summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto')
-rw-r--r--src/lib/libcrypto/LPdir_nyi.c42
-rw-r--r--src/lib/libcrypto/LPdir_unix.c127
-rw-r--r--src/lib/libcrypto/LPdir_vms.c199
-rw-r--r--src/lib/libcrypto/LPdir_win.c155
-rw-r--r--src/lib/libcrypto/LPdir_win32.c30
-rw-r--r--src/lib/libcrypto/LPdir_wince.c31
-rw-r--r--src/lib/libcrypto/bio/bio_lcl.h28
-rw-r--r--src/lib/libcrypto/camellia/Makefile103
-rw-r--r--src/lib/libcrypto/cms/Makefile183
-rw-r--r--src/lib/libcrypto/ecdh/Makefile111
-rw-r--r--src/lib/libcrypto/ecdh/ecdhtest.c368
-rw-r--r--src/lib/libcrypto/ecdh/ech_ossl.c213
-rw-r--r--src/lib/libcrypto/ecdsa/Makefile125
-rw-r--r--src/lib/libcrypto/ecdsa/ecdsatest.c500
-rw-r--r--src/lib/libcrypto/evp/e_seed.c83
-rw-r--r--src/lib/libcrypto/o_dir.c83
-rw-r--r--src/lib/libcrypto/o_dir.h53
-rw-r--r--src/lib/libcrypto/o_dir_test.c70
-rw-r--r--src/lib/libcrypto/pqueue/Makefile84
-rw-r--r--src/lib/libcrypto/pqueue/pq_test.c95
-rw-r--r--src/lib/libcrypto/pqueue/pqueue.c236
-rw-r--r--src/lib/libcrypto/pqueue/pqueue.h95
-rw-r--r--src/lib/libcrypto/rand/rand_nw.c183
-rw-r--r--src/lib/libcrypto/seed/Makefile87
-rw-r--r--src/lib/libcrypto/seed/seed.c286
-rw-r--r--src/lib/libcrypto/seed/seed.h135
-rw-r--r--src/lib/libcrypto/seed/seed_cbc.c129
-rw-r--r--src/lib/libcrypto/seed/seed_cfb.c144
-rw-r--r--src/lib/libcrypto/seed/seed_ecb.c60
-rw-r--r--src/lib/libcrypto/seed/seed_locl.h116
-rw-r--r--src/lib/libcrypto/seed/seed_ofb.c128
-rw-r--r--src/lib/libcrypto/sha/sha256t.c147
-rw-r--r--src/lib/libcrypto/sha/sha512t.c184
-rw-r--r--src/lib/libcrypto/store/Makefile112
-rw-r--r--src/lib/libcrypto/store/README95
-rw-r--r--src/lib/libcrypto/store/store.h554
-rw-r--r--src/lib/libcrypto/store/str_err.c211
-rw-r--r--src/lib/libcrypto/store/str_lib.c1824
-rw-r--r--src/lib/libcrypto/store/str_locl.h124
-rw-r--r--src/lib/libcrypto/store/str_mem.c357
-rw-r--r--src/lib/libcrypto/store/str_meth.c250
-rw-r--r--src/lib/libcrypto/threads/netware.bat79
-rw-r--r--src/lib/libcrypto/util/copy.pl59
-rw-r--r--src/lib/libcrypto/util/extract-section.pl12
-rw-r--r--src/lib/libcrypto/util/pl/netware.pl526
-rw-r--r--src/lib/libcrypto/x509v3/v3_addr.c1280
-rw-r--r--src/lib/libcrypto/x509v3/v3_asid.c842
47 files changed, 10938 insertions, 0 deletions
diff --git a/src/lib/libcrypto/LPdir_nyi.c b/src/lib/libcrypto/LPdir_nyi.c
new file mode 100644
index 0000000000..6c1a50e6a8
--- /dev/null
+++ b/src/lib/libcrypto/LPdir_nyi.c
@@ -0,0 +1,42 @@
1/* $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $ */
2/*
3 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28#ifndef LPDIR_H
29#include "LPdir.h"
30#endif
31
32struct LP_dir_context_st { void *dummy; };
33const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
34 {
35 errno = EINVAL;
36 return 0;
37 }
38int LP_find_file_end(LP_DIR_CTX **ctx)
39 {
40 errno = EINVAL;
41 return 0;
42 }
diff --git a/src/lib/libcrypto/LPdir_unix.c b/src/lib/libcrypto/LPdir_unix.c
new file mode 100644
index 0000000000..b004cd99e8
--- /dev/null
+++ b/src/lib/libcrypto/LPdir_unix.c
@@ -0,0 +1,127 @@
1/* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp $ */
2/*
3 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#include <stddef.h>
29#include <stdlib.h>
30#include <limits.h>
31#include <string.h>
32#include <sys/types.h>
33#include <dirent.h>
34#include <errno.h>
35#ifndef LPDIR_H
36#include "LPdir.h"
37#endif
38
39/* The POSIXly macro for the maximum number of characters in a file path
40 is NAME_MAX. However, some operating systems use PATH_MAX instead.
41 Therefore, it seems natural to first check for PATH_MAX and use that,
42 and if it doesn't exist, use NAME_MAX. */
43#if defined(PATH_MAX)
44# define LP_ENTRY_SIZE PATH_MAX
45#elif defined(NAME_MAX)
46# define LP_ENTRY_SIZE NAME_MAX
47#endif
48
49/* Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
50 exist. It's also possible that NAME_MAX exists but is define to a
51 very small value (HP-UX offers 14), so we need to check if we got a
52 result, and if it meets a minimum standard, and create or change it
53 if not. */
54#if !defined(LP_ENTRY_SIZE) || LP_ENTRY_SIZE<255
55# undef LP_ENTRY_SIZE
56# define LP_ENTRY_SIZE 255
57#endif
58
59struct LP_dir_context_st
60{
61 DIR *dir;
62 char entry_name[LP_ENTRY_SIZE+1];
63};
64
65const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
66{
67 struct dirent *direntry = NULL;
68
69 if (ctx == NULL || directory == NULL)
70 {
71 errno = EINVAL;
72 return 0;
73 }
74
75 errno = 0;
76 if (*ctx == NULL)
77 {
78 *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
79 if (*ctx == NULL)
80 {
81 errno = ENOMEM;
82 return 0;
83 }
84 memset(*ctx, '\0', sizeof(LP_DIR_CTX));
85
86 (*ctx)->dir = opendir(directory);
87 if ((*ctx)->dir == NULL)
88 {
89 int save_errno = errno; /* Probably not needed, but I'm paranoid */
90 free(*ctx);
91 *ctx = NULL;
92 errno = save_errno;
93 return 0;
94 }
95 }
96
97 direntry = readdir((*ctx)->dir);
98 if (direntry == NULL)
99 {
100 return 0;
101 }
102
103 strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name) - 1);
104 (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
105 return (*ctx)->entry_name;
106}
107
108int LP_find_file_end(LP_DIR_CTX **ctx)
109{
110 if (ctx != NULL && *ctx != NULL)
111 {
112 int ret = closedir((*ctx)->dir);
113
114 free(*ctx);
115 switch (ret)
116 {
117 case 0:
118 return 1;
119 case -1:
120 return 0;
121 default:
122 break;
123 }
124 }
125 errno = EINVAL;
126 return 0;
127}
diff --git a/src/lib/libcrypto/LPdir_vms.c b/src/lib/libcrypto/LPdir_vms.c
new file mode 100644
index 0000000000..85b427a623
--- /dev/null
+++ b/src/lib/libcrypto/LPdir_vms.c
@@ -0,0 +1,199 @@
1/* $LP: LPlib/source/LPdir_vms.c,v 1.20 2004/08/26 13:36:05 _cvs_levitte Exp $ */
2/*
3 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#include <stddef.h>
29#include <stdlib.h>
30#include <string.h>
31#include <errno.h>
32#include <descrip.h>
33#include <namdef.h>
34#include <rmsdef.h>
35#include <libfildef.h>
36#include <lib$routines.h>
37#include <strdef.h>
38#include <str$routines.h>
39#include <stsdef.h>
40#ifndef LPDIR_H
41#include "LPdir.h"
42#endif
43
44/* Because some compiler options hide this macor */
45#ifndef EVMSERR
46#define EVMSERR 65535 /* error for non-translatable VMS errors */
47#endif
48
49struct LP_dir_context_st
50{
51 unsigned long VMS_context;
52#ifdef NAML$C_MAXRSS
53 char filespec[NAML$C_MAXRSS+1];
54 char result[NAML$C_MAXRSS+1];
55#else
56 char filespec[256];
57 char result[256];
58#endif
59 struct dsc$descriptor_d filespec_dsc;
60 struct dsc$descriptor_d result_dsc;
61};
62
63const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
64{
65 int status;
66 char *p, *r;
67 size_t l;
68 unsigned long flags = 0;
69#ifdef NAML$C_MAXRSS
70 flags |= LIB$M_FIL_LONG_NAMES;
71#endif
72
73 if (ctx == NULL || directory == NULL)
74 {
75 errno = EINVAL;
76 return 0;
77 }
78
79 errno = 0;
80 if (*ctx == NULL)
81 {
82 size_t filespeclen = strlen(directory);
83 char *filespec = NULL;
84
85 /* MUST be a VMS directory specification! Let's estimate if it is. */
86 if (directory[filespeclen-1] != ']'
87 && directory[filespeclen-1] != '>'
88 && directory[filespeclen-1] != ':')
89 {
90 errno = EINVAL;
91 return 0;
92 }
93
94 filespeclen += 4; /* "*.*;" */
95
96 if (filespeclen >
97#ifdef NAML$C_MAXRSS
98 NAML$C_MAXRSS
99#else
100 255
101#endif
102 )
103 {
104 errno = ENAMETOOLONG;
105 return 0;
106 }
107
108 *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
109 if (*ctx == NULL)
110 {
111 errno = ENOMEM;
112 return 0;
113 }
114 memset(*ctx, '\0', sizeof(LP_DIR_CTX));
115
116 strcpy((*ctx)->filespec,directory);
117 strcat((*ctx)->filespec,"*.*;");
118 (*ctx)->filespec_dsc.dsc$w_length = filespeclen;
119 (*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
120 (*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S;
121 (*ctx)->filespec_dsc.dsc$a_pointer = (*ctx)->filespec;
122 (*ctx)->result_dsc.dsc$w_length = 0;
123 (*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
124 (*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
125 (*ctx)->result_dsc.dsc$a_pointer = 0;
126 }
127
128 (*ctx)->result_dsc.dsc$w_length = 0;
129 (*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
130 (*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
131 (*ctx)->result_dsc.dsc$a_pointer = 0;
132
133 status = lib$find_file(&(*ctx)->filespec_dsc, &(*ctx)->result_dsc,
134 &(*ctx)->VMS_context, 0, 0, 0, &flags);
135
136 if (status == RMS$_NMF)
137 {
138 errno = 0;
139 vaxc$errno = status;
140 return NULL;
141 }
142
143 if(!$VMS_STATUS_SUCCESS(status))
144 {
145 errno = EVMSERR;
146 vaxc$errno = status;
147 return NULL;
148 }
149
150 /* Quick, cheap and dirty way to discard any device and directory,
151 since we only want file names */
152 l = (*ctx)->result_dsc.dsc$w_length;
153 p = (*ctx)->result_dsc.dsc$a_pointer;
154 r = p;
155 for (; *p; p++)
156 {
157 if (*p == '^' && p[1] != '\0') /* Take care of ODS-5 escapes */
158 {
159 p++;
160 }
161 else if (*p == ':' || *p == '>' || *p == ']')
162 {
163 l -= p + 1 - r;
164 r = p + 1;
165 }
166 else if (*p == ';')
167 {
168 l = p - r;
169 break;
170 }
171 }
172
173 strncpy((*ctx)->result, r, l);
174 (*ctx)->result[l] = '\0';
175 str$free1_dx(&(*ctx)->result_dsc);
176
177 return (*ctx)->result;
178}
179
180int LP_find_file_end(LP_DIR_CTX **ctx)
181{
182 if (ctx != NULL && *ctx != NULL)
183 {
184 int status = lib$find_file_end(&(*ctx)->VMS_context);
185
186 free(*ctx);
187
188 if(!$VMS_STATUS_SUCCESS(status))
189 {
190 errno = EVMSERR;
191 vaxc$errno = status;
192 return 0;
193 }
194 return 1;
195 }
196 errno = EINVAL;
197 return 0;
198}
199
diff --git a/src/lib/libcrypto/LPdir_win.c b/src/lib/libcrypto/LPdir_win.c
new file mode 100644
index 0000000000..09b475beed
--- /dev/null
+++ b/src/lib/libcrypto/LPdir_win.c
@@ -0,0 +1,155 @@
1/* $LP: LPlib/source/LPdir_win.c,v 1.10 2004/08/26 13:36:05 _cvs_levitte Exp $ */
2/*
3 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27#include <windows.h>
28#include <tchar.h>
29#ifndef LPDIR_H
30#include "LPdir.h"
31#endif
32
33/* We're most likely overcautious here, but let's reserve for
34 broken WinCE headers and explicitly opt for UNICODE call.
35 Keep in mind that our WinCE builds are compiled with -DUNICODE
36 [as well as -D_UNICODE]. */
37#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
38# define FindFirstFile FindFirstFileW
39#endif
40#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
41# define FindNextFile FindNextFileW
42#endif
43
44#ifndef NAME_MAX
45#define NAME_MAX 255
46#endif
47
48struct LP_dir_context_st
49{
50 WIN32_FIND_DATA ctx;
51 HANDLE handle;
52 char entry_name[NAME_MAX+1];
53};
54
55const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
56{
57 struct dirent *direntry = NULL;
58
59 if (ctx == NULL || directory == NULL)
60 {
61 errno = EINVAL;
62 return 0;
63 }
64
65 errno = 0;
66 if (*ctx == NULL)
67 {
68 *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
69 if (*ctx == NULL)
70 {
71 errno = ENOMEM;
72 return 0;
73 }
74 memset(*ctx, '\0', sizeof(LP_DIR_CTX));
75
76 if (sizeof(TCHAR) != sizeof(char))
77 {
78 TCHAR *wdir = NULL;
79 /* len_0 denotes string length *with* trailing 0 */
80 size_t index = 0,len_0 = strlen(directory) + 1;
81
82 wdir = (TCHAR *)malloc(len_0 * sizeof(TCHAR));
83 if (wdir == NULL)
84 {
85 free(*ctx);
86 *ctx = NULL;
87 errno = ENOMEM;
88 return 0;
89 }
90
91#ifdef LP_MULTIBYTE_AVAILABLE
92 if (!MultiByteToWideChar(CP_ACP, 0, directory, len_0, (WCHAR *)wdir, len_0))
93#endif
94 for (index = 0; index < len_0; index++)
95 wdir[index] = (TCHAR)directory[index];
96
97 (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
98
99 free(wdir);
100 }
101 else
102 (*ctx)->handle = FindFirstFile((TCHAR *)directory, &(*ctx)->ctx);
103
104 if ((*ctx)->handle == INVALID_HANDLE_VALUE)
105 {
106 free(*ctx);
107 *ctx = NULL;
108 errno = EINVAL;
109 return 0;
110 }
111 }
112 else
113 {
114 if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE)
115 {
116 return 0;
117 }
118 }
119
120 if (sizeof(TCHAR) != sizeof(char))
121 {
122 TCHAR *wdir = (*ctx)->ctx.cFileName;
123 size_t index, len_0 = 0;
124
125 while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1)) len_0++;
126 len_0++;
127
128#ifdef LP_MULTIBYTE_AVAILABLE
129 if (!WideCharToMultiByte(CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
130 sizeof((*ctx)->entry_name), NULL, 0))
131#endif
132 for (index = 0; index < len_0; index++)
133 (*ctx)->entry_name[index] = (char)wdir[index];
134 }
135 else
136 strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
137 sizeof((*ctx)->entry_name)-1);
138
139 (*ctx)->entry_name[sizeof((*ctx)->entry_name)-1] = '\0';
140
141 return (*ctx)->entry_name;
142}
143
144int LP_find_file_end(LP_DIR_CTX **ctx)
145{
146 if (ctx != NULL && *ctx != NULL)
147 {
148 FindClose((*ctx)->handle);
149 free(*ctx);
150 *ctx = NULL;
151 return 1;
152 }
153 errno = EINVAL;
154 return 0;
155}
diff --git a/src/lib/libcrypto/LPdir_win32.c b/src/lib/libcrypto/LPdir_win32.c
new file mode 100644
index 0000000000..e39872da52
--- /dev/null
+++ b/src/lib/libcrypto/LPdir_win32.c
@@ -0,0 +1,30 @@
1/* $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
2/*
3 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#define LP_SYS_WIN32
29#define LP_MULTIBYTE_AVAILABLE
30#include "LPdir_win.c"
diff --git a/src/lib/libcrypto/LPdir_wince.c b/src/lib/libcrypto/LPdir_wince.c
new file mode 100644
index 0000000000..ab0e1e6f4f
--- /dev/null
+++ b/src/lib/libcrypto/LPdir_wince.c
@@ -0,0 +1,31 @@
1/* $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
2/*
3 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#define LP_SYS_WINCE
29/* We might want to define LP_MULTIBYTE_AVAILABLE here. It's currently
30 under investigation what the exact conditions would be */
31#include "LPdir_win.c"
diff --git a/src/lib/libcrypto/bio/bio_lcl.h b/src/lib/libcrypto/bio/bio_lcl.h
new file mode 100644
index 0000000000..dba2919d43
--- /dev/null
+++ b/src/lib/libcrypto/bio/bio_lcl.h
@@ -0,0 +1,28 @@
1#include <openssl/bio.h>
2
3#if BIO_FLAGS_UPLINK==0
4/* Shortcut UPLINK calls on most platforms... */
5#define UP_stdin stdin
6#define UP_stdout stdout
7#define UP_stderr stderr
8#define UP_fprintf fprintf
9#define UP_fgets fgets
10#define UP_fread fread
11#define UP_fwrite fwrite
12#undef UP_fsetmod
13#define UP_feof feof
14#define UP_fclose fclose
15
16#define UP_fopen fopen
17#define UP_fseek fseek
18#define UP_ftell ftell
19#define UP_fflush fflush
20#define UP_ferror ferror
21#define UP_fileno fileno
22
23#define UP_open open
24#define UP_read read
25#define UP_write write
26#define UP_lseek lseek
27#define UP_close close
28#endif
diff --git a/src/lib/libcrypto/camellia/Makefile b/src/lib/libcrypto/camellia/Makefile
new file mode 100644
index 0000000000..1579de5ce5
--- /dev/null
+++ b/src/lib/libcrypto/camellia/Makefile
@@ -0,0 +1,103 @@
1#
2# crypto/camellia/Makefile
3#
4
5DIR= camellia
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11MAKEFILE= Makefile
12AR= ar r
13
14CAMELLIA_ASM_OBJ=
15
16CFLAGS= $(INCLUDES) $(CFLAG)
17ASFLAGS= $(INCLUDES) $(ASFLAG)
18AFLAGS= $(ASFLAGS)
19
20GENERAL=Makefile
21#TEST=camelliatest.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
26 cmll_cfb.c cmll_ctr.c
27
28LIBOBJ= camellia.o cmll_misc.o cmll_ecb.o cmll_cbc.o cmll_ofb.o \
29 cmll_cfb.o cmll_ctr.o $(CAMELLIA_ASM_OBJ)
30
31SRC= $(LIBSRC)
32
33EXHEADER= camellia.h
34HEADER= cmll_locl.h $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48$(LIBOBJ): $(LIBSRC)
49
50
51files:
52 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
53
54links:
55 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
56 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
57 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
58
59install:
60 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
61 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
62 do \
63 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
64 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
65 done;
66
67tags:
68 ctags $(SRC)
69
70tests:
71
72lint:
73 lint -DLINT $(INCLUDES) $(SRC)>fluff
74
75depend:
76 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
77 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
78
79dclean:
80 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
81 mv -f Makefile.new $(MAKEFILE)
82
83clean:
84 rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
85
86# DO NOT DELETE THIS LINE -- make depend depends on it.
87
88camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
89camellia.o: camellia.c camellia.h cmll_locl.h
90cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
91cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c cmll_locl.h
92cmll_cfb.o: ../../e_os.h ../../include/openssl/camellia.h
93cmll_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
94cmll_cfb.o: cmll_cfb.c cmll_locl.h
95cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
96cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c cmll_locl.h
97cmll_ecb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
98cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
99cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
100cmll_misc.o: ../../include/openssl/opensslconf.h
101cmll_misc.o: ../../include/openssl/opensslv.h cmll_locl.h cmll_misc.c
102cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
103cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_locl.h cmll_ofb.c
diff --git a/src/lib/libcrypto/cms/Makefile b/src/lib/libcrypto/cms/Makefile
new file mode 100644
index 0000000000..e39c310b6c
--- /dev/null
+++ b/src/lib/libcrypto/cms/Makefile
@@ -0,0 +1,183 @@
1#
2# OpenSSL/crypto/cms/Makefile
3#
4
5DIR= cms
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
21 cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c
22LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
23 cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o
24
25SRC= $(LIBSRC)
26
27EXHEADER= cms.h
28HEADER= cms_lcl.h $(EXHEADER)
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35test:
36
37all: lib
38
39lib: $(LIBOBJ)
40 $(AR) $(LIB) $(LIBOBJ)
41 $(RANLIB) $(LIB) || echo Never mind.
42 @touch lib
43
44files:
45 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
46
47links:
48 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
49 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
50 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
51
52install:
53 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
54 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
55 do \
56 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
57 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
58 done;
59
60tags:
61 ctags $(SRC)
62
63tests:
64
65lint:
66 lint -DLINT $(INCLUDES) $(SRC)>fluff
67
68depend:
69 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
70 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
71
72dclean:
73 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
74 mv -f Makefile.new $(MAKEFILE)
75
76clean:
77 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
78
79# DO NOT DELETE THIS LINE -- make depend depends on it.
80
81cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
82cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
83cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
84cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
85cms_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
86cms_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
87cms_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
88cms_asn1.o: ../../include/openssl/opensslconf.h
89cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
90cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
91cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
92cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
93cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
94cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
95cms_asn1.o: cms.h cms_asn1.c cms_lcl.h
96cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
97cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
98cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
99cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
100cms_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
101cms_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
102cms_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
103cms_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
104cms_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
105cms_att.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
106cms_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
107cms_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
108cms_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
109cms_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
110cms_att.o: cms.h cms_att.c cms_lcl.h
111cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
112cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
113cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
114cms_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
115cms_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
116cms_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
117cms_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
118cms_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
119cms_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
120cms_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
121cms_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
122cms_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
123cms_err.o: cms_err.c
124cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
125cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
126cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
127cms_io.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
128cms_io.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
129cms_io.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
130cms_io.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
131cms_io.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
132cms_io.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
133cms_io.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
134cms_io.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
135cms_io.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
136cms_io.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
137cms_io.o: cms_io.c cms_lcl.h
138cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
139cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
140cms_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
141cms_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
142cms_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
143cms_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
144cms_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
145cms_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
146cms_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
147cms_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
148cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
149cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
150cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
151cms_lib.o: cms_lcl.h cms_lib.c
152cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
153cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
154cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
155cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
156cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
157cms_sd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
158cms_sd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
159cms_sd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
160cms_sd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
161cms_sd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
162cms_sd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
163cms_sd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
164cms_sd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
165cms_sd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
166cms_sd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
167cms_sd.o: ../cryptlib.h cms_lcl.h cms_sd.c
168cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
169cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
170cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
171cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
172cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
173cms_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
174cms_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
175cms_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
176cms_smime.o: ../../include/openssl/objects.h
177cms_smime.o: ../../include/openssl/opensslconf.h
178cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
179cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
180cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
181cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
182cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
183cms_smime.o: ../cryptlib.h cms_lcl.h cms_smime.c
diff --git a/src/lib/libcrypto/ecdh/Makefile b/src/lib/libcrypto/ecdh/Makefile
new file mode 100644
index 0000000000..95aa69fea5
--- /dev/null
+++ b/src/lib/libcrypto/ecdh/Makefile
@@ -0,0 +1,111 @@
1#
2# crypto/ecdh/Makefile
3#
4
5DIR= ecdh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g -Wall
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=ecdhtest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= ech_lib.c ech_ossl.c ech_key.c ech_err.c
21
22LIBOBJ= ech_lib.o ech_ossl.o ech_key.o ech_err.o
23
24SRC= $(LIBSRC)
25
26EXHEADER= ecdh.h
27HEADER= ech_locl.h $(EXHEADER)
28
29ALL= $(GENERAL) $(SRC) $(HEADER)
30
31top:
32 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
33
34all: lib
35
36lib: $(LIBOBJ)
37 $(AR) $(LIB) $(LIBOBJ)
38 $(RANLIB) $(LIB) || echo Never mind.
39 @touch lib
40
41files:
42 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
43
44links:
45 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
46 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
47 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
48
49install:
50 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
51 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
52 do \
53 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
54 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
55 done;
56
57tags:
58 ctags $(SRC)
59
60tests:
61
62lint:
63 lint -DLINT $(INCLUDES) $(SRC)>fluff
64
65depend:
66 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
67 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
68
69dclean:
70 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
71 mv -f Makefile.new $(MAKEFILE)
72
73clean:
74 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
75
76# DO NOT DELETE THIS LINE -- make depend depends on it.
77
78ech_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
79ech_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
80ech_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
81ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
82ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
83ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
84ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
85ech_err.o: ech_err.c
86ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
87ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
88ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
89ech_key.o: ../../include/openssl/engine.h ../../include/openssl/opensslconf.h
90ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
91ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
92ech_key.o: ../../include/openssl/symhacks.h ech_key.c ech_locl.h
93ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
94ech_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
95ech_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
96ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
97ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
98ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
99ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
100ech_lib.o: ../../include/openssl/symhacks.h ech_lib.c ech_locl.h
101ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
102ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
103ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
104ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
105ech_ossl.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
106ech_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
107ech_ossl.o: ../../include/openssl/opensslconf.h
108ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
109ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
110ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
111ech_ossl.o: ../cryptlib.h ech_locl.h ech_ossl.c
diff --git a/src/lib/libcrypto/ecdh/ecdhtest.c b/src/lib/libcrypto/ecdh/ecdhtest.c
new file mode 100644
index 0000000000..1575006b51
--- /dev/null
+++ b/src/lib/libcrypto/ecdh/ecdhtest.c
@@ -0,0 +1,368 @@
1/* crypto/ecdh/ecdhtest.c */
2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 *
5 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
6 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
7 * to the OpenSSL project.
8 *
9 * The ECC Code is licensed pursuant to the OpenSSL open source
10 * license provided below.
11 *
12 * The ECDH software is originally written by Douglas Stebila of
13 * Sun Microsystems Laboratories.
14 *
15 */
16/* ====================================================================
17 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
18 *
19 * Redistribution and use in source and binary forms, with or without
20 * modification, are permitted provided that the following conditions
21 * are met:
22 *
23 * 1. Redistributions of source code must retain the above copyright
24 * notice, this list of conditions and the following disclaimer.
25 *
26 * 2. Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in
28 * the documentation and/or other materials provided with the
29 * distribution.
30 *
31 * 3. All advertising materials mentioning features or use of this
32 * software must display the following acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
35 *
36 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
37 * endorse or promote products derived from this software without
38 * prior written permission. For written permission, please contact
39 * openssl-core@openssl.org.
40 *
41 * 5. Products derived from this software may not be called "OpenSSL"
42 * nor may "OpenSSL" appear in their names without prior written
43 * permission of the OpenSSL Project.
44 *
45 * 6. Redistributions of any form whatsoever must retain the following
46 * acknowledgment:
47 * "This product includes software developed by the OpenSSL Project
48 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
51 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
53 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
54 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
55 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
56 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
57 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
60 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
61 * OF THE POSSIBILITY OF SUCH DAMAGE.
62 * ====================================================================
63 *
64 * This product includes cryptographic software written by Eric Young
65 * (eay@cryptsoft.com). This product includes software written by Tim
66 * Hudson (tjh@cryptsoft.com).
67 *
68 */
69
70#include <stdio.h>
71#include <stdlib.h>
72#include <string.h>
73
74#include "../e_os.h"
75
76#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */
77#include <openssl/crypto.h>
78#include <openssl/bio.h>
79#include <openssl/bn.h>
80#include <openssl/objects.h>
81#include <openssl/rand.h>
82#include <openssl/sha.h>
83#include <openssl/err.h>
84
85#ifdef OPENSSL_NO_ECDH
86int main(int argc, char *argv[])
87{
88 printf("No ECDH support\n");
89 return(0);
90}
91#else
92#include <openssl/ec.h>
93#include <openssl/ecdh.h>
94
95#ifdef OPENSSL_SYS_WIN16
96#define MS_CALLBACK _far _loadds
97#else
98#define MS_CALLBACK
99#endif
100
101#if 0
102static void MS_CALLBACK cb(int p, int n, void *arg);
103#endif
104
105static const char rnd_seed[] = "string to make the random number generator think it has entropy";
106
107
108static const int KDF1_SHA1_len = 20;
109static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
110 {
111#ifndef OPENSSL_NO_SHA
112 if (*outlen < SHA_DIGEST_LENGTH)
113 return NULL;
114 else
115 *outlen = SHA_DIGEST_LENGTH;
116 return SHA1(in, inlen, out);
117#else
118 return NULL;
119#endif
120 }
121
122
123static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
124 {
125 EC_KEY *a=NULL;
126 EC_KEY *b=NULL;
127 BIGNUM *x_a=NULL, *y_a=NULL,
128 *x_b=NULL, *y_b=NULL;
129 char buf[12];
130 unsigned char *abuf=NULL,*bbuf=NULL;
131 int i,alen,blen,aout,bout,ret=0;
132 const EC_GROUP *group;
133
134 a = EC_KEY_new_by_curve_name(nid);
135 b = EC_KEY_new_by_curve_name(nid);
136 if (a == NULL || b == NULL)
137 goto err;
138
139 group = EC_KEY_get0_group(a);
140
141 if ((x_a=BN_new()) == NULL) goto err;
142 if ((y_a=BN_new()) == NULL) goto err;
143 if ((x_b=BN_new()) == NULL) goto err;
144 if ((y_b=BN_new()) == NULL) goto err;
145
146 BIO_puts(out,"Testing key generation with ");
147 BIO_puts(out,text);
148#ifdef NOISY
149 BIO_puts(out,"\n");
150#else
151 (void)BIO_flush(out);
152#endif
153
154 if (!EC_KEY_generate_key(a)) goto err;
155
156 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
157 {
158 if (!EC_POINT_get_affine_coordinates_GFp(group,
159 EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
160 }
161 else
162 {
163 if (!EC_POINT_get_affine_coordinates_GF2m(group,
164 EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
165 }
166#ifdef NOISY
167 BIO_puts(out," pri 1=");
168 BN_print(out,a->priv_key);
169 BIO_puts(out,"\n pub 1=");
170 BN_print(out,x_a);
171 BIO_puts(out,",");
172 BN_print(out,y_a);
173 BIO_puts(out,"\n");
174#else
175 BIO_printf(out," .");
176 (void)BIO_flush(out);
177#endif
178
179 if (!EC_KEY_generate_key(b)) goto err;
180
181 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
182 {
183 if (!EC_POINT_get_affine_coordinates_GFp(group,
184 EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
185 }
186 else
187 {
188 if (!EC_POINT_get_affine_coordinates_GF2m(group,
189 EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
190 }
191
192#ifdef NOISY
193 BIO_puts(out," pri 2=");
194 BN_print(out,b->priv_key);
195 BIO_puts(out,"\n pub 2=");
196 BN_print(out,x_b);
197 BIO_puts(out,",");
198 BN_print(out,y_b);
199 BIO_puts(out,"\n");
200#else
201 BIO_printf(out,".");
202 (void)BIO_flush(out);
203#endif
204
205 alen=KDF1_SHA1_len;
206 abuf=(unsigned char *)OPENSSL_malloc(alen);
207 aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1);
208
209#ifdef NOISY
210 BIO_puts(out," key1 =");
211 for (i=0; i<aout; i++)
212 {
213 sprintf(buf,"%02X",abuf[i]);
214 BIO_puts(out,buf);
215 }
216 BIO_puts(out,"\n");
217#else
218 BIO_printf(out,".");
219 (void)BIO_flush(out);
220#endif
221
222 blen=KDF1_SHA1_len;
223 bbuf=(unsigned char *)OPENSSL_malloc(blen);
224 bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1);
225
226#ifdef NOISY
227 BIO_puts(out," key2 =");
228 for (i=0; i<bout; i++)
229 {
230 sprintf(buf,"%02X",bbuf[i]);
231 BIO_puts(out,buf);
232 }
233 BIO_puts(out,"\n");
234#else
235 BIO_printf(out,".");
236 (void)BIO_flush(out);
237#endif
238
239 if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
240 {
241#ifndef NOISY
242 BIO_printf(out, " failed\n\n");
243 BIO_printf(out, "key a:\n");
244 BIO_printf(out, "private key: ");
245 BN_print(out, EC_KEY_get0_private_key(a));
246 BIO_printf(out, "\n");
247 BIO_printf(out, "public key (x,y): ");
248 BN_print(out, x_a);
249 BIO_printf(out, ",");
250 BN_print(out, y_a);
251 BIO_printf(out, "\nkey b:\n");
252 BIO_printf(out, "private key: ");
253 BN_print(out, EC_KEY_get0_private_key(b));
254 BIO_printf(out, "\n");
255 BIO_printf(out, "public key (x,y): ");
256 BN_print(out, x_b);
257 BIO_printf(out, ",");
258 BN_print(out, y_b);
259 BIO_printf(out, "\n");
260 BIO_printf(out, "generated key a: ");
261 for (i=0; i<bout; i++)
262 {
263 sprintf(buf, "%02X", bbuf[i]);
264 BIO_puts(out, buf);
265 }
266 BIO_printf(out, "\n");
267 BIO_printf(out, "generated key b: ");
268 for (i=0; i<aout; i++)
269 {
270 sprintf(buf, "%02X", abuf[i]);
271 BIO_puts(out,buf);
272 }
273 BIO_printf(out, "\n");
274#endif
275 fprintf(stderr,"Error in ECDH routines\n");
276 ret=0;
277 }
278 else
279 {
280#ifndef NOISY
281 BIO_printf(out, " ok\n");
282#endif
283 ret=1;
284 }
285err:
286 ERR_print_errors_fp(stderr);
287
288 if (abuf != NULL) OPENSSL_free(abuf);
289 if (bbuf != NULL) OPENSSL_free(bbuf);
290 if (x_a) BN_free(x_a);
291 if (y_a) BN_free(y_a);
292 if (x_b) BN_free(x_b);
293 if (y_b) BN_free(y_b);
294 if (b) EC_KEY_free(b);
295 if (a) EC_KEY_free(a);
296 return(ret);
297 }
298
299int main(int argc, char *argv[])
300 {
301 BN_CTX *ctx=NULL;
302 int ret=1;
303 BIO *out;
304
305 CRYPTO_malloc_debug_init();
306 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
307 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
308
309#ifdef OPENSSL_SYS_WIN32
310 CRYPTO_malloc_init();
311#endif
312
313 RAND_seed(rnd_seed, sizeof rnd_seed);
314
315 out=BIO_new(BIO_s_file());
316 if (out == NULL) EXIT(1);
317 BIO_set_fp(out,stdout,BIO_NOCLOSE);
318
319 if ((ctx=BN_CTX_new()) == NULL) goto err;
320
321 /* NIST PRIME CURVES TESTS */
322 if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err;
323 if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err;
324 if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
325 if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
326 if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
327 /* NIST BINARY CURVES TESTS */
328 if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
329 if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) goto err;
330 if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)) goto err;
331 if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)) goto err;
332 if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)) goto err;
333 if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)) goto err;
334 if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)) goto err;
335 if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) goto err;
336 if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) goto err;
337 if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) goto err;
338
339 ret = 0;
340
341err:
342 ERR_print_errors_fp(stderr);
343 if (ctx) BN_CTX_free(ctx);
344 BIO_free(out);
345 CRYPTO_cleanup_all_ex_data();
346 ERR_remove_state(0);
347 CRYPTO_mem_leaks_fp(stderr);
348 EXIT(ret);
349 return(ret);
350 }
351
352#if 0
353static void MS_CALLBACK cb(int p, int n, void *arg)
354 {
355 char c='*';
356
357 if (p == 0) c='.';
358 if (p == 1) c='+';
359 if (p == 2) c='*';
360 if (p == 3) c='\n';
361 BIO_write((BIO *)arg,&c,1);
362 (void)BIO_flush((BIO *)arg);
363#ifdef LINT
364 p=n;
365#endif
366 }
367#endif
368#endif
diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c
new file mode 100644
index 0000000000..2a40ff12df
--- /dev/null
+++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -0,0 +1,213 @@
1/* crypto/ecdh/ech_ossl.c */
2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 *
5 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
6 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
7 * to the OpenSSL project.
8 *
9 * The ECC Code is licensed pursuant to the OpenSSL open source
10 * license provided below.
11 *
12 * The ECDH software is originally written by Douglas Stebila of
13 * Sun Microsystems Laboratories.
14 *
15 */
16/* ====================================================================
17 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
18 *
19 * Redistribution and use in source and binary forms, with or without
20 * modification, are permitted provided that the following conditions
21 * are met:
22 *
23 * 1. Redistributions of source code must retain the above copyright
24 * notice, this list of conditions and the following disclaimer.
