summaryrefslogtreecommitdiff
path: root/src/lib/libssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl')
-rw-r--r--src/lib/libssl/LICENSE127
-rw-r--r--src/lib/libssl/Makefile11
-rw-r--r--src/lib/libssl/bio_ssl.c592
-rw-r--r--src/lib/libssl/crypto/Makefile307
-rw-r--r--src/lib/libssl/crypto/arch/alpha/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/hppa/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/i386/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/m68k/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/m88k/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/mips/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/powerpc/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/sparc/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/sparc64/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/arch/vax/opensslconf.h180
-rw-r--r--src/lib/libssl/crypto/shlib_version2
-rw-r--r--src/lib/libssl/doc/openssl.cnf255
-rw-r--r--src/lib/libssl/doc/openssl.txt1235
-rw-r--r--src/lib/libssl/doc/standards.txt130
-rw-r--r--src/lib/libssl/man/Makefile898
-rw-r--r--src/lib/libssl/openssl.cnf65
-rw-r--r--src/lib/libssl/s23_clnt.c480
-rw-r--r--src/lib/libssl/s23_lib.c236
-rw-r--r--src/lib/libssl/s23_pkt.c117
-rw-r--r--src/lib/libssl/s23_srvr.c589
-rw-r--r--src/lib/libssl/s3_both.c624
-rw-r--r--src/lib/libssl/s3_clnt.c1966
-rw-r--r--src/lib/libssl/s3_lib.c1682
-rw-r--r--src/lib/libssl/s3_pkt.c1287
-rw-r--r--src/lib/libssl/s3_srvr.c2046
-rw-r--r--src/lib/libssl/shlib_version2
-rw-r--r--src/lib/libssl/src/CHANGES29
-rw-r--r--src/lib/libssl/src/Configure3
-rw-r--r--src/lib/libssl/src/MacOS/GetHTTPS.src/CPStringUtils.cpp2
-rw-r--r--src/lib/libssl/src/MacOS/GetHTTPS.src/ErrorHandling.cpp2
-rw-r--r--src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp2
-rw-r--r--src/lib/libssl/src/Makefile.org12
-rw-r--r--src/lib/libssl/src/NEWS2
-rw-r--r--src/lib/libssl/src/PROBLEMS50
-rw-r--r--src/lib/libssl/src/STATUS102
-rw-r--r--src/lib/libssl/src/TABLE3961
-rw-r--r--src/lib/libssl/src/apps/CA.pl173
-rw-r--r--src/lib/libssl/src/apps/Makefile.ssl855
-rw-r--r--src/lib/libssl/src/apps/der_chop.in305
-rw-r--r--src/lib/libssl/src/apps/md4.c127
-rw-r--r--src/lib/libssl/src/apps/speed.c2
-rw-r--r--src/lib/libssl/src/certs/ICE-CA.pem59
-rw-r--r--src/lib/libssl/src/certs/ICE-root.pem48
-rw-r--r--src/lib/libssl/src/certs/ICE-user.pem63
-rw-r--r--src/lib/libssl/src/certs/ICE.crl9
-rw-r--r--src/lib/libssl/src/certs/RegTP-4R.pem19
-rw-r--r--src/lib/libssl/src/certs/ca-cert.pem33
-rw-r--r--src/lib/libssl/src/certs/dsa-ca.pem43
-rw-r--r--src/lib/libssl/src/certs/dsa-pca.pem49
-rw-r--r--src/lib/libssl/src/certs/factory.pem15
-rw-r--r--src/lib/libssl/src/certs/nortelCA.pem16
-rw-r--r--src/lib/libssl/src/certs/pca-cert.pem33
-rw-r--r--src/lib/libssl/src/certs/rsa-cca.pem19
-rw-r--r--src/lib/libssl/src/certs/timCA.pem16
-rw-r--r--src/lib/libssl/src/certs/tjhCA.pem15
-rw-r--r--src/lib/libssl/src/certs/vsign2.pem18
-rw-r--r--src/lib/libssl/src/certs/vsigntca.pem18
-rw-r--r--src/lib/libssl/src/crypto/Makefile133
-rw-r--r--src/lib/libssl/src/crypto/Makefile.ssl214
-rw-r--r--src/lib/libssl/src/crypto/aes/Makefile.ssl103
-rw-r--r--src/lib/libssl/src/crypto/asn1/Makefile.ssl886
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_utctm.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_lib.c15
-rw-r--r--src/lib/libssl/src/crypto/asn1/f.c80
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_cinf.c201
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_long.c10
-rw-r--r--src/lib/libssl/src/crypto/bf/Makefile.ssl120
-rw-r--r--src/lib/libssl/src/crypto/bio/Makefile.ssl216
-rw-r--r--src/lib/libssl/src/crypto/bn/Makefile.ssl339
-rw-r--r--src/lib/libssl/src/crypto/buffer/Makefile.ssl94
-rw-r--r--src/lib/libssl/src/crypto/cast/Makefile.ssl125
-rw-r--r--src/lib/libssl/src/crypto/comp/Makefile.ssl114
-rw-r--r--src/lib/libssl/src/crypto/conf/Makefile.ssl161
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_def.c3
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_mod.c2
-rw-r--r--src/lib/libssl/src/crypto/cryptlib.h3
-rw-r--r--src/lib/libssl/src/crypto/cversion.c2
-rw-r--r--src/lib/libssl/src/crypto/des/FILES96
-rw-r--r--src/lib/libssl/src/crypto/des/Makefile.ssl325
-rw-r--r--src/lib/libssl/src/crypto/des/des.h2
-rw-r--r--src/lib/libssl/src/crypto/des/des_old.h4
-rw-r--r--src/lib/libssl/src/crypto/des/fcrypt.c8
-rw-r--r--src/lib/libssl/src/crypto/des/read_pwd.c2
-rw-r--r--src/lib/libssl/src/crypto/dh/Makefile.ssl136
-rw-r--r--src/lib/libssl/src/crypto/dh/dh.h2
-rw-r--r--src/lib/libssl/src/crypto/dsa/Makefile.ssl169
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_key.c4
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_ossl.c56
-rw-r--r--src/lib/libssl/src/crypto/dso/Makefile.ssl142
-rw-r--r--src/lib/libssl/src/crypto/ec/Makefile.ssl128
-rw-r--r--src/lib/libssl/src/crypto/engine/Makefile.ssl453
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_all.c22
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_init.c2
-rw-r--r--src/lib/libssl/src/crypto/engine/engine.h5
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_4758_cca.c4
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_cryptodev.c505
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_cswift.c16
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_openbsd_dev_crypto.c594
-rw-r--r--src/lib/libssl/src/crypto/err/Makefile.ssl112
-rw-r--r--src/lib/libssl/src/crypto/evp/Makefile.ssl662
-rw-r--r--src/lib/libssl/src/crypto/evp/c_all.c1
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_test.c4
-rw-r--r--src/lib/libssl/src/crypto/hmac/Makefile.ssl89
-rw-r--r--src/lib/libssl/src/crypto/hmac/hmac.c1
-rw-r--r--src/lib/libssl/src/crypto/idea/Makefile.ssl91
-rw-r--r--src/lib/libssl/src/crypto/krb5/Makefile.ssl90
-rw-r--r--src/lib/libssl/src/crypto/lhash/Makefile.ssl93
-rw-r--r--src/lib/libssl/src/crypto/md2/Makefile.ssl90
-rw-r--r--src/lib/libssl/src/crypto/md4/Makefile.ssl88
-rw-r--r--src/lib/libssl/src/crypto/md5/Makefile.ssl135
-rw-r--r--src/lib/libssl/src/crypto/mdc2/Makefile.ssl98
-rw-r--r--src/lib/libssl/src/crypto/objects/Makefile.ssl122
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_dat.c2
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_dat.h2842
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_dat.pl1
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_mac.h2307
-rw-r--r--src/lib/libssl/src/crypto/objects/objects.pl13
-rw-r--r--src/lib/libssl/src/crypto/ocsp/Makefile.ssl221
-rw-r--r--src/lib/libssl/src/crypto/pem/Makefile.ssl250
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_pkey.c1
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/Makefile.ssl297
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/Makefile.ssl195
-rw-r--r--src/lib/libssl/src/crypto/rand/Makefile.ssl157
-rw-r--r--src/lib/libssl/src/crypto/rand/rand_unix.c38
-rw-r--r--src/lib/libssl/src/crypto/rand/randfile.c80
-rw-r--r--src/lib/libssl/src/crypto/rc2/Makefile.ssl91
-rw-r--r--src/lib/libssl/src/crypto/rc4/Makefile.ssl115
-rw-r--r--src/lib/libssl/src/crypto/rc5/Makefile.ssl113
-rw-r--r--src/lib/libssl/src/crypto/rc5/asm/rc5-586.pl109
-rw-r--r--src/lib/libssl/src/crypto/rijndael/Makefile.ssl89
-rw-r--r--src/lib/libssl/src/crypto/rijndael/README80
-rw-r--r--src/lib/libssl/src/crypto/rijndael/rd_fst.c1400
-rw-r--r--src/lib/libssl/src/crypto/rijndael/rd_fst.h42
-rw-r--r--src/lib/libssl/src/crypto/rijndael/rijndael.h7
-rw-r--r--src/lib/libssl/src/crypto/ripemd/Makefile.ssl110
-rw-r--r--src/lib/libssl/src/crypto/rsa/Makefile.ssl219
-rw-r--r--src/lib/libssl/src/crypto/sha/Makefile.ssl115
-rw-r--r--src/lib/libssl/src/crypto/stack/Makefile.ssl88
-rw-r--r--src/lib/libssl/src/crypto/threads/mttest.c3
-rw-r--r--src/lib/libssl/src/crypto/txt_db/Makefile.ssl88
-rw-r--r--src/lib/libssl/src/crypto/ui/Makefile.ssl117
-rw-r--r--src/lib/libssl/src/crypto/ui/ui_openssl.c2
-rw-r--r--src/lib/libssl/src/crypto/x509/Makefile.ssl410
-rw-r--r--src/lib/libssl/src/crypto/x509v3/Makefile.ssl420
-rw-r--r--src/lib/libssl/src/demos/easy_tls/Makefile2
-rw-r--r--src/lib/libssl/src/demos/easy_tls/cacerts.pem2
-rw-r--r--src/lib/libssl/src/demos/easy_tls/cert.pem2
-rw-r--r--src/lib/libssl/src/demos/easy_tls/easy-tls.c9
-rw-r--r--src/lib/libssl/src/demos/easy_tls/easy-tls.h2
-rw-r--r--src/lib/libssl/src/demos/easy_tls/test.c2
-rw-r--r--src/lib/libssl/src/demos/easy_tls/test.h2
-rw-r--r--src/lib/libssl/src/doc/crypto/BIO_new_bio_pair.pod103
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_CTX_new.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_add.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_add_word.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_bn2bin.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_copy.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_generate_prime.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_new.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_rand.pod4
-rw-r--r--src/lib/libssl/src/doc/crypto/DH_generate_key.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DH_new.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_do_sign.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_dup_DH.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_generate_key.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_new.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/DSA_sign.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod6
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_SignInit.pod8
-rw-r--r--src/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/RAND_bytes.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_check_key.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_generate_key.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_new.pod3
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod3
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_sign.pod4
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/des_modes.pod9
-rw-r--r--src/lib/libssl/src/doc/crypto/dsa.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/hmac.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/mdc2.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/ripemd.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/sha.pod2
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod2
-rw-r--r--src/lib/libssl/src/doc/ssl/ssl.pod2
-rw-r--r--src/lib/libssl/src/e_os.h2
-rw-r--r--src/lib/libssl/src/rsaref/Makefile.ssl102
-rw-r--r--src/lib/libssl/src/rsaref/install.com69
-rw-r--r--src/lib/libssl/src/rsaref/rsar_err.c119
-rw-r--r--src/lib/libssl/src/rsaref/rsaref-lib.com902
-rw-r--r--src/lib/libssl/src/rsaref/rsaref.c308
-rw-r--r--src/lib/libssl/src/rsaref/rsaref.h180
-rw-r--r--src/lib/libssl/src/ssl/Makefile.ssl736
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c8
-rw-r--r--src/lib/libssl/src/ssl/s2_lib.c8
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c14
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c10
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c2
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c21
-rw-r--r--src/lib/libssl/src/ssl/ssl.h2
-rw-r--r--src/lib/libssl/src/ssl/ssl_asn1.c1
-rw-r--r--src/lib/libssl/src/ssl/ssl_ciph.c6
-rw-r--r--src/lib/libssl/src/ssl/ssl_err.c4
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c7
-rw-r--r--src/lib/libssl/src/ssl/ssl_locl.h5
-rw-r--r--src/lib/libssl/src/ssl/ssl_sess.c1
-rw-r--r--src/lib/libssl/src/test/Makefile.ssl540
-rw-r--r--src/lib/libssl/src/test/enginetest.c274
-rw-r--r--src/lib/libssl/src/test/md4test.c134
-rw-r--r--src/lib/libssl/src/test/rsa_test.c318
-rw-r--r--src/lib/libssl/src/tools/Makefile.ssl62
-rw-r--r--src/lib/libssl/src/tools/c_rehash158
-rw-r--r--src/lib/libssl/src/util/domd4
-rw-r--r--src/lib/libssl/src/util/libeay.num6
-rw-r--r--src/lib/libssl/src/util/mkdef.pl4
-rw-r--r--src/lib/libssl/src/util/pl/Mingw32f.pl73
-rw-r--r--src/lib/libssl/ssl.h1802
-rw-r--r--src/lib/libssl/ssl/Makefile58
-rw-r--r--src/lib/libssl/ssl/shlib_version2
-rw-r--r--src/lib/libssl/ssl2.h268
-rw-r--r--src/lib/libssl/ssl23.h83
-rw-r--r--src/lib/libssl/ssl3.h504
-rw-r--r--src/lib/libssl/ssl_algs.c111
-rw-r--r--src/lib/libssl/ssl_asn1.c390
-rw-r--r--src/lib/libssl/ssl_cert.c832
-rw-r--r--src/lib/libssl/ssl_ciph.c1138
-rw-r--r--src/lib/libssl/ssl_err.c454
-rw-r--r--src/lib/libssl/ssl_err2.c70
-rw-r--r--src/lib/libssl/ssl_lib.c2298
-rw-r--r--src/lib/libssl/ssl_locl.h622
-rw-r--r--src/lib/libssl/ssl_rsa.c815
-rw-r--r--src/lib/libssl/ssl_sess.c746
-rw-r--r--src/lib/libssl/ssl_stat.c502
-rw-r--r--src/lib/libssl/ssl_txt.c186
-rw-r--r--src/lib/libssl/ssleay.cnf65
-rw-r--r--src/lib/libssl/t1_clnt.c90
-rw-r--r--src/lib/libssl/t1_enc.c803
-rw-r--r--src/lib/libssl/t1_lib.c149
-rw-r--r--src/lib/libssl/t1_meth.c88
-rw-r--r--src/lib/libssl/t1_srvr.c91
-rw-r--r--src/lib/libssl/test/CAss.cnf25
-rw-r--r--src/lib/libssl/test/CAssdh.cnf24
-rw-r--r--src/lib/libssl/test/CAssdsa.cnf23
-rw-r--r--src/lib/libssl/test/CAssrsa.cnf24
-rw-r--r--src/lib/libssl/test/Makefile.ssl540
-rw-r--r--src/lib/libssl/test/Sssdsa.cnf27
-rw-r--r--src/lib/libssl/test/Sssrsa.cnf26
-rw-r--r--src/lib/libssl/test/Uss.cnf28
-rw-r--r--src/lib/libssl/test/VMSca-response.11
-rw-r--r--src/lib/libssl/test/VMSca-response.22
-rw-r--r--src/lib/libssl/test/bctest111
-rw-r--r--src/lib/libssl/test/enginetest.c274
-rw-r--r--src/lib/libssl/test/md4test.c134
-rw-r--r--src/lib/libssl/test/methtest.c105
-rw-r--r--src/lib/libssl/test/pkcs7-1.pem15
-rw-r--r--src/lib/libssl/test/pkcs7.pem54
-rw-r--r--src/lib/libssl/test/r160test.c57
-rw-r--r--src/lib/libssl/test/rsa_test.c318
-rw-r--r--src/lib/libssl/test/tcrl81
-rw-r--r--src/lib/libssl/test/test.cnf88
-rw-r--r--src/lib/libssl/test/testca44
-rw-r--r--src/lib/libssl/test/testcrl.pem16
-rw-r--r--src/lib/libssl/test/testenc54
-rw-r--r--src/lib/libssl/test/testgen38
-rw-r--r--src/lib/libssl/test/testp7.pem46
-rw-r--r--src/lib/libssl/test/testreq2.pem7
-rw-r--r--src/lib/libssl/test/testrsa.pem9
-rw-r--r--src/lib/libssl/test/testsid.pem12
-rw-r--r--src/lib/libssl/test/testss99
-rw-r--r--src/lib/libssl/test/testssl137
-rw-r--r--src/lib/libssl/test/testx509.pem10
-rw-r--r--src/lib/libssl/test/times113
-rw-r--r--src/lib/libssl/test/tpkcs751
-rw-r--r--src/lib/libssl/test/tpkcs7d44
-rw-r--r--src/lib/libssl/test/treq86
-rw-r--r--src/lib/libssl/test/trsa86
-rw-r--r--src/lib/libssl/test/tsid81
-rw-r--r--src/lib/libssl/test/tx50981
-rw-r--r--src/lib/libssl/test/v3-cert1.pem16
-rw-r--r--src/lib/libssl/test/v3-cert2.pem16
-rw-r--r--src/lib/libssl/tls1.h194
-rw-r--r--src/lib/libssl/x509v3.cnf26
293 files changed, 51460 insertions, 5985 deletions
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
new file mode 100644
index 0000000000..7b93e0dbce
--- /dev/null
+++ b/src/lib/libssl/LICENSE
@@ -0,0 +1,127 @@
1
2 LICENSE ISSUES
3 ==============
4
5 The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
6 the OpenSSL License and the original SSLeay license apply to the toolkit.
7 See below for the actual license texts. Actually both licenses are BSD-style
8 Open Source licenses. In case of any license issues related to OpenSSL
9 please contact openssl-core@openssl.org.
10
11 OpenSSL License
12 ---------------
13
14/* ====================================================================
15 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 *
21 * 1. Redistributions of source code must retain the above copyright
22 * notice, this list of conditions and the following disclaimer.
23 *
24 * 2. Redistributions in binary form must reproduce the above copyright
25 * notice, this list of conditions and the following disclaimer in
26 * the documentation and/or other materials provided with the
27 * distribution.
28 *
29 * 3. All advertising materials mentioning features or use of this
30 * software must display the following acknowledgment:
31 * "This product includes software developed by the OpenSSL Project
32 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
33 *
34 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
35 * endorse or promote products derived from this software without
36 * prior written permission. For written permission, please contact
37 * openssl-core@openssl.org.
38 *
39 * 5. Products derived from this software may not be called "OpenSSL"
40 * nor may "OpenSSL" appear in their names without prior written
41 * permission of the OpenSSL Project.
42 *
43 * 6. Redistributions of any form whatsoever must retain the following
44 * acknowledgment:
45 * "This product includes software developed by the OpenSSL Project
46 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
49 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
51 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
52 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
53 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
54 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
55 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
57 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
58 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
59 * OF THE POSSIBILITY OF SUCH DAMAGE.
60 * ====================================================================
61 *
62 * This product includes cryptographic software written by Eric Young
63 * (eay@cryptsoft.com). This product includes software written by Tim
64 * Hudson (tjh@cryptsoft.com).
65 *
66 */
67
68 Original SSLeay License
69 -----------------------
70
71/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
72 * All rights reserved.
73 *
74 * This package is an SSL implementation written
75 * by Eric Young (eay@cryptsoft.com).
76 * The implementation was written so as to conform with Netscapes SSL.
77 *
78 * This library is free for commercial and non-commercial use as long as
79 * the following conditions are aheared to. The following conditions
80 * apply to all code found in this distribution, be it the RC4, RSA,
81 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
82 * included with this distribution is covered by the same copyright terms
83 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
84 *
85 * Copyright remains Eric Young's, and as such any Copyright notices in
86 * the code are not to be removed.
87 * If this package is used in a product, Eric Young should be given attribution
88 * as the author of the parts of the library used.
89 * This can be in the form of a textual message at program startup or
90 * in documentation (online or textual) provided with the package.
91 *
92 * Redistribution and use in source and binary forms, with or without
93 * modification, are permitted provided that the following conditions
94 * are met:
95 * 1. Redistributions of source code must retain the copyright
96 * notice, this list of conditions and the following disclaimer.
97 * 2. Redistributions in binary form must reproduce the above copyright
98 * notice, this list of conditions and the following disclaimer in the
99 * documentation and/or other materials provided with the distribution.
100 * 3. All advertising materials mentioning features or use of this software
101 * must display the following acknowledgement:
102 * "This product includes cryptographic software written by
103 * Eric Young (eay@cryptsoft.com)"
104 * The word 'cryptographic' can be left out if the rouines from the library
105 * being used are not cryptographic related :-).
106 * 4. If you include any Windows specific code (or a derivative thereof) from
107 * the apps directory (application code) you must include an acknowledgement:
108 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
109 *
110 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
111 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
112 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
113 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
114 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
115 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
116 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
117 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
118 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
119 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
120 * SUCH DAMAGE.
121 *
122 * The licence and distribution terms for any publically available version or
123 * derivative of this code cannot be changed. i.e. this code cannot simply be
124 * copied and put under another distribution licence
125 * [including the GNU Public Licence.]
126 */
127
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
new file mode 100644
index 0000000000..80fb532c3c
--- /dev/null
+++ b/src/lib/libssl/Makefile
@@ -0,0 +1,11 @@
1# $OpenBSD: Makefile,v 1.13 2002/09/03 18:59:55 markus Exp $
2
3SUBDIR=crypto ssl man
4
5distribution:
6 ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
7 ${.CURDIR}/openssl.cnf ${DESTDIR}/etc/ssl/openssl.cnf && \
8 ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
9 ${.CURDIR}/x509v3.cnf ${DESTDIR}/etc/ssl/x509v3.cnf
10
11.include <bsd.subdir.mk>
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
new file mode 100644
index 0000000000..467e149947
--- /dev/null
+++ b/src/lib/libssl/bio_ssl.c
@@ -0,0 +1,592 @@
1/* ssl/bio_ssl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <errno.h>
63#include <openssl/crypto.h>
64#include <openssl/bio.h>
65#include <openssl/err.h>
66#include <openssl/ssl.h>
67
68static int ssl_write(BIO *h, const char *buf, int num);
69static int ssl_read(BIO *h, char *buf, int size);
70static int ssl_puts(BIO *h, const char *str);
71static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
72static int ssl_new(BIO *h);
73static int ssl_free(BIO *data);
74static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
75typedef struct bio_ssl_st
76 {
77 SSL *ssl; /* The ssl handle :-) */
78 /* re-negotiate every time the total number of bytes is this size */
79 int num_renegotiates;
80 unsigned long renegotiate_count;
81 unsigned long byte_count;
82 unsigned long renegotiate_timeout;
83 unsigned long last_time;
84 } BIO_SSL;
85
86static BIO_METHOD methods_sslp=
87 {
88 BIO_TYPE_SSL,"ssl",
89 ssl_write,
90 ssl_read,
91 ssl_puts,
92 NULL, /* ssl_gets, */
93 ssl_ctrl,
94 ssl_new,
95 ssl_free,
96 ssl_callback_ctrl,
97 };
98
99BIO_METHOD *BIO_f_ssl(void)
100 {
101 return(&methods_sslp);
102 }
103
104static int ssl_new(BIO *bi)
105 {
106 BIO_SSL *bs;
107
108 bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
109 if (bs == NULL)
110 {
111 BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
112 return(0);
113 }
114 memset(bs,0,sizeof(BIO_SSL));
115 bi->init=0;
116 bi->ptr=(char *)bs;
117 bi->flags=0;
118 return(1);
119 }
120
121static int ssl_free(BIO *a)
122 {
123 BIO_SSL *bs;
124
125 if (a == NULL) return(0);
126 bs=(BIO_SSL *)a->ptr;
127 if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
128 if (a->shutdown)
129 {
130 if (a->init && (bs->ssl != NULL))
131 SSL_free(bs->ssl);
132 a->init=0;
133 a->flags=0;
134 }
135 if (a->ptr != NULL)
136 OPENSSL_free(a->ptr);
137 return(1);
138 }
139
140static int ssl_read(BIO *b, char *out, int outl)
141 {
142 int ret=1;
143 BIO_SSL *sb;
144 SSL *ssl;
145 int retry_reason=0;
146 int r=0;
147
148 if (out == NULL) return(0);
149 sb=(BIO_SSL *)b->ptr;
150 ssl=sb->ssl;
151
152 BIO_clear_retry_flags(b);
153
154#if 0
155 if (!SSL_is_init_finished(ssl))
156 {
157/* ret=SSL_do_handshake(ssl); */
158 if (ret > 0)
159 {
160
161 outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
162 ret= -1;
163 goto end;
164 }
165 }
166#endif
167/* if (ret > 0) */
168 ret=SSL_read(ssl,out,outl);
169
170 switch (SSL_get_error(ssl,ret))
171 {
172 case SSL_ERROR_NONE:
173 if (ret <= 0) break;
174 if (sb->renegotiate_count > 0)
175 {
176 sb->byte_count+=ret;
177 if (sb->byte_count > sb->renegotiate_count)
178 {
179 sb->byte_count=0;
180 sb->num_renegotiates++;
181 SSL_renegotiate(ssl);
182 r=1;
183 }
184 }
185 if ((sb->renegotiate_timeout > 0) && (!r))
186 {
187 unsigned long tm;
188
189 tm=(unsigned long)time(NULL);
190 if (tm > sb->last_time+sb->renegotiate_timeout)
191 {
192 sb->last_time=tm;
193 sb->num_renegotiates++;
194 SSL_renegotiate(ssl);
195 }
196 }
197
198 break;
199 case SSL_ERROR_WANT_READ:
200 BIO_set_retry_read(b);
201 break;
202 case SSL_ERROR_WANT_WRITE:
203 BIO_set_retry_write(b);
204 break;
205 case SSL_ERROR_WANT_X509_LOOKUP:
206 BIO_set_retry_special(b);
207 retry_reason=BIO_RR_SSL_X509_LOOKUP;
208 break;
209 case SSL_ERROR_WANT_ACCEPT:
210 BIO_set_retry_special(b);
211 retry_reason=BIO_RR_ACCEPT;
212 break;
213 case SSL_ERROR_WANT_CONNECT:
214 BIO_set_retry_special(b);
215 retry_reason=BIO_RR_CONNECT;
216 break;
217 case SSL_ERROR_SYSCALL:
218 case SSL_ERROR_SSL:
219 case SSL_ERROR_ZERO_RETURN:
220 default:
221 break;
222 }
223
224 b->retry_reason=retry_reason;
225 return(ret);
226 }
227
228static int ssl_write(BIO *b, const char *out, int outl)
229 {
230 int ret,r=0;
231 int retry_reason=0;
232 SSL *ssl;
233 BIO_SSL *bs;
234
235 if (out == NULL) return(0);
236 bs=(BIO_SSL *)b->ptr;
237 ssl=bs->ssl;
238
239 BIO_clear_retry_flags(b);
240
241/* ret=SSL_do_handshake(ssl);
242 if (ret > 0) */
243 ret=SSL_write(ssl,out,outl);
244
245 switch (SSL_get_error(ssl,ret))
246 {
247 case SSL_ERROR_NONE:
248 if (ret <= 0) break;
249 if (bs->renegotiate_count > 0)
250 {
251 bs->byte_count+=ret;
252 if (bs->byte_count > bs->renegotiate_count)
253 {
254 bs->byte_count=0;
255 bs->num_renegotiates++;
256 SSL_renegotiate(ssl);
257 r=1;
258 }
259 }
260 if ((bs->renegotiate_timeout > 0) && (!r))
261 {
262 unsigned long tm;
263
264 tm=(unsigned long)time(NULL);
265 if (tm > bs->last_time+bs->renegotiate_timeout)
266 {
267 bs->last_time=tm;
268 bs->num_renegotiates++;
269 SSL_renegotiate(ssl);
270 }
271 }
272 break;
273 case SSL_ERROR_WANT_WRITE:
274 BIO_set_retry_write(b);
275 break;
276 case SSL_ERROR_WANT_READ:
277 BIO_set_retry_read(b);
278 break;
279 case SSL_ERROR_WANT_X509_LOOKUP:
280 BIO_set_retry_special(b);
281 retry_reason=BIO_RR_SSL_X509_LOOKUP;
282 break;
283 case SSL_ERROR_WANT_CONNECT:
284 BIO_set_retry_special(b);
285 retry_reason=BIO_RR_CONNECT;
286 case SSL_ERROR_SYSCALL:
287 case SSL_ERROR_SSL:
288 default:
289 break;
290 }
291
292 b->retry_reason=retry_reason;
293 return(ret);
294 }
295
296static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
297 {
298 SSL **sslp,*ssl;
299 BIO_SSL *bs;
300 BIO *dbio,*bio;
301 long ret=1;
302
303 bs=(BIO_SSL *)b->ptr;
304 ssl=bs->ssl;
305 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
306 return(0);
307 switch (cmd)
308 {
309 case BIO_CTRL_RESET:
310 SSL_shutdown(ssl);
311
312 if (ssl->handshake_func == ssl->method->ssl_connect)
313 SSL_set_connect_state(ssl);
314 else if (ssl->handshake_func == ssl->method->ssl_accept)
315 SSL_set_accept_state(ssl);
316
317 SSL_clear(ssl);
318
319 if (b->next_bio != NULL)
320 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
321 else if (ssl->rbio != NULL)
322 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
323 else
324 ret=1;
325 break;
326 case BIO_CTRL_INFO:
327 ret=0;
328 break;
329 case BIO_C_SSL_MODE:
330 if (num) /* client mode */
331 SSL_set_connect_state(ssl);
332 else
333 SSL_set_accept_state(ssl);
334 break;
335 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
336 ret=bs->renegotiate_timeout;
337 if (num < 60) num=5;
338 bs->renegotiate_timeout=(unsigned long)num;
339 bs->last_time=(unsigned long)time(NULL);
340 break;
341 case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
342 ret=bs->renegotiate_count;
343 if ((long)num >=512)
344 bs->renegotiate_count=(unsigned long)num;
345 break;
346 case BIO_C_GET_SSL_NUM_RENEGOTIATES:
347 ret=bs->num_renegotiates;
348 break;
349 case BIO_C_SET_SSL:
350 if (ssl != NULL)
351 ssl_free(b);
352 b->shutdown=(int)num;
353 ssl=(SSL *)ptr;
354 ((BIO_SSL *)b->ptr)->ssl=ssl;
355 bio=SSL_get_rbio(ssl);
356 if (bio != NULL)
357 {
358 if (b->next_bio != NULL)
359 BIO_push(bio,b->next_bio);
360 b->next_bio=bio;
361 CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
362 }
363 b->init=1;
364 break;
365 case BIO_C_GET_SSL:
366 if (ptr != NULL)
367 {
368 sslp=(SSL **)ptr;
369 *sslp=ssl;
370 }
371 else
372 ret=0;
373 break;
374 case BIO_CTRL_GET_CLOSE:
375 ret=b->shutdown;
376 break;
377 case BIO_CTRL_SET_CLOSE:
378 b->shutdown=(int)num;
379 break;
380 case BIO_CTRL_WPENDING:
381 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
382 break;
383 case BIO_CTRL_PENDING:
384 ret=SSL_pending(ssl);
385 if (ret == 0)
386 ret=BIO_pending(ssl->rbio);
387 break;
388 case BIO_CTRL_FLUSH:
389 BIO_clear_retry_flags(b);
390 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
391 BIO_copy_next_retry(b);
392 break;
393 case BIO_CTRL_PUSH:
394 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
395 {
396 SSL_set_bio(ssl,b->next_bio,b->next_bio);
397 CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
398 }
399 break;
400 case BIO_CTRL_POP:
401 /* ugly bit of a hack */
402 if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
403 {
404 BIO_free_all(ssl->wbio);
405 }
406 ssl->wbio=NULL;
407 ssl->rbio=NULL;
408 break;
409 case BIO_C_DO_STATE_MACHINE:
410 BIO_clear_retry_flags(b);
411
412 b->retry_reason=0;
413 ret=(int)SSL_do_handshake(ssl);
414
415 switch (SSL_get_error(ssl,(int)ret))
416 {
417 case SSL_ERROR_WANT_READ:
418 BIO_set_flags(b,
419 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
420 break;
421 case SSL_ERROR_WANT_WRITE:
422 BIO_set_flags(b,
423 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
424 break;
425 case SSL_ERROR_WANT_CONNECT:
426 BIO_set_flags(b,
427 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
428 b->retry_reason=b->next_bio->retry_reason;
429 break;
430 default:
431 break;
432 }
433 break;
434 case BIO_CTRL_DUP:
435 dbio=(BIO *)ptr;
436 if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
437 SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
438 ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
439 ((BIO_SSL *)dbio->ptr)->renegotiate_count=
440 ((BIO_SSL *)b->ptr)->renegotiate_count;
441 ((BIO_SSL *)dbio->ptr)->byte_count=
442 ((BIO_SSL *)b->ptr)->byte_count;
443 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
444 ((BIO_SSL *)b->ptr)->renegotiate_timeout;
445 ((BIO_SSL *)dbio->ptr)->last_time=
446 ((BIO_SSL *)b->ptr)->last_time;
447 ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
448 break;
449 case BIO_C_GET_FD:
450 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
451 break;
452 case BIO_CTRL_SET_CALLBACK:
453 {
454#if 0 /* FIXME: Should this be used? -- Richard Levitte */
455 BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
456 ret = -1;
457#else
458 ret=0;
459#endif
460 }
461 break;
462 case BIO_CTRL_GET_CALLBACK:
463 {
464 void (**fptr)();
465
466 fptr=(void (**)())ptr;
467 *fptr=SSL_get_info_callback(ssl);
468 }
469 break;
470 default:
471 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
472 break;
473 }
474 return(ret);
475 }
476
477static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
478 {
479 SSL *ssl;
480 BIO_SSL *bs;
481 long ret=1;
482
483 bs=(BIO_SSL *)b->ptr;
484 ssl=bs->ssl;
485 switch (cmd)
486 {
487 case BIO_CTRL_SET_CALLBACK:
488 {
489 /* FIXME: setting this via a completely different prototype
490 seems like a crap idea */
491 SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp);
492 }
493 break;
494 default:
495 ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
496 break;
497 }
498 return(ret);
499 }
500
501static int ssl_puts(BIO *bp, const char *str)
502 {
503 int n,ret;
504
505 n=strlen(str);
506 ret=BIO_write(bp,str,n);
507 return(ret);
508 }
509
510BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
511 {
512 BIO *ret=NULL,*buf=NULL,*ssl=NULL;
513
514 if ((buf=BIO_new(BIO_f_buffer())) == NULL)
515 return(NULL);
516 if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
517 goto err;
518 if ((ret=BIO_push(buf,ssl)) == NULL)
519 goto err;
520 return(ret);
521err:
522 if (buf != NULL) BIO_free(buf);
523 if (ssl != NULL) BIO_free(ssl);
524 return(NULL);
525 }
526
527BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
528 {
529 BIO *ret=NULL,*con=NULL,*ssl=NULL;
530
531 if ((con=BIO_new(BIO_s_connect())) == NULL)
532 return(NULL);
533 if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
534 goto err;
535 if ((ret=BIO_push(ssl,con)) == NULL)
536 goto err;
537 return(ret);
538err:
539 if (con != NULL) BIO_free(con);
540 if (ret != NULL) BIO_free(ret);
541 return(NULL);
542 }
543
544BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
545 {
546 BIO *ret;
547 SSL *ssl;
548
549 if ((ret=BIO_new(BIO_f_ssl())) == NULL)
550 return(NULL);
551 if ((ssl=SSL_new(ctx)) == NULL)
552 {
553 BIO_free(ret);
554 return(NULL);
555 }
556 if (client)
557 SSL_set_connect_state(ssl);
558 else
559 SSL_set_accept_state(ssl);
560
561 BIO_set_ssl(ret,ssl,BIO_CLOSE);
562 return(ret);
563 }
564
565int BIO_ssl_copy_session_id(BIO *t, BIO *f)
566 {
567 t=BIO_find_type(t,BIO_TYPE_SSL);
568 f=BIO_find_type(f,BIO_TYPE_SSL);
569 if ((t == NULL) || (f == NULL))
570 return(0);
571 if ( (((BIO_SSL *)t->ptr)->ssl == NULL) ||
572 (((BIO_SSL *)f->ptr)->ssl == NULL))
573 return(0);
574 SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
575 return(1);
576 }
577
578void BIO_ssl_shutdown(BIO *b)
579 {
580 SSL *s;
581
582 while (b != NULL)
583 {
584 if (b->method->type == BIO_TYPE_SSL)
585 {
586 s=((BIO_SSL *)b->ptr)->ssl;
587 SSL_shutdown(s);
588 break;
589 }
590 b=b->next_bio;
591 }
592 }
diff --git a/src/lib/libssl/crypto/Makefile b/src/lib/libssl/crypto/Makefile
new file mode 100644
index 0000000000..15c310f2ee
--- /dev/null
+++ b/src/lib/libssl/crypto/Makefile
@@ -0,0 +1,307 @@
1# $OpenBSD: Makefile,v 1.25 2002/09/03 18:59:55 markus Exp $
2
3LIB= crypto
4
5SSLEAYDIST= src
6SSL_SRC= ${.CURDIR}/../${SSLEAYDIST}
7LCRYPTO_SRC= ${SSL_SRC}/crypto
8
9.if ${MACHINE_ARCH} == "i386"
10CFLAGS+= -DL_ENDIAN
11.else
12.if ${MACHINE_ARCH} == "mips"
13CFLAGS+= -DL_ENDIAN
14.else
15.if ${MACHINE_ARCH} == "vax"
16CFLAGS+= -DL_ENDIAN
17.else
18.if ${MACHINE_ARCH} == "alpha"
19# no ENDIAN stuff defined for alpha
20.else
21CFLAGS+= -DB_ENDIAN
22.endif
23.endif
24.endif
25.endif
26
27CFLAGS+= -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM
28CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DSO_DLFCN -DHAVE_DLFCN_H
29CFLAGS+= -DNO_WINDOWS_BRAINDEATH
30CFLAGS+= -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA
31CFLAGS+= -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP
32CFLAGS+= -DOPENSSL_NO_HW_SUREWARE
33CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}
34CFLAGS+= -I${LCRYPTO_SRC}
35SRCS+= o_time.c
36SRCS+= cryptlib.c ex_data.c cpt_err.c mem.c mem_dbg.c tmdiff.c cversion.c uid.c
37CFLAGS+= -I${LCRYPTO_SRC}/md2
38SRCS+= md2_dgst.c md2_one.c
39CFLAGS+= -I${LCRYPTO_SRC}/md5
40SRCS+= md5_dgst.c md5_one.c
41CFLAGS+= -I${LCRYPTO_SRC}/sha
42SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
43CFLAGS+= -I${LCRYPTO_SRC}/mdc2
44SRCS+= mdc2dgst.c mdc2_one.c
45CFLAGS+= -I${LCRYPTO_SRC}/hmac
46SRCS+= hmac.c
47CFLAGS+= -I${LCRYPTO_SRC}/ripemd
48SRCS+= rmd_dgst.c rmd_one.c
49CFLAGS+= -I${LCRYPTO_SRC}/aes
50SRCS+= aes_cbc.c aes_cfb.c aes_ctr.c aes_ecb.c aes_ofb.c aes_misc.c aes_core.c
51CFLAGS+= -I${LCRYPTO_SRC}/des
52SRCS+= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
53 ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \
54 fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \
55 qud_cksm.c rand_key.c rpc_enc.c set_key.c \
56 des_enc.c des_old.c fcrypt_b.c \
57 fcrypt.c xcbc_enc.c ede_cbcm_enc.c \
58 str2key.c cfb64ede.c ofb64ede.c \
59 des_old.c read2pwd.c
60CFLAGS+= -I${LCRYPTO_SRC}/rc2
61SRCS+= rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c
62SRCS+= rc2ofb64.c
63CFLAGS+= -I${LCRYPTO_SRC}/rc4
64SRCS+= rc4_skey.c rc4_enc.c
65#CFLAGS+= -I${LCRYPTO_SRC}/rc5
66#SRCS+= rc5_skey.c rc5_ecb.c rc5cfb64.c rc5cfb64.c
67#SRCS+= rc5ofb64.c rc5_enc.c
68#CFLAGS+= -I${LCRYPTO_SRC}/idea
69#SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c
70#SRCS+= i_skey.c
71CFLAGS+= -I${LCRYPTO_SRC}/bf
72SRCS+= bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c bf_enc.c
73CFLAGS+= -I${LCRYPTO_SRC}/cast
74SRCS+= c_skey.c c_ecb.c c_cfb64.c c_ofb64.c c_enc.c
75CFLAGS+= -I${LCRYPTO_SRC}/bn
76SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c
77SRCS+= bn_mul.c bn_print.c bn_rand.c bn_shift.c
78SRCS+= bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c
79SRCS+= bn_sqr.c bn_recp.c bn_mont.c bn_mpi.c bn_asm.c bn_mod.c
80SRCS+= bn_exp2.c bn_ctx.c
81SRCS+= bn_sqrt.c bn_kron.c
82CFLAGS+= -I${LCRYPTO_SRC}/rsa
83SRCS+= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c
84SRCS+= rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c
85SRCS+= rsa_none.c rsa_chk.c rsa_oaep.c rsa_null.c rsa_asn1.c
86CFLAGS+= -I${LCRYPTO_SRC}/dsa
87SRCS+= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c
88SRCS+= dsa_sign.c dsa_err.c dsa_asn1.c dsa_ossl.c
89CFLAGS+= -I${LCRYPTO_SRC}/dh
90SRCS+= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_asn1.c
91CFLAGS+= -I${LCRYPTO_SRC}/buffer
92SRCS+= buffer.c buf_err.c
93CFLAGS+= -I${LCRYPTO_SRC}/bio
94SRCS+= bio_lib.c bio_cb.c bio_err.c bss_mem.c
95SRCS+= bss_null.c bss_fd.c bss_file.c bss_sock.c
96SRCS+= bss_conn.c bf_null.c bf_buff.c
97SRCS+= b_print.c b_dump.c b_sock.c bss_acpt.c
98SRCS+= bf_nbio.c bss_bio.c bss_log.c
99CFLAGS+= -I${LCRYPTO_SRC}/stack
100SRCS+= stack.c
101CFLAGS+= -I${LCRYPTO_SRC}/lhash
102SRCS+= lhash.c lh_stats.c
103CFLAGS+= -I${LCRYPTO_SRC}/rand
104SRCS+= md_rand.c randfile.c rand_lib.c rand_egd.c rand_err.c rand_unix.c
105CFLAGS+= -I${LCRYPTO_SRC}/err
106SRCS+= err.c err_all.c err_prn.c
107CFLAGS+= -I${LCRYPTO_SRC}/objects
108SRCS+= obj_dat.c obj_lib.c obj_err.c o_names.c
109CFLAGS+= -I${LCRYPTO_SRC}/evp
110SRCS+= bio_b64.c e_bf.c m_sha.c p_open.c
111SRCS+= bio_enc.c e_cast.c e_xcbc_d.c m_dss.c m_sha1.c p_seal.c
112SRCS+= bio_md.c e_des.c encode.c m_dss1.c names.c p_sign.c
113SRCS+= bio_ok.c e_des3.c evp_enc.c m_md2.c p_verify.c
114SRCS+= c_all.c evp_err.c m_md4.c p5_crpt.c
115SRCS+= c_allc.c evp_key.c m_md5.c p5_crpt2.c
116SRCS+= c_alld.c e_null.c evp_lib.c m_mdc2.c p_dec.c
117SRCS+= digest.c e_rc2.c evp_pbe.c m_null.c p_enc.c
118SRCS+= e_aes.c e_rc4.c evp_pkey.c m_ripemd.c p_lib.c
119CFLAGS+= -I${LCRYPTO_SRC}/md4
120SRCS+= md4_dgst.c md4_one.c
121CFLAGS+= -I${LCRYPTO_SRC}/pem
122SRCS+= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_pkey.c
123SRCS+= pem_all.c pem_err.c pem_x509.c pem_pk8.c pem_oth.c pem_xaux.c
124CFLAGS+= -I${LCRYPTO_SRC}/ui
125SRCS+= ui_err.c ui_lib.c ui_openssl.c ui_compat.c ui_util.c
126CFLAGS+= -I${LCRYPTO_SRC}/asn1
127SRCS+= a_bitstr.c a_mbstr.c a_utctm.c f_enum.c t_bitst.c x_name.c
128SRCS+= a_bool.c a_meth.c a_utf8.c f_int.c t_crl.c tasn_typ.c x_pkey.c
129SRCS+= a_bytes.c a_object.c a_verify.c f_string.c t_pkey.c tasn_utl.c x_pubkey.c
130SRCS+= a_d2i_fp.c a_octet.c asn1_err.c i2d_pr.c t_req.c x_algor.c x_req.c
131SRCS+= a_digest.c a_print.c asn1_lib.c i2d_pu.c t_spki.c x_attrib.c x_sig.c
132SRCS+= a_dup.c a_set.c asn1_par.c n_pkey.c t_x509.c x_bignum.c x_spki.c
133SRCS+= a_enum.c a_sign.c asn_pack.c nsseq.c t_x509a.c x_val.c
134SRCS+= a_gentm.c a_strex.c d2i_pr.c p5_pbe.c tasn_dec.c x_crl.c x_x509.c
135SRCS+= a_hdr.c a_strnid.c d2i_pu.c p5_pbev2.c tasn_enc.c x_exten.c x_x509a.c
136SRCS+= a_i2d_fp.c a_time.c evp_asn1.c tasn_fre.c x_info.c
137SRCS+=a_int.c a_type.c p8_pkey.c tasn_new.c x_long.c asn_moid.c
138CFLAGS+= -I${LCRYPTO_SRC}/x509
139SRCS+= x509_d2.c x509_lu.c x509_set.c x509_vfy.c x509spki.c by_dir.c
140SRCS+= x509_def.c x509_obj.c x509_trs.c x509cset.c x509type.c by_file.c
141SRCS+= x509_att.c x509_err.c x509_r2x.c x509_txt.c x509name.c x_all.c
142SRCS+= x509_cmp.c x509_ext.c x509_req.c x509_v3.c x509rset.c
143CFLAGS+= -I${LCRYPTO_SRC}/x509v3
144SRCS+= v3_akey.c v3_alt.c v3_bcons.c v3_bitst.c v3_conf.c v3_cpols.c
145SRCS+= v3_crld.c v3_enum.c v3_extku.c v3_genn.c v3_ia5.c v3_int.c
146SRCS+= v3_lib.c v3_pku.c v3_prn.c v3_skey.c v3_sxnet.c v3_utl.c
147SRCS+= v3err.c v3_info.c v3_purp.c v3_ocsp.c v3_akeya.c
148CFLAGS+= -I${LCRYPTO_SRC}/conf
149SRCS+= conf_err.c conf_lib.c conf_def.c conf_api.c conf_mod.c conf_mall.c
150CFLAGS+= -I${LCRYPTO_SRC}/txt_db
151SRCS+= txt_db.c
152CFLAGS+= -I${LCRYPTO_SRC}/pkcs7
153SRCS+= pk7_lib.c pkcs7err.c
154SRCS+= pk7_asn1.c pk7_doit.c pk7_mime.c
155SRCS+= pk7_attr.c pk7_smime.c
156CFLAGS+= -I${LCRYPTO_SRC}/comp
157SRCS+= c_rle.c c_zlib.c comp_lib.c
158CFLAGS+= -I${LCRYPTO_SRC}/pkcs12
159SRCS+= p12_add.c p12_crpt.c p12_init.c p12_mutl.c p12_p8e.c
160SRCS+= p12_asn.c p12_crt.c p12_key.c p12_npas.c p12_utl.c
161SRCS+= p12_attr.c p12_decr.c p12_kiss.c p12_p8d.c pk12err.c
162CFLAGS+= -I${LCRYPTO_SRC}/engine
163SRCS+= eng_all.c eng_openssl.c eng_ctrl.c eng_pkey.c
164SRCS+= eng_dyn.c eng_table.c tb_cipher.c eng_err.c tb_rsa.c
165SRCS+= hw_cryptodev.c eng_cnf.c
166SRCS+= tb_dh.c eng_fat.c tb_digest.c eng_init.c
167SRCS+= tb_dsa.c eng_lib.c tb_rand.c eng_list.c
168SRCs+= tb_rsa.c
169CFLAGS+= -I${LCRYPTO_SRC}/dso
170SRCS+= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c
171SRCS+= dso_openssl.c dso_win32.c dso_vms.c
172CFLAGS+= -I${LCRYPTO_SRC}/oscp
173SRCS+= ocsp_asn.c ocsp_err.c ocsp_ht.c ocsp_prn.c ocsp_vfy.c
174SRCS+= ocsp_cl.c ocsp_ext.c ocsp_lib.c ocsp_srv.c
175CFLAGS+= -I${LCRYPTO_SRC}/ec
176SRCS+= ec_cvt.c ec_lib.c ecp_mont.c ecp_recp.c
177SRCS+= ec_err.c ec_mult.c ecp_nist.c ecp_smpl.c
178
179.PATH: ${LCRYPTO_SRC}/md2 ${LCRYPTO_SRC}/md5 ${LCRYPTO_SRC}/sha \
180 ${LCRYPTO_SRC}/mdc2 ${LCRYPTO_SRC}/hmac ${LCRYPTO_SRC}/ripemd \
181 ${LCRYPTO_SRC}/des ${LCRYPTO_SRC}/rc2 ${LCRYPTO_SRC}/rc4 \
182 ${LCRYPTO_SRC}/rc5 ${LCRYPTO_SRC}/idea ${LCRYPTO_SRC}/bf \
183 ${LCRYPTO_SRC}/cast ${LCRYPTO_SRC}/bn ${LCRYPTO_SRC}/rsa \
184 ${LCRYPTO_SRC}/dsa ${LCRYPTO_SRC}/dh ${LCRYPTO_SRC}/buffer \
185 ${LCRYPTO_SRC}/bio ${LCRYPTO_SRC}/stack ${LCRYPTO_SRC}/lhash \
186 ${LCRYPTO_SRC}/rand ${LCRYPTO_SRC}/err ${LCRYPTO_SRC}/objects \
187 ${LCRYPTO_SRC}/evp ${LCRYPTO_SRC}/pem ${LCRYPTO_SRC}/asn1 \
188 ${LCRYPTO_SRC}/asn1 ${LCRYPTO_SRC}/x509 ${LCRYPTO_SRC}/conf \
189 ${LCRYPTO_SRC}/pkcs7 ${LCRYPTO_SRC}/x509v3 ${LCRYPTO_SRC}/pkcs12 \
190 ${LCRYPTO_SRC}/comp ${LCRYPTO_SRC}/txt_db ${LCRYPTO_SRC}/md4 \
191 ${LCRYPTO_SRC}/engine ${LCRYPTO_SRC}/dso ${LCRYPTO_SRC}/ui \
192 ${LCRYPTO_SRC}/ocsp ${LCRYPTO_SRC}/ec ${LCRYPTO_SRC}/aes ${LCRYPTO_SRC}
193
194HDRS=\
195 crypto/aes/aes.h \
196 crypto/asn1/asn1.h \
197 crypto/asn1/asn1_mac.h \
198 crypto/asn1/asn1t.h \
199 crypto/bf/blowfish.h \
200 crypto/bio/bio.h \
201 crypto/bn/bn.h \
202 crypto/buffer/buffer.h \
203 crypto/cast/cast.h \
204 crypto/comp/comp.h \
205 crypto/conf/conf.h \
206 crypto/conf/conf_api.h \
207 crypto/crypto.h \
208 crypto/des/des.h \
209 crypto/des/des_old.h \
210 crypto/dh/dh.h \
211 crypto/dsa/dsa.h \
212 crypto/dso/dso.h \
213 crypto/ebcdic.h \
214 crypto/ec/ec.h \
215 crypto/engine/engine.h \
216 crypto/err/err.h \
217 crypto/evp/evp.h \
218 crypto/hmac/hmac.h \
219 crypto/idea/idea.h \
220 crypto/lhash/lhash.h \
221 crypto/md2/md2.h \
222 crypto/md4/md4.h \
223 crypto/md5/md5.h \
224 crypto/mdc2/mdc2.h \
225 crypto/objects/objects.h \
226 crypto/ocsp/ocsp.h \
227 crypto/opensslv.h \
228 crypto/ossl_typ.h \
229 crypto/pem/pem.h \
230 crypto/pem/pem2.h \
231 crypto/pkcs12/pkcs12.h \
232 crypto/pkcs7/pkcs7.h \
233 crypto/rand/rand.h \
234 crypto/rc2/rc2.h \
235 crypto/rc4/rc4.h \
236 crypto/rc5/rc5.h \
237 crypto/ripemd/ripemd.h \
238 crypto/rsa/rsa.h \
239 crypto/sha/sha.h \
240 crypto/stack/safestack.h \
241 crypto/stack/stack.h \
242 crypto/symhacks.h \
243 crypto/tmdiff.h \
244 crypto/txt_db/txt_db.h \
245 crypto/ui/ui.h \
246 crypto/ui/ui_compat.h \
247 crypto/x509/x509.h \
248 crypto/x509/x509_vfy.h \
249 crypto/x509v3/x509v3.h \
250 e_os2.h
251
252HDRS_GEN=\
253 ${.CURDIR}/arch/${MACHINE_ARCH}/opensslconf.h \
254 ${.OBJDIR}/obj_mac.h
255
256includes: obj_mac.h
257 @test -d ${DESTDIR}/usr/include/ssl || mkdir ${DESTDIR}/usr/include/ssl
258 @d=`mktemp -d /tmp/libsslXXXXXXXXXX`; \
259 for i in $(HDRS); do \
260 f=`basename $$i`; \
261 j="sed 's/<openssl/<ssl/' \
262 ${SSL_SRC}/$$i >$$d/$$f && \
263 (cmp -s $$d/$$f ${DESTDIR}/usr/include/ssl/$$f || \
264 ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \
265 $$d/$$f ${DESTDIR}/usr/include/ssl)"; \
266 echo $$j; \
267 eval "$$j"; \
268 done; \
269 for i in $(HDRS_GEN); do \
270 f=`basename $$i`; \
271 j="sed 's/<openssl/<ssl/' \
272 $$i >$$d/$$f && \
273 (cmp -s $$d/$$f ${DESTDIR}/usr/include/ssl/$$f || \
274 ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \
275 $$d/$$f ${DESTDIR}/usr/include/ssl)"; \
276 echo $$j; \
277 eval "$$j"; \
278 done; \
279 rm -rf $$d
280
281# generated
282CFLAGS+= -I${.OBJDIR}
283
284GENERATED=obj_mac.h obj_dat.h
285CLEANFILES=${GENERATED}
286SSL_OBJECTS=${SSL_SRC}/crypto/objects
287
288obj_mac.h: ${SSL_OBJECTS}/objects.h
289 /usr/bin/perl ${SSL_OBJECTS}/objects.pl ${SSL_OBJECTS}/objects.txt ${SSL_OBJECTS}/obj_mac.num obj_mac.h
290obj_dat.h: obj_mac.h
291 /usr/bin/perl ${SSL_OBJECTS}/obj_dat.pl obj_mac.h obj_dat.h
292
293.if (${MACHINE_ARCH} == "vax")
294# egcs bombs optimising this file on vax
295a_strnid.o:
296 ${CC} ${CFLAGS} -O0 ${CPPFLAGS} -c ${.IMPSRC}
297a_strnid.po:
298 ${CC} ${CFLAGS} -O0 ${CPPFLAGS} -c ${.IMPSRC} -o $@
299des_enc.o:
300 ${CC} ${CFLAGS} -O1 ${CPPFLAGS} -c ${.IMPSRC}
301des_enc.po:
302 ${CC} ${CFLAGS} -O1 ${CPPFLAGS} -c ${.IMPSRC} -o $@
303.endif
304
305all beforedepend: ${GENERATED}
306
307.include <bsd.lib.mk>
diff --git a/src/lib/libssl/crypto/arch/alpha/opensslconf.h b/src/lib/libssl/crypto/arch/alpha/opensslconf.h
new file mode 100644
index 0000000000..c33ccc8a0f
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/alpha/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#undef BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#define SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#undef THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#undef RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#define DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#define DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#undef DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/hppa/opensslconf.h b/src/lib/libssl/crypto/arch/hppa/opensslconf.h
new file mode 100644
index 0000000000..0334dbdfc6
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/hppa/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned long
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/i386/opensslconf.h b/src/lib/libssl/crypto/arch/i386/opensslconf.h
new file mode 100644
index 0000000000..7361ac56a1
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/i386/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned long
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#define DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#define DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/m68k/opensslconf.h b/src/lib/libssl/crypto/arch/m68k/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/m68k/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/m88k/opensslconf.h b/src/lib/libssl/crypto/arch/m88k/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/m88k/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/mips/opensslconf.h b/src/lib/libssl/crypto/arch/mips/opensslconf.h
new file mode 100644
index 0000000000..2b030ba088
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/mips/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#define DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/powerpc/opensslconf.h b/src/lib/libssl/crypto/arch/powerpc/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/powerpc/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/sparc/opensslconf.h b/src/lib/libssl/crypto/arch/sparc/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/sparc/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/sparc64/opensslconf.h b/src/lib/libssl/crypto/arch/sparc64/opensslconf.h
new file mode 100644
index 0000000000..053308653b
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/sparc64/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#undef BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#define SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#undef THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#undef RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#define BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#define DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#define DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#undef DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/vax/opensslconf.h b/src/lib/libssl/crypto/arch/vax/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/vax/opensslconf.h
@@ -0,0 +1,180 @@
1/* opensslconf.h */
2/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
3
4/* OpenSSL was configured with the following options: */
5#ifndef OPENSSL_DOING_MAKEDEPEND
6
7#ifndef OPENSSL_NO_KRB5
8# define OPENSSL_NO_KRB5
9#endif
10
11#endif /* OPENSSL_DOING_MAKEDEPEND */
12
13/* The OPENSSL_NO_* macros are also defined as NO_* if the application
14 asks for it. This is a transient feature that is provided for those
15 who haven't had the time to do the appropriate changes in their
16 applications. */
17#ifdef OPENSSL_ALGORITHM_DEFINES
18# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
19# define NO_KRB5
20# endif
21#endif
22
23/* crypto/opensslconf.h.in */
24
25/* Generate 80386 code? */
26#undef I386_ONLY
27
28#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
29#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
30#define OPENSSLDIR "/etc/ssl"
31#endif
32#endif
33
34#undef OPENSSL_UNISTD
35#define OPENSSL_UNISTD <unistd.h>
36
37#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
38
39#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
40#define IDEA_INT unsigned int
41#endif
42
43#if defined(HEADER_MD2_H) && !defined(MD2_INT)
44#define MD2_INT unsigned int
45#endif
46
47#if defined(HEADER_RC2_H) && !defined(RC2_INT)
48/* I need to put in a mod for the alpha - eay */
49#define RC2_INT unsigned int
50#endif
51
52#if defined(HEADER_RC4_H)
53#if !defined(RC4_INT)
54/* using int types make the structure larger but make the code faster
55 * on most boxes I have tested - up to %20 faster. */
56/*
57 * I don't know what does "most" mean, but declaring "int" is a must on:
58 * - Intel P6 because partial register stalls are very expensive;
59 * - elder Alpha because it lacks byte load/store instructions;
60 */
61#define RC4_INT unsigned int
62#endif
63#if !defined(RC4_CHUNK)
64/*
65 * This enables code handling data aligned at natural CPU word
66 * boundary. See crypto/rc4/rc4_enc.c for further details.
67 */
68#undef RC4_CHUNK
69#endif
70#endif
71
72#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
73/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
74 * %20 speed up (longs are 8 bytes, int's are 4). */
75#ifndef DES_LONG
76#define DES_LONG unsigned int
77#endif
78#endif
79
80#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
81#define CONFIG_HEADER_BN_H
82#define BN_LLONG
83
84/* Should we define BN_DIV2W here? */
85
86/* Only one for the following should be defined */
87/* The prime number generation stuff may not work when
88 * EIGHT_BIT but I don't care since I've only used this mode
89 * for debuging the bignum libraries */
90#undef SIXTY_FOUR_BIT_LONG
91#undef SIXTY_FOUR_BIT
92#define THIRTY_TWO_BIT
93#undef SIXTEEN_BIT
94#undef EIGHT_BIT
95#endif
96
97#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
98#define CONFIG_HEADER_RC4_LOCL_H
99/* if this is defined data[i] is used instead of *data, this is a %20
100 * speedup on x86 */
101#define RC4_INDEX
102#endif
103
104#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
105#define CONFIG_HEADER_BF_LOCL_H
106#undef BF_PTR
107#endif /* HEADER_BF_LOCL_H */
108
109#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
110#define CONFIG_HEADER_DES_LOCL_H
111#ifndef DES_DEFAULT_OPTIONS
112/* the following is tweaked from a config script, that is why it is a
113 * protected undef/define */
114#ifndef DES_PTR
115#undef DES_PTR
116#endif
117
118/* This helps C compiler generate the correct code for multiple functional
119 * units. It reduces register dependancies at the expense of 2 more
120 * registers */
121#ifndef DES_RISC1
122#undef DES_RISC1
123#endif
124
125#ifndef DES_RISC2
126#undef DES_RISC2
127#endif
128
129#if defined(DES_RISC1) && defined(DES_RISC2)
130YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
131#endif
132
133/* Unroll the inner loop, this sometimes helps, sometimes hinders.
134 * Very mucy CPU dependant */
135#ifndef DES_UNROLL
136#define DES_UNROLL
137#endif
138
139/* These default values were supplied by
140 * Peter Gutman <pgut001@cs.auckland.ac.nz>
141 * They are only used if nothing else has been defined */
142#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
143/* Special defines which change the way the code is built depending on the
144 CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
145 even newer MIPS CPU's, but at the moment one size fits all for
146 optimization options. Older Sparc's work better with only UNROLL, but
147 there's no way to tell at compile time what it is you're running on */
148
149#if defined( sun ) /* Newer Sparc's */
150# define DES_PTR
151# define DES_RISC1
152# define DES_UNROLL
153#elif defined( __ultrix ) /* Older MIPS */
154# define DES_PTR
155# define DES_RISC2
156# define DES_UNROLL
157#elif defined( __osf1__ ) /* Alpha */
158# define DES_PTR
159# define DES_RISC2
160#elif defined ( _AIX ) /* RS6000 */
161 /* Unknown */
162#elif defined( __hpux ) /* HP-PA */
163 /* Unknown */
164#elif defined( __aux ) /* 68K */
165 /* Unknown */
166#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
167# define DES_UNROLL
168#elif defined( __sgi ) /* Newer MIPS */
169# define DES_PTR
170# define DES_RISC2
171# define DES_UNROLL
172#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
173# define DES_PTR
174# define DES_RISC1
175# define DES_UNROLL
176#endif /* Systems-specific speed defines */
177#endif
178
179#endif /* DES_DEFAULT_OPTIONS */
180#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/shlib_version b/src/lib/libssl/crypto/shlib_version
new file mode 100644
index 0000000000..9c1551636c
--- /dev/null
+++ b/src/lib/libssl/crypto/shlib_version
@@ -0,0 +1,2 @@
1major=6
2minor=0
diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf
new file mode 100644
index 0000000000..eca51c3322
--- /dev/null
+++ b/src/lib/libssl/doc/openssl.cnf
@@ -0,0 +1,255 @@
1#
2# OpenSSL example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6# This definition stops the following lines choking if HOME isn't
7# defined.
8HOME = .
9RANDFILE = $ENV::HOME/.rnd
10
11# Extra OBJECT IDENTIFIER info:
12#oid_file = $ENV::HOME/.oid
13oid_section = new_oids
14
15# To use this configuration file with the "-extfile" option of the
16# "openssl x509" utility, name here the section containing the
17# X.509v3 extensions to use:
18# extensions =
19# (Alternatively, use a configuration file that has only
20# X.509v3 extensions in its main [= default] section.)
21
22[ new_oids ]
23
24# We can add new OIDs in here for use by 'ca' and 'req'.
25# Add a simple OID like this:
26# testoid1=1.2.3.4
27# Or use config file substitution like this:
28# testoid2=${testoid1}.5.6
29
30####################################################################
31[ ca ]
32default_ca = CA_default # The default ca section
33
34####################################################################
35[ CA_default ]
36
37dir = ./demoCA # Where everything is kept
38certs = $dir/certs # Where the issued certs are kept
39crl_dir = $dir/crl # Where the issued crl are kept
40database = $dir/index.txt # database index file.
41new_certs_dir = $dir/newcerts # default place for new certs.
42
43certificate = $dir/cacert.pem # The CA certificate
44serial = $dir/serial # The current serial number
45crl = $dir/crl.pem # The current CRL
46private_key = $dir/private/cakey.pem# The private key
47RANDFILE = $dir/private/.rand # private random number file
48
49x509_extensions = usr_cert # The extentions to add to the cert
50
51# Comment out the following two lines for the "traditional"
52# (and highly broken) format.
53name_opt = ca_default # Subject Name options
54cert_opt = ca_default # Certificate field options
55
56# Extension copying option: use with caution.
57# copy_extensions = copy
58
59# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
60# so this is commented out by default to leave a V1 CRL.
61# crl_extensions = crl_ext
62
63default_days = 365 # how long to certify for
64default_crl_days= 30 # how long before next CRL
65default_md = md5 # which md to use.
66preserve = no # keep passed DN ordering
67
68# A few difference way of specifying how similar the request should look
69# For type CA, the listed attributes must be the same, and the optional
70# and supplied fields are just that :-)
71policy = policy_match
72
73# For the CA policy
74[ policy_match ]
75countryName = match
76stateOrProvinceName = match
77organizationName = match
78organizationalUnitName = optional
79commonName = supplied
80emailAddress = optional
81
82# For the 'anything' policy
83# At this point in time, you must list all acceptable 'object'
84# types.
85[ policy_anything ]
86countryName = optional
87stateOrProvinceName = optional
88localityName = optional
89organizationName = optional
90organizationalUnitName = optional
91commonName = supplied
92emailAddress = optional
93
94####################################################################
95[ req ]
96default_bits = 1024
97default_keyfile = privkey.pem
98distinguished_name = req_distinguished_name
99attributes = req_attributes
100x509_extensions = v3_ca # The extentions to add to the self signed cert
101
102# Passwords for private keys if not present they will be prompted for
103# input_password = secret
104# output_password = secret
105
106# This sets a mask for permitted string types. There are several options.
107# default: PrintableString, T61String, BMPString.
108# pkix : PrintableString, BMPString.
109# utf8only: only UTF8Strings.
110# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
111# MASK:XXXX a literal mask value.
112# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
113# so use this option with caution!
114string_mask = nombstr
115
116# req_extensions = v3_req # The extensions to add to a certificate request
117
118[ req_distinguished_name ]
119countryName = Country Name (2 letter code)
120countryName_default = AU
121countryName_min = 2
122countryName_max = 2
123
124stateOrProvinceName = State or Province Name (full name)
125stateOrProvinceName_default = Some-State
126
127localityName = Locality Name (eg, city)
128
1290.organizationName = Organization Name (eg, company)
1300.organizationName_default = Internet Widgits Pty Ltd
131
132# we can do this but it is not needed normally :-)
133#1.organizationName = Second Organization Name (eg, company)
134#1.organizationName_default = World Wide Web Pty Ltd
135
136organizationalUnitName = Organizational Unit Name (eg, section)
137#organizationalUnitName_default =
138
139commonName = Common Name (eg, YOUR name)
140commonName_max = 64
141
142emailAddress = Email Address
143emailAddress_max = 64
144
145# SET-ex3 = SET extension number 3
146
147[ req_attributes ]
148challengePassword = A challenge password
149challengePassword_min = 4
150challengePassword_max = 20
151
152unstructuredName = An optional company name
153
154[ usr_cert ]
155
156# These extensions are added when 'ca' signs a request.
157
158# This goes against PKIX guidelines but some CAs do it and some software
159# requires this to avoid interpreting an end user certificate as a CA.
160
161basicConstraints=CA:FALSE
162
163# Here are some examples of the usage of nsCertType. If it is omitted
164# the certificate can be used for anything *except* object signing.
165
166# This is OK for an SSL server.
167# nsCertType = server
168
169# For an object signing certificate this would be used.
170# nsCertType = objsign
171
172# For normal client use this is typical
173# nsCertType = client, email
174
175# and for everything including object signing:
176# nsCertType = client, email, objsign
177
178# This is typical in keyUsage for a client certificate.
179# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
180
181# This will be displayed in Netscape's comment listbox.
182nsComment = "OpenSSL Generated Certificate"
183
184# PKIX recommendations harmless if included in all certificates.
185subjectKeyIdentifier=hash
186authorityKeyIdentifier=keyid,issuer:always
187
188# This stuff is for subjectAltName and issuerAltname.
189# Import the email address.
190# subjectAltName=email:copy
191# An alternative to produce certificates that aren't
192# deprecated according to PKIX.
193# subjectAltName=email:move
194
195# Copy subject details
196# issuerAltName=issuer:copy
197
198#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
199#nsBaseUrl
200#nsRevocationUrl
201#nsRenewalUrl
202#nsCaPolicyUrl
203#nsSslServerName
204
205[ v3_req ]
206
207# Extensions to add to a certificate request
208
209basicConstraints = CA:FALSE
210keyUsage = nonRepudiation, digitalSignature, keyEncipherment
211
212[ v3_ca ]
213
214
215# Extensions for a typical CA
216
217
218# PKIX recommendation.
219
220subjectKeyIdentifier=hash
221
222authorityKeyIdentifier=keyid:always,issuer:always
223
224# This is what PKIX recommends but some broken software chokes on critical
225# extensions.
226#basicConstraints = critical,CA:true
227# So we do this instead.
228basicConstraints = CA:true
229
230# Key usage: this is typical for a CA certificate. However since it will
231# prevent it being used as an test self-signed certificate it is best
232# left out by default.
233# keyUsage = cRLSign, keyCertSign
234
235# Some might want this also
236# nsCertType = sslCA, emailCA
237
238# Include email address in subject alt name: another PKIX recommendation
239# subjectAltName=email:copy
240# Copy issuer details
241# issuerAltName=issuer:copy
242
243# DER hex encoding of an extension: beware experts only!
244# obj=DER:02:03
245# Where 'obj' is a standard or added object
246# You can even override a supported extension:
247# basicConstraints= critical, DER:30:03:01:01:FF
248
249[ crl_ext ]
250
251# CRL extensions.
252# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
253
254# issuerAltName=issuer:copy
255authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/src/lib/libssl/doc/openssl.txt b/src/lib/libssl/doc/openssl.txt
new file mode 100644
index 0000000000..5da519e7e4
--- /dev/null
+++ b/src/lib/libssl/doc/openssl.txt
@@ -0,0 +1,1235 @@
1
2This is some preliminary documentation for OpenSSL.
3
4Contents:
5
6 OpenSSL X509V3 extension configuration
7 X509V3 Extension code: programmers guide
8 PKCS#12 Library
9
10
11==============================================================================
12 OpenSSL X509V3 extension configuration
13==============================================================================
14
15OpenSSL X509V3 extension configuration: preliminary documentation.
16
17INTRODUCTION.
18
19For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
20possible to add and print out common X509 V3 certificate and CRL extensions.
21
22BEGINNERS NOTE
23
24For most simple applications you don't need to know too much about extensions:
25the default openssl.cnf values will usually do sensible things.
26
27If you want to know more you can initially quickly look through the sections
28describing how the standard OpenSSL utilities display and add extensions and
29then the list of supported extensions.
30
31For more technical information about the meaning of extensions see:
32
33http://www.imc.org/ietf-pkix/
34http://home.netscape.com/eng/security/certs.html
35
36PRINTING EXTENSIONS.
37
38Extension values are automatically printed out for supported extensions.
39
40openssl x509 -in cert.pem -text
41openssl crl -in crl.pem -text
42
43will give information in the extension printout, for example:
44
45 X509v3 extensions:
46 X509v3 Basic Constraints:
47 CA:TRUE
48 X509v3 Subject Key Identifier:
49 73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
50 X509v3 Authority Key Identifier:
51 keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
52 X509v3 Key Usage:
53 Certificate Sign, CRL Sign
54 X509v3 Subject Alternative Name:
55 email:email@1.address, email:email@2.address
56
57CONFIGURATION FILES.
58
59The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
60which certificate extensions to include. In each case a line:
61
62x509_extensions = extension_section
63
64indicates which section contains the extensions. In the case of 'req' the
65extension section is used when the -x509 option is present to create a
66self signed root certificate.
67
68The 'x509' utility also supports extensions when it signs a certificate.
69The -extfile option is used to set the configuration file containing the
70extensions. In this case a line with:
71
72extensions = extension_section
73
74in the nameless (default) section is used. If no such line is included then
75it uses the default section.
76
77You can also add extensions to CRLs: a line
78
79crl_extensions = crl_extension_section
80
81will include extensions when the -gencrl option is used with the 'ca' utility.
82You can add any extension to a CRL but of the supported extensions only
83issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
84CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
85CRL entry extensions can be displayed.
86
87NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
88you should not include a crl_extensions line in the configuration file.
89
90As with all configuration files you can use the inbuilt environment expansion
91to allow the values to be passed in the environment. Therefore if you have
92several extension sections used for different purposes you can have a line:
93
94x509_extensions = $ENV::ENV_EXT
95
96and set the ENV_EXT environment variable before calling the relevant utility.
97
98EXTENSION SYNTAX.
99
100Extensions have the basic form:
101
102extension_name=[critical,] extension_options
103
104the use of the critical option makes the extension critical. Extreme caution
105should be made when using the critical flag. If an extension is marked
106as critical then any client that does not understand the extension should
107reject it as invalid. Some broken software will reject certificates which
108have *any* critical extensions (these violates PKIX but we have to live
109with it).
110
111There are three main types of extension: string extensions, multi-valued
112extensions, and raw extensions.
113
114String extensions simply have a string which contains either the value itself
115or how it is obtained.
116
117For example:
118
119nsComment="This is a Comment"
120
121Multi-valued extensions have a short form and a long form. The short form
122is a list of names and values:
123
124basicConstraints=critical,CA:true,pathlen:1
125
126The long form allows the values to be placed in a separate section:
127
128basicConstraints=critical,@bs_section
129
130[bs_section]
131
132CA=true
133pathlen=1
134
135Both forms are equivalent. However it should be noted that in some cases the
136same name can appear multiple times, for example,
137
138subjectAltName=email:steve@here,email:steve@there
139
140in this case an equivalent long form is:
141
142subjectAltName=@alt_section
143
144[alt_section]
145
146email.1=steve@here
147email.2=steve@there
148
149This is because the configuration file code cannot handle the same name
150occurring twice in the same section.
151
152The syntax of raw extensions is governed by the extension code: it can
153for example contain data in multiple sections. The correct syntax to
154use is defined by the extension code itself: check out the certificate
155policies extension for an example.
156
157In addition it is also possible to use the word DER to include arbitrary
158data in any extension.
159
1601.2.3.4=critical,DER:01:02:03:04
1611.2.3.4=DER:01020304
162
163The value following DER is a hex dump of the DER encoding of the extension
164Any extension can be placed in this form to override the default behaviour.
165For example:
166
167basicConstraints=critical,DER:00:01:02:03
168
169WARNING: DER should be used with caution. It is possible to create totally
170invalid extensions unless care is taken.
171
172CURRENTLY SUPPORTED EXTENSIONS.
173
174If you aren't sure about extensions then they can be largely ignored: its only
175when you want to do things like restrict certificate usage when you need to
176worry about them.
177
178The only extension that a beginner might want to look at is Basic Constraints.
179If in addition you want to try Netscape object signing the you should also
180look at Netscape Certificate Type.
181
182Literal String extensions.
183
184In each case the 'value' of the extension is placed directly in the
185extension. Currently supported extensions in this category are: nsBaseUrl,
186nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
187nsSslServerName and nsComment.
188
189For example:
190
191nsComment="This is a test comment"
192
193Bit Strings.
194
195Bit string extensions just consist of a list of supported bits, currently
196two extensions are in this category: PKIX keyUsage and the Netscape specific
197nsCertType.
198
199nsCertType (netscape certificate type) takes the flags: client, server, email,
200objsign, reserved, sslCA, emailCA, objCA.
201
202keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
203keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
204encipherOnly, decipherOnly.
205
206For example:
207
208nsCertType=server
209
210keyUsage=digitalSignature, nonRepudiation
211
212Hints on Netscape Certificate Type.
213
214Other than Basic Constraints this is the only extension a beginner might
215want to use, if you want to try Netscape object signing, otherwise it can
216be ignored.
217
218If you want a certificate that can be used just for object signing then:
219
220nsCertType=objsign
221
222will do the job. If you want to use it as a normal end user and server
223certificate as well then
224
225nsCertType=objsign,email,server
226
227is more appropriate. You cannot use a self signed certificate for object
228signing (well Netscape signtool can but it cheats!) so you need to create
229a CA certificate and sign an end user certificate with it.
230
231Side note: If you want to conform to the Netscape specifications then you
232should really also set:
233
234nsCertType=objCA
235
236in the *CA* certificate for just an object signing CA and
237
238nsCertType=objCA,emailCA,sslCA
239
240for everything. Current Netscape software doesn't enforce this so it can
241be omitted.
242
243Basic Constraints.
244
245This is generally the only extension you need to worry about for simple
246applications. If you want your certificate to be usable as a CA certificate
247(in addition to an end user certificate) then you set this to:
248
249basicConstraints=CA:TRUE
250
251if you want to be certain the certificate cannot be used as a CA then do:
252
253basicConstraints=CA:FALSE
254
255The rest of this section describes more advanced usage.
256
257Basic constraints is a multi-valued extension that supports a CA and an
258optional pathlen option. The CA option takes the values true and false and
259pathlen takes an integer. Note if the CA option is false the pathlen option
260should be omitted.
261
262The pathlen parameter indicates the maximum number of CAs that can appear
263below this one in a chain. So if you have a CA with a pathlen of zero it can
264only be used to sign end user certificates and not further CAs. This all
265assumes that the software correctly interprets this extension of course.
266
267Examples:
268
269basicConstraints=CA:TRUE
270basicConstraints=critical,CA:TRUE, pathlen:0
271
272NOTE: for a CA to be considered valid it must have the CA option set to
273TRUE. An end user certificate MUST NOT have the CA value set to true.
274According to PKIX recommendations it should exclude the extension entirely,
275however some software may require CA set to FALSE for end entity certificates.
276
277Extended Key Usage.
278
279This extensions consists of a list of usages.
280
281These can either be object short names of the dotted numerical form of OIDs.
282While any OID can be used only certain values make sense. In particular the
283following PKIX, NS and MS values are meaningful:
284
285Value Meaning
286----- -------
287serverAuth SSL/TLS Web Server Authentication.
288clientAuth SSL/TLS Web Client Authentication.
289codeSigning Code signing.
290emailProtection E-mail Protection (S/MIME).
291timeStamping Trusted Timestamping
292msCodeInd Microsoft Individual Code Signing (authenticode)
293msCodeCom Microsoft Commercial Code Signing (authenticode)
294msCTLSign Microsoft Trust List Signing
295msSGC Microsoft Server Gated Crypto
296msEFS Microsoft Encrypted File System
297nsSGC Netscape Server Gated Crypto
298
299For example, under IE5 a CA can be used for any purpose: by including a list
300of the above usages the CA can be restricted to only authorised uses.
301
302Note: software packages may place additional interpretations on certificate
303use, in particular some usages may only work for selected CAs. Don't for example
304expect just including msSGC or nsSGC will automatically mean that a certificate
305can be used for SGC ("step up" encryption) otherwise anyone could use it.
306
307Examples:
308
309extendedKeyUsage=critical,codeSigning,1.2.3.4
310extendedKeyUsage=nsSGC,msSGC
311
312Subject Key Identifier.
313
314This is really a string extension and can take two possible values. Either
315a hex string giving details of the extension value to include or the word
316'hash' which then automatically follow PKIX guidelines in selecting and
317appropriate key identifier. The use of the hex string is strongly discouraged.
318
319Example: subjectKeyIdentifier=hash
320
321Authority Key Identifier.
322
323The authority key identifier extension permits two options. keyid and issuer:
324both can take the optional value "always".
325
326If the keyid option is present an attempt is made to copy the subject key
327identifier from the parent certificate. If the value "always" is present
328then an error is returned if the option fails.
329
330The issuer option copies the issuer and serial number from the issuer
331certificate. Normally this will only be done if the keyid option fails or
332is not included: the "always" flag will always include the value.
333
334Subject Alternative Name.
335
336The subject alternative name extension allows various literal values to be
337included in the configuration file. These include "email" (an email address)
338"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
339registered ID: OBJECT IDENTIFIER) and IP (and IP address).
340
341Also the email option include a special 'copy' value. This will automatically
342include and email addresses contained in the certificate subject name in
343the extension.
344
345Examples:
346
347subjectAltName=email:copy,email:my@other.address,URL:http://my.url.here/
348subjectAltName=email:my@other.address,RID:1.2.3.4
349
350Issuer Alternative Name.
351
352The issuer alternative name option supports all the literal options of
353subject alternative name. It does *not* support the email:copy option because
354that would not make sense. It does support an additional issuer:copy option
355that will copy all the subject alternative name values from the issuer
356certificate (if possible).
357
358Example:
359
360issuserAltName = issuer:copy
361
362Authority Info Access.
363
364The authority information access extension gives details about how to access
365certain information relating to the CA. Its syntax is accessOID;location
366where 'location' has the same syntax as subject alternative name (except
367that email:copy is not supported). accessOID can be any valid OID but only
368certain values are meaningful for example OCSP and caIssuers. OCSP gives the
369location of an OCSP responder: this is used by Netscape PSM and other software.
370
371Example:
372
373authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
374authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
375
376CRL distribution points.
377
378This is a multi-valued extension that supports all the literal options of
379subject alternative name. Of the few software packages that currently interpret
380this extension most only interpret the URI option.
381
382Currently each option will set a new DistributionPoint with the fullName
383field set to the given value.
384
385Other fields like cRLissuer and reasons cannot currently be set or displayed:
386at this time no examples were available that used these fields.
387
388If you see this extension with <UNSUPPORTED> when you attempt to print it out
389or it doesn't appear to display correctly then let me know, including the
390certificate (mail me at steve@openssl.org) .
391
392Examples:
393
394crlDistributionPoints=URI:http://www.myhost.com/myca.crl
395crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
396
397Certificate Policies.
398
399This is a RAW extension. It attempts to display the contents of this extension:
400unfortunately this extension is often improperly encoded.
401
402The certificate policies extension will rarely be used in practice: few
403software packages interpret it correctly or at all. IE5 does partially
404support this extension: but it needs the 'ia5org' option because it will
405only correctly support a broken encoding. Of the options below only the
406policy OID, explicitText and CPS options are displayed with IE5.
407
408All the fields of this extension can be set by using the appropriate syntax.
409
410If you follow the PKIX recommendations of not including any qualifiers and just
411using only one OID then you just include the value of that OID. Multiple OIDs
412can be set separated by commas, for example:
413
414certificatePolicies= 1.2.4.5, 1.1.3.4
415
416If you wish to include qualifiers then the policy OID and qualifiers need to
417be specified in a separate section: this is done by using the @section syntax
418instead of a literal OID value.
419
420The section referred to must include the policy OID using the name
421policyIdentifier, cPSuri qualifiers can be included using the syntax:
422
423CPS.nnn=value
424
425userNotice qualifiers can be set using the syntax:
426
427userNotice.nnn=@notice
428
429The value of the userNotice qualifier is specified in the relevant section.
430This section can include explicitText, organization and noticeNumbers
431options. explicitText and organization are text strings, noticeNumbers is a
432comma separated list of numbers. The organization and noticeNumbers options
433(if included) must BOTH be present. If you use the userNotice option with IE5
434then you need the 'ia5org' option at the top level to modify the encoding:
435otherwise it will not be interpreted properly.
436
437Example:
438
439certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
440
441[polsect]
442
443policyIdentifier = 1.3.5.8
444CPS.1="http://my.host.name/"
445CPS.2="http://my.your.name/"
446userNotice.1=@notice
447
448[notice]
449
450explicitText="Explicit Text Here"
451organization="Organisation Name"
452noticeNumbers=1,2,3,4
453
454TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
455according to PKIX it should be of type DisplayText but Verisign uses an
456IA5STRING and IE5 needs this too.
457
458Display only extensions.
459
460Some extensions are only partially supported and currently are only displayed
461but cannot be set. These include private key usage period, CRL number, and
462CRL reason.
463
464==============================================================================
465 X509V3 Extension code: programmers guide
466==============================================================================
467
468The purpose of the extension code is twofold. It allows an extension to be
469created from a string or structure describing its contents and it prints out an
470extension in a human or machine readable form.
471
4721. Initialisation and cleanup.
473
474No special initialisation is needed before calling the extension functions.
475You used to have to call X509V3_add_standard_extensions(); but this is no longer
476required and this function no longer does anything.
477
478void X509V3_EXT_cleanup(void);
479
480This function should be called to cleanup the extension code if any custom
481extensions have been added. If no custom extensions have been added then this
482call does nothing. After this call all custom extension code is freed up but
483you can still use the standard extensions.
484
4852. Printing and parsing extensions.
486
487The simplest way to print out extensions is via the standard X509 printing
488routines: if you use the standard X509_print() function, the supported
489extensions will be printed out automatically.
490
491The following functions allow finer control over extension display:
492
493int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
494int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
495
496These two functions print out an individual extension to a BIO or FILE pointer.
497Currently the flag argument is unused and should be set to 0. The 'indent'
498argument is the number of spaces to indent each line.
499
500void *X509V3_EXT_d2i(X509_EXTENSION *ext);
501
502This function parses an extension and returns its internal structure. The
503precise structure you get back depends on the extension being parsed. If the
504extension if basicConstraints you will get back a pointer to a
505BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
506details about the structures returned. The returned structure should be freed
507after use using the relevant free function, BASIC_CONSTRAINTS_free() for
508example.
509
510void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
511void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
512void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
513void * X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
514
515These functions combine the operations of searching for extensions and
516parsing them. They search a certificate, a CRL a CRL entry or a stack
517of extensions respectively for extension whose NID is 'nid' and return
518the parsed result of NULL if an error occurred. For example:
519
520BASIC_CONSTRAINTS *bs;
521bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
522
523This will search for the basicConstraints extension and either return
524it value or NULL. NULL can mean either the extension was not found, it
525occurred more than once or it could not be parsed.
526
527If 'idx' is NULL then an extension is only parsed if it occurs precisely
528once. This is standard behaviour because extensions normally cannot occur
529more than once. If however more than one extension of the same type can
530occur it can be used to parse successive extensions for example:
531
532int i;
533void *ext;
534
535i = -1;
536for(;;) {
537 ext = X509_get_ext_d2i(x, nid, crit, &idx);
538 if(ext == NULL) break;
539 /* Do something with ext */
540}
541
542If 'crit' is not NULL and the extension was found then the int it points to
543is set to 1 for critical extensions and 0 for non critical. Therefore if the
544function returns NULL but 'crit' is set to 0 or 1 then the extension was
545found but it could not be parsed.
546
547The int pointed to by crit will be set to -1 if the extension was not found
548and -2 if the extension occurred more than once (this will only happen if
549idx is NULL). In both cases the function will return NULL.
550
5513. Generating extensions.
552
553An extension will typically be generated from a configuration file, or some
554other kind of configuration database.
555
556int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
557 X509 *cert);
558int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
559 X509_CRL *crl);
560
561These functions add all the extensions in the given section to the given
562certificate or CRL. They will normally be called just before the certificate
563or CRL is due to be signed. Both return 0 on error on non zero for success.
564
565In each case 'conf' is the LHASH pointer of the configuration file to use
566and 'section' is the section containing the extension details.
567
568See the 'context functions' section for a description of the ctx parameter.
569
570
571X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
572 char *value);
573
574This function returns an extension based on a name and value pair, if the
575pair will not need to access other sections in a config file (or there is no
576config file) then the 'conf' parameter can be set to NULL.
577
578X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
579 char *value);
580
581This function creates an extension in the same way as X509V3_EXT_conf() but
582takes the NID of the extension rather than its name.
583
584For example to produce basicConstraints with the CA flag and a path length of
58510:
586
587x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
588
589
590X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
591
592This function sets up an extension from its internal structure. The ext_nid
593parameter is the NID of the extension and 'crit' is the critical flag.
594
5954. Context functions.
596
597The following functions set and manipulate an extension context structure.
598The purpose of the extension context is to allow the extension code to
599access various structures relating to the "environment" of the certificate:
600for example the issuers certificate or the certificate request.
601
602void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
603 X509_REQ *req, X509_CRL *crl, int flags);
604
605This function sets up an X509V3_CTX structure with details of the certificate
606environment: specifically the issuers certificate, the subject certificate,
607the certificate request and the CRL: if these are not relevant or not
608available then they can be set to NULL. The 'flags' parameter should be set
609to zero.
610
611X509V3_set_ctx_test(ctx)
612
613This macro is used to set the 'ctx' structure to a 'test' value: this is to
614allow the syntax of an extension (or configuration file) to be tested.
615
616X509V3_set_ctx_nodb(ctx)
617
618This macro is used when no configuration database is present.
619
620void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
621
622This function is used to set the configuration database when it is an LHASH
623structure: typically a configuration file.
624
625The following functions are used to access a configuration database: they
626should only be used in RAW extensions.
627
628char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
629
630This function returns the value of the parameter "name" in "section", or NULL
631if there has been an error.
632
633void X509V3_string_free(X509V3_CTX *ctx, char *str);
634
635This function frees up the string returned by the above function.
636
637STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
638
639This function returns a whole section as a STACK_OF(CONF_VALUE) .
640
641void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
642
643This function frees up the STACK returned by the above function.
644
645Note: it is possible to use the extension code with a custom configuration
646database. To do this the "db_meth" element of the X509V3_CTX structure should
647be set to an X509V3_CTX_METHOD structure. This structure contains the following
648function pointers:
649
650char * (*get_string)(void *db, char *section, char *value);
651STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
652void (*free_string)(void *db, char * string);
653void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
654
655these will be called and passed the 'db' element in the X509V3_CTX structure
656to access the database. If a given function is not implemented or not required
657it can be set to NULL.
658
6595. String helper functions.
660
661There are several "i2s" and "s2i" functions that convert structures to and
662from ASCII strings. In all the "i2s" cases the returned string should be
663freed using Free() after use. Since some of these are part of other extension
664code they may take a 'method' parameter. Unless otherwise stated it can be
665safely set to NULL.
666
667char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
668
669This returns a hex string from an ASN1_OCTET_STRING.
670
671char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
672char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
673
674These return a string decimal representations of an ASN1_INTEGER and an
675ASN1_ENUMERATED type, respectively.
676
677ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
678 X509V3_CTX *ctx, char *str);
679
680This converts an ASCII hex string to an ASN1_OCTET_STRING.
681
682ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
683
684This converts a decimal ASCII string into an ASN1_INTEGER.
685
6866. Multi valued extension helper functions.
687
688The following functions can be used to manipulate STACKs of CONF_VALUE
689structures, as used by multi valued extensions.
690
691int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
692
693This function expects a boolean value in 'value' and sets 'asn1_bool' to
694it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
695strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
696"false", "N", "n", "NO" or "no".
697
698int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
699
700This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
701
702int X509V3_add_value(const char *name, const char *value,
703 STACK_OF(CONF_VALUE) **extlist);
704
705This simply adds a string name and value pair.
706
707int X509V3_add_value_uchar(const char *name, const unsigned char *value,
708 STACK_OF(CONF_VALUE) **extlist);
709
710The same as above but for an unsigned character value.
711
712int X509V3_add_value_bool(const char *name, int asn1_bool,
713 STACK_OF(CONF_VALUE) **extlist);
714
715This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
716
717int X509V3_add_value_bool_nf(char *name, int asn1_bool,
718 STACK_OF(CONF_VALUE) **extlist);
719
720This is the same as above except it adds nothing if asn1_bool is FALSE.
721
722int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
723 STACK_OF(CONF_VALUE) **extlist);
724
725This function adds the value of the ASN1_INTEGER in decimal form.
726
7277. Other helper functions.
728
729<to be added>
730
731ADDING CUSTOM EXTENSIONS.
732
733Currently there are three types of supported extensions.
734
735String extensions are simple strings where the value is placed directly in the
736extensions, and the string returned is printed out.
737
738Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
739or return a STACK_OF(CONF_VALUE).
740
741Raw extensions are just passed a BIO or a value and it is the extensions
742responsibility to handle all the necessary printing.
743
744There are two ways to add an extension. One is simply as an alias to an already
745existing extension. An alias is an extension that is identical in ASN1 structure
746to an existing extension but has a different OBJECT IDENTIFIER. This can be
747done by calling:
748
749int X509V3_EXT_add_alias(int nid_to, int nid_from);
750
751'nid_to' is the new extension NID and 'nid_from' is the already existing
752extension NID.
753
754Alternatively an extension can be written from scratch. This involves writing
755the ASN1 code to encode and decode the extension and functions to print out and
756generate the extension from strings. The relevant functions are then placed in
757a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
758called.
759
760The X509V3_EXT_METHOD structure is described below.
761
762strut {
763int ext_nid;
764int ext_flags;
765X509V3_EXT_NEW ext_new;
766X509V3_EXT_FREE ext_free;
767X509V3_EXT_D2I d2i;
768X509V3_EXT_I2D i2d;
769X509V3_EXT_I2S i2s;
770X509V3_EXT_S2I s2i;
771X509V3_EXT_I2V i2v;
772X509V3_EXT_V2I v2i;
773X509V3_EXT_R2I r2i;
774X509V3_EXT_I2R i2r;
775
776void *usr_data;
777};
778
779The elements have the following meanings.
780
781ext_nid is the NID of the object identifier of the extension.
782
783ext_flags is set of flags. Currently the only external flag is
784 X509V3_EXT_MULTILINE which means a multi valued extensions
785 should be printed on separate lines.
786
787usr_data is an extension specific pointer to any relevant data. This
788 allows extensions to share identical code but have different
789 uses. An example of this is the bit string extension which uses
790 usr_data to contain a list of the bit names.
791
792All the remaining elements are function pointers.
793
794ext_new is a pointer to a function that allocates memory for the
795 extension ASN1 structure: for example ASN1_OBJECT_new().
796
797ext_free is a pointer to a function that free up memory of the extension
798 ASN1 structure: for example ASN1_OBJECT_free().
799
800d2i is the standard ASN1 function that converts a DER buffer into
801 the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
802
803i2d is the standard ASN1 function that converts the internal
804 structure into the DER representation: for example
805 i2d_ASN1_IA5STRING().
806
807The remaining functions are depend on the type of extension. One i2X and
808one X2i should be set and the rest set to NULL. The types set do not need
809to match up, for example the extension could be set using the multi valued
810v2i function and printed out using the raw i2r.
811
812All functions have the X509V3_EXT_METHOD passed to them in the 'method'
813parameter and an X509V3_CTX structure. Extension code can then access the
814parent structure via the 'method' parameter to for example make use of the value
815of usr_data. If the code needs to use detail relating to the request it can
816use the 'ctx' parameter.
817
818A note should be given here about the 'flags' member of the 'ctx' parameter.
819If it has the value CTX_TEST then the configuration syntax is being checked
820and no actual certificate or CRL exists. Therefore any attempt in the config
821file to access such information should silently succeed. If the syntax is OK
822then it should simply return a (possibly bogus) extension, otherwise it
823should return NULL.
824
825char *i2s(struct v3_ext_method *method, void *ext);
826
827This function takes the internal structure in the ext parameter and returns
828a Malloc'ed string representing its value.
829
830void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
831
832This function takes the string representation in the ext parameter and returns
833an allocated internal structure: ext_free() will be used on this internal
834structure after use.
835
836i2v and v2i handle a STACK_OF(CONF_VALUE):
837
838typedef struct
839{
840 char *section;
841 char *name;
842 char *value;
843} CONF_VALUE;
844
845Only the name and value members are currently used.
846
847STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
848
849This function is passed the internal structure in the ext parameter and
850returns a STACK of CONF_VALUE structures. The values of name, value,
851section and the structure itself will be freed up with Free after use.
852Several helper functions are available to add values to this STACK.
853
854void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
855 STACK_OF(CONF_VALUE) *values);
856
857This function takes a STACK_OF(CONF_VALUE) structures and should set the
858values of the external structure. This typically uses the name element to
859determine which structure element to set and the value element to determine
860what to set it to. Several helper functions are available for this
861purpose (see above).
862
863int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
864
865This function is passed the internal extension structure in the ext parameter
866and sends out a human readable version of the extension to out. The 'indent'
867parameter should be noted to determine the necessary amount of indentation
868needed on the output.
869
870void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
871
872This is just passed the string representation of the extension. It is intended
873to be used for more elaborate extensions where the standard single and multi
874valued options are insufficient. They can use the 'ctx' parameter to parse the
875configuration database themselves. See the context functions section for details
876of how to do this.
877
878Note: although this type takes the same parameters as the "r2s" function there
879is a subtle difference. Whereas an "r2i" function can access a configuration
880database an "s2i" function MUST NOT. This is so the internal code can safely
881assume that an "s2i" function will work without a configuration database.
882
883==============================================================================
884 PKCS#12 Library
885==============================================================================
886
887This section describes the internal PKCS#12 support. There are very few
888differences between the old external library and the new internal code at
889present. This may well change because the external library will not be updated
890much in future.
891
892This version now includes a couple of high level PKCS#12 functions which
893generally "do the right thing" and should make it much easier to handle PKCS#12
894structures.
895
896HIGH LEVEL FUNCTIONS.
897
898For most applications you only need concern yourself with the high level
899functions. They can parse and generate simple PKCS#12 files as produced by
900Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
901private key and certificate pair.
902
9031. Initialisation and cleanup.
904
905No special initialisation is needed for the internal PKCS#12 library: the
906standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
907add all algorithms (you should at least add SHA1 though) then you can manually
908initialise the PKCS#12 library with:
909
910PKCS12_PBE_add();
911
912The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
913called or it can be directly freed with:
914
915EVP_PBE_cleanup();
916
917after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
918be called.
919
9202. I/O functions.
921
922i2d_PKCS12_bio(bp, p12)
923
924This writes out a PKCS12 structure to a BIO.
925
926i2d_PKCS12_fp(fp, p12)
927
928This is the same but for a FILE pointer.
929
930d2i_PKCS12_bio(bp, p12)
931
932This reads in a PKCS12 structure from a BIO.
933
934d2i_PKCS12_fp(fp, p12)
935
936This is the same but for a FILE pointer.
937
9383. High level functions.
939
9403.1 Parsing with PKCS12_parse().
941
942int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
943 STACK **ca);
944
945This function takes a PKCS12 structure and a password (ASCII, null terminated)
946and returns the private key, the corresponding certificate and any CA
947certificates. If any of these is not required it can be passed as a NULL.
948The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
949structure. Typically to read in a PKCS#12 file you might do:
950
951p12 = d2i_PKCS12_fp(fp, NULL);
952PKCS12_parse(p12, password, &pkey, &cert, NULL); /* CAs not wanted */
953PKCS12_free(p12);
954
9553.2 PKCS#12 creation with PKCS12_create().
956
957PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
958 STACK *ca, int nid_key, int nid_cert, int iter,
959 int mac_iter, int keytype);
960
961This function will create a PKCS12 structure from a given password, name,
962private key, certificate and optional STACK of CA certificates. The remaining
9635 parameters can be set to 0 and sensible defaults will be used.
964
965The parameters nid_key and nid_cert are the key and certificate encryption
966algorithms, iter is the encryption iteration count, mac_iter is the MAC
967iteration count and keytype is the type of private key. If you really want
968to know what these last 5 parameters do then read the low level section.
969
970Typically to create a PKCS#12 file the following could be used:
971
972p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
973i2d_PKCS12_fp(fp, p12);
974PKCS12_free(p12);
975
9763.3 Changing a PKCS#12 structure password.
977
978int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
979
980This changes the password of an already existing PKCS#12 structure. oldpass
981is the old password and newpass is the new one. An error occurs if the old
982password is incorrect.
983
984LOW LEVEL FUNCTIONS.
985
986In some cases the high level functions do not provide the necessary
987functionality. For example if you want to generate or parse more complex
988PKCS#12 files. The sample pkcs12 application uses the low level functions
989to display details about the internal structure of a PKCS#12 file.
990
991Introduction.
992
993This is a brief description of how a PKCS#12 file is represented internally:
994some knowledge of PKCS#12 is assumed.
995
996A PKCS#12 object contains several levels.
997
998At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
999CRL, a private key, encrypted or unencrypted, a set of safebags (so the
1000structure can be nested) or other secrets (not documented at present).
1001A safebag can optionally have attributes, currently these are: a unicode
1002friendlyName (a Unicode string) or a localKeyID (a string of bytes).
1003
1004At the next level is an authSafe which is a set of safebags collected into
1005a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
1006
1007At the top level is the PKCS12 structure itself which contains a set of
1008authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
1009contains a MAC which is a kind of password protected digest to preserve
1010integrity (so any unencrypted stuff below can't be tampered with).
1011
1012The reason for these levels is so various objects can be encrypted in various
1013ways. For example you might want to encrypt a set of private keys with
1014triple-DES and then include the related certificates either unencrypted or
1015with lower encryption. Yes it's the dreaded crypto laws at work again which
1016allow strong encryption on private keys and only weak encryption on other
1017stuff.
1018
1019To build one of these things you turn all certificates and keys into safebags
1020(with optional attributes). You collect the safebags into (one or more) STACKS
1021and convert these into authsafes (encrypted or unencrypted). The authsafes
1022are collected into a STACK and added to a PKCS12 structure. Finally a MAC
1023inserted.
1024
1025Pulling one apart is basically the reverse process. The MAC is verified against
1026the given password. The authsafes are extracted and each authsafe split into
1027a set of safebags (possibly involving decryption). Finally the safebags are
1028decomposed into the original keys and certificates and the attributes used to
1029match up private key and certificate pairs.
1030
1031Anyway here are the functions that do the dirty work.
1032
10331. Construction functions.
1034
10351.1 Safebag functions.
1036
1037M_PKCS12_x5092certbag(x509)
1038
1039This macro takes an X509 structure and returns a certificate bag. The
1040X509 structure can be freed up after calling this function.
1041
1042M_PKCS12_x509crl2certbag(crl)
1043
1044As above but for a CRL.
1045
1046PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
1047
1048Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
1049Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
1050structure contains a private key data in plain text form it should be free'd
1051up as soon as it has been encrypted for security reasons (freeing up the
1052structure zeros out the sensitive data). This can be done with
1053PKCS8_PRIV_KEY_INFO_free().
1054
1055PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
1056
1057This sets the key type when a key is imported into MSIE or Outlook 98. Two
1058values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
1059key that can also be used for signing but its size is limited in the export
1060versions of MS software to 512 bits, it is also the default. KEY_SIG is a
1061signing only key but the keysize is unlimited (well 16K is supposed to work).
1062If you are using the domestic version of MSIE then you can ignore this because
1063KEY_EX is not limited and can be used for both.
1064
1065PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
1066
1067Convert a PKCS8 private key structure into a keybag. This routine embeds the
1068p8 structure in the keybag so p8 should not be freed up or used after it is
1069called. The p8 structure will be freed up when the safebag is freed.
1070
1071PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
1072
1073Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
1074embedded and can be freed up after use.
1075
1076int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
1077int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
1078
1079Add a local key id or a friendlyname to a safebag.
1080
10811.2 Authsafe functions.
1082
1083PKCS7 *PKCS12_pack_p7data(STACK *sk)
1084Take a stack of safebags and convert them into an unencrypted authsafe. The
1085stack of safebags can be freed up after calling this function.
1086
1087PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
1088
1089As above but encrypted.
1090
10911.3 PKCS12 functions.
1092
1093PKCS12 *PKCS12_init(int mode)
1094
1095Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
1096
1097M_PKCS12_pack_authsafes(p12, safes)
1098
1099This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
1100
1101int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
1102
1103Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
1104that SHA-1 should be used.
1105
11062. Extraction Functions.
1107
11082.1 Safebags.
1109
1110M_PKCS12_bag_type(bag)
1111
1112Return the type of "bag". Returns one of the following
1113
1114NID_keyBag
1115NID_pkcs8ShroudedKeyBag 7
1116NID_certBag 8
1117NID_crlBag 9
1118NID_secretBag 10
1119NID_safeContentsBag 11
1120
1121M_PKCS12_cert_bag_type(bag)
1122
1123Returns type of certificate bag, following are understood.
1124
1125NID_x509Certificate 14
1126NID_sdsiCertificate 15
1127
1128M_PKCS12_crl_bag_type(bag)
1129
1130Returns crl bag type, currently only NID_crlBag is recognised.
1131
1132M_PKCS12_certbag2x509(bag)
1133
1134This macro extracts an X509 certificate from a certificate bag.
1135
1136M_PKCS12_certbag2x509crl(bag)
1137
1138As above but for a CRL.
1139
1140EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
1141
1142Extract a private key from a PKCS8 private key info structure.
1143
1144M_PKCS12_decrypt_skey(bag, pass, passlen)
1145
1146Decrypt a shrouded key bag and return a PKCS8 private key info structure.
1147Works with both RSA and DSA keys
1148
1149char *PKCS12_get_friendlyname(bag)
1150
1151Returns the friendlyName of a bag if present or NULL if none. The returned
1152string is a null terminated ASCII string allocated with Malloc(). It should
1153thus be freed up with Free() after use.
1154
11552.2 AuthSafe functions.
1156
1157M_PKCS12_unpack_p7data(p7)
1158
1159Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
1160
1161#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
1162
1163As above but for an encrypted content info.
1164
11652.3 PKCS12 functions.
1166
1167M_PKCS12_unpack_authsafes(p12)
1168
1169Extract a STACK of authsafes from a PKCS12 structure.
1170
1171M_PKCS12_mac_present(p12)
1172
1173Check to see if a MAC is present.
1174
1175int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
1176
1177Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
1178
1179
1180Notes.
1181
11821. All the function return 0 or NULL on error.
11832. Encryption based functions take a common set of parameters. These are
1184described below.
1185
1186pass, passlen
1187ASCII password and length. The password on the MAC is called the "integrity
1188password" the encryption password is called the "privacy password" in the
1189PKCS#12 documentation. The passwords do not have to be the same. If -1 is
1190passed for the length it is worked out by the function itself (currently
1191this is sometimes done whatever is passed as the length but that may change).
1192
1193salt, saltlen
1194A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
1195default length is used.
1196
1197iter
1198Iteration count. This is a measure of how many times an internal function is
1199called to encrypt the data. The larger this value is the longer it takes, it
1200makes dictionary attacks on passwords harder. NOTE: Some implementations do
1201not support an iteration count on the MAC. If the password for the MAC and
1202encryption is the same then there is no point in having a high iteration
1203count for encryption if the MAC has no count. The MAC could be attacked
1204and the password used for the main decryption.
1205
1206pbe_nid
1207This is the NID of the password based encryption method used. The following are
1208supported.
1209NID_pbe_WithSHA1And128BitRC4
1210NID_pbe_WithSHA1And40BitRC4
1211NID_pbe_WithSHA1And3_Key_TripleDES_CBC
1212NID_pbe_WithSHA1And2_Key_TripleDES_CBC
1213NID_pbe_WithSHA1And128BitRC2_CBC
1214NID_pbe_WithSHA1And40BitRC2_CBC
1215
1216Which you use depends on the implementation you are exporting to. "Export
1217grade" (i.e. cryptographically challenged) products cannot support all
1218algorithms. Typically you may be able to use any encryption on shrouded key
1219bags but they must then be placed in an unencrypted authsafe. Other authsafes
1220may only support 40bit encryption. Of course if you are using SSLeay
1221throughout you can strongly encrypt everything and have high iteration counts
1222on everything.
1223
12243. For decryption routines only the password and length are needed.
1225
12264. Unlike the external version the nid's of objects are the values of the
1227constants: that is NID_certBag is the real nid, therefore there is no
1228PKCS12_obj_offset() function. Note the object constants are not the same as
1229those of the external version. If you use these constants then you will need
1230to recompile your code.
1231
12325. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or
1233macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
1234reused or freed up safely.
1235
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt
new file mode 100644
index 0000000000..596d9001e6
--- /dev/null
+++ b/src/lib/libssl/doc/standards.txt
@@ -0,0 +1,130 @@
1Standards related to OpenSSL
2============================
3
4[Please, this is currently a draft. I made a first try at finding
5 documents that describe parts of what OpenSSL implements. There are
6 big gaps, and I've most certainly done something wrong. Please
7 correct whatever is... Also, this note should be removed when this
8 file is reaching a somewhat correct state. -- Richard Levitte]
9
10
11All pointers in here will be either URL's or blobs of text borrowed
12from miscellaneous indexes, like rfc-index.txt (index of RFCs),
131id-index.txt (index of Internet drafts) and the like.
14
15To find the latest possible RFCs, it's recommended to either browse
16ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
17use the search mechanism found there.
18To find the latest possible Internet drafts, it's recommended to
19browse ftp://ftp.isi.edu/internet-drafts/.
20To find the latest possible PKCS, it's recommended to browse
21http://www.rsasecurity.com/rsalabs/pkcs/.
22
23
24Implemented:
25------------
26
27These are documents that describe things that are implemented (in
28whole or at least great parts) in OpenSSL.
29
301319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
31 (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
32
331320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
34 TXT=32407 bytes) (Status: INFORMATIONAL)
35
361321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
37 TXT=35222 bytes) (Status: INFORMATIONAL)
38
392246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
40 (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
41
422268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
43 January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
44
452314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski.
46 March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL)
47
482315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
49 March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
50
512437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski,
52 J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes
53 RFC2313) (Status: INFORMATIONAL)
54
552459 Internet X.509 Public Key Infrastructure Certificate and CRL
56 Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999.
57 (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD)
58
59PKCS#8: Private-Key Information Syntax Standard
60
61PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
62
632560 X.509 Internet Public Key Infrastructure Online Certificate
64 Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
65 C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
66 STANDARD)
67
68
69Related:
70--------
71
72These are documents that are close to OpenSSL, for example the
73STARTTLS documents.
74
751421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
76 Encryption and Authentication Procedures. J. Linn. February 1993.
77 (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
78 STANDARD)
79
801422 Privacy Enhancement for Internet Electronic Mail: Part II:
81 Certificate-Based Key Management. S. Kent. February 1993. (Format:
82 TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
83
841423 Privacy Enhancement for Internet Electronic Mail: Part III:
85 Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
86 (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
87 STANDARD)
88
891424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
90 Certification and Related Services. B. Kaliski. February 1993.
91 (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
92
932256 A Summary of the X.500(96) User Schema for use with LDAPv3. M.
94 Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED
95 STANDARD)
96
972487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman.
98 January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD)
99
1002585 Internet X.509 Public Key Infrastructure Operational Protocols:
101 FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
102 bytes) (Status: PROPOSED STANDARD)
103
1042595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
105 (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
106
1072712 Addition of Kerberos Cipher Suites to Transport Layer Security
108 (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
109 (Status: PROPOSED STANDARD)
110
1112817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
112 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
113 STANDARD)
114
1152818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
116 (Status: INFORMATIONAL)
117
118 "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>
119
120
121To be implemented:
122------------------
123
124These are documents that describe things that are planed to be
125implemented in the hopefully short future.
126
1272712 Addition of Kerberos Cipher Suites to Transport Layer Security
128 (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
129 (Status: PROPOSED STANDARD)
130
diff --git a/src/lib/libssl/man/Makefile b/src/lib/libssl/man/Makefile
new file mode 100644
index 0000000000..a9e097ef3e
--- /dev/null
+++ b/src/lib/libssl/man/Makefile
@@ -0,0 +1,898 @@
1# $OpenBSD: Makefile,v 1.1 2002/09/03 18:59:56 markus Exp $
2
3.include <bsd.own.mk> # for NOMAN
4
5.ifndef NOMAN
6MANALL= \
7 BN_CTX_new.cat3 \
8 BN_CTX_start.cat3 \
9 BN_add.cat3 \
10 BN_add_word.cat3 \
11 BN_bn2bin.cat3 \
12 BN_cmp.cat3 \
13 BN_copy.cat3 \
14 BN_generate_prime.cat3 \
15 BN_mod_inverse.cat3 \
16 BN_mod_mul_montgomery.cat3 \
17 BN_mod_mul_reciprocal.cat3 \
18 BN_new.cat3 \
19 BN_num_bytes.cat3 \
20 BN_rand.cat3 \
21 BN_set_bit.cat3 \
22 BN_swap.cat3 \
23 BN_zero.cat3 \
24 BUF_MEM_new.cat3 \
25 BUF_MEM_new.cat3 \
26 CRYPTO_set_ex_data.cat3 \
27 CRYPTO_set_locking_callback.cat3 \
28 DH_generate_key.cat3 \
29 DH_generate_parameters.cat3 \
30 DH_get_ex_new_index.cat3 \
31 DH_new.cat3 \
32 DH_set_method.cat3 \
33 DH_size.cat3 \
34 DSA_SIG_new.cat3 \
35 DSA_do_sign.cat3 \
36 DSA_dup_DH.cat3 \
37 DSA_generate_key.cat3 \
38 DSA_generate_parameters.cat3 \
39 DSA_get_ex_new_index.cat3 \
40 DSA_new.cat3 \
41 DSA_set_method.cat3 \
42 DSA_sign.cat3 \
43 DSA_size.cat3 \
44 ERR_GET_LIB.cat3 \
45 ERR_clear_error.cat3 \
46 ERR_error_string.cat3 \
47 ERR_get_error.cat3 \
48 ERR_load_crypto_strings.cat3 \
49 ERR_load_strings.cat3 \
50 ERR_print_errors.cat3 \
51 ERR_put_error.cat3 \
52 ERR_remove_state.cat3 \
53 EVP_BytesToKey.cat3 \
54 EVP_DigestInit.cat3 \
55 EVP_EncryptInit.cat3 \
56 EVP_OpenInit.cat3 \
57 EVP_SealInit.cat3 \
58 EVP_SignInit.cat3 \
59 EVP_VerifyInit.cat3 \
60 HMAC.cat3 \
61 MD5.cat3 \
62 MDC2.cat3 \
63 OPENSSL_VERSION_NUMBER.cat3 \
64 OpenSSL_add_all_algorithms.cat3 \
65 RAND_add.cat3 \
66 RAND_bytes.cat3 \
67 RAND_cleanup.cat3 \
68 RAND_egd.cat3 \
69 RAND_load_file.cat3 \
70 RAND_set_rand_method.cat3 \
71 RC4.cat3 \
72 RIPEMD160.cat3 \
73 RSA_blinding_on.cat3 \
74 RSA_check_key.cat3 \
75 RSA_generate_key.cat3 \
76 RSA_get_ex_new_index.cat3 \
77 RSA_new.cat3 \
78 RSA_padding_add_PKCS1_type_1.cat3 \
79 RSA_print.cat3 \
80 RSA_private_encrypt.cat3 \
81 RSA_public_encrypt.cat3 \
82 RSA_set_method.cat3 \
83 RSA_sign.cat3 \
84 RSA_sign_ASN1_OCTET_STRING.cat3 \
85 RSA_size.cat3 \
86 SHA1.cat3 \
87 SSL_CIPHER_get_name.cat3 \
88 SSL_COMP_add_compression_method.cat3 \
89 SSL_CTX_add_extra_chain_cert.cat3 \
90 SSL_CTX_add_session.cat3 \
91 SSL_CTX_ctrl.cat3 \
92 SSL_CTX_flush_sessions.cat3 \
93 SSL_CTX_free.cat3 \
94 SSL_CTX_get_ex_new_index.cat3 \
95 SSL_CTX_get_verify_mode.cat3 \
96 SSL_CTX_load_verify_locations.cat3 \
97 SSL_CTX_new.cat3 \
98 SSL_CTX_sess_number.cat3 \
99 SSL_CTX_sess_set_cache_size.cat3 \
100 SSL_CTX_sess_set_get_cb.cat3 \
101 SSL_CTX_sessions.cat3 \
102 SSL_CTX_set_cert_store.cat3 \
103 SSL_CTX_set_cert_verify_callback.cat3 \
104 SSL_CTX_set_cipher_list.cat3 \
105 SSL_CTX_set_client_CA_list.cat3 \
106 SSL_CTX_set_client_cert_cb.cat3 \
107 SSL_CTX_set_default_passwd_cb.cat3 \
108 SSL_CTX_set_generate_session_id.cat3 \
109 SSL_CTX_set_info_callback.cat3 \
110 SSL_CTX_set_max_cert_list.cat3 \
111 SSL_CTX_set_mode.cat3 \
112 SSL_CTX_set_msg_callback.cat3 \
113 SSL_CTX_set_options.cat3 \
114 SSL_CTX_set_quiet_shutdown.cat3 \
115 SSL_CTX_set_session_cache_mode.cat3 \
116 SSL_CTX_set_session_id_context.cat3 \
117 SSL_CTX_set_ssl_version.cat3 \
118 SSL_CTX_set_timeout.cat3 \
119 SSL_CTX_set_tmp_dh_callback.cat3 \
120 SSL_CTX_set_tmp_rsa_callback.cat3 \
121 SSL_CTX_set_verify.cat3 \
122 SSL_CTX_use_certificate.cat3 \
123 SSL_SESSION_free.cat3 \
124 SSL_SESSION_get_ex_new_index.cat3 \
125 SSL_SESSION_get_time.cat3 \
126 SSL_accept.cat3 \
127 SSL_alert_type_string.cat3 \
128 SSL_clear.cat3 \
129 SSL_connect.cat3 \
130 SSL_free.cat3 \
131 SSL_get_SSL_CTX.cat3 \
132 SSL_get_ciphers.cat3 \
133 SSL_get_client_CA_list.cat3 \
134 SSL_get_current_cipher.cat3 \
135 SSL_get_default_timeout.cat3 \
136 SSL_get_error.cat3 \
137 SSL_get_ex_data_X509_STORE_CTX_idx.cat3 \
138 SSL_get_ex_new_index.cat3 \
139 SSL_get_fd.cat3 \
140 SSL_get_peer_cert_chain.cat3 \
141 SSL_get_peer_certificate.cat3 \
142 SSL_get_rbio.cat3 \
143 SSL_get_session.cat3 \
144 SSL_get_verify_result.cat3 \
145 SSL_get_version.cat3 \
146 SSL_library_init.cat3 \
147 SSL_load_client_CA_file.cat3 \
148 SSL_new.cat3 \
149 SSL_pending.cat3 \
150 SSL_read.cat3 \
151 SSL_rstate_string.cat3 \
152 SSL_session_reused.cat3 \
153 SSL_set_bio.cat3 \
154 SSL_set_connect_state.cat3 \
155 SSL_set_fd.cat3 \
156 SSL_set_session.cat3 \
157 SSL_set_shutdown.cat3 \
158 SSL_set_verify_result.cat3 \
159 SSL_shutdown.cat3 \
160 SSL_state_string.cat3 \
161 SSL_want.cat3 \
162 SSL_write.cat3 \
163 blowfish.cat3 \
164 bn.cat3 \
165 bn_internal.cat3 \
166 crypto.cat3 \
167 d2i_DHparams.cat3 \
168 d2i_RSAPublicKey.cat3 \
169 d2i_SSL_SESSION.cat3 \
170 des_modes.cat7 \
171 des_random_key.cat3 \
172 dh.cat3 \
173 dsa.cat3 \
174 lh_stats.cat3 \
175 lhash.cat3 \
176 openssl.cat1 \
177 rsa.cat3 \
178 ssl.cat3
179
180.if MANPS
181PSALL= ${MANALL:S/.cat1/.ps1/g:S/.cat2/.ps2/g:S/.cat3/.ps3/g:S/.cat4/.ps4/g:S/.cat5/.ps5/g:S/.cat6/.ps6/g:S/.cat7/.ps7/g:S/.cat8/.ps8/g:S/.cat9/.ps9/g}
182.endif
183
184# these are is a real problem, since they re-document functions described in
185# other pages.
