_randtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
591fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h 637fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h
592fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h 638fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
@@ -596,13 +642,117 @@ fips_randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
596fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h 642fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
597fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h 643fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
598fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c 644fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c
599fips_sha1test.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h 645fips_rngvs.o: ../include/openssl/opensslconf.h fips_rngvs.c
600fips_sha1test.o: ../include/openssl/e_os2.h ../include/openssl/err.h 646fips_rsagtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
601fips_sha1test.o: ../include/openssl/fips.h ../include/openssl/lhash.h 647fips_rsagtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
602fips_sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h 648fips_rsagtest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
603fips_sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h 649fips_rsagtest.o: ../include/openssl/cast.h ../include/openssl/conf.h
604fips_sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h 650fips_rsagtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
605fips_sha1test.o: fips_sha1test.c 651fips_rsagtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
652fips_rsagtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
653fips_rsagtest.o: ../include/openssl/err.h ../include/openssl/evp.h
654fips_rsagtest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
655fips_rsagtest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
656fips_rsagtest.o: ../include/openssl/md4.h ../include/openssl/md5.h
657fips_rsagtest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
658fips_rsagtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
659fips_rsagtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
660fips_rsagtest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
661fips_rsagtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
662fips_rsagtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
663fips_rsagtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
664fips_rsagtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
665fips_rsagtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
666fips_rsagtest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
667fips_rsagtest.o: ../include/openssl/x509v3.h fips_rsagtest.c
668fips_rsastest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
669fips_rsastest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
670fips_rsastest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
671fips_rsastest.o: ../include/openssl/cast.h ../include/openssl/conf.h
672fips_rsastest.o: ../include/openssl/crypto.h ../include/openssl/des.h
673fips_rsastest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
674fips_rsastest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
675fips_rsastest.o: ../include/openssl/err.h ../include/openssl/evp.h
676fips_rsastest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
677fips_rsastest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
678fips_rsastest.o: ../include/openssl/md4.h ../include/openssl/md5.h
679fips_rsastest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
680fips_rsastest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
681fips_rsastest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
682fips_rsastest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
683fips_rsastest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
684fips_rsastest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
685fips_rsastest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
686fips_rsastest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
687fips_rsastest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
688fips_rsastest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
689fips_rsastest.o: ../include/openssl/x509v3.h fips_rsastest.c
690fips_rsavtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
691fips_rsavtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
692fips_rsavtest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
693fips_rsavtest.o: ../include/openssl/cast.h ../include/openssl/conf.h
694fips_rsavtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
695fips_rsavtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
696fips_rsavtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
697fips_rsavtest.o: ../include/openssl/err.h ../include/openssl/evp.h
698fips_rsavtest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
699fips_rsavtest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
700fips_rsavtest.o: ../include/openssl/md4.h ../include/openssl/md5.h
701fips_rsavtest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
702fips_rsavtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
703fips_rsavtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
704fips_rsavtest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
705fips_rsavtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
706fips_rsavtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
707fips_rsavtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
708fips_rsavtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
709fips_rsavtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
710fips_rsavtest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
711fips_rsavtest.o: ../include/openssl/x509v3.h fips_rsavtest.c
712fips_shatest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
713fips_shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
714fips_shatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
715fips_shatest.o: ../include/openssl/cast.h ../include/openssl/conf.h
716fips_shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
717fips_shatest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
718fips_shatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
719fips_shatest.o: ../include/openssl/err.h ../include/openssl/evp.h
720fips_shatest.o: ../include/openssl/idea.h ../include/openssl/lhash.h
721fips_shatest.o: ../include/openssl/md2.h ../include/openssl/md4.h
722fips_shatest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
723fips_shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
724fips_shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
725fips_shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
726fips_shatest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
727fips_shatest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
728fips_shatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
729fips_shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
730fips_shatest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
731fips_shatest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
732fips_shatest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
733fips_shatest.o: fips_shatest.c
734fips_test_suite.o: ../include/openssl/aes.h ../include/openssl/asn1.h
735fips_test_suite.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
736fips_test_suite.o: ../include/openssl/bn.h ../include/openssl/cast.h
737fips_test_suite.o: ../include/openssl/crypto.h ../include/openssl/des.h
738fips_test_suite.o: ../include/openssl/des_old.h ../include/openssl/dh.h
739fips_test_suite.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
740fips_test_suite.o: ../include/openssl/err.h ../include/openssl/evp.h
741fips_test_suite.o: ../include/openssl/fips.h ../include/openssl/fips_sha.h
742fips_test_suite.o: ../include/openssl/hmac.h ../include/openssl/idea.h
743fips_test_suite.o: ../include/openssl/lhash.h ../include/openssl/md2.h
744fips_test_suite.o: ../include/openssl/md4.h ../include/openssl/md5.h
745fips_test_suite.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
746fips_test_suite.o: ../include/openssl/objects.h
747fips_test_suite.o: ../include/openssl/opensslconf.h
748fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
749fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rc2.h
750fips_test_suite.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
751fips_test_suite.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
752fips_test_suite.o: ../include/openssl/safestack.h ../include/openssl/sha.h
753fips_test_suite.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
754fips_test_suite.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
755fips_test_suite.o: fips_test_suite.c
606hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h 756hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
607hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h 757hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
608hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h 758hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h
diff --git a/src/lib/libssl/src/test/SHAmix.fax b/src/lib/libssl/src/test/SHAmix.fax
new file mode 100644
index 0000000000..83bcb14126
--- /dev/null
+++ b/src/lib/libssl/src/test/SHAmix.fax
@@ -0,0 +1,129 @@
1[L = 64]
2
3Len = 16
4Msg = 98a1
5MD = 74d78642f70ca830bec75fc60a585917e388cfa4cd1d23daab1c4d9ff1010cac3e67275df64db5a6a7c7d0fda24f1fc3eb272678a7c8becff6743ee812129078
6
7Len = 104
8Msg = 35a37a46df4ccbadd815942249
9MD = 6f5589ea195e745654885d50de687d7fe682affc8da1fb09e681540525f04ecb93022361a27759b9e272c883564223c5e4ecafeb0daaf1abce6caa4bd4153379
10
11Len = 352
12Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
13MD = 66a16799d606c569d2fcd70d7d8321ec90ef61711481aaf7d747744ebfd08ec2e7aead49429af7b4ceec6d8e147ed018e034efbe07982699e818db5fc4b1d71a
14
15Len = 1016
16Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
17MD = 790bc4844e9aeef8938df0ccda17890556a4151817111a526a88919cfb172f0b03c216080c1b60210eb1942097f17b6d0691bf5b018b6d959198d6a694b922c9
18
19Len = 13696
20Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
21MD = a86e07bcd19080d4a83e1384bd8189f60a7dd7a6998406ade0bf03f805375bd823c7656dd51cd9d63e542f8ade41f16d73794d60d0906424133778156ee54b95
22
23Len = 100816
24Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
25MD = be3cfa6c965b2ee4e6fb0236665b0b95f66c8da8b338375b7393672283b0e50b96112d7cb76fffaa6db8ea4a7687fc6234dc1ee52e764d69ba8ac40c0f51beba
26
27[L = 48]
28
29Len = 16
30Msg = 3a35
31MD = 87bea682792f6bb4977fe1b92e0cc7017413dd263732c3604f0ebd63c2817ce5ddc5d78c0137f614a06e72ab1cab2f4c
32
33Len = 104
34Msg = 7db15b3ee240b45d4610950996
35MD = 7311a6356ab38a690c0b3a1581c3e7b6de418996c05e79849891b061c51d53dffc0fff2b8ad1c1eff165aee5ef6e18ff
36
37Len = 352
38Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
39MD = adb1778360ec659e90609e74b6af219a01a024f216b68aa944841429ed5b03b139444b8b848f73fd5f350ef02d46b6ce
40
41Len = 1016
42Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
43MD = 0cbec7be7299f48f043c3d1aacf833b4258c32190a21a8ac2471666b4a51b63cc77fff6e081aaf5ef21b1b7523d65763
44
45Len = 13696
46Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
47MD = 70e1259106fc7a7c6be11d95fb673bfaf0074e342fdaefb458faf4619e7f0edbd68d509b9ca7243d2e5e039d42ee3b47
48
49Len = 100816
50Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
51MD = b70acba01bd715f542859a4224d035eb177fe7b34d5447e099acd1716ba6d00f515bd02021b5b3015d736b04687544de
52
53[L = 32]
54
55Len = 16
56Msg = 43cd
57MD = 7c5f9ed821a021ef1850dd4e0b179a656fbe27b104463720f467db32bbfab5a4
58
59Len = 104
60Msg = 5f75a437ce0698a7d8151c3fe0
61MD = 774782a9c3023dcef8b2cb83f7994324e3cca35323419b3914a9b6bc3ace5ce1
62
63Len = 352
64Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
65MD = f114f1a390bfc30f34652751f3a38e8bdc9597625e363689459b80082eb34009
66
67Len = 488
68Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
69MD = 7d00fe393c308eadb8c0a4f771d409e17c9a796e63b45fc8e84c0cb2bdb62532
70
71Len = 13976
72Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
73MD = 6e5905b22cb95e48b73c5a885f5463f554d81257bd26301c4393d57fff1c8323
74
75Len = 48824
76Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
77MD = d7c901f0d92a868dced7e2659e90121108611dd7781325fc57e5c336c2279510
78
79[L = 28]
80
81Len = 16
82Msg = 3dd2
83MD = b7399529fe614af98f9ecd73e45790406883cb22e3bdcdf28fadd033
84
85Len = 104
86Msg = 3d232201038fe7d846ac1bd4c6
87MD = d0aee5482c509540a4ea4b902bf42fc8df3af6de42fb14e903d1b2e4
88
89Len = 352
90Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
91MD = 56c22e6066cd4c4d6415c5a225257e7f888b317ba4e98eadb72b4be0
92
93Len = 504
94Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
95MD = 33a84e66cf1ce6970c35807db25e05ca05809e53d4e34cda9bfc0045
96
97Len = 13976
98Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
99MD = 60700d4ef068822d0fe6df450b4aa8e206b2790d6dcf973229a59889
100
101Len = 48824
102Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
103MD = 85747c796a910421ecb364b4b4f0e68b49e9217944f6586eac4993ec
104
105[L = 20]
106
107Len = 16
108Msg = 8a61
109MD = 60bdeabf39efdf21ba9c0f94af6552d2ffe699e1
110
111Len = 104
112Msg = 37487aa02b03bdbc6bc62e7e26
113MD = f146072f92dc4a551721a10bf0b01564cc2b43df
114
115Len = 352
116Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
117MD = b0a2d6033cf1d8ff120a605b745d736ee4aa06d2
118
119Len = 504
120Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
121MD = 395dd2989edc854746e384f339f0808c515747be
122
123Len = 13976
124Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
125MD = 1adccf11e5b7ce2a3ddf71e920138c8647ad699c
126
127Len = 48824
128Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
129MD = 2cbc07b9b9c819b8fd38d8a614a8a9c3fa7e40ee
diff --git a/src/lib/libssl/src/test/SHAmix.req b/src/lib/libssl/src/test/SHAmix.req
new file mode 100644
index 0000000000..453fce20ce
--- /dev/null
+++ b/src/lib/libssl/src/test/SHAmix.req
@@ -0,0 +1,99 @@
1[L = 64]
2
3Len = 16
4Msg = 98a1
5
6Len = 104
7Msg = 35a37a46df4ccbadd815942249
8
9Len = 352
10Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
11
12Len = 1016
13Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
14
15Len = 13696
16Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
17
18Len = 100816
19Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
20
21[L = 48]
22
23Len = 16
24Msg = 3a35
25
26Len = 104
27Msg = 7db15b3ee240b45d4610950996
28
29Len = 352
30Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
31
32Len = 1016
33Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
34
35Len = 13696
36Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
37
38Len = 100816
39Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
40
41[L = 32]
42
43Len = 16
44Msg = 43cd
45
46Len = 104
47Msg = 5f75a437ce0698a7d8151c3fe0
48
49Len = 352
50Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
51
52Len = 488
53Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
54
55Len = 13976
56Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
57
58Len = 48824
59Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
60
61[L = 28]
62
63Len = 16
64Msg = 3dd2
65
66Len = 104
67Msg = 3d232201038fe7d846ac1bd4c6
68
69Len = 352
70Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
71
72Len = 504
73Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
74
75Len = 13976
76Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
77
78Len = 48824
79Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
80
81[L = 20]
82
83Len = 16
84Msg = 8a61
85
86Len = 104
87Msg = 37487aa02b03bdbc6bc62e7e26
88
89Len = 352
90Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
91
92Len = 504
93Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
94
95Len = 13976
96Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
97
98Len = 48824
99Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
diff --git a/src/lib/libssl/src/test/maketests.com b/src/lib/libssl/src/test/maketests.com
index dfbfef7b1b..94621a655b 100644
--- a/src/lib/libssl/src/test/maketests.com
+++ b/src/lib/libssl/src/test/maketests.com
@@ -586,7 +586,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'"
586$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS 586$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
587$ CCEXTRAFLAGS = "" 587$ CCEXTRAFLAGS = ""
588$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS 588$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
589$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" 589$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
590$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - 590$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
591 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS 591 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
592$! 592$!