25 *
26 * 2. Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in
28 * the documentation and/or other materials provided with the
29 * distribution.
30 *
31 * 3. All advertising materials mentioning features or use of this
32 * software must display the following acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
35 *
36 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
37 * endorse or promote products derived from this software without
38 * prior written permission. For written permission, please contact
39 * openssl-core@OpenSSL.org.
40 *
41 * 5. Products derived from this software may not be called "OpenSSL"
42 * nor may "OpenSSL" appear in their names without prior written
43 * permission of the OpenSSL Project.
44 *
45 * 6. Redistributions of any form whatsoever must retain the following
46 * acknowledgment:
47 * "This product includes software developed by the OpenSSL Project
48 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
51 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
53 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
54 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
55 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
56 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
57 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
60 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
61 * OF THE POSSIBILITY OF SUCH DAMAGE.
62 * ====================================================================
63 *
64 * This product includes cryptographic software written by Eric Young
65 * (eay@cryptsoft.com). This product includes software written by Tim
66 * Hudson (tjh@cryptsoft.com).
67 *
68 */
69
70
71#include <string.h>
72#include <limits.h>
73
74#include "cryptlib.h"
75
76#include "ech_locl.h"
77#include <openssl/err.h>
78#include <openssl/sha.h>
79#include <openssl/obj_mac.h>
80#include <openssl/bn.h>
81
82static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
83 EC_KEY *ecdh,
84 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
85
86static ECDH_METHOD openssl_ecdh_meth = {
87 "OpenSSL ECDH method",
88 ecdh_compute_key,
89#if 0
90 NULL, /* init */
91 NULL, /* finish */
92#endif
93 0, /* flags */
94 NULL /* app_data */
95};
96
97const ECDH_METHOD *ECDH_OpenSSL(void)
98 {
99 return &openssl_ecdh_meth;
100 }
101
102
103/* This implementation is based on the following primitives in the IEEE 1363 standard:
104 * - ECKAS-DH1
105 * - ECSVDP-DH
106 * Finally an optional KDF is applied.
107 */
108static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
109 EC_KEY *ecdh,
110 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
111 {
112 BN_CTX *ctx;
113 EC_POINT *tmp=NULL;
114 BIGNUM *x=NULL, *y=NULL;
115 const BIGNUM *priv_key;
116 const EC_GROUP* group;
117 int ret= -1;
118 size_t buflen, len;
119 unsigned char *buf=NULL;
120
121 if (outlen > INT_MAX)
122 {
123 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
124 return -1;
125 }
126
127 if ((ctx = BN_CTX_new()) == NULL) goto err;
128 BN_CTX_start(ctx);
129 x = BN_CTX_get(ctx);
130 y = BN_CTX_get(ctx);
131
132 priv_key = EC_KEY_get0_private_key(ecdh);
133 if (priv_key == NULL)
134 {
135 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
136 goto err;
137 }
138
139 group = EC_KEY_get0_group(ecdh);
140 if ((tmp=EC_POINT_new(group)) == NULL)
141 {
142 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
143 goto err;
144 }
145
146 if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx))
147 {
148 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
149 goto err;
150 }
151
152 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
153 {
154 if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx))
155 {
156 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
157 goto err;
158 }
159 }
160 else
161 {
162 if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx))
163 {
164 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
165 goto err;
166 }
167 }
168
169 buflen = (EC_GROUP_get_degree(group) + 7)/8;
170 len = BN_num_bytes(x);
171 if (len > buflen)
172 {
173 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR);
174 goto err;
175 }
176 if ((buf = OPENSSL_malloc(buflen)) == NULL)
177 {
178 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
179 goto err;
180 }
181
182 memset(buf, 0, buflen - len);
183 if (len != (size_t)BN_bn2bin(x, buf + buflen - len))
184 {
185 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
186 goto err;
187 }
188
189 if (KDF != 0)
190 {
191 if (KDF(buf, buflen, out, &outlen) == NULL)
192 {
193 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
194 goto err;
195 }
196 ret = outlen;
197 }
198 else
199 {
200 /* no KDF, just copy as much as we can */
201 if (outlen > buflen)
202 outlen = buflen;
203 memcpy(out, buf, outlen);
204 ret = outlen;
205 }
206
207err:
208 if (tmp) EC_POINT_free(tmp);
209 if (ctx) BN_CTX_end(ctx);
210 if (ctx) BN_CTX_free(ctx);
211 if (buf) OPENSSL_free(buf);
212 return(ret);
213 }
diff --git a/src/lib/libcrypto/ecdsa/Makefile b/src/lib/libcrypto/ecdsa/Makefile
new file mode 100644
index 0000000000..16a93cd3ae
--- /dev/null
+++ b/src/lib/libcrypto/ecdsa/Makefile
@@ -0,0 +1,125 @@
1#
2# crypto/ecdsa/Makefile
3#
4
5DIR= ecdsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g -Wall
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=ecdsatest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c
21
22LIBOBJ= ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o
23
24SRC= $(LIBSRC)
25
26EXHEADER= ecdsa.h
27HEADER= ecs_locl.h $(EXHEADER)
28
29ALL= $(GENERAL) $(SRC) $(HEADER)
30
31top:
32 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
33
34all: lib
35
36lib: $(LIBOBJ)
37 $(AR) $(LIB) $(LIBOBJ)
38 $(RANLIB) $(LIB) || echo Never mind.
39 @touch lib
40
41files:
42 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
43
44links:
45 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
46 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
47 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
48
49install:
50 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
51 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
52 do \
53 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
54 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
55 done;
56
57tags:
58 ctags $(SRC)
59
60tests:
61
62lint:
63 lint -DLINT $(INCLUDES) $(SRC)>fluff
64
65depend:
66 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
67 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
68
69dclean:
70 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
71 mv -f Makefile.new $(MAKEFILE)
72
73clean:
74 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
75
76# DO NOT DELETE THIS LINE -- make depend depends on it.
77
78ecs_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
79ecs_asn1.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
80ecs_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
81ecs_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
82ecs_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
83ecs_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
84ecs_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
85ecs_asn1.o: ../../include/openssl/symhacks.h ecs_asn1.c ecs_locl.h
86ecs_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
87ecs_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
88ecs_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
89ecs_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
90ecs_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
91ecs_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
92ecs_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
93ecs_err.o: ecs_err.c
94ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
95ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
96ecs_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
97ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
98ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
99ecs_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
100ecs_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
101ecs_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
102ecs_lib.o: ecs_lib.c ecs_locl.h
103ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
104ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
105ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
106ecs_ossl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
107ecs_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
108ecs_ossl.o: ../../include/openssl/opensslconf.h
109ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
110ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
111ecs_ossl.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_ossl.c
112ecs_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
113ecs_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
114ecs_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
115ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/opensslconf.h
116ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
117ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
118ecs_sign.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_sign.c
119ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
120ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
121ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
122ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/opensslconf.h
123ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
124ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
125ecs_vrf.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_vrf.c
diff --git a/src/lib/libcrypto/ecdsa/ecdsatest.c b/src/lib/libcrypto/ecdsa/ecdsatest.c
new file mode 100644
index 0000000000..b07e31252b
--- /dev/null
+++ b/src/lib/libcrypto/ecdsa/ecdsatest.c
@@ -0,0 +1,500 @@
1/* crypto/ecdsa/ecdsatest.c */
2/*
3 * Written by Nils Larsch for the OpenSSL project.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 *
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63 *
64 * The Contribution is licensed pursuant to the OpenSSL open source
65 * license provided above.
66 *
67 * The elliptic curve binary polynomial software is originally written by
68 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
69 *
70 */
71
72#include <stdio.h>
73#include <stdlib.h>
74#include <string.h>
75
76#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ECDSA is defined */
77
78#ifdef OPENSSL_NO_ECDSA
79int main(int argc, char * argv[])
80 {
81 puts("Elliptic curves are disabled.");
82 return 0;
83 }
84#else
85
86#include <openssl/crypto.h>
87#include <openssl/bio.h>
88#include <openssl/evp.h>
89#include <openssl/bn.h>
90#include <openssl/ecdsa.h>
91#ifndef OPENSSL_NO_ENGINE
92#include <openssl/engine.h>
93#endif
94#include <openssl/err.h>
95#include <openssl/rand.h>
96
97static const char rnd_seed[] = "string to make the random number generator "
98 "think it has entropy";
99
100/* declaration of the test functions */
101int x9_62_tests(BIO *);
102int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s);
103int test_builtin(BIO *);
104
105/* functions to change the RAND_METHOD */
106int change_rand(void);
107int restore_rand(void);
108int fbytes(unsigned char *buf, int num);
109
110RAND_METHOD fake_rand;
111const RAND_METHOD *old_rand;
112
113int change_rand(void)
114 {
115 /* save old rand method */
116 if ((old_rand = RAND_get_rand_method()) == NULL)
117 return 0;
118
119 fake_rand.seed = old_rand->seed;
120 fake_rand.cleanup = old_rand->cleanup;
121 fake_rand.add = old_rand->add;
122 fake_rand.status = old_rand->status;
123 /* use own random function */
124 fake_rand.bytes = fbytes;
125 fake_rand.pseudorand = old_rand->bytes;
126 /* set new RAND_METHOD */
127 if (!RAND_set_rand_method(&fake_rand))
128 return 0;
129 return 1;
130 }
131
132int restore_rand(void)
133 {
134 if (!RAND_set_rand_method(old_rand))
135 return 0;
136 else
137 return 1;
138 }
139
140static int fbytes_counter = 0;
141static const char *numbers[8] = {
142 "651056770906015076056810763456358567190100156695615665659",
143 "6140507067065001063065065565667405560006161556565665656654",
144 "8763001015071075675010661307616710783570106710677817767166"
145 "71676178726717",
146 "7000000175690566466555057817571571075705015757757057795755"
147 "55657156756655",
148 "1275552191113212300012030439187146164646146646466749494799",
149 "1542725565216523985789236956265265265235675811949404040041",
150 "1456427555219115346513212300075341203043918714616464614664"
151 "64667494947990",
152 "1712787255652165239672857892369562652652652356758119494040"
153 "40041670216363"};
154
155int fbytes(unsigned char *buf, int num)
156 {
157 int ret;
158 BIGNUM *tmp = NULL;
159
160 if (fbytes_counter >= 8)
161 return 0;
162 tmp = BN_new();
163 if (!tmp)
164 return 0;
165 if (!BN_dec2bn(&tmp, numbers[fbytes_counter]))
166 {
167 BN_free(tmp);
168 return 0;
169 }
170 fbytes_counter ++;
171 ret = BN_bn2bin(tmp, buf);
172 if (ret == 0 || ret != num)
173 ret = 0;
174 else
175 ret = 1;
176 if (tmp)
177 BN_free(tmp);
178 return ret;
179 }
180
181/* some tests from the X9.62 draft */
182int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
183 {
184 int ret = 0;
185 const char message[] = "abc";
186 unsigned char digest[20];
187 unsigned int dgst_len = 0;
188 EVP_MD_CTX md_ctx;
189 EC_KEY *key = NULL;
190 ECDSA_SIG *signature = NULL;
191 BIGNUM *r = NULL, *s = NULL;
192
193 EVP_MD_CTX_init(&md_ctx);
194 /* get the message digest */
195 EVP_DigestInit(&md_ctx, EVP_ecdsa());
196 EVP_DigestUpdate(&md_ctx, (const void*)message, 3);
197 EVP_DigestFinal(&md_ctx, digest, &dgst_len);
198
199 BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
200 /* create the key */
201 if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
202 goto x962_int_err;
203 if (!EC_KEY_generate_key(key))
204 goto x962_int_err;
205 BIO_printf(out, ".");
206 (void)BIO_flush(out);
207 /* create the signature */
208 signature = ECDSA_do_sign(digest, 20, key);
209 if (signature == NULL)
210 goto x962_int_err;
211 BIO_printf(out, ".");
212 (void)BIO_flush(out);
213 /* compare the created signature with the expected signature */
214 if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
215 goto x962_int_err;
216 if (!BN_dec2bn(&r, r_in) ||
217 !BN_dec2bn(&s, s_in))
218 goto x962_int_err;
219 if (BN_cmp(signature->r ,r) || BN_cmp(signature->s, s))
220 goto x962_int_err;
221 BIO_printf(out, ".");
222 (void)BIO_flush(out);
223 /* verify the signature */
224 if (ECDSA_do_verify(digest, 20, signature, key) != 1)
225 goto x962_int_err;
226 BIO_printf(out, ".");
227 (void)BIO_flush(out);
228
229 BIO_printf(out, " ok\n");
230 ret = 1;
231x962_int_err:
232 if (!ret)
233 BIO_printf(out, " failed\n");
234 if (key)
235 EC_KEY_free(key);
236 if (signature)
237 ECDSA_SIG_free(signature);
238 if (r)
239 BN_free(r);
240 if (s)
241 BN_free(s);
242 EVP_MD_CTX_cleanup(&md_ctx);
243 return ret;
244 }
245
246int x9_62_tests(BIO *out)
247 {
248 int ret = 0;
249
250 BIO_printf(out, "some tests from X9.62:\n");
251
252 /* set own rand method */
253 if (!change_rand())
254 goto x962_err;
255
256 if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
257 "3342403536405981729393488334694600415596881826869351677613",
258 "5735822328888155254683894997897571951568553642892029982342"))
259 goto x962_err;
260 if (!x9_62_test_internal(out, NID_X9_62_prime239v1,
261 "3086361431751678114926225473006680188549593787585317781474"
262 "62058306432176",
263 "3238135532097973577080787768312505059318910517550078427819"
264 "78505179448783"))
265 goto x962_err;
266 if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
267 "87194383164871543355722284926904419997237591535066528048",
268 "308992691965804947361541664549085895292153777025772063598"))
269 goto x962_err;
270 if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1,
271 "2159633321041961198501834003903461262881815148684178964245"
272 "5876922391552",
273 "1970303740007316867383349976549972270528498040721988191026"
274 "49413465737174"))
275 goto x962_err;
276
277 ret = 1;
278x962_err:
279 if (!restore_rand())
280 ret = 0;
281 return ret;
282 }
283
284int test_builtin(BIO *out)
285 {
286 EC_builtin_curve *curves = NULL;
287 size_t crv_len = 0, n = 0;
288 EC_KEY *eckey = NULL, *wrong_eckey = NULL;
289 EC_GROUP *group;
290 unsigned char digest[20], wrong_digest[20];
291 unsigned char *signature = NULL;
292 unsigned int sig_len;
293 int nid, ret = 0;
294
295 /* fill digest values with some random data */
296 if (!RAND_pseudo_bytes(digest, 20) ||
297 !RAND_pseudo_bytes(wrong_digest, 20))
298 {
299 BIO_printf(out, "ERROR: unable to get random data\n");
300 goto builtin_err;
301 }
302
303 /* create and verify a ecdsa signature with every availble curve
304 * (with ) */
305 BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
306 "with some internal curves:\n");
307
308 /* get a list of all internal curves */
309 crv_len = EC_get_builtin_curves(NULL, 0);
310
311 curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
312
313 if (curves == NULL)
314 {
315 BIO_printf(out, "malloc error\n");
316 goto builtin_err;
317 }
318
319 if (!EC_get_builtin_curves(curves, crv_len))
320 {
321 BIO_printf(out, "unable to get internal curves\n");
322 goto builtin_err;
323 }
324
325 /* now create and verify a signature for every curve */
326 for (n = 0; n < crv_len; n++)
327 {
328 unsigned char dirt, offset;
329
330 nid = curves[n].nid;
331 if (nid == NID_ipsec4)
332 continue;
333 /* create new ecdsa key (== EC_KEY) */
334 if ((eckey = EC_KEY_new()) == NULL)
335 goto builtin_err;
336 group = EC_GROUP_new_by_curve_name(nid);
337 if (group == NULL)
338 goto builtin_err;
339 if (EC_KEY_set_group(eckey, group) == 0)
340 goto builtin_err;
341 EC_GROUP_free(group);
342 if (EC_GROUP_get_degree(EC_KEY_get0_group(eckey)) < 160)
343 /* drop the curve */
344 {
345 EC_KEY_free(eckey);
346 eckey = NULL;
347 continue;
348 }
349 BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
350 /* create key */
351 if (!EC_KEY_generate_key(eckey))
352 {
353 BIO_printf(out, " failed\n");
354 goto builtin_err;
355 }
356 /* create second key */
357 if ((wrong_eckey = EC_KEY_new()) == NULL)
358 goto builtin_err;
359 group = EC_GROUP_new_by_curve_name(nid);
360 if (group == NULL)
361 goto builtin_err;
362 if (EC_KEY_set_group(wrong_eckey, group) == 0)
363 goto builtin_err;
364 EC_GROUP_free(group);
365 if (!EC_KEY_generate_key(wrong_eckey))
366 {
367 BIO_printf(out, " failed\n");
368 goto builtin_err;
369 }
370
371 BIO_printf(out, ".");
372 (void)BIO_flush(out);
373 /* check key */
374 if (!EC_KEY_check_key(eckey))
375 {
376 BIO_printf(out, " failed\n");
377 goto builtin_err;
378 }
379 BIO_printf(out, ".");
380 (void)BIO_flush(out);
381 /* create signature */
382 sig_len = ECDSA_size(eckey);
383 if ((signature = OPENSSL_malloc(sig_len)) == NULL)
384 goto builtin_err;
385 if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey))
386 {
387 BIO_printf(out, " failed\n");
388 goto builtin_err;
389 }
390 BIO_printf(out, ".");
391 (void)BIO_flush(out);
392 /* verify signature */
393 if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
394 {
395 BIO_printf(out, " failed\n");
396 goto builtin_err;
397 }
398 BIO_printf(out, ".");
399 (void)BIO_flush(out);
400 /* verify signature with the wrong key */
401 if (ECDSA_verify(0, digest, 20, signature, sig_len,
402 wrong_eckey) == 1)
403 {
404 BIO_printf(out, " failed\n");
405 goto builtin_err;
406 }
407 BIO_printf(out, ".");
408 (void)BIO_flush(out);
409 /* wrong digest */
410 if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len,
411 eckey) == 1)
412 {
413 BIO_printf(out, " failed\n");
414 goto builtin_err;
415 }
416 BIO_printf(out, ".");
417 (void)BIO_flush(out);
418 /* modify a single byte of the signature */
419 offset = signature[10] % sig_len;
420 dirt = signature[11];
421 signature[offset] ^= dirt ? dirt : 1;
422 if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1)
423 {
424 BIO_printf(out, " failed\n");
425 goto builtin_err;
426 }
427 BIO_printf(out, ".");
428 (void)BIO_flush(out);
429
430 BIO_printf(out, " ok\n");
431 /* cleanup */
432 OPENSSL_free(signature);
433 signature = NULL;
434 EC_KEY_free(eckey);
435 eckey = NULL;
436 EC_KEY_free(wrong_eckey);
437 wrong_eckey = NULL;
438 }
439
440 ret = 1;
441builtin_err:
442 if (eckey)
443 EC_KEY_free(eckey);
444 if (wrong_eckey)
445 EC_KEY_free(wrong_eckey);
446 if (signature)
447 OPENSSL_free(signature);
448 if (curves)
449 OPENSSL_free(curves);
450
451 return ret;
452 }
453
454int main(void)
455 {
456 int ret = 1;
457 BIO *out;
458
459 out = BIO_new_fp(stdout, BIO_NOCLOSE);
460
461 /* enable memory leak checking unless explicitly disabled */
462 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
463 (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
464 {
465 CRYPTO_malloc_debug_init();
466 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
467 }
468 else
469 {
470 /* OPENSSL_DEBUG_MEMORY=off */
471 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
472 }
473 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
474
475 ERR_load_crypto_strings();
476
477 /* initialize the prng */
478 RAND_seed(rnd_seed, sizeof(rnd_seed));
479
480 /* the tests */
481 if (!x9_62_tests(out)) goto err;
482 if (!test_builtin(out)) goto err;
483
484 ret = 0;
485err:
486 if (ret)
487 BIO_printf(out, "\nECDSA test failed\n");
488 else
489 BIO_printf(out, "\nECDSA test passed\n");
490 if (ret)
491 ERR_print_errors(out);
492 CRYPTO_cleanup_all_ex_data();
493 ERR_remove_state(0);
494 ERR_free_strings();
495 CRYPTO_mem_leaks(out);
496 if (out != NULL)
497 BIO_free(out);
498 return ret;
499 }
500#endif
diff --git a/src/lib/libcrypto/evp/e_seed.c b/src/lib/libcrypto/evp/e_seed.c
new file mode 100644
index 0000000000..8c1ec0d43a
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_seed.c
@@ -0,0 +1,83 @@
1/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/opensslconf.h>
57#include <openssl/evp.h>
58#include <openssl/err.h>
59#include <string.h>
60#include <assert.h>
61#ifndef OPENSSL_NO_SEED
62#include <openssl/seed.h>
63#include "evp_locl.h"
64
65static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc);
66
67typedef struct
68 {
69 SEED_KEY_SCHEDULE ks;
70 } EVP_SEED_KEY;
71
72IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
73 16, 16, 16, 128,
74 0, seed_init_key, 0, 0, 0, 0)
75
76static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
77 const unsigned char *iv, int enc)
78 {
79 SEED_set_key(key, ctx->cipher_data);
80 return 1;
81 }
82
83#endif
diff --git a/src/lib/libcrypto/o_dir.c b/src/lib/libcrypto/o_dir.c
new file mode 100644
index 0000000000..42891ea459
--- /dev/null
+++ b/src/lib/libcrypto/o_dir.c
@@ -0,0 +1,83 @@
1/* crypto/o_dir.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2004.
4 */
5/* ====================================================================
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <errno.h>
60#include <e_os.h>
61
62/* The routines really come from the Levitte Programming, so to make
63 life simple, let's just use the raw files and hack the symbols to
64 fit our namespace. */
65#define LP_DIR_CTX OPENSSL_DIR_CTX
66#define LP_dir_context_st OPENSSL_dir_context_st
67#define LP_find_file OPENSSL_DIR_read
68#define LP_find_file_end OPENSSL_DIR_end
69
70#include "o_dir.h"
71
72#define LPDIR_H
73#if defined OPENSSL_SYS_UNIX || defined DJGPP
74#include "LPdir_unix.c"
75#elif defined OPENSSL_SYS_VMS
76#include "LPdir_vms.c"
77#elif defined OPENSSL_SYS_WIN32
78#include "LPdir_win32.c"
79#elif defined OPENSSL_SYS_WINCE
80#include "LPdir_wince.c"
81#else
82#include "LPdir_nyi.c"
83#endif
diff --git a/src/lib/libcrypto/o_dir.h b/src/lib/libcrypto/o_dir.h
new file mode 100644
index 0000000000..4b725c0312
--- /dev/null
+++ b/src/lib/libcrypto/o_dir.h
@@ -0,0 +1,53 @@
1/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
2/* Copied from Richard Levitte's (richard@levitte.org) LP library. All
3 * symbol names have been changed, with permission from the author.
4 */
5
6/* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */
7/*
8 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
9 * All rights reserved.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33
34#ifndef O_DIR_H
35#define O_DIR_H
36
37#ifdef __cplusplus
38extern "C" {
39#endif
40
41 typedef struct OPENSSL_dir_context_st OPENSSL_DIR_CTX;
42
43 /* returns NULL on error or end-of-directory.
44 If it is end-of-directory, errno will be zero */
45 const char *OPENSSL_DIR_read(OPENSSL_DIR_CTX **ctx, const char *directory);
46 /* returns 1 on success, 0 on error */
47 int OPENSSL_DIR_end(OPENSSL_DIR_CTX **ctx);
48
49#ifdef __cplusplus
50}
51#endif
52
53#endif /* LPDIR_H */
diff --git a/src/lib/libcrypto/o_dir_test.c b/src/lib/libcrypto/o_dir_test.c
new file mode 100644
index 0000000000..3d75ecb005
--- /dev/null
+++ b/src/lib/libcrypto/o_dir_test.c
@@ -0,0 +1,70 @@
1/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
2/* Copied from Richard Levitte's (richard@levitte.org) LP library. All
3 * symbol names have been changed, with permission from the author.
4 */
5
6/* $LP: LPlib/test/test_dir.c,v 1.1 2004/06/16 22:59:47 _cvs_levitte Exp $ */
7/*
8 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
9 * All rights reserved.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33#include <stddef.h>
34#include <stdlib.h>
35#include <stdio.h>
36#include <errno.h>
37#include "e_os2.h"
38#include "o_dir.h"
39
40#if defined OPENSSL_SYS_UNIX || defined OPENSSL_SYS_WIN32 || defined OPENSSL_SYS_WINCE
41#define CURRDIR "."
42#elif defined OPENSSL_SYS_VMS
43#define CURRDIR "SYS$DISK:[]"
44#else
45#error "No supported platform defined!"
46#endif
47
48int main()
49{
50 OPENSSL_DIR_CTX *ctx = NULL;
51 const char *result;
52
53 while((result = OPENSSL_DIR_read(&ctx, CURRDIR)) != NULL)
54 {
55 printf("%s\n", result);
56 }
57
58 if (errno)
59 {
60 perror("test_dir");
61 exit(1);
62 }
63
64 if (!OPENSSL_DIR_end(&ctx))
65 {
66 perror("test_dir");
67 exit(2);
68 }
69 exit(0);
70}
diff --git a/src/lib/libcrypto/pqueue/Makefile b/src/lib/libcrypto/pqueue/Makefile
new file mode 100644
index 0000000000..d0c39d25ce
--- /dev/null
+++ b/src/lib/libcrypto/pqueue/Makefile
@@ -0,0 +1,84 @@
1#
2# OpenSSL/crypto/pqueue/Makefile
3#
4
5DIR= pqueue
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC=pqueue.c
21LIBOBJ=pqueue.o
22
23SRC= $(LIBSRC)
24
25EXHEADER= pqueue.h pq_compat.h
26HEADER= $(EXHEADER)
27
28ALL= $(GENERAL) $(SRC) $(HEADER)
29
30top:
31 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
32
33all: lib
34
35lib: $(LIBOBJ)
36 $(AR) $(LIB) $(LIBOBJ)
37 $(RANLIB) $(LIB) || echo Never mind.
38 @touch lib
39
40files:
41 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
42
43links:
44 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
45 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
46 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
47
48install:
49 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
50 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
51 do \
52 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
53 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
54 done;
55
56tags:
57 ctags $(SRC)
58
59tests:
60
61lint:
62 lint -DLINT $(INCLUDES) $(SRC)>fluff
63
64depend:
65 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
66 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
67
68dclean:
69 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
70 mv -f Makefile.new $(MAKEFILE)
71
72clean:
73 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
74
75# DO NOT DELETE THIS LINE -- make depend depends on it.
76
77pqueue.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
78pqueue.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
79pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
80pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
81pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
82pqueue.o: ../../include/openssl/pq_compat.h ../../include/openssl/safestack.h
83pqueue.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
84pqueue.o: ../cryptlib.h pqueue.c pqueue.h
diff --git a/src/lib/libcrypto/pqueue/pq_test.c b/src/lib/libcrypto/pqueue/pq_test.c
new file mode 100644
index 0000000000..8d496dfc65
--- /dev/null
+++ b/src/lib/libcrypto/pqueue/pq_test.c
@@ -0,0 +1,95 @@
1/* crypto/pqueue/pq_test.c */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60#include "pqueue.h"
61
62int
63main(void)
64 {
65 pitem *item;
66 pqueue pq;
67
68 pq = pqueue_new();
69
70 item = pitem_new(3, NULL);
71 pqueue_insert(pq, item);
72
73 item = pitem_new(1, NULL);
74 pqueue_insert(pq, item);
75
76 item = pitem_new(2, NULL);
77 pqueue_insert(pq, item);
78
79 item = pqueue_find(pq, 1);
80 fprintf(stderr, "found %ld\n", item->priority);
81
82 item = pqueue_find(pq, 2);
83 fprintf(stderr, "found %ld\n", item->priority);
84
85 item = pqueue_find(pq, 3);
86 fprintf(stderr, "found %ld\n", item ? item->priority: 0);
87
88 pqueue_print(pq);
89
90 for(item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
91 pitem_free(item);
92
93 pqueue_free(pq);
94 return 0;
95 }
diff --git a/src/lib/libcrypto/pqueue/pqueue.c b/src/lib/libcrypto/pqueue/pqueue.c
new file mode 100644
index 0000000000..5cc18527f8
--- /dev/null
+++ b/src/lib/libcrypto/pqueue/pqueue.c
@@ -0,0 +1,236 @@
1/* crypto/pqueue/pqueue.c */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include "pqueue.h"
63
64typedef struct _pqueue
65 {
66 pitem *items;
67 int count;
68 } pqueue_s;
69
70pitem *
71pitem_new(PQ_64BIT priority, void *data)
72 {
73 pitem *item = (pitem *) OPENSSL_malloc(sizeof(pitem));
74 if (item == NULL) return NULL;
75
76 pq_64bit_init(&(item->priority));
77 pq_64bit_assign(&item->priority, &priority);
78
79 item->data = data;
80 item->next = NULL;
81
82 return item;
83 }
84
85void
86pitem_free(pitem *item)
87 {
88 if (item == NULL) return;
89
90 pq_64bit_free(&(item->priority));
91 OPENSSL_free(item);
92 }
93
94pqueue_s *
95pqueue_new()
96 {
97 pqueue_s *pq = (pqueue_s *) OPENSSL_malloc(sizeof(pqueue_s));
98 if (pq == NULL) return NULL;
99
100 memset(pq, 0x00, sizeof(pqueue_s));
101 return pq;
102 }
103
104void
105pqueue_free(pqueue_s *pq)
106 {
107 if (pq == NULL) return;
108
109 OPENSSL_free(pq);
110 }
111
112pitem *
113pqueue_insert(pqueue_s *pq, pitem *item)
114 {
115 pitem *curr, *next;
116
117 if (pq->items == NULL)
118 {
119 pq->items = item;
120 return item;
121 }
122
123 for(curr = NULL, next = pq->items;
124 next != NULL;
125 curr = next, next = next->next)
126 {
127 if (pq_64bit_gt(&(next->priority), &(item->priority)))
128 {
129 item->next = next;
130
131 if (curr == NULL)
132 pq->items = item;
133 else
134 curr->next = item;
135
136 return item;
137 }
138 /* duplicates not allowed */
139 if (pq_64bit_eq(&(item->priority), &(next->priority)))
140 return NULL;
141 }
142
143 item->next = NULL;
144 curr->next = item;
145
146 return item;
147 }
148
149pitem *
150pqueue_peek(pqueue_s *pq)
151 {
152 return pq->items;
153 }
154
155pitem *
156pqueue_pop(pqueue_s *pq)
157 {
158 pitem *item = pq->items;
159
160 if (pq->items != NULL)
161 pq->items = pq->items->next;
162
163 return item;
164 }
165
166pitem *
167pqueue_find(pqueue_s *pq, PQ_64BIT priority)
168 {
169 pitem *next, *prev = NULL;
170 pitem *found = NULL;
171
172 if ( pq->items == NULL)
173 return NULL;
174
175 for ( next = pq->items; next->next != NULL;
176 prev = next, next = next->next)
177 {
178 if ( pq_64bit_eq(&(next->priority), &priority))
179 {
180 found = next;
181 break;
182 }
183 }
184
185 /* check the one last node */
186 if ( pq_64bit_eq(&(next->priority), &priority))
187 found = next;
188
189 if ( ! found)
190 return NULL;
191
192#if 0 /* find works in peek mode */
193 if ( prev == NULL)
194 pq->items = next->next;
195 else
196 prev->next = next->next;
197#endif
198
199 return found;
200 }
201
202#if PQ_64BIT_IS_INTEGER
203void
204pqueue_print(pqueue_s *pq)
205 {
206 pitem *item = pq->items;
207
208 while(item != NULL)
209 {
210 printf("item\t" PQ_64BIT_PRINT "\n", item->priority);
211 item = item->next;
212 }
213 }
214#endif
215
216pitem *
217pqueue_iterator(pqueue_s *pq)
218 {
219 return pqueue_peek(pq);
220 }
221
222pitem *
223pqueue_next(pitem **item)
224 {
225 pitem *ret;
226
227 if ( item == NULL || *item == NULL)
228 return NULL;
229
230
231 /* *item != NULL */
232 ret = *item;
233 *item = (*item)->next;
234
235 return ret;
236 }
diff --git a/src/lib/libcrypto/pqueue/pqueue.h b/src/lib/libcrypto/pqueue/pqueue.h
new file mode 100644
index 0000000000..02386d130e
--- /dev/null
+++ b/src/lib/libcrypto/pqueue/pqueue.h
@@ -0,0 +1,95 @@
1/* crypto/pqueue/pqueue.h */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60#ifndef HEADER_PQUEUE_H
61#define HEADER_PQUEUE_H
62
63#include <stdio.h>
64#include <stdlib.h>
65#include <string.h>
66
67#include <openssl/pq_compat.h>
68
69typedef struct _pqueue *pqueue;
70
71typedef struct _pitem
72 {
73 PQ_64BIT priority;
74 void *data;
75 struct _pitem *next;
76 } pitem;
77
78typedef struct _pitem *piterator;
79
80pitem *pitem_new(PQ_64BIT priority, void *data);
81void pitem_free(pitem *item);
82
83pqueue pqueue_new(void);
84void pqueue_free(pqueue pq);
85
86pitem *pqueue_insert(pqueue pq, pitem *item);
87pitem *pqueue_peek(pqueue pq);
88pitem *pqueue_pop(pqueue pq);
89pitem *pqueue_find(pqueue pq, PQ_64BIT priority);
90pitem *pqueue_iterator(pqueue pq);
91pitem *pqueue_next(piterator *iter);
92
93void pqueue_print(pqueue pq);
94
95#endif /* ! HEADER_PQUEUE_H */
diff --git a/src/lib/libcrypto/rand/rand_nw.c b/src/lib/libcrypto/rand/rand_nw.c
new file mode 100644
index 0000000000..f177ffbe82
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_nw.c
@@ -0,0 +1,183 @@
1/* crypto/rand/rand_nw.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "cryptlib.h"
113#include <openssl/rand.h>
114#include "rand_lcl.h"
115
116#if defined (OPENSSL_SYS_NETWARE)
117
118#if defined(NETWARE_LIBC)
119#include <nks/thread.h>
120#else
121#include <nwthread.h>
122#endif
123
124extern int GetProcessSwitchCount(void);
125#if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000)
126extern void *RunningProcess; /* declare here same as found in newer NDKs */
127extern unsigned long GetSuperHighResolutionTimer(void);
128#endif
129
130 /* the FAQ indicates we need to provide at least 20 bytes (160 bits) of seed
131 */
132int RAND_poll(void)
133{
134 unsigned long l;
135 unsigned long tsc;
136 int i;
137
138 /* There are several options to gather miscellaneous data
139 * but for now we will loop checking the time stamp counter (rdtsc) and
140 * the SuperHighResolutionTimer. Each iteration will collect 8 bytes
141 * of data but it is treated as only 1 byte of entropy. The call to
142 * ThreadSwitchWithDelay() will introduce additional variability into
143 * the data returned by rdtsc.
144 *
145 * Applications can agument the seed material by adding additional
146 * stuff with RAND_add() and should probably do so.
147 */
148 l = GetProcessSwitchCount();
149 RAND_add(&l,sizeof(l),1);
150
151 /* need to cast the void* to unsigned long here */
152 l = (unsigned long)RunningProcess;
153 RAND_add(&l,sizeof(l),1);
154
155 for( i=2; i<ENTROPY_NEEDED; i++)
156 {
157#ifdef __MWERKS__
158 asm
159 {
160 rdtsc
161 mov tsc, eax
162 }
163#else
164 asm volatile("rdtsc":"=A" (tsc));
165#endif
166
167 RAND_add(&tsc, sizeof(tsc), 1);
168
169 l = GetSuperHighResolutionTimer();
170 RAND_add(&l, sizeof(l), 0);
171
172# if defined(NETWARE_LIBC)
173 NXThreadYield();
174# else /* NETWARE_CLIB */
175 ThreadSwitchWithDelay();
176# endif
177 }
178
179 return 1;
180}
181
182#endif
183
diff --git a/src/lib/libcrypto/seed/Makefile b/src/lib/libcrypto/seed/Makefile
new file mode 100644
index 0000000000..f9de27b288
--- /dev/null
+++ b/src/lib/libcrypto/seed/Makefile
@@ -0,0 +1,87 @@
1#
2# crypto/seed/Makefile
3#
4
5DIR= seed
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11MAKEFILE= Makefile
12AR= ar r
13
14CFLAGS= $(INCLUDES) $(CFLAG)
15
16GENERAL=Makefile
17TEST=
18APPS=
19
20LIB=$(TOP)/libcrypto.a
21LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
22LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
23
24SRC= $(LIBSRC)
25
26EXHEADER= seed.h
27HEADER= seed_locl.h $(EXHEADER)
28
29ALL= $(GENERAL) $(SRC) $(HEADER)
30
31top:
32 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
33
34all: lib
35
36lib: $(LIBOBJ)
37 $(AR) $(LIB) $(LIBOBJ)
38 $(RANLIB) $(LIB) || echo Never mind.