186#
187# err.pod -> ERR_get_error.pod
188# ERR_peek_error ERR_get_error_line
189# ERR_peek_error_line ERR_get_error_line_data ERR_peek_error_line_data
190# ERR_GET_LIB ERR_GET_FUNC ERR_GET_REASON ERR_clear_error ERR_error_string
191# ERR_lib_error_string ERR_func_error_string ERR_reason_error_string
192# ERR_print_errors ERR_print_errors_fp ERR_load_crypto_strings ERR_free_strings
193# ERR_remove_state ERR_put_error ERR_add_error_data ERR_load_strings ERR_PACK
194# ERR_get_next_error_library
195#
196# rand.pod -> RAND_bytes.pod
197# RAND_pseudo_bytes RAND_seed RAND_add RAND_status RAND_event
198# RAND_screen RAND_load_file RAND_write_file RAND_file_name RAND_egd
199# RAND_set_rand_method RAND_get_rand_method RAND_SSLeay RAND_cleanup
200
201# buffer.pod -> BUF_MEM_new.pod
202# BUF_MEM_free BUF_MEM_grow BUF_strdup
203BUF_MEM_new.cat3: buffer.pod
204 ( cp ${.ALLSRC} BUF_MEM_new.pm && pod2man --section=3 --official \
205 --center='OpenSSL' --release="OpenBSD `uname -r`" \
206 BUF_MEM_new.pm ) | nroff -Tascii -man > ${.TARGET}
207.if MANPS
208BUF_MEM_new.ps3: buffer.pod
209 ( cp ${.ALLSRC} BUF_MEM_new.pm && pod2man --section=3 --official \
210 --center='OpenSSL' --release="OpenBSD `uname -r`" \
211 BUF_MEM_new.pm ) | nroff -Tps -man > ${.TARGET}
212.endif
213
214# rc4.pod -> RC4.pod
215# RC4_set_key
216RC4.cat3: rc4.pod
217 ( cp ${.ALLSRC} RC4.pm && pod2man --section=3 --official \
218 --center='OpenSSL' --release="OpenBSD `uname -r`" \
219 RC4.pm ) | nroff -Tascii -man > ${.TARGET}
220.if MANPS
221RC4.ps3: rc4.pod
222 ( cp ${.ALLSRC} RC4.pm && pod2man --section=3 --official \
223 --center='OpenSSL' --release="OpenBSD `uname -r`" \
224 RC4.pm ) | nroff -Tps -man > ${.TARGET}
225.endif
226
227# threads.pod -> CRYPTO_set_locking_callback.pod
228# CRYPTO_set_id_callback CRYPTO_num_locks
229CRYPTO_set_locking_callback.cat3: threads.pod
230 ( cp ${.ALLSRC} CRYPTO_set_locking_callback.pm && \
231 pod2man --section=3 --official \
232 --center='OpenSSL' --release="OpenBSD `uname -r`" \
233 CRYPTO_set_locking_callback.pm ) | nroff -Tascii -man > ${.TARGET}
234.if MANPS
235CRYPTO_set_locking_callback.ps3: threads.pod
236 ( cp ${.ALLSRC} CRYPTO_set_locking_callback.pm && \
237 pod2man --section=3 --official \
238 --center='OpenSSL' --release="OpenBSD `uname -r`" \
239 CRYPTO_set_locking_callback.pm ) | nroff -Tps -man > ${.TARGET}
240.endif
241
242# ripemd.pod -> RIPEMD160.pod
243# RIPEMD160_Init RIPEMD160_Update RIPEMD160_Final
244RIPEMD160.cat3: ripemd.pod
245 ( cp ${.ALLSRC} RIPEMD160.pm && pod2man --section=3 --official \
246 --center='OpenSSL' --release="OpenBSD `uname -r`" \
247 RIPEMD160.pm ) | nroff -Tascii -man > ${.TARGET}
248.if MANPS
249RIPEMD160.ps3: ripemd.pod
250 ( cp ${.ALLSRC} RIPEMD160.pm && pod2man --section=3 --official \
251 --center='OpenSSL' --release="OpenBSD `uname -r`" \
252 RIPEMD160.pm ) | nroff -Tps -man > ${.TARGET}
253.endif
254
255# sha.pod -> SHA1.pod
256SHA1.cat3: sha.pod
257 ( cp ${.ALLSRC} SHA1.pm && pod2man --section=3 --official \
258 --center='OpenSSL' --release="OpenBSD `uname -r`" \
259 SHA1.pm ) | nroff -Tascii -man > ${.TARGET}
260.if MANPS
261SHA1.ps3: sha.pod
262 ( cp ${.ALLSRC} SHA1.pm && pod2man --section=3 --official \
263 --center='OpenSSL' --release="OpenBSD `uname -r`" \
264 SHA1.pm ) | nroff -Tps -man > ${.TARGET}
265.endif
266
267# md5.pod -> MD5.pod
268MD5.cat3: md5.pod
269 ( cp ${.ALLSRC} MD5.pm && pod2man --section=3 --official \
270 --center='OpenSSL' --release="OpenBSD `uname -r`" \
271 MD5.pm ) | nroff -Tascii -man > ${.TARGET}
272.if MANPS
273MD5.ps3: md5.pod
274 ( cp ${.ALLSRC} MD5.pm && pod2man --section=3 --official \
275 --center='OpenSSL' --release="OpenBSD `uname -r`" \
276 MD5.pm ) | nroff -Tps -man > ${.TARGET}
277.endif
278
279# mdc2.pod -> MDC2.pod
280MDC2.cat3: mdc2.pod
281 ( cp ${.ALLSRC} MDC2.pm && pod2man --section=3 --official \
282 --center='OpenSSL' --release="OpenBSD `uname -r`" \
283 MDC2.pm ) | nroff -Tascii -man > ${.TARGET}
284.if MANPS
285MDC2.ps3: mdc2.pod
286 ( cp ${.ALLSRC} MDC2.pm && pod2man --section=3 --official \
287 --center='OpenSSL' --release="OpenBSD `uname -r`" \
288 MDC2.pm ) | nroff -Tps -man > ${.TARGET}
289.endif
290
291# hmac.pod -> HMAC.pod
292HMAC.cat3: hmac.pod
293 ( cp ${.ALLSRC} HMAC.pm && pod2man --section=3 --official \
294 --center='OpenSSL' --release="OpenBSD `uname -r`" \
295 HMAC.pm ) | nroff -Tascii -man > ${.TARGET}
296.if MANPS
297HMAC.ps3: hmac.pod
298 ( cp ${.ALLSRC} HMAC.pm && pod2man --section=3 --official \
299 --center='OpenSSL' --release="OpenBSD `uname -r`" \
300 HMAC.pm ) | nroff -Tps -man > ${.TARGET}
301.endif
302
303# des.pod -> des_random_key, des_set_key, des_key_sched, des_set_key_checked,
304# des_set_key_unchecked, des_set_odd_parity, des_is_weak_key, des_ecb_encrypt,
305# des_ecb2_encrypt, des_ecb3_encrypt, des_ncbc_encrypt, des_cfb_encrypt,
306# des_ofb_encrypt, des_pcbc_encrypt, des_cfb64_encrypt, des_ofb64_encrypt,
307# des_xcbc_encrypt, des_ede2_cbc_encrypt, des_ede2_cfb64_encrypt,
308# des_ede2_ofb64_encrypt, des_ede3_cbc_encrypt, des_ede3_cbcm_encrypt,
309# des_ede3_cfb64_encrypt, des_ede3_ofb64_encrypt, des_read_password,
310# des_read_2passwords, des_read_pw_string, des_cbc_cksum, des_quad_cksum,
311# des_string_to_key, des_string_to_2keys, des_fcrypt, des_crypt,
312# des_enc_read, des_enc_write
313des_random_key.cat3: des.pod
314 ( cp ${.ALLSRC} des_random_key.pm && pod2man --section=3 --official \
315 --center='OpenSSL' --release="OpenBSD `uname -r`" \
316 des_random_key.pm ) | nroff -Tascii -man > ${.TARGET}
317.if MANPS
318des_random_key.ps3: des.pod
319 ( cp ${.ALLSRC} des_random_key.pm && pod2man --section=3 --official \
320 --center='OpenSSL' --release="OpenBSD `uname -r`" \
321 des_random_key.pm ) | nroff -Tps -man > ${.TARGET}
322.endif
323
324MLINKS+=\
325 BN_CTX_new.3 BN_CTX_free.3 \
326 BN_CTX_new.3 BN_CTX_init.3 \
327 BN_CTX_start.3 BN_CTX_end.3 \
328 BN_CTX_start.3 BN_CTX_get.3 \
329 BN_add.3 BN_div.3 \
330 BN_add.3 BN_exp.3 \
331 BN_add.3 BN_gcd.3 \
332 BN_add.3 BN_mod.3 \
333 BN_add.3 BN_mod_exp.3 \
334 BN_add.3 BN_mod_mul.3 \
335 BN_add.3 BN_mul.3 \
336 BN_add.3 BN_sqr.3 \
337 BN_add.3 BN_sub.3 \
338 BN_add_word.3 BN_div_word.3 \
339 BN_add_word.3 BN_mod_word.3 \
340 BN_add_word.3 BN_mul_word.3 \
341 BN_add_word.3 BN_sub_word.3 \
342 BN_bn2bin.3 BN_bin2bn.3 \
343 BN_bn2bin.3 BN_bn2dec.3 \
344 BN_bn2bin.3 BN_bn2hex.3 \
345 BN_bn2bin.3 BN_bn2mpi.3 \
346 BN_bn2bin.3 BN_dec2bn.3 \
347 BN_bn2bin.3 BN_hex2bn.3 \
348 BN_bn2bin.3 BN_mpi2bn.3 \
349 BN_bn2bin.3 BN_print.3 \
350 BN_bn2bin.3 BN_print_fp.3 \
351 BN_cmp.3 BN_is_odd.3 \
352 BN_cmp.3 BN_is_one.3 \
353 BN_cmp.3 BN_is_word.3 \
354 BN_cmp.3 BN_is_zero.3 \
355 BN_cmp.3 BN_ucmp.3 \
356 BN_copy.3 BN_dup.3 \
357 BN_generate_prime.3 BN_is_prime.3 \
358 BN_generate_prime.3 BN_is_prime_fasttest.3 \
359 BN_mod_mul_montgomery.3 BN_MONT_CTX_copy.3 \
360 BN_mod_mul_montgomery.3 BN_MONT_CTX_free.3 \
361 BN_mod_mul_montgomery.3 BN_MONT_CTX_init.3 \
362 BN_mod_mul_montgomery.3 BN_MONT_CTX_new.3 \
363 BN_mod_mul_montgomery.3 BN_MONT_CTX_set.3 \
364 BN_mod_mul_montgomery.3 BN_from_montgomery.3 \
365 BN_mod_mul_montgomery.3 BN_to_montgomery.3 \
366 BN_mod_mul_reciprocal.3 BN_RECP_CTX_free.3 \
367 BN_mod_mul_reciprocal.3 BN_RECP_CTX_init.3 \
368 BN_mod_mul_reciprocal.3 BN_RECP_CTX_new.3 \
369 BN_mod_mul_reciprocal.3 BN_RECP_CTX_set.3 \
370 BN_mod_mul_reciprocal.3 BN_div_recp.3 \
371 BN_new.3 BN_clear.3 \
372 BN_new.3 BN_clear_free.3 \
373 BN_new.3 BN_free.3 \
374 BN_new.3 BN_init.3 \
375 BN_num_bytes.3 BN_num_bits.3 \
376 BN_num_bytes.3 BN_num_bits_word.3 \
377 BN_rand.3 BN_pseudo_rand.3 \
378 BN_rand.3 BN_rand_range.3 \
379 BN_set_bit.3 BN_clear_bit.3 \
380 BN_set_bit.3 BN_is_bit_set.3 \
381 BN_set_bit.3 BN_lshift.3 \
382 BN_set_bit.3 BN_lshift1.3 \
383 BN_set_bit.3 BN_mask_bits.3 \
384 BN_set_bit.3 BN_rshift.3 \
385 BN_set_bit.3 BN_rshift1.3 \
386 BN_zero.3 BN_get_word.3 \
387 BN_zero.3 BN_one.3 \
388 BN_zero.3 BN_set_word.3 \
389 BN_zero.3 BN_value_one.3 \
390 BUF_MEM_new.3 BUF_MEM_free.3 \
391 BUF_MEM_new.3 BUF_MEM_grow.3 \
392 BUF_MEM_new.3 BUF_strdup.3 \
393 CRYPTO_set_ex_data.3 CRYPTO_get_ex_data.3 \
394 CRYPTO_set_locking_callback.3 CRYPTO_add.3 \
395 CRYPTO_set_locking_callback.3 CRYPTO_add_lock.3 \
396 CRYPTO_set_locking_callback.3 CRYPTO_destroy_dynlockid.3 \
397 CRYPTO_set_locking_callback.3 CRYPTO_get_new_dynlockid.3 \
398 CRYPTO_set_locking_callback.3 CRYPTO_lock.3 \
399 CRYPTO_set_locking_callback.3 CRYPTO_num_locks.3 \
400 CRYPTO_set_locking_callback.3 CRYPTO_r_lock.3 \
401 CRYPTO_set_locking_callback.3 CRYPTO_r_unlock.3 \
402 CRYPTO_set_locking_callback.3 CRYPTO_set_dynlock_create_callback.3 \
403 CRYPTO_set_locking_callback.3 CRYPTO_set_dynlock_destroy_callback.3 \
404 CRYPTO_set_locking_callback.3 CRYPTO_set_dynlock_lock_callback.3 \
405 CRYPTO_set_locking_callback.3 CRYPTO_set_id_callback.3 \
406 CRYPTO_set_locking_callback.3 CRYPTO_w_lock.3 \
407 CRYPTO_set_locking_callback.3 CRYPTO_w_unlock.3 \
408 DH_generate_key.3 DH_compute_key.3 \
409 DH_generate_parameters.3 DH_check.3 \
410 DH_get_ex_new_index.3 DH_get_ex_data.3 \
411 DH_get_ex_new_index.3 DH_set_ex_data.3 \
412 DH_new.3 DH_free.3 \
413 DH_set_method.3 DH_OpenSSL.3 \
414 DH_set_method.3 DH_get_default_method.3 \
415 DH_set_method.3 DH_get_default_openssl_method.3 \
416 DH_set_method.3 DH_new_method.3 \
417 DH_set_method.3 DH_set_default_method.3 \
418 DH_set_method.3 DH_set_default_openssl_method.3 \
419 DSA_new.3 DSA_free.3 \
420 DSA_set_method.3 DSA_OpenSSL.3 \
421 DSA_set_method.3 DSA_get_default_method.3 \
422 DSA_set_method.3 DSA_get_default_openssl_method.3 \
423 DSA_set_method.3 DSA_new_method.3 \
424 DSA_set_method.3 DSA_set_default_method.3 \
425 DSA_set_method.3 DSA_set_default_openssl_method.3 \
426 DSA_sign.3 DSA_sign_setup.3 \
427 DSA_sign.3 DSA_verify.3 \
428 ERR_GET_LIB.3 ERR_GET_FUNC.3 \
429 ERR_GET_LIB.3 ERR_GET_REASON.3 \
430 ERR_error_string.3 ERR_error_string_n.3 \
431 ERR_error_string.3 ERR_func_error_string.3 \
432 ERR_error_string.3 ERR_lib_error_string.3 \
433 ERR_error_string.3 ERR_reason_error_string.3 \
434 ERR_get_error.3 ERR_get_error_line.3 \
435 ERR_get_error.3 ERR_get_error_line_data.3 \
436 ERR_get_error.3 ERR_peek_error.3 \
437 ERR_get_error.3 ERR_peek_error_line.3 \
438 ERR_get_error.3 ERR_peek_error_line_data.3 \
439 ERR_load_crypto_strings.3 ERR_free_strings.3 \
440 ERR_load_crypto_strings.3 SSL_load_error_strings.3 \
441 ERR_load_strings.3 ERR_PACK.3 \
442 ERR_load_strings.3 ERR_get_next_error_library.3 \
443 ERR_print_errors.3 ERR_print_errors_fp.3 \
444 ERR_put_error.3 ERR_add_error_data.3 \
445 EVP_DigestInit.3 EVP_DigestFinal.3 \
446 EVP_DigestInit.3 EVP_DigestUpdate.3 \
447 EVP_DigestInit.3 EVP_MD_CTX_block_size.3 \
448 EVP_DigestInit.3 EVP_MD_CTX_copy.3 \
449 EVP_DigestInit.3 EVP_MD_CTX_md.3 \
450 EVP_DigestInit.3 EVP_MD_CTX_size.3 \
451 EVP_DigestInit.3 EVP_MD_CTX_type.3 \
452 EVP_DigestInit.3 EVP_MD_block_size.3 \
453 EVP_DigestInit.3 EVP_MD_block_size.3 \
454 EVP_DigestInit.3 EVP_MD_pkey_type.3 \
455 EVP_DigestInit.3 EVP_MD_size.3 \
456 EVP_DigestInit.3 EVP_MD_size.3 \
457 EVP_DigestInit.3 EVP_MD_type.3 \
458 EVP_DigestInit.3 EVP_MD_type.3 \
459 EVP_DigestInit.3 EVP_dss.3 \
460 EVP_DigestInit.3 EVP_dss1.3 \
461 EVP_DigestInit.3 EVP_get_digestbyname.3 \
462 EVP_DigestInit.3 EVP_get_digestbyname.3 \
463 EVP_DigestInit.3 EVP_get_digestbynid.3 \
464 EVP_DigestInit.3 EVP_get_digestbynid.3 \
465 EVP_DigestInit.3 EVP_get_digestbyobj.3 \
466 EVP_DigestInit.3 EVP_md2.3 \
467 EVP_DigestInit.3 EVP_md5.3 \
468 EVP_DigestInit.3 EVP_md_null.3 \
469 EVP_DigestInit.3 EVP_mdc2.3 \
470 EVP_DigestInit.3 EVP_ripemd160.3 \
471 EVP_DigestInit.3 EVP_sha.3 \
472 EVP_DigestInit.3 EVP_sha1.3 \
473 EVP_DigestInit.3 OBJ_nid2sn.3 \
474 EVP_DigestInit.3 OBJ_obj2nid.3 \
475 EVP_EncryptInit.3 EVP_CIPHER_CTX_block_size.3 \
476 EVP_EncryptInit.3 EVP_CIPHER_CTX_cipher.3 \
477 EVP_EncryptInit.3 EVP_CIPHER_CTX_cipher.3 \
478 EVP_EncryptInit.3 EVP_CIPHER_CTX_cleanup.3 \
479 EVP_EncryptInit.3 EVP_CIPHER_CTX_ctrl.3 \
480 EVP_EncryptInit.3 EVP_CIPHER_CTX_iv_length.3 \
481 EVP_EncryptInit.3 EVP_CIPHER_CTX_key_length.3 \
482 EVP_EncryptInit.3 EVP_CIPHER_CTX_nid.3 \
483 EVP_EncryptInit.3 EVP_CIPHER_CTX_set_key_length.3 \
484 EVP_EncryptInit.3 EVP_CIPHER_CTX_type.3 \
485 EVP_EncryptInit.3 EVP_CIPHER_asn1_to_param.3 \
486 EVP_EncryptInit.3 EVP_CIPHER_block_size.3 \
487 EVP_EncryptInit.3 EVP_CIPHER_iv_length.3 \
488 EVP_EncryptInit.3 EVP_CIPHER_key_length.3 \
489 EVP_EncryptInit.3 EVP_CIPHER_nid.3 \
490 EVP_EncryptInit.3 EVP_CIPHER_param_to_asn1.3 \
491 EVP_EncryptInit.3 EVP_CIPHER_type.3 \
492 EVP_EncryptInit.3 EVP_CIPHER_type.3 \
493 EVP_EncryptInit.3 EVP_CipherFinal.3 \
494 EVP_EncryptInit.3 EVP_CipherInit.3 \
495 EVP_EncryptInit.3 EVP_CipherUpdate.3 \
496 EVP_EncryptInit.3 EVP_DecryptFinal.3 \
497 EVP_EncryptInit.3 EVP_DecryptInit.3 \
498 EVP_EncryptInit.3 EVP_DecryptUpdate.3 \
499 EVP_EncryptInit.3 EVP_EncryptFinal.3 \
500 EVP_EncryptInit.3 EVP_EncryptUpdate.3 \
501 EVP_EncryptInit.3 EVP_get_cipherbyname.3 \
502 EVP_EncryptInit.3 EVP_get_cipherbyname.3 \
503 EVP_EncryptInit.3 EVP_get_cipherbynid.3 \
504 EVP_EncryptInit.3 EVP_get_cipherbynid.3 \
505 EVP_EncryptInit.3 EVP_get_cipherbyobj.3 \
506 EVP_EncryptInit.3 OBJ_nid2sn.3 \
507 EVP_EncryptInit.3 OBJ_obj2nid.3 \
508 EVP_OpenInit.3 EVP_OpenFinal.3 \
509 EVP_OpenInit.3 EVP_OpenUpdate.3 \
510 EVP_SealInit.3 EVP_SealFinal.3 \
511 EVP_SealInit.3 EVP_SealUpdate.3 \
512 EVP_SignInit.3 EVP_PKEY_size.3 \
513 EVP_SignInit.3 EVP_SignFinal.3 \
514 EVP_SignInit.3 EVP_SignUpdate.3 \
515 EVP_VerifyInit.3 EVP_VerifyFinal.3 \
516 EVP_VerifyInit.3 EVP_VerifyUpdate.3 \
517 HMAC.3 HMAC_Final.3 \
518 HMAC.3 HMAC_Init.3 \
519 HMAC.3 HMAC_Update.3 \
520 HMAC.3 HMAC_cleanup.3 \
521 MD5.3 MD2.3 \
522 MD5.3 MD2_Final.3 \
523 MD5.3 MD2_Init.3 \
524 MD5.3 MD2_Update.3 \
525 MD5.3 MD4.3 \
526 MD5.3 MD4_Final.3 \
527 MD5.3 MD4_Init.3 \
528 MD5.3 MD4_Update.3 \
529 MD5.3 MD5_Final.3 \
530 MD5.3 MD5_Init.3 \
531 MD5.3 MD5_Update.3 \
532 MDC2.3 MDC2_Final.3 \
533 MDC2.3 MDC2_Init.3 \
534 MDC2.3 MDC2_Update.3 \
535 OPENSSL_VERSION_NUMBER.3 SSLeay.3 \
536 OPENSSL_VERSION_NUMBER.3 SSLeay_version.3 \
537 OpenSSL_add_all_algorithms.3 EVP_cleanup.3 \
538 OpenSSL_add_all_algorithms.3 OpenSSL_add_all_ciphers.3 \
539 OpenSSL_add_all_algorithms.3 OpenSSL_add_all_digests.3 \
540 RAND_add.3 RAND_event.3 \
541 RAND_add.3 RAND_screen.3 \
542 RAND_add.3 RAND_seed.3 \
543 RAND_add.3 RAND_status.3 \
544 RAND_bytes.3 RAND_pseudo_bytes.3 \
545 RAND_bytes.3 RAND_pseudo_bytes.3 \
546 RAND_egd.3 RAND_egd_bytes.3 \
547 RAND_load_file.3 RAND_file_name.3 \
548 RAND_load_file.3 RAND_file_name.3 \
549 RAND_load_file.3 RAND_write_file.3 \
550 RAND_load_file.3 RAND_write_file.3 \
551 RAND_set_rand_method.3 RAND_SSLeay.3 \
552 RAND_set_rand_method.3 RAND_SSLeay.3 \
553 RAND_set_rand_method.3 RAND_get_rand_method.3 \
554 RAND_set_rand_method.3 RAND_get_rand_method.3 \
555 RC4.3 RC4_set_key.3 \
556 RIPEMD160.3 RIPEMD160_Final.3 \
557 RIPEMD160.3 RIPEMD160_Init.3 \
558 RIPEMD160.3 RIPEMD160_Update.3 \
559 RSA_blinding_on.3 RSA_blinding_off.3 \
560 RSA_get_ex_new_index.3 RSA_get_ex_data.3 \
561 RSA_get_ex_new_index.3 RSA_set_ex_data.3 \
562 RSA_new.3 RSA_free.3 \
563 RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_PKCS1_OAEP.3 \
564 RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_PKCS1_type_2.3 \
565 RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_SSLv23.3 \
566 RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_none.3 \
567 RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_PKCS1_OAEP.3 \
568 RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_PKCS1_type_1.3 \
569 RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_PKCS1_type_2.3 \
570 RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_SSLv23.3 \
571 RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_none.3 \
572 RSA_print.3 DHparams_print.3 \
573 RSA_print.3 DHparams_print.3 \
574 RSA_print.3 DHparams_print_fp.3 \
575 RSA_print.3 DHparams_print_fp.3 \
576 RSA_print.3 DSA_print.3 \
577 RSA_print.3 DSA_print_fp.3 \
578 RSA_print.3 DSA_print_fp.3 \
579 RSA_print.3 DSAparams_print.3 \
580 RSA_print.3 DSAparams_print.3 \
581 RSA_print.3 DSAparams_print_fp.3 \
582 RSA_print.3 DSAparams_print_fp.3 \
583 RSA_print.3 RSA_print_fp.3 \
584 RSA_print.3 RSA_print_fp.3 \
585 RSA_private_encrypt.3 RSA_public_decrypt.3 \
586 RSA_public_encrypt.3 RSA_private_decrypt.3 \
587 RSA_set_method.3 RSA_PKCS1_RSAref.3 \
588 RSA_set_method.3 RSA_PKCS1_SSLeay.3 \
589 RSA_set_method.3 RSA_flags.3 \
590 RSA_set_method.3 RSA_get_default_method.3 \
591 RSA_set_method.3 RSA_get_default_openssl_method.3 \
592 RSA_set_method.3 RSA_get_method.3 \
593 RSA_set_method.3 RSA_new_method.3 \
594 RSA_set_method.3 RSA_null_method.3 \
595 RSA_set_method.3 RSA_set_default_method.3 \
596 RSA_set_method.3 RSA_set_default_openssl_method.3 \
597 RSA_sign.3 RSA_verify.3 \
598 RSA_sign_ASN1_OCTET_STRING.3 RSA_verify_ASN1_OCTET_STRING.3 \
599 SHA1.3 SHA1_Final.3 \
600 SHA1.3 SHA1_Init.3 \
601 SHA1.3 SHA1_Update.3 \
602 SSL_CIPHER_get_name.3 SSL_CIPHER_description.3 \
603 SSL_CIPHER_get_name.3 SSL_CIPHER_get_bits.3 \
604 SSL_CIPHER_get_name.3 SSL_CIPHER_get_version.3 \
605 SSL_CTX_add_session.3 SSL_CTX_remove_session.3 \
606 SSL_CTX_add_session.3 SSL_add_session.3 \
607 SSL_CTX_add_session.3 SSL_remove_session.3 \
608 SSL_CTX_ctrl.3 SSL_CTX_callback_ctrl.3 \
609 SSL_CTX_ctrl.3 SSL_callback_ctrl.3 \
610 SSL_CTX_ctrl.3 SSL_ctrl.3 \
611 SSL_CTX_flush_sessions.3 SSL_flush_sessions.3 \
612 SSL_CTX_get_ex_new_index.3 SSL_CTX_get_ex_data.3 \
613 SSL_CTX_get_ex_new_index.3 SSL_CTX_set_ex_data.3 \
614 SSL_CTX_get_verify_mode.3 SSL_CTX_get_verify_callback.3 \
615 SSL_CTX_get_verify_mode.3 SSL_CTX_get_verify_depth.3 \
616 SSL_CTX_get_verify_mode.3 SSL_get_verify_callback.3 \
617 SSL_CTX_get_verify_mode.3 SSL_get_verify_depth.3 \
618 SSL_CTX_get_verify_mode.3 SSL_get_verify_mode.3 \
619 SSL_CTX_sess_number.3 SSL_CTX_sess_accept.3 \
620 SSL_CTX_sess_number.3 SSL_CTX_sess_accept_good.3 \
621 SSL_CTX_sess_number.3 SSL_CTX_sess_accept_renegotiate.3 \
622 SSL_CTX_sess_number.3 SSL_CTX_sess_cache_full.3 \
623 SSL_CTX_sess_number.3 SSL_CTX_sess_cb_hits.3 \
624 SSL_CTX_sess_number.3 SSL_CTX_sess_connect.3 \
625 SSL_CTX_sess_number.3 SSL_CTX_sess_connect_good.3 \
626 SSL_CTX_sess_number.3 SSL_CTX_sess_connect_renegotiate.3 \
627 SSL_CTX_sess_number.3 SSL_CTX_sess_hits.3 \
628 SSL_CTX_sess_number.3 SSL_CTX_sess_misses.3 \
629 SSL_CTX_sess_number.3 SSL_CTX_sess_timeouts.3 \
630 SSL_CTX_sess_set_cache_size.3 SSL_CTX_sess_get_cache_size.3 \
631 SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_get_cb.3 \
632 SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_new_cb.3 \
633 SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_remove_cb.3 \
634 SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_set_new_cb.3 \
635 SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_set_remove.3 \
636 SSL_CTX_set_cert_store.3 SSL_CTX_get_cert_store.3 \
637 SSL_CTX_set_cipher_list.3 SSL_set_cipher_list.3 \
638 SSL_CTX_set_client_CA_list.3 SSL_CTX_add_client_CA.3 \
639 SSL_CTX_set_client_CA_list.3 SSL_add_client_CA.3 \
640 SSL_CTX_set_client_CA_list.3 SSL_set_client_CA_list.3 \
641 SSL_CTX_set_default_passwd_cb.3 \
642 SSL_CTX_set_default_passwd_cb_userdata.3 \
643 SSL_CTX_set_max_cert_list.3 SSL_CTX_get_max_cert_list.3 \
644 SSL_CTX_set_max_cert_list.3 SSL_get_max_cert_list.3 \
645 SSL_CTX_set_max_cert_list.3 SSL_set_max_cert_list.3 \
646 SSL_CTX_set_mode.3 SSL_CTX_get_mode.3 \
647 SSL_CTX_set_mode.3 SSL_get_mode.3 \
648 SSL_CTX_set_mode.3 SSL_set_mode.3 \
649 SSL_CTX_set_msg_callback.3 SSL_CTX_set_msg_callback_arg.3 \
650 SSL_CTX_set_msg_callback.3 SSL_set_msg_callback.3 \
651 SSL_CTX_set_msg_callback.3 SSL_set_msg_callback_arg.3 \
652 SSL_CTX_set_options.3 SSL_CTX_get_options.3 \
653 SSL_CTX_set_options.3 SSL_get_options.3 \
654 SSL_CTX_set_options.3 SSL_set_options.3 \
655 SSL_CTX_set_quiet_shutdown.3 SSL_CTX_get_quiet_shutdown.3 \
656 SSL_CTX_set_quiet_shutdown.3 SSL_get_quiet_shutdown.3 \
657 SSL_CTX_set_quiet_shutdown.3 SSL_set_quiet_shutdown.3 \
658 SSL_CTX_set_session_cache_mode.3 SSL_CTX_get_session_cache_mode.3 \
659 SSL_CTX_set_session_id_context.3 SSL_set_session_id_context.3 \
660 SSL_CTX_set_ssl_version.3 SSL_get_ssl_method.3 \
661 SSL_CTX_set_ssl_version.3 SSL_set_ssl_method.3 \
662 SSL_CTX_set_timeout.3 SSL_CTX_get_timeout.3 \
663 SSL_CTX_set_tmp_dh_callback.3 SSL_CTX_set_tmp_dh.3 \
664 SSL_CTX_set_tmp_dh_callback.3 SSL_set_tmp_dh.3 \
665 SSL_CTX_set_tmp_dh_callback.3 SSL_set_tmp_dh_callback.3 \
666 SSL_CTX_set_tmp_rsa_callback.3 SSL_CTX_need_tmp_rsa.3 \
667 SSL_CTX_set_tmp_rsa_callback.3 SSL_CTX_set_tmp_rsa.3 \
668 SSL_CTX_set_tmp_rsa_callback.3 SSL_need_tmp_rsa.3 \
669 SSL_CTX_set_tmp_rsa_callback.3 SSL_set_tmp_rsa.3 \
670 SSL_CTX_set_tmp_rsa_callback.3 SSL_set_tmp_rsa_callback.3 \
671 SSL_CTX_set_verify.3 SSL_CTX_set_verify_depth.3 \
672 SSL_CTX_set_verify.3 SSL_set_verify.3 \
673 SSL_CTX_set_verify.3 SSL_set_verify_depth.3 \
674 SSL_CTX_use_certificate.3 SSL_CTX_check_private_key.3 \
675 SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey.3 \
676 SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey_ASN1.3 \
677 SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey_file.3 \
678 SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey.3 \
679 SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey_ASN1.3 \
680 SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey_file.3 \
681 SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_ASN1.3 \
682 SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_chain_file.3 \
683 SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_file.3 \
684 SSL_CTX_use_certificate.3 SSL_check_private_key.3 \
685 SSL_CTX_use_certificate.3 SSL_use_PrivateKey.3 \
686 SSL_CTX_use_certificate.3 SSL_use_PrivateKey_ASN1.3 \
687 SSL_CTX_use_certificate.3 SSL_use_PrivateKey_file.3 \
688 SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey.3 \
689 SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey_ASN1.3 \
690 SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey_file.3 \
691 SSL_CTX_use_certificate.3 SSL_use_certificate.3 \
692 SSL_CTX_use_certificate.3 SSL_use_certificate_ASN1.3 \
693 SSL_CTX_use_certificate.3 SSL_use_certificate_file.3 \
694 SSL_SESSION_get_ex_new_index.3 SSL_SESSION_get_ex_data.3 \
695 SSL_SESSION_get_ex_new_index.3 SSL_SESSION_set_ex_data.3 \
696 SSL_SESSION_get_time.3 SSL_SESSION_get_timeout.3 \
697 SSL_SESSION_get_time.3 SSL_SESSION_set_time.3 \
698 SSL_SESSION_get_time.3 SSL_SESSION_set_timeout.3 \
699 SSL_SESSION_get_time.3 SSL_get_time.3 \
700 SSL_SESSION_get_time.3 SSL_get_timeout.3 \
701 SSL_SESSION_get_time.3 SSL_set_time.3 \
702 SSL_SESSION_get_time.3 SSL_set_timeout.3 \
703 SSL_alert_type_string.3 SSL_alert_desc_string.3 \
704 SSL_alert_type_string.3 SSL_alert_desc_string_long.3 \
705 SSL_alert_type_string.3 SSL_alert_type_string_long.3 \
706 SSL_get_ciphers.3 SSL_get_cipher_list.3 \
707 SSL_get_client_CA_list.3 SSL_CTX_get_client_CA_list.3 \
708 SSL_get_current_cipher.3 SSL_get_cipher.3 \
709 SSL_get_current_cipher.3 SSL_get_cipher_bits.3 \
710 SSL_get_current_cipher.3 SSL_get_cipher_name.3 \
711 SSL_get_current_cipher.3 SSL_get_cipher_version.3 \
712 SSL_get_ex_new_index.3 SSL_get_ex_data.3 \
713 SSL_get_ex_new_index.3 SSL_set_ex_data.3 \
714 SSL_get_fd.3 SSL_get_rfd.3 \
715 SSL_get_fd.3 SSL_get_wfd.3 \
716 SSL_get_rbio.3 SSL_get_wbio.3 \
717 SSL_get_session.3 SSL_get0_session.3 \
718 SSL_get_session.3 SSL_get1_session.3 \
719 SSL_library_init.3 OpenSSL_add_ssl_algorithms.3 \
720 SSL_library_init.3 SSLeay_add_ssl_algorithms.3 \
721 SSL_rstate_string.3 SSL_rstate_string_long.3 \
722 SSL_set_connect_state.3 SSL_set_accept_state.3 \
723 SSL_set_fd.3 SSL_set_rfd.3 \
724 SSL_set_fd.3 SSL_set_wfd.3 \
725 SSL_set_shutdown.3 SSL_get_shutdown.3 \
726 SSL_state_string.3 SSL_state_string_long.3 \
727 SSL_want.3 SSL_want_nothing.3 \
728 SSL_want.3 SSL_want_read.3 \
729 SSL_want.3 SSL_want_write.3 \
730 SSL_want.3 SSL_want_x509_lookup.3 \
731 blowfish.3 BF_cbc.3 \
732 blowfish.3 BF_cbc_encrypt.3 \
733 blowfish.3 BF_cfb64_encrypt.3 \
734 blowfish.3 BF_decrypt.3 \
735 blowfish.3 BF_ecb.3 \
736 blowfish.3 BF_ecb_encrypt.3 \
737 blowfish.3 BF_encrypt.3 \
738 blowfish.3 BF_ofb64_encrypt.3 \
739 blowfish.3 BF_options.3 \
740 blowfish.3 BF_set_key.3 \
741 bn_internal.3 bn_add_words.3 \
742 bn_internal.3 bn_check_top.3 \
743 bn_internal.3 bn_cmp_words.3 \
744 bn_internal.3 bn_div_words.3 \
745 bn_internal.3 bn_dump.3 \
746 bn_internal.3 bn_expand.3 \
747 bn_internal.3 bn_expand2.3 \
748 bn_internal.3 bn_fix_top.3 \
749 bn_internal.3 bn_mul_add_words.3 \
750 bn_internal.3 bn_mul_comba4.3 \
751 bn_internal.3 bn_mul_comba8.3 \
752 bn_internal.3 bn_mul_high.3 \
753 bn_internal.3 bn_mul_low_normal.3 \
754 bn_internal.3 bn_mul_low_recursive.3 \
755 bn_internal.3 bn_mul_normal.3 \
756 bn_internal.3 bn_mul_part_recursive.3 \
757 bn_internal.3 bn_mul_recursive.3 \
758 bn_internal.3 bn_mul_words.3 \
759 bn_internal.3 bn_print.3 \
760 bn_internal.3 bn_set_high.3 \
761 bn_internal.3 bn_set_low.3 \
762 bn_internal.3 bn_set_max.3 \
763 bn_internal.3 bn_sqr_comba4.3 \
764 bn_internal.3 bn_sqr_comba8.3 \
765 bn_internal.3 bn_sqr_normal.3 \
766 bn_internal.3 bn_sqr_recursive.3 \
767 bn_internal.3 bn_sqr_words.3 \
768 bn_internal.3 bn_sub_words.3 \
769 bn_internal.3 bn_wexpand.3 \
770 bn_internal.3 mul.3 \
771 bn_internal.3 mul_add.3 \
772 bn_internal.3 sqr.3 \
773 d2i_DHparams.3 i2d_DHparams.3 \
774 d2i_RSAPublicKey.3 d2i_Netscape_RSA.3 \
775 d2i_RSAPublicKey.3 d2i_RSAPrivateKey.3 \
776 d2i_RSAPublicKey.3 i2d_Netscape_RSA.3 \
777 d2i_RSAPublicKey.3 i2d_RSAPrivateKey.3 \
778 d2i_RSAPublicKey.3 i2d_RSAPublicKey.3 \
779 d2i_SSL_SESSION.3 i2d_SSL_SESSION.3 \
780 des_crypt.3 des_string_to_2keys.3 \
781 des_random_key.3 des_cbc_cksum.3 \
782 des_random_key.3 des_cfb64_encrypt.3 \
783 des_random_key.3 des_cfb_encrypt.3 \
784 des_random_key.3 des_crypt.3 \
785 des_random_key.3 des_ecb2_encrypt.3 \
786 des_random_key.3 des_ecb3_encrypt.3 \
787 des_random_key.3 des_ecb_encrypt.3 \
788 des_random_key.3 des_ede2_cbc_encrypt.3 \
789 des_random_key.3 des_ede2_cfb64_encrypt.3 \
790 des_random_key.3 des_ede2_ofb64_encrypt.3 \
791 des_random_key.3 des_ede3_cbc_encrypt.3 \
792 des_random_key.3 des_ede3_cbcm_encrypt.3 \
793 des_random_key.3 des_ede3_cfb64_encrypt.3 \
794 des_random_key.3 des_ede3_ofb64_encrypt.3 \
795 des_random_key.3 des_enc_read.3 \
796 des_random_key.3 des_enc_write.3 \
797 des_random_key.3 des_fcrypt.3 \
798 des_random_key.3 des_is_weak_key.3 \
799 des_random_key.3 des_key_sched.3 \
800 des_random_key.3 des_ncbc_encrypt.3 \
801 des_random_key.3 des_ofb64_encrypt.3 \
802 des_random_key.3 des_ofb_encrypt.3 \
803 des_random_key.3 des_pcbc_encrypt.3 \
804 des_random_key.3 des_quad_cksum.3 \
805 des_random_key.3 des_read_2passwords.3 \
806 des_random_key.3 des_read_password.3 \
807 des_random_key.3 des_read_pw_string.3 \
808 des_random_key.3 des_set_key.3 \
809 des_random_key.3 des_set_key_checked.3 \
810 des_random_key.3 des_set_key_unchecked.3 \
811 des_random_key.3 des_set_odd_parity.3 \
812 des_random_key.3 des_string_to_2keys.3 \
813 des_random_key.3 des_string_to_key.3 \
814 des_random_key.3 des_xcbc_encrypt.3 \
815 dsa.3 DSA_OpenSSL.3 \
816 dsa.3 DSA_SIG_free.3 \
817 dsa.3 DSA_do_verify.3 \
818 dsa.3 DSA_free.3 \
819 dsa.3 DSA_get_default_method.3 \
820 dsa.3 DSA_get_ex_data.3 \
821 dsa.3 DSA_new_method.3 \
822 dsa.3 DSA_set_default_method.3 \
823 dsa.3 DSA_set_ex_data.3 \
824 dsa.3 DSA_sign_setup.3 \
825 dsa.3 DSA_verify.3 \
826 dsa.3 d2i_DSAPrivateKey.3 \
827 dsa.3 d2i_DSAPublicKey.3 \
828 dsa.3 d2i_DSA_SIG.3 \
829 dsa.3 d2i_DSAparams.3 \
830 dsa.3 i2d_DSAPrivateKey.3 \
831 dsa.3 i2d_DSAPublicKey.3 \
832 dsa.3 i2d_DSA_SIG.3 \
833 dsa.3 i2d_DSAparams.3 \
834 lh_stats.3 lh_node_stats.3 \
835 lh_stats.3 lh_node_stats_bio.3 \
836 lh_stats.3 lh_node_usage_stats.3 \
837 lh_stats.3 lh_node_usage_stats_bio.3 \
838 lh_stats.3 lh_stats_bio.3 \
839 lhash.3 lh_delete.3 \
840 lhash.3 lh_doall.3 \
841 lhash.3 lh_doall_arg.3 \
842 lhash.3 lh_error.3 \
843 lhash.3 lh_free.3 \
844 lhash.3 lh_insert.3 \
845 lhash.3 lh_new.3 \
846 lhash.3 lh_retrieve.3
847
848.include <bsd.man.mk>
849.else
850maninstall:
851
852.endif
853
854# XXX .PATH order is critical because of non-unique filenames
855.PATH: ${.CURDIR}/../src/doc/crypto ${.CURDIR}/../src/doc/ssl ${.CURDIR}/../src/doc/apps
856.SUFFIXES: .pod
857.pod.cat3:
858 ( cd `dirname ${.ALLSRC}` && pod2man --section=3 --official \
859 --center='OpenSSL' --release="OpenBSD `uname -r`" \
860 `basename ${.ALLSRC}` ) | nroff -Tascii -man > ${.TARGET}
861.pod.cat7:
862 ( cd `dirname ${.ALLSRC}` && pod2man --section=7 --official \
863 --center='OpenSSL' --release="OpenBSD `uname -r`" \
864 `basename ${.ALLSRC}` ) | nroff -Tascii -man > ${.TARGET}
865.pod.cat1:
866 ( cd `dirname ${.ALLSRC}` && pod2man --section=1 --official \
867 --center='OpenSSL' --release="OpenBSD `uname -r`" \
868 `basename ${.ALLSRC}` ) | nroff -Tascii -man > ${.TARGET}
869
870.pod.ps3:
871 ( cd `dirname ${.ALLSRC}` && pod2man --section=3 --official \
872 --center='OpenSSL' --release="OpenBSD `uname -r`" \
873 `basename ${.ALLSRC}` ) | nroff -Tps -man > ${.TARGET}
874.pod.ps7:
875 ( cd `dirname ${.ALLSRC}` && pod2man --section=7 --official \
876 --center='OpenSSL' --release="OpenBSD `uname -r`" \
877 `basename ${.ALLSRC}` ) | nroff -Tps -man > ${.TARGET}
878.pod.ps1:
879 ( cd `dirname ${.ALLSRC}` && pod2man --section=1 --official \
880 --center='OpenSSL' --release="OpenBSD `uname -r`" \
881 `basename ${.ALLSRC}` ) | nroff -Tps -man > ${.TARGET}
882
883.include <bsd.obj.mk>
884.include <bsd.subdir.mk>
885
886CLEANFILES+=\
887 BUF_MEM_new.pm \
888 CRYPTO_set_locking_callback.pm \
889 HMAC.pm \
890 MDC2.pm \
891 RC4.pm \
892 RIPEMD160.pm \
893 SHA1.pm \
894 des_random_key.pm \
895 MD5.pm \
896
897clean:
898 rm -f ${CLEANFILES}
diff --git a/src/lib/libssl/openssl.cnf b/src/lib/libssl/openssl.cnf
new file mode 100644
index 0000000000..bb97b155b8
--- /dev/null
+++ b/src/lib/libssl/openssl.cnf
@@ -0,0 +1,65 @@
1#
2# OpenSSL example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = /dev/arandom
7
8####################################################################
9[ req ]
10default_bits = 1024
11default_keyfile = privkey.pem
12distinguished_name = req_distinguished_name
13attributes = req_attributes
14
15[ req_distinguished_name ]
16countryName = Country Name (2 letter code)
17#countryName_default = AU
18countryName_min = 2
19countryName_max = 2
20
21stateOrProvinceName = State or Province Name (full name)
22#stateOrProvinceName_default = Some-State
23
24localityName = Locality Name (eg, city)
25
260.organizationName = Organization Name (eg, company)
27#0.organizationName_default = Internet Widgits Pty Ltd
28
29# we can do this but it is not needed normally :-)
30#1.organizationName = Second Organization Name (eg, company)
31#1.organizationName_default = CryptSoft Pty Ltd
32
33organizationalUnitName = Organizational Unit Name (eg, section)
34#organizationalUnitName_default =
35
36commonName = Common Name (eg, fully qualified host name)
37commonName_max = 64
38
39emailAddress = Email Address
40emailAddress_max = 64
41
42[ req_attributes ]
43challengePassword = A challenge password
44challengePassword_min = 4
45challengePassword_max = 20
46
47unstructuredName = An optional company name
48
49[ x509v3_extensions ]
50
51nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
52nsComment = "This is a comment"
53
54# under ASN.1, the 0 bit would be encoded as 80
55nsCertType = 0x40
56
57#nsBaseUrl
58#nsRevocationUrl
59#nsRenewalUrl
60#nsCaPolicyUrl
61#nsSslServerName
62#nsCertSequence
63#nsCertExt
64#nsDataType
65
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
new file mode 100644
index 0000000000..b2be8340fb
--- /dev/null
+++ b/src/lib/libssl/s23_clnt.c
@@ -0,0 +1,480 @@
1/* ssl/s23_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "ssl_locl.h"
65
66static SSL_METHOD *ssl23_get_client_method(int ver);
67static int ssl23_client_hello(SSL *s);
68static int ssl23_get_server_hello(SSL *s);
69static SSL_METHOD *ssl23_get_client_method(int ver)
70 {
71#ifndef OPENSSL_NO_SSL2
72 if (ver == SSL2_VERSION)
73 return(SSLv2_client_method());
74#endif
75 if (ver == SSL3_VERSION)
76 return(SSLv3_client_method());
77 else if (ver == TLS1_VERSION)
78 return(TLSv1_client_method());
79 else
80 return(NULL);
81 }
82
83SSL_METHOD *SSLv23_client_method(void)
84 {
85 static int init=1;
86 static SSL_METHOD SSLv23_client_data;
87
88 if (init)
89 {
90 memcpy((char *)&SSLv23_client_data,
91 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
92 SSLv23_client_data.ssl_connect=ssl23_connect;
93 SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
94 init=0;
95 }
96 return(&SSLv23_client_data);
97 }
98
99int ssl23_connect(SSL *s)
100 {
101 BUF_MEM *buf;
102 unsigned long Time=time(NULL);
103 void (*cb)(const SSL *ssl,int type,int val)=NULL;
104 int ret= -1;
105 int new_state,state;
106
107 RAND_add(&Time,sizeof(Time),0);
108 ERR_clear_error();
109 clear_sys_error();
110
111 if (s->info_callback != NULL)
112 cb=s->info_callback;
113 else if (s->ctx->info_callback != NULL)
114 cb=s->ctx->info_callback;
115
116 s->in_handshake++;
117 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
118
119 for (;;)
120 {
121 state=s->state;
122
123 switch(s->state)
124 {
125 case SSL_ST_BEFORE:
126 case SSL_ST_CONNECT:
127 case SSL_ST_BEFORE|SSL_ST_CONNECT:
128 case SSL_ST_OK|SSL_ST_CONNECT:
129
130 if (s->session != NULL)
131 {
132 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);
133 ret= -1;
134 goto end;
135 }
136 s->server=0;
137 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
138
139 /* s->version=TLS1_VERSION; */
140 s->type=SSL_ST_CONNECT;
141
142 if (s->init_buf == NULL)
143 {
144 if ((buf=BUF_MEM_new()) == NULL)
145 {
146 ret= -1;
147 goto end;
148 }
149 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
150 {
151 ret= -1;
152 goto end;
153 }
154 s->init_buf=buf;
155 }
156
157 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
158
159 ssl3_init_finished_mac(s);
160
161 s->state=SSL23_ST_CW_CLNT_HELLO_A;
162 s->ctx->stats.sess_connect++;
163 s->init_num=0;
164 break;
165
166 case SSL23_ST_CW_CLNT_HELLO_A:
167 case SSL23_ST_CW_CLNT_HELLO_B:
168
169 s->shutdown=0;
170 ret=ssl23_client_hello(s);
171 if (ret <= 0) goto end;
172 s->state=SSL23_ST_CR_SRVR_HELLO_A;
173 s->init_num=0;
174
175 break;
176
177 case SSL23_ST_CR_SRVR_HELLO_A:
178 case SSL23_ST_CR_SRVR_HELLO_B:
179 ret=ssl23_get_server_hello(s);
180 if (ret >= 0) cb=NULL;
181 goto end;
182 /* break; */
183
184 default:
185 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
186 ret= -1;
187 goto end;
188 /* break; */
189 }
190
191 if (s->debug) { (void)BIO_flush(s->wbio); }
192
193 if ((cb != NULL) && (s->state != state))
194 {
195 new_state=s->state;
196 s->state=state;
197 cb(s,SSL_CB_CONNECT_LOOP,1);
198 s->state=new_state;
199 }
200 }
201end:
202 s->in_handshake--;
203 if (cb != NULL)
204 cb(s,SSL_CB_CONNECT_EXIT,ret);
205 return(ret);
206 }
207
208
209static int ssl23_client_hello(SSL *s)
210 {
211 unsigned char *buf;
212 unsigned char *p,*d;
213 int i,ch_len;
214 int ret;
215
216 buf=(unsigned char *)s->init_buf->data;
217 if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
218 {
219#if 0
220 /* don't reuse session-id's */
221 if (!ssl_get_new_session(s,0))
222 {
223 return(-1);
224 }
225#endif
226
227 p=s->s3->client_random;
228 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
229
230 /* Do the message type and length last */
231 d= &(buf[2]);
232 p=d+9;
233
234 *(d++)=SSL2_MT_CLIENT_HELLO;
235 if (!(s->options & SSL_OP_NO_TLSv1))
236 {
237 *(d++)=TLS1_VERSION_MAJOR;
238 *(d++)=TLS1_VERSION_MINOR;
239 s->client_version=TLS1_VERSION;
240 }
241 else if (!(s->options & SSL_OP_NO_SSLv3))
242 {
243 *(d++)=SSL3_VERSION_MAJOR;
244 *(d++)=SSL3_VERSION_MINOR;
245 s->client_version=SSL3_VERSION;
246 }
247 else if (!(s->options & SSL_OP_NO_SSLv2))
248 {
249 *(d++)=SSL2_VERSION_MAJOR;
250 *(d++)=SSL2_VERSION_MINOR;
251 s->client_version=SSL2_VERSION;
252 }
253 else
254 {
255 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
256 return(-1);
257 }
258
259 /* Ciphers supported */
260 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
261 if (i == 0)
262 {
263 /* no ciphers */
264 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
265 return(-1);
266 }
267 s2n(i,d);
268 p+=i;
269
270 /* put in the session-id, zero since there is no
271 * reuse. */
272#if 0
273 s->session->session_id_length=0;
274#endif
275 s2n(0,d);
276
277 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
278 ch_len=SSL2_CHALLENGE_LENGTH;
279 else
280 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
281
282 /* write out sslv2 challenge */
283 if (SSL3_RANDOM_SIZE < ch_len)
284 i=SSL3_RANDOM_SIZE;
285 else
286 i=ch_len;
287 s2n(i,d);
288 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
289 RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
290 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
291 p+=i;
292
293 i= p- &(buf[2]);
294 buf[0]=((i>>8)&0xff)|0x80;
295 buf[1]=(i&0xff);
296
297 s->state=SSL23_ST_CW_CLNT_HELLO_B;
298 /* number of bytes to write */
299 s->init_num=i+2;
300 s->init_off=0;
301
302 ssl3_finish_mac(s,&(buf[2]),i);
303 }
304
305 /* SSL3_ST_CW_CLNT_HELLO_B */
306 ret = ssl23_write_bytes(s);
307 if (ret >= 2)
308 if (s->msg_callback)
309 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
310 return ret;
311 }
312
313static int ssl23_get_server_hello(SSL *s)
314 {
315 char buf[8];
316 unsigned char *p;
317 int i;
318 int n;
319
320 n=ssl23_read_bytes(s,7);
321
322 if (n != 7) return(n);
323 p=s->packet;
324
325 memcpy(buf,p,n);
326
327 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
328 (p[5] == 0x00) && (p[6] == 0x02))
329 {
330#ifdef OPENSSL_NO_SSL2
331 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
332 goto err;
333#else
334 /* we are talking sslv2 */
335 /* we need to clean up the SSLv3 setup and put in the
336 * sslv2 stuff. */
337 int ch_len;
338
339 if (s->options & SSL_OP_NO_SSLv2)
340 {
341 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
342 goto err;
343 }
344 if (s->s2 == NULL)
345 {
346 if (!ssl2_new(s))
347 goto err;
348 }
349 else
350 ssl2_clear(s);
351
352 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
353 ch_len=SSL2_CHALLENGE_LENGTH;
354 else
355 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
356
357 /* write out sslv2 challenge */
358 i=(SSL3_RANDOM_SIZE < ch_len)
359 ?SSL3_RANDOM_SIZE:ch_len;
360 s->s2->challenge_length=i;
361 memcpy(s->s2->challenge,
362 &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
363
364 if (s->s3 != NULL) ssl3_free(s);
365
366 if (!BUF_MEM_grow(s->init_buf,
367 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
368 {
369 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
370 goto err;
371 }
372
373 s->state=SSL2_ST_GET_SERVER_HELLO_A;
374 if (!(s->client_version == SSL2_VERSION))
375 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
376 s->s2->ssl2_rollback=1;
377
378 /* setup the 5 bytes we have read so we get them from
379 * the sslv2 buffer */
380 s->rstate=SSL_ST_READ_HEADER;
381 s->packet_length=n;
382 s->packet= &(s->s2->rbuf[0]);
383 memcpy(s->packet,buf,n);
384 s->s2->rbuf_left=n;
385 s->s2->rbuf_offs=0;
386
387 /* we have already written one */
388 s->s2->write_sequence=1;
389
390 s->method=SSLv2_client_method();
391 s->handshake_func=s->method->ssl_connect;
392#endif
393 }
394 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
395 (p[1] == SSL3_VERSION_MAJOR) &&
396 ((p[2] == SSL3_VERSION_MINOR) ||
397 (p[2] == TLS1_VERSION_MINOR)) &&
398 (p[5] == SSL3_MT_SERVER_HELLO))
399 {
400 /* we have sslv3 or tls1 */
401
402 if (!ssl_init_wbio_buffer(s,1)) goto err;
403
404 /* we are in this state */
405 s->state=SSL3_ST_CR_SRVR_HELLO_A;
406
407 /* put the 5 bytes we have read into the input buffer
408 * for SSLv3 */
409 s->rstate=SSL_ST_READ_HEADER;
410 s->packet_length=n;
411 s->packet= &(s->s3->rbuf.buf[0]);
412 memcpy(s->packet,buf,n);
413 s->s3->rbuf.left=n;
414 s->s3->rbuf.offset=0;
415
416 if ((p[2] == SSL3_VERSION_MINOR) &&
417 !(s->options & SSL_OP_NO_SSLv3))
418 {
419 s->version=SSL3_VERSION;
420 s->method=SSLv3_client_method();
421 }
422 else if ((p[2] == TLS1_VERSION_MINOR) &&
423 !(s->options & SSL_OP_NO_TLSv1))
424 {
425 s->version=TLS1_VERSION;
426 s->method=TLSv1_client_method();
427 }
428 else
429 {
430 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
431 goto err;
432 }
433
434 s->handshake_func=s->method->ssl_connect;
435 }
436 else if ((p[0] == SSL3_RT_ALERT) &&
437 (p[1] == SSL3_VERSION_MAJOR) &&
438 ((p[2] == SSL3_VERSION_MINOR) ||
439 (p[2] == TLS1_VERSION_MINOR)) &&
440 (p[3] == 0) &&
441 (p[4] == 2))
442 {
443 void (*cb)(const SSL *ssl,int type,int val)=NULL;
444 int j;
445
446 /* An alert */
447 if (s->info_callback != NULL)
448 cb=s->info_callback;
449 else if (s->ctx->info_callback != NULL)
450 cb=s->ctx->info_callback;
451
452 i=p[5];
453 if (cb != NULL)
454 {
455 j=(i<<8)|p[6];
456 cb(s,SSL_CB_READ_ALERT,j);
457 }
458
459 s->rwstate=SSL_NOTHING;
460 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
461 goto err;
462 }
463 else
464 {
465 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
466 goto err;
467 }
468 s->init_num=0;
469
470 /* Since, if we are sending a ssl23 client hello, we are not
471 * reusing a session-id */
472 if (!ssl_get_new_session(s,0))
473 goto err;
474
475 s->first_packet=1;
476 return(SSL_connect(s));
477err:
478 return(-1);
479 }
480
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
new file mode 100644
index 0000000000..b70002a647
--- /dev/null
+++ b/src/lib/libssl/s23_lib.c
@@ -0,0 +1,236 @@
1/* ssl/s23_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63static int ssl23_num_ciphers(void );
64static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
65static int ssl23_read(SSL *s, void *buf, int len);
66static int ssl23_peek(SSL *s, void *buf, int len);
67static int ssl23_write(SSL *s, const void *buf, int len);
68static long ssl23_default_timeout(void );
69static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
70static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
71const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
72
73static SSL_METHOD SSLv23_data= {
74 TLS1_VERSION,
75 tls1_new,
76 tls1_clear,
77 tls1_free,
78 ssl_undefined_function,
79 ssl_undefined_function,
80 ssl23_read,
81 ssl23_peek,
82 ssl23_write,
83 ssl_undefined_function,
84 ssl_undefined_function,
85 ssl_ok,
86 ssl3_ctrl,
87 ssl3_ctx_ctrl,
88 ssl23_get_cipher_by_char,
89 ssl23_put_cipher_by_char,
90 ssl_undefined_function,
91 ssl23_num_ciphers,
92 ssl23_get_cipher,
93 ssl_bad_method,
94 ssl23_default_timeout,
95 &ssl3_undef_enc_method,
96 ssl_undefined_function,
97 ssl3_callback_ctrl,
98 ssl3_ctx_callback_ctrl,
99 };
100
101static long ssl23_default_timeout(void)
102 {
103 return(300);
104 }
105
106SSL_METHOD *sslv23_base_method(void)
107 {
108 return(&SSLv23_data);
109 }
110
111static int ssl23_num_ciphers(void)
112 {
113 return(ssl3_num_ciphers()
114#ifndef OPENSSL_NO_SSL2
115 + ssl2_num_ciphers()
116#endif
117 );
118 }
119
120static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
121 {
122 unsigned int uu=ssl3_num_ciphers();
123
124 if (u < uu)
125 return(ssl3_get_cipher(u));
126 else
127#ifndef OPENSSL_NO_SSL2
128 return(ssl2_get_cipher(u-uu));
129#else
130 return(NULL);
131#endif
132 }
133
134/* This function needs to check if the ciphers required are actually
135 * available */
136static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
137 {
138 SSL_CIPHER c,*cp;
139 unsigned long id;
140 int n;
141
142 n=ssl3_num_ciphers();
143 id=0x03000000|((unsigned long)p[0]<<16L)|
144 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
145 c.id=id;
146 cp=ssl3_get_cipher_by_char(p);
147#ifndef OPENSSL_NO_SSL2
148 if (cp == NULL)
149 cp=ssl2_get_cipher_by_char(p);
150#endif
151 return(cp);
152 }
153
154static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
155 {
156 long l;
157
158 /* We can write SSLv2 and SSLv3 ciphers */
159 if (p != NULL)
160 {
161 l=c->id;
162 p[0]=((unsigned char)(l>>16L))&0xFF;
163 p[1]=((unsigned char)(l>> 8L))&0xFF;
164 p[2]=((unsigned char)(l ))&0xFF;
165 }
166 return(3);
167 }
168
169static int ssl23_read(SSL *s, void *buf, int len)
170 {
171 int n;
172
173 clear_sys_error();
174 if (SSL_in_init(s) && (!s->in_handshake))
175 {
176 n=s->handshake_func(s);
177 if (n < 0) return(n);
178 if (n == 0)
179 {
180 SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
181 return(-1);
182 }
183 return(SSL_read(s,buf,len));
184 }
185 else
186 {
187 ssl_undefined_function(s);
188 return(-1);
189 }
190 }
191
192static int ssl23_peek(SSL *s, void *buf, int len)
193 {
194 int n;
195
196 clear_sys_error();
197 if (SSL_in_init(s) && (!s->in_handshake))
198 {
199 n=s->handshake_func(s);
200 if (n < 0) return(n);
201 if (n == 0)
202 {
203 SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
204 return(-1);
205 }
206 return(SSL_peek(s,buf,len));
207 }
208 else
209 {
210 ssl_undefined_function(s);
211 return(-1);
212 }
213 }
214
215static int ssl23_write(SSL *s, const void *buf, int len)
216 {
217 int n;
218
219 clear_sys_error();
220 if (SSL_in_init(s) && (!s->in_handshake))
221 {
222 n=s->handshake_func(s);
223 if (n < 0) return(n);
224 if (n == 0)
225 {
226 SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
227 return(-1);
228 }
229 return(SSL_write(s,buf,len));
230 }
231 else
232 {
233 ssl_undefined_function(s);
234 return(-1);
235 }
236 }
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
new file mode 100644
index 0000000000..f45e1ce3d8
--- /dev/null
+++ b/src/lib/libssl/s23_pkt.c
@@ -0,0 +1,117 @@
1/* ssl/s23_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#define USE_SOCKETS
62#include <openssl/evp.h>
63#include <openssl/buffer.h>
64#include "ssl_locl.h"
65
66int ssl23_write_bytes(SSL *s)
67 {
68 int i,num,tot;
69 char *buf;
70
71 buf=s->init_buf->data;
72 tot=s->init_off;
73 num=s->init_num;
74 for (;;)
75 {
76 s->rwstate=SSL_WRITING;
77 i=BIO_write(s->wbio,&(buf[tot]),num);
78 if (i <= 0)
79 {
80 s->init_off=tot;
81 s->init_num=num;
82 return(i);
83 }
84 s->rwstate=SSL_NOTHING;
85 if (i == num) return(tot+i);
86
87 num-=i;
88 tot+=i;
89 }
90 }
91
92/* return regularly only when we have read (at least) 'n' bytes */
93int ssl23_read_bytes(SSL *s, int n)
94 {
95 unsigned char *p;
96 int j;
97
98 if (s->packet_length < (unsigned int)n)
99 {
100 p=s->packet;
101
102 for (;;)
103 {
104 s->rwstate=SSL_READING;
105 j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
106 n-s->packet_length);
107 if (j <= 0)
108 return(j);
109 s->rwstate=SSL_NOTHING;
110 s->packet_length+=j;
111 if (s->packet_length >= (unsigned int)n)
112 return(s->packet_length);
113 }
114 }
115 return(n);
116 }
117
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
new file mode 100644
index 0000000000..9e89cc7f9a
--- /dev/null
+++ b/src/lib/libssl/s23_srvr.c
@@ -0,0 +1,589 @@
1/* ssl/s23_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/buffer.h>
114#include <openssl/rand.h>
115#include <openssl/objects.h>
116#include <openssl/evp.h>
117#include "ssl_locl.h"
118
119static SSL_METHOD *ssl23_get_server_method(int ver);
120int ssl23_get_client_hello(SSL *s);
121static SSL_METHOD *ssl23_get_server_method(int ver)
122 {
123#ifndef OPENSSL_NO_SSL2
124 if (ver == SSL2_VERSION)
125 return(SSLv2_server_method());
126#endif
127 if (ver == SSL3_VERSION)
128 return(SSLv3_server_method());
129 else if (ver == TLS1_VERSION)
130 return(TLSv1_server_method());
131 else
132 return(NULL);
133 }
134
135SSL_METHOD *SSLv23_server_method(void)
136 {
137 static int init=1;
138 static SSL_METHOD SSLv23_server_data;
139
140 if (init)
141 {
142 memcpy((char *)&SSLv23_server_data,
143 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
144 SSLv23_server_data.ssl_accept=ssl23_accept;
145 SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
146 init=0;
147 }
148 return(&SSLv23_server_data);
149 }
150
151int ssl23_accept(SSL *s)
152 {
153 BUF_MEM *buf;
154 unsigned long Time=time(NULL);
155 void (*cb)(const SSL *ssl,int type,int val)=NULL;
156 int ret= -1;
157 int new_state,state;
158
159 RAND_add(&Time,sizeof(Time),0);
160 ERR_clear_error();
161 clear_sys_error();
162
163 if (s->info_callback != NULL)
164 cb=s->info_callback;
165 else if (s->ctx->info_callback != NULL)
166 cb=s->ctx->info_callback;
167
168 s->in_handshake++;
169 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
170
171 for (;;)
172 {
173 state=s->state;
174
175 switch(s->state)
176 {
177 case SSL_ST_BEFORE:
178 case SSL_ST_ACCEPT:
179 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
180 case SSL_ST_OK|SSL_ST_ACCEPT:
181
182 s->server=1;
183 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
184
185 /* s->version=SSL3_VERSION; */
186 s->type=SSL_ST_ACCEPT;
187
188 if (s->init_buf == NULL)
189 {
190 if ((buf=BUF_MEM_new()) == NULL)
191 {
192 ret= -1;
193 goto end;
194 }
195 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
196 {
197 ret= -1;
198 goto end;
199 }
200 s->init_buf=buf;
201 }
202
203 ssl3_init_finished_mac(s);
204
205 s->state=SSL23_ST_SR_CLNT_HELLO_A;
206 s->ctx->stats.sess_accept++;
207 s->init_num=0;
208 break;
209
210 case SSL23_ST_SR_CLNT_HELLO_A:
211 case SSL23_ST_SR_CLNT_HELLO_B:
212
213 s->shutdown=0;
214 ret=ssl23_get_client_hello(s);
215 if (ret >= 0) cb=NULL;
216 goto end;
217 /* break; */
218
219 default:
220 SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
221 ret= -1;
222 goto end;
223 /* break; */
224 }
225
226 if ((cb != NULL) && (s->state != state))
227 {
228 new_state=s->state;
229 s->state=state;
230 cb(s,SSL_CB_ACCEPT_LOOP,1);
231 s->state=new_state;
232 }
233 }
234end:
235 s->in_handshake--;
236 if (cb != NULL)
237 cb(s,SSL_CB_ACCEPT_EXIT,ret);
238 return(ret);
239 }
240
241
242int ssl23_get_client_hello(SSL *s)
243 {
244 char buf_space[11]; /* Request this many bytes in initial read.
245 * We can detect SSL 3.0/TLS 1.0 Client Hellos
246 * ('type == 3') correctly only when the following
247 * is in a single record, which is not guaranteed by
248 * the protocol specification:
249 * Byte Content
250 * 0 type \
251 * 1/2 version > record header
252 * 3/4 length /
253 * 5 msg_type \
254 * 6-8 length > Client Hello message
255 * 9/10 client_version /
256 */
257 char *buf= &(buf_space[0]);
258 unsigned char *p,*d,*d_len,*dd;
259 unsigned int i;
260 unsigned int csl,sil,cl;
261 int n=0,j;
262 int type=0;
263 int v[2];
264#ifndef OPENSSL_NO_RSA
265 int use_sslv2_strong=0;
266#endif
267
268 if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
269 {
270 /* read the initial header */
271 v[0]=v[1]=0;
272
273 if (!ssl3_setup_buffers(s)) goto err;
274
275 n=ssl23_read_bytes(s, sizeof buf_space);
276 if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */
277
278 p=s->packet;
279
280 memcpy(buf,p,n);
281
282 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
283 {
284 /*
285 * SSLv2 header
286 */
287 if ((p[3] == 0x00) && (p[4] == 0x02))
288 {
289 v[0]=p[3]; v[1]=p[4];
290 /* SSLv2 */
291 if (!(s->options & SSL_OP_NO_SSLv2))
292 type=1;
293 }
294 else if (p[3] == SSL3_VERSION_MAJOR)
295 {
296 v[0]=p[3]; v[1]=p[4];
297 /* SSLv3/TLSv1 */
298 if (p[4] >= TLS1_VERSION_MINOR)
299 {
300 if (!(s->options & SSL_OP_NO_TLSv1))
301 {
302 s->version=TLS1_VERSION;
303 /* type=2; */ /* done later to survive restarts */
304 s->state=SSL23_ST_SR_CLNT_HELLO_B;
305 }
306 else if (!(s->options & SSL_OP_NO_SSLv3))
307 {
308 s->version=SSL3_VERSION;
309 /* type=2; */
310 s->state=SSL23_ST_SR_CLNT_HELLO_B;
311 }
312 else if (!(s->options & SSL_OP_NO_SSLv2))
313 {
314 type=1;
315 }
316 }
317 else if (!(s->options & SSL_OP_NO_SSLv3))
318 {
319 s->version=SSL3_VERSION;
320 /* type=2; */
321 s->state=SSL23_ST_SR_CLNT_HELLO_B;
322 }
323 else if (!(s->options & SSL_OP_NO_SSLv2))
324 type=1;
325
326 }
327 }
328 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
329 (p[1] == SSL3_VERSION_MAJOR) &&
330 (p[5] == SSL3_MT_CLIENT_HELLO) &&
331 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
332 || (p[9] == p[1])))
333 {
334 /*
335 * SSLv3 or tls1 header
336 */
337
338 v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
339 /* We must look at client_version inside the Client Hello message
340 * to get the correct minor version.
341 * However if we have only a pathologically small fragment of the
342 * Client Hello message, this would be difficult, and we'd have
343 * to read more records to find out.
344 * No known SSL 3.0 client fragments ClientHello like this,
345 * so we simply assume TLS 1.0 to avoid protocol version downgrade
346 * attacks. */
347 if (p[3] == 0 && p[4] < 6)
348 {
349#if 0
350 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
351 goto err;
352#else
353 v[1] = TLS1_VERSION_MINOR;
354#endif
355 }
356 else
357 v[1]=p[10]; /* minor version according to client_version */
358 if (v[1] >= TLS1_VERSION_MINOR)
359 {
360 if (!(s->options & SSL_OP_NO_TLSv1))
361 {
362 s->version=TLS1_VERSION;
363 type=3;
364 }
365 else if (!(s->options & SSL_OP_NO_SSLv3))
366 {
367 s->version=SSL3_VERSION;
368 type=3;
369 }
370 }
371 else
372 {
373 /* client requests SSL 3.0 */
374 if (!(s->options & SSL_OP_NO_SSLv3))
375 {
376 s->version=SSL3_VERSION;
377 type=3;
378 }
379 else if (!(s->options & SSL_OP_NO_TLSv1))
380 {
381 /* we won't be able to use TLS of course,
382 * but this will send an appropriate alert */
383 s->version=TLS1_VERSION;
384 type=3;
385 }
386 }
387 }
388 else if ((strncmp("GET ", (char *)p,4) == 0) ||
389 (strncmp("POST ",(char *)p,5) == 0) ||
390 (strncmp("HEAD ",(char *)p,5) == 0) ||
391 (strncmp("PUT ", (char *)p,4) == 0))
392 {
393 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
394 goto err;
395 }
396 else if (strncmp("CONNECT",(char *)p,7) == 0)
397 {
398 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
399 goto err;
400 }
401 }
402
403 if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
404 {
405 /* we have SSLv3/TLSv1 in an SSLv2 header
406 * (other cases skip this state) */
407
408 type=2;
409 p=s->packet;
410 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
411 v[1] = p[4];
412
413 n=((p[0]&0x7f)<<8)|p[1];
414 if (n > (1024*4))
415 {
416 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
417 goto err;
418 }
419
420 j=ssl23_read_bytes(s,n+2);
421 if (j <= 0) return(j);
422
423 ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
424 if (s->msg_callback)
425 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
426
427 p=s->packet;
428 p+=5;
429 n2s(p,csl);
430 n2s(p,sil);
431 n2s(p,cl);
432 d=(unsigned char *)s->init_buf->data;
433 if ((csl+sil+cl+11) != s->packet_length)
434 {
435 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
436 goto err;
437 }
438
439 /* record header: msg_type ... */
440 *(d++) = SSL3_MT_CLIENT_HELLO;
441 /* ... and length (actual value will be written later) */
442 d_len = d;
443 d += 3;
444
445 /* client_version */
446 *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
447 *(d++) = v[1];
448
449 /* lets populate the random area */
450 /* get the challenge_length */
451 i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
452 memset(d,0,SSL3_RANDOM_SIZE);
453 memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
454 d+=SSL3_RANDOM_SIZE;
455
456 /* no session-id reuse */
457 *(d++)=0;
458
459 /* ciphers */
460 j=0;
461 dd=d;
462 d+=2;
463 for (i=0; i<csl; i+=3)
464 {
465 if (p[i] != 0) continue;
466 *(d++)=p[i+1];
467 *(d++)=p[i+2];
468 j+=2;
469 }
470 s2n(j,dd);
471
472 /* COMPRESSION */
473 *(d++)=1;
474 *(d++)=0;
475
476 i = (d-(unsigned char *)s->init_buf->data) - 4;
477 l2n3((long)i, d_len);
478
479 /* get the data reused from the init_buf */
480 s->s3->tmp.reuse_message=1;
481 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
482 s->s3->tmp.message_size=i;
483 }
484
485 /* imaginary new state (for program structure): */
486 /* s->state = SSL23_SR_CLNT_HELLO_C */
487
488 if (type == 1)
489 {
490#ifdef OPENSSL_NO_SSL2
491 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
492 goto err;
493#else
494 /* we are talking sslv2 */
495 /* we need to clean up the SSLv3/TLSv1 setup and put in the
496 * sslv2 stuff. */
497
498 if (s->s2 == NULL)
499 {
500 if (!ssl2_new(s))
501 goto err;
502 }
503 else
504 ssl2_clear(s);
505
506 if (s->s3 != NULL) ssl3_free(s);
507
508 if (!BUF_MEM_grow(s->init_buf,
509 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
510 {
511 goto err;
512 }
513
514 s->state=SSL2_ST_GET_CLIENT_HELLO_A;
515 if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
516 use_sslv2_strong ||
517 (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
518 s->s2->ssl2_rollback=0;
519 else
520 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
521 * (SSL 3.0 draft/RFC 2246, App. E.2) */
522 s->s2->ssl2_rollback=1;
523
524 /* setup the n bytes we have read so we get them from
525 * the sslv2 buffer */
526 s->rstate=SSL_ST_READ_HEADER;
527 s->packet_length=n;
528 s->packet= &(s->s2->rbuf[0]);
529 memcpy(s->packet,buf,n);
530 s->s2->rbuf_left=n;
531 s->s2->rbuf_offs=0;
532
533 s->method=SSLv2_server_method();
534 s->handshake_func=s->method->ssl_accept;
535#endif
536 }
537
538 if ((type == 2) || (type == 3))
539 {
540 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
541
542 if (!ssl_init_wbio_buffer(s,1)) goto err;
543
544 /* we are in this state */
545 s->state=SSL3_ST_SR_CLNT_HELLO_A;
546
547 if (type == 3)
548 {
549 /* put the 'n' bytes we have read into the input buffer
550 * for SSLv3 */
551 s->rstate=SSL_ST_READ_HEADER;
552 s->packet_length=n;
553 s->packet= &(s->s3->rbuf.buf[0]);
554 memcpy(s->packet,buf,n);
555 s->s3->rbuf.left=n;
556 s->s3->rbuf.offset=0;
557 }
558 else
559 {
560 s->packet_length=0;
561 s->s3->rbuf.left=0;
562 s->s3->rbuf.offset=0;
563 }
564
565 if (s->version == TLS1_VERSION)
566 s->method = TLSv1_server_method();
567 else
568 s->method = SSLv3_server_method();
569#if 0 /* ssl3_get_client_hello does this */
570 s->client_version=(v[0]<<8)|v[1];
571#endif
572 s->handshake_func=s->method->ssl_accept;
573 }
574
575 if ((type < 1) || (type > 3))
576 {
577 /* bad, very bad */
578 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
579 goto err;
580 }
581 s->init_num=0;
582
583 if (buf != buf_space) OPENSSL_free(buf);
584 s->first_packet=1;
585 return(SSL_accept(s));
586err:
587 if (buf != buf_space) OPENSSL_free(buf);
588 return(-1);
589 }
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
new file mode 100644
index 0000000000..58a24cd883
--- /dev/null
+++ b/src/lib/libssl/s3_both.c
@@ -0,0 +1,624 @@
1/* ssl/s3_both.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <limits.h>
113#include <string.h>
114#include <stdio.h>
115#include <openssl/buffer.h>
116#include <openssl/rand.h>
117#include <openssl/objects.h>
118#include <openssl/evp.h>
119#include <openssl/x509.h>
120#include "ssl_locl.h"
121
122/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
123int ssl3_do_write(SSL *s, int type)
124 {
125 int ret;
126
127 ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off],
128 s->init_num);
129 if (ret < 0) return(-1);
130 if (type == SSL3_RT_HANDSHAKE)
131 /* should not be done for 'Hello Request's, but in that case
132 * we'll ignore the result anyway */
133 ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
134
135 if (ret == s->init_num)
136 {
137 if (s->msg_callback)
138 s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
139 return(1);
140 }
141 s->init_off+=ret;
142 s->init_num-=ret;
143 return(0);
144 }
145
146int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
147 {
148 unsigned char *p,*d;
149 int i;
150 unsigned long l;
151
152 if (s->state == a)
153 {
154 d=(unsigned char *)s->init_buf->data;
155 p= &(d[4]);
156
157 i=s->method->ssl3_enc->final_finish_mac(s,
158 &(s->s3->finish_dgst1),
159 &(s->s3->finish_dgst2),
160 sender,slen,s->s3->tmp.finish_md);
161 s->s3->tmp.finish_md_len = i;
162 memcpy(p, s->s3->tmp.finish_md, i);
163 p+=i;
164 l=i;
165
166#ifdef OPENSSL_SYS_WIN16
167 /* MSVC 1.5 does not clear the top bytes of the word unless
168 * I do this.
169 */
170 l&=0xffff;
171#endif
172
173 *(d++)=SSL3_MT_FINISHED;
174 l2n3(l,d);
175 s->init_num=(int)l+4;
176 s->init_off=0;
177
178 s->state=b;
179 }
180
181 /* SSL3_ST_SEND_xxxxxx_HELLO_B */
182 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
183 }
184
185int ssl3_get_finished(SSL *s, int a, int b)
186 {
187 int al,i,ok;
188 long n;
189 unsigned char *p;
190
191 /* the mac has already been generated when we received the
192 * change cipher spec message and is in s->s3->tmp.peer_finish_md
193 */
194
195 n=ssl3_get_message(s,
196 a,
197 b,
198 SSL3_MT_FINISHED,
199 64, /* should actually be 36+4 :-) */
200 &ok);
201
202 if (!ok) return((int)n);
203
204 /* If this occurs, we have missed a message */
205 if (!s->s3->change_cipher_spec)
206 {
207 al=SSL_AD_UNEXPECTED_MESSAGE;
208 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
209 goto f_err;
210 }
211 s->s3->change_cipher_spec=0;
212
213 p = (unsigned char *)s->init_msg;
214 i = s->s3->tmp.peer_finish_md_len;
215
216 if (i != n)
217 {
218 al=SSL_AD_DECODE_ERROR;
219 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
220 goto f_err;
221 }
222
223 if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
224 {
225 al=SSL_AD_DECRYPT_ERROR;
226 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
227 goto f_err;
228 }
229
230 return(1);
231f_err:
232 ssl3_send_alert(s,SSL3_AL_FATAL,al);
233 return(0);
234 }
235
236/* for these 2 messages, we need to
237 * ssl->enc_read_ctx re-init
238 * ssl->s3->read_sequence zero
239 * ssl->s3->read_mac_secret re-init
240 * ssl->session->read_sym_enc assign
241 * ssl->session->read_compression assign
242 * ssl->session->read_hash assign
243 */
244int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
245 {
246 unsigned char *p;
247
248 if (s->state == a)
249 {
250 p=(unsigned char *)s->init_buf->data;
251 *p=SSL3_MT_CCS;
252 s->init_num=1;
253 s->init_off=0;
254
255 s->state=b;
256 }
257
258 /* SSL3_ST_CW_CHANGE_B */
259 return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
260 }
261
262unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
263 {
264 unsigned char *p;
265 int n,i;
266 unsigned long l=7;
267 BUF_MEM *buf;
268 X509_STORE_CTX xs_ctx;
269 X509_OBJECT obj;
270
271 /* TLSv1 sends a chain with nothing in it, instead of an alert */
272 buf=s->init_buf;
273 if (!BUF_MEM_grow(buf,(int)(10)))
274 {
275 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
276 return(0);
277 }
278 if (x != NULL)
279 {
280 if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
281 {
282 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
283 return(0);
284 }
285
286 for (;;)
287 {
288 n=i2d_X509(x,NULL);
289 if (!BUF_MEM_grow(buf,(int)(n+l+3)))
290 {
291 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
292 return(0);
293 }
294 p=(unsigned char *)&(buf->data[l]);
295 l2n3(n,p);
296 i2d_X509(x,&p);
297 l+=n+3;
298 if (X509_NAME_cmp(X509_get_subject_name(x),
299 X509_get_issuer_name(x)) == 0) break;
300
301 i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
302 X509_get_issuer_name(x),&obj);
303 if (i <= 0) break;
304 x=obj.data.x509;
305 /* Count is one too high since the X509_STORE_get uped the
306 * ref count */
307 X509_free(x);
308 }
309
310 X509_STORE_CTX_cleanup(&xs_ctx);
311 }
312
313 /* Thawte special :-) */
314 if (s->ctx->extra_certs != NULL)
315 for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
316 {
317 x=sk_X509_value(s->ctx->extra_certs,i);
318 n=i2d_X509(x,NULL);
319 if (!BUF_MEM_grow(buf,(int)(n+l+3)))
320 {
321 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
322 return(0);
323 }
324 p=(unsigned char *)&(buf->data[l]);
325 l2n3(n,p);
326 i2d_X509(x,&p);
327 l+=n+3;
328 }
329
330 l-=7;
331 p=(unsigned char *)&(buf->data[4]);
332 l2n3(l,p);
333 l+=3;
334 p=(unsigned char *)&(buf->data[0]);
335 *(p++)=SSL3_MT_CERTIFICATE;
336 l2n3(l,p);
337 l+=4;
338 return(l);
339 }
340
341/* Obtain handshake message of message type 'mt' (any if mt == -1),
342 * maximum acceptable body length 'max'.
343 * The first four bytes (msg_type and length) are read in state 'st1',
344 * the body is read in state 'stn'.
345 */
346long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
347 {
348 unsigned char *p;
349 unsigned long l;
350 long n;
351 int i,al;
352
353 if (s->s3->tmp.reuse_message)
354 {
355 s->s3->tmp.reuse_message=0;
356 if ((mt >= 0) && (s->s3->tmp.message_type != mt))
357 {
358 al=SSL_AD_UNEXPECTED_MESSAGE;
359 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
360 goto f_err;
361 }
362 *ok=1;
363 s->init_msg = s->init_buf->data + 4;
364 s->init_num = (int)s->s3->tmp.message_size;
365 return s->init_num;
366 }
367
368 p=(unsigned char *)s->init_buf->data;
369
370 if (s->state == st1) /* s->init_num < 4 */
371 {
372 int skip_message;
373
374 do
375 {
376 while (s->init_num < 4)
377 {
378 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
379 4 - s->init_num, 0);
380 if (i <= 0)
381 {
382 s->rwstate=SSL_READING;
383 *ok = 0;
384 return i;
385 }
386 s->init_num+=i;
387 }
388
389 skip_message = 0;
390 if (!s->server)
391 if (p[0] == SSL3_MT_HELLO_REQUEST)
392 /* The server may always send 'Hello Request' messages --
393 * we are doing a handshake anyway now, so ignore them
394 * if their format is correct. Does not count for
395 * 'Finished' MAC. */
396 if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
397 {
398 s->init_num = 0;
399 skip_message = 1;
400
401 if (s->msg_callback)
402 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, 4, s, s->msg_callback_arg);
403 }
404 }
405 while (skip_message);
406
407 /* s->init_num == 4 */
408
409 if ((mt >= 0) && (*p != mt))
410 {
411 al=SSL_AD_UNEXPECTED_MESSAGE;
412 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
413 goto f_err;
414 }
415 if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
416 (st1 == SSL3_ST_SR_CERT_A) &&
417 (stn == SSL3_ST_SR_CERT_B))
418 {
419 /* At this point we have got an MS SGC second client
420 * hello (maybe we should always allow the client to
421 * start a new handshake?). We need to restart the mac.
422 * Don't increment {num,total}_renegotiations because
423 * we have not completed the handshake. */
424 ssl3_init_finished_mac(s);
425 }
426
427 s->s3->tmp.message_type= *(p++);
428
429 n2l3(p,l);
430 if (l > (unsigned long)max)
431 {
432 al=SSL_AD_ILLEGAL_PARAMETER;
433 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
434 goto f_err;
435 }
436 if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */
437 {
438 al=SSL_AD_ILLEGAL_PARAMETER;
439 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
440 goto f_err;
441 }
442 if (l && !BUF_MEM_grow(s->init_buf,(int)l+4))
443 {
444 SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
445 goto err;
446 }
447 s->s3->tmp.message_size=l;
448 s->state=stn;
449
450 s->init_msg = s->init_buf->data + 4;
451 s->init_num = 0;
452 }
453
454 /* next state (stn) */
455 p = s->init_msg;
456 n = s->s3->tmp.message_size - s->init_num;
457 while (n > 0)
458 {
459 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
460 if (i <= 0)
461 {
462 s->rwstate=SSL_READING;
463 *ok = 0;
464 return i;
465 }
466 s->init_num += i;
467 n -= i;
468 }
469 ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
470 if (s->msg_callback)
471 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);
472 *ok=1;
473 return s->init_num;
474f_err:
475 ssl3_send_alert(s,SSL3_AL_FATAL,al);
476err:
477 *ok=0;
478 return(-1);
479 }
480
481int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
482 {
483 EVP_PKEY *pk;
484 int ret= -1,i,j;
485
486 if (pkey == NULL)
487 pk=X509_get_pubkey(x);
488 else
489 pk=pkey;
490 if (pk == NULL) goto err;
491
492 i=pk->type;
493 if (i == EVP_PKEY_RSA)
494 {
495 ret=SSL_PKEY_RSA_ENC;
496 if (x != NULL)
497 {
498 j=X509_get_ext_count(x);
499 /* check to see if this is a signing only certificate */
500 /* EAY EAY EAY EAY */
501 }
502 }
503 else if (i == EVP_PKEY_DSA)
504 {
505 ret=SSL_PKEY_DSA_SIGN;
506 }
507 else if (i == EVP_PKEY_DH)
508 {
509 /* if we just have a key, we needs to be guess */
510
511 if (x == NULL)
512 ret=SSL_PKEY_DH_DSA;
513 else
514 {
515 j=X509_get_signature_type(x);
516 if (j == EVP_PKEY_RSA)
517 ret=SSL_PKEY_DH_RSA;
518 else if (j== EVP_PKEY_DSA)
519 ret=SSL_PKEY_DH_DSA;
520 else ret= -1;
521 }
522 }
523 else
524 ret= -1;
525
526err:
527 if(!pkey) EVP_PKEY_free(pk);
528 return(ret);
529 }
530
531int ssl_verify_alarm_type(long type)
532 {
533 int al;
534
535 switch(type)
536 {
537 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
538 case X509_V_ERR_UNABLE_TO_GET_CRL:
539 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
540 al=SSL_AD_UNKNOWN_CA;
541 break;
542 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
543 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
544 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
545 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
546 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
547 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
548 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
549 case X509_V_ERR_CERT_NOT_YET_VALID:
550 case X509_V_ERR_CRL_NOT_YET_VALID:
551 case X509_V_ERR_CERT_UNTRUSTED:
552 case X509_V_ERR_CERT_REJECTED:
553 al=SSL_AD_BAD_CERTIFICATE;
554 break;
555 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
556 case X509_V_ERR_CRL_SIGNATURE_FAILURE:
557 al=SSL_AD_DECRYPT_ERROR;
558 break;
559 case X509_V_ERR_CERT_HAS_EXPIRED:
560 case X509_V_ERR_CRL_HAS_EXPIRED:
561 al=SSL_AD_CERTIFICATE_EXPIRED;
562 break;
563 case X509_V_ERR_CERT_REVOKED:
564 al=SSL_AD_CERTIFICATE_REVOKED;
565 break;
566 case X509_V_ERR_OUT_OF_MEM:
567 al=SSL_AD_INTERNAL_ERROR;
568 break;
569 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
570 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
571 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
572 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
573 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
574 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
575 case X509_V_ERR_INVALID_CA:
576 al=SSL_AD_UNKNOWN_CA;
577 break;
578 case X509_V_ERR_APPLICATION_VERIFICATION:
579 al=SSL_AD_HANDSHAKE_FAILURE;
580 break;
581 case X509_V_ERR_INVALID_PURPOSE:
582 al=SSL_AD_UNSUPPORTED_CERTIFICATE;
583 break;
584 default:
585 al=SSL_AD_CERTIFICATE_UNKNOWN;
586 break;
587 }
588 return(al);
589 }
590
591int ssl3_setup_buffers(SSL *s)
592 {
593 unsigned char *p;
594 unsigned int extra;
595 size_t len;
596
597 if (s->s3->rbuf.buf == NULL)
598 {
599 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
600 extra=SSL3_RT_MAX_EXTRA;
601 else
602 extra=0;
603 len = SSL3_RT_MAX_PACKET_SIZE + extra;
604 if ((p=OPENSSL_malloc(len)) == NULL)
605 goto err;
606 s->s3->rbuf.buf = p;
607 s->s3->rbuf.len = len;
608 }
609
610 if (s->s3->wbuf.buf == NULL)
611 {
612 len = SSL3_RT_MAX_PACKET_SIZE;
613 len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
614 if ((p=OPENSSL_malloc(len)) == NULL)
615 goto err;
616 s->s3->wbuf.buf = p;
617 s->s3->wbuf.len = len;
618 }
619 s->packet= &(s->s3->rbuf.buf[0]);
620 return(1);
621err:
622 SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
623 return(0);
624 }
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
new file mode 100644
index 0000000000..5d3efac2cd
--- /dev/null
+++ b/src/lib/libssl/s3_clnt.c
@@ -0,0 +1,1966 @@
1/* ssl/s3_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/buffer.h>
114#include <openssl/rand.h>
115#include <openssl/objects.h>
116#include <openssl/evp.h>
117#include "ssl_locl.h"
118#include "kssl_lcl.h"
119#include <openssl/md5.h>
120
121static SSL_METHOD *ssl3_get_client_method(int ver);
122static int ssl3_client_hello(SSL *s);
123static int ssl3_get_server_hello(SSL *s);
124static int ssl3_get_certificate_request(SSL *s);
125static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
126static int ssl3_get_server_done(SSL *s);
127static int ssl3_send_client_verify(SSL *s);
128static int ssl3_send_client_certificate(SSL *s);
129static int ssl3_send_client_key_exchange(SSL *s);
130static int ssl3_get_key_exchange(SSL *s);
131static int ssl3_get_server_certificate(SSL *s);
132static int ssl3_check_cert_and_algorithm(SSL *s);
133static SSL_METHOD *ssl3_get_client_method(int ver)
134 {
135 if (ver == SSL3_VERSION)
136 return(SSLv3_client_method());
137 else
138 return(NULL);
139 }
140
141SSL_METHOD *SSLv3_client_method(void)
142 {
143 static int init=1;
144 static SSL_METHOD SSLv3_client_data;
145
146 if (init)
147 {
148 init=0;
149 memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
150 sizeof(SSL_METHOD));
151 SSLv3_client_data.ssl_connect=ssl3_connect;
152 SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
153 }
154 return(&SSLv3_client_data);
155 }
156
157int ssl3_connect(SSL *s)
158 {
159 BUF_MEM *buf;
160 unsigned long Time=time(NULL),l;
161 long num1;
162 void (*cb)(const SSL *ssl,int type,int val)=NULL;
163 int ret= -1;
164 int new_state,state,skip=0;;
165
166 RAND_add(&Time,sizeof(Time),0);
167 ERR_clear_error();
168 clear_sys_error();
169
170 if (s->info_callback != NULL)
171 cb=s->info_callback;
172 else if (s->ctx->info_callback != NULL)
173 cb=s->ctx->info_callback;
174
175 s->in_handshake++;
176 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
177
178 for (;;)
179 {
180 state=s->state;
181
182 switch(s->state)
183 {
184 case SSL_ST_RENEGOTIATE:
185 s->new_session=1;
186 s->state=SSL_ST_CONNECT;
187 s->ctx->stats.sess_connect_renegotiate++;
188 /* break */
189 case SSL_ST_BEFORE:
190 case SSL_ST_CONNECT:
191 case SSL_ST_BEFORE|SSL_ST_CONNECT:
192 case SSL_ST_OK|SSL_ST_CONNECT:
193
194 s->server=0;
195 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
196
197 if ((s->version & 0xff00 ) != 0x0300)
198 {
199 SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
200 ret = -1;
201 goto end;
202 }
203
204 /* s->version=SSL3_VERSION; */
205 s->type=SSL_ST_CONNECT;
206
207 if (s->init_buf == NULL)
208 {
209 if ((buf=BUF_MEM_new()) == NULL)
210 {
211 ret= -1;
212 goto end;
213 }
214 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
215 {
216 ret= -1;
217 goto end;
218 }
219 s->init_buf=buf;
220 }
221
222 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
223
224 /* setup buffing BIO */
225 if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
226
227 /* don't push the buffering BIO quite yet */
228
229 ssl3_init_finished_mac(s);
230
231 s->state=SSL3_ST_CW_CLNT_HELLO_A;
232 s->ctx->stats.sess_connect++;
233 s->init_num=0;
234 break;
235
236 case SSL3_ST_CW_CLNT_HELLO_A:
237 case SSL3_ST_CW_CLNT_HELLO_B:
238
239 s->shutdown=0;
240 ret=ssl3_client_hello(s);
241 if (ret <= 0) goto end;
242 s->state=SSL3_ST_CR_SRVR_HELLO_A;
243 s->init_num=0;
244
245 /* turn on buffering for the next lot of output */
246 if (s->bbio != s->wbio)
247 s->wbio=BIO_push(s->bbio,s->wbio);
248
249 break;
250
251 case SSL3_ST_CR_SRVR_HELLO_A:
252 case SSL3_ST_CR_SRVR_HELLO_B:
253 ret=ssl3_get_server_hello(s);
254 if (ret <= 0) goto end;
255 if (s->hit)
256 s->state=SSL3_ST_CR_FINISHED_A;
257 else
258 s->state=SSL3_ST_CR_CERT_A;
259 s->init_num=0;
260 break;
261
262 case SSL3_ST_CR_CERT_A:
263 case SSL3_ST_CR_CERT_B:
264 /* Check if it is anon DH */
265 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
266 {
267 ret=ssl3_get_server_certificate(s);
268 if (ret <= 0) goto end;
269 }
270 else
271 skip=1;
272 s->state=SSL3_ST_CR_KEY_EXCH_A;
273 s->init_num=0;
274 break;
275
276 case SSL3_ST_CR_KEY_EXCH_A:
277 case SSL3_ST_CR_KEY_EXCH_B:
278 ret=ssl3_get_key_exchange(s);
279 if (ret <= 0) goto end;
280 s->state=SSL3_ST_CR_CERT_REQ_A;
281 s->init_num=0;
282
283 /* at this point we check that we have the
284 * required stuff from the server */
285 if (!ssl3_check_cert_and_algorithm(s))
286 {
287 ret= -1;
288 goto end;
289 }
290 break;
291
292 case SSL3_ST_CR_CERT_REQ_A:
293 case SSL3_ST_CR_CERT_REQ_B:
294 ret=ssl3_get_certificate_request(s);
295 if (ret <= 0) goto end;
296 s->state=SSL3_ST_CR_SRVR_DONE_A;
297 s->init_num=0;
298 break;
299
300 case SSL3_ST_CR_SRVR_DONE_A:
301 case SSL3_ST_CR_SRVR_DONE_B:
302 ret=ssl3_get_server_done(s);
303 if (ret <= 0) goto end;
304 if (s->s3->tmp.cert_req)
305 s->state=SSL3_ST_CW_CERT_A;
306 else
307 s->state=SSL3_ST_CW_KEY_EXCH_A;
308 s->init_num=0;
309
310 break;
311
312 case SSL3_ST_CW_CERT_A:
313 case SSL3_ST_CW_CERT_B:
314 case SSL3_ST_CW_CERT_C:
315 case SSL3_ST_CW_CERT_D:
316 ret=ssl3_send_client_certificate(s);
317 if (ret <= 0) goto end;
318 s->state=SSL3_ST_CW_KEY_EXCH_A;
319 s->init_num=0;
320 break;
321
322 case SSL3_ST_CW_KEY_EXCH_A:
323 case SSL3_ST_CW_KEY_EXCH_B:
324 ret=ssl3_send_client_key_exchange(s);
325 if (ret <= 0) goto end;
326 l=s->s3->tmp.new_cipher->algorithms;
327 /* EAY EAY EAY need to check for DH fix cert
328 * sent back */
329 /* For TLS, cert_req is set to 2, so a cert chain
330 * of nothing is sent, but no verify packet is sent */
331 if (s->s3->tmp.cert_req == 1)
332 {
333 s->state=SSL3_ST_CW_CERT_VRFY_A;
334 }
335 else
336 {
337 s->state=SSL3_ST_CW_CHANGE_A;
338 s->s3->change_cipher_spec=0;
339 }
340
341 s->init_num=0;
342 break;
343
344 case SSL3_ST_CW_CERT_VRFY_A:
345 case SSL3_ST_CW_CERT_VRFY_B:
346 ret=ssl3_send_client_verify(s);
347 if (ret <= 0) goto end;
348 s->state=SSL3_ST_CW_CHANGE_A;
349 s->init_num=0;
350 s->s3->change_cipher_spec=0;
351 break;
352
353 case SSL3_ST_CW_CHANGE_A:
354 case SSL3_ST_CW_CHANGE_B:
355 ret=ssl3_send_change_cipher_spec(s,
356 SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
357 if (ret <= 0) goto end;
358 s->state=SSL3_ST_CW_FINISHED_A;
359 s->init_num=0;
360
361 s->session->cipher=s->s3->tmp.new_cipher;
362 if (s->s3->tmp.new_compression == NULL)
363 s->session->compress_meth=0;
364 else
365 s->session->compress_meth=
366 s->s3->tmp.new_compression->id;
367 if (!s->method->ssl3_enc->setup_key_block(s))
368 {
369 ret= -1;
370 goto end;
371 }
372
373 if (!s->method->ssl3_enc->change_cipher_state(s,
374 SSL3_CHANGE_CIPHER_CLIENT_WRITE))
375 {
376 ret= -1;
377 goto end;
378 }
379
380 break;
381
382 case SSL3_ST_CW_FINISHED_A:
383 case SSL3_ST_CW_FINISHED_B:
384 ret=ssl3_send_finished(s,
385 SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
386 s->method->ssl3_enc->client_finished_label,
387 s->method->ssl3_enc->client_finished_label_len);
388 if (ret <= 0) goto end;
389 s->state=SSL3_ST_CW_FLUSH;
390
391 /* clear flags */
392 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
393 if (s->hit)
394 {
395 s->s3->tmp.next_state=SSL_ST_OK;
396 if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
397 {
398 s->state=SSL_ST_OK;
399 s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
400 s->s3->delay_buf_pop_ret=0;
401 }
402 }
403 else
404 {
405 s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
406 }
407 s->init_num=0;
408 break;
409
410 case SSL3_ST_CR_FINISHED_A:
411 case SSL3_ST_CR_FINISHED_B:
412
413 ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
414 SSL3_ST_CR_FINISHED_B);
415 if (ret <= 0) goto end;
416
417 if (s->hit)
418 s->state=SSL3_ST_CW_CHANGE_A;
419 else
420 s->state=SSL_ST_OK;
421 s->init_num=0;
422 break;
423
424 case SSL3_ST_CW_FLUSH:
425 /* number of bytes to be flushed */
426 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
427 if (num1 > 0)
428 {
429 s->rwstate=SSL_WRITING;
430 num1=BIO_flush(s->wbio);
431 if (num1 <= 0) { ret= -1; goto end; }
432 s->rwstate=SSL_NOTHING;
433 }
434
435 s->state=s->s3->tmp.next_state;
436 break;
437
438 case SSL_ST_OK:
439 /* clean a few things up */
440 ssl3_cleanup_key_block(s);
441
442 if (s->init_buf != NULL)
443 {
444 BUF_MEM_free(s->init_buf);
445 s->init_buf=NULL;
446 }
447
448 /* If we are not 'joining' the last two packets,
449 * remove the buffering now */
450 if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
451 ssl_free_wbio_buffer(s);
452 /* else do it later in ssl3_write */
453
454 s->init_num=0;
455 s->new_session=0;
456
457 ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
458 if (s->hit) s->ctx->stats.sess_hit++;
459
460 ret=1;
461 /* s->server=0; */
462 s->handshake_func=ssl3_connect;
463 s->ctx->stats.sess_connect_good++;
464
465 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
466
467 goto end;
468 /* break; */
469
470 default:
471 SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
472 ret= -1;
473 goto end;
474 /* break; */
475 }
476
477 /* did we do anything */
478 if (!s->s3->tmp.reuse_message && !skip)
479 {
480 if (s->debug)
481 {
482 if ((ret=BIO_flush(s->wbio)) <= 0)
483 goto end;
484 }
485
486 if ((cb != NULL) && (s->state != state))
487 {
488 new_state=s->state;
489 s->state=state;
490 cb(s,SSL_CB_CONNECT_LOOP,1);
491 s->state=new_state;
492 }
493 }
494 skip=0;
495 }
496end:
497 s->in_handshake--;
498 if (cb != NULL)
499 cb(s,SSL_CB_CONNECT_EXIT,ret);
500 return(ret);
501 }
502
503
504static int ssl3_client_hello(SSL *s)
505 {
506 unsigned char *buf;
507 unsigned char *p,*d;
508 int i,j;
509 unsigned long Time,l;
510 SSL_COMP *comp;
511
512 buf=(unsigned char *)s->init_buf->data;
513 if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
514 {
515 if ((s->session == NULL) ||
516 (s->session->ssl_version != s->version) ||
517 (s->session->not_resumable))
518 {
519 if (!ssl_get_new_session(s,0))
520 goto err;
521 }
522 /* else use the pre-loaded session */
523
524 p=s->s3->client_random;
525 Time=time(NULL); /* Time */
526 l2n(Time,p);
527 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
528
529 /* Do the message type and length last */
530 d=p= &(buf[4]);
531
532 *(p++)=s->version>>8;
533 *(p++)=s->version&0xff;
534 s->client_version=s->version;
535
536 /* Random stuff */
537 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
538 p+=SSL3_RANDOM_SIZE;
539
540 /* Session ID */
541 if (s->new_session)
542 i=0;
543 else
544 i=s->session->session_id_length;
545 *(p++)=i;
546 if (i != 0)
547 {
548 die(i <= sizeof s->session->session_id);
549 memcpy(p,s->session->session_id,i);
550 p+=i;
551 }
552
553 /* Ciphers supported */
554 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
555 if (i == 0)
556 {
557 SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
558 goto err;
559 }
560 s2n(i,p);
561 p+=i;
562
563 /* COMPRESSION */
564 if (s->ctx->comp_methods == NULL)
565 j=0;
566 else
567 j=sk_SSL_COMP_num(s->ctx->comp_methods);
568 *(p++)=1+j;
569 for (i=0; i<j; i++)
570 {
571 comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
572 *(p++)=comp->id;
573 }
574 *(p++)=0; /* Add the NULL method */
575
576 l=(p-d);
577 d=buf;
578 *(d++)=SSL3_MT_CLIENT_HELLO;
579 l2n3(l,d);
580
581 s->state=SSL3_ST_CW_CLNT_HELLO_B;
582 /* number of bytes to write */
583 s->init_num=p-buf;
584 s->init_off=0;
585 }
586
587 /* SSL3_ST_CW_CLNT_HELLO_B */
588 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
589err:
590 return(-1);
591 }
592
593static int ssl3_get_server_hello(SSL *s)
594 {
595 STACK_OF(SSL_CIPHER) *sk;
596 SSL_CIPHER *c;
597 unsigned char *p,*d;
598 int i,al,ok;
599 unsigned int j;
600 long n;
601 SSL_COMP *comp;
602
603 n=ssl3_get_message(s,
604 SSL3_ST_CR_SRVR_HELLO_A,
605 SSL3_ST_CR_SRVR_HELLO_B,
606 SSL3_MT_SERVER_HELLO,
607 300, /* ?? */
608 &ok);
609
610 if (!ok) return((int)n);
611 d=p=(unsigned char *)s->init_msg;
612
613 if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
614 {
615 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
616 s->version=(s->version&0xff00)|p[1];
617 al=SSL_AD_PROTOCOL_VERSION;
618 goto f_err;
619 }
620 p+=2;
621
622 /* load the server hello data */
623 /* load the server random */
624 memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
625 p+=SSL3_RANDOM_SIZE;
626
627 /* get the session-id */
628 j= *(p++);
629
630 if(j > sizeof s->session->session_id)
631 {
632 al=SSL_AD_ILLEGAL_PARAMETER;
633 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
634 SSL_R_SSL3_SESSION_ID_TOO_LONG);
635 goto f_err;
636 }
637
638 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
639 {
640 /* SSLref returns 16 :-( */
641 if (j < SSL2_SSL_SESSION_ID_LENGTH)
642 {
643 al=SSL_AD_ILLEGAL_PARAMETER;
644 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
645 goto f_err;
646 }
647 }
648 if (j != 0 && j == s->session->session_id_length
649 && memcmp(p,s->session->session_id,j) == 0)
650 {
651 if(s->sid_ctx_length != s->session->sid_ctx_length
652 || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
653 {
654 al=SSL_AD_ILLEGAL_PARAMETER;
655 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
656 goto f_err;
657 }
658 s->hit=1;
659 }
660 else /* a miss or crap from the other end */
661 {
662 /* If we were trying for session-id reuse, make a new
663 * SSL_SESSION so we don't stuff up other people */
664 s->hit=0;
665 if (s->session->session_id_length > 0)
666 {
667 if (!ssl_get_new_session(s,0))
668 {
669 al=SSL_AD_INTERNAL_ERROR;
670 goto f_err;
671 }
672 }
673 s->session->session_id_length=j;
674 memcpy(s->session->session_id,p,j); /* j could be 0 */
675 }
676 p+=j;
677 c=ssl_get_cipher_by_char(s,p);
678 if (c == NULL)
679 {
680 /* unknown cipher */
681 al=SSL_AD_ILLEGAL_PARAMETER;
682 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
683 goto f_err;
684 }
685 p+=ssl_put_cipher_by_char(s,NULL,NULL);
686
687 sk=ssl_get_ciphers_by_id(s);
688 i=sk_SSL_CIPHER_find(sk,c);
689 if (i < 0)
690 {
691 /* we did not say we would use this cipher */
692 al=SSL_AD_ILLEGAL_PARAMETER;
693 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
694 goto f_err;
695 }
696
697 if (s->hit && (s->session->cipher != c))
698 {
699 if (!(s->options &
700 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
701 {
702 al=SSL_AD_ILLEGAL_PARAMETER;
703 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
704 goto f_err;
705 }
706 }
707 s->s3->tmp.new_cipher=c;
708
709 /* lets get the compression algorithm */
710 /* COMPRESSION */
711 j= *(p++);
712 if (j == 0)
713 comp=NULL;
714 else
715 comp=ssl3_comp_find(s->ctx->comp_methods,j);
716
717 if ((j != 0) && (comp == NULL))
718 {
719 al=SSL_AD_ILLEGAL_PARAMETER;
720 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
721 goto f_err;
722 }
723 else
724 {
725 s->s3->tmp.new_compression=comp;
726 }
727
728 if (p != (d+n))
729 {
730 /* wrong packet length */
731 al=SSL_AD_DECODE_ERROR;
732 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
733 goto err;
734 }
735
736 return(1);
737f_err:
738 ssl3_send_alert(s,SSL3_AL_FATAL,al);
739err:
740 return(-1);
741 }
742
743static int ssl3_get_server_certificate(SSL *s)
744 {
745 int al,i,ok,ret= -1;
746 unsigned long n,nc,llen,l;
747 X509 *x=NULL;
748 unsigned char *p,*d,*q;
749 STACK_OF(X509) *sk=NULL;
750 SESS_CERT *sc;
751 EVP_PKEY *pkey=NULL;
752 int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
753
754 n=ssl3_get_message(s,
755 SSL3_ST_CR_CERT_A,
756 SSL3_ST_CR_CERT_B,
757 -1,
758 s->max_cert_list,
759 &ok);
760
761 if (!ok) return((int)n);
762
763 if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
764 {
765 s->s3->tmp.reuse_message=1;
766 return(1);
767 }
768
769 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
770 {
771 al=SSL_AD_UNEXPECTED_MESSAGE;
772 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
773 goto f_err;
774 }
775 d=p=(unsigned char *)s->init_msg;
776
777 if ((sk=sk_X509_new_null()) == NULL)
778 {
779 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
780 goto err;
781 }
782
783 n2l3(p,llen);
784 if (llen+3 != n)
785 {
786 al=SSL_AD_DECODE_ERROR;
787 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
788 goto f_err;
789 }
790 for (nc=0; nc<llen; )
791 {
792 n2l3(p,l);
793 if ((l+nc+3) > llen)
794 {
795 al=SSL_AD_DECODE_ERROR;
796 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
797 goto f_err;
798 }
799
800 q=p;
801 x=d2i_X509(NULL,&q,l);
802 if (x == NULL)
803 {
804 al=SSL_AD_BAD_CERTIFICATE;
805 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
806 goto f_err;
807 }
808 if (q != (p+l))
809 {
810 al=SSL_AD_DECODE_ERROR;
811 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
812 goto f_err;
813 }
814 if (!sk_X509_push(sk,x))
815 {
816 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
817 goto err;
818 }
819 x=NULL;
820 nc+=l+3;
821 p=q;
822 }
823
824 i=ssl_verify_cert_chain(s,sk);
825 if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)
826#ifndef OPENSSL_NO_KRB5
827 && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
828 != (SSL_aKRB5|SSL_kKRB5)
829#endif /* OPENSSL_NO_KRB5 */
830 )
831 {
832 al=ssl_verify_alarm_type(s->verify_result);
833 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
834 goto f_err;
835 }
836 ERR_clear_error(); /* but we keep s->verify_result */
837
838 sc=ssl_sess_cert_new();
839 if (sc == NULL) goto err;
840
841 if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
842 s->session->sess_cert=sc;
843
844 sc->cert_chain=sk;
845 /* Inconsistency alert: cert_chain does include the peer's
846 * certificate, which we don't include in s3_srvr.c */
847 x=sk_X509_value(sk,0);
848 sk=NULL;
849 /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
850
851 pkey=X509_get_pubkey(x);
852
853 /* VRS: allow null cert if auth == KRB5 */
854 need_cert = ((s->s3->tmp.new_cipher->algorithms
855 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
856 == (SSL_aKRB5|SSL_kKRB5))? 0: 1;
857
858#ifdef KSSL_DEBUG
859 printf("pkey,x = %p, %p\n", pkey,x);
860 printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
861 printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
862 s->s3->tmp.new_cipher->algorithms, need_cert);
863#endif /* KSSL_DEBUG */
864
865 if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
866 {
867 x=NULL;
868 al=SSL3_AL_FATAL;
869 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
870 SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
871 goto f_err;
872 }
873
874 i=ssl_cert_type(x,pkey);
875 if (need_cert && i < 0)
876 {
877 x=NULL;
878 al=SSL3_AL_FATAL;
879 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
880 SSL_R_UNKNOWN_CERTIFICATE_TYPE);
881 goto f_err;
882 }
883
884 if (need_cert)
885 {
886 sc->peer_cert_type=i;
887 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
888 /* Why would the following ever happen?
889 * We just created sc a couple of lines ago. */
890 if (sc->peer_pkeys[i].x509 != NULL)
891 X509_free(sc->peer_pkeys[i].x509);
892 sc->peer_pkeys[i].x509=x;
893 sc->peer_key= &(sc->peer_pkeys[i]);
894
895 if (s->session->peer != NULL)
896 X509_free(s->session->peer);
897 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
898 s->session->peer=x;
899 }
900 else
901 {
902 sc->peer_cert_type=i;
903 sc->peer_key= NULL;
904
905 if (s->session->peer != NULL)
906 X509_free(s->session->peer);
907 s->session->peer=NULL;
908 }
909 s->session->verify_result = s->verify_result;
910
911 x=NULL;
912 ret=1;
913
914 if (0)
915 {
916f_err:
917 ssl3_send_alert(s,SSL3_AL_FATAL,al);
918 }
919err:
920 EVP_PKEY_free(pkey);
921 X509_free(x);
922 sk_X509_pop_free(sk,X509_free);
923 return(ret);
924 }
925
926static int ssl3_get_key_exchange(SSL *s)
927 {
928#ifndef OPENSSL_NO_RSA
929 unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
930#endif
931 EVP_MD_CTX md_ctx;
932 unsigned char *param,*p;
933 int al,i,j,param_len,ok;
934 long n,alg;
935 EVP_PKEY *pkey=NULL;
936#ifndef OPENSSL_NO_RSA
937 RSA *rsa=NULL;
938#endif
939#ifndef OPENSSL_NO_DH
940 DH *dh=NULL;
941#endif
942
943 /* use same message size as in ssl3_get_certificate_request()
944 * as ServerKeyExchange message may be skipped */
945 n=ssl3_get_message(s,
946 SSL3_ST_CR_KEY_EXCH_A,
947 SSL3_ST_CR_KEY_EXCH_B,
948 -1,
949 s->max_cert_list,
950 &ok);
951
952 if (!ok) return((int)n);
953
954 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
955 {
956 s->s3->tmp.reuse_message=1;
957 return(1);
958 }
959
960 param=p=(unsigned char *)s->init_msg;
961
962 if (s->session->sess_cert != NULL)
963 {
964#ifndef OPENSSL_NO_RSA
965 if (s->session->sess_cert->peer_rsa_tmp != NULL)
966 {
967 RSA_free(s->session->sess_cert->peer_rsa_tmp);
968 s->session->sess_cert->peer_rsa_tmp=NULL;
969 }
970#endif
971#ifndef OPENSSL_NO_DH
972 if (s->session->sess_cert->peer_dh_tmp)
973 {
974 DH_free(s->session->sess_cert->peer_dh_tmp);
975 s->session->sess_cert->peer_dh_tmp=NULL;
976 }
977#endif
978 }
979 else
980 {
981 s->session->sess_cert=ssl_sess_cert_new();
982 }
983
984 param_len=0;
985 alg=s->s3->tmp.new_cipher->algorithms;
986 EVP_MD_CTX_init(&md_ctx);
987
988#ifndef OPENSSL_NO_RSA
989 if (alg & SSL_kRSA)
990 {
991 if ((rsa=RSA_new()) == NULL)
992 {
993 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
994 goto err;
995 }
996 n2s(p,i);
997 param_len=i+2;
998 if (param_len > n)
999 {
1000 al=SSL_AD_DECODE_ERROR;
1001 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
1002 goto f_err;
1003 }
1004 if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
1005 {
1006 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1007 goto err;
1008 }
1009 p+=i;
1010
1011 n2s(p,i);
1012 param_len+=i+2;
1013 if (param_len > n)
1014 {
1015 al=SSL_AD_DECODE_ERROR;
1016 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
1017 goto f_err;
1018 }
1019 if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
1020 {
1021 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1022 goto err;
1023 }
1024 p+=i;
1025 n-=param_len;
1026
1027 /* this should be because we are using an export cipher */
1028 if (alg & SSL_aRSA)
1029 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1030 else
1031 {
1032 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1033 goto err;
1034 }
1035 s->session->sess_cert->peer_rsa_tmp=rsa;
1036 rsa=NULL;
1037 }
1038#else /* OPENSSL_NO_RSA */
1039 if (0)
1040 ;
1041#endif
1042#ifndef OPENSSL_NO_DH
1043 else if (alg & SSL_kEDH)
1044 {
1045 if ((dh=DH_new()) == NULL)
1046 {
1047 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
1048 goto err;
1049 }
1050 n2s(p,i);
1051 param_len=i+2;
1052 if (param_len > n)
1053 {
1054 al=SSL_AD_DECODE_ERROR;
1055 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
1056 goto f_err;
1057 }
1058 if (!(dh->p=BN_bin2bn(p,i,NULL)))
1059 {
1060 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1061 goto err;
1062 }
1063 p+=i;
1064
1065 n2s(p,i);
1066 param_len+=i+2;
1067 if (param_len > n)
1068 {
1069 al=SSL_AD_DECODE_ERROR;
1070 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
1071 goto f_err;
1072 }
1073 if (!(dh->g=BN_bin2bn(p,i,NULL)))
1074 {
1075 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1076 goto err;
1077 }
1078 p+=i;
1079
1080 n2s(p,i);
1081 param_len+=i+2;
1082 if (param_len > n)
1083 {
1084 al=SSL_AD_DECODE_ERROR;
1085 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
1086 goto f_err;
1087 }
1088 if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
1089 {
1090 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1091 goto err;
1092 }
1093 p+=i;
1094 n-=param_len;
1095
1096#ifndef OPENSSL_NO_RSA
1097 if (alg & SSL_aRSA)
1098 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1099#else
1100 if (0)
1101 ;
1102#endif
1103#ifndef OPENSSL_NO_DSA
1104 else if (alg & SSL_aDSS)
1105 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
1106#endif
1107 /* else anonymous DH, so no certificate or pkey. */
1108
1109 s->session->sess_cert->peer_dh_tmp=dh;
1110 dh=NULL;
1111 }
1112 else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
1113 {
1114 al=SSL_AD_ILLEGAL_PARAMETER;
1115 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1116 goto f_err;
1117 }
1118#endif /* !OPENSSL_NO_DH */
1119 if (alg & SSL_aFZA)
1120 {
1121 al=SSL_AD_HANDSHAKE_FAILURE;
1122 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1123 goto f_err;
1124 }
1125
1126
1127 /* p points to the next byte, there are 'n' bytes left */
1128
1129
1130 /* if it was signed, check the signature */
1131 if (pkey != NULL)
1132 {
1133 n2s(p,i);
1134 n-=2;
1135 j=EVP_PKEY_size(pkey);
1136
1137 if ((i != n) || (n > j) || (n <= 0))
1138 {
1139 /* wrong packet length */
1140 al=SSL_AD_DECODE_ERROR;
1141 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
1142 goto f_err;
1143 }
1144
1145#ifndef OPENSSL_NO_RSA
1146 if (pkey->type == EVP_PKEY_RSA)
1147 {
1148 int num;
1149
1150 j=0;
1151 q=md_buf;
1152 for (num=2; num > 0; num--)
1153 {
1154 EVP_DigestInit_ex(&md_ctx,(num == 2)
1155 ?s->ctx->md5:s->ctx->sha1, NULL);
1156 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1157 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1158 EVP_DigestUpdate(&md_ctx,param,param_len);
1159 EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
1160 q+=i;
1161 j+=i;
1162 }
1163 i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
1164 pkey->pkey.rsa);
1165 if (i < 0)
1166 {
1167 al=SSL_AD_DECRYPT_ERROR;
1168 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
1169 goto f_err;
1170 }
1171 if (i == 0)
1172 {
1173 /* bad signature */
1174 al=SSL_AD_DECRYPT_ERROR;
1175 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1176 goto f_err;
1177 }
1178 }
1179 else
1180#endif
1181#ifndef OPENSSL_NO_DSA
1182 if (pkey->type == EVP_PKEY_DSA)
1183 {
1184 /* lets do DSS */
1185 EVP_VerifyInit_ex(&md_ctx,EVP_dss1(), NULL);
1186 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1187 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1188 EVP_VerifyUpdate(&md_ctx,param,param_len);
1189 if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
1190 {
1191 /* bad signature */
1192 al=SSL_AD_DECRYPT_ERROR;
1193 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1194 goto f_err;
1195 }
1196 }
1197 else
1198#endif
1199 {
1200 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1201 goto err;
1202 }
1203 }
1204 else
1205 {
1206 /* still data left over */
1207 if (!(alg & SSL_aNULL))
1208 {
1209 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1210 goto err;
1211 }
1212 if (n != 0)
1213 {
1214 al=SSL_AD_DECODE_ERROR;
1215 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
1216 goto f_err;
1217 }
1218 }
1219 EVP_PKEY_free(pkey);
1220 EVP_MD_CTX_cleanup(&md_ctx);
1221 return(1);
1222f_err:
1223 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1224err:
1225 EVP_PKEY_free(pkey);
1226#ifndef OPENSSL_NO_RSA
1227 if (rsa != NULL)
1228 RSA_free(rsa);
1229#endif
1230#ifndef OPENSSL_NO_DH
1231 if (dh != NULL)
1232 DH_free(dh);
1233#endif
1234 EVP_MD_CTX_cleanup(&md_ctx);
1235 return(-1);
1236 }
1237
1238static int ssl3_get_certificate_request(SSL *s)
1239 {
1240 int ok,ret=0;
1241 unsigned long n,nc,l;
1242 unsigned int llen,ctype_num,i;
1243 X509_NAME *xn=NULL;
1244 unsigned char *p,*d,*q;
1245 STACK_OF(X509_NAME) *ca_sk=NULL;
1246
1247 n=ssl3_get_message(s,
1248 SSL3_ST_CR_CERT_REQ_A,
1249 SSL3_ST_CR_CERT_REQ_B,
1250 -1,
1251 s->max_cert_list,
1252 &ok);
1253
1254 if (!ok) return((int)n);
1255
1256 s->s3->tmp.cert_req=0;
1257
1258 if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
1259 {
1260 s->s3->tmp.reuse_message=1;
1261 return(1);
1262 }
1263
1264 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
1265 {
1266 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1267 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
1268 goto err;
1269 }
1270
1271 /* TLS does not like anon-DH with client cert */
1272 if (s->version > SSL3_VERSION)
1273 {
1274 l=s->s3->tmp.new_cipher->algorithms;
1275 if (l & SSL_aNULL)
1276 {
1277 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1278 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1279 goto err;
1280 }
1281 }
1282
1283 d=p=(unsigned char *)s->init_msg;
1284
1285 if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
1286 {
1287 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1288 goto err;
1289 }
1290
1291 /* get the certificate types */
1292 ctype_num= *(p++);
1293 if (ctype_num > SSL3_CT_NUMBER)
1294 ctype_num=SSL3_CT_NUMBER;
1295 for (i=0; i<ctype_num; i++)
1296 s->s3->tmp.ctype[i]= p[i];
1297 p+=ctype_num;
1298
1299 /* get the CA RDNs */
1300 n2s(p,llen);
1301#if 0
1302{
1303FILE *out;
1304out=fopen("/tmp/vsign.der","w");
1305fwrite(p,1,llen,out);
1306fclose(out);
1307}
1308#endif
1309
1310 if ((llen+ctype_num+2+1) != n)
1311 {
1312 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1313 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
1314 goto err;
1315 }
1316
1317 for (nc=0; nc<llen; )
1318 {
1319 n2s(p,l);
1320 if ((l+nc+2) > llen)
1321 {
1322 if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1323 goto cont; /* netscape bugs */
1324 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1325 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
1326 goto err;
1327 }
1328
1329 q=p;
1330
1331 if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
1332 {
1333 /* If netscape tolerance is on, ignore errors */
1334 if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
1335 goto cont;
1336 else
1337 {
1338 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1339 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
1340 goto err;
1341 }
1342 }
1343
1344 if (q != (p+l))
1345 {
1346 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1347 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
1348 goto err;
1349 }
1350 if (!sk_X509_NAME_push(ca_sk,xn))
1351 {
1352 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1353 goto err;
1354 }
1355
1356 p+=l;
1357 nc+=l+2;
1358 }
1359
1360 if (0)
1361 {
1362cont:
1363 ERR_clear_error();
1364 }
1365
1366 /* we should setup a certificate to return.... */
1367 s->s3->tmp.cert_req=1;
1368 s->s3->tmp.ctype_num=ctype_num;
1369 if (s->s3->tmp.ca_names != NULL)
1370 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1371 s->s3->tmp.ca_names=ca_sk;
1372 ca_sk=NULL;
1373
1374 ret=1;
1375err:
1376 if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
1377 return(ret);
1378 }
1379
1380static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
1381 {
1382 return(X509_NAME_cmp(*a,*b));
1383 }
1384
1385static int ssl3_get_server_done(SSL *s)
1386 {
1387 int ok,ret=0;
1388 long n;
1389
1390 n=ssl3_get_message(s,
1391 SSL3_ST_CR_SRVR_DONE_A,
1392 SSL3_ST_CR_SRVR_DONE_B,
1393 SSL3_MT_SERVER_DONE,
1394 30, /* should be very small, like 0 :-) */
1395 &ok);
1396
1397 if (!ok) return((int)n);
1398 if (n > 0)
1399 {
1400 /* should contain no data */
1401 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1402 SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
1403 return -1;
1404 }
1405 ret=1;
1406 return(ret);
1407 }
1408
1409static int ssl3_send_client_key_exchange(SSL *s)
1410 {
1411 unsigned char *p,*d;
1412 int n;
1413 unsigned long l;
1414#ifndef OPENSSL_NO_RSA
1415 unsigned char *q;
1416 EVP_PKEY *pkey=NULL;
1417#endif
1418#ifndef OPENSSL_NO_KRB5
1419 KSSL_ERR kssl_err;
1420#endif /* OPENSSL_NO_KRB5 */
1421
1422 if (s->state == SSL3_ST_CW_KEY_EXCH_A)
1423 {
1424 d=(unsigned char *)s->init_buf->data;
1425 p= &(d[4]);
1426
1427 l=s->s3->tmp.new_cipher->algorithms;
1428
1429 /* Fool emacs indentation */
1430 if (0) {}
1431#ifndef OPENSSL_NO_RSA
1432 else if (l & SSL_kRSA)
1433 {
1434 RSA *rsa;
1435 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
1436
1437 if (s->session->sess_cert->peer_rsa_tmp != NULL)
1438 rsa=s->session->sess_cert->peer_rsa_tmp;
1439 else
1440 {
1441 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1442 if ((pkey == NULL) ||
1443 (pkey->type != EVP_PKEY_RSA) ||
1444 (pkey->pkey.rsa == NULL))
1445 {
1446 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1447 goto err;
1448 }
1449 rsa=pkey->pkey.rsa;
1450 EVP_PKEY_free(pkey);
1451 }
1452
1453 tmp_buf[0]=s->client_version>>8;
1454 tmp_buf[1]=s->client_version&0xff;
1455 if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)
1456 goto err;
1457
1458 s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
1459
1460 q=p;
1461 /* Fix buf for TLS and beyond */
1462 if (s->version > SSL3_VERSION)
1463 p+=2;
1464 n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
1465 tmp_buf,p,rsa,RSA_PKCS1_PADDING);
1466#ifdef PKCS1_CHECK
1467 if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
1468 if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
1469#endif
1470 if (n <= 0)
1471 {
1472 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
1473 goto err;
1474 }
1475
1476 /* Fix buf for TLS and beyond */
1477 if (s->version > SSL3_VERSION)
1478 {
1479 s2n(n,q);
1480 n+=2;
1481 }
1482
1483 s->session->master_key_length=
1484 s->method->ssl3_enc->generate_master_secret(s,
1485 s->session->master_key,
1486 tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
1487 memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
1488 }
1489#endif
1490#ifndef OPENSSL_NO_KRB5
1491 else if (l & SSL_kKRB5)
1492 {
1493 krb5_error_code krb5rc;
1494 KSSL_CTX *kssl_ctx = s->kssl_ctx;
1495 /* krb5_data krb5_ap_req; */
1496 krb5_data *enc_ticket;
1497 krb5_data authenticator, *authp = NULL;
1498 EVP_CIPHER_CTX ciph_ctx;
1499 EVP_CIPHER *enc = NULL;
1500 unsigned char iv[EVP_MAX_IV_LENGTH];
1501 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
1502 unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH
1503 + EVP_MAX_IV_LENGTH];
1504 int padl, outl = sizeof(epms);
1505
1506 EVP_CIPHER_CTX_init(&ciph_ctx);
1507
1508#ifdef KSSL_DEBUG
1509 printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
1510 l, SSL_kKRB5);
1511#endif /* KSSL_DEBUG */
1512
1513 authp = NULL;
1514#ifdef KRB5SENDAUTH
1515 if (KRB5SENDAUTH) authp = &authenticator;
1516#endif /* KRB5SENDAUTH */
1517
1518 krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp,
1519 &kssl_err);
1520 enc = kssl_map_enc(kssl_ctx->enctype);
1521 if (enc == NULL)
1522 goto err;
1523#ifdef KSSL_DEBUG
1524 {
1525 printf("kssl_cget_tkt rtn %d\n", krb5rc);
1526 if (krb5rc && kssl_err.text)
1527 printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
1528 }
1529#endif /* KSSL_DEBUG */
1530
1531 if (krb5rc)
1532 {
1533 ssl3_send_alert(s,SSL3_AL_FATAL,
1534 SSL_AD_HANDSHAKE_FAILURE);
1535 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
1536 kssl_err.reason);
1537 goto err;
1538 }
1539
1540 /* 20010406 VRS - Earlier versions used KRB5 AP_REQ
1541 ** in place of RFC 2712 KerberosWrapper, as in:
1542 **
1543 ** Send ticket (copy to *p, set n = length)
1544 ** n = krb5_ap_req.length;
1545 ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
1546 ** if (krb5_ap_req.data)
1547 ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
1548 **
1549 ** Now using real RFC 2712 KerberosWrapper
1550 ** (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
1551 ** Note: 2712 "opaque" types are here replaced
1552 ** with a 2-byte length followed by the value.
1553 ** Example:
1554 ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
1555 ** Where "xx xx" = length bytes. Shown here with
1556 ** optional authenticator omitted.
1557 */
1558
1559 /* KerberosWrapper.Ticket */
1560 s2n(enc_ticket->length,p);
1561 memcpy(p, enc_ticket->data, enc_ticket->length);
1562 p+= enc_ticket->length;
1563 n = enc_ticket->length + 2;
1564
1565 /* KerberosWrapper.Authenticator */
1566 if (authp && authp->length)
1567 {
1568 s2n(authp->length,p);
1569 memcpy(p, authp->data, authp->length);
1570 p+= authp->length;
1571 n+= authp->length + 2;
1572
1573 free(authp->data);
1574 authp->data = NULL;
1575 authp->length = 0;
1576 }
1577 else
1578 {
1579 s2n(0,p);/* null authenticator length */
1580 n+=2;
1581 }
1582
1583 if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0)
1584 goto err;
1585
1586 /* 20010420 VRS. Tried it this way; failed.