diff --git a/src/lib/libssl/src/test/tverify.com b/src/lib/libssl/src/test/tverify.com
index 2060184d1e..021d701d79 100644
--- a/src/lib/libssl/src/test/tverify.com
+++ b/src/lib/libssl/src/test/tverify.com
@@ -8,22 +8,22 @@ $ copy/concatenate [-.certs]*.pem certs.tmp
8$ 8$
9$ old_f := 9$ old_f :=
10$ loop_certs: 10$ loop_certs:
11$ c := NO 11$ verify := NO
12$ more := YES
12$ certs := 13$ certs :=
13$ loop_certs2: 14$ loop_certs2:
14$ f = f$search("[-.certs]*.pem") 15$ f = f$search("[-.certs]*.pem")
15$ if f .nes. "" .and. f .nes. old_f 16$ if f .nes. "" .and. f .nes. old_f
16$ then 17$ then
17$ certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem" 18$ certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem"
18$ c := YES 19$ verify := YES
19$ if f$length(certs) .lt. 180 then goto loop_certs2 20$ if f$length(certs) .lt. 180 then goto loop_certs2
21$ else
22$ more := NO
20$ endif 23$ endif
21$ certs = certs - " " 24$ certs = certs - " "
22$ 25$
23$ if c 26$ if verify then mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
24$ then 27$ if more then goto loop_certs
25$ mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
26$ goto loop_certs
27$ endif
28$ 28$
29$ delete certs.tmp;* 29$ delete certs.tmp;*
diff --git a/src/lib/libssl/src/tools/Makefile b/src/lib/libssl/src/tools/Makefile
index 52a7970455..d675b5792c 100644
--- a/src/lib/libssl/src/tools/Makefile
+++ b/src/lib/libssl/src/tools/Makefile
@@ -1,5 +1,5 @@
1# 1#
2# SSLeay/tools/Makefile 2# OpenSSL/tools/Makefile
3# 3#
4 4
5DIR= tools 5DIR= tools
diff --git a/src/lib/libssl/src/util/checkhash.pl b/src/lib/libssl/src/util/checkhash.pl
new file mode 100644
index 0000000000..c61fa72178
--- /dev/null
+++ b/src/lib/libssl/src/util/checkhash.pl
@@ -0,0 +1,222 @@
1#!/usr/bin/env perl -w
2
3my $package = caller;
4
5if (!(defined $package))
6 {
7 my $retval = check_hashes(@ARGV);
8 exit $retval;
9 }
10
111;
12
13sub check_hashes
14 {
15
16 my @args = @_;
17
18 my $change_dir = "";
19 my $check_program = "sha/fips_standalone_sha1";
20
21 my $verbose = 0;
22 my $badfiles = 0;
23 my $rebuild = 0;
24 my $force_rewrite = 0;
25 my $hash_file = "fipshashes.c";
26 my $recurse = 0;
27
28 my @fingerprint_files;
29
30 while (@args)
31 {
32 my $arg = $args[0];
33 if ($arg eq "-chdir")
34 {
35 shift @args;
36 $change_dir = shift @args;
37 }
38 elsif ($arg eq "-rebuild")
39 {
40 shift @args;
41 $rebuild = 1;
42 }
43 elsif ($arg eq "-verbose")
44 {
45 shift @args;
46 $verbose = 1;
47 }
48 elsif ($arg eq "-force-rewrite")
49 {
50 shift @args;
51 $force_rewrite = 1;
52 }
53 elsif ($arg eq "-hash_file")
54 {
55 shift @args;
56 $hash_file = shift @args;
57 }
58 elsif ($arg eq "-recurse")
59 {
60 shift @args;
61 $recurse = 1;
62 }
63 elsif ($arg eq "-program_path")
64 {
65 shift @args;
66 $check_program = shift @args;
67 }
68 else
69 {
70 print STDERR "Unknown Option $arg";
71 return 1;
72 }
73
74 }
75
76 chdir $change_dir if $change_dir ne "";
77
78 if ($recurse)
79 {
80 @fingerprint_files = ("fingerprint.sha1",
81 <*/fingerprint.sha1>);
82 }
83 else
84 {
85 push @fingerprint_files, $hash_file;
86 }
87
88 foreach $fp (@fingerprint_files)
89 {
90 if (!open(IN, "$fp"))
91 {
92 print STDERR "Can't open file $fp";
93 return 1;
94 }
95 print STDERR "Opening Fingerprint file $fp\n" if $verbose;
96 my $dir = $fp;
97 $dir =~ s/[^\/]*$//;
98 while (<IN>)
99 {
100 chomp;
101 if (!(($file, $hash) = /^\"HMAC-SHA1\((.*)\)\s*=\s*(\w*)\",$/))
102 {
103 /^\"/ || next;
104 print STDERR "FATAL: Invalid syntax in file $fp\n";
105 print STDERR "Line:\n$_\n";
106 fatal_error();
107 return 1;
108 }
109 if (!$rebuild && length($hash) != 40)
110 {
111 print STDERR "FATAL: Invalid hash length in $fp for file $file\n";
112 fatal_error();
113 return 1;
114 }
115 push @hashed_files, "$dir$file";
116 if (exists $hashes{"$dir$file"})
117 {
118 print STDERR "FATAL: Duplicate Hash file $dir$file\n";
119 fatal_error();
120 return 1;
121 }
122 if (! -r "$dir$file")
123 {
124 print STDERR "FATAL: Can't access $dir$file\n";
125 fatal_error();
126 return 1;
127 }
128 $hashes{"$dir$file"} = $hash;
129 }
130 close IN;
131 }
132
133 @checked_hashes = `$check_program @hashed_files`;
134
135 if ($? != 0)
136 {
137 print STDERR "Error running hash program $check_program\n";
138 fatal_error();
139 return 1;
140 }
141
142 if (@checked_hashes != @hashed_files)
143 {
144 print STDERR "FATAL: hash count incorrect\n";
145 fatal_error();
146 return 1;
147 }
148
149 foreach (@checked_hashes)
150 {
151 chomp;
152 if (!(($file, $hash) = /^HMAC-SHA1\((.*)\)\s*=\s*(\w*)$/))
153 {
154 print STDERR "FATAL: Invalid syntax in file $fp\n";
155 print STDERR "Line:\n$_\n";
156 fatal_error();
157 return 1;
158 }
159 if (length($hash) != 40)
160 {
161 print STDERR "FATAL: Invalid hash length for file $file\n";
162 fatal_error();
163 return 1;
164 }
165 if ($hash ne $hashes{$file})
166 {
167 if ($rebuild)
168 {
169 print STDERR "Updating hash on file $file\n";
170 $hashes{$file} = $hash;
171 }
172 else
173 {
174 print STDERR "Hash check failed for file $file\n";
175 }
176 $badfiles++;
177 }
178 elsif ($verbose)
179 { print "Hash Check OK for $file\n";}
180 }
181
182
183 if ($badfiles && !$rebuild)
184 {
185 print STDERR "FATAL: hash mismatch on $badfiles files\n";
186 fatal_error();
187 return 1;
188 }
189
190 if ($badfiles || $force_rewrite)
191 {
192 print "Updating Hash file $hash_file\n";
193 if (!open(OUT, ">$hash_file"))
194 {
195 print STDERR "Error rewriting $hash_file";
196 return 1;
197 }
198 print OUT "const char * const FIPS_source_hashes[] = {\n";
199 foreach (@hashed_files)
200 {
201 print OUT "\"HMAC-SHA1($_)= $hashes{$_}\",\n";
202 }
203 print OUT "};\n";
204 close OUT;
205 }
206
207 if (!$badfiles)
208 {
209 print "FIPS hash check successful\n";
210 }
211
212 return 0;
213
214 }
215
216
217sub fatal_error
218 {
219 print STDERR "*** Your source code does not match the FIPS validated source ***\n";
220 }
221
222
diff --git a/src/lib/libssl/src/util/fipslink.pl b/src/lib/libssl/src/util/fipslink.pl
new file mode 100644
index 0000000000..a893833c5c
--- /dev/null
+++ b/src/lib/libssl/src/util/fipslink.pl
@@ -0,0 +1,78 @@
1#!/usr/bin/perl
2
3sub check_env
4 {
5 my @ret;
6 foreach (@_)
7 {
8 die "Environment variable $_ not defined!\n" unless exists $ENV{$_};
9 push @ret, $ENV{$_};
10 }
11 return @ret;
12 }
13
14
15my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir, $sha1_exe)
16 = check_env("FIPS_CC", "FIPS_CC_ARGS", "FIPS_LINK", "FIPS_TARGET",
17 "FIPSLIB_D", "FIPS_SHA1_EXE");
18
19
20
21if (exists $ENV{"PREMAIN_DSO_EXE"})
22 {
23 $fips_premain_dso = $ENV{"PREMAIN_DSO_EXE"};
24 }
25 else
26 {
27 $fips_premain_dso = "";
28 }
29
30check_hash($sha1_exe, "fips_premain.c");
31check_hash($sha1_exe, "fipscanister.o");
32
33
34print "Integrity check OK\n";
35
36print "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c\n";
37system "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c";
38die "First stage Compile failure" if $? != 0;
39
40print "$fips_link @ARGV\n";
41system "$fips_link @ARGV";
42die "First stage Link failure" if $? != 0;
43
44
45print "$fips_premain_dso $fips_target\n";
46$fips_hash=`$fips_premain_dso $fips_target`;
47chomp $fips_hash;
48die "Get hash failure" if $? != 0;
49
50
51print "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c\n";
52system "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c";
53die "Second stage Compile failure" if $? != 0;
54
55
56print "$fips_link @ARGV\n";
57system "$fips_link @ARGV";
58die "Second stage Link failure" if $? != 0;
59
60sub check_hash
61 {
62 my ($sha1_exe, $filename) = @_;
63 my ($hashfile, $hashval);
64
65 open(IN, "${fips_libdir}/${filename}.sha1") || die "Cannot open file hash file ${fips_libdir}/${filename}.sha1";
66 $hashfile = <IN>;
67 close IN;
68 $hashval = `$sha1_exe ${fips_libdir}/$filename`;
69 chomp $hashfile;
70 chomp $hashval;
71 $hashfile =~ s/^.*=\s+//;
72 $hashval =~ s/^.*=\s+//;
73 die "Invalid hash syntax in file" if (length($hashfile) != 40);
74 die "Invalid hash received for file" if (length($hashval) != 40);
75 die "***HASH VALUE MISMATCH FOR FILE $filename ***" if ($hashval ne $hashfile);
76 }
77
78
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num
index 56fb7446e0..4222bef6d6 100644
--- a/src/lib/libssl/src/util/libeay.num
+++ b/src/lib/libssl/src/util/libeay.num
@@ -2811,7 +2811,7 @@ EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
2811FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION: 2811FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION:
2812FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION: 2812FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION:
2813EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES 2813EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
2814FIPS_allow_md5 3256 EXIST:OPENSSL_FIPS:FUNCTION: 2814FIPS_allow_md5 3256 NOEXIST::FUNCTION:
2815DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES 2815DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
2816EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES 2816EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
2817FIPS_rand_seeded 3259 EXIST:OPENSSL_FIPS:FUNCTION: 2817FIPS_rand_seeded 3259 EXIST:OPENSSL_FIPS:FUNCTION:
@@ -2837,7 +2837,7 @@ FIPS_dsa_check 3278 EXIST:OPENSSL_FIPS:FUNCTION:
2837AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES 2837AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
2838EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES 2838EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
2839FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION: 2839FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION:
2840FIPS_md5_allowed 3282 EXIST:OPENSSL_FIPS:FUNCTION: 2840FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
2841FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION: 2841FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION:
2842FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION: 2842FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION:
2843sk_is_sorted 3285 EXIST::FUNCTION: 2843sk_is_sorted 3285 EXIST::FUNCTION:
@@ -2867,3 +2867,41 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA
2867PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: 2867PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
2868PROXY_POLICY_free 3308 EXIST::FUNCTION: 2868PROXY_POLICY_free 3308 EXIST::FUNCTION:
2869PROXY_POLICY_new 3309 EXIST::FUNCTION: 2869PROXY_POLICY_new 3309 EXIST::FUNCTION:
2870BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION:
2871FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION:
2872EVP_sha384 3312 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2873EVP_sha512 3313 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2874EVP_sha224 3314 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2875EVP_sha256 3315 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2876FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION:
2877FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION:
2878BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION:
2879RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA
2880RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA
2881RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
2882RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
2883RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
2884PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
2885BN_X931_generate_Xpq 3325 EXIST:OPENSSL_FIPS:FUNCTION:
2886RSA_X931_generate_key 3326 EXIST:OPENSSL_FIPS:FUNCTION:RSA
2887BN_X931_derive_prime 3327 EXIST:OPENSSL_FIPS:FUNCTION:
2888BN_X931_generate_prime 3328 EXIST:OPENSSL_FIPS:FUNCTION:
2889RSA_X931_derive 3329 EXIST:OPENSSL_FIPS:FUNCTION:RSA