39 @touch lib
40
41files:
42 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
43
44links:
45 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
46 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
47 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
48
49install:
50 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
51 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
52 do \
53 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
54 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
55 done;
56
57tags:
58 ctags $(SRC)
59
60tests:
61
62lint:
63 lint -DLINT $(INCLUDES) $(SRC)>fluff
64
65depend:
66 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
67 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
68
69dclean:
70 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
71 mv -f Makefile.new $(MAKEFILE)
72
73clean:
74 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
75
76# DO NOT DELETE THIS LINE -- make depend depends on it.
77
78seed.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
79seed.o: ../../include/openssl/seed.h seed.c seed_locl.h
80seed_cbc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
81seed_cbc.o: ../../include/openssl/seed.h seed_cbc.c seed_locl.h
82seed_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
83seed_cfb.o: ../../include/openssl/seed.h seed_cfb.c seed_locl.h
84seed_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/seed.h
85seed_ecb.o: seed_ecb.c
86seed_ofb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
87seed_ofb.o: ../../include/openssl/seed.h seed_locl.h seed_ofb.c
diff --git a/src/lib/libcrypto/seed/seed.c b/src/lib/libcrypto/seed/seed.c
new file mode 100644
index 0000000000..125dd7d66f
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed.c
@@ -0,0 +1,286 @@
1/*
2 * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Neither the name of author nor the names of its contributors may
10 * be used to endorse or promote products derived from this software
11 * without specific prior written permission.
12 *
13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23 * SUCH DAMAGE.
24 *
25 */
26#ifndef OPENSSL_NO_SEED
27
28#include <stdio.h>
29#include <stdlib.h>
30#include <string.h>
31#ifdef WIN32
32#include <memory.h>
33#endif
34
35#include <openssl/seed.h>
36#include "seed_locl.h"
37
38static seed_word SS[4][256] = { {
39 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
40 0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
41 0x28082028, 0x04444044, 0x20002020, 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
42 0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
43 0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
44 0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354, 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
45 0x24042024, 0x1c0c101c, 0x33437370, 0x18889098, 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
46 0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
47 0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
48 0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078, 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
49 0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140, 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
50 0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
51 0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
52 0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c, 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
53 0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
54 0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
55 0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
56 0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4, 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
57 0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac, 0x36063234, 0x15051114, 0x22022220, 0x38083038,
58 0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
59 0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
60 0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8, 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
61 0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364, 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
62 0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
63 0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
64 0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
65 0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
66 0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
67 0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
68 0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
69 0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4, 0x22426260, 0x29092128, 0x07070304, 0x33033330,
70 0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298
71}, {
72 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
73 0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, 0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
74 0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1, 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
75 0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
76 0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
77 0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2, 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
78 0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
79 0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
80 0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
81 0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13, 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
82 0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1, 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
83 0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
84 0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
85 0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202, 0x20220222, 0x04040400, 0x68284860, 0x70314171,
86 0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991, 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
87 0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
88 0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
89 0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2, 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
90 0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
91 0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
92 0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
93 0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470, 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
94 0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040, 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
95 0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
96 0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
97 0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282, 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
98 0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11, 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
99 0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
100 0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
101 0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393,
102 0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0, 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
103 0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3
104}, {
105 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
106 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
107 0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
108 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
109 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
110 0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
111 0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
112 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
113 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
114 0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
115 0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
116 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
117 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
118 0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
119 0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
120 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
121 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
122 0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
123 0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505, 0x22202202, 0x30383808,
124 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
125 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
126 0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
127 0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
128 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
129 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
130 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
131 0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
132 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
133 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
134 0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
135 0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909, 0x03040707, 0x33303303,
136 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a
137}, {
138 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
139 0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
140 0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
141 0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
142 0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
143 0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
144 0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
145 0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
146 0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
147 0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
148 0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
149 0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
150 0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
151 0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 0x02222022, 0x04000404, 0x48606828, 0x41717031,
152 0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
153 0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
154 0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
155 0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
156 0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
157 0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
158 0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
159 0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
160 0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
161 0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
162 0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
163 0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
164 0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
165 0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
166 0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
167 0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013,
168 0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
169 0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437
170} };
171
172/* key schedule constants - golden ratio */
173#define KC0 0x9e3779b9
174#define KC1 0x3c6ef373
175#define KC2 0x78dde6e6
176#define KC3 0xf1bbcdcc
177#define KC4 0xe3779b99
178#define KC5 0xc6ef3733
179#define KC6 0x8dde6e67
180#define KC7 0x1bbcdccf
181#define KC8 0x3779b99e
182#define KC9 0x6ef3733c
183#define KC10 0xdde6e678
184#define KC11 0xbbcdccf1
185#define KC12 0x779b99e3
186#define KC13 0xef3733c6
187#define KC14 0xde6e678d
188#define KC15 0xbcdccf1b
189
190
191void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks)
192{
193 seed_word x1, x2, x3, x4;
194 seed_word t0, t1;
195
196 char2word(rawkey , x1);
197 char2word(rawkey+4 , x2);
198 char2word(rawkey+8 , x3);
199 char2word(rawkey+12, x4);
200
201 t0 = (x1 + x3 - KC0) & 0xffffffff;
202 t1 = (x2 - x4 + KC0) & 0xffffffff; KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
203 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1); KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
204 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC2); KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
205 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC3); KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
206 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC4); KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
207 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC5); KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
208 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC6); KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
209 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC7); KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
210 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC8); KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
211 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC9); KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
212 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC10); KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
213 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC11); KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
214 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC12); KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
215 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC13); KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
216 KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC14); KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
217 KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC15); KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
218}
219
220void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks)
221{
222 seed_word x1, x2, x3, x4;
223 seed_word t0, t1;
224
225 char2word(s, x1);
226 char2word(s+4, x2);
227 char2word(s+8, x3);
228 char2word(s+12, x4);
229
230 E_SEED(t0, t1, x1, x2, x3, x4, 0);
231 E_SEED(t0, t1, x3, x4, x1, x2, 2);
232 E_SEED(t0, t1, x1, x2, x3, x4, 4);
233 E_SEED(t0, t1, x3, x4, x1, x2, 6);
234 E_SEED(t0, t1, x1, x2, x3, x4, 8);
235 E_SEED(t0, t1, x3, x4, x1, x2, 10);
236 E_SEED(t0, t1, x1, x2, x3, x4, 12);
237 E_SEED(t0, t1, x3, x4, x1, x2, 14);
238 E_SEED(t0, t1, x1, x2, x3, x4, 16);
239 E_SEED(t0, t1, x3, x4, x1, x2, 18);
240 E_SEED(t0, t1, x1, x2, x3, x4, 20);
241 E_SEED(t0, t1, x3, x4, x1, x2, 22);
242 E_SEED(t0, t1, x1, x2, x3, x4, 24);
243 E_SEED(t0, t1, x3, x4, x1, x2, 26);
244 E_SEED(t0, t1, x1, x2, x3, x4, 28);
245 E_SEED(t0, t1, x3, x4, x1, x2, 30);
246
247 word2char(x3, d);
248 word2char(x4, d+4);
249 word2char(x1, d+8);
250 word2char(x2, d+12);
251}
252
253void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks)
254{
255 seed_word x1, x2, x3, x4;
256 seed_word t0, t1;
257
258 char2word(s, x1);
259 char2word(s+4, x2);
260 char2word(s+8, x3);
261 char2word(s+12, x4);
262
263 E_SEED(t0, t1, x1, x2, x3, x4, 30);
264 E_SEED(t0, t1, x3, x4, x1, x2, 28);
265 E_SEED(t0, t1, x1, x2, x3, x4, 26);
266 E_SEED(t0, t1, x3, x4, x1, x2, 24);
267 E_SEED(t0, t1, x1, x2, x3, x4, 22);
268 E_SEED(t0, t1, x3, x4, x1, x2, 20);
269 E_SEED(t0, t1, x1, x2, x3, x4, 18);
270 E_SEED(t0, t1, x3, x4, x1, x2, 16);
271 E_SEED(t0, t1, x1, x2, x3, x4, 14);
272 E_SEED(t0, t1, x3, x4, x1, x2, 12);
273 E_SEED(t0, t1, x1, x2, x3, x4, 10);
274 E_SEED(t0, t1, x3, x4, x1, x2, 8);
275 E_SEED(t0, t1, x1, x2, x3, x4, 6);
276 E_SEED(t0, t1, x3, x4, x1, x2, 4);
277 E_SEED(t0, t1, x1, x2, x3, x4, 2);
278 E_SEED(t0, t1, x3, x4, x1, x2, 0);
279
280 word2char(x3, d);
281 word2char(x4, d+4);
282 word2char(x1, d+8);
283 word2char(x2, d+12);
284}
285
286#endif /* OPENSSL_NO_SEED */
diff --git a/src/lib/libcrypto/seed/seed.h b/src/lib/libcrypto/seed/seed.h
new file mode 100644
index 0000000000..427915ed9a
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed.h
@@ -0,0 +1,135 @@
1/*
2 * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Neither the name of author nor the names of its contributors may
10 * be used to endorse or promote products derived from this software
11 * without specific prior written permission.
12 *
13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23 * SUCH DAMAGE.
24 *
25 */
26/* ====================================================================
27 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
28 *
29 * Redistribution and use in source and binary forms, with or without
30 * modification, are permitted provided that the following conditions
31 * are met:
32 *
33 * 1. Redistributions of source code must retain the above copyright
34 * notice, this list of conditions and the following disclaimer.
35 *
36 * 2. Redistributions in binary form must reproduce the above copyright
37 * notice, this list of conditions and the following disclaimer in
38 * the documentation and/or other materials provided with the
39 * distribution.
40 *
41 * 3. All advertising materials mentioning features or use of this
42 * software must display the following acknowledgment:
43 * "This product includes software developed by the OpenSSL Project
44 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
45 *
46 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
47 * endorse or promote products derived from this software without
48 * prior written permission. For written permission, please contact
49 * openssl-core@openssl.org.
50 *
51 * 5. Products derived from this software may not be called "OpenSSL"
52 * nor may "OpenSSL" appear in their names without prior written
53 * permission of the OpenSSL Project.
54 *
55 * 6. Redistributions of any form whatsoever must retain the following
56 * acknowledgment:
57 * "This product includes software developed by the OpenSSL Project
58 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
59 *
60 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
61 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
62 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
63 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
64 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
65 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
66 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
67 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
68 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
69 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
70 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
71 * OF THE POSSIBILITY OF SUCH DAMAGE.
72 * ====================================================================
73 *
74 * This product includes cryptographic software written by Eric Young
75 * (eay@cryptsoft.com). This product includes software written by Tim
76 * Hudson (tjh@cryptsoft.com).
77 *
78 */
79
80
81#ifndef HEADER_SEED_H
82#define HEADER_SEED_H
83
84#include <openssl/opensslconf.h>
85
86#ifdef OPENSSL_NO_SEED
87#error SEED is disabled.
88#endif
89
90#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
91# ifndef SEED_LONG
92# define SEED_LONG 1
93# endif
94#endif
95
96#if !defined(NO_SYS_TYPES_H)
97# include <sys/types.h>
98#endif
99
100#define SEED_BLOCK_SIZE 16
101#define SEED_KEY_LENGTH 16
102
103
104#ifdef __cplusplus
105extern "C" {
106#endif
107
108
109typedef struct seed_key_st {
110#ifdef SEED_LONG
111 unsigned long data[32];
112#else
113 unsigned int data[32];
114#endif
115} SEED_KEY_SCHEDULE;
116
117
118void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
119
120void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
121void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
122
123void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc);
124void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
125 size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int enc);
126void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
127 size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc);
128void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
129 size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num);
130
131#ifdef __cplusplus
132}
133#endif
134
135#endif /* HEADER_SEED_H */
diff --git a/src/lib/libcrypto/seed/seed_cbc.c b/src/lib/libcrypto/seed/seed_cbc.c
new file mode 100644
index 0000000000..4f718ccb44
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed_cbc.c
@@ -0,0 +1,129 @@
1/* crypto/seed/seed_cbc.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 */
51
52#include "seed_locl.h"
53#include <string.h>
54
55void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
56 size_t len, const SEED_KEY_SCHEDULE *ks,
57 unsigned char ivec[SEED_BLOCK_SIZE], int enc)
58 {
59 size_t n;
60 unsigned char tmp[SEED_BLOCK_SIZE];
61 const unsigned char *iv = ivec;
62
63 if (enc)
64 {
65 while (len >= SEED_BLOCK_SIZE)
66 {
67 for (n = 0; n < SEED_BLOCK_SIZE; ++n)
68 out[n] = in[n] ^ iv[n];
69 SEED_encrypt(out, out, ks);
70 iv = out;
71 len -= SEED_BLOCK_SIZE;
72 in += SEED_BLOCK_SIZE;
73 out += SEED_BLOCK_SIZE;
74 }
75 if (len)
76 {
77 for (n = 0; n < len; ++n)
78 out[n] = in[n] ^ iv[n];
79 for (n = len; n < SEED_BLOCK_SIZE; ++n)
80 out[n] = iv[n];
81 SEED_encrypt(out, out, ks);
82 iv = out;
83 }
84 memcpy(ivec, iv, SEED_BLOCK_SIZE);
85 }
86 else if (in != out) /* decrypt */
87 {
88 while (len >= SEED_BLOCK_SIZE)
89 {
90 SEED_decrypt(in, out, ks);
91 for (n = 0; n < SEED_BLOCK_SIZE; ++n)
92 out[n] ^= iv[n];
93 iv = in;
94 len -= SEED_BLOCK_SIZE;
95 in += SEED_BLOCK_SIZE;
96 out += SEED_BLOCK_SIZE;
97 }
98 if (len)
99 {
100 SEED_decrypt(in, tmp, ks);
101 for (n = 0; n < len; ++n)
102 out[n] = tmp[n] ^ iv[n];
103 iv = in;
104 }
105 memcpy(ivec, iv, SEED_BLOCK_SIZE);
106 }
107 else /* decrypt, overlap */
108 {
109 while (len >= SEED_BLOCK_SIZE)
110 {
111 memcpy(tmp, in, SEED_BLOCK_SIZE);
112 SEED_decrypt(in, out, ks);
113 for (n = 0; n < SEED_BLOCK_SIZE; ++n)
114 out[n] ^= ivec[n];
115 memcpy(ivec, tmp, SEED_BLOCK_SIZE);
116 len -= SEED_BLOCK_SIZE;
117 in += SEED_BLOCK_SIZE;
118 out += SEED_BLOCK_SIZE;
119 }
120 if (len)
121 {
122 memcpy(tmp, in, SEED_BLOCK_SIZE);
123 SEED_decrypt(tmp, tmp, ks);
124 for (n = 0; n < len; ++n)
125 out[n] = tmp[n] ^ ivec[n];
126 memcpy(ivec, tmp, SEED_BLOCK_SIZE);
127 }
128 }
129 }
diff --git a/src/lib/libcrypto/seed/seed_cfb.c b/src/lib/libcrypto/seed/seed_cfb.c
new file mode 100644
index 0000000000..07d878a788
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed_cfb.c
@@ -0,0 +1,144 @@
1/* crypto/seed/seed_cfb.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 */
51/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
52 * All rights reserved.
53 *
54 * This package is an SSL implementation written
55 * by Eric Young (eay@cryptsoft.com).
56 * The implementation was written so as to conform with Netscapes SSL.
57 *
58 * This library is free for commercial and non-commercial use as long as
59 * the following conditions are aheared to. The following conditions
60 * apply to all code found in this distribution, be it the RC4, RSA,
61 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
62 * included with this distribution is covered by the same copyright terms
63 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
64 *
65 * Copyright remains Eric Young's, and as such any Copyright notices in
66 * the code are not to be removed.
67 * If this package is used in a product, Eric Young should be given attribution
68 * as the author of the parts of the library used.
69 * This can be in the form of a textual message at program startup or
70 * in documentation (online or textual) provided with the package.
71 *
72 * Redistribution and use in source and binary forms, with or without
73 * modification, are permitted provided that the following conditions
74 * are met:
75 * 1. Redistributions of source code must retain the copyright
76 * notice, this list of conditions and the following disclaimer.
77 * 2. Redistributions in binary form must reproduce the above copyright
78 * notice, this list of conditions and the following disclaimer in the
79 * documentation and/or other materials provided with the distribution.
80 * 3. All advertising materials mentioning features or use of this software
81 * must display the following acknowledgement:
82 * "This product includes cryptographic software written by
83 * Eric Young (eay@cryptsoft.com)"
84 * The word 'cryptographic' can be left out if the rouines from the library
85 * being used are not cryptographic related :-).
86 * 4. If you include any Windows specific code (or a derivative thereof) from
87 * the apps directory (application code) you must include an acknowledgement:
88 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
89 *
90 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
91 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
92 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
93 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
94 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
95 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
96 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
97 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
98 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
99 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
100 * SUCH DAMAGE.
101 *
102 * The licence and distribution terms for any publically available version or
103 * derivative of this code cannot be changed. i.e. this code cannot simply be
104 * copied and put under another distribution licence
105 * [including the GNU Public Licence.]
106 */
107
108#include "seed_locl.h"
109#include <string.h>
110
111void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
112 size_t len, const SEED_KEY_SCHEDULE *ks,
113 unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc)
114 {
115 int n;
116 unsigned char c;
117
118 n = *num;
119
120 if (enc)
121 {
122 while (len--)
123 {
124 if (n == 0)
125 SEED_encrypt(ivec, ivec, ks);
126 ivec[n] = *(out++) = *(in++) ^ ivec[n];
127 n = (n+1) % SEED_BLOCK_SIZE;
128 }
129 }
130 else
131 {
132 while (len--)
133 {
134 if (n == 0)
135 SEED_encrypt(ivec, ivec, ks);
136 c = *(in);
137 *(out++) = *(in++) ^ ivec[n];
138 ivec[n] = c;
139 n = (n+1) % SEED_BLOCK_SIZE;
140 }
141 }
142
143 *num = n;
144 }
diff --git a/src/lib/libcrypto/seed/seed_ecb.c b/src/lib/libcrypto/seed/seed_ecb.c
new file mode 100644
index 0000000000..e63f5ae14e
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed_ecb.c
@@ -0,0 +1,60 @@
1/* crypto/seed/seed_ecb.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 */
51
52#include <openssl/seed.h>
53
54void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc)
55 {
56 if (enc)
57 SEED_encrypt(in, out, ks);
58 else
59 SEED_decrypt(in, out, ks);
60 }
diff --git a/src/lib/libcrypto/seed/seed_locl.h b/src/lib/libcrypto/seed/seed_locl.h
new file mode 100644
index 0000000000..fd456b6422
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed_locl.h
@@ -0,0 +1,116 @@
1/*
2 * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Neither the name of author nor the names of its contributors may
10 * be used to endorse or promote products derived from this software
11 * without specific prior written permission.
12 *
13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23 * SUCH DAMAGE.
24 *
25 */
26#ifndef HEADER_SEED_LOCL_H
27#define HEADER_SEED_LOCL_H
28
29#include "openssl/e_os2.h"
30#include <openssl/seed.h>
31
32
33#ifdef SEED_LONG /* need 32-bit type */
34typedef unsigned long seed_word;
35#else
36typedef unsigned int seed_word;
37#endif
38
39
40#ifdef __cplusplus
41extern "C" {
42#endif
43
44#define G_FUNC(v) \
45 SS[0][(unsigned char) (v) & 0xff] ^ SS[1][(unsigned char) ((v)>>8) & 0xff] ^ \
46 SS[2][(unsigned char)((v)>>16) & 0xff] ^ SS[3][(unsigned char)((v)>>24) & 0xff]
47
48#define char2word(c, i) \
49 (i) = ((((seed_word)(c)[0]) << 24) | (((seed_word)(c)[1]) << 16) | (((seed_word)(c)[2]) << 8) | ((seed_word)(c)[3]))
50
51#define word2char(l, c) \
52 *((c)+0) = (unsigned char)((l)>>24) & 0xff; \
53 *((c)+1) = (unsigned char)((l)>>16) & 0xff; \
54 *((c)+2) = (unsigned char)((l)>> 8) & 0xff; \
55 *((c)+3) = (unsigned char)((l)) & 0xff
56
57#define KEYSCHEDULE_UPDATE0(T0, T1, X1, X2, X3, X4, KC) \
58 (T0) = (X3); \
59 (X3) = (((X3)<<8) ^ ((X4)>>24)) & 0xffffffff; \
60 (X4) = (((X4)<<8) ^ ((T0)>>24)) & 0xffffffff; \
61 (T0) = ((X1) + (X3) - (KC)) & 0xffffffff; \
62 (T1) = ((X2) + (KC) - (X4)) & 0xffffffff
63
64#define KEYSCHEDULE_UPDATE1(T0, T1, X1, X2, X3, X4, KC) \
65 (T0) = (X1); \
66 (X1) = (((X1)>>8) ^ ((X2)<<24)) & 0xffffffff; \
67 (X2) = (((X2)>>8) ^ ((T0)<<24)) & 0xffffffff; \
68 (T0) = ((X1) + (X3) - (KC)) & 0xffffffff; \
69 (T1) = ((X2) + (KC) - (X4)) & 0xffffffff
70
71#define KEYUPDATE_TEMP(T0, T1, K) \
72 (K)[0] = G_FUNC((T0)); \
73 (K)[1] = G_FUNC((T1))
74
75#define XOR_SEEDBLOCK(DST, SRC) \
76 ((DST))[0] ^= ((SRC))[0]; \
77 ((DST))[1] ^= ((SRC))[1]; \
78 ((DST))[2] ^= ((SRC))[2]; \
79 ((DST))[3] ^= ((SRC))[3]
80
81#define MOV_SEEDBLOCK(DST, SRC) \
82 ((DST))[0] = ((SRC))[0]; \
83 ((DST))[1] = ((SRC))[1]; \
84 ((DST))[2] = ((SRC))[2]; \
85 ((DST))[3] = ((SRC))[3]
86
87# define CHAR2WORD(C, I) \
88 char2word((C), (I)[0]); \
89 char2word((C+4), (I)[1]); \
90 char2word((C+8), (I)[2]); \
91 char2word((C+12), (I)[3])
92
93# define WORD2CHAR(I, C) \
94 word2char((I)[0], (C)); \
95 word2char((I)[1], (C+4)); \
96 word2char((I)[2], (C+8)); \
97 word2char((I)[3], (C+12))
98
99# define E_SEED(T0, T1, X1, X2, X3, X4, rbase) \
100 (T0) = (X3) ^ (ks->data)[(rbase)]; \
101 (T1) = (X4) ^ (ks->data)[(rbase)+1]; \
102 (T1) ^= (T0); \
103 (T1) = G_FUNC((T1)); \
104 (T0) = ((T0) + (T1)) & 0xffffffff; \
105 (T0) = G_FUNC((T0)); \
106 (T1) = ((T1) + (T0)) & 0xffffffff; \
107 (T1) = G_FUNC((T1)); \
108 (T0) = ((T0) + (T1)) & 0xffffffff; \
109 (X1) ^= (T0); \
110 (X2) ^= (T1)
111
112#ifdef __cplusplus
113}
114#endif
115
116#endif /* HEADER_SEED_LOCL_H */
diff --git a/src/lib/libcrypto/seed/seed_ofb.c b/src/lib/libcrypto/seed/seed_ofb.c
new file mode 100644
index 0000000000..e2f3f57a38
--- /dev/null
+++ b/src/lib/libcrypto/seed/seed_ofb.c
@@ -0,0 +1,128 @@
1/* crypto/seed/seed_ofb.c -*- mode:C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 */
51/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
52 * All rights reserved.
53 *
54 * This package is an SSL implementation written
55 * by Eric Young (eay@cryptsoft.com).
56 * The implementation was written so as to conform with Netscapes SSL.
57 *
58 * This library is free for commercial and non-commercial use as long as
59 * the following conditions are aheared to. The following conditions
60 * apply to all code found in this distribution, be it the RC4, RSA,
61 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
62 * included with this distribution is covered by the same copyright terms
63 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
64 *
65 * Copyright remains Eric Young's, and as such any Copyright notices in
66 * the code are not to be removed.
67 * If this package is used in a product, Eric Young should be given attribution
68 * as the author of the parts of the library used.
69 * This can be in the form of a textual message at program startup or
70 * in documentation (online or textual) provided with the package.
71 *
72 * Redistribution and use in source and binary forms, with or without
73 * modification, are permitted provided that the following conditions
74 * are met:
75 * 1. Redistributions of source code must retain the copyright
76 * notice, this list of conditions and the following disclaimer.
77 * 2. Redistributions in binary form must reproduce the above copyright
78 * notice, this list of conditions and the following disclaimer in the
79 * documentation and/or other materials provided with the distribution.
80 * 3. All advertising materials mentioning features or use of this software
81 * must display the following acknowledgement:
82 * "This product includes cryptographic software written by
83 * Eric Young (eay@cryptsoft.com)"
84 * The word 'cryptographic' can be left out if the rouines from the library
85 * being used are not cryptographic related :-).
86 * 4. If you include any Windows specific code (or a derivative thereof) from
87 * the apps directory (application code) you must include an acknowledgement:
88 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
89 *
90 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
91 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
92 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
93 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
94 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
95 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
96 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
97 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
98 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
99 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
100 * SUCH DAMAGE.
101 *
102 * The licence and distribution terms for any publically available version or
103 * derivative of this code cannot be changed. i.e. this code cannot simply be
104 * copied and put under another distribution licence
105 * [including the GNU Public Licence.]
106 */
107
108#include "seed_locl.h"
109#include <string.h>
110
111void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
112 size_t len, const SEED_KEY_SCHEDULE *ks,
113 unsigned char ivec[SEED_BLOCK_SIZE], int *num)
114 {
115 int n;
116
117 n = *num;
118
119 while (len--)
120 {
121 if (n == 0)
122 SEED_encrypt(ivec, ivec, ks);
123 *(out++) = *(in++) ^ ivec[n];
124 n = (n+1) % SEED_BLOCK_SIZE;
125 }
126
127 *num = n;
128 }
diff --git a/src/lib/libcrypto/sha/sha256t.c b/src/lib/libcrypto/sha/sha256t.c
new file mode 100644
index 0000000000..6b4a3bd001
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha256t.c
@@ -0,0 +1,147 @@
1/* crypto/sha/sha256t.c */
2/* ====================================================================
3 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
4 * ====================================================================
5 */
6#include <stdio.h>
7#include <string.h>
8#include <stdlib.h>
9
10#include <openssl/sha.h>
11#include <openssl/evp.h>
12
13#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256)
14int main(int argc, char *argv[])
15{
16 printf("No SHA256 support\n");
17 return(0);
18}
19#else
20
21unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
22 0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
23 0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23,
24 0xb0,0x03,0x61,0xa3,0x96,0x17,0x7a,0x9c,
25 0xb4,0x10,0xff,0x61,0xf2,0x00,0x15,0xad };
26
27unsigned char app_b2[SHA256_DIGEST_LENGTH] = {
28 0x24,0x8d,0x6a,0x61,0xd2,0x06,0x38,0xb8,
29 0xe5,0xc0,0x26,0x93,0x0c,0x3e,0x60,0x39,
30 0xa3,0x3c,0xe4,0x59,0x64,0xff,0x21,0x67,
31 0xf6,0xec,0xed,0xd4,0x19,0xdb,0x06,0xc1 };
32
33unsigned char app_b3[SHA256_DIGEST_LENGTH] = {
34 0xcd,0xc7,0x6e,0x5c,0x99,0x14,0xfb,0x92,
35 0x81,0xa1,0xc7,0xe2,0x84,0xd7,0x3e,0x67,
36 0xf1,0x80,0x9a,0x48,0xa4,0x97,0x20,0x0e,
37 0x04,0x6d,0x39,0xcc,0xc7,0x11,0x2c,0xd0 };
38
39unsigned char addenum_1[SHA224_DIGEST_LENGTH] = {
40 0x23,0x09,0x7d,0x22,0x34,0x05,0xd8,0x22,
41 0x86,0x42,0xa4,0x77,0xbd,0xa2,0x55,0xb3,
42 0x2a,0xad,0xbc,0xe4,0xbd,0xa0,0xb3,0xf7,
43 0xe3,0x6c,0x9d,0xa7 };
44
45unsigned char addenum_2[SHA224_DIGEST_LENGTH] = {
46 0x75,0x38,0x8b,0x16,0x51,0x27,0x76,0xcc,
47 0x5d,0xba,0x5d,0xa1,0xfd,0x89,0x01,0x50,
48 0xb0,0xc6,0x45,0x5c,0xb4,0xf5,0x8b,0x19,
49 0x52,0x52,0x25,0x25 };
50
51unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
52 0x20,0x79,0x46,0x55,0x98,0x0c,0x91,0xd8,
53 0xbb,0xb4,0xc1,0xea,0x97,0x61,0x8a,0x4b,
54 0xf0,0x3f,0x42,0x58,0x19,0x48,0xb2,0xee,
55 0x4e,0xe7,0xad,0x67 };
56
57int main (int argc,char **argv)
58{ unsigned char md[SHA256_DIGEST_LENGTH];
59 int i;
60 EVP_MD_CTX evp;
61
62 fprintf(stdout,"Testing SHA-256 ");
63
64 EVP_Digest ("abc",3,md,NULL,EVP_sha256(),NULL);
65 if (memcmp(md,app_b1,sizeof(app_b1)))
66 { fflush(stdout);
67 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
68 return 1;
69 }
70 else
71 fprintf(stdout,"."); fflush(stdout);
72
73 EVP_Digest ("abcdbcde""cdefdefg""efghfghi""ghijhijk"
74 "ijkljklm""klmnlmno""mnopnopq",56,md,NULL,EVP_sha256(),NULL);
75 if (memcmp(md,app_b2,sizeof(app_b2)))
76 { fflush(stdout);
77 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
78 return 1;
79 }
80 else
81 fprintf(stdout,"."); fflush(stdout);
82
83 EVP_MD_CTX_init (&evp);
84 EVP_DigestInit_ex (&evp,EVP_sha256(),NULL);
85 for (i=0;i<1000000;i+=160)
86 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
87 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
88 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
89 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
90 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
91 (1000000-i)<160?1000000-i:160);
92 EVP_DigestFinal_ex (&evp,md,NULL);
93 EVP_MD_CTX_cleanup (&evp);
94
95 if (memcmp(md,app_b3,sizeof(app_b3)))
96 { fflush(stdout);
97 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
98 return 1;
99 }
100 else
101 fprintf(stdout,"."); fflush(stdout);
102
103 fprintf(stdout," passed.\n"); fflush(stdout);
104
105 fprintf(stdout,"Testing SHA-224 ");
106
107 EVP_Digest ("abc",3,md,NULL,EVP_sha224(),NULL);
108 if (memcmp(md,addenum_1,sizeof(addenum_1)))
109 { fflush(stdout);
110 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
111 return 1;
112 }
113 else
114 fprintf(stdout,"."); fflush(stdout);
115
116 EVP_Digest ("abcdbcde""cdefdefg""efghfghi""ghijhijk"
117 "ijkljklm""klmnlmno""mnopnopq",56,md,NULL,EVP_sha224(),NULL);
118 if (memcmp(md,addenum_2,sizeof(addenum_2)))
119 { fflush(stdout);
120 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
121 return 1;
122 }
123 else
124 fprintf(stdout,"."); fflush(stdout);
125
126 EVP_MD_CTX_init (&evp);
127 EVP_DigestInit_ex (&evp,EVP_sha224(),NULL);
128 for (i=0;i<1000000;i+=64)
129 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
130 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
131 (1000000-i)<64?1000000-i:64);
132 EVP_DigestFinal_ex (&evp,md,NULL);
133 EVP_MD_CTX_cleanup (&evp);
134
135 if (memcmp(md,addenum_3,sizeof(addenum_3)))
136 { fflush(stdout);
137 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
138 return 1;
139 }
140 else
141 fprintf(stdout,"."); fflush(stdout);
142
143 fprintf(stdout," passed.\n"); fflush(stdout);
144
145 return 0;
146}
147#endif
diff --git a/src/lib/libcrypto/sha/sha512t.c b/src/lib/libcrypto/sha/sha512t.c
new file mode 100644
index 0000000000..210041d435
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha512t.c
@@ -0,0 +1,184 @@
1/* crypto/sha/sha512t.c */
2/* ====================================================================
3 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
4 * ====================================================================
5 */
6#include <stdio.h>
7#include <string.h>
8#include <stdlib.h>
9
10#include <openssl/sha.h>
11#include <openssl/evp.h>
12#include <openssl/crypto.h>
13
14#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512)
15int main(int argc, char *argv[])
16{
17 printf("No SHA512 support\n");
18 return(0);
19}
20#else
21
22unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
23 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
24 0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31,
25 0x12,0xe6,0xfa,0x4e,0x89,0xa9,0x7e,0xa2,
26 0x0a,0x9e,0xee,0xe6,0x4b,0x55,0xd3,0x9a,
27 0x21,0x92,0x99,0x2a,0x27,0x4f,0xc1,0xa8,
28 0x36,0xba,0x3c,0x23,0xa3,0xfe,0xeb,0xbd,
29 0x45,0x4d,0x44,0x23,0x64,0x3c,0xe8,0x0e,
30 0x2a,0x9a,0xc9,0x4f,0xa5,0x4c,0xa4,0x9f };
31
32unsigned char app_c2[SHA512_DIGEST_LENGTH] = {
33 0x8e,0x95,0x9b,0x75,0xda,0xe3,0x13,0xda,
34 0x8c,0xf4,0xf7,0x28,0x14,0xfc,0x14,0x3f,
35 0x8f,0x77,0x79,0xc6,0xeb,0x9f,0x7f,0xa1,
36 0x72,0x99,0xae,0xad,0xb6,0x88,0x90,0x18,
37 0x50,0x1d,0x28,0x9e,0x49,0x00,0xf7,0xe4,
38 0x33,0x1b,0x99,0xde,0xc4,0xb5,0x43,0x3a,
39 0xc7,0xd3,0x29,0xee,0xb6,0xdd,0x26,0x54,
40 0x5e,0x96,0xe5,0x5b,0x87,0x4b,0xe9,0x09 };
41
42unsigned char app_c3[SHA512_DIGEST_LENGTH] = {
43 0xe7,0x18,0x48,0x3d,0x0c,0xe7,0x69,0x64,
44 0x4e,0x2e,0x42,0xc7,0xbc,0x15,0xb4,0x63,
45 0x8e,0x1f,0x98,0xb1,0x3b,0x20,0x44,0x28,
46 0x56,0x32,0xa8,0x03,0xaf,0xa9,0x73,0xeb,
47 0xde,0x0f,0xf2,0x44,0x87,0x7e,0xa6,0x0a,
48 0x4c,0xb0,0x43,0x2c,0xe5,0x77,0xc3,0x1b,
49 0xeb,0x00,0x9c,0x5c,0x2c,0x49,0xaa,0x2e,
50 0x4e,0xad,0xb2,0x17,0xad,0x8c,0xc0,0x9b };
51
52unsigned char app_d1[SHA384_DIGEST_LENGTH] = {
53 0xcb,0x00,0x75,0x3f,0x45,0xa3,0x5e,0x8b,
54 0xb5,0xa0,0x3d,0x69,0x9a,0xc6,0x50,0x07,
55 0x27,0x2c,0x32,0xab,0x0e,0xde,0xd1,0x63,
56 0x1a,0x8b,0x60,0x5a,0x43,0xff,0x5b,0xed,
57 0x80,0x86,0x07,0x2b,0xa1,0xe7,0xcc,0x23,
58 0x58,0xba,0xec,0xa1,0x34,0xc8,0x25,0xa7 };
59
60unsigned char app_d2[SHA384_DIGEST_LENGTH] = {
61 0x09,0x33,0x0c,0x33,0xf7,0x11,0x47,0xe8,
62 0x3d,0x19,0x2f,0xc7,0x82,0xcd,0x1b,0x47,
63 0x53,0x11,0x1b,0x17,0x3b,0x3b,0x05,0xd2,
64 0x2f,0xa0,0x80,0x86,0xe3,0xb0,0xf7,0x12,
65 0xfc,0xc7,0xc7,0x1a,0x55,0x7e,0x2d,0xb9,
66 0x66,0xc3,0xe9,0xfa,0x91,0x74,0x60,0x39 };
67
68unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
69 0x9d,0x0e,0x18,0x09,0x71,0x64,0x74,0xcb,
70 0x08,0x6e,0x83,0x4e,0x31,0x0a,0x4a,0x1c,
71 0xed,0x14,0x9e,0x9c,0x00,0xf2,0x48,0x52,
72 0x79,0x72,0xce,0xc5,0x70,0x4c,0x2a,0x5b,
73 0x07,0xb8,0xb3,0xdc,0x38,0xec,0xc4,0xeb,
74 0xae,0x97,0xdd,0xd8,0x7f,0x3d,0x89,0x85 };
75
76int main (int argc,char **argv)
77{ unsigned char md[SHA512_DIGEST_LENGTH];
78 int i;
79 EVP_MD_CTX evp;
80
81#ifdef OPENSSL_IA32_SSE2
82 /* Alternative to this is to call OpenSSL_add_all_algorithms...