1587 ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
1588 ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
1589 ** kssl_ctx->length);
1590 ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
1591 */
1592
1593 memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
1594 EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
1595 kssl_ctx->key,iv);
1596 EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
1597 SSL_MAX_MASTER_KEY_LENGTH);
1598 EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
1599 outl += padl;
1600 die(outl <= sizeof epms);
1601 EVP_CIPHER_CTX_cleanup(&ciph_ctx);
1602
1603 /* KerberosWrapper.EncryptedPreMasterSecret */
1604 s2n(outl,p);
1605 memcpy(p, epms, outl);
1606 p+=outl;
1607 n+=outl + 2;
1608
1609 s->session->master_key_length=
1610 s->method->ssl3_enc->generate_master_secret(s,
1611 s->session->master_key,
1612 tmp_buf, SSL_MAX_MASTER_KEY_LENGTH);
1613
1614 memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH);
1615 memset(epms, 0, outl);
1616 }
1617#endif
1618#ifndef OPENSSL_NO_DH
1619 else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1620 {
1621 DH *dh_srvr,*dh_clnt;
1622
1623 if (s->session->sess_cert->peer_dh_tmp != NULL)
1624 dh_srvr=s->session->sess_cert->peer_dh_tmp;
1625 else
1626 {
1627 /* we get them from the cert */
1628 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1629 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
1630 goto err;
1631 }
1632
1633 /* generate a new random key */
1634 if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
1635 {
1636 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1637 goto err;
1638 }
1639 if (!DH_generate_key(dh_clnt))
1640 {
1641 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1642 goto err;
1643 }
1644
1645 /* use the 'p' output buffer for the DH key, but
1646 * make sure to clear it out afterwards */
1647
1648 n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
1649
1650 if (n <= 0)
1651 {
1652 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1653 goto err;
1654 }
1655
1656 /* generate master key from the result */
1657 s->session->master_key_length=
1658 s->method->ssl3_enc->generate_master_secret(s,
1659 s->session->master_key,p,n);
1660 /* clean up */
1661 memset(p,0,n);
1662
1663 /* send off the data */
1664 n=BN_num_bytes(dh_clnt->pub_key);
1665 s2n(n,p);
1666 BN_bn2bin(dh_clnt->pub_key,p);
1667 n+=2;
1668
1669 DH_free(dh_clnt);
1670
1671 /* perhaps clean things up a bit EAY EAY EAY EAY*/
1672 }
1673#endif
1674 else
1675 {
1676 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1677 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1678 goto err;
1679 }
1680
1681 *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
1682 l2n3(n,d);
1683
1684 s->state=SSL3_ST_CW_KEY_EXCH_B;
1685 /* number of bytes to write */
1686 s->init_num=n+4;
1687 s->init_off=0;
1688 }
1689
1690 /* SSL3_ST_CW_KEY_EXCH_B */
1691 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1692err:
1693 return(-1);
1694 }
1695
1696static int ssl3_send_client_verify(SSL *s)
1697 {
1698 unsigned char *p,*d;
1699 unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
1700 EVP_PKEY *pkey;
1701#ifndef OPENSSL_NO_RSA
1702 unsigned u=0;
1703#endif
1704 unsigned long n;
1705#ifndef OPENSSL_NO_DSA
1706 int j;
1707#endif
1708
1709 if (s->state == SSL3_ST_CW_CERT_VRFY_A)
1710 {
1711 d=(unsigned char *)s->init_buf->data;
1712 p= &(d[4]);
1713 pkey=s->cert->key->privatekey;
1714
1715 s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
1716 &(data[MD5_DIGEST_LENGTH]));
1717
1718#ifndef OPENSSL_NO_RSA
1719 if (pkey->type == EVP_PKEY_RSA)
1720 {
1721 s->method->ssl3_enc->cert_verify_mac(s,
1722 &(s->s3->finish_dgst1),&(data[0]));
1723 if (RSA_sign(NID_md5_sha1, data,
1724 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1725 &(p[2]), &u, pkey->pkey.rsa) <= 0 )
1726 {
1727 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
1728 goto err;
1729 }
1730 s2n(u,p);
1731 n=u+2;
1732 }
1733 else
1734#endif
1735#ifndef OPENSSL_NO_DSA
1736 if (pkey->type == EVP_PKEY_DSA)
1737 {
1738 if (!DSA_sign(pkey->save_type,
1739 &(data[MD5_DIGEST_LENGTH]),
1740 SHA_DIGEST_LENGTH,&(p[2]),
1741 (unsigned int *)&j,pkey->pkey.dsa))
1742 {
1743 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
1744 goto err;
1745 }
1746 s2n(j,p);
1747 n=j+2;
1748 }
1749 else
1750#endif
1751 {
1752 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
1753 goto err;
1754 }
1755 *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
1756 l2n3(n,d);
1757
1758 s->init_num=(int)n+4;
1759 s->init_off=0;
1760 }
1761 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1762err:
1763 return(-1);
1764 }
1765
1766static int ssl3_send_client_certificate(SSL *s)
1767 {
1768 X509 *x509=NULL;
1769 EVP_PKEY *pkey=NULL;
1770 int i;
1771 unsigned long l;
1772
1773 if (s->state == SSL3_ST_CW_CERT_A)
1774 {
1775 if ((s->cert == NULL) ||
1776 (s->cert->key->x509 == NULL) ||
1777 (s->cert->key->privatekey == NULL))
1778 s->state=SSL3_ST_CW_CERT_B;
1779 else
1780 s->state=SSL3_ST_CW_CERT_C;
1781 }
1782
1783 /* We need to get a client cert */
1784 if (s->state == SSL3_ST_CW_CERT_B)
1785 {
1786 /* If we get an error, we need to
1787 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
1788 * We then get retied later */
1789 i=0;
1790 if (s->ctx->client_cert_cb != NULL)
1791 i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
1792 if (i < 0)
1793 {
1794 s->rwstate=SSL_X509_LOOKUP;
1795 return(-1);
1796 }
1797 s->rwstate=SSL_NOTHING;
1798 if ((i == 1) && (pkey != NULL) && (x509 != NULL))
1799 {
1800 s->state=SSL3_ST_CW_CERT_B;
1801 if ( !SSL_use_certificate(s,x509) ||
1802 !SSL_use_PrivateKey(s,pkey))
1803 i=0;
1804 }
1805 else if (i == 1)
1806 {
1807 i=0;
1808 SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
1809 }
1810
1811 if (x509 != NULL) X509_free(x509);
1812 if (pkey != NULL) EVP_PKEY_free(pkey);
1813 if (i == 0)
1814 {
1815 if (s->version == SSL3_VERSION)
1816 {
1817 s->s3->tmp.cert_req=0;
1818 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
1819 return(1);
1820 }
1821 else
1822 {
1823 s->s3->tmp.cert_req=2;
1824 }
1825 }
1826
1827 /* Ok, we have a cert */
1828 s->state=SSL3_ST_CW_CERT_C;
1829 }
1830
1831 if (s->state == SSL3_ST_CW_CERT_C)
1832 {
1833 s->state=SSL3_ST_CW_CERT_D;
1834 l=ssl3_output_cert_chain(s,
1835 (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
1836 s->init_num=(int)l;
1837 s->init_off=0;
1838 }
1839 /* SSL3_ST_CW_CERT_D */
1840 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1841 }
1842
1843#define has_bits(i,m) (((i)&(m)) == (m))
1844
1845static int ssl3_check_cert_and_algorithm(SSL *s)
1846 {
1847 int i,idx;
1848 long algs;
1849 EVP_PKEY *pkey=NULL;
1850 SESS_CERT *sc;
1851#ifndef OPENSSL_NO_RSA
1852 RSA *rsa;
1853#endif
1854#ifndef OPENSSL_NO_DH
1855 DH *dh;
1856#endif
1857
1858 sc=s->session->sess_cert;
1859
1860 if (sc == NULL)
1861 {
1862 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
1863 goto err;
1864 }
1865
1866 algs=s->s3->tmp.new_cipher->algorithms;
1867
1868 /* we don't have a certificate */
1869 if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
1870 return(1);
1871
1872#ifndef OPENSSL_NO_RSA
1873 rsa=s->session->sess_cert->peer_rsa_tmp;
1874#endif
1875#ifndef OPENSSL_NO_DH
1876 dh=s->session->sess_cert->peer_dh_tmp;
1877#endif
1878
1879 /* This is the passed certificate */
1880
1881 idx=sc->peer_cert_type;
1882 pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
1883 i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
1884 EVP_PKEY_free(pkey);
1885
1886
1887 /* Check that we have a certificate if we require one */
1888 if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
1889 {
1890 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
1891 goto f_err;
1892 }
1893#ifndef OPENSSL_NO_DSA
1894 else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
1895 {
1896 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
1897 goto f_err;
1898 }
1899#endif
1900#ifndef OPENSSL_NO_RSA
1901 if ((algs & SSL_kRSA) &&
1902 !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
1903 {
1904 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
1905 goto f_err;
1906 }
1907#endif
1908#ifndef OPENSSL_NO_DH
1909 if ((algs & SSL_kEDH) &&
1910 !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
1911 {
1912 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
1913 goto f_err;
1914 }
1915 else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
1916 {
1917 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
1918 goto f_err;
1919 }
1920#ifndef OPENSSL_NO_DSA
1921 else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
1922 {
1923 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
1924 goto f_err;
1925 }
1926#endif
1927#endif
1928
1929 if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
1930 {
1931#ifndef OPENSSL_NO_RSA
1932 if (algs & SSL_kRSA)
1933 {
1934 if (rsa == NULL
1935 || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
1936 {
1937 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
1938 goto f_err;
1939 }
1940 }
1941 else
1942#endif
1943#ifndef OPENSSL_NO_DH
1944 if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1945 {
1946 if (dh == NULL
1947 || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
1948 {
1949 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
1950 goto f_err;
1951 }
1952 }
1953 else
1954#endif
1955 {
1956 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1957 goto f_err;
1958 }
1959 }
1960 return(1);
1961f_err:
1962 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1963err:
1964 return(0);
1965 }
1966
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
new file mode 100644
index 0000000000..838071b16b
--- /dev/null
+++ b/src/lib/libssl/s3_lib.c
@@ -0,0 +1,1682 @@
1/* ssl/s3_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/objects.h>
114#include "ssl_locl.h"
115#include "kssl_lcl.h"
116#include <openssl/md5.h>
117
118const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
119
120#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
121
122static long ssl3_default_timeout(void );
123
124OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
125/* The RSA ciphers */
126/* Cipher 01 */
127 {
128 1,
129 SSL3_TXT_RSA_NULL_MD5,
130 SSL3_CK_RSA_NULL_MD5,
131 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
132 SSL_NOT_EXP,
133 0,
134 0,
135 0,
136 SSL_ALL_CIPHERS,
137 SSL_ALL_STRENGTHS,
138 },
139/* Cipher 02 */
140 {
141 1,
142 SSL3_TXT_RSA_NULL_SHA,
143 SSL3_CK_RSA_NULL_SHA,
144 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
145 SSL_NOT_EXP,
146 0,
147 0,
148 0,
149 SSL_ALL_CIPHERS,
150 SSL_ALL_STRENGTHS,
151 },
152
153/* anon DH */
154/* Cipher 17 */
155 {
156 1,
157 SSL3_TXT_ADH_RC4_40_MD5,
158 SSL3_CK_ADH_RC4_40_MD5,
159 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
160 SSL_EXPORT|SSL_EXP40,
161 0,
162 40,
163 128,
164 SSL_ALL_CIPHERS,
165 SSL_ALL_STRENGTHS,
166 },
167/* Cipher 18 */
168 {
169 1,
170 SSL3_TXT_ADH_RC4_128_MD5,
171 SSL3_CK_ADH_RC4_128_MD5,
172 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
173 SSL_NOT_EXP|SSL_MEDIUM,
174 0,
175 128,
176 128,
177 SSL_ALL_CIPHERS,
178 SSL_ALL_STRENGTHS,
179 },
180/* Cipher 19 */
181 {
182 1,
183 SSL3_TXT_ADH_DES_40_CBC_SHA,
184 SSL3_CK_ADH_DES_40_CBC_SHA,
185 SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
186 SSL_EXPORT|SSL_EXP40,
187 0,
188 40,
189 128,
190 SSL_ALL_CIPHERS,
191 SSL_ALL_STRENGTHS,
192 },
193/* Cipher 1A */
194 {
195 1,
196 SSL3_TXT_ADH_DES_64_CBC_SHA,
197 SSL3_CK_ADH_DES_64_CBC_SHA,
198 SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3,
199 SSL_NOT_EXP|SSL_LOW,
200 0,
201 56,
202 56,
203 SSL_ALL_CIPHERS,
204 SSL_ALL_STRENGTHS,
205 },
206/* Cipher 1B */
207 {
208 1,
209 SSL3_TXT_ADH_DES_192_CBC_SHA,
210 SSL3_CK_ADH_DES_192_CBC_SHA,
211 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
212 SSL_NOT_EXP|SSL_HIGH,
213 0,
214 168,
215 168,
216 SSL_ALL_CIPHERS,
217 SSL_ALL_STRENGTHS,
218 },
219
220/* RSA again */
221/* Cipher 03 */
222 {
223 1,
224 SSL3_TXT_RSA_RC4_40_MD5,
225 SSL3_CK_RSA_RC4_40_MD5,
226 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
227 SSL_EXPORT|SSL_EXP40,
228 0,
229 40,
230 128,
231 SSL_ALL_CIPHERS,
232 SSL_ALL_STRENGTHS,
233 },
234/* Cipher 04 */
235 {
236 1,
237 SSL3_TXT_RSA_RC4_128_MD5,
238 SSL3_CK_RSA_RC4_128_MD5,
239 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_SSLV3,
240 SSL_NOT_EXP|SSL_MEDIUM,
241 0,
242 128,
243 128,
244 SSL_ALL_CIPHERS,
245 SSL_ALL_STRENGTHS,
246 },
247/* Cipher 05 */
248 {
249 1,
250 SSL3_TXT_RSA_RC4_128_SHA,
251 SSL3_CK_RSA_RC4_128_SHA,
252 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_SSLV3,
253 SSL_NOT_EXP|SSL_MEDIUM,
254 0,
255 128,
256 128,
257 SSL_ALL_CIPHERS,
258 SSL_ALL_STRENGTHS,
259 },
260/* Cipher 06 */
261 {
262 1,
263 SSL3_TXT_RSA_RC2_40_MD5,
264 SSL3_CK_RSA_RC2_40_MD5,
265 SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_SSLV3,
266 SSL_EXPORT|SSL_EXP40,
267 0,
268 40,
269 128,
270 SSL_ALL_CIPHERS,
271 SSL_ALL_STRENGTHS,
272 },
273/* Cipher 07 */
274#ifndef OPENSSL_NO_IDEA
275 {
276 1,
277 SSL3_TXT_RSA_IDEA_128_SHA,
278 SSL3_CK_RSA_IDEA_128_SHA,
279 SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
280 SSL_NOT_EXP|SSL_MEDIUM,
281 0,
282 128,
283 128,
284 SSL_ALL_CIPHERS,
285 SSL_ALL_STRENGTHS,
286 },
287#endif
288/* Cipher 08 */
289 {
290 1,
291 SSL3_TXT_RSA_DES_40_CBC_SHA,
292 SSL3_CK_RSA_DES_40_CBC_SHA,
293 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
294 SSL_EXPORT|SSL_EXP40,
295 0,
296 40,
297 56,
298 SSL_ALL_CIPHERS,
299 SSL_ALL_STRENGTHS,
300 },
301/* Cipher 09 */
302 {
303 1,
304 SSL3_TXT_RSA_DES_64_CBC_SHA,
305 SSL3_CK_RSA_DES_64_CBC_SHA,
306 SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
307 SSL_NOT_EXP|SSL_LOW,
308 0,
309 56,
310 56,
311 SSL_ALL_CIPHERS,
312 SSL_ALL_STRENGTHS,
313 },
314/* Cipher 0A */
315 {
316 1,
317 SSL3_TXT_RSA_DES_192_CBC3_SHA,
318 SSL3_CK_RSA_DES_192_CBC3_SHA,
319 SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
320 SSL_NOT_EXP|SSL_HIGH,
321 0,
322 168,
323 168,
324 SSL_ALL_CIPHERS,
325 SSL_ALL_STRENGTHS,
326 },
327
328/* The DH ciphers */
329/* Cipher 0B */
330 {
331 0,
332 SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
333 SSL3_CK_DH_DSS_DES_40_CBC_SHA,
334 SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
335 SSL_EXPORT|SSL_EXP40,
336 0,
337 40,
338 56,
339 SSL_ALL_CIPHERS,
340 SSL_ALL_STRENGTHS,
341 },
342/* Cipher 0C */
343 {
344 0,
345 SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
346 SSL3_CK_DH_DSS_DES_64_CBC_SHA,
347 SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
348 SSL_NOT_EXP|SSL_LOW,
349 0,
350 56,
351 56,
352 SSL_ALL_CIPHERS,
353 SSL_ALL_STRENGTHS,
354 },
355/* Cipher 0D */
356 {
357 0,
358 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
359 SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
360 SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
361 SSL_NOT_EXP|SSL_HIGH,
362 0,
363 168,
364 168,
365 SSL_ALL_CIPHERS,
366 SSL_ALL_STRENGTHS,
367 },
368/* Cipher 0E */
369 {
370 0,
371 SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
372 SSL3_CK_DH_RSA_DES_40_CBC_SHA,
373 SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
374 SSL_EXPORT|SSL_EXP40,
375 0,
376 40,
377 56,
378 SSL_ALL_CIPHERS,
379 SSL_ALL_STRENGTHS,
380 },
381/* Cipher 0F */
382 {
383 0,
384 SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
385 SSL3_CK_DH_RSA_DES_64_CBC_SHA,
386 SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
387 SSL_NOT_EXP|SSL_LOW,
388 0,
389 56,
390 56,
391 SSL_ALL_CIPHERS,
392 SSL_ALL_STRENGTHS,
393 },
394/* Cipher 10 */
395 {
396 0,
397 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
398 SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
399 SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
400 SSL_NOT_EXP|SSL_HIGH,
401 0,
402 168,
403 168,
404 SSL_ALL_CIPHERS,
405 SSL_ALL_STRENGTHS,
406 },
407
408/* The Ephemeral DH ciphers */
409/* Cipher 11 */
410 {
411 1,
412 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
413 SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
414 SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
415 SSL_EXPORT|SSL_EXP40,
416 0,
417 40,
418 56,
419 SSL_ALL_CIPHERS,
420 SSL_ALL_STRENGTHS,
421 },
422/* Cipher 12 */
423 {
424 1,
425 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
426 SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
427 SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3,
428 SSL_NOT_EXP|SSL_LOW,
429 0,
430 56,
431 56,
432 SSL_ALL_CIPHERS,
433 SSL_ALL_STRENGTHS,
434 },
435/* Cipher 13 */
436 {
437 1,
438 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
439 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
440 SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
441 SSL_NOT_EXP|SSL_HIGH,
442 0,
443 168,
444 168,
445 SSL_ALL_CIPHERS,
446 SSL_ALL_STRENGTHS,
447 },
448/* Cipher 14 */
449 {
450 1,
451 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
452 SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
453 SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
454 SSL_EXPORT|SSL_EXP40,
455 0,
456 40,
457 56,
458 SSL_ALL_CIPHERS,
459 SSL_ALL_STRENGTHS,
460 },
461/* Cipher 15 */
462 {
463 1,
464 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
465 SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
466 SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
467 SSL_NOT_EXP|SSL_LOW,
468 0,
469 56,
470 56,
471 SSL_ALL_CIPHERS,
472 SSL_ALL_STRENGTHS,
473 },
474/* Cipher 16 */
475 {
476 1,
477 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
478 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
479 SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
480 SSL_NOT_EXP|SSL_HIGH,
481 0,
482 168,
483 168,
484 SSL_ALL_CIPHERS,
485 SSL_ALL_STRENGTHS,
486 },
487
488/* Fortezza */
489/* Cipher 1C */
490 {
491 0,
492 SSL3_TXT_FZA_DMS_NULL_SHA,
493 SSL3_CK_FZA_DMS_NULL_SHA,
494 SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
495 SSL_NOT_EXP,
496 0,
497 0,
498 0,
499 SSL_ALL_CIPHERS,
500 SSL_ALL_STRENGTHS,
501 },
502
503/* Cipher 1D */
504 {
505 0,
506 SSL3_TXT_FZA_DMS_FZA_SHA,
507 SSL3_CK_FZA_DMS_FZA_SHA,
508 SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
509 SSL_NOT_EXP,
510 0,
511 0,
512 0,
513 SSL_ALL_CIPHERS,
514 SSL_ALL_STRENGTHS,
515 },
516
517/* Cipher 1E */
518 {
519 0,
520 SSL3_TXT_FZA_DMS_RC4_SHA,
521 SSL3_CK_FZA_DMS_RC4_SHA,
522 SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3,
523 SSL_NOT_EXP|SSL_MEDIUM,
524 0,
525 128,
526 128,
527 SSL_ALL_CIPHERS,
528 SSL_ALL_STRENGTHS,
529 },
530
531#ifndef OPENSSL_NO_KRB5
532/* The Kerberos ciphers
533** 20000107 VRS: And the first shall be last,
534** in hopes of avoiding the lynx ssl renegotiation problem.
535*/
536/* Cipher 21 VRS */
537 {
538 1,
539 SSL3_TXT_KRB5_DES_40_CBC_SHA,
540 SSL3_CK_KRB5_DES_40_CBC_SHA,
541 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
542 SSL_EXPORT|SSL_EXP40,
543 0,
544 40,
545 56,
546 SSL_ALL_CIPHERS,
547 SSL_ALL_STRENGTHS,
548 },
549
550/* Cipher 22 VRS */
551 {
552 1,
553 SSL3_TXT_KRB5_DES_40_CBC_MD5,
554 SSL3_CK_KRB5_DES_40_CBC_MD5,
555 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
556 SSL_EXPORT|SSL_EXP40,
557 0,
558 40,
559 56,
560 SSL_ALL_CIPHERS,
561 SSL_ALL_STRENGTHS,
562 },
563
564/* Cipher 23 VRS */
565 {
566 1,
567 SSL3_TXT_KRB5_DES_64_CBC_SHA,
568 SSL3_CK_KRB5_DES_64_CBC_SHA,
569 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
570 SSL_NOT_EXP|SSL_LOW,
571 0,
572 56,
573 56,
574 SSL_ALL_CIPHERS,
575 SSL_ALL_STRENGTHS,
576 },
577
578/* Cipher 24 VRS */
579 {
580 1,
581 SSL3_TXT_KRB5_DES_64_CBC_MD5,
582 SSL3_CK_KRB5_DES_64_CBC_MD5,
583 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
584 SSL_NOT_EXP|SSL_LOW,
585 0,
586 56,
587 56,
588 SSL_ALL_CIPHERS,
589 SSL_ALL_STRENGTHS,
590 },
591
592/* Cipher 25 VRS */
593 {
594 1,
595 SSL3_TXT_KRB5_DES_192_CBC3_SHA,
596 SSL3_CK_KRB5_DES_192_CBC3_SHA,
597 SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3,
598 SSL_NOT_EXP|SSL_HIGH,
599 0,
600 112,
601 168,
602 SSL_ALL_CIPHERS,
603 SSL_ALL_STRENGTHS,
604 },
605
606/* Cipher 26 VRS */
607 {
608 1,
609 SSL3_TXT_KRB5_DES_192_CBC3_MD5,
610 SSL3_CK_KRB5_DES_192_CBC3_MD5,
611 SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3,
612 SSL_NOT_EXP|SSL_HIGH,
613 0,
614 112,
615 168,
616 SSL_ALL_CIPHERS,
617 SSL_ALL_STRENGTHS,
618 },
619#endif /* OPENSSL_NO_KRB5 */
620
621
622#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
623 /* New TLS Export CipherSuites */
624 /* Cipher 60 */
625 {
626 1,
627 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
628 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
629 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
630 SSL_EXPORT|SSL_EXP56,
631 0,
632 56,
633 128,
634 SSL_ALL_CIPHERS,
635 SSL_ALL_STRENGTHS,
636 },
637 /* Cipher 61 */
638 {
639 1,
640 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
641 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
642 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
643 SSL_EXPORT|SSL_EXP56,
644 0,
645 56,
646 128,
647 SSL_ALL_CIPHERS,
648 SSL_ALL_STRENGTHS,
649 },
650 /* Cipher 62 */
651 {
652 1,
653 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
654 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
655 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
656 SSL_EXPORT|SSL_EXP56,
657 0,
658 56,
659 56,
660 SSL_ALL_CIPHERS,
661 SSL_ALL_STRENGTHS,
662 },
663 /* Cipher 63 */
664 {
665 1,
666 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
667 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
668 SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
669 SSL_EXPORT|SSL_EXP56,
670 0,
671 56,
672 56,
673 SSL_ALL_CIPHERS,
674 SSL_ALL_STRENGTHS,
675 },
676 /* Cipher 64 */
677 {
678 1,
679 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
680 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
681 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
682 SSL_EXPORT|SSL_EXP56,
683 0,
684 56,
685 128,
686 SSL_ALL_CIPHERS,
687 SSL_ALL_STRENGTHS,
688 },
689 /* Cipher 65 */
690 {
691 1,
692 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
693 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
694 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
695 SSL_EXPORT|SSL_EXP56,
696 0,
697 56,
698 128,
699 SSL_ALL_CIPHERS,
700 SSL_ALL_STRENGTHS,
701 },
702 /* Cipher 66 */
703 {
704 1,
705 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
706 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
707 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
708 SSL_NOT_EXP|SSL_MEDIUM,
709 0,
710 128,
711 128,
712 SSL_ALL_CIPHERS,
713 SSL_ALL_STRENGTHS
714 },
715#endif
716 /* New AES ciphersuites */
717
718 /* Cipher 2F */
719 {
720 1,
721 TLS1_TXT_RSA_WITH_AES_128_SHA,
722 TLS1_CK_RSA_WITH_AES_128_SHA,
723 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
724 SSL_NOT_EXP|SSL_MEDIUM,
725 0,
726 128,
727 128,
728 SSL_ALL_CIPHERS,
729 SSL_ALL_STRENGTHS,
730 },
731 /* Cipher 30 */
732 {
733 0,
734 TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
735 TLS1_CK_DH_DSS_WITH_AES_128_SHA,
736 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
737 SSL_NOT_EXP|SSL_MEDIUM,
738 0,
739 128,
740 128,
741 SSL_ALL_CIPHERS,
742 SSL_ALL_STRENGTHS,
743 },
744 /* Cipher 31 */
745 {
746 0,
747 TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
748 TLS1_CK_DH_RSA_WITH_AES_128_SHA,
749 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
750 SSL_NOT_EXP|SSL_MEDIUM,
751 0,
752 128,
753 128,
754 SSL_ALL_CIPHERS,
755 SSL_ALL_STRENGTHS,
756 },
757 /* Cipher 32 */
758 {
759 1,
760 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
761 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
762 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
763 SSL_NOT_EXP|SSL_MEDIUM,
764 0,
765 128,
766 128,
767 SSL_ALL_CIPHERS,
768 SSL_ALL_STRENGTHS,
769 },
770 /* Cipher 33 */
771 {
772 1,
773 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
774 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
775 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
776 SSL_NOT_EXP|SSL_MEDIUM,
777 0,
778 128,
779 128,
780 SSL_ALL_CIPHERS,
781 SSL_ALL_STRENGTHS,
782 },
783 /* Cipher 34 */
784 {
785 1,
786 TLS1_TXT_ADH_WITH_AES_128_SHA,
787 TLS1_CK_ADH_WITH_AES_128_SHA,
788 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
789 SSL_NOT_EXP|SSL_MEDIUM,
790 0,
791 128,
792 128,
793 SSL_ALL_CIPHERS,
794 SSL_ALL_STRENGTHS,
795 },
796
797 /* Cipher 35 */
798 {
799 1,
800 TLS1_TXT_RSA_WITH_AES_256_SHA,
801 TLS1_CK_RSA_WITH_AES_256_SHA,
802 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
803 SSL_NOT_EXP|SSL_HIGH,
804 0,
805 256,
806 256,
807 SSL_ALL_CIPHERS,
808 SSL_ALL_STRENGTHS,
809 },
810 /* Cipher 36 */
811 {
812 0,
813 TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
814 TLS1_CK_DH_DSS_WITH_AES_256_SHA,
815 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
816 SSL_NOT_EXP|SSL_HIGH,
817 0,
818 256,
819 256,
820 SSL_ALL_CIPHERS,
821 SSL_ALL_STRENGTHS,
822 },
823 /* Cipher 37 */
824 {
825 0,
826 TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
827 TLS1_CK_DH_RSA_WITH_AES_256_SHA,
828 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
829 SSL_NOT_EXP|SSL_HIGH,
830 0,
831 256,
832 256,
833 SSL_ALL_CIPHERS,
834 SSL_ALL_STRENGTHS,
835 },
836 /* Cipher 38 */
837 {
838 1,
839 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
840 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
841 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
842 SSL_NOT_EXP|SSL_HIGH,
843 0,
844 256,
845 256,
846 SSL_ALL_CIPHERS,
847 SSL_ALL_STRENGTHS,
848 },
849 /* Cipher 39 */
850 {
851 1,
852 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
853 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
854 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
855 SSL_NOT_EXP|SSL_HIGH,
856 0,
857 256,
858 256,
859 SSL_ALL_CIPHERS,
860 SSL_ALL_STRENGTHS,
861 },
862 /* Cipher 3A */
863 {
864 1,
865 TLS1_TXT_ADH_WITH_AES_256_SHA,
866 TLS1_CK_ADH_WITH_AES_256_SHA,
867 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
868 SSL_NOT_EXP|SSL_HIGH,
869 0,
870 256,
871 256,
872 SSL_ALL_CIPHERS,
873 SSL_ALL_STRENGTHS,
874 },
875
876/* end of list */
877 };
878
879static SSL3_ENC_METHOD SSLv3_enc_data={
880 ssl3_enc,
881 ssl3_mac,
882 ssl3_setup_key_block,
883 ssl3_generate_master_secret,
884 ssl3_change_cipher_state,
885 ssl3_final_finish_mac,
886 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
887 ssl3_cert_verify_mac,
888 SSL3_MD_CLIENT_FINISHED_CONST,4,
889 SSL3_MD_SERVER_FINISHED_CONST,4,
890 ssl3_alert_code,
891 };
892
893static SSL_METHOD SSLv3_data= {
894 SSL3_VERSION,
895 ssl3_new,
896 ssl3_clear,
897 ssl3_free,
898 ssl_undefined_function,
899 ssl_undefined_function,
900 ssl3_read,
901 ssl3_peek,
902 ssl3_write,
903 ssl3_shutdown,
904 ssl3_renegotiate,
905 ssl3_renegotiate_check,
906 ssl3_ctrl,
907 ssl3_ctx_ctrl,
908 ssl3_get_cipher_by_char,
909 ssl3_put_cipher_by_char,
910 ssl3_pending,
911 ssl3_num_ciphers,
912 ssl3_get_cipher,
913 ssl_bad_method,
914 ssl3_default_timeout,
915 &SSLv3_enc_data,
916 ssl_undefined_function,
917 ssl3_callback_ctrl,
918 ssl3_ctx_callback_ctrl,
919 };
920
921static long ssl3_default_timeout(void)
922 {
923 /* 2 hours, the 24 hours mentioned in the SSLv3 spec
924 * is way too long for http, the cache would over fill */
925 return(60*60*2);
926 }
927
928SSL_METHOD *sslv3_base_method(void)
929 {
930 return(&SSLv3_data);
931 }
932
933int ssl3_num_ciphers(void)
934 {
935 return(SSL3_NUM_CIPHERS);
936 }
937
938SSL_CIPHER *ssl3_get_cipher(unsigned int u)
939 {
940 if (u < SSL3_NUM_CIPHERS)
941 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
942 else
943 return(NULL);
944 }
945
946int ssl3_pending(SSL *s)
947 {
948 if (s->rstate == SSL_ST_READ_BODY)
949 return 0;
950
951 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
952 }
953
954int ssl3_new(SSL *s)
955 {
956 SSL3_STATE *s3;
957
958 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
959 memset(s3,0,sizeof *s3);
960 EVP_MD_CTX_init(&s3->finish_dgst1);
961 EVP_MD_CTX_init(&s3->finish_dgst2);
962
963 s->s3=s3;
964
965 s->method->ssl_clear(s);
966 return(1);
967err:
968 return(0);
969 }
970
971void ssl3_free(SSL *s)
972 {
973 if(s == NULL)
974 return;
975
976 ssl3_cleanup_key_block(s);
977 if (s->s3->rbuf.buf != NULL)
978 OPENSSL_free(s->s3->rbuf.buf);
979 if (s->s3->wbuf.buf != NULL)
980 OPENSSL_free(s->s3->wbuf.buf);
981 if (s->s3->rrec.comp != NULL)
982 OPENSSL_free(s->s3->rrec.comp);
983#ifndef OPENSSL_NO_DH
984 if (s->s3->tmp.dh != NULL)
985 DH_free(s->s3->tmp.dh);
986#endif
987 if (s->s3->tmp.ca_names != NULL)
988 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
989 EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
990 EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
991 memset(s->s3,0,sizeof *s->s3);
992 OPENSSL_free(s->s3);
993 s->s3=NULL;
994 }
995
996void ssl3_clear(SSL *s)
997 {
998 unsigned char *rp,*wp;
999 size_t rlen, wlen;
1000
1001 ssl3_cleanup_key_block(s);
1002 if (s->s3->tmp.ca_names != NULL)
1003 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1004
1005 if (s->s3->rrec.comp != NULL)
1006 {
1007 OPENSSL_free(s->s3->rrec.comp);
1008 s->s3->rrec.comp=NULL;
1009 }
1010#ifndef OPENSSL_NO_DH
1011 if (s->s3->tmp.dh != NULL)
1012 DH_free(s->s3->tmp.dh);
1013#endif
1014
1015 rp = s->s3->rbuf.buf;
1016 wp = s->s3->wbuf.buf;
1017 rlen = s->s3->rbuf.len;
1018 wlen = s->s3->wbuf.len;
1019
1020 EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1021 EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1022
1023 memset(s->s3,0,sizeof *s->s3);
1024 s->s3->rbuf.buf = rp;
1025 s->s3->wbuf.buf = wp;
1026 s->s3->rbuf.len = rlen;
1027 s->s3->wbuf.len = wlen;
1028
1029 ssl_free_wbio_buffer(s);
1030
1031 s->packet_length=0;
1032 s->s3->renegotiate=0;
1033 s->s3->total_renegotiations=0;
1034 s->s3->num_renegotiations=0;
1035 s->s3->in_read_app_data=0;
1036 s->version=SSL3_VERSION;
1037 }
1038
1039long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1040 {
1041 int ret=0;
1042
1043#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1044 if (
1045#ifndef OPENSSL_NO_RSA
1046 cmd == SSL_CTRL_SET_TMP_RSA ||
1047 cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1048#endif
1049#ifndef OPENSSL_NO_DSA
1050 cmd == SSL_CTRL_SET_TMP_DH ||
1051 cmd == SSL_CTRL_SET_TMP_DH_CB ||
1052#endif
1053 0)
1054 {
1055 if (!ssl_cert_inst(&s->cert))
1056 {
1057 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1058 return(0);
1059 }
1060 }
1061#endif
1062
1063 switch (cmd)
1064 {
1065 case SSL_CTRL_GET_SESSION_REUSED:
1066 ret=s->hit;
1067 break;
1068 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1069 break;
1070 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1071 ret=s->s3->num_renegotiations;
1072 break;
1073 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1074 ret=s->s3->num_renegotiations;
1075 s->s3->num_renegotiations=0;
1076 break;
1077 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1078 ret=s->s3->total_renegotiations;
1079 break;
1080 case SSL_CTRL_GET_FLAGS:
1081 ret=(int)(s->s3->flags);
1082 break;
1083#ifndef OPENSSL_NO_RSA
1084 case SSL_CTRL_NEED_TMP_RSA:
1085 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1086 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1087 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1088 ret = 1;
1089 break;
1090 case SSL_CTRL_SET_TMP_RSA:
1091 {
1092 RSA *rsa = (RSA *)parg;
1093 if (rsa == NULL)
1094 {
1095 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1096 return(ret);
1097 }
1098 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1099 {
1100 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1101 return(ret);
1102 }
1103 if (s->cert->rsa_tmp != NULL)
1104 RSA_free(s->cert->rsa_tmp);
1105 s->cert->rsa_tmp = rsa;
1106 ret = 1;
1107 }
1108 break;
1109 case SSL_CTRL_SET_TMP_RSA_CB:
1110 {
1111 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1112 return(ret);
1113 }
1114 break;
1115#endif
1116#ifndef OPENSSL_NO_DH
1117 case SSL_CTRL_SET_TMP_DH:
1118 {
1119 DH *dh = (DH *)parg;
1120 if (dh == NULL)
1121 {
1122 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1123 return(ret);
1124 }
1125 if ((dh = DHparams_dup(dh)) == NULL)
1126 {
1127 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1128 return(ret);
1129 }
1130 if (!(s->options & SSL_OP_SINGLE_DH_USE))
1131 {
1132 if (!DH_generate_key(dh))
1133 {
1134 DH_free(dh);
1135 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1136 return(ret);
1137 }
1138 }
1139 if (s->cert->dh_tmp != NULL)
1140 DH_free(s->cert->dh_tmp);
1141 s->cert->dh_tmp = dh;
1142 ret = 1;
1143 }
1144 break;
1145 case SSL_CTRL_SET_TMP_DH_CB:
1146 {
1147 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1148 return(ret);
1149 }
1150 break;
1151#endif
1152 default:
1153 break;
1154 }
1155 return(ret);
1156 }
1157
1158long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
1159 {
1160 int ret=0;
1161
1162#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1163 if (
1164#ifndef OPENSSL_NO_RSA
1165 cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1166#endif
1167#ifndef OPENSSL_NO_DSA
1168 cmd == SSL_CTRL_SET_TMP_DH_CB ||
1169#endif
1170 0)
1171 {
1172 if (!ssl_cert_inst(&s->cert))
1173 {
1174 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1175 return(0);
1176 }
1177 }
1178#endif
1179
1180 switch (cmd)
1181 {
1182#ifndef OPENSSL_NO_RSA
1183 case SSL_CTRL_SET_TMP_RSA_CB:
1184 {
1185 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1186 }
1187 break;
1188#endif
1189#ifndef OPENSSL_NO_DH
1190 case SSL_CTRL_SET_TMP_DH_CB:
1191 {
1192 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1193 }
1194 break;
1195#endif
1196 default:
1197 break;
1198 }
1199 return(ret);
1200 }
1201
1202long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1203 {
1204 CERT *cert;
1205
1206 cert=ctx->cert;
1207
1208 switch (cmd)
1209 {
1210#ifndef OPENSSL_NO_RSA
1211 case SSL_CTRL_NEED_TMP_RSA:
1212 if ( (cert->rsa_tmp == NULL) &&
1213 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1214 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1215 )
1216 return(1);
1217 else
1218 return(0);
1219 /* break; */
1220 case SSL_CTRL_SET_TMP_RSA:
1221 {
1222 RSA *rsa;
1223 int i;
1224
1225 rsa=(RSA *)parg;
1226 i=1;
1227 if (rsa == NULL)
1228 i=0;
1229 else
1230 {
1231 if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1232 i=0;
1233 }
1234 if (!i)
1235 {
1236 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1237 return(0);
1238 }
1239 else
1240 {
1241 if (cert->rsa_tmp != NULL)
1242 RSA_free(cert->rsa_tmp);
1243 cert->rsa_tmp=rsa;
1244 return(1);
1245 }
1246 }
1247 /* break; */
1248 case SSL_CTRL_SET_TMP_RSA_CB:
1249 {
1250 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1251 return(0);
1252 }
1253 break;
1254#endif
1255#ifndef OPENSSL_NO_DH
1256 case SSL_CTRL_SET_TMP_DH:
1257 {
1258 DH *new=NULL,*dh;
1259
1260 dh=(DH *)parg;
1261 if ((new=DHparams_dup(dh)) == NULL)
1262 {
1263 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1264 return 0;
1265 }
1266 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1267 {
1268 if (!DH_generate_key(new))
1269 {
1270 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1271 DH_free(new);
1272 return 0;
1273 }
1274 }
1275 if (cert->dh_tmp != NULL)
1276 DH_free(cert->dh_tmp);
1277 cert->dh_tmp=new;
1278 return 1;
1279 }
1280 /*break; */
1281 case SSL_CTRL_SET_TMP_DH_CB:
1282 {
1283 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1284 return(0);
1285 }
1286 break;
1287#endif
1288 /* A Thawte special :-) */
1289 case SSL_CTRL_EXTRA_CHAIN_CERT:
1290 if (ctx->extra_certs == NULL)
1291 {
1292 if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1293 return(0);
1294 }
1295 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1296 break;
1297
1298 default:
1299 return(0);
1300 }
1301 return(1);
1302 }
1303
1304long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1305 {
1306 CERT *cert;
1307
1308 cert=ctx->cert;
1309
1310 switch (cmd)
1311 {
1312#ifndef OPENSSL_NO_RSA
1313 case SSL_CTRL_SET_TMP_RSA_CB:
1314 {
1315 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1316 }
1317 break;
1318#endif
1319#ifndef OPENSSL_NO_DH
1320 case SSL_CTRL_SET_TMP_DH_CB:
1321 {
1322 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1323 }
1324 break;
1325#endif
1326 default:
1327 return(0);
1328 }
1329 return(1);
1330 }
1331
1332/* This function needs to check if the ciphers required are actually
1333 * available */
1334SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1335 {
1336 static int init=1;
1337 static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1338 SSL_CIPHER c,*cp= &c,**cpp;
1339 unsigned long id;
1340 int i;
1341
1342 if (init)
1343 {
1344 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1345
1346 for (i=0; i<SSL3_NUM_CIPHERS; i++)
1347 sorted[i]= &(ssl3_ciphers[i]);
1348
1349 qsort( (char *)sorted,
1350 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1351 FP_ICC ssl_cipher_ptr_id_cmp);
1352
1353 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1354
1355 init=0;
1356 }
1357
1358 id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1359 c.id=id;
1360 cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1361 (char *)sorted,
1362 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1363 FP_ICC ssl_cipher_ptr_id_cmp);
1364 if ((cpp == NULL) || !(*cpp)->valid)
1365 return(NULL);
1366 else
1367 return(*cpp);
1368 }
1369
1370int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1371 {
1372 long l;
1373
1374 if (p != NULL)
1375 {
1376 l=c->id;
1377 if ((l & 0xff000000) != 0x03000000) return(0);
1378 p[0]=((unsigned char)(l>> 8L))&0xFF;
1379 p[1]=((unsigned char)(l ))&0xFF;
1380 }
1381 return(2);
1382 }
1383
1384SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
1385 STACK_OF(SSL_CIPHER) *srvr)
1386 {
1387 SSL_CIPHER *c,*ret=NULL;
1388 STACK_OF(SSL_CIPHER) *prio, *allow;
1389 int i,j,ok;
1390 CERT *cert;
1391 unsigned long alg,mask,emask;
1392
1393 /* Let's see which ciphers we can support */
1394 cert=s->cert;
1395
1396#if 0
1397 /* Do not set the compare functions, because this may lead to a
1398 * reordering by "id". We want to keep the original ordering.
1399 * We may pay a price in performance during sk_SSL_CIPHER_find(),
1400 * but would have to pay with the price of sk_SSL_CIPHER_dup().
1401 */
1402 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
1403 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
1404#endif
1405
1406#ifdef CIPHER_DEBUG
1407 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
1408 for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
1409 {
1410 c=sk_SSL_CIPHER_value(srvr,i);
1411 printf("%p:%s\n",c,c->name);
1412 }
1413 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
1414 for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
1415 {
1416 c=sk_SSL_CIPHER_value(clnt,i);
1417 printf("%p:%s\n",c,c->name);
1418 }
1419#endif
1420
1421 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
1422 {
1423 prio = srvr;
1424 allow = clnt;
1425 }
1426 else
1427 {
1428 prio = clnt;
1429 allow = srvr;
1430 }
1431
1432 for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
1433 {
1434 c=sk_SSL_CIPHER_value(prio,i);
1435
1436 ssl_set_cert_masks(cert,c);
1437 mask=cert->mask;
1438 emask=cert->export_mask;
1439
1440#ifdef KSSL_DEBUG
1441 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
1442#endif /* KSSL_DEBUG */
1443
1444 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1445#ifndef OPENSSL_NO_KRB5
1446 if (alg & SSL_KRB5)
1447 {
1448 if ( !kssl_keytab_is_available(s->kssl_ctx) )
1449 continue;
1450 }
1451#endif /* OPENSSL_NO_KRB5 */
1452 if (SSL_C_IS_EXPORT(c))
1453 {
1454 ok=((alg & emask) == alg)?1:0;
1455#ifdef CIPHER_DEBUG
1456 printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
1457 c,c->name);
1458#endif
1459 }
1460 else
1461 {
1462 ok=((alg & mask) == alg)?1:0;
1463#ifdef CIPHER_DEBUG
1464 printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
1465 c->name);
1466#endif
1467 }
1468
1469 if (!ok) continue;
1470
1471 j=sk_SSL_CIPHER_find(allow,c);
1472 if (j >= 0)
1473 {
1474 ret=sk_SSL_CIPHER_value(allow,j);
1475 break;
1476 }
1477 }
1478 return(ret);
1479 }
1480
1481int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1482 {
1483 int ret=0;
1484 unsigned long alg;
1485
1486 alg=s->s3->tmp.new_cipher->algorithms;
1487
1488#ifndef OPENSSL_NO_DH
1489 if (alg & (SSL_kDHr|SSL_kEDH))
1490 {
1491# ifndef OPENSSL_NO_RSA
1492 p[ret++]=SSL3_CT_RSA_FIXED_DH;
1493# endif
1494# ifndef OPENSSL_NO_DSA
1495 p[ret++]=SSL3_CT_DSS_FIXED_DH;
1496# endif
1497 }
1498 if ((s->version == SSL3_VERSION) &&
1499 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1500 {
1501# ifndef OPENSSL_NO_RSA
1502 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1503# endif
1504# ifndef OPENSSL_NO_DSA
1505 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1506# endif
1507 }
1508#endif /* !OPENSSL_NO_DH */
1509#ifndef OPENSSL_NO_RSA
1510 p[ret++]=SSL3_CT_RSA_SIGN;
1511#endif
1512#ifndef OPENSSL_NO_DSA
1513 p[ret++]=SSL3_CT_DSS_SIGN;
1514#endif
1515 return(ret);
1516 }
1517
1518int ssl3_shutdown(SSL *s)
1519 {
1520
1521 /* Don't do anything much if we have not done the handshake or
1522 * we don't want to send messages :-) */
1523 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
1524 {
1525 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
1526 return(1);
1527 }
1528
1529 if (!(s->shutdown & SSL_SENT_SHUTDOWN))
1530 {
1531 s->shutdown|=SSL_SENT_SHUTDOWN;
1532#if 1
1533 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
1534#endif
1535 /* our shutdown alert has been sent now, and if it still needs
1536 * to be written, s->s3->alert_dispatch will be true */
1537 }
1538 else if (s->s3->alert_dispatch)
1539 {
1540 /* resend it if not sent */
1541#if 1
1542 ssl3_dispatch_alert(s);
1543#endif
1544 }
1545 else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
1546 {
1547 /* If we are waiting for a close from our peer, we are closed */
1548 ssl3_read_bytes(s,0,NULL,0,0);
1549 }
1550
1551 if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
1552 !s->s3->alert_dispatch)
1553 return(1);
1554 else
1555 return(0);
1556 }
1557
1558int ssl3_write(SSL *s, const void *buf, int len)
1559 {
1560 int ret,n;
1561
1562#if 0
1563 if (s->shutdown & SSL_SEND_SHUTDOWN)
1564 {
1565 s->rwstate=SSL_NOTHING;
1566 return(0);
1567 }
1568#endif
1569 clear_sys_error();
1570 if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1571
1572 /* This is an experimental flag that sends the
1573 * last handshake message in the same packet as the first
1574 * use data - used to see if it helps the TCP protocol during
1575 * session-id reuse */
1576 /* The second test is because the buffer may have been removed */
1577 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
1578 {
1579 /* First time through, we write into the buffer */
1580 if (s->s3->delay_buf_pop_ret == 0)
1581 {
1582 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1583 buf,len);
1584 if (ret <= 0) return(ret);
1585
1586 s->s3->delay_buf_pop_ret=ret;
1587 }
1588
1589 s->rwstate=SSL_WRITING;
1590 n=BIO_flush(s->wbio);
1591 if (n <= 0) return(n);
1592 s->rwstate=SSL_NOTHING;
1593
1594 /* We have flushed the buffer, so remove it */
1595 ssl_free_wbio_buffer(s);
1596 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1597
1598 ret=s->s3->delay_buf_pop_ret;
1599 s->s3->delay_buf_pop_ret=0;
1600 }
1601 else
1602 {
1603 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1604 buf,len);
1605 if (ret <= 0) return(ret);
1606 }
1607
1608 return(ret);
1609 }
1610
1611static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
1612 {
1613 int ret;
1614
1615 clear_sys_error();
1616 if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1617 s->s3->in_read_app_data=1;
1618 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1619 if ((ret == -1) && (s->s3->in_read_app_data == 2))
1620 {
1621 /* ssl3_read_bytes decided to call s->handshake_func, which
1622 * called ssl3_read_bytes to read handshake data.
1623 * However, ssl3_read_bytes actually found application data
1624 * and thinks that application data makes sense here; so disable
1625 * handshake processing and try to read application data again. */
1626 s->in_handshake++;
1627 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1628 s->in_handshake--;
1629 }
1630 else
1631 s->s3->in_read_app_data=0;
1632
1633 return(ret);
1634 }
1635
1636int ssl3_read(SSL *s, void *buf, int len)
1637 {
1638 return ssl3_read_internal(s, buf, len, 0);
1639 }
1640
1641int ssl3_peek(SSL *s, void *buf, int len)
1642 {
1643 return ssl3_read_internal(s, buf, len, 1);
1644 }
1645
1646int ssl3_renegotiate(SSL *s)
1647 {
1648 if (s->handshake_func == NULL)
1649 return(1);
1650
1651 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1652 return(0);
1653
1654 s->s3->renegotiate=1;
1655 return(1);
1656 }
1657
1658int ssl3_renegotiate_check(SSL *s)
1659 {
1660 int ret=0;
1661
1662 if (s->s3->renegotiate)
1663 {
1664 if ( (s->s3->rbuf.left == 0) &&
1665 (s->s3->wbuf.left == 0) &&
1666 !SSL_in_init(s))
1667 {
1668/*
1669if we are the server, and we have sent a 'RENEGOTIATE' message, we
1670need to go to SSL_ST_ACCEPT.
1671*/
1672 /* SSL_ST_ACCEPT */
1673 s->state=SSL_ST_RENEGOTIATE;
1674 s->s3->renegotiate=0;
1675 s->s3->num_renegotiations++;
1676 s->s3->total_renegotiations++;
1677 ret=1;
1678 }
1679 }
1680 return(ret);
1681 }
1682
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
new file mode 100644
index 0000000000..43e8502b66
--- /dev/null
+++ b/src/lib/libssl/s3_pkt.c
@@ -0,0 +1,1287 @@
1/* ssl/s3_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <errno.h>
114#define USE_SOCKETS
115#include <openssl/evp.h>
116#include <openssl/buffer.h>
117#include "ssl_locl.h"
118
119static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
120 unsigned int len, int create_empty_fragment);
121static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
122 unsigned int len);
123static int ssl3_get_record(SSL *s);
124static int do_compress(SSL *ssl);
125static int do_uncompress(SSL *ssl);
126static int do_change_cipher_spec(SSL *ssl);
127
128/* used only by ssl3_get_record */
129static int ssl3_read_n(SSL *s, int n, int max, int extend)
130 {
131 /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
132 * packet by another n bytes.
133 * The packet will be in the sub-array of s->s3->rbuf.buf specified
134 * by s->packet and s->packet_length.
135 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
136 * [plus s->packet_length bytes if extend == 1].)
137 */
138 int i,off,newb;
139
140 if (!extend)
141 {
142 /* start with empty packet ... */
143 if (s->s3->rbuf.left == 0)
144 s->s3->rbuf.offset = 0;
145 s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
146 s->packet_length = 0;
147 /* ... now we can act as if 'extend' was set */
148 }
149
150 /* if there is enough in the buffer from a previous read, take some */
151 if (s->s3->rbuf.left >= (int)n)
152 {
153 s->packet_length+=n;
154 s->s3->rbuf.left-=n;
155 s->s3->rbuf.offset+=n;
156 return(n);
157 }
158
159 /* else we need to read more data */
160 if (!s->read_ahead)
161 max=n;
162
163 {
164 /* avoid buffer overflow */
165 int max_max = s->s3->rbuf.len - s->packet_length;
166 if (max > max_max)
167 max = max_max;
168 }
169 if (n > max) /* does not happen */
170 {
171 SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
172 return -1;
173 }
174
175 off = s->packet_length;
176 newb = s->s3->rbuf.left;
177 /* Move any available bytes to front of buffer:
178 * 'off' bytes already pointed to by 'packet',
179 * 'newb' extra ones at the end */
180 if (s->packet != s->s3->rbuf.buf)
181 {
182 /* off > 0 */
183 memmove(s->s3->rbuf.buf, s->packet, off+newb);
184 s->packet = s->s3->rbuf.buf;
185 }
186
187 while (newb < n)
188 {
189 /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
190 * to read in more until we have off+n (up to off+max if possible) */
191
192 clear_sys_error();
193 if (s->rbio != NULL)
194 {
195 s->rwstate=SSL_READING;
196 i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb);
197 }
198 else
199 {
200 SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
201 i = -1;
202 }
203
204 if (i <= 0)
205 {
206 s->s3->rbuf.left = newb;
207 return(i);
208 }
209 newb+=i;
210 }
211
212 /* done reading, now the book-keeping */
213 s->s3->rbuf.offset = off + n;
214 s->s3->rbuf.left = newb - n;
215 s->packet_length += n;
216 s->rwstate=SSL_NOTHING;
217 return(n);
218 }
219
220/* Call this to get a new input record.
221 * It will return <= 0 if more data is needed, normally due to an error
222 * or non-blocking IO.
223 * When it finishes, one packet has been decoded and can be found in
224 * ssl->s3->rrec.type - is the type of record
225 * ssl->s3->rrec.data, - data
226 * ssl->s3->rrec.length, - number of bytes
227 */
228/* used only by ssl3_read_bytes */
229static int ssl3_get_record(SSL *s)
230 {
231 int ssl_major,ssl_minor,al;
232 int enc_err,n,i,ret= -1;
233 SSL3_RECORD *rr;
234 SSL_SESSION *sess;
235 unsigned char *p;
236 unsigned char md[EVP_MAX_MD_SIZE];
237 short version;
238 unsigned int mac_size;
239 int clear=0;
240 size_t extra;
241
242 rr= &(s->s3->rrec);
243 sess=s->session;
244
245 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
246 extra=SSL3_RT_MAX_EXTRA;
247 else
248 extra=0;
249 if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE)
250 {
251 /* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
252 * set after ssl3_setup_buffers() was done */
253 SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
254 return -1;
255 }
256
257again:
258 /* check if we have the header */
259 if ( (s->rstate != SSL_ST_READ_BODY) ||
260 (s->packet_length < SSL3_RT_HEADER_LENGTH))
261 {
262 n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
263 if (n <= 0) return(n); /* error or non-blocking */
264 s->rstate=SSL_ST_READ_BODY;
265
266 p=s->packet;
267
268 /* Pull apart the header into the SSL3_RECORD */
269 rr->type= *(p++);
270 ssl_major= *(p++);
271 ssl_minor= *(p++);
272 version=(ssl_major<<8)|ssl_minor;
273 n2s(p,rr->length);
274
275 /* Lets check version */
276 if (s->first_packet)
277 {
278 s->first_packet=0;
279 }
280 else
281 {
282 if (version != s->version)
283 {
284 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
285 /* Send back error using their
286 * version number :-) */
287 s->version=version;
288 al=SSL_AD_PROTOCOL_VERSION;
289 goto f_err;
290 }
291 }
292
293 if ((version>>8) != SSL3_VERSION_MAJOR)
294 {
295 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
296 goto err;
297 }
298
299 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
300 {
301 al=SSL_AD_RECORD_OVERFLOW;
302 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
303 goto f_err;
304 }
305
306 /* now s->rstate == SSL_ST_READ_BODY */
307 }
308
309 /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
310
311 if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH)
312 {
313 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
314 i=rr->length;
315 n=ssl3_read_n(s,i,i,1);
316 if (n <= 0) return(n); /* error or non-blocking io */
317 /* now n == rr->length,
318 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
319 }
320
321 s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
322
323 /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
324 * and we have that many bytes in s->packet
325 */
326 rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
327
328 /* ok, we can now read from 's->packet' data into 'rr'
329 * rr->input points at rr->length bytes, which
330 * need to be copied into rr->data by either
331 * the decryption or by the decompression
332 * When the data is 'copied' into the rr->data buffer,
333 * rr->input will be pointed at the new buffer */
334
335 /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
336 * rr->length bytes of encrypted compressed stuff. */
337
338 /* check is not needed I believe */
339 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
340 {
341 al=SSL_AD_RECORD_OVERFLOW;
342 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
343 goto f_err;
344 }
345
346 /* decrypt in place in 'rr->input' */
347 rr->data=rr->input;
348
349 enc_err = s->method->ssl3_enc->enc(s,0);
350 if (enc_err <= 0)
351 {
352 if (enc_err == 0)
353 /* SSLerr() and ssl3_send_alert() have been called */
354 goto err;
355
356 /* otherwise enc_err == -1 */
357 goto decryption_failed_or_bad_record_mac;
358 }
359
360#ifdef TLS_DEBUG
361printf("dec %d\n",rr->length);
362{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
363printf("\n");
364#endif
365
366 /* r->length is now the compressed data plus mac */
367 if ( (sess == NULL) ||
368 (s->enc_read_ctx == NULL) ||
369 (s->read_hash == NULL))
370 clear=1;
371
372 if (!clear)
373 {
374 mac_size=EVP_MD_size(s->read_hash);
375
376 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
377 {
378#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
379 al=SSL_AD_RECORD_OVERFLOW;
380 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
381 goto f_err;
382#else
383 goto decryption_failed_or_bad_record_mac;
384#endif
385 }
386 /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
387 if (rr->length < mac_size)
388 {
389#if 0 /* OK only for stream ciphers */
390 al=SSL_AD_DECODE_ERROR;
391 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
392 goto f_err;
393#else
394 goto decryption_failed_or_bad_record_mac;
395#endif
396 }
397 rr->length-=mac_size;
398 i=s->method->ssl3_enc->mac(s,md,0);
399 if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
400 {
401 goto decryption_failed_or_bad_record_mac;
402 }
403 }
404
405 /* r->length is now just compressed */
406 if (s->expand != NULL)
407 {
408 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
409 {
410 al=SSL_AD_RECORD_OVERFLOW;
411 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
412 goto f_err;
413 }
414 if (!do_uncompress(s))
415 {
416 al=SSL_AD_DECOMPRESSION_FAILURE;
417 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
418 goto f_err;
419 }
420 }
421
422 if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra)
423 {
424 al=SSL_AD_RECORD_OVERFLOW;
425 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
426 goto f_err;
427 }
428
429 rr->off=0;
430 /* So at this point the following is true
431 * ssl->s3->rrec.type is the type of record
432 * ssl->s3->rrec.length == number of bytes in record
433 * ssl->s3->rrec.off == offset to first valid byte
434 * ssl->s3->rrec.data == where to take bytes from, increment
435 * after use :-).
436 */
437
438 /* we have pulled in a full packet so zero things */
439 s->packet_length=0;
440
441 /* just read a 0 length packet */
442 if (rr->length == 0) goto again;
443
444 return(1);
445
446decryption_failed_or_bad_record_mac:
447 /* Separate 'decryption_failed' alert was introduced with TLS 1.0,
448 * SSL 3.0 only has 'bad_record_mac'. But unless a decryption
449 * failure is directly visible from the ciphertext anyway,
450 * we should not reveal which kind of error occured -- this
451 * might become visible to an attacker (e.g. via logfile) */
452 al=SSL_AD_BAD_RECORD_MAC;
453 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
454f_err:
455 ssl3_send_alert(s,SSL3_AL_FATAL,al);
456err:
457 return(ret);
458 }
459
460static int do_uncompress(SSL *ssl)
461 {
462 int i;
463 SSL3_RECORD *rr;
464
465 rr= &(ssl->s3->rrec);
466 i=COMP_expand_block(ssl->expand,rr->comp,
467 SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length);
468 if (i < 0)
469 return(0);
470 else
471 rr->length=i;
472 rr->data=rr->comp;
473
474 return(1);
475 }
476
477static int do_compress(SSL *ssl)
478 {
479 int i;
480 SSL3_RECORD *wr;
481
482 wr= &(ssl->s3->wrec);
483 i=COMP_compress_block(ssl->compress,wr->data,
484 SSL3_RT_MAX_COMPRESSED_LENGTH,
485 wr->input,(int)wr->length);
486 if (i < 0)
487 return(0);
488 else
489 wr->length=i;
490
491 wr->input=wr->data;
492 return(1);
493 }
494
495/* Call this to write data in records of type 'type'
496 * It will return <= 0 if not all data has been sent or non-blocking IO.
497 */
498int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
499 {
500 const unsigned char *buf=buf_;
501 unsigned int tot,n,nw;
502 int i;
503
504 s->rwstate=SSL_NOTHING;
505 tot=s->s3->wnum;
506 s->s3->wnum=0;
507
508 if (SSL_in_init(s) && !s->in_handshake)
509 {
510 i=s->handshake_func(s);
511 if (i < 0) return(i);
512 if (i == 0)
513 {
514 SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
515 return -1;
516 }
517 }
518
519 n=(len-tot);
520 for (;;)
521 {
522 if (n > SSL3_RT_MAX_PLAIN_LENGTH)
523 nw=SSL3_RT_MAX_PLAIN_LENGTH;
524 else
525 nw=n;
526
527 i=do_ssl3_write(s, type, &(buf[tot]), nw, 0);
528 if (i <= 0)
529 {
530 s->s3->wnum=tot;
531 return i;
532 }
533
534 if ((i == (int)n) ||
535 (type == SSL3_RT_APPLICATION_DATA &&
536 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
537 {
538 /* next chunk of data should get another prepended empty fragment
539 * in ciphersuites with known-IV weakness: */
540 s->s3->empty_fragment_done = 0;
541
542 return tot+i;
543 }
544
545 n-=i;
546 tot+=i;
547 }
548 }
549
550static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
551 unsigned int len, int create_empty_fragment)
552 {
553 unsigned char *p,*plen;
554 int i,mac_size,clear=0;
555 int prefix_len = 0;
556 SSL3_RECORD *wr;
557 SSL3_BUFFER *wb;
558 SSL_SESSION *sess;
559
560 /* first check if there is a SSL3_BUFFER still being written
561 * out. This will happen with non blocking IO */
562 if (s->s3->wbuf.left != 0)
563 return(ssl3_write_pending(s,type,buf,len));
564
565 /* If we have an alert to send, lets send it */
566 if (s->s3->alert_dispatch)
567 {
568 i=ssl3_dispatch_alert(s);
569 if (i <= 0)
570 return(i);
571 /* if it went, fall through and send more stuff */
572 }
573
574 if (len == 0 && !create_empty_fragment)
575 return 0;
576
577 wr= &(s->s3->wrec);
578 wb= &(s->s3->wbuf);
579 sess=s->session;
580
581 if ( (sess == NULL) ||
582 (s->enc_write_ctx == NULL) ||
583 (s->write_hash == NULL))
584 clear=1;
585
586 if (clear)
587 mac_size=0;
588 else
589 mac_size=EVP_MD_size(s->write_hash);
590
591 /* 'create_empty_fragment' is true only when this function calls itself */
592 if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done)
593 {
594 /* countermeasure against known-IV weakness in CBC ciphersuites
595 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
596
597 if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA)
598 {
599 /* recursive function call with 'create_empty_fragment' set;
600 * this prepares and buffers the data for an empty fragment
601 * (these 'prefix_len' bytes are sent out later
602 * together with the actual payload) */
603 prefix_len = do_ssl3_write(s, type, buf, 0, 1);
604 if (prefix_len <= 0)
605 goto err;
606
607 if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)
608 {
609 /* insufficient space */
610 SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
611 goto err;
612 }
613 }
614
615 s->s3->empty_fragment_done = 1;
616 }
617
618 p = wb->buf + prefix_len;
619
620 /* write the header */
621
622 *(p++)=type&0xff;
623 wr->type=type;
624
625 *(p++)=(s->version>>8);
626 *(p++)=s->version&0xff;
627
628 /* field where we are to write out packet length */
629 plen=p;
630 p+=2;
631
632 /* lets setup the record stuff. */
633 wr->data=p;
634 wr->length=(int)len;
635 wr->input=(unsigned char *)buf;
636
637 /* we now 'read' from wr->input, wr->length bytes into
638 * wr->data */
639
640 /* first we compress */
641 if (s->compress != NULL)
642 {
643 if (!do_compress(s))
644 {
645 SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
646 goto err;
647 }
648 }
649 else
650 {
651 memcpy(wr->data,wr->input,wr->length);
652 wr->input=wr->data;
653 }
654
655 /* we should still have the output to wr->data and the input
656 * from wr->input. Length should be wr->length.
657 * wr->data still points in the wb->buf */
658
659 if (mac_size != 0)
660 {
661 s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
662 wr->length+=mac_size;
663 wr->input=p;
664 wr->data=p;
665 }
666
667 /* ssl3_enc can only have an error on read */
668 s->method->ssl3_enc->enc(s,1);
669
670 /* record length after mac and block padding */
671 s2n(wr->length,plen);
672
673 /* we should now have
674 * wr->data pointing to the encrypted data, which is
675 * wr->length long */
676 wr->type=type; /* not needed but helps for debugging */
677 wr->length+=SSL3_RT_HEADER_LENGTH;
678
679 if (create_empty_fragment)
680 {
681 /* we are in a recursive call;
682 * just return the length, don't write out anything here
683 */
684 return wr->length;
685 }
686
687 /* now let's set up wb */
688 wb->left = prefix_len + wr->length;
689 wb->offset = 0;
690
691 /* memorize arguments so that ssl3_write_pending can detect bad write retries later */
692 s->s3->wpend_tot=len;
693 s->s3->wpend_buf=buf;
694 s->s3->wpend_type=type;
695 s->s3->wpend_ret=len;
696
697 /* we now just need to write the buffer */
698 return ssl3_write_pending(s,type,buf,len);
699err:
700 return -1;
701 }
702
703/* if s->s3->wbuf.left != 0, we need to call this */
704static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
705 unsigned int len)
706 {
707 int i;
708
709/* XXXX */
710 if ((s->s3->wpend_tot > (int)len)
711 || ((s->s3->wpend_buf != buf) &&
712 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
713 || (s->s3->wpend_type != type))
714 {
715 SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
716 return(-1);
717 }
718
719 for (;;)
720 {
721 clear_sys_error();
722 if (s->wbio != NULL)
723 {
724 s->rwstate=SSL_WRITING;
725 i=BIO_write(s->wbio,
726 (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
727 (unsigned int)s->s3->wbuf.left);
728 }
729 else
730 {
731 SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
732 i= -1;
733 }
734 if (i == s->s3->wbuf.left)
735 {
736 s->s3->wbuf.left=0;
737 s->rwstate=SSL_NOTHING;
738 return(s->s3->wpend_ret);
739 }
740 else if (i <= 0)
741 return(i);
742 s->s3->wbuf.offset+=i;
743 s->s3->wbuf.left-=i;
744 }
745 }
746
747/* Return up to 'len' payload bytes received in 'type' records.
748 * 'type' is one of the following:
749 *
750 * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
751 * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
752 * - 0 (during a shutdown, no data has to be returned)
753 *
754 * If we don't have stored data to work from, read a SSL/TLS record first
755 * (possibly multiple records if we still don't have anything to return).
756 *
757 * This function must handle any surprises the peer may have for us, such as
758 * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
759 * a surprise, but handled as if it were), or renegotiation requests.
760 * Also if record payloads contain fragments too small to process, we store
761 * them until there is enough for the respective protocol (the record protocol
762 * may use arbitrary fragmentation and even interleaving):
763 * Change cipher spec protocol
764 * just 1 byte needed, no need for keeping anything stored
765 * Alert protocol
766 * 2 bytes needed (AlertLevel, AlertDescription)
767 * Handshake protocol
768 * 4 bytes needed (HandshakeType, uint24 length) -- we just have
769 * to detect unexpected Client Hello and Hello Request messages
770 * here, anything else is handled by higher layers
771 * Application data protocol
772 * none of our business
773 */
774int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
775 {
776 int al,i,j,ret;
777 unsigned int n;
778 SSL3_RECORD *rr;
779 void (*cb)(const SSL *ssl,int type2,int val)=NULL;
780
781 if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
782 if (!ssl3_setup_buffers(s))
783 return(-1);
784
785 if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
786 (peek && (type != SSL3_RT_APPLICATION_DATA)))
787 {
788 SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
789 return -1;
790 }
791
792 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
793 /* (partially) satisfy request from storage */
794 {
795 unsigned char *src = s->s3->handshake_fragment;
796 unsigned char *dst = buf;
797 unsigned int k;
798
799 /* peek == 0 */
800 n = 0;
801 while ((len > 0) && (s->s3->handshake_fragment_len > 0))
802 {
803 *dst++ = *src++;
804 len--; s->s3->handshake_fragment_len--;
805 n++;
806 }
807 /* move any remaining fragment bytes: */
808 for (k = 0; k < s->s3->handshake_fragment_len; k++)
809 s->s3->handshake_fragment[k] = *src++;
810 return n;
811 }
812
813 /* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
814
815 if (!s->in_handshake && SSL_in_init(s))
816 {
817 /* type == SSL3_RT_APPLICATION_DATA */
818 i=s->handshake_func(s);
819 if (i < 0) return(i);
820 if (i == 0)
821 {
822 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
823 return(-1);
824 }
825 }
826start:
827 s->rwstate=SSL_NOTHING;
828
829 /* s->s3->rrec.type - is the type of record
830 * s->s3->rrec.data, - data
831 * s->s3->rrec.off, - offset into 'data' for next read
832 * s->s3->rrec.length, - number of bytes. */
833 rr = &(s->s3->rrec);
834
835 /* get new packet if necessary */
836 if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
837 {
838 ret=ssl3_get_record(s);
839 if (ret <= 0) return(ret);
840 }
841
842 /* we now have a packet which can be read and processed */
843
844 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
845 * reset by ssl3_get_finished */
846 && (rr->type != SSL3_RT_HANDSHAKE))
847 {
848 al=SSL_AD_UNEXPECTED_MESSAGE;
849 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
850 goto err;
851 }
852
853 /* If the other end has shut down, throw anything we read away
854 * (even in 'peek' mode) */
855 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
856 {
857 rr->length=0;
858 s->rwstate=SSL_NOTHING;
859 return(0);
860 }
861
862
863 if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
864 {
865 /* make sure that we are not getting application data when we
866 * are doing a handshake for the first time */
867 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
868 (s->enc_read_ctx == NULL))
869 {
870 al=SSL_AD_UNEXPECTED_MESSAGE;
871 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
872 goto f_err;
873 }
874
875 if (len <= 0) return(len);
876
877 if ((unsigned int)len > rr->length)
878 n = rr->length;
879 else
880 n = (unsigned int)len;
881
882 memcpy(buf,&(rr->data[rr->off]),n);
883 if (!peek)
884 {
885 rr->length-=n;
886 rr->off+=n;
887 if (rr->length == 0)
888 {
889 s->rstate=SSL_ST_READ_HEADER;
890 rr->off=0;
891 }
892 }
893 return(n);
894 }
895
896
897 /* If we get here, then type != rr->type; if we have a handshake
898 * message, then it was unexpected (Hello Request or Client Hello). */
899
900 /* In case of record types for which we have 'fragment' storage,
901 * fill that so that we can process the data at a fixed place.
902 */
903 {
904 unsigned int dest_maxlen = 0;
905 unsigned char *dest = NULL;
906 unsigned int *dest_len = NULL;
907
908 if (rr->type == SSL3_RT_HANDSHAKE)
909 {
910 dest_maxlen = sizeof s->s3->handshake_fragment;
911 dest = s->s3->handshake_fragment;
912 dest_len = &s->s3->handshake_fragment_len;
913 }
914 else if (rr->type == SSL3_RT_ALERT)
915 {
916 dest_maxlen = sizeof s->s3->alert_fragment;
917 dest = s->s3->alert_fragment;
918 dest_len = &s->s3->alert_fragment_len;
919 }
920
921 if (dest_maxlen > 0)
922 {
923 n = dest_maxlen - *dest_len; /* available space in 'dest' */
924 if (rr->length < n)
925 n = rr->length; /* available bytes */
926
927 /* now move 'n' bytes: */
928 while (n-- > 0)
929 {
930 dest[(*dest_len)++] = rr->data[rr->off++];
931 rr->length--;
932 }
933
934 if (*dest_len < dest_maxlen)
935 goto start; /* fragment was too small */
936 }
937 }
938
939 /* s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
940 * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
941 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
942
943 /* If we are a client, check for an incoming 'Hello Request': */
944 if ((!s->server) &&
945 (s->s3->handshake_fragment_len >= 4) &&
946 (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
947 (s->session != NULL) && (s->session->cipher != NULL))
948 {
949 s->s3->handshake_fragment_len = 0;
950
951 if ((s->s3->handshake_fragment[1] != 0) ||
952 (s->s3->handshake_fragment[2] != 0) ||
953 (s->s3->handshake_fragment[3] != 0))
954 {
955 al=SSL_AD_DECODE_ERROR;
956 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
957 goto err;
958 }
959
960 if (s->msg_callback)
961 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
962
963 if (SSL_is_init_finished(s) &&
964 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
965 !s->s3->renegotiate)
966 {
967 ssl3_renegotiate(s);
968 if (ssl3_renegotiate_check(s))
969 {
970 i=s->handshake_func(s);
971 if (i < 0) return(i);
972 if (i == 0)
973 {
974 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
975 return(-1);
976 }
977
978 if (!(s->mode & SSL_MODE_AUTO_RETRY))
979 {
980 if (s->s3->rbuf.left == 0) /* no read-ahead left? */
981 {
982 BIO *bio;
983 /* In the case where we try to read application data,
984 * but we trigger an SSL handshake, we return -1 with
985 * the retry option set. Otherwise renegotiation may
986 * cause nasty problems in the blocking world */
987 s->rwstate=SSL_READING;
988 bio=SSL_get_rbio(s);
989 BIO_clear_retry_flags(bio);
990 BIO_set_retry_read(bio);
991 return(-1);
992 }
993 }
994 }
995 }
996 /* we either finished a handshake or ignored the request,
997 * now try again to obtain the (application) data we were asked for */
998 goto start;
999 }
1000
1001 if (s->s3->alert_fragment_len >= 2)
1002 {
1003 int alert_level = s->s3->alert_fragment[0];
1004 int alert_descr = s->s3->alert_fragment[1];
1005
1006 s->s3->alert_fragment_len = 0;
1007
1008 if (s->msg_callback)
1009 s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg);
1010
1011 if (s->info_callback != NULL)
1012 cb=s->info_callback;
1013 else if (s->ctx->info_callback != NULL)
1014 cb=s->ctx->info_callback;
1015
1016 if (cb != NULL)
1017 {
1018 j = (alert_level << 8) | alert_descr;
1019 cb(s, SSL_CB_READ_ALERT, j);
1020 }
1021
1022 if (alert_level == 1) /* warning */
1023 {
1024 s->s3->warn_alert = alert_descr;
1025 if (alert_descr == SSL_AD_CLOSE_NOTIFY)
1026 {
1027 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
1028 return(0);
1029 }
1030 }
1031 else if (alert_level == 2) /* fatal */
1032 {
1033 char tmp[16];
1034
1035 s->rwstate=SSL_NOTHING;
1036 s->s3->fatal_alert = alert_descr;
1037 SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
1038 BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
1039 ERR_add_error_data(2,"SSL alert number ",tmp);
1040 s->shutdown|=SSL_RECEIVED_SHUTDOWN;
1041 SSL_CTX_remove_session(s->ctx,s->session);
1042 return(0);
1043 }
1044 else
1045 {
1046 al=SSL_AD_ILLEGAL_PARAMETER;
1047 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
1048 goto f_err;
1049 }
1050
1051 goto start;
1052 }
1053
1054 if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
1055 {
1056 s->rwstate=SSL_NOTHING;
1057 rr->length=0;
1058 return(0);
1059 }
1060
1061 if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
1062 {
1063 /* 'Change Cipher Spec' is just a single byte, so we know
1064 * exactly what the record payload has to look like */
1065 if ( (rr->length != 1) || (rr->off != 0) ||
1066 (rr->data[0] != SSL3_MT_CCS))
1067 {
1068 i=SSL_AD_ILLEGAL_PARAMETER;
1069 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
1070 goto err;
1071 }
1072
1073 rr->length=0;
1074
1075 if (s->msg_callback)
1076 s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg);
1077
1078 s->s3->change_cipher_spec=1;
1079 if (!do_change_cipher_spec(s))
1080 goto err;
1081 else
1082 goto start;
1083 }
1084
1085 /* Unexpected handshake message (Client Hello, or protocol violation) */
1086 if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake)
1087 {
1088 if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
1089 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
1090 {
1091#if 0 /* worked only because C operator preferences are not as expected (and
1092 * because this is not really needed for clients except for detecting
1093 * protocol violations): */
1094 s->state=SSL_ST_BEFORE|(s->server)
1095 ?SSL_ST_ACCEPT
1096 :SSL_ST_CONNECT;
1097#else
1098 s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1099#endif
1100 s->new_session=1;
1101 }
1102 i=s->handshake_func(s);
1103 if (i < 0) return(i);
1104 if (i == 0)
1105 {
1106 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
1107 return(-1);
1108 }
1109
1110 if (!(s->mode & SSL_MODE_AUTO_RETRY))
1111 {
1112 if (s->s3->rbuf.left == 0) /* no read-ahead left? */
1113 {
1114 BIO *bio;
1115 /* In the case where we try to read application data,
1116 * but we trigger an SSL handshake, we return -1 with
1117 * the retry option set. Otherwise renegotiation may
1118 * cause nasty problems in the blocking world */
1119 s->rwstate=SSL_READING;
1120 bio=SSL_get_rbio(s);
1121 BIO_clear_retry_flags(bio);
1122 BIO_set_retry_read(bio);
1123 return(-1);
1124 }
1125 }
1126 goto start;
1127 }
1128
1129 switch (rr->type)
1130 {
1131 default:
1132#ifndef OPENSSL_NO_TLS
1133 /* TLS just ignores unknown message types */
1134 if (s->version == TLS1_VERSION)
1135 {
1136 rr->length = 0;
1137 goto start;
1138 }
1139#endif
1140 al=SSL_AD_UNEXPECTED_MESSAGE;
1141 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
1142 goto f_err;
1143 case SSL3_RT_CHANGE_CIPHER_SPEC:
1144 case SSL3_RT_ALERT:
1145 case SSL3_RT_HANDSHAKE:
1146 /* we already handled all of these, with the possible exception
1147 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
1148 * should not happen when type != rr->type */
1149 al=SSL_AD_UNEXPECTED_MESSAGE;
1150 SSLerr(SSL_F_SSL3_READ_BYTES,ERR_R_INTERNAL_ERROR);
1151 goto f_err;
1152 case SSL3_RT_APPLICATION_DATA:
1153 /* At this point, we were expecting handshake data,
1154 * but have application data. If the library was
1155 * running inside ssl3_read() (i.e. in_read_app_data
1156 * is set) and it makes sense to read application data
1157 * at this point (session renegotiation not yet started),
1158 * we will indulge it.
1159 */
1160 if (s->s3->in_read_app_data &&
1161 (s->s3->total_renegotiations != 0) &&
1162 ((
1163 (s->state & SSL_ST_CONNECT) &&
1164 (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1165 (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
1166 ) || (
1167 (s->state & SSL_ST_ACCEPT) &&
1168 (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
1169 (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
1170 )
1171 ))
1172 {
1173 s->s3->in_read_app_data=2;
1174 return(-1);
1175 }
1176 else
1177 {
1178 al=SSL_AD_UNEXPECTED_MESSAGE;
1179 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
1180 goto f_err;
1181 }
1182 }
1183 /* not reached */
1184
1185f_err:
1186 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1187err:
1188 return(-1);
1189 }
1190
1191static int do_change_cipher_spec(SSL *s)
1192 {
1193 int i;
1194 const char *sender;
1195 int slen;
1196
1197 if (s->state & SSL_ST_ACCEPT)
1198 i=SSL3_CHANGE_CIPHER_SERVER_READ;
1199 else
1200 i=SSL3_CHANGE_CIPHER_CLIENT_READ;
1201
1202 if (s->s3->tmp.key_block == NULL)
1203 {
1204 s->session->cipher=s->s3->tmp.new_cipher;
1205 if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
1206 }
1207
1208 if (!s->method->ssl3_enc->change_cipher_state(s,i))
1209 return(0);
1210
1211 /* we have to record the message digest at
1212 * this point so we can get it before we read
1213 * the finished message */
1214 if (s->state & SSL_ST_CONNECT)
1215 {
1216 sender=s->method->ssl3_enc->server_finished_label;
1217 slen=s->method->ssl3_enc->server_finished_label_len;
1218 }
1219 else
1220 {
1221 sender=s->method->ssl3_enc->client_finished_label;
1222 slen=s->method->ssl3_enc->client_finished_label_len;
1223 }
1224
1225 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
1226 &(s->s3->finish_dgst1),
1227 &(s->s3->finish_dgst2),
1228 sender,slen,s->s3->tmp.peer_finish_md);
1229
1230 return(1);
1231 }
1232
1233void ssl3_send_alert(SSL *s, int level, int desc)
1234 {
1235 /* Map tls/ssl alert value to correct one */
1236 desc=s->method->ssl3_enc->alert_value(desc);
1237 if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
1238 desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */
1239 if (desc < 0) return;
1240 /* If a fatal one, remove from cache */
1241 if ((level == 2) && (s->session != NULL))
1242 SSL_CTX_remove_session(s->ctx,s->session);
1243
1244 s->s3->alert_dispatch=1;
1245 s->s3->send_alert[0]=level;
1246 s->s3->send_alert[1]=desc;
1247 if (s->s3->wbuf.left == 0) /* data still being written out? */
1248 ssl3_dispatch_alert(s);
1249 /* else data is still being written out, we will get written
1250 * some time in the future */
1251 }
1252
1253int ssl3_dispatch_alert(SSL *s)
1254 {
1255 int i,j;
1256 void (*cb)(const SSL *ssl,int type,int val)=NULL;
1257
1258 s->s3->alert_dispatch=0;
1259 i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
1260 if (i <= 0)
1261 {
1262 s->s3->alert_dispatch=1;
1263 }
1264 else
1265 {
1266 /* Alert sent to BIO. If it is important, flush it now.
1267 * If the message does not get sent due to non-blocking IO,
1268 * we will not worry too much. */
1269 if (s->s3->send_alert[0] == SSL3_AL_FATAL)
1270 (void)BIO_flush(s->wbio);
1271
1272 if (s->msg_callback)
1273 s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg);
1274
1275 if (s->info_callback != NULL)
1276 cb=s->info_callback;
1277 else if (s->ctx->info_callback != NULL)
1278 cb=s->ctx->info_callback;
1279
1280 if (cb != NULL)
1281 {
1282 j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
1283 cb(s,SSL_CB_WRITE_ALERT,j);
1284 }
1285 }
1286 return(i);
1287 }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
new file mode 100644
index 0000000000..dfffed7165
--- /dev/null
+++ b/src/lib/libssl/s3_srvr.c
@@ -0,0 +1,2046 @@
1/* ssl/s3_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#define REUSE_CIPHER_BUG
113#define NETSCAPE_HANG_BUG
114
115
116#include <stdio.h>
117#include "ssl_locl.h"
118#include "kssl_lcl.h"
119#include <openssl/buffer.h>
120#include <openssl/rand.h>
121#include <openssl/objects.h>
122#include <openssl/evp.h>
123#include <openssl/x509.h>
124#ifndef OPENSSL_NO_KRB5
125#include <openssl/krb5_asn.h>
126#endif
127#include <openssl/md5.h>
128
129static SSL_METHOD *ssl3_get_server_method(int ver);
130static int ssl3_get_client_hello(SSL *s);
131static int ssl3_check_client_hello(SSL *s);
132static int ssl3_send_server_hello(SSL *s);
133static int ssl3_send_server_key_exchange(SSL *s);
134static int ssl3_send_certificate_request(SSL *s);
135static int ssl3_send_server_done(SSL *s);
136static int ssl3_get_client_key_exchange(SSL *s);
137static int ssl3_get_client_certificate(SSL *s);
138static int ssl3_get_cert_verify(SSL *s);
139static int ssl3_send_hello_request(SSL *s);
140
141static SSL_METHOD *ssl3_get_server_method(int ver)
142 {
143 if (ver == SSL3_VERSION)
144 return(SSLv3_server_method());
145 else
146 return(NULL);
147 }
148
149SSL_METHOD *SSLv3_server_method(void)
150 {
151 static int init=1;
152 static SSL_METHOD SSLv3_server_data;
153
154 if (init)
155 {
156 memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
157 sizeof(SSL_METHOD));
158 SSLv3_server_data.ssl_accept=ssl3_accept;
159 SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
160 init=0;
161 }
162 return(&SSLv3_server_data);
163 }
164
165int ssl3_accept(SSL *s)
166 {
167 BUF_MEM *buf;
168 unsigned long l,Time=time(NULL);
169 void (*cb)(const SSL *ssl,int type,int val)=NULL;
170 long num1;
171 int ret= -1;
172 int new_state,state,skip=0;
173
174 RAND_add(&Time,sizeof(Time),0);
175 ERR_clear_error();
176 clear_sys_error();
177
178 if (s->info_callback != NULL)
179 cb=s->info_callback;
180 else if (s->ctx->info_callback != NULL)
181 cb=s->ctx->info_callback;
182
183 /* init things to blank */
184 s->in_handshake++;
185 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
186
187 if (s->cert == NULL)
188 {
189 SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
190 return(-1);
191 }
192
193 for (;;)
194 {
195 state=s->state;
196
197 switch (s->state)
198 {
199 case SSL_ST_RENEGOTIATE:
200 s->new_session=1;
201 /* s->state=SSL_ST_ACCEPT; */
202
203 case SSL_ST_BEFORE:
204 case SSL_ST_ACCEPT:
205 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
206 case SSL_ST_OK|SSL_ST_ACCEPT:
207
208 s->server=1;
209 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
210
211 if ((s->version>>8) != 3)
212 {
213 SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
214 return -1;
215 }
216 s->type=SSL_ST_ACCEPT;
217
218 if (s->init_buf == NULL)
219 {
220 if ((buf=BUF_MEM_new()) == NULL)
221 {
222 ret= -1;
223 goto end;
224 }
225 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
226 {
227 ret= -1;
228 goto end;
229 }
230 s->init_buf=buf;
231 }
232
233 if (!ssl3_setup_buffers(s))
234 {
235 ret= -1;
236 goto end;
237 }
238
239 s->init_num=0;
240
241 if (s->state != SSL_ST_RENEGOTIATE)
242 {
243 /* Ok, we now need to push on a buffering BIO so that
244 * the output is sent in a way that TCP likes :-)
245 */
246 if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
247
248 ssl3_init_finished_mac(s);
249 s->state=SSL3_ST_SR_CLNT_HELLO_A;
250 s->ctx->stats.sess_accept++;
251 }
252 else
253 {
254 /* s->state == SSL_ST_RENEGOTIATE,
255 * we will just send a HelloRequest */
256 s->ctx->stats.sess_accept_renegotiate++;
257 s->state=SSL3_ST_SW_HELLO_REQ_A;
258 }
259 break;
260
261 case SSL3_ST_SW_HELLO_REQ_A:
262 case SSL3_ST_SW_HELLO_REQ_B:
263
264 s->shutdown=0;
265 ret=ssl3_send_hello_request(s);
266 if (ret <= 0) goto end;
267 s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
268 s->state=SSL3_ST_SW_FLUSH;
269 s->init_num=0;
270
271 ssl3_init_finished_mac(s);
272 break;
273
274 case SSL3_ST_SW_HELLO_REQ_C:
275 s->state=SSL_ST_OK;
276 break;
277
278 case SSL3_ST_SR_CLNT_HELLO_A:
279 case SSL3_ST_SR_CLNT_HELLO_B:
280 case SSL3_ST_SR_CLNT_HELLO_C:
281
282 s->shutdown=0;
283 ret=ssl3_get_client_hello(s);
284 if (ret <= 0) goto end;
285 s->new_session = 2;
286 s->state=SSL3_ST_SW_SRVR_HELLO_A;
287 s->init_num=0;
288 break;
289
290 case SSL3_ST_SW_SRVR_HELLO_A:
291 case SSL3_ST_SW_SRVR_HELLO_B:
292 ret=ssl3_send_server_hello(s);
293 if (ret <= 0) goto end;
294
295 if (s->hit)
296 s->state=SSL3_ST_SW_CHANGE_A;
297 else
298 s->state=SSL3_ST_SW_CERT_A;
299 s->init_num=0;
300 break;
301
302 case SSL3_ST_SW_CERT_A:
303 case SSL3_ST_SW_CERT_B:
304 /* Check if it is anon DH */
305 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
306 {
307 ret=ssl3_send_server_certificate(s);
308 if (ret <= 0) goto end;
309 }
310 else
311 skip=1;
312 s->state=SSL3_ST_SW_KEY_EXCH_A;
313 s->init_num=0;
314 break;
315
316 case SSL3_ST_SW_KEY_EXCH_A:
317 case SSL3_ST_SW_KEY_EXCH_B:
318 l=s->s3->tmp.new_cipher->algorithms;
319
320 /* clear this, it may get reset by
321 * send_server_key_exchange */
322 if ((s->options & SSL_OP_EPHEMERAL_RSA)
323#ifndef OPENSSL_NO_KRB5
324 && !(l & SSL_KRB5)
325#endif /* OPENSSL_NO_KRB5 */
326 )
327 /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
328 * even when forbidden by protocol specs
329 * (handshake may fail as clients are not required to
330 * be able to handle this) */
331 s->s3->tmp.use_rsa_tmp=1;
332 else
333 s->s3->tmp.use_rsa_tmp=0;
334
335 /* only send if a DH key exchange, fortezza or
336 * RSA but we have a sign only certificate */
337 if (s->s3->tmp.use_rsa_tmp
338 || (l & (SSL_DH|SSL_kFZA))
339 || ((l & SSL_kRSA)
340 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
341 || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
342 && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
343 )
344 )
345 )
346 )
347 {
348 ret=ssl3_send_server_key_exchange(s);
349 if (ret <= 0) goto end;
350 }
351 else
352 skip=1;
353
354 s->state=SSL3_ST_SW_CERT_REQ_A;
355 s->init_num=0;
356 break;
357
358 case SSL3_ST_SW_CERT_REQ_A:
359 case SSL3_ST_SW_CERT_REQ_B:
360 if (/* don't request cert unless asked for it: */
361 !(s->verify_mode & SSL_VERIFY_PEER) ||
362 /* if SSL_VERIFY_CLIENT_ONCE is set,
363 * don't request cert during re-negotiation: */
364 ((s->session->peer != NULL) &&
365 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
366 /* never request cert in anonymous ciphersuites
367 * (see section "Certificate request" in SSL 3 drafts
368 * and in RFC 2246): */
369 ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
370 /* ... except when the application insists on verification
371 * (against the specs, but s3_clnt.c accepts this for SSL 3) */
372 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
373 /* never request cert in Kerberos ciphersuites */
374 (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
375 {
376 /* no cert request */
377 skip=1;
378 s->s3->tmp.cert_request=0;
379 s->state=SSL3_ST_SW_SRVR_DONE_A;
380 }
381 else
382 {
383 s->s3->tmp.cert_request=1;
384 ret=ssl3_send_certificate_request(s);
385 if (ret <= 0) goto end;
386#ifndef NETSCAPE_HANG_BUG
387 s->state=SSL3_ST_SW_SRVR_DONE_A;
388#else
389 s->state=SSL3_ST_SW_FLUSH;
390 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
391#endif
392 s->init_num=0;
393 }
394 break;
395
396 case SSL3_ST_SW_SRVR_DONE_A:
397 case SSL3_ST_SW_SRVR_DONE_B:
398 ret=ssl3_send_server_done(s);
399 if (ret <= 0) goto end;
400 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
401 s->state=SSL3_ST_SW_FLUSH;
402 s->init_num=0;
403 break;
404
405 case SSL3_ST_SW_FLUSH:
406 /* number of bytes to be flushed */
407 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
408 if (num1 > 0)
409 {
410 s->rwstate=SSL_WRITING;
411 num1=BIO_flush(s->wbio);
412 if (num1 <= 0) { ret= -1; goto end; }
413 s->rwstate=SSL_NOTHING;
414 }
415
416 s->state=s->s3->tmp.next_state;
417 break;
418
419 case SSL3_ST_SR_CERT_A:
420 case SSL3_ST_SR_CERT_B:
421 /* Check for second client hello (MS SGC) */
422 ret = ssl3_check_client_hello(s);
423 if (ret <= 0)
424 goto end;
425 if (ret == 2)
426 s->state = SSL3_ST_SR_CLNT_HELLO_C;
427 else {
428 /* could be sent for a DH cert, even if we
429 * have not asked for it :-) */
430 ret=ssl3_get_client_certificate(s);
431 if (ret <= 0) goto end;
432 s->init_num=0;
433 s->state=SSL3_ST_SR_KEY_EXCH_A;
434 }
435 break;
436
437 case SSL3_ST_SR_KEY_EXCH_A:
438 case SSL3_ST_SR_KEY_EXCH_B:
439 ret=ssl3_get_client_key_exchange(s);
440 if (ret <= 0) goto end;
441 s->state=SSL3_ST_SR_CERT_VRFY_A;
442 s->init_num=0;
443
444 /* We need to get hashes here so if there is
445 * a client cert, it can be verified */
446 s->method->ssl3_enc->cert_verify_mac(s,
447 &(s->s3->finish_dgst1),
448 &(s->s3->tmp.cert_verify_md[0]));
449 s->method->ssl3_enc->cert_verify_mac(s,
450 &(s->s3->finish_dgst2),
451 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
452
453 break;
454
455 case SSL3_ST_SR_CERT_VRFY_A:
456 case SSL3_ST_SR_CERT_VRFY_B:
457
458 /* we should decide if we expected this one */
459 ret=ssl3_get_cert_verify(s);
460 if (ret <= 0) goto end;
461
462 s->state=SSL3_ST_SR_FINISHED_A;
463 s->init_num=0;
464 break;
465
466 case SSL3_ST_SR_FINISHED_A:
467 case SSL3_ST_SR_FINISHED_B:
468 ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
469 SSL3_ST_SR_FINISHED_B);
470 if (ret <= 0) goto end;
471 if (s->hit)
472 s->state=SSL_ST_OK;
473 else
474 s->state=SSL3_ST_SW_CHANGE_A;
475 s->init_num=0;
476 break;
477
478 case SSL3_ST_SW_CHANGE_A:
479 case SSL3_ST_SW_CHANGE_B:
480
481 s->session->cipher=s->s3->tmp.new_cipher;
482 if (!s->method->ssl3_enc->setup_key_block(s))
483 { ret= -1; goto end; }
484
485 ret=ssl3_send_change_cipher_spec(s,
486 SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
487
488 if (ret <= 0) goto end;
489 s->state=SSL3_ST_SW_FINISHED_A;
490 s->init_num=0;
491
492 if (!s->method->ssl3_enc->change_cipher_state(s,
493 SSL3_CHANGE_CIPHER_SERVER_WRITE))
494 {
495 ret= -1;
496 goto end;
497 }
498
499 break;
500
501 case SSL3_ST_SW_FINISHED_A:
502 case SSL3_ST_SW_FINISHED_B:
503 ret=ssl3_send_finished(s,
504 SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
505 s->method->ssl3_enc->server_finished_label,
506 s->method->ssl3_enc->server_finished_label_len);
507 if (ret <= 0) goto end;
508 s->state=SSL3_ST_SW_FLUSH;
509 if (s->hit)
510 s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
511 else
512 s->s3->tmp.next_state=SSL_ST_OK;
513 s->init_num=0;
514 break;
515
516 case SSL_ST_OK:
517 /* clean a few things up */
518 ssl3_cleanup_key_block(s);
519
520 BUF_MEM_free(s->init_buf);
521 s->init_buf=NULL;
522
523 /* remove buffering on output */
524 ssl_free_wbio_buffer(s);
525
526 s->init_num=0;
527
528 if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
529 {
530 /* actually not necessarily a 'new' session unless
531 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
532
533 s->new_session=0;
534
535 ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
536
537 s->ctx->stats.sess_accept_good++;
538 /* s->server=1; */
539 s->handshake_func=ssl3_accept;
540
541 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
542 }
543
544 ret = 1;
545 goto end;
546 /* break; */
547
548 default:
549 SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
550 ret= -1;
551 goto end;
552 /* break; */
553 }
554
555 if (!s->s3->tmp.reuse_message && !skip)
556 {
557 if (s->debug)
558 {
559 if ((ret=BIO_flush(s->wbio)) <= 0)
560 goto end;
561 }
562
563
564 if ((cb != NULL) && (s->state != state))
565 {
566 new_state=s->state;
567 s->state=state;
568 cb(s,SSL_CB_ACCEPT_LOOP,1);
569 s->state=new_state;
570 }
571 }
572 skip=0;
573 }
574end:
575 /* BIO_flush(s->wbio); */
576
577 s->in_handshake--;
578 if (cb != NULL)
579 cb(s,SSL_CB_ACCEPT_EXIT,ret);
580 return(ret);
581 }
582
583static int ssl3_send_hello_request(SSL *s)
584 {
585 unsigned char *p;
586
587 if (s->state == SSL3_ST_SW_HELLO_REQ_A)
588 {
589 p=(unsigned char *)s->init_buf->data;
590 *(p++)=SSL3_MT_HELLO_REQUEST;
591 *(p++)=0;
592 *(p++)=0;
593 *(p++)=0;
594
595 s->state=SSL3_ST_SW_HELLO_REQ_B;
596 /* number of bytes to write */
597 s->init_num=4;
598 s->init_off=0;
599 }
600
601 /* SSL3_ST_SW_HELLO_REQ_B */
602 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
603 }
604
605static int ssl3_check_client_hello(SSL *s)
606 {
607 int ok;
608 long n;
609
610 /* this function is called when we really expect a Certificate message,
611 * so permit appropriate message length */
612 n=ssl3_get_message(s,
613 SSL3_ST_SR_CERT_A,
614 SSL3_ST_SR_CERT_B,
615 -1,
616 s->max_cert_list,
617 &ok);
618 if (!ok) return((int)n);
619 s->s3->tmp.reuse_message = 1;
620 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
621 {
622 /* Throw away what we have done so far in the current handshake,
623 * which will now be aborted. (A full SSL_clear would be too much.)
624 * I hope that tmp.dh is the only thing that may need to be cleared
625 * when a handshake is not completed ... */
626#ifndef OPENSSL_NO_DH
627 if (s->s3->tmp.dh != NULL)
628 {
629 DH_free(s->s3->tmp.dh);
630 s->s3->tmp.dh = NULL;
631 }
632#endif
633 return 2;
634 }
635 return 1;
636}
637
638static int ssl3_get_client_hello(SSL *s)
639 {
640 int i,j,ok,al,ret= -1;
641 long n;
642 unsigned long id;
643 unsigned char *p,*d,*q;
644 SSL_CIPHER *c;
645 SSL_COMP *comp=NULL;
646 STACK_OF(SSL_CIPHER) *ciphers=NULL;
647
648 /* We do this so that we will respond with our native type.
649 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
650 * This down switching should be handled by a different method.
651 * If we are SSLv3, we will respond with SSLv3, even if prompted with
652 * TLSv1.
653 */
654 if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
655 {
656 s->first_packet=1;
657 s->state=SSL3_ST_SR_CLNT_HELLO_B;
658 }
659 n=ssl3_get_message(s,
660 SSL3_ST_SR_CLNT_HELLO_B,
661 SSL3_ST_SR_CLNT_HELLO_C,
662 SSL3_MT_CLIENT_HELLO,
663 SSL3_RT_MAX_PLAIN_LENGTH,
664 &ok);
665
666 if (!ok) return((int)n);
667 d=p=(unsigned char *)s->init_msg;
668
669 /* use version from inside client hello, not from record header
670 * (may differ: see RFC 2246, Appendix E, second paragraph) */
671 s->client_version=(((int)p[0])<<8)|(int)p[1];
672 p+=2;
673
674 if (s->client_version < s->version)
675 {
676 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
677 if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
678 {
679 /* similar to ssl3_get_record, send alert using remote version number */
680 s->version = s->client_version;
681 }
682 al = SSL_AD_PROTOCOL_VERSION;
683 goto f_err;
684 }
685
686 /* load the client random */
687 memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
688 p+=SSL3_RANDOM_SIZE;
689
690 /* get the session-id */
691 j= *(p++);
692
693 s->hit=0;
694 /* Versions before 0.9.7 always allow session reuse during renegotiation
695 * (i.e. when s->new_session is true), option
696 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is new with 0.9.7.
697 * Maybe this optional behaviour should always have been the default,
698 * but we cannot safely change the default behaviour (or new applications
699 * might be written that become totally unsecure when compiled with
700 * an earlier library version)
701 */
702 if (j == 0 || (s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
703 {
704 if (!ssl_get_new_session(s,1))
705 goto err;
706 }
707 else
708 {
709 i=ssl_get_prev_session(s,p,j);
710 if (i == 1)
711 { /* previous session */
712 s->hit=1;
713 }
714 else if (i == -1)
715 goto err;
716 else /* i == 0 */
717 {
718 if (!ssl_get_new_session(s,1))
719 goto err;
720 }
721 }
722
723 p+=j;
724 n2s(p,i);
725 if ((i == 0) && (j != 0))
726 {
727 /* we need a cipher if we are not resuming a session */
728 al=SSL_AD_ILLEGAL_PARAMETER;
729 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
730 goto f_err;
731 }
732 if ((p+i) >= (d+n))
733 {
734 /* not enough data */
735 al=SSL_AD_DECODE_ERROR;
736 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
737 goto f_err;
738 }
739 if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
740 == NULL))
741 {
742 goto err;
743 }
744 p+=i;
745
746 /* If it is a hit, check that the cipher is in the list */
747 if ((s->hit) && (i > 0))
748 {
749 j=0;
750 id=s->session->cipher->id;
751
752#ifdef CIPHER_DEBUG
753 printf("client sent %d ciphers\n",sk_num(ciphers));
754#endif
755 for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
756 {
757 c=sk_SSL_CIPHER_value(ciphers,i);
758#ifdef CIPHER_DEBUG
759 printf("client [%2d of %2d]:%s\n",
760 i,sk_num(ciphers),SSL_CIPHER_get_name(c));
761#endif
762 if (c->id == id)
763 {
764 j=1;
765 break;
766 }
767 }
768 if (j == 0)
769 {
770 if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
771 {
772 /* Very bad for multi-threading.... */
773 s->session->cipher=sk_SSL_CIPHER_value(ciphers,
774 0);
775 }
776 else
777 {
778 /* we need to have the cipher in the cipher
779 * list if we are asked to reuse it */
780 al=SSL_AD_ILLEGAL_PARAMETER;
781 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
782 goto f_err;
783 }
784 }
785 }
786
787 /* compression */
788 i= *(p++);
789 if ((p+i) > (d+n))
790 {
791 /* not enough data */
792 al=SSL_AD_DECODE_ERROR;
793 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
794 goto f_err;
795 }
796 q=p;
797 for (j=0; j<i; j++)
798 {
799 if (p[j] == 0) break;
800 }
801
802 p+=i;
803 if (j >= i)
804 {
805 /* no compress */
806 al=SSL_AD_DECODE_ERROR;
807 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
808 goto f_err;
809 }
810
811 /* Worst case, we will use the NULL compression, but if we have other
812 * options, we will now look for them. We have i-1 compression
813 * algorithms from the client, starting at q. */
814 s->s3->tmp.new_compression=NULL;
815 if (s->ctx->comp_methods != NULL)
816 { /* See if we have a match */
817 int m,nn,o,v,done=0;
818
819 nn=sk_SSL_COMP_num(s->ctx->comp_methods);
820 for (m=0; m<nn; m++)
821 {
822 comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
823 v=comp->id;
824 for (o=0; o<i; o++)
825 {
826 if (v == q[o])
827 {
828 done=1;
829 break;
830 }
831 }
832 if (done) break;
833 }
834 if (done)
835 s->s3->tmp.new_compression=comp;
836 else
837 comp=NULL;
838 }
839
840 /* TLS does not mind if there is extra stuff */
841 if (s->version == SSL3_VERSION)
842 {
843 if (p < (d+n))
844 {
845 /* wrong number of bytes,
846 * there could be more to follow */
847 al=SSL_AD_DECODE_ERROR;
848 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
849 goto f_err;
850 }
851 }
852
853 /* Given s->session->ciphers and SSL_get_ciphers, we must
854 * pick a cipher */
855
856 if (!s->hit)
857 {
858 s->session->compress_meth=(comp == NULL)?0:comp->id;
859 if (s->session->ciphers != NULL)
860 sk_SSL_CIPHER_free(s->session->ciphers);
861 s->session->ciphers=ciphers;
862 if (ciphers == NULL)
863 {
864 al=SSL_AD_ILLEGAL_PARAMETER;
865 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
866 goto f_err;
867 }
868 ciphers=NULL;
869 c=ssl3_choose_cipher(s,s->session->ciphers,
870 SSL_get_ciphers(s));
871
872 if (c == NULL)
873 {
874 al=SSL_AD_HANDSHAKE_FAILURE;
875 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
876 goto f_err;
877 }
878 s->s3->tmp.new_cipher=c;
879 }
880 else
881 {
882 /* Session-id reuse */
883#ifdef REUSE_CIPHER_BUG
884 STACK_OF(SSL_CIPHER) *sk;
885 SSL_CIPHER *nc=NULL;
886 SSL_CIPHER *ec=NULL;
887
888 if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
889 {
890 sk=s->session->ciphers;
891 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
892 {
893 c=sk_SSL_CIPHER_value(sk,i);
894 if (c->algorithms & SSL_eNULL)
895 nc=c;
896 if (SSL_C_IS_EXPORT(c))
897 ec=c;
898 }
899 if (nc != NULL)
900 s->s3->tmp.new_cipher=nc;
901 else if (ec != NULL)
902 s->s3->tmp.new_cipher=ec;
903 else
904 s->s3->tmp.new_cipher=s->session->cipher;
905 }
906 else
907#endif
908 s->s3->tmp.new_cipher=s->session->cipher;
909 }
910
911 /* we now have the following setup.
912 * client_random
913 * cipher_list - our prefered list of ciphers
914 * ciphers - the clients prefered list of ciphers
915 * compression - basically ignored right now
916 * ssl version is set - sslv3
917 * s->session - The ssl session has been setup.
918 * s->hit - session reuse flag
919 * s->tmp.new_cipher - the new cipher to use.
920 */
921
922 ret=1;
923 if (0)
924 {
925f_err:
926 ssl3_send_alert(s,SSL3_AL_FATAL,al);
927 }
928err:
929 if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
930 return(ret);
931 }
932
933static int ssl3_send_server_hello(SSL *s)
934 {
935 unsigned char *buf;
936 unsigned char *p,*d;
937 int i,sl;
938 unsigned long l,Time;
939
940 if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
941 {
942 buf=(unsigned char *)s->init_buf->data;
943 p=s->s3->server_random;
944 Time=time(NULL); /* Time */
945 l2n(Time,p);
946 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
947 /* Do the message type and length last */
948 d=p= &(buf[4]);
949
950 *(p++)=s->version>>8;
951 *(p++)=s->version&0xff;
952
953 /* Random stuff */
954 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
955 p+=SSL3_RANDOM_SIZE;
956
957 /* now in theory we have 3 options to sending back the
958 * session id. If it is a re-use, we send back the
959 * old session-id, if it is a new session, we send
960 * back the new session-id or we send back a 0 length
961 * session-id if we want it to be single use.
962 * Currently I will not implement the '0' length session-id
963 * 12-Jan-98 - I'll now support the '0' length stuff.
964 */
965 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
966 s->session->session_id_length=0;
967
968 sl=s->session->session_id_length;
969 die(sl <= sizeof s->session->session_id);
970 *(p++)=sl;
971 memcpy(p,s->session->session_id,sl);
972 p+=sl;
973
974 /* put the cipher */
975 i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
976 p+=i;
977
978 /* put the compression method */
979 if (s->s3->tmp.new_compression == NULL)
980 *(p++)=0;
981 else
982 *(p++)=s->s3->tmp.new_compression->id;
983
984 /* do the header */
985 l=(p-d);
986 d=buf;
987 *(d++)=SSL3_MT_SERVER_HELLO;
988 l2n3(l,d);
989
990 s->state=SSL3_ST_CW_CLNT_HELLO_B;
991 /* number of bytes to write */
992 s->init_num=p-buf;
993 s->init_off=0;
994 }
995
996 /* SSL3_ST_CW_CLNT_HELLO_B */
997 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
998 }
999
1000static int ssl3_send_server_done(SSL *s)
1001 {
1002 unsigned char *p;
1003
1004 if (s->state == SSL3_ST_SW_SRVR_DONE_A)
1005 {
1006 p=(unsigned char *)s->init_buf->data;
1007
1008 /* do the header */
1009 *(p++)=SSL3_MT_SERVER_DONE;
1010 *(p++)=0;
1011 *(p++)=0;
1012 *(p++)=0;
1013
1014 s->state=SSL3_ST_SW_SRVR_DONE_B;
1015 /* number of bytes to write */
1016 s->init_num=4;
1017 s->init_off=0;
1018 }
1019
1020 /* SSL3_ST_CW_CLNT_HELLO_B */
1021 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1022 }
1023
1024static int ssl3_send_server_key_exchange(SSL *s)
1025 {
1026#ifndef OPENSSL_NO_RSA
1027 unsigned char *q;
1028 int j,num;
1029 RSA *rsa;
1030 unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
1031 unsigned int u;
1032#endif
1033#ifndef OPENSSL_NO_DH
1034 DH *dh=NULL,*dhp;
1035#endif
1036 EVP_PKEY *pkey;
1037 unsigned char *p,*d;
1038 int al,i;
1039 unsigned long type;
1040 int n;
1041 CERT *cert;
1042 BIGNUM *r[4];
1043 int nr[4],kn;
1044 BUF_MEM *buf;
1045 EVP_MD_CTX md_ctx;
1046
1047 EVP_MD_CTX_init(&md_ctx);
1048 if (s->state == SSL3_ST_SW_KEY_EXCH_A)
1049 {
1050 type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
1051 cert=s->cert;
1052
1053 buf=s->init_buf;
1054
1055 r[0]=r[1]=r[2]=r[3]=NULL;
1056 n=0;
1057#ifndef OPENSSL_NO_RSA
1058 if (type & SSL_kRSA)
1059 {
1060 rsa=cert->rsa_tmp;
1061 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
1062 {
1063 rsa=s->cert->rsa_tmp_cb(s,
1064 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1065 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1066 if(rsa == NULL)
1067 {
1068 al=SSL_AD_HANDSHAKE_FAILURE;
1069 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1070 goto f_err;
1071 }
1072 RSA_up_ref(rsa);
1073 cert->rsa_tmp=rsa;
1074 }
1075 if (rsa == NULL)
1076 {
1077 al=SSL_AD_HANDSHAKE_FAILURE;
1078 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
1079 goto f_err;
1080 }
1081 r[0]=rsa->n;
1082 r[1]=rsa->e;
1083 s->s3->tmp.use_rsa_tmp=1;
1084 }
1085 else
1086#endif
1087#ifndef OPENSSL_NO_DH
1088 if (type & SSL_kEDH)
1089 {
1090 dhp=cert->dh_tmp;
1091 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
1092 dhp=s->cert->dh_tmp_cb(s,
1093 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1094 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1095 if (dhp == NULL)
1096 {
1097 al=SSL_AD_HANDSHAKE_FAILURE;
1098 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
1099 goto f_err;
1100 }
1101
1102 if (s->s3->tmp.dh != NULL)
1103 {
1104 DH_free(dh);
1105 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
1106 goto err;
1107 }
1108
1109 if ((dh=DHparams_dup(dhp)) == NULL)
1110 {
1111 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
1112 goto err;
1113 }
1114
1115 s->s3->tmp.dh=dh;
1116 if ((dhp->pub_key == NULL ||
1117 dhp->priv_key == NULL ||
1118 (s->options & SSL_OP_SINGLE_DH_USE)))
1119 {
1120 if(!DH_generate_key(dh))
1121 {
1122 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1123 ERR_R_DH_LIB);
1124 goto err;
1125 }
1126 }
1127 else
1128 {
1129 dh->pub_key=BN_dup(dhp->pub_key);
1130 dh->priv_key=BN_dup(dhp->priv_key);
1131 if ((dh->pub_key == NULL) ||
1132 (dh->priv_key == NULL))
1133 {
1134 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
1135 goto err;
1136 }
1137 }
1138 r[0]=dh->p;
1139 r[1]=dh->g;
1140 r[2]=dh->pub_key;
1141 }
1142 else
1143#endif
1144 {
1145 al=SSL_AD_HANDSHAKE_FAILURE;
1146 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1147 goto f_err;
1148 }
1149 for (i=0; r[i] != NULL; i++)
1150 {
1151 nr[i]=BN_num_bytes(r[i]);
1152 n+=2+nr[i];
1153 }
1154
1155 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
1156 {
1157 if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
1158 == NULL)
1159 {
1160 al=SSL_AD_DECODE_ERROR;
1161 goto f_err;
1162 }
1163 kn=EVP_PKEY_size(pkey);
1164 }
1165 else
1166 {
1167 pkey=NULL;
1168 kn=0;
1169 }
1170
1171 if (!BUF_MEM_grow(buf,n+4+kn))
1172 {
1173 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
1174 goto err;
1175 }
1176 d=(unsigned char *)s->init_buf->data;
1177 p= &(d[4]);
1178
1179 for (i=0; r[i] != NULL; i++)
1180 {
1181 s2n(nr[i],p);
1182 BN_bn2bin(r[i],p);
1183 p+=nr[i];
1184 }
1185
1186 /* not anonymous */
1187 if (pkey != NULL)
1188 {
1189 /* n is the length of the params, they start at &(d[4])
1190 * and p points to the space at the end. */
1191#ifndef OPENSSL_NO_RSA
1192 if (pkey->type == EVP_PKEY_RSA)
1193 {
1194 q=md_buf;
1195 j=0;
1196 for (num=2; num > 0; num--)
1197 {
1198 EVP_DigestInit_ex(&md_ctx,(num == 2)
1199 ?s->ctx->md5:s->ctx->sha1, NULL);
1200 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1201 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1202 EVP_DigestUpdate(&md_ctx,&(d[4]),n);
1203 EVP_DigestFinal_ex(&md_ctx,q,
1204 (unsigned int *)&i);
1205 q+=i;
1206 j+=i;
1207 }
1208 if (RSA_sign(NID_md5_sha1, md_buf, j,
1209 &(p[2]), &u, pkey->pkey.rsa) <= 0)
1210 {
1211 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
1212 goto err;
1213 }
1214 s2n(u,p);
1215 n+=u+2;
1216 }
1217 else
1218#endif
1219#if !defined(OPENSSL_NO_DSA)
1220 if (pkey->type == EVP_PKEY_DSA)
1221 {
1222 /* lets do DSS */
1223 EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
1224 EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1225 EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1226 EVP_SignUpdate(&md_ctx,&(d[4]),n);
1227 if (!EVP_SignFinal(&md_ctx,&(p[2]),
1228 (unsigned int *)&i,pkey))
1229 {
1230 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
1231 goto err;
1232 }
1233 s2n(i,p);
1234 n+=i+2;
1235 }
1236 else
1237#endif
1238 {
1239 /* Is this error check actually needed? */
1240 al=SSL_AD_HANDSHAKE_FAILURE;
1241 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
1242 goto f_err;
1243 }
1244 }
1245
1246 *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
1247 l2n3(n,d);
1248
1249 /* we should now have things packed up, so lets send
1250 * it off */
1251 s->init_num=n+4;
1252 s->init_off=0;
1253 }
1254
1255 s->state = SSL3_ST_SW_KEY_EXCH_B;
1256 EVP_MD_CTX_cleanup(&md_ctx);
1257 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1258f_err:
1259 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1260err:
1261 EVP_MD_CTX_cleanup(&md_ctx);
1262 return(-1);
1263 }
1264
1265static int ssl3_send_certificate_request(SSL *s)
1266 {
1267 unsigned char *p,*d;
1268 int i,j,nl,off,n;
1269 STACK_OF(X509_NAME) *sk=NULL;
1270 X509_NAME *name;
1271 BUF_MEM *buf;
1272
1273 if (s->state == SSL3_ST_SW_CERT_REQ_A)
1274 {
1275 buf=s->init_buf;
1276
1277 d=p=(unsigned char *)&(buf->data[4]);
1278
1279 /* get the list of acceptable cert types */
1280 p++;
1281 n=ssl3_get_req_cert_type(s,p);
1282 d[0]=n;
1283 p+=n;
1284 n++;
1285
1286 off=n;
1287 p+=2;
1288 n+=2;
1289
1290 sk=SSL_get_client_CA_list(s);
1291 nl=0;
1292 if (sk != NULL)
1293 {
1294 for (i=0; i<sk_X509_NAME_num(sk); i++)
1295 {
1296 name=sk_X509_NAME_value(sk,i);
1297 j=i2d_X509_NAME(name,NULL);
1298 if (!BUF_MEM_grow(buf,4+n+j+2))
1299 {
1300 SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
1301 goto err;
1302 }
1303 p=(unsigned char *)&(buf->data[4+n]);
1304 if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1305 {
1306 s2n(j,p);
1307 i2d_X509_NAME(name,&p);
1308 n+=2+j;
1309 nl+=2+j;
1310 }
1311 else
1312 {
1313 d=p;
1314 i2d_X509_NAME(name,&p);
1315 j-=2; s2n(j,d); j+=2;
1316 n+=j;
1317 nl+=j;
1318 }
1319 }
1320 }
1321 /* else no CA names */
1322 p=(unsigned char *)&(buf->data[4+off]);
1323 s2n(nl,p);
1324
1325 d=(unsigned char *)buf->data;
1326 *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
1327 l2n3(n,d);
1328
1329 /* we should now have things packed up, so lets send
1330 * it off */
1331
1332 s->init_num=n+4;
1333 s->init_off=0;
1334#ifdef NETSCAPE_HANG_BUG
1335 p=(unsigned char *)s->init_buf->data + s->init_num;
1336
1337 /* do the header */
1338 *(p++)=SSL3_MT_SERVER_DONE;
1339 *(p++)=0;
1340 *(p++)=0;
1341 *(p++)=0;
1342 s->init_num += 4;
1343#endif
1344
1345 }
1346
1347 /* SSL3_ST_SW_CERT_REQ_B */
1348 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1349err:
1350 return(-1);
1351 }
1352
1353static int ssl3_get_client_key_exchange(SSL *s)
1354 {
1355 int i,al,ok;
1356 long n;
1357 unsigned long l;
1358 unsigned char *p;
1359#ifndef OPENSSL_NO_RSA
1360 RSA *rsa=NULL;
1361 EVP_PKEY *pkey=NULL;
1362#endif
1363#ifndef OPENSSL_NO_DH
1364 BIGNUM *pub=NULL;
1365 DH *dh_srvr;
1366#endif
1367#ifndef OPENSSL_NO_KRB5
1368 KSSL_ERR kssl_err;
1369#endif /* OPENSSL_NO_KRB5 */
1370
1371 n=ssl3_get_message(s,
1372 SSL3_ST_SR_KEY_EXCH_A,
1373 SSL3_ST_SR_KEY_EXCH_B,
1374 SSL3_MT_CLIENT_KEY_EXCHANGE,
1375 2048, /* ??? */
1376 &ok);
1377
1378 if (!ok) return((int)n);
1379 p=(unsigned char *)s->init_msg;
1380
1381 l=s->s3->tmp.new_cipher->algorithms;
1382
1383#ifndef OPENSSL_NO_RSA
1384 if (l & SSL_kRSA)
1385 {
1386 /* FIX THIS UP EAY EAY EAY EAY */
1387 if (s->s3->tmp.use_rsa_tmp)
1388 {
1389 if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
1390 rsa=s->cert->rsa_tmp;
1391 /* Don't do a callback because rsa_tmp should
1392 * be sent already */
1393 if (rsa == NULL)
1394 {
1395 al=SSL_AD_HANDSHAKE_FAILURE;
1396 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
1397 goto f_err;
1398
1399 }
1400 }
1401 else
1402 {
1403 pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1404 if ( (pkey == NULL) ||
1405 (pkey->type != EVP_PKEY_RSA) ||
1406 (pkey->pkey.rsa == NULL))
1407 {
1408 al=SSL_AD_HANDSHAKE_FAILURE;
1409 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
1410 goto f_err;
1411 }
1412 rsa=pkey->pkey.rsa;
1413 }
1414
1415 /* TLS */
1416 if (s->version > SSL3_VERSION)
1417 {
1418 n2s(p,i);
1419 if (n != i+2)
1420 {
1421 if (!(s->options & SSL_OP_TLS_D5_BUG))
1422 {
1423 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1424 goto err;
1425 }
1426 else
1427 p-=2;
1428 }
1429 else
1430 n=i;
1431 }
1432
1433 i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
1434
1435 al = -1;
1436
1437 if (i != SSL_MAX_MASTER_KEY_LENGTH)
1438 {
1439 al=SSL_AD_DECODE_ERROR;
1440 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
1441 }
1442
1443 if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
1444 {
1445 /* The premaster secret must contain the same version number as the
1446 * ClientHello to detect version rollback attacks (strangely, the
1447 * protocol does not offer such protection for DH ciphersuites).
1448 * However, buggy clients exist that send the negotiated protocol
1449 * version instead if the server does not support the requested
1450 * protocol version.
1451 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
1452 if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
1453 (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
1454 {
1455 al=SSL_AD_DECODE_ERROR;
1456 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);
1457 goto f_err;
1458 }
1459 }
1460
1461 if (al != -1)
1462 {
1463#if 0
1464 goto f_err;
1465#else
1466 /* Some decryption failure -- use random value instead as countermeasure
1467 * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
1468 * (see RFC 2246, section 7.4.7.1).
1469 * But note that due to length and protocol version checking, the
1470 * attack is impractical anyway (see section 5 in D. Bleichenbacher:
1471 * "Chosen Ciphertext Attacks Against Protocols Based on the RSA
1472 * Encryption Standard PKCS #1", CRYPTO '98, LNCS 1462, pp. 1-12).
1473 */
1474 ERR_clear_error();
1475 i = SSL_MAX_MASTER_KEY_LENGTH;
1476 p[0] = s->client_version >> 8;
1477 p[1] = s->client_version & 0xff;
1478 RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
1479#endif
1480 }
1481
1482 s->session->master_key_length=
1483 s->method->ssl3_enc->generate_master_secret(s,
1484 s->session->master_key,
1485 p,i);
1486 memset(p,0,i);
1487 }
1488 else
1489#endif
1490#ifndef OPENSSL_NO_DH
1491 if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1492 {
1493 n2s(p,i);
1494 if (n != i+2)
1495 {
1496 if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
1497 {
1498 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
1499 goto err;
1500 }
1501 else
1502 {
1503 p-=2;
1504 i=(int)n;
1505 }
1506 }
1507
1508 if (n == 0L) /* the parameters are in the cert */
1509 {
1510 al=SSL_AD_HANDSHAKE_FAILURE;
1511 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
1512 goto f_err;
1513 }
1514 else
1515 {
1516 if (s->s3->tmp.dh == NULL)
1517 {
1518 al=SSL_AD_HANDSHAKE_FAILURE;
1519 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
1520 goto f_err;
1521 }
1522 else
1523 dh_srvr=s->s3->tmp.dh;
1524 }
1525
1526 pub=BN_bin2bn(p,i,NULL);
1527 if (pub == NULL)
1528 {
1529 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
1530 goto err;
1531 }
1532
1533 i=DH_compute_key(p,pub,dh_srvr);
1534
1535 if (i <= 0)
1536 {
1537 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1538 goto err;
1539 }
1540
1541 DH_free(s->s3->tmp.dh);
1542 s->s3->tmp.dh=NULL;
1543
1544 BN_clear_free(pub);
1545 pub=NULL;
1546 s->session->master_key_length=
1547 s->method->ssl3_enc->generate_master_secret(s,
1548 s->session->master_key,p,i);
1549 memset(p,0,i);
1550 }
1551 else
1552#endif
1553#ifndef OPENSSL_NO_KRB5
1554 if (l & SSL_kKRB5)
1555 {
1556 krb5_error_code krb5rc;
1557 krb5_data enc_ticket;
1558 krb5_data authenticator;
1559 krb5_data enc_pms;
1560 KSSL_CTX *kssl_ctx = s->kssl_ctx;
1561 EVP_CIPHER_CTX ciph_ctx;
1562 EVP_CIPHER *enc = NULL;
1563 unsigned char iv[EVP_MAX_IV_LENGTH];
1564 unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH
1565 + EVP_MAX_BLOCK_LENGTH];
1566 int padl, outl;
1567 krb5_timestamp authtime = 0;
1568 krb5_ticket_times ttimes;
1569
1570 EVP_CIPHER_CTX_init(&ciph_ctx);
1571
1572 if (!kssl_ctx) kssl_ctx = kssl_ctx_new();
1573
1574 n2s(p,i);
1575 enc_ticket.length = i;
1576 enc_ticket.data = (char *)p;
1577 p+=enc_ticket.length;
1578
1579 n2s(p,i);
1580 authenticator.length = i;
1581 authenticator.data = (char *)p;
1582 p+=authenticator.length;
1583
1584 n2s(p,i);
1585 enc_pms.length = i;
1586 enc_pms.data = (char *)p;
1587 p+=enc_pms.length;
1588
1589 /* Note that the length is checked again below,
1590 ** after decryption
1591 */
1592 if(enc_pms.length > sizeof pms)
1593 {
1594 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1595 SSL_R_DATA_LENGTH_TOO_LONG);
1596 goto err;
1597 }
1598
1599 if (n != enc_ticket.length + authenticator.length +
1600 enc_pms.length + 6)
1601 {
1602 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1603 SSL_R_DATA_LENGTH_TOO_LONG);
1604 goto err;
1605 }
1606
1607 if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
1608 &kssl_err)) != 0)
1609 {
1610#ifdef KSSL_DEBUG
1611 printf("kssl_sget_tkt rtn %d [%d]\n",
1612 krb5rc, kssl_err.reason);
1613 if (kssl_err.text)
1614 printf("kssl_err text= %s\n", kssl_err.text);
1615#endif /* KSSL_DEBUG */
1616 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
1617 kssl_err.reason);
1618 goto err;
1619 }
1620
1621 /* Note: no authenticator is not considered an error,
1622 ** but will return authtime == 0.
1623 */
1624 if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
1625 &authtime, &kssl_err)) != 0)
1626 {
1627#ifdef KSSL_DEBUG
1628 printf("kssl_check_authent rtn %d [%d]\n",
1629 krb5rc, kssl_err.reason);
1630 if (kssl_err.text)
1631 printf("kssl_err text= %s\n", kssl_err.text);
1632#endif /* KSSL_DEBUG */
1633 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
1634 kssl_err.reason);
1635 goto err;
1636 }
1637
1638 if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0)
1639 {
1640 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, krb5rc);
1641 goto err;
1642 }
1643
1644#ifdef KSSL_DEBUG
1645 kssl_ctx_show(kssl_ctx);
1646#endif /* KSSL_DEBUG */
1647
1648 enc = kssl_map_enc(kssl_ctx->enctype);
1649 if (enc == NULL)
1650 goto err;
1651
1652 memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
1653
1654 if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv))
1655 {
1656 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1657 SSL_R_DECRYPTION_FAILED);
1658 goto err;
1659 }
1660 if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
1661 (unsigned char *)enc_pms.data, enc_pms.length))
1662 {
1663 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1664 SSL_R_DECRYPTION_FAILED);
1665 goto err;
1666 }
1667 if (outl > SSL_MAX_MASTER_KEY_LENGTH)
1668 {
1669 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1670 SSL_R_DATA_LENGTH_TOO_LONG);
1671 goto err;
1672 }
1673 if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl))
1674 {
1675 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1676 SSL_R_DECRYPTION_FAILED);
1677 goto err;
1678 }
1679 outl += padl;
1680 if (outl > SSL_MAX_MASTER_KEY_LENGTH)
1681 {
1682 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1683 SSL_R_DATA_LENGTH_TOO_LONG);
1684 goto err;
1685 }
1686 EVP_CIPHER_CTX_cleanup(&ciph_ctx);
1687
1688 s->session->master_key_length=
1689 s->method->ssl3_enc->generate_master_secret(s,
1690 s->session->master_key, pms, outl);
1691
1692 if (kssl_ctx->client_princ)
1693 {
1694 int len = strlen(kssl_ctx->client_princ);
1695 if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH )
1696 {
1697 s->session->krb5_client_princ_len = len;
1698 memcpy(s->session->krb5_client_princ,kssl_ctx->client_princ,len);
1699 }
1700 }
1701
1702
1703 /* Was doing kssl_ctx_free() here,
1704 ** but it caused problems for apache.
1705 ** kssl_ctx = kssl_ctx_free(kssl_ctx);
1706 ** if (s->kssl_ctx) s->kssl_ctx = NULL;
1707 */
1708 }
1709 else
1710#endif /* OPENSSL_NO_KRB5 */
1711 {
1712 al=SSL_AD_HANDSHAKE_FAILURE;
1713 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1714 SSL_R_UNKNOWN_CIPHER_TYPE);
1715 goto f_err;
1716 }
1717
1718 return(1);
1719f_err:
1720 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1721#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
1722err:
1723#endif
1724 return(-1);
1725 }
1726
1727static int ssl3_get_cert_verify(SSL *s)
1728 {
1729 EVP_PKEY *pkey=NULL;
1730 unsigned char *p;
1731 int al,ok,ret=0;
1732 long n;
1733 int type=0,i,j;
1734 X509 *peer;
1735
1736 n=ssl3_get_message(s,
1737 SSL3_ST_SR_CERT_VRFY_A,
1738 SSL3_ST_SR_CERT_VRFY_B,
1739 -1,
1740 512, /* 512? */
1741 &ok);
1742
1743 if (!ok) return((int)n);
1744
1745 if (s->session->peer != NULL)
1746 {
1747 peer=s->session->peer;
1748 pkey=X509_get_pubkey(peer);
1749 type=X509_certificate_type(peer,pkey);
1750 }
1751 else
1752 {
1753 peer=NULL;
1754 pkey=NULL;
1755 }
1756
1757 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
1758 {
1759 s->s3->tmp.reuse_message=1;
1760 if ((peer != NULL) && (type | EVP_PKT_SIGN))
1761 {
1762 al=SSL_AD_UNEXPECTED_MESSAGE;
1763 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
1764 goto f_err;
1765 }
1766 ret=1;
1767 goto end;
1768 }
1769
1770 if (peer == NULL)
1771 {
1772 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
1773 al=SSL_AD_UNEXPECTED_MESSAGE;
1774 goto f_err;
1775 }
1776
1777 if (!(type & EVP_PKT_SIGN))
1778 {
1779 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
1780 al=SSL_AD_ILLEGAL_PARAMETER;
1781 goto f_err;
1782 }
1783
1784 if (s->s3->change_cipher_spec)
1785 {
1786 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
1787 al=SSL_AD_UNEXPECTED_MESSAGE;
1788 goto f_err;
1789 }
1790
1791 /* we now have a signature that we need to verify */
1792 p=(unsigned char *)s->init_msg;
1793 n2s(p,i);
1794 n-=2;
1795 if (i > n)
1796 {
1797 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
1798 al=SSL_AD_DECODE_ERROR;
1799 goto f_err;
1800 }
1801
1802 j=EVP_PKEY_size(pkey);
1803 if ((i > j) || (n > j) || (n <= 0))
1804 {
1805 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
1806 al=SSL_AD_DECODE_ERROR;
1807 goto f_err;
1808 }
1809
1810#ifndef OPENSSL_NO_RSA
1811 if (pkey->type == EVP_PKEY_RSA)
1812 {
1813 i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
1814 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
1815 pkey->pkey.rsa);
1816 if (i < 0)
1817 {
1818 al=SSL_AD_DECRYPT_ERROR;
1819 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
1820 goto f_err;
1821 }
1822 if (i == 0)
1823 {
1824 al=SSL_AD_DECRYPT_ERROR;
1825 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
1826 goto f_err;
1827 }
1828 }
1829 else
1830#endif
1831#ifndef OPENSSL_NO_DSA
1832 if (pkey->type == EVP_PKEY_DSA)
1833 {
1834 j=DSA_verify(pkey->save_type,
1835 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
1836 SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
1837 if (j <= 0)
1838 {
1839 /* bad signature */
1840 al=SSL_AD_DECRYPT_ERROR;
1841 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
1842 goto f_err;
1843 }
1844 }
1845 else
1846#endif
1847 {
1848 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
1849 al=SSL_AD_UNSUPPORTED_CERTIFICATE;
1850 goto f_err;
1851 }
1852
1853
1854 ret=1;
1855 if (0)
1856 {
1857f_err:
1858 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1859 }
1860end:
1861 EVP_PKEY_free(pkey);
1862 return(ret);
1863 }
1864
1865static int ssl3_get_client_certificate(SSL *s)
1866 {
1867 int i,ok,al,ret= -1;
1868 X509 *x=NULL;
1869 unsigned long l,nc,llen,n;
1870 unsigned char *p,*d,*q;
1871 STACK_OF(X509) *sk=NULL;
1872
1873 n=ssl3_get_message(s,
1874 SSL3_ST_SR_CERT_A,
1875 SSL3_ST_SR_CERT_B,
1876 -1,
1877 s->max_cert_list,
1878 &ok);
1879
1880 if (!ok) return((int)n);
1881
1882 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
1883 {
1884 if ( (s->verify_mode & SSL_VERIFY_PEER) &&
1885 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
1886 {
1887 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1888 al=SSL_AD_HANDSHAKE_FAILURE;
1889 goto f_err;
1890 }
1891 /* If tls asked for a client cert, the client must return a 0 list */
1892 if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
1893 {
1894 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
1895 al=SSL_AD_UNEXPECTED_MESSAGE;
1896 goto f_err;
1897 }
1898 s->s3->tmp.reuse_message=1;
1899 return(1);
1900 }
1901
1902 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
1903 {
1904 al=SSL_AD_UNEXPECTED_MESSAGE;
1905 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
1906 goto f_err;
1907 }
1908 d=p=(unsigned char *)s->init_msg;
1909
1910 if ((sk=sk_X509_new_null()) == NULL)
1911 {
1912 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1913 goto err;
1914 }
1915
1916 n2l3(p,llen);
1917 if (llen+3 != n)
1918 {
1919 al=SSL_AD_DECODE_ERROR;
1920 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
1921 goto f_err;
1922 }
1923 for (nc=0; nc<llen; )
1924 {
1925 n2l3(p,l);
1926 if ((l+nc+3) > llen)
1927 {
1928 al=SSL_AD_DECODE_ERROR;
1929 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1930 goto f_err;
1931 }
1932
1933 q=p;
1934 x=d2i_X509(NULL,&p,l);
1935 if (x == NULL)
1936 {
1937 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
1938 goto err;
1939 }
1940 if (p != (q+l))
1941 {
1942 al=SSL_AD_DECODE_ERROR;
1943 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1944 goto f_err;
1945 }
1946 if (!sk_X509_push(sk,x))
1947 {
1948 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1949 goto err;
1950 }
1951 x=NULL;
1952 nc+=l+3;
1953 }
1954
1955 if (sk_X509_num(sk) <= 0)
1956 {
1957 /* TLS does not mind 0 certs returned */
1958 if (s->version == SSL3_VERSION)
1959 {
1960 al=SSL_AD_HANDSHAKE_FAILURE;
1961 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
1962 goto f_err;
1963 }
1964 /* Fail for TLS only if we required a certificate */
1965 else if ((s->verify_mode & SSL_VERIFY_PEER) &&
1966 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
1967 {
1968 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1969 al=SSL_AD_HANDSHAKE_FAILURE;
1970 goto f_err;
1971 }
1972 }
1973 else
1974 {
1975 i=ssl_verify_cert_chain(s,sk);
1976 if (!i)
1977 {
1978 al=ssl_verify_alarm_type(s->verify_result);
1979 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
1980 goto f_err;
1981 }
1982 }
1983
1984 if (s->session->peer != NULL) /* This should not be needed */
1985 X509_free(s->session->peer);
1986 s->session->peer=sk_X509_shift(sk);
1987 s->session->verify_result = s->verify_result;
1988
1989 /* With the current implementation, sess_cert will always be NULL
1990 * when we arrive here. */
1991 if (s->session->sess_cert == NULL)
1992 {
1993 s->session->sess_cert = ssl_sess_cert_new();
1994 if (s->session->sess_cert == NULL)
1995 {
1996 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1997 goto err;
1998 }
1999 }
2000 if (s->session->sess_cert->cert_chain != NULL)
2001 sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
2002 s->session->sess_cert->cert_chain=sk;
2003 /* Inconsistency alert: cert_chain does *not* include the
2004 * peer's own certificate, while we do include it in s3_clnt.c */
2005
2006 sk=NULL;
2007
2008 ret=1;
2009 if (0)
2010 {
2011f_err:
2012 ssl3_send_alert(s,SSL3_AL_FATAL,al);
2013 }
2014err:
2015 if (x != NULL) X509_free(x);
2016 if (sk != NULL) sk_X509_pop_free(sk,X509_free);
2017 return(ret);
2018 }
2019
2020int ssl3_send_server_certificate(SSL *s)
2021 {
2022 unsigned long l;
2023 X509 *x;
2024
2025 if (s->state == SSL3_ST_SW_CERT_A)
2026 {
2027 x=ssl_get_server_send_cert(s);
2028 if (x == NULL &&
2029 /* VRS: allow null cert if auth == KRB5 */
2030 (s->s3->tmp.new_cipher->algorithms
2031 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
2032 != (SSL_aKRB5|SSL_kKRB5))
2033 {
2034 SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
2035 return(0);
2036 }
2037
2038 l=ssl3_output_cert_chain(s,x);
2039 s->state=SSL3_ST_SW_CERT_B;
2040 s->init_num=(int)l;
2041 s->init_off=0;
2042 }
2043
2044 /* SSL3_ST_SW_CERT_B */
2045 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
2046 }
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
new file mode 100644
index 0000000000..9c1551636c
--- /dev/null
+++ b/src/lib/libssl/shlib_version
@@ -0,0 +1,2 @@
1major=6
2minor=0
diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES
index d63996c70d..64c33c7048 100644
--- a/src/lib/libssl/src/CHANGES
+++ b/src/lib/libssl/src/CHANGES
@@ -1622,6 +1622,35 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
1622 *) Fix EVP_dsa_sha macro. 1622 *) Fix EVP_dsa_sha macro.