2890SHA512_Update 3356 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2891SHA256_Init 3479 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2892SHA224 3510 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2893SHA384_Update 3551 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2894SHA224_Final 3560 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2895SHA224_Update 3562 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2896SHA512_Final 3581 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2897SHA224_Init 3631 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2898SHA512_Init 3633 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2899SHA256 3654 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2900SHA256_Transform 3664 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2901SHA512 3669 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2902SHA512_Transform 3675 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2903SHA256_Final 3712 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
2904SHA384_Init 3737 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2905SHA384_Final 3740 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2906SHA384 3745 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
2907SHA256_Update 3765 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
diff --git a/src/lib/libssl/src/util/mk1mf.pl b/src/lib/libssl/src/util/mk1mf.pl
index 957264c6b5..05a6086164 100644
--- a/src/lib/libssl/src/util/mk1mf.pl
+++ b/src/lib/libssl/src/util/mk1mf.pl
@@ -10,6 +10,20 @@ $OPTIONS="";
10$ssl_version=""; 10$ssl_version="";
11$banner="\t\@echo Building OpenSSL"; 11$banner="\t\@echo Building OpenSSL";
12 12
13local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
14local $zlib_lib = "";
15
16my $fips_canister_path = "";
17my $fips_premain_dso_exe_path = "";
18my $fips_premain_c_path = "";
19my $fips_sha1_exe_path = "";
20
21my $fipslibdir = "";
22my $baseaddr = "";
23
24my $ex_l_libs = "";
25
26
13open(IN,"<Makefile") || die "unable to open Makefile!\n"; 27open(IN,"<Makefile") || die "unable to open Makefile!\n";
14while(<IN>) { 28while(<IN>) {
15 $ssl_version=$1 if (/^VERSION=(.*)$/); 29 $ssl_version=$1 if (/^VERSION=(.*)$/);
@@ -24,6 +38,7 @@ $infile="MINFO";
24 38
25%ops=( 39%ops=(
26 "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", 40 "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X",
41 "VC-WIN32-GMAKE", "Microsoft Visual C++ [4-6] - Windows NT or 9X, GNU make",
27 "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", 42 "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
28 "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", 43 "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY",
29 "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", 44 "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
@@ -43,6 +58,7 @@ $infile="MINFO";
43 ); 58 );
44 59
45$platform=""; 60$platform="";
61my $xcflags="";
46foreach (@ARGV) 62foreach (@ARGV)
47 { 63 {
48 if (!&read_options && !defined($ops{$_})) 64 if (!&read_options && !defined($ops{$_}))
@@ -104,8 +120,12 @@ $inc_def="outinc";
104$tmp_def="tmp"; 120$tmp_def="tmp";
105 121
106$mkdir="-mkdir"; 122$mkdir="-mkdir";
123$mkcanister="ld -r -o";
124
125$ex_build_targets = "";
107 126
108($ssl,$crypto)=("ssl","crypto"); 127($ssl,$crypto)=("ssl","crypto");
128$cryptocompat = "";
109$ranlib="echo ranlib"; 129$ranlib="echo ranlib";
110 130
111$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc'; 131$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
@@ -140,6 +160,10 @@ elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
140 $NT = 1 if $platform eq "VC-NT"; 160 $NT = 1 if $platform eq "VC-NT";
141 require 'VC-32.pl'; 161 require 'VC-32.pl';
142 } 162 }
163elsif ($platform eq "VC-WIN32-GMAKE")
164 {
165 require 'VC-32-GMAKE.pl';
166 }
143elsif ($platform eq "VC-CE") 167elsif ($platform eq "VC-CE")
144 { 168 {
145 require 'VC-CE.pl'; 169 require 'VC-CE.pl';
@@ -210,6 +234,8 @@ $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
210 234
211$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq '')); 235$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
212 236
237$cflags= "$xcflags$cflags" if $xcflags ne "";
238
213$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; 239$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
214$cflags.=" -DOPENSSL_NO_AES" if $no_aes; 240$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
215$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; 241$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
@@ -239,6 +265,9 @@ $cflags.=" -DOPENSSL_NO_HW" if $no_hw;
239$cflags.=" -DOPENSSL_FIPS" if $fips; 265$cflags.=" -DOPENSSL_FIPS" if $fips;
240#$cflags.=" -DRSAref" if $rsaref ne ""; 266#$cflags.=" -DRSAref" if $rsaref ne "";
241 267
268$cflags.= " -DZLIB" if $zlib_opt;
269$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
270
242## if ($unix) 271## if ($unix)
243## { $cflags="$c_flags" if ($c_flags ne ""); } 272## { $cflags="$c_flags" if ($c_flags ne ""); }
244##else 273##else
@@ -246,6 +275,7 @@ $cflags.=" -DOPENSSL_FIPS" if $fips;
246 275
247$ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); 276$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
248 277
278
249%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", 279%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
250 "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); 280 "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
251 281
@@ -262,6 +292,135 @@ $link="$bin_dir$link" if ($link !~ /^\$/);
262 292
263$INSTALLTOP =~ s|/|$o|g; 293$INSTALLTOP =~ s|/|$o|g;
264 294
295#############################################
296# We parse in input file and 'store' info for later printing.
297open(IN,"<$infile") || die "unable to open $infile:$!\n";
298$_=<IN>;
299for (;;)
300 {
301 chop;
302
303 ($key,$val)=/^([^=]+)=(.*)/;
304 if ($key eq "RELATIVE_DIRECTORY")
305 {
306 if ($lib ne "")
307 {
308 if ($fips && $dir =~ /^fips/)
309 {
310 $uc = "FIPS";
311 }
312 else
313 {
314 $uc=$lib;
315 $uc =~ s/^lib(.*)\.a/$1/;
316 $uc =~ tr/a-z/A-Z/;
317 }
318 if (($uc ne "FIPS") || $fips_canister_build)
319 {
320 $lib_nam{$uc}=$uc;
321 $lib_obj{$uc}.=$libobj." ";
322 }
323 }
324 last if ($val eq "FINISHED");
325 $lib="";
326 $libobj="";
327 $dir=$val;
328 }
329
330 if ($key eq "KRB5_INCLUDES")
331 { $cflags .= " $val";}
332
333 if ($key eq "ZLIB_INCLUDE")
334 { $cflags .= " $val" if $val ne "";}
335
336 if ($key eq "LIBZLIB")
337 { $zlib_lib = "$val" if $val ne "";}
338
339 if ($key eq "LIBKRB5")
340 { $ex_libs .= " $val" if $val ne "";}
341
342 if ($key eq "TEST")
343 { $test.=&var_add($dir,$val); }
344
345 if (($key eq "PROGS") || ($key eq "E_OBJ"))
346 { $e_exe.=&var_add($dir,$val); }
347
348 if ($key eq "LIB")
349 {
350 $lib=$val;
351 $lib =~ s/^.*\/([^\/]+)$/$1/;
352 }
353
354 if ($key eq "EXHEADER")
355 { $exheader.=&var_add($dir,$val); }
356
357 if ($key eq "HEADER")
358 { $header.=&var_add($dir,$val); }
359
360 if ($key eq "LIBOBJ")
361 { $libobj=&var_add($dir,$val); }
362
363 if ($key eq "FIPSLIBDIR")
364 { $fipslibdir=$val;}
365
366 if ($key eq "BASEADDR")
367 { $baseaddr=$val;}
368
369 if (!($_=<IN>))
370 { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
371 }
372close(IN);
373
374if ($fips_canister_path eq "")
375 {
376 $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.o";
377 }
378
379if ($fips_premain_c_path eq "")
380 {
381 $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
382 }
383
384if ($fips)
385 {
386 if ($fips_sha1_exe_path eq "")
387 {
388 $fips_sha1_exe_path =
389 "\$(BIN_D)${o}fips_standalone_sha1$exep";
390 }
391 }
392 else
393 {
394 $fips_sha1_exe_path = "";
395 }
396
397if ($fips_premain_dso_exe_path eq "")
398 {
399 $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
400 }
401
402# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
403
404if ($fips)
405 {
406 if (!$shlib)
407 {
408 $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
409 $ex_l_libs .= " \$(O_FIPSCANISTER)";
410 }
411 if ($fipslibdir eq "")
412 {
413 open (IN, "util/fipslib_path.txt") || fipslib_error();
414 $fipslibdir = <IN>;
415 chomp $fipslibdir;
416 close IN;
417 }
418 fips_check_files($fipslibdir,
419 "fipscanister.o", "fipscanister.o.sha1",
420 "fips_premain.c", "fips_premain.c.sha1");
421 }
422
423
265$defs= <<"EOF"; 424$defs= <<"EOF";
266# This makefile has been automatically generated from the OpenSSL distribution. 425# This makefile has been automatically generated from the OpenSSL distribution.
267# This single makefile will build the complete OpenSSL distribution and 426# This single makefile will build the complete OpenSSL distribution and
@@ -286,6 +445,7 @@ if ($platform eq "VC-CE")
286!INCLUDE <\$(WCECOMPAT)/wcedefs.mak> 445!INCLUDE <\$(WCECOMPAT)/wcedefs.mak>
287 446
288EOF 447EOF
448 $ex_libs .= " $zlib_lib" if $zlib_opt == 1;
289 } 449 }
290 450
291$defs.= <<"EOF"; 451$defs.= <<"EOF";
@@ -308,6 +468,8 @@ EX_LIBS=$ex_libs
308SRC_D=$src_dir 468SRC_D=$src_dir
309 469
310LINK=$link 470LINK=$link
471PERL=perl
472FIPSLINK=\$(PERL) util${o}fipslink.pl
311LFLAGS=$lflags 473LFLAGS=$lflags
312 474
313BN_ASM_OBJ=$bn_asm_obj 475BN_ASM_OBJ=$bn_asm_obj
@@ -339,6 +501,9 @@ TMP_D=$tmp_dir
339INC_D=$inc_dir 501INC_D=$inc_dir
340INCO_D=$inc_dir${o}openssl 502INCO_D=$inc_dir${o}openssl
341 503
504# Directory containing FIPS module
505
506
342CP=$cp 507CP=$cp
343RM=$rm 508RM=$rm
344RANLIB=$ranlib 509RANLIB=$ranlib
@@ -346,6 +511,18 @@ MKDIR=$mkdir
346MKLIB=$bin_dir$mklib 511MKLIB=$bin_dir$mklib
347MLFLAGS=$mlflags 512MLFLAGS=$mlflags
348ASM=$bin_dir$asm 513ASM=$bin_dir$asm
514MKCANISTER=$mkcanister
515
516# FIPS validated module and support file locations
517
518E_PREMAIN_DSO=fips_premain_dso
519
520FIPSLIB_D=$fipslibdir
521BASEADDR=$baseaddr
522FIPS_PREMAIN_SRC=$fips_premain_c_path
523O_FIPSCANISTER=$fips_canister_path
524FIPS_SHA1_EXE=$fips_sha1_exe_path
525PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
349 526
350###################################################### 527######################################################
351# You should not need to touch anything below this point 528# You should not need to touch anything below this point
@@ -377,7 +554,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
377L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp 554L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
378L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp 555L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
379 556
380L_LIBS= \$(L_SSL) \$(L_CRYPTO) 557L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
381 558
382###################################################### 559######################################################
383# Don't touch anything below this point 560# Don't touch anything below this point
@@ -387,13 +564,13 @@ INC=-I\$(INC_D) -I\$(INCL_D)
387APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) 564APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
388LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) 565LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
389SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) 566SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
390LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) 567LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep
391 568
392############################################# 569#############################################
393EOF 570EOF
394 571
395$rules=<<"EOF"; 572$rules=<<"EOF";
396all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe 573all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets
397 574
398banner: 575banner:
399$banner 576$banner
@@ -479,57 +656,6 @@ printf OUT " #define DATE \"%s\"\n", scalar gmtime();
479printf OUT "#endif\n"; 656printf OUT "#endif\n";
480close(OUT); 657close(OUT);
481 658
482#############################################
483# We parse in input file and 'store' info for later printing.