83 * The below code is retained exclusively for debugging purposes. */
84 { char *env;
85
86 if ((env=getenv("OPENSSL_ia32cap")))
87 OPENSSL_ia32cap = strtoul (env,NULL,0);
88 }
89#endif
90
91 fprintf(stdout,"Testing SHA-512 ");
92
93 EVP_Digest ("abc",3,md,NULL,EVP_sha512(),NULL);
94 if (memcmp(md,app_c1,sizeof(app_c1)))
95 { fflush(stdout);
96 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
97 return 1;
98 }
99 else
100 fprintf(stdout,"."); fflush(stdout);
101
102 EVP_Digest ("abcdefgh""bcdefghi""cdefghij""defghijk"
103 "efghijkl""fghijklm""ghijklmn""hijklmno"
104 "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
105 "mnopqrst""nopqrstu",112,md,NULL,EVP_sha512(),NULL);
106 if (memcmp(md,app_c2,sizeof(app_c2)))
107 { fflush(stdout);
108 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
109 return 1;
110 }
111 else
112 fprintf(stdout,"."); fflush(stdout);
113
114 EVP_MD_CTX_init (&evp);
115 EVP_DigestInit_ex (&evp,EVP_sha512(),NULL);
116 for (i=0;i<1000000;i+=288)
117 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
118 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
119 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
120 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
121 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
122 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
123 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
124 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
125 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
126 (1000000-i)<288?1000000-i:288);
127 EVP_DigestFinal_ex (&evp,md,NULL);
128 EVP_MD_CTX_cleanup (&evp);
129
130 if (memcmp(md,app_c3,sizeof(app_c3)))
131 { fflush(stdout);
132 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
133 return 1;
134 }
135 else
136 fprintf(stdout,"."); fflush(stdout);
137
138 fprintf(stdout," passed.\n"); fflush(stdout);
139
140 fprintf(stdout,"Testing SHA-384 ");
141
142 EVP_Digest ("abc",3,md,NULL,EVP_sha384(),NULL);
143 if (memcmp(md,app_d1,sizeof(app_d1)))
144 { fflush(stdout);
145 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
146 return 1;
147 }
148 else
149 fprintf(stdout,"."); fflush(stdout);
150
151 EVP_Digest ("abcdefgh""bcdefghi""cdefghij""defghijk"
152 "efghijkl""fghijklm""ghijklmn""hijklmno"
153 "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
154 "mnopqrst""nopqrstu",112,md,NULL,EVP_sha384(),NULL);
155 if (memcmp(md,app_d2,sizeof(app_d2)))
156 { fflush(stdout);
157 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
158 return 1;
159 }
160 else
161 fprintf(stdout,"."); fflush(stdout);
162
163 EVP_MD_CTX_init (&evp);
164 EVP_DigestInit_ex (&evp,EVP_sha384(),NULL);
165 for (i=0;i<1000000;i+=64)
166 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
167 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
168 (1000000-i)<64?1000000-i:64);
169 EVP_DigestFinal_ex (&evp,md,NULL);
170 EVP_MD_CTX_cleanup (&evp);
171
172 if (memcmp(md,app_d3,sizeof(app_d3)))
173 { fflush(stdout);
174 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
175 return 1;
176 }
177 else
178 fprintf(stdout,"."); fflush(stdout);
179
180 fprintf(stdout," passed.\n"); fflush(stdout);
181
182 return 0;
183}
184#endif
diff --git a/src/lib/libcrypto/store/Makefile b/src/lib/libcrypto/store/Makefile
new file mode 100644
index 0000000000..0dcfd7857a
--- /dev/null
+++ b/src/lib/libcrypto/store/Makefile
@@ -0,0 +1,112 @@
1#
2# OpenSSL/crypto/store/Makefile
3#
4
5DIR= store
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16#TEST= storetest.c
17TEST=
18APPS=
19
20LIB=$(TOP)/libcrypto.a
21LIBSRC= str_err.c str_lib.c str_meth.c str_mem.c
22LIBOBJ= str_err.o str_lib.o str_meth.o str_mem.o
23
24SRC= $(LIBSRC)
25
26#EXHEADER= store.h str_compat.h
27EXHEADER= store.h
28HEADER= $(EXHEADER) str_locl.h
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35all: lib
36
37lib: $(LIBOBJ)
38 $(AR) $(LIB) $(LIBOBJ)
39 $(RANLIB) $(LIB) || echo Never mind.
40 @touch lib
41
42files:
43 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
44
45links:
46 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
48 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
49
50install:
51 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
52 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done;
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
68 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
69
70dclean:
71 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
72 mv -f Makefile.new $(MAKEFILE)
73
74clean:
75 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
76
77# DO NOT DELETE THIS LINE -- make depend depends on it.
78
79str_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
80str_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
81str_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
82str_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
83str_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
84str_err.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
85str_err.o: str_err.c
86str_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
87str_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
88str_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
89str_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
90str_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
91str_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
92str_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
93str_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
94str_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
95str_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
96str_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
97str_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
98str_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
99str_lib.o: str_lib.c str_locl.h
100str_mem.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
101str_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
102str_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
103str_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
104str_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
105str_mem.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
106str_mem.o: str_locl.h str_mem.c
107str_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
108str_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
109str_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
110str_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
111str_meth.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
112str_meth.o: str_locl.h str_meth.c
diff --git a/src/lib/libcrypto/store/README b/src/lib/libcrypto/store/README
new file mode 100644
index 0000000000..966168f6a5
--- /dev/null
+++ b/src/lib/libcrypto/store/README
@@ -0,0 +1,95 @@
1The STORE type
2==============
3
4A STORE, as defined in this code section, is really a rather simple
5thing which stores objects and per-object associations to a number
6of attributes. What attributes are supported entirely depends on
7the particular implementation of a STORE. It has some support for
8generation of certain objects (for example, keys and CRLs).
9
10
11Supported object types
12----------------------
13
14For now, the objects that are supported are the following:
15
16X.509 certificate
17X.509 CRL
18private key
19public key
20number
21arbitrary (application) data
22
23The intention is that a STORE should be able to store everything
24needed by an application that wants a cert/key store, as well as
25the data a CA might need to store (this includes the serial number
26counter, which explains the support for numbers).
27
28
29Supported attribute types
30-------------------------
31
32For now, the following attributes are supported:
33
34Friendly Name - the value is a normal C string
35Key ID - the value is a 160 bit SHA1 hash
36Issuer Key ID - the value is a 160 bit SHA1 hash
37Subject Key ID - the value is a 160 bit SHA1 hash
38Issuer/Serial Hash - the value is a 160 bit SHA1 hash
39Issuer - the value is a X509_NAME
40Serial - the value is a BIGNUM
41Subject - the value is a X509_NAME
42Certificate Hash - the value is a 160 bit SHA1 hash
43Email - the value is a normal C string
44Filename - the value is a normal C string
45
46It is expected that these attributes should be enough to support
47the need from most, if not all, current applications. Applications
48that need to do certificate verification would typically use Subject
49Key ID, Issuer/Serial Hash or Subject to look up issuer certificates.
50S/MIME applications would typically use Email to look up recipient
51and signer certificates.
52
53There's added support for combined sets of attributes to search for,
54with the special OR attribute.
55
56
57Supported basic functionality
58-----------------------------
59
60The functions that are supported through the STORE type are these:
61
62generate_object - for example to generate keys and CRLs
63get_object - to look up one object
64 NOTE: this function is really rather
65 redundant and probably of lesser usage
66 than the list functions
67store_object - store an object and the attributes
68 associated with it
69modify_object - modify the attributes associated with
70 a specific object
71revoke_object - revoke an object
72 NOTE: this only marks an object as
73 invalid, it doesn't remove the object
74 from the database
75delete_object - remove an object from the database
76list_object - list objects associated with a given
77 set of attributes
78 NOTE: this is really four functions:
79 list_start, list_next, list_end and
80 list_endp
81update_store - update the internal data of the store
82lock_store - lock the store
83unlock_store - unlock the store
84
85The list functions need some extra explanation: list_start is
86used to set up a lookup. That's where the attributes to use in
87the search are set up. It returns a search context. list_next
88returns the next object searched for. list_end closes the search.
89list_endp is used to check if we have reached the end.
90
91A few words on the store functions as well: update_store is
92typically used by a CA application to update the internal
93structure of a database. This may for example involve automatic
94removal of expired certificates. lock_store and unlock_store
95are used for locking a store to allow exclusive writes.
diff --git a/src/lib/libcrypto/store/store.h b/src/lib/libcrypto/store/store.h
new file mode 100644
index 0000000000..64583377a9
--- /dev/null
+++ b/src/lib/libcrypto/store/store.h
@@ -0,0 +1,554 @@
1/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003.
4 */
5/* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_STORE_H
60#define HEADER_STORE_H
61
62#include <openssl/ossl_typ.h>
63#ifndef OPENSSL_NO_DEPRECATED
64#include <openssl/evp.h>
65#include <openssl/bn.h>
66#include <openssl/x509.h>
67#endif
68
69#ifdef __cplusplus
70extern "C" {
71#endif
72
73/* Already defined in ossl_typ.h */
74/* typedef struct store_st STORE; */
75/* typedef struct store_method_st STORE_METHOD; */
76
77
78/* All the following functions return 0, a negative number or NULL on error.
79 When everything is fine, they return a positive value or a non-NULL
80 pointer, all depending on their purpose. */
81
82/* Creators and destructor. */
83STORE *STORE_new_method(const STORE_METHOD *method);
84STORE *STORE_new_engine(ENGINE *engine);
85void STORE_free(STORE *ui);
86
87
88/* Give a user interface parametrised control commands. This can be used to
89 send down an integer, a data pointer or a function pointer, as well as
90 be used to get information from a STORE. */
91int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void));
92
93/* A control to set the directory with keys and certificates. Used by the
94 built-in directory level method. */
95#define STORE_CTRL_SET_DIRECTORY 0x0001
96/* A control to set a file to load. Used by the built-in file level method. */
97#define STORE_CTRL_SET_FILE 0x0002
98/* A control to set a configuration file to load. Can be used by any method
99 that wishes to load a configuration file. */
100#define STORE_CTRL_SET_CONF_FILE 0x0003
101/* A control to set a the section of the loaded configuration file. Can be
102 used by any method that wishes to load a configuration file. */
103#define STORE_CTRL_SET_CONF_SECTION 0x0004
104
105
106/* Some methods may use extra data */
107#define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
108#define STORE_get_app_data(s) STORE_get_ex_data(s,0)
109int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
110 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
111int STORE_set_ex_data(STORE *r,int idx,void *arg);
112void *STORE_get_ex_data(STORE *r, int idx);
113
114/* Use specific methods instead of the built-in one */
115const STORE_METHOD *STORE_get_method(STORE *store);
116const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
117
118/* The standard OpenSSL methods. */
119/* This is the in-memory method. It does everything except revoking and updating,
120 and is of course volatile. It's used by other methods that have an in-memory
121 cache. */
122const STORE_METHOD *STORE_Memory(void);
123#if 0 /* Not yet implemented */
124/* This is the directory store. It does everything except revoking and updating,
125 and uses STORE_Memory() to cache things in memory. */
126const STORE_METHOD *STORE_Directory(void);
127/* This is the file store. It does everything except revoking and updating,
128 and uses STORE_Memory() to cache things in memory. Certificates are added
129 to it with the store operation, and it will only get cached certificates. */
130const STORE_METHOD *STORE_File(void);
131#endif
132
133/* Store functions take a type code for the type of data they should store
134 or fetch */
135typedef enum STORE_object_types
136 {
137 STORE_OBJECT_TYPE_X509_CERTIFICATE= 0x01, /* X509 * */
138 STORE_OBJECT_TYPE_X509_CRL= 0x02, /* X509_CRL * */
139 STORE_OBJECT_TYPE_PRIVATE_KEY= 0x03, /* EVP_PKEY * */
140 STORE_OBJECT_TYPE_PUBLIC_KEY= 0x04, /* EVP_PKEY * */
141 STORE_OBJECT_TYPE_NUMBER= 0x05, /* BIGNUM * */
142 STORE_OBJECT_TYPE_ARBITRARY= 0x06, /* BUF_MEM * */
143 STORE_OBJECT_TYPE_NUM= 0x06 /* The amount of known
144 object types */
145 } STORE_OBJECT_TYPES;
146/* List of text strings corresponding to the object types. */
147extern const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1];
148
149/* Some store functions take a parameter list. Those parameters come with
150 one of the following codes. The comments following the codes below indicate
151 what type the value should be a pointer to. */
152typedef enum STORE_params
153 {
154 STORE_PARAM_EVP_TYPE= 0x01, /* int */
155 STORE_PARAM_BITS= 0x02, /* size_t */
156 STORE_PARAM_KEY_PARAMETERS= 0x03, /* ??? */
157 STORE_PARAM_KEY_NO_PARAMETERS= 0x04, /* N/A */
158 STORE_PARAM_AUTH_PASSPHRASE= 0x05, /* char * */
159 STORE_PARAM_AUTH_KRB5_TICKET= 0x06, /* void * */
160 STORE_PARAM_TYPE_NUM= 0x06 /* The amount of known
161 parameter types */
162 } STORE_PARAM_TYPES;
163/* Parameter value sizes. -1 means unknown, anything else is the required size. */
164extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1];
165
166/* Store functions take attribute lists. Those attributes come with codes.
167 The comments following the codes below indicate what type the value should
168 be a pointer to. */
169typedef enum STORE_attribs
170 {
171 STORE_ATTR_END= 0x00,
172 STORE_ATTR_FRIENDLYNAME= 0x01, /* C string */
173 STORE_ATTR_KEYID= 0x02, /* 160 bit string (SHA1) */
174 STORE_ATTR_ISSUERKEYID= 0x03, /* 160 bit string (SHA1) */
175 STORE_ATTR_SUBJECTKEYID= 0x04, /* 160 bit string (SHA1) */
176 STORE_ATTR_ISSUERSERIALHASH= 0x05, /* 160 bit string (SHA1) */
177 STORE_ATTR_ISSUER= 0x06, /* X509_NAME * */
178 STORE_ATTR_SERIAL= 0x07, /* BIGNUM * */
179 STORE_ATTR_SUBJECT= 0x08, /* X509_NAME * */
180 STORE_ATTR_CERTHASH= 0x09, /* 160 bit string (SHA1) */
181 STORE_ATTR_EMAIL= 0x0a, /* C string */
182 STORE_ATTR_FILENAME= 0x0b, /* C string */
183 STORE_ATTR_TYPE_NUM= 0x0b, /* The amount of known
184 attribute types */
185 STORE_ATTR_OR= 0xff /* This is a special
186 separator, which
187 expresses the OR
188 operation. */
189 } STORE_ATTR_TYPES;
190/* Attribute value sizes. -1 means unknown, anything else is the required size. */
191extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1];
192
193typedef enum STORE_certificate_status
194 {
195 STORE_X509_VALID= 0x00,
196 STORE_X509_EXPIRED= 0x01,
197 STORE_X509_SUSPENDED= 0x02,
198 STORE_X509_REVOKED= 0x03
199 } STORE_CERTIFICATE_STATUS;
200
201/* Engine store functions will return a structure that contains all the necessary
202 * information, including revokation status for certificates. This is really not
203 * needed for application authors, as the ENGINE framework functions will extract
204 * the OpenSSL-specific information when at all possible. However, for engine
205 * authors, it's crucial to know this structure. */
206typedef struct STORE_OBJECT_st
207 {
208 STORE_OBJECT_TYPES type;
209 union
210 {
211 struct
212 {
213 STORE_CERTIFICATE_STATUS status;
214 X509 *certificate;
215 } x509;
216 X509_CRL *crl;
217 EVP_PKEY *key;
218 BIGNUM *number;
219 BUF_MEM *arbitrary;
220 } data;
221 } STORE_OBJECT;
222DECLARE_STACK_OF(STORE_OBJECT)
223STORE_OBJECT *STORE_OBJECT_new(void);
224void STORE_OBJECT_free(STORE_OBJECT *data);
225
226
227
228/* The following functions handle the storage. They return 0, a negative number
229 or NULL on error, anything else on success. */
230X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
231 OPENSSL_ITEM parameters[]);
232int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
233 OPENSSL_ITEM parameters[]);
234int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
235 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
236 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
237int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
238 OPENSSL_ITEM parameters[]);
239int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
240 OPENSSL_ITEM parameters[]);
241void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
242 OPENSSL_ITEM parameters[]);
243X509 *STORE_list_certificate_next(STORE *e, void *handle);
244int STORE_list_certificate_end(STORE *e, void *handle);
245int STORE_list_certificate_endp(STORE *e, void *handle);
246EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
247 OPENSSL_ITEM parameters[]);
248EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
249 OPENSSL_ITEM parameters[]);
250int STORE_store_private_key(STORE *e, EVP_PKEY *data,
251 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
252int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
253 OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
254 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
255int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
256 OPENSSL_ITEM parameters[]);
257int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
258 OPENSSL_ITEM parameters[]);
259void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
260 OPENSSL_ITEM parameters[]);
261EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
262int STORE_list_private_key_end(STORE *e, void *handle);
263int STORE_list_private_key_endp(STORE *e, void *handle);
264EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
265 OPENSSL_ITEM parameters[]);
266int STORE_store_public_key(STORE *e, EVP_PKEY *data, OPENSSL_ITEM attributes[],
267 OPENSSL_ITEM parameters[]);
268int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
269 OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
270 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
271int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
272 OPENSSL_ITEM parameters[]);
273int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
274 OPENSSL_ITEM parameters[]);
275void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
276 OPENSSL_ITEM parameters[]);
277EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
278int STORE_list_public_key_end(STORE *e, void *handle);
279int STORE_list_public_key_endp(STORE *e, void *handle);
280X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
281 OPENSSL_ITEM parameters[]);
282X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
283 OPENSSL_ITEM parameters[]);
284int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
285 OPENSSL_ITEM parameters[]);
286int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
287 OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
288 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
289int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
290 OPENSSL_ITEM parameters[]);
291void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
292 OPENSSL_ITEM parameters[]);
293X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
294int STORE_list_crl_end(STORE *e, void *handle);
295int STORE_list_crl_endp(STORE *e, void *handle);
296int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
297 OPENSSL_ITEM parameters[]);
298int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
299 OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
300 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
301BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
302 OPENSSL_ITEM parameters[]);
303int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
304 OPENSSL_ITEM parameters[]);
305int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
306 OPENSSL_ITEM parameters[]);
307int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
308 OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
309 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
310BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
311 OPENSSL_ITEM parameters[]);
312int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
313 OPENSSL_ITEM parameters[]);
314
315
316/* Create and manipulate methods */
317STORE_METHOD *STORE_create_method(char *name);
318void STORE_destroy_method(STORE_METHOD *store_method);
319
320/* These callback types are use for store handlers */
321typedef int (*STORE_INITIALISE_FUNC_PTR)(STORE *);
322typedef void (*STORE_CLEANUP_FUNC_PTR)(STORE *);
323typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
324typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
325typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
326typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
327typedef int (*STORE_END_OBJECT_FUNC_PTR)(STORE *, void *handle);
328typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
329typedef int (*STORE_STORE_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, STORE_OBJECT *data, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
330typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM search_attributes[], OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[], OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
331typedef int (*STORE_GENERIC_FUNC_PTR)(STORE *, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
332typedef int (*STORE_CTRL_FUNC_PTR)(STORE *, int cmd, long l, void *p, void (*f)(void));
333
334int STORE_method_set_initialise_function(STORE_METHOD *sm, STORE_INITIALISE_FUNC_PTR init_f);
335int STORE_method_set_cleanup_function(STORE_METHOD *sm, STORE_CLEANUP_FUNC_PTR clean_f);
336int STORE_method_set_generate_function(STORE_METHOD *sm, STORE_GENERATE_OBJECT_FUNC_PTR generate_f);
337int STORE_method_set_get_function(STORE_METHOD *sm, STORE_GET_OBJECT_FUNC_PTR get_f);
338int STORE_method_set_store_function(STORE_METHOD *sm, STORE_STORE_OBJECT_FUNC_PTR store_f);
339int STORE_method_set_modify_function(STORE_METHOD *sm, STORE_MODIFY_OBJECT_FUNC_PTR store_f);
340int STORE_method_set_revoke_function(STORE_METHOD *sm, STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
341int STORE_method_set_delete_function(STORE_METHOD *sm, STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
342int STORE_method_set_list_start_function(STORE_METHOD *sm, STORE_START_OBJECT_FUNC_PTR list_start_f);
343int STORE_method_set_list_next_function(STORE_METHOD *sm, STORE_NEXT_OBJECT_FUNC_PTR list_next_f);
344int STORE_method_set_list_end_function(STORE_METHOD *sm, STORE_END_OBJECT_FUNC_PTR list_end_f);
345int STORE_method_set_update_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR);
346int STORE_method_set_lock_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR);
347int STORE_method_set_unlock_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR);
348int STORE_method_set_ctrl_function(STORE_METHOD *sm, STORE_CTRL_FUNC_PTR ctrl_f);
349
350STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD *sm);
351STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
352STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD *sm);
353STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
354STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
355STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD *sm);
356STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD *sm);
357STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD *sm);
358STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD *sm);
359STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD *sm);
360STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm);
361STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD *sm);
362STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
363STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD *sm);
364STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
365
366/* Method helper structures and functions. */
367
368/* This structure is the result of parsing through the information in a list
369 of OPENSSL_ITEMs. It stores all the necessary information in a structured
370 way.*/
371typedef struct STORE_attr_info_st STORE_ATTR_INFO;
372
373/* Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
374 Note that we do this in the list form, since the list of OPENSSL_ITEMs can
375 come in blocks separated with STORE_ATTR_OR. Note that the value returned
376 by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free(). */
377void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
378STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
379int STORE_parse_attrs_end(void *handle);
380int STORE_parse_attrs_endp(void *handle);
381
382/* Creator and destructor */
383STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
384int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
385
386/* Manipulators */
387char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code);
388unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
389 STORE_ATTR_TYPES code);
390X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code);
391BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code);
392int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
393 char *cstr, size_t cstr_size);
394int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
395 unsigned char *sha1str, size_t sha1str_size);
396int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
397 X509_NAME *dn);
398int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
399 BIGNUM *number);
400int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
401 char *cstr, size_t cstr_size);
402int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
403 unsigned char *sha1str, size_t sha1str_size);
404int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
405 X509_NAME *dn);
406int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
407 BIGNUM *number);
408
409/* Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values
410 in each contained attribute. */
411int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
412/* Check if the set of attributes in a is within the range of attributes
413 set in b. */
414int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
415/* Check if the set of attributes in a are also set in b. */
416int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
417/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
418int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
419
420
421/* BEGIN ERROR CODES */
422/* The following lines are auto generated by the script mkerr.pl. Any changes
423 * made after this point may be overwritten when the script is next run.
424 */
425void ERR_load_STORE_strings(void);
426
427/* Error codes for the STORE functions. */
428
429/* Function codes. */
430#define STORE_F_MEM_DELETE 134
431#define STORE_F_MEM_GENERATE 135
432#define STORE_F_MEM_LIST_END 168
433#define STORE_F_MEM_LIST_NEXT 136
434#define STORE_F_MEM_LIST_START 137
435#define STORE_F_MEM_MODIFY 169
436#define STORE_F_MEM_STORE 138
437#define STORE_F_STORE_ATTR_INFO_GET0_CSTR 139
438#define STORE_F_STORE_ATTR_INFO_GET0_DN 140
439#define STORE_F_STORE_ATTR_INFO_GET0_NUMBER 141
440#define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR 142
441#define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR 143
442#define STORE_F_STORE_ATTR_INFO_MODIFY_DN 144
443#define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER 145
444#define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR 146
445#define STORE_F_STORE_ATTR_INFO_SET_CSTR 147
446#define STORE_F_STORE_ATTR_INFO_SET_DN 148
447#define STORE_F_STORE_ATTR_INFO_SET_NUMBER 149
448#define STORE_F_STORE_ATTR_INFO_SET_SHA1STR 150
449#define STORE_F_STORE_CERTIFICATE 170
450#define STORE_F_STORE_CTRL 161
451#define STORE_F_STORE_DELETE_ARBITRARY 158
452#define STORE_F_STORE_DELETE_CERTIFICATE 102
453#define STORE_F_STORE_DELETE_CRL 103
454#define STORE_F_STORE_DELETE_NUMBER 104
455#define STORE_F_STORE_DELETE_PRIVATE_KEY 105
456#define STORE_F_STORE_DELETE_PUBLIC_KEY 106
457#define STORE_F_STORE_GENERATE_CRL 107
458#define STORE_F_STORE_GENERATE_KEY 108
459#define STORE_F_STORE_GET_ARBITRARY 159
460#define STORE_F_STORE_GET_CERTIFICATE 109
461#define STORE_F_STORE_GET_CRL 110
462#define STORE_F_STORE_GET_NUMBER 111
463#define STORE_F_STORE_GET_PRIVATE_KEY 112
464#define STORE_F_STORE_GET_PUBLIC_KEY 113
465#define STORE_F_STORE_LIST_CERTIFICATE_END 114
466#define STORE_F_STORE_LIST_CERTIFICATE_ENDP 153
467#define STORE_F_STORE_LIST_CERTIFICATE_NEXT 115
468#define STORE_F_STORE_LIST_CERTIFICATE_START 116
469#define STORE_F_STORE_LIST_CRL_END 117
470#define STORE_F_STORE_LIST_CRL_ENDP 154
471#define STORE_F_STORE_LIST_CRL_NEXT 118
472#define STORE_F_STORE_LIST_CRL_START 119
473#define STORE_F_STORE_LIST_PRIVATE_KEY_END 120
474#define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP 155
475#define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT 121
476#define STORE_F_STORE_LIST_PRIVATE_KEY_START 122
477#define STORE_F_STORE_LIST_PUBLIC_KEY_END 123
478#define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP 156
479#define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT 124
480#define STORE_F_STORE_LIST_PUBLIC_KEY_START 125
481#define STORE_F_STORE_MODIFY_ARBITRARY 162
482#define STORE_F_STORE_MODIFY_CERTIFICATE 163
483#define STORE_F_STORE_MODIFY_CRL 164
484#define STORE_F_STORE_MODIFY_NUMBER 165
485#define STORE_F_STORE_MODIFY_PRIVATE_KEY 166
486#define STORE_F_STORE_MODIFY_PUBLIC_KEY 167
487#define STORE_F_STORE_NEW_ENGINE 133
488#define STORE_F_STORE_NEW_METHOD 132
489#define STORE_F_STORE_PARSE_ATTRS_END 151
490#define STORE_F_STORE_PARSE_ATTRS_ENDP 172
491#define STORE_F_STORE_PARSE_ATTRS_NEXT 152
492#define STORE_F_STORE_PARSE_ATTRS_START 171
493#define STORE_F_STORE_REVOKE_CERTIFICATE 129
494#define STORE_F_STORE_REVOKE_PRIVATE_KEY 130
495#define STORE_F_STORE_REVOKE_PUBLIC_KEY 131
496#define STORE_F_STORE_STORE_ARBITRARY 157
497#define STORE_F_STORE_STORE_CERTIFICATE 100
498#define STORE_F_STORE_STORE_CRL 101
499#define STORE_F_STORE_STORE_NUMBER 126
500#define STORE_F_STORE_STORE_PRIVATE_KEY 127
501#define STORE_F_STORE_STORE_PUBLIC_KEY 128
502
503/* Reason codes. */
504#define STORE_R_ALREADY_HAS_A_VALUE 127
505#define STORE_R_FAILED_DELETING_ARBITRARY 132
506#define STORE_R_FAILED_DELETING_CERTIFICATE 100
507#define STORE_R_FAILED_DELETING_KEY 101
508#define STORE_R_FAILED_DELETING_NUMBER 102
509#define STORE_R_FAILED_GENERATING_CRL 103
510#define STORE_R_FAILED_GENERATING_KEY 104
511#define STORE_R_FAILED_GETTING_ARBITRARY 133
512#define STORE_R_FAILED_GETTING_CERTIFICATE 105
513#define STORE_R_FAILED_GETTING_KEY 106
514#define STORE_R_FAILED_GETTING_NUMBER 107
515#define STORE_R_FAILED_LISTING_CERTIFICATES 108
516#define STORE_R_FAILED_LISTING_KEYS 109
517#define STORE_R_FAILED_MODIFYING_ARBITRARY 138
518#define STORE_R_FAILED_MODIFYING_CERTIFICATE 139
519#define STORE_R_FAILED_MODIFYING_CRL 140
520#define STORE_R_FAILED_MODIFYING_NUMBER 141
521#define STORE_R_FAILED_MODIFYING_PRIVATE_KEY 142
522#define STORE_R_FAILED_MODIFYING_PUBLIC_KEY 143
523#define STORE_R_FAILED_REVOKING_CERTIFICATE 110
524#define STORE_R_FAILED_REVOKING_KEY 111
525#define STORE_R_FAILED_STORING_ARBITRARY 134
526#define STORE_R_FAILED_STORING_CERTIFICATE 112
527#define STORE_R_FAILED_STORING_KEY 113
528#define STORE_R_FAILED_STORING_NUMBER 114
529#define STORE_R_NOT_IMPLEMENTED 128
530#define STORE_R_NO_CONTROL_FUNCTION 144
531#define STORE_R_NO_DELETE_ARBITRARY_FUNCTION 135
532#define STORE_R_NO_DELETE_NUMBER_FUNCTION 115
533#define STORE_R_NO_DELETE_OBJECT_FUNCTION 116
534#define STORE_R_NO_GENERATE_CRL_FUNCTION 117
535#define STORE_R_NO_GENERATE_OBJECT_FUNCTION 118
536#define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION 136
537#define STORE_R_NO_GET_OBJECT_FUNCTION 119
538#define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION 120
539#define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION 131
540#define STORE_R_NO_LIST_OBJECT_END_FUNCTION 121
541#define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION 122
542#define STORE_R_NO_LIST_OBJECT_START_FUNCTION 123
543#define STORE_R_NO_MODIFY_OBJECT_FUNCTION 145
544#define STORE_R_NO_REVOKE_OBJECT_FUNCTION 124
545#define STORE_R_NO_STORE 129
546#define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION 137
547#define STORE_R_NO_STORE_OBJECT_FUNCTION 125
548#define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION 126
549#define STORE_R_NO_VALUE 130
550
551#ifdef __cplusplus
552}
553#endif
554#endif
diff --git a/src/lib/libcrypto/store/str_err.c b/src/lib/libcrypto/store/str_err.c
new file mode 100644
index 0000000000..6fee649822
--- /dev/null
+++ b/src/lib/libcrypto/store/str_err.c
@@ -0,0 +1,211 @@
1/* crypto/store/str_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/store.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_STORE,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_STORE,0,reason)
70
71static ERR_STRING_DATA STORE_str_functs[]=
72 {
73{ERR_FUNC(STORE_F_MEM_DELETE), "MEM_DELETE"},
74{ERR_FUNC(STORE_F_MEM_GENERATE), "MEM_GENERATE"},
75{ERR_FUNC(STORE_F_MEM_LIST_END), "MEM_LIST_END"},
76{ERR_FUNC(STORE_F_MEM_LIST_NEXT), "MEM_LIST_NEXT"},
77{ERR_FUNC(STORE_F_MEM_LIST_START), "MEM_LIST_START"},
78{ERR_FUNC(STORE_F_MEM_MODIFY), "MEM_MODIFY"},
79{ERR_FUNC(STORE_F_MEM_STORE), "MEM_STORE"},
80{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_CSTR), "STORE_ATTR_INFO_get0_cstr"},
81{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_DN), "STORE_ATTR_INFO_get0_dn"},
82{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_NUMBER), "STORE_ATTR_INFO_get0_number"},
83{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR), "STORE_ATTR_INFO_get0_sha1str"},
84{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR), "STORE_ATTR_INFO_modify_cstr"},
85{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_DN), "STORE_ATTR_INFO_modify_dn"},
86{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER), "STORE_ATTR_INFO_modify_number"},
87{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR), "STORE_ATTR_INFO_modify_sha1str"},
88{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_CSTR), "STORE_ATTR_INFO_set_cstr"},
89{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_DN), "STORE_ATTR_INFO_set_dn"},
90{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_NUMBER), "STORE_ATTR_INFO_set_number"},
91{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_SHA1STR), "STORE_ATTR_INFO_set_sha1str"},
92{ERR_FUNC(STORE_F_STORE_CERTIFICATE), "STORE_CERTIFICATE"},
93{ERR_FUNC(STORE_F_STORE_CTRL), "STORE_ctrl"},
94{ERR_FUNC(STORE_F_STORE_DELETE_ARBITRARY), "STORE_delete_arbitrary"},
95{ERR_FUNC(STORE_F_STORE_DELETE_CERTIFICATE), "STORE_delete_certificate"},
96{ERR_FUNC(STORE_F_STORE_DELETE_CRL), "STORE_delete_crl"},
97{ERR_FUNC(STORE_F_STORE_DELETE_NUMBER), "STORE_delete_number"},
98{ERR_FUNC(STORE_F_STORE_DELETE_PRIVATE_KEY), "STORE_delete_private_key"},
99{ERR_FUNC(STORE_F_STORE_DELETE_PUBLIC_KEY), "STORE_delete_public_key"},
100{ERR_FUNC(STORE_F_STORE_GENERATE_CRL), "STORE_generate_crl"},
101{ERR_FUNC(STORE_F_STORE_GENERATE_KEY), "STORE_generate_key"},
102{ERR_FUNC(STORE_F_STORE_GET_ARBITRARY), "STORE_get_arbitrary"},
103{ERR_FUNC(STORE_F_STORE_GET_CERTIFICATE), "STORE_get_certificate"},
104{ERR_FUNC(STORE_F_STORE_GET_CRL), "STORE_get_crl"},
105{ERR_FUNC(STORE_F_STORE_GET_NUMBER), "STORE_get_number"},
106{ERR_FUNC(STORE_F_STORE_GET_PRIVATE_KEY), "STORE_get_private_key"},
107{ERR_FUNC(STORE_F_STORE_GET_PUBLIC_KEY), "STORE_get_public_key"},
108{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_END), "STORE_list_certificate_end"},
109{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_ENDP), "STORE_list_certificate_endp"},
110{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_NEXT), "STORE_list_certificate_next"},
111{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_START), "STORE_list_certificate_start"},
112{ERR_FUNC(STORE_F_STORE_LIST_CRL_END), "STORE_list_crl_end"},
113{ERR_FUNC(STORE_F_STORE_LIST_CRL_ENDP), "STORE_list_crl_endp"},
114{ERR_FUNC(STORE_F_STORE_LIST_CRL_NEXT), "STORE_list_crl_next"},
115{ERR_FUNC(STORE_F_STORE_LIST_CRL_START), "STORE_list_crl_start"},
116{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_END), "STORE_list_private_key_end"},
117{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP), "STORE_list_private_key_endp"},
118{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT), "STORE_list_private_key_next"},
119{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_START), "STORE_list_private_key_start"},
120{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_END), "STORE_list_public_key_end"},
121{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP), "STORE_list_public_key_endp"},
122{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT), "STORE_list_public_key_next"},
123{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_START), "STORE_list_public_key_start"},
124{ERR_FUNC(STORE_F_STORE_MODIFY_ARBITRARY), "STORE_modify_arbitrary"},
125{ERR_FUNC(STORE_F_STORE_MODIFY_CERTIFICATE), "STORE_modify_certificate"},
126{ERR_FUNC(STORE_F_STORE_MODIFY_CRL), "STORE_modify_crl"},
127{ERR_FUNC(STORE_F_STORE_MODIFY_NUMBER), "STORE_modify_number"},
128{ERR_FUNC(STORE_F_STORE_MODIFY_PRIVATE_KEY), "STORE_modify_private_key"},
129{ERR_FUNC(STORE_F_STORE_MODIFY_PUBLIC_KEY), "STORE_modify_public_key"},
130{ERR_FUNC(STORE_F_STORE_NEW_ENGINE), "STORE_new_engine"},
131{ERR_FUNC(STORE_F_STORE_NEW_METHOD), "STORE_new_method"},
132{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_END), "STORE_parse_attrs_end"},
133{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_ENDP), "STORE_parse_attrs_endp"},
134{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_NEXT), "STORE_parse_attrs_next"},
135{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_START), "STORE_parse_attrs_start"},
136{ERR_FUNC(STORE_F_STORE_REVOKE_CERTIFICATE), "STORE_revoke_certificate"},
137{ERR_FUNC(STORE_F_STORE_REVOKE_PRIVATE_KEY), "STORE_revoke_private_key"},
138{ERR_FUNC(STORE_F_STORE_REVOKE_PUBLIC_KEY), "STORE_revoke_public_key"},
139{ERR_FUNC(STORE_F_STORE_STORE_ARBITRARY), "STORE_store_arbitrary"},
140{ERR_FUNC(STORE_F_STORE_STORE_CERTIFICATE), "STORE_store_certificate"},
141{ERR_FUNC(STORE_F_STORE_STORE_CRL), "STORE_store_crl"},
142{ERR_FUNC(STORE_F_STORE_STORE_NUMBER), "STORE_store_number"},
143{ERR_FUNC(STORE_F_STORE_STORE_PRIVATE_KEY), "STORE_store_private_key"},
144{ERR_FUNC(STORE_F_STORE_STORE_PUBLIC_KEY), "STORE_store_public_key"},
145{0,NULL}
146 };
147
148static ERR_STRING_DATA STORE_str_reasons[]=
149 {
150{ERR_REASON(STORE_R_ALREADY_HAS_A_VALUE) ,"already has a value"},
151{ERR_REASON(STORE_R_FAILED_DELETING_ARBITRARY),"failed deleting arbitrary"},
152{ERR_REASON(STORE_R_FAILED_DELETING_CERTIFICATE),"failed deleting certificate"},
153{ERR_REASON(STORE_R_FAILED_DELETING_KEY) ,"failed deleting key"},
154{ERR_REASON(STORE_R_FAILED_DELETING_NUMBER),"failed deleting number"},
155{ERR_REASON(STORE_R_FAILED_GENERATING_CRL),"failed generating crl"},
156{ERR_REASON(STORE_R_FAILED_GENERATING_KEY),"failed generating key"},
157{ERR_REASON(STORE_R_FAILED_GETTING_ARBITRARY),"failed getting arbitrary"},
158{ERR_REASON(STORE_R_FAILED_GETTING_CERTIFICATE),"failed getting certificate"},
159{ERR_REASON(STORE_R_FAILED_GETTING_KEY) ,"failed getting key"},
160{ERR_REASON(STORE_R_FAILED_GETTING_NUMBER),"failed getting number"},
161{ERR_REASON(STORE_R_FAILED_LISTING_CERTIFICATES),"failed listing certificates"},
162{ERR_REASON(STORE_R_FAILED_LISTING_KEYS) ,"failed listing keys"},
163{ERR_REASON(STORE_R_FAILED_MODIFYING_ARBITRARY),"failed modifying arbitrary"},
164{ERR_REASON(STORE_R_FAILED_MODIFYING_CERTIFICATE),"failed modifying certificate"},
165{ERR_REASON(STORE_R_FAILED_MODIFYING_CRL),"failed modifying crl"},
166{ERR_REASON(STORE_R_FAILED_MODIFYING_NUMBER),"failed modifying number"},
167{ERR_REASON(STORE_R_FAILED_MODIFYING_PRIVATE_KEY),"failed modifying private key"},
168{ERR_REASON(STORE_R_FAILED_MODIFYING_PUBLIC_KEY),"failed modifying public key"},
169{ERR_REASON(STORE_R_FAILED_REVOKING_CERTIFICATE),"failed revoking certificate"},
170{ERR_REASON(STORE_R_FAILED_REVOKING_KEY) ,"failed revoking key"},
171{ERR_REASON(STORE_R_FAILED_STORING_ARBITRARY),"failed storing arbitrary"},
172{ERR_REASON(STORE_R_FAILED_STORING_CERTIFICATE),"failed storing certificate"},
173{ERR_REASON(STORE_R_FAILED_STORING_KEY) ,"failed storing key"},
174{ERR_REASON(STORE_R_FAILED_STORING_NUMBER),"failed storing number"},
175{ERR_REASON(STORE_R_NOT_IMPLEMENTED) ,"not implemented"},
176{ERR_REASON(STORE_R_NO_CONTROL_FUNCTION) ,"no control function"},
177{ERR_REASON(STORE_R_NO_DELETE_ARBITRARY_FUNCTION),"no delete arbitrary function"},
178{ERR_REASON(STORE_R_NO_DELETE_NUMBER_FUNCTION),"no delete number function"},
179{ERR_REASON(STORE_R_NO_DELETE_OBJECT_FUNCTION),"no delete object function"},
180{ERR_REASON(STORE_R_NO_GENERATE_CRL_FUNCTION),"no generate crl function"},
181{ERR_REASON(STORE_R_NO_GENERATE_OBJECT_FUNCTION),"no generate object function"},
182{ERR_REASON(STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION),"no get object arbitrary function"},
183{ERR_REASON(STORE_R_NO_GET_OBJECT_FUNCTION),"no get object function"},
184{ERR_REASON(STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION),"no get object number function"},
185{ERR_REASON(STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION),"no list object endp function"},
186{ERR_REASON(STORE_R_NO_LIST_OBJECT_END_FUNCTION),"no list object end function"},
187{ERR_REASON(STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION),"no list object next function"},
188{ERR_REASON(STORE_R_NO_LIST_OBJECT_START_FUNCTION),"no list object start function"},
189{ERR_REASON(STORE_R_NO_MODIFY_OBJECT_FUNCTION),"no modify object function"},
190{ERR_REASON(STORE_R_NO_REVOKE_OBJECT_FUNCTION),"no revoke object function"},
191{ERR_REASON(STORE_R_NO_STORE) ,"no store"},
192{ERR_REASON(STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION),"no store object arbitrary function"},
193{ERR_REASON(STORE_R_NO_STORE_OBJECT_FUNCTION),"no store object function"},
194{ERR_REASON(STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION),"no store object number function"},
195{ERR_REASON(STORE_R_NO_VALUE) ,"no value"},
196{0,NULL}
197 };
198
199#endif
200
201void ERR_load_STORE_strings(void)
202 {
203#ifndef OPENSSL_NO_ERR
204
205 if (ERR_func_error_string(STORE_str_functs[0].error) == NULL)
206 {
207 ERR_load_strings(0,STORE_str_functs);
208 ERR_load_strings(0,STORE_str_reasons);
209 }
210#endif
211 }
diff --git a/src/lib/libcrypto/store/str_lib.c b/src/lib/libcrypto/store/str_lib.c
new file mode 100644
index 0000000000..32ae5bd395
--- /dev/null
+++ b/src/lib/libcrypto/store/str_lib.c
@@ -0,0 +1,1824 @@
1/* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003.