1623 [Nils Larsch] 1623 [Nils Larsch]
1624 1624
1625 Changes in security patch
1626
1627Changes marked "(CHATS)" were sponsored by the Defense Advanced
1628Research Projects Agency (DARPA) and Air Force Research Laboratory,
1629Air Force Materiel Command, USAF, under agreement number
1630F30602-01-2-0537.
1631
1632 *) Add various sanity checks to asn1_get_length() to reject
1633 the ASN1 length bytes if they exceed sizeof(long), will appear
1634 negative or the content length exceeds the length of the
1635 supplied buffer.
1636 [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
1637
1638 *) Assertions for various potential buffer overflows, not known to
1639 happen in practice.
1640 [Ben Laurie (CHATS)]
1641
1642 *) Various temporary buffers to hold ASCII versions of integers were
1643 too small for 64 bit platforms. (CAN-2002-0655)
1644 [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
1645
1646 *) Remote buffer overflow in SSL3 protocol - an attacker could
1647 supply an oversized session ID to a client. (CAN-2002-0656)
1648 [Ben Laurie (CHATS)]
1649
1650 *) Remote buffer overflow in SSL2 protocol - an attacker could
1651 supply an oversized client master key. (CAN-2002-0656)
1652 [Ben Laurie (CHATS)]
1653
1625 Changes between 0.9.6c and 0.9.6d [9 May 2002] 1654 Changes between 0.9.6c and 0.9.6d [9 May 2002]
1626 1655
1627 *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not 1656 *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure
index 986db2f614..0976f41f8d 100644
--- a/src/lib/libssl/src/Configure
+++ b/src/lib/libssl/src/Configure
@@ -366,9 +366,6 @@ my %table=(
366"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", 366"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
367"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", 367"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
368 368
369# assembler versions -- currently defunct:
370##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
371
372# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the 369# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
373# bn86-elf.o file file since it is hand tweaked assembler. 370# bn86-elf.o file file since it is hand tweaked assembler.
374"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 371"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/src/lib/libssl/src/MacOS/GetHTTPS.src/CPStringUtils.cpp b/src/lib/libssl/src/MacOS/GetHTTPS.src/CPStringUtils.cpp
index 5f64afe967..617aae2c70 100644
--- a/src/lib/libssl/src/MacOS/GetHTTPS.src/CPStringUtils.cpp
+++ b/src/lib/libssl/src/MacOS/GetHTTPS.src/CPStringUtils.cpp
@@ -2750,4 +2750,4 @@ void SkipWhiteSpace(char **ioSrcCharPtr,const Boolean inStopAtEOL)
2750 } 2750 }
2751 } 2751 }
2752 } 2752 }
2753} \ No newline at end of file 2753}
diff --git a/src/lib/libssl/src/MacOS/GetHTTPS.src/ErrorHandling.cpp b/src/lib/libssl/src/MacOS/GetHTTPS.src/ErrorHandling.cpp
index 07a32de59e..80b6a675f4 100644
--- a/src/lib/libssl/src/MacOS/GetHTTPS.src/ErrorHandling.cpp
+++ b/src/lib/libssl/src/MacOS/GetHTTPS.src/ErrorHandling.cpp
@@ -167,4 +167,4 @@ void ThrowErrorMessageException(void)
167 ThrowDescriptiveException(gErrorMessage); 167 ThrowDescriptiveException(gErrorMessage);
168} 168}
169 169
170#endif \ No newline at end of file 170#endif
diff --git a/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp b/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp
index 2726136347..aaf2a68ca9 100644
--- a/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp
+++ b/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp
@@ -1604,4 +1604,4 @@ EPInfo* epi = (EPInfo*) context;
1604 } 1604 }
1605 } 1605 }
1606} 1606}
1607*/ \ No newline at end of file 1607*/
diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org
index 3ed232fcf9..799c370cb6 100644
--- a/src/lib/libssl/src/Makefile.org
+++ b/src/lib/libssl/src/Makefile.org
@@ -35,6 +35,8 @@ OPENSSLDIR=/usr/local/ssl
35# DEVRANDOM - Give this the value of the 'random device' if your OS supports 35# DEVRANDOM - Give this the value of the 'random device' if your OS supports
36# one. 32 bytes will be read from this when the random 36# one. 32 bytes will be read from this when the random
37# number generator is initalised. 37# number generator is initalised.
38# SSL_ALLOW_ADH - define if you want the server to be able to use the
39# SSLv3 anon-DH ciphers.
38# SSL_FORBID_ENULL - define if you want the server to be not able to use the 40# SSL_FORBID_ENULL - define if you want the server to be not able to use the
39# NULL encryption ciphers. 41# NULL encryption ciphers.
40# 42#
@@ -552,7 +554,7 @@ files:
552 done; 554 done;
553 555
554links: 556links:
555 @$(TOP)/util/point.sh Makefile.ssl Makefile 557 @${SHELL} $(TOP)/util/point.sh Makefile.ssl Makefile
556 @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl 558 @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
557 @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER) 559 @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
558 @for i in $(DIRS); do \ 560 @for i in $(DIRS); do \
@@ -732,21 +734,21 @@ install_docs:
732 fn=`basename $$i .pod`; \ 734 fn=`basename $$i .pod`; \
733 if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \ 735 if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
734 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ 736 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
735 (cd `dirname $$i`; \ 737 (cd `$(PERL) util/dirname.pl $$i`; \
736 sh -c "`cd ../../util; ./pod2mantest ignore` \ 738 sh -c "`cd ../../util; ./pod2mantest ignore` \
737 --section=$$sec --center=OpenSSL \ 739 --section=$$sec --center=OpenSSL \
738 --release=$(VERSION) `basename $$i`") \ 740 --release=$(VERSION) `basename $$i`") \
739 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ 741 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec); \
740 done 742 done
741 @for i in doc/crypto/*.pod doc/ssl/*.pod; do \ 743 @for i in doc/crypto/*.pod doc/ssl/*.pod; do \
742 fn=`basename $$i .pod`; \ 744 fn=`basename $$i .pod`; \
743 if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \ 745 if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
744 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ 746 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
745 (cd `dirname $$i`; \ 747 (cd `$(PERL) util/dirname.pl $$i`; \
746 sh -c "`cd ../../util; ./pod2mantest ignore` \ 748 sh -c "`cd ../../util; ./pod2mantest ignore` \
747 --section=$$sec --center=OpenSSL \ 749 --section=$$sec --center=OpenSSL \
748 --release=$(VERSION) `basename $$i`") \ 750 --release=$(VERSION) `basename $$i`") \
749 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ 751 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec); \
750 done 752 done
751 753
752# DO NOT DELETE THIS LINE -- make depend depends on it. 754# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS
index bf8f031a29..aecd87ecfb 100644
--- a/src/lib/libssl/src/NEWS
+++ b/src/lib/libssl/src/NEWS
@@ -91,7 +91,7 @@
91 o Bug fixes for Win32, HP/UX and Irix. 91 o Bug fixes for Win32, HP/UX and Irix.
92 o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and 92 o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
93 memory checking routines. 93 memory checking routines.
94 o Bug fixes for RSA operations in threaded enviroments. 94 o Bug fixes for RSA operations in threaded environments.
95 o Bug fixes in misc. openssl applications. 95 o Bug fixes in misc. openssl applications.
96 o Remove a few potential memory leaks. 96 o Remove a few potential memory leaks.
97 o Add tighter checks of BIGNUM routines. 97 o Add tighter checks of BIGNUM routines.
diff --git a/src/lib/libssl/src/PROBLEMS b/src/lib/libssl/src/PROBLEMS
deleted file mode 100644
index d78e2d9a23..0000000000
--- a/src/lib/libssl/src/PROBLEMS
+++ /dev/null
@@ -1,50 +0,0 @@
1If you have any problems with SSLeay then please take the following
2steps:
3
4 Remove the ASM version of the BN routines (edit Configure)
5 Remove the compiler optimisation flags
6 Add in the compiler debug flags (-g)
7
8Note: if using gcc then remove -fomit-frame-pointer before you try
9 to debug things.
10
11If you wish to report a bug then please include the following information
12in any bug report:
13
14 SSLeay Details
15 - Version, most of these details can be got from the
16 'ssleay version -a' command.
17 Operating System Details
18 - OS Name
19 - OS Version
20 - Hardware platform
21 Compiler Details
22 - Name
23 - Version
24 Application Details
25 - Name
26 - Version
27 Problem Description
28 - include steps that will reproduce the problem (if known)
29 Stack Traceback (if the application dumps core)
30
31For example:
32
33 SSLeay-0.5.1a
34 SunOS 5.3, SPARC, SunC 3.0
35 SSLtelnet-0.7
36
37 Core dumps when using telnet with SSL support in bn_mul() with
38 the following stack trackback
39 ...
40
41
42Report the bug to either
43 ssleay@mincom.oz.au (Eric and Tim)
44or
45 ssl-bugs@mincom.oz.au (mailing list of active developers)
46
47
48Tim Hudson
49tjh@mincom.oz.au
50
diff --git a/src/lib/libssl/src/STATUS b/src/lib/libssl/src/STATUS
new file mode 100644
index 0000000000..0b752ecc08
--- /dev/null
+++ b/src/lib/libssl/src/STATUS
@@ -0,0 +1,102 @@
1
2 OpenSSL STATUS Last modified at
3 ______________ $Date: 2002/06/07 03:45:33 $
4
5 DEVELOPMENT STATE
6
7 o OpenSSL 0.9.8: Under development...
8 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002
9 o OpenSSL 0.9.6d: Released on May 9th, 2002
10 o OpenSSL 0.9.6c: Released on December 21st, 2001
11 o OpenSSL 0.9.6b: Released on July 9th, 2001
12 o OpenSSL 0.9.6a: Released on April 5th, 2001
13 o OpenSSL 0.9.6: Released on September 24th, 2000
14 o OpenSSL 0.9.5a: Released on April 1st, 2000
15 o OpenSSL 0.9.5: Released on February 28th, 2000
16 o OpenSSL 0.9.4: Released on August 09th, 1999
17 o OpenSSL 0.9.3a: Released on May 29th, 1999
18 o OpenSSL 0.9.3: Released on May 25th, 1999
19 o OpenSSL 0.9.2b: Released on March 22th, 1999
20 o OpenSSL 0.9.1c: Released on December 23th, 1998
21
22 [See also http://www.openssl.org/support/rt2.html]
23
24 RELEASE SHOWSTOPPERS
25
26 o BN_mod_mul verification fails for mips3-sgi-irix
27 unless configured with no-asm
28
29 AVAILABLE PATCHES
30
31 o
32
33 IN PROGRESS
34
35 o Steve is currently working on (in no particular order):
36 ASN1 code redesign, butchery, replacement.
37 OCSP
38 EVP cipher enhancement.
39 Enhanced certificate chain verification.
40 Private key, certificate and CRL API and implementation.
41 Developing and bugfixing PKCS#7 (S/MIME code).
42 Various X509 issues: character sets, certificate request extensions.
43 o Geoff and Richard are currently working on:
44 ENGINE (the new code that gives hardware support among others).
45 o Richard is currently working on:
46 UI (User Interface)
47 UTIL (a new set of library functions to support some higher level
48 functionality that is currently missing).
49 Shared library support for VMS.
50 Kerberos 5 authentication
51 Constification
52 OCSP
53
54 NEEDS PATCH
55
56 o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
57
58 o "OpenSSL STATUS" is never up-to-date.
59
60 OPEN ISSUES
61
62 o The Makefile hierarchy and build mechanism is still not a round thing:
63
64 1. The config vs. Configure scripts
65 It's the same nasty situation as for Apache with APACI vs.
66 src/Configure. It confuses.
67 Suggestion: Merge Configure and config into a single configure
68 script with a Autoconf style interface ;-) and remove
69 Configure and config. Or even let us use GNU Autoconf
70 itself. Then we can avoid a lot of those platform checks
71 which are currently in Configure.
72
73 o Support for Shared Libraries has to be added at least
74 for the major Unix platforms. The details we can rip from the stuff
75 Ralf has done for the Apache src/Configure script. Ben wants the
76 solution to be really simple.
77
78 Status: Ralf will look how we can easily incorporate the
79 compiler PIC and linker DSO flags from Apache
80 into the OpenSSL Configure script.
81
82 Ulf: +1 for using GNU autoconf and libtool (but not automake,
83 which apparently is not flexible enough to generate
84 libcrypto)
85
86 WISHES
87
88 o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?]
89 where the callback function can request that the function be aborted.
90 [Gregory Stark <ghstark@pobox.com>, <rayyang2000@yahoo.com>]
91
92 o SRP in TLS.
93 [wished by:
94 Dj <derek@yo.net>, Tom Wu <tom@arcot.com>,
95 Tom Holroyd <tomh@po.crl.go.jp>]
96
97 See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
98 as well as http://www-cs-students.stanford.edu/~tjw/srp/.
99
100 Tom Holroyd tells us there is a SRP patch for OpenSSH at
101 http://members.tripod.com/professor_tom/archives/, that could
102 be useful.
diff --git a/src/lib/libssl/src/TABLE b/src/lib/libssl/src/TABLE
new file mode 100644
index 0000000000..954c0fc553
--- /dev/null
+++ b/src/lib/libssl/src/TABLE
@@ -0,0 +1,3961 @@
1Output of `Configure TABLE':
2
3*** BC-16
4$cc = bcc
5$cflags =
6$unistd =
7$thread_cflag = (unknown)
8$sys_id = WIN16
9$lflags =
10$bn_ops = BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT
11$bn_obj =
12$des_obj =
13$bf_obj =
14$md5_obj =
15$sha1_obj =
16$cast_obj =
17$rc4_obj =
18$rmd160_obj =
19$rc5_obj =
20$dso_scheme =
21$shared_target=
22$shared_cflag =
23$shared_ldflag =
24$shared_extension =
25$ranlib =
26
27*** BC-32
28$cc = bcc32
29$cflags =
30$unistd =
31$thread_cflag =
32$sys_id = WIN32
33$lflags =
34$bn_ops = BN_LLONG DES_PTR RC4_INDEX
35$bn_obj =
36$des_obj =
37$bf_obj =
38$md5_obj =
39$sha1_obj =
40$cast_obj =
41$rc4_obj =
42$rmd160_obj =
43$rc5_obj =
44$dso_scheme = win32
45$shared_target=
46$shared_cflag =
47$shared_ldflag =
48$shared_extension =
49$ranlib =
50
51*** BS2000-OSD
52$cc = c89
53$cflags = -O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC
54$unistd =
55$thread_cflag = (unknown)
56$sys_id =
57$lflags = -lsocket -lnsl
58$bn_ops = THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR
59$bn_obj =
60$des_obj =
61$bf_obj =
62$md5_obj =
63$sha1_obj =
64$cast_obj =
65$rc4_obj =
66$rmd160_obj =
67$rc5_obj =
68$dso_scheme =
69$shared_target=
70$shared_cflag =
71$shared_ldflag =
72$shared_extension =
73$ranlib =
74
75*** Cygwin
76$cc = gcc
77$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
78$unistd =
79$thread_cflag =
80$sys_id = CYGWIN32
81$lflags =
82$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
83$bn_obj = asm/bn86-out.o asm/co86-out.o
84$des_obj = asm/dx86-out.o asm/yx86-out.o
85$bf_obj = asm/bx86-out.o
86$md5_obj = asm/mx86-out.o
87$sha1_obj = asm/sx86-out.o
88$cast_obj = asm/cx86-out.o
89$rc4_obj = asm/rx86-out.o
90$rmd160_obj = asm/rm86-out.o
91$rc5_obj = asm/r586-out.o
92$dso_scheme = win32
93$shared_target= cygwin-shared
94$shared_cflag =
95$shared_ldflag =
96$shared_extension = .dll
97$ranlib =
98
99*** Cygwin-pre1.3
100$cc = gcc
101$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
102$unistd =
103$thread_cflag = (unknown)
104$sys_id = CYGWIN32
105$lflags =
106$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
107$bn_obj =
108$des_obj =
109$bf_obj =
110$md5_obj =
111$sha1_obj =
112$cast_obj =
113$rc4_obj =
114$rmd160_obj =
115$rc5_obj =
116$dso_scheme = win32
117$shared_target=
118$shared_cflag =
119$shared_ldflag =
120$shared_extension =
121$ranlib =
122
123*** FreeBSD
124$cc = gcc
125$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
126$unistd =
127$thread_cflag = (unknown)
128$sys_id =
129$lflags =
130$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
131$bn_obj = asm/bn86-out.o asm/co86-out.o
132$des_obj = asm/dx86-out.o asm/yx86-out.o
133$bf_obj = asm/bx86-out.o
134$md5_obj = asm/mx86-out.o
135$sha1_obj = asm/sx86-out.o
136$cast_obj = asm/cx86-out.o
137$rc4_obj = asm/rx86-out.o
138$rmd160_obj = asm/rm86-out.o
139$rc5_obj = asm/r586-out.o
140$dso_scheme =
141$shared_target=
142$shared_cflag =
143$shared_ldflag =
144$shared_extension =
145$ranlib =
146
147*** FreeBSD-alpha
148$cc = gcc
149$cflags = -DTERMIOS -O -fomit-frame-pointer
150$unistd =
151$thread_cflag = (unknown)
152$sys_id =
153$lflags =
154$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2
155$bn_obj =
156$des_obj =
157$bf_obj =
158$md5_obj =
159$sha1_obj =
160$cast_obj =
161$rc4_obj =
162$rmd160_obj =
163$rc5_obj =
164$dso_scheme = dlfcn
165$shared_target= bsd-gcc-shared
166$shared_cflag = -fPIC
167$shared_ldflag =
168$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
169$ranlib =
170
171*** FreeBSD-elf
172$cc = gcc
173$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
174$unistd =
175$thread_cflag = -pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE
176$sys_id =
177$lflags =
178$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
179$bn_obj = asm/bn86-elf.o asm/co86-elf.o
180$des_obj = asm/dx86-elf.o asm/yx86-elf.o
181$bf_obj = asm/bx86-elf.o
182$md5_obj = asm/mx86-elf.o
183$sha1_obj = asm/sx86-elf.o
184$cast_obj = asm/cx86-elf.o
185$rc4_obj = asm/rx86-elf.o
186$rmd160_obj = asm/rm86-elf.o
187$rc5_obj = asm/r586-elf.o
188$dso_scheme = dlfcn
189$shared_target= bsd-gcc-shared
190$shared_cflag = -fPIC
191$shared_ldflag =
192$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
193$ranlib =
194
195*** MPE/iX-gcc
196$cc = gcc
197$cflags = -D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB
198$unistd =
199$thread_cflag = (unknown)
200$sys_id = MPE
201$lflags = -L/SYSLOG/PUB -lsyslog -lsocket -lcurses
202$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
203$bn_obj =
204$des_obj =
205$bf_obj =
206$md5_obj =
207$sha1_obj =
208$cast_obj =
209$rc4_obj =
210$rmd160_obj =
211$rc5_obj =
212$dso_scheme =
213$shared_target=
214$shared_cflag =
215$shared_ldflag =
216$shared_extension =
217$ranlib =
218
219*** Mingw32
220$cc = gcc
221$cflags = -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
222$unistd =
223$thread_cflag =
224$sys_id =
225$lflags =
226$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
227$bn_obj =
228$des_obj =
229$bf_obj =
230$md5_obj =
231$sha1_obj =
232$cast_obj =
233$rc4_obj =
234$rmd160_obj =
235$rc5_obj =
236$dso_scheme = win32
237$shared_target=
238$shared_cflag =
239$shared_ldflag =
240$shared_extension =
241$ranlib =
242
243*** NetBSD-m68
244$cc = gcc
245$cflags = -DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
246$unistd =
247$thread_cflag = (unknown)
248$sys_id =
249$lflags =
250$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL
251$bn_obj =
252$des_obj =
253$bf_obj =
254$md5_obj =
255$sha1_obj =
256$cast_obj =
257$rc4_obj =
258$rmd160_obj =
259$rc5_obj =
260$dso_scheme = dlfcn
261$shared_target= bsd-gcc-shared
262$shared_cflag = -fPIC
263$shared_ldflag =
264$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
265$ranlib =
266
267*** NetBSD-sparc
268$cc = gcc
269$cflags = -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN
270$unistd =
271$thread_cflag = (unknown)
272$sys_id =
273$lflags =
274$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL
275$bn_obj =
276$des_obj =
277$bf_obj =
278$md5_obj =
279$sha1_obj =
280$cast_obj =
281$rc4_obj =
282$rmd160_obj =
283$rc5_obj =
284$dso_scheme = dlfcn
285$shared_target= bsd-gcc-shared
286$shared_cflag = -fPIC
287$shared_ldflag =
288$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
289$ranlib =
290
291*** NetBSD-x86
292$cc = gcc
293$cflags = -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall
294$unistd =
295$thread_cflag = (unknown)
296$sys_id =
297$lflags =
298$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
299$bn_obj =
300$des_obj =
301$bf_obj =
302$md5_obj =
303$sha1_obj =
304$cast_obj =
305$rc4_obj =
306$rmd160_obj =
307$rc5_obj =
308$dso_scheme = dlfcn
309$shared_target= bsd-gcc-shared
310$shared_cflag = -fPIC
311$shared_ldflag =
312$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
313$ranlib =
314
315*** OS2-EMX
316$cc = gcc
317$cflags =
318$unistd =
319$thread_cflag =
320$sys_id =
321$lflags =
322$bn_ops =
323$bn_obj =
324$des_obj =
325$bf_obj =
326$md5_obj =
327$sha1_obj =
328$cast_obj =
329$rc4_obj =
330$rmd160_obj =
331$rc5_obj =
332$dso_scheme =
333$shared_target=
334$shared_cflag =
335$shared_ldflag =
336$shared_extension =
337$ranlib =
338
339*** OS390-Unix
340$cc = c89.sh
341$cflags = -O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE
342$unistd =
343$thread_cflag = (unknown)
344$sys_id =
345$lflags =
346$bn_ops = THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR
347$bn_obj =
348$des_obj =
349$bf_obj =
350$md5_obj =
351$sha1_obj =
352$cast_obj =
353$rc4_obj =
354$rmd160_obj =
355$rc5_obj =
356$dso_scheme =
357$shared_target=
358$shared_cflag =
359$shared_ldflag =
360$shared_extension =
361$ranlib =
362
363*** OpenBSD
364$cc = gcc
365$cflags = -DTERMIOS -O3 -fomit-frame-pointer
366$unistd =
367$thread_cflag = (unknown)
368$sys_id =
369$lflags =
370$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
371$bn_obj =
372$des_obj =
373$bf_obj =
374$md5_obj =
375$sha1_obj =
376$cast_obj =
377$rc4_obj =
378$rmd160_obj =
379$rc5_obj =
380$dso_scheme = dlfcn
381$shared_target= bsd-gcc-shared
382$shared_cflag = -fPIC
383$shared_ldflag =
384$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
385$ranlib =
386
387*** OpenBSD-alpha
388$cc = gcc
389$cflags = -DTERMIOS -O3 -fomit-frame-pointer
390$unistd =
391$thread_cflag = (unknown)
392$sys_id =
393$lflags =
394$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2
395$bn_obj =
396$des_obj =
397$bf_obj =
398$md5_obj =
399$sha1_obj =
400$cast_obj =
401$rc4_obj =
402$rmd160_obj =
403$rc5_obj =
404$dso_scheme = dlfcn
405$shared_target= bsd-gcc-shared
406$shared_cflag = -fPIC
407$shared_ldflag =
408$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
409$ranlib =
410
411*** OpenBSD-hppa
412$cc = gcc
413$cflags = -DTERMIOS -O3 -fomit-frame-pointer
414$unistd =
415$thread_cflag = (unknown)
416$sys_id =
417$lflags =
418$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL
419$bn_obj =
420$des_obj =
421$bf_obj =
422$md5_obj =
423$sha1_obj =
424$cast_obj =
425$rc4_obj =
426$rmd160_obj =
427$rc5_obj =
428$dso_scheme = dlfcn
429$shared_target= bsd-gcc-shared
430$shared_cflag = -fPIC
431$shared_ldflag =
432$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
433$ranlib =
434
435*** OpenBSD-i386
436$cc = gcc
437$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
438$unistd =
439$thread_cflag = (unknown)
440$sys_id =
441$lflags =
442$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
443$bn_obj = asm/bn86-out.o asm/co86-out.o
444$des_obj = asm/dx86-out.o asm/yx86-out.o
445$bf_obj = asm/bx86-out.o
446$md5_obj = asm/mx86-out.o
447$sha1_obj = asm/sx86-out.o
448$cast_obj = asm/cx86-out.o
449$rc4_obj = asm/rx86-out.o
450$rmd160_obj = asm/rm86-out.o
451$rc5_obj = asm/r586-out.o
452$dso_scheme = dlfcn
453$shared_target= bsd-gcc-shared
454$shared_cflag = -fPIC
455$shared_ldflag =
456$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
457$ranlib =
458
459*** OpenBSD-m68k
460$cc = gcc
461$cflags = -DTERMIOS -O3 -fomit-frame-pointer
462$unistd =
463$thread_cflag = (unknown)
464$sys_id =
465$lflags =
466$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
467$bn_obj =
468$des_obj =
469$bf_obj =
470$md5_obj =
471$sha1_obj =
472$cast_obj =
473$rc4_obj =
474$rmd160_obj =
475$rc5_obj =
476$dso_scheme = dlfcn
477$shared_target= bsd-gcc-shared
478$shared_cflag = -fPIC
479$shared_ldflag =
480$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
481$ranlib =
482
483*** OpenBSD-m88k
484$cc = gcc
485$cflags = -DTERMIOS -O3 -fomit-frame-pointer
486$unistd =
487$thread_cflag = (unknown)
488$sys_id =
489$lflags =
490$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
491$bn_obj =
492$des_obj =
493$bf_obj =
494$md5_obj =
495$sha1_obj =
496$cast_obj =
497$rc4_obj =
498$rmd160_obj =
499$rc5_obj =
500$dso_scheme = dlfcn
501$shared_target= bsd-gcc-shared
502$shared_cflag = -fPIC
503$shared_ldflag =
504$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
505$ranlib =
506
507*** OpenBSD-mips
508$cc = gcc
509$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
510$unistd =
511$thread_cflag = (unknown)
512$sys_id =
513$lflags =
514$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2
515$bn_obj =
516$des_obj =
517$bf_obj =
518$md5_obj =
519$sha1_obj =
520$cast_obj =
521$rc4_obj =
522$rmd160_obj =
523$rc5_obj =
524$dso_scheme = dlfcn
525$shared_target= bsd-gcc-shared
526$shared_cflag = -fPIC
527$shared_ldflag =
528$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
529$ranlib =
530
531*** OpenBSD-powerpc
532$cc = gcc
533$cflags = -DTERMIOS -O3 -fomit-frame-pointer
534$unistd =
535$thread_cflag = (unknown)
536$sys_id =
537$lflags =
538$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
539$bn_obj =
540$des_obj =
541$bf_obj =
542$md5_obj =
543$sha1_obj =
544$cast_obj =
545$rc4_obj =
546$rmd160_obj =
547$rc5_obj =
548$dso_scheme = dlfcn
549$shared_target= bsd-gcc-shared
550$shared_cflag = -fPIC
551$shared_ldflag =
552$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
553$ranlib =
554
555*** OpenBSD-sparc
556$cc = gcc
557$cflags = -DTERMIOS -O3 -fomit-frame-pointer
558$unistd =
559$thread_cflag = (unknown)
560$sys_id =
561$lflags =
562$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
563$bn_obj =
564$des_obj =
565$bf_obj =
566$md5_obj =
567$sha1_obj =
568$cast_obj =
569$rc4_obj =
570$rmd160_obj =
571$rc5_obj =
572$dso_scheme = dlfcn
573$shared_target= bsd-gcc-shared
574$shared_cflag = -fPIC
575$shared_ldflag =
576$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
577$ranlib =
578
579*** OpenBSD-sparc64
580$cc = gcc
581$cflags = -DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
582$unistd =
583$thread_cflag = (unknown)
584$sys_id =
585$lflags =
586$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR
587$bn_obj =
588$des_obj =
589$bf_obj =
590$md5_obj =
591$sha1_obj =
592$cast_obj =
593$rc4_obj =
594$rmd160_obj =
595$rc5_obj =
596$dso_scheme = dlfcn
597$shared_target= bsd-gcc-shared
598$shared_cflag = -fPIC
599$shared_ldflag =
600$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
601$ranlib =
602
603*** OpenBSD-vax
604$cc = gcc
605$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer
606$unistd =
607$thread_cflag = (unknown)
608$sys_id =
609$lflags =
610$bn_ops = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
611$bn_obj =
612$des_obj =
613$bf_obj =
614$md5_obj =
615$sha1_obj =
616$cast_obj =
617$rc4_obj =
618$rmd160_obj =
619$rc5_obj =
620$dso_scheme = dlfcn
621$shared_target= bsd-gcc-shared
622$shared_cflag = -fPIC
623$shared_ldflag =
624$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
625$ranlib =
626
627*** OpenUNIX-8
628$cc = cc
629$cflags = -O -DFILIO_H -Kalloca
630$unistd =
631$thread_cflag = -Kthread
632$sys_id =
633$lflags = -lsocket -lnsl
634$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
635$bn_obj =
636$des_obj =
637$bf_obj =
638$md5_obj =
639$sha1_obj =
640$cast_obj =
641$rc4_obj =
642$rmd160_obj =
643$rc5_obj =
644$dso_scheme = dlfcn
645$shared_target= svr5-shared
646$shared_cflag = -Kpic
647$shared_ldflag =
648$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
649$ranlib =
650
651*** OpenUNIX-8-gcc
652$cc = gcc
653$cflags = -O -DFILIO_H -fomit-frame-pointer
654$unistd =
655$thread_cflag = -pthread
656$sys_id =
657$lflags = -lsocket -lnsl
658$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
659$bn_obj =
660$des_obj =
661$bf_obj =
662$md5_obj =
663$sha1_obj =
664$cast_obj =
665$rc4_obj =
666$rmd160_obj =
667$rc5_obj =
668$dso_scheme = dlfcn
669$shared_target= svr5-shared
670$shared_cflag = -fPIC
671$shared_ldflag =
672$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
673$ranlib =
674
675*** OpenUNIX-8-pentium
676$cc = cc
677$cflags = -O -DFILIO_H -Kalloca -Kpentium
678$unistd =
679$thread_cflag = -Kthread
680$sys_id =
681$lflags = -lsocket -lnsl
682$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
683$bn_obj =
684$des_obj =
685$bf_obj =
686$md5_obj =
687$sha1_obj =
688$cast_obj =
689$rc4_obj =
690$rmd160_obj =
691$rc5_obj =
692$dso_scheme = dlfcn
693$shared_target= svr5-shared
694$shared_cflag = -Kpic
695$shared_ldflag =
696$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
697$ranlib =
698
699*** OpenUNIX-8-pentium_pro
700$cc = cc
701$cflags = -O -DFILIO_H -Kalloca -Kpentium_pro
702$unistd =
703$thread_cflag = -Kthread
704$sys_id =
705$lflags = -lsocket -lnsl
706$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
707$bn_obj =
708$des_obj =
709$bf_obj =
710$md5_obj =
711$sha1_obj =
712$cast_obj =
713$rc4_obj =
714$rmd160_obj =
715$rc5_obj =
716$dso_scheme = dlfcn
717$shared_target= svr5-shared
718$shared_cflag = -Kpic
719$shared_ldflag =
720$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
721$ranlib =
722
723*** ReliantUNIX
724$cc = cc
725$cflags = -KPIC -g -DTERMIOS -DB_ENDIAN
726$unistd =
727$thread_cflag = -Kthread
728$sys_id = SNI
729$lflags = -lsocket -lnsl -lc -L/usr/ucblib -lucb
730$bn_ops = BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR
731$bn_obj =
732$des_obj =
733$bf_obj =
734$md5_obj =
735$sha1_obj =
736$cast_obj =
737$rc4_obj =
738$rmd160_obj =
739$rc5_obj =
740$dso_scheme = dlfcn
741$shared_target= reliantunix-shared
742$shared_cflag =
743$shared_ldflag =
744$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
745$ranlib =
746
747*** SINIX
748$cc = cc
749$cflags = -O
750$unistd =
751$thread_cflag = (unknown)
752$sys_id = SNI
753$lflags = -lsocket -lnsl -lc -L/usr/ucblib -lucb
754$bn_ops = RC4_INDEX RC4_CHAR
755$bn_obj =
756$des_obj =
757$bf_obj =
758$md5_obj =
759$sha1_obj =
760$cast_obj =
761$rc4_obj =
762$rmd160_obj =
763$rc5_obj =
764$dso_scheme =
765$shared_target=
766$shared_cflag =
767$shared_ldflag =
768$shared_extension =
769$ranlib =
770
771*** SINIX-N
772$cc = /usr/ucb/cc
773$cflags = -O2 -misaligned
774$unistd =
775$thread_cflag = (unknown)
776$sys_id =
777$lflags = -lucb
778$bn_ops = RC4_INDEX RC4_CHAR
779$bn_obj =
780$des_obj =
781$bf_obj =
782$md5_obj =
783$sha1_obj =
784$cast_obj =
785$rc4_obj =
786$rmd160_obj =
787$rc5_obj =
788$dso_scheme =
789$shared_target=
790$shared_cflag =
791$shared_ldflag =
792$shared_extension =
793$ranlib =
794
795*** VC-MSDOS
796$cc = cl
797$cflags =
798$unistd =
799$thread_cflag = (unknown)
800$sys_id = MSDOS
801$lflags =
802$bn_ops = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
803$bn_obj =
804$des_obj =
805$bf_obj =
806$md5_obj =
807$sha1_obj =
808$cast_obj =
809$rc4_obj =
810$rmd160_obj =
811$rc5_obj =
812$dso_scheme =
813$shared_target=
814$shared_cflag =
815$shared_ldflag =
816$shared_extension =
817$ranlib =
818
819*** VC-NT
820$cc = cl
821$cflags =
822$unistd =
823$thread_cflag =
824$sys_id = WINNT
825$lflags =
826$bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
827$bn_obj =
828$des_obj =
829$bf_obj =
830$md5_obj =
831$sha1_obj =
832$cast_obj =
833$rc4_obj =
834$rmd160_obj =
835$rc5_obj =
836$dso_scheme = win32
837$shared_target=
838$shared_cflag =
839$shared_ldflag =
840$shared_extension =
841$ranlib =
842
843*** VC-W31-16
844$cc = cl
845$cflags =
846$unistd =
847$thread_cflag = (unknown)
848$sys_id = WIN16
849$lflags =
850$bn_ops = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
851$bn_obj =
852$des_obj =
853$bf_obj =
854$md5_obj =
855$sha1_obj =
856$cast_obj =
857$rc4_obj =
858$rmd160_obj =
859$rc5_obj =
860$dso_scheme =
861$shared_target=
862$shared_cflag =
863$shared_ldflag =
864$shared_extension =
865$ranlib =
866
867*** VC-W31-32
868$cc = cl
869$cflags =
870$unistd =
871$thread_cflag =
872$sys_id = WIN16
873$lflags =
874$bn_ops = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
875$bn_obj =
876$des_obj =
877$bf_obj =
878$md5_obj =
879$sha1_obj =
880$cast_obj =
881$rc4_obj =
882$rmd160_obj =
883$rc5_obj =
884$dso_scheme =
885$shared_target=
886$shared_cflag =
887$shared_ldflag =
888$shared_extension =
889$ranlib =
890
891*** VC-WIN16
892$cc = cl
893$cflags =
894$unistd =
895$thread_cflag = (unknown)
896$sys_id = WIN16
897$lflags =
898$bn_ops = MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
899$bn_obj =
900$des_obj =
901$bf_obj =
902$md5_obj =
903$sha1_obj =
904$cast_obj =
905$rc4_obj =
906$rmd160_obj =
907$rc5_obj =
908$dso_scheme =
909$shared_target=
910$shared_cflag =
911$shared_ldflag =
912$shared_extension =
913$ranlib =
914
915*** VC-WIN32
916$cc = cl
917$cflags =
918$unistd =
919$thread_cflag =
920$sys_id = WIN32
921$lflags =
922$bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
923$bn_obj =
924$des_obj =
925$bf_obj =
926$md5_obj =
927$sha1_obj =
928$cast_obj =
929$rc4_obj =
930$rmd160_obj =
931$rc5_obj =
932$dso_scheme = win32
933$shared_target=
934$shared_cflag =
935$shared_ldflag =
936$shared_extension =
937$ranlib =
938
939*** aix-cc
940$cc = cc
941$cflags = -O -DB_ENDIAN -qmaxmem=16384
942$unistd =
943$thread_cflag = (unknown)
944$sys_id = AIX
945$lflags =
946$bn_ops = BN_LLONG RC4_CHAR
947$bn_obj =
948$des_obj =
949$bf_obj =
950$md5_obj =
951$sha1_obj =
952$cast_obj =
953$rc4_obj =
954$rmd160_obj =
955$rc5_obj =
956$dso_scheme =
957$shared_target=
958$shared_cflag =
959$shared_ldflag =
960$shared_extension =
961$ranlib =
962
963*** aix-gcc
964$cc = gcc
965$cflags = -O3 -DB_ENDIAN
966$unistd =
967$thread_cflag = (unknown)
968$sys_id = AIX
969$lflags =
970$bn_ops = BN_LLONG RC4_CHAR
971$bn_obj =
972$des_obj =
973$bf_obj =
974$md5_obj =
975$sha1_obj =
976$cast_obj =
977$rc4_obj =
978$rmd160_obj =
979$rc5_obj =
980$dso_scheme =
981$shared_target=
982$shared_cflag =
983$shared_ldflag =
984$shared_extension =
985$ranlib =
986
987*** aix43-cc
988$cc = cc
989$cflags = -O -DAIX -DB_ENDIAN -qmaxmem=16384
990$unistd =
991$thread_cflag = (unknown)
992$sys_id =
993$lflags =
994$bn_ops = BN_LLONG RC4_CHAR
995$bn_obj =
996$des_obj =
997$bf_obj =
998$md5_obj =
999$sha1_obj =
1000$cast_obj =
1001$rc4_obj =
1002$rmd160_obj =
1003$rc5_obj =
1004$dso_scheme = dlfcn
1005$shared_target=
1006$shared_cflag =
1007$shared_ldflag =
1008$shared_extension =
1009$ranlib =
1010
1011*** aix43-gcc
1012$cc = gcc
1013$cflags = -O3 -DAIX -DB_ENDIAN
1014$unistd =
1015$thread_cflag = (unknown)
1016$sys_id =
1017$lflags =
1018$bn_ops = BN_LLONG RC4_CHAR
1019$bn_obj =
1020$des_obj =
1021$bf_obj =
1022$md5_obj =
1023$sha1_obj =
1024$cast_obj =
1025$rc4_obj =
1026$rmd160_obj =
1027$rc5_obj =
1028$dso_scheme = dlfcn
1029$shared_target=
1030$shared_cflag =
1031$shared_ldflag =
1032$shared_extension =
1033$ranlib =
1034
1035*** alpha-cc
1036$cc = cc
1037$cflags = -std1 -tune host -fast -readonly_strings
1038$unistd =
1039$thread_cflag = -pthread
1040$sys_id =
1041$lflags =
1042$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
1043$bn_obj =
1044$des_obj =
1045$bf_obj =
1046$md5_obj =
1047$sha1_obj =
1048$cast_obj =
1049$rc4_obj =
1050$rmd160_obj =
1051$rc5_obj =
1052$dso_scheme = dlfcn
1053$shared_target= tru64-shared
1054$shared_cflag =
1055$shared_ldflag =
1056$shared_extension = .so
1057$ranlib =
1058
1059*** alpha-cc-rpath
1060$cc = cc
1061$cflags = -std1 -tune host -fast -readonly_strings
1062$unistd =
1063$thread_cflag = -pthread
1064$sys_id =
1065$lflags =
1066$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
1067$bn_obj =
1068$des_obj =
1069$bf_obj =
1070$md5_obj =
1071$sha1_obj =
1072$cast_obj =
1073$rc4_obj =
1074$rmd160_obj =
1075$rc5_obj =
1076$dso_scheme = dlfcn
1077$shared_target= tru64-shared-rpath
1078$shared_cflag =
1079$shared_ldflag =
1080$shared_extension = .so
1081$ranlib =
1082
1083*** alpha-gcc
1084$cc = gcc
1085$cflags = -O3
1086$unistd =
1087$thread_cflag = (unknown)
1088$sys_id =
1089$lflags =
1090$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1
1091$bn_obj =
1092$des_obj =
1093$bf_obj =
1094$md5_obj =
1095$sha1_obj =
1096$cast_obj =
1097$rc4_obj =
1098$rmd160_obj =
1099$rc5_obj =
1100$dso_scheme = dlfcn
1101$shared_target= alpha-osf1-shared
1102$shared_cflag =
1103$shared_ldflag =
1104$shared_extension = .so
1105$ranlib =
1106
1107*** alpha164-cc
1108$cc = cc
1109$cflags = -std1 -tune host -fast -readonly_strings
1110$unistd =
1111$thread_cflag = -pthread
1112$sys_id =
1113$lflags =
1114$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
1115$bn_obj =
1116$des_obj =
1117$bf_obj =
1118$md5_obj =
1119$sha1_obj =
1120$cast_obj =
1121$rc4_obj =
1122$rmd160_obj =
1123$rc5_obj =
1124$dso_scheme = dlfcn
1125$shared_target= tru64-shared
1126$shared_cflag =
1127$shared_ldflag =
1128$shared_extension = .so
1129$ranlib =
1130
1131*** alphaold-cc
1132$cc = cc
1133$cflags = -std1 -tune host -O4 -readonly_strings
1134$unistd =
1135$thread_cflag = (unknown)
1136$sys_id =
1137$lflags =
1138$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK
1139$bn_obj =
1140$des_obj =
1141$bf_obj =
1142$md5_obj =
1143$sha1_obj =
1144$cast_obj =
1145$rc4_obj =
1146$rmd160_obj =
1147$rc5_obj =
1148$dso_scheme = dlfcn
1149$shared_target= alpha-osf1-shared
1150$shared_cflag =
1151$shared_ldflag =
1152$shared_extension = .so
1153$ranlib =
1154
1155*** bsdi-elf-gcc
1156$cc = gcc
1157$cflags = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
1158$unistd =
1159$thread_cflag = (unknown)
1160$sys_id =
1161$lflags = -ldl
1162$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1163$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1164$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1165$bf_obj = asm/bx86-elf.o
1166$md5_obj = asm/mx86-elf.o
1167$sha1_obj = asm/sx86-elf.o
1168$cast_obj = asm/cx86-elf.o
1169$rc4_obj = asm/rx86-elf.o
1170$rmd160_obj = asm/rm86-elf.o
1171$rc5_obj = asm/r586-elf.o
1172$dso_scheme = dlfcn
1173$shared_target= bsd-gcc-shared
1174$shared_cflag = -fPIC
1175$shared_ldflag =
1176$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1177$ranlib =
1178
1179*** bsdi-gcc
1180$cc = gcc
1181$cflags = -O3 -ffast-math -DL_ENDIAN -DPERL5 -m486
1182$unistd =
1183$thread_cflag = (unknown)
1184$sys_id =
1185$lflags =
1186$bn_ops = RSA_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1187$bn_obj = asm/bn86bsdi.o asm/co86bsdi.o
1188$des_obj = asm/dx86bsdi.o asm/yx86bsdi.o
1189$bf_obj = asm/bx86bsdi.o
1190$md5_obj = asm/mx86bsdi.o
1191$sha1_obj = asm/sx86bsdi.o
1192$cast_obj = asm/cx86bsdi.o
1193$rc4_obj = asm/rx86bsdi.o
1194$rmd160_obj = asm/rm86bsdi.o
1195$rc5_obj = asm/r586bsdi.o
1196$dso_scheme =
1197$shared_target=
1198$shared_cflag =
1199$shared_ldflag =
1200$shared_extension =
1201$ranlib =
1202
1203*** cc
1204$cc = cc
1205$cflags = -O
1206$unistd =
1207$thread_cflag = (unknown)
1208$sys_id =
1209$lflags =
1210$bn_ops =
1211$bn_obj =
1212$des_obj =
1213$bf_obj =
1214$md5_obj =
1215$sha1_obj =
1216$cast_obj =
1217$rc4_obj =
1218$rmd160_obj =
1219$rc5_obj =
1220$dso_scheme =
1221$shared_target=
1222$shared_cflag =
1223$shared_ldflag =
1224$shared_extension =
1225$ranlib =
1226
1227*** cray-j90
1228$cc = cc
1229$cflags = -DBIT_FIELD_LIMITS -DTERMIOS
1230$unistd =
1231$thread_cflag = (unknown)
1232$sys_id = CRAY
1233$lflags =
1234$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT
1235$bn_obj =
1236$des_obj =
1237$bf_obj =
1238$md5_obj =
1239$sha1_obj =
1240$cast_obj =
1241$rc4_obj =
1242$rmd160_obj =
1243$rc5_obj =
1244$dso_scheme =
1245$shared_target=
1246$shared_cflag =
1247$shared_ldflag =
1248$shared_extension =
1249$ranlib =
1250
1251*** cray-t3e
1252$cc = cc
1253$cflags = -DBIT_FIELD_LIMITS -DTERMIOS
1254$unistd =
1255$thread_cflag = (unknown)
1256$sys_id = CRAY
1257$lflags =
1258$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
1259$bn_obj =
1260$des_obj =
1261$bf_obj =
1262$md5_obj =
1263$sha1_obj =
1264$cast_obj =
1265$rc4_obj =
1266$rmd160_obj =
1267$rc5_obj =
1268$dso_scheme =
1269$shared_target=
1270$shared_cflag =
1271$shared_ldflag =
1272$shared_extension =
1273$ranlib =
1274
1275*** darwin-i386-cc
1276$cc = cc
1277$cflags = -O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN
1278$unistd =
1279$thread_cflag = (unknown)
1280$sys_id = MACOSX
1281$lflags =
1282$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
1283$bn_obj =
1284$des_obj =
1285$bf_obj =
1286$md5_obj =
1287$sha1_obj =
1288$cast_obj =
1289$rc4_obj =
1290$rmd160_obj =
1291$rc5_obj =
1292$dso_scheme =
1293$shared_target= darwin-shared
1294$shared_cflag = -fPIC
1295$shared_ldflag =
1296$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
1297$ranlib =
1298
1299*** darwin-ppc-cc
1300$cc = cc
1301$cflags = -O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN
1302$unistd =
1303$thread_cflag = (unknown)
1304$sys_id = MACOSX
1305$lflags =
1306$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
1307$bn_obj =
1308$des_obj =
1309$bf_obj =
1310$md5_obj =
1311$sha1_obj =
1312$cast_obj =
1313$rc4_obj =
1314$rmd160_obj =
1315$rc5_obj =
1316$dso_scheme =
1317$shared_target= darwin-shared
1318$shared_cflag = -fPIC
1319$shared_ldflag =
1320$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
1321$ranlib =
1322
1323*** debug
1324$cc = gcc
1325$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
1326$unistd =
1327$thread_cflag = (unknown)
1328$sys_id =
1329$lflags = -lefence
1330$bn_ops =
1331$bn_obj =
1332$des_obj =
1333$bf_obj =
1334$md5_obj =
1335$sha1_obj =
1336$cast_obj =
1337$rc4_obj =
1338$rmd160_obj =
1339$rc5_obj =
1340$dso_scheme =
1341$shared_target=
1342$shared_cflag =
1343$shared_ldflag =
1344$shared_extension =
1345$ranlib =
1346
1347*** debug-ben
1348$cc = gcc
1349$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe
1350$unistd =
1351$thread_cflag = (unknown)
1352$sys_id =
1353$lflags =
1354$bn_ops =
1355$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1356$des_obj =
1357$bf_obj =
1358$md5_obj =
1359$sha1_obj =
1360$cast_obj =
1361$rc4_obj =
1362$rmd160_obj =
1363$rc5_obj =
1364$dso_scheme =
1365$shared_target=
1366$shared_cflag =
1367$shared_ldflag =
1368$shared_extension =
1369$ranlib =
1370
1371*** debug-ben-debug
1372$cc = gcc
1373$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe
1374$unistd =
1375$thread_cflag = (unknown)
1376$sys_id =
1377$lflags =
1378$bn_ops =
1379$bn_obj =
1380$des_obj =
1381$bf_obj =
1382$md5_obj =
1383$sha1_obj =
1384$cast_obj =
1385$rc4_obj =
1386$rmd160_obj =
1387$rc5_obj =
1388$dso_scheme =
1389$shared_target=
1390$shared_cflag =
1391$shared_ldflag =
1392$shared_extension =
1393$ranlib =
1394
1395*** debug-ben-openbsd
1396$cc = gcc
1397$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe
1398$unistd =
1399$thread_cflag = (unknown)
1400$sys_id =
1401$lflags =
1402$bn_ops =
1403$bn_obj =
1404$des_obj =
1405$bf_obj =
1406$md5_obj =
1407$sha1_obj =
1408$cast_obj =
1409$rc4_obj =
1410$rmd160_obj =
1411$rc5_obj =
1412$dso_scheme =
1413$shared_target=
1414$shared_cflag =
1415$shared_ldflag =
1416$shared_extension =
1417$ranlib =
1418
1419*** debug-ben-openbsd-debug
1420$cc = gcc
1421$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe
1422$unistd =
1423$thread_cflag = (unknown)
1424$sys_id =
1425$lflags =
1426$bn_ops =
1427$bn_obj =
1428$des_obj =
1429$bf_obj =
1430$md5_obj =
1431$sha1_obj =
1432$cast_obj =
1433$rc4_obj =
1434$rmd160_obj =
1435$rc5_obj =
1436$dso_scheme =
1437$shared_target=
1438$shared_cflag =
1439$shared_ldflag =
1440$shared_extension =
1441$ranlib =
1442
1443*** debug-ben-strict
1444$cc = gcc
1445$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe
1446$unistd =
1447$thread_cflag = (unknown)
1448$sys_id =
1449$lflags =
1450$bn_ops =
1451$bn_obj =
1452$des_obj =
1453$bf_obj =
1454$md5_obj =
1455$sha1_obj =
1456$cast_obj =
1457$rc4_obj =
1458$rmd160_obj =
1459$rc5_obj =
1460$dso_scheme =
1461$shared_target=
1462$shared_cflag =
1463$shared_ldflag =
1464$shared_extension =
1465$ranlib =
1466
1467*** debug-bodo
1468$cc = gcc
1469$cflags = -DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -m486 -pedantic -Wshadow -Wall
1470$unistd =
1471$thread_cflag = -D_REENTRANT
1472$sys_id =
1473$lflags =
1474$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1475$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1476$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1477$bf_obj = asm/bx86-elf.o
1478$md5_obj = asm/mx86-elf.o
1479$sha1_obj = asm/sx86-elf.o
1480$cast_obj = asm/cx86-elf.o
1481$rc4_obj = asm/rx86-elf.o
1482$rmd160_obj = asm/rm86-elf.o
1483$rc5_obj = asm/r586-elf.o
1484$dso_scheme =
1485$shared_target=
1486$shared_cflag =
1487$shared_ldflag =
1488$shared_extension =
1489$ranlib =
1490
1491*** debug-levitte-linux-elf
1492$cc = gcc
1493$cflags = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe
1494$unistd =
1495$thread_cflag = -D_REENTRANT
1496$sys_id =
1497$lflags = -ldl
1498$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1499$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1500$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1501$bf_obj = asm/bx86-elf.o
1502$md5_obj = asm/mx86-elf.o
1503$sha1_obj = asm/sx86-elf.o
1504$cast_obj = asm/cx86-elf.o
1505$rc4_obj = asm/rx86-elf.o
1506$rmd160_obj = asm/rm86-elf.o
1507$rc5_obj = asm/r586-elf.o
1508$dso_scheme = dlfcn
1509$shared_target= linux-shared
1510$shared_cflag = -fPIC
1511$shared_ldflag =
1512$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1513$ranlib =
1514
1515*** debug-levitte-linux-noasm
1516$cc = gcc
1517$cflags = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe
1518$unistd =
1519$thread_cflag = -D_REENTRANT
1520$sys_id =
1521$lflags = -ldl
1522$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1523$bn_obj =
1524$des_obj =
1525$bf_obj =
1526$md5_obj =
1527$sha1_obj =
1528$cast_obj =
1529$rc4_obj =
1530$rmd160_obj =
1531$rc5_obj =
1532$dso_scheme = dlfcn
1533$shared_target= linux-shared
1534$shared_cflag = -fPIC
1535$shared_ldflag =
1536$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1537$ranlib =
1538
1539*** debug-linux-elf
1540$cc = gcc
1541$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
1542$unistd =
1543$thread_cflag = -D_REENTRANT
1544$sys_id =
1545$lflags = -lefence -ldl
1546$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1547$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1548$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1549$bf_obj = asm/bx86-elf.o
1550$md5_obj = asm/mx86-elf.o
1551$sha1_obj = asm/sx86-elf.o
1552$cast_obj = asm/cx86-elf.o
1553$rc4_obj = asm/rx86-elf.o
1554$rmd160_obj = asm/rm86-elf.o
1555$rc5_obj = asm/r586-elf.o
1556$dso_scheme = dlfcn
1557$shared_target= linux-shared
1558$shared_cflag = -fPIC
1559$shared_ldflag =
1560$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1561$ranlib =
1562
1563*** debug-linux-elf-noefence
1564$cc = gcc
1565$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
1566$unistd =
1567$thread_cflag = -D_REENTRANT
1568$sys_id =
1569$lflags = -ldl
1570$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1571$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1572$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1573$bf_obj = asm/bx86-elf.o
1574$md5_obj = asm/mx86-elf.o
1575$sha1_obj = asm/sx86-elf.o
1576$cast_obj = asm/cx86-elf.o
1577$rc4_obj = asm/rx86-elf.o
1578$rmd160_obj = asm/rm86-elf.o
1579$rc5_obj = asm/r586-elf.o
1580$dso_scheme = dlfcn
1581$shared_target=
1582$shared_cflag =
1583$shared_ldflag =
1584$shared_extension =
1585$ranlib =
1586
1587*** debug-linux-pentium
1588$cc = gcc
1589$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall
1590$unistd =
1591$thread_cflag = -D_REENTRANT
1592$sys_id =
1593$lflags = -ldl
1594$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1595$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1596$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1597$bf_obj = asm/bx86-elf.o
1598$md5_obj = asm/mx86-elf.o
1599$sha1_obj = asm/sx86-elf.o
1600$cast_obj = asm/cx86-elf.o
1601$rc4_obj = asm/rx86-elf.o
1602$rmd160_obj = asm/rm86-elf.o
1603$rc5_obj = asm/r586-elf.o
1604$dso_scheme = dlfcn
1605$shared_target=
1606$shared_cflag =
1607$shared_ldflag =
1608$shared_extension =
1609$ranlib =
1610
1611*** debug-linux-ppro
1612$cc = gcc
1613$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall
1614$unistd =
1615$thread_cflag = -D_REENTRANT
1616$sys_id =
1617$lflags = -ldl
1618$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1619$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1620$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1621$bf_obj = asm/bx86-elf.o
1622$md5_obj = asm/mx86-elf.o
1623$sha1_obj = asm/sx86-elf.o
1624$cast_obj = asm/cx86-elf.o
1625$rc4_obj = asm/rx86-elf.o
1626$rmd160_obj = asm/rm86-elf.o
1627$rc5_obj = asm/r586-elf.o
1628$dso_scheme = dlfcn
1629$shared_target=
1630$shared_cflag =
1631$shared_ldflag =
1632$shared_extension =
1633$ranlib =
1634
1635*** debug-rse
1636$cc = cc
1637$cflags = -DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall
1638$unistd =
1639$thread_cflag = (unknown)
1640$sys_id =
1641$lflags =
1642$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1643$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1644$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1645$bf_obj = asm/bx86-elf.o
1646$md5_obj = asm/mx86-elf.o
1647$sha1_obj = asm/sx86-elf.o
1648$cast_obj = asm/cx86-elf.o
1649$rc4_obj = asm/rx86-elf.o
1650$rmd160_obj = asm/rm86-elf.o
1651$rc5_obj = asm/r586-elf.o
1652$dso_scheme =
1653$shared_target=
1654$shared_cflag =
1655$shared_ldflag =
1656$shared_extension =
1657$ranlib =
1658
1659*** debug-solaris-sparcv8-cc
1660$cc = cc
1661$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W
1662$unistd =
1663$thread_cflag = -D_REENTRANT
1664$sys_id =
1665$lflags = -lsocket -lnsl -ldl
1666$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
1667$bn_obj = asm/sparcv8.o
1668$des_obj =
1669$bf_obj =
1670$md5_obj =
1671$sha1_obj =
1672$cast_obj =
1673$rc4_obj =
1674$rmd160_obj =
1675$rc5_obj =
1676$dso_scheme = dlfcn
1677$shared_target= solaris-shared
1678$shared_cflag = -KPIC
1679$shared_ldflag =
1680$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1681$ranlib =
1682
1683*** debug-solaris-sparcv8-gcc
1684$cc = gcc
1685$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN
1686$unistd =
1687$thread_cflag = -D_REENTRANT
1688$sys_id =
1689$lflags = -lsocket -lnsl -ldl
1690$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
1691$bn_obj = asm/sparcv8.o
1692$des_obj =
1693$bf_obj =
1694$md5_obj =
1695$sha1_obj =
1696$cast_obj =
1697$rc4_obj =
1698$rmd160_obj =
1699$rc5_obj =
1700$dso_scheme = dlfcn
1701$shared_target= solaris-shared
1702$shared_cflag = -fPIC
1703$shared_ldflag =
1704$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1705$ranlib =
1706
1707*** debug-solaris-sparcv9-cc
1708$cc = cc
1709$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W
1710$unistd =
1711$thread_cflag = -D_REENTRANT
1712$sys_id = ULTRASPARC
1713$lflags = -lsocket -lnsl -ldl
1714$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
1715$bn_obj = asm/sparcv8plus.o
1716$des_obj =
1717$bf_obj =
1718$md5_obj = asm/md5-sparcv8plus.o
1719$sha1_obj =
1720$cast_obj =
1721$rc4_obj =
1722$rmd160_obj =
1723$rc5_obj =
1724$dso_scheme = dlfcn
1725$shared_target= solaris-shared
1726$shared_cflag = -KPIC
1727$shared_ldflag =
1728$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1729$ranlib =
1730
1731*** debug-solaris-sparcv9-gcc
1732$cc = gcc
1733$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN
1734$unistd =
1735$thread_cflag = -D_REENTRANT
1736$sys_id =
1737$lflags = -lsocket -lnsl -ldl
1738$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
1739$bn_obj = asm/sparcv8plus.o
1740$des_obj =
1741$bf_obj =
1742$md5_obj =
1743$sha1_obj =
1744$cast_obj =
1745$rc4_obj =
1746$rmd160_obj =
1747$rc5_obj =
1748$dso_scheme = dlfcn
1749$shared_target= solaris-shared
1750$shared_cflag = -fPIC
1751$shared_ldflag =
1752$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1753$ranlib =
1754
1755*** debug-steve
1756$cc = gcc
1757$cflags = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe
1758$unistd =
1759$thread_cflag = -D_REENTRANT
1760$sys_id =
1761$lflags = -rdynamic -ldl
1762$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1763$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1764$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1765$bf_obj = asm/bx86-elf.o
1766$md5_obj = asm/mx86-elf.o
1767$sha1_obj = asm/sx86-elf.o
1768$cast_obj = asm/cx86-elf.o
1769$rc4_obj = asm/rx86-elf.o
1770$rmd160_obj = asm/rm86-elf.o
1771$rc5_obj = asm/r586-elf.o
1772$dso_scheme = dlfcn
1773$shared_target=
1774$shared_cflag =
1775$shared_ldflag =
1776$shared_extension =
1777$ranlib =
1778
1779*** debug-steve-linux-pseudo64
1780$cc = gcc
1781$cflags = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe
1782$unistd =
1783$thread_cflag = -D_REENTRANT
1784$sys_id =
1785$lflags = -rdynamic -ldl
1786$bn_ops = SIXTY_FOUR_BIT
1787$bn_obj =
1788$des_obj = dlfcn
1789$bf_obj =
1790$md5_obj =
1791$sha1_obj =
1792$cast_obj =
1793$rc4_obj =
1794$rmd160_obj =
1795$rc5_obj =
1796$dso_scheme =
1797$shared_target=
1798$shared_cflag =
1799$shared_ldflag =
1800$shared_extension =
1801$ranlib =
1802
1803*** debug-ulf
1804$cc = gcc
1805$cflags = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
1806$unistd =
1807$thread_cflag = -D_REENTRANT
1808$sys_id =
1809$lflags =
1810$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1811$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1812$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1813$bf_obj = asm/bx86-elf.o
1814$md5_obj = asm/mx86-elf.o
1815$sha1_obj = asm/sx86-elf.o
1816$cast_obj = asm/cx86-elf.o
1817$rc4_obj = asm/rx86-elf.o
1818$rmd160_obj = asm/rm86-elf.o
1819$rc5_obj = asm/r586-elf.o
1820$dso_scheme =
1821$shared_target=
1822$shared_cflag =
1823$shared_ldflag =
1824$shared_extension =
1825$ranlib =
1826
1827*** dgux-R3-gcc
1828$cc = gcc
1829$cflags = -O3 -fomit-frame-pointer
1830$unistd =
1831$thread_cflag = (unknown)
1832$sys_id =
1833$lflags =
1834$bn_ops = RC4_INDEX DES_UNROLL
1835$bn_obj =
1836$des_obj =
1837$bf_obj =
1838$md5_obj =
1839$sha1_obj =
1840$cast_obj =
1841$rc4_obj =
1842$rmd160_obj =
1843$rc5_obj =
1844$dso_scheme =
1845$shared_target=
1846$shared_cflag =
1847$shared_ldflag =
1848$shared_extension =
1849$ranlib =
1850
1851*** dgux-R4-gcc
1852$cc = gcc
1853$cflags = -O3 -fomit-frame-pointer
1854$unistd =
1855$thread_cflag = (unknown)
1856$sys_id =
1857$lflags = -lnsl -lsocket
1858$bn_ops = RC4_INDEX DES_UNROLL
1859$bn_obj =
1860$des_obj =
1861$bf_obj =
1862$md5_obj =
1863$sha1_obj =
1864$cast_obj =
1865$rc4_obj =
1866$rmd160_obj =
1867$rc5_obj =
1868$dso_scheme =
1869$shared_target=
1870$shared_cflag =
1871$shared_ldflag =
1872$shared_extension =
1873$ranlib =
1874
1875*** dgux-R4-x86-gcc
1876$cc = gcc
1877$cflags = -O3 -fomit-frame-pointer -DL_ENDIAN
1878$unistd =
1879$thread_cflag = (unknown)
1880$sys_id =
1881$lflags = -lnsl -lsocket
1882$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
1883$bn_obj = asm/bn86-elf.o asm/co86-elf.o
1884$des_obj = asm/dx86-elf.o asm/yx86-elf.o
1885$bf_obj = asm/bx86-elf.o
1886$md5_obj = asm/mx86-elf.o
1887$sha1_obj = asm/sx86-elf.o
1888$cast_obj = asm/cx86-elf.o
1889$rc4_obj = asm/rx86-elf.o
1890$rmd160_obj = asm/rm86-elf.o
1891$rc5_obj = asm/r586-elf.o
1892$dso_scheme =
1893$shared_target=
1894$shared_cflag =
1895$shared_ldflag =
1896$shared_extension =
1897$ranlib =
1898
1899*** dist
1900$cc = cc
1901$cflags = -O
1902$unistd =
1903$thread_cflag = (unknown)
1904$sys_id =
1905$lflags =
1906$bn_ops =
1907$bn_obj =
1908$des_obj =
1909$bf_obj =
1910$md5_obj =
1911$sha1_obj =
1912$cast_obj =
1913$rc4_obj =
1914$rmd160_obj =
1915$rc5_obj =
1916$dso_scheme =
1917$shared_target=
1918$shared_cflag =
1919$shared_ldflag =
1920$shared_extension =
1921$ranlib =
1922
1923*** gcc
1924$cc = gcc
1925$cflags = -O3
1926$unistd =
1927$thread_cflag = (unknown)
1928$sys_id =
1929$lflags =
1930$bn_ops = BN_LLONG
1931$bn_obj =
1932$des_obj =
1933$bf_obj =
1934$md5_obj =
1935$sha1_obj =
1936$cast_obj =
1937$rc4_obj =
1938$rmd160_obj =
1939$rc5_obj =
1940$dso_scheme =
1941$shared_target=
1942$shared_cflag =
1943$shared_ldflag =
1944$shared_extension =
1945$ranlib =
1946
1947*** hpux-brokencc
1948$cc = cc
1949$cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
1950$unistd =
1951$thread_cflag = (unknown)
1952$sys_id =
1953$lflags = -Wl,+s -ldld
1954$bn_ops = DES_PTR DES_UNROLL DES_RISC1
1955$bn_obj =
1956$des_obj =
1957$bf_obj =
1958$md5_obj =
1959$sha1_obj =
1960$cast_obj =
1961$rc4_obj =
1962$rmd160_obj =
1963$rc5_obj =
1964$dso_scheme = dl
1965$shared_target= hpux-shared
1966$shared_cflag = +Z
1967$shared_ldflag =
1968$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1969$ranlib =
1970
1971*** hpux-brokengcc
1972$cc = gcc
1973$cflags = -DB_ENDIAN -DBN_DIV2W -O3
1974$unistd =
1975$thread_cflag = (unknown)
1976$sys_id =
1977$lflags = -Wl,+s -ldld
1978$bn_ops = DES_PTR DES_UNROLL DES_RISC1
1979$bn_obj =
1980$des_obj =
1981$bf_obj =
1982$md5_obj =
1983$sha1_obj =
1984$cast_obj =
1985$rc4_obj =
1986$rmd160_obj =
1987$rc5_obj =
1988$dso_scheme = dl
1989$shared_target= hpux-shared
1990$shared_cflag = -fPIC
1991$shared_ldflag =
1992$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
1993$ranlib =
1994
1995*** hpux-cc
1996$cc = cc
1997$cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z
1998$unistd =
1999$thread_cflag = (unknown)
2000$sys_id =
2001$lflags = -Wl,+s -ldld
2002$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2003$bn_obj =
2004$des_obj =
2005$bf_obj =
2006$md5_obj =
2007$sha1_obj =
2008$cast_obj =
2009$rc4_obj =
2010$rmd160_obj =
2011$rc5_obj =
2012$dso_scheme = dl
2013$shared_target= hpux-shared
2014$shared_cflag = +Z
2015$shared_ldflag =
2016$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2017$ranlib =
2018
2019*** hpux-gcc
2020$cc = gcc
2021$cflags = -DB_ENDIAN -DBN_DIV2W -O3
2022$unistd =
2023$thread_cflag = (unknown)
2024$sys_id =
2025$lflags = -Wl,+s -ldld
2026$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2027$bn_obj =
2028$des_obj =
2029$bf_obj =
2030$md5_obj =
2031$sha1_obj =
2032$cast_obj =
2033$rc4_obj =
2034$rmd160_obj =
2035$rc5_obj =
2036$dso_scheme = dl
2037$shared_target= hpux-shared
2038$shared_cflag = -fPIC
2039$shared_ldflag =
2040$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2041$ranlib =
2042
2043*** hpux-ia64-cc
2044$cc = cc
2045$cflags = -Ae +DD32 +O3 +ESlit -z -DB_ENDIAN
2046$unistd =
2047$thread_cflag = -D_REENTRANT
2048$sys_id =
2049$lflags = -ldl
2050$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2051$bn_obj = asm/ia64-cpp.o
2052$des_obj =
2053$bf_obj =
2054$md5_obj =
2055$sha1_obj =
2056$cast_obj =
2057$rc4_obj =
2058$rmd160_obj =
2059$rc5_obj =
2060$dso_scheme = dlfcn
2061$shared_target= hpux-shared
2062$shared_cflag = +Z
2063$shared_ldflag =
2064$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2065$ranlib =
2066
2067*** hpux-m68k-gcc
2068$cc = gcc
2069$cflags = -DB_ENDIAN -DBN_DIV2W -O3
2070$unistd =
2071$thread_cflag = (unknown)
2072$sys_id =
2073$lflags =
2074$bn_ops = BN_LLONG DES_PTR DES_UNROLL
2075$bn_obj =
2076$des_obj =
2077$bf_obj =
2078$md5_obj =
2079$sha1_obj =
2080$cast_obj =
2081$rc4_obj =
2082$rmd160_obj =
2083$rc5_obj =
2084$dso_scheme =
2085$shared_target=
2086$shared_cflag =
2087$shared_ldflag =
2088$shared_extension =
2089$ranlib =
2090
2091*** hpux-parisc-cc
2092$cc = cc
2093$cflags = +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
2094$unistd =
2095$thread_cflag = -D_REENTRANT
2096$sys_id =
2097$lflags = -Wl,+s -ldld
2098$bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2099$bn_obj =
2100$des_obj =
2101$bf_obj =
2102$md5_obj =
2103$sha1_obj =
2104$cast_obj =
2105$rc4_obj =
2106$rmd160_obj =
2107$rc5_obj =
2108$dso_scheme = dl
2109$shared_target= hpux-shared
2110$shared_cflag = +Z
2111$shared_ldflag =
2112$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2113$ranlib =
2114
2115*** hpux-parisc-cc-o4
2116$cc = cc
2117$cflags = -Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
2118$unistd =
2119$thread_cflag =
2120$sys_id =
2121$lflags = -ldld
2122$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2123$bn_obj =
2124$des_obj =
2125$bf_obj =
2126$md5_obj =
2127$sha1_obj =
2128$cast_obj =
2129$rc4_obj =
2130$rmd160_obj =
2131$rc5_obj =
2132$dso_scheme = dl
2133$shared_target= hpux-shared
2134$shared_cflag = +Z
2135$shared_ldflag =
2136$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2137$ranlib =
2138
2139*** hpux-parisc-gcc
2140$cc = gcc
2141$cflags = -O3 -DB_ENDIAN -DBN_DIV2W
2142$unistd =
2143$thread_cflag =
2144$sys_id =
2145$lflags = -Wl,+s -ldld
2146$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2147$bn_obj =
2148$des_obj =
2149$bf_obj =
2150$md5_obj =
2151$sha1_obj =
2152$cast_obj =
2153$rc4_obj =
2154$rmd160_obj =
2155$rc5_obj =
2156$dso_scheme = dl
2157$shared_target= hpux-shared
2158$shared_cflag = -fPIC
2159$shared_ldflag =
2160$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2161$ranlib =
2162
2163*** hpux-parisc1_1-cc
2164$cc = cc
2165$cflags = +DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
2166$unistd =
2167$thread_cflag = -D_REENTRANT
2168$sys_id =
2169$lflags = -Wl,+s -ldld
2170$bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2171$bn_obj =
2172$des_obj =
2173$bf_obj =
2174$md5_obj =
2175$sha1_obj =
2176$cast_obj =
2177$rc4_obj =
2178$rmd160_obj =
2179$rc5_obj =
2180$dso_scheme = dl
2181$shared_target= hpux-shared
2182$shared_cflag = +Z
2183$shared_ldflag =
2184$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2185$ranlib =
2186
2187*** hpux-parisc2-cc
2188$cc = cc
2189$cflags = +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
2190$unistd =
2191$thread_cflag = -D_REENTRANT
2192$sys_id =
2193$lflags = -Wl,+s -ldld
2194$bn_ops = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2195$bn_obj = asm/pa-risc2.o
2196$des_obj =
2197$bf_obj =
2198$md5_obj =
2199$sha1_obj =
2200$cast_obj =
2201$rc4_obj =
2202$rmd160_obj =
2203$rc5_obj =
2204$dso_scheme = dl
2205$shared_target= hpux-shared
2206$shared_cflag = +Z
2207$shared_ldflag =
2208$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2209$ranlib =
2210
2211*** hpux10-brokencc
2212$cc = cc
2213$cflags = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
2214$unistd =
2215$thread_cflag = -D_REENTRANT
2216$sys_id =
2217$lflags = -Wl,+s -ldld
2218$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2219$bn_obj =
2220$des_obj =
2221$bf_obj =
2222$md5_obj =
2223$sha1_obj =
2224$cast_obj =
2225$rc4_obj =
2226$rmd160_obj =
2227$rc5_obj =
2228$dso_scheme = dl
2229$shared_target= hpux-shared
2230$shared_cflag = +Z
2231$shared_ldflag =
2232$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2233$ranlib =
2234
2235*** hpux10-brokengcc
2236$cc = gcc
2237$cflags = -DB_ENDIAN -DBN_DIV2W -O3
2238$unistd =
2239$thread_cflag = -D_REENTRANT
2240$sys_id =
2241$lflags = -Wl,+s -ldld
2242$bn_ops = DES_PTR DES_UNROLL DES_RISC1
2243$bn_obj =
2244$des_obj =
2245$bf_obj =
2246$md5_obj =
2247$sha1_obj =
2248$cast_obj =
2249$rc4_obj =
2250$rmd160_obj =
2251$rc5_obj =
2252$dso_scheme = dl
2253$shared_target= hpux-shared
2254$shared_cflag = -fPIC
2255$shared_ldflag =
2256$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2257$ranlib =
2258
2259*** hpux10-cc
2260$cc = cc
2261$cflags = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z
2262$unistd =
2263$thread_cflag = -D_REENTRANT
2264$sys_id =
2265$lflags = -Wl,+s -ldld
2266$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2267$bn_obj =
2268$des_obj =
2269$bf_obj =
2270$md5_obj =
2271$sha1_obj =
2272$cast_obj =
2273$rc4_obj =
2274$rmd160_obj =
2275$rc5_obj =
2276$dso_scheme = dl
2277$shared_target= hpux-shared
2278$shared_cflag = +Z
2279$shared_ldflag =
2280$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2281$ranlib =
2282
2283*** hpux10-gcc
2284$cc = gcc
2285$cflags = -DB_ENDIAN -DBN_DIV2W -O3
2286$unistd =
2287$thread_cflag = -D_REENTRANT
2288$sys_id =
2289$lflags = -Wl,+s -ldld
2290$bn_ops = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
2291$bn_obj =
2292$des_obj =
2293$bf_obj =
2294$md5_obj =
2295$sha1_obj =
2296$cast_obj =
2297$rc4_obj =
2298$rmd160_obj =
2299$rc5_obj =
2300$dso_scheme = dl
2301$shared_target= hpux-shared
2302$shared_cflag = -fPIC
2303$shared_ldflag =
2304$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2305$ranlib =
2306
2307*** hpux64-ia64-cc
2308$cc = cc
2309$cflags = -Ae +DD64 +O3 +ESlit -z -DB_ENDIAN
2310$unistd =
2311$thread_cflag = -D_REENTRANT
2312$sys_id =
2313$lflags = -ldl
2314$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2315$bn_obj = asm/ia64-cpp.o
2316$des_obj =
2317$bf_obj =
2318$md5_obj =
2319$sha1_obj =
2320$cast_obj =
2321$rc4_obj =
2322$rmd160_obj =
2323$rc5_obj =
2324$dso_scheme = dlfcn
2325$shared_target= hpux64-shared
2326$shared_cflag = +Z
2327$shared_ldflag =
2328$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2329$ranlib =
2330
2331*** hpux64-parisc-cc
2332$cc = cc
2333$cflags = -Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY
2334$unistd =
2335$thread_cflag = -D_REENTRANT
2336$sys_id =
2337$lflags = -ldl
2338$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2339$bn_obj =
2340$des_obj =
2341$bf_obj =
2342$md5_obj =
2343$sha1_obj =
2344$cast_obj =
2345$rc4_obj =
2346$rmd160_obj =
2347$rc5_obj =
2348$dso_scheme = dlfcn
2349$shared_target= hpux64-shared
2350$shared_cflag = +Z
2351$shared_ldflag =
2352$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2353$ranlib =
2354
2355*** hpux64-parisc2-cc
2356$cc = cc
2357$cflags = +DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
2358$unistd =
2359$thread_cflag = -D_REENTRANT
2360$sys_id =
2361$lflags = -ldl
2362$bn_ops = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
2363$bn_obj = asm/pa-risc2W.o
2364$des_obj =
2365$bf_obj =
2366$md5_obj =
2367$sha1_obj =
2368$cast_obj =
2369$rc4_obj =
2370$rmd160_obj =
2371$rc5_obj =
2372$dso_scheme = dlfcn
2373$shared_target= hpux64-shared
2374$shared_cflag = +Z
2375$shared_ldflag =
2376$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2377$ranlib =
2378
2379*** hurd-x86
2380$cc = gcc
2381$cflags = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall
2382$unistd =
2383$thread_cflag = -D_REENTRANT
2384$sys_id =
2385$lflags = -ldl
2386$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
2387$bn_obj = asm/bn86-elf.o asm/co86-elf.o
2388$des_obj = asm/dx86-elf.o asm/yx86-elf.o
2389$bf_obj = asm/bx86-elf.o
2390$md5_obj = asm/mx86-elf.o
2391$sha1_obj = asm/sx86-elf.o
2392$cast_obj = asm/cx86-elf.o
2393$rc4_obj = asm/rx86-elf.o
2394$rmd160_obj = asm/rm86-elf.o
2395$rc5_obj = asm/r586-elf.o
2396$dso_scheme = dlfcn
2397$shared_target= linux-shared
2398$shared_cflag = -fPIC
2399$shared_ldflag =
2400$shared_extension =
2401$ranlib =
2402
2403*** irix-cc
2404$cc = cc
2405$cflags = -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN
2406$unistd =
2407$thread_cflag = (unknown)
2408$sys_id =
2409$lflags =
2410$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR
2411$bn_obj =
2412$des_obj =
2413$bf_obj =
2414$md5_obj =
2415$sha1_obj =
2416$cast_obj =
2417$rc4_obj =
2418$rmd160_obj =
2419$rc5_obj =
2420$dso_scheme = dlfcn
2421$shared_target= irix-shared
2422$shared_cflag =
2423$shared_ldflag =
2424$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2425$ranlib =
2426
2427*** irix-gcc
2428$cc = gcc
2429$cflags = -O3 -DTERMIOS -DB_ENDIAN
2430$unistd =
2431$thread_cflag = (unknown)
2432$sys_id =
2433$lflags =
2434$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR
2435$bn_obj =
2436$des_obj =
2437$bf_obj =
2438$md5_obj =
2439$sha1_obj =
2440$cast_obj =
2441$rc4_obj =
2442$rmd160_obj =
2443$rc5_obj =
2444$dso_scheme = dlfcn
2445$shared_target= irix-shared
2446$shared_cflag =
2447$shared_ldflag =
2448$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2449$ranlib =
2450
2451*** irix-mips3-cc
2452$cc = cc
2453$cflags = -n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
2454$unistd =
2455$thread_cflag = -D_SGI_MP_SOURCE
2456$sys_id =
2457$lflags =
2458$bn_ops = DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT
2459$bn_obj = asm/mips3.o
2460$des_obj =
2461$bf_obj =
2462$md5_obj =
2463$sha1_obj =
2464$cast_obj =
2465$rc4_obj =
2466$rmd160_obj =
2467$rc5_obj =
2468$dso_scheme = dlfcn
2469$shared_target= irix-shared
2470$shared_cflag =
2471$shared_ldflag =
2472$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2473$ranlib =
2474
2475*** irix-mips3-gcc
2476$cc = gcc
2477$cflags = -mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
2478$unistd =
2479$thread_cflag = -D_SGI_MP_SOURCE
2480$sys_id =
2481$lflags =
2482$bn_ops = MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT
2483$bn_obj = asm/mips3.o
2484$des_obj =
2485$bf_obj =
2486$md5_obj =
2487$sha1_obj =
2488$cast_obj =
2489$rc4_obj =
2490$rmd160_obj =
2491$rc5_obj =
2492$dso_scheme = dlfcn
2493$shared_target= irix-shared
2494$shared_cflag =
2495$shared_ldflag =
2496$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2497$ranlib =
2498
2499*** irix64-mips4-cc
2500$cc = cc
2501$cflags = -64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
2502$unistd =
2503$thread_cflag = -D_SGI_MP_SOURCE
2504$sys_id =
2505$lflags =
2506$bn_ops = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
2507$bn_obj = asm/mips3.o
2508$des_obj =
2509$bf_obj =
2510$md5_obj =
2511$sha1_obj =
2512$cast_obj =
2513$rc4_obj =
2514$rmd160_obj =
2515$rc5_obj =
2516$dso_scheme = dlfcn
2517$shared_target= irix-shared
2518$shared_cflag =
2519$shared_ldflag =
2520$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2521$ranlib =
2522
2523*** irix64-mips4-gcc
2524$cc = gcc
2525$cflags = -mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
2526$unistd =
2527$thread_cflag = -D_SGI_MP_SOURCE
2528$sys_id =
2529$lflags =
2530$bn_ops = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
2531$bn_obj = asm/mips3.o
2532$des_obj =
2533$bf_obj =
2534$md5_obj =
2535$sha1_obj =
2536$cast_obj =
2537$rc4_obj =
2538$rmd160_obj =
2539$rc5_obj =
2540$dso_scheme = dlfcn
2541$shared_target= irix-shared
2542$shared_cflag =
2543$shared_ldflag =
2544$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2545$ranlib =
2546
2547*** linux-alpha+bwx-ccc
2548$cc = ccc
2549$cflags = -fast -readonly_strings -DL_ENDIAN -DTERMIO
2550$unistd =
2551$thread_cflag = -D_REENTRANT
2552$sys_id =
2553$lflags =
2554$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
2555$bn_obj =
2556$des_obj =
2557$bf_obj =
2558$md5_obj =
2559$sha1_obj =
2560$cast_obj =
2561$rc4_obj =
2562$rmd160_obj =
2563$rc5_obj =
2564$dso_scheme =
2565$shared_target=
2566$shared_cflag =
2567$shared_ldflag =
2568$shared_extension =
2569$ranlib =
2570
2571*** linux-alpha+bwx-gcc
2572$cc = gcc
2573$cflags = -O3 -DL_ENDIAN -DTERMIO
2574$unistd =
2575$thread_cflag = -D_REENTRANT
2576$sys_id =
2577$lflags = -ldl
2578$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
2579$bn_obj =
2580$des_obj =
2581$bf_obj =
2582$md5_obj =
2583$sha1_obj =
2584$cast_obj =
2585$rc4_obj =
2586$rmd160_obj =
2587$rc5_obj =
2588$dso_scheme = dlfcn
2589$shared_target= linux-shared
2590$shared_cflag = -fPIC
2591$shared_ldflag =
2592$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2593$ranlib =
2594
2595*** linux-alpha-ccc
2596$cc = ccc
2597$cflags = -fast -readonly_strings -DL_ENDIAN -DTERMIO
2598$unistd =
2599$thread_cflag = -D_REENTRANT
2600$sys_id =
2601$lflags =
2602$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
2603$bn_obj =
2604$des_obj =
2605$bf_obj =
2606$md5_obj =
2607$sha1_obj =
2608$cast_obj =
2609$rc4_obj =
2610$rmd160_obj =
2611$rc5_obj =
2612$dso_scheme =
2613$shared_target=
2614$shared_cflag =
2615$shared_ldflag =
2616$shared_extension =
2617$ranlib =
2618
2619*** linux-alpha-gcc
2620$cc = gcc
2621$cflags = -O3 -DL_ENDIAN -DTERMIO
2622$unistd =
2623$thread_cflag = -D_REENTRANT
2624$sys_id =
2625$lflags = -ldl
2626$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL
2627$bn_obj =
2628$des_obj =
2629$bf_obj =
2630$md5_obj =
2631$sha1_obj =
2632$cast_obj =
2633$rc4_obj =
2634$rmd160_obj =
2635$rc5_obj =
2636$dso_scheme = dlfcn
2637$shared_target= linux-shared
2638$shared_cflag = -fPIC
2639$shared_ldflag =
2640$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2641$ranlib =
2642
2643*** linux-aout
2644$cc = gcc
2645$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall
2646$unistd =
2647$thread_cflag = (unknown)
2648$sys_id =
2649$lflags =
2650$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
2651$bn_obj = asm/bn86-out.o asm/co86-out.o
2652$des_obj = asm/dx86-out.o asm/yx86-out.o
2653$bf_obj = asm/bx86-out.o
2654$md5_obj = asm/mx86-out.o
2655$sha1_obj = asm/sx86-out.o
2656$cast_obj = asm/cx86-out.o
2657$rc4_obj = asm/rx86-out.o
2658$rmd160_obj = asm/rm86-out.o
2659$rc5_obj = asm/r586-out.o
2660$dso_scheme =
2661$shared_target=
2662$shared_cflag =
2663$shared_ldflag =
2664$shared_extension =
2665$ranlib =
2666
2667*** linux-elf
2668$cc = gcc
2669$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall
2670$unistd =
2671$thread_cflag = -D_REENTRANT
2672$sys_id =
2673$lflags = -ldl
2674$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
2675$bn_obj = asm/bn86-elf.o asm/co86-elf.o
2676$des_obj = asm/dx86-elf.o asm/yx86-elf.o
2677$bf_obj = asm/bx86-elf.o
2678$md5_obj = asm/mx86-elf.o
2679$sha1_obj = asm/sx86-elf.o
2680$cast_obj = asm/cx86-elf.o
2681$rc4_obj = asm/rx86-elf.o
2682$rmd160_obj = asm/rm86-elf.o
2683$rc5_obj = asm/r586-elf.o
2684$dso_scheme = dlfcn
2685$shared_target= linux-shared
2686$shared_cflag = -fPIC
2687$shared_ldflag =
2688$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2689$ranlib =
2690
2691*** linux-elf-arm
2692$cc = gcc
2693$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2694$unistd =
2695$thread_cflag = -D_REENTRANT
2696$sys_id =
2697$lflags =
2698$bn_ops = BN_LLONG
2699$bn_obj =
2700$des_obj =
2701$bf_obj =
2702$md5_obj =
2703$sha1_obj =
2704$cast_obj =
2705$rc4_obj =
2706$rmd160_obj =
2707$rc5_obj =
2708$dso_scheme = dlfcn
2709$shared_target= linux-shared
2710$shared_cflag = -fPIC
2711$shared_ldflag =
2712$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2713$ranlib =
2714
2715*** linux-ia64
2716$cc = gcc
2717$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2718$unistd =
2719$thread_cflag = -D_REENTRANT
2720$sys_id =
2721$lflags = -ldl
2722$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR
2723$bn_obj = asm/ia64.o
2724$des_obj =
2725$bf_obj =
2726$md5_obj =
2727$sha1_obj =
2728$cast_obj =
2729$rc4_obj =
2730$rmd160_obj =
2731$rc5_obj =
2732$dso_scheme = dlfcn
2733$shared_target= linux-shared
2734$shared_cflag = -fPIC
2735$shared_ldflag =
2736$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2737$ranlib =
2738
2739*** linux-k6
2740$cc = gcc
2741$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall
2742$unistd =
2743$thread_cflag = -D_REENTRANT
2744$sys_id =
2745$lflags = -ldl
2746$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
2747$bn_obj = asm/bn86-elf.o asm/co86-elf.o
2748$des_obj = asm/dx86-elf.o asm/yx86-elf.o
2749$bf_obj = asm/bx86-elf.o
2750$md5_obj = asm/mx86-elf.o
2751$sha1_obj = asm/sx86-elf.o
2752$cast_obj = asm/cx86-elf.o
2753$rc4_obj = asm/rx86-elf.o
2754$rmd160_obj = asm/rm86-elf.o
2755$rc5_obj = asm/r586-elf.o
2756$dso_scheme = dlfcn
2757$shared_target= linux-shared
2758$shared_cflag = -fPIC
2759$shared_ldflag =
2760$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2761$ranlib =
2762
2763*** linux-m68k
2764$cc = gcc
2765$cflags = -DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall
2766$unistd =
2767$thread_cflag = -D_REENTRANT
2768$sys_id =
2769$lflags =
2770$bn_ops = BN_LLONG
2771$bn_obj =
2772$des_obj =
2773$bf_obj =
2774$md5_obj =
2775$sha1_obj =
2776$cast_obj =
2777$rc4_obj =
2778$rmd160_obj =
2779$rc5_obj =
2780$dso_scheme =
2781$shared_target=
2782$shared_cflag =
2783$shared_ldflag =
2784$shared_extension =
2785$ranlib =
2786
2787*** linux-mips
2788$cc = gcc
2789$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2790$unistd =
2791$thread_cflag = (unknown)
2792$sys_id =
2793$lflags =
2794$bn_ops = BN_LLONG
2795$bn_obj =
2796$des_obj =
2797$bf_obj =
2798$md5_obj =
2799$sha1_obj =
2800$cast_obj =
2801$rc4_obj =
2802$rmd160_obj =
2803$rc5_obj =
2804$dso_scheme =
2805$shared_target=
2806$shared_cflag =
2807$shared_ldflag =
2808$shared_extension =
2809$ranlib =
2810
2811*** linux-mipsel
2812$cc = gcc
2813$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2814$unistd =
2815$thread_cflag = (unknown)
2816$sys_id =
2817$lflags =
2818$bn_ops = BN_LLONG
2819$bn_obj =
2820$des_obj =
2821$bf_obj =
2822$md5_obj =
2823$sha1_obj =
2824$cast_obj =
2825$rc4_obj =
2826$rmd160_obj =
2827$rc5_obj =
2828$dso_scheme =
2829$shared_target=
2830$shared_cflag =
2831$shared_ldflag =
2832$shared_extension =
2833$ranlib =
2834
2835*** linux-parisc
2836$cc = gcc
2837$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
2838$unistd =
2839$thread_cflag = -D_REENTRANT
2840$sys_id =
2841$lflags =
2842$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
2843$bn_obj =
2844$des_obj =
2845$bf_obj =
2846$md5_obj =
2847$sha1_obj =
2848$cast_obj =
2849$rc4_obj =
2850$rmd160_obj =
2851$rc5_obj =
2852$dso_scheme =
2853$shared_target=
2854$shared_cflag =
2855$shared_ldflag =
2856$shared_extension =
2857$ranlib =
2858
2859*** linux-pentium
2860$cc = gcc
2861$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall
2862$unistd =
2863$thread_cflag = -D_REENTRANT
2864$sys_id =
2865$lflags = -ldl
2866$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
2867$bn_obj = asm/bn86-elf.o asm/co86-elf.o
2868$des_obj = asm/dx86-elf.o asm/yx86-elf.o
2869$bf_obj = asm/bx86-elf.o
2870$md5_obj = asm/mx86-elf.o
2871$sha1_obj = asm/sx86-elf.o
2872$cast_obj = asm/cx86-elf.o
2873$rc4_obj = asm/rx86-elf.o
2874$rmd160_obj = asm/rm86-elf.o
2875$rc5_obj = asm/r586-elf.o
2876$dso_scheme = dlfcn
2877$shared_target= linux-shared
2878$shared_cflag = -fPIC
2879$shared_ldflag =
2880$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2881$ranlib =
2882
2883*** linux-ppc
2884$cc = gcc
2885$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2886$unistd =
2887$thread_cflag = -D_REENTRANT
2888$sys_id =
2889$lflags = -ldl
2890$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
2891$bn_obj =
2892$des_obj =
2893$bf_obj =
2894$md5_obj =
2895$sha1_obj =
2896$cast_obj =
2897$rc4_obj =
2898$rmd160_obj =
2899$rc5_obj =
2900$dso_scheme = dlfcn
2901$shared_target= linux-shared
2902$shared_cflag = -fPIC
2903$shared_ldflag =
2904$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2905$ranlib =
2906
2907*** linux-ppro
2908$cc = gcc
2909$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentiumpro -Wall
2910$unistd =
2911$thread_cflag = -D_REENTRANT
2912$sys_id =
2913$lflags = -ldl
2914$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
2915$bn_obj = asm/bn86-elf.o asm/co86-elf.o
2916$des_obj = asm/dx86-elf.o asm/yx86-elf.o
2917$bf_obj = asm/bx86-elf.o
2918$md5_obj = asm/mx86-elf.o
2919$sha1_obj = asm/sx86-elf.o
2920$cast_obj = asm/cx86-elf.o
2921$rc4_obj = asm/rx86-elf.o
2922$rmd160_obj = asm/rm86-elf.o
2923$rc5_obj = asm/r586-elf.o
2924$dso_scheme = dlfcn
2925$shared_target= linux-shared
2926$shared_cflag = -fPIC
2927$shared_ldflag =
2928$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2929$ranlib =
2930
2931*** linux-s390
2932$cc = gcc
2933$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2934$unistd =
2935$thread_cflag = -D_REENTRANT
2936$sys_id =
2937$lflags =
2938$bn_ops = BN_LLONG
2939$bn_obj =
2940$des_obj =
2941$bf_obj =
2942$md5_obj =
2943$sha1_obj =
2944$cast_obj =
2945$rc4_obj =
2946$rmd160_obj =
2947$rc5_obj =
2948$dso_scheme =
2949$shared_target=
2950$shared_cflag =
2951$shared_ldflag =
2952$shared_extension =
2953$ranlib =
2954
2955*** linux-s390x
2956$cc = gcc
2957$cflags = -DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall
2958$unistd =
2959$thread_cflag = -D_REENTRANT
2960$sys_id =
2961$lflags =
2962$bn_ops = SIXTY_FOUR_BIT_LONG
2963$bn_obj =
2964$des_obj =
2965$bf_obj =
2966$md5_obj =
2967$sha1_obj =
2968$cast_obj =
2969$rc4_obj =
2970$rmd160_obj =
2971$rc5_obj =
2972$dso_scheme =
2973$shared_target= linux-shared
2974$shared_cflag = -fPIC
2975$shared_ldflag =
2976$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
2977$ranlib =
2978
2979*** linux-sparcv7
2980$cc = gcc
2981$cflags = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
2982$unistd =
2983$thread_cflag = -D_REENTRANT
2984$sys_id =
2985$lflags =
2986$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
2987$bn_obj =
2988$des_obj =
2989$bf_obj =
2990$md5_obj =
2991$sha1_obj =
2992$cast_obj =
2993$rc4_obj =
2994$rmd160_obj =
2995$rc5_obj =
2996$dso_scheme =
2997$shared_target=
2998$shared_cflag =
2999$shared_ldflag =
3000$shared_extension =
3001$ranlib =
3002
3003*** linux-sparcv8
3004$cc = gcc
3005$cflags = -mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
3006$unistd =
3007$thread_cflag = -D_REENTRANT
3008$sys_id =
3009$lflags = -ldl
3010$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3011$bn_obj = asm/sparcv8.o
3012$des_obj =
3013$bf_obj =
3014$md5_obj =
3015$sha1_obj =
3016$cast_obj =
3017$rc4_obj =
3018$rmd160_obj =
3019$rc5_obj =
3020$dso_scheme = dlfcn
3021$shared_target= linux-shared
3022$shared_cflag = -fPIC
3023$shared_ldflag =
3024$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3025$ranlib =
3026
3027*** linux-sparcv9
3028$cc = gcc
3029$cflags = -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W
3030$unistd =
3031$thread_cflag = -D_REENTRANT
3032$sys_id = ULTRASPARC
3033$lflags = -ldl
3034$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3035$bn_obj = asm/sparcv8plus.o
3036$des_obj =
3037$bf_obj =
3038$md5_obj = asm/md5-sparcv8plus.o
3039$sha1_obj =
3040$cast_obj =
3041$rc4_obj =
3042$rmd160_obj =
3043$rc5_obj =
3044$dso_scheme = dlfcn
3045$shared_target= linux-shared
3046$shared_cflag = -fPIC
3047$shared_ldflag =
3048$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3049$ranlib =
3050
3051*** ncr-scde
3052$cc = cc
3053$cflags = -O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw
3054$unistd =
3055$thread_cflag = (unknown)
3056$sys_id =
3057$lflags = -lsocket -lnsl
3058$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3059$bn_obj =
3060$des_obj =
3061$bf_obj =
3062$md5_obj =
3063$sha1_obj =
3064$cast_obj =
3065$rc4_obj =
3066$rmd160_obj =
3067$rc5_obj =
3068$dso_scheme =
3069$shared_target=
3070$shared_cflag =
3071$shared_ldflag =
3072$shared_extension =
3073$ranlib =
3074
3075*** newsos4-gcc
3076$cc = gcc
3077$cflags = -O -DB_ENDIAN
3078$unistd =
3079$thread_cflag = (unknown)
3080$sys_id = NEWS4
3081$lflags = -lmld -liberty
3082$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3083$bn_obj =
3084$des_obj =
3085$bf_obj =
3086$md5_obj =
3087$sha1_obj =
3088$cast_obj =
3089$rc4_obj =
3090$rmd160_obj =
3091$rc5_obj =
3092$dso_scheme =
3093$shared_target=
3094$shared_cflag =
3095$shared_ldflag =
3096$shared_extension =
3097$ranlib =
3098
3099*** nextstep
3100$cc = cc
3101$cflags = -O -Wall
3102$unistd = <libc.h>
3103$thread_cflag = (unknown)
3104$sys_id =
3105$lflags =
3106$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3107$bn_obj =
3108$des_obj =
3109$bf_obj =
3110$md5_obj =
3111$sha1_obj =
3112$cast_obj =
3113$rc4_obj =
3114$rmd160_obj =
3115$rc5_obj =
3116$dso_scheme =
3117$shared_target=
3118$shared_cflag =
3119$shared_ldflag =
3120$shared_extension =
3121$ranlib =
3122
3123*** nextstep3.3
3124$cc = cc
3125$cflags = -O3 -Wall
3126$unistd = <libc.h>
3127$thread_cflag = (unknown)
3128$sys_id =
3129$lflags =
3130$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3131$bn_obj =
3132$des_obj =
3133$bf_obj =
3134$md5_obj =
3135$sha1_obj =
3136$cast_obj =
3137$rc4_obj =
3138$rmd160_obj =
3139$rc5_obj =
3140$dso_scheme =
3141$shared_target=
3142$shared_cflag =
3143$shared_ldflag =
3144$shared_extension =
3145$ranlib =
3146
3147*** purify
3148$cc = purify gcc
3149$cflags = -g -DPURIFY -Wall
3150$unistd =
3151$thread_cflag = (unknown)
3152$sys_id =
3153$lflags = -lsocket -lnsl
3154$bn_ops =
3155$bn_obj =
3156$des_obj =
3157$bf_obj =
3158$md5_obj =
3159$sha1_obj =
3160$cast_obj =
3161$rc4_obj =
3162$rmd160_obj =
3163$rc5_obj =
3164$dso_scheme =
3165$shared_target=
3166$shared_cflag =
3167$shared_ldflag =
3168$shared_extension =
3169$ranlib =
3170
3171*** qnx4
3172$cc = cc
3173$cflags = -DL_ENDIAN -DTERMIO
3174$unistd =
3175$thread_cflag = (unknown)
3176$sys_id =
3177$lflags =
3178$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3179$bn_obj =
3180$des_obj =
3181$bf_obj =
3182$md5_obj =
3183$sha1_obj =
3184$cast_obj =
3185$rc4_obj =
3186$rmd160_obj =
3187$rc5_obj =
3188$dso_scheme =
3189$shared_target=
3190$shared_cflag =
3191$shared_ldflag =
3192$shared_extension =
3193$ranlib =
3194
3195*** qnx6
3196$cc = cc
3197$cflags = -DL_ENDIAN -DTERMIOS
3198$unistd =
3199$thread_cflag = (unknown)
3200$sys_id =
3201$lflags = -lsocket
3202$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3203$bn_obj =
3204$des_obj =
3205$bf_obj =
3206$md5_obj =
3207$sha1_obj =
3208$cast_obj =
3209$rc4_obj =
3210$rmd160_obj =
3211$rc5_obj =
3212$dso_scheme =
3213$shared_target=
3214$shared_cflag =
3215$shared_ldflag =
3216$shared_extension =
3217$ranlib =
3218
3219*** rhapsody-ppc-cc
3220$cc = cc
3221$cflags = -O3 -DB_ENDIAN
3222$unistd =
3223$thread_cflag = (unknown)
3224$sys_id = MACOSX
3225$lflags =
3226$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3227$bn_obj =
3228$des_obj =
3229$bf_obj =
3230$md5_obj =
3231$sha1_obj =
3232$cast_obj =
3233$rc4_obj =
3234$rmd160_obj =
3235$rc5_obj =
3236$dso_scheme =
3237$shared_target=
3238$shared_cflag =
3239$shared_ldflag =
3240$shared_extension =
3241$ranlib =
3242
3243*** sco3-gcc
3244$cc = gcc
3245$cflags = -O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H
3246$unistd =
3247$thread_cflag = (unknown)
3248$sys_id =
3249$lflags = -lsocket
3250$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3251$bn_obj =
3252$des_obj =
3253$bf_obj =
3254$md5_obj =
3255$sha1_obj =
3256$cast_obj =
3257$rc4_obj =
3258$rmd160_obj =
3259$rc5_obj =
3260$dso_scheme =
3261$shared_target=
3262$shared_cflag =
3263$shared_ldflag =
3264$shared_extension =
3265$ranlib =
3266
3267*** sco5-cc
3268$cc = cc
3269$cflags = -belf
3270$unistd =
3271$thread_cflag = (unknown)
3272$sys_id =
3273$lflags = -lsocket -lresolv -lnsl
3274$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3275$bn_obj =
3276$des_obj =
3277$bf_obj =
3278$md5_obj =
3279$sha1_obj =
3280$cast_obj =
3281$rc4_obj =
3282$rmd160_obj =
3283$rc5_obj =
3284$dso_scheme = dlfcn
3285$shared_target= svr3-shared
3286$shared_cflag = -Kpic
3287$shared_ldflag =
3288$shared_extension =
3289$ranlib =
3290
3291*** sco5-cc-pentium
3292$cc = cc
3293$cflags = -Kpentium
3294$unistd =
3295$thread_cflag = (unknown)
3296$sys_id =
3297$lflags = -lsocket
3298$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3299$bn_obj =
3300$des_obj =
3301$bf_obj =
3302$md5_obj =
3303$sha1_obj =
3304$cast_obj =
3305$rc4_obj =
3306$rmd160_obj =
3307$rc5_obj =
3308$dso_scheme =
3309$shared_target=
3310$shared_cflag =
3311$shared_ldflag =
3312$shared_extension =
3313$ranlib =
3314
3315*** sco5-gcc
3316$cc = gcc
3317$cflags = -O3 -fomit-frame-pointer
3318$unistd =
3319$thread_cflag = (unknown)
3320$sys_id =
3321$lflags = -lsocket -lresolv -lnsl
3322$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3323$bn_obj = asm/bn86-elf.o asm/co86-elf.o
3324$des_obj = asm/dx86-elf.o asm/yx86-elf.o
3325$bf_obj = asm/bx86-elf.o
3326$md5_obj = asm/mx86-elf.o
3327$sha1_obj = asm/sx86-elf.o
3328$cast_obj = asm/cx86-elf.o
3329$rc4_obj = asm/rx86-elf.o
3330$rmd160_obj = asm/rm86-elf.o
3331$rc5_obj = asm/r586-elf.o
3332$dso_scheme = dlfcn
3333$shared_target= svr3-shared
3334$shared_cflag = -fPIC
3335$shared_ldflag =
3336$shared_extension =
3337$ranlib =
3338
3339*** solaris-sparc-sc3
3340$cc = cc
3341$cflags = -fast -O -Xa -DB_ENDIAN
3342$unistd =
3343$thread_cflag = -D_REENTRANT
3344$sys_id =
3345$lflags = -lsocket -lnsl -ldl
3346$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR
3347$bn_obj =
3348$des_obj =
3349$bf_obj =
3350$md5_obj =
3351$sha1_obj =
3352$cast_obj =
3353$rc4_obj =
3354$rmd160_obj =
3355$rc5_obj =
3356$dso_scheme = dlfcn
3357$shared_target= solaris-shared
3358$shared_cflag = -KPIC
3359$shared_ldflag =
3360$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3361$ranlib =
3362
3363*** solaris-sparcv7-cc
3364$cc = cc
3365$cflags = -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
3366$unistd =
3367$thread_cflag = -D_REENTRANT
3368$sys_id =
3369$lflags = -lsocket -lnsl -ldl
3370$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3371$bn_obj =
3372$des_obj =
3373$bf_obj =
3374$md5_obj =
3375$sha1_obj =
3376$cast_obj =
3377$rc4_obj =
3378$rmd160_obj =
3379$rc5_obj =
3380$dso_scheme = dlfcn
3381$shared_target= solaris-shared
3382$shared_cflag = -KPIC
3383$shared_ldflag =
3384$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3385$ranlib =
3386
3387*** solaris-sparcv7-gcc
3388$cc = gcc
3389$cflags = -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
3390$unistd =
3391$thread_cflag = -D_REENTRANT
3392$sys_id =
3393$lflags = -lsocket -lnsl -ldl
3394$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3395$bn_obj =
3396$des_obj =
3397$bf_obj =
3398$md5_obj =
3399$sha1_obj =
3400$cast_obj =
3401$rc4_obj =
3402$rmd160_obj =
3403$rc5_obj =
3404$dso_scheme = dlfcn
3405$shared_target= solaris-shared
3406$shared_cflag = -fPIC
3407$shared_ldflag =
3408$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3409$ranlib =
3410
3411*** solaris-sparcv8-cc
3412$cc = cc
3413$cflags = -xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
3414$unistd =
3415$thread_cflag = -D_REENTRANT
3416$sys_id =
3417$lflags = -lsocket -lnsl -ldl
3418$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3419$bn_obj = asm/sparcv8.o
3420$des_obj =
3421$bf_obj =
3422$md5_obj =
3423$sha1_obj =
3424$cast_obj =
3425$rc4_obj =
3426$rmd160_obj =
3427$rc5_obj =
3428$dso_scheme = dlfcn
3429$shared_target= solaris-shared
3430$shared_cflag = -KPIC
3431$shared_ldflag =
3432$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3433$ranlib =
3434
3435*** solaris-sparcv8-gcc
3436$cc = gcc
3437$cflags = -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
3438$unistd =
3439$thread_cflag = -D_REENTRANT
3440$sys_id =
3441$lflags = -lsocket -lnsl -ldl
3442$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3443$bn_obj = asm/sparcv8.o
3444$des_obj =
3445$bf_obj =
3446$md5_obj =
3447$sha1_obj =
3448$cast_obj =
3449$rc4_obj =
3450$rmd160_obj =
3451$rc5_obj =
3452$dso_scheme = dlfcn
3453$shared_target= solaris-shared
3454$shared_cflag = -fPIC
3455$shared_ldflag =
3456$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3457$ranlib =
3458
3459*** solaris-sparcv9-cc
3460$cc = cc
3461$cflags = -xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
3462$unistd =
3463$thread_cflag = -D_REENTRANT
3464$sys_id = ULTRASPARC
3465$lflags = -lsocket -lnsl -ldl
3466$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3467$bn_obj = asm/sparcv8plus.o
3468$des_obj =
3469$bf_obj =
3470$md5_obj = asm/md5-sparcv8plus.o
3471$sha1_obj =
3472$cast_obj =
3473$rc4_obj =
3474$rmd160_obj =
3475$rc5_obj =
3476$dso_scheme = dlfcn
3477$shared_target= solaris-shared
3478$shared_cflag = -KPIC
3479$shared_ldflag =
3480$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3481$ranlib =
3482
3483*** solaris-sparcv9-gcc
3484$cc = gcc
3485$cflags = -m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
3486$unistd =
3487$thread_cflag = -D_REENTRANT
3488$sys_id = ULTRASPARC
3489$lflags = -lsocket -lnsl -ldl
3490$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3491$bn_obj = asm/sparcv8plus.o
3492$des_obj =
3493$bf_obj =
3494$md5_obj = asm/md5-sparcv8plus.o
3495$sha1_obj =
3496$cast_obj =
3497$rc4_obj =
3498$rmd160_obj =
3499$rc5_obj =
3500$dso_scheme = dlfcn
3501$shared_target= solaris-shared
3502$shared_cflag = -fPIC
3503$shared_ldflag =
3504$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3505$ranlib =
3506
3507*** solaris-sparcv9-gcc27
3508$cc = gcc
3509$cflags = -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
3510$unistd =
3511$thread_cflag = -D_REENTRANT
3512$sys_id = ULTRASPARC
3513$lflags = -lsocket -lnsl -ldl
3514$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
3515$bn_obj = asm/sparcv8plus-gcc27.o
3516$des_obj =
3517$bf_obj =
3518$md5_obj = asm/md5-sparcv8plus-gcc27.o
3519$sha1_obj =
3520$cast_obj =
3521$rc4_obj =
3522$rmd160_obj =
3523$rc5_obj =
3524$dso_scheme = dlfcn
3525$shared_target= solaris-shared
3526$shared_cflag = -fPIC
3527$shared_ldflag =
3528$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3529$ranlib =
3530
3531*** solaris-x86-cc
3532$cc = cc
3533$cflags = -fast -O -Xa
3534$unistd =
3535$thread_cflag = -D_REENTRANT
3536$sys_id =
3537$lflags = -lsocket -lnsl -ldl
3538$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR
3539$bn_obj =
3540$des_obj =
3541$bf_obj =
3542$md5_obj =
3543$sha1_obj =
3544$cast_obj =
3545$rc4_obj =
3546$rmd160_obj =
3547$rc5_obj =
3548$dso_scheme = dlfcn
3549$shared_target= solaris-shared
3550$shared_cflag = -KPIC
3551$shared_ldflag =
3552$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3553$ranlib =
3554
3555*** solaris-x86-gcc
3556$cc = gcc
3557$cflags = -O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM
3558$unistd =
3559$thread_cflag = -D_REENTRANT
3560$sys_id =
3561$lflags = -lsocket -lnsl -ldl
3562$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3563$bn_obj = asm/bn86-sol.o asm/co86-sol.o
3564$des_obj = asm/dx86-sol.o asm/yx86-sol.o
3565$bf_obj = asm/bx86-sol.o
3566$md5_obj = asm/mx86-sol.o
3567$sha1_obj = asm/sx86-sol.o
3568$cast_obj = asm/cx86-sol.o
3569$rc4_obj = asm/rx86-sol.o
3570$rmd160_obj = asm/rm86-sol.o
3571$rc5_obj = asm/r586-sol.o
3572$dso_scheme = dlfcn
3573$shared_target= solaris-shared
3574$shared_cflag = -fPIC
3575$shared_ldflag =
3576$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3577$ranlib =
3578
3579*** solaris64-sparcv9-cc
3580$cc = cc
3581$cflags = -xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN
3582$unistd =
3583$thread_cflag = -D_REENTRANT
3584$sys_id = ULTRASPARC
3585$lflags = -lsocket -lnsl -ldl
3586$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3587$bn_obj =
3588$des_obj =
3589$bf_obj =
3590$md5_obj = asm/md5-sparcv9.o
3591$sha1_obj =
3592$cast_obj =
3593$rc4_obj =
3594$rmd160_obj =
3595$rc5_obj =
3596$dso_scheme = dlfcn
3597$shared_target= solaris-shared
3598$shared_cflag = -KPIC
3599$shared_ldflag = -xarch=v9
3600$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3601$ranlib = /usr/ccs/bin/ar rs
3602
3603*** solaris64-sparcv9-gcc
3604$cc = gcc
3605$cflags = -m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN
3606$unistd =
3607$thread_cflag = -D_REENTRANT
3608$sys_id = ULTRASPARC
3609$lflags = -lsocket -lnsl -ldl
3610$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3611$bn_obj =
3612$des_obj =
3613$bf_obj =
3614$md5_obj = asm/md5-sparcv9.o
3615$sha1_obj =
3616$cast_obj =
3617$rc4_obj =
3618$rmd160_obj =
3619$rc5_obj =
3620$dso_scheme = dlfcn
3621$shared_target= solaris-shared
3622$shared_cflag = -fPIC
3623$shared_ldflag =
3624$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3625$ranlib =
3626
3627*** solaris64-sparcv9-gcc31
3628$cc = gcc
3629$cflags = -mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
3630$unistd =
3631$thread_cflag = -D_REENTRANT
3632$sys_id = ULTRASPARC
3633$lflags = -lsocket -lnsl -ldl
3634$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
3635$bn_obj =
3636$des_obj =
3637$bf_obj =
3638$md5_obj = asm/md5-sparcv9.o
3639$sha1_obj =
3640$cast_obj =
3641$rc4_obj =
3642$rmd160_obj =
3643$rc5_obj =
3644$dso_scheme = dlfcn
3645$shared_target= solaris-shared
3646$shared_cflag = -fPIC
3647$shared_ldflag =
3648$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3649$ranlib =
3650
3651*** sunos-gcc
3652$cc = gcc
3653$cflags = -O3 -mv8 -Dssize_t=int
3654$unistd =
3655$thread_cflag = (unknown)
3656$sys_id =
3657$lflags =
3658$bn_ops = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1
3659$bn_obj =
3660$des_obj =
3661$bf_obj =
3662$md5_obj =
3663$sha1_obj =
3664$cast_obj =
3665$rc4_obj =
3666$rmd160_obj =
3667$rc5_obj =
3668$dso_scheme =
3669$shared_target=
3670$shared_cflag =
3671$shared_ldflag =
3672$shared_extension =
3673$ranlib =
3674
3675*** ultrix-cc
3676$cc = cc
3677$cflags = -std1 -O -Olimit 1000 -DL_ENDIAN
3678$unistd =
3679$thread_cflag = (unknown)
3680$sys_id =
3681$lflags =
3682$bn_ops =
3683$bn_obj =
3684$des_obj =
3685$bf_obj =
3686$md5_obj =
3687$sha1_obj =
3688$cast_obj =
3689$rc4_obj =
3690$rmd160_obj =
3691$rc5_obj =
3692$dso_scheme =
3693$shared_target=
3694$shared_cflag =
3695$shared_ldflag =
3696$shared_extension =
3697$ranlib =
3698
3699*** ultrix-gcc
3700$cc = gcc
3701$cflags = -O3 -DL_ENDIAN
3702$unistd =
3703$thread_cflag = (unknown)
3704$sys_id =
3705$lflags =
3706$bn_ops =
3707$bn_obj =
3708$des_obj =
3709$bf_obj =
3710$md5_obj =
3711$sha1_obj =
3712$cast_obj =
3713$rc4_obj =
3714$rmd160_obj =
3715$rc5_obj =
3716$dso_scheme =
3717$shared_target=
3718$shared_cflag =
3719$shared_ldflag =
3720$shared_extension =
3721$ranlib =
3722
3723*** unixware-2.0
3724$cc = cc
3725$cflags = -DFILIO_H
3726$unistd =
3727$thread_cflag = -Kthread
3728$sys_id =
3729$lflags = -lsocket -lnsl -lx
3730$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3731$bn_obj =
3732$des_obj =
3733$bf_obj =
3734$md5_obj =
3735$sha1_obj =
3736$cast_obj =
3737$rc4_obj =
3738$rmd160_obj =
3739$rc5_obj =
3740$dso_scheme =
3741$shared_target=
3742$shared_cflag =
3743$shared_ldflag =
3744$shared_extension =
3745$ranlib =
3746
3747*** unixware-2.0-pentium
3748$cc = cc
3749$cflags = -DFILIO_H -Kpentium
3750$unistd =
3751$thread_cflag = -Kthread
3752$sys_id =
3753$lflags = -lsocket -lnsl -lx
3754$bn_ops = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
3755$bn_obj =
3756$des_obj =
3757$bf_obj =
3758$md5_obj =
3759$sha1_obj =
3760$cast_obj =
3761$rc4_obj =
3762$rmd160_obj =
3763$rc5_obj =
3764$dso_scheme =
3765$shared_target=
3766$shared_cflag =
3767$shared_ldflag =
3768$shared_extension =
3769$ranlib =
3770
3771*** unixware-2.1
3772$cc = cc
3773$cflags = -O -DFILIO_H
3774$unistd =
3775$thread_cflag = -Kthread
3776$sys_id =
3777$lflags = -lsocket -lnsl -lx
3778$bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3779$bn_obj =
3780$des_obj =
3781$bf_obj =
3782$md5_obj =
3783$sha1_obj =
3784$cast_obj =
3785$rc4_obj =
3786$rmd160_obj =
3787$rc5_obj =
3788$dso_scheme =
3789$shared_target=
3790$shared_cflag =
3791$shared_ldflag =
3792$shared_extension =
3793$ranlib =
3794
3795*** unixware-2.1-p6
3796$cc = cc
3797$cflags = -O -DFILIO_H -Kp6
3798$unistd =
3799$thread_cflag = -Kthread
3800$sys_id =
3801$lflags = -lsocket -lnsl -lx
3802$bn_ops = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
3803$bn_obj =
3804$des_obj =
3805$bf_obj =
3806$md5_obj =
3807$sha1_obj =
3808$cast_obj =
3809$rc4_obj =
3810$rmd160_obj =
3811$rc5_obj =
3812$dso_scheme =
3813$shared_target=
3814$shared_cflag =
3815$shared_ldflag =
3816$shared_extension =
3817$ranlib =
3818
3819*** unixware-2.1-pentium
3820$cc = cc
3821$cflags = -O -DFILIO_H -Kpentium
3822$unistd =
3823$thread_cflag = -Kthread
3824$sys_id =
3825$lflags = -lsocket -lnsl -lx
3826$bn_ops = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
3827$bn_obj =
3828$des_obj =
3829$bf_obj =
3830$md5_obj =
3831$sha1_obj =
3832$cast_obj =
3833$rc4_obj =
3834$rmd160_obj =
3835$rc5_obj =
3836$dso_scheme =
3837$shared_target=
3838$shared_cflag =
3839$shared_ldflag =
3840$shared_extension =
3841$ranlib =
3842
3843*** unixware-7
3844$cc = cc
3845$cflags = -O -DFILIO_H -Kalloca
3846$unistd =
3847$thread_cflag = -Kthread
3848$sys_id =
3849$lflags = -lsocket -lnsl
3850$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
3851$bn_obj =
3852$des_obj =
3853$bf_obj =
3854$md5_obj =
3855$sha1_obj =
3856$cast_obj =
3857$rc4_obj =
3858$rmd160_obj =
3859$rc5_obj =
3860$dso_scheme = dlfcn
3861$shared_target= svr5-shared
3862$shared_cflag = -Kpic
3863$shared_ldflag =
3864$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3865$ranlib =
3866
3867*** unixware-7-gcc
3868$cc = gcc
3869$cflags = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall
3870$unistd =
3871$thread_cflag = -D_REENTRANT
3872$sys_id =
3873$lflags = -lsocket -lnsl
3874$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
3875$bn_obj =
3876$des_obj =
3877$bf_obj =
3878$md5_obj =
3879$sha1_obj =
3880$cast_obj =
3881$rc4_obj =
3882$rmd160_obj =
3883$rc5_obj =
3884$dso_scheme = dlfcn
3885$shared_target= gnu-shared
3886$shared_cflag = -fPIC
3887$shared_ldflag =
3888$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3889$ranlib =
3890
3891*** unixware-7-pentium
3892$cc = cc
3893$cflags = -O -DFILIO_H -Kalloca -Kpentium
3894$unistd =
3895$thread_cflag = -Kthread
3896$sys_id =
3897$lflags = -lsocket -lnsl
3898$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
3899$bn_obj =
3900$des_obj =
3901$bf_obj =
3902$md5_obj =
3903$sha1_obj =
3904$cast_obj =
3905$rc4_obj =
3906$rmd160_obj =
3907$rc5_obj =
3908$dso_scheme = dlfcn
3909$shared_target= svr5-shared
3910$shared_cflag = -Kpic
3911$shared_ldflag =
3912$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3913$ranlib =
3914
3915*** unixware-7-pentium_pro
3916$cc = cc
3917$cflags = -O -DFILIO_H -Kalloca -Kpentium_pro
3918$unistd =
3919$thread_cflag = -Kthread
3920$sys_id =
3921$lflags = -lsocket -lnsl
3922$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
3923$bn_obj =
3924$des_obj =
3925$bf_obj =
3926$md5_obj =
3927$sha1_obj =
3928$cast_obj =
3929$rc4_obj =
3930$rmd160_obj =
3931$rc5_obj =
3932$dso_scheme = dlfcn
3933$shared_target= svr5-shared
3934$shared_cflag = -Kpic
3935$shared_ldflag =
3936$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
3937$ranlib =
3938
3939*** vxworks-ppc405
3940$cc = ccppc
3941$cflags = -g -msoft-float -mlongcall -DCPU=PPC405 -I$(WIND_BASE)/target/h
3942$unistd =
3943$thread_cflag =
3944$sys_id = VXWORKS
3945$lflags = -r
3946$bn_ops =
3947$bn_obj =
3948$des_obj =
3949$bf_obj =
3950$md5_obj =
3951$sha1_obj =
3952$cast_obj =
3953$rc4_obj =
3954$rmd160_obj =
3955$rc5_obj =
3956$dso_scheme =
3957$shared_target=
3958$shared_cflag =
3959$shared_ldflag =
3960$shared_extension =
3961$ranlib =
diff --git a/src/lib/libssl/src/apps/CA.pl b/src/lib/libssl/src/apps/CA.pl
deleted file mode 100644
index 669a016b84..0000000000
--- a/src/lib/libssl/src/apps/CA.pl
+++ /dev/null
@@ -1,173 +0,0 @@
1#!/usr/bin/perl
2#
3# CA - wrapper around ca to make it easier to use ... basically ca requires
4# some setup stuff to be done before you can use it and this makes
5# things easier between now and when Eric is convinced to fix it :-)
6#
7# CA -newca ... will setup the right stuff
8# CA -newreq[-nodes] ... will generate a certificate request
9# CA -sign ... will sign the generated request and output
10#
11# At the end of that grab newreq.pem and newcert.pem (one has the key
12# and the other the certificate) and cat them together and that is what
13# you want/need ... I'll make even this a little cleaner later.
14#
15#
16# 12-Jan-96 tjh Added more things ... including CA -signcert which
17# converts a certificate to a request and then signs it.
18# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
19# environment variable so this can be driven from
20# a script.
21# 25-Jul-96 eay Cleaned up filenames some more.
22# 11-Jun-96 eay Fixed a few filename missmatches.
23# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
24# 18-Apr-96 tjh Original hacking
25#
26# Tim Hudson
27# tjh@cryptsoft.com
28#
29
30# 27-Apr-98 snh Translation into perl, fix existing CA bug.
31#
32#
33# Steve Henson
34# shenson@bigfoot.com
35
36# default openssl.cnf file has setup as per the following
37# demoCA ... where everything is stored
38
39$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
40$DAYS="-days 365";
41$REQ="openssl req $SSLEAY_CONFIG";
42$CA="openssl ca $SSLEAY_CONFIG";
43$VERIFY="openssl verify";
44$X509="openssl x509";
45$PKCS12="openssl pkcs12";
46
47$CATOP="./demoCA";
48$CAKEY="cakey.pem";
49$CACERT="cacert.pem";
50
51$DIRMODE = 0777;
52
53$RET = 0;
54
55foreach (@ARGV) {
56 if ( /^(-\?|-h|-help)$/ ) {
57 print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
58 exit 0;
59 } elsif (/^-newcert$/) {
60 # create a certificate
61 system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
62 $RET=$?;
63 print "Certificate (and private key) is in newreq.pem\n"
64 } elsif (/^-newreq$/) {
65 # create a certificate request
66 system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
67 $RET=$?;
68 print "Request (and private key) is in newreq.pem\n";
69 } elsif (/^-newreq-nodes$/) {
70 # create a certificate request
71 system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
72 $RET=$?;
73 print "Request (and private key) is in newreq.pem\n";
74 } elsif (/^-newca$/) {
75 # if explicitly asked for or it doesn't exist then setup the
76 # directory structure that Eric likes to manage things
77 $NEW="1";
78 if ( "$NEW" || ! -f "${CATOP}/serial" ) {
79 # create the directory hierarchy
80 mkdir $CATOP, $DIRMODE;
81 mkdir "${CATOP}/certs", $DIRMODE;
82 mkdir "${CATOP}/crl", $DIRMODE ;
83 mkdir "${CATOP}/newcerts", $DIRMODE;
84 mkdir "${CATOP}/private", $DIRMODE;
85 open OUT, ">${CATOP}/serial";
86 print OUT "01\n";
87 close OUT;
88 open OUT, ">${CATOP}/index.txt";
89 close OUT;
90 }
91 if ( ! -f "${CATOP}/private/$CAKEY" ) {
92 print "CA certificate filename (or enter to create)\n";
93 $FILE = <STDIN>;
94
95 chop $FILE;
96
97 # ask user for existing CA certificate
98 if ($FILE) {
99 cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
100 cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
101 $RET=$?;
102 } else {
103 print "Making CA certificate ...\n";
104 system ("$REQ -new -x509 -keyout " .
105 "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
106 $RET=$?;
107 }
108 }
109 } elsif (/^-pkcs12$/) {
110 my $cname = $ARGV[1];
111 $cname = "My Certificate" unless defined $cname;
112 system ("$PKCS12 -in newcert.pem -inkey newreq.pem " .
113 "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
114 "-export -name \"$cname\"");
115 $RET=$?;
116 exit $RET;
117 } elsif (/^-xsign$/) {
118 system ("$CA -policy policy_anything -infiles newreq.pem");
119 $RET=$?;
120 } elsif (/^(-sign|-signreq)$/) {
121 system ("$CA -policy policy_anything -out newcert.pem " .
122 "-infiles newreq.pem");
123 $RET=$?;
124 print "Signed certificate is in newcert.pem\n";
125 } elsif (/^(-signCA)$/) {
126 system ("$CA -policy policy_anything -out newcert.pem " .
127 "-extensions v3_ca -infiles newreq.pem");
128 $RET=$?;
129 print "Signed CA certificate is in newcert.pem\n";
130 } elsif (/^-signcert$/) {
131 system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
132 "-out tmp.pem");
133 system ("$CA -policy policy_anything -out newcert.pem " .
134 "-infiles tmp.pem");
135 $RET = $?;
136 print "Signed certificate is in newcert.pem\n";
137 } elsif (/^-verify$/) {
138 if (shift) {
139 foreach $j (@ARGV) {
140 system ("$VERIFY -CAfile $CATOP/$CACERT $j");
141 $RET=$? if ($? != 0);
142 }
143 exit $RET;
144 } else {
145 system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
146 $RET=$?;
147 exit 0;
148 }
149 } else {
150 print STDERR "Unknown arg $_\n";
151 print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
152 exit 1;
153 }
154}
155
156exit $RET;
157
158sub cp_pem {
159my ($infile, $outfile, $bound) = @_;
160open IN, $infile;
161open OUT, ">$outfile";
162my $flag = 0;
163while (<IN>) {
164 $flag = 1 if (/^-----BEGIN.*$bound/) ;
165 print OUT $_ if ($flag);
166 if (/^-----END.*$bound/) {
167 close IN;
168 close OUT;
169 return;
170 }
171}
172}
173
diff --git a/src/lib/libssl/src/apps/Makefile.ssl b/src/lib/libssl/src/apps/Makefile.ssl
new file mode 100644
index 0000000000..0900c3ae90
--- /dev/null
+++ b/src/lib/libssl/src/apps/Makefile.ssl
@@ -0,0 +1,855 @@
1#
2# apps/Makefile.ssl
3#
4
5DIR= apps
6TOP= ..