484open(IN,"<$infile") || die "unable to open $infile:$!\n";
485$_=<IN>;
486for (;;)
487 {
488 chop;
489
490 ($key,$val)=/^([^=]+)=(.*)/;
491 if ($key eq "RELATIVE_DIRECTORY")
492 {
493 if ($lib ne "")
494 {
495 $uc=$lib;
496 $uc =~ s/^lib(.*)\.a/$1/;
497 $uc =~ tr/a-z/A-Z/;
498 $lib_nam{$uc}=$uc;
499 $lib_obj{$uc}.=$libobj." ";
500 }
501 last if ($val eq "FINISHED");
502 $lib="";
503 $libobj="";
504 $dir=$val;
505 }
506
507 if ($key eq "TEST")
508 { $test.=&var_add($dir,$val); }
509
510 if (($key eq "PROGS") || ($key eq "E_OBJ"))
511 { $e_exe.=&var_add($dir,$val); }
512
513 if ($key eq "LIB")
514 {
515 $lib=$val;
516 $lib =~ s/^.*\/([^\/]+)$/$1/;
517 }
518
519 if ($key eq "EXHEADER")
520 { $exheader.=&var_add($dir,$val); }
521
522 if ($key eq "HEADER")
523 { $header.=&var_add($dir,$val); }
524
525 if ($key eq "LIBOBJ")
526 { $libobj=&var_add($dir,$val); }
527
528 if (!($_=<IN>))
529 { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
530 }
531close(IN);
532
533# Strip of trailing ' ' 659# Strip of trailing ' '
534foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); } 660foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
535$test=&clean_up_ws($test); 661$test=&clean_up_ws($test);
@@ -554,6 +680,29 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
554$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); 680$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
555$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); 681$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
556 682
683# Special case rules for fips_start and fips_end fips_premain_dso
684
685if ($fips)
686 {
687 if ($fips_canister_build)
688 {
689 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
690 "fips-1.0${o}fips_canister.c",
691 "-DFIPS_START \$(SHLIB_CFLAGS)");
692 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
693 "fips-1.0${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
694 }
695 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
696 "fips-1.0${o}sha${o}fips_standalone_sha1.c",
697 "\$(SHLIB_CFLAGS)");
698 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_sha1dgst$obj",
699 "fips-1.0${o}sha${o}fips_sha1dgst.c",
700 "\$(SHLIB_CFLAGS)") unless $fips_canister_build;
701 $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
702 "fips-1.0${o}fips_premain.c",
703 "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)");
704 }
705
557foreach (values %lib_nam) 706foreach (values %lib_nam)
558 { 707 {
559 $lib_obj=$lib_obj{$_}; 708 $lib_obj=$lib_obj{$_};
@@ -630,16 +779,42 @@ foreach (split(/\s+/,$test))
630 } 779 }
631 780
632$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); 781$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
633$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); 782
634 783
635if ($fips) 784if ($fips)
636 { 785 {
637 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)","\$(BIN_D)$o.sha1","\$(BIN_D)$o\$(E_EXE)$exep"); 786 if ($shlib)
787 {
788 $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
789 "\$(O_CRYPTO)",
790 "$crypto",
791 $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
792 }
793 else
794 {
795 $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
796 "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
797 $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
798 "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
799 }
638 } 800 }
639else 801 else
640 { 802 {
641 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); 803 $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
804 "\$(SO_CRYPTO)");
642 } 805 }
806
807
808if ($fips)
809 {
810 $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", "\$(OBJ_D)${o}fips_start$obj \$(FIPSOBJ) \$(OBJ_D)${o}fips_end$obj", "\$(FIPSLIB_D)${o}fips_standalone_sha1$exep", "") if $fips_canister_build;
811 $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
812
813 $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}fips_sha1dgst$obj","","", 1);
814 }
815
816 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)",0);
817
643print $defs; 818print $defs;
644 819
645if ($platform eq "linux-elf") { 820if ($platform eq "linux-elf") {
@@ -935,6 +1110,24 @@ sub read_options
935 elsif (/^shlib$/) { $shlib=1; } 1110 elsif (/^shlib$/) { $shlib=1; }
936 elsif (/^dll$/) { $shlib=1; } 1111 elsif (/^dll$/) { $shlib=1; }
937 elsif (/^shared$/) { } # We just need to ignore it for now... 1112 elsif (/^shared$/) { } # We just need to ignore it for now...
1113 elsif (/^zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
1114 elsif (/^zlib-dynamic$/){ $zlib_opt = 2; }
1115 elsif (/^--with-krb5-flavor=(.*)$/)
1116 {
1117 my $krb5_flavor = $1;
1118 if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
1119 {
1120 $xcflags="-DKRB5_HEIMDAL $xcflags";
1121 }
1122 elsif ($krb5_flavor =~ /^MIT/i)
1123 {
1124 $xcflags="-DKRB5_MIT $xcflags";
1125 if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
1126 {
1127 $xcflags="-DKRB5_MIT_OLD11 $xcflags"
1128 }
1129 }
1130 }
938 elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; } 1131 elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
939 elsif (/^-[lL].*$/) { $l_flags.="$_ "; } 1132 elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
940 elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/) 1133 elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
@@ -942,3 +1135,31 @@ sub read_options
942 else { return(0); } 1135 else { return(0); }
943 return(1); 1136 return(1);
944 } 1137 }
1138
1139sub fipslib_error
1140 {
1141 print STDERR "***FIPS module directory sanity check failed***\n";
1142 print STDERR "FIPS module build failed, or was deleted\n";
1143 print STDERR "Please rebuild FIPS module.\n";
1144 exit 1;
1145 }
1146
1147sub fips_check_files
1148 {
1149 my $dir = shift @_;
1150 my $ret = 1;
1151 if (!-d $dir)
1152 {
1153 print STDERR "FIPS module directory $dir does not exist\n";
1154 fipslib_error();
1155 }
1156 foreach (@_)
1157 {
1158 if (!-f "$dir${o}$_")
1159 {
1160 print STDERR "FIPS module file $_ does not exist!\n";
1161 $ret = 0;
1162 }
1163 }
1164 fipslib_error() if ($ret == 0);
1165 }
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl
index 9918c3d549..6c1e53bb14 100644
--- a/src/lib/libssl/src/util/mkdef.pl
+++ b/src/lib/libssl/src/util/mkdef.pl
@@ -83,7 +83,7 @@ my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); 83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", 84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", 85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
86 "RIPEMD", 86 "SHA256", "SHA512", "RIPEMD",
87 "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES", 87 "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES",
88 # Envelope "algorithms" 88 # Envelope "algorithms"
89 "EVP", "X509", "ASN1_TYPEDEFS", 89 "EVP", "X509", "ASN1_TYPEDEFS",
@@ -267,7 +267,7 @@ $crypto.=" crypto/ocsp/ocsp.h";
267$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; 267$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
268$crypto.=" crypto/krb5/krb5_asn.h"; 268$crypto.=" crypto/krb5/krb5_asn.h";
269$crypto.=" crypto/tmdiff.h"; 269$crypto.=" crypto/tmdiff.h";
270$crypto.=" fips/fips.h fips/rand/fips_rand.h"; 270$crypto.=" fips-1.0/fips.h fips-1.0/rand/fips_rand.h fips-1.0/sha/fips_sha.h";
271 271
272my $symhacks="crypto/symhacks.h"; 272my $symhacks="crypto/symhacks.h";
273 273
@@ -864,6 +864,9 @@ sub do_defs
864 $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); 864 $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
865 $a .= ",RSA" if($s =~ /RSAPrivateKey/); 865 $a .= ",RSA" if($s =~ /RSAPrivateKey/);
866 $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/); 866 $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
867 # SHA2 algorithms only defined in FIPS mode for
868 # OpenSSL 0.9.7
869 $p .= "OPENSSL_FIPS" if($s =~ /SHA[235]/);
867 870
868 $platform{$s} = 871 $platform{$s} =
869 &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p); 872 &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
@@ -1011,7 +1014,7 @@ sub is_valid
1011{ 1014{
1012 my ($keywords_txt,$platforms) = @_; 1015 my ($keywords_txt,$platforms) = @_;
1013 my (@keywords) = split /,/,$keywords_txt; 1016 my (@keywords) = split /,/,$keywords_txt;
1014 my ($falsesum, $truesum) = (0, !grep(/^[^!]/,@keywords)); 1017 my ($falsesum, $truesum) = (0, 1);
1015 1018
1016 # Param: one keyword 1019 # Param: one keyword
1017 sub recognise 1020 sub recognise
@@ -1079,7 +1082,7 @@ sub is_valid
1079 if ($k =~ /^!(.*)$/) { 1082 if ($k =~ /^!(.*)$/) {
1080 $falsesum += &recognise($1,$platforms); 1083 $falsesum += &recognise($1,$platforms);
1081 } else { 1084 } else {
1082 $truesum += &recognise($k,$platforms); 1085 $truesum *= &recognise($k,$platforms);
1083 } 1086 }
1084 } 1087 }
1085 print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug; 1088 print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
diff --git a/src/lib/libssl/src/util/mkerr.pl b/src/lib/libssl/src/util/mkerr.pl
index 60e534807e..9678514604 100644
--- a/src/lib/libssl/src/util/mkerr.pl
+++ b/src/lib/libssl/src/util/mkerr.pl
@@ -9,6 +9,9 @@ my $reindex = 0;
9my $dowrite = 0; 9my $dowrite = 0;
10my $staticloader = ""; 10my $staticloader = "";
11 11
12my $pack_errcode;
13my $load_errcode;
14
12while (@ARGV) { 15while (@ARGV) {
13 my $arg = $ARGV[0]; 16 my $arg = $ARGV[0];
14 if($arg eq "-conf") { 17 if($arg eq "-conf") {
@@ -41,8 +44,8 @@ while (@ARGV) {
41} 44}
42 45
43if($recurse) { 46if($recurse) {
44 @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <fips/*.c>, 47 @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <fips-1.0/*.c>,
45 <fips/*/*.c>); 48 <fips-1.0/*/*.c>);
46} else { 49} else {
47 @source = @ARGV; 50 @source = @ARGV;
48} 51}
@@ -399,6 +402,20 @@ EOF
399 $hincf = "\"$hfile\""; 402 $hincf = "\"$hfile\"";
400 } 403 }
401 404
405 # If static we know the error code at compile time so use it
406 # in error definitions.
407
408 if ($static)
409 {
410 $pack_errcode = "ERR_LIB_${lib}";
411 $load_errcode = "0";
412 }
413 else
414 {
415 $pack_errcode = "0";
416 $load_errcode = "ERR_LIB_${lib}";
417 }
418
402 419
403 open (OUT,">$cfile") || die "Can't open $cfile for writing"; 420 open (OUT,">$cfile") || die "Can't open $cfile for writing";
404 421
@@ -469,6 +486,10 @@ EOF
469 486
470/* BEGIN ERROR CODES */ 487/* BEGIN ERROR CODES */
471#ifndef OPENSSL_NO_ERR 488#ifndef OPENSSL_NO_ERR
489
490#define ERR_FUNC(func) ERR_PACK($pack_errcode,func,0)
491#define ERR_REASON(reason) ERR_PACK($pack_errcode,0,reason)
492
472static ERR_STRING_DATA ${lib}_str_functs[]= 493static ERR_STRING_DATA ${lib}_str_functs[]=
473 { 494 {
474EOF 495EOF
@@ -480,7 +501,8 @@ EOF
480 if(exists $ftrans{$fn}) { 501 if(exists $ftrans{$fn}) {
481 $fn = $ftrans{$fn}; 502 $fn = $ftrans{$fn};
482 } 503 }
483 print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n"; 504# print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
505 print OUT "{ERR_FUNC($i),\t\"$fn\"},\n";
484 } 506 }
485 print OUT <<"EOF"; 507 print OUT <<"EOF";
486{0,NULL} 508{0,NULL}
@@ -492,6 +514,7 @@ EOF
492 # Add each reason code. 514 # Add each reason code.