4 */
5/* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <string.h>
60#include <openssl/bn.h>
61#include <openssl/err.h>
62#ifndef OPENSSL_NO_ENGINE
63#include <openssl/engine.h>
64#endif
65#include <openssl/sha.h>
66#include <openssl/x509.h>
67#include "str_locl.h"
68
69const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
70 {
71 0,
72 "X.509 Certificate",
73 "X.509 CRL",
74 "Private Key",
75 "Public Key",
76 "Number",
77 "Arbitrary Data"
78 };
79
80const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
81 {
82 0,
83 sizeof(int), /* EVP_TYPE */
84 sizeof(size_t), /* BITS */
85 -1, /* KEY_PARAMETERS */
86 0 /* KEY_NO_PARAMETERS */
87 };
88
89const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
90 {
91 0,
92 -1, /* FRIENDLYNAME: C string */
93 SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
94 SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
95 SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
96 SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
97 sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
98 sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
99 sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
100 SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
101 -1, /* EMAIL: C string */
102 -1, /* FILENAME: C string */
103 };
104
105STORE *STORE_new_method(const STORE_METHOD *method)
106 {
107 STORE *ret;
108
109 if (method == NULL)
110 {
111 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
112 return NULL;
113 }
114
115 ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
116 if (ret == NULL)
117 {
118 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
119 return NULL;
120 }
121
122 ret->meth=method;
123
124 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
125 if (ret->meth->init && !ret->meth->init(ret))
126 {
127 STORE_free(ret);
128 ret = NULL;
129 }
130 return ret;
131 }
132
133STORE *STORE_new_engine(ENGINE *engine)
134 {
135 STORE *ret = NULL;
136 ENGINE *e = engine;
137 const STORE_METHOD *meth = 0;
138
139#ifdef OPENSSL_NO_ENGINE
140 e = NULL;
141#else
142 if (engine)
143 {
144 if (!ENGINE_init(engine))
145 {
146 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
147 return NULL;
148 }
149 e = engine;
150 }
151 else
152 {
153 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
154 return NULL;
155 }
156 if(e)
157 {
158 meth = ENGINE_get_STORE(e);
159 if(!meth)
160 {
161 STOREerr(STORE_F_STORE_NEW_ENGINE,
162 ERR_R_ENGINE_LIB);
163 ENGINE_finish(e);
164 return NULL;
165 }
166 }
167#endif
168
169 ret = STORE_new_method(meth);
170 if (ret == NULL)
171 {
172 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
173 return NULL;
174 }
175
176 ret->engine = e;
177
178 return(ret);
179 }
180
181void STORE_free(STORE *store)
182 {
183 if (store == NULL)
184 return;
185 if (store->meth->clean)
186 store->meth->clean(store);
187 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
188 OPENSSL_free(store);
189 }
190
191int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void))
192 {
193 if (store == NULL)
194 {
195 STOREerr(STORE_F_STORE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
196 return 0;
197 }
198 if (store->meth->ctrl)
199 return store->meth->ctrl(store, cmd, i, p, f);
200 STOREerr(STORE_F_STORE_CTRL,STORE_R_NO_CONTROL_FUNCTION);
201 return 0;
202 }
203
204
205int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
206 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
207 {
208 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
209 new_func, dup_func, free_func);
210 }
211
212int STORE_set_ex_data(STORE *r, int idx, void *arg)
213 {
214 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
215 }
216
217void *STORE_get_ex_data(STORE *r, int idx)
218 {
219 return(CRYPTO_get_ex_data(&r->ex_data,idx));
220 }
221
222const STORE_METHOD *STORE_get_method(STORE *store)
223 {
224 return store->meth;
225 }
226
227const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
228 {
229 store->meth=meth;
230 return store->meth;
231 }
232
233
234/* API helpers */
235
236#define check_store(s,fncode,fnname,fnerrcode) \
237 do \
238 { \
239 if ((s) == NULL || (s)->meth == NULL) \
240 { \
241 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
242 return 0; \
243 } \
244 if ((s)->meth->fnname == NULL) \
245 { \
246 STOREerr((fncode), (fnerrcode)); \
247 return 0; \
248 } \
249 } \
250 while(0)
251
252/* API functions */
253
254X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
255 OPENSSL_ITEM parameters[])
256 {
257 STORE_OBJECT *object;
258 X509 *x;
259
260 check_store(s,STORE_F_STORE_GET_CERTIFICATE,
261 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
262
263 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
264 attributes, parameters);
265 if (!object || !object->data.x509.certificate)
266 {
267 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
268 STORE_R_FAILED_GETTING_CERTIFICATE);
269 return 0;
270 }
271 CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
272#ifdef REF_PRINT
273 REF_PRINT("X509",data);
274#endif
275 x = object->data.x509.certificate;
276 STORE_OBJECT_free(object);
277 return x;
278 }
279
280int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
281 OPENSSL_ITEM parameters[])
282 {
283 STORE_OBJECT *object;
284 int i;
285
286 check_store(s,STORE_F_STORE_CERTIFICATE,
287 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
288
289 object = STORE_OBJECT_new();
290 if (!object)
291 {
292 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
293 ERR_R_MALLOC_FAILURE);
294 return 0;
295 }
296
297 CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
298#ifdef REF_PRINT
299 REF_PRINT("X509",data);
300#endif
301 object->data.x509.certificate = data;
302
303 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
304 object, attributes, parameters);
305
306 STORE_OBJECT_free(object);
307
308 if (!i)
309 {
310 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
311 STORE_R_FAILED_STORING_CERTIFICATE);
312 return 0;
313 }
314 return 1;
315 }
316
317int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
318 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
319 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
320 {
321 check_store(s,STORE_F_STORE_MODIFY_CERTIFICATE,
322 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
323
324 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
325 search_attributes, add_attributes, modify_attributes,
326 delete_attributes, parameters))
327 {
328 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
329 STORE_R_FAILED_MODIFYING_CERTIFICATE);
330 return 0;
331 }
332 return 1;
333 }
334
335int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
336 OPENSSL_ITEM parameters[])
337 {
338 check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
339 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
340
341 if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
342 attributes, parameters))
343 {
344 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
345 STORE_R_FAILED_REVOKING_CERTIFICATE);
346 return 0;
347 }
348 return 1;
349 }
350
351int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
352 OPENSSL_ITEM parameters[])
353 {
354 check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
355 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
356
357 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
358 attributes, parameters))
359 {
360 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
361 STORE_R_FAILED_DELETING_CERTIFICATE);
362 return 0;
363 }
364 return 1;
365 }
366
367void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
368 OPENSSL_ITEM parameters[])
369 {
370 void *handle;
371
372 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
373 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
374
375 handle = s->meth->list_object_start(s,
376 STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
377 if (!handle)
378 {
379 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
380 STORE_R_FAILED_LISTING_CERTIFICATES);
381 return 0;
382 }
383 return handle;
384 }
385
386X509 *STORE_list_certificate_next(STORE *s, void *handle)
387 {
388 STORE_OBJECT *object;
389 X509 *x;
390
391 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
392 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
393
394 object = s->meth->list_object_next(s, handle);
395 if (!object || !object->data.x509.certificate)
396 {
397 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
398 STORE_R_FAILED_LISTING_CERTIFICATES);
399 return 0;
400 }
401 CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
402#ifdef REF_PRINT
403 REF_PRINT("X509",data);
404#endif
405 x = object->data.x509.certificate;
406 STORE_OBJECT_free(object);
407 return x;
408 }
409
410int STORE_list_certificate_end(STORE *s, void *handle)
411 {
412 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
413 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
414
415 if (!s->meth->list_object_end(s, handle))
416 {
417 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
418 STORE_R_FAILED_LISTING_CERTIFICATES);
419 return 0;
420 }
421 return 1;
422 }
423
424int STORE_list_certificate_endp(STORE *s, void *handle)
425 {
426 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
427 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
428
429 if (!s->meth->list_object_endp(s, handle))
430 {
431 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
432 STORE_R_FAILED_LISTING_CERTIFICATES);
433 return 0;
434 }
435 return 1;
436 }
437
438EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
439 OPENSSL_ITEM parameters[])
440 {
441 STORE_OBJECT *object;
442 EVP_PKEY *pkey;
443
444 check_store(s,STORE_F_STORE_GENERATE_KEY,
445 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
446
447 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
448 attributes, parameters);
449 if (!object || !object->data.key)
450 {
451 STOREerr(STORE_F_STORE_GENERATE_KEY,
452 STORE_R_FAILED_GENERATING_KEY);
453 return 0;
454 }
455 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
456#ifdef REF_PRINT
457 REF_PRINT("EVP_PKEY",data);
458#endif
459 pkey = object->data.key;
460 STORE_OBJECT_free(object);
461 return pkey;
462 }
463
464EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
465 OPENSSL_ITEM parameters[])
466 {
467 STORE_OBJECT *object;
468 EVP_PKEY *pkey;
469
470 check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
471 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
472
473 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
474 attributes, parameters);
475 if (!object || !object->data.key || !object->data.key)
476 {
477 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
478 STORE_R_FAILED_GETTING_KEY);
479 return 0;
480 }
481 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
482#ifdef REF_PRINT
483 REF_PRINT("EVP_PKEY",data);
484#endif
485 pkey = object->data.key;
486 STORE_OBJECT_free(object);
487 return pkey;
488 }
489
490int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
491 OPENSSL_ITEM parameters[])
492 {
493 STORE_OBJECT *object;
494 int i;
495
496 check_store(s,STORE_F_STORE_STORE_PRIVATE_KEY,
497 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
498
499 object = STORE_OBJECT_new();
500 if (!object)
501 {
502 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
503 ERR_R_MALLOC_FAILURE);
504 return 0;
505 }
506 object->data.key = EVP_PKEY_new();
507 if (!object->data.key)
508 {
509 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
510 ERR_R_MALLOC_FAILURE);
511 return 0;
512 }
513
514 CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
515#ifdef REF_PRINT
516 REF_PRINT("EVP_PKEY",data);
517#endif
518 object->data.key = data;
519
520 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
521 attributes, parameters);
522
523 STORE_OBJECT_free(object);
524
525 if (!i)
526 {
527 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
528 STORE_R_FAILED_STORING_KEY);
529 return 0;
530 }
531 return i;
532 }
533
534int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
535 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
536 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
537 {
538 check_store(s,STORE_F_STORE_MODIFY_PRIVATE_KEY,
539 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
540
541 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
542 search_attributes, add_attributes, modify_attributes,
543 delete_attributes, parameters))
544 {
545 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
546 STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
547 return 0;
548 }
549 return 1;
550 }
551
552int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
553 OPENSSL_ITEM parameters[])
554 {
555 int i;
556
557 check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
558 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
559
560 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
561 attributes, parameters);
562
563 if (!i)
564 {
565 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
566 STORE_R_FAILED_REVOKING_KEY);
567 return 0;
568 }
569 return i;
570 }
571
572int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
573 OPENSSL_ITEM parameters[])
574 {
575 check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
576 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
577
578 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
579 attributes, parameters))
580 {
581 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
582 STORE_R_FAILED_DELETING_KEY);
583 return 0;
584 }
585 return 1;
586 }
587
588void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
589 OPENSSL_ITEM parameters[])
590 {
591 void *handle;
592
593 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
594 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
595
596 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
597 attributes, parameters);
598 if (!handle)
599 {
600 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
601 STORE_R_FAILED_LISTING_KEYS);
602 return 0;
603 }
604 return handle;
605 }
606
607EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
608 {
609 STORE_OBJECT *object;
610 EVP_PKEY *pkey;
611
612 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
613 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
614
615 object = s->meth->list_object_next(s, handle);
616 if (!object || !object->data.key || !object->data.key)
617 {
618 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
619 STORE_R_FAILED_LISTING_KEYS);
620 return 0;
621 }
622 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
623#ifdef REF_PRINT
624 REF_PRINT("EVP_PKEY",data);
625#endif
626 pkey = object->data.key;
627 STORE_OBJECT_free(object);
628 return pkey;
629 }
630
631int STORE_list_private_key_end(STORE *s, void *handle)
632 {
633 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
634 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
635
636 if (!s->meth->list_object_end(s, handle))
637 {
638 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
639 STORE_R_FAILED_LISTING_KEYS);
640 return 0;
641 }
642 return 1;
643 }
644
645int STORE_list_private_key_endp(STORE *s, void *handle)
646 {
647 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
648 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
649
650 if (!s->meth->list_object_endp(s, handle))
651 {
652 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
653 STORE_R_FAILED_LISTING_KEYS);
654 return 0;
655 }
656 return 1;
657 }
658
659EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
660 OPENSSL_ITEM parameters[])
661 {
662 STORE_OBJECT *object;
663 EVP_PKEY *pkey;
664
665 check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
666 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
667
668 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
669 attributes, parameters);
670 if (!object || !object->data.key || !object->data.key)
671 {
672 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
673 STORE_R_FAILED_GETTING_KEY);
674 return 0;
675 }
676 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
677#ifdef REF_PRINT
678 REF_PRINT("EVP_PKEY",data);
679#endif
680 pkey = object->data.key;
681 STORE_OBJECT_free(object);
682 return pkey;
683 }
684
685int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
686 OPENSSL_ITEM parameters[])
687 {
688 STORE_OBJECT *object;
689 int i;
690
691 check_store(s,STORE_F_STORE_STORE_PUBLIC_KEY,
692 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
693
694 object = STORE_OBJECT_new();
695 if (!object)
696 {
697 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
698 ERR_R_MALLOC_FAILURE);
699 return 0;
700 }
701 object->data.key = EVP_PKEY_new();
702 if (!object->data.key)
703 {
704 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
705 ERR_R_MALLOC_FAILURE);
706 return 0;
707 }
708
709 CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
710#ifdef REF_PRINT
711 REF_PRINT("EVP_PKEY",data);
712#endif
713 object->data.key = data;
714
715 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
716 attributes, parameters);
717
718 STORE_OBJECT_free(object);
719
720 if (!i)
721 {
722 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
723 STORE_R_FAILED_STORING_KEY);
724 return 0;
725 }
726 return i;
727 }
728
729int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
730 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
731 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
732 {
733 check_store(s,STORE_F_STORE_MODIFY_PUBLIC_KEY,
734 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
735
736 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
737 search_attributes, add_attributes, modify_attributes,
738 delete_attributes, parameters))
739 {
740 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
741 STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
742 return 0;
743 }
744 return 1;
745 }
746
747int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
748 OPENSSL_ITEM parameters[])
749 {
750 int i;
751
752 check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
753 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
754
755 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
756 attributes, parameters);
757
758 if (!i)
759 {
760 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
761 STORE_R_FAILED_REVOKING_KEY);
762 return 0;
763 }
764 return i;
765 }
766
767int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
768 OPENSSL_ITEM parameters[])
769 {
770 check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
771 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
772
773 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
774 attributes, parameters))
775 {
776 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
777 STORE_R_FAILED_DELETING_KEY);
778 return 0;
779 }
780 return 1;
781 }
782
783void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
784 OPENSSL_ITEM parameters[])
785 {
786 void *handle;
787
788 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
789 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
790
791 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
792 attributes, parameters);
793 if (!handle)
794 {
795 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
796 STORE_R_FAILED_LISTING_KEYS);
797 return 0;
798 }
799 return handle;
800 }
801
802EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
803 {
804 STORE_OBJECT *object;
805 EVP_PKEY *pkey;
806
807 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
808 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
809
810 object = s->meth->list_object_next(s, handle);
811 if (!object || !object->data.key || !object->data.key)
812 {
813 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
814 STORE_R_FAILED_LISTING_KEYS);
815 return 0;
816 }
817 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
818#ifdef REF_PRINT
819 REF_PRINT("EVP_PKEY",data);
820#endif
821 pkey = object->data.key;
822 STORE_OBJECT_free(object);
823 return pkey;
824 }
825
826int STORE_list_public_key_end(STORE *s, void *handle)
827 {
828 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
829 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
830
831 if (!s->meth->list_object_end(s, handle))
832 {
833 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
834 STORE_R_FAILED_LISTING_KEYS);
835 return 0;
836 }
837 return 1;
838 }
839
840int STORE_list_public_key_endp(STORE *s, void *handle)
841 {
842 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
843 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
844
845 if (!s->meth->list_object_endp(s, handle))
846 {
847 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
848 STORE_R_FAILED_LISTING_KEYS);
849 return 0;
850 }
851 return 1;
852 }
853
854X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
855 OPENSSL_ITEM parameters[])
856 {
857 STORE_OBJECT *object;
858 X509_CRL *crl;
859
860 check_store(s,STORE_F_STORE_GENERATE_CRL,
861 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
862
863 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
864 attributes, parameters);
865 if (!object || !object->data.crl)
866 {
867 STOREerr(STORE_F_STORE_GENERATE_CRL,
868 STORE_R_FAILED_GENERATING_CRL);
869 return 0;
870 }
871 CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
872#ifdef REF_PRINT
873 REF_PRINT("X509_CRL",data);
874#endif
875 crl = object->data.crl;
876 STORE_OBJECT_free(object);
877 return crl;
878 }
879
880X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
881 OPENSSL_ITEM parameters[])
882 {
883 STORE_OBJECT *object;
884 X509_CRL *crl;
885
886 check_store(s,STORE_F_STORE_GET_CRL,
887 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
888
889 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
890 attributes, parameters);
891 if (!object || !object->data.crl)
892 {
893 STOREerr(STORE_F_STORE_GET_CRL,
894 STORE_R_FAILED_GETTING_KEY);
895 return 0;
896 }
897 CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
898#ifdef REF_PRINT
899 REF_PRINT("X509_CRL",data);
900#endif
901 crl = object->data.crl;
902 STORE_OBJECT_free(object);
903 return crl;
904 }
905
906int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
907 OPENSSL_ITEM parameters[])
908 {
909 STORE_OBJECT *object;
910 int i;
911
912 check_store(s,STORE_F_STORE_STORE_CRL,
913 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
914
915 object = STORE_OBJECT_new();
916 if (!object)
917 {
918 STOREerr(STORE_F_STORE_STORE_CRL,
919 ERR_R_MALLOC_FAILURE);
920 return 0;
921 }
922
923 CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
924#ifdef REF_PRINT
925 REF_PRINT("X509_CRL",data);
926#endif
927 object->data.crl = data;
928
929 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
930 attributes, parameters);
931
932 STORE_OBJECT_free(object);
933
934 if (!i)
935 {
936 STOREerr(STORE_F_STORE_STORE_CRL,
937 STORE_R_FAILED_STORING_KEY);
938 return 0;
939 }
940 return i;
941 }
942
943int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
944 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
945 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
946 {
947 check_store(s,STORE_F_STORE_MODIFY_CRL,
948 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
949
950 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
951 search_attributes, add_attributes, modify_attributes,
952 delete_attributes, parameters))
953 {
954 STOREerr(STORE_F_STORE_MODIFY_CRL,
955 STORE_R_FAILED_MODIFYING_CRL);
956 return 0;
957 }
958 return 1;
959 }
960
961int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
962 OPENSSL_ITEM parameters[])
963 {
964 check_store(s,STORE_F_STORE_DELETE_CRL,
965 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
966
967 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
968 attributes, parameters))
969 {
970 STOREerr(STORE_F_STORE_DELETE_CRL,
971 STORE_R_FAILED_DELETING_KEY);
972 return 0;
973 }
974 return 1;
975 }
976
977void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
978 OPENSSL_ITEM parameters[])
979 {
980 void *handle;
981
982 check_store(s,STORE_F_STORE_LIST_CRL_START,
983 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
984
985 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
986 attributes, parameters);
987 if (!handle)
988 {
989 STOREerr(STORE_F_STORE_LIST_CRL_START,
990 STORE_R_FAILED_LISTING_KEYS);
991 return 0;
992 }
993 return handle;
994 }
995
996X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
997 {
998 STORE_OBJECT *object;
999 X509_CRL *crl;
1000
1001 check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
1002 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
1003
1004 object = s->meth->list_object_next(s, handle);
1005 if (!object || !object->data.crl)
1006 {
1007 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
1008 STORE_R_FAILED_LISTING_KEYS);
1009 return 0;
1010 }
1011 CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
1012#ifdef REF_PRINT
1013 REF_PRINT("X509_CRL",data);
1014#endif
1015 crl = object->data.crl;
1016 STORE_OBJECT_free(object);
1017 return crl;
1018 }
1019
1020int STORE_list_crl_end(STORE *s, void *handle)
1021 {
1022 check_store(s,STORE_F_STORE_LIST_CRL_END,
1023 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
1024
1025 if (!s->meth->list_object_end(s, handle))
1026 {
1027 STOREerr(STORE_F_STORE_LIST_CRL_END,
1028 STORE_R_FAILED_LISTING_KEYS);
1029 return 0;
1030 }
1031 return 1;
1032 }
1033
1034int STORE_list_crl_endp(STORE *s, void *handle)
1035 {
1036 check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
1037 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
1038
1039 if (!s->meth->list_object_endp(s, handle))
1040 {
1041 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
1042 STORE_R_FAILED_LISTING_KEYS);
1043 return 0;
1044 }
1045 return 1;
1046 }
1047
1048int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
1049 OPENSSL_ITEM parameters[])
1050 {
1051 STORE_OBJECT *object;
1052 int i;
1053
1054 check_store(s,STORE_F_STORE_STORE_NUMBER,
1055 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
1056
1057 object = STORE_OBJECT_new();
1058 if (!object)
1059 {
1060 STOREerr(STORE_F_STORE_STORE_NUMBER,
1061 ERR_R_MALLOC_FAILURE);
1062 return 0;
1063 }
1064
1065 object->data.number = data;
1066
1067 i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1068 attributes, parameters);
1069
1070 STORE_OBJECT_free(object);
1071
1072 if (!i)
1073 {
1074 STOREerr(STORE_F_STORE_STORE_NUMBER,
1075 STORE_R_FAILED_STORING_NUMBER);
1076 return 0;
1077 }
1078 return 1;
1079 }
1080
1081int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1082 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
1083 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
1084 {
1085 check_store(s,STORE_F_STORE_MODIFY_NUMBER,
1086 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1087
1088 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1089 search_attributes, add_attributes, modify_attributes,
1090 delete_attributes, parameters))
1091 {
1092 STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1093 STORE_R_FAILED_MODIFYING_NUMBER);
1094 return 0;
1095 }
1096 return 1;
1097 }
1098
1099BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1100 OPENSSL_ITEM parameters[])
1101 {
1102 STORE_OBJECT *object;
1103 BIGNUM *n;
1104
1105 check_store(s,STORE_F_STORE_GET_NUMBER,
1106 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1107
1108 object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1109 parameters);
1110 if (!object || !object->data.number)
1111 {
1112 STOREerr(STORE_F_STORE_GET_NUMBER,
1113 STORE_R_FAILED_GETTING_NUMBER);
1114 return 0;
1115 }
1116 n = object->data.number;
1117 object->data.number = NULL;
1118 STORE_OBJECT_free(object);
1119 return n;
1120 }
1121
1122int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1123 OPENSSL_ITEM parameters[])
1124 {
1125 check_store(s,STORE_F_STORE_DELETE_NUMBER,
1126 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
1127
1128 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1129 parameters))
1130 {
1131 STOREerr(STORE_F_STORE_DELETE_NUMBER,
1132 STORE_R_FAILED_DELETING_NUMBER);
1133 return 0;
1134 }
1135 return 1;
1136 }
1137
1138int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1139 OPENSSL_ITEM parameters[])
1140 {
1141 STORE_OBJECT *object;
1142 int i;
1143
1144 check_store(s,STORE_F_STORE_STORE_ARBITRARY,
1145 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1146
1147 object = STORE_OBJECT_new();
1148 if (!object)
1149 {
1150 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1151 ERR_R_MALLOC_FAILURE);
1152 return 0;
1153 }
1154
1155 object->data.arbitrary = data;
1156
1157 i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1158 attributes, parameters);
1159
1160 STORE_OBJECT_free(object);
1161
1162 if (!i)
1163 {
1164 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1165 STORE_R_FAILED_STORING_ARBITRARY);
1166 return 0;
1167 }
1168 return 1;
1169 }
1170
1171int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1172 OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
1173 OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
1174 {
1175 check_store(s,STORE_F_STORE_MODIFY_ARBITRARY,
1176 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1177
1178 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1179 search_attributes, add_attributes, modify_attributes,
1180 delete_attributes, parameters))
1181 {
1182 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1183 STORE_R_FAILED_MODIFYING_ARBITRARY);
1184 return 0;
1185 }
1186 return 1;
1187 }
1188
1189BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1190 OPENSSL_ITEM parameters[])
1191 {
1192 STORE_OBJECT *object;
1193 BUF_MEM *b;
1194
1195 check_store(s,STORE_F_STORE_GET_ARBITRARY,
1196 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1197
1198 object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1199 attributes, parameters);
1200 if (!object || !object->data.arbitrary)
1201 {
1202 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1203 STORE_R_FAILED_GETTING_ARBITRARY);
1204 return 0;
1205 }
1206 b = object->data.arbitrary;
1207 object->data.arbitrary = NULL;
1208 STORE_OBJECT_free(object);
1209 return b;
1210 }
1211
1212int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1213 OPENSSL_ITEM parameters[])
1214 {
1215 check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1216 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1217
1218 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1219 parameters))
1220 {
1221 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1222 STORE_R_FAILED_DELETING_ARBITRARY);
1223 return 0;
1224 }
1225 return 1;
1226 }
1227
1228STORE_OBJECT *STORE_OBJECT_new(void)
1229 {
1230 STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1231 if (object) memset(object, 0, sizeof(STORE_OBJECT));
1232 return object;
1233 }
1234void STORE_OBJECT_free(STORE_OBJECT *data)
1235 {
1236 if (!data) return;
1237 switch (data->type)
1238 {
1239 case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1240 X509_free(data->data.x509.certificate);
1241 break;
1242 case STORE_OBJECT_TYPE_X509_CRL:
1243 X509_CRL_free(data->data.crl);
1244 break;
1245 case STORE_OBJECT_TYPE_PRIVATE_KEY:
1246 case STORE_OBJECT_TYPE_PUBLIC_KEY:
1247 EVP_PKEY_free(data->data.key);
1248 break;
1249 case STORE_OBJECT_TYPE_NUMBER:
1250 BN_free(data->data.number);
1251 break;
1252 case STORE_OBJECT_TYPE_ARBITRARY:
1253 BUF_MEM_free(data->data.arbitrary);
1254 break;
1255 }
1256 OPENSSL_free(data);
1257 }
1258
1259IMPLEMENT_STACK_OF(STORE_OBJECT*)
1260
1261
1262struct STORE_attr_info_st
1263 {
1264 unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1265 union
1266 {
1267 char *cstring;
1268 unsigned char *sha1string;
1269 X509_NAME *dn;
1270 BIGNUM *number;
1271 void *any;
1272 } values[STORE_ATTR_TYPE_NUM+1];
1273 size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1274 };
1275
1276#define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1277 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1278#define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1279#define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1280
1281STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1282 {
1283 return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1284 }
1285static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1286 STORE_ATTR_TYPES code)
1287 {
1288 if (ATTR_IS_SET(attrs,code))
1289 {
1290 switch(code)
1291 {
1292 case STORE_ATTR_FRIENDLYNAME:
1293 case STORE_ATTR_EMAIL:
1294 case STORE_ATTR_FILENAME:
1295 STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1296 break;
1297 case STORE_ATTR_KEYID:
1298 case STORE_ATTR_ISSUERKEYID:
1299 case STORE_ATTR_SUBJECTKEYID:
1300 case STORE_ATTR_ISSUERSERIALHASH:
1301 case STORE_ATTR_CERTHASH:
1302 STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1303 break;
1304 case STORE_ATTR_ISSUER:
1305 case STORE_ATTR_SUBJECT:
1306 STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1307 break;
1308 case STORE_ATTR_SERIAL:
1309 STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1310 break;
1311 default:
1312 break;
1313 }
1314 }
1315 }
1316int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1317 {
1318 if (attrs)
1319 {
1320 STORE_ATTR_TYPES i;
1321 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1322 STORE_ATTR_INFO_attr_free(attrs, i);
1323 OPENSSL_free(attrs);
1324 }
1325 return 1;
1326 }
1327char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1328 {
1329 if (!attrs)
1330 {
1331 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1332 ERR_R_PASSED_NULL_PARAMETER);
1333 return NULL;
1334 }
1335 if (ATTR_IS_SET(attrs,code))
1336 return attrs->values[code].cstring;
1337 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1338 STORE_R_NO_VALUE);
1339 return NULL;
1340 }
1341unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1342 STORE_ATTR_TYPES code)
1343 {
1344 if (!attrs)
1345 {
1346 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1347 ERR_R_PASSED_NULL_PARAMETER);
1348 return NULL;
1349 }
1350 if (ATTR_IS_SET(attrs,code))
1351 return attrs->values[code].sha1string;
1352 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1353 STORE_R_NO_VALUE);
1354 return NULL;
1355 }
1356X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1357 {
1358 if (!attrs)
1359 {
1360 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1361 ERR_R_PASSED_NULL_PARAMETER);
1362 return NULL;
1363 }
1364 if (ATTR_IS_SET(attrs,code))
1365 return attrs->values[code].dn;
1366 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1367 STORE_R_NO_VALUE);
1368 return NULL;
1369 }
1370BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1371 {
1372 if (!attrs)
1373 {
1374 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1375 ERR_R_PASSED_NULL_PARAMETER);
1376 return NULL;
1377 }
1378 if (ATTR_IS_SET(attrs,code))
1379 return attrs->values[code].number;
1380 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1381 STORE_R_NO_VALUE);
1382 return NULL;
1383 }
1384int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1385 char *cstr, size_t cstr_size)
1386 {
1387 if (!attrs)
1388 {
1389 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1390 ERR_R_PASSED_NULL_PARAMETER);
1391 return 0;
1392 }
1393 if (!ATTR_IS_SET(attrs,code))
1394 {
1395 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1396 return 1;
1397 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1398 ERR_R_MALLOC_FAILURE);
1399 return 0;
1400 }
1401 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1402 return 0;
1403 }
1404int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1405 unsigned char *sha1str, size_t sha1str_size)
1406 {
1407 if (!attrs)
1408 {
1409 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1410 ERR_R_PASSED_NULL_PARAMETER);
1411 return 0;
1412 }
1413 if (!ATTR_IS_SET(attrs,code))
1414 {
1415 if ((attrs->values[code].sha1string =
1416 (unsigned char *)BUF_memdup(sha1str,
1417 sha1str_size)))
1418 return 1;
1419 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1420 ERR_R_MALLOC_FAILURE);
1421 return 0;
1422 }
1423 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1424 return 0;
1425 }
1426int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1427 X509_NAME *dn)
1428 {
1429 if (!attrs)
1430 {
1431 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1432 ERR_R_PASSED_NULL_PARAMETER);
1433 return 0;
1434 }
1435 if (!ATTR_IS_SET(attrs,code))
1436 {
1437 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1438 return 1;
1439 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1440 ERR_R_MALLOC_FAILURE);
1441 return 0;
1442 }
1443 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1444 return 0;
1445 }
1446int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1447 BIGNUM *number)
1448 {
1449 if (!attrs)
1450 {
1451 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1452 ERR_R_PASSED_NULL_PARAMETER);
1453 return 0;
1454 }
1455 if (!ATTR_IS_SET(attrs,code))
1456 {
1457 if ((attrs->values[code].number = BN_dup(number)))
1458 return 1;
1459 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1460 ERR_R_MALLOC_FAILURE);
1461 return 0;
1462 }
1463 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1464 return 0;
1465 }
1466int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1467 char *cstr, size_t cstr_size)
1468 {
1469 if (!attrs)
1470 {
1471 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1472 ERR_R_PASSED_NULL_PARAMETER);
1473 return 0;
1474 }
1475 if (ATTR_IS_SET(attrs,code))
1476 {
1477 OPENSSL_free(attrs->values[code].cstring);
1478 attrs->values[code].cstring = NULL;
1479 CLEAR_ATTRBIT(attrs, code);
1480 }
1481 return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1482 }
1483int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1484 unsigned char *sha1str, size_t sha1str_size)
1485 {
1486 if (!attrs)
1487 {
1488 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1489 ERR_R_PASSED_NULL_PARAMETER);
1490 return 0;
1491 }
1492 if (ATTR_IS_SET(attrs,code))
1493 {
1494 OPENSSL_free(attrs->values[code].sha1string);
1495 attrs->values[code].sha1string = NULL;
1496 CLEAR_ATTRBIT(attrs, code);
1497 }
1498 return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1499 }
1500int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1501 X509_NAME *dn)
1502 {
1503 if (!attrs)
1504 {
1505 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1506 ERR_R_PASSED_NULL_PARAMETER);
1507 return 0;
1508 }
1509 if (ATTR_IS_SET(attrs,code))
1510 {
1511 OPENSSL_free(attrs->values[code].dn);
1512 attrs->values[code].dn = NULL;
1513 CLEAR_ATTRBIT(attrs, code);
1514 }
1515 return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1516 }
1517int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1518 BIGNUM *number)
1519 {
1520 if (!attrs)
1521 {
1522 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1523 ERR_R_PASSED_NULL_PARAMETER);
1524 return 0;
1525 }
1526 if (ATTR_IS_SET(attrs,code))
1527 {
1528 OPENSSL_free(attrs->values[code].number);
1529 attrs->values[code].number = NULL;
1530 CLEAR_ATTRBIT(attrs, code);
1531 }
1532 return STORE_ATTR_INFO_set_number(attrs, code, number);
1533 }
1534
1535struct attr_list_ctx_st
1536 {
1537 OPENSSL_ITEM *attributes;
1538 };
1539void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1540 {
1541 if (attributes)
1542 {
1543 struct attr_list_ctx_st *context =
1544 (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1545 if (context)
1546 context->attributes = attributes;
1547 else
1548 STOREerr(STORE_F_STORE_PARSE_ATTRS_START,
1549 ERR_R_MALLOC_FAILURE);
1550 return context;
1551 }
1552 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1553 return 0;
1554 }
1555STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1556 {
1557 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1558
1559 if (context && context->attributes)
1560 {
1561 STORE_ATTR_INFO *attrs = NULL;
1562
1563 while(context->attributes
1564 && context->attributes->code != STORE_ATTR_OR
1565 && context->attributes->code != STORE_ATTR_END)
1566 {
1567 switch(context->attributes->code)
1568 {
1569 case STORE_ATTR_FRIENDLYNAME:
1570 case STORE_ATTR_EMAIL:
1571 case STORE_ATTR_FILENAME:
1572 if (!attrs) attrs = STORE_ATTR_INFO_new();
1573 if (attrs == NULL)
1574 {
1575 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1576 ERR_R_MALLOC_FAILURE);
1577 goto err;
1578 }
1579 STORE_ATTR_INFO_set_cstr(attrs,
1580 context->attributes->code,
1581 context->attributes->value,
1582 context->attributes->value_size);
1583 break;
1584 case STORE_ATTR_KEYID:
1585 case STORE_ATTR_ISSUERKEYID:
1586 case STORE_ATTR_SUBJECTKEYID:
1587 case STORE_ATTR_ISSUERSERIALHASH:
1588 case STORE_ATTR_CERTHASH:
1589 if (!attrs) attrs = STORE_ATTR_INFO_new();
1590 if (attrs == NULL)
1591 {
1592 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1593 ERR_R_MALLOC_FAILURE);
1594 goto err;
1595 }
1596 STORE_ATTR_INFO_set_sha1str(attrs,
1597 context->attributes->code,
1598 context->attributes->value,
1599 context->attributes->value_size);
1600 break;
1601 case STORE_ATTR_ISSUER:
1602 case STORE_ATTR_SUBJECT:
1603 if (!attrs) attrs = STORE_ATTR_INFO_new();
1604 if (attrs == NULL)
1605 {
1606 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1607 ERR_R_MALLOC_FAILURE);
1608 goto err;
1609 }
1610 STORE_ATTR_INFO_modify_dn(attrs,
1611 context->attributes->code,
1612 context->attributes->value);
1613 break;
1614 case STORE_ATTR_SERIAL:
1615 if (!attrs) attrs = STORE_ATTR_INFO_new();
1616 if (attrs == NULL)
1617 {
1618 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1619 ERR_R_MALLOC_FAILURE);
1620 goto err;
1621 }
1622 STORE_ATTR_INFO_modify_number(attrs,
1623 context->attributes->code,
1624 context->attributes->value);
1625 break;
1626 }
1627 context->attributes++;
1628 }
1629 if (context->attributes->code == STORE_ATTR_OR)
1630 context->attributes++;
1631 return attrs;
1632 err:
1633 while(context->attributes
1634 && context->attributes->code != STORE_ATTR_OR
1635 && context->attributes->code != STORE_ATTR_END)
1636 context->attributes++;
1637 if (context->attributes->code == STORE_ATTR_OR)
1638 context->attributes++;
1639 return NULL;
1640 }
1641 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1642 return NULL;
1643 }
1644int STORE_parse_attrs_end(void *handle)
1645 {
1646 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1647
1648 if (context && context->attributes)
1649 {
1650#if 0
1651 OPENSSL_ITEM *attributes = context->attributes;
1652#endif
1653 OPENSSL_free(context);
1654 return 1;
1655 }
1656 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1657 return 0;
1658 }
1659
1660int STORE_parse_attrs_endp(void *handle)
1661 {
1662 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1663
1664 if (context && context->attributes)
1665 {
1666 return context->attributes->code == STORE_ATTR_END;
1667 }
1668 STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1669 return 0;
1670 }
1671
1672static int attr_info_compare_compute_range(
1673 unsigned char *abits, unsigned char *bbits,
1674 unsigned int *alowp, unsigned int *ahighp,
1675 unsigned int *blowp, unsigned int *bhighp)
1676 {
1677 unsigned int alow = (unsigned int)-1, ahigh = 0;
1678 unsigned int blow = (unsigned int)-1, bhigh = 0;
1679 int i, res = 0;
1680
1681 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1682 {
1683 if (res == 0)
1684 {
1685 if (*abits < *bbits) res = -1;
1686 if (*abits > *bbits) res = 1;
1687 }
1688 if (*abits)
1689 {
1690 if (alow == (unsigned int)-1)
1691 {
1692 alow = i * 8;
1693 if (!(*abits & 0x01)) alow++;
1694 if (!(*abits & 0x02)) alow++;
1695 if (!(*abits & 0x04)) alow++;
1696 if (!(*abits & 0x08)) alow++;
1697 if (!(*abits & 0x10)) alow++;
1698 if (!(*abits & 0x20)) alow++;
1699 if (!(*abits & 0x40)) alow++;
1700 }
1701 ahigh = i * 8 + 7;
1702 if (!(*abits & 0x80)) ahigh++;
1703 if (!(*abits & 0x40)) ahigh++;
1704 if (!(*abits & 0x20)) ahigh++;
1705 if (!(*abits & 0x10)) ahigh++;
1706 if (!(*abits & 0x08)) ahigh++;
1707 if (!(*abits & 0x04)) ahigh++;
1708 if (!(*abits & 0x02)) ahigh++;
1709 }
1710 if (*bbits)
1711 {
1712 if (blow == (unsigned int)-1)
1713 {
1714 blow = i * 8;
1715 if (!(*bbits & 0x01)) blow++;
1716 if (!(*bbits & 0x02)) blow++;
1717 if (!(*bbits & 0x04)) blow++;
1718 if (!(*bbits & 0x08)) blow++;
1719 if (!(*bbits & 0x10)) blow++;
1720 if (!(*bbits & 0x20)) blow++;
1721 if (!(*bbits & 0x40)) blow++;
1722 }
1723 bhigh = i * 8 + 7;
1724 if (!(*bbits & 0x80)) bhigh++;
1725 if (!(*bbits & 0x40)) bhigh++;
1726 if (!(*bbits & 0x20)) bhigh++;
1727 if (!(*bbits & 0x10)) bhigh++;
1728 if (!(*bbits & 0x08)) bhigh++;
1729 if (!(*bbits & 0x04)) bhigh++;
1730 if (!(*bbits & 0x02)) bhigh++;
1731 }
1732 }
1733 if (ahigh + alow < bhigh + blow) res = -1;
1734 if (ahigh + alow > bhigh + blow) res = 1;
1735 if (alowp) *alowp = alow;
1736 if (ahighp) *ahighp = ahigh;
1737 if (blowp) *blowp = blow;
1738 if (bhighp) *bhighp = bhigh;
1739 return res;
1740 }
1741
1742int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1743 {
1744 if (a == b) return 0;
1745 if (!a) return -1;
1746 if (!b) return 1;
1747 return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
1748 }
1749int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1750 {
1751 unsigned int alow, ahigh, blow, bhigh;
1752
1753 if (a == b) return 1;
1754 if (!a) return 0;
1755 if (!b) return 0;
1756 attr_info_compare_compute_range(a->set, b->set,
1757 &alow, &ahigh, &blow, &bhigh);
1758 if (alow >= blow && ahigh <= bhigh)
1759 return 1;
1760 return 0;
1761 }
1762int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1763 {
1764 unsigned char *abits, *bbits;
1765 int i;
1766
1767 if (a == b) return 1;
1768 if (!a) return 0;
1769 if (!b) return 0;
1770 abits = a->set;
1771 bbits = b->set;
1772 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1773 {
1774 if (*abits && (*bbits & *abits) != *abits)
1775 return 0;
1776 }
1777 return 1;
1778 }
1779int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1780 {
1781 STORE_ATTR_TYPES i;
1782
1783 if (a == b) return 1;
1784 if (!STORE_ATTR_INFO_in(a, b)) return 0;
1785 for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1786 if (ATTR_IS_SET(a, i))
1787 {
1788 switch(i)
1789 {
1790 case STORE_ATTR_FRIENDLYNAME:
1791 case STORE_ATTR_EMAIL:
1792 case STORE_ATTR_FILENAME:
1793 if (strcmp(a->values[i].cstring,
1794 b->values[i].cstring))
1795 return 0;
1796 break;
1797 case STORE_ATTR_KEYID:
1798 case STORE_ATTR_ISSUERKEYID:
1799 case STORE_ATTR_SUBJECTKEYID:
1800 case STORE_ATTR_ISSUERSERIALHASH:
1801 case STORE_ATTR_CERTHASH:
1802 if (memcmp(a->values[i].sha1string,
1803 b->values[i].sha1string,
1804 a->value_sizes[i]))
1805 return 0;
1806 break;
1807 case STORE_ATTR_ISSUER:
1808 case STORE_ATTR_SUBJECT:
1809 if (X509_NAME_cmp(a->values[i].dn,
1810 b->values[i].dn))
1811 return 0;
1812 break;
1813 case STORE_ATTR_SERIAL:
1814 if (BN_cmp(a->values[i].number,
1815 b->values[i].number))
1816 return 0;
1817 break;
1818 default:
1819 break;
1820 }
1821 }
1822
1823 return 1;
1824 }
diff --git a/src/lib/libcrypto/store/str_locl.h b/src/lib/libcrypto/store/str_locl.h
new file mode 100644
index 0000000000..3f8cb75619
--- /dev/null
+++ b/src/lib/libcrypto/store/str_locl.h
@@ -0,0 +1,124 @@
1/* crypto/store/str_locl.h -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003.