7CC= cc
8INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES)
9CFLAG= -g -static
10INSTALL_PREFIX=
11INSTALLTOP= /usr/local/ssl
12OPENSSLDIR= /usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17RM= rm -f
18# KRB5 stuff
19KRB5_INCLUDES=
20LIBKRB5=
21
22PEX_LIBS=
23EX_LIBS=
24EXE_EXT=
25
26SHLIB_TARGET=
27
28CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
29
30GENERAL=Makefile makeapps.com install.com
31
32DLIBCRYPTO=../libcrypto.a
33DLIBSSL=../libssl.a
34LIBCRYPTO=-L.. -lcrypto
35LIBSSL=-L.. -lssl
36
37PROGRAM= openssl
38
39SCRIPTS=CA.sh CA.pl der_chop
40
41EXE= $(PROGRAM)$(EXE_EXT)
42
43E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
44 ca crl rsa rsautl dsa dsaparam \
45 x509 genrsa gendsa s_server s_client speed \
46 s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
47 pkcs8 spkac smime rand engine ocsp
48
49PROGS= $(PROGRAM).c
50
51A_OBJ=apps.o
52A_SRC=apps.c
53S_OBJ= s_cb.o s_socket.o
54S_SRC= s_cb.c s_socket.c
55RAND_OBJ=app_rand.o
56RAND_SRC=app_rand.c
57
58E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
59 ca.o pkcs7.o crl2p7.o crl.o \
60 rsa.o rsautl.o dsa.o dsaparam.o \
61 x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
62 s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
63 ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o ocsp.o
64
65E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
66 pkcs7.c crl2p7.c crl.c \
67 rsa.c rsautl.c dsa.c dsaparam.c \
68 x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
69 s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
70 ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c ocsp.c
71
72SRC=$(E_SRC)
73
74EXHEADER=
75HEADER= apps.h progs.h s_apps.h \
76 testdsa.h testrsa.h \
77 $(EXHEADER)
78
79ALL= $(GENERAL) $(SRC) $(HEADER)
80
81top:
82 @(cd ..; $(MAKE) DIRS=$(DIR) all)
83
84all: exe
85
86exe: $(PROGRAM)
87
88req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
89 $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
90
91sreq.o: req.c
92 $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
93
94files:
95 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
96
97install:
98 @for i in $(EXE); \
99 do \
100 (echo installing $$i; \
101 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
102 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
103 done;
104 @for i in $(SCRIPTS); \
105 do \
106 (echo installing $$i; \
107 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \
108 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
109 done
110 @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \
111 chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
112
113tags:
114 ctags $(SRC)
115
116tests:
117
118links:
119 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
120
121lint:
122 lint -DLINT $(INCLUDES) $(SRC)>fluff
123
124depend:
125 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
126
127dclean:
128 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
129 mv -f Makefile.new $(MAKEFILE)
130
131clean:
132 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
133 rm -f req
134
135$(DLIBSSL):
136 (cd ../ssl; $(MAKE))
137
138$(DLIBCRYPTO):
139 (cd ../crypto; $(MAKE))
140
141$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
142 $(RM) $(PROGRAM)
143 if [ "$(SHLIB_TARGET)" = "hpux-shared" ] ; then \
144 $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
145 else \
146 $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
147 fi
148 -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \
149 LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \
150 export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
151 $(PERL) tools/c_rehash certs)
152
153progs.h: progs.pl
154 $(PERL) progs.pl $(E_EXE) >progs.h
155 $(RM) $(PROGRAM).o
156
157# DO NOT DELETE THIS LINE -- make depend depends on it.
158
159app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
160app_rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h
161app_rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h
162app_rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h
163app_rand.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
164app_rand.o: ../include/openssl/err.h ../include/openssl/evp.h
165app_rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
166app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
167app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
168app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
169app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
170app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
171app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
172app_rand.o: ../include/openssl/ui.h ../include/openssl/x509.h
173app_rand.o: ../include/openssl/x509_vfy.h app_rand.c apps.h
174apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
175apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
176apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
177apps.o: ../include/openssl/dh.h ../include/openssl/dsa.h
178apps.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
179apps.o: ../include/openssl/err.h ../include/openssl/evp.h
180apps.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
181apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
182apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
183apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
184apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
185apps.o: ../include/openssl/rand.h ../include/openssl/rsa.h
186apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h
187apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
188apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
189apps.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
190apps.o: ../include/openssl/x509v3.h apps.c apps.h
191asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
192asn1pars.o: ../include/openssl/bn.h ../include/openssl/buffer.h
193asn1pars.o: ../include/openssl/conf.h ../include/openssl/crypto.h
194asn1pars.o: ../include/openssl/dh.h ../include/openssl/dsa.h
195asn1pars.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
196asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
197asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
198asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
199asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
200asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
201asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
202asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
203asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h
204asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
205asn1pars.o: ../include/openssl/ui.h ../include/openssl/x509.h
206asn1pars.o: ../include/openssl/x509_vfy.h apps.h asn1pars.c
207ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
208ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
209ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
210ca.o: ../include/openssl/dh.h ../include/openssl/dsa.h
211ca.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
212ca.o: ../include/openssl/err.h ../include/openssl/evp.h
213ca.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
214ca.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
215ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
216ca.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
217ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
218ca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
219ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
220ca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
221ca.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
222ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
223ca.o: ../include/openssl/x509v3.h apps.h ca.c
224ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
225ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h
226ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h
227ciphers.o: ../include/openssl/crypto.h ../include/openssl/dh.h
228ciphers.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
229ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h
230ciphers.o: ../include/openssl/evp.h ../include/openssl/kssl.h
231ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
232ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
233ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
234ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
235ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
236ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
237ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
238ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
239ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
240ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
241ciphers.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
242ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
243ciphers.o: ciphers.c
244crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
245crl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
246crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
247crl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
248crl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
249crl.o: ../include/openssl/err.h ../include/openssl/evp.h
250crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
251crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
252crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
253crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
254crl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
255crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
256crl.o: ../include/openssl/sha.h ../include/openssl/stack.h
257crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
258crl.o: ../include/openssl/ui.h ../include/openssl/x509.h
259crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c
260crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
261crl2p7.o: ../include/openssl/bn.h ../include/openssl/buffer.h
262crl2p7.o: ../include/openssl/conf.h ../include/openssl/crypto.h
263crl2p7.o: ../include/openssl/dh.h ../include/openssl/dsa.h
264crl2p7.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
265crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
266crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
267crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
268crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
269crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
270crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
271crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
272crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h
273crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
274crl2p7.o: ../include/openssl/ui.h ../include/openssl/x509.h
275crl2p7.o: ../include/openssl/x509_vfy.h apps.h crl2p7.c
276dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
277dgst.o: ../include/openssl/bn.h ../include/openssl/buffer.h
278dgst.o: ../include/openssl/conf.h ../include/openssl/crypto.h
279dgst.o: ../include/openssl/dh.h ../include/openssl/dsa.h
280dgst.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
281dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
282dgst.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
283dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
284dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
285dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
286dgst.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
287dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
288dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
289dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
290dgst.o: ../include/openssl/ui.h ../include/openssl/x509.h
291dgst.o: ../include/openssl/x509_vfy.h apps.h dgst.c
292dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
293dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
294dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
295dh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
296dh.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
297dh.o: ../include/openssl/err.h ../include/openssl/evp.h
298dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
299dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
300dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
301dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
302dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
303dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
304dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
305dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
306dh.o: ../include/openssl/ui.h ../include/openssl/x509.h
307dh.o: ../include/openssl/x509_vfy.h apps.h dh.c
308dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
309dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
310dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
311dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
312dsa.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
313dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
314dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
315dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
316dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
317dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
318dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
319dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
320dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
321dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
322dsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
323dsa.o: ../include/openssl/x509_vfy.h apps.h dsa.c
324dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
325dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
326dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
327dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
328dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
329dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h
330dsaparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
331dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
332dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
333dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
334dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
335dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
336dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
337dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
338dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h
339dsaparam.o: ../include/openssl/x509_vfy.h apps.h dsaparam.c
340enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
341enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
342enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h
343enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
344enc.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
345enc.o: ../include/openssl/err.h ../include/openssl/evp.h
346enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
347enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
348enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
349enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
350enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
351enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
352enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
353enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
354enc.o: ../include/openssl/ui.h ../include/openssl/x509.h
355enc.o: ../include/openssl/x509_vfy.h apps.h enc.c
356engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
357engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h
358engine.o: ../include/openssl/comp.h ../include/openssl/conf.h
359engine.o: ../include/openssl/crypto.h ../include/openssl/dh.h
360engine.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
361engine.o: ../include/openssl/engine.h ../include/openssl/err.h
362engine.o: ../include/openssl/evp.h ../include/openssl/kssl.h
363engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
364engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
365engine.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
366engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h
367engine.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
368engine.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
369engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h
370engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
371engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
372engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
373engine.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
374engine.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
375engine.o: engine.c
376errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
377errstr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
378errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h
379errstr.o: ../include/openssl/crypto.h ../include/openssl/dh.h
380errstr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
381errstr.o: ../include/openssl/engine.h ../include/openssl/err.h
382errstr.o: ../include/openssl/evp.h ../include/openssl/kssl.h
383errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
384errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
385errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
386errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
387errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
388errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
389errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
390errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
391errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
392errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
393errstr.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
394errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
395errstr.o: errstr.c
396gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
397gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
398gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
399gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
400gendh.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
401gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
402gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
403gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
404gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
405gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
406gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
407gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
408gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
409gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
410gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h
411gendh.o: ../include/openssl/x509_vfy.h apps.h gendh.c
412gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
413gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
414gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
415gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
416gendsa.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
417gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
418gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
419gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
420gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
421gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
422gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
423gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
424gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
425gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
426gendsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
427gendsa.o: ../include/openssl/x509_vfy.h apps.h gendsa.c
428genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
429genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
430genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
431genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
432genrsa.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
433genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h
434genrsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
435genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
436genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
437genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
438genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
439genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
440genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
441genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
442genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
443genrsa.o: ../include/openssl/x509_vfy.h apps.h genrsa.c
444nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
445nseq.o: ../include/openssl/bn.h ../include/openssl/buffer.h
446nseq.o: ../include/openssl/conf.h ../include/openssl/crypto.h
447nseq.o: ../include/openssl/dh.h ../include/openssl/dsa.h
448nseq.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
449nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
450nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
451nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
452nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
453nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
454nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
455nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
456nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h
457nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
458nseq.o: ../include/openssl/ui.h ../include/openssl/x509.h
459nseq.o: ../include/openssl/x509_vfy.h apps.h nseq.c
460ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
461ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
462ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h
463ocsp.o: ../include/openssl/crypto.h ../include/openssl/dh.h
464ocsp.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
465ocsp.o: ../include/openssl/engine.h ../include/openssl/err.h
466ocsp.o: ../include/openssl/evp.h ../include/openssl/kssl.h
467ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
468ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
469ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
470ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
471ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
472ocsp.o: ../include/openssl/rand.h ../include/openssl/rsa.h
473ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
474ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
475ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
476ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
477ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
478ocsp.o: ../include/openssl/ui.h ../include/openssl/x509.h
479ocsp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ocsp.c
480openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
481openssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
482openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h
483openssl.o: ../include/openssl/crypto.h ../include/openssl/dh.h
484openssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
485openssl.o: ../include/openssl/engine.h ../include/openssl/err.h
486openssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h
487openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
488openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
489openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
490openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
491openssl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
492openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
493openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
494openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
495openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
496openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
497openssl.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
498openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
499openssl.o: openssl.c progs.h s_apps.h
500passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
501passwd.o: ../include/openssl/bn.h ../include/openssl/buffer.h
502passwd.o: ../include/openssl/conf.h ../include/openssl/crypto.h
503passwd.o: ../include/openssl/des.h ../include/openssl/des_old.h
504passwd.o: ../include/openssl/dh.h ../include/openssl/dsa.h
505passwd.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
506passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
507passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
508passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
509passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
510passwd.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
511passwd.o: ../include/openssl/rand.h ../include/openssl/rsa.h
512passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h
513passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
514passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
515passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
516passwd.o: ../include/openssl/x509_vfy.h apps.h passwd.c
517pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
518pkcs12.o: ../include/openssl/bn.h ../include/openssl/buffer.h
519pkcs12.o: ../include/openssl/conf.h ../include/openssl/crypto.h
520pkcs12.o: ../include/openssl/dh.h ../include/openssl/dsa.h
521pkcs12.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
522pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
523pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
524pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
525pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
526pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
527pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
528pkcs12.o: ../include/openssl/rand.h ../include/openssl/rsa.h
529pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h
530pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
531pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
532pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
533pkcs12.o: pkcs12.c
534pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
535pkcs7.o: ../include/openssl/bn.h ../include/openssl/buffer.h
536pkcs7.o: ../include/openssl/conf.h ../include/openssl/crypto.h
537pkcs7.o: ../include/openssl/dh.h ../include/openssl/dsa.h
538pkcs7.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
539pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
540pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
541pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
542pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
543pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
544pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
545pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
546pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h
547pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
548pkcs7.o: ../include/openssl/ui.h ../include/openssl/x509.h
549pkcs7.o: ../include/openssl/x509_vfy.h apps.h pkcs7.c
550pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
551pkcs8.o: ../include/openssl/bn.h ../include/openssl/buffer.h
552pkcs8.o: ../include/openssl/conf.h ../include/openssl/crypto.h
553pkcs8.o: ../include/openssl/dh.h ../include/openssl/dsa.h
554pkcs8.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
555pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
556pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
557pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
558pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
559pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
560pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
561pkcs8.o: ../include/openssl/rand.h ../include/openssl/rsa.h
562pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
563pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
564pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
565pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs8.c
566rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
567rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h
568rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h
569rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h
570rand.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
571rand.o: ../include/openssl/err.h ../include/openssl/evp.h
572rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
573rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
574rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
575rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
576rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
577rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
578rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
579rand.o: ../include/openssl/ui.h ../include/openssl/x509.h
580rand.o: ../include/openssl/x509_vfy.h apps.h rand.c
581req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
582req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
583req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
584req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
585req.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
586req.o: ../include/openssl/err.h ../include/openssl/evp.h
587req.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
588req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
589req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
590req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
591req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
592req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
593req.o: ../include/openssl/sha.h ../include/openssl/stack.h
594req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
595req.o: ../include/openssl/ui.h ../include/openssl/x509.h
596req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
597rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
598rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
599rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
600rsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
601rsa.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
602rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
603rsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
604rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
605rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
606rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
607rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
608rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
609rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
610rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
611rsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
612rsa.o: ../include/openssl/x509_vfy.h apps.h rsa.c
613rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
614rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
615rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
616rsautl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
617rsautl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
618rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
619rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
620rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
621rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
622rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
623rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
624rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
625rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h
626rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
627rsautl.o: ../include/openssl/ui.h ../include/openssl/x509.h
628rsautl.o: ../include/openssl/x509_vfy.h apps.h rsautl.c
629s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
630s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h
631s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h
632s_cb.o: ../include/openssl/crypto.h ../include/openssl/dh.h
633s_cb.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
634s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h
635s_cb.o: ../include/openssl/evp.h ../include/openssl/kssl.h
636s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
637s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
638s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
639s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
640s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
641s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
642s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
643s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
644s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
645s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
646s_cb.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
647s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h
648s_cb.o: s_cb.c
649s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
650s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
651s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h
652s_client.o: ../include/openssl/crypto.h ../include/openssl/dh.h
653s_client.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
654s_client.o: ../include/openssl/engine.h ../include/openssl/err.h
655s_client.o: ../include/openssl/evp.h ../include/openssl/kssl.h
656s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
657s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
658s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
659s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
660s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
661s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
662s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
663s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
664s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
665s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
666s_client.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
667s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
668s_client.o: s_apps.h s_client.c
669s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
670s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
671s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
672s_server.o: ../include/openssl/crypto.h ../include/openssl/dh.h
673s_server.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
674s_server.o: ../include/openssl/engine.h ../include/openssl/err.h
675s_server.o: ../include/openssl/evp.h ../include/openssl/kssl.h
676s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
677s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
678s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
679s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
680s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
681s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
682s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h
683s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
684s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
685s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
686s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
687s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
688s_server.o: s_apps.h s_server.c
689s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
690s_socket.o: ../include/openssl/bn.h ../include/openssl/buffer.h
691s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h
692s_socket.o: ../include/openssl/crypto.h ../include/openssl/dh.h
693s_socket.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
694s_socket.o: ../include/openssl/engine.h ../include/openssl/err.h
695s_socket.o: ../include/openssl/evp.h ../include/openssl/kssl.h
696s_socket.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
697s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
698s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
699s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
700s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
701s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
702s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h
703s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
704s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
705s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
706s_socket.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
707s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
708s_socket.o: s_apps.h s_socket.c
709s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
710s_time.o: ../include/openssl/bn.h ../include/openssl/buffer.h
711s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h
712s_time.o: ../include/openssl/crypto.h ../include/openssl/dh.h
713s_time.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
714s_time.o: ../include/openssl/engine.h ../include/openssl/err.h
715s_time.o: ../include/openssl/evp.h ../include/openssl/kssl.h
716s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
717s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
718s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
719s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
720s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
721s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
722s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
723s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
724s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
725s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
726s_time.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
727s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
728s_time.o: s_apps.h s_time.c
729sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
730sess_id.o: ../include/openssl/bn.h ../include/openssl/buffer.h
731sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h
732sess_id.o: ../include/openssl/crypto.h ../include/openssl/dh.h
733sess_id.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
734sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h
735sess_id.o: ../include/openssl/evp.h ../include/openssl/kssl.h
736sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
737sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
738sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
739sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
740sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
741sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
742sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
743sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
744sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
745sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
746sess_id.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
747sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
748sess_id.o: sess_id.c
749smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
750smime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
751smime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
752smime.o: ../include/openssl/dh.h ../include/openssl/dsa.h
753smime.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
754smime.o: ../include/openssl/err.h ../include/openssl/evp.h
755smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
756smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
757smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
758smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
759smime.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
760smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
761smime.o: ../include/openssl/sha.h ../include/openssl/stack.h
762smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
763smime.o: ../include/openssl/ui.h ../include/openssl/x509.h
764smime.o: ../include/openssl/x509_vfy.h apps.h smime.c
765speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
766speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
767speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
768speed.o: ../include/openssl/cast.h ../include/openssl/conf.h
769speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
770speed.o: ../include/openssl/des_old.h ../include/openssl/dh.h
771speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
772speed.o: ../include/openssl/engine.h ../include/openssl/err.h
773speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
774speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
775speed.o: ../include/openssl/md2.h ../include/openssl/md4.h
776speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
777speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
778speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
779speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
780speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
781speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
782speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
783speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
784speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
785speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
786speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
787speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h
788spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
789spkac.o: ../include/openssl/bn.h ../include/openssl/buffer.h
790spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h
791spkac.o: ../include/openssl/dh.h ../include/openssl/dsa.h
792spkac.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
793spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
794spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
795spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
796spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
797spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
798spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
799spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
800spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h
801spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
802spkac.o: ../include/openssl/ui.h ../include/openssl/x509.h
803spkac.o: ../include/openssl/x509_vfy.h apps.h spkac.c
804verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
805verify.o: ../include/openssl/bn.h ../include/openssl/buffer.h
806verify.o: ../include/openssl/conf.h ../include/openssl/crypto.h
807verify.o: ../include/openssl/dh.h ../include/openssl/dsa.h
808verify.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
809verify.o: ../include/openssl/err.h ../include/openssl/evp.h
810verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
811verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
812verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
813verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
814verify.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
815verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
816verify.o: ../include/openssl/sha.h ../include/openssl/stack.h
817verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
818verify.o: ../include/openssl/ui.h ../include/openssl/x509.h
819verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
820verify.o: verify.c
821version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
822version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
823version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
824version.o: ../include/openssl/crypto.h ../include/openssl/des.h
825version.o: ../include/openssl/des_old.h ../include/openssl/dh.h
826version.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
827version.o: ../include/openssl/engine.h ../include/openssl/err.h
828version.o: ../include/openssl/evp.h ../include/openssl/idea.h
829version.o: ../include/openssl/lhash.h ../include/openssl/md2.h
830version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
831version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
832version.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
833version.o: ../include/openssl/rand.h ../include/openssl/rc4.h
834version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
835version.o: ../include/openssl/sha.h ../include/openssl/stack.h
836version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
837version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
838version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
839version.o: version.c
840x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
841x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
842x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
843x509.o: ../include/openssl/dh.h ../include/openssl/dsa.h
844x509.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
845x509.o: ../include/openssl/err.h ../include/openssl/evp.h
846x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
847x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
848x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
849x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
850x509.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
851x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
852x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
853x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
854x509.o: ../include/openssl/ui.h ../include/openssl/x509.h
855x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c
diff --git a/src/lib/libssl/src/apps/der_chop.in b/src/lib/libssl/src/apps/der_chop.in
new file mode 100644
index 0000000000..9070b032fc
--- /dev/null
+++ b/src/lib/libssl/src/apps/der_chop.in
@@ -0,0 +1,305 @@
1#!/usr/local/bin/perl
2#
3# der_chop ... this is one total hack that Eric is really not proud of
4# so don't look at it and don't ask for support
5#
6# The "documentation" for this (i.e. all the comments) are my fault --tjh
7#
8# This program takes the "raw" output of derparse/asn1parse and
9# converts it into tokens and then runs regular expression matches
10# to try to figure out what to grab to get the things that are needed
11# and it is possible that this will do the wrong thing as it is a *hack*
12#
13# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
14# [I know ... promises promises :-)]
15#
16# To convert a Netscape Certificate:
17# der_chop < ServerCert.der > cert.pem
18# To convert a Netscape Key (and encrypt it again to protect it)
19# rsa -inform NET -in ServerKey.der -des > key.pem
20#
21# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this
22# is an evil hack. If nothing else the parsing should
23# be relative, not absolute.
24# 19-Apr-96 tjh hacked (with eay) into 0.5.x format
25#
26# Tim Hudson
27# tjh@cryptsoft.com
28#
29
30
31require 'getopts.pl';
32
33$debug=0;
34
35# this was the 0.4.x way of doing things ...
36$cmd="derparse";
37$x509_cmd="x509";
38$crl_cmd="crl";
39$rc4_cmd="rc4";
40$md2_cmd="md2";
41$md4_cmd="md4";
42$rsa_cmd="rsa -des -inform der ";
43
44# this was the 0.5.x way of doing things ...
45$cmd="openssl asn1parse";
46$x509_cmd="openssl x509";
47$crl_cmd="openssl crl";
48$rc4_cmd="openssl rc4";
49$md2_cmd="openssl md2";
50$md4_cmd="openssl md4";
51$rsa_cmd="openssl rsa -des -inform der ";
52
53&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
54$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
55
56&init_der();
57
58if ($#ARGV != -1)
59 {
60 foreach $file (@ARGV)
61 {
62 print STDERR "doing $file\n";
63 &dofile($file);
64 }
65 }
66else
67 {
68 $file="/tmp/a$$.DER";
69 open(OUT,">$file") || die "unable to open $file:$!\n";
70 for (;;)
71 {
72 $i=sysread(STDIN,$b,1024*10);
73 last if ($i <= 0);
74 $i=syswrite(OUT,$b,$i);
75 }
76 &dofile($file);
77 unlink($file);
78 }
79
80sub dofile
81 {
82 local($file)=@_;
83 local(@p);
84
85 $b=&load_file($file);
86 @p=&load_file_parse($file);
87
88 foreach $_ (@p)
89 {
90 ($off,$d,$hl,$len)=&parse_line($_);
91 $d-=$depth;
92 next if ($d != 0);
93 next if ($len == 0);
94
95 $o=substr($b,$off,$len+$hl);
96 ($str,@data)=&der_str($o);
97 print "$str\n" if ($opt_v);
98 if ($str =~ /^$crl/)
99 {
100 open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
101 die "unable to run $crl_cmd:$!\n";
102 print OUT $o;
103 close(OUT);
104 }
105 elsif ($str =~ /^$x509/)
106 {
107 open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
108 || die "unable to run $x509_cmd:$!\n";
109 print OUT $o;
110 close(OUT);
111 }
112 elsif ($str =~ /^$rsa/)
113 {
114 ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
115 next unless ($type eq "rsaEncryption");
116 ($off,$d,$hl,$len)=&parse_line($data[5]);
117 $os=substr($o,$off+$hl,$len);
118 open(OUT,"|$rsa_cmd")
119 || die "unable to run $rsa_cmd:$!\n";
120 print OUT $os;
121 close(OUT);
122 }
123 elsif ($str =~ /^0G-1D-1G/)
124 {
125 ($off,$d,$hl,$len)=&parse_line($data[1]);
126 $os=substr($o,$off+$hl,$len);
127 print STDERR "<$os>\n" if $opt_v;
128 &do_certificate($o,@data)
129 if (($os eq "certificate") &&
130 ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
131 &do_private_key($o,@data)
132 if (($os eq "private-key") &&
133 ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
134 }
135 }
136 }
137
138sub der_str
139 {
140 local($str)=@_;
141 local(*OUT,*IN,@a,$t,$d,$ret);
142 local($file)="/tmp/b$$.DER";
143 local(@ret);
144
145 open(OUT,">$file");
146 print OUT $str;
147 close(OUT);
148 open(IN,"$cmd -inform 'd' -in $file |") ||
149 die "unable to run $cmd:$!\n";
150 $ret="";
151 while (<IN>)
152 {
153 chop;
154 push(@ret,$_);
155
156 print STDERR "$_\n" if ($debug);
157
158 @a=split(/\s*:\s*/);
159 ($d)=($a[1] =~ /d=\s*(\d+)/);
160 $a[2] =~ s/\s+$//;
161 $t=$DER_s2i{$a[2]};
162 $ret.="$d$t-";
163 }
164 close(IN);
165 unlink($file);
166 chop $ret;
167 $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
168 $ret =~ s/(-3G-4B-4L)+/-RCERT/g;
169 return($ret,@ret);
170 }
171
172sub init_der
173 {
174 $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
175 $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
176 $rsa= "0G-1B-1G-2F-2E-1D";
177
178 %DER_i2s=(
179 # SSLeay 0.4.x has this list
180 "A","EOC",
181 "B","INTEGER",
182 "C","BIT STRING",
183 "D","OCTET STRING",
184 "E","NULL",
185 "F","OBJECT",
186 "G","SEQUENCE",
187 "H","SET",
188 "I","PRINTABLESTRING",
189 "J","T61STRING",
190 "K","IA5STRING",
191 "L","UTCTIME",
192 "M","NUMERICSTRING",
193 "N","VIDEOTEXSTRING",
194 "O","GENERALIZEDTIME",
195 "P","GRAPHICSTRING",
196 "Q","ISO64STRING",
197 "R","GENERALSTRING",
198 "S","UNIVERSALSTRING",
199
200 # SSLeay 0.5.x changed some things ... and I'm
201 # leaving in the old stuff but adding in these
202 # to handle the new as well --tjh
203 # - Well I've just taken them out and added the extra new
204 # ones :-) - eay
205 );
206
207 foreach (keys %DER_i2s)
208 { $DER_s2i{$DER_i2s{$_}}=$_; }
209 }
210
211sub parse_line
212 {
213 local($_)=@_;
214
215 return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
216 }
217
218# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE
219# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING
220# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE
221# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE
222# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4
223# 33:d=3 hl=2 l= 0 prim: univ: NULL
224# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
225sub do_private_key
226 {
227 local($data,@struct)=@_;
228 local($file)="/tmp/b$$.DER";
229 local($off,$d,$hl,$len,$_,$b,@p,$s);
230
231 ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
232 if ($type eq "rc4")
233 {
234 ($off,$d,$hl,$len)=&parse_line($struct[6]);
235 open(OUT,"|$rc4_cmd >$file") ||
236 die "unable to run $rc4_cmd:$!\n";
237 print OUT substr($data,$off+$hl,$len);
238 close(OUT);
239
240 $b=&load_file($file);
241 unlink($file);
242
243 ($s,@p)=&der_str($b);
244 die "unknown rsa key type\n$s\n"
245 if ($s ne '0G-1B-1G-2F-2E-1D');
246 local($off,$d,$hl,$len)=&parse_line($p[5]);
247 $b=substr($b,$off+$hl,$len);
248 ($s,@p)=&der_str($b);
249 open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
250 print OUT $b;
251 close(OUT);
252 }
253 else
254 {
255 print "'$type' is unknown\n";
256 exit(1);
257 }
258 }
259
260sub do_certificate
261 {
262 local($data,@struct)=@_;
263 local($file)="/tmp/b$$.DER";
264 local($off,$d,$hl,$len,$_,$b,@p,$s);
265
266 ($off,$d,$hl,$len)=&parse_line($struct[2]);
267 $b=substr($data,$off,$len+$hl);
268
269 open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
270 print OUT $b;
271 close(OUT);
272 }
273
274sub load_file
275 {
276 local($file)=@_;
277 local(*IN,$r,$b,$i);
278
279 $r="";
280 open(IN,"<$file") || die "unable to open $file:$!\n";
281 for (;;)
282 {
283 $i=sysread(IN,$b,10240);
284 last if ($i <= 0);
285 $r.=$b;
286 }
287 close(IN);
288 return($r);
289 }
290
291sub load_file_parse
292 {
293 local($file)=@_;
294 local(*IN,$r,@ret,$_,$i,$n,$b);
295
296 open(IN,"$cmd -inform d -in $file|")
297 || die "unable to run der_parse\n";
298 while (<IN>)
299 {
300 chop;
301 push(@ret,$_);
302 }
303 return($r,@ret);
304 }
305
diff --git a/src/lib/libssl/src/apps/md4.c b/src/lib/libssl/src/apps/md4.c
new file mode 100644
index 0000000000..e4b0aac011
--- /dev/null
+++ b/src/lib/libssl/src/apps/md4.c
@@ -0,0 +1,127 @@
1/* crypto/md4/md4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/md4.h>
62
63#define BUFSIZE 1024*16
64
65void do_fp(FILE *f);
66void pt(unsigned char *md);
67#ifndef _OSD_POSIX
68int read(int, void *, unsigned int);
69#endif
70
71int main(int argc, char **argv)
72 {
73 int i,err=0;
74 FILE *IN;
75
76 if (argc == 1)
77 {
78 do_fp(stdin);
79 }
80 else
81 {
82 for (i=1; i<argc; i++)
83 {
84 IN=fopen(argv[i],"r");
85 if (IN == NULL)
86 {
87 perror(argv[i]);
88 err++;
89 continue;
90 }
91 printf("MD4(%s)= ",argv[i]);
92 do_fp(IN);
93 fclose(IN);
94 }
95 }
96 exit(err);
97 }
98
99void do_fp(FILE *f)
100 {
101 MD4_CTX c;
102 unsigned char md[MD4_DIGEST_LENGTH];
103 int fd;
104 int i;
105 static unsigned char buf[BUFSIZE];
106
107 fd=fileno(f);
108 MD4_Init(&c);
109 for (;;)
110 {
111 i=read(fd,buf,BUFSIZE);
112 if (i <= 0) break;
113 MD4_Update(&c,buf,(unsigned long)i);
114 }
115 MD4_Final(&(md[0]),&c);
116 pt(md);
117 }
118
119void pt(unsigned char *md)
120 {
121 int i;
122
123 for (i=0; i<MD4_DIGEST_LENGTH; i++)
124 printf("%02x",md[i]);
125 printf("\n");
126 }
127
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c
index fea0ffe2cf..3f55e26bdd 100644
--- a/src/lib/libssl/src/apps/speed.c
+++ b/src/lib/libssl/src/apps/speed.c
@@ -1627,7 +1627,7 @@ show_res:
1627#endif 1627#endif
1628#ifdef HZ 1628#ifdef HZ
1629#define as_string(s) (#s) 1629#define as_string(s) (#s)
1630 printf("HZ=%g", (double)HZ); 1630 printf("HZ=%g", HZ);
1631# ifdef _SC_CLK_TCK 1631# ifdef _SC_CLK_TCK
1632 printf(" [sysconf value]"); 1632 printf(" [sysconf value]");
1633# endif 1633# endif
diff --git a/src/lib/libssl/src/certs/ICE-CA.pem b/src/lib/libssl/src/certs/ICE-CA.pem
new file mode 100644
index 0000000000..75652366c2
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE-CA.pem
@@ -0,0 +1,59 @@
1Certificate:
2 Data:
3 Version: 3 (0x2)
4 Serial Number: 1 (0x1)
5 Signature Algorithm: md5WithRSAEncryption
6 Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
7 Validity
8 Not Before: Apr 2 17:35:53 1997 GMT
9 Not After : Apr 2 17:35:53 1998 GMT
10 Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
11 Subject Public Key Info:
12 Public Key Algorithm: rsa
13 RSA Public Key: (512 bit)
14 Modulus (512 bit):
15 00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
16 8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
17 44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
18 e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
19 49:11:a5:c9:45
20 Exponent: 65537 (0x10001)
21 X509v3 extensions:
22 X509v3 Authority Key Identifier:
23 0.........z.."p......e..
24 X509v3 Subject Key Identifier:
25 ..~r..:..B.44fu......3
26 X509v3 Key Usage: critical
27 ....
28 X509v3 Certificate Policies: critical
29 0.0...*...
30 X509v3 Subject Alternative Name:
31 0!..secude-support@darmstadt.gmd.de
32 X509v3 Issuer Alternative Name:
33 0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
34 X509v3 Basic Constraints: critical
35 0....
36 X509v3 CRL Distribution Points:
37 0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
38 Signature Algorithm: md5WithRSAEncryption
39 17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
40 69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
41 98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
42 88:73:cd:60:28:79:a3:fc:48:7a
43-----BEGIN CERTIFICATE-----
44MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
45cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
46QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
47A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
48aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
49AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
50BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
51IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
52NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
53MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
54VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
55LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
56/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
57aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
587Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
59-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ICE-root.pem b/src/lib/libssl/src/certs/ICE-root.pem
new file mode 100644
index 0000000000..fa991599c9
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE-root.pem
@@ -0,0 +1,48 @@
1Certificate:
2 Data:
3 Version: 3 (0x2)
4 Serial Number: 0 (0x0)
5 Signature Algorithm: md5WithRSAEncryption
6 Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
7 Validity
8 Not Before: Apr 2 17:33:36 1997 GMT
9 Not After : Apr 2 17:33:36 1998 GMT
10 Subject: O=European ICE-TEL project, OU=V3-Certification Authority
11 Subject Public Key Info:
12 Public Key Algorithm: rsa
13 RSA Public Key: (512 bit)
14 Modulus (512 bit):
15 00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
16 82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
17 13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
18 9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
19 e7:c7:9f:41:cd
20 Exponent: 65537 (0x10001)
21 X509v3 extensions:
22 X509v3 Subject Key Identifier:
23 ........z.."p......e..
24 X509v3 Key Usage: critical
25 ....
26 X509v3 Subject Alternative Name:
27 0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
28 X509v3 Basic Constraints: critical
29 0....
30 Signature Algorithm: md5WithRSAEncryption
31 76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
32 03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
33 f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
34 7e:22:9f:25:06:60:bd:79:30:3d
35-----BEGIN CERTIFICATE-----
36MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
37cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
38QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
39A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
40aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
41EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
420Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
43ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
44dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
45LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
46iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
47fiKfJQZgvXkwPQ==
48-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ICE-user.pem b/src/lib/libssl/src/certs/ICE-user.pem
new file mode 100644
index 0000000000..28065fd37d
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE-user.pem
@@ -0,0 +1,63 @@
1Certificate:
2 Data:
3 Version: 3 (0x2)
4 Serial Number: 1 (0x1)
5 Signature Algorithm: md5WithRSAEncryption
6 Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
7 Validity
8 Not Before: Apr 2 17:35:59 1997 GMT
9 Not After : Apr 2 17:35:59 1998 GMT
10 Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
11 Subject Public Key Info:
12 Public Key Algorithm: rsa
13 RSA Public Key: (512 bit)
14 Modulus (512 bit):
15 00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
16 de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
17 31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
18 b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
19 be:3e:a4:61:8b
20 Exponent: 65537 (0x10001)
21 X509v3 extensions:
22 X509v3 Authority Key Identifier:
23 0...~r..:..B.44fu......3
24 X509v3 Subject Key Identifier:
25 ...... .*...1.*.......
26 X509v3 Key Usage: critical
27 ....
28 X509v3 Certificate Policies: critical
29 0.0...*...0.......
30 X509v3 Subject Alternative Name:
31 0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
32 X509v3 Issuer Alternative Name:
33 0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
34..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
35 X509v3 Basic Constraints: critical
36 0.
37 X509v3 CRL Distribution Points:
38 0.0.......gmdca@gmd.de
39 Signature Algorithm: md5WithRSAEncryption
40 69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
41 4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
42 c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
43 9a:f7:6f:63:9b:94:99:83:d6:a4
44-----BEGIN CERTIFICATE-----
45MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
46cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
47QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
48OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
49Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
50EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
51qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
52BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
53nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
54A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
55HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
56YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
57dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
58VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
59ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
60Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
61ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
62DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
63-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ICE.crl b/src/lib/libssl/src/certs/ICE.crl
new file mode 100644
index 0000000000..21939e8cc4
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE.crl
@@ -0,0 +1,9 @@
1-----BEGIN X509 CRL-----
2MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
3VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
4NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
5WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
6i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
7KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
8mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
9-----END X509 CRL-----
diff --git a/src/lib/libssl/src/certs/RegTP-4R.pem b/src/lib/libssl/src/certs/RegTP-4R.pem
new file mode 100644
index 0000000000..6f2c6abccd
--- /dev/null
+++ b/src/lib/libssl/src/certs/RegTP-4R.pem
@@ -0,0 +1,19 @@
1issuer= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
2notBefore=Jan 21 16:04:53 1999 GMT
3notAfter=Jan 21 16:04:53 2004 GMT
4subject= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
5-----BEGIN CERTIFICATE-----
6MIICZzCCAdOgAwIBAgIEOwVn1DAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9
7MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWth
8dGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo0Ui1DQSAxOlBO
9MCIYDzE5OTkwMTIxMTYwNDUzWhgPMjAwNDAxMjExNjA0NTNaMG8xCzAJBgNVBAYT
10AkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21t
11dW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNB
12IDE6UE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGAjzHbq2asUlqeWbXTQHso
13aVF6YIPVH3c/B2cbuy9HJ/lnE6x0asOzM2DGDqi47xkdAxPc0LZ0fxO87rkmz7xs
14jJObnVrMXpyUSDSp5Y0wqKJdsFdr6mGFOQZteIti8AJnr8xMkwnWVyuOlEXsFe1h
155gxwQXrOcPinE6qu1t/3PmECBMAAAAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYr
16JAMDAQIFAAOBgQA+RdocBmA2VV9E5aKPBcp01tdZAvvW9Tve3docArVKR/4/yvSX
17Z+wvzzk+uu4qBp49HN3nqPYMrzbTmjBFu4ce5fkZ7dHF0W1sSBL0rox5z36Aq2re
18JjfEOEmSnNe0+opuh4FSVOssXblXTE8lEQU0FhhItgDx2ADnWZibaxLG4w==
19-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ca-cert.pem b/src/lib/libssl/src/certs/ca-cert.pem
new file mode 100644
index 0000000000..bcba68aefa
--- /dev/null
+++ b/src/lib/libssl/src/certs/ca-cert.pem
@@ -0,0 +1,33 @@
1-----BEGIN CERTIFICATE-----
2MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
3MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
4HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
5MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
6ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
7KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
8yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
9b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
105R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
11U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
12R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
13A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
14IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
156aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
163d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
17sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
18-----END CERTIFICATE-----
19-----BEGIN RSA PRIVATE KEY-----
20MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
21gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
222yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
23AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
24hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
25J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
26HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
2721ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
28nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
29MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
30pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
31KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
32XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
33-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/certs/dsa-ca.pem b/src/lib/libssl/src/certs/dsa-ca.pem
new file mode 100644
index 0000000000..9eb08f3ddd
--- /dev/null
+++ b/src/lib/libssl/src/certs/dsa-ca.pem
@@ -0,0 +1,43 @@
1-----BEGIN DSA PRIVATE KEY-----
2Proc-Type: 4,ENCRYPTED
3DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
4
5svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
6Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
7Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
8par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
9zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
10uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
11rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
121QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
13HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
14MVqOsYxGCb+kez0FoDSTgw==
15-----END DSA PRIVATE KEY-----
16-----BEGIN CERTIFICATE REQUEST-----
17MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
18ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
19ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
20sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
21rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
22cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
23bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
24CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
25F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
26vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
27AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
283enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
29AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
30-----END CERTIFICATE REQUEST-----
31-----BEGIN CERTIFICATE-----
32MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
33U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
34CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
35CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
36ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
37AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
38ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
39MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
40MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
41C1Q=
42-----END CERTIFICATE-----
43
diff --git a/src/lib/libssl/src/certs/dsa-pca.pem b/src/lib/libssl/src/certs/dsa-pca.pem
new file mode 100644
index 0000000000..e3641ad47e
--- /dev/null
+++ b/src/lib/libssl/src/certs/dsa-pca.pem
@@ -0,0 +1,49 @@
1-----BEGIN DSA PRIVATE KEY-----
2Proc-Type: 4,ENCRYPTED
3DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
4
5GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
6mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
7of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
8FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
9RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
10qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
11diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
12V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
13hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
14dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
15-----END DSA PRIVATE KEY-----
16-----BEGIN CERTIFICATE REQUEST-----
17MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
18ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
19MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
20lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
21Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
225HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
23aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
24kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
25QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
266NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
27yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
28z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
29nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
30-----END CERTIFICATE REQUEST-----
31-----BEGIN CERTIFICATE-----
32MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
33U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
34CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
35CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
36ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
37ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
38R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
39JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
40BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
41mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
42VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
43uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
44umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
4529nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
46AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
475rKUjNBhSg==
48-----END CERTIFICATE-----
49
diff --git a/src/lib/libssl/src/certs/factory.pem b/src/lib/libssl/src/certs/factory.pem
new file mode 100644
index 0000000000..8e28b391b2
--- /dev/null
+++ b/src/lib/libssl/src/certs/factory.pem
@@ -0,0 +1,15 @@
1-----BEGIN CERTIFICATE-----
2MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
3MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
4DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
5CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
6amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
7iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
8U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
9zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
10BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
11A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
12/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
13lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
14S7ELuYGtmYgYm9NZOIr7yU0=
15-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/nortelCA.pem b/src/lib/libssl/src/certs/nortelCA.pem
new file mode 100644
index 0000000000..207f34ab3a
--- /dev/null
+++ b/src/lib/libssl/src/certs/nortelCA.pem
@@ -0,0 +1,16 @@
1-----BEGIN CERTIFICATE-----
2MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
3BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
4HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
5IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
6MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
7aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
8GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
9ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
10zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
11YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
12hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
13cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
14YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
15-----END CERTIFICATE-----
16
diff --git a/src/lib/libssl/src/certs/pca-cert.pem b/src/lib/libssl/src/certs/pca-cert.pem
new file mode 100644
index 0000000000..9d754d460d
--- /dev/null
+++ b/src/lib/libssl/src/certs/pca-cert.pem
@@ -0,0 +1,33 @@
1-----BEGIN CERTIFICATE-----
2MIIC5jCCAk+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
3MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
4HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzNTQ4WhcN
5MDUwNzExMjEzNTQ4WjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
6ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENB
7ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ2haT/f5Zwy
8V+MiuSDjSR62adBoSiBB7Usty44lXqsp9RICw+DCCxpsn/CfxPEDXLLd4olsWXc6
9JRcxGynbYmnzk+Z6aIPPJQhK3CTvaqGnWKZsA1m+WaUIUqJCuNTK4N+7hMAGaf6S
10S3e9HVgEQ4a34gXJ7VQFVIBNV1EnZRWHAgMBAAGjgbcwgbQwHQYDVR0OBBYEFE0R
11aEcrj18q1dw+G6nJbsTWR213MIGEBgNVHSMEfTB7gBRNEWhHK49fKtXcPhupyW7E
121kdtd6FgpF4wXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
13BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
14NCBiaXQpggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAUa8B3pho
15+Mvxeq9HsEzJxHIFQla05S5J/e/V+DQTYoKiRFchKPrDAdrzYSEvP3h4QJEtsNqQ
16JfOxg5M42uLFq7aPGWkF6ZZqZsYS+zA9IVT14g7gNA6Ne+5QtJqQtH9HA24st0T0
17Tga/lZ9M2ovImovaxSL/kRHbpCWcqWVxpOw=
18-----END CERTIFICATE-----
19-----BEGIN RSA PRIVATE KEY-----
20MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
21wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
22vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
23AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
24z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
25xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
26HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
27yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
28xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
297FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
30h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
31QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
32hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
33-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/certs/rsa-cca.pem b/src/lib/libssl/src/certs/rsa-cca.pem
new file mode 100644
index 0000000000..69f5c1c84c
--- /dev/null
+++ b/src/lib/libssl/src/certs/rsa-cca.pem
@@ -0,0 +1,19 @@
1subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
2issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
3notBefore=941104185834Z
4notAfter =991103185834Z
5-----BEGIN X509 CERTIFICATE-----
6
7MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
8HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
9Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
10OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
11ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
12IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
13975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
14touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
157yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
169/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
170v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
18MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
19-----END X509 CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/timCA.pem b/src/lib/libssl/src/certs/timCA.pem
new file mode 100644
index 0000000000..9c8d5bf9c6
--- /dev/null
+++ b/src/lib/libssl/src/certs/timCA.pem
@@ -0,0 +1,16 @@
1Tims test GCI CA
2
3-----BEGIN CERTIFICATE-----
4MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
5VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
6cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
7cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
8gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
9cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
10dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
11AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
12OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
13AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
14TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
15-----END CERTIFICATE-----
16
diff --git a/src/lib/libssl/src/certs/tjhCA.pem b/src/lib/libssl/src/certs/tjhCA.pem
new file mode 100644
index 0000000000..67bee1b200
--- /dev/null
+++ b/src/lib/libssl/src/certs/tjhCA.pem
@@ -0,0 +1,15 @@
1-----BEGIN CERTIFICATE-----
2MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
3VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
4cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
5IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
6VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
7NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
8EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
9I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
10RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
11KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
12Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
139w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
14WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
15-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/vsign2.pem b/src/lib/libssl/src/certs/vsign2.pem
new file mode 100644
index 0000000000..d8bdd8c812
--- /dev/null
+++ b/src/lib/libssl/src/certs/vsign2.pem
@@ -0,0 +1,18 @@
1subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
2notBefore=Jan 29 00:00:00 1996 GMT
3notAfter=Jan 7 23:59:59 2004 GMT
4-----BEGIN CERTIFICATE-----
5MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
6BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
7c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
8NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
9VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
10bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
11jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
12oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
13uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
14BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
15v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
16G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
171Q==
18-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/vsigntca.pem b/src/lib/libssl/src/certs/vsigntca.pem
new file mode 100644
index 0000000000..05acf76e66
--- /dev/null
+++ b/src/lib/libssl/src/certs/vsigntca.pem
@@ -0,0 +1,18 @@
1subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
2notBefore=Mar 4 00:00:00 1997 GMT
3notAfter=Mar 4 23:59:59 2025 GMT
4-----BEGIN CERTIFICATE-----
5MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
6BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
7cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
8RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
9IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
10NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
11ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
12aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
13aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
14BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
15cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
16ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
17ToLEMaUojc3DuNXHG21PDG8=
18-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/crypto/Makefile b/src/lib/libssl/src/crypto/Makefile
deleted file mode 100644
index eb49323ad5..0000000000
--- a/src/lib/libssl/src/crypto/Makefile
+++ /dev/null
@@ -1,133 +0,0 @@
1LIB= crypto
2CFLAGS+= -DNO_IDEA -DTERMIOS -DL_ENDIAN -DANSI_SOURCE
3CFLAGS+= -I${.CURDIR}/../include
4SRCS+= cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
5CFLAGS+= -I${.CURDIR}/md2
6SRCS+= md2_dgst.c md2_one.c
7CFLAGS+= -I${.CURDIR}/md5
8SRCS+= md5_dgst.c md5_one.c
9CFLAGS+= -I${.CURDIR}/sha
10SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
11CFLAGS+= -I${.CURDIR}/mdc2
12SRCS+= mdc2dgst.c mdc2_one.c
13CFLAGS+= -I${.CURDIR}/hmac
14SRCS+= hmac.c
15CFLAGS+= -I${.CURDIR}/ripemd
16SRCS+= rmd_dgst.c rmd_one.c
17CFLAGS+= -I${.CURDIR}/des
18SRCS+= set_key.c ecb_enc.c cbc_enc.c ecb3_enc.c
19SRCS+= cfb64enc.c cfb64ede.c cfb_enc.c ofb64ede.c
20SRCS+= enc_read.c enc_writ.c ofb64enc.c ofb_enc.c
21SRCS+= str2key.c pcbc_enc.c qud_cksm.c rand_key.c
22SRCS+= read2pwd.c fcrypt.c xcbc_enc.c read_pwd.c
23SRCS+= rpc_enc.c cbc_cksm.c supp.c
24CFLAGS+= -I${.CURDIR}/rc2
25SRCS+= rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c
26SRCS+= rc2ofb64.c
27CFLAGS+= -I${.CURDIR}/rc4
28SRCS+= rc4_skey.c
29CFLAGS+= -I${.CURDIR}/rc5
30SRCS+= rc5_skey.c rc5_ecb.c rc5cfb64.c rc5cfb64.c
31SRCS+= rc5ofb64.c
32CFLAGS+= -I${.CURDIR}/idea
33SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c
34SRCS+= i_skey.c
35CFLAGS+= -I${.CURDIR}/bf
36SRCS+= bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c
37CFLAGS+= -I${.CURDIR}/cast
38SRCS+= c_skey.c c_ecb.c c_cfb64.c c_ofb64.c
39CFLAGS+= -I${.CURDIR}/bn
40SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c
41SRCS+= bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c
42SRCS+= bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c
43SRCS+= bn_sqr.c bn_recp.c bn_mont.c bn_mpi.c
44CFLAGS+= -I${.CURDIR}/rsa
45SRCS+= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c
46SRCS+= rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c
47SRCS+= rsa_none.c
48CFLAGS+= -I${.CURDIR}/dsa
49SRCS+= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c
50SRCS+= dsa_sign.c dsa_err.c
51CFLAGS+= -I${.CURDIR}/dh
52SRCS+= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
53CFLAGS+= -I${.CURDIR}/buffer
54SRCS+= buffer.c buf_err.c
55CFLAGS+= -I${.CURDIR}/bio
56SRCS+= bio_lib.c bio_cb.c bio_err.c bss_mem.c
57SRCS+= bss_null.c bss_fd.c bss_file.c bss_sock.c
58SRCS+= bss_conn.c bf_null.c bf_buff.c
59SRCS+= b_print.c b_dump.c b_sock.c bss_acpt.c
60SRCS+= bf_nbio.c
61CFLAGS+= -I${.CURDIR}/stack
62SRCS+= stack.c
63CFLAGS+= -I${.CURDIR}/lhash
64SRCS+= lhash.c lh_stats.c
65CFLAGS+= -I${.CURDIR}/rand
66SRCS+= md_rand.c randfile.c
67CFLAGS+= -I${.CURDIR}/err
68SRCS+= err.c err_all.c err_prn.c
69CFLAGS+= -I${.CURDIR}/objects
70SRCS+= obj_dat.c obj_lib.c obj_err.c
71CFLAGS+= -I${.CURDIR}/evp
72SRCS+= encode.c digest.c evp_enc.c evp_key.c
73SRCS+= e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c
74SRCS+= e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c
75SRCS+= e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c
76SRCS+= e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c
77SRCS+= e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c
78SRCS+= e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c
79SRCS+= e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c
80SRCS+= e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c
81SRCS+= m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c
82SRCS+= m_dss1.c m_mdc2.c m_ripemd.c p_open.c
83SRCS+= p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c
84SRCS+= p_dec.c bio_md.c bio_b64.c bio_enc.c
85SRCS+= evp_err.c e_null.c c_all.c evp_lib.c
86CFLAGS+= -I${.CURDIR}/pem
87SRCS+= pem_sign.c pem_seal.c pem_info.c pem_lib.c
88SRCS+= pem_all.c pem_err.c
89CFLAGS+= -I${.CURDIR}/asn1
90SRCS+= a_object.c a_bitstr.c a_utctm.c a_int.c
91SRCS+= a_octet.c a_print.c a_type.c a_set.c
92SRCS+= a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c
93SRCS+= a_digest.c a_verify.c x_algor.c x_val.c
94SRCS+= x_pubkey.c x_sig.c x_req.c x_attrib.c
95SRCS+= x_name.c x_cinf.c x_x509.c x_crl.c
96SRCS+= x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c
97SRCS+= d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c
98SRCS+= d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c
99SRCS+= i2d_pu.c i2d_pr.c t_req.c t_x509.c
100SRCS+= t_pkey.c p7_i_s.c p7_signi.c p7_signd.c
101SRCS+= p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c
102SRCS+= p7_s_e.c p7_enc.c p7_lib.c f_int.c
103SRCS+= f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c
104SRCS+= d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c
105SRCS+= a_bool.c x_exten.c asn1_par.c asn1_lib.c
106SRCS+= asn1_err.c a_meth.c a_bytes.c evp_asn1.c
107CFLAGS+= -I${.CURDIR}/x509
108SRCS+= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c
109SRCS+= x509_obj.c x509_req.c x509_vfy.c x509_set.c
110SRCS+= x509rset.c x509_err.c x509name.c x509_v3.c
111SRCS+= x509_ext.c x509pack.c x509type.c x509_lu.c
112SRCS+= x_all.c x509_txt.c by_file.c by_dir.c
113SRCS+= v3_net.c v3_x509.c
114CFLAGS+= -I${.CURDIR}/conf
115SRCS+= conf.c conf_err.c
116CFLAGS+= -I${.CURDIR}/txt_db
117SRCS+= txt_db.c
118CFLAGS+= -I${.CURDIR}/pkcs7
119SRCS+= pk7_lib.c pkcs7err.c pk7_doit.c
120
121.PATH: ${.CURDIR}/md2 ${.CURDIR}/md5 ${.CURDIR}/sha ${.CURDIR}/mdc2 \
122 ${.CURDIR}/hmac ${.CURDIR}/ripemd ${.CURDIR}/des ${.CURDIR}/rc2 \
123 ${.CURDIR}/rc4 ${.CURDIR}/rc5 ${.CURDIR}/idea ${.CURDIR}/bf \
124 ${.CURDIR}/cast ${.CURDIR}/bn ${.CURDIR}/rsa ${.CURDIR}/dsa \
125 ${.CURDIR}/dh ${.CURDIR}/buffer ${.CURDIR}/bio ${.CURDIR}/stack \
126 ${.CURDIR}/lhash ${.CURDIR}/rand ${.CURDIR}/err ${.CURDIR}/objects \
127 ${.CURDIR}/evp ${.CURDIR}/pem ${.CURDIR}/asn1 ${.CURDIR}/asn1 \
128 ${.CURDIR}/x509 ${.CURDIR}/conf txt_db/txt_db.c ${.CURDIR}/pkcs7 \
129 ${.CURDIR}/txt_db
130
131.include <bsd.lib.mk>
132
133
diff --git a/src/lib/libssl/src/crypto/Makefile.ssl b/src/lib/libssl/src/crypto/Makefile.ssl
new file mode 100644
index 0000000000..0f036167f0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/Makefile.ssl
@@ -0,0 +1,214 @@
1#
2# SSLeay/crypto/Makefile
3#
4
5DIR= crypto
6TOP= ..
7CC= cc
8INCLUDE= -I. -I$(TOP) -I../include
9INCLUDES= -I.. -I../.. -I../../include
10CFLAG= -g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP= /usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18RM= rm -f
19AR= ar r
20
21PEX_LIBS=
22EX_LIBS=
23
24CFLAGS= $(INCLUDE) $(CFLAG)
25
26
27LIBS=
28
29SDIRS= md2 md5 sha mdc2 hmac ripemd \
30 des rc2 rc4 rc5 idea bf cast \
31 bn ec rsa dsa dh dso engine aes \
32 buffer bio stack lhash rand err objects \
33 evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
34
35GENERAL=Makefile README crypto-lib.com install.com
36
37LIB= $(TOP)/libcrypto.a
38SHARED_LIB= libcrypto$(SHLIB_EXT)
39LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c
40LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o
41
42SRC= $(LIBSRC)
43
44EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
45 ossl_typ.h
46HEADER= cryptlib.h buildinf.h md32_common.h o_time.h $(EXHEADER)
47
48ALL= $(GENERAL) $(SRC) $(HEADER)
49
50top:
51 @(cd ..; $(MAKE) DIRS=$(DIR) all)
52
53all: buildinf.h lib subdirs shared
54
55buildinf.h: ../Makefile.ssl
56 ( echo "#ifndef MK1MF_BUILD"; \
57 echo ' /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \
58 echo ' #define CFLAGS "$(CC) $(CFLAG)"'; \
59 echo ' #define PLATFORM "$(PLATFORM)"'; \
60 echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
61 echo '#endif' ) >buildinf.h
62
63testapps:
64 if echo ${SDIRS} | fgrep ' des '; \
65 then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi
66 cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps
67
68subdirs:
69 @for i in $(SDIRS) ;\
70 do \
71 (cd $$i && echo "making all in crypto/$$i..." && \
72 $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
73 done;
74
75files:
76 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
77 @for i in $(SDIRS) ;\
78 do \
79 (cd $$i && echo "making 'files' in crypto/$$i..." && \
80 $(MAKE) PERL='${PERL}' files ); \
81 done;
82
83links:
84 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
85 @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
86 @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
87 @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
88 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
89 @for i in $(SDIRS); do \
90 (cd $$i && echo "making links in crypto/$$i..." && \
91 $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
92 done;
93
94lib: $(LIBOBJ)
95 $(AR) $(LIB) $(LIBOBJ)
96 $(RANLIB) $(LIB) || echo Never mind.
97 @touch lib
98
99shared:
100 if [ -n "$(SHARED_LIBS)" ]; then \
101 (cd ..; make $(SHARED_LIB)); \
102 fi
103
104libs:
105 @for i in $(SDIRS) ;\
106 do \
107 (cd $$i && echo "making libs in crypto/$$i..." && \
108 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
109 done;
110
111tests:
112 @for i in $(SDIRS) ;\
113 do \
114 (cd $$i && echo "making tests in crypto/$$i..." && \
115 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \
116 done;
117
118install:
119 @for i in $(EXHEADER) ;\
120 do \
121 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
122 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
123 done;
124 @for i in $(SDIRS) ;\
125 do \
126 (cd $$i && echo "making install in crypto/$$i..." && \
127 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
128 done;
129
130lint:
131 @for i in $(SDIRS) ;\
132 do \
133 (cd $$i && echo "making lint in crypto/$$i..." && \
134 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
135 done;
136
137depend:
138 if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist
139 $(MAKEDEPEND) $(INCLUDE) $(DEPFLAG) $(PROGS) $(LIBSRC)
140 if [ ! -s buildinf.h ]; then rm buildinf.h; fi
141 @for i in $(SDIRS) ;\
142 do \
143 (cd $$i && echo "making depend in crypto/$$i..." && \
144 $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' depend ); \
145 done;
146
147clean:
148 rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
149 @for i in $(SDIRS) ;\
150 do \
151 (cd $$i && echo "making clean in crypto/$$i..." && \
152 $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
153 done;
154
155dclean:
156 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
157 mv -f Makefile.new $(MAKEFILE)
158 @for i in $(SDIRS) ;\
159 do \
160 (cd $$i && echo "making dclean in crypto/$$i..." && \
161 $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
162 done;
163
164# DO NOT DELETE THIS LINE -- make depend depends on it.
165
166cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
167cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
168cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
169cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
170cpt_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cpt_err.c
171cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
172cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
173cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h
174cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
175cryptlib.o: ../include/openssl/safestack.h ../include/openssl/stack.h
176cryptlib.o: ../include/openssl/symhacks.h cryptlib.c cryptlib.h
177cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
178cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
179cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h
180cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
181cversion.o: ../include/openssl/safestack.h ../include/openssl/stack.h
182cversion.o: ../include/openssl/symhacks.h buildinf.h cryptlib.h cversion.c
183ebcdic.o: ../include/openssl/opensslconf.h ebcdic.c
184ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
185ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
186ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h
187ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
188ex_data.o: ../include/openssl/safestack.h ../include/openssl/stack.h
189ex_data.o: ../include/openssl/symhacks.h cryptlib.h ex_data.c
190mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
191mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
192mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
193mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
194mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h
195mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c
196mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
197mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
198mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
199mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
200mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h
201mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c
202o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
203o_time.o: o_time.h
204tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
205tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
206tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h
207tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
208tmdiff.o: ../include/openssl/safestack.h ../include/openssl/stack.h
209tmdiff.o: ../include/openssl/symhacks.h ../include/openssl/tmdiff.h cryptlib.h
210tmdiff.o: tmdiff.c
211uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
212uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
213uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h
214uid.o: ../include/openssl/symhacks.h uid.c
diff --git a/src/lib/libssl/src/crypto/aes/Makefile.ssl b/src/lib/libssl/src/crypto/aes/Makefile.ssl
new file mode 100644
index 0000000000..aa16bbee2a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/aes/Makefile.ssl
@@ -0,0 +1,103 @@
1#
2# crypto/aes/Makefile
3#
4
5DIR= aes
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP= /usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
21CFLAGS= $(INCLUDES) $(CFLAG)
22
23GENERAL=Makefile
24#TEST=aestest.c
25TEST=
26APPS=
27
28LIB=$(TOP)/libcrypto.a
29LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
30LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o
31
32SRC= $(LIBSRC)
33
34EXHEADER= aes.h
35HEADER= aes_locl.h $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49$(LIBOBJ): $(LIBSRC)
50
51files:
52 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
53
54links:
55 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
56 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
57 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
58 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
59
60install: installs
61
62installs:
63 @for i in $(EXHEADER) ; \
64 do \
65 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
66 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
67 done;
68
69tags:
70 ctags $(SRC)
71
72tests:
73
74lint:
75 lint -DLINT $(INCLUDES) $(SRC)>fluff
76
77depend:
78 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
79
80dclean:
81 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
82 mv -f Makefile.new $(MAKEFILE)
83
84clean:
85 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
86
87# DO NOT DELETE THIS LINE -- make depend depends on it.
88
89aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
90aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h
91aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
92aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c aes_locl.h
93aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
94aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
95aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
96aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
97aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
98aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
99aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
100aes_misc.o: ../../include/openssl/opensslconf.h
101aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
102aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
103aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c
diff --git a/src/lib/libssl/src/crypto/asn1/Makefile.ssl b/src/lib/libssl/src/crypto/asn1/Makefile.ssl
new file mode 100644
index 0000000000..71397df5c8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/Makefile.ssl
@@ -0,0 +1,886 @@
1#
2# SSLeay/crypto/asn1/Makefile
3#
4
5DIR= asn1
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
27 a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
28 a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
29 x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
30 x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
31 d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
32 t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
33 tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
34 f_int.c f_string.c n_pkey.c \
35 f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
36 asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
37 evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
38LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
39 a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
40 a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
41 x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
42 x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
43 d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
44 t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
45 tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
46 f_int.o f_string.o n_pkey.o \
47 f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
48 asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
49 evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
50
51SRC= $(LIBSRC)
52
53EXHEADER= asn1.h asn1_mac.h asn1t.h
54HEADER= $(EXHEADER)
55
56ALL= $(GENERAL) $(SRC) $(HEADER)
57
58top:
59 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
60
61test: test.c
62 cc -g -I../../include -c test.c
63 cc -g -I../../include -o test test.o -L../.. -lcrypto
64
65pk: pk.c
66 cc -g -I../../include -c pk.c
67 cc -g -I../../include -o pk pk.o -L../.. -lcrypto
68
69all: lib
70
71lib: $(LIBOBJ)
72 $(AR) $(LIB) $(LIBOBJ)
73 $(RANLIB) $(LIB) || echo Never mind.
74 @touch lib
75
76files:
77 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
78
79links:
80 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
81 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
82 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
83 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
84
85install:
86 @for i in $(EXHEADER) ; \
87 do \
88 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
89 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
90 done;
91
92tags:
93 ctags $(SRC)
94
95tests:
96
97lint:
98 lint -DLINT $(INCLUDES) $(SRC)>fluff
99
100depend:
101 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
102
103dclean:
104 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
105 mv -f Makefile.new $(MAKEFILE)
106
107clean:
108 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
109
110
111# DO NOT DELETE THIS LINE -- make depend depends on it.
112
113a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
114a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
115a_bitstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
116a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
117a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
118a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
119a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
120a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
121a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
122a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
123a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
124a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
125a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
126a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
127a_bool.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
128a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
129a_bool.o: ../cryptlib.h a_bool.c
130a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
131a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
132a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
133a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
134a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
135a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
136a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
137a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bytes.c
138a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
139a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
140a_d2i_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
141a_d2i_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
142a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
143a_d2i_fp.o: ../../include/openssl/opensslconf.h
144a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
145a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
146a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
147a_digest.o: ../../e_os.h ../../include/openssl/asn1.h
148a_digest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
149a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
150a_digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
151a_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
152a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
153a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
154a_digest.o: ../../include/openssl/opensslconf.h
155a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
156a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
157a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
158a_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
159a_digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
160a_digest.o: ../cryptlib.h a_digest.c
161a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
162a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
163a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
164a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
165a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
166a_dup.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
167a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
168a_dup.o: ../cryptlib.h a_dup.c
169a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
170a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
171a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
172a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
173a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
174a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
175a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
176a_enum.o: ../cryptlib.h a_enum.c
177a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
178a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
179a_gentm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
180a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
181a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
182a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
183a_gentm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
184a_gentm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_gentm.c
185a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h
186a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
187a_hdr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
188a_hdr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
189a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
190a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
191a_hdr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
192a_hdr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
193a_hdr.o: ../cryptlib.h a_hdr.c
194a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
195a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
196a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
197a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
198a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
199a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
200a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
201a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
202a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
203a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
204a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
205a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
206a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
207a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
208a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
209a_int.o: ../cryptlib.h a_int.c
210a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
211a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
212a_mbstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
213a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
214a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
215a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
216a_mbstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
217a_mbstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_mbstr.c
218a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
219a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
220a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
221a_meth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
222a_meth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
223a_meth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
224a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
225a_meth.o: ../cryptlib.h a_meth.c
226a_object.o: ../../e_os.h ../../include/openssl/asn1.h
227a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
228a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
229a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
230a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
231a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
232a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
233a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
234a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
235a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
236a_octet.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
237a_octet.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
238a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
239a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
240a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
241a_octet.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
242a_octet.o: ../../include/openssl/symhacks.h ../cryptlib.h a_octet.c
243a_print.o: ../../e_os.h ../../include/openssl/asn1.h
244a_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
245a_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
246a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
247a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
248a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
249a_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
250a_print.o: ../../include/openssl/symhacks.h ../cryptlib.h a_print.c
251a_set.o: ../../e_os.h ../../include/openssl/asn1.h
252a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
253a_set.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
254a_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
255a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
256a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
257a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
258a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
259a_set.o: ../cryptlib.h a_set.c
260a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
261a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
262a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
263a_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
264a_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
265a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
266a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
267a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
268a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
269a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
270a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
271a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
272a_sign.o: ../cryptlib.h a_sign.c
273a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
274a_strex.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
275a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
276a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
277a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
278a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
279a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
280a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
281a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
282a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
283a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
284a_strex.o: ../../include/openssl/x509_vfy.h a_strex.c charmap.h
285a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
286a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
287a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
288a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
289a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
290a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
291a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
292a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
293a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
294a_time.o: ../../e_os.h ../../include/openssl/asn1.h
295a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
296a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
297a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
298a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
299a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
300a_time.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
301a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
302a_time.o: ../cryptlib.h ../o_time.h a_time.c
303a_type.o: ../../e_os.h ../../include/openssl/asn1.h
304a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
305a_type.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
306a_type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
307a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
308a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
309a_type.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
310a_type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
311a_type.o: ../cryptlib.h a_type.c
312a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
313a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
314a_utctm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
315a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
316a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
317a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
318a_utctm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
319a_utctm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_utctm.c
320a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
321a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
322a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
323a_utf8.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
324a_utf8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
325a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
326a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
327a_utf8.o: ../cryptlib.h a_utf8.c
328a_verify.o: ../../e_os.h ../../include/openssl/asn1.h
329a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
330a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
331a_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
332a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
333a_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
334a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
335a_verify.o: ../../include/openssl/opensslconf.h
336a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
337a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
338a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
339a_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
340a_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
341a_verify.o: ../cryptlib.h a_verify.c
342asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
343asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
344asn1_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
345asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
346asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
347asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
348asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
349asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
350asn1_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
351asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
352asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
353asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
354asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
355asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
356asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
357asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
358asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
359asn1_par.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
360asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
361asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
362asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
363asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
364asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
365asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
366asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
367asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
368asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
369asn_moid.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
370asn_moid.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
371asn_moid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
372asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
373asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
374asn_moid.o: ../../include/openssl/opensslconf.h
375asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
376asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
377asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
378asn_moid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
379asn_moid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
380asn_moid.o: ../cryptlib.h asn_moid.c
381asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
382asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
383asn_pack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
384asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
385asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
386asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
387asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
388asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
389d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
390d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
391d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
392d2i_pr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
393d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
394d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
395d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
396d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
397d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
398d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
399d2i_pr.o: ../cryptlib.h d2i_pr.c
400d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
401d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
402d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
403d2i_pu.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
404d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
405d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
406d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
407d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
408d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
409d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
410d2i_pu.o: ../cryptlib.h d2i_pu.c
411evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
412evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
413evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
414evp_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
415evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
416evp_asn1.o: ../../include/openssl/opensslconf.h
417evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
418evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
419evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
420f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
421f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
422f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
423f_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
424f_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
425f_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
426f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
427f_enum.o: ../cryptlib.h f_enum.c
428f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
429f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
430f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
431f_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
432f_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
433f_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
434f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
435f_int.o: ../cryptlib.h f_int.c
436f_string.o: ../../e_os.h ../../include/openssl/asn1.h
437f_string.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
438f_string.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
439f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
440f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
441f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
442f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
443f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
444i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
445i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
446i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
447i2d_pr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
448i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
449i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
450i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
451i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
452i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
453i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
454i2d_pr.o: ../cryptlib.h i2d_pr.c
455i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
456i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
457i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
458i2d_pu.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
459i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
460i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
461i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
462i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
463i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
464i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
465i2d_pu.o: ../cryptlib.h i2d_pu.c
466n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
467n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
468n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
469n_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
470n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
471n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
472n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
473n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
474n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
475n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
476n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
477n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
478n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
479n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c
480nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
481nsseq.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
482nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
483nsseq.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
484nsseq.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
485nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
486nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
487nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
488nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
489nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
490nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
491nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
492p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
493p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
494p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
495p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
496p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
497p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
498p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
499p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
500p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
501p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
502p5_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
503p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
504p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
505p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c
506p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
507p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
508p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
509p5_pbev2.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
510p5_pbev2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
511p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
512p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
513p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
514p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
515p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
516p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
517p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
518p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
519p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbev2.c
520p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
521p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
522p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
523p8_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
524p8_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
525p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
526p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
527p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
528p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
529p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
530p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
531p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
532p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
533p8_pkey.o: ../cryptlib.h p8_pkey.c
534t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
535t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
536t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
537t_bitst.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
538t_bitst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
539t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
540t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
541t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
542t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
543t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
544t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
545t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
546t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
547t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
548t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
549t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
550t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
551t_crl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
552t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
553t_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
554t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
555t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
556t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
557t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
558t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
559t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
560t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
561t_crl.o: ../cryptlib.h t_crl.c
562t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
563t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
564t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
565t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
566t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
567t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
568t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
569t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
570t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c
571t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
572t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
573t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
574t_req.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
575t_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
576t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
577t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
578t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
579t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
580t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
581t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
582t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
583t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
584t_req.o: ../cryptlib.h t_req.c
585t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
586t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
587t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
588t_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
589t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
590t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
591t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
592t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
593t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
594t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
595t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
596t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
597t_spki.o: ../cryptlib.h t_spki.c
598t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
599t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
600t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
601t_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
602t_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
603t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
604t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
605t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
606t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
607t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
608t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
609t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
610t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
611t_x509.o: ../cryptlib.h t_x509.c
612t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
613t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
614t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
615t_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
616t_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
617t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
618t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
619t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
620t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
621t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
622t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
623t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
624t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
625tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
626tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
627tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
628tasn_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
629tasn_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
630tasn_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
631tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
632tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
633tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
634tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
635tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
636tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
637tasn_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
638tasn_enc.o: ../../include/openssl/opensslconf.h
639tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
640tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
641tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c
642tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
643tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
644tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
645tasn_fre.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
646tasn_fre.o: ../../include/openssl/opensslconf.h
647tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
648tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
649tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
650tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
651tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
652tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
653tasn_new.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
654tasn_new.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
655tasn_new.o: ../../include/openssl/opensslconf.h
656tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
657tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
658tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
659tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
660tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
661tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
662tasn_typ.o: ../../include/openssl/opensslconf.h
663tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
664tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
665tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
666tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
667tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
668tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
669tasn_utl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
670tasn_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
671tasn_utl.o: ../../include/openssl/opensslconf.h
672tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
673tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
674tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
675x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
676x_algor.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
677x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
678x_algor.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
679x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
680x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
681x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
682x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
683x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
684x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
685x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
686x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
687x_algor.o: x_algor.c
688x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
689x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
690x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
691x_attrib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
692x_attrib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
693x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
694x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
695x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
696x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
697x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
698x_attrib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
699x_attrib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
700x_attrib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
701x_attrib.o: ../cryptlib.h x_attrib.c
702x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
703x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
704x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
705x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
706x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
707x_bignum.o: ../../include/openssl/opensslconf.h
708x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
709x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
710x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
711x_crl.o: ../../e_os.h ../../include/openssl/asn1.h
712x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
713x_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
714x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
715x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
716x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
717x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
718x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
719x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
720x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
721x_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
722x_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
723x_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
724x_crl.o: ../cryptlib.h x_crl.c
725x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
726x_exten.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
727x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
728x_exten.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
729x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
730x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
731x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
732x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
733x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
734x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
735x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
736x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
737x_exten.o: x_exten.c
738x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
739x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
740x_info.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
741x_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
742x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
743x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
744x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
745x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
746x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
747x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
748x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
749x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
750x_info.o: ../cryptlib.h x_info.c
751x_long.o: ../../e_os.h ../../include/openssl/asn1.h
752x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
753x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
754x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
755x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
756x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
757x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
758x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
759x_long.o: ../cryptlib.h x_long.c
760x_name.o: ../../e_os.h ../../include/openssl/asn1.h
761x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
762x_name.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
763x_name.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
764x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
765x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
766x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
767x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
768x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
769x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
770x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
771x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
772x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
773x_name.o: ../cryptlib.h x_name.c
774x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
775x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
776x_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
777x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
778x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
779x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
780x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
781x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
782x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
783x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
784x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
785x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
786x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
787x_pkey.o: ../cryptlib.h x_pkey.c
788x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
789x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
790x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
791x_pubkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
792x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
793x_pubkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
794x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
795x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
796x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
797x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
798x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
799x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
800x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
801x_pubkey.o: ../cryptlib.h x_pubkey.c
802x_req.o: ../../e_os.h ../../include/openssl/asn1.h
803x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
804x_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
805x_req.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
806x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
807x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
808x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
809x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
810x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
811x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
812x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
813x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
814x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
815x_req.o: ../cryptlib.h x_req.c
816x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
817x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
818x_sig.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
819x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
820x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
821x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
822x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
823x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
824x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
825x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
826x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
827x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
828x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
829x_sig.o: ../cryptlib.h x_sig.c
830x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
831x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
832x_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
833x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
834x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
835x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
836x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
837x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
838x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
839x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
840x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
841x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
842x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
843x_spki.o: ../cryptlib.h x_spki.c
844x_val.o: ../../e_os.h ../../include/openssl/asn1.h
845x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
846x_val.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
847x_val.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
848x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
849x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
850x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
851x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
852x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
853x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
854x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
855x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
856x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
857x_val.o: ../cryptlib.h x_val.c
858x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
859x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
860x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
861x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
862x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
863x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
864x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
865x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
866x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
867x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
868x_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
869x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
870x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
871x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
872x_x509.o: ../cryptlib.h x_x509.c
873x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
874x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
875x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
876x_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
877x_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
878x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
879x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
880x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
881x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
882x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
883x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
884x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
885x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
886x_x509a.o: ../cryptlib.h x_x509a.c
diff --git a/src/lib/libssl/src/crypto/asn1/a_utctm.c b/src/lib/libssl/src/crypto/asn1/a_utctm.c
index ed2d827db2..dbb4a42c9d 100644
--- a/src/lib/libssl/src/crypto/asn1/a_utctm.c
+++ b/src/lib/libssl/src/crypto/asn1/a_utctm.c
@@ -222,6 +222,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
222int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) 222int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
223 { 223 {
224 struct tm *tm; 224 struct tm *tm;
225 struct tm data;
225 int offset; 226 int offset;
226 int year; 227 int year;
227 228
@@ -238,7 +239,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
238 239
239 t -= offset*60; /* FIXME: may overflow in extreme cases */ 240 t -= offset*60; /* FIXME: may overflow in extreme cases */
240 241
241 { struct tm data; tm = OPENSSL_gmtime(&t, &data); } 242 tm = OPENSSL_gmtime(&t, &data);
242 243
243#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 244#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
244 year = g2(s->data); 245 year = g2(s->data);
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
index 830ff2af3c..f210be9559 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -57,6 +57,7 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <limits.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include <openssl/asn1.h> 62#include <openssl/asn1.h>
62 63
@@ -123,15 +124,13 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
123 (int)(omax+ *pp)); 124 (int)(omax+ *pp));
124 125
125#endif 126#endif
126#if 0 127 if (*plength > (omax - (p - *pp)))
127 if ((p+ *plength) > (omax+ *pp))
128 { 128 {
129 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); 129 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
130 /* Set this so that even if things are not long enough 130 /* Set this so that even if things are not long enough
131 * the values are set correctly */ 131 * the values are set correctly */
132 ret|=0x80; 132 ret|=0x80;
133 } 133 }
134#endif
135 *pp=p; 134 *pp=p;
136 return(ret|inf); 135 return(ret|inf);
137err: 136err:
@@ -142,7 +141,7 @@ err:
142static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) 141static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
143 { 142 {
144 unsigned char *p= *pp; 143 unsigned char *p= *pp;
145 long ret=0; 144 unsigned long ret=0;
146 int i; 145 int i;
147 146
148 if (max-- < 1) return(0); 147 if (max-- < 1) return(0);
@@ -158,6 +157,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
158 i= *p&0x7f; 157 i= *p&0x7f;
159 if (*(p++) & 0x80) 158 if (*(p++) & 0x80)
160 { 159 {
160 if (i > sizeof(long))
161 return 0;
161 if (max-- == 0) return(0); 162 if (max-- == 0) return(0);
162 while (i-- > 0) 163 while (i-- > 0)
163 { 164 {
@@ -169,8 +170,10 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
169 else 170 else
170 ret=i; 171 ret=i;
171 } 172 }
173 if (ret > LONG_MAX)
174 return 0;
172 *pp=p; 175 *pp=p;
173 *rl=ret; 176 *rl=(long)ret;
174 return(1); 177 return(1);
175 } 178 }
176 179
@@ -406,7 +409,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
406 409
407void asn1_add_error(unsigned char *address, int offset) 410void asn1_add_error(unsigned char *address, int offset)
408 { 411 {
409 char buf1[16],buf2[16]; 412 char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
410 413
411 sprintf(buf1,"%lu",(unsigned long)address); 414 sprintf(buf1,"%lu",(unsigned long)address);
412 sprintf(buf2,"%d",offset); 415 sprintf(buf2,"%d",offset);
diff --git a/src/lib/libssl/src/crypto/asn1/f.c b/src/lib/libssl/src/crypto/asn1/f.c
new file mode 100644
index 0000000000..82bccdfd51
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/f.c
@@ -0,0 +1,80 @@
1/* crypto/asn1/f.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#include <stdio.h>
59#include <openssl/asn1.h>
60#include <openssl/err.h>
61
62main()
63 {
64 ASN1_TYPE *at;
65 char buf[512];
66 int n;
67 long l;
68
69 at=ASN1_TYPE_new();
70
71 n=ASN1_TYPE_set_int_octetstring(at,98736,"01234567",8);
72 printf("%d\n",n);
73 n=ASN1_TYPE_get_int_octetstring(at,&l,buf,8);
74 buf[8]='\0';
75 printf("%ld %d %d\n",l,n,buf[8]);
76 buf[8]='\0';
77 printf("%s\n",buf);
78 ERR_load_crypto_strings();
79 ERR_print_errors_fp(stderr);
80 }
diff --git a/src/lib/libssl/src/crypto/asn1/x_cinf.c b/src/lib/libssl/src/crypto/asn1/x_cinf.c
new file mode 100644
index 0000000000..339a110eef
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_cinf.c
@@ -0,0 +1,201 @@
1/* crypto/asn1/x_cinf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_X509_CINF(X509_CINF *a, unsigned char **pp)
65 {
66 int v1=0,v2=0;
67 M_ASN1_I2D_vars(a);
68
69 M_ASN1_I2D_len_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
70 M_ASN1_I2D_len(a->serialNumber, i2d_ASN1_INTEGER);
71 M_ASN1_I2D_len(a->signature, i2d_X509_ALGOR);
72 M_ASN1_I2D_len(a->issuer, i2d_X509_NAME);
73 M_ASN1_I2D_len(a->validity, i2d_X509_VAL);
74 M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
75 M_ASN1_I2D_len(a->key, i2d_X509_PUBKEY);
76 M_ASN1_I2D_len_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING);
77 M_ASN1_I2D_len_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING);
78 M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
79 i2d_X509_EXTENSION,3,
80 V_ASN1_SEQUENCE,v2);
81
82 M_ASN1_I2D_seq_total();
83
84 M_ASN1_I2D_put_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
85 M_ASN1_I2D_put(a->serialNumber, i2d_ASN1_INTEGER);
86 M_ASN1_I2D_put(a->signature, i2d_X509_ALGOR);
87 M_ASN1_I2D_put(a->issuer, i2d_X509_NAME);
88 M_ASN1_I2D_put(a->validity, i2d_X509_VAL);
89 M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
90 M_ASN1_I2D_put(a->key, i2d_X509_PUBKEY);
91 M_ASN1_I2D_put_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING,1);
92 M_ASN1_I2D_put_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING,2);
93 M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
94 i2d_X509_EXTENSION,3,
95 V_ASN1_SEQUENCE,v2);
96
97 M_ASN1_I2D_finish();
98 }
99
100X509_CINF *d2i_X509_CINF(X509_CINF **a, unsigned char **pp, long length)
101 {
102 int ver=0;
103 M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new);
104
105 M_ASN1_D2I_Init();
106 M_ASN1_D2I_start_sequence();
107 /* we have the optional version field */
108 if (M_ASN1_next == (V_ASN1_CONTEXT_SPECIFIC | V_ASN1_CONSTRUCTED | 0))
109 {
110 M_ASN1_D2I_get_EXP_opt(ret->version,d2i_ASN1_INTEGER,0);
111 if (ret->version->data != NULL)
112 ver=ret->version->data[0];
113 }
114 else
115 {
116 if (ret->version != NULL)
117 {
118 M_ASN1_INTEGER_free(ret->version);
119 ret->version=NULL;
120 }
121 }
122 M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
123 M_ASN1_D2I_get(ret->signature,d2i_X509_ALGOR);
124 M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
125 M_ASN1_D2I_get(ret->validity,d2i_X509_VAL);
126 M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
127 M_ASN1_D2I_get(ret->key,d2i_X509_PUBKEY);
128 if (ver >= 1) /* version 2 extensions */
129 {
130 if (ret->issuerUID != NULL)
131 {
132 M_ASN1_BIT_STRING_free(ret->issuerUID);
133 ret->issuerUID=NULL;
134 }
135 if (ret->subjectUID != NULL)
136 {
137 M_ASN1_BIT_STRING_free(ret->subjectUID);
138 ret->subjectUID=NULL;
139 }
140 M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING, 1,
141 V_ASN1_BIT_STRING);
142 M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2,
143 V_ASN1_BIT_STRING);
144 }
145/* Note: some broken certificates include extensions but don't set
146 * the version number properly. By bypassing this check they can
147 * be parsed.
148 */
149
150#ifdef VERSION_EXT_CHECK
151 if (ver >= 2) /* version 3 extensions */
152#endif
153 {
154 if (ret->extensions != NULL)
155 while (sk_X509_EXTENSION_num(ret->extensions))
156 X509_EXTENSION_free(
157 sk_X509_EXTENSION_pop(ret->extensions));
158 M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
159 d2i_X509_EXTENSION,
160 X509_EXTENSION_free,3,
161 V_ASN1_SEQUENCE);
162 }
163 M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF);
164 }
165
166X509_CINF *X509_CINF_new(void)
167 {
168 X509_CINF *ret=NULL;
169 ASN1_CTX c;
170
171 M_ASN1_New_Malloc(ret,X509_CINF);
172 ret->version=NULL;
173 M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
174 M_ASN1_New(ret->signature,X509_ALGOR_new);
175 M_ASN1_New(ret->issuer,X509_NAME_new);
176 M_ASN1_New(ret->validity,X509_VAL_new);
177 M_ASN1_New(ret->subject,X509_NAME_new);
178 M_ASN1_New(ret->key,X509_PUBKEY_new);
179 ret->issuerUID=NULL;
180 ret->subjectUID=NULL;
181 ret->extensions=NULL;
182 return(ret);
183 M_ASN1_New_Error(ASN1_F_X509_CINF_NEW);
184 }
185
186void X509_CINF_free(X509_CINF *a)
187 {
188 if (a == NULL) return;
189 M_ASN1_INTEGER_free(a->version);
190 M_ASN1_INTEGER_free(a->serialNumber);
191 X509_ALGOR_free(a->signature);
192 X509_NAME_free(a->issuer);
193 X509_VAL_free(a->validity);
194 X509_NAME_free(a->subject);
195 X509_PUBKEY_free(a->key);
196 M_ASN1_BIT_STRING_free(a->issuerUID);
197 M_ASN1_BIT_STRING_free(a->subjectUID);
198 sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
199 OPENSSL_free(a);
200 }
201
diff --git a/src/lib/libssl/src/crypto/asn1/x_long.c b/src/lib/libssl/src/crypto/asn1/x_long.c
index c04b192794..c5f25956cb 100644
--- a/src/lib/libssl/src/crypto/asn1/x_long.c
+++ b/src/lib/libssl/src/crypto/asn1/x_long.c
@@ -104,7 +104,12 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
104 long ltmp; 104 long ltmp;
105 unsigned long utmp; 105 unsigned long utmp;
106 int clen, pad, i; 106 int clen, pad, i;
107 ltmp = *(long *)pval; 107 /* this exists to bypass broken gcc optimization */
108 char *cp = (char *)pval;
109
110 /* use memcpy, because we may not be long aligned */
111 memcpy(&ltmp, cp, sizeof(long));
112
108 if(ltmp == it->size) return -1; 113 if(ltmp == it->size) return -1;
109 /* Convert the long to positive: we subtract one if negative so 114 /* Convert the long to positive: we subtract one if negative so
110 * we can cleanly handle the padding if only the MSB of the leading 115 * we can cleanly handle the padding if only the MSB of the leading
@@ -136,6 +141,7 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
136 int neg, i; 141 int neg, i;
137 long ltmp; 142 long ltmp;
138 unsigned long utmp = 0; 143 unsigned long utmp = 0;
144 char *cp = (char *)pval;
139 if(len > sizeof(long)) { 145 if(len > sizeof(long)) {
140 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); 146 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
141 return 0; 147 return 0;
@@ -158,6 +164,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
158 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); 164 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
159 return 0; 165 return 0;
160 } 166 }
161 *(long *)pval = ltmp; 167 memcpy(cp, &ltmp, sizeof(long));
162 return 1; 168 return 1;
163} 169}
diff --git a/src/lib/libssl/src/crypto/bf/Makefile.ssl b/src/lib/libssl/src/crypto/bf/Makefile.ssl
new file mode 100644
index 0000000000..e304d33732
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/Makefile.ssl
@@ -0,0 +1,120 @@
1#
2# SSLeay/crypto/blowfish/Makefile
3#
4
5DIR= bf
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20BF_ENC= bf_enc.o
21# or use
22#DES_ENC= bx86-elf.o
23
24CFLAGS= $(INCLUDES) $(CFLAG)
25
26GENERAL=Makefile
27TEST=bftest.c
28APPS=
29
30LIB=$(TOP)/libcrypto.a
31LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
32LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
33
34SRC= $(LIBSRC)
35
36EXHEADER= blowfish.h
37HEADER= bf_pi.h bf_locl.h $(EXHEADER)
38
39ALL= $(GENERAL) $(SRC) $(HEADER)
40
41top:
42 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
43
44all: lib
45
46lib: $(LIBOBJ)
47 $(AR) $(LIB) $(LIBOBJ)
48 $(RANLIB) $(LIB) || echo Never mind.
49 @touch lib
50
51# elf
52asm/bx86-elf.o: asm/bx86unix.cpp
53 $(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o
54
55# solaris
56asm/bx86-sol.o: asm/bx86unix.cpp
57 $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
58 as -o asm/bx86-sol.o asm/bx86-sol.s
59 rm -f asm/bx86-sol.s
60
61# a.out
62asm/bx86-out.o: asm/bx86unix.cpp
63 $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
64
65# bsdi
66asm/bx86bsdi.o: asm/bx86unix.cpp
67 $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o
68
69asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
70 (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)
71
72files:
73 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
74
75links:
76 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
77 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
78 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
79 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
80
81install: installs
82
83installs:
84 @for i in $(EXHEADER) ; \
85 do \
86 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
87 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
88 done;
89
90tags:
91 ctags $(SRC)
92
93tests:
94
95lint:
96 lint -DLINT $(INCLUDES) $(SRC)>fluff
97
98depend:
99 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
100
101dclean:
102 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
103 mv -f Makefile.new $(MAKEFILE)
104
105clean:
106 rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
107
108# DO NOT DELETE THIS LINE -- make depend depends on it.
109
110bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
111bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
112bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
113bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
114bf_ecb.o: bf_ecb.c bf_locl.h
115bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
116bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
117bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
118bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
119bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
120bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/src/lib/libssl/src/crypto/bio/Makefile.ssl b/src/lib/libssl/src/crypto/bio/Makefile.ssl
new file mode 100644
index 0000000000..e8826ae292
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/Makefile.ssl
@@ -0,0 +1,216 @@
1#
2# SSLeay/crypto/bio/Makefile
3#
4
5DIR= bio
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= bio_lib.c bio_cb.c bio_err.c \
27 bss_mem.c bss_null.c bss_fd.c \
28 bss_file.c bss_sock.c bss_conn.c \
29 bf_null.c bf_buff.c b_print.c b_dump.c \
30 b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
31# bf_lbuf.c
32LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
33 bss_mem.o bss_null.o bss_fd.o \
34 bss_file.o bss_sock.o bss_conn.o \
35 bf_null.o bf_buff.o b_print.o b_dump.o \
36 b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
37# bf_lbuf.o
38
39SRC= $(LIBSRC)
40
41EXHEADER= bio.h
42HEADER= bss_file.c $(EXHEADER)
43
44ALL= $(GENERAL) $(SRC) $(HEADER)
45
46top:
47 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
48
49all: lib
50
51lib: $(LIBOBJ)
52 $(AR) $(LIB) $(LIBOBJ)
53 $(RANLIB) $(LIB) || echo Never mind.
54 @touch lib
55
56files:
57 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
58
59links:
60 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
61 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
62 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
63 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
64
65install:
66 @for i in $(EXHEADER); \
67 do \
68 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
69 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
70 done;
71
72tags:
73 ctags $(SRC)
74
75tests:
76
77lint:
78 lint -DLINT $(INCLUDES) $(SRC)>fluff
79
80depend:
81 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
82
83dclean:
84 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
85 mv -f Makefile.new $(MAKEFILE)
86
87clean:
88 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
89
90# DO NOT DELETE THIS LINE -- make depend depends on it.
91
92b_dump.o: ../../e_os.h ../../include/openssl/bio.h
93b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
94b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
95b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
96b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
97b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
98b_dump.o: ../cryptlib.h b_dump.c
99b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
100b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
101b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
102b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
103b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
104b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
105b_print.o: ../cryptlib.h b_print.c
106b_sock.o: ../../e_os.h ../../include/openssl/bio.h
107b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
108b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
109b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
110b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
111b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
112b_sock.o: ../cryptlib.h b_sock.c
113bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
114bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
115bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
116bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
117bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
118bf_buff.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
119bf_buff.o: ../cryptlib.h bf_buff.c
120bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
121bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
122bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
123bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
124bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
125bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
126bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
127bf_nbio.o: ../cryptlib.h bf_nbio.c
128bf_null.o: ../../e_os.h ../../include/openssl/bio.h
129bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
130bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
131bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
132bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
133bf_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
134bf_null.o: ../cryptlib.h bf_null.c
135bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
136bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
137bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
138bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
139bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
140bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
141bio_cb.o: ../cryptlib.h bio_cb.c
142bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
143bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
144bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
145bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
146bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
147bio_err.o: bio_err.c
148bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
149bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
150bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
151bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
152bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
153bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
154bio_lib.o: ../cryptlib.h bio_lib.c
155bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
156bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
157bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
158bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
159bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
160bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
161bss_acpt.o: ../cryptlib.h bss_acpt.c
162bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
163bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
164bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
165bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
166bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
167bss_bio.o: ../../include/openssl/symhacks.h bss_bio.c
168bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
169bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
170bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
171bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
172bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
173bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
174bss_conn.o: ../cryptlib.h bss_conn.c
175bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
176bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
177bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
178bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
179bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
180bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
181bss_fd.o: ../cryptlib.h bss_fd.c
182bss_file.o: ../../e_os.h ../../include/openssl/bio.h
183bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
184bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
185bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
186bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
187bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
188bss_file.o: ../cryptlib.h bss_file.c
189bss_log.o: ../../e_os.h ../../include/openssl/bio.h
190bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
191bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
192bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
193bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
194bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
195bss_log.o: ../cryptlib.h bss_log.c
196bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
197bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
198bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
199bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
200bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
201bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
202bss_mem.o: ../cryptlib.h bss_mem.c
203bss_null.o: ../../e_os.h ../../include/openssl/bio.h
204bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
205bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
206bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
207bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
208bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
209bss_null.o: ../cryptlib.h bss_null.c
210bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
211bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
212bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
213bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
214bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
215bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
216bss_sock.o: ../cryptlib.h bss_sock.c
diff --git a/src/lib/libssl/src/crypto/bn/Makefile.ssl b/src/lib/libssl/src/crypto/bn/Makefile.ssl
new file mode 100644
index 0000000000..9d67fab1d6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/Makefile.ssl
@@ -0,0 +1,339 @@
1#
2# SSLeay/crypto/bn/Makefile
3#
4
5DIR= bn
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES= -I.. -I$(TOP) -I../../include
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20BN_ASM= bn_asm.o
21# or use
22#BN_ASM= bn86-elf.o
23
24CFLAGS= $(INCLUDES) $(CFLAG)
25
26# We let the C compiler driver to take care of .s files. This is done in
27# order to be excused from maintaining a separate set of architecture
28# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
29# gcc, then the driver will automatically translate it to -xarch=v8plus
30# and pass it down to assembler.
31AS=$(CC) -c
32ASFLAGS=$(CFLAGS)
33
34GENERAL=Makefile
35TEST=bntest.c exptest.c
36APPS=
37
38LIB=$(TOP)/libcrypto.a
39LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
40 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
41 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
42 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
43
44LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
45 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
46 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
47 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o
48
49SRC= $(LIBSRC)
50
51EXHEADER= bn.h
52HEADER= bn_lcl.h bn_prime.h $(EXHEADER)
53
54ALL= $(GENERAL) $(SRC) $(HEADER)
55
56top:
57 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
58
59all: lib
60
61bn_prime.h: bn_prime.pl
62 $(PERL) bn_prime.pl >bn_prime.h
63
64divtest: divtest.c ../../libcrypto.a
65 cc -I../../include divtest.c -o divtest ../../libcrypto.a
66
67bnbug: bnbug.c ../../libcrypto.a top
68 cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
69
70lib: $(LIBOBJ)
71 $(AR) $(LIB) $(LIBOBJ)
72 $(RANLIB) $(LIB) || echo Never mind.
73 @touch lib
74
75# elf
76asm/bn86-elf.o: asm/bn86unix.cpp
77 $(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o
78
79asm/co86-elf.o: asm/co86unix.cpp
80 $(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o
81
82# solaris
83asm/bn86-sol.o: asm/bn86unix.cpp
84 $(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s
85 as -o asm/bn86-sol.o asm/bn86-sol.s
86 rm -f asm/bn86-sol.s
87
88asm/co86-sol.o: asm/co86unix.cpp
89 $(CC) -E -DSOL asm/co86unix.cpp | sed 's/^#.*//' > asm/co86-sol.s
90 as -o asm/co86-sol.o asm/co86-sol.s
91 rm -f asm/co86-sol.s
92
93# a.out
94asm/bn86-out.o: asm/bn86unix.cpp
95 $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o
96
97asm/co86-out.o: asm/co86unix.cpp
98 $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o
99
100# bsdi
101asm/bn86bsdi.o: asm/bn86unix.cpp
102 $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o
103
104asm/co86bsdi.o: asm/co86unix.cpp
105 $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o
106
107asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
108 (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )
109
110asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
111 (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )
112
113asm/sparcv8.o: asm/sparcv8.S
114
115asm/sparcv8plus.o: asm/sparcv8plus.S
116
117# Old GNU assembler doesn't understand V9 instructions, so we
118# hire /usr/ccs/bin/as to do the job. Note that option is called
119# *-gcc27, but even gcc 2>=8 users may experience similar problem
120# if they didn't bother to upgrade GNU assembler. Such users should
121# not choose this option, but be adviced to *remove* GNU assembler
122# or upgrade it.
123asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S
124 $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \
125 /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o
126
127
128asm/ia64.o: asm/ia64.S
129
130# Some compiler drivers (most notably HP-UX and Intel C++) don't
131# understand .S extension:-( I wish I could pipe output from cc -E,
132# but it's too compiler driver/ABI dependent to cover with a single
133# rule... <appro@fy.chalmers.se>
134asm/ia64-cpp.o: asm/ia64.S
135 $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s && \
136 $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \
137 rm -f /tmp/ia64.$$$$.s
138
139files:
140 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
141
142links:
143 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
144 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
145 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
146 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
147
148install:
149 @for i in $(EXHEADER) ; \
150 do \
151 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
152 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
153 done;
154
155exptest:
156 rm -f exptest
157 gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
158
159div:
160 rm -f a.out
161 gcc -I.. -g div.c ../../libcrypto.a
162
163tags:
164 ctags $(SRC)
165
166tests:
167
168lint:
169 lint -DLINT $(INCLUDES) $(SRC)>fluff
170
171depend:
172 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
173
174dclean:
175 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
176 mv -f Makefile.new $(MAKEFILE)
177
178clean:
179 rm -f asm/co86unix.cpp asm/bn86unix.cpp *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
180
181# DO NOT DELETE THIS LINE -- make depend depends on it.
182
183bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
184bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
185bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
186bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
187bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
188bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
189bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h
190bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
191bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
192bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
193bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
194bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
195bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
196bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h
197bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
198bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
199bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
200bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
201bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
202bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
203bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h
204bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
205bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
206bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
207bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
208bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
209bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
210bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h
211bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
212bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
213bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
214bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
215bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
216bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
217bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h
218bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
219bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
220bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
221bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
222bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
223bn_err.o: ../../include/openssl/symhacks.h bn_err.c
224bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
225bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
226bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
227bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
228bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
229bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
230bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h
231bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
232bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
233bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
234bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
235bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
236bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
237bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h
238bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
239bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
240bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
241bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
242bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
243bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
244bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h
245bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
246bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h
247bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
248bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
249bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
250bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
251bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
252bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
253bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c
254bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
255bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
256bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
257bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
258bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
259bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
260bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c
261bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
262bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
263bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
264bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
265bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
266bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
267bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c
268bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
269bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
270bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
271bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
272bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
273bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
274bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c
275bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
276bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
277bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
278bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
279bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
280bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
281bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c
282bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
283bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
284bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
285bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
286bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
287bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
288bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
289bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
290bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
291bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
292bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
293bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
294bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
295bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
296bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c
297bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
298bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
299bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
300bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
301bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
302bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
303bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
304bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
305bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
306bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
307bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
308bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
309bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
310bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
311bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c
312bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
313bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
314bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
315bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
316bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
317bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
318bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c
319bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
320bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
321bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
322bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
323bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
324bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
325bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c
326bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
327bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
328bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
329bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
330bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
331bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
332bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c
333bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
334bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
335bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
336bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
337bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
338bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
339bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c
diff --git a/src/lib/libssl/src/crypto/buffer/Makefile.ssl b/src/lib/libssl/src/crypto/buffer/Makefile.ssl
new file mode 100644
index 0000000000..8ee016322a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/buffer/Makefile.ssl
@@ -0,0 +1,94 @@
1#
2# SSLeay/crypto/buffer/Makefile
3#
4
5DIR= buffer
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= buffer.c buf_err.c
27LIBOBJ= buffer.o buf_err.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= buffer.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
83buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
84buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
85buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
86buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
87buf_err.o: ../../include/openssl/symhacks.h buf_err.c
88buffer.o: ../../e_os.h ../../include/openssl/bio.h
89buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
90buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
91buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
92buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
93buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
94buffer.o: ../cryptlib.h buffer.c
diff --git a/src/lib/libssl/src/crypto/cast/Makefile.ssl b/src/lib/libssl/src/crypto/cast/Makefile.ssl
new file mode 100644
index 0000000000..a52217a6f7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/Makefile.ssl
@@ -0,0 +1,125 @@
1#
2# SSLeay/crypto/cast/Makefile
3#
4
5DIR= cast
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20CAST_ENC=c_enc.o
21# or use
22#CAST_ENC=asm/cx86-elf.o
23#CAST_ENC=asm/cx86-out.o
24#CAST_ENC=asm/cx86-sol.o
25#CAST_ENC=asm/cx86bdsi.o
26
27CFLAGS= $(INCLUDES) $(CFLAG)
28
29GENERAL=Makefile
30TEST=casttest.c
31APPS=
32
33LIB=$(TOP)/libcrypto.a
34LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
35LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
36
37SRC= $(LIBSRC)
38
39EXHEADER= cast.h
40HEADER= cast_s.h cast_lcl.h $(EXHEADER)
41
42ALL= $(GENERAL) $(SRC) $(HEADER)
43
44top:
45 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
46
47all: lib
48
49lib: $(LIBOBJ)
50 $(AR) $(LIB) $(LIBOBJ)
51 $(RANLIB) $(LIB) || echo Never mind.
52 @touch lib
53
54# elf
55asm/cx86-elf.o: asm/cx86unix.cpp
56 $(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o
57
58# solaris
59asm/cx86-sol.o: asm/cx86unix.cpp
60 $(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
61 as -o asm/cx86-sol.o asm/cx86-sol.s
62 rm -f asm/cx86-sol.s
63
64# a.out
65asm/cx86-out.o: asm/cx86unix.cpp
66 $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
67
68# bsdi
69asm/cx86bsdi.o: asm/cx86unix.cpp
70 $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o
71
72asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
73 (cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)
74
75files:
76 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
77
78links:
79 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
80 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
81 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
82 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
83
84install:
85 @for i in $(EXHEADER) ; \
86 do \
87 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
88 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
89 done;
90
91tags:
92 ctags $(SRC)
93
94tests:
95
96lint:
97 lint -DLINT $(INCLUDES) $(SRC)>fluff
98
99depend:
100 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
101
102dclean:
103 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
104 mv -f Makefile.new $(MAKEFILE)
105
106clean:
107 rm -f asm/cx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
108
109# DO NOT DELETE THIS LINE -- make depend depends on it.
110
111c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
112c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
113c_cfb64.o: c_cfb64.c cast_lcl.h
114c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
115c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
116c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
117c_enc.o: ../../e_os.h ../../include/openssl/cast.h
118c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
119c_enc.o: c_enc.c cast_lcl.h
120c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
121c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
122c_ofb64.o: c_ofb64.c cast_lcl.h
123c_skey.o: ../../e_os.h ../../include/openssl/cast.h
124c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
125c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/src/lib/libssl/src/crypto/comp/Makefile.ssl b/src/lib/libssl/src/crypto/comp/Makefile.ssl
new file mode 100644
index 0000000000..972cb9fbc3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/comp/Makefile.ssl
@@ -0,0 +1,114 @@
1#
2# SSLeay/crypto/comp/Makefile
3#
4
5DIR= comp
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= comp_lib.c comp_err.c \
27 c_rle.c c_zlib.c
28
29LIBOBJ= comp_lib.o comp_err.o \
30 c_rle.o c_zlib.o
31
32SRC= $(LIBSRC)
33
34EXHEADER= comp.h
35HEADER= $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49files:
50 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
51
52links:
53 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
54 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
55 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
56 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
57
58install:
59 @for i in $(EXHEADER) ; \
60 do \
61 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
62 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
63 done;
64
65tags:
66 ctags $(SRC)
67
68tests:
69
70lint:
71 lint -DLINT $(INCLUDES) $(SRC)>fluff
72
73depend:
74 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
75
76dclean:
77 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
78 mv -f Makefile.new $(MAKEFILE)
79
80clean:
81 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
82
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
86c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
87c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
88c_rle.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
89c_rle.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
90c_rle.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
91c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c
92c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
93c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
94c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
95c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
96c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
97c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
98c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
99c_zlib.o: c_zlib.c
100comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
101comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
102comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
103comp_err.o: ../../include/openssl/opensslconf.h
104comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
105comp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
106comp_err.o: comp_err.c
107comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
108comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
109comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
110comp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
111comp_lib.o: ../../include/openssl/opensslconf.h
112comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
113comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
114comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
diff --git a/src/lib/libssl/src/crypto/conf/Makefile.ssl b/src/lib/libssl/src/crypto/conf/Makefile.ssl
new file mode 100644
index 0000000000..d7489c87a2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/Makefile.ssl
@@ -0,0 +1,161 @@
1#
2# SSLeay/crypto/conf/Makefile
3#
4
5DIR= conf
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
27 conf_mall.c conf_sap.c
28
29LIBOBJ= conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
30 conf_mall.o conf_sap.o
31
32SRC= $(LIBSRC)
33
34EXHEADER= conf.h conf_api.h
35HEADER= conf_def.h $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49files:
50 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
51
52links:
53 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
54 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
55 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
56 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
57
58install:
59 @for i in $(EXHEADER) ; \
60 do \
61 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
62 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
63 done;
64
65tags:
66 ctags $(SRC)
67
68tests:
69
70lint:
71 lint -DLINT $(INCLUDES) $(SRC)>fluff
72
73depend:
74 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
75
76dclean:
77 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
78 mv -f Makefile.new $(MAKEFILE)
79
80clean:
81 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
82
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85conf_api.o: ../../e_os.h ../../include/openssl/bio.h
86conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
87conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
88conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
89conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
90conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
91conf_api.o: conf_api.c
92conf_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
93conf_def.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
94conf_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
95conf_def.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
96conf_def.o: ../../include/openssl/opensslconf.h
97conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
98conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
99conf_def.o: conf_def.c conf_def.h
100conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
101conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
102conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
103conf_err.o: ../../include/openssl/opensslconf.h
104conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
105conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
106conf_err.o: conf_err.c
107conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
108conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
109conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
110conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
111conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
112conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
113conf_lib.o: conf_lib.c
114conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h
115conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
116conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
117conf_mall.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
118conf_mall.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
119conf_mall.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
120conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
121conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
122conf_mall.o: ../../include/openssl/objects.h
123conf_mall.o: ../../include/openssl/opensslconf.h
124conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
125conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
126conf_mall.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
127conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
128conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
129conf_mall.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
130conf_mall.o: ../cryptlib.h conf_mall.c
131conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h
132conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
133conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
134conf_mod.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
135conf_mod.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
136conf_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
137conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
138conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
139conf_mod.o: ../../include/openssl/opensslconf.h
140conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
141conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
142conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
143conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
144conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
145conf_mod.o: ../cryptlib.h conf_mod.c
146conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h
147conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
148conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
149conf_sap.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
150conf_sap.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
151conf_sap.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
152conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
153conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
154conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
155conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
156conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
157conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
158conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
159conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
160conf_sap.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
161conf_sap.o: ../cryptlib.h conf_sap.c
diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c
index 31f2766246..5e194de60e 100644
--- a/src/lib/libssl/src/crypto/conf/conf_def.c
+++ b/src/lib/libssl/src/crypto/conf/conf_def.c
@@ -67,6 +67,7 @@
67#include "conf_def.h" 67#include "conf_def.h"
68#include <openssl/buffer.h> 68#include <openssl/buffer.h>
69#include <openssl/err.h> 69#include <openssl/err.h>
70#include "cryptlib.h"
70 71
71static char *eat_ws(CONF *conf, char *p); 72static char *eat_ws(CONF *conf, char *p);
72static char *eat_alpha_numeric(CONF *conf, char *p); 73static char *eat_alpha_numeric(CONF *conf, char *p);
@@ -208,12 +209,12 @@ static int def_load(CONF *conf, const char *name, long *line)
208static int def_load_bio(CONF *conf, BIO *in, long *line) 209static int def_load_bio(CONF *conf, BIO *in, long *line)
209 { 210 {
210#define BUFSIZE 512 211#define BUFSIZE 512
211 char btmp[16];
212 int bufnum=0,i,ii; 212 int bufnum=0,i,ii;
213 BUF_MEM *buff=NULL; 213 BUF_MEM *buff=NULL;
214 char *s,*p,*end; 214 char *s,*p,*end;
215 int again,n; 215 int again,n;
216 long eline=0; 216 long eline=0;
217 char btmp[DECIMAL_SIZE(eline)+1];
217 CONF_VALUE *v=NULL,*tv; 218 CONF_VALUE *v=NULL,*tv;
218 CONF_VALUE *sv=NULL; 219 CONF_VALUE *sv=NULL;
219 char *section=NULL,*buf; 220 char *section=NULL,*buf;
diff --git a/src/lib/libssl/src/crypto/conf/conf_mod.c b/src/lib/libssl/src/crypto/conf/conf_mod.c
index f92babc2e2..edcc08921c 100644
--- a/src/lib/libssl/src/crypto/conf/conf_mod.c
+++ b/src/lib/libssl/src/crypto/conf/conf_mod.c
@@ -230,7 +230,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
230 { 230 {
231 if (!(flags & CONF_MFLAGS_SILENT)) 231 if (!(flags & CONF_MFLAGS_SILENT))
232 { 232 {
233 char rcode[10]; 233 char rcode[DECIMAL_SIZE(ret)+1];
234 CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); 234 CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
235 sprintf(rcode, "%-8d", ret); 235 sprintf(rcode, "%-8d", ret);
236 ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); 236 ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h
index a0489e57fc..37ce7721fb 100644
--- a/src/lib/libssl/src/crypto/cryptlib.h
+++ b/src/lib/libssl/src/crypto/cryptlib.h
@@ -89,6 +89,9 @@ extern "C" {
89#define X509_CERT_DIR_EVP "SSL_CERT_DIR" 89#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
90#define X509_CERT_FILE_EVP "SSL_CERT_FILE" 90#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
91 91
92/* size of string represenations */
93#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
94
92#ifdef __cplusplus 95#ifdef __cplusplus
93} 96}
94#endif 97#endif
diff --git a/src/lib/libssl/src/crypto/cversion.c b/src/lib/libssl/src/crypto/cversion.c
index 8ecfba7b16..f7a1b7a4f0 100644
--- a/src/lib/libssl/src/crypto/cversion.c
+++ b/src/lib/libssl/src/crypto/cversion.c
@@ -61,7 +61,9 @@
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/crypto.h> 62#include <openssl/crypto.h>
63 63
64#ifndef NO_WINDOWS_BRAINDEATH
64#include "buildinf.h" 65#include "buildinf.h"
66#endif
65 67
66const char *SSLeay_version(int t) 68const char *SSLeay_version(int t)
67 { 69 {
diff --git a/src/lib/libssl/src/crypto/des/FILES b/src/lib/libssl/src/crypto/des/FILES
new file mode 100644
index 0000000000..4c7ea2de7a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/FILES
@@ -0,0 +1,96 @@
1/* General stuff */
2COPYRIGHT - Copyright info.
3MODES.DES - A description of the features of the different modes of DES.
4FILES - This file.
5INSTALL - How to make things compile.
6Imakefile - For use with kerberos.
7README - What this package is.
8VERSION - Which version this is and what was changed.
9KERBEROS - Kerberos version 4 notes.
10Makefile.PL - An old makefile to build with perl5, not current.
11Makefile.ssl - The SSLeay makefile
12Makefile.uni - The normal unix makefile.
13GNUmakefile - The makefile for use with glibc.
14makefile.bc - A Borland C makefile
15times - Some outputs from 'speed' on some machines.
16vms.com - For use when compiling under VMS
17
18/* My SunOS des(1) replacement */
19des.c - des(1) source code.
20des.man - des(1) manual.
21
22/* Testing and timing programs. */
23destest.c - Source for libdes.a test program.
24speed.c - Source for libdes.a timing program.
25rpw.c - Source for libdes.a testing password reading routines.
26
27/* libdes.a source code */
28des_crypt.man - libdes.a manual page.
29des.h - Public libdes.a header file.
30ecb_enc.c - des_ecb_encrypt() source, this contains the basic DES code.
31ecb3_enc.c - des_ecb3_encrypt() source.
32cbc_ckm.c - des_cbc_cksum() source.
33cbc_enc.c - des_cbc_encrypt() source.
34ncbc_enc.c - des_cbc_encrypt() that is 'normal' in that it copies
35 the new iv values back in the passed iv vector.
36ede_enc.c - des_ede3_cbc_encrypt() cbc mode des using triple DES.
37cbc3_enc.c - des_3cbc_encrypt() source, don't use this function.
38cfb_enc.c - des_cfb_encrypt() source.
39cfb64enc.c - des_cfb64_encrypt() cfb in 64 bit mode but setup to be
40 used as a stream cipher.
41cfb64ede.c - des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
42 used as a stream cipher and using triple DES.
43ofb_enc.c - des_cfb_encrypt() source.
44ofb64_enc.c - des_ofb_encrypt() ofb in 64 bit mode but setup to be
45 used as a stream cipher.
46ofb64ede.c - des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
47 used as a stream cipher and using triple DES.
48enc_read.c - des_enc_read() source.
49enc_writ.c - des_enc_write() source.
50pcbc_enc.c - des_pcbc_encrypt() source.
51qud_cksm.c - quad_cksum() source.
52rand_key.c - des_random_key() source.
53read_pwd.c - Source for des_read_password() plus related functions.
54set_key.c - Source for des_set_key().
55str2key.c - Covert a string of any length into a key.
56fcrypt.c - A small, fast version of crypt(3).
57des_locl.h - Internal libdes.a header file.
58podd.h - Odd parity tables - used in des_set_key().
59sk.h - Lookup tables used in des_set_key().
60spr.h - What is left of the S tables - used in ecb_encrypt().
61des_ver.h - header file for the external definition of the
62 version string.
63des.doc - SSLeay documentation for the library.
64
65/* The perl scripts - you can ignore these files they are only
66 * included for the curious */
67des.pl - des in perl anyone? des_set_key and des_ecb_encrypt
68 both done in a perl library.
69testdes.pl - Testing program for des.pl
70doIP - Perl script used to develop IP xor/shift code.
71doPC1 - Perl script used to develop PC1 xor/shift code.
72doPC2 - Generates sk.h.
73PC1 - Output of doPC1 should be the same as output from PC1.
74PC2 - used in development of doPC2.
75shifts.pl - Perl library used by my perl scripts.
76
77/* I started making a perl5 dynamic library for libdes
78 * but did not fully finish, these files are part of that effort. */
79DES.pm
80DES.pod
81DES.xs
82t
83typemap
84
85/* The following are for use with sun RPC implementaions. */
86rpc_des.h
87rpc_enc.c
88
89/* The following are contibuted by Mark Murray <mark@grondar.za>. They
90 * are not normally built into libdes due to machine specific routines
91 * contained in them. They are for use in the most recent incarnation of
92 * export kerberos v 4 (eBones). */
93supp.c
94new_rkey.c
95
96
diff --git a/src/lib/libssl/src/crypto/des/Makefile.ssl b/src/lib/libssl/src/crypto/des/Makefile.ssl
new file mode 100644
index 0000000000..473810bec1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/Makefile.ssl
@@ -0,0 +1,325 @@
1#
2# SSLeay/crypto/des/Makefile
3#
4
5DIR= des
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=-I$(TOP) -I../../include
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19RANLIB= ranlib
20DES_ENC= des_enc.o fcrypt_b.o
21# or use
22#DES_ENC= dx86-elf.o yx86-elf.o
23
24CFLAGS= $(INCLUDES) $(CFLAG)
25
26GENERAL=Makefile
27TEST=destest.c
28APPS=
29
30LIB=$(TOP)/libcrypto.a
31LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
32 ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \
33 fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \
34 qud_cksm.c rand_key.c rpc_enc.c set_key.c \
35 des_enc.c fcrypt_b.c \
36 xcbc_enc.c \
37 str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
38 read2pwd.c
39
40LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \
41 ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \
42 enc_read.o enc_writ.o ofb64enc.o \
43 ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
44 ${DES_ENC} \
45 fcrypt.o xcbc_enc.o rpc_enc.o cbc_cksm.o \
46 ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
47
48SRC= $(LIBSRC)
49
50EXHEADER= des.h des_old.h
51HEADER= des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
52
53ALL= $(GENERAL) $(SRC) $(HEADER)
54
55top:
56 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
57
58all: lib
59
60lib: $(LIBOBJ)
61 $(AR) $(LIB) $(LIBOBJ)
62 $(RANLIB) $(LIB) || echo Never mind.
63 @touch lib
64
65des: des.o cbc3_enc.o lib
66 $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
67
68# elf
69asm/dx86-elf.o: asm/dx86unix.cpp
70 $(CPP) -DELF -x c asm/dx86unix.cpp | as -o asm/dx86-elf.o
71
72asm/yx86-elf.o: asm/yx86unix.cpp
73 $(CPP) -DELF -x c asm/yx86unix.cpp | as -o asm/yx86-elf.o
74
75# solaris
76asm/dx86-sol.o: asm/dx86unix.cpp
77 $(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
78 as -o asm/dx86-sol.o asm/dx86-sol.s
79 rm -f asm/dx86-sol.s
80
81asm/yx86-sol.o: asm/yx86unix.cpp
82 $(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
83 as -o asm/yx86-sol.o asm/yx86-sol.s
84 rm -f asm/yx86-sol.s
85
86# a.out
87asm/dx86-out.o: asm/dx86unix.cpp
88 $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
89
90asm/yx86-out.o: asm/yx86unix.cpp
91 $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
92
93# bsdi
94asm/dx86bsdi.o: asm/dx86unix.cpp
95 $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
96
97asm/yx86bsdi.o: asm/yx86unix.cpp
98 $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
99
100asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
101 (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
102
103asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
104 (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
105
106files:
107 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
108
109links:
110 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
111 @sh $(TOP)/util/point.sh ../../perlasm asm/perlasm
112 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
113 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
114 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
115
116install: installs
117
118installs:
119 @for i in $(EXHEADER) ; \
120 do \
121 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
122 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
123 done;
124
125tags:
126 ctags $(SRC)
127
128tests:
129
130lint:
131 lint -DLINT $(INCLUDES) $(SRC)>fluff
132
133depend:
134 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
135
136dclean:
137 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
138 mv -f Makefile.new $(MAKEFILE)
139
140clean:
141 rm -f asm/dx86unix.cpp asm/yx86unix.cpp *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
142
143# DO NOT DELETE THIS LINE -- make depend depends on it.
144
145cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
146cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
147cbc_cksm.o: ../../include/openssl/opensslconf.h
148cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
149cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
150cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
151cbc_cksm.o: cbc_cksm.c des_locl.h
152cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
153cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
154cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
155cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
156cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
157cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c
158cfb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
159cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
160cfb64ede.o: ../../include/openssl/opensslconf.h
161cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
162cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
163cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
164cfb64ede.o: cfb64ede.c des_locl.h
165cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
166cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
167cfb64enc.o: ../../include/openssl/opensslconf.h
168cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
169cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
170cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
171cfb64enc.o: cfb64enc.c des_locl.h
172cfb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
173cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
174cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
175cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
176cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
177cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
178des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
179des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
180des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
181des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
182des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
183des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c
184des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
185des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
186des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
187des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
188des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
189des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
190des_old.o: ../../include/openssl/ui_compat.h des_old.c
191des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
192des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
193des_old2.o: ../../include/openssl/opensslconf.h
194des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
195des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
196des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
197des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
198des_old2.o: des_old2.c
199ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
200ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
201ecb3_enc.o: ../../include/openssl/opensslconf.h
202ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
203ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
204ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
205ecb3_enc.o: des_locl.h ecb3_enc.c
206ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
207ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
208ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
209ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
210ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
211ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ecb_enc.c spr.h
212ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
213ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
214ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
215ede_cbcm_enc.o: ../../include/openssl/opensslv.h
216ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
217ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
218ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
219enc_read.o: ../../e_os.h ../../include/openssl/bio.h
220enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
221enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
222enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
223enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
224enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
225enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
226enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
227enc_read.o: ../cryptlib.h des_locl.h enc_read.c
228enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
229enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
230enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
231enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
232enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
233enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
234enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
235enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
236enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
237enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
238fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
239fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
240fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
241fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
242fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
243fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c
244fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
245fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
246fcrypt_b.o: ../../include/openssl/opensslconf.h
247fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
248fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
249fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
250fcrypt_b.o: des_locl.h fcrypt_b.c
251ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
252ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
253ofb64ede.o: ../../include/openssl/opensslconf.h
254ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
255ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
256ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
257ofb64ede.o: des_locl.h ofb64ede.c
258ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
259ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
260ofb64enc.o: ../../include/openssl/opensslconf.h
261ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
262ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
263ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
264ofb64enc.o: des_locl.h ofb64enc.c
265ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
266ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
267ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
268ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
269ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
270ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c
271pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
272pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
273pcbc_enc.o: ../../include/openssl/opensslconf.h
274pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
275pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
276pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
277pcbc_enc.o: des_locl.h pcbc_enc.c
278qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
279qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
280qud_cksm.o: ../../include/openssl/opensslconf.h
281qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
282qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
283qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
284qud_cksm.o: des_locl.h qud_cksm.c
285rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
286rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
287rand_key.o: ../../include/openssl/opensslconf.h
288rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
289rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
290rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
291rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
292rand_key.o: rand_key.c
293read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
294read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
295read2pwd.o: ../../include/openssl/opensslconf.h
296read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
297read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
298read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
299read2pwd.o: read2pwd.c
300rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
301rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
302rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
303rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
304rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
305rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h
306rpc_enc.o: rpc_enc.c
307set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
308set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
309set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
310set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
311set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
312set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c
313str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
314str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
315str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
316str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
317str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
318str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c
319xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
320xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
321xcbc_enc.o: ../../include/openssl/opensslconf.h
322xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
323xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
324xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
325xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/src/lib/libssl/src/crypto/des/des.h b/src/lib/libssl/src/crypto/des/des.h
index 4cb9d84fdf..dfe5ff64e4 100644
--- a/src/lib/libssl/src/crypto/des/des.h
+++ b/src/lib/libssl/src/crypto/des/des.h
@@ -71,6 +71,8 @@
71# define OPENSSL_EXTERN OPENSSL_EXPORT 71# define OPENSSL_EXTERN OPENSSL_EXPORT
72#endif 72#endif
73 73
74#define des_SPtrans DES_SPtrans
75
74#ifdef __cplusplus 76#ifdef __cplusplus
75extern "C" { 77extern "C" {
76#endif 78#endif
diff --git a/src/lib/libssl/src/crypto/des/des_old.h b/src/lib/libssl/src/crypto/des/des_old.h
index 3778f93c15..2bb5fa9d1b 100644
--- a/src/lib/libssl/src/crypto/des/des_old.h
+++ b/src/lib/libssl/src/crypto/des/des_old.h
@@ -173,10 +173,6 @@ typedef struct _ossl_old_des_ks_struct
173 DES_fcrypt((b),(s),(r)) 173 DES_fcrypt((b),(s),(r))
174#define des_crypt(b,s)\ 174#define des_crypt(b,s)\
175 DES_crypt((b),(s)) 175 DES_crypt((b),(s))
176#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
177#define crypt(b,s)\
178 DES_crypt((b),(s))
179#endif
180#define des_ofb_encrypt(i,o,n,l,k,iv)\ 176#define des_ofb_encrypt(i,o,n,l,k,iv)\
181 DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv)) 177 DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
182#define des_pcbc_encrypt(i,o,l,k,iv,e)\ 178#define des_pcbc_encrypt(i,o,l,k,iv,e)\
diff --git a/src/lib/libssl/src/crypto/des/fcrypt.c b/src/lib/libssl/src/crypto/des/fcrypt.c
index 2758c32656..387d97f28d 100644
--- a/src/lib/libssl/src/crypto/des/fcrypt.c
+++ b/src/lib/libssl/src/crypto/des/fcrypt.c
@@ -1,13 +1,5 @@
1/* NOCW */ 1/* NOCW */
2#include <stdio.h> 2#include <stdio.h>
3#ifdef _OSD_POSIX
4#ifndef CHARSET_EBCDIC
5#define CHARSET_EBCDIC 1
6#endif
7#endif
8#ifdef CHARSET_EBCDIC
9#include <openssl/ebcdic.h>
10#endif
11 3
12/* This version of crypt has been developed from my MIT compatible 4/* This version of crypt has been developed from my MIT compatible
13 * DES library. 5 * DES library.
diff --git a/src/lib/libssl/src/crypto/des/read_pwd.c b/src/lib/libssl/src/crypto/des/read_pwd.c
index 00000190f8..54e0e2e6b6 100644
--- a/src/lib/libssl/src/crypto/des/read_pwd.c
+++ b/src/lib/libssl/src/crypto/des/read_pwd.c
@@ -211,7 +211,7 @@ static int noecho_fgets(char *buf, int size, FILE *tty);
211#endif 211#endif
212static jmp_buf save; 212static jmp_buf save;
213 213
214int des_read_pw_string(char *buf, int length, const char *prompt, 214int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
215 int verify) 215 int verify)
216 { 216 {
217 char buff[BUFSIZ]; 217 char buff[BUFSIZ];
diff --git a/src/lib/libssl/src/crypto/dh/Makefile.ssl b/src/lib/libssl/src/crypto/dh/Makefile.ssl
new file mode 100644
index 0000000000..a38a3e85c4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/Makefile.ssl
@@ -0,0 +1,136 @@
1#
2# SSLeay/crypto/dh/Makefile
3#
4
5DIR= dh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST= dhtest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
27LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= dh.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
83dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
84dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
85dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
86dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
87dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
88dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
89dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
90dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
91dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
92dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
93dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
94dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
95dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
96dh_check.o: ../../include/openssl/opensslconf.h
97dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
98dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
99dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
100dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
101dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
102dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
103dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
104dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
105dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
106dh_err.o: ../../include/openssl/symhacks.h dh_err.c
107dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
108dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
109dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
110dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
111dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
112dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
113dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
114dh_gen.o: ../cryptlib.h dh_gen.c
115dh_key.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
116dh_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
117dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
118dh_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
119dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
120dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
121dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
122dh_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
123dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
124dh_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
125dh_key.o: ../cryptlib.h dh_key.c
126dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
127dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
128dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
129dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
130dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
131dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
132dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
133dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
134dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
135dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
136dh_lib.o: ../cryptlib.h dh_lib.c
diff --git a/src/lib/libssl/src/crypto/dh/dh.h b/src/lib/libssl/src/crypto/dh/dh.h
index 05851f8429..d51dc130f4 100644
--- a/src/lib/libssl/src/crypto/dh/dh.h
+++ b/src/lib/libssl/src/crypto/dh/dh.h
@@ -101,7 +101,7 @@ struct dh_st
101 int version; 101 int version;
102 BIGNUM *p; 102 BIGNUM *p;
103 BIGNUM *g; 103 BIGNUM *g;
104 long length; /* optional */ 104 int length; /* optional */
105 BIGNUM *pub_key; /* g^x */ 105 BIGNUM *pub_key; /* g^x */
106 BIGNUM *priv_key; /* x */ 106 BIGNUM *priv_key; /* x */
107 107
diff --git a/src/lib/libssl/src/crypto/dsa/Makefile.ssl b/src/lib/libssl/src/crypto/dsa/Makefile.ssl
new file mode 100644
index 0000000000..c1859abe08
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/Makefile.ssl
@@ -0,0 +1,169 @@
1#
2# SSLeay/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=dsatest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
27 dsa_err.c dsa_ossl.c
28LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
29 dsa_err.o dsa_ossl.o
30
31SRC= $(LIBSRC)
32
33EXHEADER= dsa.h
34HEADER= $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48files:
49 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
50
51links:
52 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
53 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
54 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
55 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
56
57install:
58 @for i in $(EXHEADER) ; \
59 do \
60 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
61 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
62 done;
63
64tags:
65 ctags $(SRC)
66
67tests:
68
69lint:
70 lint -DLINT $(INCLUDES) $(SRC)>fluff
71
72depend:
73 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
74
75dclean:
76 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
77 mv -f Makefile.new $(MAKEFILE)
78
79clean:
80 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
81
82# DO NOT DELETE THIS LINE -- make depend depends on it.
83
84dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
85dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
86dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
87dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
88dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
89dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
90dsa_asn1.o: ../../include/openssl/opensslconf.h
91dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
92dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
93dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
94dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
95dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
96dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
97dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
98dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
99dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
100dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
101dsa_err.o: dsa_err.c
102dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
103dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
104dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
105dsa_gen.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
106dsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
107dsa_gen.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
108dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
109dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
110dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
111dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
112dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
113dsa_gen.o: ../cryptlib.h dsa_gen.c
114dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
115dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
116dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
117dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
118dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
119dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
120dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
121dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
122dsa_key.o: ../cryptlib.h dsa_key.c
123dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
124dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
125dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
126dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
127dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
128dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
129dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
130dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
131dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
132dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
133dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
134dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
135dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
136dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
137dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
138dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
139dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
140dsa_ossl.o: ../../include/openssl/opensslconf.h
141dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
142dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
143dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
144dsa_ossl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
145dsa_ossl.o: ../cryptlib.h dsa_ossl.c
146dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
147dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
148dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
149dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
150dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
151dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
152dsa_sign.o: ../../include/openssl/opensslconf.h
153dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
154dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
155dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
156dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
157dsa_sign.o: ../cryptlib.h dsa_sign.c
158dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
159dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
160dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
161dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
162dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
163dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
164dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
165dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
166dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
167dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
168dsa_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
169dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c
index ef87c3e637..bf718c1c6d 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_key.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c
@@ -64,6 +64,8 @@
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66 66
67extern int __BN_rand_range(BIGNUM *r, BIGNUM *range);
68
67int DSA_generate_key(DSA *dsa) 69int DSA_generate_key(DSA *dsa)
68 { 70 {
69 int ok=0; 71 int ok=0;
@@ -80,7 +82,7 @@ int DSA_generate_key(DSA *dsa)
80 priv_key=dsa->priv_key; 82 priv_key=dsa->priv_key;
81 83
82 do 84 do
83 if (!BN_rand_range(priv_key,dsa->q)) goto err; 85 if (!__BN_rand_range(priv_key,dsa->q)) goto err;
84 while (BN_is_zero(priv_key)); 86 while (BN_is_zero(priv_key));
85 87
86 if (dsa->pub_key == NULL) 88 if (dsa->pub_key == NULL)
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
index 37dd5fc994..07addc94d9 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
@@ -66,6 +66,8 @@
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67#include <openssl/engine.h> 67#include <openssl/engine.h>
68 68
69int __BN_rand_range(BIGNUM *r, BIGNUM *range);
70
69static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); 71static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
70static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); 72static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
71static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, 73static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
@@ -191,7 +193,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
191 193
192 /* Get random k */ 194 /* Get random k */
193 do 195 do
194 if (!BN_rand_range(&k, dsa->q)) goto err; 196 if (!__BN_rand_range(&k, dsa->q)) goto err;
195 while (BN_is_zero(&k)); 197 while (BN_is_zero(&k));
196 198
197 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) 199 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
@@ -342,3 +344,55 @@ static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
342{ 344{
343 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); 345 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
344} 346}
347
348
349/* random number r: 0 <= r < range */
350int __BN_rand_range(BIGNUM *r, BIGNUM *range)
351 {
352 int n;
353
354 if (range->neg || BN_is_zero(range))
355 {
356 /* BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE); */
357 return 0;
358 }
359
360 n = BN_num_bits(range); /* n > 0 */
361
362 if (n == 1)
363 {
364 if (!BN_zero(r)) return 0;
365 }
366 else if (BN_is_bit_set(range, n - 2))
367 {
368 do
369 {
370 /* range = 11..._2, so each iteration succeeds with probability >= .75 */
371 if (!BN_rand(r, n, -1, 0)) return 0;
372 }
373 while (BN_cmp(r, range) >= 0);
374 }
375 else
376 {
377 /* range = 10..._2,
378 * so 3*range (= 11..._2) is exactly one bit longer than range */
379 do
380 {
381 if (!BN_rand(r, n + 1, -1, 0)) return 0;
382 /* If r < 3*range, use r := r MOD range
383 * (which is either r, r - range, or r - 2*range).