493 foreach $i (@reasons) { 515 foreach $i (@reasons) {
494 my $rn; 516 my $rn;
517 my $rstr = "ERR_REASON($i)";
495 my $nspc = 0; 518 my $nspc = 0;
496 if (exists $err_reason_strings{$i}) { 519 if (exists $err_reason_strings{$i}) {
497 $rn = $err_reason_strings{$i}; 520 $rn = $err_reason_strings{$i};
@@ -500,9 +523,9 @@ EOF
500 $rn = $1; 523 $rn = $1;
501 $rn =~ tr/_[A-Z]/ [a-z]/; 524 $rn =~ tr/_[A-Z]/ [a-z]/;
502 } 525 }
503 $nspc = 40 - length($i) unless length($i) > 40; 526 $nspc = 40 - length($rstr) unless length($rstr) > 40;
504 $nspc = " " x $nspc; 527 $nspc = " " x $nspc;
505 print OUT "{${i}${nspc},\"$rn\"},\n"; 528 print OUT "{${rstr}${nspc},\"$rn\"},\n";
506 } 529 }
507if($static) { 530if($static) {
508 print OUT <<"EOF"; 531 print OUT <<"EOF";
@@ -519,8 +542,8 @@ ${staticloader}void ERR_load_${lib}_strings(void)
519 { 542 {
520 init=0; 543 init=0;
521#ifndef OPENSSL_NO_ERR 544#ifndef OPENSSL_NO_ERR
522 ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs); 545 ERR_load_strings($load_errcode,${lib}_str_functs);
523 ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons); 546 ERR_load_strings($load_errcode,${lib}_str_reasons);
524#endif 547#endif
525 548
526 } 549 }
diff --git a/src/lib/libssl/src/util/mkfiles.pl b/src/lib/libssl/src/util/mkfiles.pl
index 928a274303..bc78510f56 100644
--- a/src/lib/libssl/src/util/mkfiles.pl
+++ b/src/lib/libssl/src/util/mkfiles.pl
@@ -51,14 +51,15 @@ my @dirs = (
51"crypto/ocsp", 51"crypto/ocsp",
52"crypto/ui", 52"crypto/ui",
53"crypto/krb5", 53"crypto/krb5",
54"fips", 54"fips-1.0",
55"fips/aes", 55"fips-1.0/aes",
56"fips/des", 56"fips-1.0/des",
57"fips/dsa", 57"fips-1.0/dsa",
58"fips/dh", 58"fips-1.0/dh",
59"fips/rand", 59"fips-1.0/hmac",
60"fips/rsa", 60"fips-1.0/rand",
61"fips/sha1", 61"fips-1.0/rsa",
62"fips-1.0/sha",
62"ssl", 63"ssl",
63"apps", 64"apps",
64"test", 65"test",
diff --git a/src/lib/libssl/src/util/mklink.pl b/src/lib/libssl/src/util/mklink.pl
index c8653cecc3..182732d959 100644
--- a/src/lib/libssl/src/util/mklink.pl
+++ b/src/lib/libssl/src/util/mklink.pl
@@ -14,13 +14,16 @@
14# not contain symbolic links and that the parent of / is never referenced. 14# not contain symbolic links and that the parent of / is never referenced.
15# Apart from this, this script should be able to handle even the most 15# Apart from this, this script should be able to handle even the most
16# pathological cases. 16# pathological cases.
17#
18
19use Cwd;
17 20
18my $from = shift; 21my $from = shift;
19my @files = @ARGV; 22my @files = @ARGV;
20 23
21my @from_path = split(/[\\\/]/, $from); 24my @from_path = split(/[\\\/]/, $from);
22my $pwd = `pwd`; 25my $pwd = getcwd();
23chop($pwd); 26chomp($pwd);
24my @pwd_path = split(/[\\\/]/, $pwd); 27my @pwd_path = split(/[\\\/]/, $pwd);
25 28
26my @to_path = (); 29my @to_path = ();
diff --git a/src/lib/libssl/src/util/pl/BC-32.pl b/src/lib/libssl/src/util/pl/BC-32.pl
index 897ae9d824..28869c868d 100644
--- a/src/lib/libssl/src/util/pl/BC-32.pl
+++ b/src/lib/libssl/src/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $out_def="out32";
18$tmp_def="tmp32"; 18$tmp_def="tmp32";
19$inc_def="inc32"; 19$inc_def="inc32";
20#enable max error messages, disable most common warnings 20#enable max error messages, disable most common warnings
21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp "; 21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ";
22if ($debug) 22if ($debug)
23{ 23{
24 $cflags.="-Od -y -v -vi- -D_DEBUG"; 24 $cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -51,7 +51,7 @@ $lfile='';
51$shlib_ex_obj=""; 51$shlib_ex_obj="";
52$app_ex_obj="c0x32.obj"; 52$app_ex_obj="c0x32.obj";
53 53
54$asm='nasmw -f obj'; 54$asm='nasmw -f obj -d__omf__';
55$asm.=" /Zi" if $debug; 55$asm.=" /Zi" if $debug;
56$afile='-o'; 56$afile='-o';
57 57
@@ -106,9 +106,13 @@ sub do_lib_rule
106 $ret.="$target: $objs\n"; 106 $ret.="$target: $objs\n";
107 if (!$shlib) 107 if (!$shlib)
108 { 108 {
109 # $ret.="\t\$(RM) \$(O_$Name)\n"; 109 $ret.=<<___;
110 $ret.="\techo LIB $<\n"; 110 -\$(RM) $lfile$target
111 $ret.="\t&\$(MKLIB) $lfile$target -+\$**\n"; 111 \$(MKLIB) $lfile$target \@&&!
112+\$(**: = &^
113+)
114!
115___
112 } 116 }
113 else 117 else
114 { 118 {
diff --git a/src/lib/libssl/src/util/pl/OS2-EMX.pl b/src/lib/libssl/src/util/pl/OS2-EMX.pl
index 75d72ebbcb..8dbeaa7a08 100644
--- a/src/lib/libssl/src/util/pl/OS2-EMX.pl
+++ b/src/lib/libssl/src/util/pl/OS2-EMX.pl
@@ -68,6 +68,7 @@ if (!$no_asm && !$fips)
68 $sha1_asm_src="crypto/sha/asm/s1-os2.asm"; 68 $sha1_asm_src="crypto/sha/asm/s1-os2.asm";
69 $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj"; 69 $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
70 $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm"; 70 $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
71 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
71 } 72 }
72 73
73if ($shlib) 74if ($shlib)
diff --git a/src/lib/libssl/src/util/pl/VC-32-GMAKE.pl b/src/lib/libssl/src/util/pl/VC-32-GMAKE.pl
new file mode 100644
index 0000000000..b5bbcac6c2
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/VC-32-GMAKE.pl
@@ -0,0 +1,222 @@
1#!/usr/local/bin/perl
2# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
3#
4
5
6if ($fips && !$shlib)
7 {
8 $crypto="libeayfips32";
9 $crypto_compat = "libeaycompat32.lib";
10 }
11else
12 {
13 $crypto="libeay32";
14 }
15$ssl= "ssleay32";
16
17$o='/';
18#$cp='copy nul+'; # Timestamps get stuffed otherwise
19#$rm='del';
20
21$cp='cp';
22$rm='rm';
23
24$zlib_lib="zlib1.lib";
25
26# C compiler stuff
27$cc='cl';
28$cflags=' -MD -W3 -WX -Ox -O2 -Ob2 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
29$cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
30$cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
31$lflags="-nologo -subsystem:console -machine:I386 -opt:ref";
32$mlflags='';
33
34$out_def="gmout32";
35$tmp_def="gmtmp32";
36$inc_def="gminc32";
37
38if ($debug)
39 {
40 $cflags=" -MDd -W3 -WX -Zi -Yd -Od -nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
41 $lflags.=" -debug";
42 $mlflags.=' -debug';
43 }
44$cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1;
45
46$obj='.obj';
47$ofile="-Fo";
48
49# EXE linking stuff
50$link="link";
51$efile="-out:";
52$exep='.exe';
53if ($no_sock)
54 { $ex_libs=""; }
55else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
56
57# static library stuff
58$mklib='lib';
59$ranlib='';
60$plib="";
61$libp=".lib";
62$shlibp=($shlib)?".dll":".lib";
63$lfile='-out:';
64
65$shlib_ex_obj="";
66$app_ex_obj="setargv.obj";
67if ($nasm) {
68 $asm='nasmw -f win32';
69 $afile='-o ';
70} else {
71 $asm='ml -Cp -coff -c -Cx';
72 $asm.=" -Zi" if $debug;
73 $afile='-Fo';
74}
75
76$bn_asm_obj='';
77$bn_asm_src='';
78$des_enc_obj='';
79$des_enc_src='';
80$bf_enc_obj='';
81$bf_enc_src='';
82
83if (!$no_asm && !$fips)
84 {
85 $bn_asm_obj='crypto/bn/asm/bn_win32.obj';
86 $bn_asm_src='crypto/bn/asm/bn_win32.asm';
87 $des_enc_obj='crypto/des/asm/d_win32.obj crypto/des/asm/y_win32.obj';
88 $des_enc_src='crypto/des/asm/d_win32.asm crypto/des/asm/y_win32.asm';
89 $bf_enc_obj='crypto/bf/asm/b_win32.obj';
90 $bf_enc_src='crypto/bf/asm/b_win32.asm';
91 $cast_enc_obj='crypto/cast/asm/c_win32.obj';
92 $cast_enc_src='crypto/cast/asm/c_win32.asm';
93 $rc4_enc_obj='crypto/rc4/asm/r4_win32.obj';
94 $rc4_enc_src='crypto/rc4/asm/r4_win32.asm';
95 $rc5_enc_obj='crypto/rc5/asm/r5_win32.obj';
96 $rc5_enc_src='crypto/rc5/asm/r5_win32.asm';
97 $md5_asm_obj='crypto/md5/asm/m5_win32.obj';
98 $md5_asm_src='crypto/md5/asm/m5_win32.asm';
99 $sha1_asm_obj='crypto/sha/asm/s1_win32.obj';
100 $sha1_asm_src='crypto/sha/asm/s1_win32.asm';
101 $rmd160_asm_obj='crypto/ripemd/asm/rm_win32.obj';
102 $rmd160_asm_src='crypto/ripemd/asm/rm_win32.asm';
103 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
104 }
105
106if ($shlib)
107 {
108 $mlflags.=" $lflags -dll";
109# $cflags =~ s| -MD| -MT|;
110 $lib_cflag=" -D_WINDLL";
111 $out_def="gmout32dll";
112 $tmp_def="gmtmp32dll";
113 }
114
115$cflags.=" -Fd$out_def";
116
117sub do_lib_rule
118 {
119 local($objs,$target,$name,$shlib,$ign,$base_addr, $fips_get_sig, $fips_premain_src)=@_;
120 local($ret,$Name);
121
122 $taget =~ s/\//$o/g if $o ne '/';
123 ($Name=$name) =~ tr/a-z/A-Z/;
124 my $base_arg;
125 if ($base_addr ne "")
126 {
127 $base_arg= " -base:$base_addr";
128 }
129 else
130 {
131 $base_arg = "";
132 }
133
134
135# $target="\$(LIB_D)$o$target";
136 if (!$shlib)
137 {
138# $ret.="\t\$(RM) \$(O_$Name)\n";
139 $ret.="$target: $objs\n";
140 $ex =' advapi32.lib';
141 $ret.="\t\$(MKLIB) $lfile$target $objs $ex\n\n";
142 }
143 else
144 {
145 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
146 $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
147 $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
148 if (defined $fips_get_sig)
149 {
150 $ret.="$target: \$(O_FIPSCANISTER) $objs $fips_get_sig\n";
151 $ret.="\tFIPS_LINK=\$(LINK) ";
152 $ret.="FIPS_CC=\$(CC) ";
153 $ret.="FIPS_CC_ARGS=\"-Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\" ";
154 $ret.="FIPS_PREMAIN_DSO=$fips_get_sig ";
155 $ret.="FIPS_TARGET=$target ";
156 $ret.="FIPS_LIBDIR=\$(FIPSLIB_D) ";
157 $ret.="\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target ";
158 $ret.="-def:ms/${Name}.def \$(SHLIB_EX_OBJ) $objs ";