4 */
5/* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_STORE_LOCL_H
60#define HEADER_STORE_LOCL_H
61
62#include <openssl/crypto.h>
63#include <openssl/store.h>
64
65#ifdef __cplusplus
66extern "C" {
67#endif
68
69struct store_method_st
70 {
71 char *name;
72
73 /* All the functions return a positive integer or non-NULL for success
74 and 0, a negative integer or NULL for failure */
75
76 /* Initialise the STORE with private data */
77 STORE_INITIALISE_FUNC_PTR init;
78 /* Initialise the STORE with private data */
79 STORE_CLEANUP_FUNC_PTR clean;
80 /* Generate an object of a given type */
81 STORE_GENERATE_OBJECT_FUNC_PTR generate_object;
82 /* Get an object of a given type. This function isn't really very
83 useful since the listing functions (below) can be used for the
84 same purpose and are much more general. */
85 STORE_GET_OBJECT_FUNC_PTR get_object;
86 /* Store an object of a given type. */
87 STORE_STORE_OBJECT_FUNC_PTR store_object;
88 /* Modify the attributes bound to an object of a given type. */
89 STORE_MODIFY_OBJECT_FUNC_PTR modify_object;
90 /* Revoke an object of a given type. */
91 STORE_HANDLE_OBJECT_FUNC_PTR revoke_object;
92 /* Delete an object of a given type. */
93 STORE_HANDLE_OBJECT_FUNC_PTR delete_object;
94 /* List a bunch of objects of a given type and with the associated
95 attributes. */
96 STORE_START_OBJECT_FUNC_PTR list_object_start;
97 STORE_NEXT_OBJECT_FUNC_PTR list_object_next;
98 STORE_END_OBJECT_FUNC_PTR list_object_end;
99 STORE_END_OBJECT_FUNC_PTR list_object_endp;
100 /* Store-level function to make any necessary update operations. */
101 STORE_GENERIC_FUNC_PTR update_store;
102 /* Store-level function to get exclusive access to the store. */
103 STORE_GENERIC_FUNC_PTR lock_store;
104 /* Store-level function to release exclusive access to the store. */
105 STORE_GENERIC_FUNC_PTR unlock_store;
106
107 /* Generic control function */
108 STORE_CTRL_FUNC_PTR ctrl;
109 };
110
111struct store_st
112 {
113 const STORE_METHOD *meth;
114 /* functional reference if 'meth' is ENGINE-provided */
115 ENGINE *engine;
116
117 CRYPTO_EX_DATA ex_data;
118 int references;
119 };
120#ifdef __cplusplus
121}
122#endif
123
124#endif
diff --git a/src/lib/libcrypto/store/str_mem.c b/src/lib/libcrypto/store/str_mem.c
new file mode 100644
index 0000000000..527757ae09
--- /dev/null
+++ b/src/lib/libcrypto/store/str_mem.c
@@ -0,0 +1,357 @@
1/* crypto/store/str_mem.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003.
4 */
5/* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <string.h>
60#include <openssl/err.h>
61#include "str_locl.h"
62
63/* The memory store is currently highly experimental. It's meant to become
64 a base store used by other stores for internal caching (for full caching
65 support, aging needs to be added).
66
67 The database use is meant to support as much attribute association as
68 possible, while providing for as small search ranges as possible.
69 This is currently provided for by sorting the entries by numbers that
70 are composed of bits set at the positions indicated by attribute type
71 codes. This provides for ranges determined by the highest attribute
72 type code value. A better idea might be to sort by values computed
73 from the range of attributes associated with the object (basically,
74 the difference between the highest and lowest attribute type code)
75 and it's distance from a base (basically, the lowest associated
76 attribute type code).
77*/
78
79struct mem_object_data_st
80 {
81 STORE_OBJECT *object;
82 STORE_ATTR_INFO *attr_info;
83 int references;
84 };
85
86struct mem_data_st
87 {
88 STACK *data; /* A stack of mem_object_data_st,
89 sorted with STORE_ATTR_INFO_compare(). */
90 unsigned int compute_components : 1; /* Currently unused, but can
91 be used to add attributes
92 from parts of the data. */
93 };
94
95struct mem_ctx_st
96 {
97 int type; /* The type we're searching for */
98 STACK *search_attributes; /* Sets of attributes to search for.
99 Each element is a STORE_ATTR_INFO. */
100 int search_index; /* which of the search attributes we found a match
101 for, -1 when we still haven't found any */
102 int index; /* -1 as long as we're searching for the first */
103 };
104
105static int mem_init(STORE *s);
106static void mem_clean(STORE *s);
107static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
108 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
109static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
110 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
111static int mem_store(STORE *s, STORE_OBJECT_TYPES type,
112 STORE_OBJECT *data, OPENSSL_ITEM attributes[],
113 OPENSSL_ITEM parameters[]);
114static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
115 OPENSSL_ITEM search_attributes[], OPENSSL_ITEM add_attributes[],
116 OPENSSL_ITEM modify_attributes[], OPENSSL_ITEM delete_attributes[],
117 OPENSSL_ITEM parameters[]);
118static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
119 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
120static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
121 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
122static STORE_OBJECT *mem_list_next(STORE *s, void *handle);
123static int mem_list_end(STORE *s, void *handle);
124static int mem_list_endp(STORE *s, void *handle);
125static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
126 OPENSSL_ITEM parameters[]);
127static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
128 OPENSSL_ITEM parameters[]);
129static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f)(void));
130
131static STORE_METHOD store_memory =
132 {
133 "OpenSSL memory store interface",
134 mem_init,
135 mem_clean,
136 mem_generate,
137 mem_get,
138 mem_store,
139 mem_modify,
140 NULL, /* revoke */
141 mem_delete,
142 mem_list_start,
143 mem_list_next,
144 mem_list_end,
145 mem_list_endp,
146 NULL, /* update */
147 mem_lock,
148 mem_unlock,
149 mem_ctrl
150 };
151
152const STORE_METHOD *STORE_Memory(void)
153 {
154 return &store_memory;
155 }
156
157static int mem_init(STORE *s)
158 {
159 return 1;
160 }
161
162static void mem_clean(STORE *s)
163 {
164 return;
165 }
166
167static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
168 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
169 {
170 STOREerr(STORE_F_MEM_GENERATE, STORE_R_NOT_IMPLEMENTED);
171 return 0;
172 }
173static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
174 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
175 {
176 void *context = mem_list_start(s, type, attributes, parameters);
177
178 if (context)
179 {
180 STORE_OBJECT *object = mem_list_next(s, context);
181
182 if (mem_list_end(s, context))
183 return object;
184 }
185 return NULL;
186 }
187static int mem_store(STORE *s, STORE_OBJECT_TYPES type,
188 STORE_OBJECT *data, OPENSSL_ITEM attributes[],
189 OPENSSL_ITEM parameters[])
190 {
191 STOREerr(STORE_F_MEM_STORE, STORE_R_NOT_IMPLEMENTED);
192 return 0;
193 }
194static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
195 OPENSSL_ITEM search_attributes[], OPENSSL_ITEM add_attributes[],
196 OPENSSL_ITEM modify_attributes[], OPENSSL_ITEM delete_attributes[],
197 OPENSSL_ITEM parameters[])
198 {
199 STOREerr(STORE_F_MEM_MODIFY, STORE_R_NOT_IMPLEMENTED);
200 return 0;
201 }
202static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
203 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
204 {
205 STOREerr(STORE_F_MEM_DELETE, STORE_R_NOT_IMPLEMENTED);
206 return 0;
207 }
208
209/* The list functions may be the hardest to understand. Basically,
210 mem_list_start compiles a stack of attribute info elements, and
211 puts that stack into the context to be returned. mem_list_next
212 will then find the first matching element in the store, and then
213 walk all the way to the end of the store (since any combination
214 of attribute bits above the starting point may match the searched
215 for bit pattern...). */
216static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
217 OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
218 {
219 struct mem_ctx_st *context =
220 (struct mem_ctx_st *)OPENSSL_malloc(sizeof(struct mem_ctx_st));
221 void *attribute_context = NULL;
222 STORE_ATTR_INFO *attrs = NULL;
223
224 if (!context)
225 {
226 STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
227 return 0;
228 }
229 memset(context, 0, sizeof(struct mem_ctx_st));
230
231 attribute_context = STORE_parse_attrs_start(attributes);
232 if (!attribute_context)
233 {
234 STOREerr(STORE_F_MEM_LIST_START, ERR_R_STORE_LIB);
235 goto err;
236 }
237
238 while((attrs = STORE_parse_attrs_next(attribute_context)))
239 {
240 if (context->search_attributes == NULL)
241 {
242 context->search_attributes =
243 sk_new((int (*)(const char * const *, const char * const *))STORE_ATTR_INFO_compare);
244 if (!context->search_attributes)
245 {
246 STOREerr(STORE_F_MEM_LIST_START,
247 ERR_R_MALLOC_FAILURE);
248 goto err;
249 }
250 }
251 sk_push(context->search_attributes,(char *)attrs);
252 }
253 if (!STORE_parse_attrs_endp(attribute_context))
254 goto err;
255 STORE_parse_attrs_end(attribute_context);
256 context->search_index = -1;
257 context->index = -1;
258 return context;
259 err:
260 if (attribute_context) STORE_parse_attrs_end(attribute_context);
261 mem_list_end(s, context);
262 return NULL;
263 }
264static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
265 {
266 int i;
267 struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
268 struct mem_object_data_st key = { 0, 0, 1 };
269 struct mem_data_st *store =
270 (struct mem_data_st *)STORE_get_ex_data(s, 1);
271 int srch;
272 int cres = 0;
273
274 if (!context)
275 {
276 STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
277 return NULL;
278 }
279 if (!store)
280 {
281 STOREerr(STORE_F_MEM_LIST_NEXT, STORE_R_NO_STORE);
282 return NULL;
283 }
284
285 if (context->search_index == -1)
286 {
287 for (i = 0; i < sk_num(context->search_attributes); i++)
288 {
289 key.attr_info =
290 (STORE_ATTR_INFO *)sk_value(context->search_attributes, i);
291 srch = sk_find_ex(store->data, (char *)&key);
292
293 if (srch >= 0)
294 {
295 context->search_index = srch;
296 break;
297 }
298 }
299 }
300 if (context->search_index < 0)
301 return NULL;
302
303 key.attr_info =
304 (STORE_ATTR_INFO *)sk_value(context->search_attributes,
305 context->search_index);
306 for(srch = context->search_index;
307 srch < sk_num(store->data)
308 && STORE_ATTR_INFO_in_range(key.attr_info,
309 (STORE_ATTR_INFO *)sk_value(store->data, srch))
310 && !(cres = STORE_ATTR_INFO_in_ex(key.attr_info,
311 (STORE_ATTR_INFO *)sk_value(store->data, srch)));
312 srch++)
313 ;
314
315 context->search_index = srch;
316 if (cres)
317 return ((struct mem_object_data_st *)sk_value(store->data,
318 srch))->object;
319 return NULL;
320 }
321static int mem_list_end(STORE *s, void *handle)
322 {
323 struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
324
325 if (!context)
326 {
327 STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
328 return 0;
329 }
330 if (context && context->search_attributes)
331 sk_free(context->search_attributes);
332 if (context) OPENSSL_free(context);
333 return 1;
334 }
335static int mem_list_endp(STORE *s, void *handle)
336 {
337 struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
338
339 if (!context
340 || context->search_index == sk_num(context->search_attributes))
341 return 1;
342 return 0;
343 }
344static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
345 OPENSSL_ITEM parameters[])
346 {
347 return 1;
348 }
349static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
350 OPENSSL_ITEM parameters[])
351 {
352 return 1;
353 }
354static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f)(void))
355 {
356 return 1;
357 }
diff --git a/src/lib/libcrypto/store/str_meth.c b/src/lib/libcrypto/store/str_meth.c
new file mode 100644
index 0000000000..a46de03a26
--- /dev/null
+++ b/src/lib/libcrypto/store/str_meth.c
@@ -0,0 +1,250 @@
1/* crypto/store/str_meth.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003.
4 */
5/* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <string.h>
60#include <openssl/buffer.h>
61#include "str_locl.h"
62
63STORE_METHOD *STORE_create_method(char *name)
64 {
65 STORE_METHOD *store_method = (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD));
66
67 if (store_method)
68 {
69 memset(store_method, 0, sizeof(*store_method));
70 store_method->name = BUF_strdup(name);
71 }
72 return store_method;
73 }
74
75/* BIG FSCKING WARNING!!!! If you use this on a statically allocated method
76 (that is, it hasn't been allocated using STORE_create_method(), you deserve
77 anything Murphy can throw at you and more! You have been warned. */
78void STORE_destroy_method(STORE_METHOD *store_method)
79 {
80 if (!store_method) return;
81 OPENSSL_free(store_method->name);
82 store_method->name = NULL;
83 OPENSSL_free(store_method);
84 }
85
86int STORE_method_set_initialise_function(STORE_METHOD *sm, STORE_INITIALISE_FUNC_PTR init_f)
87 {
88 sm->init = init_f;
89 return 1;
90 }
91
92int STORE_method_set_cleanup_function(STORE_METHOD *sm, STORE_CLEANUP_FUNC_PTR clean_f)
93 {
94 sm->clean = clean_f;
95 return 1;
96 }
97
98int STORE_method_set_generate_function(STORE_METHOD *sm, STORE_GENERATE_OBJECT_FUNC_PTR generate_f)
99 {
100 sm->generate_object = generate_f;
101 return 1;
102 }
103
104int STORE_method_set_get_function(STORE_METHOD *sm, STORE_GET_OBJECT_FUNC_PTR get_f)
105 {
106 sm->get_object = get_f;
107 return 1;
108 }
109
110int STORE_method_set_store_function(STORE_METHOD *sm, STORE_STORE_OBJECT_FUNC_PTR store_f)
111 {
112 sm->store_object = store_f;
113 return 1;
114 }
115
116int STORE_method_set_modify_function(STORE_METHOD *sm, STORE_MODIFY_OBJECT_FUNC_PTR modify_f)
117 {
118 sm->modify_object = modify_f;
119 return 1;
120 }
121
122int STORE_method_set_revoke_function(STORE_METHOD *sm, STORE_HANDLE_OBJECT_FUNC_PTR revoke_f)
123 {
124 sm->revoke_object = revoke_f;
125 return 1;
126 }
127
128int STORE_method_set_delete_function(STORE_METHOD *sm, STORE_HANDLE_OBJECT_FUNC_PTR delete_f)
129 {
130 sm->delete_object = delete_f;
131 return 1;
132 }
133
134int STORE_method_set_list_start_function(STORE_METHOD *sm, STORE_START_OBJECT_FUNC_PTR list_start_f)
135 {
136 sm->list_object_start = list_start_f;
137 return 1;
138 }
139
140int STORE_method_set_list_next_function(STORE_METHOD *sm, STORE_NEXT_OBJECT_FUNC_PTR list_next_f)
141 {
142 sm->list_object_next = list_next_f;
143 return 1;
144 }
145
146int STORE_method_set_list_end_function(STORE_METHOD *sm, STORE_END_OBJECT_FUNC_PTR list_end_f)
147 {
148 sm->list_object_end = list_end_f;
149 return 1;
150 }
151
152int STORE_method_set_update_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR update_f)
153 {
154 sm->update_store = update_f;
155 return 1;
156 }
157
158int STORE_method_set_lock_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR lock_f)
159 {
160 sm->lock_store = lock_f;
161 return 1;
162 }
163
164int STORE_method_set_unlock_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR unlock_f)
165 {
166 sm->unlock_store = unlock_f;
167 return 1;
168 }
169
170int STORE_method_set_ctrl_function(STORE_METHOD *sm, STORE_CTRL_FUNC_PTR ctrl_f)
171 {
172 sm->ctrl = ctrl_f;
173 return 1;
174 }
175
176STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD *sm)
177 {
178 return sm->init;
179 }
180
181STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm)
182 {
183 return sm->clean;
184 }
185
186STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD *sm)
187 {
188 return sm->generate_object;
189 }
190
191STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm)
192 {
193 return sm->get_object;
194 }
195
196STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm)
197 {
198 return sm->store_object;
199 }
200
201STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD *sm)
202 {
203 return sm->modify_object;
204 }
205
206STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD *sm)
207 {
208 return sm->revoke_object;
209 }
210
211STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD *sm)
212 {
213 return sm->delete_object;
214 }
215
216STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD *sm)
217 {
218 return sm->list_object_start;
219 }
220
221STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD *sm)
222 {
223 return sm->list_object_next;
224 }
225
226STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm)
227 {
228 return sm->list_object_end;
229 }
230
231STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD *sm)
232 {
233 return sm->update_store;
234 }
235
236STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm)
237 {
238 return sm->lock_store;
239 }
240
241STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD *sm)
242 {
243 return sm->unlock_store;
244 }
245
246STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm)
247 {
248 return sm->ctrl;
249 }
250
diff --git a/src/lib/libcrypto/threads/netware.bat b/src/lib/libcrypto/threads/netware.bat
new file mode 100644
index 0000000000..0b3eca3caf
--- /dev/null
+++ b/src/lib/libcrypto/threads/netware.bat
@@ -0,0 +1,79 @@
1@echo off
2rem batch file to build multi-thread test ( mttest.nlm )
3
4rem command line arguments:
5rem debug => build using debug settings
6
7rem
8rem After building, copy mttest.nlm to the server and run it, you'll probably
9rem want to redirect stdout and stderr. An example command line would be
10rem "mttest.nlm -thread 20 -loops 10 -CAfile \openssl\apps\server.pem >mttest.out 2>mttest.err"
11rem
12
13del mttest.nlm
14
15set BLD_DEBUG=
16set CFLAGS=
17set LFLAGS=
18set LIBS=
19
20if "%1" == "DEBUG" set BLD_DEBUG=YES
21if "%1" == "debug" set BLD_DEBUG=YES
22
23if "%MWCIncludes%" == "" goto inc_error
24if "%PRELUDE%" == "" goto prelude_error
25if "%IMPORTS%" == "" goto imports_error
26
27set CFLAGS=-c -I..\..\outinc_nw -nosyspath -DOPENSSL_SYS_NETWARE -opt off -g -sym internal -maxerrors 20
28
29if "%BLD_DEBUG%" == "YES" set LIBS=..\..\out_nw.dbg\ssl.lib ..\..\out_nw.dbg\crypto.lib
30if "%BLD_DEBUG%" == "" set LIBS=..\..\out_nw\ssl.lib ..\..\out_nw\crypto.lib
31
32set LFLAGS=-msgstyle gcc -zerobss -stacksize 32768 -nostdlib -sym internal
33
34rem generate command file for metrowerks
35echo.
36echo Generating Metrowerks command file: mttest.def
37echo # dynamically generated command file for metrowerks build > mttest.def
38echo IMPORT @%IMPORTS%\clib.imp >> mttest.def
39echo IMPORT @%IMPORTS%\threads.imp >> mttest.def
40echo IMPORT @%IMPORTS%\ws2nlm.imp >> mttest.def
41echo IMPORT GetProcessSwitchCount >> mttest.def
42echo MODULE clib >> mttest.def
43
44rem compile
45echo.
46echo Compiling mttest.c
47mwccnlm.exe mttest.c %CFLAGS%
48if errorlevel 1 goto end
49
50rem link
51echo.
52echo Linking mttest.nlm
53mwldnlm.exe %LFLAGS% -screenname mttest -commandfile mttest.def mttest.o "%PRELUDE%" %LIBS% -o mttest.nlm
54if errorlevel 1 goto end
55
56goto end
57
58:inc_error
59echo.
60echo Environment variable MWCIncludes is not set - see install.nw
61goto end
62
63:prelude_error
64echo.
65echo Environment variable PRELUDE is not set - see install.nw
66goto end
67
68:imports_error
69echo.
70echo Environment variable IMPORTS is not set - see install.nw
71goto end
72
73
74:end
75set BLD_DEBUG=
76set CFLAGS=
77set LFLAGS=
78set LIBS=
79
diff --git a/src/lib/libcrypto/util/copy.pl b/src/lib/libcrypto/util/copy.pl
new file mode 100644
index 0000000000..e20b45530a
--- /dev/null
+++ b/src/lib/libcrypto/util/copy.pl
@@ -0,0 +1,59 @@
1#!/usr/local/bin/perl
2
3use Fcntl;
4
5
6# copy.pl
7
8# Perl script 'copy' comment. On Windows the built in "copy" command also
9# copies timestamps: this messes up Makefile dependencies.
10
11my $arg;
12
13foreach $arg (@ARGV) {
14 $arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob...
15 foreach (glob $arg)
16 {
17 push @filelist, $_;
18 }
19}
20
21$fnum = @filelist;
22
23if ($fnum <= 1)
24 {
25 die "Need at least two filenames";
26 }
27
28$dest = pop @filelist;
29
30if ($fnum > 2 && ! -d $dest)
31 {
32 die "Destination must be a directory";
33 }
34
35foreach (@filelist)
36 {
37 if (-d $dest)
38 {
39 $dfile = $_;
40 $dfile =~ s|^.*[/\\]([^/\\]*)$|$1|;
41 $dfile = "$dest/$dfile";
42 }
43 else
44 {
45 $dfile = $dest;
46 }
47 sysopen(IN, $_, O_RDONLY|O_BINARY) || die "Can't Open $_";
48 sysopen(OUT, $dfile, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY)
49 || die "Can't Open $dfile";
50 while (sysread IN, $buf, 10240)
51 {
52 syswrite(OUT, $buf, length($buf));
53 }
54 close(IN);
55 close(OUT);
56 print "Copying: $_ to $dfile\n";
57 }
58
59
diff --git a/src/lib/libcrypto/util/extract-section.pl b/src/lib/libcrypto/util/extract-section.pl
new file mode 100644
index 0000000000..7a0ba4f69a
--- /dev/null
+++ b/src/lib/libcrypto/util/extract-section.pl
@@ -0,0 +1,12 @@
1#!/usr/bin/perl
2
3while(<STDIN>) {
4 if (/=for\s+comment\s+openssl_manual_section:(\S+)/)
5 {
6 print "$1\n";
7 exit 0;
8 }
9}
10
11print "$ARGV[0]\n";
12
diff --git a/src/lib/libcrypto/util/pl/netware.pl b/src/lib/libcrypto/util/pl/netware.pl
new file mode 100644
index 0000000000..173c9919f2
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/netware.pl
@@ -0,0 +1,526 @@
1# Metrowerks Codewarrior or gcc / nlmconv for NetWare
2#
3
4$version_header = "crypto/opensslv.h";
5open(IN, "$version_header") or die "Couldn't open $version_header: $!";
6while (<IN>) {
7 if (/^#define[\s\t]+OPENSSL_VERSION_NUMBER[\s\t]+0x(\d)(\d{2})(\d{2})(\d{2})/)
8 {
9 # die "OpenSSL version detected: $1.$2.$3.$4\n";
10 #$nlmvernum = "$1,$2,$3";
11 $nlmvernum = "$1,".($2*10+$3).",".($4*1);
12 #$nlmverstr = "$1.".($2*1).".".($3*1).($4?(chr(96+$4)):"");
13 break;
14 }
15}
16close(IN) or die "Couldn't close $version_header: $!";
17
18$readme_file = "README";
19open(IN, $readme_file) or die "Couldn't open $readme_file: $!";
20while (<IN>) {
21 if (/^[\s\t]+OpenSSL[\s\t]+(\d)\.(\d{1,2})\.(\d{1,2})([a-z])(.*)/)
22 {
23 #$nlmvernum = "$1,$2,$3";
24 #$nlmvernum = "$1,".($2*10+$3).",".($4*1);
25 $nlmverstr = "$1.$2.$3$4$5";
26 }
27 elsif (/^[\s\t]+(Copyright \(c\) \d{4}\-\d{4} The OpenSSL Project)$/)
28 {
29 $nlmcpystr = $1;
30 }
31 break if ($nlmvernum && $nlmcpystr);
32}
33close(IN) or die "Couldn't close $readme_file: $!";
34
35# Define stacksize here
36$nlmstack = "32768";
37
38# some default settings here in case we failed to find them in README
39$nlmvernum = "1,0,0" if (!$nlmvernum);
40$nlmverstr = "OpenSSL" if (!$nlmverstr);
41$nlmcpystr = "Copyright (c) 1998-now The OpenSSL Project" if (!$nlmcpystr);
42
43# die "OpenSSL copyright: $nlmcpystr\nOpenSSL verstring: $nlmverstr\nOpenSSL vernumber: $nlmvernum\n";
44
45# The import files and other misc imports needed to link
46@misc_imports = ("GetProcessSwitchCount", "RunningProcess",
47 "GetSuperHighResolutionTimer");
48if ($LIBC)
49{
50 @import_files = ("libc.imp");
51 @module_files = ("libc");
52 $libarch = "LIBC";
53}
54else
55{
56 # clib build
57 @import_files = ("clib.imp");
58 push(@import_files, "socklib.imp") if ($BSDSOCK);
59 @module_files = ("clib");
60 # push(@misc_imports, "_rt_modu64%16", "_rt_divu64%16");
61 $libarch = "CLIB";
62}
63if ($BSDSOCK)
64{
65 $libarch .= "-BSD";
66}
67else
68{
69 $libarch .= "-WS2";
70 push(@import_files, "ws2nlm.imp");
71}
72
73# The "IMPORTS" environment variable must be set and point to the location
74# where import files (*.imp) can be found.
75# Example: set IMPORTS=c:\ndk\nwsdk\imports
76$import_path = $ENV{"IMPORTS"} || die ("IMPORTS environment variable not set\n");
77
78
79# The "PRELUDE" environment variable must be set and point to the location
80# and name of the prelude source to link with ( nwpre.obj is recommended ).
81# Example: set PRELUDE=c:\codewar\novell support\metrowerks support\libraries\runtime\nwpre.obj
82$prelude = $ENV{"PRELUDE"} || die ("PRELUDE environment variable not set\n");
83
84# The "INCLUDES" environment variable must be set and point to the location
85# where import files (*.imp) can be found.