384 * Otherwise, iterate once more.
385 * Since 3*range = 11..._2, each iteration succeeds with
386 * probability >= .75. */
387 if (BN_cmp(r ,range) >= 0)
388 {
389 if (!BN_sub(r, r, range)) return 0;
390 if (BN_cmp(r, range) >= 0)
391 if (!BN_sub(r, r, range)) return 0;
392 }
393 }
394 while (BN_cmp(r, range) >= 0);
395 }
396
397 return 1;
398 }
diff --git a/src/lib/libssl/src/crypto/dso/Makefile.ssl b/src/lib/libssl/src/crypto/dso/Makefile.ssl
new file mode 100644
index 0000000000..1f48fdb8a7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dso/Makefile.ssl
@@ -0,0 +1,142 @@
1#
2# SSLeay/crypto/dso/Makefile
3#
4
5DIR= dso
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
27 dso_openssl.c dso_win32.c dso_vms.c
28LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
29 dso_openssl.o dso_win32.o dso_vms.o
30
31SRC= $(LIBSRC)
32
33EXHEADER= dso.h
34HEADER= $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48files:
49 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
50
51links:
52 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
53 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
54 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
55 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
56
57install:
58 @for i in $(EXHEADER) ; \
59 do \
60 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
61 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
62 done;
63
64tags:
65 ctags $(SRC)
66
67tests:
68
69lint:
70 lint -DLINT $(INCLUDES) $(SRC)>fluff
71
72depend:
73 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
74
75dclean:
76 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
77 mv -f Makefile.new $(MAKEFILE)
78
79clean:
80 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
81
82# DO NOT DELETE THIS LINE -- make depend depends on it.
83
84dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
85dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
86dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
87dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
88dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
89dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
90dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dl.c
91dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
92dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
93dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
94dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
95dso_dlfcn.o: ../../include/openssl/opensslconf.h
96dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
97dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
98dso_dlfcn.o: ../cryptlib.h dso_dlfcn.c
99dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
100dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
101dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
102dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
103dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
104dso_err.o: ../../include/openssl/symhacks.h dso_err.c
105dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
106dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
108dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
109dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
110dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
111dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_lib.c
112dso_null.o: ../../e_os.h ../../include/openssl/bio.h
113dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
114dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
115dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
116dso_null.o: ../../include/openssl/opensslconf.h
117dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
118dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
119dso_null.o: ../cryptlib.h dso_null.c
120dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
121dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
122dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
123dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
124dso_openssl.o: ../../include/openssl/opensslconf.h
125dso_openssl.o: ../../include/openssl/opensslv.h
126dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
127dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
128dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
129dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
130dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
131dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
132dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
133dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
134dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_vms.c
135dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
136dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
137dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
138dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
139dso_win32.o: ../../include/openssl/opensslconf.h
140dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
141dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
142dso_win32.o: ../cryptlib.h dso_win32.c
diff --git a/src/lib/libssl/src/crypto/ec/Makefile.ssl b/src/lib/libssl/src/crypto/ec/Makefile.ssl
new file mode 100644
index 0000000000..fb6f22130f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ec/Makefile.ssl
@@ -0,0 +1,128 @@
1#
2# crypto/ec/Makefile
3#
4
5DIR= ec
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=ectest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \
27 ec_err.c
28
29LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \
30 ec_err.o
31
32SRC= $(LIBSRC)
33
34EXHEADER= ec.h
35HEADER= ec_lcl.h $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49files:
50 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
51
52links:
53 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
54 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
55 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
56 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
57
58install:
59 @for i in $(EXHEADER) ; \
60 do \
61 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
62 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
63 done;
64
65tags:
66 ctags $(SRC)
67
68tests:
69
70lint:
71 lint -DLINT $(INCLUDES) $(SRC)>fluff
72
73depend:
74 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
75
76dclean:
77 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
78 mv -f Makefile.new $(MAKEFILE)
79
80clean:
81 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
82
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
86ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
87ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
88ec_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
89ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
90ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
91ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
92ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
93ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
94ec_err.o: ec_err.c
95ec_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
96ec_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
97ec_lib.o: ../../include/openssl/ec.h ../../include/openssl/err.h
98ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
99ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
100ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
101ec_lib.o: ec_lcl.h ec_lib.c
102ec_mult.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
103ec_mult.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
104ec_mult.o: ../../include/openssl/ec.h ../../include/openssl/err.h
105ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
106ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
107ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
108ec_mult.o: ec_lcl.h ec_mult.c
109ecp_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
110ecp_mont.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
111ecp_mont.o: ../../include/openssl/ec.h ../../include/openssl/err.h
112ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
113ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
114ecp_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
115ecp_mont.o: ec_lcl.h ecp_mont.c
116ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
117ecp_nist.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
118ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
119ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
120ecp_recp.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
121ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c
122ecp_smpl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
123ecp_smpl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
124ecp_smpl.o: ../../include/openssl/ec.h ../../include/openssl/err.h
125ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
126ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
127ecp_smpl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
128ecp_smpl.o: ec_lcl.h ecp_smpl.c
diff --git a/src/lib/libssl/src/crypto/engine/Makefile.ssl b/src/lib/libssl/src/crypto/engine/Makefile.ssl
new file mode 100644
index 0000000000..8ee3b7d2dd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/engine/Makefile.ssl
@@ -0,0 +1,453 @@
1#
2# OpenSSL/crypto/engine/Makefile
3#
4
5DIR= engine
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST= enginetest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
27 eng_table.c eng_pkey.c eng_fat.c eng_all.c \
28 tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
29 eng_openssl.c eng_dyn.c eng_cnf.c \
30 hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
31 hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c
32LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
33 eng_table.o eng_pkey.o eng_fat.o eng_all.o \
34 tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
35 eng_openssl.o eng_dyn.o eng_cnf.o \
36 hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
37 hw_cryptodev.o hw_aep.o hw_sureware.o hw_4758_cca.o
38
39SRC= $(LIBSRC)
40
41EXHEADER= engine.h
42HEADER= $(EXHEADER)
43
44ALL= $(GENERAL) $(SRC) $(HEADER)
45
46top:
47 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
48
49all: lib
50
51lib: $(LIBOBJ)
52 $(AR) $(LIB) $(LIBOBJ)
53 $(RANLIB) $(LIB)
54 @touch lib
55
56files:
57 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
58
59links:
60 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
61 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
62 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
63 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
64
65install:
66 @for i in $(EXHEADER) ; \
67 do \
68 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
69 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
70 done;
71
72tags:
73 ctags $(SRC)
74
75errors:
76 $(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \
77 -nostatic -staticloader -write hw_*.c
78
79tests:
80
81lint:
82 lint -DLINT $(INCLUDES) $(SRC)>fluff
83
84depend:
85 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
86
87dclean:
88 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
89 mv -f Makefile.new $(MAKEFILE)
90
91clean:
92 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
93
94# DO NOT DELETE THIS LINE -- make depend depends on it.
95
96eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
97eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
98eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
99eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
100eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
101eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
102eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
103eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
104eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
105eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h
106eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
107eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
108eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
109eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
110eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
111eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
112eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
113eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
114eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
115eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
116eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
117eng_cnf.o: ../cryptlib.h eng_cnf.c
118eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
119eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
120eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
121eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
122eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
123eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
124eng_ctrl.o: ../../include/openssl/opensslconf.h
125eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
126eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
127eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
128eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
129eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h
130eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
131eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
132eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
133eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
134eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
135eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
136eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
137eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
138eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
139eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
140eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
141eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
142eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
143eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
144eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
145eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
146eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
147eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
148eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
149eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
150eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
151eng_err.o: ../../include/openssl/ui.h eng_err.c
152eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
153eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
154eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
155eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
156eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
157eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
158eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
159eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
160eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
161eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
162eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
163eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
164eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
165eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
166eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
167eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
168eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
169eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
170eng_init.o: ../../include/openssl/opensslconf.h
171eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
172eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
173eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
174eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
175eng_init.o: ../cryptlib.h eng_init.c eng_int.h
176eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
177eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
178eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
179eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
180eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
181eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
182eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
183eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
184eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
185eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
186eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c
187eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
188eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
189eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
190eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
191eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
192eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
193eng_list.o: ../../include/openssl/opensslconf.h
194eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
195eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
196eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
197eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
198eng_list.o: ../cryptlib.h eng_int.h eng_list.c
199eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h
200eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
201eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
202eng_openssl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
203eng_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
204eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
205eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
206eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
207eng_openssl.o: ../../include/openssl/opensslconf.h
208eng_openssl.o: ../../include/openssl/opensslv.h
209eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
210eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
211eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc4.h
212eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
213eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
214eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
215eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
216eng_openssl.o: ../cryptlib.h eng_openssl.c
217eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
218eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
219eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
220eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
221eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
222eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
223eng_pkey.o: ../../include/openssl/opensslconf.h
224eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
225eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
226eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
227eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
228eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c
229eng_table.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
230eng_table.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
231eng_table.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
232eng_table.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
233eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h
234eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
235eng_table.o: ../../include/openssl/objects.h
236eng_table.o: ../../include/openssl/opensslconf.h
237eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
238eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
239eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
240eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
241eng_table.o: eng_int.h eng_table.c
242hw_4758_cca.o: ../../e_os.h ../../include/openssl/asn1.h
243hw_4758_cca.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
244hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
245hw_4758_cca.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
246hw_4758_cca.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
247hw_4758_cca.o: ../../include/openssl/engine.h ../../include/openssl/err.h
248hw_4758_cca.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
249hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
250hw_4758_cca.o: ../../include/openssl/opensslconf.h
251hw_4758_cca.o: ../../include/openssl/opensslv.h
252hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
253hw_4758_cca.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
254hw_4758_cca.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
255hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
256hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
257hw_4758_cca.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_4758_cca.c
258hw_4758_cca.o: hw_4758_cca_err.c hw_4758_cca_err.h vendor_defns/hw_4758_cca.h
259hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
260hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
261hw_aep.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
262hw_aep.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
263hw_aep.o: ../../include/openssl/engine.h ../../include/openssl/err.h
264hw_aep.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
265hw_aep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
266hw_aep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
267hw_aep.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
268hw_aep.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h hw_aep.c
269hw_aep.o: hw_aep_err.c hw_aep_err.h vendor_defns/aep.h
270hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h
271hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
272hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
273hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
274hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
275hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h
276hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
277hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
278hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
279hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
280hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
281hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h
282hw_atalla.o: vendor_defns/atalla.h
283hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h
284hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
285hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
286hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
287hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
288hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h
289hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
290hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
291hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
292hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
293hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
294hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h
295hw_cswift.o: vendor_defns/cswift.h
296hw_ncipher.o: ../../e_os.h ../../include/openssl/asn1.h
297hw_ncipher.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
298hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
299hw_ncipher.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
300hw_ncipher.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
301hw_ncipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h
302hw_ncipher.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
303hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
304hw_ncipher.o: ../../include/openssl/opensslconf.h
305hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
306hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
307hw_ncipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
308hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
309hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
310hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
311hw_ncipher.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
312hw_ncipher.o: ../cryptlib.h hw_ncipher.c hw_ncipher_err.c hw_ncipher_err.h
313hw_ncipher.o: vendor_defns/hwcryptohook.h
314hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h
315hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
316hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
317hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
318hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
319hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h
320hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
321hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
322hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
323hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
324hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
325hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h
326hw_cryptodev.o: ../../include/openssl/asn1.h
327hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
328hw_cryptodev.o: ../../include/openssl/conf.h
329hw_cryptodev.o: ../../include/openssl/crypto.h
330hw_cryptodev.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
331hw_cryptodev.o: ../../include/openssl/e_os2.h
332hw_cryptodev.o: ../../include/openssl/engine.h
333hw_cryptodev.o: ../../include/openssl/err.h
334hw_cryptodev.o: ../../include/openssl/evp.h
335hw_cryptodev.o: ../../include/openssl/lhash.h
336hw_cryptodev.o: ../../include/openssl/obj_mac.h
337hw_cryptodev.o: ../../include/openssl/objects.h
338hw_cryptodev.o: ../../include/openssl/opensslconf.h
339hw_cryptodev.o: ../../include/openssl/opensslv.h
340hw_cryptodev.o: ../../include/openssl/ossl_typ.h
341hw_cryptodev.o: ../../include/openssl/rand.h
342hw_cryptodev.o: ../../include/openssl/rsa.h
343hw_cryptodev.o: ../../include/openssl/safestack.h
344hw_cryptodev.o: ../../include/openssl/stack.h
345hw_cryptodev.o: ../../include/openssl/symhacks.h
346hw_cryptodev.o: ../../include/openssl/ui.h ../evp/evp_locl.h eng_int.h
347hw_cryptodev.o: hw_cryptodev.c
348hw_sureware.o: ../../e_os.h ../../include/openssl/asn1.h
349hw_sureware.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
350hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
351hw_sureware.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
352hw_sureware.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
353hw_sureware.o: ../../include/openssl/engine.h ../../include/openssl/err.h
354hw_sureware.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
355hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
356hw_sureware.o: ../../include/openssl/opensslconf.h
357hw_sureware.o: ../../include/openssl/opensslv.h
358hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
359hw_sureware.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
360hw_sureware.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
361hw_sureware.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
362hw_sureware.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
363hw_sureware.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
364hw_sureware.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
365hw_sureware.o: engine.h hw_sureware.c hw_sureware_err.c hw_sureware_err.h
366hw_sureware.o: vendor_defns/sureware.h
367hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h
368hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
369hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
370hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
371hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
372hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h
373hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
374hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
375hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
376hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
377hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
378hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h
379hw_ubsec.o: vendor_defns/hw_ubsec.h
380tb_cipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
381tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
382tb_cipher.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
383tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
384tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
385tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
386tb_cipher.o: ../../include/openssl/objects.h
387tb_cipher.o: ../../include/openssl/opensslconf.h
388tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
389tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
390tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
391tb_cipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
392tb_cipher.o: eng_int.h tb_cipher.c
393tb_dh.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
394tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
395tb_dh.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
396tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
397tb_dh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
398tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
399tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
400tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
401tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
402tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
403tb_dh.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h eng_int.h
404tb_dh.o: tb_dh.c
405tb_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
406tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
407tb_digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
408tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
409tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
410tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
411tb_digest.o: ../../include/openssl/objects.h
412tb_digest.o: ../../include/openssl/opensslconf.h
413tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
414tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
415tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
416tb_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
417tb_digest.o: eng_int.h tb_digest.c
418tb_dsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
419tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
420tb_dsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
421tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
422tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
423tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
424tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
425tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
426tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
427tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
428tb_dsa.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h eng_int.h
429tb_dsa.o: tb_dsa.c
430tb_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
431tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
432tb_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
433tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
434tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
435tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
436tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
437tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
438tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
439tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
440tb_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
441tb_rand.o: eng_int.h tb_rand.c
442tb_rsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
443tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
444tb_rsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
445tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
446tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
447tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
448tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
449tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
450tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
451tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
452tb_rsa.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h eng_int.h
453tb_rsa.o: tb_rsa.c
diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c
index b3030fe505..a35b3db9e8 100644
--- a/src/lib/libssl/src/crypto/engine/eng_all.c
+++ b/src/lib/libssl/src/crypto/engine/eng_all.c
@@ -60,6 +60,10 @@
60#include <openssl/engine.h> 60#include <openssl/engine.h>
61#include "eng_int.h" 61#include "eng_int.h"
62 62
63#ifdef __OpenBSD__
64static int openbsd_default_loaded = 0;
65#endif
66
63void ENGINE_load_builtin_engines(void) 67void ENGINE_load_builtin_engines(void)
64 { 68 {
65 /* There's no longer any need for an "openssl" ENGINE unless, one day, 69 /* There's no longer any need for an "openssl" ENGINE unless, one day,
@@ -92,11 +96,23 @@ void ENGINE_load_builtin_engines(void)
92#ifndef OPENSSL_NO_HW_SUREWARE 96#ifndef OPENSSL_NO_HW_SUREWARE
93 ENGINE_load_sureware(); 97 ENGINE_load_sureware();
94#endif 98#endif
95#ifndef OPENSSL_NO_HW_4758_CCA
96 ENGINE_load_4758cca();
97#endif
98#ifdef OPENSSL_OPENBSD_DEV_CRYPTO 99#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
99 ENGINE_load_openbsd_dev_crypto(); 100 ENGINE_load_openbsd_dev_crypto();
100#endif 101#endif
102#ifdef __OpenBSD__
103 ENGINE_load_cryptodev();
104#endif
101#endif 105#endif
102 } 106 }
107
108#ifdef __OpenBSD__
109void ENGINE_setup_openbsd(void) {
110 if (!openbsd_default_loaded) {
111 ENGINE_load_cryptodev();
112 ENGINE_register_all_complete();
113 }
114 openbsd_default_loaded=1;
115}
116#endif
117
118
diff --git a/src/lib/libssl/src/crypto/engine/eng_init.c b/src/lib/libssl/src/crypto/engine/eng_init.c
index 98caa21e32..170c1791b3 100644
--- a/src/lib/libssl/src/crypto/engine/eng_init.c
+++ b/src/lib/libssl/src/crypto/engine/eng_init.c
@@ -93,7 +93,7 @@ int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
93 * there's a chance that both threads will together take the count from 93 * there's a chance that both threads will together take the count from
94 * 2 to 0 without either calling finish(). */ 94 * 2 to 0 without either calling finish(). */
95 e->funct_ref--; 95 e->funct_ref--;
96 engine_ref_debug(e, 1, -1) 96 engine_ref_debug(e, 1, -1);
97 if((e->funct_ref == 0) && e->finish) 97 if((e->funct_ref == 0) && e->finish)
98 { 98 {
99 if(unlock_for_handlers) 99 if(unlock_for_handlers)
diff --git a/src/lib/libssl/src/crypto/engine/engine.h b/src/lib/libssl/src/crypto/engine/engine.h
index cf06618286..97f5de9e12 100644
--- a/src/lib/libssl/src/crypto/engine/engine.h
+++ b/src/lib/libssl/src/crypto/engine/engine.h
@@ -309,7 +309,10 @@ void ENGINE_load_sureware(void);
309void ENGINE_load_4758cca(void); 309void ENGINE_load_4758cca(void);
310void ENGINE_load_openbsd_dev_crypto(void); 310void ENGINE_load_openbsd_dev_crypto(void);
311void ENGINE_load_builtin_engines(void); 311void ENGINE_load_builtin_engines(void);
312 312#ifdef __OpenBSD__
313void ENGINE_load_cryptodev(void);
314#endif
315
313/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation 316/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
314 * "registry" handling. */ 317 * "registry" handling. */
315unsigned int ENGINE_get_table_flags(void); 318unsigned int ENGINE_get_table_flags(void);
diff --git a/src/lib/libssl/src/crypto/engine/hw_4758_cca.c b/src/lib/libssl/src/crypto/engine/hw_4758_cca.c
index 77d3d2ffdf..0ca2f920dc 100644
--- a/src/lib/libssl/src/crypto/engine/hw_4758_cca.c
+++ b/src/lib/libssl/src/crypto/engine/hw_4758_cca.c
@@ -698,7 +698,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
698 698
699 if (type == NID_sha1 || type == NID_md5) 699 if (type == NID_sha1 || type == NID_md5)
700 { 700 {
701 memset(hashBuffer, keyLength+1, 0); 701 memset(hashBuffer, 0, keyLength+1);
702 OPENSSL_free(hashBuffer); 702 OPENSSL_free(hashBuffer);
703 } 703 }
704 704
@@ -821,7 +821,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
821 821
822 if (type == NID_sha1 || type == NID_md5) 822 if (type == NID_sha1 || type == NID_md5)
823 { 823 {
824 memset(hashBuffer, keyLength+1, 0); 824 memset(hashBuffer, 0, keyLength+1);
825 OPENSSL_free(hashBuffer); 825 OPENSSL_free(hashBuffer);
826 } 826 }
827 827
diff --git a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
index 7c3728f395..954eb85207 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
@@ -1,6 +1,7 @@
1/* 1/*
2 * Copyright (c) 2002 Bob Beck <beck@openbsd.org> 2 * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
3 * Copyright (c) 2002 Theo de Raadt 3 * Copyright (c) 2002 Theo de Raadt
4 * Copyright (c) 2002 Markus Friedl
4 * All rights reserved. 5 * All rights reserved.
5 * 6 *
6 * Redistribution and use in source and binary forms, with or without 7 * Redistribution and use in source and binary forms, with or without
@@ -36,25 +37,56 @@
36#include <stdio.h> 37#include <stdio.h>
37#include <unistd.h> 38#include <unistd.h>
38#include <fcntl.h> 39#include <fcntl.h>
39#include <syslog.h>
40#include <stdarg.h> 40#include <stdarg.h>
41#include <syslog.h>
41#include <ssl/objects.h> 42#include <ssl/objects.h>
42#include <ssl/engine.h> 43#include <ssl/engine.h>
43#include <ssl/evp.h> 44#include <ssl/evp.h>
45#include <errno.h>
46#include <string.h>
44 47
45static int cryptodev_fd = -1; 48struct dev_crypto_state {
46static int cryptodev_sessions = 0; 49 struct session_op d_sess;
47static u_int32_t cryptodev_symfeat = 0; 50 int d_fd;
51};
48 52
53static u_int32_t cryptodev_asymfeat = 0;
54
55static int get_asym_dev_crypto(void);
56static int open_dev_crypto(void);
57static int get_dev_crypto(void);
58static int cryptodev_max_iv(int cipher);
59static int cryptodev_key_length_valid(int cipher, int len);
60static int cipher_nid_to_cryptodev(int nid);
61static int get_cryptodev_ciphers(const int **cnids);
62static int get_cryptodev_digests(const int **cnids);
63static int cryptodev_usable_ciphers(const int **nids);
64static int cryptodev_usable_digests(const int **nids);
65static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
66 const unsigned char *in, unsigned int inl);
67static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv, int enc);
69static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
70static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
71 const int **nids, int nid);
72static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
73 const int **nids, int nid);
49static int bn2crparam(const BIGNUM *a, struct crparam *crp); 74static int bn2crparam(const BIGNUM *a, struct crparam *crp);
50static int crparam2bn(struct crparam *crp, BIGNUM *a); 75static int crparam2bn(struct crparam *crp, BIGNUM *a);
51static void zapparams(struct crypt_kop *kop); 76static void zapparams(struct crypt_kop *kop);
77static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
78 int slen, BIGNUM *s);
52 79
53static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
54static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, 80static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
55 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 81 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
82static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
83 RSA *rsa);
84static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
56static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, 85static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
57 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 86 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
87static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
88 BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
89 BN_CTX *ctx, BN_MONT_CTX *mont);
58static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, 90static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst,
59 int dlen, DSA *dsa); 91 int dlen, DSA *dsa);
60static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, 92static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
@@ -64,8 +96,15 @@ static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
64 BN_MONT_CTX *m_ctx); 96 BN_MONT_CTX *m_ctx);
65static int cryptodev_dh_compute_key(unsigned char *key, 97static int cryptodev_dh_compute_key(unsigned char *key,
66 const BIGNUM *pub_key, DH *dh); 98 const BIGNUM *pub_key, DH *dh);
99static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
100 void (*f)());
101void ENGINE_load_cryptodev(void);
67 102
68static const ENGINE_CMD_DEFN cryptodev_defns[] = { 103static const ENGINE_CMD_DEFN cryptodev_defns[] = {
104 {ENGINE_CMD_BASE,
105 "SO_PATH",
106 "Specifies the path to the some stupid shared library",
107 ENGINE_CMD_FLAG_STRING},
69 { 0, NULL, NULL, 0 } 108 { 0, NULL, NULL, 0 }
70}; 109};
71 110
@@ -77,11 +116,10 @@ static struct {
77} ciphers[] = { 116} ciphers[] = {
78 { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, 117 { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, },
79 { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, 118 { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, },
80 { CRYPTO_AES_CBC, NID_undef, 8, 24, }, 119 { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, },
81 { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, 120 { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, },
82 { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 8, }, 121 { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, },
83 { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, 122 { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, },
84 { CRYPTO_ARC4, NID_rc4, 8, 16, },
85 { 0, NID_undef, 0, 0, }, 123 { 0, NID_undef, 0, 0, },
86}; 124};
87 125
@@ -99,33 +137,53 @@ static struct {
99}; 137};
100 138
101/* 139/*
102 * Return 1 if /dev/crypto seems usable, 0 otherwise , also 140 * Return a fd if /dev/crypto seems usable, 0 otherwise.
103 * does most of the work of initting the device, if not already
104 * done.. This should leave is with global fd initialized with CRIOGET.
105 */ 141 */
106static int 142static int
107check_dev_crypto() 143open_dev_crypto(void)
108{ 144{
109 int fd; 145 static int fd = -1;
110 146
111 if (cryptodev_fd == -1) { 147 if (fd == -1) {
112 if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) 148 if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
113 return (0); 149 return (-1);
114 if (ioctl(fd, CRIOGET, &cryptodev_fd) == -1) {
115 close(fd);
116 return (0);
117 }
118 close(fd);
119 /* close on exec */ 150 /* close on exec */
120 if (fcntl(cryptodev_fd, F_SETFD, 1) == -1) { 151 if (fcntl(fd, F_SETFD, 1) == -1) {
121 close(cryptodev_fd); 152 close(fd);
122 cryptodev_fd = -1; 153 fd = -1;
123 return (0); 154 return (-1);
124 } 155 }
125 } 156 }
126 ioctl(cryptodev_fd, CIOCSYMFEAT, &cryptodev_symfeat); 157 return (fd);
158}
127 159
128 return (1); 160static int
161get_dev_crypto(void)
162{
163 int fd, retfd;
164
165 if ((fd = open_dev_crypto()) == -1)
166 return (-1);
167 if (ioctl(fd, CRIOGET, &retfd) == -1)
168 return (-1);
169
170 /* close on exec */
171 if (fcntl(retfd, F_SETFD, 1) == -1) {
172 close(retfd);
173 return (-1);
174 }
175 return (retfd);
176}
177
178/* Caching version for asym operations */
179static int
180get_asym_dev_crypto(void)
181{
182 static int fd = -1;
183
184 if (fd == -1)
185 fd = get_dev_crypto();
186 return fd;
129} 187}
130 188
131/* 189/*
@@ -183,8 +241,12 @@ get_cryptodev_ciphers(const int **cnids)
183{ 241{
184 static int nids[CRYPTO_ALGORITHM_MAX]; 242 static int nids[CRYPTO_ALGORITHM_MAX];
185 struct session_op sess; 243 struct session_op sess;
186 int i, count = 0; 244 int fd, i, count = 0;
187 245
246 if ((fd = get_dev_crypto()) < 0) {
247 *nids = NULL;
248 return (0);
249 }
188 memset(&sess, 0, sizeof(sess)); 250 memset(&sess, 0, sizeof(sess));
189 sess.key = (caddr_t)"123456781234567812345678"; 251 sess.key = (caddr_t)"123456781234567812345678";
190 252
@@ -194,10 +256,12 @@ get_cryptodev_ciphers(const int **cnids)
194 sess.cipher = ciphers[i].id; 256 sess.cipher = ciphers[i].id;
195 sess.keylen = ciphers[i].keylen; 257 sess.keylen = ciphers[i].keylen;
196 sess.mac = 0; 258 sess.mac = 0;
197 if (ioctl(cryptodev_fd, CIOCGSESSION, &sess) != -1 && 259 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
198 ioctl(cryptodev_fd, CIOCFSESSION, &sess.ses) != -1) 260 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
199 nids[count++] = ciphers[i].nid; 261 nids[count++] = ciphers[i].nid;
200 } 262 }
263 close(fd);
264
201 if (count > 0) 265 if (count > 0)
202 *cnids = nids; 266 *cnids = nids;
203 else 267 else
@@ -216,18 +280,24 @@ get_cryptodev_digests(const int **cnids)
216{ 280{
217 static int nids[CRYPTO_ALGORITHM_MAX]; 281 static int nids[CRYPTO_ALGORITHM_MAX];
218 struct session_op sess; 282 struct session_op sess;
219 int i, count = 0; 283 int fd, i, count = 0;
220 284
285 if ((fd = get_dev_crypto()) < 0) {
286 *nids = NULL;
287 return (0);
288 }
221 memset(&sess, 0, sizeof(sess)); 289 memset(&sess, 0, sizeof(sess));
222 for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { 290 for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
223 if (digests[i].nid == NID_undef) 291 if (digests[i].nid == NID_undef)
224 continue; 292 continue;
225 sess.mac = digests[i].id; 293 sess.mac = digests[i].id;
226 sess.cipher = 0; 294 sess.cipher = 0;
227 if (ioctl(cryptodev_fd, CIOCGSESSION, &sess) != -1 && 295 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
228 ioctl(cryptodev_fd, CIOCFSESSION, &sess.ses) != -1) 296 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
229 nids[count++] = digests[i].nid; 297 nids[count++] = digests[i].nid;
230 } 298 }
299 close(fd);
300
231 if (count > 0) 301 if (count > 0)
232 *cnids = nids; 302 *cnids = nids;
233 else 303 else
@@ -256,25 +326,15 @@ get_cryptodev_digests(const int **cnids)
256 * want most of the decisions made about what we actually want 326 * want most of the decisions made about what we actually want
257 * to use from /dev/crypto. 327 * to use from /dev/crypto.
258 */ 328 */
259int 329static int
260cryptodev_usable_ciphers(const int **nids) 330cryptodev_usable_ciphers(const int **nids)
261{ 331{
262 if (!check_dev_crypto()) {
263 *nids = NULL;
264 return (0);
265 }
266
267 /* find what the device can do. Unfortunately, we don't
268 * necessarily want all of these yet, because we aren't
269 * yet set up to do them
270 */
271 return (get_cryptodev_ciphers(nids)); 332 return (get_cryptodev_ciphers(nids));
272} 333}
273 334
274int 335static int
275cryptodev_usable_digests(const int **nids) 336cryptodev_usable_digests(const int **nids)
276{ 337{
277#if 1
278 /* 338 /*
279 * XXXX just disable all digests for now, because it sucks. 339 * XXXX just disable all digests for now, because it sucks.
280 * we need a better way to decide this - i.e. I may not 340 * we need a better way to decide this - i.e. I may not
@@ -289,29 +349,19 @@ cryptodev_usable_digests(const int **nids)
289 */ 349 */
290 *nids = NULL; 350 *nids = NULL;
291 return (0); 351 return (0);
292#endif
293
294 if (!check_dev_crypto()) {
295 *nids = NULL;
296 return (0);
297 }
298 return (get_cryptodev_digests(nids));
299} 352}
300 353
301 354static int
302int
303cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 355cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
304 const unsigned char *in, unsigned int inl) 356 const unsigned char *in, unsigned int inl)
305{ 357{
306 struct crypt_op cryp; 358 struct crypt_op cryp;
307 struct session_op *sess = ctx->cipher_data; 359 struct dev_crypto_state *state = ctx->cipher_data;
360 struct session_op *sess = &state->d_sess;
308 void *iiv; 361 void *iiv;
309 unsigned char save_iv[EVP_MAX_IV_LENGTH]; 362 unsigned char save_iv[EVP_MAX_IV_LENGTH];
310 struct syslog_data sd = SYSLOG_DATA_INIT;
311 363
312 if (cryptodev_fd == -1) 364 if (state->d_fd < 0)
313 return (0);
314 if (sess == NULL)
315 return (0); 365 return (0);
316 if (!inl) 366 if (!inl)
317 return (1); 367 return (1);
@@ -338,11 +388,10 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
338 } else 388 } else
339 cryp.iv = NULL; 389 cryp.iv = NULL;
340 390
341 if (ioctl(cryptodev_fd, CIOCCRYPT, &cryp) == -1) { 391 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
342 /* XXX need better errror handling 392 /* XXX need better errror handling
343 * this can fail for a number of different reasons. 393 * this can fail for a number of different reasons.
344 */ 394 */
345 syslog_r(LOG_ERR, &sd, "CIOCCRYPT failed (%m)");
346 return (0); 395 return (0);
347 } 396 }
348 397
@@ -356,20 +405,17 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
356 return (1); 405 return (1);
357} 406}
358 407
359int 408static int
360cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 409cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
361 const unsigned char *iv, int enc) 410 const unsigned char *iv, int enc)
362{ 411{
363 struct session_op *sess = ctx->cipher_data; 412 struct dev_crypto_state *state = ctx->cipher_data;
364 struct syslog_data sd = SYSLOG_DATA_INIT; 413 struct session_op *sess = &state->d_sess;
365 int cipher; 414 int cipher;
366 415
367 if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef) 416 if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
368 return (0); 417 return (0);
369 418
370 if (!check_dev_crypto())
371 return (0);
372
373 if (ctx->cipher->iv_len > cryptodev_max_iv(cipher)) 419 if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
374 return (0); 420 return (0);
375 421
@@ -378,15 +424,18 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
378 424
379 memset(sess, 0, sizeof(struct session_op)); 425 memset(sess, 0, sizeof(struct session_op));
380 426
427 if ((state->d_fd = get_dev_crypto()) < 0)
428 return (0);
429
381 sess->key = (unsigned char *)key; 430 sess->key = (unsigned char *)key;
382 sess->keylen = ctx->key_len; 431 sess->keylen = ctx->key_len;
383 sess->cipher = cipher; 432 sess->cipher = cipher;
384 433
385 if (ioctl(cryptodev_fd, CIOCGSESSION, sess) == -1) { 434 if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
386 syslog_r(LOG_ERR, &sd, "CIOCGSESSION failed (%m)"); 435 close(state->d_fd);
436 state->d_fd = -1;
387 return (0); 437 return (0);
388 } 438 }
389 cryptodev_sessions++;
390 return (1); 439 return (1);
391} 440}
392 441
@@ -394,14 +443,14 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
394 * free anything we allocated earlier when initting a 443 * free anything we allocated earlier when initting a
395 * session, and close the session. 444 * session, and close the session.
396 */ 445 */
397int 446static int
398cryptodev_cleanup(EVP_CIPHER_CTX *ctx) 447cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
399{ 448{
400 int ret = 0; 449 int ret = 0;
401 struct session_op *sess = ctx->cipher_data; 450 struct dev_crypto_state *state = ctx->cipher_data;
402 struct syslog_data sd = SYSLOG_DATA_INIT; 451 struct session_op *sess = &state->d_sess;
403 452
404 if (sess == NULL) 453 if (state->d_fd < 0)
405 return (0); 454 return (0);
406 455
407 /* XXX if this ioctl fails, someting's wrong. the invoker 456 /* XXX if this ioctl fails, someting's wrong. the invoker
@@ -415,17 +464,14 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
415 * print messages to users of the library. hmm.. 464 * print messages to users of the library. hmm..
416 */ 465 */
417 466
418 if (ioctl(cryptodev_fd, CIOCFSESSION, &sess->ses) == -1) { 467 if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
419 syslog_r(LOG_ERR, &sd, "CIOCFSESSION failed (%m)");
420 ret = 0; 468 ret = 0;
421 } else { 469 } else {
422 cryptodev_sessions--;
423 ret = 1; 470 ret = 1;
424 } 471 }
425 if (cryptodev_sessions == 0 && cryptodev_fd != -1 ) { 472 close(state->d_fd);
426 close(cryptodev_fd); /* XXX should this be closed? */ 473 state->d_fd = -1;
427 cryptodev_fd = -1; 474
428 }
429 return (ret); 475 return (ret);
430} 476}
431 477
@@ -434,20 +480,6 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
434 * gets called when libcrypto requests a cipher NID. 480 * gets called when libcrypto requests a cipher NID.
435 */ 481 */
436 482
437/* ARC4 (16 byte key) */
438const EVP_CIPHER cryptodev_arc4_cipher = {
439 NID_rc4,
440 1, 16, 0,
441 EVP_CIPH_VARIABLE_LENGTH,
442 cryptodev_init_key,
443 cryptodev_cipher,
444 cryptodev_cleanup,
445 sizeof(struct session_op),
446 NULL,
447 NULL,
448 NULL
449};
450
451/* DES CBC EVP */ 483/* DES CBC EVP */
452const EVP_CIPHER cryptodev_des_cbc = { 484const EVP_CIPHER cryptodev_des_cbc = {
453 NID_des_cbc, 485 NID_des_cbc,
@@ -456,7 +488,7 @@ const EVP_CIPHER cryptodev_des_cbc = {
456 cryptodev_init_key, 488 cryptodev_init_key,
457 cryptodev_cipher, 489 cryptodev_cipher,
458 cryptodev_cleanup, 490 cryptodev_cleanup,
459 sizeof(struct session_op), 491 sizeof(struct dev_crypto_state),
460 EVP_CIPHER_set_asn1_iv, 492 EVP_CIPHER_set_asn1_iv,
461 EVP_CIPHER_get_asn1_iv, 493 EVP_CIPHER_get_asn1_iv,
462 NULL 494 NULL
@@ -470,19 +502,57 @@ const EVP_CIPHER cryptodev_3des_cbc = {
470 cryptodev_init_key, 502 cryptodev_init_key,
471 cryptodev_cipher, 503 cryptodev_cipher,
472 cryptodev_cleanup, 504 cryptodev_cleanup,
473 sizeof(struct session_op), 505 sizeof(struct dev_crypto_state),
506 EVP_CIPHER_set_asn1_iv,
507 EVP_CIPHER_get_asn1_iv,
508 NULL
509};
510
511const EVP_CIPHER cryptodev_bf_cbc = {
512 NID_bf_cbc,
513 8, 16, 8,
514 EVP_CIPH_CBC_MODE,
515 cryptodev_init_key,
516 cryptodev_cipher,
517 cryptodev_cleanup,
518 sizeof(struct dev_crypto_state),
519 EVP_CIPHER_set_asn1_iv,
520 EVP_CIPHER_get_asn1_iv,
521 NULL
522};
523
524const EVP_CIPHER cryptodev_cast_cbc = {
525 NID_cast5_cbc,
526 8, 16, 8,
527 EVP_CIPH_CBC_MODE,
528 cryptodev_init_key,
529 cryptodev_cipher,
530 cryptodev_cleanup,
531 sizeof(struct dev_crypto_state),
474 EVP_CIPHER_set_asn1_iv, 532 EVP_CIPHER_set_asn1_iv,
475 EVP_CIPHER_get_asn1_iv, 533 EVP_CIPHER_get_asn1_iv,
476 NULL 534 NULL
477}; 535};
478 536
537const EVP_CIPHER cryptodev_aes_cbc = {
538 NID_aes_128_cbc,
539 16, 16, 16,
540 EVP_CIPH_CBC_MODE,
541 cryptodev_init_key,
542 cryptodev_cipher,
543 cryptodev_cleanup,
544 sizeof(struct dev_crypto_state),
545 EVP_CIPHER_set_asn1_iv,
546 EVP_CIPHER_get_asn1_iv,
547 NULL
548};
479 549
480/* 550/*
481 * Registered by the ENGINE when used to find out how to deal with 551 * Registered by the ENGINE when used to find out how to deal with
482 * a particular NID in the ENGINE. this says what we'll do at the 552 * a particular NID in the ENGINE. this says what we'll do at the
483 * top level - note, that list is restricted by what we answer with 553 * top level - note, that list is restricted by what we answer with
484 */ 554 */
485int 555static int
486cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 556cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
487 const int **nids, int nid) 557 const int **nids, int nid)
488{ 558{
@@ -490,15 +560,21 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
490 return (cryptodev_usable_ciphers(nids)); 560 return (cryptodev_usable_ciphers(nids));
491 561
492 switch (nid) { 562 switch (nid) {
493 case NID_rc4:
494 *cipher = &cryptodev_arc4_cipher;
495 break;
496 case NID_des_ede3_cbc: 563 case NID_des_ede3_cbc:
497 *cipher = &cryptodev_3des_cbc; 564 *cipher = &cryptodev_3des_cbc;
498 break; 565 break;
499 case NID_des_cbc: 566 case NID_des_cbc:
500 *cipher = &cryptodev_des_cbc; 567 *cipher = &cryptodev_des_cbc;
501 break; 568 break;
569 case NID_bf_cbc:
570 *cipher = &cryptodev_bf_cbc;
571 break;
572 case NID_cast5_cbc:
573 *cipher = &cryptodev_cast_cbc;
574 break;
575 case NID_aes_128_cbc:
576 *cipher = &cryptodev_aes_cbc;
577 break;
502 default: 578 default:
503 *cipher = NULL; 579 *cipher = NULL;
504 break; 580 break;
@@ -506,7 +582,7 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
506 return (*cipher != NULL); 582 return (*cipher != NULL);
507} 583}
508 584
509int 585static int
510cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, 586cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
511 const int **nids, int nid) 587 const int **nids, int nid)
512{ 588{
@@ -524,7 +600,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
524 return (*digest != NULL); 600 return (*digest != NULL);
525} 601}
526 602
527
528/* 603/*
529 * Convert a BIGNUM to the representation that /dev/crypto needs. 604 * Convert a BIGNUM to the representation that /dev/crypto needs.
530 * Upon completion of use, the caller is responsible for freeing 605 * Upon completion of use, the caller is responsible for freeing
@@ -533,7 +608,7 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
533static int 608static int
534bn2crparam(const BIGNUM *a, struct crparam *crp) 609bn2crparam(const BIGNUM *a, struct crparam *crp)
535{ 610{
536 int i, j, n; 611 int i, j, k;
537 ssize_t words, bytes, bits; 612 ssize_t words, bytes, bits;
538 u_char *b; 613 u_char *b;
539 614
@@ -550,17 +625,13 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
550 crp->crp_p = b; 625 crp->crp_p = b;
551 crp->crp_nbits = bits; 626 crp->crp_nbits = bits;
552 627
553 words = (bits + BN_BITS2 - 1) / BN_BITS2; 628 for (i = 0, j = 0; i < a->top; i++) {
554 629 for (k = 0; k < BN_BITS2 / 8; k++) {
555 n = 0; 630 if ((j + k) >= bytes)
556 for (i = 0; i < words && n < bytes; i++) { 631 return (0);
557 BN_ULONG word; 632 b[j + k] = a->d[i] >> (k * 8);
558
559 word = a->d[i];
560 for (j = 0 ; j < BN_BYTES && n < bytes; j++, n++) {
561 *b++ = (word & 0xff);
562 word >>= 8;
563 } 633 }
634 j += BN_BITS2 / 8;
564 } 635 }
565 return (0); 636 return (0);
566} 637}
@@ -569,15 +640,22 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
569static int 640static int
570crparam2bn(struct crparam *crp, BIGNUM *a) 641crparam2bn(struct crparam *crp, BIGNUM *a)
571{ 642{
643 u_int8_t *pd;
572 int i, bytes; 644 int i, bytes;
573 645
574 bytes = (crp->crp_nbits + 7)/8; 646 bytes = (crp->crp_nbits + 7) / 8;
575 647
576 BN_zero(a); 648 if (bytes == 0)
577 for (i = bytes - 1; i >= 0; i--) { 649 return (-1);
578 BN_lshift(a, a, 8); 650
579 BN_add_word(a, (u_char)crp->crp_p[i]); 651 if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
580 } 652 return (-1);
653
654 for (i = 0; i < bytes; i++)
655 pd[i] = crp->crp_p[bytes - i - 1];
656
657 BN_bin2bn(pd, bytes, a);
658 free(pd);
581 659
582 return (0); 660 return (0);
583} 661}
@@ -596,25 +674,32 @@ zapparams(struct crypt_kop *kop)
596} 674}
597 675
598static int 676static int
599cryptodev_sym(struct crypt_kop *kop, BIGNUM *r, BIGNUM *s) 677cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
600{ 678{
601 int ret = -1; 679 int fd, ret = -1;
680
681 if ((fd = get_asym_dev_crypto()) < 0)
682 return (ret);
602 683
603 if (r) { 684 if (r) {
604 kop->crk_param[kop->crk_iparams].crp_p = malloc(256); 685 kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
605 kop->crk_param[kop->crk_iparams].crp_nbits = 256 * 8; 686 kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
606 kop->crk_oparams++; 687 kop->crk_oparams++;
607 } 688 }
608 if (s) { 689 if (s) {
609 kop->crk_param[kop->crk_iparams+1].crp_p = malloc(256); 690 kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char));
610 kop->crk_param[kop->crk_iparams+1].crp_nbits = 256 * 8; 691 kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8;
611 kop->crk_oparams++; 692 kop->crk_oparams++;
612 } 693 }
613 694
614 if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { 695 if (ioctl(fd, CIOCKEY, kop) == 0) {
615 crparam2bn(&kop->crk_param[3], r); 696 if (r)
697 crparam2bn(&kop->crk_param[kop->crk_iparams], r);
698 if (s)
699 crparam2bn(&kop->crk_param[kop->crk_iparams+1], s);
616 ret = 0; 700 ret = 0;
617 } 701 }
702
618 return (ret); 703 return (ret);
619} 704}
620 705
@@ -623,38 +708,58 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
623 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) 708 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
624{ 709{
625 struct crypt_kop kop; 710 struct crypt_kop kop;
626 int ret = 0; 711 int ret = 1;
712
713 /* Currently, we know we can do mod exp iff we can do any
714 * asymmetric operations at all.
715 */
716 if (cryptodev_asymfeat == 0) {
717 ret = BN_mod_exp(r, a, p, m, ctx);
718 return (ret);
719 }
627 720
628 memset(&kop, 0, sizeof kop); 721 memset(&kop, 0, sizeof kop);
629 kop.crk_op = CRK_MOD_EXP; 722 kop.crk_op = CRK_MOD_EXP;
630 723
631 /* inputs: a m p */ 724 /* inputs: a^p % m */
632 if (bn2crparam(a, &kop.crk_param[0])) 725 if (bn2crparam(a, &kop.crk_param[0]))
633 goto err; 726 goto err;
634 if (bn2crparam(m, &kop.crk_param[1])) 727 if (bn2crparam(p, &kop.crk_param[1]))
635 goto err; 728 goto err;
636 if (bn2crparam(p, &kop.crk_param[2])) 729 if (bn2crparam(m, &kop.crk_param[2]))
637 goto err; 730 goto err;
638 kop.crk_iparams = 3; 731 kop.crk_iparams = 3;
639 732
640 if (cryptodev_sym(&kop, r, NULL) == -1) { 733 if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
641 ret = BN_mod_exp(r, a, p, m, ctx); 734 const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
735 ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
642 } 736 }
643err: 737err:
644 zapparams(&kop); 738 zapparams(&kop);
645 return (ret); 739 return (ret);
646} 740}
647 741
742static int
743cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
744{
745 int r;
746 BN_CTX *ctx;
747
748 ctx = BN_CTX_new();
749 r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
750 BN_CTX_free(ctx);
751 return (r);
752}
648 753
649static int 754static int
650cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) 755cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
651{ 756{
652 struct crypt_kop kop; 757 struct crypt_kop kop;
653 int ret = 0; 758 int ret = 1;
654 759
655 if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { 760 if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
656 /* XXX 0 means failure?? */ 761 /* XXX 0 means failure?? */
657 goto err; 762 return (0);
658 } 763 }
659 764
660 memset(&kop, 0, sizeof kop); 765 memset(&kop, 0, sizeof kop);
@@ -674,9 +779,8 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
674 goto err; 779 goto err;
675 kop.crk_iparams = 6; 780 kop.crk_iparams = 6;
676 781
677 if (cryptodev_sym(&kop, r0, NULL) == -1) { 782 if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
678 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); 783 const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
679
680 ret = (*meth->rsa_mod_exp)(r0, I, rsa); 784 ret = (*meth->rsa_mod_exp)(r0, I, rsa);
681 } 785 }
682err: 786err:
@@ -690,8 +794,8 @@ static RSA_METHOD cryptodev_rsa = {
690 NULL, /* rsa_pub_dec */ 794 NULL, /* rsa_pub_dec */
691 NULL, /* rsa_priv_enc */ 795 NULL, /* rsa_priv_enc */
692 NULL, /* rsa_priv_dec */ 796 NULL, /* rsa_priv_dec */
693 cryptodev_rsa_mod_exp, /* rsa_mod_exp */ 797 NULL,
694 cryptodev_bn_mod_exp, /* bn_mod_exp */ 798 NULL,
695 NULL, /* init */ 799 NULL, /* init */
696 NULL, /* finish */ 800 NULL, /* finish */
697 0, /* flags */ 801 0, /* flags */
@@ -707,6 +811,38 @@ cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
707 return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); 811 return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
708} 812}
709 813
814static int
815cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
816 BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
817 BN_CTX *ctx, BN_MONT_CTX *mont)
818{
819 BIGNUM t2;
820 int ret = 0;
821
822 BN_init(&t2);
823
824 /* v = ( g^u1 * y^u2 mod p ) mod q */
825 /* let t1 = g ^ u1 mod p */
826 ret = 0;
827
828 if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont))
829 goto err;
830
831 /* let t2 = y ^ u2 mod p */
832 if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont))
833 goto err;
834 /* let u1 = t1 * t2 mod p */
835 if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx))
836 goto err;
837
838 BN_copy(t1,u1);
839
840 ret = 1;
841err:
842 BN_free(&t2);
843 return(ret);
844}
845
710static DSA_SIG * 846static DSA_SIG *
711cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) 847cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
712{ 848{
@@ -721,6 +857,7 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
721 goto err; 857 goto err;
722 } 858 }
723 859
860 printf("bar\n");
724 memset(&kop, 0, sizeof kop); 861 memset(&kop, 0, sizeof kop);
725 kop.crk_op = CRK_DSA_SIGN; 862 kop.crk_op = CRK_DSA_SIGN;
726 863
@@ -737,13 +874,13 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
737 goto err; 874 goto err;
738 kop.crk_iparams = 5; 875 kop.crk_iparams = 5;
739 876
740 if (cryptodev_sym(&kop, r, s) == 0) { 877 if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
878 BN_num_bytes(dsa->q), s) == 0) {
741 dsaret = DSA_SIG_new(); 879 dsaret = DSA_SIG_new();
742 dsaret->r = r; 880 dsaret->r = r;
743 dsaret->s = s; 881 dsaret->s = s;
744 } else { 882 } else {
745 const DSA_METHOD *meth = DSA_OpenSSL(); 883 const DSA_METHOD *meth = DSA_OpenSSL();
746
747 BN_free(r); 884 BN_free(r);
748 BN_free(s); 885 BN_free(s);
749 dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); 886 dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
@@ -759,7 +896,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
759 DSA_SIG *sig, DSA *dsa) 896 DSA_SIG *sig, DSA *dsa)
760{ 897{
761 struct crypt_kop kop; 898 struct crypt_kop kop;
762 int dsaret = 0; 899 int dsaret = 1;
763 900
764 memset(&kop, 0, sizeof kop); 901 memset(&kop, 0, sizeof kop);
765 kop.crk_op = CRK_DSA_VERIFY; 902 kop.crk_op = CRK_DSA_VERIFY;
@@ -781,7 +918,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
781 goto err; 918 goto err;
782 kop.crk_iparams = 7; 919 kop.crk_iparams = 7;
783 920
784 if (cryptodev_sym(&kop, NULL, NULL) == 0) { 921 if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
785 dsaret = kop.crk_status; 922 dsaret = kop.crk_status;
786 } else { 923 } else {
787 const DSA_METHOD *meth = DSA_OpenSSL(); 924 const DSA_METHOD *meth = DSA_OpenSSL();
@@ -796,11 +933,11 @@ err:
796 933
797static DSA_METHOD cryptodev_dsa = { 934static DSA_METHOD cryptodev_dsa = {
798 "cryptodev DSA method", 935 "cryptodev DSA method",
799 cryptodev_dsa_do_sign, 936 NULL,
800 NULL, /* dsa_sign_setup */ 937 NULL, /* dsa_sign_setup */
801 cryptodev_dsa_verify, 938 NULL,
802 NULL, /* dsa_mod_exp */ 939 NULL, /* dsa_mod_exp */
803 cryptodev_dsa_bn_mod_exp, /* bn_mod_exp */ 940 NULL,
804 NULL, /* init */ 941 NULL, /* init */
805 NULL, /* finish */ 942 NULL, /* finish */
806 0, /* flags */ 943 0, /* flags */
@@ -819,8 +956,14 @@ static int
819cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) 956cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
820{ 957{
821 struct crypt_kop kop; 958 struct crypt_kop kop;
822 int dhret = 0; 959 int dhret = 1;
823 int keylen; 960 int fd, keylen;
961
962 if ((fd = get_asym_dev_crypto()) < 0) {
963 const DH_METHOD *meth = DH_OpenSSL();
964
965 return ((meth->compute_key)(key, pub_key, dh));
966 }
824 967
825 keylen = BN_num_bits(dh->p); 968 keylen = BN_num_bits(dh->p);
826 969
@@ -840,7 +983,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
840 kop.crk_param[3].crp_nbits = keylen * 8; 983 kop.crk_param[3].crp_nbits = keylen * 8;
841 kop.crk_oparams = 1; 984 kop.crk_oparams = 1;
842 985
843 if (ioctl(cryptodev_fd, CIOCKEY, &kop) == -1) { 986 if (ioctl(fd, CIOCKEY, &kop) == -1) {
844 const DH_METHOD *meth = DH_OpenSSL(); 987 const DH_METHOD *meth = DH_OpenSSL();
845 988
846 dhret = (meth->compute_key)(key, pub_key, dh); 989 dhret = (meth->compute_key)(key, pub_key, dh);
@@ -854,8 +997,8 @@ err:
854static DH_METHOD cryptodev_dh = { 997static DH_METHOD cryptodev_dh = {
855 "cryptodev DH method", 998 "cryptodev DH method",
856 NULL, /* cryptodev_dh_generate_key */ 999 NULL, /* cryptodev_dh_generate_key */
857 cryptodev_dh_compute_key, 1000 NULL,
858 cryptodev_mod_exp_dh, 1001 NULL,
859 NULL, 1002 NULL,
860 NULL, 1003 NULL,
861 0, /* flags */ 1004 0, /* flags */
@@ -884,11 +1027,21 @@ void
884ENGINE_load_cryptodev(void) 1027ENGINE_load_cryptodev(void)
885{ 1028{
886 ENGINE *engine = ENGINE_new(); 1029 ENGINE *engine = ENGINE_new();
887 const RSA_METHOD *rsa_meth; 1030 int fd;
888 const DH_METHOD *dh_meth;
889 1031
890 if (engine == NULL) 1032 if (engine == NULL)
891 return; 1033 return;
1034 if ((fd = get_dev_crypto()) < 0)
1035 return;
1036
1037 /*
1038 * find out what asymmetric crypto algorithms we support
1039 */
1040 if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
1041 close(fd);
1042 return;
1043 }
1044 close(fd);
892 1045
893 if (!ENGINE_set_id(engine, "cryptodev") || 1046 if (!ENGINE_set_id(engine, "cryptodev") ||
894 !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || 1047 !ENGINE_set_name(engine, "OpenBSD cryptodev engine") ||
@@ -900,24 +1053,52 @@ ENGINE_load_cryptodev(void)
900 return; 1053 return;
901 } 1054 }
902 1055
903 if ((cryptodev_symfeat & CRSFEAT_RSA) && 1056 if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
904 ENGINE_set_RSA(engine, &cryptodev_rsa)) { 1057 const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();
905 rsa_meth = RSA_PKCS1_SSLeay(); 1058
1059 cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
1060 cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
906 cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; 1061 cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
907 cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; 1062 cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
908 cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_dec; 1063 cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
909 cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; 1064 cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
1065 if (cryptodev_asymfeat & CRF_MOD_EXP) {
1066 cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
1067 if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
1068 cryptodev_rsa.rsa_mod_exp =
1069 cryptodev_rsa_mod_exp;
1070 else
1071 cryptodev_rsa.rsa_mod_exp =
1072 cryptodev_rsa_nocrt_mod_exp;
1073 }
910 } 1074 }
911 1075
912 if ((cryptodev_symfeat & CRSFEAT_DSA) && 1076 if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {
913 ENGINE_set_DSA(engine, &cryptodev_dsa)) { 1077 const DSA_METHOD *meth = DSA_OpenSSL();
1078
1079 memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
1080 if (cryptodev_asymfeat & CRF_DSA_SIGN)
1081 cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
1082 if (cryptodev_asymfeat & CRF_MOD_EXP) {
1083 cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
1084 cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
1085 }
1086 if (cryptodev_asymfeat & CRF_DSA_VERIFY)
1087 cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
914 } 1088 }
915 1089
916 if ((cryptodev_symfeat & CRSFEAT_DH) && 1090 if (ENGINE_set_DH(engine, &cryptodev_dh)){
917 ENGINE_set_DH(engine, &cryptodev_dh)) { 1091 const DH_METHOD *dh_meth = DH_OpenSSL();
918 dh_meth = DH_OpenSSL(); 1092
919 cryptodev_dh.generate_key = dh_meth->generate_key; 1093 cryptodev_dh.generate_key = dh_meth->generate_key;
920 cryptodev_dh.compute_key = dh_meth->compute_key; 1094 cryptodev_dh.compute_key = dh_meth->compute_key;
1095 cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
1096 if (cryptodev_asymfeat & CRF_MOD_EXP) {
1097 cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
1098 if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
1099 cryptodev_dh.compute_key =
1100 cryptodev_dh_compute_key;
1101 }
921 } 1102 }
922 1103
923 ENGINE_add(engine); 1104 ENGINE_add(engine);
diff --git a/src/lib/libssl/src/crypto/engine/hw_cswift.c b/src/lib/libssl/src/crypto/engine/hw_cswift.c
index d8b380550f..da732abce0 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cswift.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cswift.c
@@ -484,7 +484,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
484 goto err; 484 goto err;
485 default: 485 default:
486 { 486 {
487 char tmpbuf[20]; 487 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
488 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); 488 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
489 sprintf(tmpbuf, "%ld", sw_status); 489 sprintf(tmpbuf, "%ld", sw_status);
490 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 490 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -501,7 +501,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
501 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, 501 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
502 &res, 1)) != SW_OK) 502 &res, 1)) != SW_OK)
503 { 503 {
504 char tmpbuf[20]; 504 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); 505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
506 sprintf(tmpbuf, "%ld", sw_status); 506 sprintf(tmpbuf, "%ld", sw_status);
507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -591,7 +591,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
591 goto err; 591 goto err;
592 default: 592 default:
593 { 593 {
594 char tmpbuf[20]; 594 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
595 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); 595 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
596 sprintf(tmpbuf, "%ld", sw_status); 596 sprintf(tmpbuf, "%ld", sw_status);
597 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 597 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -608,7 +608,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
608 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, 608 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
609 &res, 1)) != SW_OK) 609 &res, 1)) != SW_OK)
610 { 610 {
611 char tmpbuf[20]; 611 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); 612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
613 sprintf(tmpbuf, "%ld", sw_status); 613 sprintf(tmpbuf, "%ld", sw_status);
614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -723,7 +723,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
723 goto err; 723 goto err;
724 default: 724 default:
725 { 725 {
726 char tmpbuf[20]; 726 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
727 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); 727 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
728 sprintf(tmpbuf, "%ld", sw_status); 728 sprintf(tmpbuf, "%ld", sw_status);
729 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 729 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -741,7 +741,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
741 &res, 1); 741 &res, 1);
742 if(sw_status != SW_OK) 742 if(sw_status != SW_OK)
743 { 743 {
744 char tmpbuf[20]; 744 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
745 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); 745 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
746 sprintf(tmpbuf, "%ld", sw_status); 746 sprintf(tmpbuf, "%ld", sw_status);
747 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 747 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -835,7 +835,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
835 goto err; 835 goto err;
836 default: 836 default:
837 { 837 {
838 char tmpbuf[20]; 838 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
839 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); 839 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
840 sprintf(tmpbuf, "%ld", sw_status); 840 sprintf(tmpbuf, "%ld", sw_status);
841 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 841 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -857,7 +857,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
857 &res, 1); 857 &res, 1);
858 if(sw_status != SW_OK) 858 if(sw_status != SW_OK)
859 { 859 {
860 char tmpbuf[20]; 860 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
861 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); 861 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
862 sprintf(tmpbuf, "%ld", sw_status); 862 sprintf(tmpbuf, "%ld", sw_status);
863 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 863 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
diff --git a/src/lib/libssl/src/crypto/engine/hw_openbsd_dev_crypto.c b/src/lib/libssl/src/crypto/engine/hw_openbsd_dev_crypto.c
new file mode 100644
index 0000000000..f946389b8a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/engine/hw_openbsd_dev_crypto.c
@@ -0,0 +1,594 @@
1/* Written by Ben Laurie <ben@algroup.co.uk> August 2001 */
2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/engine.h>
57#include <openssl/evp.h>
58#include "eng_int.h"
59/* Maybe this is needed? ... */
60#ifdef FLAT_INC
61#include "evp_locl.h"
62#else
63#include "../evp/evp_locl.h"
64#endif
65#include <openssl/conf.h>
66
67#ifndef OPENSSL_OPENBSD_DEV_CRYPTO
68
69void ENGINE_load_openbsd_dev_crypto(void)
70 {
71 /* This is a NOP unless OPENSSL_OPENBSD_DEV_CRYPTO is defined */
72 return;
73 }
74
75#else /* OPENSSL_OPENBSD_DEV_CRYPTO */
76
77#include <fcntl.h>
78#include <stdio.h>
79#include <errno.h>
80#include <assert.h>
81#include <unistd.h>
82#include <sys/ioctl.h>
83
84#include <crypto/cryptodev.h>
85
86/****************************************************/
87/* Declare the normal generic ENGINE stuff here ... */
88
89static int dev_crypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
90 const int **nids, int nid);
91static int dev_crypto_digests(ENGINE *e, const EVP_MD **digest,
92 const int **nids, int nid);
93
94static const char dev_crypto_id[] = "openbsd_dev_crypto";
95static const char dev_crypto_name[] = "OpenBSD /dev/crypto";
96
97static long allow_misaligned;
98
99#define DEV_CRYPTO_CMD_ALLOW_MISALIGNED ENGINE_CMD_BASE
100static const ENGINE_CMD_DEFN dev_crypto_cmd_defns[]=
101 {
102 { DEV_CRYPTO_CMD_ALLOW_MISALIGNED,
103 "allow_misaligned",
104 "Permit misaligned data to be used",
105 ENGINE_CMD_FLAG_NUMERIC },
106 { 0, NULL, NULL, 0 }
107 };
108
109static int dev_crypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
110 {
111 switch(cmd)
112 {
113 case DEV_CRYPTO_CMD_ALLOW_MISALIGNED:
114 allow_misaligned=i;
115 printf("allow misaligned=%ld\n",allow_misaligned);
116 break;
117 }
118
119 return 1;
120 }
121
122static ENGINE *engine_openbsd_dev_crypto(void)
123 {
124 ENGINE *engine=ENGINE_new();
125
126 if(!ENGINE_set_id(engine, dev_crypto_id) ||
127 !ENGINE_set_name(engine, dev_crypto_name) ||
128 !ENGINE_set_ciphers(engine, dev_crypto_ciphers) ||
129 !ENGINE_set_digests(engine, dev_crypto_digests) ||
130 !ENGINE_set_ctrl_function(engine, dev_crypto_ctrl) ||
131 !ENGINE_set_cmd_defns(engine, dev_crypto_cmd_defns))
132 {
133 ENGINE_free(engine);
134 return NULL;
135 }
136
137 return engine;
138 }
139
140void ENGINE_load_openbsd_dev_crypto(void)
141 {
142 /* Copied from eng_[openssl|dyn].c */
143 ENGINE *toadd = engine_openbsd_dev_crypto();
144 if(!toadd) return;
145 ENGINE_add(toadd);
146 ENGINE_free(toadd);
147 ERR_clear_error();
148 }
149
150/******************************************************************************/
151/* Clip in the stuff from crypto/evp/openbsd_hw.c here. NB: What has changed? */
152/* I've removed the exposed EVP_*** functions, they're accessed through the */
153/* "dev_crypto_[ciphers|digests]" handlers. I've also moved the EVP_CIPHER */
154/* and EVP_MD structures to the bottom where they are close to the handlers */
155/* that expose them. What should be done? The global data (file-descriptors, */
156/* etc) should be put into ENGINE's ex_data support, and per-context data */
157/* (also file-descriptors perhaps) should be put into the contexts. Also code */
158/* formatting, fprintf statements, and OpenSSL-style error handling should be */
159/* added (dynamically, like the other ENGINEs). Also, "dynamic" support */
160/* be added to this ENGINE once it's up and running so that it could be built */
161/* as a shared-library. What else? device initialisation should take place */
162/* inside an ENGINE 'init()' handler (and likewise 'finish()'). ciphers and */
163/* digests won't be used by the framework unless the ENGINE has been */
164/* successfully initialised (that's one of the things you get for free) so */
165/* initialisation, including returning failure if device setup fails, can be */
166/* handled quite cleanly. This could presumably handle the opening (and then */
167/* closing inside 'finish()') of the 'cryptodev_fd' file-descriptor). */
168
169/* longest key supported in hardware */
170#define MAX_HW_KEY 24
171#define MAX_HW_IV 8
172
173#define MD5_DIGEST_LENGTH 16
174#define MD5_CBLOCK 64
175
176static int fd;
177static int dev_failed;
178
179typedef struct session_op session_op;
180
181#define CDATA(ctx) EVP_C_DATA(session_op,ctx)
182
183static void err(const char *str)
184 {
185 fprintf(stderr,"%s: errno %d\n",str,errno);
186 }
187
188static int dev_crypto_init(session_op *ses)
189 {
190 if(dev_failed)
191 return 0;
192 if(!fd)
193 {
194 int cryptodev_fd;
195
196 if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
197 {
198 err("/dev/crypto");
199 dev_failed=1;
200 return 0;
201 }
202 if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
203 {
204 err("CRIOGET failed");
205 close(cryptodev_fd);
206 dev_failed=1;
207 return 0;
208 }
209 close(cryptodev_fd);
210 }
211 assert(ses);
212 memset(ses,'\0',sizeof *ses);
213
214 return 1;
215 }
216
217static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
218 {
219 fprintf(stderr,"cleanup %d\n",CDATA(ctx)->ses);
220 if(ioctl(fd,CIOCFSESSION,&CDATA(ctx)->ses) == -1)
221 err("CIOCFSESSION failed");
222
223 OPENSSL_free(CDATA(ctx)->key);
224
225 return 1;
226 }
227
228static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx,int cipher,
229 const unsigned char *key,int klen)
230 {
231 if(!dev_crypto_init(CDATA(ctx)))
232 return 0;
233
234 CDATA(ctx)->key=OPENSSL_malloc(MAX_HW_KEY);
235
236 assert(ctx->cipher->iv_len <= MAX_HW_IV);
237
238 memcpy(CDATA(ctx)->key,key,klen);
239
240 CDATA(ctx)->cipher=cipher;
241 CDATA(ctx)->keylen=klen;
242
243 if (ioctl(fd,CIOCGSESSION,CDATA(ctx)) == -1)
244 {
245 err("CIOCGSESSION failed");
246 return 0;
247 }
248 return 1;
249 }
250
251static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
252 const unsigned char *in,unsigned int inl)
253 {
254 struct crypt_op cryp;
255 unsigned char lb[MAX_HW_IV];
256
257 if(!inl)
258 return 1;
259
260 assert(CDATA(ctx));
261 assert(!dev_failed);
262
263 memset(&cryp,'\0',sizeof cryp);
264 cryp.ses=CDATA(ctx)->ses;
265 cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
266 cryp.flags=0;
267 cryp.len=inl;
268 assert((inl&(ctx->cipher->block_size-1)) == 0);
269 cryp.src=(caddr_t)in;
270 cryp.dst=(caddr_t)out;
271 cryp.mac=0;
272 if(ctx->cipher->iv_len)
273 cryp.iv=(caddr_t)ctx->iv;
274
275 if(!ctx->encrypt)
276 memcpy(lb,&in[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
277
278 if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
279 {
280 if(errno == EINVAL) /* buffers are misaligned */
281 {
282 unsigned int cinl=0;
283 char *cin=NULL;
284 char *cout=NULL;
285
286 /* NB: this can only make cinl != inl with stream ciphers */
287 cinl=(inl+3)/4*4;
288
289 if(((unsigned long)in&3) || cinl != inl)
290 {
291 cin=OPENSSL_malloc(cinl);
292 memcpy(cin,in,inl);
293 cryp.src=cin;
294 }
295
296 if(((unsigned long)out&3) || cinl != inl)
297 {
298 cout=OPENSSL_malloc(cinl);
299 cryp.dst=cout;
300 }
301
302 cryp.len=cinl;
303
304 if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
305 {
306 err("CIOCCRYPT(2) failed");
307 printf("src=%p dst=%p\n",cryp.src,cryp.dst);
308 abort();
309 return 0;
310 }
311
312 if(cout)
313 {
314 memcpy(out,cout,inl);
315 OPENSSL_free(cout);
316 }
317 if(cin)
318 OPENSSL_free(cin);
319 }
320 else
321 {
322 err("CIOCCRYPT failed");
323 abort();
324 return 0;
325 }
326 }
327
328 if(ctx->encrypt)
329 memcpy(ctx->iv,&out[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
330 else
331 memcpy(ctx->iv,lb,ctx->cipher->iv_len);
332
333 return 1;
334 }
335
336static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
337 const unsigned char *key,
338 const unsigned char *iv, int enc)
339 { return dev_crypto_init_key(ctx,CRYPTO_3DES_CBC,key,24); }
340
341static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
342 const unsigned char *key,
343 const unsigned char *iv, int enc)
344 { return dev_crypto_init_key(ctx,CRYPTO_ARC4,key,16); }
345
346typedef struct
347 {
348 session_op sess;
349 char *data;
350 int len;
351 unsigned char md[EVP_MAX_MD_SIZE];
352 } MD_DATA;
353
354static int dev_crypto_init_digest(MD_DATA *md_data,int mac)
355 {
356 if(!dev_crypto_init(&md_data->sess))
357 return 0;
358
359 md_data->len=0;
360 md_data->data=NULL;
361
362 md_data->sess.mac=mac;
363
364 if (ioctl(fd,CIOCGSESSION,&md_data->sess) == -1)
365 {
366 err("CIOCGSESSION failed");
367 return 0;
368 }
369 fprintf(stderr,"opened %d\n",md_data->sess.ses);
370 return 1;
371 }
372
373static int dev_crypto_cleanup_digest(MD_DATA *md_data)
374 {
375 fprintf(stderr,"cleanup %d\n",md_data->sess.ses);
376 if (ioctl(fd,CIOCFSESSION,&md_data->sess.ses) == -1)
377 {
378 err("CIOCFSESSION failed");
379 return 0;
380 }
381
382 return 1;
383 }
384
385/* FIXME: if device can do chained MACs, then don't accumulate */
386/* FIXME: move accumulation to the framework */
387static int dev_crypto_md5_init(EVP_MD_CTX *ctx)
388 { return dev_crypto_init_digest(ctx->md_data,CRYPTO_MD5); }
389
390static int do_digest(int ses,unsigned char *md,const void *data,int len)
391 {
392 struct crypt_op cryp;
393 static unsigned char md5zero[16]=
394 {
395 0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,
396 0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e
397 };
398
399 /* some cards can't do zero length */
400 if(!len)
401 {
402 memcpy(md,md5zero,16);
403 return 1;
404 }
405
406 memset(&cryp,'\0',sizeof cryp);
407 cryp.ses=ses;
408 cryp.op=COP_ENCRYPT;/* required to do the MAC rather than check it */
409 cryp.len=len;
410 cryp.src=(caddr_t)data;
411 cryp.dst=(caddr_t)data; // FIXME!!!
412 cryp.mac=(caddr_t)md;
413
414 if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
415 {
416 if(errno == EINVAL && allow_misaligned) /* buffer is misaligned */
417 {
418 char *dcopy;
419
420 dcopy=OPENSSL_malloc(len);
421 memcpy(dcopy,data,len);
422 cryp.src=dcopy;
423 cryp.dst=cryp.src; // FIXME!!!
424
425 if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
426 {
427 err("CIOCCRYPT(MAC2) failed");
428 abort();
429 return 0;
430 }
431 OPENSSL_free(dcopy);
432 }
433 else
434 {
435 err("CIOCCRYPT(MAC) failed");
436 abort();
437 return 0;
438 }
439 }
440 // printf("done\n");
441
442 return 1;
443 }
444
445static int dev_crypto_md5_update(EVP_MD_CTX *ctx,const void *data,
446 unsigned long len)
447 {
448 MD_DATA *md_data=ctx->md_data;
449
450 if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
451 return do_digest(md_data->sess.ses,md_data->md,data,len);
452
453 md_data->data=OPENSSL_realloc(md_data->data,md_data->len+len);
454 memcpy(md_data->data+md_data->len,data,len);
455 md_data->len+=len;
456
457 return 1;
458 }
459
460static int dev_crypto_md5_final(EVP_MD_CTX *ctx,unsigned char *md)
461 {
462 int ret;
463 MD_DATA *md_data=ctx->md_data;
464
465 if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
466 {
467 memcpy(md,md_data->md,MD5_DIGEST_LENGTH);
468 ret=1;
469 }
470 else
471 {
472 ret=do_digest(md_data->sess.ses,md,md_data->data,md_data->len);
473 OPENSSL_free(md_data->data);
474 md_data->data=NULL;
475 md_data->len=0;
476 }
477
478 return ret;
479 }
480
481static int dev_crypto_md5_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
482 {
483 const MD_DATA *from_md=from->md_data;
484 MD_DATA *to_md=to->md_data;
485
486 // How do we copy sessions?
487 assert(from->digest->flags&EVP_MD_FLAG_ONESHOT);
488
489 to_md->data=OPENSSL_malloc(from_md->len);
490 memcpy(to_md->data,from_md->data,from_md->len);
491
492 return 1;
493 }
494
495static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx)
496 {
497 return dev_crypto_cleanup_digest(ctx->md_data);
498 }
499
500/**************************************************************************/
501/* Here are the moved declarations of the EVP_CIPHER and EVP_MD */
502/* implementations. They're down here to be within easy editor-distance */
503/* of the digests and ciphers handler functions. */
504
505#define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
506
507BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
508 0, dev_crypto_des_ede3_init_key,
509 dev_crypto_cleanup,
510 EVP_CIPHER_set_asn1_iv,
511 EVP_CIPHER_get_asn1_iv,
512 NULL)
513
514static const EVP_CIPHER r4_cipher=
515 {
516 NID_rc4,
517 1,16,0, /* FIXME: key should be up to 256 bytes */
518 EVP_CIPH_VARIABLE_LENGTH,
519 dev_crypto_rc4_init_key,
520 dev_crypto_cipher,
521 dev_crypto_cleanup,
522 sizeof(session_op),
523 NULL,
524 NULL,
525 NULL
526 };
527
528static const EVP_MD md5_md=
529 {
530 NID_md5,
531 NID_md5WithRSAEncryption,
532 MD5_DIGEST_LENGTH,
533 EVP_MD_FLAG_ONESHOT, // XXX: set according to device info...
534 dev_crypto_md5_init,
535 dev_crypto_md5_update,
536 dev_crypto_md5_final,
537 dev_crypto_md5_copy,
538 dev_crypto_md5_cleanup,
539 EVP_PKEY_RSA_method,
540 MD5_CBLOCK,
541 sizeof(MD_DATA),
542 };
543
544/****************************************************************/
545/* Implement the dev_crypto_[ciphers|digests] handlers here ... */
546
547static int cipher_nids[] = {NID_des_ede3_cbc, NID_rc4};
548static int cipher_nids_num = 2;
549static int digest_nids[] = {NID_md5};
550static int digest_nids_num = 1;
551
552static int dev_crypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
553 const int **nids, int nid)
554 {
555 if(!cipher)
556 {
557 /* We are returning a list of supported nids */
558 *nids = cipher_nids;
559 return cipher_nids_num;
560 }
561 /* We are being asked for a specific cipher */
562 if(nid == NID_rc4)
563 *cipher = &r4_cipher;
564 else if(nid == NID_des_ede3_cbc)
565 *cipher = &dev_crypto_des_ede3_cbc;
566 else
567 {
568 *cipher = NULL;
569 return 0;
570 }
571 return 1;
572 }
573
574static int dev_crypto_digests(ENGINE *e, const EVP_MD **digest,
575 const int **nids, int nid)
576 {
577 if(!digest)
578 {
579 /* We are returning a list of supported nids */
580 *nids = digest_nids;
581 return digest_nids_num;
582 }
583 /* We are being asked for a specific digest */
584 if(nid == NID_md5)
585 *digest = &md5_md;
586 else
587 {
588 *digest = NULL;
589 return 0;
590 }
591 return 1;
592 }
593
594#endif /* OPENSSL_OPENBSD_DEV_CRYPTO */
diff --git a/src/lib/libssl/src/crypto/err/Makefile.ssl b/src/lib/libssl/src/crypto/err/Makefile.ssl
new file mode 100644
index 0000000000..1b3c58626c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/err/Makefile.ssl
@@ -0,0 +1,112 @@
1#
2# SSLeay/crypto/err/Makefile
3#
4
5DIR= err
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=err.c err_all.c err_prn.c
27LIBOBJ=err.o err_all.o err_prn.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= err.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
83err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
84err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
85err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
86err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
87err.o: ../../include/openssl/symhacks.h ../cryptlib.h err.c
88err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
89err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
90err_all.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
91err_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
92err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
93err_all.o: ../../include/openssl/ec.h ../../include/openssl/engine.h
94err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
95err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
96err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
97err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
98err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h
99err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
100err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
101err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
102err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
103err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
104err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
105err_all.o: err_all.c
106err_prn.o: ../../e_os.h ../../include/openssl/bio.h
107err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
108err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
109err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
110err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
111err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
112err_prn.o: ../cryptlib.h err_prn.c
diff --git a/src/lib/libssl/src/crypto/evp/Makefile.ssl b/src/lib/libssl/src/crypto/evp/Makefile.ssl
new file mode 100644
index 0000000000..75f078af76
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/Makefile.ssl
@@ -0,0 +1,662 @@
1#
2# SSLeay/crypto/evp/Makefile
3#
4
5DIR= evp
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=evp_test.c
23TESTDATA=evptests.txt
24APPS=
25
26LIB=$(TOP)/libcrypto.a
27LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
28 e_des.c e_bf.c e_idea.c e_des3.c \
29 e_rc4.c e_aes.c names.c \
30 e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
31 m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
32 m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \
33 p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
34 bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
35 c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
36 evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
37
38LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
39 e_des.o e_bf.o e_idea.o e_des3.o \
40 e_rc4.o e_aes.o names.o \
41 e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
42 m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
43 m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \
44 p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
45 bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
46 c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
47 evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
48
49SRC= $(LIBSRC)
50
51EXHEADER= evp.h
52HEADER= $(EXHEADER)
53
54ALL= $(GENERAL) $(SRC) $(HEADER)
55
56top:
57 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
58
59all: lib
60
61lib: $(LIBOBJ)
62 $(AR) $(LIB) $(LIBOBJ)
63 $(RANLIB) $(LIB) || echo Never mind.
64 @touch lib
65
66files:
67 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
68
69links:
70 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
71 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
72 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
73 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TESTDATA)
74 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
75
76install:
77 @for i in $(EXHEADER) ; \
78 do \
79 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
80 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
81 done;
82
83tags:
84 ctags $(SRC)
85
86tests:
87
88lint:
89 lint -DLINT $(INCLUDES) $(SRC)>fluff
90
91depend:
92 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
93
94dclean:
95 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
96 mv -f Makefile.new $(MAKEFILE)
97
98clean:
99 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
100
101# DO NOT DELETE THIS LINE -- make depend depends on it.
102
103bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
104bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
105bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
106bio_b64.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
107bio_b64.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
108bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
109bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
110bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
111bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
112bio_b64.o: ../cryptlib.h bio_b64.c
113bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
114bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
115bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
116bio_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
117bio_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
118bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
119bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
120bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
121bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
122bio_enc.o: ../cryptlib.h bio_enc.c
123bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
124bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
125bio_md.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
126bio_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
127bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
128bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
129bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
130bio_md.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
131bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_md.c
132bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
133bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
134bio_ok.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
135bio_ok.o: ../../include/openssl/err.h ../../include/openssl/evp.h
136bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
137bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
138bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
139bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
140bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
141bio_ok.o: ../cryptlib.h bio_ok.c
142c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
143c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
144c_all.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
145c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
146c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
147c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
148c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
149c_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
150c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h c_all.c
151c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
152c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
153c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
154c_allc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
155c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
156c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
157c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
158c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
159c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
160c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
161c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
162c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
163c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
164c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
165c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
166c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
167c_alld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
168c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
169c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
170c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
171c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
172c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
173c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
174c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
175c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
176c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
177digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
178digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
179digest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
180digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
181digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
182digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
183digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
184digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
185digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
186digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
187digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
188digest.o: ../../include/openssl/ui.h ../cryptlib.h digest.c
189e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
190e_aes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
191e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
192e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h
193e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
194e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
195e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
196e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
197e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h
198e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
199e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
200e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
201e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
202e_bf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
203e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
204e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
205e_bf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
206e_bf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
207e_bf.o: ../cryptlib.h e_bf.c evp_locl.h
208e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
209e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
210e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
211e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
212e_cast.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
213e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
214e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
215e_cast.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
216e_cast.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
217e_cast.o: ../cryptlib.h e_cast.c evp_locl.h
218e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
219e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
220e_des.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
221e_des.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
222e_des.o: ../../include/openssl/err.h ../../include/openssl/evp.h
223e_des.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
224e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
225e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
226e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
227e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
228e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
229e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
230e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
231e_des3.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
232e_des3.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
233e_des3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
234e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
235e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
236e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
237e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
238e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
239e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
240e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
241e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
242e_idea.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
243e_idea.o: ../../include/openssl/err.h ../../include/openssl/evp.h
244e_idea.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
245e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
246e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
247e_idea.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
248e_idea.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
249e_idea.o: ../cryptlib.h e_idea.c evp_locl.h
250e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
251e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
252e_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
253e_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
254e_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
255e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
256e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
257e_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
258e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h e_null.c
259e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
260e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
261e_rc2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
262e_rc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
263e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
264e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
265e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
266e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
267e_rc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
268e_rc2.o: ../cryptlib.h e_rc2.c evp_locl.h
269e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
270e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
271e_rc4.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
272e_rc4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
273e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
274e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
275e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
276e_rc4.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
277e_rc4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
278e_rc4.o: ../cryptlib.h e_rc4.c
279e_rc5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
280e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
281e_rc5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
282e_rc5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
283e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
284e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
285e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
286e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/safestack.h
287e_rc5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
288e_rc5.o: ../cryptlib.h e_rc5.c evp_locl.h
289e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
290e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
291e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
292e_xcbc_d.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
293e_xcbc_d.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
294e_xcbc_d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
295e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
296e_xcbc_d.o: ../../include/openssl/opensslconf.h
297e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
298e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
299e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
300e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
301encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
302encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
303encode.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
304encode.o: ../../include/openssl/err.h ../../include/openssl/evp.h
305encode.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
306encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
307encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
308encode.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
309encode.o: ../../include/openssl/symhacks.h ../cryptlib.h encode.c
310evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
311evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
312evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
313evp_acnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
314evp_acnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
315evp_acnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
316evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
317evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
318evp_acnf.o: ../../include/openssl/opensslconf.h
319evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
320evp_acnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
321evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
322evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
323evp_acnf.o: ../cryptlib.h evp_acnf.c
324evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
325evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
326evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
327evp_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
328evp_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
329evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
330evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
331evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
332evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
333evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
334evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
335evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
336evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
337evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
338evp_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
339evp_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
340evp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
341evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
342evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
343evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
344evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
345evp_err.o: evp_err.c
346evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
347evp_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
348evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
349evp_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
350evp_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
351evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
352evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
353evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
354evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
355evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
356evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
357evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
358evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
359evp_key.o: ../cryptlib.h evp_key.c
360evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
361evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
362evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
363evp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
364evp_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
365evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
366evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
367evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
368evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
369evp_lib.o: ../cryptlib.h evp_lib.c
370evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
371evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
372evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
373evp_pbe.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
374evp_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
375evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
376evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
377evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
378evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
379evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
380evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
381evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
382evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
383evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
384evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
385evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
386evp_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
387evp_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
388evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
389evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
390evp_pkey.o: ../../include/openssl/opensslconf.h
391evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
392evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
393evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
394evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
395evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
396evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c
397m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
398m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
399m_dss.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
400m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
401m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
402m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
403m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
404m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
405m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
406m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
407m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
408m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
409m_dss.o: ../cryptlib.h m_dss.c
410m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
411m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
412m_dss1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
413m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
414m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
415m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
416m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
417m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
418m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
419m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
420m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
421m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
422m_dss1.o: ../cryptlib.h m_dss1.c
423m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
424m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
425m_md2.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
426m_md2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
427m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
428m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
429m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
430m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
431m_md2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
432m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
433m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
434m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
435m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md2.c
436m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
437m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
438m_md4.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
439m_md4.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
440m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
441m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h
442m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
443m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
444m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
445m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
446m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
447m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
448m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c
449m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
450m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
451m_md5.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
452m_md5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
453m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
454m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h
455m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
456m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
457m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
458m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
459m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
460m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
461m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c
462m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
463m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
464m_mdc2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
465m_mdc2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
466m_mdc2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
467m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
468m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
469m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
470m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
471m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
472m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
473m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
474m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
475m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
476m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_mdc2.c
477m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
478m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
479m_null.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
480m_null.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
481m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
482m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
483m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
484m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
485m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
486m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
487m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
488m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
489m_null.o: ../cryptlib.h m_null.c
490m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
491m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
492m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
493m_ripemd.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
494m_ripemd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
495m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
496m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
497m_ripemd.o: ../../include/openssl/opensslconf.h
498m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
499m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
500m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
501m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
502m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
503m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
504m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
505m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
506m_sha.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
507m_sha.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
508m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
509m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
510m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
511m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
512m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
513m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
514m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
515m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
516m_sha.o: ../cryptlib.h m_sha.c
517m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
518m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
519m_sha1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
520m_sha1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
521m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
522m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
523m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
524m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
525m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
526m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
527m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
528m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
529m_sha1.o: ../cryptlib.h m_sha1.c
530names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
531names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
532names.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
533names.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
534names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
535names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
536names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
537names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
538names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
539names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
540names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
541names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
542names.o: ../cryptlib.h names.c
543p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
544p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
545p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
546p5_crpt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
547p5_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
548p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
549p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
550p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
551p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
552p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
553p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
554p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
555p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
556p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
557p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
558p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
559p5_crpt2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
560p5_crpt2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
561p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
562p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
563p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
564p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
565p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
566p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
567p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
568p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
569p5_crpt2.o: ../cryptlib.h p5_crpt2.c
570p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
571p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
572p_dec.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
573p_dec.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
574p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
575p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
576p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
577p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
578p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
579p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
580p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
581p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
582p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
583p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
584p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
585p_enc.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
586p_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
587p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
588p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
589p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
590p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
591p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
592p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
593p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
594p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
595p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
596p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
597p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
598p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
599p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
600p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
601p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
602p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
603p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
604p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
605p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
606p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
607p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
608p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
609p_lib.o: ../cryptlib.h p_lib.c
610p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
611p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
612p_open.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
613p_open.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
614p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
615p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
616p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
617p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
618p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
619p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
620p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
621p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
622p_open.o: ../cryptlib.h p_open.c
623p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
624p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
625p_seal.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
626p_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
627p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
628p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
629p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
630p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
631p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
632p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
633p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
634p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
635p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
636p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
637p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
638p_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
639p_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
640p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
641p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
642p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
643p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
644p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
645p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
646p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
647p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
648p_sign.o: ../cryptlib.h p_sign.c
649p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
650p_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
651p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
652p_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
653p_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
654p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
655p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
656p_verify.o: ../../include/openssl/opensslconf.h
657p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
658p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
659p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
660p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
661p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
662p_verify.o: ../cryptlib.h p_verify.c
diff --git a/src/lib/libssl/src/crypto/evp/c_all.c b/src/lib/libssl/src/crypto/evp/c_all.c
index 5ffd352ea0..3d390dfbf1 100644
--- a/src/lib/libssl/src/crypto/evp/c_all.c
+++ b/src/lib/libssl/src/crypto/evp/c_all.c
@@ -71,4 +71,5 @@ void OPENSSL_add_all_algorithms_noconf(void)
71 { 71 {
72 OpenSSL_add_all_ciphers(); 72 OpenSSL_add_all_ciphers();
73 OpenSSL_add_all_digests(); 73 OpenSSL_add_all_digests();
74 ENGINE_setup_openbsd();
74 } 75 }
diff --git a/src/lib/libssl/src/crypto/evp/evp_test.c b/src/lib/libssl/src/crypto/evp/evp_test.c
index 1bfffb34cf..90294ef686 100644
--- a/src/lib/libssl/src/crypto/evp/evp_test.c
+++ b/src/lib/libssl/src/crypto/evp/evp_test.c
@@ -118,7 +118,7 @@ static char *sstrsep(char **string, const char *delim)
118 } 118 }
119 119
120static unsigned char *ustrsep(char **p,const char *sep) 120static unsigned char *ustrsep(char **p,const char *sep)
121 { return (unsigned char *)sstrsep((char **)p,sep); } 121 { return (unsigned char *)sstrsep(p,sep); }
122 122
123static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, 123static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
124 const unsigned char *iv,int in, 124 const unsigned char *iv,int in,
@@ -358,7 +358,7 @@ int main(int argc,char **argv)
358 p[-1] = '\0'; 358 p[-1] = '\0';
359 encdec = -1; 359 encdec = -1;
360 } else { 360 } else {
361 encdec = atoi(strsep(&p,"\n")); 361 encdec = atoi(sstrsep(&p,"\n"));
362 } 362 }
363 363
364 364
diff --git a/src/lib/libssl/src/crypto/hmac/Makefile.ssl b/src/lib/libssl/src/crypto/hmac/Makefile.ssl
new file mode 100644
index 0000000000..93312d4918
--- /dev/null
+++ b/src/lib/libssl/src/crypto/hmac/Makefile.ssl
@@ -0,0 +1,89 @@
1#
2# SSLeay/crypto/md/Makefile
3#
4
5DIR= hmac
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=hmactest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=hmac.c
27LIBOBJ=hmac.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= hmac.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82hmac.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
83hmac.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
84hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
85hmac.o: ../../include/openssl/hmac.h ../../include/openssl/obj_mac.h
86hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
87hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
88hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
89hmac.o: ../../include/openssl/symhacks.h hmac.c
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c
index da363b7950..46480a4c95 100644
--- a/src/lib/libssl/src/crypto/hmac/hmac.c
+++ b/src/lib/libssl/src/crypto/hmac/hmac.c
@@ -70,6 +70,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
70 { 70 {
71 reset=1; 71 reset=1;
72 ctx->md=md; 72 ctx->md=md;
73 EVP_MD_CTX_init(&ctx->md_ctx);
73 } 74 }
74 else 75 else
75 md=ctx->md; 76 md=ctx->md;
diff --git a/src/lib/libssl/src/crypto/idea/Makefile.ssl b/src/lib/libssl/src/crypto/idea/Makefile.ssl
new file mode 100644
index 0000000000..d87863d133
--- /dev/null
+++ b/src/lib/libssl/src/crypto/idea/Makefile.ssl
@@ -0,0 +1,91 @@
1#
2# SSLeay/crypto/idea/Makefile
3#
4
5DIR= idea
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=ideatest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
27LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= idea.h
32HEADER= idea_lcl.h $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
83i_cbc.o: i_cbc.c idea_lcl.h
84i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
85i_cfb64.o: i_cfb64.c idea_lcl.h
86i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
87i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
88i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
89i_ofb64.o: i_ofb64.c idea_lcl.h
90i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
91i_skey.o: i_skey.c idea_lcl.h
diff --git a/src/lib/libssl/src/crypto/krb5/Makefile.ssl b/src/lib/libssl/src/crypto/krb5/Makefile.ssl
new file mode 100644
index 0000000000..ab90580b46
--- /dev/null
+++ b/src/lib/libssl/src/crypto/krb5/Makefile.ssl
@@ -0,0 +1,90 @@
1#
2# OpenSSL/krb5/Makefile.ssl
3#
4
5DIR= krb5
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= krb5_asn.c
27
28LIBOBJ= krb5_asn.o
29
30SRC= $(LIBSRC)
31
32EXHEADER= krb5_asn.h
33HEADER= $(EXHEADER)
34
35ALL= $(GENERAL) $(SRC) $(HEADER)
36
37top:
38 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
39
40all: lib
41
42lib: $(LIBOBJ)
43 $(AR) $(LIB) $(LIBOBJ)
44 $(RANLIB) $(LIB)
45 @touch lib
46
47files:
48 perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
49
50links:
51 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
52 $(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
53 $(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
54 $(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
55
56install:
57 @for i in $(EXHEADER) ; \
58 do \
59 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
60 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
61 done;
62
63tags:
64 ctags $(SRC)
65
66tests:
67
68lint:
69 lint -DLINT $(INCLUDES) $(SRC)>fluff
70
71depend:
72 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
73
74dclean:
75 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
76 mv -f Makefile.new $(MAKEFILE)
77
78clean:
79 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
80
81# DO NOT DELETE THIS LINE -- make depend depends on it.
82
83krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
84krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
85krb5_asn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
86krb5_asn.o: ../../include/openssl/krb5_asn.h
87krb5_asn.o: ../../include/openssl/opensslconf.h
88krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
89krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
90krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/src/lib/libssl/src/crypto/lhash/Makefile.ssl b/src/lib/libssl/src/crypto/lhash/Makefile.ssl
new file mode 100644
index 0000000000..324e360143
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/Makefile.ssl
@@ -0,0 +1,93 @@
1#
2# SSLeay/crypto/lhash/Makefile
3#
4
5DIR= lhash
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=lhash.c lh_stats.c
27LIBOBJ=lhash.o lh_stats.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= lhash.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
83lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
84lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
86lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
87lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
88lh_stats.o: ../cryptlib.h lh_stats.c
89lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
90lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
91lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
92lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
93lhash.o: ../../include/openssl/symhacks.h lhash.c
diff --git a/src/lib/libssl/src/crypto/md2/Makefile.ssl b/src/lib/libssl/src/crypto/md2/Makefile.ssl
new file mode 100644
index 0000000000..62a7fe6198
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md2/Makefile.ssl
@@ -0,0 +1,90 @@
1#
2# SSLeay/crypto/md/Makefile
3#
4
5DIR= md2
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=md2test.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=md2_dgst.c md2_one.c
27LIBOBJ=md2_dgst.o md2_one.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= md2.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
83md2_dgst.o: ../../include/openssl/opensslv.h md2_dgst.c
84md2_one.o: ../../e_os.h ../../include/openssl/bio.h
85md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
86md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
87md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
88md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
89md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
90md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h md2_one.c
diff --git a/src/lib/libssl/src/crypto/md4/Makefile.ssl b/src/lib/libssl/src/crypto/md4/Makefile.ssl
new file mode 100644
index 0000000000..9e38bf607f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md4/Makefile.ssl
@@ -0,0 +1,88 @@
1#
2# SSLeay/crypto/md4/Makefile
3#
4
5DIR= md4
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20CFLAGS= $(INCLUDES) $(CFLAG)
21
22GENERAL=Makefile
23TEST=md4test.c
24APPS=md4.c
25
26LIB=$(TOP)/libcrypto.a
27LIBSRC=md4_dgst.c md4_one.c
28LIBOBJ=md4_dgst.o md4_one.o
29
30SRC= $(LIBSRC)
31
32EXHEADER= md4.h
33HEADER= md4_locl.h $(EXHEADER)
34
35ALL= $(GENERAL) $(SRC) $(HEADER)
36
37top:
38 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
39
40all: lib
41
42lib: $(LIBOBJ)
43 $(AR) $(LIB) $(LIBOBJ)
44 $(RANLIB) $(LIB) || echo Never mind.
45 @touch lib
46
47files:
48 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
49
50links:
51 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
52 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
53 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
54 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
55
56install:
57 @for i in $(EXHEADER) ; \
58 do \
59 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
60 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
61 done;
62
63tags:
64 ctags $(SRC)
65
66tests:
67
68lint:
69 lint -DLINT $(INCLUDES) $(SRC)>fluff
70
71depend:
72 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
73
74dclean:
75 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
76 mv -f Makefile.new $(MAKEFILE)
77
78clean:
79 rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
80
81# DO NOT DELETE THIS LINE -- make depend depends on it.
82
83md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h
84md4_dgst.o: ../../include/openssl/opensslconf.h
85md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c
86md4_dgst.o: md4_locl.h
87md4_one.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h
88md4_one.o: ../../include/openssl/opensslconf.h md4_one.c
diff --git a/src/lib/libssl/src/crypto/md5/Makefile.ssl b/src/lib/libssl/src/crypto/md5/Makefile.ssl
new file mode 100644
index 0000000000..a7a92e9588
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/Makefile.ssl
@@ -0,0 +1,135 @@
1#
2# SSLeay/crypto/md5/Makefile
3#
4
5DIR= md5
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20MD5_ASM_OBJ=
21
22CFLAGS= $(INCLUDES) $(CFLAG)
23
24# We let the C compiler driver to take care of .s files. This is done in
25# order to be excused from maintaining a separate set of architecture
26# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
27# gcc, then the driver will automatically translate it to -xarch=v8plus
28# and pass it down to assembler.
29AS=$(CC) -c
30ASFLAGS=$(CFLAGS)
31
32GENERAL=Makefile
33TEST=md5test.c
34APPS=
35
36LIB=$(TOP)/libcrypto.a
37LIBSRC=md5_dgst.c md5_one.c
38LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
39
40SRC= $(LIBSRC)
41
42EXHEADER= md5.h
43HEADER= md5_locl.h $(EXHEADER)
44
45ALL= $(GENERAL) $(SRC) $(HEADER)
46
47top:
48 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
49
50all: lib
51
52lib: $(LIBOBJ)
53 $(AR) $(LIB) $(LIBOBJ)
54 $(RANLIB) $(LIB) || echo Never mind.
55 @touch lib
56
57# elf
58asm/mx86-elf.o: asm/mx86unix.cpp
59 $(CPP) -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o
60
61# solaris
62asm/mx86-sol.o: asm/mx86unix.cpp
63 $(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
64 as -o asm/mx86-sol.o asm/mx86-sol.s
65 rm -f asm/mx86-sol.s
66
67# a.out
68asm/mx86-out.o: asm/mx86unix.cpp
69 $(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
70
71# bsdi
72asm/mx86bsdi.o: asm/mx86unix.cpp
73 $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o
74
75asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl
76 (cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp)
77
78asm/md5-sparcv8plus.o: asm/md5-sparcv9.S
79 $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
80 -o asm/md5-sparcv8plus.o asm/md5-sparcv9.S
81
82# Old GNU assembler doesn't understand V9 instructions, so we
83# hire /usr/ccs/bin/as to do the job. Note that option is called
84# *-gcc27, but even gcc 2>=8 users may experience similar problem
85# if they didn't bother to upgrade GNU assembler. Such users should
86# not choose this option, but be adviced to *remove* GNU assembler
87# or upgrade it.
88asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S
89 $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \
90 /usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o
91
92asm/md5-sparcv9.o: asm/md5-sparcv9.S
93 $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
94 -o asm/md5-sparcv9.o asm/md5-sparcv9.S
95
96files:
97 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
98
99links:
100 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
101 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
102 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
103 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
104
105install:
106 @for i in $(EXHEADER) ; \
107 do \
108 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
109 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
110 done;
111
112tags:
113 ctags $(SRC)
114
115tests:
116
117lint:
118 lint -DLINT $(INCLUDES) $(SRC)>fluff
119
120depend:
121 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
122
123dclean:
124 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
125 mv -f Makefile.new $(MAKEFILE)
126
127clean:
128 rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
129
130# DO NOT DELETE THIS LINE -- make depend depends on it.
131
132md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
133md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c
134md5_dgst.o: md5_locl.h
135md5_one.o: ../../include/openssl/md5.h md5_one.c
diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile.ssl b/src/lib/libssl/src/crypto/mdc2/Makefile.ssl
new file mode 100644
index 0000000000..d8b512d2d6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/mdc2/Makefile.ssl
@@ -0,0 +1,98 @@
1#
2# SSLeay/crypto/mdc2/Makefile
3#
4
5DIR= mdc2
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST= mdc2test.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=mdc2dgst.c mdc2_one.c
27LIBOBJ=mdc2dgst.o mdc2_one.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= mdc2.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
83mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
84mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
85mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
86mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
87mdc2_one.o: ../../include/openssl/opensslconf.h
88mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
89mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
90mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
91mdc2_one.o: ../cryptlib.h mdc2_one.c
92mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
93mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
94mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
95mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
96mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
97mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
98mdc2dgst.o: mdc2dgst.c
diff --git a/src/lib/libssl/src/crypto/objects/Makefile.ssl b/src/lib/libssl/src/crypto/objects/Makefile.ssl
new file mode 100644
index 0000000000..1e990107d3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/Makefile.ssl
@@ -0,0 +1,122 @@
1#
2# SSLeay/crypto/objects/Makefile
3#
4
5DIR= objects
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= o_names.c obj_dat.c obj_lib.c obj_err.c
27LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= objects.h obj_mac.h
32HEADER= $(EXHEADER) obj_dat.h
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: obj_dat.h lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46obj_dat.h: obj_dat.pl obj_mac.h
47 $(PERL) obj_dat.pl obj_mac.h obj_dat.h
48
49# objects.pl both reads and writes obj_mac.num
50obj_mac.h: objects.pl objects.txt obj_mac.num
51 $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
52
53files:
54 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
55
56links:
57 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
58 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
59 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
60 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
61
62install:
63 @for i in $(EXHEADER) ; \
64 do \
65 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
66 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
67 done;
68
69tags:
70 ctags $(SRC)
71
72tests:
73
74lint:
75 lint -DLINT $(INCLUDES) $(SRC)>fluff
76
77depend:
78 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
79
80dclean:
81 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
82 mv -f Makefile.new $(MAKEFILE)
83
84clean:
85 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
86
87# DO NOT DELETE THIS LINE -- make depend depends on it.
88
89o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
90o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
91o_names.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
92o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
93o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
94o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
95o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
96o_names.o: o_names.c
97obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
98obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
99obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
100obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
101obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
102obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
103obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
104obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
105obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h
106obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
107obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
108obj_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
109obj_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
110obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
111obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
112obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
113obj_err.o: ../../include/openssl/symhacks.h obj_err.c
114obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
115obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
116obj_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
117obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
118obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
119obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
120obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
121obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
122obj_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_lib.c
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c
index 3ff64bb8d1..02c3719f04 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.c
@@ -436,7 +436,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
436 unsigned long l; 436 unsigned long l;
437 unsigned char *p; 437 unsigned char *p;
438 const char *s; 438 const char *s;
439 char tbuf[32]; 439 char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];
440 440
441 if (buf_len <= 0) return(0); 441 if (buf_len <= 0) return(0);
442 442
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h
deleted file mode 100644
index 39cfcda783..0000000000
--- a/src/lib/libssl/src/crypto/objects/obj_dat.h
+++ /dev/null
@@ -1,2842 +0,0 @@
1/* crypto/objects/obj_dat.h */
2
3/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
4 * following command:
5 * perl obj_dat.pl obj_mac.h obj_dat.h
6 */
7
8/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
9 * All rights reserved.
10 *
11 * This package is an SSL implementation written
12 * by Eric Young (eay@cryptsoft.com).
13 * The implementation was written so as to conform with Netscapes SSL.
14 *
15 * This library is free for commercial and non-commercial use as long as
16 * the following conditions are aheared to. The following conditions
17 * apply to all code found in this distribution, be it the RC4, RSA,
18 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
19 * included with this distribution is covered by the same copyright terms
20 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
21 *
22 * Copyright remains Eric Young's, and as such any Copyright notices in
23 * the code are not to be removed.
24 * If this package is used in a product, Eric Young should be given attribution
25 * as the author of the parts of the library used.
26 * This can be in the form of a textual message at program startup or
27 * in documentation (online or textual) provided with the package.
28 *
29 * Redistribution and use in source and binary forms, with or without
30 * modification, are permitted provided that the following conditions
31 * are met:
32 * 1. Redistributions of source code must retain the copyright
33 * notice, this list of conditions and the following disclaimer.
34 * 2. Redistributions in binary form must reproduce the above copyright
35 * notice, this list of conditions and the following disclaimer in the
36 * documentation and/or other materials provided with the distribution.
37 * 3. All advertising materials mentioning features or use of this software
38 * must display the following acknowledgement:
39 * "This product includes cryptographic software written by
40 * Eric Young (eay@cryptsoft.com)"
41 * The word 'cryptographic' can be left out if the rouines from the library
42 * being used are not cryptographic related :-).
43 * 4. If you include any Windows specific code (or a derivative thereof) from
44 * the apps directory (application code) you must include an acknowledgement:
45 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
46 *
47 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
50 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
57 * SUCH DAMAGE.
58 *
59 * The licence and distribution terms for any publically available version or
60 * derivative of this code cannot be changed. i.e. this code cannot simply be
61 * copied and put under another distribution licence
62 * [including the GNU Public Licence.]