159 $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n\n";
160 }
161 else
162 {
163 $ret.="$target: $objs\n";
164 $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def \$(SHLIB_EX_OBJ) $objs $ex\n\n";
165 }
166 }
167 $ret.="\n";
168 return($ret);
169 }
170
171sub do_link_rule
172 {
173 local($target,$files,$dep_libs,$libs,$standalone)=@_;
174 local($ret,$_);
175 $file =~ s/\//$o/g if $o ne '/';
176 $n=&bname($targer);
177 if ($standalone)
178 {
179 $ret.="$target: $files $dep_libs\n";
180 $ret.="\t\$(LINK) \$(LFLAGS) $efile$target ";
181 $ret.="$files $libs\n\n";
182 }
183 elsif ($fips && !$shlib)
184 {
185 $ret.="$target: \$(O_FIPSCANISTER) $files $dep_libs\n";
186 $ret.="\tFIPS_LINK=\$(LINK) ";
187 $ret.="FIPS_CC=\$(CC) ";
188 $ret.="FIPS_CC_ARGS=\"-Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\" ";
189 $ret.="FIPS_PREMAIN_DSO= ";
190 $ret.="FIPS_TARGET=$target ";
191 $ret.="FIPS_LIBDIR=\$(FIPSLIB_D) ";
192 $ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target ";
193 $ret.="\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n\n";
194 }
195 else
196 {
197 $ret.="$target: $files $dep_libs\n";
198 $ret.="\t\$(LINK) \$(LFLAGS) $efile$target ";
199 $ret.="\$(APP_EX_OBJ) $files $libs\n\n";
200 }
201 $ret.="\n";
202 return($ret);
203 }
204
205sub do_rlink_rule
206 {
207 local($target,$files,$check_hash, $deps)=@_;
208 local($ret,$_);
209
210 $file =~ s/\//$o/g if $o ne '/';
211 $n=&bname($targer);
212 $ret.="$target: $check_hash $files $deps\n";
213 $ret.="\t\$(PERL) util${o}checkhash.pl -chdir fips-1.0 -program_path ..$o$check_hash\n";
214 $ret.="\t\$(MKCANISTER) $target $files\n";
215 $ret.="\t$check_hash $target > $target.sha1\n";
216 $ret.="\t\$(CP) fips-1.0${o}fips_premain.c \$(FIPSLIB_D)\n";
217 $ret.="\t$check_hash \$(FIPSLIB_D)${o}fips_premain.c > \$(FIPSLIB_D)${o}fips_premain.c.sha1\n\n";
218 return($ret);
219 }
220
221
2221;
diff --git a/src/lib/libssl/src/util/pl/VC-32.pl b/src/lib/libssl/src/util/pl/VC-32.pl
index cf689b9feb..4e97dfa9af 100644
--- a/src/lib/libssl/src/util/pl/VC-32.pl
+++ b/src/lib/libssl/src/util/pl/VC-32.pl
@@ -3,15 +3,28 @@
3# 3#
4 4
5$ssl= "ssleay32"; 5$ssl= "ssleay32";
6$crypto="libeay32"; 6
7if ($fips && !$shlib)
8 {
9 $crypto="libeayfips32";
10 $crypto_compat = "libeaycompat32.lib";
11 }
12else
13 {
14 $crypto="libeay32";
15 }
7 16
8$o='\\'; 17$o='\\';
9$cp='copy nul+'; # Timestamps get stuffed otherwise 18$cp='copy nul+'; # Timestamps get stuffed otherwise
10$rm='del'; 19$rm='del';
11 20
21$zlib_lib="zlib1.lib";
22
12# C compiler stuff 23# C compiler stuff
13$cc='cl'; 24$cc='cl';
14$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; 25$cflags=' /MD /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
26$cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
27$cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
15$lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; 28$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
16$mlflags=''; 29$mlflags='';
17 30
@@ -100,25 +113,56 @@ $cflags.=" /Fd$out_def";
100 113
101sub do_lib_rule 114sub do_lib_rule
102 { 115 {
103 local($objs,$target,$name,$shlib)=@_; 116 local($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
104 local($ret,$Name); 117 local($ret,$Name);
105 118
106 $taget =~ s/\//$o/g if $o ne '/'; 119 $taget =~ s/\//$o/g if $o ne '/';
107 ($Name=$name) =~ tr/a-z/A-Z/; 120 ($Name=$name) =~ tr/a-z/A-Z/;
121 my $base_arg;
122 if ($base_addr ne "")
123 {
124 $base_arg= " /base:$base_addr";
125 }
126 else
127 {
128 $base_arg = "";
129 }
130
108 131
109# $target="\$(LIB_D)$o$target"; 132# $target="\$(LIB_D)$o$target";
110 $ret.="$target: $objs\n";
111 if (!$shlib) 133 if (!$shlib)
112 { 134 {
113# $ret.="\t\$(RM) \$(O_$Name)\n"; 135# $ret.="\t\$(RM) \$(O_$Name)\n";
136 $ret.="$target: $objs\n";
114 $ex =' advapi32.lib'; 137 $ex =' advapi32.lib';
138 $ex.=" \$(FIPSLIB_D)${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/;
115 $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; 139 $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n";
116 } 140 }
117 else 141 else
118 { 142 {
119 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; 143 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
120 $ex.=' wsock32.lib gdi32.lib advapi32.lib'; 144 $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
121 $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; 145 $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
146 if ($fips && $target =~ /O_CRYPTO/)
147 {
148 $ex.=" \$(FIPSLIB_D)${o}_chkstk.o";
149 $ret.="$target: $objs \$(PREMAIN_DSO_EXE)\n";
150 $ret.="\tSET FIPS_LINK=\$(LINK)\n";
151 $ret.="\tSET FIPS_CC=\$(CC)\n";
152 $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
153 $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
154 $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
155 $ret.="\tSET FIPS_TARGET=$target\n";
156 $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
157 $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target ";
158 $ret.="/def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs ";
159 $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
160 }
161 else
162 {
163 $ret.="$target: $objs\n";
164 $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
165 }
122 } 166 }
123 $ret.="\n"; 167 $ret.="\n";
124 return($ret); 168 return($ret);
@@ -126,20 +170,51 @@ sub do_lib_rule
126 170
127sub do_link_rule 171sub do_link_rule
128 { 172 {
129 local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; 173 local($target,$files,$dep_libs,$libs,$standalone)=@_;
130 local($ret,$_); 174 local($ret,$_);
131
132 $file =~ s/\//$o/g if $o ne '/'; 175 $file =~ s/\//$o/g if $o ne '/';
133 $n=&bname($targer); 176 $n=&bname($targer);
134 $ret.="$target: $files $dep_libs\n"; 177 $ret.="$target: $files $dep_libs\n";
135 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n"; 178 if ($standalone)
136 $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; 179 {
137 if (defined $sha1file) 180 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
181 $ret.="\$(FIPSLIB_D)${o}_chkstk.o " if ($files =~ /O_FIPSCANISTER/);
182 $ret.="$files $libs\n<<\n";
183 }
184 elsif ($fips && !$shlib)
138 { 185 {
139 $ret.=" $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; 186 $ret.="\tSET FIPS_LINK=\$(LINK)\n";
187 $ret.="\tSET FIPS_CC=\$(CC)\n";
188 $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
189 $ret.="\tSET PREMAIN_DSO_EXE=\n";
190 $ret.="\tSET FIPS_TARGET=$target\n";
191 $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
192 $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
193 $ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target @<<\n";
194 $ret.=" \$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
140 } 195 }
196 else
197 {
198 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n";
199 $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n";
200 }
201 $ret.="\n";
202 return($ret);
203 }
204
205sub do_rlink_rule
206 {
207 local($target,$files,$dep_libs,$libs)=@_;
208 local($ret,$_);
209
210 $file =~ s/\//$o/g if $o ne '/';
211 $n=&bname($targer);
212 $ret.="$target: $files $dep_libs\n";
213 $ret.=" \$(MKCANISTER) $target <<\n";
214 $ret.="INPUT($files)\n<<\n";
141 $ret.="\n"; 215 $ret.="\n";
142 return($ret); 216 return($ret);
143 } 217 }
144 218
219
1451; 2201;
diff --git a/src/lib/libssl/src/util/pod2man.pl b/src/lib/libssl/src/util/pod2man.pl
index 657e4e264e..546d1ec186 100644
--- a/src/lib/libssl/src/util/pod2man.pl
+++ b/src/lib/libssl/src/util/pod2man.pl
@@ -425,6 +425,7 @@ if ($name ne 'something') {
425 } 425 }
426 next if /^=cut\b/; # DB_File and Net::Ping have =cut before NAME 426 next if /^=cut\b/; # DB_File and Net::Ping have =cut before NAME
427 next if /^=pod\b/; # It is OK to have =pod before NAME 427 next if /^=pod\b/; # It is OK to have =pod before NAME
428 next if /^=for\s+comment\b/; # It is OK to have =for comment before NAME
428 die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax; 429 die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
429 } 430 }
430 die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax; 431 die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
diff --git a/src/lib/libssl/src/util/selftest.pl b/src/lib/libssl/src/util/selftest.pl
index e9d5aa8938..4778c5ab01 100644
--- a/src/lib/libssl/src/util/selftest.pl
+++ b/src/lib/libssl/src/util/selftest.pl
@@ -49,7 +49,7 @@ if (open(IN,"<Makefile")) {
49} 49}
50 50
51$cversion=`$cc -v 2>&1`; 51$cversion=`$cc -v 2>&1`;
52$cversion=`$cc -V 2>&1` if $cversion =~ "usage"; 52$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage";
53$cversion=`$cc -V |head -1` if $cversion =~ "Error"; 53$cversion=`$cc -V |head -1` if $cversion =~ "Error";
54$cversion=`$cc --version` if $cversion eq ""; 54$cversion=`$cc --version` if $cversion eq "";
55$cversion =~ s/Reading specs.*\n//; 55$cversion =~ s/Reading specs.*\n//;
@@ -130,15 +130,21 @@ if (system("make 2>&1 | tee make.log") > 255) {
130 goto err; 130 goto err;
131} 131}
132 132
133$_=$options; 133# Not sure why this is here. The tests themselves can detect if their
134s/no-asm//; 134# particular feature isn't included, and should therefore skip themselves.
135s/no-shared//; 135# To skip *all* tests just because one algorithm isn't included is like
136s/no-krb5//; 136# shooting mosquito with an elephant gun...