86$include_path = $ENV{"INCLUDE"} || die ("INCLUDES environment variable not set\n");
87$include_path =~ s/\\/\//g;
88$include_path = join(" -I", split(/;/, $include_path));
89
90# check for gcc compiler
91$gnuc = $ENV{"GNUC"};
92
93#$ssl= "ssleay32";
94#$crypto="libeay32";
95
96if ($gnuc)
97{
98 # C compiler
99 $cc='gcc';
100 # Linker
101 $link='nlmconv';
102 # librarian
103 $mklib='ar';
104 $o='/';
105 # cp command
106 $cp='cp -af';
107 # rm command
108 $rm='rm -f';
109 # mv command
110 $mv='mv -f';
111 # mkdir command
112 $mkdir='gmkdir';
113 #$ranlib='ranlib';
114}
115else
116{
117 # C compiler
118 $cc='mwccnlm';
119 # Linker
120 $link='mwldnlm';
121 # librarian
122 $mklib='mwldnlm';
123 # Path separator
124 $o='\\';
125 # cp command
126 $cp='copy >nul:';
127 # rm command
128 $rm='del /f /q';
129}
130
131# assembler
132if ($nw_nasm)
133{
134 if ($gnuc)
135 {
136 $asm="nasmw -s -f elf";
137 }
138 else
139 {
140 $asm="nasmw -s -f coff";
141 }
142 $afile="-o ";
143 $asm.=" -g" if $debug;
144}
145elsif ($nw_mwasm)
146{
147 $asm="mwasmnlm -maxerrors 20";
148 $afile="-o ";
149 $asm.=" -g" if $debug;
150}
151elsif ($nw_masm)
152{
153# masm assembly settings - it should be possible to use masm but haven't
154# got it working.
155# $asm='ml /Cp /coff /c /Cx';
156# $asm.=" /Zi" if $debug;
157# $afile='/Fo';
158 die("Support for masm assembler not yet functional\n");
159}
160else
161{
162 $asm="";
163 $afile="";
164}
165
166
167
168if ($gnuc)
169{
170 # compile flags for GNUC
171 # additional flags based upon debug | non-debug
172 if ($debug)
173 {
174 $cflags="-g -DDEBUG";
175 }
176 else
177 {
178 $cflags="-O2";
179 }
180 $cflags.=" -nostdinc -I$include_path \\
181 -fno-builtin -fpcc-struct-return -fno-strict-aliasing \\
182 -funsigned-char -Wall -Wno-unused -Wno-uninitialized";
183
184 # link flags
185 $lflags="-T";
186}
187else
188{
189 # compile flags for CodeWarrior
190 # additional flags based upon debug | non-debug
191 if ($debug)
192 {
193 $cflags="-opt off -g -sym internal -DDEBUG";
194 }
195 else
196 {
197 # CodeWarrior compiler has a problem with optimizations for floating
198 # points - no optimizations until further investigation
199 # $cflags="-opt all";
200 }
201
202 # NOTES: Several c files in the crypto subdirectory include headers from
203 # their local directories. Metrowerks wouldn't find these h files
204 # without adding individual include directives as compile flags
205 # or modifying the c files. Instead of adding individual include
206 # paths for each subdirectory a recursive include directive
207 # is used ( -ir crypto ).
208 #
209 # A similar issue exists for the engines and apps subdirectories.
210 #
211 # Turned off the "possible" warnings ( -w nopossible ). Metrowerks
212 # complained a lot about various stuff. May want to turn back
213 # on for further development.
214 $cflags.=" -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\
215 -msgstyle gcc -align 4 -processor pentium -char unsigned \\
216 -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
217 -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";
218
219 # link flags
220 $lflags="-msgstyle gcc -zerobss -nostdlib -sym internal -commandfile";
221}
222
223# common defines
224$cflags.=" -DL_ENDIAN -DOPENSSL_SYSNAME_NETWARE -U_WIN32";
225
226# If LibC build add in NKS_LIBC define and set the entry/exit
227# routines - The default entry/exit routines are for CLib and don't exist
228# in LibC
229if ($LIBC)
230{
231 $cflags.=" -DNETWARE_LIBC";
232 $nlmstart = "_LibCPrelude";
233 $nlmexit = "_LibCPostlude";
234 @nlm_flags = ("pseudopreemption", "flag_on 64");
235}
236else
237{
238 $cflags.=" -DNETWARE_CLIB";
239 $nlmstart = "_Prelude";
240 $nlmexit = "_Stop";
241}
242
243# If BSD Socket support is requested, set a define for the compiler
244if ($BSDSOCK)
245{
246 $cflags.=" -DNETWARE_BSDSOCK";
247 if (!$LIBC)
248 {
249 $cflags.=" -DNETDB_USE_INTERNET";
250 }
251}
252
253
254# linking stuff
255# for the output directories use the mk1mf.pl values with "_nw" appended
256if ($shlib)
257{
258 if ($LIBC)
259 {
260 $out_def.="_nw_libc_nlm";
261 $tmp_def.="_nw_libc_nlm";
262 $inc_def.="_nw_libc_nlm";
263 }
264 else # NETWARE_CLIB
265 {
266 $out_def.="_nw_clib_nlm";
267 $tmp_def.="_nw_clib_nlm";
268 $inc_def.="_nw_clib_nlm";
269 }
270}
271else
272{
273 if ($gnuc) # GNUC Tools
274 {
275 $libp=".a";
276 $shlibp=".a";
277 $lib_flags="-cr";
278 }
279 else # CodeWarrior
280 {
281 $libp=".lib";
282 $shlibp=".lib";
283 $lib_flags="-nodefaults -type library -o";
284 }
285 if ($LIBC)
286 {
287 $out_def.="_nw_libc";
288 $tmp_def.="_nw_libc";
289 $inc_def.="_nw_libc";
290 }
291 else # NETWARE_CLIB
292 {
293 $out_def.="_nw_clib";
294 $tmp_def.="_nw_clib";
295 $inc_def.="_nw_clib";
296 }
297}
298
299# used by mk1mf.pl
300$obj='.o';
301$ofile='-o ';
302$efile='';
303$exep='.nlm';
304$ex_libs='';
305
306if (!$no_asm)
307{
308 $bn_asm_obj="\$(OBJ_D)${o}bn-nw${obj}";
309 $bn_asm_src="crypto${o}bn${o}asm${o}bn-nw.asm";
310 $bnco_asm_obj="\$(OBJ_D)${o}co-nw${obj}";
311 $bnco_asm_src="crypto${o}bn${o}asm${o}co-nw.asm";
312 $aes_asm_obj="\$(OBJ_D)${o}a-nw${obj}";
313 $aes_asm_src="crypto${o}aes${o}asm${o}a-nw.asm";
314 $des_enc_obj="\$(OBJ_D)${o}d-nw${obj} \$(OBJ_D)${o}y-nw${obj}";
315 $des_enc_src="crypto${o}des${o}asm${o}d-nw.asm crypto${o}des${o}asm${o}y-nw.asm";
316 $bf_enc_obj="\$(OBJ_D)${o}b-nw${obj}";
317 $bf_enc_src="crypto${o}bf${o}asm${o}b-nw.asm";
318 $cast_enc_obj="\$(OBJ_D)${o}c-nw${obj}";
319 $cast_enc_src="crypto${o}cast${o}asm${o}c-nw.asm";
320 $rc4_enc_obj="\$(OBJ_D)${o}r4-nw${obj}";
321 $rc4_enc_src="crypto${o}rc4${o}asm${o}r4-nw.asm";
322 $rc5_enc_obj="\$(OBJ_D)${o}r5-nw${obj}";
323 $rc5_enc_src="crypto${o}rc5${o}asm${o}r5-nw.asm";
324 $md5_asm_obj="\$(OBJ_D)${o}m5-nw${obj}";
325 $md5_asm_src="crypto${o}md5${o}asm${o}m5-nw.asm";
326 $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj}";
327 $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm";
328 $rmd160_asm_obj="\$(OBJ_D)${o}rm-nw${obj}";
329 $rmd160_asm_src="crypto${o}ripemd${o}asm${o}rm-nw.asm";
330 $cpuid_asm_obj="\$(OBJ_D)${o}x86cpuid-nw${obj}";
331 $cpuid_asm_src="crypto${o}x86cpuid-nw.asm";
332 $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM";
333 $cflags.=" -DAES_ASM -DRMD160_ASM";
334}
335else
336{
337 $bn_asm_obj='';
338 $bn_asm_src='';
339 $bnco_asm_obj='';
340 $bnco_asm_src='';
341 $aes_asm_obj='';
342 $aes_asm_src='';
343 $des_enc_obj='';
344 $des_enc_src='';
345 $bf_enc_obj='';
346 $bf_enc_src='';
347 $cast_enc_obj='';
348 $cast_enc_src='';
349 $rc4_enc_obj='';
350 $rc4_enc_src='';
351 $rc5_enc_obj='';
352 $rc5_enc_src='';
353 $md5_asm_obj='';
354 $md5_asm_src='';
355 $sha1_asm_obj='';
356 $sha1_asm_src='';
357 $rmd160_asm_obj='';
358 $rmd160_asm_src='';
359 $cpuid_asm_obj='';
360 $cpuid_asm_src='';
361}
362
363# create the *.def linker command files in \openssl\netware\ directory
364sub do_def_file
365{
366 # strip off the leading path
367 my($target) = bname(shift);
368 my($i);
369
370 if ($target =~ /(.*).nlm/)
371 {
372 $target = $1;
373 }
374
375 # special case for openssl - the mk1mf.pl defines E_EXE = openssl
376 if ($target =~ /E_EXE/)
377 {
378 $target =~ s/\$\(E_EXE\)/openssl/;
379 }
380
381 # Note: originally tried to use full path ( \openssl\netware\$target.def )
382 # Metrowerks linker choked on this with an assertion failure. bug???
383 #
384 my($def_file) = "netware${o}$target.def";
385
386 open(DEF_OUT, ">$def_file") || die("unable to open file $def_file\n");
387
388 print( DEF_OUT "# command file generated by netware.pl for NLM target.\n" );
389 print( DEF_OUT "# do not edit this file - all your changes will be lost!!\n" );
390 print( DEF_OUT "#\n");
391 print( DEF_OUT "DESCRIPTION \"$target ($libarch) - OpenSSL $nlmverstr\"\n");
392 print( DEF_OUT "COPYRIGHT \"$nlmcpystr\"\n");
393 print( DEF_OUT "VERSION $nlmvernum\n");
394 print( DEF_OUT "STACK $nlmstack\n");
395 print( DEF_OUT "START $nlmstart\n");
396 print( DEF_OUT "EXIT $nlmexit\n");
397
398 # special case for openssl
399 if ($target eq "openssl")
400 {
401 print( DEF_OUT "SCREENNAME \"OpenSSL $nlmverstr\"\n");
402 }
403 else
404 {
405 print( DEF_OUT "SCREENNAME \"DEFAULT\"\n");
406 }
407
408 foreach $i (@misc_imports)
409 {
410 print( DEF_OUT "IMPORT $i\n");
411 }
412
413 foreach $i (@import_files)
414 {
415 print( DEF_OUT "IMPORT \@$import_path${o}$i\n");
416 }
417
418 foreach $i (@module_files)
419 {
420 print( DEF_OUT "MODULE $i\n");
421 }
422
423 foreach $i (@nlm_flags)
424 {
425 print( DEF_OUT "$i\n");
426 }
427
428 if ($gnuc)
429 {
430 if ($target =~ /openssl/)
431 {
432 print( DEF_OUT "INPUT ${tmp_def}${o}openssl${obj}\n");
433 print( DEF_OUT "INPUT ${tmp_def}${o}openssl${libp}\n");
434 }
435 else
436 {
437 print( DEF_OUT "INPUT ${tmp_def}${o}${target}${obj}\n");
438 }
439 print( DEF_OUT "INPUT $prelude\n");
440 print( DEF_OUT "INPUT ${out_def}${o}${ssl}${libp} ${out_def}${o}${crypto}${libp}\n");
441 print( DEF_OUT "OUTPUT $target.nlm\n");
442 }
443
444 close(DEF_OUT);
445 return($def_file);
446}
447
448sub do_lib_rule
449{
450 my($objs,$target,$name,$shlib)=@_;
451 my($ret);
452
453 $ret.="$target: $objs\n";
454 if (!$shlib)
455 {
456 $ret.="\t\@echo Building Lib: $name\n";
457 $ret.="\t\$(MKLIB) $lib_flags $target $objs\n";
458 $ret.="\t\@echo .\n"
459 }
460 else
461 {
462 die( "Building as NLM not currently supported!" );
463 }
464
465 $ret.="\n";
466 return($ret);
467}
468
469sub do_link_rule
470{
471 my($target,$files,$dep_libs,$libs)=@_;
472 my($ret);
473 my($def_file) = do_def_file($target);
474
475 $ret.="$target: $files $dep_libs\n";
476
477 # NOTE: When building the test nlms no screen name is given
478 # which causes the console screen to be used. By using the console
479 # screen there is no "<press any key to continue>" message which
480 # requires user interaction. The test script ( do_tests.pl ) needs
481 # to be able to run the tests without requiring user interaction.
482 #
483 # However, the sample program "openssl.nlm" is used by the tests and is
484 # a interactive sample so a screen is desired when not be run by the
485 # tests. To solve the problem, two versions of the program are built:
486 # openssl2 - no screen used by tests
487 # openssl - default screen - use for normal interactive modes
488 #
489
490 # special case for openssl - the mk1mf.pl defines E_EXE = openssl
491 if ($target =~ /E_EXE/)
492 {
493 my($target2) = $target;
494
495 $target2 =~ s/\(E_EXE\)/\(E_EXE\)2/;
496
497 # openssl2
498 my($def_file2) = do_def_file($target2);
499
500 if ($gnuc)
501 {
502 $ret.="\t\$(MKLIB) $lib_flags \$(TMP_D)${o}\$(E_EXE).a \$(filter-out \$(TMP_D)${o}\$(E_EXE)${obj},$files)\n";
503 $ret.="\t\$(LINK) \$(LFLAGS) $def_file2\n";
504 $ret.="\t\@$mv \$(E_EXE)2.nlm \$(TEST_D)\n";
505 }
506 else
507 {
508 $ret.="\t\$(LINK) \$(LFLAGS) $def_file2 $files \"$prelude\" $libs -o $target2\n";
509 }
510 }
511 if ($gnuc)
512 {
513 $ret.="\t\$(LINK) \$(LFLAGS) $def_file\n";
514 $ret.="\t\@$mv \$(\@F) \$(TEST_D)\n";
515 }
516 else
517 {
518 $ret.="\t\$(LINK) \$(LFLAGS) $def_file $files \"$prelude\" $libs -o $target\n";
519 }
520
521 $ret.="\n";
522 return($ret);
523
524}
525
5261;
diff --git a/src/lib/libcrypto/x509v3/v3_addr.c b/src/lib/libcrypto/x509v3/v3_addr.c
new file mode 100644
index 0000000000..ed9847b307
--- /dev/null
+++ b/src/lib/libcrypto/x509v3/v3_addr.c
@@ -0,0 +1,1280 @@
1/*
2 * Contributed to the OpenSSL Project by the American Registry for
3 * Internet Numbers ("ARIN").
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 */
57
58/*
59 * Implementation of RFC 3779 section 2.2.
60 */
61
62#include <stdio.h>
63#include <stdlib.h>
64#include <assert.h>
65#include "cryptlib.h"
66#include <openssl/conf.h>
67#include <openssl/asn1.h>
68#include <openssl/asn1t.h>
69#include <openssl/buffer.h>
70#include <openssl/x509v3.h>
71
72#ifndef OPENSSL_NO_RFC3779
73
74/*
75 * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
76 */
77
78ASN1_SEQUENCE(IPAddressRange) = {
79 ASN1_SIMPLE(IPAddressRange, min, ASN1_BIT_STRING),
80 ASN1_SIMPLE(IPAddressRange, max, ASN1_BIT_STRING)
81} ASN1_SEQUENCE_END(IPAddressRange)
82
83ASN1_CHOICE(IPAddressOrRange) = {
84 ASN1_SIMPLE(IPAddressOrRange, u.addressPrefix, ASN1_BIT_STRING),
85 ASN1_SIMPLE(IPAddressOrRange, u.addressRange, IPAddressRange)
86} ASN1_CHOICE_END(IPAddressOrRange)
87
88ASN1_CHOICE(IPAddressChoice) = {
89 ASN1_SIMPLE(IPAddressChoice, u.inherit, ASN1_NULL),
90 ASN1_SEQUENCE_OF(IPAddressChoice, u.addressesOrRanges, IPAddressOrRange)
91} ASN1_CHOICE_END(IPAddressChoice)
92
93ASN1_SEQUENCE(IPAddressFamily) = {
94 ASN1_SIMPLE(IPAddressFamily, addressFamily, ASN1_OCTET_STRING),
95 ASN1_SIMPLE(IPAddressFamily, ipAddressChoice, IPAddressChoice)
96} ASN1_SEQUENCE_END(IPAddressFamily)
97
98ASN1_ITEM_TEMPLATE(IPAddrBlocks) =
99 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
100 IPAddrBlocks, IPAddressFamily)
101ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
102
103IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
104IMPLEMENT_ASN1_FUNCTIONS(IPAddressOrRange)
105IMPLEMENT_ASN1_FUNCTIONS(IPAddressChoice)
106IMPLEMENT_ASN1_FUNCTIONS(IPAddressFamily)
107
108/*
109 * How much buffer space do we need for a raw address?
110 */
111#define ADDR_RAW_BUF_LEN 16
112
113/*
114 * What's the address length associated with this AFI?
115 */
116static int length_from_afi(const unsigned afi)
117{
118 switch (afi) {
119 case IANA_AFI_IPV4:
120 return 4;
121 case IANA_AFI_IPV6:
122 return 16;
123 default:
124 return 0;
125 }
126}
127
128/*
129 * Extract the AFI from an IPAddressFamily.
130 */
131unsigned v3_addr_get_afi(const IPAddressFamily *f)
132{
133 return ((f != NULL &&
134 f->addressFamily != NULL &&
135 f->addressFamily->data != NULL)
136 ? ((f->addressFamily->data[0] << 8) |
137 (f->addressFamily->data[1]))
138 : 0);
139}
140
141/*
142 * Expand the bitstring form of an address into a raw byte array.
143 * At the moment this is coded for simplicity, not speed.
144 */
145static void addr_expand(unsigned char *addr,
146 const ASN1_BIT_STRING *bs,
147 const int length,
148 const unsigned char fill)
149{
150 assert(bs->length >= 0 && bs->length <= length);
151 if (bs->length > 0) {
152 memcpy(addr, bs->data, bs->length);
153 if ((bs->flags & 7) != 0) {
154 unsigned char mask = 0xFF >> (8 - (bs->flags & 7));
155 if (fill == 0)
156 addr[bs->length - 1] &= ~mask;
157 else
158 addr[bs->length - 1] |= mask;
159 }
160 }
161 memset(addr + bs->length, fill, length - bs->length);
162}
163
164/*
165 * Extract the prefix length from a bitstring.
166 */
167#define addr_prefixlen(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7)))
168
169/*
170 * i2r handler for one address bitstring.
171 */
172static int i2r_address(BIO *out,
173 const unsigned afi,
174 const unsigned char fill,
175 const ASN1_BIT_STRING *bs)
176{
177 unsigned char addr[ADDR_RAW_BUF_LEN];
178 int i, n;
179
180 switch (afi) {
181 case IANA_AFI_IPV4:
182 addr_expand(addr, bs, 4, fill);
183 BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
184 break;
185 case IANA_AFI_IPV6:
186 addr_expand(addr, bs, 16, fill);
187 for (n = 16; n > 1 && addr[n-1] == 0x00 && addr[n-2] == 0x00; n -= 2)
188 ;
189 for (i = 0; i < n; i += 2)
190 BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i+1], (i < 14 ? ":" : ""));
191 if (i < 16)
192 BIO_puts(out, ":");
193 break;
194 default:
195 for (i = 0; i < bs->length; i++)
196 BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
197 BIO_printf(out, "[%d]", (int) (bs->flags & 7));
198 break;
199 }
200 return 1;
201}
202
203/*
204 * i2r handler for a sequence of addresses and ranges.
205 */
206static int i2r_IPAddressOrRanges(BIO *out,
207 const int indent,
208 const IPAddressOrRanges *aors,
209 const unsigned afi)
210{
211 int i;
212 for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
213 const IPAddressOrRange *aor = sk_IPAddressOrRange_value(aors, i);
214 BIO_printf(out, "%*s", indent, "");
215 switch (aor->type) {
216 case IPAddressOrRange_addressPrefix:
217 if (!i2r_address(out, afi, 0x00, aor->u.addressPrefix))
218 return 0;
219 BIO_printf(out, "/%d\n", addr_prefixlen(aor->u.addressPrefix));
220 continue;
221 case IPAddressOrRange_addressRange:
222 if (!i2r_address(out, afi, 0x00, aor->u.addressRange->min))
223 return 0;
224 BIO_puts(out, "-");
225 if (!i2r_address(out, afi, 0xFF, aor->u.addressRange->max))
226 return 0;
227 BIO_puts(out, "\n");
228 continue;
229 }
230 }
231 return 1;
232}
233
234/*
235 * i2r handler for an IPAddrBlocks extension.
236 */
237static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method,
238 void *ext,
239 BIO *out,
240 int indent)
241{
242 const IPAddrBlocks *addr = ext;
243 int i;
244 for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
245 IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
246 const unsigned afi = v3_addr_get_afi(f);
247 switch (afi) {
248 case IANA_AFI_IPV4:
249 BIO_printf(out, "%*sIPv4", indent, "");
250 break;
251 case IANA_AFI_IPV6:
252 BIO_printf(out, "%*sIPv6", indent, "");
253 break;
254 default:
255 BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi);
256 break;
257 }
258 if (f->addressFamily->length > 2) {
259 switch (f->addressFamily->data[2]) {
260 case 1:
261 BIO_puts(out, " (Unicast)");
262 break;
263 case 2:
264 BIO_puts(out, " (Multicast)");
265 break;
266 case 3:
267 BIO_puts(out, " (Unicast/Multicast)");
268 break;
269 case 4:
270 BIO_puts(out, " (MPLS)");
271 break;
272 case 64:
273 BIO_puts(out, " (Tunnel)");
274 break;
275 case 65:
276 BIO_puts(out, " (VPLS)");
277 break;
278 case 66:
279 BIO_puts(out, " (BGP MDT)");
280 break;
281 case 128:
282 BIO_puts(out, " (MPLS-labeled VPN)");
283 break;
284 default:
285 BIO_printf(out, " (Unknown SAFI %u)",
286 (unsigned) f->addressFamily->data[2]);
287 break;
288 }
289 }
290 switch (f->ipAddressChoice->type) {
291 case IPAddressChoice_inherit:
292 BIO_puts(out, ": inherit\n");
293 break;
294 case IPAddressChoice_addressesOrRanges:
295 BIO_puts(out, ":\n");
296 if (!i2r_IPAddressOrRanges(out,
297 indent + 2,
298 f->ipAddressChoice->u.addressesOrRanges,
299 afi))
300 return 0;
301 break;
302 }
303 }
304 return 1;
305}
306
307/*
308 * Sort comparison function for a sequence of IPAddressOrRange
309 * elements.
310 */
311static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
312 const IPAddressOrRange *b,
313 const int length)
314{
315 unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
316 int prefixlen_a = 0;
317 int prefixlen_b = 0;
318 int r;
319
320 switch (a->type) {
321 case IPAddressOrRange_addressPrefix:
322 addr_expand(addr_a, a->u.addressPrefix, length, 0x00);
323 prefixlen_a = addr_prefixlen(a->u.addressPrefix);
324 break;
325 case IPAddressOrRange_addressRange:
326 addr_expand(addr_a, a->u.addressRange->min, length, 0x00);
327 prefixlen_a = length * 8;
328 break;
329 }
330
331 switch (b->type) {
332 case IPAddressOrRange_addressPrefix:
333 addr_expand(addr_b, b->u.addressPrefix, length, 0x00);
334 prefixlen_b = addr_prefixlen(b->u.addressPrefix);
335 break;
336 case IPAddressOrRange_addressRange:
337 addr_expand(addr_b, b->u.addressRange->min, length, 0x00);
338 prefixlen_b = length * 8;
339 break;
340 }
341
342 if ((r = memcmp(addr_a, addr_b, length)) != 0)
343 return r;
344 else
345 return prefixlen_a - prefixlen_b;
346}
347
348/*
349 * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
350 * comparision routines are only allowed two arguments.
351 */
352static int v4IPAddressOrRange_cmp(const IPAddressOrRange * const *a,
353 const IPAddressOrRange * const *b)
354{
355 return IPAddressOrRange_cmp(*a, *b, 4);
356}
357
358/*
359 * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
360 * comparision routines are only allowed two arguments.
361 */
362static int v6IPAddressOrRange_cmp(const IPAddressOrRange * const *a,
363 const IPAddressOrRange * const *b)
364{
365 return IPAddressOrRange_cmp(*a, *b, 16);
366}
367
368/*
369 * Calculate whether a range collapses to a prefix.
370 * See last paragraph of RFC 3779 2.2.3.7.
371 */
372static int range_should_be_prefix(const unsigned char *min,
373 const unsigned char *max,
374 const int length)
375{
376 unsigned char mask;
377 int i, j;
378
379 for (i = 0; i < length && min[i] == max[i]; i++)
380 ;
381 for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--)
382 ;
383 if (i < j)
384 return -1;
385 if (i > j)
386 return i * 8;
387 mask = min[i] ^ max[i];
388 switch (mask) {
389 case 0x01: j = 7; break;
390 case 0x03: j = 6; break;
391 case 0x07: j = 5; break;
392 case 0x0F: j = 4; break;
393 case 0x1F: j = 3; break;
394 case 0x3F: j = 2; break;
395 case 0x7F: j = 1; break;
396 default: return -1;
397 }
398 if ((min[i] & mask) != 0 || (max[i] & mask) != mask)
399 return -1;
400 else
401 return i * 8 + j;
402}
403
404/*
405 * Construct a prefix.
406 */
407static int make_addressPrefix(IPAddressOrRange **result,
408 unsigned char *addr,
409 const int prefixlen)
410{
411 int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
412 IPAddressOrRange *aor = IPAddressOrRange_new();
413
414 if (aor == NULL)
415 return 0;
416 aor->type = IPAddressOrRange_addressPrefix;
417 if (aor->u.addressPrefix == NULL &&
418 (aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL)
419 goto err;
420 if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen))
421 goto err;
422 aor->u.addressPrefix->flags &= ~7;
423 aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT;
424 if (bitlen > 0) {
425 aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen);
426 aor->u.addressPrefix->flags |= 8 - bitlen;
427 }
428
429 *result = aor;
430 return 1;
431
432 err:
433 IPAddressOrRange_free(aor);
434 return 0;
435}
436
437/*
438 * Construct a range. If it can be expressed as a prefix,
439 * return a prefix instead. Doing this here simplifies
440 * the rest of the code considerably.
441 */
442static int make_addressRange(IPAddressOrRange **result,
443 unsigned char *min,
444 unsigned char *max,
445 const int length)
446{
447 IPAddressOrRange *aor;
448 int i, prefixlen;
449
450 if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
451 return make_addressPrefix(result, min, prefixlen);
452
453 if ((aor = IPAddressOrRange_new()) == NULL)
454 return 0;
455 aor->type = IPAddressOrRange_addressRange;
456 assert(aor->u.addressRange == NULL);
457 if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
458 goto err;
459 if (aor->u.addressRange->min == NULL &&
460 (aor->u.addressRange->min = ASN1_BIT_STRING_new()) == NULL)
461 goto err;
462 if (aor->u.addressRange->max == NULL &&
463 (aor->u.addressRange->max = ASN1_BIT_STRING_new()) == NULL)
464 goto err;
465
466 for (i = length; i > 0 && min[i - 1] == 0x00; --i)
467 ;
468 if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i))
469 goto err;
470 aor->u.addressRange->min->flags &= ~7;
471 aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT;
472 if (i > 0) {
473 unsigned char b = min[i - 1];
474 int j = 1;
475 while ((b & (0xFFU >> j)) != 0)
476 ++j;
477 aor->u.addressRange->min->flags |= 8 - j;
478 }
479
480 for (i = length; i > 0 && max[i - 1] == 0xFF; --i)
481 ;
482 if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i))
483 goto err;
484 aor->u.addressRange->max->flags &= ~7;
485 aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT;
486 if (i > 0) {
487 unsigned char b = max[i - 1];
488 int j = 1;
489 while ((b & (0xFFU >> j)) != (0xFFU >> j))
490 ++j;
491 aor->u.addressRange->max->flags |= 8 - j;
492 }
493
494 *result = aor;
495 return 1;
496
497 err:
498 IPAddressOrRange_free(aor);
499 return 0;
500}
501
502/*
503 * Construct a new address family or find an existing one.
504 */
505static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
506 const unsigned afi,
507 const unsigned *safi)
508{
509 IPAddressFamily *f;
510 unsigned char key[3];
511 unsigned keylen;
512 int i;
513
514 key[0] = (afi >> 8) & 0xFF;
515 key[1] = afi & 0xFF;
516 if (safi != NULL) {
517 key[2] = *safi & 0xFF;
518 keylen = 3;
519 } else {
520 keylen = 2;
521 }
522
523 for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
524 f = sk_IPAddressFamily_value(addr, i);
525 assert(f->addressFamily->data != NULL);
526 if (f->addressFamily->length == keylen &&
527 !memcmp(f->addressFamily->data, key, keylen))
528 return f;
529 }
530
531 if ((f = IPAddressFamily_new()) == NULL)
532 goto err;
533 if (f->ipAddressChoice == NULL &&
534 (f->ipAddressChoice = IPAddressChoice_new()) == NULL)
535 goto err;
536 if (f->addressFamily == NULL &&
537 (f->addressFamily = ASN1_OCTET_STRING_new()) == NULL)
538 goto err;
539 if (!ASN1_OCTET_STRING_set(f->addressFamily, key, keylen))
540 goto err;
541 if (!sk_IPAddressFamily_push(addr, f))
542 goto err;
543
544 return f;
545
546 err:
547 IPAddressFamily_free(f);
548 return NULL;
549}
550
551/*
552 * Add an inheritance element.
553 */
554int v3_addr_add_inherit(IPAddrBlocks *addr,
555 const unsigned afi,
556 const unsigned *safi)
557{
558 IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
559 if (f == NULL ||
560 f->ipAddressChoice == NULL ||
561 (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
562 f->ipAddressChoice->u.addressesOrRanges != NULL))
563 return 0;
564 if (f->ipAddressChoice->type == IPAddressChoice_inherit &&
565 f->ipAddressChoice->u.inherit != NULL)
566 return 1;
567 if (f->ipAddressChoice->u.inherit == NULL &&
568 (f->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL)
569 return 0;
570 f->ipAddressChoice->type = IPAddressChoice_inherit;
571 return 1;
572}
573
574/*
575 * Construct an IPAddressOrRange sequence, or return an existing one.
576 */
577static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr,
578 const unsigned afi,
579 const unsigned *safi)
580{
581 IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
582 IPAddressOrRanges *aors = NULL;
583
584 if (f == NULL ||
585 f->ipAddressChoice == NULL ||
586 (f->ipAddressChoice->type == IPAddressChoice_inherit &&
587 f->ipAddressChoice->u.inherit != NULL))
588 return NULL;
589 if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges)
590 aors = f->ipAddressChoice->u.addressesOrRanges;
591 if (aors != NULL)
592 return aors;
593 if ((aors = sk_IPAddressOrRange_new_null()) == NULL)
594 return NULL;
595 switch (afi) {
596 case IANA_AFI_IPV4:
597 sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp);
598 break;
599 case IANA_AFI_IPV6:
600 sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp);
601 break;
602 }
603 f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges;
604 f->ipAddressChoice->u.addressesOrRanges = aors;
605 return aors;
606}
607
608/*
609 * Add a prefix.
610 */
611int v3_addr_add_prefix(IPAddrBlocks *addr,
612 const unsigned afi,
613 const unsigned *safi,
614 unsigned char *a,
615 const int prefixlen)
616{
617 IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
618 IPAddressOrRange *aor;
619 if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
620 return 0;
621 if (sk_IPAddressOrRange_push(aors, aor))
622 return 1;
623 IPAddressOrRange_free(aor);
624 return 0;
625}
626
627/*
628 * Add a range.
629 */
630int v3_addr_add_range(IPAddrBlocks *addr,
631 const unsigned afi,
632 const unsigned *safi,
633 unsigned char *min,
634 unsigned char *max)
635{
636 IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
637 IPAddressOrRange *aor;
638 int length = length_from_afi(afi);
639 if (aors == NULL)
640 return 0;
641 if (!make_addressRange(&aor, min, max, length))
642 return 0;
643 if (sk_IPAddressOrRange_push(aors, aor))
644 return 1;
645 IPAddressOrRange_free(aor);
646 return 0;
647}
648
649/*
650 * Extract min and max values from an IPAddressOrRange.
651 */
652static void extract_min_max(IPAddressOrRange *aor,
653 unsigned char *min,
654 unsigned char *max,
655 int length)
656{
657 assert(aor != NULL && min != NULL && max != NULL);
658 switch (aor->type) {
659 case IPAddressOrRange_addressPrefix:
660 addr_expand(min, aor->u.addressPrefix, length, 0x00);
661 addr_expand(max, aor->u.addressPrefix, length, 0xFF);
662 return;
663 case IPAddressOrRange_addressRange:
664 addr_expand(min, aor->u.addressRange->min, length, 0x00);
665 addr_expand(max, aor->u.addressRange->max, length, 0xFF);
666 return;
667 }
668}
669
670/*
671 * Public wrapper for extract_min_max().
672 */
673int v3_addr_get_range(IPAddressOrRange *aor,
674 const unsigned afi,
675 unsigned char *min,
676 unsigned char *max,
677 const int length)
678{
679 int afi_length = length_from_afi(afi);
680 if (aor == NULL || min == NULL || max == NULL ||
681 afi_length == 0 || length < afi_length ||
682 (aor->type != IPAddressOrRange_addressPrefix &&
683 aor->type != IPAddressOrRange_addressRange))
684 return 0;
685 extract_min_max(aor, min, max, afi_length);
686 return afi_length;
687}
688
689/*
690 * Sort comparision function for a sequence of IPAddressFamily.
691 *
692 * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
693 * the ordering: I can read it as meaning that IPv6 without a SAFI
694 * comes before IPv4 with a SAFI, which seems pretty weird. The
695 * examples in appendix B suggest that the author intended the
696 * null-SAFI rule to apply only within a single AFI, which is what I
697 * would have expected and is what the following code implements.
698 */
699static int IPAddressFamily_cmp(const IPAddressFamily * const *a_,
700 const IPAddressFamily * const *b_)
701{
702 const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
703 const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
704 int len = ((a->length <= b->length) ? a->length : b->length);
705 int cmp = memcmp(a->data, b->data, len);
706 return cmp ? cmp : a->length - b->length;
707}
708
709/*
710 * Check whether an IPAddrBLocks is in canonical form.
711 */
712int v3_addr_is_canonical(IPAddrBlocks *addr)
713{
714 unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
715 unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
716 IPAddressOrRanges *aors;
717 int i, j, k;
718
719 /*
720 * Empty extension is cannonical.
721 */
722 if (addr == NULL)
723 return 1;
724
725 /*
726 * Check whether the top-level list is in order.
727 */
728 for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) {
729 const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i);
730 const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1);
731 if (IPAddressFamily_cmp(&a, &b) >= 0)
732 return 0;
733 }
734
735 /*
736 * Top level's ok, now check each address family.
737 */
738 for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
739 IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
740 int length = length_from_afi(v3_addr_get_afi(f));
741
742 /*
743 * Inheritance is canonical. Anything other than inheritance or
744 * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something.
745 */
746 if (f == NULL || f->ipAddressChoice == NULL)
747 return 0;
748 switch (f->ipAddressChoice->type) {
749 case IPAddressChoice_inherit:
750 continue;
751 case IPAddressChoice_addressesOrRanges:
752 break;
753 default:
754 return 0;
755 }
756
757 /*
758 * It's an IPAddressOrRanges sequence, check it.
759 */
760 aors = f->ipAddressChoice->u.addressesOrRanges;
761 if (sk_IPAddressOrRange_num(aors) == 0)
762 return 0;
763 for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) {
764 IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
765 IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
766
767 extract_min_max(a, a_min, a_max, length);
768 extract_min_max(b, b_min, b_max, length);
769
770 /*
771 * Punt misordered list, overlapping start, or inverted range.
772 */
773 if (memcmp(a_min, b_min, length) >= 0 ||
774 memcmp(a_min, a_max, length) > 0 ||
775 memcmp(b_min, b_max, length) > 0)
776 return 0;
777
778 /*
779 * Punt if adjacent or overlapping. Check for adjacency by
780 * subtracting one from b_min first.
781 */
782 for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--)
783 ;
784 if (memcmp(a_max, b_min, length) >= 0)
785 return 0;
786
787 /*
788 * Check for range that should be expressed as a prefix.
789 */
790 if (a->type == IPAddressOrRange_addressRange &&
791 range_should_be_prefix(a_min, a_max, length) >= 0)
792 return 0;
793 }
794
795 /*
796 * Check final range to see if it should be a prefix.
797 */
798 j = sk_IPAddressOrRange_num(aors) - 1;
799 {
800 IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
801 if (a->type == IPAddressOrRange_addressRange) {
802 extract_min_max(a, a_min, a_max, length);
803 if (range_should_be_prefix(a_min, a_max, length) >= 0)
804 return 0;
805 }
806 }
807 }
808
809 /*
810 * If we made it through all that, we're happy.
811 */
812 return 1;
813}
814
815/*
816 * Whack an IPAddressOrRanges into canonical form.