63 */
64
65#define NUM_NID 510
66#define NUM_SN 507
67#define NUM_LN 507
68#define NUM_OBJ 481
69
70static unsigned char lvalues[3881]={
710x00, /* [ 0] OBJ_undef */
720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
740x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */
750x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */
760x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */
770x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */
780x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */
790x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */
800x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */
810x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */
820x55, /* [ 83] OBJ_X500 */
830x55,0x04, /* [ 84] OBJ_X509 */
840x55,0x04,0x03, /* [ 86] OBJ_commonName */
850x55,0x04,0x06, /* [ 89] OBJ_countryName */
860x55,0x04,0x07, /* [ 92] OBJ_localityName */
870x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */
880x55,0x04,0x0A, /* [ 98] OBJ_organizationName */
890x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */
900x55,0x08,0x01,0x01, /* [104] OBJ_rsa */
910x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */
920x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */
930x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */
940x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */
950x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */
960x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */
970x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */
980x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */
990x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */
1000x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */
1010x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */
1020x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */
1030x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede_ecb */
1040x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */
1050x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [218] OBJ_rc2_cbc */
1060x2B,0x0E,0x03,0x02,0x12, /* [226] OBJ_sha */
1070x2B,0x0E,0x03,0x02,0x0F, /* [231] OBJ_shaWithRSAEncryption */
1080x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [236] OBJ_des_ede3_cbc */
1090x2B,0x0E,0x03,0x02,0x08, /* [244] OBJ_des_ofb64 */
1100x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [249] OBJ_pkcs9 */
1110x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */
1120x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */
1130x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */
1140x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */
1150x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */
1160x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */
1170x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */
1180x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */
1190x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */
1200x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [338] OBJ_netscape */
1210x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [345] OBJ_netscape_cert_extension */
1220x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [353] OBJ_netscape_data_type */
1230x2B,0x0E,0x03,0x02,0x1A, /* [361] OBJ_sha1 */
1240x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */
1250x2B,0x0E,0x03,0x02,0x0D, /* [375] OBJ_dsaWithSHA */
1260x2B,0x0E,0x03,0x02,0x0C, /* [380] OBJ_dsa_2 */
1270x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */
1280x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */
1290x2B,0x0E,0x03,0x02,0x1B, /* [403] OBJ_dsaWithSHA1_2 */
1300x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */
1310x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */
1320x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */
1330x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */
1340x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */
1350x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */
1360x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */
1370x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */
1380x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */
1390x55,0x1D, /* [489] OBJ_id_ce */
1400x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */
1410x55,0x1D,0x0F, /* [494] OBJ_key_usage */
1420x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */
1430x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */
1440x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */
1450x55,0x1D,0x13, /* [506] OBJ_basic_constraints */
1460x55,0x1D,0x14, /* [509] OBJ_crl_number */
1470x55,0x1D,0x20, /* [512] OBJ_certificate_policies */
1480x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */
1490x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */
1500x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */
1510x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */
1520x55,0x04,0x2A, /* [535] OBJ_givenName */
1530x55,0x04,0x04, /* [538] OBJ_surname */
1540x55,0x04,0x2B, /* [541] OBJ_initials */
1550x55,0x1D,0x1F, /* [544] OBJ_crl_distribution_points */
1560x2B,0x0E,0x03,0x02,0x03, /* [547] OBJ_md5WithRSA */
1570x55,0x04,0x05, /* [552] OBJ_serialNumber */
1580x55,0x04,0x0C, /* [555] OBJ_title */
1590x55,0x04,0x0D, /* [558] OBJ_description */
1600x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */
1610x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */
1620x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [579] OBJ_dsaWithSHA1 */
1630x2B,0x0E,0x03,0x02,0x1D, /* [586] OBJ_sha1WithRSA */
1640x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [591] OBJ_dsa */
1650x2B,0x24,0x03,0x02,0x01, /* [598] OBJ_ripemd160 */
1660x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */
1670x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */
1680x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */
1690x29,0x01,0x01,0x85,0x1A,0x02, /* [623] OBJ_zlib_compression */
1700x55,0x1D,0x25, /* [629] OBJ_ext_key_usage */
1710x2B,0x06,0x01,0x05,0x05,0x07, /* [632] OBJ_id_pkix */
1720x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [638] OBJ_id_kp */
1730x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [645] OBJ_server_auth */
1740x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [653] OBJ_client_auth */
1750x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [661] OBJ_code_sign */
1760x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [669] OBJ_email_protect */
1770x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [677] OBJ_time_stamp */
1780x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */
1790x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */
1800x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */
1810x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */
1820x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */
1830x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */
1840x55,0x1D,0x1B, /* [744] OBJ_delta_crl */
1850x55,0x1D,0x15, /* [747] OBJ_crl_reason */
1860x55,0x1D,0x18, /* [750] OBJ_invalidity_date */
1870x2B,0x65,0x01,0x04,0x01, /* [753] OBJ_sxnet */
1880x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */
1890x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */
1900x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
1910x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
1920x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */
1930x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */
1940x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */
1950x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */
1960x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */
1970x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */
1980x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */
1990x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */
2000x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */
2010x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */
2020x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */
2030x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */
2040x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */
2050x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */
2060x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */
2070x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [950] OBJ_hmacWithSHA1 */
2080x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [958] OBJ_id_qt_cps */
2090x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [966] OBJ_id_qt_unotice */
2100x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */
2110x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */
2120x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */
2130x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */
2140x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */
2150x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */
2160x55,0x04,0x29, /* [1029] OBJ_name */
2170x55,0x04,0x2E, /* [1032] OBJ_dnQualifier */
2180x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1035] OBJ_id_pe */
2190x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1042] OBJ_id_ad */
2200x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1049] OBJ_info_access */
2210x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1057] OBJ_ad_OCSP */
2220x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1065] OBJ_ad_ca_issuers */
2230x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1073] OBJ_OCSP_sign */
2240x28, /* [1081] OBJ_iso */
2250x2A, /* [1082] OBJ_member_body */
2260x2A,0x86,0x48, /* [1083] OBJ_ISO_US */
2270x2A,0x86,0x48,0xCE,0x38, /* [1086] OBJ_X9_57 */
2280x2A,0x86,0x48,0xCE,0x38,0x04, /* [1091] OBJ_X9cm */
2290x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1097] OBJ_pkcs1 */
2300x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1105] OBJ_pkcs5 */
2310x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */
2320x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */
2330x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */
2340x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */
2350x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */
2360x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */
2370x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */
2380x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */
2390x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */
2400x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */
2410x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */
2420x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */
2430x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */
2440x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */
2450x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */
2460x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */
2470x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */
2480x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */
2490x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */
2500x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */
2510x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */
2520x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */
2530x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */
2540x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */
2550x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */
2560x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */
2570x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */
2580x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */
2590x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */
2600x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */
2610x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */
2620x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */
2630x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */
2640x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */
2650x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */
2660x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */
2670x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */
2680x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */
2690x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */
2700x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */
2710x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */
2720x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */
2730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */
2740x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */
2750x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */
2760x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */
2770x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */
2780x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */
2790x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */
2800x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */
2810x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */
2820x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */
2830x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */
2840x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */
2850x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */
2860x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */
2870x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */
2880x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */
2890x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */
2900x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */
2910x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */
2920x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */
2930x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */
2940x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */
2950x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */
2960x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */
2970x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */
2980x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */
2990x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */
3000x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1863] OBJ_md4 */
3010x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1871] OBJ_id_pkix_mod */
3020x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1878] OBJ_id_qt */
3030x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1885] OBJ_id_it */
3040x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1892] OBJ_id_pkip */
3050x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1899] OBJ_id_alg */
3060x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1906] OBJ_id_cmc */
3070x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1913] OBJ_id_on */
3080x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1920] OBJ_id_pda */
3090x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1927] OBJ_id_aca */
3100x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1934] OBJ_id_qcs */
3110x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1941] OBJ_id_cct */
3120x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1948] OBJ_id_pkix1_explicit_88 */
3130x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1956] OBJ_id_pkix1_implicit_88 */
3140x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1964] OBJ_id_pkix1_explicit_93 */
3150x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1972] OBJ_id_pkix1_implicit_93 */
3160x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1980] OBJ_id_mod_crmf */
3170x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1988] OBJ_id_mod_cmc */
3180x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1996] OBJ_id_mod_kea_profile_88 */
3190x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2004] OBJ_id_mod_kea_profile_93 */
3200x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2012] OBJ_id_mod_cmp */
3210x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2020] OBJ_id_mod_qualified_cert_88 */
3220x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2028] OBJ_id_mod_qualified_cert_93 */
3230x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2036] OBJ_id_mod_attribute_cert */
3240x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2044] OBJ_id_mod_timestamp_protocol */
3250x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2052] OBJ_id_mod_ocsp */
3260x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2060] OBJ_id_mod_dvcs */
3270x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2068] OBJ_id_mod_cmp2000 */
3280x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2076] OBJ_biometricInfo */
3290x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2084] OBJ_qcStatements */
3300x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */
3310x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */
3320x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */
3330x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbqp_ipAddrBlock */
3340x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbqp_autonomousSysNum */
3350x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbqp_routerIdentifier */
3360x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */
3370x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */
3380x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */
3390x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2164] OBJ_ipsecUser */
3400x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2172] OBJ_dvcs */
3410x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2180] OBJ_id_it_caProtEncCert */
3420x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2188] OBJ_id_it_signKeyPairTypes */
3430x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2196] OBJ_id_it_encKeyPairTypes */
3440x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2204] OBJ_id_it_preferredSymmAlg */
3450x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2212] OBJ_id_it_caKeyUpdateInfo */
3460x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2220] OBJ_id_it_currentCRL */
3470x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2228] OBJ_id_it_unsupportedOIDs */
3480x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2236] OBJ_id_it_subscriptionRequest */
3490x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2244] OBJ_id_it_subscriptionResponse */
3500x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2252] OBJ_id_it_keyPairParamReq */
3510x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2260] OBJ_id_it_keyPairParamRep */
3520x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2268] OBJ_id_it_revPassphrase */
3530x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2276] OBJ_id_it_implicitConfirm */
3540x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2284] OBJ_id_it_confirmWaitTime */
3550x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2292] OBJ_id_it_origPKIMessage */
3560x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2300] OBJ_id_regCtrl */
3570x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2308] OBJ_id_regInfo */
3580x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */
3590x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */
3600x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */
3610x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */
3620x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */
3630x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */
3640x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */
3650x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */
3660x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2388] OBJ_id_alg_des40 */
3670x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2396] OBJ_id_alg_noSignature */
3680x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */
3690x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2412] OBJ_id_alg_dh_pop */
3700x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2420] OBJ_id_cmc_statusInfo */
3710x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2428] OBJ_id_cmc_identification */
3720x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2436] OBJ_id_cmc_identityProof */
3730x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2444] OBJ_id_cmc_dataReturn */
3740x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2452] OBJ_id_cmc_transactionId */
3750x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2460] OBJ_id_cmc_senderNonce */
3760x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2468] OBJ_id_cmc_recipientNonce */
3770x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2476] OBJ_id_cmc_addExtensions */
3780x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2484] OBJ_id_cmc_encryptedPOP */
3790x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2492] OBJ_id_cmc_decryptedPOP */
3800x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2500] OBJ_id_cmc_lraPOPWitness */
3810x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2508] OBJ_id_cmc_getCert */
3820x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2516] OBJ_id_cmc_getCRL */
3830x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2524] OBJ_id_cmc_revokeRequest */
3840x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2532] OBJ_id_cmc_regInfo */
3850x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2540] OBJ_id_cmc_responseInfo */
3860x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2548] OBJ_id_cmc_queryPending */
3870x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2556] OBJ_id_cmc_popLinkRandom */
3880x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2564] OBJ_id_cmc_popLinkWitness */
3890x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2572] OBJ_id_cmc_confirmCertAcceptance */
3900x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2580] OBJ_id_on_personalData */
3910x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2588] OBJ_id_pda_dateOfBirth */
3920x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2596] OBJ_id_pda_placeOfBirth */
3930x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2604] OBJ_id_pda_gender */
3940x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2612] OBJ_id_pda_countryOfCitizenship */
3950x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2620] OBJ_id_pda_countryOfResidence */
3960x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2628] OBJ_id_aca_authenticationInfo */
3970x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2636] OBJ_id_aca_accessIdentity */
3980x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2644] OBJ_id_aca_chargingIdentity */
3990x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2652] OBJ_id_aca_group */
4000x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2660] OBJ_id_aca_role */
4010x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */
4020x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2676] OBJ_id_cct_crs */
4030x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2684] OBJ_id_cct_PKIData */
4040x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2692] OBJ_id_cct_PKIResponse */
4050x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2700] OBJ_ad_timeStamping */
4060x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2708] OBJ_ad_dvcs */
4070x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */
4080x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */
4090x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */
4100x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */
4110x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */
4120x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */
4130x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */
4140x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */
4150x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */
4160x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */
4170x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */
4180x2B,0x0E,0x03,0x02, /* [2815] OBJ_algorithm */
4190x2B,0x0E,0x03,0x02,0x0B, /* [2819] OBJ_rsaSignature */
4200x55,0x08, /* [2824] OBJ_X500algorithms */
4210x2B, /* [2826] OBJ_org */
4220x2B,0x06, /* [2827] OBJ_dod */
4230x2B,0x06,0x01, /* [2829] OBJ_iana */
4240x2B,0x06,0x01,0x01, /* [2832] OBJ_Directory */
4250x2B,0x06,0x01,0x02, /* [2836] OBJ_Management */
4260x2B,0x06,0x01,0x03, /* [2840] OBJ_Experimental */
4270x2B,0x06,0x01,0x04, /* [2844] OBJ_Private */
4280x2B,0x06,0x01,0x05, /* [2848] OBJ_Security */
4290x2B,0x06,0x01,0x06, /* [2852] OBJ_SNMPv2 */
4300x2B,0x06,0x01,0x07, /* [2856] OBJ_Mail */
4310x2B,0x06,0x01,0x04,0x01, /* [2860] OBJ_Enterprises */
4320x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */
4330x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */
4340x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */
4350x50, /* [2894] OBJ_joint_iso_ccitt */
4360x55,0x01,0x05, /* [2895] OBJ_selected_attribute_types */
4370x55,0x01,0x05,0x37, /* [2898] OBJ_clearance */
4380x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */
4390x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2911] OBJ_ac_proxying */
4400x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2919] OBJ_sinfo_access */
4410x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2927] OBJ_id_aca_encAttrs */
4420x55,0x04,0x48, /* [2935] OBJ_role */
4430x55,0x1D,0x24, /* [2938] OBJ_policy_constraints */
4440x55,0x1D,0x37, /* [2941] OBJ_target_information */
4450x55,0x1D,0x38, /* [2944] OBJ_no_rev_avail */
4460x00, /* [2947] OBJ_ccitt */
4470x2A,0x86,0x48,0xCE,0x3D, /* [2948] OBJ_ansi_X9_62 */
4480x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2953] OBJ_X9_62_prime_field */
4490x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2960] OBJ_X9_62_characteristic_two_field */
4500x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2967] OBJ_X9_62_id_ecPublicKey */
4510x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2974] OBJ_X9_62_prime192v1 */
4520x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2982] OBJ_X9_62_prime192v2 */
4530x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2990] OBJ_X9_62_prime192v3 */
4540x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2998] OBJ_X9_62_prime239v1 */
4550x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3006] OBJ_X9_62_prime239v2 */
4560x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3014] OBJ_X9_62_prime239v3 */
4570x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3022] OBJ_X9_62_prime256v1 */
4580x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3030] OBJ_ecdsa_with_SHA1 */
4590x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */
4600x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */
4610x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */
4620x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */
4630x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */
4640x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */
4650x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */
4660x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */
4670x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */
4680x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */
4690x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */
4700x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */
4710x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */
4720x55,0x1D,0x17, /* [3154] OBJ_hold_instruction_code */
4730x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3157] OBJ_hold_instruction_none */
4740x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3164] OBJ_hold_instruction_call_issuer */
4750x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3171] OBJ_hold_instruction_reject */
4760x09, /* [3178] OBJ_data */
4770x09,0x92,0x26, /* [3179] OBJ_pss */
4780x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3182] OBJ_ucl */
4790x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3189] OBJ_pilot */
4800x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */
4810x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */
4820x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */
4830x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */
4840x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */
4850x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */
4860x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */
4870x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */
4880x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */
4890x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */
4900x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */
4910x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */
4920x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */
4930x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */
4940x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */
4950x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */
4960x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */
4970x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */
4980x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */
4990x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */
5000x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */
5010x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */
5020x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */
5030x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */
5040x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */
5050x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */
5060x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */
5070x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */
5080x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */
5090x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */
5100x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */
5110x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */
5120x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */
5130x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */
5140x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */
5150x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */
5160x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */
5170x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */
5180x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */
5190x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */
5200x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */
5210x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */
5220x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */
5230x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */
5240x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */
5250x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */
5260x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */
5270x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */
5280x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */
5290x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */
5300x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */
5310x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */
5320x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */
5330x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */
5340x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */
5350x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */
5360x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */
5370x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */
5380x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */
5390x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */
5400x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */
5410x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */
5420x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */
5430x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */
5440x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */
5450x55,0x04,0x2D, /* [3843] OBJ_x500UniqueIdentifier */
5460x2B,0x06,0x01,0x07,0x01, /* [3846] OBJ_mime_mhs */
5470x2B,0x06,0x01,0x07,0x01,0x01, /* [3851] OBJ_mime_mhs_headings */
5480x2B,0x06,0x01,0x07,0x01,0x02, /* [3857] OBJ_mime_mhs_bodies */
5490x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */
5500x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */
5510x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */
552};
553
554static ASN1_OBJECT nid_objs[NUM_NID]={
555{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0},
556{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0},
557{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0},
558{"MD2","md2",NID_md2,8,&(lvalues[14]),0},
559{"MD5","md5",NID_md5,8,&(lvalues[22]),0},
560{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0},
561{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0},
562{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
563 &(lvalues[47]),0},
564{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
565 &(lvalues[56]),0},
566{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
567 &(lvalues[65]),0},
568{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
569 &(lvalues[74]),0},
570{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0},
571{"X509","X509",NID_X509,2,&(lvalues[84]),0},
572{"CN","commonName",NID_commonName,3,&(lvalues[86]),0},
573{"C","countryName",NID_countryName,3,&(lvalues[89]),0},
574{"L","localityName",NID_localityName,3,&(lvalues[92]),0},
575{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0},
576{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0},
577{"OU","organizationalUnitName",NID_organizationalUnitName,3,
578 &(lvalues[101]),0},
579{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0},
580{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0},
581{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0},
582{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
583 &(lvalues[125]),0},
584{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
585 &(lvalues[134]),0},
586{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
587 NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0},
588{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
589 &(lvalues[152]),0},
590{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
591 &(lvalues[161]),0},
592{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0},
593{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
594 &(lvalues[178]),0},
595{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0},
596{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
597{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
598{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0},
599{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL},
600{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
601{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
602{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
603{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0},
604{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
605{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
606{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
607{"SHA","sha",NID_sha,5,&(lvalues[226]),0},
608{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
609 &(lvalues[231]),0},
610{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
611{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0},
612{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0},
613{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
614{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0},
615{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
616 &(lvalues[257]),0},
617{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
618 &(lvalues[266]),0},
619{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0},
620{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
621 &(lvalues[284]),0},
622{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0},
623{"countersignature","countersignature",NID_pkcs9_countersignature,9,
624 &(lvalues[302]),0},
625{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
626 9,&(lvalues[311]),0},
627{"unstructuredAddress","unstructuredAddress",
628 NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0},
629{"extendedCertificateAttributes","extendedCertificateAttributes",
630 NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0},
631{"Netscape","Netscape Communications Corp.",NID_netscape,7,
632 &(lvalues[338]),0},
633{"nsCertExt","Netscape Certificate Extension",
634 NID_netscape_cert_extension,8,&(lvalues[345]),0},
635{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
636 &(lvalues[353]),0},
637{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
638{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
639{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
640{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
641{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0},
642{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
643 &(lvalues[366]),0},
644{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0},
645{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0},
646{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
647 9,&(lvalues[385]),0},
648{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0},
649{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0},
650{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
651 &(lvalues[408]),0},
652{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
653 &(lvalues[417]),0},
654{"nsRevocationUrl","Netscape Revocation Url",
655 NID_netscape_revocation_url,9,&(lvalues[426]),0},
656{"nsCaRevocationUrl","Netscape CA Revocation Url",
657 NID_netscape_ca_revocation_url,9,&(lvalues[435]),0},
658{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
659 &(lvalues[444]),0},
660{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
661 9,&(lvalues[453]),0},
662{"nsSslServerName","Netscape SSL Server Name",
663 NID_netscape_ssl_server_name,9,&(lvalues[462]),0},
664{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
665{"nsCertSequence","Netscape Certificate Sequence",
666 NID_netscape_cert_sequence,9,&(lvalues[480]),0},
667{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
668{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0},
669{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
670 NID_subject_key_identifier,3,&(lvalues[491]),0},
671{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0},
672{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
673 NID_private_key_usage_period,3,&(lvalues[497]),0},
674{"subjectAltName","X509v3 Subject Alternative Name",
675 NID_subject_alt_name,3,&(lvalues[500]),0},
676{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
677 3,&(lvalues[503]),0},
678{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
679 3,&(lvalues[506]),0},
680{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0},
681{"certificatePolicies","X509v3 Certificate Policies",
682 NID_certificate_policies,3,&(lvalues[512]),0},
683{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
684 NID_authority_key_identifier,3,&(lvalues[515]),0},
685{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0},
686{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
687{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
688{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
689{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0},
690{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
691{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
692{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
693{"gn","givenName",NID_givenName,3,&(lvalues[535]),0},
694{"SN","surname",NID_surname,3,&(lvalues[538]),0},
695{"initials","initials",NID_initials,3,&(lvalues[541]),0},
696{NULL,NULL,NID_undef,0,NULL},
697{"crlDistributionPoints","X509v3 CRL Distribution Points",
698 NID_crl_distribution_points,3,&(lvalues[544]),0},
699{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0},
700{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0},
701{"title","title",NID_title,3,&(lvalues[555]),0},
702{"description","description",NID_description,3,&(lvalues[558]),0},
703{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0},
704{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
705{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
706{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
707{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
708 NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0},
709{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0},
710{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
711{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0},
712{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0},
713{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0},
714{NULL,NULL,NID_undef,0,NULL},
715{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
716 &(lvalues[603]),0},
717{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0},
718{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
719{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
720{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
721{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0},
722{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0},
723{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
724 &(lvalues[629]),0},
725{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0},
726{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0},
727{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
728 &(lvalues[645]),0},
729{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
730 &(lvalues[653]),0},
731{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0},
732{"emailProtection","E-mail Protection",NID_email_protect,8,
733 &(lvalues[669]),0},
734{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0},
735{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
736 &(lvalues[685]),0},
737{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
738 &(lvalues[695]),0},
739{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
740 &(lvalues[705]),0},
741{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0},
742{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
743 &(lvalues[725]),0},
744{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0},
745{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
746 &(lvalues[744]),0},
747{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0},
748{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
749 &(lvalues[750]),0},
750{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0},
751{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
752 NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0},
753{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
754 NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0},
755{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
756 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0},
757{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
758 NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0},
759{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
760 NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0},
761{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
762 NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0},
763{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0},
764{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
765 11,&(lvalues[829]),0},
766{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0},
767{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0},
768{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0},
769{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
770 &(lvalues[873]),0},
771{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0},
772{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0},
773{"x509Certificate","x509Certificate",NID_x509Certificate,10,
774 &(lvalues[902]),0},
775{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
776 &(lvalues[912]),0},
777{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0},
778{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0},
779{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0},
780{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0},
781{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0},
782{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
783 &(lvalues[966]),0},
784{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
785{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
786 &(lvalues[974]),0},
787{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
788 &(lvalues[983]),0},
789{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
790 &(lvalues[992]),0},
791{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
792 &(lvalues[1001]),0},
793{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
794 &(lvalues[1010]),0},
795{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0},
796{"name","name",NID_name,3,&(lvalues[1029]),0},
797{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0},
798{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0},
799{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0},
800{"authorityInfoAccess","Authority Information Access",NID_info_access,
801 8,&(lvalues[1049]),0},
802{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0},
803{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0},
804{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0},
805{"ISO","iso",NID_iso,1,&(lvalues[1081]),0},
806{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0},
807{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0},
808{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0},
809{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0},
810{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0},
811{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0},
812{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0},
813{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0},
814{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0},
815{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0},
816{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0},
817{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0},
818{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0},
819{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0},
820{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
821 &(lvalues[1192]),0},
822{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
823 &(lvalues[1203]),0},
824{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
825 &(lvalues[1214]),0},
826{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
827 11,&(lvalues[1225]),0},
828{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
829 NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0},
830{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
831 NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0},
832{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
833 NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0},
834{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
835 NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0},
836{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
837 11,&(lvalues[1280]),0},
838{"id-smime-ct-authData","id-smime-ct-authData",
839 NID_id_smime_ct_authData,11,&(lvalues[1291]),0},
840{"id-smime-ct-publishCert","id-smime-ct-publishCert",
841 NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0},
842{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
843 11,&(lvalues[1313]),0},
844{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
845 11,&(lvalues[1324]),0},
846{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
847 NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0},
848{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
849 NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0},
850{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
851 NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0},
852{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
853 NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0},
854{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
855 NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0},
856{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
857 NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0},
858{"id-smime-aa-contentHint","id-smime-aa-contentHint",
859 NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0},
860{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
861 NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0},
862{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
863 NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0},
864{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
865 NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0},
866{"id-smime-aa-macValue","id-smime-aa-macValue",
867 NID_id_smime_aa_macValue,11,&(lvalues[1445]),0},
868{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
869 NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0},
870{"id-smime-aa-contentReference","id-smime-aa-contentReference",
871 NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0},
872{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
873 NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0},
874{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
875 NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0},
876{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
877 NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0},
878{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
879 NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0},
880{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
881 NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0},
882{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
883 NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0},
884{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
885 NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0},
886{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
887 NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0},
888{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
889 NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0},
890{"id-smime-aa-ets-contentTimestamp",
891 "id-smime-aa-ets-contentTimestamp",
892 NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0},
893{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
894 NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0},
895{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
896 NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0},
897{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
898 NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0},
899{"id-smime-aa-ets-revocationValues",
900 "id-smime-aa-ets-revocationValues",
901 NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0},
902{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
903 NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0},
904{"id-smime-aa-ets-certCRLTimestamp",
905 "id-smime-aa-ets-certCRLTimestamp",
906 NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0},
907{"id-smime-aa-ets-archiveTimeStamp",
908 "id-smime-aa-ets-archiveTimeStamp",
909 NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0},
910{"id-smime-aa-signatureType","id-smime-aa-signatureType",
911 NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0},
912{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
913 NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0},
914{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
915 NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0},
916{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
917 NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0},
918{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
919 NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0},
920{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
921 NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0},
922{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
923 &(lvalues[1731]),0},
924{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
925 NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0},
926{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
927 NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0},
928{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
929 &(lvalues[1764]),0},
930{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
931 NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0},
932{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
933 NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0},
934{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
935 NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0},
936{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
937 NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0},
938{"id-smime-cti-ets-proofOfDelivery",
939 "id-smime-cti-ets-proofOfDelivery",
940 NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0},
941{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
942 NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0},
943{"id-smime-cti-ets-proofOfApproval",
944 "id-smime-cti-ets-proofOfApproval",
945 NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0},
946{"id-smime-cti-ets-proofOfCreation",
947 "id-smime-cti-ets-proofOfCreation",
948 NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0},
949{"MD4","md4",NID_md4,8,&(lvalues[1863]),0},
950{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0},
951{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0},
952{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0},
953{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0},
954{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0},
955{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0},
956{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0},
957{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0},
958{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0},
959{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0},
960{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0},
961{"id-pkix1-explicit-88","id-pkix1-explicit-88",
962 NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0},
963{"id-pkix1-implicit-88","id-pkix1-implicit-88",
964 NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0},
965{"id-pkix1-explicit-93","id-pkix1-explicit-93",
966 NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0},
967{"id-pkix1-implicit-93","id-pkix1-implicit-93",
968 NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0},
969{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0},
970{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0},
971{"id-mod-kea-profile-88","id-mod-kea-profile-88",
972 NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0},
973{"id-mod-kea-profile-93","id-mod-kea-profile-93",
974 NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0},
975{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0},
976{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
977 NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0},
978{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
979 NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0},
980{"id-mod-attribute-cert","id-mod-attribute-cert",
981 NID_id_mod_attribute_cert,8,&(lvalues[2036]),0},
982{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
983 NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0},
984{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0},
985{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0},
986{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
987 &(lvalues[2068]),0},
988{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0},
989{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0},
990{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
991 &(lvalues[2092]),0},
992{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0},
993{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0},
994{"sbqp-ipAddrBlock","sbqp-ipAddrBlock",NID_sbqp_ipAddrBlock,8,
995 &(lvalues[2116]),0},
996{"sbqp-autonomousSysNum","sbqp-autonomousSysNum",
997 NID_sbqp_autonomousSysNum,8,&(lvalues[2124]),0},
998{"sbqp-routerIdentifier","sbqp-routerIdentifier",
999 NID_sbqp_routerIdentifier,8,&(lvalues[2132]),0},
1000{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0},
1001{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
1002 &(lvalues[2148]),0},
1003{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0},
1004{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0},
1005{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0},
1006{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
1007 8,&(lvalues[2180]),0},
1008{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
1009 NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0},
1010{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
1011 NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0},
1012{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
1013 NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0},
1014{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
1015 NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0},
1016{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
1017 &(lvalues[2220]),0},
1018{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
1019 NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0},
1020{"id-it-subscriptionRequest","id-it-subscriptionRequest",
1021 NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0},
1022{"id-it-subscriptionResponse","id-it-subscriptionResponse",
1023 NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0},
1024{"id-it-keyPairParamReq","id-it-keyPairParamReq",
1025 NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0},
1026{"id-it-keyPairParamRep","id-it-keyPairParamRep",
1027 NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0},
1028{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
1029 8,&(lvalues[2268]),0},
1030{"id-it-implicitConfirm","id-it-implicitConfirm",
1031 NID_id_it_implicitConfirm,8,&(lvalues[2276]),0},
1032{"id-it-confirmWaitTime","id-it-confirmWaitTime",
1033 NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0},
1034{"id-it-origPKIMessage","id-it-origPKIMessage",
1035 NID_id_it_origPKIMessage,8,&(lvalues[2292]),0},
1036{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0},
1037{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0},
1038{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
1039 9,&(lvalues[2316]),0},
1040{"id-regCtrl-authenticator","id-regCtrl-authenticator",
1041 NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0},
1042{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
1043 NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0},
1044{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
1045 NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0},
1046{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
1047 NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0},
1048{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
1049 NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0},
1050{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
1051 NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0},
1052{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
1053 &(lvalues[2379]),0},
1054{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0},
1055{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
1056 &(lvalues[2396]),0},
1057{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
1058 NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0},
1059{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0},
1060{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
1061 &(lvalues[2420]),0},
1062{"id-cmc-identification","id-cmc-identification",
1063 NID_id_cmc_identification,8,&(lvalues[2428]),0},
1064{"id-cmc-identityProof","id-cmc-identityProof",
1065 NID_id_cmc_identityProof,8,&(lvalues[2436]),0},
1066{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
1067 &(lvalues[2444]),0},
1068{"id-cmc-transactionId","id-cmc-transactionId",
1069 NID_id_cmc_transactionId,8,&(lvalues[2452]),0},
1070{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
1071 &(lvalues[2460]),0},
1072{"id-cmc-recipientNonce","id-cmc-recipientNonce",
1073 NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0},
1074{"id-cmc-addExtensions","id-cmc-addExtensions",
1075 NID_id_cmc_addExtensions,8,&(lvalues[2476]),0},
1076{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
1077 8,&(lvalues[2484]),0},
1078{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
1079 8,&(lvalues[2492]),0},
1080{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
1081 NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0},
1082{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
1083 &(lvalues[2508]),0},
1084{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0},
1085{"id-cmc-revokeRequest","id-cmc-revokeRequest",
1086 NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0},
1087{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
1088 &(lvalues[2532]),0},
1089{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
1090 8,&(lvalues[2540]),0},
1091{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
1092 8,&(lvalues[2548]),0},
1093{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
1094 NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0},
1095{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
1096 NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0},
1097{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
1098 NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0},
1099{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
1100 &(lvalues[2580]),0},
1101{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
1102 &(lvalues[2588]),0},
1103{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
1104 8,&(lvalues[2596]),0},
1105{NULL,NULL,NID_undef,0,NULL},
1106{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0},
1107{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
1108 NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0},
1109{"id-pda-countryOfResidence","id-pda-countryOfResidence",
1110 NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0},
1111{"id-aca-authenticationInfo","id-aca-authenticationInfo",
1112 NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0},
1113{"id-aca-accessIdentity","id-aca-accessIdentity",
1114 NID_id_aca_accessIdentity,8,&(lvalues[2636]),0},
1115{"id-aca-chargingIdentity","id-aca-chargingIdentity",
1116 NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0},
1117{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0},
1118{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0},
1119{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
1120 NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0},
1121{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0},
1122{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
1123 &(lvalues[2684]),0},
1124{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
1125 &(lvalues[2692]),0},
1126{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
1127 &(lvalues[2700]),0},
1128{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0},
1129{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
1130 &(lvalues[2716]),0},
1131{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0},
1132{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0},
1133{"acceptableResponses","Acceptable OCSP Responses",
1134 NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0},
1135{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0},
1136{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
1137 9,&(lvalues[2761]),0},
1138{"serviceLocator","OCSP Service Locator",
1139 NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0},
1140{"extendedStatus","Extended OCSP Status",
1141 NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0},
1142{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0},
1143{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0},
1144{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
1145 &(lvalues[2806]),0},
1146{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0},
1147{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0},
1148{"X500algorithms","directory services - algorithms",
1149 NID_X500algorithms,2,&(lvalues[2824]),0},
1150{"ORG","org",NID_org,1,&(lvalues[2826]),0},
1151{"DOD","dod",NID_dod,2,&(lvalues[2827]),0},
1152{"IANA","iana",NID_iana,3,&(lvalues[2829]),0},
1153{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0},
1154{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0},
1155{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0},
1156{"private","Private",NID_Private,4,&(lvalues[2844]),0},
1157{"security","Security",NID_Security,4,&(lvalues[2848]),0},
1158{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0},
1159{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0},
1160{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0},
1161{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0},
1162{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0},
1163{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0},
1164{"JOINT-ISO-CCITT","joint-iso-ccitt",NID_joint_iso_ccitt,1,
1165 &(lvalues[2894]),0},
1166{"selected-attribute-types","Selected Attribute Types",
1167 NID_selected_attribute_types,3,&(lvalues[2895]),0},
1168{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0},
1169{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
1170 &(lvalues[2902]),0},
1171{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0},
1172{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
1173 &(lvalues[2919]),0},
1174{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
1175 &(lvalues[2927]),0},
1176{"role","role",NID_role,3,&(lvalues[2935]),0},
1177{"policyConstraints","X509v3 Policy Constraints",
1178 NID_policy_constraints,3,&(lvalues[2938]),0},
1179{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
1180 &(lvalues[2941]),0},
1181{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
1182 &(lvalues[2944]),0},
1183{"CCITT","ccitt",NID_ccitt,1,&(lvalues[2947]),0},
1184{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0},
1185{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0},
1186{"characteristic-two-field","characteristic-two-field",
1187 NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0},
1188{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
1189 &(lvalues[2967]),0},
1190{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0},
1191{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0},
1192{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0},
1193{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0},
1194{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0},
1195{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0},
1196{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0},
1197{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
1198 &(lvalues[3030]),0},
1199{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0},
1200{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0},
1201{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0},
1202{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0},
1203{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0},
1204{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0},
1205{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0},
1206{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0},
1207{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0},
1208{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0},
1209{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0},
1210{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0},
1211{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0},
1212{"holdInstructionCode","Hold Instruction Code",
1213 NID_hold_instruction_code,3,&(lvalues[3154]),0},
1214{"holdInstructionNone","Hold Instruction None",
1215 NID_hold_instruction_none,7,&(lvalues[3157]),0},
1216{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
1217 NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0},
1218{"holdInstructionReject","Hold Instruction Reject",
1219 NID_hold_instruction_reject,7,&(lvalues[3171]),0},
1220{"data","data",NID_data,1,&(lvalues[3178]),0},
1221{"pss","pss",NID_pss,3,&(lvalues[3179]),0},
1222{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0},
1223{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0},
1224{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
1225 &(lvalues[3197]),0},
1226{"pilotAttributeSyntax","pilotAttributeSyntax",
1227 NID_pilotAttributeSyntax,9,&(lvalues[3206]),0},
1228{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
1229 &(lvalues[3215]),0},
1230{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0},
1231{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
1232 &(lvalues[3233]),0},
1233{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
1234 NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0},
1235{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0},
1236{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0},
1237{"account","account",NID_account,10,&(lvalues[3273]),0},
1238{"document","document",NID_document,10,&(lvalues[3283]),0},
1239{"room","room",NID_room,10,&(lvalues[3293]),0},
1240{"documentSeries","documentSeries",NID_documentSeries,10,
1241 &(lvalues[3303]),0},
1242{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
1243 &(lvalues[3313]),0},
1244{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0},
1245{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
1246 10,&(lvalues[3333]),0},
1247{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
1248 &(lvalues[3343]),0},
1249{"simpleSecurityObject","simpleSecurityObject",
1250 NID_simpleSecurityObject,10,&(lvalues[3353]),0},
1251{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
1252 &(lvalues[3363]),0},
1253{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0},
1254{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
1255 10,&(lvalues[3383]),0},
1256{"UID","userId",NID_userId,10,&(lvalues[3393]),0},
1257{"textEncodedORAddress","textEncodedORAddress",
1258 NID_textEncodedORAddress,10,&(lvalues[3403]),0},
1259{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0},
1260{"info","info",NID_info,10,&(lvalues[3423]),0},
1261{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
1262 &(lvalues[3433]),0},
1263{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0},
1264{"photo","photo",NID_photo,10,&(lvalues[3453]),0},
1265{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0},
1266{"host","host",NID_host,10,&(lvalues[3473]),0},
1267{"manager","manager",NID_manager,10,&(lvalues[3483]),0},
1268{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
1269 &(lvalues[3493]),0},
1270{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0},
1271{"documentVersion","documentVersion",NID_documentVersion,10,
1272 &(lvalues[3513]),0},
1273{"documentAuthor","documentAuthor",NID_documentAuthor,10,
1274 &(lvalues[3523]),0},
1275{"documentLocation","documentLocation",NID_documentLocation,10,
1276 &(lvalues[3533]),0},
1277{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
1278 10,&(lvalues[3543]),0},
1279{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0},
1280{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0},
1281{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
1282 &(lvalues[3573]),0},
1283{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
1284 &(lvalues[3583]),0},
1285{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0},
1286{"pilotAttributeType27","pilotAttributeType27",
1287 NID_pilotAttributeType27,10,&(lvalues[3603]),0},
1288{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0},
1289{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0},
1290{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0},
1291{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0},
1292{"associatedDomain","associatedDomain",NID_associatedDomain,10,
1293 &(lvalues[3653]),0},
1294{"associatedName","associatedName",NID_associatedName,10,
1295 &(lvalues[3663]),0},
1296{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
1297 &(lvalues[3673]),0},
1298{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0},
1299{"mobileTelephoneNumber","mobileTelephoneNumber",
1300 NID_mobileTelephoneNumber,10,&(lvalues[3693]),0},
1301{"pagerTelephoneNumber","pagerTelephoneNumber",
1302 NID_pagerTelephoneNumber,10,&(lvalues[3703]),0},
1303{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
1304 10,&(lvalues[3713]),0},
1305{"organizationalStatus","organizationalStatus",
1306 NID_organizationalStatus,10,&(lvalues[3723]),0},
1307{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0},
1308{"mailPreferenceOption","mailPreferenceOption",
1309 NID_mailPreferenceOption,10,&(lvalues[3743]),0},
1310{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0},
1311{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0},
1312{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
1313 &(lvalues[3773]),0},
1314{"subtreeMinimumQuality","subtreeMinimumQuality",
1315 NID_subtreeMinimumQuality,10,&(lvalues[3783]),0},
1316{"subtreeMaximumQuality","subtreeMaximumQuality",
1317 NID_subtreeMaximumQuality,10,&(lvalues[3793]),0},
1318{"personalSignature","personalSignature",NID_personalSignature,10,
1319 &(lvalues[3803]),0},
1320{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0},
1321{"audio","audio",NID_audio,10,&(lvalues[3823]),0},
1322{"documentPublisher","documentPublisher",NID_documentPublisher,10,
1323 &(lvalues[3833]),0},
1324{"x500UniqueIdentifier","x500UniqueIdentifier",
1325 NID_x500UniqueIdentifier,3,&(lvalues[3843]),0},
1326{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0},
1327{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
1328 &(lvalues[3851]),0},
1329{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
1330 &(lvalues[3857]),0},
1331{"id-hex-partial-message","id-hex-partial-message",
1332 NID_id_hex_partial_message,7,&(lvalues[3863]),0},
1333{"id-hex-multipart-message","id-hex-multipart-message",
1334 NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
1335{"generationQualifier","generationQualifier",NID_generationQualifier,
1336 3,&(lvalues[3877]),0},
1337};
1338
1339static ASN1_OBJECT *sn_objs[NUM_SN]={
1340&(nid_objs[364]),/* "AD_DVCS" */
1341&(nid_objs[419]),/* "AES-128-CBC" */
1342&(nid_objs[421]),/* "AES-128-CFB" */
1343&(nid_objs[418]),/* "AES-128-ECB" */
1344&(nid_objs[420]),/* "AES-128-OFB" */
1345&(nid_objs[423]),/* "AES-192-CBC" */
1346&(nid_objs[425]),/* "AES-192-CFB" */
1347&(nid_objs[422]),/* "AES-192-ECB" */
1348&(nid_objs[424]),/* "AES-192-OFB" */
1349&(nid_objs[427]),/* "AES-256-CBC" */
1350&(nid_objs[429]),/* "AES-256-CFB" */
1351&(nid_objs[426]),/* "AES-256-ECB" */
1352&(nid_objs[428]),/* "AES-256-OFB" */
1353&(nid_objs[91]),/* "BF-CBC" */
1354&(nid_objs[93]),/* "BF-CFB" */
1355&(nid_objs[92]),/* "BF-ECB" */
1356&(nid_objs[94]),/* "BF-OFB" */
1357&(nid_objs[14]),/* "C" */
1358&(nid_objs[108]),/* "CAST5-CBC" */
1359&(nid_objs[110]),/* "CAST5-CFB" */
1360&(nid_objs[109]),/* "CAST5-ECB" */
1361&(nid_objs[111]),/* "CAST5-OFB" */
1362&(nid_objs[404]),/* "CCITT" */
1363&(nid_objs[13]),/* "CN" */
1364&(nid_objs[141]),/* "CRLReason" */
1365&(nid_objs[417]),/* "CSPName" */
1366&(nid_objs[367]),/* "CrlID" */
1367&(nid_objs[391]),/* "DC" */
1368&(nid_objs[31]),/* "DES-CBC" */
1369&(nid_objs[30]),/* "DES-CFB" */
1370&(nid_objs[29]),/* "DES-ECB" */
1371&(nid_objs[32]),/* "DES-EDE" */
1372&(nid_objs[43]),/* "DES-EDE-CBC" */
1373&(nid_objs[60]),/* "DES-EDE-CFB" */
1374&(nid_objs[62]),/* "DES-EDE-OFB" */
1375&(nid_objs[33]),/* "DES-EDE3" */
1376&(nid_objs[44]),/* "DES-EDE3-CBC" */
1377&(nid_objs[61]),/* "DES-EDE3-CFB" */
1378&(nid_objs[63]),/* "DES-EDE3-OFB" */
1379&(nid_objs[45]),/* "DES-OFB" */
1380&(nid_objs[80]),/* "DESX-CBC" */
1381&(nid_objs[380]),/* "DOD" */
1382&(nid_objs[116]),/* "DSA" */
1383&(nid_objs[66]),/* "DSA-SHA" */
1384&(nid_objs[113]),/* "DSA-SHA1" */
1385&(nid_objs[70]),/* "DSA-SHA1-old" */
1386&(nid_objs[67]),/* "DSA-old" */
1387&(nid_objs[297]),/* "DVCS" */
1388&(nid_objs[381]),/* "IANA" */
1389&(nid_objs[34]),/* "IDEA-CBC" */
1390&(nid_objs[35]),/* "IDEA-CFB" */
1391&(nid_objs[36]),/* "IDEA-ECB" */
1392&(nid_objs[46]),/* "IDEA-OFB" */
1393&(nid_objs[181]),/* "ISO" */
1394&(nid_objs[183]),/* "ISO-US" */
1395&(nid_objs[393]),/* "JOINT-ISO-CCITT" */
1396&(nid_objs[15]),/* "L" */
1397&(nid_objs[ 3]),/* "MD2" */
1398&(nid_objs[257]),/* "MD4" */
1399&(nid_objs[ 4]),/* "MD5" */
1400&(nid_objs[114]),/* "MD5-SHA1" */
1401&(nid_objs[95]),/* "MDC2" */
1402&(nid_objs[388]),/* "Mail" */
1403&(nid_objs[57]),/* "Netscape" */
1404&(nid_objs[366]),/* "Nonce" */
1405&(nid_objs[17]),/* "O" */
1406&(nid_objs[178]),/* "OCSP" */
1407&(nid_objs[180]),/* "OCSPSigning" */
1408&(nid_objs[379]),/* "ORG" */
1409&(nid_objs[18]),/* "OU" */
1410&(nid_objs[ 9]),/* "PBE-MD2-DES" */
1411&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
1412&(nid_objs[10]),/* "PBE-MD5-DES" */
1413&(nid_objs[169]),/* "PBE-MD5-RC2-64" */
1414&(nid_objs[147]),/* "PBE-SHA1-2DES" */
1415&(nid_objs[146]),/* "PBE-SHA1-3DES" */
1416&(nid_objs[170]),/* "PBE-SHA1-DES" */
1417&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */
1418&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */
1419&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */
1420&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */
1421&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */
1422&(nid_objs[161]),/* "PBES2" */
1423&(nid_objs[69]),/* "PBKDF2" */
1424&(nid_objs[162]),/* "PBMAC1" */
1425&(nid_objs[127]),/* "PKIX" */
1426&(nid_objs[98]),/* "RC2-40-CBC" */
1427&(nid_objs[166]),/* "RC2-64-CBC" */
1428&(nid_objs[37]),/* "RC2-CBC" */
1429&(nid_objs[39]),/* "RC2-CFB" */
1430&(nid_objs[38]),/* "RC2-ECB" */
1431&(nid_objs[40]),/* "RC2-OFB" */
1432&(nid_objs[ 5]),/* "RC4" */
1433&(nid_objs[97]),/* "RC4-40" */
1434&(nid_objs[120]),/* "RC5-CBC" */
1435&(nid_objs[122]),/* "RC5-CFB" */
1436&(nid_objs[121]),/* "RC5-ECB" */
1437&(nid_objs[123]),/* "RC5-OFB" */
1438&(nid_objs[117]),/* "RIPEMD160" */
1439&(nid_objs[124]),/* "RLE" */
1440&(nid_objs[19]),/* "RSA" */
1441&(nid_objs[ 7]),/* "RSA-MD2" */
1442&(nid_objs[396]),/* "RSA-MD4" */
1443&(nid_objs[ 8]),/* "RSA-MD5" */
1444&(nid_objs[96]),/* "RSA-MDC2" */
1445&(nid_objs[104]),/* "RSA-NP-MD5" */
1446&(nid_objs[119]),/* "RSA-RIPEMD160" */
1447&(nid_objs[42]),/* "RSA-SHA" */
1448&(nid_objs[65]),/* "RSA-SHA1" */
1449&(nid_objs[115]),/* "RSA-SHA1-2" */
1450&(nid_objs[41]),/* "SHA" */
1451&(nid_objs[64]),/* "SHA1" */
1452&(nid_objs[188]),/* "SMIME" */
1453&(nid_objs[167]),/* "SMIME-CAPS" */
1454&(nid_objs[100]),/* "SN" */
1455&(nid_objs[16]),/* "ST" */
1456&(nid_objs[143]),/* "SXNetID" */
1457&(nid_objs[458]),/* "UID" */
1458&(nid_objs[ 0]),/* "UNDEF" */
1459&(nid_objs[11]),/* "X500" */
1460&(nid_objs[378]),/* "X500algorithms" */
1461&(nid_objs[12]),/* "X509" */
1462&(nid_objs[184]),/* "X9-57" */
1463&(nid_objs[185]),/* "X9cm" */
1464&(nid_objs[125]),/* "ZLIB" */
1465&(nid_objs[478]),/* "aRecord" */
1466&(nid_objs[289]),/* "aaControls" */
1467&(nid_objs[287]),/* "ac-auditEntity" */
1468&(nid_objs[397]),/* "ac-proxying" */
1469&(nid_objs[288]),/* "ac-targeting" */
1470&(nid_objs[368]),/* "acceptableResponses" */
1471&(nid_objs[446]),/* "account" */
1472&(nid_objs[363]),/* "ad_timestamping" */
1473&(nid_objs[376]),/* "algorithm" */
1474&(nid_objs[405]),/* "ansi-X9-62" */
1475&(nid_objs[370]),/* "archiveCutoff" */
1476&(nid_objs[484]),/* "associatedDomain" */
1477&(nid_objs[485]),/* "associatedName" */
1478&(nid_objs[501]),/* "audio" */
1479&(nid_objs[177]),/* "authorityInfoAccess" */
1480&(nid_objs[90]),/* "authorityKeyIdentifier" */
1481&(nid_objs[87]),/* "basicConstraints" */
1482&(nid_objs[365]),/* "basicOCSPResponse" */
1483&(nid_objs[285]),/* "biometricInfo" */
1484&(nid_objs[494]),/* "buildingName" */
1485&(nid_objs[483]),/* "cNAMERecord" */
1486&(nid_objs[179]),/* "caIssuers" */
1487&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
1488&(nid_objs[152]),/* "certBag" */
1489&(nid_objs[89]),/* "certificatePolicies" */
1490&(nid_objs[54]),/* "challengePassword" */
1491&(nid_objs[407]),/* "characteristic-two-field" */
1492&(nid_objs[395]),/* "clearance" */
1493&(nid_objs[130]),/* "clientAuth" */
1494&(nid_objs[131]),/* "codeSigning" */
1495&(nid_objs[50]),/* "contentType" */
1496&(nid_objs[53]),/* "countersignature" */
1497&(nid_objs[153]),/* "crlBag" */
1498&(nid_objs[103]),/* "crlDistributionPoints" */
1499&(nid_objs[88]),/* "crlNumber" */
1500&(nid_objs[500]),/* "dITRedirect" */
1501&(nid_objs[451]),/* "dNSDomain" */
1502&(nid_objs[495]),/* "dSAQuality" */
1503&(nid_objs[434]),/* "data" */
1504&(nid_objs[390]),/* "dcobject" */
1505&(nid_objs[140]),/* "deltaCRL" */
1506&(nid_objs[107]),/* "description" */
1507&(nid_objs[28]),/* "dhKeyAgreement" */
1508&(nid_objs[382]),/* "directory" */
1509&(nid_objs[174]),/* "dnQualifier" */
1510&(nid_objs[447]),/* "document" */
1511&(nid_objs[471]),/* "documentAuthor" */
1512&(nid_objs[468]),/* "documentIdentifier" */
1513&(nid_objs[472]),/* "documentLocation" */
1514&(nid_objs[502]),/* "documentPublisher" */
1515&(nid_objs[449]),/* "documentSeries" */
1516&(nid_objs[469]),/* "documentTitle" */
1517&(nid_objs[470]),/* "documentVersion" */
1518&(nid_objs[392]),/* "domain" */
1519&(nid_objs[452]),/* "domainRelatedObject" */
1520&(nid_objs[416]),/* "ecdsa-with-SHA1" */
1521&(nid_objs[48]),/* "emailAddress" */
1522&(nid_objs[132]),/* "emailProtection" */
1523&(nid_objs[389]),/* "enterprises" */
1524&(nid_objs[384]),/* "experimental" */
1525&(nid_objs[172]),/* "extReq" */
1526&(nid_objs[56]),/* "extendedCertificateAttributes" */
1527&(nid_objs[126]),/* "extendedKeyUsage" */
1528&(nid_objs[372]),/* "extendedStatus" */
1529&(nid_objs[462]),/* "favouriteDrink" */
1530&(nid_objs[453]),/* "friendlyCountry" */
1531&(nid_objs[490]),/* "friendlyCountryName" */
1532&(nid_objs[156]),/* "friendlyName" */
1533&(nid_objs[509]),/* "generationQualifier" */
1534&(nid_objs[99]),/* "gn" */
1535&(nid_objs[163]),/* "hmacWithSHA1" */
1536&(nid_objs[432]),/* "holdInstructionCallIssuer" */
1537&(nid_objs[430]),/* "holdInstructionCode" */
1538&(nid_objs[431]),/* "holdInstructionNone" */
1539&(nid_objs[433]),/* "holdInstructionReject" */
1540&(nid_objs[486]),/* "homePostalAddress" */
1541&(nid_objs[473]),/* "homeTelephoneNumber" */
1542&(nid_objs[466]),/* "host" */
1543&(nid_objs[442]),/* "iA5StringSyntax" */
1544&(nid_objs[266]),/* "id-aca" */
1545&(nid_objs[355]),/* "id-aca-accessIdentity" */
1546&(nid_objs[354]),/* "id-aca-authenticationInfo" */
1547&(nid_objs[356]),/* "id-aca-chargingIdentity" */
1548&(nid_objs[399]),/* "id-aca-encAttrs" */
1549&(nid_objs[357]),/* "id-aca-group" */
1550&(nid_objs[358]),/* "id-aca-role" */
1551&(nid_objs[176]),/* "id-ad" */
1552&(nid_objs[262]),/* "id-alg" */
1553&(nid_objs[323]),/* "id-alg-des40" */
1554&(nid_objs[326]),/* "id-alg-dh-pop" */
1555&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
1556&(nid_objs[324]),/* "id-alg-noSignature" */
1557&(nid_objs[268]),/* "id-cct" */
1558&(nid_objs[361]),/* "id-cct-PKIData" */
1559&(nid_objs[362]),/* "id-cct-PKIResponse" */
1560&(nid_objs[360]),/* "id-cct-crs" */
1561&(nid_objs[81]),/* "id-ce" */
1562&(nid_objs[263]),/* "id-cmc" */
1563&(nid_objs[334]),/* "id-cmc-addExtensions" */
1564&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
1565&(nid_objs[330]),/* "id-cmc-dataReturn" */
1566&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
1567&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
1568&(nid_objs[339]),/* "id-cmc-getCRL" */
1569&(nid_objs[338]),/* "id-cmc-getCert" */
1570&(nid_objs[328]),/* "id-cmc-identification" */
1571&(nid_objs[329]),/* "id-cmc-identityProof" */
1572&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
1573&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
1574&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
1575&(nid_objs[343]),/* "id-cmc-queryPending" */
1576&(nid_objs[333]),/* "id-cmc-recipientNonce" */
1577&(nid_objs[341]),/* "id-cmc-regInfo" */
1578&(nid_objs[342]),/* "id-cmc-responseInfo" */
1579&(nid_objs[340]),/* "id-cmc-revokeRequest" */
1580&(nid_objs[332]),/* "id-cmc-senderNonce" */
1581&(nid_objs[327]),/* "id-cmc-statusInfo" */
1582&(nid_objs[331]),/* "id-cmc-transactionId" */
1583&(nid_objs[408]),/* "id-ecPublicKey" */
1584&(nid_objs[508]),/* "id-hex-multipart-message" */
1585&(nid_objs[507]),/* "id-hex-partial-message" */
1586&(nid_objs[260]),/* "id-it" */
1587&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
1588&(nid_objs[298]),/* "id-it-caProtEncCert" */
1589&(nid_objs[311]),/* "id-it-confirmWaitTime" */
1590&(nid_objs[303]),/* "id-it-currentCRL" */
1591&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
1592&(nid_objs[310]),/* "id-it-implicitConfirm" */
1593&(nid_objs[308]),/* "id-it-keyPairParamRep" */
1594&(nid_objs[307]),/* "id-it-keyPairParamReq" */
1595&(nid_objs[312]),/* "id-it-origPKIMessage" */
1596&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
1597&(nid_objs[309]),/* "id-it-revPassphrase" */
1598&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
1599&(nid_objs[305]),/* "id-it-subscriptionRequest" */
1600&(nid_objs[306]),/* "id-it-subscriptionResponse" */
1601&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
1602&(nid_objs[128]),/* "id-kp" */
1603&(nid_objs[280]),/* "id-mod-attribute-cert" */
1604&(nid_objs[274]),/* "id-mod-cmc" */
1605&(nid_objs[277]),/* "id-mod-cmp" */
1606&(nid_objs[284]),/* "id-mod-cmp2000" */
1607&(nid_objs[273]),/* "id-mod-crmf" */
1608&(nid_objs[283]),/* "id-mod-dvcs" */
1609&(nid_objs[275]),/* "id-mod-kea-profile-88" */
1610&(nid_objs[276]),/* "id-mod-kea-profile-93" */
1611&(nid_objs[282]),/* "id-mod-ocsp" */
1612&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
1613&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
1614&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
1615&(nid_objs[264]),/* "id-on" */
1616&(nid_objs[347]),/* "id-on-personalData" */
1617&(nid_objs[265]),/* "id-pda" */
1618&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
1619&(nid_objs[353]),/* "id-pda-countryOfResidence" */
1620&(nid_objs[348]),/* "id-pda-dateOfBirth" */
1621&(nid_objs[351]),/* "id-pda-gender" */
1622&(nid_objs[349]),/* "id-pda-placeOfBirth" */
1623&(nid_objs[175]),/* "id-pe" */
1624&(nid_objs[261]),/* "id-pkip" */
1625&(nid_objs[258]),/* "id-pkix-mod" */
1626&(nid_objs[269]),/* "id-pkix1-explicit-88" */
1627&(nid_objs[271]),/* "id-pkix1-explicit-93" */
1628&(nid_objs[270]),/* "id-pkix1-implicit-88" */
1629&(nid_objs[272]),/* "id-pkix1-implicit-93" */
1630&(nid_objs[267]),/* "id-qcs" */
1631&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
1632&(nid_objs[259]),/* "id-qt" */
1633&(nid_objs[164]),/* "id-qt-cps" */
1634&(nid_objs[165]),/* "id-qt-unotice" */
1635&(nid_objs[313]),/* "id-regCtrl" */
1636&(nid_objs[316]),/* "id-regCtrl-authenticator" */
1637&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
1638&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
1639&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
1640&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
1641&(nid_objs[315]),/* "id-regCtrl-regToken" */
1642&(nid_objs[314]),/* "id-regInfo" */
1643&(nid_objs[322]),/* "id-regInfo-certReq" */
1644&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
1645&(nid_objs[191]),/* "id-smime-aa" */
1646&(nid_objs[215]),/* "id-smime-aa-contentHint" */
1647&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
1648&(nid_objs[221]),/* "id-smime-aa-contentReference" */
1649&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
1650&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
1651&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
1652&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
1653&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
1654&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
1655&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
1656&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
1657&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
1658&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
1659&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
1660&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
1661&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
1662&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
1663&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
1664&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
1665&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
1666&(nid_objs[219]),/* "id-smime-aa-macValue" */
1667&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
1668&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
1669&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
1670&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
1671&(nid_objs[239]),/* "id-smime-aa-signatureType" */
1672&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
1673&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
1674&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
1675&(nid_objs[192]),/* "id-smime-alg" */
1676&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
1677&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
1678&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
1679&(nid_objs[245]),/* "id-smime-alg-ESDH" */
1680&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
1681&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
1682&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
1683&(nid_objs[193]),/* "id-smime-cd" */
1684&(nid_objs[248]),/* "id-smime-cd-ldap" */
1685&(nid_objs[190]),/* "id-smime-ct" */
1686&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
1687&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
1688&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
1689&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
1690&(nid_objs[205]),/* "id-smime-ct-authData" */
1691&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
1692&(nid_objs[206]),/* "id-smime-ct-publishCert" */
1693&(nid_objs[204]),/* "id-smime-ct-receipt" */
1694&(nid_objs[195]),/* "id-smime-cti" */
1695&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
1696&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
1697&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
1698&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
1699&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
1700&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
1701&(nid_objs[189]),/* "id-smime-mod" */
1702&(nid_objs[196]),/* "id-smime-mod-cms" */
1703&(nid_objs[197]),/* "id-smime-mod-ess" */
1704&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
1705&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
1706&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
1707&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
1708&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
1709&(nid_objs[198]),/* "id-smime-mod-oid" */
1710&(nid_objs[194]),/* "id-smime-spq" */
1711&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
1712&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
1713&(nid_objs[461]),/* "info" */
1714&(nid_objs[101]),/* "initials" */
1715&(nid_objs[142]),/* "invalidityDate" */
1716&(nid_objs[294]),/* "ipsecEndSystem" */
1717&(nid_objs[295]),/* "ipsecTunnel" */
1718&(nid_objs[296]),/* "ipsecUser" */
1719&(nid_objs[86]),/* "issuerAltName" */
1720&(nid_objs[492]),/* "janetMailbox" */
1721&(nid_objs[150]),/* "keyBag" */
1722&(nid_objs[83]),/* "keyUsage" */
1723&(nid_objs[477]),/* "lastModifiedBy" */
1724&(nid_objs[476]),/* "lastModifiedTime" */
1725&(nid_objs[157]),/* "localKeyID" */
1726&(nid_objs[480]),/* "mXRecord" */
1727&(nid_objs[460]),/* "mail" */
1728&(nid_objs[493]),/* "mailPreferenceOption" */
1729&(nid_objs[467]),/* "manager" */
1730&(nid_objs[182]),/* "member-body" */
1731&(nid_objs[51]),/* "messageDigest" */
1732&(nid_objs[383]),/* "mgmt" */
1733&(nid_objs[504]),/* "mime-mhs" */
1734&(nid_objs[506]),/* "mime-mhs-bodies" */
1735&(nid_objs[505]),/* "mime-mhs-headings" */
1736&(nid_objs[488]),/* "mobileTelephoneNumber" */
1737&(nid_objs[136]),/* "msCTLSign" */
1738&(nid_objs[135]),/* "msCodeCom" */
1739&(nid_objs[134]),/* "msCodeInd" */
1740&(nid_objs[138]),/* "msEFS" */
1741&(nid_objs[171]),/* "msExtReq" */
1742&(nid_objs[137]),/* "msSGC" */
1743&(nid_objs[481]),/* "nSRecord" */
1744&(nid_objs[173]),/* "name" */
1745&(nid_objs[369]),/* "noCheck" */
1746&(nid_objs[403]),/* "noRevAvail" */
1747&(nid_objs[72]),/* "nsBaseUrl" */
1748&(nid_objs[76]),/* "nsCaPolicyUrl" */
1749&(nid_objs[74]),/* "nsCaRevocationUrl" */
1750&(nid_objs[58]),/* "nsCertExt" */
1751&(nid_objs[79]),/* "nsCertSequence" */
1752&(nid_objs[71]),/* "nsCertType" */
1753&(nid_objs[78]),/* "nsComment" */
1754&(nid_objs[59]),/* "nsDataType" */
1755&(nid_objs[75]),/* "nsRenewalUrl" */
1756&(nid_objs[73]),/* "nsRevocationUrl" */
1757&(nid_objs[139]),/* "nsSGC" */
1758&(nid_objs[77]),/* "nsSslServerName" */
1759&(nid_objs[491]),/* "organizationalStatus" */
1760&(nid_objs[475]),/* "otherMailbox" */
1761&(nid_objs[489]),/* "pagerTelephoneNumber" */
1762&(nid_objs[374]),/* "path" */
1763&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
1764&(nid_objs[499]),/* "personalSignature" */
1765&(nid_objs[487]),/* "personalTitle" */
1766&(nid_objs[464]),/* "photo" */
1767&(nid_objs[437]),/* "pilot" */
1768&(nid_objs[439]),/* "pilotAttributeSyntax" */
1769&(nid_objs[438]),/* "pilotAttributeType" */
1770&(nid_objs[479]),/* "pilotAttributeType27" */
1771&(nid_objs[456]),/* "pilotDSA" */
1772&(nid_objs[441]),/* "pilotGroups" */
1773&(nid_objs[444]),/* "pilotObject" */
1774&(nid_objs[440]),/* "pilotObjectClass" */
1775&(nid_objs[455]),/* "pilotOrganization" */
1776&(nid_objs[445]),/* "pilotPerson" */
1777&(nid_objs[ 2]),/* "pkcs" */
1778&(nid_objs[186]),/* "pkcs1" */
1779&(nid_objs[27]),/* "pkcs3" */
1780&(nid_objs[187]),/* "pkcs5" */
1781&(nid_objs[20]),/* "pkcs7" */
1782&(nid_objs[21]),/* "pkcs7-data" */
1783&(nid_objs[25]),/* "pkcs7-digestData" */
1784&(nid_objs[26]),/* "pkcs7-encryptedData" */
1785&(nid_objs[23]),/* "pkcs7-envelopedData" */
1786&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
1787&(nid_objs[22]),/* "pkcs7-signedData" */
1788&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
1789&(nid_objs[47]),/* "pkcs9" */
1790&(nid_objs[401]),/* "policyConstraints" */
1791&(nid_objs[406]),/* "prime-field" */
1792&(nid_objs[409]),/* "prime192v1" */
1793&(nid_objs[410]),/* "prime192v2" */
1794&(nid_objs[411]),/* "prime192v3" */
1795&(nid_objs[412]),/* "prime239v1" */
1796&(nid_objs[413]),/* "prime239v2" */
1797&(nid_objs[414]),/* "prime239v3" */
1798&(nid_objs[415]),/* "prime256v1" */
1799&(nid_objs[385]),/* "private" */
1800&(nid_objs[84]),/* "privateKeyUsagePeriod" */
1801&(nid_objs[435]),/* "pss" */
1802&(nid_objs[286]),/* "qcStatements" */
1803&(nid_objs[457]),/* "qualityLabelledData" */
1804&(nid_objs[450]),/* "rFC822localPart" */
1805&(nid_objs[400]),/* "role" */
1806&(nid_objs[448]),/* "room" */
1807&(nid_objs[463]),/* "roomNumber" */
1808&(nid_objs[ 6]),/* "rsaEncryption" */
1809&(nid_objs[377]),/* "rsaSignature" */
1810&(nid_objs[ 1]),/* "rsadsi" */
1811&(nid_objs[482]),/* "sOARecord" */
1812&(nid_objs[155]),/* "safeContentsBag" */
1813&(nid_objs[291]),/* "sbqp-autonomousSysNum" */
1814&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
1815&(nid_objs[292]),/* "sbqp-routerIdentifier" */
1816&(nid_objs[159]),/* "sdsiCertificate" */
1817&(nid_objs[154]),/* "secretBag" */
1818&(nid_objs[474]),/* "secretary" */
1819&(nid_objs[386]),/* "security" */
1820&(nid_objs[394]),/* "selected-attribute-types" */
1821&(nid_objs[105]),/* "serialNumber" */
1822&(nid_objs[129]),/* "serverAuth" */
1823&(nid_objs[371]),/* "serviceLocator" */
1824&(nid_objs[52]),/* "signingTime" */
1825&(nid_objs[454]),/* "simpleSecurityObject" */
1826&(nid_objs[496]),/* "singleLevelQuality" */
1827&(nid_objs[387]),/* "snmpv2" */
1828&(nid_objs[85]),/* "subjectAltName" */
1829&(nid_objs[398]),/* "subjectInfoAccess" */
1830&(nid_objs[82]),/* "subjectKeyIdentifier" */
1831&(nid_objs[498]),/* "subtreeMaximumQuality" */
1832&(nid_objs[497]),/* "subtreeMinimumQuality" */
1833&(nid_objs[402]),/* "targetInformation" */
1834&(nid_objs[459]),/* "textEncodedORAddress" */
1835&(nid_objs[293]),/* "textNotice" */
1836&(nid_objs[133]),/* "timeStamping" */
1837&(nid_objs[106]),/* "title" */
1838&(nid_objs[375]),/* "trustRoot" */
1839&(nid_objs[436]),/* "ucl" */
1840&(nid_objs[55]),/* "unstructuredAddress" */
1841&(nid_objs[49]),/* "unstructuredName" */
1842&(nid_objs[465]),/* "userClass" */
1843&(nid_objs[373]),/* "valid" */
1844&(nid_objs[503]),/* "x500UniqueIdentifier" */
1845&(nid_objs[158]),/* "x509Certificate" */
1846&(nid_objs[160]),/* "x509Crl" */
1847};
1848
1849static ASN1_OBJECT *ln_objs[NUM_LN]={
1850&(nid_objs[363]),/* "AD Time Stamping" */
1851&(nid_objs[405]),/* "ANSI X9.62" */
1852&(nid_objs[368]),/* "Acceptable OCSP Responses" */
1853&(nid_objs[177]),/* "Authority Information Access" */
1854&(nid_objs[365]),/* "Basic OCSP Response" */
1855&(nid_objs[285]),/* "Biometric Info" */
1856&(nid_objs[179]),/* "CA Issuers" */
1857&(nid_objs[131]),/* "Code Signing" */
1858&(nid_objs[382]),/* "Directory" */
1859&(nid_objs[392]),/* "Domain" */
1860&(nid_objs[132]),/* "E-mail Protection" */
1861&(nid_objs[389]),/* "Enterprises" */
1862&(nid_objs[384]),/* "Experimental" */
1863&(nid_objs[372]),/* "Extended OCSP Status" */
1864&(nid_objs[172]),/* "Extension Request" */
1865&(nid_objs[432]),/* "Hold Instruction Call Issuer" */
1866&(nid_objs[430]),/* "Hold Instruction Code" */
1867&(nid_objs[431]),/* "Hold Instruction None" */
1868&(nid_objs[433]),/* "Hold Instruction Reject" */
1869&(nid_objs[294]),/* "IPSec End System" */
1870&(nid_objs[295]),/* "IPSec Tunnel" */
1871&(nid_objs[296]),/* "IPSec User" */
1872&(nid_objs[182]),/* "ISO Member Body" */
1873&(nid_objs[183]),/* "ISO US Member Body" */
1874&(nid_objs[142]),/* "Invalidity Date" */
1875&(nid_objs[504]),/* "MIME MHS" */
1876&(nid_objs[388]),/* "Mail" */
1877&(nid_objs[383]),/* "Management" */
1878&(nid_objs[417]),/* "Microsoft CSP Name" */
1879&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
1880&(nid_objs[138]),/* "Microsoft Encrypted File System" */
1881&(nid_objs[171]),/* "Microsoft Extension Request" */
1882&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
1883&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
1884&(nid_objs[136]),/* "Microsoft Trust List Signing" */
1885&(nid_objs[72]),/* "Netscape Base Url" */
1886&(nid_objs[76]),/* "Netscape CA Policy Url" */
1887&(nid_objs[74]),/* "Netscape CA Revocation Url" */
1888&(nid_objs[71]),/* "Netscape Cert Type" */
1889&(nid_objs[58]),/* "Netscape Certificate Extension" */
1890&(nid_objs[79]),/* "Netscape Certificate Sequence" */
1891&(nid_objs[78]),/* "Netscape Comment" */
1892&(nid_objs[57]),/* "Netscape Communications Corp." */
1893&(nid_objs[59]),/* "Netscape Data Type" */
1894&(nid_objs[75]),/* "Netscape Renewal Url" */
1895&(nid_objs[73]),/* "Netscape Revocation Url" */
1896&(nid_objs[77]),/* "Netscape SSL Server Name" */
1897&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
1898&(nid_objs[178]),/* "OCSP" */
1899&(nid_objs[370]),/* "OCSP Archive Cutoff" */
1900&(nid_objs[367]),/* "OCSP CRL ID" */
1901&(nid_objs[369]),/* "OCSP No Check" */
1902&(nid_objs[366]),/* "OCSP Nonce" */
1903&(nid_objs[371]),/* "OCSP Service Locator" */
1904&(nid_objs[180]),/* "OCSP Signing" */
1905&(nid_objs[161]),/* "PBES2" */
1906&(nid_objs[69]),/* "PBKDF2" */
1907&(nid_objs[162]),/* "PBMAC1" */
1908&(nid_objs[127]),/* "PKIX" */
1909&(nid_objs[164]),/* "Policy Qualifier CPS" */
1910&(nid_objs[165]),/* "Policy Qualifier User Notice" */
1911&(nid_objs[385]),/* "Private" */
1912&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
1913&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
1914&(nid_objs[188]),/* "S/MIME" */
1915&(nid_objs[167]),/* "S/MIME Capabilities" */
1916&(nid_objs[387]),/* "SNMPv2" */
1917&(nid_objs[386]),/* "Security" */
1918&(nid_objs[394]),/* "Selected Attribute Types" */
1919&(nid_objs[143]),/* "Strong Extranet ID" */
1920&(nid_objs[398]),/* "Subject Information Access" */
1921&(nid_objs[130]),/* "TLS Web Client Authentication" */
1922&(nid_objs[129]),/* "TLS Web Server Authentication" */
1923&(nid_objs[133]),/* "Time Stamping" */
1924&(nid_objs[375]),/* "Trust Root" */
1925&(nid_objs[12]),/* "X509" */
1926&(nid_objs[402]),/* "X509v3 AC Targeting" */
1927&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
1928&(nid_objs[87]),/* "X509v3 Basic Constraints" */
1929&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
1930&(nid_objs[88]),/* "X509v3 CRL Number" */
1931&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
1932&(nid_objs[89]),/* "X509v3 Certificate Policies" */
1933&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
1934&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
1935&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
1936&(nid_objs[83]),/* "X509v3 Key Usage" */
1937&(nid_objs[403]),/* "X509v3 No Revocation Available" */
1938&(nid_objs[401]),/* "X509v3 Policy Constraints" */
1939&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
1940&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
1941&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
1942&(nid_objs[184]),/* "X9.57" */
1943&(nid_objs[185]),/* "X9.57 CM ?" */
1944&(nid_objs[478]),/* "aRecord" */
1945&(nid_objs[289]),/* "aaControls" */
1946&(nid_objs[287]),/* "ac-auditEntity" */
1947&(nid_objs[397]),/* "ac-proxying" */
1948&(nid_objs[288]),/* "ac-targeting" */
1949&(nid_objs[446]),/* "account" */
1950&(nid_objs[364]),/* "ad dvcs" */
1951&(nid_objs[419]),/* "aes-128-cbc" */
1952&(nid_objs[421]),/* "aes-128-cfb" */
1953&(nid_objs[418]),/* "aes-128-ecb" */
1954&(nid_objs[420]),/* "aes-128-ofb" */
1955&(nid_objs[423]),/* "aes-192-cbc" */
1956&(nid_objs[425]),/* "aes-192-cfb" */
1957&(nid_objs[422]),/* "aes-192-ecb" */
1958&(nid_objs[424]),/* "aes-192-ofb" */
1959&(nid_objs[427]),/* "aes-256-cbc" */
1960&(nid_objs[429]),/* "aes-256-cfb" */
1961&(nid_objs[426]),/* "aes-256-ecb" */
1962&(nid_objs[428]),/* "aes-256-ofb" */
1963&(nid_objs[376]),/* "algorithm" */
1964&(nid_objs[484]),/* "associatedDomain" */
1965&(nid_objs[485]),/* "associatedName" */
1966&(nid_objs[501]),/* "audio" */
1967&(nid_objs[91]),/* "bf-cbc" */
1968&(nid_objs[93]),/* "bf-cfb" */
1969&(nid_objs[92]),/* "bf-ecb" */
1970&(nid_objs[94]),/* "bf-ofb" */
1971&(nid_objs[494]),/* "buildingName" */
1972&(nid_objs[483]),/* "cNAMERecord" */
1973&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
1974&(nid_objs[108]),/* "cast5-cbc" */
1975&(nid_objs[110]),/* "cast5-cfb" */
1976&(nid_objs[109]),/* "cast5-ecb" */
1977&(nid_objs[111]),/* "cast5-ofb" */
1978&(nid_objs[404]),/* "ccitt" */
1979&(nid_objs[152]),/* "certBag" */
1980&(nid_objs[54]),/* "challengePassword" */
1981&(nid_objs[407]),/* "characteristic-two-field" */
1982&(nid_objs[395]),/* "clearance" */
1983&(nid_objs[13]),/* "commonName" */
1984&(nid_objs[50]),/* "contentType" */
1985&(nid_objs[53]),/* "countersignature" */
1986&(nid_objs[14]),/* "countryName" */
1987&(nid_objs[153]),/* "crlBag" */
1988&(nid_objs[500]),/* "dITRedirect" */
1989&(nid_objs[451]),/* "dNSDomain" */
1990&(nid_objs[495]),/* "dSAQuality" */
1991&(nid_objs[434]),/* "data" */
1992&(nid_objs[390]),/* "dcObject" */
1993&(nid_objs[31]),/* "des-cbc" */
1994&(nid_objs[30]),/* "des-cfb" */
1995&(nid_objs[29]),/* "des-ecb" */
1996&(nid_objs[32]),/* "des-ede" */
1997&(nid_objs[43]),/* "des-ede-cbc" */
1998&(nid_objs[60]),/* "des-ede-cfb" */
1999&(nid_objs[62]),/* "des-ede-ofb" */
2000&(nid_objs[33]),/* "des-ede3" */
2001&(nid_objs[44]),/* "des-ede3-cbc" */
2002&(nid_objs[61]),/* "des-ede3-cfb" */
2003&(nid_objs[63]),/* "des-ede3-ofb" */
2004&(nid_objs[45]),/* "des-ofb" */
2005&(nid_objs[107]),/* "description" */
2006&(nid_objs[80]),/* "desx-cbc" */
2007&(nid_objs[28]),/* "dhKeyAgreement" */
2008&(nid_objs[11]),/* "directory services (X.500)" */
2009&(nid_objs[378]),/* "directory services - algorithms" */
2010&(nid_objs[174]),/* "dnQualifier" */
2011&(nid_objs[447]),/* "document" */
2012&(nid_objs[471]),/* "documentAuthor" */
2013&(nid_objs[468]),/* "documentIdentifier" */
2014&(nid_objs[472]),/* "documentLocation" */
2015&(nid_objs[502]),/* "documentPublisher" */
2016&(nid_objs[449]),/* "documentSeries" */
2017&(nid_objs[469]),/* "documentTitle" */
2018&(nid_objs[470]),/* "documentVersion" */
2019&(nid_objs[380]),/* "dod" */
2020&(nid_objs[391]),/* "domainComponent" */
2021&(nid_objs[452]),/* "domainRelatedObject" */
2022&(nid_objs[116]),/* "dsaEncryption" */
2023&(nid_objs[67]),/* "dsaEncryption-old" */
2024&(nid_objs[66]),/* "dsaWithSHA" */
2025&(nid_objs[113]),/* "dsaWithSHA1" */
2026&(nid_objs[70]),/* "dsaWithSHA1-old" */
2027&(nid_objs[297]),/* "dvcs" */
2028&(nid_objs[416]),/* "ecdsa-with-SHA1" */
2029&(nid_objs[48]),/* "emailAddress" */
2030&(nid_objs[56]),/* "extendedCertificateAttributes" */
2031&(nid_objs[462]),/* "favouriteDrink" */
2032&(nid_objs[453]),/* "friendlyCountry" */
2033&(nid_objs[490]),/* "friendlyCountryName" */
2034&(nid_objs[156]),/* "friendlyName" */
2035&(nid_objs[509]),/* "generationQualifier" */
2036&(nid_objs[99]),/* "givenName" */
2037&(nid_objs[163]),/* "hmacWithSHA1" */
2038&(nid_objs[486]),/* "homePostalAddress" */
2039&(nid_objs[473]),/* "homeTelephoneNumber" */
2040&(nid_objs[466]),/* "host" */
2041&(nid_objs[442]),/* "iA5StringSyntax" */
2042&(nid_objs[381]),/* "iana" */
2043&(nid_objs[266]),/* "id-aca" */
2044&(nid_objs[355]),/* "id-aca-accessIdentity" */
2045&(nid_objs[354]),/* "id-aca-authenticationInfo" */
2046&(nid_objs[356]),/* "id-aca-chargingIdentity" */
2047&(nid_objs[399]),/* "id-aca-encAttrs" */
2048&(nid_objs[357]),/* "id-aca-group" */
2049&(nid_objs[358]),/* "id-aca-role" */
2050&(nid_objs[176]),/* "id-ad" */
2051&(nid_objs[262]),/* "id-alg" */
2052&(nid_objs[323]),/* "id-alg-des40" */
2053&(nid_objs[326]),/* "id-alg-dh-pop" */
2054&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
2055&(nid_objs[324]),/* "id-alg-noSignature" */
2056&(nid_objs[268]),/* "id-cct" */
2057&(nid_objs[361]),/* "id-cct-PKIData" */
2058&(nid_objs[362]),/* "id-cct-PKIResponse" */
2059&(nid_objs[360]),/* "id-cct-crs" */
2060&(nid_objs[81]),/* "id-ce" */
2061&(nid_objs[263]),/* "id-cmc" */
2062&(nid_objs[334]),/* "id-cmc-addExtensions" */
2063&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
2064&(nid_objs[330]),/* "id-cmc-dataReturn" */
2065&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
2066&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
2067&(nid_objs[339]),/* "id-cmc-getCRL" */
2068&(nid_objs[338]),/* "id-cmc-getCert" */
2069&(nid_objs[328]),/* "id-cmc-identification" */
2070&(nid_objs[329]),/* "id-cmc-identityProof" */
2071&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
2072&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
2073&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
2074&(nid_objs[343]),/* "id-cmc-queryPending" */
2075&(nid_objs[333]),/* "id-cmc-recipientNonce" */
2076&(nid_objs[341]),/* "id-cmc-regInfo" */
2077&(nid_objs[342]),/* "id-cmc-responseInfo" */
2078&(nid_objs[340]),/* "id-cmc-revokeRequest" */
2079&(nid_objs[332]),/* "id-cmc-senderNonce" */
2080&(nid_objs[327]),/* "id-cmc-statusInfo" */
2081&(nid_objs[331]),/* "id-cmc-transactionId" */
2082&(nid_objs[408]),/* "id-ecPublicKey" */
2083&(nid_objs[508]),/* "id-hex-multipart-message" */
2084&(nid_objs[507]),/* "id-hex-partial-message" */
2085&(nid_objs[260]),/* "id-it" */
2086&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
2087&(nid_objs[298]),/* "id-it-caProtEncCert" */
2088&(nid_objs[311]),/* "id-it-confirmWaitTime" */
2089&(nid_objs[303]),/* "id-it-currentCRL" */
2090&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
2091&(nid_objs[310]),/* "id-it-implicitConfirm" */
2092&(nid_objs[308]),/* "id-it-keyPairParamRep" */
2093&(nid_objs[307]),/* "id-it-keyPairParamReq" */
2094&(nid_objs[312]),/* "id-it-origPKIMessage" */
2095&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
2096&(nid_objs[309]),/* "id-it-revPassphrase" */
2097&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
2098&(nid_objs[305]),/* "id-it-subscriptionRequest" */
2099&(nid_objs[306]),/* "id-it-subscriptionResponse" */
2100&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
2101&(nid_objs[128]),/* "id-kp" */
2102&(nid_objs[280]),/* "id-mod-attribute-cert" */
2103&(nid_objs[274]),/* "id-mod-cmc" */
2104&(nid_objs[277]),/* "id-mod-cmp" */
2105&(nid_objs[284]),/* "id-mod-cmp2000" */
2106&(nid_objs[273]),/* "id-mod-crmf" */
2107&(nid_objs[283]),/* "id-mod-dvcs" */
2108&(nid_objs[275]),/* "id-mod-kea-profile-88" */
2109&(nid_objs[276]),/* "id-mod-kea-profile-93" */
2110&(nid_objs[282]),/* "id-mod-ocsp" */
2111&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
2112&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
2113&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
2114&(nid_objs[264]),/* "id-on" */
2115&(nid_objs[347]),/* "id-on-personalData" */
2116&(nid_objs[265]),/* "id-pda" */
2117&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
2118&(nid_objs[353]),/* "id-pda-countryOfResidence" */
2119&(nid_objs[348]),/* "id-pda-dateOfBirth" */
2120&(nid_objs[351]),/* "id-pda-gender" */
2121&(nid_objs[349]),/* "id-pda-placeOfBirth" */
2122&(nid_objs[175]),/* "id-pe" */
2123&(nid_objs[261]),/* "id-pkip" */
2124&(nid_objs[258]),/* "id-pkix-mod" */
2125&(nid_objs[269]),/* "id-pkix1-explicit-88" */
2126&(nid_objs[271]),/* "id-pkix1-explicit-93" */
2127&(nid_objs[270]),/* "id-pkix1-implicit-88" */
2128&(nid_objs[272]),/* "id-pkix1-implicit-93" */
2129&(nid_objs[267]),/* "id-qcs" */
2130&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
2131&(nid_objs[259]),/* "id-qt" */
2132&(nid_objs[313]),/* "id-regCtrl" */
2133&(nid_objs[316]),/* "id-regCtrl-authenticator" */
2134&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
2135&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
2136&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
2137&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
2138&(nid_objs[315]),/* "id-regCtrl-regToken" */
2139&(nid_objs[314]),/* "id-regInfo" */
2140&(nid_objs[322]),/* "id-regInfo-certReq" */
2141&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
2142&(nid_objs[191]),/* "id-smime-aa" */
2143&(nid_objs[215]),/* "id-smime-aa-contentHint" */
2144&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
2145&(nid_objs[221]),/* "id-smime-aa-contentReference" */
2146&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
2147&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
2148&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
2149&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
2150&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
2151&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
2152&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
2153&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
2154&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
2155&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
2156&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
2157&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
2158&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
2159&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
2160&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
2161&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
2162&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
2163&(nid_objs[219]),/* "id-smime-aa-macValue" */
2164&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
2165&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
2166&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
2167&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
2168&(nid_objs[239]),/* "id-smime-aa-signatureType" */
2169&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
2170&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
2171&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
2172&(nid_objs[192]),/* "id-smime-alg" */
2173&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
2174&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
2175&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
2176&(nid_objs[245]),/* "id-smime-alg-ESDH" */
2177&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
2178&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
2179&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
2180&(nid_objs[193]),/* "id-smime-cd" */
2181&(nid_objs[248]),/* "id-smime-cd-ldap" */
2182&(nid_objs[190]),/* "id-smime-ct" */
2183&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
2184&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
2185&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
2186&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
2187&(nid_objs[205]),/* "id-smime-ct-authData" */
2188&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
2189&(nid_objs[206]),/* "id-smime-ct-publishCert" */
2190&(nid_objs[204]),/* "id-smime-ct-receipt" */
2191&(nid_objs[195]),/* "id-smime-cti" */
2192&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
2193&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
2194&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
2195&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
2196&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
2197&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
2198&(nid_objs[189]),/* "id-smime-mod" */
2199&(nid_objs[196]),/* "id-smime-mod-cms" */
2200&(nid_objs[197]),/* "id-smime-mod-ess" */
2201&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
2202&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
2203&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
2204&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
2205&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
2206&(nid_objs[198]),/* "id-smime-mod-oid" */
2207&(nid_objs[194]),/* "id-smime-spq" */
2208&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
2209&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
2210&(nid_objs[34]),/* "idea-cbc" */
2211&(nid_objs[35]),/* "idea-cfb" */
2212&(nid_objs[36]),/* "idea-ecb" */
2213&(nid_objs[46]),/* "idea-ofb" */
2214&(nid_objs[461]),/* "info" */
2215&(nid_objs[101]),/* "initials" */
2216&(nid_objs[181]),/* "iso" */
2217&(nid_objs[492]),/* "janetMailbox" */
2218&(nid_objs[393]),/* "joint-iso-ccitt" */
2219&(nid_objs[150]),/* "keyBag" */
2220&(nid_objs[477]),/* "lastModifiedBy" */
2221&(nid_objs[476]),/* "lastModifiedTime" */
2222&(nid_objs[157]),/* "localKeyID" */
2223&(nid_objs[15]),/* "localityName" */
2224&(nid_objs[480]),/* "mXRecord" */
2225&(nid_objs[493]),/* "mailPreferenceOption" */
2226&(nid_objs[467]),/* "manager" */
2227&(nid_objs[ 3]),/* "md2" */
2228&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
2229&(nid_objs[257]),/* "md4" */
2230&(nid_objs[396]),/* "md4WithRSAEncryption" */
2231&(nid_objs[ 4]),/* "md5" */
2232&(nid_objs[114]),/* "md5-sha1" */
2233&(nid_objs[104]),/* "md5WithRSA" */
2234&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
2235&(nid_objs[95]),/* "mdc2" */
2236&(nid_objs[96]),/* "mdc2WithRSA" */
2237&(nid_objs[51]),/* "messageDigest" */
2238&(nid_objs[506]),/* "mime-mhs-bodies" */
2239&(nid_objs[505]),/* "mime-mhs-headings" */
2240&(nid_objs[488]),/* "mobileTelephoneNumber" */
2241&(nid_objs[481]),/* "nSRecord" */
2242&(nid_objs[173]),/* "name" */
2243&(nid_objs[379]),/* "org" */
2244&(nid_objs[17]),/* "organizationName" */
2245&(nid_objs[491]),/* "organizationalStatus" */
2246&(nid_objs[18]),/* "organizationalUnitName" */
2247&(nid_objs[475]),/* "otherMailbox" */
2248&(nid_objs[489]),/* "pagerTelephoneNumber" */
2249&(nid_objs[374]),/* "path" */
2250&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
2251&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
2252&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
2253&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
2254&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
2255&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
2256&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
2257&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
2258&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
2259&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
2260&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
2261&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
2262&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
2263&(nid_objs[499]),/* "personalSignature" */
2264&(nid_objs[487]),/* "personalTitle" */
2265&(nid_objs[464]),/* "photo" */
2266&(nid_objs[437]),/* "pilot" */
2267&(nid_objs[439]),/* "pilotAttributeSyntax" */
2268&(nid_objs[438]),/* "pilotAttributeType" */
2269&(nid_objs[479]),/* "pilotAttributeType27" */
2270&(nid_objs[456]),/* "pilotDSA" */
2271&(nid_objs[441]),/* "pilotGroups" */
2272&(nid_objs[444]),/* "pilotObject" */
2273&(nid_objs[440]),/* "pilotObjectClass" */
2274&(nid_objs[455]),/* "pilotOrganization" */
2275&(nid_objs[445]),/* "pilotPerson" */
2276&(nid_objs[186]),/* "pkcs1" */
2277&(nid_objs[27]),/* "pkcs3" */
2278&(nid_objs[187]),/* "pkcs5" */
2279&(nid_objs[20]),/* "pkcs7" */
2280&(nid_objs[21]),/* "pkcs7-data" */
2281&(nid_objs[25]),/* "pkcs7-digestData" */
2282&(nid_objs[26]),/* "pkcs7-encryptedData" */
2283&(nid_objs[23]),/* "pkcs7-envelopedData" */
2284&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
2285&(nid_objs[22]),/* "pkcs7-signedData" */
2286&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
2287&(nid_objs[47]),/* "pkcs9" */
2288&(nid_objs[406]),/* "prime-field" */
2289&(nid_objs[409]),/* "prime192v1" */
2290&(nid_objs[410]),/* "prime192v2" */
2291&(nid_objs[411]),/* "prime192v3" */
2292&(nid_objs[412]),/* "prime239v1" */
2293&(nid_objs[413]),/* "prime239v2" */
2294&(nid_objs[414]),/* "prime239v3" */
2295&(nid_objs[415]),/* "prime256v1" */
2296&(nid_objs[435]),/* "pss" */
2297&(nid_objs[286]),/* "qcStatements" */
2298&(nid_objs[457]),/* "qualityLabelledData" */
2299&(nid_objs[450]),/* "rFC822localPart" */
2300&(nid_objs[98]),/* "rc2-40-cbc" */
2301&(nid_objs[166]),/* "rc2-64-cbc" */
2302&(nid_objs[37]),/* "rc2-cbc" */
2303&(nid_objs[39]),/* "rc2-cfb" */
2304&(nid_objs[38]),/* "rc2-ecb" */
2305&(nid_objs[40]),/* "rc2-ofb" */
2306&(nid_objs[ 5]),/* "rc4" */
2307&(nid_objs[97]),/* "rc4-40" */
2308&(nid_objs[120]),/* "rc5-cbc" */
2309&(nid_objs[122]),/* "rc5-cfb" */
2310&(nid_objs[121]),/* "rc5-ecb" */
2311&(nid_objs[123]),/* "rc5-ofb" */
2312&(nid_objs[460]),/* "rfc822Mailbox" */
2313&(nid_objs[117]),/* "ripemd160" */
2314&(nid_objs[119]),/* "ripemd160WithRSA" */
2315&(nid_objs[400]),/* "role" */
2316&(nid_objs[448]),/* "room" */
2317&(nid_objs[463]),/* "roomNumber" */
2318&(nid_objs[19]),/* "rsa" */
2319&(nid_objs[ 6]),/* "rsaEncryption" */
2320&(nid_objs[377]),/* "rsaSignature" */
2321&(nid_objs[124]),/* "run length compression" */
2322&(nid_objs[482]),/* "sOARecord" */
2323&(nid_objs[155]),/* "safeContentsBag" */
2324&(nid_objs[291]),/* "sbqp-autonomousSysNum" */
2325&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
2326&(nid_objs[292]),/* "sbqp-routerIdentifier" */
2327&(nid_objs[159]),/* "sdsiCertificate" */
2328&(nid_objs[154]),/* "secretBag" */
2329&(nid_objs[474]),/* "secretary" */
2330&(nid_objs[105]),/* "serialNumber" */
2331&(nid_objs[41]),/* "sha" */
2332&(nid_objs[64]),/* "sha1" */
2333&(nid_objs[115]),/* "sha1WithRSA" */
2334&(nid_objs[65]),/* "sha1WithRSAEncryption" */
2335&(nid_objs[42]),/* "shaWithRSAEncryption" */
2336&(nid_objs[52]),/* "signingTime" */
2337&(nid_objs[454]),/* "simpleSecurityObject" */
2338&(nid_objs[496]),/* "singleLevelQuality" */
2339&(nid_objs[16]),/* "stateOrProvinceName" */
2340&(nid_objs[498]),/* "subtreeMaximumQuality" */
2341&(nid_objs[497]),/* "subtreeMinimumQuality" */
2342&(nid_objs[100]),/* "surname" */
2343&(nid_objs[459]),/* "textEncodedORAddress" */
2344&(nid_objs[293]),/* "textNotice" */
2345&(nid_objs[106]),/* "title" */
2346&(nid_objs[436]),/* "ucl" */
2347&(nid_objs[ 0]),/* "undefined" */
2348&(nid_objs[55]),/* "unstructuredAddress" */
2349&(nid_objs[49]),/* "unstructuredName" */
2350&(nid_objs[465]),/* "userClass" */
2351&(nid_objs[458]),/* "userId" */
2352&(nid_objs[373]),/* "valid" */
2353&(nid_objs[503]),/* "x500UniqueIdentifier" */
2354&(nid_objs[158]),/* "x509Certificate" */
2355&(nid_objs[160]),/* "x509Crl" */
2356&(nid_objs[125]),/* "zlib compression" */
2357};
2358
2359static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2360&(nid_objs[ 0]),/* OBJ_undef 0 */
2361&(nid_objs[404]),/* OBJ_ccitt 0 */
2362&(nid_objs[434]),/* OBJ_data 0 9 */
2363&(nid_objs[181]),/* OBJ_iso 1 */
2364&(nid_objs[182]),/* OBJ_member_body 1 2 */
2365&(nid_objs[379]),/* OBJ_org 1 3 */
2366&(nid_objs[393]),/* OBJ_joint_iso_ccitt 2 */
2367&(nid_objs[11]),/* OBJ_X500 2 5 */
2368&(nid_objs[380]),/* OBJ_dod 1 3 6 */
2369&(nid_objs[12]),/* OBJ_X509 2 5 4 */
2370&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */
2371&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */
2372&(nid_objs[435]),/* OBJ_pss 0 9 2342 */
2373&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */
2374&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */
2375&(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */
2376&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
2377&(nid_objs[100]),/* OBJ_surname 2 5 4 4 */
2378&(nid_objs[105]),/* OBJ_serialNumber 2 5 4 5 */
2379&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
2380&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
2381&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
2382&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
2383&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
2384&(nid_objs[106]),/* OBJ_title 2 5 4 12 */
2385&(nid_objs[107]),/* OBJ_description 2 5 4 13 */
2386&(nid_objs[173]),/* OBJ_name 2 5 4 41 */
2387&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
2388&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
2389&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */
2390&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
2391&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
2392&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
2393&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
2394&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
2395&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
2396&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
2397&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
2398&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
2399&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
2400&(nid_objs[141]),/* OBJ_crl_reason 2 5 29 21 */
2401&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
2402&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
2403&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
2404&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
2405&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
2406&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
2407&(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */
2408&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
2409&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */
2410&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */
2411&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */
2412&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */
2413&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */
2414&(nid_objs[385]),/* OBJ_Private 1 3 6 1 4 */
2415&(nid_objs[386]),/* OBJ_Security 1 3 6 1 5 */
2416&(nid_objs[387]),/* OBJ_SNMPv2 1 3 6 1 6 */
2417&(nid_objs[388]),/* OBJ_Mail 1 3 6 1 7 */
2418&(nid_objs[376]),/* OBJ_algorithm 1 3 14 3 2 */
2419&(nid_objs[395]),/* OBJ_clearance 2 5 1 5 55 */
2420&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
2421&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
2422&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
2423&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */
2424&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */
2425&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */
2426&(nid_objs[504]),/* OBJ_mime_mhs 1 3 6 1 7 1 */
2427&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
2428&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
2429&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
2430&(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */
2431&(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */
2432&(nid_objs[377]),/* OBJ_rsaSignature 1 3 14 3 2 11 */
2433&(nid_objs[67]),/* OBJ_dsa_2 1 3 14 3 2 12 */
2434&(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */
2435&(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
2436&(nid_objs[32]),/* OBJ_des_ede_ecb 1 3 14 3 2 17 */
2437&(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */
2438&(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */
2439&(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
2440&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
2441&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
2442&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
2443&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
2444&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */
2445&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
2446&(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */
2447&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */
2448&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
2449&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
2450&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
2451&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */
2452&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
2453&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
2454&(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
2455&(nid_objs[433]),/* OBJ_hold_instruction_reject 1 2 840 10040 2 3 */
2456&(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */
2457&(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
2458&(nid_objs[406]),/* OBJ_X9_62_prime_field 1 2 840 10045 1 1 */
2459&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
2460&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */
2461&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
2462&(nid_objs[258]),/* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
2463&(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */
2464&(nid_objs[259]),/* OBJ_id_qt 1 3 6 1 5 5 7 2 */
2465&(nid_objs[128]),/* OBJ_id_kp 1 3 6 1 5 5 7 3 */
2466&(nid_objs[260]),/* OBJ_id_it 1 3 6 1 5 5 7 4 */
2467&(nid_objs[261]),/* OBJ_id_pkip 1 3 6 1 5 5 7 5 */
2468&(nid_objs[262]),/* OBJ_id_alg 1 3 6 1 5 5 7 6 */
2469&(nid_objs[263]),/* OBJ_id_cmc 1 3 6 1 5 5 7 7 */
2470&(nid_objs[264]),/* OBJ_id_on 1 3 6 1 5 5 7 8 */
2471&(nid_objs[265]),/* OBJ_id_pda 1 3 6 1 5 5 7 9 */
2472&(nid_objs[266]),/* OBJ_id_aca 1 3 6 1 5 5 7 10 */
2473&(nid_objs[267]),/* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
2474&(nid_objs[268]),/* OBJ_id_cct 1 3 6 1 5 5 7 12 */
2475&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */
2476&(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
2477&(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
2478&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
2479&(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */
2480&(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */
2481&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
2482&(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */
2483&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
2484&(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */
2485&(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */
2486&(nid_objs[257]),/* OBJ_md4 1 2 840 113549 2 4 */
2487&(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */
2488&(nid_objs[163]),/* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */
2489&(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */
2490&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
2491&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
2492&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
2493&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
2494&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
2495&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
2496&(nid_objs[412]),/* OBJ_X9_62_prime239v1 1 2 840 10045 3 1 4 */
2497&(nid_objs[413]),/* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */
2498&(nid_objs[414]),/* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */
2499&(nid_objs[415]),/* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */
2500&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */
2501&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */
2502&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */
2503&(nid_objs[272]),/* OBJ_id_pkix1_implicit_93 1 3 6 1 5 5 7 0 4 */
2504&(nid_objs[273]),/* OBJ_id_mod_crmf 1 3 6 1 5 5 7 0 5 */
2505&(nid_objs[274]),/* OBJ_id_mod_cmc 1 3 6 1 5 5 7 0 6 */
2506&(nid_objs[275]),/* OBJ_id_mod_kea_profile_88 1 3 6 1 5 5 7 0 7 */
2507&(nid_objs[276]),/* OBJ_id_mod_kea_profile_93 1 3 6 1 5 5 7 0 8 */
2508&(nid_objs[277]),/* OBJ_id_mod_cmp 1 3 6 1 5 5 7 0 9 */
2509&(nid_objs[278]),/* OBJ_id_mod_qualified_cert_88 1 3 6 1 5 5 7 0 10 */
2510&(nid_objs[279]),/* OBJ_id_mod_qualified_cert_93 1 3 6 1 5 5 7 0 11 */
2511&(nid_objs[280]),/* OBJ_id_mod_attribute_cert 1 3 6 1 5 5 7 0 12 */
2512&(nid_objs[281]),/* OBJ_id_mod_timestamp_protocol 1 3 6 1 5 5 7 0 13 */
2513&(nid_objs[282]),/* OBJ_id_mod_ocsp 1 3 6 1 5 5 7 0 14 */
2514&(nid_objs[283]),/* OBJ_id_mod_dvcs 1 3 6 1 5 5 7 0 15 */
2515&(nid_objs[284]),/* OBJ_id_mod_cmp2000 1 3 6 1 5 5 7 0 16 */
2516&(nid_objs[177]),/* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
2517&(nid_objs[285]),/* OBJ_biometricInfo 1 3 6 1 5 5 7 1 2 */
2518&(nid_objs[286]),/* OBJ_qcStatements 1 3 6 1 5 5 7 1 3 */
2519&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
2520&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
2521&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
2522&(nid_objs[290]),/* OBJ_sbqp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
2523&(nid_objs[291]),/* OBJ_sbqp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
2524&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
2525&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
2526&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
2527&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
2528&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
2529&(nid_objs[293]),/* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
2530&(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
2531&(nid_objs[130]),/* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
2532&(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
2533&(nid_objs[132]),/* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
2534&(nid_objs[294]),/* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */
2535&(nid_objs[295]),/* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */
2536&(nid_objs[296]),/* OBJ_ipsecUser 1 3 6 1 5 5 7 3 7 */
2537&(nid_objs[133]),/* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
2538&(nid_objs[180]),/* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */
2539&(nid_objs[297]),/* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */
2540&(nid_objs[298]),/* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */
2541&(nid_objs[299]),/* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */
2542&(nid_objs[300]),/* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */
2543&(nid_objs[301]),/* OBJ_id_it_preferredSymmAlg 1 3 6 1 5 5 7 4 4 */
2544&(nid_objs[302]),/* OBJ_id_it_caKeyUpdateInfo 1 3 6 1 5 5 7 4 5 */
2545&(nid_objs[303]),/* OBJ_id_it_currentCRL 1 3 6 1 5 5 7 4 6 */
2546&(nid_objs[304]),/* OBJ_id_it_unsupportedOIDs 1 3 6 1 5 5 7 4 7 */
2547&(nid_objs[305]),/* OBJ_id_it_subscriptionRequest 1 3 6 1 5 5 7 4 8 */
2548&(nid_objs[306]),/* OBJ_id_it_subscriptionResponse 1 3 6 1 5 5 7 4 9 */
2549&(nid_objs[307]),/* OBJ_id_it_keyPairParamReq 1 3 6 1 5 5 7 4 10 */
2550&(nid_objs[308]),/* OBJ_id_it_keyPairParamRep 1 3 6 1 5 5 7 4 11 */
2551&(nid_objs[309]),/* OBJ_id_it_revPassphrase 1 3 6 1 5 5 7 4 12 */
2552&(nid_objs[310]),/* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */
2553&(nid_objs[311]),/* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */
2554&(nid_objs[312]),/* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */
2555&(nid_objs[313]),/* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */
2556&(nid_objs[314]),/* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */
2557&(nid_objs[323]),/* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */
2558&(nid_objs[324]),/* OBJ_id_alg_noSignature 1 3 6 1 5 5 7 6 2 */
2559&(nid_objs[325]),/* OBJ_id_alg_dh_sig_hmac_sha1 1 3 6 1 5 5 7 6 3 */
2560&(nid_objs[326]),/* OBJ_id_alg_dh_pop 1 3 6 1 5 5 7 6 4 */
2561&(nid_objs[327]),/* OBJ_id_cmc_statusInfo 1 3 6 1 5 5 7 7 1 */
2562&(nid_objs[328]),/* OBJ_id_cmc_identification 1 3 6 1 5 5 7 7 2 */
2563&(nid_objs[329]),/* OBJ_id_cmc_identityProof 1 3 6 1 5 5 7 7 3 */
2564&(nid_objs[330]),/* OBJ_id_cmc_dataReturn 1 3 6 1 5 5 7 7 4 */
2565&(nid_objs[331]),/* OBJ_id_cmc_transactionId 1 3 6 1 5 5 7 7 5 */
2566&(nid_objs[332]),/* OBJ_id_cmc_senderNonce 1 3 6 1 5 5 7 7 6 */
2567&(nid_objs[333]),/* OBJ_id_cmc_recipientNonce 1 3 6 1 5 5 7 7 7 */
2568&(nid_objs[334]),/* OBJ_id_cmc_addExtensions 1 3 6 1 5 5 7 7 8 */
2569&(nid_objs[335]),/* OBJ_id_cmc_encryptedPOP 1 3 6 1 5 5 7 7 9 */
2570&(nid_objs[336]),/* OBJ_id_cmc_decryptedPOP 1 3 6 1 5 5 7 7 10 */
2571&(nid_objs[337]),/* OBJ_id_cmc_lraPOPWitness 1 3 6 1 5 5 7 7 11 */
2572&(nid_objs[338]),/* OBJ_id_cmc_getCert 1 3 6 1 5 5 7 7 15 */
2573&(nid_objs[339]),/* OBJ_id_cmc_getCRL 1 3 6 1 5 5 7 7 16 */
2574&(nid_objs[340]),/* OBJ_id_cmc_revokeRequest 1 3 6 1 5 5 7 7 17 */
2575&(nid_objs[341]),/* OBJ_id_cmc_regInfo 1 3 6 1 5 5 7 7 18 */
2576&(nid_objs[342]),/* OBJ_id_cmc_responseInfo 1 3 6 1 5 5 7 7 19 */
2577&(nid_objs[343]),/* OBJ_id_cmc_queryPending 1 3 6 1 5 5 7 7 21 */
2578&(nid_objs[344]),/* OBJ_id_cmc_popLinkRandom 1 3 6 1 5 5 7 7 22 */
2579&(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */
2580&(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
2581&(nid_objs[347]),/* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */
2582&(nid_objs[348]),/* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */
2583&(nid_objs[349]),/* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */
2584&(nid_objs[351]),/* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */
2585&(nid_objs[352]),/* OBJ_id_pda_countryOfCitizenship 1 3 6 1 5 5 7 9 4 */
2586&(nid_objs[353]),/* OBJ_id_pda_countryOfResidence 1 3 6 1 5 5 7 9 5 */
2587&(nid_objs[354]),/* OBJ_id_aca_authenticationInfo 1 3 6 1 5 5 7 10 1 */
2588&(nid_objs[355]),/* OBJ_id_aca_accessIdentity 1 3 6 1 5 5 7 10 2 */
2589&(nid_objs[356]),/* OBJ_id_aca_chargingIdentity 1 3 6 1 5 5 7 10 3 */
2590&(nid_objs[357]),/* OBJ_id_aca_group 1 3 6 1 5 5 7 10 4 */
2591&(nid_objs[358]),/* OBJ_id_aca_role 1 3 6 1 5 5 7 10 5 */
2592&(nid_objs[399]),/* OBJ_id_aca_encAttrs 1 3 6 1 5 5 7 10 6 */
2593&(nid_objs[359]),/* OBJ_id_qcs_pkixQCSyntax_v1 1 3 6 1 5 5 7 11 1 */
2594&(nid_objs[360]),/* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
2595&(nid_objs[361]),/* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
2596&(nid_objs[362]),/* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
2597&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
2598&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
2599&(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
2600&(nid_objs[364]),/* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */
2601&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
2602&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
2603&(nid_objs[438]),/* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */
2604&(nid_objs[439]),/* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */
2605&(nid_objs[440]),/* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */
2606&(nid_objs[441]),/* OBJ_pilotGroups 0 9 2342 19200300 100 10 */
2607&(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
2608&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
2609&(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
2610&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
2611&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
2612&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
2613&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
2614&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
2615&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
2616&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
2617&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */
2618&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */
2619&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */
2620&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
2621&(nid_objs[69]),/* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */
2622&(nid_objs[161]),/* OBJ_pbes2 1 2 840 113549 1 5 13 */
2623&(nid_objs[162]),/* OBJ_pbmac1 1 2 840 113549 1 5 14 */
2624&(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
2625&(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
2626&(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
2627&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
2628&(nid_objs[25]),/* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
2629&(nid_objs[26]),/* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
2630&(nid_objs[48]),/* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
2631&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
2632&(nid_objs[50]),/* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
2633&(nid_objs[51]),/* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
2634&(nid_objs[52]),/* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
2635&(nid_objs[53]),/* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
2636&(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
2637&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
2638&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
2639&(nid_objs[172]),/* OBJ_ext_req 1 2 840 113549 1 9 14 */
2640&(nid_objs[167]),/* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */
2641&(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */
2642&(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */
2643&(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */
2644&(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
2645&(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */
2646&(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
2647&(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */
2648&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */
2649&(nid_objs[317]),/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
2650&(nid_objs[318]),/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
2651&(nid_objs[319]),/* OBJ_id_regCtrl_oldCertID 1 3 6 1 5 5 7 5 1 5 */
2652&(nid_objs[320]),/* OBJ_id_regCtrl_protocolEncrKey 1 3 6 1 5 5 7 5 1 6 */
2653&(nid_objs[321]),/* OBJ_id_regInfo_utf8Pairs 1 3 6 1 5 5 7 5 2 1 */
2654&(nid_objs[322]),/* OBJ_id_regInfo_certReq 1 3 6 1 5 5 7 5 2 2 */
2655&(nid_objs[365]),/* OBJ_id_pkix_OCSP_basic 1 3 6 1 5 5 7 48 1 1 */
2656&(nid_objs[366]),/* OBJ_id_pkix_OCSP_Nonce 1 3 6 1 5 5 7 48 1 2 */
2657&(nid_objs[367]),/* OBJ_id_pkix_OCSP_CrlID 1 3 6 1 5 5 7 48 1 3 */
2658&(nid_objs[368]),/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
2659&(nid_objs[369]),/* OBJ_id_pkix_OCSP_noCheck 1 3 6 1 5 5 7 48 1 5 */
2660&(nid_objs[370]),/* OBJ_id_pkix_OCSP_archiveCutoff 1 3 6 1 5 5 7 48 1 6 */
2661&(nid_objs[371]),/* OBJ_id_pkix_OCSP_serviceLocator 1 3 6 1 5 5 7 48 1 7 */
2662&(nid_objs[372]),/* OBJ_id_pkix_OCSP_extendedStatus 1 3 6 1 5 5 7 48 1 8 */
2663&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */
2664&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */
2665&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */
2666&(nid_objs[418]),/* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */
2667&(nid_objs[419]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */
2668&(nid_objs[420]),/* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */
2669&(nid_objs[421]),/* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */
2670&(nid_objs[422]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
2671&(nid_objs[423]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
2672&(nid_objs[424]),/* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */
2673&(nid_objs[425]),/* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */
2674&(nid_objs[426]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
2675&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
2676&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
2677&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
2678&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
2679&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
2680&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
2681&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
2682&(nid_objs[75]),/* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
2683&(nid_objs[76]),/* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
2684&(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
2685&(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
2686&(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
2687&(nid_objs[139]),/* OBJ_ns_sgc 2 16 840 1 113730 4 1 */
2688&(nid_objs[458]),/* OBJ_userId 0 9 2342 19200300 100 1 1 */
2689&(nid_objs[459]),/* OBJ_textEncodedORAddress 0 9 2342 19200300 100 1 2 */
2690&(nid_objs[460]),/* OBJ_rfc822Mailbox 0 9 2342 19200300 100 1 3 */
2691&(nid_objs[461]),/* OBJ_info 0 9 2342 19200300 100 1 4 */
2692&(nid_objs[462]),/* OBJ_favouriteDrink 0 9 2342 19200300 100 1 5 */
2693&(nid_objs[463]),/* OBJ_roomNumber 0 9 2342 19200300 100 1 6 */
2694&(nid_objs[464]),/* OBJ_photo 0 9 2342 19200300 100 1 7 */
2695&(nid_objs[465]),/* OBJ_userClass 0 9 2342 19200300 100 1 8 */
2696&(nid_objs[466]),/* OBJ_host 0 9 2342 19200300 100 1 9 */
2697&(nid_objs[467]),/* OBJ_manager 0 9 2342 19200300 100 1 10 */
2698&(nid_objs[468]),/* OBJ_documentIdentifier 0 9 2342 19200300 100 1 11 */
2699&(nid_objs[469]),/* OBJ_documentTitle 0 9 2342 19200300 100 1 12 */
2700&(nid_objs[470]),/* OBJ_documentVersion 0 9 2342 19200300 100 1 13 */
2701&(nid_objs[471]),/* OBJ_documentAuthor 0 9 2342 19200300 100 1 14 */
2702&(nid_objs[472]),/* OBJ_documentLocation 0 9 2342 19200300 100 1 15 */
2703&(nid_objs[473]),/* OBJ_homeTelephoneNumber 0 9 2342 19200300 100 1 20 */
2704&(nid_objs[474]),/* OBJ_secretary 0 9 2342 19200300 100 1 21 */
2705&(nid_objs[475]),/* OBJ_otherMailbox 0 9 2342 19200300 100 1 22 */
2706&(nid_objs[476]),/* OBJ_lastModifiedTime 0 9 2342 19200300 100 1 23 */
2707&(nid_objs[477]),/* OBJ_lastModifiedBy 0 9 2342 19200300 100 1 24 */
2708&(nid_objs[391]),/* OBJ_domainComponent 0 9 2342 19200300 100 1 25 */
2709&(nid_objs[478]),/* OBJ_aRecord 0 9 2342 19200300 100 1 26 */
2710&(nid_objs[479]),/* OBJ_pilotAttributeType27 0 9 2342 19200300 100 1 27 */
2711&(nid_objs[480]),/* OBJ_mXRecord 0 9 2342 19200300 100 1 28 */
2712&(nid_objs[481]),/* OBJ_nSRecord 0 9 2342 19200300 100 1 29 */
2713&(nid_objs[482]),/* OBJ_sOARecord 0 9 2342 19200300 100 1 30 */
2714&(nid_objs[483]),/* OBJ_cNAMERecord 0 9 2342 19200300 100 1 31 */
2715&(nid_objs[484]),/* OBJ_associatedDomain 0 9 2342 19200300 100 1 37 */
2716&(nid_objs[485]),/* OBJ_associatedName 0 9 2342 19200300 100 1 38 */
2717&(nid_objs[486]),/* OBJ_homePostalAddress 0 9 2342 19200300 100 1 39 */
2718&(nid_objs[487]),/* OBJ_personalTitle 0 9 2342 19200300 100 1 40 */
2719&(nid_objs[488]),/* OBJ_mobileTelephoneNumber 0 9 2342 19200300 100 1 41 */
2720&(nid_objs[489]),/* OBJ_pagerTelephoneNumber 0 9 2342 19200300 100 1 42 */
2721&(nid_objs[490]),/* OBJ_friendlyCountryName 0 9 2342 19200300 100 1 43 */
2722&(nid_objs[491]),/* OBJ_organizationalStatus 0 9 2342 19200300 100 1 45 */
2723&(nid_objs[492]),/* OBJ_janetMailbox 0 9 2342 19200300 100 1 46 */
2724&(nid_objs[493]),/* OBJ_mailPreferenceOption 0 9 2342 19200300 100 1 47 */
2725&(nid_objs[494]),/* OBJ_buildingName 0 9 2342 19200300 100 1 48 */
2726&(nid_objs[495]),/* OBJ_dSAQuality 0 9 2342 19200300 100 1 49 */
2727&(nid_objs[496]),/* OBJ_singleLevelQuality 0 9 2342 19200300 100 1 50 */
2728&(nid_objs[497]),/* OBJ_subtreeMinimumQuality 0 9 2342 19200300 100 1 51 */
2729&(nid_objs[498]),/* OBJ_subtreeMaximumQuality 0 9 2342 19200300 100 1 52 */
2730&(nid_objs[499]),/* OBJ_personalSignature 0 9 2342 19200300 100 1 53 */
2731&(nid_objs[500]),/* OBJ_dITRedirect 0 9 2342 19200300 100 1 54 */
2732&(nid_objs[501]),/* OBJ_audio 0 9 2342 19200300 100 1 55 */
2733&(nid_objs[502]),/* OBJ_documentPublisher 0 9 2342 19200300 100 1 56 */
2734&(nid_objs[442]),/* OBJ_iA5StringSyntax 0 9 2342 19200300 100 3 4 */
2735&(nid_objs[443]),/* OBJ_caseIgnoreIA5StringSyntax 0 9 2342 19200300 100 3 5 */
2736&(nid_objs[444]),/* OBJ_pilotObject 0 9 2342 19200300 100 4 3 */
2737&(nid_objs[445]),/* OBJ_pilotPerson 0 9 2342 19200300 100 4 4 */
2738&(nid_objs[446]),/* OBJ_account 0 9 2342 19200300 100 4 5 */
2739&(nid_objs[447]),/* OBJ_document 0 9 2342 19200300 100 4 6 */
2740&(nid_objs[448]),/* OBJ_room 0 9 2342 19200300 100 4 7 */
2741&(nid_objs[449]),/* OBJ_documentSeries 0 9 2342 19200300 100 4 9 */
2742&(nid_objs[392]),/* OBJ_Domain 0 9 2342 19200300 100 4 13 */
2743&(nid_objs[450]),/* OBJ_rFC822localPart 0 9 2342 19200300 100 4 14 */
2744&(nid_objs[451]),/* OBJ_dNSDomain 0 9 2342 19200300 100 4 15 */
2745&(nid_objs[452]),/* OBJ_domainRelatedObject 0 9 2342 19200300 100 4 17 */
2746&(nid_objs[453]),/* OBJ_friendlyCountry 0 9 2342 19200300 100 4 18 */
2747&(nid_objs[454]),/* OBJ_simpleSecurityObject 0 9 2342 19200300 100 4 19 */
2748&(nid_objs[455]),/* OBJ_pilotOrganization 0 9 2342 19200300 100 4 20 */
2749&(nid_objs[456]),/* OBJ_pilotDSA 0 9 2342 19200300 100 4 21 */
2750&(nid_objs[457]),/* OBJ_qualityLabelledData 0 9 2342 19200300 100 4 22 */
2751&(nid_objs[189]),/* OBJ_id_smime_mod 1 2 840 113549 1 9 16 0 */
2752&(nid_objs[190]),/* OBJ_id_smime_ct 1 2 840 113549 1 9 16 1 */
2753&(nid_objs[191]),/* OBJ_id_smime_aa 1 2 840 113549 1 9 16 2 */
2754&(nid_objs[192]),/* OBJ_id_smime_alg 1 2 840 113549 1 9 16 3 */
2755&(nid_objs[193]),/* OBJ_id_smime_cd 1 2 840 113549 1 9 16 4 */
2756&(nid_objs[194]),/* OBJ_id_smime_spq 1 2 840 113549 1 9 16 5 */
2757&(nid_objs[195]),/* OBJ_id_smime_cti 1 2 840 113549 1 9 16 6 */
2758&(nid_objs[158]),/* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */
2759&(nid_objs[159]),/* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */
2760&(nid_objs[160]),/* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */
2761&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */
2762&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */
2763&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
2764&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
2765&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
2766&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */
2767&(nid_objs[171]),/* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */
2768&(nid_objs[134]),/* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */
2769&(nid_objs[135]),/* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */
2770&(nid_objs[136]),/* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
2771&(nid_objs[137]),/* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
2772&(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
2773&(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
2774&(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
2775&(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
2776&(nid_objs[199]),/* OBJ_id_smime_mod_msg_v3 1 2 840 113549 1 9 16 0 4 */
2777&(nid_objs[200]),/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
2778&(nid_objs[201]),/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
2779&(nid_objs[202]),/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
2780&(nid_objs[203]),/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
2781&(nid_objs[204]),/* OBJ_id_smime_ct_receipt 1 2 840 113549 1 9 16 1 1 */
2782&(nid_objs[205]),/* OBJ_id_smime_ct_authData 1 2 840 113549 1 9 16 1 2 */
2783&(nid_objs[206]),/* OBJ_id_smime_ct_publishCert 1 2 840 113549 1 9 16 1 3 */
2784&(nid_objs[207]),/* OBJ_id_smime_ct_TSTInfo 1 2 840 113549 1 9 16 1 4 */
2785&(nid_objs[208]),/* OBJ_id_smime_ct_TDTInfo 1 2 840 113549 1 9 16 1 5 */
2786&(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */
2787&(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */
2788&(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
2789&(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */
2790&(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */
2791&(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */
2792&(nid_objs[215]),/* OBJ_id_smime_aa_contentHint 1 2 840 113549 1 9 16 2 4 */
2793&(nid_objs[216]),/* OBJ_id_smime_aa_msgSigDigest 1 2 840 113549 1 9 16 2 5 */
2794&(nid_objs[217]),/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
2795&(nid_objs[218]),/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
2796&(nid_objs[219]),/* OBJ_id_smime_aa_macValue 1 2 840 113549 1 9 16 2 8 */
2797&(nid_objs[220]),/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
2798&(nid_objs[221]),/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
2799&(nid_objs[222]),/* OBJ_id_smime_aa_encrypKeyPref 1 2 840 113549 1 9 16 2 11 */
2800&(nid_objs[223]),/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
2801&(nid_objs[224]),/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
2802&(nid_objs[225]),/* OBJ_id_smime_aa_timeStampToken 1 2 840 113549 1 9 16 2 14 */
2803&(nid_objs[226]),/* OBJ_id_smime_aa_ets_sigPolicyId 1 2 840 113549 1 9 16 2 15 */
2804&(nid_objs[227]),/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
2805&(nid_objs[228]),/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
2806&(nid_objs[229]),/* OBJ_id_smime_aa_ets_signerAttr 1 2 840 113549 1 9 16 2 18 */
2807&(nid_objs[230]),/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
2808&(nid_objs[231]),/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
2809&(nid_objs[232]),/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
2810&(nid_objs[233]),/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
2811&(nid_objs[234]),/* OBJ_id_smime_aa_ets_certValues 1 2 840 113549 1 9 16 2 23 */
2812&(nid_objs[235]),/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
2813&(nid_objs[236]),/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
2814&(nid_objs[237]),/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
2815&(nid_objs[238]),/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
2816&(nid_objs[239]),/* OBJ_id_smime_aa_signatureType 1 2 840 113549 1 9 16 2 28 */
2817&(nid_objs[240]),/* OBJ_id_smime_aa_dvcs_dvc 1 2 840 113549 1 9 16 2 29 */
2818&(nid_objs[241]),/* OBJ_id_smime_alg_ESDHwith3DES 1 2 840 113549 1 9 16 3 1 */
2819&(nid_objs[242]),/* OBJ_id_smime_alg_ESDHwithRC2 1 2 840 113549 1 9 16 3 2 */
2820&(nid_objs[243]),/* OBJ_id_smime_alg_3DESwrap 1 2 840 113549 1 9 16 3 3 */
2821&(nid_objs[244]),/* OBJ_id_smime_alg_RC2wrap 1 2 840 113549 1 9 16 3 4 */
2822&(nid_objs[245]),/* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */
2823&(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */
2824&(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */
2825&(nid_objs[248]),/* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */
2826&(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */
2827&(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
2828&(nid_objs[251]),/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
2829&(nid_objs[252]),/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
2830&(nid_objs[253]),/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
2831&(nid_objs[254]),/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
2832&(nid_objs[255]),/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
2833&(nid_objs[256]),/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
2834&(nid_objs[150]),/* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */
2835&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */
2836&(nid_objs[152]),/* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */
2837&(nid_objs[153]),/* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */
2838&(nid_objs[154]),/* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */
2839&(nid_objs[155]),/* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */
2840&(nid_objs[34]),/* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */
2841};
2842
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.pl b/src/lib/libssl/src/crypto/objects/obj_dat.pl
index 5dfb84ea00..85ab209809 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.pl
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.pl
@@ -1,4 +1,5 @@
1#!/usr/local/bin/perl 1#!/usr/local/bin/perl
2use integer;
2 3
3sub obj_cmp 4sub obj_cmp
4 { 5 {
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.h b/src/lib/libssl/src/crypto/objects/obj_mac.h
deleted file mode 100644
index 6d77fcba3f..0000000000
--- a/src/lib/libssl/src/crypto/objects/obj_mac.h
+++ /dev/null
@@ -1,2307 +0,0 @@
1/* crypto/objects/obj_mac.h */
2
3/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
4 * following command:
5 * perl objects.pl objects.txt obj_mac.num obj_mac.h
6 */
7
8/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
9 * All rights reserved.
10 *
11 * This package is an SSL implementation written
12 * by Eric Young (eay@cryptsoft.com).
13 * The implementation was written so as to conform with Netscapes SSL.
14 *
15 * This library is free for commercial and non-commercial use as long as
16 * the following conditions are aheared to. The following conditions
17 * apply to all code found in this distribution, be it the RC4, RSA,
18 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
19 * included with this distribution is covered by the same copyright terms
20 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
21 *
22 * Copyright remains Eric Young's, and as such any Copyright notices in
23 * the code are not to be removed.
24 * If this package is used in a product, Eric Young should be given attribution
25 * as the author of the parts of the library used.
26 * This can be in the form of a textual message at program startup or
27 * in documentation (online or textual) provided with the package.
28 *
29 * Redistribution and use in source and binary forms, with or without
30 * modification, are permitted provided that the following conditions
31 * are met:
32 * 1. Redistributions of source code must retain the copyright
33 * notice, this list of conditions and the following disclaimer.
34 * 2. Redistributions in binary form must reproduce the above copyright
35 * notice, this list of conditions and the following disclaimer in the
36 * documentation and/or other materials provided with the distribution.
37 * 3. All advertising materials mentioning features or use of this software
38 * must display the following acknowledgement:
39 * "This product includes cryptographic software written by
40 * Eric Young (eay@cryptsoft.com)"
41 * The word 'cryptographic' can be left out if the rouines from the library
42 * being used are not cryptographic related :-).
43 * 4. If you include any Windows specific code (or a derivative thereof) from
44 * the apps directory (application code) you must include an acknowledgement:
45 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
46 *
47 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
50 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
57 * SUCH DAMAGE.
58 *
59 * The licence and distribution terms for any publically available version or
60 * derivative of this code cannot be changed. i.e. this code cannot simply be
61 * copied and put under another distribution licence
62 * [including the GNU Public Licence.]
63 */
64
65#define SN_undef "UNDEF"
66#define LN_undef "undefined"
67#define NID_undef 0
68#define OBJ_undef 0L
69
70#define SN_ccitt "CCITT"
71#define LN_ccitt "ccitt"
72#define NID_ccitt 404
73#define OBJ_ccitt 0L
74
75#define SN_iso "ISO"
76#define LN_iso "iso"
77#define NID_iso 181
78#define OBJ_iso 1L
79
80#define SN_joint_iso_ccitt "JOINT-ISO-CCITT"
81#define LN_joint_iso_ccitt "joint-iso-ccitt"
82#define NID_joint_iso_ccitt 393
83#define OBJ_joint_iso_ccitt 2L
84
85#define SN_member_body "member-body"
86#define LN_member_body "ISO Member Body"
87#define NID_member_body 182
88#define OBJ_member_body OBJ_iso,2L
89
90#define SN_selected_attribute_types "selected-attribute-types"
91#define LN_selected_attribute_types "Selected Attribute Types"
92#define NID_selected_attribute_types 394
93#define OBJ_selected_attribute_types OBJ_joint_iso_ccitt,5L,1L,5L
94
95#define SN_clearance "clearance"
96#define NID_clearance 395
97#define OBJ_clearance OBJ_selected_attribute_types,55L
98
99#define SN_ISO_US "ISO-US"
100#define LN_ISO_US "ISO US Member Body"
101#define NID_ISO_US 183
102#define OBJ_ISO_US OBJ_member_body,840L
103
104#define SN_X9_57 "X9-57"
105#define LN_X9_57 "X9.57"
106#define NID_X9_57 184
107#define OBJ_X9_57 OBJ_ISO_US,10040L
108
109#define SN_X9cm "X9cm"
110#define LN_X9cm "X9.57 CM ?"
111#define NID_X9cm 185
112#define OBJ_X9cm OBJ_X9_57,4L
113
114#define SN_dsa "DSA"
115#define LN_dsa "dsaEncryption"
116#define NID_dsa 116
117#define OBJ_dsa OBJ_X9cm,1L
118
119#define SN_dsaWithSHA1 "DSA-SHA1"
120#define LN_dsaWithSHA1 "dsaWithSHA1"
121#define NID_dsaWithSHA1 113
122#define OBJ_dsaWithSHA1 OBJ_X9cm,3L
123
124#define SN_ansi_X9_62 "ansi-X9-62"
125#define LN_ansi_X9_62 "ANSI X9.62"
126#define NID_ansi_X9_62 405
127#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L
128
129#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L
130
131#define SN_X9_62_prime_field "prime-field"
132#define NID_X9_62_prime_field 406
133#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L
134
135#define SN_X9_62_characteristic_two_field "characteristic-two-field"
136#define NID_X9_62_characteristic_two_field 407
137#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L
138
139#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L
140
141#define SN_X9_62_id_ecPublicKey "id-ecPublicKey"
142#define NID_X9_62_id_ecPublicKey 408
143#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L
144
145#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L
146
147#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L
148
149#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L
150
151#define SN_X9_62_prime192v1 "prime192v1"
152#define NID_X9_62_prime192v1 409
153#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L
154
155#define SN_X9_62_prime192v2 "prime192v2"
156#define NID_X9_62_prime192v2 410
157#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L
158
159#define SN_X9_62_prime192v3 "prime192v3"
160#define NID_X9_62_prime192v3 411
161#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L
162
163#define SN_X9_62_prime239v1 "prime239v1"
164#define NID_X9_62_prime239v1 412
165#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L
166
167#define SN_X9_62_prime239v2 "prime239v2"
168#define NID_X9_62_prime239v2 413
169#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L
170
171#define SN_X9_62_prime239v3 "prime239v3"
172#define NID_X9_62_prime239v3 414
173#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L
174
175#define SN_X9_62_prime256v1 "prime256v1"
176#define NID_X9_62_prime256v1 415
177#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L
178
179#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L
180
181#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1"
182#define NID_ecdsa_with_SHA1 416
183#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
184
185#define SN_cast5_cbc "CAST5-CBC"
186#define LN_cast5_cbc "cast5-cbc"
187#define NID_cast5_cbc 108
188#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L
189
190#define SN_cast5_ecb "CAST5-ECB"
191#define LN_cast5_ecb "cast5-ecb"
192#define NID_cast5_ecb 109
193
194#define SN_cast5_cfb64 "CAST5-CFB"
195#define LN_cast5_cfb64 "cast5-cfb"
196#define NID_cast5_cfb64 110
197
198#define SN_cast5_ofb64 "CAST5-OFB"
199#define LN_cast5_ofb64 "cast5-ofb"
200#define NID_cast5_ofb64 111
201
202#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
203#define NID_pbeWithMD5AndCast5_CBC 112
204#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L
205
206#define SN_rsadsi "rsadsi"
207#define LN_rsadsi "RSA Data Security, Inc."