137if (/no-/) 137# -- Richard Levitte, inspired by problem report 1089
138{ 138#
139 print OUT "Test skipped.\n"; 139#$_=$options;
140 goto err; 140#s/no-asm//;
141} 141#s/no-shared//;
142#s/no-krb5//;
143#if (/no-/)
144#{
145# print OUT "Test skipped.\n";
146# goto err;
147#}
142 148
143print "Running make test...\n"; 149print "Running make test...\n";
144if (system("make test 2>&1 | tee maketest.log") > 255) 150if (system("make test 2>&1 | tee maketest.log") > 255)
diff --git a/src/lib/libssl/test/Makefile b/src/lib/libssl/test/Makefile
index 6aeedf7fa3..189d14ed49 100644
--- a/src/lib/libssl/test/Makefile
+++ b/src/lib/libssl/test/Makefile
@@ -39,7 +39,7 @@ EXPTEST= exptest
39IDEATEST= ideatest 39IDEATEST= ideatest
40SHATEST= shatest 40SHATEST= shatest
41SHA1TEST= sha1test 41SHA1TEST= sha1test
42FIPS_SHA1TEST= fips_sha1test 42FIPS_SHATEST= fips_shatest
43MDC2TEST= mdc2test 43MDC2TEST= mdc2test
44RMDTEST= rmdtest 44RMDTEST= rmdtest
45MD2TEST= md2test 45MD2TEST= md2test
@@ -64,32 +64,47 @@ RSATEST= rsa_test
64ENGINETEST= enginetest 64ENGINETEST= enginetest
65EVPTEST= evp_test 65EVPTEST= evp_test
66FIPS_AESTEST= fips_aesavs 66FIPS_AESTEST= fips_aesavs
67FIPS_HMACTEST= fips_hmactest
68FIPS_RSAVTEST= fips_rsavtest
69FIPS_RSASTEST= fips_rsastest
70FIPS_RSAGTEST= fips_rsagtest
71FIPS_DSSVS= fips_dssvs
72FIPS_RNGVS= fips_rngvs
73FIPS_TEST_SUITE=fips_test_suite
67 74
68TESTS= alltests 75TESTS= alltests
69 76
70EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) \ 77EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) \
71 $(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \ 78 $(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
72 $(DESTEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(FIPS_SHA1TEST)$(EXE_EXT) $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ 79 $(DESTEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(FIPS_SHATEST)$(EXE_EXT) $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
73 $(RANDTEST)$(EXE_EXT) $(FIPS_RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ 80 $(RANDTEST)$(EXE_EXT) $(FIPS_RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
74 $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ 81 $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
75 $(EVPTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) 82 $(EVPTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) \
83 $(FIPS_HMACTEST)$(EXE_EXT) $(FIPS_RSAVTEST)$(EXE_EXT) \
84 $(FIPS_RSASTEST)$(EXE_EXT) $(FIPS_RSAGTEST)$(EXE_EXT) \
85 $(FIPS_DSSVS)$(EXE_EXT) $(FIPS_RNGVS)$(EXE_EXT) \
86 $(FIPS_TEST_SUITE)$(EXE_EXT)
76 87
77# $(METHTEST)$(EXE_EXT) 88# $(METHTEST)$(EXE_EXT)
78 89
79OBJ= $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \ 90OBJ= $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
80 $(HMACTEST).o \ 91 $(HMACTEST).o \
81 $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \ 92 $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
82 $(DESTEST).o $(FIPS_DESTEST).o $(SHATEST).o $(SHA1TEST).o $(FIPS_SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \ 93 $(DESTEST).o $(FIPS_DESTEST).o $(SHATEST).o $(SHA1TEST).o $(FIPS_SHATEST).o $(MDC2TEST).o $(RMDTEST).o \
83 $(RANDTEST).o $(FIPS_RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ 94 $(RANDTEST).o $(FIPS_RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
84 $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(FIPS_DSATEST).o $(EXPTEST).o $(RSATEST).o \ 95 $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(FIPS_DSATEST).o $(EXPTEST).o $(RSATEST).o \
85 $(EVPTEST).o $(FIPS_AESTEST).o 96 $(EVPTEST).o $(FIPS_AESTEST).o $(FIPS_HMACTEST).o $(FIPS_RSAVTEST).o \
97 $(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o $(FIPS_DSSVS).o $(FIPS_RNGVS).o \
98 $(FIPS_TEST_SUITE).o
86SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ 99SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
87 $(HMACTEST).c \ 100 $(HMACTEST).c \
88 $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \ 101 $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
89 $(DESTEST).c $(FIPS_DESTEST).c $(SHATEST).c $(SHA1TEST).c $(FIPS_SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \ 102 $(DESTEST).c $(FIPS_DESTEST).c $(SHATEST).c $(SHA1TEST).c $(FIPS_SHATEST).c $(MDC2TEST).c $(RMDTEST).c \
90 $(RANDTEST).c $(FIPS_RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ 103 $(RANDTEST).c $(FIPS_RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
91 $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(FIPS_DSATEST).c $(EXPTEST).c $(RSATEST).c \ 104 $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(FIPS_DSATEST).c $(EXPTEST).c $(RSATEST).c \
92 $(EVPTEST).c $(FIPS_AESTEST).c 105 $(EVPTEST).c $(FIPS_AESTEST).c $(FIPS_HMACTEST).c $(FIPS_RSAVTEST).c \
106 $(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c $(FIPS_DSSVS).c $(FIPS_RNGVS).c \
107 $(FIPS_TEST_SUITE).c
93 108
94EXHEADER= 109EXHEADER=
95HEADER= $(EXHEADER) 110HEADER= $(EXHEADER)
@@ -153,7 +168,7 @@ test_sha:
153 ../util/shlib_wrap.sh ./$(SHATEST) 168 ../util/shlib_wrap.sh ./$(SHATEST)
154 ../util/shlib_wrap.sh ./$(SHA1TEST) 169 ../util/shlib_wrap.sh ./$(SHA1TEST)
155 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ 170 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
156 ../util/shlib_wrap.sh ./$(FIPS_SHA1TEST) sha1vectors.txt | sed s/Strings/Hashes/ | cmp sha1hashes.txt - ; \ 171 ../util/shlib_wrap.sh ./$(FIPS_SHATEST) < SHAmix.req | diff -w SHAmix.fax - ; \
157 fi 172 fi
158 173
159test_mdc2: 174test_mdc2:
@@ -311,20 +326,43 @@ $(DLIBSSL):
311$(DLIBCRYPTO): 326$(DLIBCRYPTO):
312 (cd ..; $(MAKE) DIRS=crypto all) 327 (cd ..; $(MAKE) DIRS=crypto all)
313 328
314BUILD_CMD=if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ 329BUILD_CMD=SHARED_LIBS="$(SHARED_LIBS)"; \
330 if [ "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
331 SHARED_LIBS=""; \
332 fi; \
333 if [ -z "$$SHARED_LIBS" ]; then \
315 set -x; $${CC:-$(CC)} -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ 334 set -x; $${CC:-$(CC)} -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
316 elif [ -z "$(SHARED_LIBS)" ]; then \ 335 else set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
317 set -x; $${CC:-$(CC)} -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
318 else \
319 set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
320 $(CC) -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ 336 $(CC) -o $$target$(EXE_EXT) $(CFLAGS) $$target.o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
321 fi; 337 fi
338
339FIPS_BUILD_CMD=if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
340 FIPSLD_CC=$(CC); CC=$(TOP)/fips-1.0/fipsld; export CC FIPSLD_CC; \
341 fi; $(BUILD_CMD)
322 342
323$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO) 343$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO)
324 @target=$(FIPS_AESTEST); $(BUILD_CMD) 344 @target=$(FIPS_AESTEST); $(FIPS_BUILD_CMD)
325 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ 345
326 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_AESTEST); \ 346$(FIPS_HMACTEST)$(EXE_EXT): $(FIPS_HMACTEST).o $(DLIBCRYPTO)
327 fi 347 @target=$(FIPS_HMACTEST); $(FIPS_BUILD_CMD)
348
349$(FIPS_RSAVTEST)$(EXE_EXT): $(FIPS_RSAVTEST).o $(DLIBCRYPTO)
350 @target=$(FIPS_RSAVTEST); $(FIPS_BUILD_CMD)
351
352$(FIPS_RSASTEST)$(EXE_EXT): $(FIPS_RSASTEST).o $(DLIBCRYPTO)
353 @target=$(FIPS_RSASTEST); $(FIPS_BUILD_CMD)
354
355$(FIPS_RSAGTEST)$(EXE_EXT): $(FIPS_RSAGTEST).o $(DLIBCRYPTO)
356 @target=$(FIPS_RSAGTEST); $(FIPS_BUILD_CMD)
357
358$(FIPS_DSSVS)$(EXE_EXT): $(FIPS_DSSVS).o $(DLIBCRYPTO)
359 @target=$(FIPS_DSSVS); $(FIPS_BUILD_CMD)
360
361$(FIPS_RNGVS)$(EXE_EXT): $(FIPS_RNGVS).o $(DLIBCRYPTO)
362 @target=$(FIPS_RNGVS); $(FIPS_BUILD_CMD)
363
364$(FIPS_TEST_SUITE)$(EXE_EXT): $(FIPS_TEST_SUITE).o $(DLIBCRYPTO)
365 @target=$(FIPS_TEST_SUITE); $(FIPS_BUILD_CMD)
328 366
329$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) 367$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
330 @target=$(RSATEST); $(BUILD_CMD) 368 @target=$(RSATEST); $(BUILD_CMD)
@@ -350,11 +388,8 @@ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
350$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) 388$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
351 @target=$(SHA1TEST); $(BUILD_CMD) 389 @target=$(SHA1TEST); $(BUILD_CMD)
352 390
353$(FIPS_SHA1TEST)$(EXE_EXT): $(FIPS_SHA1TEST).o $(DLIBCRYPTO) 391$(FIPS_SHATEST)$(EXE_EXT): $(FIPS_SHATEST).o $(DLIBCRYPTO)
354 @target=$(FIPS_SHA1TEST); $(BUILD_CMD) 392 @target=$(FIPS_SHATEST); $(FIPS_BUILD_CMD)
355 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
356 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_SHA1TEST); \
357 fi
358 393
359$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) 394$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
360 @target=$(RMDTEST); $(BUILD_CMD) 395 @target=$(RMDTEST); $(BUILD_CMD)
@@ -390,19 +425,13 @@ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
390 @target=$(DESTEST); $(BUILD_CMD) 425 @target=$(DESTEST); $(BUILD_CMD)
391 426
392$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO) 427$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO)
393 @target=$(FIPS_DESTEST); $(BUILD_CMD) 428 @target=$(FIPS_DESTEST); $(FIPS_BUILD_CMD)
394 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
395 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_DESTEST); \
396 fi
397 429
398$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) 430$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
399 @target=$(RANDTEST); $(BUILD_CMD) 431 @target=$(RANDTEST); $(BUILD_CMD)
400 432
401$(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO) 433$(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO)
402 @target=$(FIPS_RANDTEST); $(BUILD_CMD) 434 @target=$(FIPS_RANDTEST); $(FIPS_BUILD_CMD)
403 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
404 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_RANDTEST); \
405 fi
406 435
407$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) 436$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
408 @target=$(DHTEST); $(BUILD_CMD) 437 @target=$(DHTEST); $(BUILD_CMD)
@@ -411,19 +440,13 @@ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
411 @target=$(DSATEST); $(BUILD_CMD) 440 @target=$(DSATEST); $(BUILD_CMD)
412 441
413$(FIPS_DSATEST)$(EXE_EXT): $(FIPS_DSATEST).o $(DLIBCRYPTO) 442$(FIPS_DSATEST)$(EXE_EXT): $(FIPS_DSATEST).o $(DLIBCRYPTO)
414 @target=$(FIPS_DSATEST); $(BUILD_CMD) 443 @target=$(FIPS_DSATEST); $(FIPS_BUILD_CMD)
415 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
416 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(FIPS_DSATEST); \
417 fi
418 444
419$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) 445$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
420 @target=$(METHTEST); $(BUILD_CMD) 446 @target=$(METHTEST); $(BUILD_CMD)
421 447
422$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) 448$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
423 @target=$(SSLTEST); $(BUILD_CMD) 449 @target=$(SSLTEST); $(FIPS_BUILD_CMD)
424 if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
425 TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(SSLTEST); \
426 fi
427 450
428$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) 451$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
429 @target=$(ENGINETEST); $(BUILD_CMD) 452 @target=$(ENGINETEST); $(BUILD_CMD)
@@ -587,6 +610,29 @@ fips_dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
587fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h 610fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
588fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h 611fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
589fips_dsatest.o: fips_dsatest.c 612fips_dsatest.o: fips_dsatest.c
613fips_dssvs.o: ../include/openssl/opensslconf.h fips_dssvs.c
614fips_hmactest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
615fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
616fips_hmactest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
617fips_hmactest.o: ../include/openssl/cast.h ../include/openssl/conf.h
618fips_hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h
619fips_hmactest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
620fips_hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
621fips_hmactest.o: ../include/openssl/err.h ../include/openssl/evp.h
622fips_hmactest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
623fips_hmactest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
624fips_hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
625fips_hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
626fips_hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
627fips_hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
628fips_hmactest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
629fips_hmactest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
630fips_hmactest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
631fips_hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
632fips_hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
633fips_hmactest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
634fips_hmactest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
635fips_hmactest.o: ../include/openssl/x509v3.h fips_hmactest.c
590fips_randtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h 636fips_randtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
591fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h 637fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h
592fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h 638fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
@@ -596,13 +642,117 @@ fips_randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
596fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h 642fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
597fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h 643fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
598fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c 644fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c
599fips_sha1test.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h 645fips_rngvs.o: ../include/openssl/opensslconf.h fips_rngvs.c
600fips_sha1test.o: ../include/openssl/e_os2.h ../include/openssl/err.h 646fips_rsagtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
601fips_sha1test.o: ../include/openssl/fips.h ../include/openssl/lhash.h 647fips_rsagtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
602fips_sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h 648fips_rsagtest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
603fips_sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h 649fips_rsagtest.o: ../include/openssl/cast.h ../include/openssl/conf.h
604fips_sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h 650fips_rsagtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
605fips_sha1test.o: fips_sha1test.c 651fips_rsagtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
652fips_rsagtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
653fips_rsagtest.o: ../include/openssl/err.h ../include/openssl/evp.h
654fips_rsagtest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
655fips_rsagtest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
656fips_rsagtest.o: ../include/openssl/md4.h ../include/openssl/md5.h
657fips_rsagtest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
658fips_rsagtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
659fips_rsagtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
660fips_rsagtest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
661fips_rsagtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