817 */
818static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
819 const unsigned afi)
820{
821 int i, j, length = length_from_afi(afi);
822
823 /*
824 * Sort the IPAddressOrRanges sequence.
825 */
826 sk_IPAddressOrRange_sort(aors);
827
828 /*
829 * Clean up representation issues, punt on duplicates or overlaps.
830 */
831 for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) {
832 IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i);
833 IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1);
834 unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
835 unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
836
837 extract_min_max(a, a_min, a_max, length);
838 extract_min_max(b, b_min, b_max, length);
839
840 /*
841 * Punt overlaps.
842 */
843 if (memcmp(a_max, b_min, length) >= 0)
844 return 0;
845
846 /*
847 * Merge if a and b are adjacent. We check for
848 * adjacency by subtracting one from b_min first.
849 */
850 for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--)
851 ;
852 if (memcmp(a_max, b_min, length) == 0) {
853 IPAddressOrRange *merged;
854 if (!make_addressRange(&merged, a_min, b_max, length))
855 return 0;
856 sk_IPAddressOrRange_set(aors, i, merged);
857 sk_IPAddressOrRange_delete(aors, i + 1);
858 IPAddressOrRange_free(a);
859 IPAddressOrRange_free(b);
860 --i;
861 continue;
862 }
863 }
864
865 return 1;
866}
867
868/*
869 * Whack an IPAddrBlocks extension into canonical form.
870 */
871int v3_addr_canonize(IPAddrBlocks *addr)
872{
873 int i;
874 for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
875 IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
876 if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
877 !IPAddressOrRanges_canonize(f->ipAddressChoice->u.addressesOrRanges,
878 v3_addr_get_afi(f)))
879 return 0;
880 }
881 sk_IPAddressFamily_sort(addr);
882 assert(v3_addr_is_canonical(addr));
883 return 1;
884}
885
886/*
887 * v2i handler for the IPAddrBlocks extension.
888 */
889static void *v2i_IPAddrBlocks(struct v3_ext_method *method,
890 struct v3_ext_ctx *ctx,
891 STACK_OF(CONF_VALUE) *values)
892{
893 static const char v4addr_chars[] = "0123456789.";
894 static const char v6addr_chars[] = "0123456789.:abcdefABCDEF";
895 IPAddrBlocks *addr = NULL;
896 char *s = NULL, *t;
897 int i;
898
899 if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
900 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
901 return NULL;
902 }
903
904 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
905 CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
906 unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
907 unsigned afi, *safi = NULL, safi_;
908 const char *addr_chars;
909 int prefixlen, i1, i2, delim, length;
910
911 if ( !name_cmp(val->name, "IPv4")) {
912 afi = IANA_AFI_IPV4;
913 } else if (!name_cmp(val->name, "IPv6")) {
914 afi = IANA_AFI_IPV6;
915 } else if (!name_cmp(val->name, "IPv4-SAFI")) {
916 afi = IANA_AFI_IPV4;
917 safi = &safi_;
918 } else if (!name_cmp(val->name, "IPv6-SAFI")) {
919 afi = IANA_AFI_IPV6;
920 safi = &safi_;
921 } else {
922 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_NAME_ERROR);
923 X509V3_conf_err(val);
924 goto err;
925 }
926
927 switch (afi) {
928 case IANA_AFI_IPV4:
929 addr_chars = v4addr_chars;
930 break;
931 case IANA_AFI_IPV6:
932 addr_chars = v6addr_chars;
933 break;
934 }
935
936 length = length_from_afi(afi);
937
938 /*
939 * Handle SAFI, if any, and BUF_strdup() so we can null-terminate
940 * the other input values.
941 */
942 if (safi != NULL) {
943 *safi = strtoul(val->value, &t, 0);
944 t += strspn(t, " \t");
945 if (*safi > 0xFF || *t++ != ':') {
946 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
947 X509V3_conf_err(val);
948 goto err;
949 }
950 t += strspn(t, " \t");
951 s = BUF_strdup(t);
952 } else {
953 s = BUF_strdup(val->value);
954 }
955 if (s == NULL) {
956 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
957 goto err;
958 }
959
960 /*
961 * Check for inheritance. Not worth additional complexity to
962 * optimize this (seldom-used) case.
963 */
964 if (!strcmp(s, "inherit")) {
965 if (!v3_addr_add_inherit(addr, afi, safi)) {
966 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_INHERITANCE);
967 X509V3_conf_err(val);
968 goto err;
969 }
970 OPENSSL_free(s);
971 s = NULL;
972 continue;
973 }
974
975 i1 = strspn(s, addr_chars);
976 i2 = i1 + strspn(s + i1, " \t");
977 delim = s[i2++];
978 s[i1] = '\0';
979
980 if (a2i_ipadd(min, s) != length) {
981 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
982 X509V3_conf_err(val);
983 goto err;
984 }
985
986 switch (delim) {
987 case '/':
988 prefixlen = (int) strtoul(s + i2, &t, 10);
989 if (t == s + i2 || *t != '\0') {
990 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR);
991 X509V3_conf_err(val);
992 goto err;
993 }
994 if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
995 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
996 goto err;
997 }
998 break;
999 case '-':
1000 i1 = i2 + strspn(s + i2, " \t");
1001 i2 = i1 + strspn(s + i1, addr_chars);
1002 if (i1 == i2 || s[i2] != '\0') {
1003 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR);
1004 X509V3_conf_err(val);
1005 goto err;
1006 }
1007 if (a2i_ipadd(max, s + i1) != length) {
1008 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
1009 X509V3_conf_err(val);
1010 goto err;
1011 }
1012 if (!v3_addr_add_range(addr, afi, safi, min, max)) {
1013 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
1014 goto err;
1015 }
1016 break;
1017 case '\0':
1018 if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
1019 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
1020 goto err;
1021 }
1022 break;
1023 default:
1024 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR);
1025 X509V3_conf_err(val);
1026 goto err;
1027 }
1028
1029 OPENSSL_free(s);
1030 s = NULL;
1031 }
1032
1033 /*
1034 * Canonize the result, then we're done.
1035 */
1036 if (!v3_addr_canonize(addr))
1037 goto err;
1038 return addr;
1039
1040 err:
1041 OPENSSL_free(s);
1042 sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free);
1043 return NULL;
1044}
1045
1046/*
1047 * OpenSSL dispatch
1048 */
1049const X509V3_EXT_METHOD v3_addr = {
1050 NID_sbgp_ipAddrBlock, /* nid */
1051 0, /* flags */
1052 ASN1_ITEM_ref(IPAddrBlocks), /* template */
1053 0, 0, 0, 0, /* old functions, ignored */
1054 0, /* i2s */
1055 0, /* s2i */
1056 0, /* i2v */
1057 v2i_IPAddrBlocks, /* v2i */
1058 i2r_IPAddrBlocks, /* i2r */
1059 0, /* r2i */
1060 NULL /* extension-specific data */
1061};
1062
1063/*
1064 * Figure out whether extension sues inheritance.
1065 */
1066int v3_addr_inherits(IPAddrBlocks *addr)
1067{
1068 int i;
1069 if (addr == NULL)
1070 return 0;
1071 for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
1072 IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
1073 if (f->ipAddressChoice->type == IPAddressChoice_inherit)
1074 return 1;
1075 }
1076 return 0;
1077}
1078
1079/*
1080 * Figure out whether parent contains child.
1081 */
1082static int addr_contains(IPAddressOrRanges *parent,
1083 IPAddressOrRanges *child,
1084 int length)
1085{
1086 unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
1087 unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
1088 int p, c;
1089
1090 if (child == NULL || parent == child)
1091 return 1;
1092 if (parent == NULL)
1093 return 0;
1094
1095 p = 0;
1096 for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
1097 extract_min_max(sk_IPAddressOrRange_value(child, c),
1098 c_min, c_max, length);
1099 for (;; p++) {
1100 if (p >= sk_IPAddressOrRange_num(parent))
1101 return 0;
1102 extract_min_max(sk_IPAddressOrRange_value(parent, p),
1103 p_min, p_max, length);
1104 if (memcmp(p_max, c_max, length) < 0)
1105 continue;
1106 if (memcmp(p_min, c_min, length) > 0)
1107 return 0;
1108 break;
1109 }
1110 }
1111
1112 return 1;
1113}
1114
1115/*
1116 * Test whether a is a subset of b.
1117 */
1118int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
1119{
1120 int i;
1121 if (a == NULL || a == b)
1122 return 1;
1123 if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b))
1124 return 0;
1125 sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp);
1126 for (i = 0; i < sk_IPAddressFamily_num(a); i++) {
1127 IPAddressFamily *fa = sk_IPAddressFamily_value(a, i);
1128 int j = sk_IPAddressFamily_find(b, fa);
1129 IPAddressFamily *fb = sk_IPAddressFamily_value(b, j);
1130 if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges,
1131 fa->ipAddressChoice->u.addressesOrRanges,
1132 length_from_afi(v3_addr_get_afi(fb))))
1133 return 0;
1134 }
1135 return 1;
1136}
1137
1138/*
1139 * Validation error handling via callback.
1140 */
1141#define validation_err(_err_) \
1142 do { \
1143 if (ctx != NULL) { \
1144 ctx->error = _err_; \
1145 ctx->error_depth = i; \
1146 ctx->current_cert = x; \
1147 ret = ctx->verify_cb(0, ctx); \
1148 } else { \
1149 ret = 0; \
1150 } \
1151 if (!ret) \
1152 goto done; \
1153 } while (0)
1154
1155/*
1156 * Core code for RFC 3779 2.3 path validation.
1157 */
1158static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx,
1159 STACK_OF(X509) *chain,
1160 IPAddrBlocks *ext)
1161{
1162 IPAddrBlocks *child = NULL;
1163 int i, j, ret = 1;
1164 X509 *x = NULL;
1165
1166 assert(chain != NULL && sk_X509_num(chain) > 0);
1167 assert(ctx != NULL || ext != NULL);
1168 assert(ctx == NULL || ctx->verify_cb != NULL);
1169
1170 /*
1171 * Figure out where to start. If we don't have an extension to
1172 * check, we're done. Otherwise, check canonical form and
1173 * set up for walking up the chain.
1174 */
1175 if (ext != NULL) {
1176 i = -1;
1177 } else {
1178 i = 0;
1179 x = sk_X509_value(chain, i);
1180 assert(x != NULL);
1181 if ((ext = x->rfc3779_addr) == NULL)
1182 goto done;
1183 }
1184 if (!v3_addr_is_canonical(ext))
1185 validation_err(X509_V_ERR_INVALID_EXTENSION);
1186 sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
1187 if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
1188 X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL, ERR_R_MALLOC_FAILURE);
1189 ret = 0;
1190 goto done;
1191 }
1192
1193 /*
1194 * Now walk up the chain. No cert may list resources that its
1195 * parent doesn't list.
1196 */
1197 for (i++; i < sk_X509_num(chain); i++) {
1198 x = sk_X509_value(chain, i);
1199 assert(x != NULL);
1200 if (!v3_addr_is_canonical(x->rfc3779_addr))
1201 validation_err(X509_V_ERR_INVALID_EXTENSION);
1202 if (x->rfc3779_addr == NULL) {
1203 for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
1204 IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
1205 if (fc->ipAddressChoice->type != IPAddressChoice_inherit) {
1206 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
1207 break;
1208 }
1209 }
1210 continue;
1211 }
1212 sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr, IPAddressFamily_cmp);
1213 for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
1214 IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
1215 int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc);
1216 IPAddressFamily *fp = sk_IPAddressFamily_value(x->rfc3779_addr, k);
1217 if (fp == NULL) {
1218 if (fc->ipAddressChoice->type == IPAddressChoice_addressesOrRanges) {
1219 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
1220 break;
1221 }
1222 continue;
1223 }
1224 if (fp->ipAddressChoice->type == IPAddressChoice_addressesOrRanges) {
1225 if (fc->ipAddressChoice->type == IPAddressChoice_inherit ||
1226 addr_contains(fp->ipAddressChoice->u.addressesOrRanges,
1227 fc->ipAddressChoice->u.addressesOrRanges,
1228 length_from_afi(v3_addr_get_afi(fc))))
1229 sk_IPAddressFamily_set(child, j, fp);
1230 else
1231 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
1232 }
1233 }
1234 }
1235
1236 /*
1237 * Trust anchor can't inherit.
1238 */
1239 if (x->rfc3779_addr != NULL) {
1240 for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
1241 IPAddressFamily *fp = sk_IPAddressFamily_value(x->rfc3779_addr, j);
1242 if (fp->ipAddressChoice->type == IPAddressChoice_inherit &&
1243 sk_IPAddressFamily_find(child, fp) >= 0)
1244 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
1245 }
1246 }
1247
1248 done:
1249 sk_IPAddressFamily_free(child);
1250 return ret;
1251}
1252
1253#undef validation_err
1254
1255/*
1256 * RFC 3779 2.3 path validation -- called from X509_verify_cert().
1257 */
1258int v3_addr_validate_path(X509_STORE_CTX *ctx)
1259{
1260 return v3_addr_validate_path_internal(ctx, ctx->chain, NULL);
1261}
1262
1263/*
1264 * RFC 3779 2.3 path validation of an extension.
1265 * Test whether chain covers extension.
1266 */
1267int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
1268 IPAddrBlocks *ext,
1269 int allow_inheritance)
1270{
1271 if (ext == NULL)
1272 return 1;
1273 if (chain == NULL || sk_X509_num(chain) == 0)
1274 return 0;
1275 if (!allow_inheritance && v3_addr_inherits(ext))
1276 return 0;
1277 return v3_addr_validate_path_internal(NULL, chain, ext);
1278}
1279
1280#endif /* OPENSSL_NO_RFC3779 */
diff --git a/src/lib/libcrypto/x509v3/v3_asid.c b/src/lib/libcrypto/x509v3/v3_asid.c
new file mode 100644
index 0000000000..271930f967
--- /dev/null
+++ b/src/lib/libcrypto/x509v3/v3_asid.c
@@ -0,0 +1,842 @@
1/*
2 * Contributed to the OpenSSL Project by the American Registry for
3 * Internet Numbers ("ARIN").
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 */
57
58/*
59 * Implementation of RFC 3779 section 3.2.
60 */
61
62#include <stdio.h>
63#include <string.h>
64#include <assert.h>
65#include "cryptlib.h"
66#include <openssl/conf.h>
67#include <openssl/asn1.h>
68#include <openssl/asn1t.h>
69#include <openssl/x509v3.h>
70#include <openssl/x509.h>
71#include <openssl/bn.h>
72
73#ifndef OPENSSL_NO_RFC3779
74
75/*
76 * OpenSSL ASN.1 template translation of RFC 3779 3.2.3.
77 */
78
79ASN1_SEQUENCE(ASRange) = {
80 ASN1_SIMPLE(ASRange, min, ASN1_INTEGER),
81 ASN1_SIMPLE(ASRange, max, ASN1_INTEGER)
82} ASN1_SEQUENCE_END(ASRange)
83
84ASN1_CHOICE(ASIdOrRange) = {
85 ASN1_SIMPLE(ASIdOrRange, u.id, ASN1_INTEGER),
86 ASN1_SIMPLE(ASIdOrRange, u.range, ASRange)
87} ASN1_CHOICE_END(ASIdOrRange)
88
89ASN1_CHOICE(ASIdentifierChoice) = {
90 ASN1_SIMPLE(ASIdentifierChoice, u.inherit, ASN1_NULL),
91 ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange)
92} ASN1_CHOICE_END(ASIdentifierChoice)
93
94ASN1_SEQUENCE(ASIdentifiers) = {
95 ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
96 ASN1_EXP_OPT(ASIdentifiers, rdi, ASIdentifierChoice, 1)
97} ASN1_SEQUENCE_END(ASIdentifiers)
98
99IMPLEMENT_ASN1_FUNCTIONS(ASRange)
100IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange)
101IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice)
102IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers)
103
104/*
105 * i2r method for an ASIdentifierChoice.
106 */
107static int i2r_ASIdentifierChoice(BIO *out,
108 ASIdentifierChoice *choice,
109 int indent,
110 const char *msg)
111{
112 int i;
113 char *s;
114 if (choice == NULL)
115 return 1;
116 BIO_printf(out, "%*s%s:\n", indent, "", msg);
117 switch (choice->type) {
118 case ASIdentifierChoice_inherit:
119 BIO_printf(out, "%*sinherit\n", indent + 2, "");
120 break;
121 case ASIdentifierChoice_asIdsOrRanges:
122 for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges); i++) {
123 ASIdOrRange *aor = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
124 switch (aor->type) {
125 case ASIdOrRange_id:
126 if ((s = i2s_ASN1_INTEGER(NULL, aor->u.id)) == NULL)
127 return 0;
128 BIO_printf(out, "%*s%s\n", indent + 2, "", s);
129 OPENSSL_free(s);
130 break;
131 case ASIdOrRange_range:
132 if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->min)) == NULL)
133 return 0;
134 BIO_printf(out, "%*s%s-", indent + 2, "", s);
135 OPENSSL_free(s);
136 if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->max)) == NULL)
137 return 0;
138 BIO_printf(out, "%s\n", s);
139 OPENSSL_free(s);
140 break;
141 default:
142 return 0;
143 }
144 }
145 break;
146 default:
147 return 0;
148 }
149 return 1;
150}
151
152/*
153 * i2r method for an ASIdentifier extension.
154 */
155static int i2r_ASIdentifiers(X509V3_EXT_METHOD *method,
156 void *ext,
157 BIO *out,
158 int indent)
159{
160 ASIdentifiers *asid = ext;
161 return (i2r_ASIdentifierChoice(out, asid->asnum, indent,
162 "Autonomous System Numbers") &&
163 i2r_ASIdentifierChoice(out, asid->rdi, indent,
164 "Routing Domain Identifiers"));
165}
166
167/*
168 * Sort comparision function for a sequence of ASIdOrRange elements.
169 */
170static int ASIdOrRange_cmp(const ASIdOrRange * const *a_,
171 const ASIdOrRange * const *b_)
172{
173 const ASIdOrRange *a = *a_, *b = *b_;
174
175 assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
176 (a->type == ASIdOrRange_range && a->u.range != NULL &&
177 a->u.range->min != NULL && a->u.range->max != NULL));
178
179 assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
180 (b->type == ASIdOrRange_range && b->u.range != NULL &&
181 b->u.range->min != NULL && b->u.range->max != NULL));
182
183 if (a->type == ASIdOrRange_id && b->type == ASIdOrRange_id)
184 return ASN1_INTEGER_cmp(a->u.id, b->u.id);
185
186 if (a->type == ASIdOrRange_range && b->type == ASIdOrRange_range) {
187 int r = ASN1_INTEGER_cmp(a->u.range->min, b->u.range->min);
188 return r != 0 ? r : ASN1_INTEGER_cmp(a->u.range->max, b->u.range->max);
189 }
190
191 if (a->type == ASIdOrRange_id)
192 return ASN1_INTEGER_cmp(a->u.id, b->u.range->min);
193 else
194 return ASN1_INTEGER_cmp(a->u.range->min, b->u.id);
195}
196
197/*
198 * Add an inherit element.
199 */
200int v3_asid_add_inherit(ASIdentifiers *asid, int which)
201{
202 ASIdentifierChoice **choice;
203 if (asid == NULL)
204 return 0;
205 switch (which) {
206 case V3_ASID_ASNUM:
207 choice = &asid->asnum;
208 break;
209 case V3_ASID_RDI:
210 choice = &asid->rdi;
211 break;
212 default:
213 return 0;
214 }
215 if (*choice == NULL) {
216 if ((*choice = ASIdentifierChoice_new()) == NULL)
217 return 0;
218 assert((*choice)->u.inherit == NULL);
219 if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL)
220 return 0;
221 (*choice)->type = ASIdentifierChoice_inherit;
222 }
223 return (*choice)->type == ASIdentifierChoice_inherit;
224}
225
226/*
227 * Add an ID or range to an ASIdentifierChoice.
228 */
229int v3_asid_add_id_or_range(ASIdentifiers *asid,
230 int which,
231 ASN1_INTEGER *min,
232 ASN1_INTEGER *max)
233{
234 ASIdentifierChoice **choice;
235 ASIdOrRange *aor;
236 if (asid == NULL)
237 return 0;
238 switch (which) {
239 case V3_ASID_ASNUM:
240 choice = &asid->asnum;
241 break;
242 case V3_ASID_RDI:
243 choice = &asid->rdi;
244 break;
245 default:
246 return 0;
247 }
248 if (*choice != NULL && (*choice)->type == ASIdentifierChoice_inherit)
249 return 0;
250 if (*choice == NULL) {
251 if ((*choice = ASIdentifierChoice_new()) == NULL)
252 return 0;
253 assert((*choice)->u.asIdsOrRanges == NULL);
254 (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp);
255 if ((*choice)->u.asIdsOrRanges == NULL)
256 return 0;
257 (*choice)->type = ASIdentifierChoice_asIdsOrRanges;
258 }
259 if ((aor = ASIdOrRange_new()) == NULL)
260 return 0;
261 if (max == NULL) {
262 aor->type = ASIdOrRange_id;
263 aor->u.id = min;
264 } else {
265 aor->type = ASIdOrRange_range;
266 if ((aor->u.range = ASRange_new()) == NULL)
267 goto err;
268 ASN1_INTEGER_free(aor->u.range->min);
269 aor->u.range->min = min;
270 ASN1_INTEGER_free(aor->u.range->max);
271 aor->u.range->max = max;
272 }
273 if (!(sk_ASIdOrRange_push((*choice)->u.asIdsOrRanges, aor)))
274 goto err;
275 return 1;
276
277 err:
278 ASIdOrRange_free(aor);
279 return 0;
280}
281
282/*
283 * Extract min and max values from an ASIdOrRange.
284 */
285static void extract_min_max(ASIdOrRange *aor,
286 ASN1_INTEGER **min,
287 ASN1_INTEGER **max)
288{
289 assert(aor != NULL && min != NULL && max != NULL);
290 switch (aor->type) {
291 case ASIdOrRange_id:
292 *min = aor->u.id;
293 *max = aor->u.id;
294 return;
295 case ASIdOrRange_range:
296 *min = aor->u.range->min;
297 *max = aor->u.range->max;
298 return;
299 }
300}
301
302/*
303 * Check whether an ASIdentifierChoice is in canonical form.
304 */
305static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
306{
307 ASN1_INTEGER *a_max_plus_one = NULL;
308 BIGNUM *bn = NULL;
309 int i, ret = 0;
310
311 /*
312 * Empty element or inheritance is canonical.
313 */
314 if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
315 return 1;
316
317 /*
318 * If not a list, or if empty list, it's broken.
319 */
320 if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
321 sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0)
322 return 0;
323
324 /*
325 * It's a list, check it.
326 */
327 for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
328 ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
329 ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
330 ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
331
332 extract_min_max(a, &a_min, &a_max);
333 extract_min_max(b, &b_min, &b_max);
334
335 /*
336 * Punt misordered list, overlapping start, or inverted range.
337 */
338 if (ASN1_INTEGER_cmp(a_min, b_min) >= 0 ||
339 ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
340 ASN1_INTEGER_cmp(b_min, b_max) > 0)
341 goto done;
342
343 /*
344 * Calculate a_max + 1 to check for adjacency.
345 */
346 if ((bn == NULL && (bn = BN_new()) == NULL) ||
347 ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
348 !BN_add_word(bn, 1) ||
349 (a_max_plus_one = BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
350 X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
351 ERR_R_MALLOC_FAILURE);
352 goto done;
353 }
354
355 /*
356 * Punt if adjacent or overlapping.
357 */
358 if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) >= 0)
359 goto done;
360 }
361
362 ret = 1;
363
364 done:
365 ASN1_INTEGER_free(a_max_plus_one);
366 BN_free(bn);
367 return ret;
368}
369
370/*
371 * Check whether an ASIdentifier extension is in canonical form.
372 */
373int v3_asid_is_canonical(ASIdentifiers *asid)
374{
375 return (asid == NULL ||
376 (ASIdentifierChoice_is_canonical(asid->asnum) ||
377 ASIdentifierChoice_is_canonical(asid->rdi)));
378}
379
380/*
381 * Whack an ASIdentifierChoice into canonical form.
382 */
383static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
384{
385 ASN1_INTEGER *a_max_plus_one = NULL;
386 BIGNUM *bn = NULL;
387 int i, ret = 0;
388
389 /*
390 * Nothing to do for empty element or inheritance.
391 */
392 if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
393 return 1;
394
395 /*
396 * We have a list. Sort it.
397 */
398 assert(choice->type == ASIdentifierChoice_asIdsOrRanges);
399 sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
400
401 /*
402 * Now check for errors and suboptimal encoding, rejecting the
403 * former and fixing the latter.
404 */
405 for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
406 ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
407 ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
408 ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
409
410 extract_min_max(a, &a_min, &a_max);
411 extract_min_max(b, &b_min, &b_max);
412
413 /*
414 * Make sure we're properly sorted (paranoia).
415 */
416 assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
417
418 /*
419 * Check for overlaps.
420 */
421 if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) {
422 X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
423 X509V3_R_EXTENSION_VALUE_ERROR);
424 goto done;
425 }
426
427 /*
428 * Calculate a_max + 1 to check for adjacency.
429 */
430 if ((bn == NULL && (bn = BN_new()) == NULL) ||
431 ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
432 !BN_add_word(bn, 1) ||
433 (a_max_plus_one = BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
434 X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, ERR_R_MALLOC_FAILURE);
435 goto done;
436 }
437
438 /*
439 * If a and b are adjacent, merge them.
440 */
441 if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) == 0) {
442 ASRange *r;
443 switch (a->type) {
444 case ASIdOrRange_id:
445 if ((r = OPENSSL_malloc(sizeof(ASRange))) == NULL) {
446 X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
447 ERR_R_MALLOC_FAILURE);
448 goto done;
449 }
450 r->min = a_min;
451 r->max = b_max;
452 a->type = ASIdOrRange_range;
453 a->u.range = r;
454 break;
455 case ASIdOrRange_range:
456 ASN1_INTEGER_free(a->u.range->max);
457 a->u.range->max = b_max;
458 break;
459 }
460 switch (b->type) {
461 case ASIdOrRange_id:
462 b->u.id = NULL;
463 break;
464 case ASIdOrRange_range:
465 b->u.range->max = NULL;
466 break;
467 }
468 ASIdOrRange_free(b);
469 sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
470 i--;
471 continue;
472 }
473 }
474
475 assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
476
477 ret = 1;
478
479 done:
480 ASN1_INTEGER_free(a_max_plus_one);
481 BN_free(bn);
482 return ret;
483}
484
485/*
486 * Whack an ASIdentifier extension into canonical form.
487 */
488int v3_asid_canonize(ASIdentifiers *asid)
489{
490 return (asid == NULL ||
491 (ASIdentifierChoice_canonize(asid->asnum) &&
492 ASIdentifierChoice_canonize(asid->rdi)));
493}
494
495/*
496 * v2i method for an ASIdentifier extension.
497 */
498static void *v2i_ASIdentifiers(struct v3_ext_method *method,
499 struct v3_ext_ctx *ctx,
500 STACK_OF(CONF_VALUE) *values)
501{
502 ASIdentifiers *asid = NULL;
503 int i;
504
505 if ((asid = ASIdentifiers_new()) == NULL) {
506 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
507 return NULL;
508 }
509
510 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
511 CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
512 ASN1_INTEGER *min = NULL, *max = NULL;
513 int i1, i2, i3, is_range, which;
514
515 /*
516 * Figure out whether this is an AS or an RDI.
517 */
518 if ( !name_cmp(val->name, "AS")) {
519 which = V3_ASID_ASNUM;
520 } else if (!name_cmp(val->name, "RDI")) {
521 which = V3_ASID_RDI;
522 } else {
523 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_EXTENSION_NAME_ERROR);
524 X509V3_conf_err(val);
525 goto err;
526 }
527
528 /*
529 * Handle inheritance.
530 */
531 if (!strcmp(val->value, "inherit")) {
532 if (v3_asid_add_inherit(asid, which))
533 continue;
534 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_INHERITANCE);
535 X509V3_conf_err(val);
536 goto err;
537 }
538
539 /*
540 * Number, range, or mistake, pick it apart and figure out which.
541 */
542 i1 = strspn(val->value, "0123456789");
543 if (val->value[i1] == '\0') {
544 is_range = 0;
545 } else {
546 is_range = 1;
547 i2 = i1 + strspn(val->value + i1, " \t");
548 if (val->value[i2] != '-') {
549 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_ASNUMBER);
550 X509V3_conf_err(val);
551 goto err;
552 }
553 i2++;
554 i2 = i2 + strspn(val->value + i2, " \t");
555 i3 = i2 + strspn(val->value + i2, "0123456789");
556 if (val->value[i3] != '\0') {
557 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_ASRANGE);
558 X509V3_conf_err(val);
559 goto err;
560 }
561 }
562
563 /*
564 * Syntax is ok, read and add it.
565 */
566 if (!is_range) {
567 if (!X509V3_get_value_int(val, &min)) {
568 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
569 goto err;
570 }
571 } else {
572 char *s = BUF_strdup(val->value);
573 if (s == NULL) {
574 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
575 goto err;
576 }
577 s[i1] = '\0';
578 min = s2i_ASN1_INTEGER(NULL, s);
579 max = s2i_ASN1_INTEGER(NULL, s + i2);
580 OPENSSL_free(s);
581 if (min == NULL || max == NULL) {
582 ASN1_INTEGER_free(min);
583 ASN1_INTEGER_free(max);
584 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
585 goto err;
586 }
587 }
588 if (!v3_asid_add_id_or_range(asid, which, min, max)) {
589 ASN1_INTEGER_free(min);
590 ASN1_INTEGER_free(max);
591 X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
592 goto err;
593 }
594 }
595
596 /*
597 * Canonize the result, then we're done.
598 */
599 if (!v3_asid_canonize(asid))
600 goto err;
601 return asid;
602
603 err:
604 ASIdentifiers_free(asid);
605 return NULL;
606}
607
608/*
609 * OpenSSL dispatch.
610 */
611const X509V3_EXT_METHOD v3_asid = {
612 NID_sbgp_autonomousSysNum, /* nid */
613 0, /* flags */
614 ASN1_ITEM_ref(ASIdentifiers), /* template */
615 0, 0, 0, 0, /* old functions, ignored */
616 0, /* i2s */
617 0, /* s2i */
618 0, /* i2v */
619 v2i_ASIdentifiers, /* v2i */
620 i2r_ASIdentifiers, /* i2r */
621 0, /* r2i */
622 NULL /* extension-specific data */
623};
624
625/*
626 * Figure out whether extension uses inheritance.
627 */
628int v3_asid_inherits(ASIdentifiers *asid)
629{
630 return (asid != NULL &&
631 ((asid->asnum != NULL &&
632 asid->asnum->type == ASIdentifierChoice_inherit) ||
633 (asid->rdi != NULL &&
634 asid->rdi->type == ASIdentifierChoice_inherit)));
635}
636
637/*
638 * Figure out whether parent contains child.
639 */
640static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child)
641{
642 ASN1_INTEGER *p_min, *p_max, *c_min, *c_max;
643 int p, c;
644
645 if (child == NULL || parent == child)
646 return 1;
647 if (parent == NULL)
648 return 0;
649
650 p = 0;
651 for (c = 0; c < sk_ASIdOrRange_num(child); c++) {
652 extract_min_max(sk_ASIdOrRange_value(child, c), &c_min, &c_max);
653 for (;; p++) {
654 if (p >= sk_ASIdOrRange_num(parent))
655 return 0;
656 extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, &p_max);
657 if (ASN1_INTEGER_cmp(p_max, c_max) < 0)
658 continue;
659 if (ASN1_INTEGER_cmp(p_min, c_min) > 0)
660 return 0;
661 break;
662 }
663 }
664
665 return 1;
666}
667
668/*
669 * Test whether a is a subet of b.
670 */
671int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b)
672{
673 return (a == NULL ||
674 a == b ||
675 (b != NULL &&
676 !v3_asid_inherits(a) &&
677 !v3_asid_inherits(b) &&
678 asid_contains(b->asnum->u.asIdsOrRanges,
679 a->asnum->u.asIdsOrRanges) &&
680 asid_contains(b->rdi->u.asIdsOrRanges,
681 a->rdi->u.asIdsOrRanges)));
682}
683
684/*
685 * Validation error handling via callback.
686 */
687#define validation_err(_err_) \
688 do { \
689 if (ctx != NULL) { \
690 ctx->error = _err_; \
691 ctx->error_depth = i; \
692 ctx->current_cert = x; \
693 ret = ctx->verify_cb(0, ctx); \
694 } else { \
695 ret = 0; \
696 } \
697 if (!ret) \
698 goto done; \
699 } while (0)
700
701/*
702 * Core code for RFC 3779 3.3 path validation.
703 */
704static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
705 STACK_OF(X509) *chain,
706 ASIdentifiers *ext)
707{
708 ASIdOrRanges *child_as = NULL, *child_rdi = NULL;
709 int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
710 X509 *x = NULL;
711
712 assert(chain != NULL && sk_X509_num(chain) > 0);
713 assert(ctx != NULL || ext != NULL);
714 assert(ctx == NULL || ctx->verify_cb != NULL);
715
716 /*
717 * Figure out where to start. If we don't have an extension to
718 * check, we're done. Otherwise, check canonical form and
719 * set up for walking up the chain.
720 */
721 if (ext != NULL) {
722 i = -1;
723 } else {
724 i = 0;
725 x = sk_X509_value(chain, i);
726 assert(x != NULL);
727 if ((ext = x->rfc3779_asid) == NULL)
728 goto done;
729 }
730 if (!v3_asid_is_canonical(ext))
731 validation_err(X509_V_ERR_INVALID_EXTENSION);
732 if (ext->asnum != NULL) {
733 switch (ext->asnum->type) {
734 case ASIdentifierChoice_inherit:
735 inherit_as = 1;
736 break;
737 case ASIdentifierChoice_asIdsOrRanges:
738 child_as = ext->asnum->u.asIdsOrRanges;
739 break;
740 }
741 }
742 if (ext->rdi != NULL) {
743 switch (ext->rdi->type) {
744 case ASIdentifierChoice_inherit:
745 inherit_rdi = 1;
746 break;
747 case ASIdentifierChoice_asIdsOrRanges:
748 child_rdi = ext->rdi->u.asIdsOrRanges;
749 break;
750 }
751 }
752
753 /*
754 * Now walk up the chain. Extensions must be in canonical form, no
755 * cert may list resources that its parent doesn't list.
756 */
757 for (i++; i < sk_X509_num(chain); i++) {
758 x = sk_X509_value(chain, i);
759 assert(x != NULL);
760 if (x->rfc3779_asid == NULL) {
761 if (child_as != NULL || child_rdi != NULL)
762 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
763 continue;
764 }
765 if (!v3_asid_is_canonical(x->rfc3779_asid))
766 validation_err(X509_V_ERR_INVALID_EXTENSION);
767 if (x->rfc3779_asid->asnum == NULL && child_as != NULL) {
768 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
769 child_as = NULL;
770 inherit_as = 0;
771 }
772 if (x->rfc3779_asid->asnum != NULL &&
773 x->rfc3779_asid->asnum->type == ASIdentifierChoice_asIdsOrRanges) {
774 if (inherit_as ||
775 asid_contains(x->rfc3779_asid->asnum->u.asIdsOrRanges, child_as)) {
776 child_as = x->rfc3779_asid->asnum->u.asIdsOrRanges;
777 inherit_as = 0;
778 } else {
779 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
780 }
781 }
782 if (x->rfc3779_asid->rdi == NULL && child_rdi != NULL) {
783 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
784 child_rdi = NULL;
785 inherit_rdi = 0;
786 }
787 if (x->rfc3779_asid->rdi != NULL &&
788 x->rfc3779_asid->rdi->type == ASIdentifierChoice_asIdsOrRanges) {
789 if (inherit_rdi ||
790 asid_contains(x->rfc3779_asid->rdi->u.asIdsOrRanges, child_rdi)) {
791 child_rdi = x->rfc3779_asid->rdi->u.asIdsOrRanges;
792 inherit_rdi = 0;
793 } else {
794 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
795 }
796 }
797 }
798
799 /*
800 * Trust anchor can't inherit.
801 */
802 if (x->rfc3779_asid != NULL) {
803 if (x->rfc3779_asid->asnum != NULL &&
804 x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)
805 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
806 if (x->rfc3779_asid->rdi != NULL &&
807 x->rfc3779_asid->rdi->type == ASIdentifierChoice_inherit)
808 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
809 }
810
811 done:
812 return ret;
813}
814
815#undef validation_err
816
817/*
818 * RFC 3779 3.3 path validation -- called from X509_verify_cert().
819 */
820int v3_asid_validate_path(X509_STORE_CTX *ctx)
821{
822 return v3_asid_validate_path_internal(ctx, ctx->chain, NULL);
823}
824
825/*
826 * RFC 3779 3.3 path validation of an extension.
827 * Test whether chain covers extension.
828 */
829int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
830 ASIdentifiers *ext,
831 int allow_inheritance)
832{
833 if (ext == NULL)
834 return 1;
835 if (chain == NULL || sk_X509_num(chain) == 0)
836 return 0;
837 if (!allow_inheritance && v3_asid_inherits(ext))
838 return 0;
839 return v3_asid_validate_path_internal(NULL, chain, ext);
840}
841
842#endif /* OPENSSL_NO_RFC3779 */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 23:46:17 +0000