662fips_rsagtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
663fips_rsagtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
664fips_rsagtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
665fips_rsagtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
666fips_rsagtest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
667fips_rsagtest.o: ../include/openssl/x509v3.h fips_rsagtest.c
668fips_rsastest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
669fips_rsastest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
670fips_rsastest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
671fips_rsastest.o: ../include/openssl/cast.h ../include/openssl/conf.h
672fips_rsastest.o: ../include/openssl/crypto.h ../include/openssl/des.h
673fips_rsastest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
674fips_rsastest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
675fips_rsastest.o: ../include/openssl/err.h ../include/openssl/evp.h
676fips_rsastest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
677fips_rsastest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
678fips_rsastest.o: ../include/openssl/md4.h ../include/openssl/md5.h
679fips_rsastest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
680fips_rsastest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
681fips_rsastest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
682fips_rsastest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
683fips_rsastest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
684fips_rsastest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
685fips_rsastest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
686fips_rsastest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
687fips_rsastest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
688fips_rsastest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
689fips_rsastest.o: ../include/openssl/x509v3.h fips_rsastest.c
690fips_rsavtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
691fips_rsavtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
692fips_rsavtest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
693fips_rsavtest.o: ../include/openssl/cast.h ../include/openssl/conf.h
694fips_rsavtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
695fips_rsavtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
696fips_rsavtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
697fips_rsavtest.o: ../include/openssl/err.h ../include/openssl/evp.h
698fips_rsavtest.o: ../include/openssl/hmac.h ../include/openssl/idea.h
699fips_rsavtest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
700fips_rsavtest.o: ../include/openssl/md4.h ../include/openssl/md5.h
701fips_rsavtest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
702fips_rsavtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
703fips_rsavtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
704fips_rsavtest.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
705fips_rsavtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
706fips_rsavtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
707fips_rsavtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
708fips_rsavtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
709fips_rsavtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
710fips_rsavtest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
711fips_rsavtest.o: ../include/openssl/x509v3.h fips_rsavtest.c
712fips_shatest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
713fips_shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
714fips_shatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
715fips_shatest.o: ../include/openssl/cast.h ../include/openssl/conf.h
716fips_shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
717fips_shatest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
718fips_shatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
719fips_shatest.o: ../include/openssl/err.h ../include/openssl/evp.h
720fips_shatest.o: ../include/openssl/idea.h ../include/openssl/lhash.h
721fips_shatest.o: ../include/openssl/md2.h ../include/openssl/md4.h
722fips_shatest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
723fips_shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
724fips_shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
725fips_shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
726fips_shatest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
727fips_shatest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
728fips_shatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
729fips_shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
730fips_shatest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
731fips_shatest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
732fips_shatest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
733fips_shatest.o: fips_shatest.c
734fips_test_suite.o: ../include/openssl/aes.h ../include/openssl/asn1.h
735fips_test_suite.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
736fips_test_suite.o: ../include/openssl/bn.h ../include/openssl/cast.h
737fips_test_suite.o: ../include/openssl/crypto.h ../include/openssl/des.h
738fips_test_suite.o: ../include/openssl/des_old.h ../include/openssl/dh.h
739fips_test_suite.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
740fips_test_suite.o: ../include/openssl/err.h ../include/openssl/evp.h
741fips_test_suite.o: ../include/openssl/fips.h ../include/openssl/fips_sha.h
742fips_test_suite.o: ../include/openssl/hmac.h ../include/openssl/idea.h
743fips_test_suite.o: ../include/openssl/lhash.h ../include/openssl/md2.h
744fips_test_suite.o: ../include/openssl/md4.h ../include/openssl/md5.h
745fips_test_suite.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
746fips_test_suite.o: ../include/openssl/objects.h
747fips_test_suite.o: ../include/openssl/opensslconf.h
748fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
749fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rc2.h
750fips_test_suite.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
751fips_test_suite.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
752fips_test_suite.o: ../include/openssl/safestack.h ../include/openssl/sha.h
753fips_test_suite.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
754fips_test_suite.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
755fips_test_suite.o: fips_test_suite.c
606hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h 756hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
607hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h 757hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
608hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h 758hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h
diff --git a/src/lib/libssl/test/SHAmix.fax b/src/lib/libssl/test/SHAmix.fax
new file mode 100644
index 0000000000..83bcb14126
--- /dev/null
+++ b/src/lib/libssl/test/SHAmix.fax
@@ -0,0 +1,129 @@
1[L = 64]
2
3Len = 16
4Msg = 98a1
5MD = 74d78642f70ca830bec75fc60a585917e388cfa4cd1d23daab1c4d9ff1010cac3e67275df64db5a6a7c7d0fda24f1fc3eb272678a7c8becff6743ee812129078
6
7Len = 104
8Msg = 35a37a46df4ccbadd815942249
9MD = 6f5589ea195e745654885d50de687d7fe682affc8da1fb09e681540525f04ecb93022361a27759b9e272c883564223c5e4ecafeb0daaf1abce6caa4bd4153379
10
11Len = 352
12Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
13MD = 66a16799d606c569d2fcd70d7d8321ec90ef61711481aaf7d747744ebfd08ec2e7aead49429af7b4ceec6d8e147ed018e034efbe07982699e818db5fc4b1d71a
14
15Len = 1016
16Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
17MD = 790bc4844e9aeef8938df0ccda17890556a4151817111a526a88919cfb172f0b03c216080c1b60210eb1942097f17b6d0691bf5b018b6d959198d6a694b922c9
18
19Len = 13696
20Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
21MD = a86e07bcd19080d4a83e1384bd8189f60a7dd7a6998406ade0bf03f805375bd823c7656dd51cd9d63e542f8ade41f16d73794d60d0906424133778156ee54b95
22
23Len = 100816
24Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
25MD = be3cfa6c965b2ee4e6fb0236665b0b95f66c8da8b338375b7393672283b0e50b96112d7cb76fffaa6db8ea4a7687fc6234dc1ee52e764d69ba8ac40c0f51beba
26
27[L = 48]
28
29Len = 16
30Msg = 3a35
31MD = 87bea682792f6bb4977fe1b92e0cc7017413dd263732c3604f0ebd63c2817ce5ddc5d78c0137f614a06e72ab1cab2f4c
32
33Len = 104
34Msg = 7db15b3ee240b45d4610950996
35MD = 7311a6356ab38a690c0b3a1581c3e7b6de418996c05e79849891b061c51d53dffc0fff2b8ad1c1eff165aee5ef6e18ff
36
37Len = 352
38Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
39MD = adb1778360ec659e90609e74b6af219a01a024f216b68aa944841429ed5b03b139444b8b848f73fd5f350ef02d46b6ce
40
41Len = 1016
42Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
43MD = 0cbec7be7299f48f043c3d1aacf833b4258c32190a21a8ac2471666b4a51b63cc77fff6e081aaf5ef21b1b7523d65763
44
45Len = 13696
46Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
47MD = 70e1259106fc7a7c6be11d95fb673bfaf0074e342fdaefb458faf4619e7f0edbd68d509b9ca7243d2e5e039d42ee3b47
48
49Len = 100816
50Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
51MD = b70acba01bd715f542859a4224d035eb177fe7b34d5447e099acd1716ba6d00f515bd02021b5b3015d736b04687544de
52
53[L = 32]
54
55Len = 16
56Msg = 43cd
57MD = 7c5f9ed821a021ef1850dd4e0b179a656fbe27b104463720f467db32bbfab5a4
58
59Len = 104
60Msg = 5f75a437ce0698a7d8151c3fe0
61MD = 774782a9c3023dcef8b2cb83f7994324e3cca35323419b3914a9b6bc3ace5ce1
62
63Len = 352
64Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
65MD = f114f1a390bfc30f34652751f3a38e8bdc9597625e363689459b80082eb34009
66
67Len = 488
68Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
69MD = 7d00fe393c308eadb8c0a4f771d409e17c9a796e63b45fc8e84c0cb2bdb62532
70
71Len = 13976
72Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
73MD = 6e5905b22cb95e48b73c5a885f5463f554d81257bd26301c4393d57fff1c8323
74
75Len = 48824
76Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
77MD = d7c901f0d92a868dced7e2659e90121108611dd7781325fc57e5c336c2279510
78
79[L = 28]
80
81Len = 16
82Msg = 3dd2
83MD = b7399529fe614af98f9ecd73e45790406883cb22e3bdcdf28fadd033
84
85Len = 104
86Msg = 3d232201038fe7d846ac1bd4c6
87MD = d0aee5482c509540a4ea4b902bf42fc8df3af6de42fb14e903d1b2e4
88
89Len = 352
90Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
91MD = 56c22e6066cd4c4d6415c5a225257e7f888b317ba4e98eadb72b4be0
92
93Len = 504
94Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
95MD = 33a84e66cf1ce6970c35807db25e05ca05809e53d4e34cda9bfc0045
96
97Len = 13976
98Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
99MD = 60700d4ef068822d0fe6df450b4aa8e206b2790d6dcf973229a59889
100
101Len = 48824
102Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
103MD = 85747c796a910421ecb364b4b4f0e68b49e9217944f6586eac4993ec
104
105[L = 20]
106
107Len = 16
108Msg = 8a61
109MD = 60bdeabf39efdf21ba9c0f94af6552d2ffe699e1
110
111Len = 104
112Msg = 37487aa02b03bdbc6bc62e7e26
113MD = f146072f92dc4a551721a10bf0b01564cc2b43df
114
115Len = 352
116Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
117MD = b0a2d6033cf1d8ff120a605b745d736ee4aa06d2
118
119Len = 504
120Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
121MD = 395dd2989edc854746e384f339f0808c515747be
122
123Len = 13976
124Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
125MD = 1adccf11e5b7ce2a3ddf71e920138c8647ad699c
126
127Len = 48824
128Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
129MD = 2cbc07b9b9c819b8fd38d8a614a8a9c3fa7e40ee
diff --git a/src/lib/libssl/test/SHAmix.req b/src/lib/libssl/test/SHAmix.req
new file mode 100644
index 0000000000..453fce20ce
--- /dev/null
+++ b/src/lib/libssl/test/SHAmix.req
@@ -0,0 +1,99 @@
1[L = 64]
2
3Len = 16
4Msg = 98a1
5
6Len = 104
7Msg = 35a37a46df4ccbadd815942249
8
9Len = 352
10Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
11
12Len = 1016
13Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
14
15Len = 13696
16Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
17
18Len = 100816
19Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
20
21[L = 48]
22
23Len = 16
24Msg = 3a35
25
26Len = 104
27Msg = 7db15b3ee240b45d4610950996
28
29Len = 352
30Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
31
32Len = 1016
33Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
34
35Len = 13696
36Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
37
38Len = 100816
39Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
40
41[L = 32]
42
43Len = 16
44Msg = 43cd
45
46Len = 104
47Msg = 5f75a437ce0698a7d8151c3fe0
48
49Len = 352
50Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
51
52Len = 488
53Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
54
55Len = 13976
56Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
57
58Len = 48824
59Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
60
61[L = 28]
62
63Len = 16
64Msg = 3dd2
65
66Len = 104
67Msg = 3d232201038fe7d846ac1bd4c6
68
69Len = 352
70Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
71
72Len = 504
73Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
74
75Len = 13976
76Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
77
78Len = 48824
79Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
80
81[L = 20]
82
83Len = 16
84Msg = 8a61
85
86Len = 104
87Msg = 37487aa02b03bdbc6bc62e7e26
88
89Len = 352
90Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
91
92Len = 504
93Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
94
95Len = 13976
96Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
97
98Len = 48824
99Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
diff --git a/src/lib/libssl/test/maketests.com b/src/lib/libssl/test/maketests.com
index dfbfef7b1b..94621a655b 100644
--- a/src/lib/libssl/test/maketests.com
+++ b/src/lib/libssl/test/maketests.com
@@ -586,7 +586,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'"
586$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS 586$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
587$ CCEXTRAFLAGS = "" 587$ CCEXTRAFLAGS = ""
588$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS 588$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
589$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" 589$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
590$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - 590$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
591 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS 591 CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
592$! 592$!
diff --git a/src/lib/libssl/test/tverify.com b/src/lib/libssl/test/tverify.com
index 2060184d1e..021d701d79 100644
--- a/src/lib/libssl/test/tverify.com
+++ b/src/lib/libssl/test/tverify.com
@@ -8,22 +8,22 @@ $ copy/concatenate [-.certs]*.pem certs.tmp
8$ 8$
9$ old_f := 9$ old_f :=
10$ loop_certs: 10$ loop_certs:
11$ c := NO 11$ verify := NO
12$ more := YES
12$ certs := 13$ certs :=
13$ loop_certs2: 14$ loop_certs2:
14$ f = f$search("[-.certs]*.pem") 15$ f = f$search("[-.certs]*.pem")
15$ if f .nes. "" .and. f .nes. old_f 16$ if f .nes. "" .and. f .nes. old_f
16$ then 17$ then
17$ certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem" 18$ certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem"
18$ c := YES 19$ verify := YES
19$ if f$length(certs) .lt. 180 then goto loop_certs2 20$ if f$length(certs) .lt. 180 then goto loop_certs2
21$ else
22$ more := NO
20$ endif 23$ endif
21$ certs = certs - " " 24$ certs = certs - " "
22$ 25$
23$ if c 26$ if verify then mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
24$ then 27$ if more then goto loop_certs
25$ mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
26$ goto loop_certs
27$ endif
28$ 28$
29$ delete certs.tmp;* 29$ delete certs.tmp;*
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 00:38:34 +0000