208#define NID_rsadsi 1
209#define OBJ_rsadsi OBJ_ISO_US,113549L
210
211#define SN_pkcs "pkcs"
212#define LN_pkcs "RSA Data Security, Inc. PKCS"
213#define NID_pkcs 2
214#define OBJ_pkcs OBJ_rsadsi,1L
215
216#define SN_pkcs1 "pkcs1"
217#define NID_pkcs1 186
218#define OBJ_pkcs1 OBJ_pkcs,1L
219
220#define LN_rsaEncryption "rsaEncryption"
221#define NID_rsaEncryption 6
222#define OBJ_rsaEncryption OBJ_pkcs1,1L
223
224#define SN_md2WithRSAEncryption "RSA-MD2"
225#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
226#define NID_md2WithRSAEncryption 7
227#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L
228
229#define SN_md4WithRSAEncryption "RSA-MD4"
230#define LN_md4WithRSAEncryption "md4WithRSAEncryption"
231#define NID_md4WithRSAEncryption 396
232#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L
233
234#define SN_md5WithRSAEncryption "RSA-MD5"
235#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
236#define NID_md5WithRSAEncryption 8
237#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L
238
239#define SN_sha1WithRSAEncryption "RSA-SHA1"
240#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
241#define NID_sha1WithRSAEncryption 65
242#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
243
244#define SN_pkcs3 "pkcs3"
245#define NID_pkcs3 27
246#define OBJ_pkcs3 OBJ_pkcs,3L
247
248#define LN_dhKeyAgreement "dhKeyAgreement"
249#define NID_dhKeyAgreement 28
250#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
251
252#define SN_pkcs5 "pkcs5"
253#define NID_pkcs5 187
254#define OBJ_pkcs5 OBJ_pkcs,5L
255
256#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
257#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
258#define NID_pbeWithMD2AndDES_CBC 9
259#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L
260
261#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
262#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
263#define NID_pbeWithMD5AndDES_CBC 10
264#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L
265
266#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
267#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
268#define NID_pbeWithMD2AndRC2_CBC 168
269#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L
270
271#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
272#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
273#define NID_pbeWithMD5AndRC2_CBC 169
274#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L
275
276#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
277#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
278#define NID_pbeWithSHA1AndDES_CBC 170
279#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L
280
281#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
282#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
283#define NID_pbeWithSHA1AndRC2_CBC 68
284#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L
285
286#define LN_id_pbkdf2 "PBKDF2"
287#define NID_id_pbkdf2 69
288#define OBJ_id_pbkdf2 OBJ_pkcs5,12L
289
290#define LN_pbes2 "PBES2"
291#define NID_pbes2 161
292#define OBJ_pbes2 OBJ_pkcs5,13L
293
294#define LN_pbmac1 "PBMAC1"
295#define NID_pbmac1 162
296#define OBJ_pbmac1 OBJ_pkcs5,14L
297
298#define SN_pkcs7 "pkcs7"
299#define NID_pkcs7 20
300#define OBJ_pkcs7 OBJ_pkcs,7L
301
302#define LN_pkcs7_data "pkcs7-data"
303#define NID_pkcs7_data 21
304#define OBJ_pkcs7_data OBJ_pkcs7,1L
305
306#define LN_pkcs7_signed "pkcs7-signedData"
307#define NID_pkcs7_signed 22
308#define OBJ_pkcs7_signed OBJ_pkcs7,2L
309
310#define LN_pkcs7_enveloped "pkcs7-envelopedData"
311#define NID_pkcs7_enveloped 23
312#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
313
314#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
315#define NID_pkcs7_signedAndEnveloped 24
316#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
317
318#define LN_pkcs7_digest "pkcs7-digestData"
319#define NID_pkcs7_digest 25
320#define OBJ_pkcs7_digest OBJ_pkcs7,5L
321
322#define LN_pkcs7_encrypted "pkcs7-encryptedData"
323#define NID_pkcs7_encrypted 26
324#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
325
326#define SN_pkcs9 "pkcs9"
327#define NID_pkcs9 47
328#define OBJ_pkcs9 OBJ_pkcs,9L
329
330#define LN_pkcs9_emailAddress "emailAddress"
331#define NID_pkcs9_emailAddress 48
332#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
333
334#define LN_pkcs9_unstructuredName "unstructuredName"
335#define NID_pkcs9_unstructuredName 49
336#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
337
338#define LN_pkcs9_contentType "contentType"
339#define NID_pkcs9_contentType 50
340#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
341
342#define LN_pkcs9_messageDigest "messageDigest"
343#define NID_pkcs9_messageDigest 51
344#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
345
346#define LN_pkcs9_signingTime "signingTime"
347#define NID_pkcs9_signingTime 52
348#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
349
350#define LN_pkcs9_countersignature "countersignature"
351#define NID_pkcs9_countersignature 53
352#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
353
354#define LN_pkcs9_challengePassword "challengePassword"
355#define NID_pkcs9_challengePassword 54
356#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
357
358#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
359#define NID_pkcs9_unstructuredAddress 55
360#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
361
362#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
363#define NID_pkcs9_extCertAttributes 56
364#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
365
366#define SN_ext_req "extReq"
367#define LN_ext_req "Extension Request"
368#define NID_ext_req 172
369#define OBJ_ext_req OBJ_pkcs9,14L
370
371#define SN_SMIMECapabilities "SMIME-CAPS"
372#define LN_SMIMECapabilities "S/MIME Capabilities"
373#define NID_SMIMECapabilities 167
374#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
375
376#define SN_SMIME "SMIME"
377#define LN_SMIME "S/MIME"
378#define NID_SMIME 188
379#define OBJ_SMIME OBJ_pkcs9,16L
380
381#define SN_id_smime_mod "id-smime-mod"
382#define NID_id_smime_mod 189
383#define OBJ_id_smime_mod OBJ_SMIME,0L
384
385#define SN_id_smime_ct "id-smime-ct"
386#define NID_id_smime_ct 190
387#define OBJ_id_smime_ct OBJ_SMIME,1L
388
389#define SN_id_smime_aa "id-smime-aa"
390#define NID_id_smime_aa 191
391#define OBJ_id_smime_aa OBJ_SMIME,2L
392
393#define SN_id_smime_alg "id-smime-alg"
394#define NID_id_smime_alg 192
395#define OBJ_id_smime_alg OBJ_SMIME,3L
396
397#define SN_id_smime_cd "id-smime-cd"
398#define NID_id_smime_cd 193
399#define OBJ_id_smime_cd OBJ_SMIME,4L
400
401#define SN_id_smime_spq "id-smime-spq"
402#define NID_id_smime_spq 194
403#define OBJ_id_smime_spq OBJ_SMIME,5L
404
405#define SN_id_smime_cti "id-smime-cti"
406#define NID_id_smime_cti 195
407#define OBJ_id_smime_cti OBJ_SMIME,6L
408
409#define SN_id_smime_mod_cms "id-smime-mod-cms"
410#define NID_id_smime_mod_cms 196
411#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L
412
413#define SN_id_smime_mod_ess "id-smime-mod-ess"
414#define NID_id_smime_mod_ess 197
415#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L
416
417#define SN_id_smime_mod_oid "id-smime-mod-oid"
418#define NID_id_smime_mod_oid 198
419#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L
420
421#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3"
422#define NID_id_smime_mod_msg_v3 199
423#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L
424
425#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88"
426#define NID_id_smime_mod_ets_eSignature_88 200
427#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L
428
429#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97"
430#define NID_id_smime_mod_ets_eSignature_97 201
431#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L
432
433#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88"
434#define NID_id_smime_mod_ets_eSigPolicy_88 202
435#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L
436
437#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97"
438#define NID_id_smime_mod_ets_eSigPolicy_97 203
439#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L
440
441#define SN_id_smime_ct_receipt "id-smime-ct-receipt"
442#define NID_id_smime_ct_receipt 204
443#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L
444
445#define SN_id_smime_ct_authData "id-smime-ct-authData"
446#define NID_id_smime_ct_authData 205
447#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L
448
449#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert"
450#define NID_id_smime_ct_publishCert 206
451#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L
452
453#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo"
454#define NID_id_smime_ct_TSTInfo 207
455#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L
456
457#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo"
458#define NID_id_smime_ct_TDTInfo 208
459#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L
460
461#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo"
462#define NID_id_smime_ct_contentInfo 209
463#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L
464
465#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData"
466#define NID_id_smime_ct_DVCSRequestData 210
467#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L
468
469#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData"
470#define NID_id_smime_ct_DVCSResponseData 211
471#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L
472
473#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
474#define NID_id_smime_aa_receiptRequest 212
475#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L
476
477#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel"
478#define NID_id_smime_aa_securityLabel 213
479#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L
480
481#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory"
482#define NID_id_smime_aa_mlExpandHistory 214
483#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L
484
485#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint"
486#define NID_id_smime_aa_contentHint 215
487#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L
488
489#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest"
490#define NID_id_smime_aa_msgSigDigest 216
491#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L
492
493#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType"
494#define NID_id_smime_aa_encapContentType 217
495#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L
496
497#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier"
498#define NID_id_smime_aa_contentIdentifier 218
499#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L
500
501#define SN_id_smime_aa_macValue "id-smime-aa-macValue"
502#define NID_id_smime_aa_macValue 219
503#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L
504
505#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels"
506#define NID_id_smime_aa_equivalentLabels 220
507#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L
508
509#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference"
510#define NID_id_smime_aa_contentReference 221
511#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L
512
513#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref"
514#define NID_id_smime_aa_encrypKeyPref 222
515#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L
516
517#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate"
518#define NID_id_smime_aa_signingCertificate 223
519#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L
520
521#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts"
522#define NID_id_smime_aa_smimeEncryptCerts 224
523#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L
524
525#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken"
526#define NID_id_smime_aa_timeStampToken 225
527#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L
528
529#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId"
530#define NID_id_smime_aa_ets_sigPolicyId 226
531#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L
532
533#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType"
534#define NID_id_smime_aa_ets_commitmentType 227
535#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L
536
537#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation"
538#define NID_id_smime_aa_ets_signerLocation 228
539#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L
540
541#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr"
542#define NID_id_smime_aa_ets_signerAttr 229
543#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L
544
545#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert"
546#define NID_id_smime_aa_ets_otherSigCert 230
547#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L
548
549#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp"
550#define NID_id_smime_aa_ets_contentTimestamp 231
551#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L
552
553#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs"
554#define NID_id_smime_aa_ets_CertificateRefs 232
555#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L
556
557#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs"
558#define NID_id_smime_aa_ets_RevocationRefs 233
559#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L
560
561#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues"
562#define NID_id_smime_aa_ets_certValues 234
563#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L
564
565#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues"
566#define NID_id_smime_aa_ets_revocationValues 235
567#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L
568
569#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp"
570#define NID_id_smime_aa_ets_escTimeStamp 236
571#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L
572
573#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp"
574#define NID_id_smime_aa_ets_certCRLTimestamp 237
575#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L
576
577#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp"
578#define NID_id_smime_aa_ets_archiveTimeStamp 238
579#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L
580
581#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType"
582#define NID_id_smime_aa_signatureType 239
583#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L
584
585#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc"
586#define NID_id_smime_aa_dvcs_dvc 240
587#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L
588
589#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES"
590#define NID_id_smime_alg_ESDHwith3DES 241
591#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L
592
593#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2"
594#define NID_id_smime_alg_ESDHwithRC2 242
595#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L
596
597#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap"
598#define NID_id_smime_alg_3DESwrap 243
599#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L
600
601#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap"
602#define NID_id_smime_alg_RC2wrap 244
603#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L
604
605#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH"
606#define NID_id_smime_alg_ESDH 245
607#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L
608
609#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap"
610#define NID_id_smime_alg_CMS3DESwrap 246
611#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L
612
613#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap"
614#define NID_id_smime_alg_CMSRC2wrap 247
615#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
616
617#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
618#define NID_id_smime_cd_ldap 248
619#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
620
621#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri"
622#define NID_id_smime_spq_ets_sqt_uri 249
623#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L
624
625#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice"
626#define NID_id_smime_spq_ets_sqt_unotice 250
627#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L
628
629#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin"
630#define NID_id_smime_cti_ets_proofOfOrigin 251
631#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L
632
633#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt"
634#define NID_id_smime_cti_ets_proofOfReceipt 252
635#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L
636
637#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery"
638#define NID_id_smime_cti_ets_proofOfDelivery 253
639#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L
640
641#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender"
642#define NID_id_smime_cti_ets_proofOfSender 254
643#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L
644
645#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval"
646#define NID_id_smime_cti_ets_proofOfApproval 255
647#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L
648
649#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation"
650#define NID_id_smime_cti_ets_proofOfCreation 256
651#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L
652
653#define LN_friendlyName "friendlyName"
654#define NID_friendlyName 156
655#define OBJ_friendlyName OBJ_pkcs9,20L
656
657#define LN_localKeyID "localKeyID"
658#define NID_localKeyID 157
659#define OBJ_localKeyID OBJ_pkcs9,21L
660
661#define SN_ms_csp_name "CSPName"
662#define LN_ms_csp_name "Microsoft CSP Name"
663#define NID_ms_csp_name 417
664#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
665
666#define OBJ_certTypes OBJ_pkcs9,22L
667
668#define LN_x509Certificate "x509Certificate"
669#define NID_x509Certificate 158
670#define OBJ_x509Certificate OBJ_certTypes,1L
671
672#define LN_sdsiCertificate "sdsiCertificate"
673#define NID_sdsiCertificate 159
674#define OBJ_sdsiCertificate OBJ_certTypes,2L
675
676#define OBJ_crlTypes OBJ_pkcs9,23L
677
678#define LN_x509Crl "x509Crl"
679#define NID_x509Crl 160
680#define OBJ_x509Crl OBJ_crlTypes,1L
681
682#define OBJ_pkcs12 OBJ_pkcs,12L
683
684#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L
685
686#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
687#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
688#define NID_pbe_WithSHA1And128BitRC4 144
689#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L
690
691#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
692#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
693#define NID_pbe_WithSHA1And40BitRC4 145
694#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L
695
696#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
697#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
698#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
699#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L
700
701#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
702#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
703#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
704#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L
705
706#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
707#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
708#define NID_pbe_WithSHA1And128BitRC2_CBC 148
709#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L
710
711#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
712#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
713#define NID_pbe_WithSHA1And40BitRC2_CBC 149
714#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L
715
716#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L
717
718#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L
719
720#define LN_keyBag "keyBag"
721#define NID_keyBag 150
722#define OBJ_keyBag OBJ_pkcs12_BagIds,1L
723
724#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
725#define NID_pkcs8ShroudedKeyBag 151
726#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L
727
728#define LN_certBag "certBag"
729#define NID_certBag 152
730#define OBJ_certBag OBJ_pkcs12_BagIds,3L
731
732#define LN_crlBag "crlBag"
733#define NID_crlBag 153
734#define OBJ_crlBag OBJ_pkcs12_BagIds,4L
735
736#define LN_secretBag "secretBag"
737#define NID_secretBag 154
738#define OBJ_secretBag OBJ_pkcs12_BagIds,5L
739
740#define LN_safeContentsBag "safeContentsBag"
741#define NID_safeContentsBag 155
742#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L
743
744#define SN_md2 "MD2"
745#define LN_md2 "md2"
746#define NID_md2 3
747#define OBJ_md2 OBJ_rsadsi,2L,2L
748
749#define SN_md4 "MD4"
750#define LN_md4 "md4"
751#define NID_md4 257
752#define OBJ_md4 OBJ_rsadsi,2L,4L
753
754#define SN_md5 "MD5"
755#define LN_md5 "md5"
756#define NID_md5 4
757#define OBJ_md5 OBJ_rsadsi,2L,5L
758
759#define SN_md5_sha1 "MD5-SHA1"
760#define LN_md5_sha1 "md5-sha1"
761#define NID_md5_sha1 114
762
763#define LN_hmacWithSHA1 "hmacWithSHA1"
764#define NID_hmacWithSHA1 163
765#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
766
767#define SN_rc2_cbc "RC2-CBC"
768#define LN_rc2_cbc "rc2-cbc"
769#define NID_rc2_cbc 37
770#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
771
772#define SN_rc2_ecb "RC2-ECB"
773#define LN_rc2_ecb "rc2-ecb"
774#define NID_rc2_ecb 38
775
776#define SN_rc2_cfb64 "RC2-CFB"
777#define LN_rc2_cfb64 "rc2-cfb"
778#define NID_rc2_cfb64 39
779
780#define SN_rc2_ofb64 "RC2-OFB"
781#define LN_rc2_ofb64 "rc2-ofb"
782#define NID_rc2_ofb64 40
783
784#define SN_rc2_40_cbc "RC2-40-CBC"
785#define LN_rc2_40_cbc "rc2-40-cbc"
786#define NID_rc2_40_cbc 98
787
788#define SN_rc2_64_cbc "RC2-64-CBC"
789#define LN_rc2_64_cbc "rc2-64-cbc"
790#define NID_rc2_64_cbc 166
791
792#define SN_rc4 "RC4"
793#define LN_rc4 "rc4"
794#define NID_rc4 5
795#define OBJ_rc4 OBJ_rsadsi,3L,4L
796
797#define SN_rc4_40 "RC4-40"
798#define LN_rc4_40 "rc4-40"
799#define NID_rc4_40 97
800
801#define SN_des_ede3_cbc "DES-EDE3-CBC"
802#define LN_des_ede3_cbc "des-ede3-cbc"
803#define NID_des_ede3_cbc 44
804#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
805
806#define SN_rc5_cbc "RC5-CBC"
807#define LN_rc5_cbc "rc5-cbc"
808#define NID_rc5_cbc 120
809#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
810
811#define SN_rc5_ecb "RC5-ECB"
812#define LN_rc5_ecb "rc5-ecb"
813#define NID_rc5_ecb 121
814
815#define SN_rc5_cfb64 "RC5-CFB"
816#define LN_rc5_cfb64 "rc5-cfb"
817#define NID_rc5_cfb64 122
818
819#define SN_rc5_ofb64 "RC5-OFB"
820#define LN_rc5_ofb64 "rc5-ofb"
821#define NID_rc5_ofb64 123
822
823#define SN_ms_ext_req "msExtReq"
824#define LN_ms_ext_req "Microsoft Extension Request"
825#define NID_ms_ext_req 171
826#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
827
828#define SN_ms_code_ind "msCodeInd"
829#define LN_ms_code_ind "Microsoft Individual Code Signing"
830#define NID_ms_code_ind 134
831#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
832
833#define SN_ms_code_com "msCodeCom"
834#define LN_ms_code_com "Microsoft Commercial Code Signing"
835#define NID_ms_code_com 135
836#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
837
838#define SN_ms_ctl_sign "msCTLSign"
839#define LN_ms_ctl_sign "Microsoft Trust List Signing"
840#define NID_ms_ctl_sign 136
841#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
842
843#define SN_ms_sgc "msSGC"
844#define LN_ms_sgc "Microsoft Server Gated Crypto"
845#define NID_ms_sgc 137
846#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
847
848#define SN_ms_efs "msEFS"
849#define LN_ms_efs "Microsoft Encrypted File System"
850#define NID_ms_efs 138
851#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
852
853#define SN_idea_cbc "IDEA-CBC"
854#define LN_idea_cbc "idea-cbc"
855#define NID_idea_cbc 34
856#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
857
858#define SN_idea_ecb "IDEA-ECB"
859#define LN_idea_ecb "idea-ecb"
860#define NID_idea_ecb 36
861
862#define SN_idea_cfb64 "IDEA-CFB"
863#define LN_idea_cfb64 "idea-cfb"
864#define NID_idea_cfb64 35
865
866#define SN_idea_ofb64 "IDEA-OFB"
867#define LN_idea_ofb64 "idea-ofb"
868#define NID_idea_ofb64 46
869
870#define SN_bf_cbc "BF-CBC"
871#define LN_bf_cbc "bf-cbc"
872#define NID_bf_cbc 91
873#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
874
875#define SN_bf_ecb "BF-ECB"
876#define LN_bf_ecb "bf-ecb"
877#define NID_bf_ecb 92
878
879#define SN_bf_cfb64 "BF-CFB"
880#define LN_bf_cfb64 "bf-cfb"
881#define NID_bf_cfb64 93
882
883#define SN_bf_ofb64 "BF-OFB"
884#define LN_bf_ofb64 "bf-ofb"
885#define NID_bf_ofb64 94
886
887#define SN_id_pkix "PKIX"
888#define NID_id_pkix 127
889#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
890
891#define SN_id_pkix_mod "id-pkix-mod"
892#define NID_id_pkix_mod 258
893#define OBJ_id_pkix_mod OBJ_id_pkix,0L
894
895#define SN_id_pe "id-pe"
896#define NID_id_pe 175
897#define OBJ_id_pe OBJ_id_pkix,1L
898
899#define SN_id_qt "id-qt"
900#define NID_id_qt 259
901#define OBJ_id_qt OBJ_id_pkix,2L
902
903#define SN_id_kp "id-kp"
904#define NID_id_kp 128
905#define OBJ_id_kp OBJ_id_pkix,3L
906
907#define SN_id_it "id-it"
908#define NID_id_it 260
909#define OBJ_id_it OBJ_id_pkix,4L
910
911#define SN_id_pkip "id-pkip"
912#define NID_id_pkip 261
913#define OBJ_id_pkip OBJ_id_pkix,5L
914
915#define SN_id_alg "id-alg"
916#define NID_id_alg 262
917#define OBJ_id_alg OBJ_id_pkix,6L
918
919#define SN_id_cmc "id-cmc"
920#define NID_id_cmc 263
921#define OBJ_id_cmc OBJ_id_pkix,7L
922
923#define SN_id_on "id-on"
924#define NID_id_on 264
925#define OBJ_id_on OBJ_id_pkix,8L
926
927#define SN_id_pda "id-pda"
928#define NID_id_pda 265
929#define OBJ_id_pda OBJ_id_pkix,9L
930
931#define SN_id_aca "id-aca"
932#define NID_id_aca 266
933#define OBJ_id_aca OBJ_id_pkix,10L
934
935#define SN_id_qcs "id-qcs"
936#define NID_id_qcs 267
937#define OBJ_id_qcs OBJ_id_pkix,11L
938
939#define SN_id_cct "id-cct"
940#define NID_id_cct 268
941#define OBJ_id_cct OBJ_id_pkix,12L
942
943#define SN_id_ad "id-ad"
944#define NID_id_ad 176
945#define OBJ_id_ad OBJ_id_pkix,48L
946
947#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88"
948#define NID_id_pkix1_explicit_88 269
949#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L
950
951#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88"
952#define NID_id_pkix1_implicit_88 270
953#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L
954
955#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93"
956#define NID_id_pkix1_explicit_93 271
957#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L
958
959#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93"
960#define NID_id_pkix1_implicit_93 272
961#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L
962
963#define SN_id_mod_crmf "id-mod-crmf"
964#define NID_id_mod_crmf 273
965#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L
966
967#define SN_id_mod_cmc "id-mod-cmc"
968#define NID_id_mod_cmc 274
969#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L
970
971#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88"
972#define NID_id_mod_kea_profile_88 275
973#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L
974
975#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93"
976#define NID_id_mod_kea_profile_93 276
977#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L
978
979#define SN_id_mod_cmp "id-mod-cmp"
980#define NID_id_mod_cmp 277
981#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L
982
983#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88"
984#define NID_id_mod_qualified_cert_88 278
985#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L
986
987#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93"
988#define NID_id_mod_qualified_cert_93 279
989#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L
990
991#define SN_id_mod_attribute_cert "id-mod-attribute-cert"
992#define NID_id_mod_attribute_cert 280
993#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L
994
995#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol"
996#define NID_id_mod_timestamp_protocol 281
997#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L
998
999#define SN_id_mod_ocsp "id-mod-ocsp"
1000#define NID_id_mod_ocsp 282
1001#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L
1002
1003#define SN_id_mod_dvcs "id-mod-dvcs"
1004#define NID_id_mod_dvcs 283
1005#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L
1006
1007#define SN_id_mod_cmp2000 "id-mod-cmp2000"
1008#define NID_id_mod_cmp2000 284
1009#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L
1010
1011#define SN_info_access "authorityInfoAccess"
1012#define LN_info_access "Authority Information Access"
1013#define NID_info_access 177
1014#define OBJ_info_access OBJ_id_pe,1L
1015
1016#define SN_biometricInfo "biometricInfo"
1017#define LN_biometricInfo "Biometric Info"
1018#define NID_biometricInfo 285
1019#define OBJ_biometricInfo OBJ_id_pe,2L
1020
1021#define SN_qcStatements "qcStatements"
1022#define NID_qcStatements 286
1023#define OBJ_qcStatements OBJ_id_pe,3L
1024
1025#define SN_ac_auditEntity "ac-auditEntity"
1026#define NID_ac_auditEntity 287
1027#define OBJ_ac_auditEntity OBJ_id_pe,4L
1028
1029#define SN_ac_targeting "ac-targeting"
1030#define NID_ac_targeting 288
1031#define OBJ_ac_targeting OBJ_id_pe,5L
1032
1033#define SN_aaControls "aaControls"
1034#define NID_aaControls 289
1035#define OBJ_aaControls OBJ_id_pe,6L
1036
1037#define SN_sbqp_ipAddrBlock "sbqp-ipAddrBlock"
1038#define NID_sbqp_ipAddrBlock 290
1039#define OBJ_sbqp_ipAddrBlock OBJ_id_pe,7L
1040
1041#define SN_sbqp_autonomousSysNum "sbqp-autonomousSysNum"
1042#define NID_sbqp_autonomousSysNum 291
1043#define OBJ_sbqp_autonomousSysNum OBJ_id_pe,8L
1044
1045#define SN_sbqp_routerIdentifier "sbqp-routerIdentifier"
1046#define NID_sbqp_routerIdentifier 292
1047#define OBJ_sbqp_routerIdentifier OBJ_id_pe,9L
1048
1049#define SN_ac_proxying "ac-proxying"
1050#define NID_ac_proxying 397
1051#define OBJ_ac_proxying OBJ_id_pe,10L
1052
1053#define SN_sinfo_access "subjectInfoAccess"
1054#define LN_sinfo_access "Subject Information Access"
1055#define NID_sinfo_access 398
1056#define OBJ_sinfo_access OBJ_id_pe,11L
1057
1058#define SN_id_qt_cps "id-qt-cps"
1059#define LN_id_qt_cps "Policy Qualifier CPS"
1060#define NID_id_qt_cps 164
1061#define OBJ_id_qt_cps OBJ_id_qt,1L
1062
1063#define SN_id_qt_unotice "id-qt-unotice"
1064#define LN_id_qt_unotice "Policy Qualifier User Notice"
1065#define NID_id_qt_unotice 165
1066#define OBJ_id_qt_unotice OBJ_id_qt,2L
1067
1068#define SN_textNotice "textNotice"
1069#define NID_textNotice 293
1070#define OBJ_textNotice OBJ_id_qt,3L
1071
1072#define SN_server_auth "serverAuth"
1073#define LN_server_auth "TLS Web Server Authentication"
1074#define NID_server_auth 129
1075#define OBJ_server_auth OBJ_id_kp,1L
1076
1077#define SN_client_auth "clientAuth"
1078#define LN_client_auth "TLS Web Client Authentication"
1079#define NID_client_auth 130
1080#define OBJ_client_auth OBJ_id_kp,2L
1081
1082#define SN_code_sign "codeSigning"
1083#define LN_code_sign "Code Signing"
1084#define NID_code_sign 131
1085#define OBJ_code_sign OBJ_id_kp,3L
1086
1087#define SN_email_protect "emailProtection"
1088#define LN_email_protect "E-mail Protection"
1089#define NID_email_protect 132
1090#define OBJ_email_protect OBJ_id_kp,4L
1091
1092#define SN_ipsecEndSystem "ipsecEndSystem"
1093#define LN_ipsecEndSystem "IPSec End System"
1094#define NID_ipsecEndSystem 294
1095#define OBJ_ipsecEndSystem OBJ_id_kp,5L
1096
1097#define SN_ipsecTunnel "ipsecTunnel"
1098#define LN_ipsecTunnel "IPSec Tunnel"
1099#define NID_ipsecTunnel 295
1100#define OBJ_ipsecTunnel OBJ_id_kp,6L
1101
1102#define SN_ipsecUser "ipsecUser"
1103#define LN_ipsecUser "IPSec User"
1104#define NID_ipsecUser 296
1105#define OBJ_ipsecUser OBJ_id_kp,7L
1106
1107#define SN_time_stamp "timeStamping"
1108#define LN_time_stamp "Time Stamping"
1109#define NID_time_stamp 133
1110#define OBJ_time_stamp OBJ_id_kp,8L
1111
1112#define SN_OCSP_sign "OCSPSigning"
1113#define LN_OCSP_sign "OCSP Signing"
1114#define NID_OCSP_sign 180
1115#define OBJ_OCSP_sign OBJ_id_kp,9L
1116
1117#define SN_dvcs "DVCS"
1118#define LN_dvcs "dvcs"
1119#define NID_dvcs 297
1120#define OBJ_dvcs OBJ_id_kp,10L
1121
1122#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
1123#define NID_id_it_caProtEncCert 298
1124#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
1125
1126#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes"
1127#define NID_id_it_signKeyPairTypes 299
1128#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L
1129
1130#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes"
1131#define NID_id_it_encKeyPairTypes 300
1132#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L
1133
1134#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg"
1135#define NID_id_it_preferredSymmAlg 301
1136#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L
1137
1138#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo"
1139#define NID_id_it_caKeyUpdateInfo 302
1140#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L
1141
1142#define SN_id_it_currentCRL "id-it-currentCRL"
1143#define NID_id_it_currentCRL 303
1144#define OBJ_id_it_currentCRL OBJ_id_it,6L
1145
1146#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs"
1147#define NID_id_it_unsupportedOIDs 304
1148#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L
1149
1150#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest"
1151#define NID_id_it_subscriptionRequest 305
1152#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L
1153
1154#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse"
1155#define NID_id_it_subscriptionResponse 306
1156#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L
1157
1158#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq"
1159#define NID_id_it_keyPairParamReq 307
1160#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L
1161
1162#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep"
1163#define NID_id_it_keyPairParamRep 308
1164#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L
1165
1166#define SN_id_it_revPassphrase "id-it-revPassphrase"
1167#define NID_id_it_revPassphrase 309
1168#define OBJ_id_it_revPassphrase OBJ_id_it,12L
1169
1170#define SN_id_it_implicitConfirm "id-it-implicitConfirm"
1171#define NID_id_it_implicitConfirm 310
1172#define OBJ_id_it_implicitConfirm OBJ_id_it,13L
1173
1174#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime"
1175#define NID_id_it_confirmWaitTime 311
1176#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L
1177
1178#define SN_id_it_origPKIMessage "id-it-origPKIMessage"
1179#define NID_id_it_origPKIMessage 312
1180#define OBJ_id_it_origPKIMessage OBJ_id_it,15L
1181
1182#define SN_id_regCtrl "id-regCtrl"
1183#define NID_id_regCtrl 313
1184#define OBJ_id_regCtrl OBJ_id_pkip,1L
1185
1186#define SN_id_regInfo "id-regInfo"
1187#define NID_id_regInfo 314
1188#define OBJ_id_regInfo OBJ_id_pkip,2L
1189
1190#define SN_id_regCtrl_regToken "id-regCtrl-regToken"
1191#define NID_id_regCtrl_regToken 315
1192#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L
1193
1194#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator"
1195#define NID_id_regCtrl_authenticator 316
1196#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L
1197
1198#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo"
1199#define NID_id_regCtrl_pkiPublicationInfo 317
1200#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L
1201
1202#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions"
1203#define NID_id_regCtrl_pkiArchiveOptions 318
1204#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L
1205
1206#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID"
1207#define NID_id_regCtrl_oldCertID 319
1208#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L
1209
1210#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey"
1211#define NID_id_regCtrl_protocolEncrKey 320
1212#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L
1213
1214#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs"
1215#define NID_id_regInfo_utf8Pairs 321
1216#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L
1217
1218#define SN_id_regInfo_certReq "id-regInfo-certReq"
1219#define NID_id_regInfo_certReq 322
1220#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L
1221
1222#define SN_id_alg_des40 "id-alg-des40"
1223#define NID_id_alg_des40 323
1224#define OBJ_id_alg_des40 OBJ_id_alg,1L
1225
1226#define SN_id_alg_noSignature "id-alg-noSignature"
1227#define NID_id_alg_noSignature 324
1228#define OBJ_id_alg_noSignature OBJ_id_alg,2L
1229
1230#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1"
1231#define NID_id_alg_dh_sig_hmac_sha1 325
1232#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L
1233
1234#define SN_id_alg_dh_pop "id-alg-dh-pop"
1235#define NID_id_alg_dh_pop 326
1236#define OBJ_id_alg_dh_pop OBJ_id_alg,4L
1237
1238#define SN_id_cmc_statusInfo "id-cmc-statusInfo"
1239#define NID_id_cmc_statusInfo 327
1240#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L
1241
1242#define SN_id_cmc_identification "id-cmc-identification"
1243#define NID_id_cmc_identification 328
1244#define OBJ_id_cmc_identification OBJ_id_cmc,2L
1245
1246#define SN_id_cmc_identityProof "id-cmc-identityProof"
1247#define NID_id_cmc_identityProof 329
1248#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L
1249
1250#define SN_id_cmc_dataReturn "id-cmc-dataReturn"
1251#define NID_id_cmc_dataReturn 330
1252#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L
1253
1254#define SN_id_cmc_transactionId "id-cmc-transactionId"
1255#define NID_id_cmc_transactionId 331
1256#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L
1257
1258#define SN_id_cmc_senderNonce "id-cmc-senderNonce"
1259#define NID_id_cmc_senderNonce 332
1260#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L
1261
1262#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce"
1263#define NID_id_cmc_recipientNonce 333
1264#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L
1265
1266#define SN_id_cmc_addExtensions "id-cmc-addExtensions"
1267#define NID_id_cmc_addExtensions 334
1268#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L
1269
1270#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP"
1271#define NID_id_cmc_encryptedPOP 335
1272#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L
1273
1274#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP"
1275#define NID_id_cmc_decryptedPOP 336
1276#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L
1277
1278#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness"
1279#define NID_id_cmc_lraPOPWitness 337
1280#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L
1281
1282#define SN_id_cmc_getCert "id-cmc-getCert"
1283#define NID_id_cmc_getCert 338
1284#define OBJ_id_cmc_getCert OBJ_id_cmc,15L
1285
1286#define SN_id_cmc_getCRL "id-cmc-getCRL"
1287#define NID_id_cmc_getCRL 339
1288#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L
1289
1290#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest"
1291#define NID_id_cmc_revokeRequest 340
1292#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L
1293
1294#define SN_id_cmc_regInfo "id-cmc-regInfo"
1295#define NID_id_cmc_regInfo 341
1296#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L
1297
1298#define SN_id_cmc_responseInfo "id-cmc-responseInfo"
1299#define NID_id_cmc_responseInfo 342
1300#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L
1301
1302#define SN_id_cmc_queryPending "id-cmc-queryPending"
1303#define NID_id_cmc_queryPending 343
1304#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L
1305
1306#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom"
1307#define NID_id_cmc_popLinkRandom 344
1308#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L
1309
1310#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness"
1311#define NID_id_cmc_popLinkWitness 345
1312#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L
1313
1314#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance"
1315#define NID_id_cmc_confirmCertAcceptance 346
1316#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L
1317
1318#define SN_id_on_personalData "id-on-personalData"
1319#define NID_id_on_personalData 347
1320#define OBJ_id_on_personalData OBJ_id_on,1L
1321
1322#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
1323#define NID_id_pda_dateOfBirth 348
1324#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
1325
1326#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth"
1327#define NID_id_pda_placeOfBirth 349
1328#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L
1329
1330#define SN_id_pda_gender "id-pda-gender"
1331#define NID_id_pda_gender 351
1332#define OBJ_id_pda_gender OBJ_id_pda,3L
1333
1334#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship"
1335#define NID_id_pda_countryOfCitizenship 352
1336#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L
1337
1338#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence"
1339#define NID_id_pda_countryOfResidence 353
1340#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L
1341
1342#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo"
1343#define NID_id_aca_authenticationInfo 354
1344#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L
1345
1346#define SN_id_aca_accessIdentity "id-aca-accessIdentity"
1347#define NID_id_aca_accessIdentity 355
1348#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L
1349
1350#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity"
1351#define NID_id_aca_chargingIdentity 356
1352#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L
1353
1354#define SN_id_aca_group "id-aca-group"
1355#define NID_id_aca_group 357
1356#define OBJ_id_aca_group OBJ_id_aca,4L
1357
1358#define SN_id_aca_role "id-aca-role"
1359#define NID_id_aca_role 358
1360#define OBJ_id_aca_role OBJ_id_aca,5L
1361
1362#define SN_id_aca_encAttrs "id-aca-encAttrs"
1363#define NID_id_aca_encAttrs 399
1364#define OBJ_id_aca_encAttrs OBJ_id_aca,6L
1365
1366#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1"
1367#define NID_id_qcs_pkixQCSyntax_v1 359
1368#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L
1369
1370#define SN_id_cct_crs "id-cct-crs"
1371#define NID_id_cct_crs 360
1372#define OBJ_id_cct_crs OBJ_id_cct,1L
1373
1374#define SN_id_cct_PKIData "id-cct-PKIData"
1375#define NID_id_cct_PKIData 361
1376#define OBJ_id_cct_PKIData OBJ_id_cct,2L
1377
1378#define SN_id_cct_PKIResponse "id-cct-PKIResponse"
1379#define NID_id_cct_PKIResponse 362
1380#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
1381
1382#define SN_ad_OCSP "OCSP"
1383#define LN_ad_OCSP "OCSP"
1384#define NID_ad_OCSP 178
1385#define OBJ_ad_OCSP OBJ_id_ad,1L
1386
1387#define SN_ad_ca_issuers "caIssuers"
1388#define LN_ad_ca_issuers "CA Issuers"
1389#define NID_ad_ca_issuers 179
1390#define OBJ_ad_ca_issuers OBJ_id_ad,2L
1391
1392#define SN_ad_timeStamping "ad_timestamping"
1393#define LN_ad_timeStamping "AD Time Stamping"
1394#define NID_ad_timeStamping 363
1395#define OBJ_ad_timeStamping OBJ_id_ad,3L
1396
1397#define SN_ad_dvcs "AD_DVCS"
1398#define LN_ad_dvcs "ad dvcs"
1399#define NID_ad_dvcs 364
1400#define OBJ_ad_dvcs OBJ_id_ad,4L
1401
1402#define OBJ_id_pkix_OCSP OBJ_ad_OCSP
1403
1404#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
1405#define LN_id_pkix_OCSP_basic "Basic OCSP Response"
1406#define NID_id_pkix_OCSP_basic 365
1407#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L
1408
1409#define SN_id_pkix_OCSP_Nonce "Nonce"
1410#define LN_id_pkix_OCSP_Nonce "OCSP Nonce"
1411#define NID_id_pkix_OCSP_Nonce 366
1412#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L
1413
1414#define SN_id_pkix_OCSP_CrlID "CrlID"
1415#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID"
1416#define NID_id_pkix_OCSP_CrlID 367
1417#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L
1418
1419#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses"
1420#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses"
1421#define NID_id_pkix_OCSP_acceptableResponses 368
1422#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L
1423
1424#define SN_id_pkix_OCSP_noCheck "noCheck"
1425#define LN_id_pkix_OCSP_noCheck "OCSP No Check"
1426#define NID_id_pkix_OCSP_noCheck 369
1427#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L
1428
1429#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff"
1430#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff"
1431#define NID_id_pkix_OCSP_archiveCutoff 370
1432#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L
1433
1434#define SN_id_pkix_OCSP_serviceLocator "serviceLocator"
1435#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator"
1436#define NID_id_pkix_OCSP_serviceLocator 371
1437#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L
1438
1439#define SN_id_pkix_OCSP_extendedStatus "extendedStatus"
1440#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status"
1441#define NID_id_pkix_OCSP_extendedStatus 372
1442#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L
1443
1444#define SN_id_pkix_OCSP_valid "valid"
1445#define NID_id_pkix_OCSP_valid 373
1446#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L
1447
1448#define SN_id_pkix_OCSP_path "path"
1449#define NID_id_pkix_OCSP_path 374
1450#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L
1451
1452#define SN_id_pkix_OCSP_trustRoot "trustRoot"
1453#define LN_id_pkix_OCSP_trustRoot "Trust Root"
1454#define NID_id_pkix_OCSP_trustRoot 375
1455#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L
1456
1457#define SN_algorithm "algorithm"
1458#define LN_algorithm "algorithm"
1459#define NID_algorithm 376
1460#define OBJ_algorithm 1L,3L,14L,3L,2L
1461
1462#define SN_md5WithRSA "RSA-NP-MD5"
1463#define LN_md5WithRSA "md5WithRSA"
1464#define NID_md5WithRSA 104
1465#define OBJ_md5WithRSA OBJ_algorithm,3L
1466
1467#define SN_des_ecb "DES-ECB"
1468#define LN_des_ecb "des-ecb"
1469#define NID_des_ecb 29
1470#define OBJ_des_ecb OBJ_algorithm,6L
1471
1472#define SN_des_cbc "DES-CBC"
1473#define LN_des_cbc "des-cbc"
1474#define NID_des_cbc 31
1475#define OBJ_des_cbc OBJ_algorithm,7L
1476
1477#define SN_des_ofb64 "DES-OFB"
1478#define LN_des_ofb64 "des-ofb"
1479#define NID_des_ofb64 45
1480#define OBJ_des_ofb64 OBJ_algorithm,8L
1481
1482#define SN_des_cfb64 "DES-CFB"
1483#define LN_des_cfb64 "des-cfb"
1484#define NID_des_cfb64 30
1485#define OBJ_des_cfb64 OBJ_algorithm,9L
1486
1487#define SN_rsaSignature "rsaSignature"
1488#define NID_rsaSignature 377
1489#define OBJ_rsaSignature OBJ_algorithm,11L
1490
1491#define SN_dsa_2 "DSA-old"
1492#define LN_dsa_2 "dsaEncryption-old"
1493#define NID_dsa_2 67
1494#define OBJ_dsa_2 OBJ_algorithm,12L
1495
1496#define SN_dsaWithSHA "DSA-SHA"
1497#define LN_dsaWithSHA "dsaWithSHA"
1498#define NID_dsaWithSHA 66
1499#define OBJ_dsaWithSHA OBJ_algorithm,13L
1500
1501#define SN_shaWithRSAEncryption "RSA-SHA"
1502#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
1503#define NID_shaWithRSAEncryption 42
1504#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
1505
1506#define SN_des_ede_ecb "DES-EDE"
1507#define LN_des_ede_ecb "des-ede"
1508#define NID_des_ede_ecb 32
1509#define OBJ_des_ede_ecb OBJ_algorithm,17L
1510
1511#define SN_des_ede3_ecb "DES-EDE3"
1512#define LN_des_ede3_ecb "des-ede3"
1513#define NID_des_ede3_ecb 33
1514
1515#define SN_des_ede_cbc "DES-EDE-CBC"
1516#define LN_des_ede_cbc "des-ede-cbc"
1517#define NID_des_ede_cbc 43
1518
1519#define SN_des_ede_cfb64 "DES-EDE-CFB"
1520#define LN_des_ede_cfb64 "des-ede-cfb"
1521#define NID_des_ede_cfb64 60
1522
1523#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
1524#define LN_des_ede3_cfb64 "des-ede3-cfb"
1525#define NID_des_ede3_cfb64 61
1526
1527#define SN_des_ede_ofb64 "DES-EDE-OFB"
1528#define LN_des_ede_ofb64 "des-ede-ofb"
1529#define NID_des_ede_ofb64 62
1530
1531#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
1532#define LN_des_ede3_ofb64 "des-ede3-ofb"
1533#define NID_des_ede3_ofb64 63
1534
1535#define SN_desx_cbc "DESX-CBC"
1536#define LN_desx_cbc "desx-cbc"
1537#define NID_desx_cbc 80
1538
1539#define SN_sha "SHA"
1540#define LN_sha "sha"
1541#define NID_sha 41
1542#define OBJ_sha OBJ_algorithm,18L
1543
1544#define SN_sha1 "SHA1"
1545#define LN_sha1 "sha1"
1546#define NID_sha1 64
1547#define OBJ_sha1 OBJ_algorithm,26L
1548
1549#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
1550#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
1551#define NID_dsaWithSHA1_2 70
1552#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
1553
1554#define SN_sha1WithRSA "RSA-SHA1-2"
1555#define LN_sha1WithRSA "sha1WithRSA"
1556#define NID_sha1WithRSA 115
1557#define OBJ_sha1WithRSA OBJ_algorithm,29L
1558
1559#define SN_ripemd160 "RIPEMD160"
1560#define LN_ripemd160 "ripemd160"
1561#define NID_ripemd160 117
1562#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
1563
1564#define SN_ripemd160WithRSA "RSA-RIPEMD160"
1565#define LN_ripemd160WithRSA "ripemd160WithRSA"
1566#define NID_ripemd160WithRSA 119
1567#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
1568
1569#define SN_sxnet "SXNetID"
1570#define LN_sxnet "Strong Extranet ID"
1571#define NID_sxnet 143
1572#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
1573
1574#define SN_X500 "X500"
1575#define LN_X500 "directory services (X.500)"
1576#define NID_X500 11
1577#define OBJ_X500 2L,5L
1578
1579#define SN_X509 "X509"
1580#define NID_X509 12
1581#define OBJ_X509 OBJ_X500,4L
1582
1583#define SN_commonName "CN"
1584#define LN_commonName "commonName"
1585#define NID_commonName 13
1586#define OBJ_commonName OBJ_X509,3L
1587
1588#define SN_surname "SN"
1589#define LN_surname "surname"
1590#define NID_surname 100
1591#define OBJ_surname OBJ_X509,4L
1592
1593#define LN_serialNumber "serialNumber"
1594#define NID_serialNumber 105
1595#define OBJ_serialNumber OBJ_X509,5L
1596
1597#define SN_countryName "C"
1598#define LN_countryName "countryName"
1599#define NID_countryName 14
1600#define OBJ_countryName OBJ_X509,6L
1601
1602#define SN_localityName "L"
1603#define LN_localityName "localityName"
1604#define NID_localityName 15
1605#define OBJ_localityName OBJ_X509,7L
1606
1607#define SN_stateOrProvinceName "ST"
1608#define LN_stateOrProvinceName "stateOrProvinceName"
1609#define NID_stateOrProvinceName 16
1610#define OBJ_stateOrProvinceName OBJ_X509,8L
1611
1612#define SN_organizationName "O"
1613#define LN_organizationName "organizationName"
1614#define NID_organizationName 17
1615#define OBJ_organizationName OBJ_X509,10L
1616
1617#define SN_organizationalUnitName "OU"
1618#define LN_organizationalUnitName "organizationalUnitName"
1619#define NID_organizationalUnitName 18
1620#define OBJ_organizationalUnitName OBJ_X509,11L
1621
1622#define LN_title "title"
1623#define NID_title 106
1624#define OBJ_title OBJ_X509,12L
1625
1626#define LN_description "description"
1627#define NID_description 107
1628#define OBJ_description OBJ_X509,13L
1629
1630#define SN_name "name"
1631#define LN_name "name"
1632#define NID_name 173
1633#define OBJ_name OBJ_X509,41L
1634
1635#define SN_givenName "gn"
1636#define LN_givenName "givenName"
1637#define NID_givenName 99
1638#define OBJ_givenName OBJ_X509,42L
1639
1640#define LN_initials "initials"
1641#define NID_initials 101
1642#define OBJ_initials OBJ_X509,43L
1643
1644#define LN_generationQualifier "generationQualifier"
1645#define NID_generationQualifier 509
1646#define OBJ_generationQualifier OBJ_X509,44L
1647
1648#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
1649#define NID_x500UniqueIdentifier 503
1650#define OBJ_x500UniqueIdentifier OBJ_X509,45L
1651
1652#define SN_dnQualifier "dnQualifier"
1653#define LN_dnQualifier "dnQualifier"
1654#define NID_dnQualifier 174
1655#define OBJ_dnQualifier OBJ_X509,46L
1656
1657#define SN_role "role"
1658#define LN_role "role"
1659#define NID_role 400
1660#define OBJ_role OBJ_X509,72L
1661
1662#define SN_X500algorithms "X500algorithms"
1663#define LN_X500algorithms "directory services - algorithms"
1664#define NID_X500algorithms 378
1665#define OBJ_X500algorithms OBJ_X500,8L
1666
1667#define SN_rsa "RSA"
1668#define LN_rsa "rsa"
1669#define NID_rsa 19
1670#define OBJ_rsa OBJ_X500algorithms,1L,1L
1671
1672#define SN_mdc2WithRSA "RSA-MDC2"
1673#define LN_mdc2WithRSA "mdc2WithRSA"
1674#define NID_mdc2WithRSA 96
1675#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L
1676
1677#define SN_mdc2 "MDC2"
1678#define LN_mdc2 "mdc2"
1679#define NID_mdc2 95
1680#define OBJ_mdc2 OBJ_X500algorithms,3L,101L
1681
1682#define SN_id_ce "id-ce"
1683#define NID_id_ce 81
1684#define OBJ_id_ce OBJ_X500,29L
1685
1686#define SN_subject_key_identifier "subjectKeyIdentifier"
1687#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
1688#define NID_subject_key_identifier 82
1689#define OBJ_subject_key_identifier OBJ_id_ce,14L
1690
1691#define SN_key_usage "keyUsage"
1692#define LN_key_usage "X509v3 Key Usage"
1693#define NID_key_usage 83
1694#define OBJ_key_usage OBJ_id_ce,15L
1695
1696#define SN_private_key_usage_period "privateKeyUsagePeriod"
1697#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
1698#define NID_private_key_usage_period 84
1699#define OBJ_private_key_usage_period OBJ_id_ce,16L
1700
1701#define SN_subject_alt_name "subjectAltName"
1702#define LN_subject_alt_name "X509v3 Subject Alternative Name"
1703#define NID_subject_alt_name 85
1704#define OBJ_subject_alt_name OBJ_id_ce,17L
1705
1706#define SN_issuer_alt_name "issuerAltName"
1707#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
1708#define NID_issuer_alt_name 86
1709#define OBJ_issuer_alt_name OBJ_id_ce,18L
1710
1711#define SN_basic_constraints "basicConstraints"
1712#define LN_basic_constraints "X509v3 Basic Constraints"
1713#define NID_basic_constraints 87
1714#define OBJ_basic_constraints OBJ_id_ce,19L
1715
1716#define SN_crl_number "crlNumber"
1717#define LN_crl_number "X509v3 CRL Number"
1718#define NID_crl_number 88
1719#define OBJ_crl_number OBJ_id_ce,20L
1720
1721#define SN_crl_reason "CRLReason"
1722#define LN_crl_reason "X509v3 CRL Reason Code"
1723#define NID_crl_reason 141
1724#define OBJ_crl_reason OBJ_id_ce,21L
1725
1726#define SN_invalidity_date "invalidityDate"
1727#define LN_invalidity_date "Invalidity Date"
1728#define NID_invalidity_date 142
1729#define OBJ_invalidity_date OBJ_id_ce,24L
1730
1731#define SN_delta_crl "deltaCRL"
1732#define LN_delta_crl "X509v3 Delta CRL Indicator"
1733#define NID_delta_crl 140
1734#define OBJ_delta_crl OBJ_id_ce,27L
1735
1736#define SN_crl_distribution_points "crlDistributionPoints"
1737#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
1738#define NID_crl_distribution_points 103
1739#define OBJ_crl_distribution_points OBJ_id_ce,31L
1740
1741#define SN_certificate_policies "certificatePolicies"
1742#define LN_certificate_policies "X509v3 Certificate Policies"
1743#define NID_certificate_policies 89
1744#define OBJ_certificate_policies OBJ_id_ce,32L
1745
1746#define SN_authority_key_identifier "authorityKeyIdentifier"
1747#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
1748#define NID_authority_key_identifier 90
1749#define OBJ_authority_key_identifier OBJ_id_ce,35L
1750
1751#define SN_policy_constraints "policyConstraints"
1752#define LN_policy_constraints "X509v3 Policy Constraints"
1753#define NID_policy_constraints 401
1754#define OBJ_policy_constraints OBJ_id_ce,36L
1755
1756#define SN_ext_key_usage "extendedKeyUsage"
1757#define LN_ext_key_usage "X509v3 Extended Key Usage"
1758#define NID_ext_key_usage 126
1759#define OBJ_ext_key_usage OBJ_id_ce,37L
1760
1761#define SN_target_information "targetInformation"
1762#define LN_target_information "X509v3 AC Targeting"
1763#define NID_target_information 402
1764#define OBJ_target_information OBJ_id_ce,55L
1765
1766#define SN_no_rev_avail "noRevAvail"
1767#define LN_no_rev_avail "X509v3 No Revocation Available"
1768#define NID_no_rev_avail 403
1769#define OBJ_no_rev_avail OBJ_id_ce,56L
1770
1771#define SN_netscape "Netscape"
1772#define LN_netscape "Netscape Communications Corp."
1773#define NID_netscape 57
1774#define OBJ_netscape 2L,16L,840L,1L,113730L
1775
1776#define SN_netscape_cert_extension "nsCertExt"
1777#define LN_netscape_cert_extension "Netscape Certificate Extension"
1778#define NID_netscape_cert_extension 58
1779#define OBJ_netscape_cert_extension OBJ_netscape,1L
1780
1781#define SN_netscape_data_type "nsDataType"
1782#define LN_netscape_data_type "Netscape Data Type"
1783#define NID_netscape_data_type 59
1784#define OBJ_netscape_data_type OBJ_netscape,2L
1785
1786#define SN_netscape_cert_type "nsCertType"
1787#define LN_netscape_cert_type "Netscape Cert Type"
1788#define NID_netscape_cert_type 71
1789#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
1790
1791#define SN_netscape_base_url "nsBaseUrl"
1792#define LN_netscape_base_url "Netscape Base Url"
1793#define NID_netscape_base_url 72
1794#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
1795
1796#define SN_netscape_revocation_url "nsRevocationUrl"
1797#define LN_netscape_revocation_url "Netscape Revocation Url"
1798#define NID_netscape_revocation_url 73
1799#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
1800
1801#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
1802#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
1803#define NID_netscape_ca_revocation_url 74
1804#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
1805
1806#define SN_netscape_renewal_url "nsRenewalUrl"
1807#define LN_netscape_renewal_url "Netscape Renewal Url"
1808#define NID_netscape_renewal_url 75
1809#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
1810
1811#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
1812#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
1813#define NID_netscape_ca_policy_url 76
1814#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
1815
1816#define SN_netscape_ssl_server_name "nsSslServerName"
1817#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
1818#define NID_netscape_ssl_server_name 77
1819#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
1820
1821#define SN_netscape_comment "nsComment"
1822#define LN_netscape_comment "Netscape Comment"
1823#define NID_netscape_comment 78
1824#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
1825
1826#define SN_netscape_cert_sequence "nsCertSequence"
1827#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
1828#define NID_netscape_cert_sequence 79
1829#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
1830
1831#define SN_ns_sgc "nsSGC"
1832#define LN_ns_sgc "Netscape Server Gated Crypto"
1833#define NID_ns_sgc 139
1834#define OBJ_ns_sgc OBJ_netscape,4L,1L
1835
1836#define SN_org "ORG"
1837#define LN_org "org"
1838#define NID_org 379
1839#define OBJ_org OBJ_iso,3L
1840
1841#define SN_dod "DOD"
1842#define LN_dod "dod"
1843#define NID_dod 380
1844#define OBJ_dod OBJ_org,6L
1845
1846#define SN_iana "IANA"
1847#define LN_iana "iana"
1848#define NID_iana 381
1849#define OBJ_iana OBJ_dod,1L
1850
1851#define OBJ_internet OBJ_iana
1852
1853#define SN_Directory "directory"
1854#define LN_Directory "Directory"
1855#define NID_Directory 382
1856#define OBJ_Directory OBJ_internet,1L
1857
1858#define SN_Management "mgmt"
1859#define LN_Management "Management"
1860#define NID_Management 383
1861#define OBJ_Management OBJ_internet,2L
1862
1863#define SN_Experimental "experimental"
1864#define LN_Experimental "Experimental"
1865#define NID_Experimental 384
1866#define OBJ_Experimental OBJ_internet,3L
1867
1868#define SN_Private "private"
1869#define LN_Private "Private"
1870#define NID_Private 385
1871#define OBJ_Private OBJ_internet,4L
1872
1873#define SN_Security "security"
1874#define LN_Security "Security"
1875#define NID_Security 386
1876#define OBJ_Security OBJ_internet,5L
1877
1878#define SN_SNMPv2 "snmpv2"
1879#define LN_SNMPv2 "SNMPv2"
1880#define NID_SNMPv2 387
1881#define OBJ_SNMPv2 OBJ_internet,6L
1882
1883#define LN_Mail "Mail"
1884#define NID_Mail 388
1885#define OBJ_Mail OBJ_internet,7L
1886
1887#define SN_Enterprises "enterprises"
1888#define LN_Enterprises "Enterprises"
1889#define NID_Enterprises 389
1890#define OBJ_Enterprises OBJ_Private,1L
1891
1892#define SN_dcObject "dcobject"
1893#define LN_dcObject "dcObject"
1894#define NID_dcObject 390
1895#define OBJ_dcObject OBJ_Enterprises,1466L,344L
1896
1897#define SN_mime_mhs "mime-mhs"
1898#define LN_mime_mhs "MIME MHS"
1899#define NID_mime_mhs 504
1900#define OBJ_mime_mhs OBJ_Mail,1L
1901
1902#define SN_mime_mhs_headings "mime-mhs-headings"
1903#define LN_mime_mhs_headings "mime-mhs-headings"
1904#define NID_mime_mhs_headings 505
1905#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L
1906
1907#define SN_mime_mhs_bodies "mime-mhs-bodies"
1908#define LN_mime_mhs_bodies "mime-mhs-bodies"
1909#define NID_mime_mhs_bodies 506
1910#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L
1911
1912#define SN_id_hex_partial_message "id-hex-partial-message"
1913#define LN_id_hex_partial_message "id-hex-partial-message"
1914#define NID_id_hex_partial_message 507
1915#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L
1916
1917#define SN_id_hex_multipart_message "id-hex-multipart-message"
1918#define LN_id_hex_multipart_message "id-hex-multipart-message"
1919#define NID_id_hex_multipart_message 508
1920#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L
1921
1922#define SN_rle_compression "RLE"
1923#define LN_rle_compression "run length compression"
1924#define NID_rle_compression 124
1925#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
1926
1927#define SN_zlib_compression "ZLIB"
1928#define LN_zlib_compression "zlib compression"
1929#define NID_zlib_compression 125
1930#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L
1931
1932#define OBJ_csor 2L,16L,840L,1L,101L,3L
1933
1934#define OBJ_nistAlgorithms OBJ_csor,4L
1935
1936#define OBJ_aes OBJ_nistAlgorithms,1L
1937
1938#define SN_aes_128_ecb "AES-128-ECB"
1939#define LN_aes_128_ecb "aes-128-ecb"
1940#define NID_aes_128_ecb 418
1941#define OBJ_aes_128_ecb OBJ_aes,1L
1942
1943#define SN_aes_128_cbc "AES-128-CBC"
1944#define LN_aes_128_cbc "aes-128-cbc"
1945#define NID_aes_128_cbc 419
1946#define OBJ_aes_128_cbc OBJ_aes,2L
1947
1948#define SN_aes_128_ofb128 "AES-128-OFB"
1949#define LN_aes_128_ofb128 "aes-128-ofb"
1950#define NID_aes_128_ofb128 420
1951#define OBJ_aes_128_ofb128 OBJ_aes,3L
1952
1953#define SN_aes_128_cfb128 "AES-128-CFB"
1954#define LN_aes_128_cfb128 "aes-128-cfb"
1955#define NID_aes_128_cfb128 421
1956#define OBJ_aes_128_cfb128 OBJ_aes,4L
1957
1958#define SN_aes_192_ecb "AES-192-ECB"
1959#define LN_aes_192_ecb "aes-192-ecb"
1960#define NID_aes_192_ecb 422
1961#define OBJ_aes_192_ecb OBJ_aes,21L
1962
1963#define SN_aes_192_cbc "AES-192-CBC"
1964#define LN_aes_192_cbc "aes-192-cbc"
1965#define NID_aes_192_cbc 423
1966#define OBJ_aes_192_cbc OBJ_aes,22L
1967
1968#define SN_aes_192_ofb128 "AES-192-OFB"
1969#define LN_aes_192_ofb128 "aes-192-ofb"
1970#define NID_aes_192_ofb128 424
1971#define OBJ_aes_192_ofb128 OBJ_aes,23L
1972
1973#define SN_aes_192_cfb128 "AES-192-CFB"
1974#define LN_aes_192_cfb128 "aes-192-cfb"
1975#define NID_aes_192_cfb128 425
1976#define OBJ_aes_192_cfb128 OBJ_aes,24L
1977
1978#define SN_aes_256_ecb "AES-256-ECB"
1979#define LN_aes_256_ecb "aes-256-ecb"
1980#define NID_aes_256_ecb 426
1981#define OBJ_aes_256_ecb OBJ_aes,41L
1982
1983#define SN_aes_256_cbc "AES-256-CBC"
1984#define LN_aes_256_cbc "aes-256-cbc"
1985#define NID_aes_256_cbc 427
1986#define OBJ_aes_256_cbc OBJ_aes,42L
1987
1988#define SN_aes_256_ofb128 "AES-256-OFB"
1989#define LN_aes_256_ofb128 "aes-256-ofb"
1990#define NID_aes_256_ofb128 428
1991#define OBJ_aes_256_ofb128 OBJ_aes,43L
1992
1993#define SN_aes_256_cfb128 "AES-256-CFB"
1994#define LN_aes_256_cfb128 "aes-256-cfb"
1995#define NID_aes_256_cfb128 429
1996#define OBJ_aes_256_cfb128 OBJ_aes,44L
1997
1998#define SN_hold_instruction_code "holdInstructionCode"
1999#define LN_hold_instruction_code "Hold Instruction Code"
2000#define NID_hold_instruction_code 430
2001#define OBJ_hold_instruction_code OBJ_id_ce,23L
2002
2003#define OBJ_holdInstruction OBJ_X9_57,2L
2004
2005#define SN_hold_instruction_none "holdInstructionNone"
2006#define LN_hold_instruction_none "Hold Instruction None"
2007#define NID_hold_instruction_none 431
2008#define OBJ_hold_instruction_none OBJ_holdInstruction,1L
2009
2010#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer"
2011#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer"
2012#define NID_hold_instruction_call_issuer 432
2013#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L
2014
2015#define SN_hold_instruction_reject "holdInstructionReject"
2016#define LN_hold_instruction_reject "Hold Instruction Reject"
2017#define NID_hold_instruction_reject 433
2018#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L
2019
2020#define SN_data "data"
2021#define NID_data 434
2022#define OBJ_data OBJ_ccitt,9L
2023
2024#define SN_pss "pss"
2025#define NID_pss 435
2026#define OBJ_pss OBJ_data,2342L
2027
2028#define SN_ucl "ucl"
2029#define NID_ucl 436
2030#define OBJ_ucl OBJ_pss,19200300L
2031
2032#define SN_pilot "pilot"
2033#define NID_pilot 437
2034#define OBJ_pilot OBJ_ucl,100L
2035
2036#define LN_pilotAttributeType "pilotAttributeType"
2037#define NID_pilotAttributeType 438
2038#define OBJ_pilotAttributeType OBJ_pilot,1L
2039
2040#define LN_pilotAttributeSyntax "pilotAttributeSyntax"
2041#define NID_pilotAttributeSyntax 439
2042#define OBJ_pilotAttributeSyntax OBJ_pilot,3L
2043
2044#define LN_pilotObjectClass "pilotObjectClass"
2045#define NID_pilotObjectClass 440
2046#define OBJ_pilotObjectClass OBJ_pilot,4L
2047
2048#define LN_pilotGroups "pilotGroups"
2049#define NID_pilotGroups 441
2050#define OBJ_pilotGroups OBJ_pilot,10L
2051
2052#define LN_iA5StringSyntax "iA5StringSyntax"
2053#define NID_iA5StringSyntax 442
2054#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L
2055
2056#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax"
2057#define NID_caseIgnoreIA5StringSyntax 443
2058#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L
2059
2060#define LN_pilotObject "pilotObject"
2061#define NID_pilotObject 444
2062#define OBJ_pilotObject OBJ_pilotObjectClass,3L
2063
2064#define LN_pilotPerson "pilotPerson"
2065#define NID_pilotPerson 445
2066#define OBJ_pilotPerson OBJ_pilotObjectClass,4L
2067
2068#define SN_account "account"
2069#define NID_account 446
2070#define OBJ_account OBJ_pilotObjectClass,5L
2071
2072#define SN_document "document"
2073#define NID_document 447
2074#define OBJ_document OBJ_pilotObjectClass,6L
2075
2076#define SN_room "room"
2077#define NID_room 448
2078#define OBJ_room OBJ_pilotObjectClass,7L
2079
2080#define LN_documentSeries "documentSeries"
2081#define NID_documentSeries 449
2082#define OBJ_documentSeries OBJ_pilotObjectClass,9L
2083
2084#define SN_Domain "domain"
2085#define LN_Domain "Domain"
2086#define NID_Domain 392
2087#define OBJ_Domain OBJ_pilotObjectClass,13L
2088
2089#define LN_rFC822localPart "rFC822localPart"
2090#define NID_rFC822localPart 450
2091#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L
2092
2093#define LN_dNSDomain "dNSDomain"
2094#define NID_dNSDomain 451
2095#define OBJ_dNSDomain OBJ_pilotObjectClass,15L
2096
2097#define LN_domainRelatedObject "domainRelatedObject"
2098#define NID_domainRelatedObject 452
2099#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L
2100
2101#define LN_friendlyCountry "friendlyCountry"
2102#define NID_friendlyCountry 453
2103#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L
2104
2105#define LN_simpleSecurityObject "simpleSecurityObject"
2106#define NID_simpleSecurityObject 454
2107#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L
2108
2109#define LN_pilotOrganization "pilotOrganization"
2110#define NID_pilotOrganization 455
2111#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L
2112
2113#define LN_pilotDSA "pilotDSA"
2114#define NID_pilotDSA 456
2115#define OBJ_pilotDSA OBJ_pilotObjectClass,21L
2116
2117#define LN_qualityLabelledData "qualityLabelledData"
2118#define NID_qualityLabelledData 457
2119#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L
2120
2121#define SN_userId "UID"
2122#define LN_userId "userId"
2123#define NID_userId 458
2124#define OBJ_userId OBJ_pilotAttributeType,1L
2125
2126#define LN_textEncodedORAddress "textEncodedORAddress"
2127#define NID_textEncodedORAddress 459
2128#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L
2129
2130#define SN_rfc822Mailbox "mail"
2131#define LN_rfc822Mailbox "rfc822Mailbox"
2132#define NID_rfc822Mailbox 460
2133#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L
2134
2135#define SN_info "info"
2136#define NID_info 461
2137#define OBJ_info OBJ_pilotAttributeType,4L
2138
2139#define LN_favouriteDrink "favouriteDrink"
2140#define NID_favouriteDrink 462
2141#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L
2142
2143#define LN_roomNumber "roomNumber"
2144#define NID_roomNumber 463
2145#define OBJ_roomNumber OBJ_pilotAttributeType,6L
2146
2147#define SN_photo "photo"
2148#define NID_photo 464
2149#define OBJ_photo OBJ_pilotAttributeType,7L
2150
2151#define LN_userClass "userClass"
2152#define NID_userClass 465
2153#define OBJ_userClass OBJ_pilotAttributeType,8L
2154
2155#define SN_host "host"
2156#define NID_host 466
2157#define OBJ_host OBJ_pilotAttributeType,9L
2158
2159#define SN_manager "manager"
2160#define NID_manager 467
2161#define OBJ_manager OBJ_pilotAttributeType,10L
2162
2163#define LN_documentIdentifier "documentIdentifier"
2164#define NID_documentIdentifier 468
2165#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L
2166
2167#define LN_documentTitle "documentTitle"
2168#define NID_documentTitle 469
2169#define OBJ_documentTitle OBJ_pilotAttributeType,12L
2170
2171#define LN_documentVersion "documentVersion"
2172#define NID_documentVersion 470
2173#define OBJ_documentVersion OBJ_pilotAttributeType,13L
2174
2175#define LN_documentAuthor "documentAuthor"
2176#define NID_documentAuthor 471
2177#define OBJ_documentAuthor OBJ_pilotAttributeType,14L
2178
2179#define LN_documentLocation "documentLocation"
2180#define NID_documentLocation 472
2181#define OBJ_documentLocation OBJ_pilotAttributeType,15L
2182
2183#define LN_homeTelephoneNumber "homeTelephoneNumber"
2184#define NID_homeTelephoneNumber 473
2185#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L
2186
2187#define SN_secretary "secretary"
2188#define NID_secretary 474
2189#define OBJ_secretary OBJ_pilotAttributeType,21L
2190
2191#define LN_otherMailbox "otherMailbox"
2192#define NID_otherMailbox 475
2193#define OBJ_otherMailbox OBJ_pilotAttributeType,22L
2194
2195#define LN_lastModifiedTime "lastModifiedTime"
2196#define NID_lastModifiedTime 476
2197#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L
2198
2199#define LN_lastModifiedBy "lastModifiedBy"
2200#define NID_lastModifiedBy 477
2201#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L
2202
2203#define SN_domainComponent "DC"
2204#define LN_domainComponent "domainComponent"
2205#define NID_domainComponent 391
2206#define OBJ_domainComponent OBJ_pilotAttributeType,25L
2207
2208#define LN_aRecord "aRecord"
2209#define NID_aRecord 478
2210#define OBJ_aRecord OBJ_pilotAttributeType,26L
2211
2212#define LN_pilotAttributeType27 "pilotAttributeType27"
2213#define NID_pilotAttributeType27 479
2214#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L
2215
2216#define LN_mXRecord "mXRecord"
2217#define NID_mXRecord 480
2218#define OBJ_mXRecord OBJ_pilotAttributeType,28L
2219
2220#define LN_nSRecord "nSRecord"
2221#define NID_nSRecord 481
2222#define OBJ_nSRecord OBJ_pilotAttributeType,29L
2223
2224#define LN_sOARecord "sOARecord"
2225#define NID_sOARecord 482
2226#define OBJ_sOARecord OBJ_pilotAttributeType,30L
2227
2228#define LN_cNAMERecord "cNAMERecord"
2229#define NID_cNAMERecord 483
2230#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L
2231
2232#define LN_associatedDomain "associatedDomain"
2233#define NID_associatedDomain 484
2234#define OBJ_associatedDomain OBJ_pilotAttributeType,37L
2235
2236#define LN_associatedName "associatedName"
2237#define NID_associatedName 485
2238#define OBJ_associatedName OBJ_pilotAttributeType,38L
2239
2240#define LN_homePostalAddress "homePostalAddress"
2241#define NID_homePostalAddress 486
2242#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L
2243
2244#define LN_personalTitle "personalTitle"
2245#define NID_personalTitle 487
2246#define OBJ_personalTitle OBJ_pilotAttributeType,40L
2247
2248#define LN_mobileTelephoneNumber "mobileTelephoneNumber"
2249#define NID_mobileTelephoneNumber 488
2250#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L
2251
2252#define LN_pagerTelephoneNumber "pagerTelephoneNumber"
2253#define NID_pagerTelephoneNumber 489
2254#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L
2255
2256#define LN_friendlyCountryName "friendlyCountryName"
2257#define NID_friendlyCountryName 490
2258#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L
2259
2260#define LN_organizationalStatus "organizationalStatus"
2261#define NID_organizationalStatus 491
2262#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L
2263
2264#define LN_janetMailbox "janetMailbox"
2265#define NID_janetMailbox 492
2266#define OBJ_janetMailbox OBJ_pilotAttributeType,46L
2267
2268#define LN_mailPreferenceOption "mailPreferenceOption"
2269#define NID_mailPreferenceOption 493
2270#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L
2271
2272#define LN_buildingName "buildingName"
2273#define NID_buildingName 494
2274#define OBJ_buildingName OBJ_pilotAttributeType,48L
2275
2276#define LN_dSAQuality "dSAQuality"
2277#define NID_dSAQuality 495
2278#define OBJ_dSAQuality OBJ_pilotAttributeType,49L
2279
2280#define LN_singleLevelQuality "singleLevelQuality"
2281#define NID_singleLevelQuality 496
2282#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L
2283
2284#define LN_subtreeMinimumQuality "subtreeMinimumQuality"
2285#define NID_subtreeMinimumQuality 497
2286#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L
2287
2288#define LN_subtreeMaximumQuality "subtreeMaximumQuality"
2289#define NID_subtreeMaximumQuality 498
2290#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L
2291
2292#define LN_personalSignature "personalSignature"
2293#define NID_personalSignature 499
2294#define OBJ_personalSignature OBJ_pilotAttributeType,53L
2295
2296#define LN_dITRedirect "dITRedirect"
2297#define NID_dITRedirect 500
2298#define OBJ_dITRedirect OBJ_pilotAttributeType,54L
2299
2300#define SN_audio "audio"
2301#define NID_audio 501
2302#define OBJ_audio OBJ_pilotAttributeType,55L
2303
2304#define LN_documentPublisher "documentPublisher"
2305#define NID_documentPublisher 502
2306#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
2307
diff --git a/src/lib/libssl/src/crypto/objects/objects.pl b/src/lib/libssl/src/crypto/objects/objects.pl
index 76c06cc8f9..76bb8da677 100644
--- a/src/lib/libssl/src/crypto/objects/objects.pl
+++ b/src/lib/libssl/src/crypto/objects/objects.pl
@@ -107,12 +107,13 @@ while (<IN>)
107 } 107 }
108close IN; 108close IN;
109 109
110open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]"; 110#XXX don't modify input files
111foreach (sort { $a <=> $b } keys %nidn) 111#open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
112 { 112#foreach (sort { $a <=> $b } keys %nidn)
113 print NUMOUT $nidn{$_},"\t\t",$_,"\n"; 113# {
114 } 114# print NUMOUT $nidn{$_},"\t\t",$_,"\n";
115close NUMOUT; 115# }
116#close NUMOUT;
116 117
117open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]"; 118open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
118print OUT <<'EOF'; 119print OUT <<'EOF';
diff --git a/src/lib/libssl/src/crypto/ocsp/Makefile.ssl b/src/lib/libssl/src/crypto/ocsp/Makefile.ssl
new file mode 100644
index 0000000000..381c824e45
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ocsp/Makefile.ssl
@@ -0,0 +1,221 @@
1#
2# OpenSSL/ocsp/Makefile.ssl
3#
4
5DIR= ocsp
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
27 ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
28
29LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
30 ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
31
32SRC= $(LIBSRC)
33
34EXHEADER= ocsp.h
35HEADER= $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB)
47 @touch lib
48
49files:
50 perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
51
52links:
53 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
54 $(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
55 $(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
56 $(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
57
58install:
59 @for i in $(EXHEADER) ; \
60 do \
61 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
62 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
63 done;
64
65tags:
66 ctags $(SRC)
67
68tests:
69
70lint:
71 lint -DLINT $(INCLUDES) $(SRC)>fluff
72
73depend:
74 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
75
76dclean:
77 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
78 mv -f Makefile.new $(MAKEFILE)
79
80clean:
81 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
82
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
86ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
87ocsp_asn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
88ocsp_asn.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
89ocsp_asn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
90ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
91ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
92ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
93ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
94ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
95ocsp_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
96ocsp_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
97ocsp_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
98ocsp_asn.o: ../../include/openssl/x509v3.h ocsp_asn.c
99ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h
100ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
101ocsp_cl.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
102ocsp_cl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
103ocsp_cl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
104ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
105ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
106ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
107ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
108ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
109ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
110ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
111ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
112ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
113ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
114ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
115ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
116ocsp_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
117ocsp_err.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
118ocsp_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
119ocsp_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
120ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
121ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
122ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
123ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
124ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
125ocsp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
126ocsp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
127ocsp_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
128ocsp_err.o: ../../include/openssl/x509v3.h ocsp_err.c
129ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h
130ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
131ocsp_ext.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
132ocsp_ext.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
133ocsp_ext.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
134ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
135ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
136ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
137ocsp_ext.o: ../../include/openssl/opensslconf.h
138ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
139ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
140ocsp_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
141ocsp_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
142ocsp_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
143ocsp_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
144ocsp_ext.o: ../cryptlib.h ocsp_ext.c
145ocsp_ht.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
146ocsp_ht.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
147ocsp_ht.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
148ocsp_ht.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
149ocsp_ht.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
150ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
151ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
152ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
153ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
154ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
155ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
156ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
157ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
158ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c
159ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
160ocsp_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
161ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
162ocsp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
163ocsp_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
164ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
165ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
166ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
167ocsp_lib.o: ../../include/openssl/opensslconf.h
168ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
169ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
170ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
171ocsp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
172ocsp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
173ocsp_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
174ocsp_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
175ocsp_lib.o: ../cryptlib.h ocsp_lib.c
176ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
177ocsp_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
178ocsp_prn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
179ocsp_prn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
180ocsp_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
181ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
182ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
183ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
184ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
185ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
186ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
187ocsp_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
188ocsp_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
189ocsp_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
190ocsp_prn.o: ../../include/openssl/x509v3.h ocsp_prn.c
191ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h
192ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
193ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
194ocsp_srv.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
195ocsp_srv.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
196ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h
197ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
198ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
199ocsp_srv.o: ../../include/openssl/opensslconf.h
200ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
201ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
202ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
203ocsp_srv.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
204ocsp_srv.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
205ocsp_srv.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
206ocsp_srv.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
207ocsp_srv.o: ../cryptlib.h ocsp_srv.c
208ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
209ocsp_vfy.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
210ocsp_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
211ocsp_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
212ocsp_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
213ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
214ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
215ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
216ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
217ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
218ocsp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
219ocsp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
220ocsp_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
221ocsp_vfy.o: ../../include/openssl/x509v3.h ocsp_vfy.c
diff --git a/src/lib/libssl/src/crypto/pem/Makefile.ssl b/src/lib/libssl/src/crypto/pem/Makefile.ssl
new file mode 100644
index 0000000000..27be11dfc0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/Makefile.ssl
@@ -0,0 +1,250 @@
1#
2# SSLeay/crypto/pem/Makefile
3#
4
5DIR= pem
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
27 pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c
28
29LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
30 pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o
31
32SRC= $(LIBSRC)
33
34EXHEADER= pem.h pem2.h
35HEADER= $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49files:
50 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
51
52links: $(EXHEADER)
53 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
54 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
55 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
56 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
57
58install:
59 @for i in $(EXHEADER) ; \
60 do \
61 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
62 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
63 done;
64
65tags:
66 ctags $(SRC)
67
68tests:
69
70lint:
71 lint -DLINT $(INCLUDES) $(SRC)>fluff
72
73depend:
74 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
75
76dclean:
77 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
78 mv -f Makefile.new $(MAKEFILE)
79
80clean:
81 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
82
83# DO NOT DELETE THIS LINE -- make depend depends on it.
84
85pem_all.o: ../../e_os.h ../../include/openssl/asn1.h
86pem_all.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
87pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
88pem_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
89pem_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
90pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
91pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
92pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
93pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
94pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
95pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
96pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
97pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
98pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c
99pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
100pem_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
101pem_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
102pem_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
103pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
104pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
105pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
106pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
107pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
108pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
109pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
110pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
111pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
112pem_err.o: pem_err.c
113pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
114pem_info.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
115pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
116pem_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
117pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
118pem_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
119pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
120pem_info.o: ../../include/openssl/opensslconf.h
121pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
122pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
123pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
124pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
125pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
126pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
127pem_info.o: ../cryptlib.h pem_info.c
128pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h
129pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
130pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
131pem_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
132pem_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
133pem_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
134pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
135pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
136pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
137pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
138pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
139pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
140pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
141pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
142pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
143pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
144pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c
145pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
146pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
147pem_oth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
148pem_oth.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
149pem_oth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
150pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
151pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
152pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
153pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
154pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
155pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
156pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
157pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
158pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
159pem_oth.o: ../cryptlib.h pem_oth.c
160pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
161pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
162pem_pk8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
163pem_pk8.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
164pem_pk8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
165pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
166pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
167pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
168pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
169pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
170pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
171pem_pk8.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
172pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
173pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
174pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
175pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
176pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
177pem_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
178pem_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
179pem_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
180pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
181pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
182pem_pkey.o: ../../include/openssl/opensslconf.h
183pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
184pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
185pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
186pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
187pem_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
188pem_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
189pem_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
190pem_pkey.o: ../cryptlib.h pem_pkey.c
191pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
192pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
193pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
194pem_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
195pem_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
196pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
197pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
198pem_seal.o: ../../include/openssl/opensslconf.h
199pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
200pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
201pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
202pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
203pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
204pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
205pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
206pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h
207pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
208pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
209pem_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
210pem_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
211pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
212pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
213pem_sign.o: ../../include/openssl/opensslconf.h
214pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
215pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
216pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
217pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
218pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
219pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
220pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_sign.c
221pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h
222pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
223pem_x509.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
224pem_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
225pem_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
226pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
227pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
228pem_x509.o: ../../include/openssl/opensslconf.h
229pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
230pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
231pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
232pem_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
233pem_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
234pem_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
235pem_x509.o: ../cryptlib.h pem_x509.c
236pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h
237pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
238pem_xaux.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
239pem_xaux.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
240pem_xaux.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
241pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
242pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
243pem_xaux.o: ../../include/openssl/opensslconf.h
244pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
245pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
246pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
247pem_xaux.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
248pem_xaux.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
249pem_xaux.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
250pem_xaux.o: ../cryptlib.h pem_xaux.c
diff --git a/src/lib/libssl/src/crypto/pem/pem_pkey.c b/src/lib/libssl/src/crypto/pem/pem_pkey.c
index 270892d72b..d96ecf6940 100644
--- a/src/lib/libssl/src/crypto/pem/pem_pkey.c
+++ b/src/lib/libssl/src/crypto/pem/pem_pkey.c
@@ -85,6 +85,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
85 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { 85 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
86 PKCS8_PRIV_KEY_INFO *p8inf; 86 PKCS8_PRIV_KEY_INFO *p8inf;
87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); 87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
88 if(!p8inf) goto p8err;
88 ret = EVP_PKCS82PKEY(p8inf); 89 ret = EVP_PKCS82PKEY(p8inf);
89 PKCS8_PRIV_KEY_INFO_free(p8inf); 90 PKCS8_PRIV_KEY_INFO_free(p8inf);
90 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { 91 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
diff --git a/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl b/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl
new file mode 100644
index 0000000000..94089bc4b2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl
@@ -0,0 +1,297 @@
1#
2# SSLeay/crypto/pkcs12/Makefile
3#
4
5DIR= pkcs12
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
27 p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
28 p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
29LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
30 p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
31 p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
32
33SRC= $(LIBSRC)
34
35EXHEADER= pkcs12.h
36HEADER= $(EXHEADER)
37
38ALL= $(GENERAL) $(SRC) $(HEADER)
39
40top:
41 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
42
43test:
44
45all: lib
46
47lib: $(LIBOBJ)
48 $(AR) $(LIB) $(LIBOBJ)
49 $(RANLIB) $(LIB) || echo Never mind.
50 @touch lib
51
52files:
53 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
54
55links:
56 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
57 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
58 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
59 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
60
61install:
62 @for i in $(EXHEADER) ; \
63 do \
64 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
65 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
66 done;
67
68tags:
69 ctags $(SRC)
70
71tests:
72
73lint:
74 lint -DLINT $(INCLUDES) $(SRC)>fluff
75
76depend:
77 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
78
79dclean:
80 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
81 mv -f Makefile.new $(MAKEFILE)
82
83clean:
84 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
85
86# DO NOT DELETE THIS LINE -- make depend depends on it.
87
88p12_add.o: ../../e_os.h ../../include/openssl/asn1.h
89p12_add.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
90p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
91p12_add.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
92p12_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
93p12_add.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
94p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
95p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
96p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
97p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
98p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
99p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
100p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
101p12_add.o: ../cryptlib.h p12_add.c
102p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h
103p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
104p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
105p12_asn.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
106p12_asn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
107p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
108p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
109p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
110p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
111p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
112p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
113p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
114p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
115p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
116p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h
117p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
118p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
119p12_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
120p12_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
121p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
122p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
123p12_attr.o: ../../include/openssl/opensslconf.h
124p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
125p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
126p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
127p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
128p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
129p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_attr.c
130p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
131p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
132p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
133p12_crpt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
134p12_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
135p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
136p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
137p12_crpt.o: ../../include/openssl/opensslconf.h
138p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
139p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
140p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
141p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
142p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
143p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crpt.c
144p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h
145p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
146p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
147p12_crt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
148p12_crt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
149p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
150p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
151p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
152p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
153p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
154p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
155p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
156p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
157p12_crt.o: ../cryptlib.h p12_crt.c
158p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h
159p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
160p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
161p12_decr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
162p12_decr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
163p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
164p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
165p12_decr.o: ../../include/openssl/opensslconf.h
166p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
167p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
168p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
169p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
170p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
171p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_decr.c
172p12_init.o: ../../e_os.h ../../include/openssl/asn1.h
173p12_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
174p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
175p12_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
176p12_init.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
177p12_init.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
178p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
179p12_init.o: ../../include/openssl/opensslconf.h
180p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
181p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
182p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
183p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
184p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
185p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_init.c
186p12_key.o: ../../e_os.h ../../include/openssl/asn1.h
187p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
188p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
189p12_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
190p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
191p12_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
192p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
193p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
194p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
195p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
196p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
197p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
198p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
199p12_key.o: ../cryptlib.h p12_key.c
200p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h
201p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
202p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
203p12_kiss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
204p12_kiss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
205p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
206p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
207p12_kiss.o: ../../include/openssl/opensslconf.h
208p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
209p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
210p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
211p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
212p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
213p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_kiss.c
214p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h
215p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
216p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
217p12_mutl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
218p12_mutl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
219p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
220p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
221p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
222p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
223p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
224p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
225p12_mutl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
226p12_mutl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
227p12_mutl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
228p12_mutl.o: ../cryptlib.h p12_mutl.c
229p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
230p12_npas.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
231p12_npas.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
232p12_npas.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
233p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h
234p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
235p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
236p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
237p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
238p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
239p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
240p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
241p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
242p12_npas.o: ../../include/openssl/x509_vfy.h p12_npas.c
243p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h
244p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
245p12_p8d.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
246p12_p8d.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
247p12_p8d.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
248p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
249p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
250p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
251p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
252p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
253p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
254p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
255p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
256p12_p8d.o: ../cryptlib.h p12_p8d.c
257p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h
258p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
259p12_p8e.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
260p12_p8e.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
261p12_p8e.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
262p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
263p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
264p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
265p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
266p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
267p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
268p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
269p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
270p12_p8e.o: ../cryptlib.h p12_p8e.c
271p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h
272p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
273p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
274p12_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
275p12_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
276p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
277p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
278p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
279p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
280p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
281p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
282p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
283p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
284p12_utl.o: ../cryptlib.h p12_utl.c
285pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
286pk12err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
287pk12err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
288pk12err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
289pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
290pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
291pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
292pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
293pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
294pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
295pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
296pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
297pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
diff --git a/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl b/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl
new file mode 100644
index 0000000000..d2afd977e1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl
@@ -0,0 +1,195 @@
1#
2# SSLeay/crypto/pkcs7/Makefile
3#
4
5DIR= pkcs7
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19PEX_LIBS=
20EX_LIBS=
21
22CFLAGS= $(INCLUDES) $(CFLAG)
23
24GENERAL=Makefile README
25TEST=
26APPS=
27
28LIB=$(TOP)/libcrypto.a
29LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
30 pk7_mime.c
31LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
32 pk7_mime.o
33
34SRC= $(LIBSRC)
35
36EXHEADER= pkcs7.h
37HEADER= $(EXHEADER)
38
39ALL= $(GENERAL) $(SRC) $(HEADER)
40
41top:
42 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
43
44test:
45
46all: lib
47
48testapps: enc dec sign verify
49
50enc: enc.o lib
51 $(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
52
53dec: dec.o lib
54 $(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
55
56sign: sign.o lib
57 $(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
58
59verify: verify.o example.o lib
60 $(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS)
61
62lib: $(LIBOBJ)
63 $(AR) $(LIB) $(LIBOBJ)
64 $(RANLIB) $(LIB) || echo Never mind.
65 @touch lib
66
67files:
68 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
69
70links:
71 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
72 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
73 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
74 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
75
76install:
77 @for i in $(EXHEADER) ; \
78 do \
79 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
80 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
81 done;
82
83tags:
84 ctags $(SRC)
85
86tests:
87
88lint:
89 lint -DLINT $(INCLUDES) $(SRC)>fluff
90
91depend:
92 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
93
94dclean:
95 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
96 mv -f Makefile.new $(MAKEFILE)
97
98clean:
99 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
100
101# DO NOT DELETE THIS LINE -- make depend depends on it.
102
103pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
104pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
105pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
106pk7_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
107pk7_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
108pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
109pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
110pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
111pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
112pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
113pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
114pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
115pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
116pk7_asn1.o: ../cryptlib.h pk7_asn1.c
117pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
118pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
119pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
120pk7_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
121pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
122pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
123pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
124pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
125pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
126pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
127pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
128pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
129pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
130pk7_attr.o: pk7_attr.c
131pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h
132pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
133pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
134pk7_doit.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
135pk7_doit.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
136pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h
137pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
138pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
139pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
140pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
141pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
142pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
143pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
144pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
145pk7_doit.o: ../cryptlib.h pk7_doit.c
146pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h
147pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
148pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
149pk7_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
150pk7_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
151pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
152pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
153pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
154pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
155pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
156pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
157pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
158pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c
159pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
160pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
161pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
162pk7_mime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
163pk7_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
164pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
165pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
166pk7_mime.o: ../../include/openssl/opensslconf.h
167pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
168pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
169pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
170pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
171pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
172pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c
173pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h
174pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
175pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
176pk7_smime.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
177pk7_smime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
178pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
179pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
180pk7_smime.o: ../../include/openssl/objects.h
181pk7_smime.o: ../../include/openssl/opensslconf.h
182pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
183pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
184pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
185pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
186pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
187pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c
188pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
189pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
190pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
191pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
192pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
193pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
194pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
195pkcs7err.o: pkcs7err.c
diff --git a/src/lib/libssl/src/crypto/rand/Makefile.ssl b/src/lib/libssl/src/crypto/rand/Makefile.ssl
new file mode 100644
index 0000000000..4d73d4f7e8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rand/Makefile.ssl
@@ -0,0 +1,157 @@
1#
2# SSLeay/crypto/rand/Makefile
3#
4
5DIR= rand
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST= randtest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
27 rand_win.c rand_unix.c rand_os2.c
28LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
29 rand_win.o rand_unix.o rand_os2.o
30
31SRC= $(LIBSRC)
32
33EXHEADER= rand.h
34HEADER= $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48files:
49 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
50
51links:
52 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
53 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
54 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
55 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
56
57install:
58 @for i in $(EXHEADER) ; \
59 do \
60 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
61 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
62 done;
63
64tags:
65 ctags $(SRC)
66
67tests:
68
69lint:
70 lint -DLINT $(INCLUDES) $(SRC)>fluff
71
72depend:
73 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
74
75dclean:
76 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
77 mv -f Makefile.new $(MAKEFILE)
78
79clean:
80 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
81
82# DO NOT DELETE THIS LINE -- make depend depends on it.
83
84md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
85md_rand.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
86md_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
87md_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
88md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
89md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
90md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
91md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
92md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
93md_rand.o: ../../include/openssl/symhacks.h md_rand.c rand_lcl.h
94rand_egd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
95rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
96rand_egd.o: rand_egd.c
97rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
98rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
99rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
100rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
101rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
102rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
103rand_err.o: rand_err.c
104rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h
105rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
106rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107rand_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
108rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
109rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
110rand_lib.o: ../../include/openssl/opensslconf.h
111rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
112rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
113rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
114rand_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
115rand_lib.o: ../cryptlib.h rand_lib.c
116rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
117rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
118rand_os2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
119rand_os2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
120rand_os2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
121rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
122rand_os2.o: ../../include/openssl/opensslconf.h
123rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
124rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
125rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
126rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
127rand_os2.o: rand_os2.c
128rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h
129rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
130rand_unix.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
131rand_unix.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
132rand_unix.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
133rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
134rand_unix.o: ../../include/openssl/opensslconf.h
135rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
136rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
137rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
138rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
139rand_unix.o: rand_unix.c
140rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
141rand_win.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
142rand_win.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
143rand_win.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
144rand_win.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
145rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
146rand_win.o: ../../include/openssl/opensslconf.h
147rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
148rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
149rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
150rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
151rand_win.o: rand_win.c
152randfile.o: ../../e_os.h ../../include/openssl/crypto.h
153randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
154randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
155randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
156randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
157randfile.o: randfile.c
diff --git a/src/lib/libssl/src/crypto/rand/rand_unix.c b/src/lib/libssl/src/crypto/rand/rand_unix.c
index 5a78009e9a..0b29235130 100644
--- a/src/lib/libssl/src/crypto/rand/rand_unix.c
+++ b/src/lib/libssl/src/crypto/rand/rand_unix.c
@@ -122,6 +122,43 @@
122#include <unistd.h> 122#include <unistd.h>
123#include <time.h> 123#include <time.h>
124 124
125#ifdef __OpenBSD__
126#undef DEVRANDOM
127#define DEVRANDOM "/dev/arandom"
128int RAND_poll(void)
129{
130 unsigned long l;
131 pid_t curr_pid = getpid();
132 FILE *fh;
133
134 /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
135 * have this. Use /dev/urandom if you can as /dev/random may block
136 * if it runs out of random entries. */
137
138 if ((fh = fopen(DEVRANDOM, "r")) != NULL)
139 {
140 unsigned char tmpbuf[ENTROPY_NEEDED];
141 int n;
142
143 setvbuf(fh, NULL, _IONBF, 0);
144 n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
145 fclose(fh);
146 RAND_add(tmpbuf,sizeof tmpbuf,n);
147 memset(tmpbuf,0,n);
148 }
149
150 /* put in some default random data, we need more than just this */
151 l=curr_pid;
152 RAND_add(&l,sizeof(l),0);
153 l=getuid();
154 RAND_add(&l,sizeof(l),0);
155
156 l=time(NULL);
157 RAND_add(&l,sizeof(l),0);
158
159 return 1;
160}
161#else
125int RAND_poll(void) 162int RAND_poll(void)
126{ 163{
127 unsigned long l; 164 unsigned long l;
@@ -234,3 +271,4 @@ int RAND_poll(void)
234} 271}
235 272
236#endif 273#endif
274#endif
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c
index 982074c465..4b221e08f5 100644
--- a/src/lib/libssl/src/crypto/rand/randfile.c
+++ b/src/lib/libssl/src/crypto/rand/randfile.c
@@ -99,13 +99,22 @@ int RAND_load_file(const char *file, long bytes)
99 if (file == NULL) return(0); 99 if (file == NULL) return(0);
100 100
101 i=stat(file,&sb); 101 i=stat(file,&sb);
102 /* If the state fails, put some crap in anyway */ 102 if (i < 0) {
103 RAND_add(&sb,sizeof(sb),0); 103 /* If the state fails, put some crap in anyway */
104 if (i < 0) return(0); 104 RAND_add(&sb,sizeof(sb),0);
105 return(0);
106 }
105 if (bytes == 0) return(ret); 107 if (bytes == 0) return(ret);
106
107 in=fopen(file,"rb"); 108 in=fopen(file,"rb");
108 if (in == NULL) goto err; 109 if (in == NULL) goto err;
110 if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
111 /* this file is a device. we don't want read an infinite number
112 * of bytes from a random device, nor do we want to use buffered
113 * I/O because we will waste system entropy.
114 */
115 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
116 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
117 }
109 for (;;) 118 for (;;)
110 { 119 {
111 if (bytes > 0) 120 if (bytes > 0)
@@ -135,7 +144,20 @@ int RAND_write_file(const char *file)
135 int i,ret=0,rand_err=0; 144 int i,ret=0,rand_err=0;
136 FILE *out = NULL; 145 FILE *out = NULL;
137 int n; 146 int n;
138 147 struct stat sb;
148
149 i=stat(file,&sb);
150 if (i != -1) {
151 if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
152 /* this file is a device. we don't write back to it.
153 * we "succeed" on the assumption this is some sort
154 * of random device. Otherwise attempting to write to
155 * and chmod the device causes problems.
156 */
157 return(1);
158 }
159 }
160
139#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) 161#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
140 /* For some reason Win32 can't write to files created this way */ 162 /* For some reason Win32 can't write to files created this way */
141 163
@@ -196,20 +218,20 @@ err:
196 218
197const char *RAND_file_name(char *buf, size_t size) 219const char *RAND_file_name(char *buf, size_t size)
198 { 220 {
199 char *s=NULL; 221 char *s = NULL;
200 char *ret=NULL; 222 int ok = 0;
223 struct stat sb;
201 224
202 if (OPENSSL_issetugid() == 0) 225 if (issetugid() == 0)
203 s=getenv("RANDFILE"); 226 s = getenv("RANDFILE");
204 if (s != NULL) 227 if (s != NULL && *s && strlen(s) + 1 < size)
205 { 228 {
206 strncpy(buf,s,size-1); 229 strlcpy(buf,s,size);
207 buf[size-1]='\0'; 230 ok = 1;
208 ret=buf;
209 } 231 }
210 else 232 else
211 { 233 {
212 if (OPENSSL_issetugid() == 0) 234 if (issetugid() == 0)
213 s=getenv("HOME"); 235 s=getenv("HOME");
214#ifdef DEFAULT_HOME 236#ifdef DEFAULT_HOME
215 if (s == NULL) 237 if (s == NULL)
@@ -217,17 +239,37 @@ const char *RAND_file_name(char *buf, size_t size)
217 s = DEFAULT_HOME; 239 s = DEFAULT_HOME;
218 } 240 }
219#endif 241#endif
220 if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size)) 242 if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
221 { 243 {
222 strcpy(buf,s); 244 strlcpy(buf,s,size);
223#ifndef OPENSSL_SYS_VMS 245#ifndef OPENSSL_SYS_VMS
224 strcat(buf,"/"); 246 strcat(buf,"/");
225#endif 247#endif
226 strcat(buf,RFILE); 248 strlcat(buf,RFILE,size);
227 ret=buf; 249 ok = 1;
228 } 250 }
229 else 251 else
230 buf[0] = '\0'; /* no file name */ 252 buf[0] = '\0'; /* no file name */
231 } 253 }
232 return(ret); 254
255#ifdef __OpenBSD__
256 /* given that all random loads just fail if the file can't be
257 * seen on a stat, we stat the file we're returning, if it
258 * fails, use /dev/arandom instead. this allows the user to
259 * use their own source for good random data, but defaults
260 * to something hopefully decent if that isn't available.
261 */
262
263 if (!ok)
264 if (strlcpy(buf,"/dev/arandom",size) >= size) {
265 return(NULL);
266 }
267 if (stat(buf,&sb) == -1)
268 if (strlcpy(buf,"/dev/arandom",size) >= size) {
269 return(NULL);
270 }
271
272#endif
273 return(buf);
233 } 274 }
275
diff --git a/src/lib/libssl/src/crypto/rc2/Makefile.ssl b/src/lib/libssl/src/crypto/rc2/Makefile.ssl
new file mode 100644
index 0000000000..6aa921c863
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/Makefile.ssl
@@ -0,0 +1,91 @@
1#
2# SSLeay/crypto/rc2/Makefile
3#
4
5DIR= rc2
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=rc2test.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
27LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= rc2.h
32HEADER= rc2_locl.h $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
83rc2_cbc.o: rc2_cbc.c rc2_locl.h
84rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
85rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
86rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
87rc2_skey.o: rc2_locl.h rc2_skey.c
88rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
89rc2cfb64.o: rc2_locl.h rc2cfb64.c
90rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
91rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/src/lib/libssl/src/crypto/rc4/Makefile.ssl b/src/lib/libssl/src/crypto/rc4/Makefile.ssl
new file mode 100644
index 0000000000..c779728af8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/Makefile.ssl
@@ -0,0 +1,115 @@
1#
2# SSLeay/crypto/rc4/Makefile
3#
4
5DIR= rc4
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20RC4_ENC=rc4_enc.o
21# or use
22#RC4_ENC=asm/rx86-elf.o
23#RC4_ENC=asm/rx86-out.o
24#RC4_ENC=asm/rx86-sol.o
25#RC4_ENC=asm/rx86bdsi.o
26
27CFLAGS= $(INCLUDES) $(CFLAG)
28
29GENERAL=Makefile
30TEST=rc4test.c
31APPS=
32
33LIB=$(TOP)/libcrypto.a
34LIBSRC=rc4_skey.c rc4_enc.c
35LIBOBJ=rc4_skey.o $(RC4_ENC)
36
37SRC= $(LIBSRC)
38
39EXHEADER= rc4.h
40HEADER= $(EXHEADER) rc4_locl.h
41
42ALL= $(GENERAL) $(SRC) $(HEADER)
43
44top:
45 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
46
47all: lib
48
49lib: $(LIBOBJ)
50 $(AR) $(LIB) $(LIBOBJ)
51 $(RANLIB) $(LIB) || echo Never mind.
52 @touch lib
53
54# elf
55asm/rx86-elf.o: asm/rx86unix.cpp
56 $(CPP) -DELF -x c asm/rx86unix.cpp | as -o asm/rx86-elf.o
57
58# solaris
59asm/rx86-sol.o: asm/rx86unix.cpp
60 $(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s
61 as -o asm/rx86-sol.o asm/rx86-sol.s
62 rm -f asm/rx86-sol.s
63
64# a.out
65asm/rx86-out.o: asm/rx86unix.cpp
66 $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
67
68# bsdi
69asm/rx86bsdi.o: asm/rx86unix.cpp
70 $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o
71
72asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
73 (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
74
75files:
76 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
77
78links:
79 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
80 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
81 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
82 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
83
84install:
85 @for i in $(EXHEADER) ; \
86 do \
87 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
88 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
89 done;
90
91tags:
92 ctags $(SRC)
93
94tests:
95
96lint:
97 lint -DLINT $(INCLUDES) $(SRC)>fluff
98
99depend:
100 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
101
102dclean:
103 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
104 mv -f Makefile.new $(MAKEFILE)
105
106clean:
107 rm -f asm/rx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
108
109# DO NOT DELETE THIS LINE -- make depend depends on it.
110
111rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h
112rc4_enc.o: rc4_enc.c rc4_locl.h
113rc4_skey.o: ../../include/openssl/opensslconf.h
114rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
115rc4_skey.o: rc4_locl.h rc4_skey.c
diff --git a/src/lib/libssl/src/crypto/rc5/Makefile.ssl b/src/lib/libssl/src/crypto/rc5/Makefile.ssl
new file mode 100644
index 0000000000..01d08c7d43
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc5/Makefile.ssl
@@ -0,0 +1,113 @@
1#
2# SSLeay/crypto/rc5/Makefile
3#
4
5DIR= rc5
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20RC5_ENC= rc5_enc.o
21# or use
22#DES_ENC= r586-elf.o
23
24CFLAGS= $(INCLUDES) $(CFLAG)
25
26GENERAL=Makefile
27TEST=rc5test.c
28APPS=
29
30LIB=$(TOP)/libcrypto.a
31LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
32LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
33
34SRC= $(LIBSRC)
35
36EXHEADER= rc5.h
37HEADER= rc5_locl.h $(EXHEADER)
38
39ALL= $(GENERAL) $(SRC) $(HEADER)
40
41top:
42 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
43
44all: lib
45
46lib: $(LIBOBJ)
47 $(AR) $(LIB) $(LIBOBJ)
48 $(RANLIB) $(LIB) || echo Never mind.
49 @touch lib
50
51# elf
52asm/r586-elf.o: asm/r586unix.cpp
53 $(CPP) -DELF -x c asm/r586unix.cpp | as -o asm/r586-elf.o
54
55# solaris
56asm/r586-sol.o: asm/r586unix.cpp
57 $(CC) -E -DSOL asm/r586unix.cpp | sed 's/^#.*//' > asm/r586-sol.s
58 as -o asm/r586-sol.o asm/r586-sol.s
59 rm -f asm/r586-sol.s
60
61# a.out
62asm/r586-out.o: asm/r586unix.cpp
63 $(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o
64
65# bsdi
66asm/r586bsdi.o: asm/r586unix.cpp
67 $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o
68
69asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
70 (cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp)
71
72files:
73 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
74
75links:
76 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
77 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
78 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
79 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
80
81install:
82 @for i in $(EXHEADER) ; \
83 do \
84 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
85 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
86 done;
87
88tags:
89 ctags $(SRC)
90
91tests:
92
93lint:
94 lint -DLINT $(INCLUDES) $(SRC)>fluff
95
96depend:
97 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
98
99dclean:
100 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
101 mv -f Makefile.new $(MAKEFILE)
102
103clean:
104 rm -f asm/r586unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
105
106# DO NOT DELETE THIS LINE -- make depend depends on it.
107
108rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
109rc5_ecb.o: rc5_ecb.c rc5_locl.h
110rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h
111rc5_skey.o: ../../include/openssl/rc5.h rc5_locl.h rc5_skey.c
112rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c
113rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c
diff --git a/src/lib/libssl/src/crypto/rc5/asm/rc5-586.pl b/src/lib/libssl/src/crypto/rc5/asm/rc5-586.pl
new file mode 100644
index 0000000000..edff1d1e64
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc5/asm/rc5-586.pl
@@ -0,0 +1,109 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5require "cbc.pl";
6
7&asm_init($ARGV[0],"rc5-586.pl");
8
9$RC5_MAX_ROUNDS=16;
10$RC5_32_OFF=($RC5_MAX_ROUNDS+2)*4;
11$A="edi";
12$B="esi";
13$S="ebp";
14$tmp1="eax";
15$r="ebx";
16$tmpc="ecx";
17$tmp4="edx";
18
19&RC5_32_encrypt("RC5_32_encrypt",1);
20&RC5_32_encrypt("RC5_32_decrypt",0);
21&cbc("RC5_32_cbc_encrypt","RC5_32_encrypt","RC5_32_decrypt",0,4,5,3,-1,-1);
22&asm_finish();
23
24sub RC5_32_encrypt
25 {
26 local($name,$enc)=@_;
27
28 &function_begin_B($name,"");
29
30 &comment("");
31
32 &push("ebp");
33 &push("esi");
34 &push("edi");
35 &mov($tmp4,&wparam(0));
36 &mov($S,&wparam(1));
37
38 &comment("Load the 2 words");
39 &mov($A,&DWP(0,$tmp4,"",0));
40 &mov($B,&DWP(4,$tmp4,"",0));
41
42 &push($r);
43 &mov($r, &DWP(0,$S,"",0));
44
45 # encrypting part
46
47 if ($enc)
48 {
49 &add($A, &DWP(4+0,$S,"",0));
50 &add($B, &DWP(4+4,$S,"",0));
51
52 for ($i=0; $i<$RC5_MAX_ROUNDS; $i++)
53 {
54 &xor($A, $B);
55 &mov($tmp1, &DWP(12+$i*8,$S,"",0));
56 &mov($tmpc, $B);
57 &rotl($A, &LB("ecx"));
58 &add($A, $tmp1);
59
60 &xor($B, $A);
61 &mov($tmp1, &DWP(16+$i*8,$S,"",0));
62 &mov($tmpc, $A);
63 &rotl($B, &LB("ecx"));
64 &add($B, $tmp1);
65 if (($i == 7) || ($i == 11))
66 {
67 &cmp($r, $i+1);
68 &je(&label("rc5_exit"));
69 }
70 }
71 }
72 else
73 {
74 &cmp($r, 12);
75 &je(&label("rc5_dec_12"));
76 &cmp($r, 8);
77 &je(&label("rc5_dec_8"));
78 for ($i=$RC5_MAX_ROUNDS; $i > 0; $i--)
79 {
80 &set_label("rc5_dec_$i") if ($i == 12) || ($i == 8);
81 &mov($tmp1, &DWP($i*8+8,$S,"",0));
82 &sub($B, $tmp1);
83 &mov($tmpc, $A);
84 &rotr($B, &LB("ecx"));
85 &xor($B, $A);
86
87 &mov($tmp1, &DWP($i*8+4,$S,"",0));
88 &sub($A, $tmp1);
89 &mov($tmpc, $B);
90 &rotr($A, &LB("ecx"));
91 &xor($A, $B);
92 }
93 &sub($B, &DWP(4+4,$S,"",0));
94 &sub($A, &DWP(4+0,$S,"",0));
95 }
96
97 &set_label("rc5_exit");
98 &mov(&DWP(0,$tmp4,"",0),$A);
99 &mov(&DWP(4,$tmp4,"",0),$B);
100
101 &pop("ebx");
102 &pop("edi");
103 &pop("esi");
104 &pop("ebp");
105 &ret();
106 &function_end_B($name);
107 }
108
109
diff --git a/src/lib/libssl/src/crypto/rijndael/Makefile.ssl b/src/lib/libssl/src/crypto/rijndael/Makefile.ssl
new file mode 100644
index 0000000000..7f57f174fd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rijndael/Makefile.ssl
@@ -0,0 +1,89 @@
1#
2# crypto/rijndael/Makefile
3#
4
5DIR= rijndael
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20RD_ENC= rd_enc.o
21# or use
22#DES_ENC= bx86-elf.o
23
24# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
25CFLAGS= $(INCLUDES) $(CFLAG)
26
27GENERAL=Makefile
28TEST=
29APPS=
30
31LIB=$(TOP)/libcrypto.a
32LIBSRC=rd_fst.c
33LIBOBJ=rd_fst.o
34
35SRC= $(LIBSRC)
36
37EXHEADER=rd_fst.h rijndael.h
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB)
47 @touch lib
48
49$(LIBOBJ): $(LIBSRC)
50
51files:
52 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
53
54links:
55 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
56 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
57 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
58 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
59
60install: installs
61
62installs:
63 @for i in $(EXHEADER) ; \
64 do \
65 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
66 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
67 done;
68
69tags:
70 ctags $(SRC)
71
72tests:
73
74lint:
75 lint -DLINT $(INCLUDES) $(SRC)>fluff
76
77depend:
78 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
79
80dclean:
81 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
82 mv -f Makefile.new $(MAKEFILE)
83
84clean:
85 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
86
87# DO NOT DELETE THIS LINE -- make depend depends on it.
88
89rd_fst.o: rd_fst.c rd_fst.h
diff --git a/src/lib/libssl/src/crypto/rijndael/README b/src/lib/libssl/src/crypto/rijndael/README
new file mode 100644
index 0000000000..1118ccbad8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rijndael/README
@@ -0,0 +1,80 @@
1Optimised ANSI C code for the Rijndael cipher (now AES)
2
3Authors:
4 Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
5 Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
6 Paulo Barreto <paulo.barreto@terra.com.br>
7
8All code contained in this distributed is placed in the public domain.
9
10========================================================================
11
12Disclaimer:
13
14THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
15OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
18LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
19CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
20SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
21BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
22WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
23OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
24EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25
26========================================================================
27
28Acknowledgements:
29
30We are deeply indebted to the following people for their bug reports,
31fixes, and improvement suggestions to the API implementation. Though we
32tried to list all contributions, we apologise in advance for any
33missing reference:
34
35Andrew Bales <Andrew.Bales@Honeywell.com>
36Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
37John Skodon <skodonj@webquill.com>
38
39========================================================================
40
41Description:
42
43This optimised implementation of Rijndael is noticeably faster than the
44previous versions on Intel processors under Win32 w/ MSVC 6.0. On the
45same processor under Linux w/ gcc-2.95.2, the key setup is also
46considerably faster, but normal encryption/decryption is only marginally
47faster.
48
49To enable full loop unrolling for encryption/decryption, define the
50conditional compilation directive FULL_UNROLL. This may help increase
51performance or not, depending on the platform.
52
53To compute the intermediate value tests, define the conditional
54compilation directive INTERMEDIATE_VALUE_KAT. It may be worthwhile to
55define the TRACE_KAT_MCT directive too, which provides useful progress
56information during the generation of the KAT and MCT sets.
57
58========================================================================
59
60Contents:
61
62README This file
63rijndael-alg-fst.c The algorithm implementation.
64rijndael-alg-fst.h The corresponding header file.
65rijndael-api-fst.c NIST's implementation.
66rijndael-api-fst.h The corresponding header file.
67rijndael-test-fst.c A simple program to generate test vectors.
68table.128 Data for the table tests and 128-bit keys.
69table.192 Data for the table tests and 192-bit keys.
70table.256 Data for the table tests and 256-bit keys.
71fips-test-vectors.txt Key schedule and ciphertext intermediate values
72 (reduced set proposed for FIPS inclusion).
73Makefile A sample makefile; may need some changes,
74 depending on the C compiler used.
75
76N.B. Both the API implementation and the provisional reduced set of
77test vectors are likely to change, according to NIST's final decision
78regarding modes of operation and the FIPS contents. They are therefore
79marked as "version 2.9" rather than "version 3.0".
80
diff --git a/src/lib/libssl/src/crypto/rijndael/rd_fst.c b/src/lib/libssl/src/crypto/rijndael/rd_fst.c
new file mode 100644
index 0000000000..f1597288f0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rijndael/rd_fst.c
@@ -0,0 +1,1400 @@
1/**
2 * rijndael-alg-fst.c
3 *
4 * @version 3.0 (December 2000)
5 *
6 * Optimised ANSI C code for the Rijndael cipher (now AES)
7 *
8 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
9 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
10 * @author Paulo Barreto <paulo.barreto@terra.com.br>
11 *
12 * This code is hereby placed in the public domain.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
15 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
18 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
19 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
20 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
21 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
22 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
23 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
24 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26#include <assert.h>
27#include <stdlib.h>
28
29#include "rd_fst.h"
30
31/*
32Te0[x] = S [x].[02, 01, 01, 03];
33Te1[x] = S [x].[03, 02, 01, 01];
34Te2[x] = S [x].[01, 03, 02, 01];
35Te3[x] = S [x].[01, 01, 03, 02];
36Te4[x] = S [x].[01, 01, 01, 01];
37
38Td0[x] = Si[x].[0e, 09, 0d, 0b];
39Td1[x] = Si[x].[0b, 0e, 09, 0d];
40Td2[x] = Si[x].[0d, 0b, 0e, 09];
41Td3[x] = Si[x].[09, 0d, 0b, 0e];
42Td4[x] = Si[x].[01, 01, 01, 01];
43*/
44
45static const u32 Te0[256] = {
46 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
47 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
48 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
49 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
50 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
51 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
52 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
53 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
54 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
55 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
56 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
57 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
58 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
59 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
60 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
61 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
62 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
63 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
64 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
65 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
66 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
67 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
68 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
69 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
70 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
71 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
72 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
73 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
74 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
75 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
76 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
77 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
78 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
79 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
80 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
81 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
82 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
83 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
84 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
85 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
86 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
87 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
88 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
89 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
90 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
91 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
92 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
93 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
94 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
95 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
96 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
97 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
98 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
99 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
100 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
101 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
102 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
103 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
104 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
105 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
106 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
107 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
108 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
109 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
110};
111static const u32 Te1[256] = {
112 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
113 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
114 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
115 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
116 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
117 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
118 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
119 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
120 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
121 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
122 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
123 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
124 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
125 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
126 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
127 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
128 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
129 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
130 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
131 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
132 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
133 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
134 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
135 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
136 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
137 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
138 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
139 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
140 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
141 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
142 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
143 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
144 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
145 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
146 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
147 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
148 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
149 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
150 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
151 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
152 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
153 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
154 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
155 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
156 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
157 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
158 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
159 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
160 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
161 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
162 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
163 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
164 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
165 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
166 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
167 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
168 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
169 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
170 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
171 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
172 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
173 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
174 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
175 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
176};
177static const u32 Te2[256] = {
178 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
179 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
180 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
181 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
182 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
183 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
184 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
185 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
186 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
187 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
188 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
189 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
190 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
191 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
192 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
193 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
194 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
195 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
196 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
197 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
198 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
199 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
200 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
201 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
202 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
203 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
204 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
205 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
206 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
207 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
208 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
209 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
210 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
211 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
212 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
213 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
214 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
215 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
216 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
217 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
218 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
219 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
220 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
221 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
222 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
223 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
224 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
225 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
226 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
227 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
228 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
229 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
230 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
231 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
232 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
233 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
234 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
235 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
236 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
237 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
238 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
239 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
240 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
241 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
242};
243static const u32 Te3[256] = {
244
245 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
246 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
247 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
248 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
249 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
250 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
251 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
252 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
253 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
254 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
255 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
256 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
257 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
258 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
259 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
260 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
261 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
262 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
263 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
264 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
265 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
266 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
267 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
268 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
269 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
270 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
271 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
272 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
273 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
274 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
275 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
276 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
277 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
278 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
279 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
280 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
281 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
282 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
283 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
284 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
285 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
286 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
287 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
288 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
289 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
290 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
291 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
292 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
293 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
294 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
295 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
296 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
297 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
298 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
299 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
300 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
301 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
302 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
303 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
304 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
305 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
306 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
307 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
308 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
309};
310static const u32 Te4[256] = {
311 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
312 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
313 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
314 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
315 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
316 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
317 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
318 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
319 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
320 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
321 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
322 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
323 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
324 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
325 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
326 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
327 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
328 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
329 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
330 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
331 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
332 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
333 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
334 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
335 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
336 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
337 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
338 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
339 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
340 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
341 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
342 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
343 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
344 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
345 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
346 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
347 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
348 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
349 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
350 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
351 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
352 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
353 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
354 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
355 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
356 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
357 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
358 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
359 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
360 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
361 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
362 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
363 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
364 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
365 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
366 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
367 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
368 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
369 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
370 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
371 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
372 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
373 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
374 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
375};
376static const u32 Td0[256] = {
377 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
378 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
379 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
380 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
381 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
382 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
383 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
384 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
385 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
386 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
387 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
388 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
389 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
390 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
391 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
392 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
393 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
394 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
395 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
396 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
397 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
398 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
399 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
400 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
401 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
402 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
403 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
404 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
405 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
406 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
407 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
408 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
409 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
410 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
411 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
412 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
413 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
414 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
415 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
416 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
417 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
418 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
419 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
420 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
421 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
422 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
423 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
424 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
425 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
426 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
427 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
428 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
429 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
430 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
431 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
432 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
433 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
434 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
435 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
436 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
437 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
438 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
439 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
440 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
441};
442static const u32 Td1[256] = {
443 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
444 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
445 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
446 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
447 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
448 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
449 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
450 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
451 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
452 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
453 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
454 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
455 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
456 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
457 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
458 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
459 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
460 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
461 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
462 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
463 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
464 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
465 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
466 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
467 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
468 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
469 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
470 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
471 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
472 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
473 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
474 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
475 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
476 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
477 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
478 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
479 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
480 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
481 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
482 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
483 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
484 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
485 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
486 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
487 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
488 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
489 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
490 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
491 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
492 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
493 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
494 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
495 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
496 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
497 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
498 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
499 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
500 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
501 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
502 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
503 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
504 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
505 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
506 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
507};
508static const u32 Td2[256] = {
509 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
510 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
511 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
512 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
513 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
514 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
515 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
516 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
517 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
518 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
519 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
520 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
521 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
522 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
523 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
524 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
525 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
526 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
527 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
528 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
529
530 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
531 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
532 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
533 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
534 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
535 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
536 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
537 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
538 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
539 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
540 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
541 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
542 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
543 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
544 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
545 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
546 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
547 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
548 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
549 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
550 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
551 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
552 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
553 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
554 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
555 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
556 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
557 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
558 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
559 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
560 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
561 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
562 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
563 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
564 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
565 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
566 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
567 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
568 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
569 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
570 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
571 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
572 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
573 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
574};
575static const u32 Td3[256] = {
576 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
577 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
578 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
579 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
580 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
581 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
582 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
583 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
584 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
585 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
586 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
587 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
588 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
589 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
590 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
591 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
592 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
593 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
594 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
595 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
596 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
597 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
598 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
599 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
600 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
601 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
602 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
603 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
604 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
605 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
606 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
607 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
608 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
609 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
610 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
611 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
612 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
613 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
614 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
615 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
616 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
617 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
618 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
619 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
620 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
621 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
622 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
623 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
624 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
625 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
626 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
627 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
628 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
629 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
630 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
631 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
632 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
633 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
634 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
635 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
636 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
637 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
638 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
639 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
640};
641static const u32 Td4[256] = {
642 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
643 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
644 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
645 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
646 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
647 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
648 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
649 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
650 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
651 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
652 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
653 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
654 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
655 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
656 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
657 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
658 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
659 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
660 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
661 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
662 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
663 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
664 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
665 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
666 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
667 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
668 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
669 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
670 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
671 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
672 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
673 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
674 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
675 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
676 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
677 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
678 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
679 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
680 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
681 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
682 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
683 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
684 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
685 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
686 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
687 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
688 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
689 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
690 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
691 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
692 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
693 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
694 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
695 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
696 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
697 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
698 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
699 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
700 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
701 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
702 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
703 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
704 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
705 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
706};
707static const u32 rcon[] = {
708 0x01000000, 0x02000000, 0x04000000, 0x08000000,
709 0x10000000, 0x20000000, 0x40000000, 0x80000000,
710 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
711};
712
713#define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
714
715#ifdef _MSC_VER
716#define GETU32(p) SWAP(*((u32 *)(p)))
717#define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
718#else
719#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
720#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
721#endif
722
723/**
724 * Expand the cipher key into the encryption key schedule.
725 *
726 * @return the number of rounds for the given cipher key size.
727 */
728int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) {
729 int i = 0;
730 u32 temp;
731
732 rk[0] = GETU32(cipherKey );
733 rk[1] = GETU32(cipherKey + 4);
734 rk[2] = GETU32(cipherKey + 8);
735 rk[3] = GETU32(cipherKey + 12);
736 if (keyBits == 128) {
737 for (;;) {
738 temp = rk[3];
739 rk[4] = rk[0] ^
740 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
741 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
742 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
743 (Te4[(temp >> 24) ] & 0x000000ff) ^
744 rcon[i];
745 rk[5] = rk[1] ^ rk[4];
746 rk[6] = rk[2] ^ rk[5];
747 rk[7] = rk[3] ^ rk[6];
748 if (++i == 10) {
749 return 10;
750 }
751 rk += 4;
752 }
753 }
754 rk[4] = GETU32(cipherKey + 16);
755 rk[5] = GETU32(cipherKey + 20);
756 if (keyBits == 192) {
757 for (;;) {
758 temp = rk[ 5];
759 rk[ 6] = rk[ 0] ^
760 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
761 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
762 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
763 (Te4[(temp >> 24) ] & 0x000000ff) ^
764 rcon[i];
765 rk[ 7] = rk[ 1] ^ rk[ 6];
766 rk[ 8] = rk[ 2] ^ rk[ 7];
767 rk[ 9] = rk[ 3] ^ rk[ 8];
768 if (++i == 8) {
769 return 12;
770 }
771 rk[10] = rk[ 4] ^ rk[ 9];
772 rk[11] = rk[ 5] ^ rk[10];
773 rk += 6;
774 }
775 }
776 rk[6] = GETU32(cipherKey + 24);
777 rk[7] = GETU32(cipherKey + 28);
778 if (keyBits == 256) {
779 for (;;) {
780 temp = rk[ 7];
781 rk[ 8] = rk[ 0] ^
782 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
783 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
784 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
785 (Te4[(temp >> 24) ] & 0x000000ff) ^
786 rcon[i];
787 rk[ 9] = rk[ 1] ^ rk[ 8];
788 rk[10] = rk[ 2] ^ rk[ 9];
789 rk[11] = rk[ 3] ^ rk[10];
790 if (++i == 7) {
791 return 14;
792 }
793 temp = rk[11];
794 rk[12] = rk[ 4] ^
795 (Te4[(temp >> 24) ] & 0xff000000) ^
796 (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
797 (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
798 (Te4[(temp ) & 0xff] & 0x000000ff);
799 rk[13] = rk[ 5] ^ rk[12];
800 rk[14] = rk[ 6] ^ rk[13];
801 rk[15] = rk[ 7] ^ rk[14];
802
803 rk += 8;
804 }
805 }
806 return 0;
807}
808
809/**
810 * Expand the cipher key into the decryption key schedule.
811 *
812 * @return the number of rounds for the given cipher key size.
813 */
814int rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) {
815 int Nr, i, j;
816 u32 temp;
817
818 /* expand the cipher key: */
819 Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);
820 /* invert the order of the round keys: */
821 for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) {
822 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
823 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
824 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
825 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
826 }
827 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
828 for (i = 1; i < Nr; i++) {
829 rk += 4;
830 rk[0] =
831 Td0[Te4[(rk[0] >> 24) ] & 0xff] ^
832 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
833 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
834 Td3[Te4[(rk[0] ) & 0xff] & 0xff];
835 rk[1] =
836 Td0[Te4[(rk[1] >> 24) ] & 0xff] ^
837 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
838 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
839 Td3[Te4[(rk[1] ) & 0xff] & 0xff];
840 rk[2] =
841 Td0[Te4[(rk[2] >> 24) ] & 0xff] ^
842 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
843 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
844 Td3[Te4[(rk[2] ) & 0xff] & 0xff];
845 rk[3] =
846 Td0[Te4[(rk[3] >> 24) ] & 0xff] ^
847 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
848 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
849 Td3[Te4[(rk[3] ) & 0xff] & 0xff];
850 }
851 return Nr;
852}
853
854void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]) {
855 u32 s0, s1, s2, s3, t0, t1, t2, t3;
856#ifndef FULL_UNROLL
857 int r;
858#endif /* ?FULL_UNROLL */
859
860 /*
861 * map byte array block to cipher state
862 * and add initial round key:
863 */
864 s0 = GETU32(pt ) ^ rk[0];
865 s1 = GETU32(pt + 4) ^ rk[1];
866 s2 = GETU32(pt + 8) ^ rk[2];
867 s3 = GETU32(pt + 12) ^ rk[3];
868#ifdef FULL_UNROLL
869 /* round 1: */
870 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
871 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
872 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
873 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
874 /* round 2: */
875 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
876 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
877 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
878 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
879 /* round 3: */
880 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
881 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
882 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
883 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
884 /* round 4: */
885 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
886 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
887 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
888 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
889 /* round 5: */
890 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
891 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
892 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
893 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
894 /* round 6: */
895 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
896 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
897 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
898 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
899 /* round 7: */
900 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
901 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
902 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
903 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
904 /* round 8: */
905 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
906 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
907 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
908 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
909 /* round 9: */
910 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
911 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
912 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
913 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
914 if (Nr > 10) {
915 /* round 10: */
916 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
917 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
918 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
919 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
920 /* round 11: */
921 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
922 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
923 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
924 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
925 if (Nr > 12) {
926 /* round 12: */
927 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
928 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
929 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
930 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
931 /* round 13: */
932 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
933 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
934 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
935 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
936 }
937 }
938 rk += Nr << 2;
939#else /* !FULL_UNROLL */
940 /*
941 * Nr - 1 full rounds:
942 */
943 r = Nr >> 1;
944 for (;;) {
945 t0 =
946 Te0[(s0 >> 24) ] ^
947 Te1[(s1 >> 16) & 0xff] ^
948 Te2[(s2 >> 8) & 0xff] ^
949 Te3[(s3 ) & 0xff] ^
950 rk[4];
951 t1 =
952 Te0[(s1 >> 24) ] ^
953 Te1[(s2 >> 16) & 0xff] ^
954 Te2[(s3 >> 8) & 0xff] ^
955 Te3[(s0 ) & 0xff] ^
956 rk[5];
957 t2 =
958 Te0[(s2 >> 24) ] ^
959 Te1[(s3 >> 16) & 0xff] ^
960 Te2[(s0 >> 8) & 0xff] ^
961 Te3[(s1 ) & 0xff] ^
962 rk[6];
963 t3 =
964 Te0[(s3 >> 24) ] ^
965 Te1[(s0 >> 16) & 0xff] ^
966 Te2[(s1 >> 8) & 0xff] ^
967 Te3[(s2 ) & 0xff] ^
968 rk[7];
969
970 rk += 8;
971 if (--r == 0) {
972 break;
973 }
974
975 s0 =
976 Te0[(t0 >> 24) ] ^
977 Te1[(t1 >> 16) & 0xff] ^
978 Te2[(t2 >> 8) & 0xff] ^
979 Te3[(t3 ) & 0xff] ^
980 rk[0];
981 s1 =
982 Te0[(t1 >> 24) ] ^
983 Te1[(t2 >> 16) & 0xff] ^
984 Te2[(t3 >> 8) & 0xff] ^
985 Te3[(t0 ) & 0xff] ^
986 rk[1];
987 s2 =
988 Te0[(t2 >> 24) ] ^
989 Te1[(t3 >> 16) & 0xff] ^
990 Te2[(t0 >> 8) & 0xff] ^
991 Te3[(t1 ) & 0xff] ^
992 rk[2];
993 s3 =
994 Te0[(t3 >> 24) ] ^
995 Te1[(t0 >> 16) & 0xff] ^
996 Te2[(t1 >> 8) & 0xff] ^
997 Te3[(t2 ) & 0xff] ^
998 rk[3];
999 }
1000#endif /* ?FULL_UNROLL */
1001 /*
1002 * apply last round and
1003 * map cipher state to byte array block:
1004 */
1005 s0 =
1006 (Te4[(t0 >> 24) ] & 0xff000000) ^
1007 (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1008 (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1009 (Te4[(t3 ) & 0xff] & 0x000000ff) ^
1010 rk[0];
1011 PUTU32(ct , s0);
1012 s1 =
1013 (Te4[(t1 >> 24) ] & 0xff000000) ^
1014 (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1015 (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1016 (Te4[(t0 ) & 0xff] & 0x000000ff) ^
1017 rk[1];
1018 PUTU32(ct + 4, s1);
1019 s2 =
1020 (Te4[(t2 >> 24) ] & 0xff000000) ^
1021 (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1022 (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1023 (Te4[(t1 ) & 0xff] & 0x000000ff) ^
1024 rk[2];
1025 PUTU32(ct + 8, s2);
1026 s3 =
1027 (Te4[(t3 >> 24) ] & 0xff000000) ^
1028 (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1029 (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1030 (Te4[(t2 ) & 0xff] & 0x000000ff) ^
1031 rk[3];
1032 PUTU32(ct + 12, s3);
1033}
1034
1035void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]) {
1036 u32 s0, s1, s2, s3, t0, t1, t2, t3;
1037#ifndef FULL_UNROLL
1038 int r;
1039#endif /* ?FULL_UNROLL */
1040
1041 /*
1042 * map byte array block to cipher state
1043 * and add initial round key:
1044 */
1045 s0 = GETU32(ct ) ^ rk[0];
1046 s1 = GETU32(ct + 4) ^ rk[1];
1047 s2 = GETU32(ct + 8) ^ rk[2];
1048 s3 = GETU32(ct + 12) ^ rk[3];
1049#ifdef FULL_UNROLL
1050 /* round 1: */
1051 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
1052 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
1053 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
1054 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
1055 /* round 2: */
1056 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
1057 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
1058 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
1059 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
1060 /* round 3: */
1061 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
1062 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
1063 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
1064 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
1065 /* round 4: */
1066 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
1067 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
1068 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
1069 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
1070 /* round 5: */
1071 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
1072 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
1073 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
1074 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
1075 /* round 6: */
1076 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
1077 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
1078 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
1079 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
1080 /* round 7: */
1081 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
1082 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
1083 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
1084 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
1085 /* round 8: */
1086 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
1087 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
1088 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
1089 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
1090 /* round 9: */
1091 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
1092 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
1093 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
1094 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
1095 if (Nr > 10) {
1096 /* round 10: */
1097 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
1098 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
1099 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
1100 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
1101 /* round 11: */
1102 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
1103 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
1104 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
1105 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
1106 if (Nr > 12) {
1107 /* round 12: */
1108 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
1109 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
1110 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
1111 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
1112 /* round 13: */
1113 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
1114 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
1115 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
1116 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
1117 }
1118 }
1119 rk += Nr << 2;
1120#else /* !FULL_UNROLL */
1121 /*
1122 * Nr - 1 full rounds:
1123 */
1124 r = Nr >> 1;
1125 for (;;) {
1126 t0 =
1127 Td0[(s0 >> 24) ] ^
1128 Td1[(s3 >> 16) & 0xff] ^
1129 Td2[(s2 >> 8) & 0xff] ^
1130 Td3[(s1 ) & 0xff] ^
1131 rk[4];
1132 t1 =
1133 Td0[(s1 >> 24) ] ^
1134 Td1[(s0 >> 16) & 0xff] ^
1135 Td2[(s3 >> 8) & 0xff] ^
1136 Td3[(s2 ) & 0xff] ^
1137 rk[5];
1138 t2 =
1139 Td0[(s2 >> 24) ] ^
1140 Td1[(s1 >> 16) & 0xff] ^
1141 Td2[(s0 >> 8) & 0xff] ^
1142 Td3[(s3 ) & 0xff] ^
1143 rk[6];
1144 t3 =
1145 Td0[(s3 >> 24) ] ^
1146 Td1[(s2 >> 16) & 0xff] ^
1147 Td2[(s1 >> 8) & 0xff] ^
1148 Td3[(s0 ) & 0xff] ^
1149 rk[7];
1150
1151 rk += 8;
1152 if (--r == 0) {
1153 break;
1154 }
1155
1156 s0 =
1157 Td0[(t0 >> 24) ] ^
1158 Td1[(t3 >> 16) & 0xff] ^
1159 Td2[(t2 >> 8) & 0xff] ^
1160 Td3[(t1 ) & 0xff] ^
1161 rk[0];
1162 s1 =
1163 Td0[(t1 >> 24) ] ^
1164 Td1[(t0 >> 16) & 0xff] ^
1165 Td2[(t3 >> 8) & 0xff] ^
1166 Td3[(t2 ) & 0xff] ^
1167 rk[1];
1168 s2 =
1169 Td0[(t2 >> 24) ] ^
1170 Td1[(t1 >> 16) & 0xff] ^
1171 Td2[(t0 >> 8) & 0xff] ^
1172 Td3[(t3 ) & 0xff] ^
1173 rk[2];
1174 s3 =
1175 Td0[(t3 >> 24) ] ^
1176 Td1[(t2 >> 16) & 0xff] ^
1177 Td2[(t1 >> 8) & 0xff] ^
1178 Td3[(t0 ) & 0xff] ^
1179 rk[3];
1180 }
1181#endif /* ?FULL_UNROLL */
1182 /*
1183 * apply last round and
1184 * map cipher state to byte array block:
1185 */
1186 s0 =
1187 (Td4[(t0 >> 24) ] & 0xff000000) ^
1188 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1189 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1190 (Td4[(t1 ) & 0xff] & 0x000000ff) ^
1191 rk[0];
1192 PUTU32(pt , s0);
1193 s1 =
1194 (Td4[(t1 >> 24) ] & 0xff000000) ^
1195 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1196 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1197 (Td4[(t2 ) & 0xff] & 0x000000ff) ^
1198 rk[1];
1199 PUTU32(pt + 4, s1);
1200 s2 =
1201 (Td4[(t2 >> 24) ] & 0xff000000) ^
1202 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1203 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1204 (Td4[(t3 ) & 0xff] & 0x000000ff) ^
1205 rk[2];
1206 PUTU32(pt + 8, s2);
1207 s3 =
1208 (Td4[(t3 >> 24) ] & 0xff000000) ^
1209 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1210 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1211 (Td4[(t0 ) & 0xff] & 0x000000ff) ^
1212 rk[3];
1213 PUTU32(pt + 12, s3);
1214}
1215
1216#ifdef INTERMEDIATE_VALUE_KAT
1217
1218void rijndaelEncryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds) {
1219 int r;
1220 u32 s0, s1, s2, s3, t0, t1, t2, t3;
1221
1222 /*
1223 * map byte array block to cipher state
1224 * and add initial round key:
1225 */
1226 s0 = GETU32(block ) ^ rk[0];
1227 s1 = GETU32(block + 4) ^ rk[1];
1228 s2 = GETU32(block + 8) ^ rk[2];
1229 s3 = GETU32(block + 12) ^ rk[3];
1230 rk += 4;
1231
1232 /*
1233 * Nr - 1 full rounds:
1234 */
1235 for (r = (rounds < Nr ? rounds : Nr - 1); r > 0; r--) {
1236 t0 =
1237 Te0[(s0 >> 24) ] ^
1238 Te1[(s1 >> 16) & 0xff] ^
1239 Te2[(s2 >> 8) & 0xff] ^
1240 Te3[(s3 ) & 0xff] ^
1241 rk[0];
1242 t1 =
1243 Te0[(s1 >> 24) ] ^
1244 Te1[(s2 >> 16) & 0xff] ^
1245 Te2[(s3 >> 8) & 0xff] ^
1246 Te3[(s0 ) & 0xff] ^
1247 rk[1];
1248 t2 =
1249 Te0[(s2 >> 24) ] ^
1250 Te1[(s3 >> 16) & 0xff] ^
1251 Te2[(s0 >> 8) & 0xff] ^
1252 Te3[(s1 ) & 0xff] ^
1253 rk[2];
1254 t3 =
1255 Te0[(s3 >> 24) ] ^
1256 Te1[(s0 >> 16) & 0xff] ^
1257 Te2[(s1 >> 8) & 0xff] ^
1258 Te3[(s2 ) & 0xff] ^
1259 rk[3];
1260
1261 s0 = t0;
1262 s1 = t1;
1263 s2 = t2;
1264 s3 = t3;
1265 rk += 4;
1266
1267 }
1268
1269 /*
1270 * apply last round and
1271 * map cipher state to byte array block:
1272 */
1273 if (rounds == Nr) {
1274 t0 =
1275 (Te4[(s0 >> 24) ] & 0xff000000) ^
1276 (Te4[(s1 >> 16) & 0xff] & 0x00ff0000) ^
1277 (Te4[(s2 >> 8) & 0xff] & 0x0000ff00) ^
1278 (Te4[(s3 ) & 0xff] & 0x000000ff) ^
1279 rk[0];
1280 t1 =
1281 (Te4[(s1 >> 24) ] & 0xff000000) ^
1282 (Te4[(s2 >> 16) & 0xff] & 0x00ff0000) ^
1283 (Te4[(s3 >> 8) & 0xff] & 0x0000ff00) ^
1284 (Te4[(s0 ) & 0xff] & 0x000000ff) ^
1285 rk[1];
1286 t2 =
1287 (Te4[(s2 >> 24) ] & 0xff000000) ^
1288 (Te4[(s3 >> 16) & 0xff] & 0x00ff0000) ^
1289 (Te4[(s0 >> 8) & 0xff] & 0x0000ff00) ^
1290 (Te4[(s1 ) & 0xff] & 0x000000ff) ^
1291 rk[2];
1292 t3 =
1293 (Te4[(s3 >> 24) ] & 0xff000000) ^
1294 (Te4[(s0 >> 16) & 0xff] & 0x00ff0000) ^
1295 (Te4[(s1 >> 8) & 0xff] & 0x0000ff00) ^
1296 (Te4[(s2 ) & 0xff] & 0x000000ff) ^
1297 rk[3];
1298
1299 s0 = t0;
1300 s1 = t1;
1301 s2 = t2;
1302 s3 = t3;
1303 }
1304
1305 PUTU32(block , s0);
1306 PUTU32(block + 4, s1);
1307 PUTU32(block + 8, s2);
1308 PUTU32(block + 12, s3);
1309}
1310
1311void rijndaelDecryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds) {
1312 int r;
1313 u32 s0, s1, s2, s3, t0, t1, t2, t3;
1314
1315 /*
1316 * map byte array block to cipher state
1317 * and add initial round key:
1318 */
1319 s0 = GETU32(block ) ^ rk[0];
1320 s1 = GETU32(block + 4) ^ rk[1];
1321 s2 = GETU32(block + 8) ^ rk[2];
1322 s3 = GETU32(block + 12) ^ rk[3];
1323 rk += 4;
1324
1325 /*
1326 * Nr - 1 full rounds:
1327 */
1328 for (r = (rounds < Nr ? rounds : Nr) - 1; r > 0; r--) {
1329 t0 =
1330 Td0[(s0 >> 24) ] ^
1331 Td1[(s3 >> 16) & 0xff] ^
1332 Td2[(s2 >> 8) & 0xff] ^
1333 Td3[(s1 ) & 0xff] ^
1334 rk[0];
1335 t1 =
1336 Td0[(s1 >> 24) ] ^
1337 Td1[(s0 >> 16) & 0xff] ^
1338 Td2[(s3 >> 8) & 0xff] ^
1339 Td3[(s2 ) & 0xff] ^
1340 rk[1];
1341 t2 =
1342 Td0[(s2 >> 24) ] ^
1343 Td1[(s1 >> 16) & 0xff] ^
1344 Td2[(s0 >> 8) & 0xff] ^
1345 Td3[(s3 ) & 0xff] ^
1346 rk[2];
1347 t3 =
1348 Td0[(s3 >> 24) ] ^
1349 Td1[(s2 >> 16) & 0xff] ^
1350 Td2[(s1 >> 8) & 0xff] ^
1351 Td3[(s0 ) & 0xff] ^
1352 rk[3];
1353
1354 s0 = t0;
1355 s1 = t1;
1356 s2 = t2;
1357 s3 = t3;
1358 rk += 4;
1359
1360 }
1361
1362 /*
1363 * complete the last round and
1364 * map cipher state to byte array block:
1365 */
1366 t0 =
1367 (Td4[(s0 >> 24) ] & 0xff000000) ^
1368 (Td4[(s3 >> 16) & 0xff] & 0x00ff0000) ^
1369 (Td4[(s2 >> 8) & 0xff] & 0x0000ff00) ^
1370 (Td4[(s1 ) & 0xff] & 0x000000ff);
1371 t1 =
1372 (Td4[(s1 >> 24) ] & 0xff000000) ^
1373 (Td4[(s0 >> 16) & 0xff] & 0x00ff0000) ^
1374 (Td4[(s3 >> 8) & 0xff] & 0x0000ff00) ^
1375 (Td4[(s2 ) & 0xff] & 0x000000ff);
1376 t2 =
1377 (Td4[(s2 >> 24) ] & 0xff000000) ^
1378 (Td4[(s1 >> 16) & 0xff] & 0x00ff0000) ^
1379 (Td4[(s0 >> 8) & 0xff] & 0x0000ff00) ^
1380 (Td4[(s3 ) & 0xff] & 0x000000ff);
1381 t3 =
1382 (Td4[(s3 >> 24) ] & 0xff000000) ^
1383 (Td4[(s2 >> 16) & 0xff] & 0x00ff0000) ^
1384 (Td4[(s1 >> 8) & 0xff] & 0x0000ff00) ^
1385 (Td4[(s0 ) & 0xff] & 0x000000ff);
1386
1387 if (rounds == Nr) {
1388 t0 ^= rk[0];
1389 t1 ^= rk[1];
1390 t2 ^= rk[2];
1391 t3 ^= rk[3];
1392 }
1393
1394 PUTU32(block , t0);
1395 PUTU32(block + 4, t1);
1396 PUTU32(block + 8, t2);
1397 PUTU32(block + 12, t3);
1398}
1399
1400#endif /* INTERMEDIATE_VALUE_KAT */
diff --git a/src/lib/libssl/src/crypto/rijndael/rd_fst.h b/src/lib/libssl/src/crypto/rijndael/rd_fst.h
new file mode 100644
index 0000000000..fcace29478
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rijndael/rd_fst.h
@@ -0,0 +1,42 @@
1/**
2 * rijndael-alg-fst.h
3 *
4 * @version 3.0 (December 2000)
5 *
6 * Optimised ANSI C code for the Rijndael cipher (now AES)
7 *
8 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
9 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
10 * @author Paulo Barreto <paulo.barreto@terra.com.br>
11 *
12 * This code is hereby placed in the public domain.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
15 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
18 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
19 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
20 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
21 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
22 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
23 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
24 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26#ifndef __RIJNDAEL_ALG_FST_H
27#define __RIJNDAEL_ALG_FST_H
28
29#define MAXKC (256/32)
30#define MAXKB (256/8)
31#define MAXNR 14
32
33typedef unsigned char u8;
34typedef unsigned short u16;
35typedef unsigned int u32;
36
37int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits);
38int rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits);
39void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]);
40void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]);
41
42#endif /* __RIJNDAEL_ALG_FST_H */
diff --git a/src/lib/libssl/src/crypto/rijndael/rijndael.h b/src/lib/libssl/src/crypto/rijndael/rijndael.h
new file mode 100644
index 0000000000..72edcc2942
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rijndael/rijndael.h
@@ -0,0 +1,7 @@
1#include "openssl/rd_fst.h"
2
3typedef struct
4 {
5 u32 rd_key[4 *(MAXNR + 1)];
6 int rounds;
7 } RIJNDAEL_KEY;
diff --git a/src/lib/libssl/src/crypto/ripemd/Makefile.ssl b/src/lib/libssl/src/crypto/ripemd/Makefile.ssl
new file mode 100644
index 0000000000..a58662a69f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/Makefile.ssl
@@ -0,0 +1,110 @@
1#
2# SSLeay/crypto/ripemd/Makefile
3#
4
5DIR= ripemd
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20RIP_ASM_OBJ=
21
22CFLAGS= $(INCLUDES) $(CFLAG)
23
24GENERAL=Makefile
25TEST=rmdtest.c
26APPS=
27
28LIB=$(TOP)/libcrypto.a
29LIBSRC=rmd_dgst.c rmd_one.c
30LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
31
32SRC= $(LIBSRC)
33
34EXHEADER= ripemd.h
35HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49# elf
50asm/rm86-elf.o: asm/rm86unix.cpp
51 $(CPP) -DELF -x c asm/rm86unix.cpp | as -o asm/rm86-elf.o
52
53# solaris
54asm/rm86-sol.o: asm/rm86unix.cpp
55 $(CC) -E -DSOL asm/rm86unix.cpp | sed 's/^#.*//' > asm/rm86-sol.s
56 as -o asm/rm86-sol.o asm/rm86-sol.s
57 rm -f asm/rm86-sol.s
58
59# a.out
60asm/rm86-out.o: asm/rm86unix.cpp
61 $(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
62
63# bsdi
64asm/rm86bsdi.o: asm/rm86unix.cpp
65 $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o
66
67asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl
68 (cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp)
69
70files:
71 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
72
73links:
74 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
75 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
76 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
77 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
78
79install:
80 @for i in $(EXHEADER) ; \
81 do \
82 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
83 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
84 done;
85
86tags:
87 ctags $(SRC)
88
89tests:
90
91lint:
92 lint -DLINT $(INCLUDES) $(SRC)>fluff
93
94depend:
95 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
96
97dclean:
98 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
99 mv -f Makefile.new $(MAKEFILE)
100
101clean:
102 rm -f asm/rm86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
103
104# DO NOT DELETE THIS LINE -- make depend depends on it.
105
106rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
107rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h
108rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
109rmd_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
110rmd_one.o: ../../include/openssl/ripemd.h rmd_one.c
diff --git a/src/lib/libssl/src/crypto/rsa/Makefile.ssl b/src/lib/libssl/src/crypto/rsa/Makefile.ssl
new file mode 100644
index 0000000000..ddd138acd2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/Makefile.ssl
@@ -0,0 +1,219 @@
1#
2# SSLeay/crypto/rsa/Makefile
3#
4
5DIR= rsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=rsa_test.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
27 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
28 rsa_asn1.c
29LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
30 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
31 rsa_asn1.o
32
33SRC= $(LIBSRC)
34
35EXHEADER= rsa.h
36HEADER= $(EXHEADER)
37
38ALL= $(GENERAL) $(SRC) $(HEADER)
39
40top:
41 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
42
43all: lib
44
45lib: $(LIBOBJ)
46 $(AR) $(LIB) $(LIBOBJ)
47 $(RANLIB) $(LIB) || echo Never mind.
48 @touch lib
49
50files:
51 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
52
53links:
54 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
55 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
56 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
57 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
58
59install:
60 @for i in $(EXHEADER) ; \
61 do \
62 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
63 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
64 done;
65
66tags:
67 ctags $(SRC)
68
69tests:
70
71lint:
72 lint -DLINT $(INCLUDES) $(SRC)>fluff
73
74depend:
75 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
76
77dclean:
78 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
79 mv -f Makefile.new $(MAKEFILE)
80
81clean:
82 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
83
84# DO NOT DELETE THIS LINE -- make depend depends on it.
85
86rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
87rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
88rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
89rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
90rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
91rsa_asn1.o: ../../include/openssl/opensslconf.h
92rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
93rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
94rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
95rsa_asn1.o: ../cryptlib.h rsa_asn1.c
96rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
97rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
98rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
99rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
100rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
101rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
102rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
103rsa_chk.o: rsa_chk.c
104rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
105rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
106rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
108rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
109rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
110rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
111rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
112rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
113rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
114rsa_eay.o: ../../include/openssl/ui.h ../cryptlib.h rsa_eay.c
115rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
116rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
117rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
118rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
119rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
120rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
121rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
122rsa_err.o: rsa_err.c
123rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
124rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
125rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
126rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
127rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
128rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
129rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
130rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
131rsa_gen.o: ../cryptlib.h rsa_gen.c
132rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
133rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
134rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
135rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
136rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
137rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
138rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
139rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
140rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
141rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
142rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c
143rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
144rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
145rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
146rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
147rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
148rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
149rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
150rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
151rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
152rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
153rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
154rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
155rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
156rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
157rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
158rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
159rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
160rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
161rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
162rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
163rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
164rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
165rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
166rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
167rsa_oaep.o: ../../include/openssl/opensslconf.h
168rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
169rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
170rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
171rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
172rsa_oaep.o: ../cryptlib.h rsa_oaep.c
173rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
174rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
175rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
176rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
177rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
178rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
179rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
180rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
181rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
182rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
183rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
184rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
185rsa_saos.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
186rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
187rsa_saos.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
188rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
189rsa_saos.o: ../../include/openssl/opensslconf.h
190rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
191rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
192rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
193rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
194rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
195rsa_saos.o: ../cryptlib.h rsa_saos.c
196rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
197rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
198rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
199rsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
200rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
201rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
202rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
203rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
204rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
205rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
206rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
207rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
208rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
209rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
210rsa_sign.o: ../cryptlib.h rsa_sign.c
211rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
212rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
213rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
214rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
215rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
216rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
217rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
218rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
219rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
diff --git a/src/lib/libssl/src/crypto/sha/Makefile.ssl b/src/lib/libssl/src/crypto/sha/Makefile.ssl
new file mode 100644
index 0000000000..482ff192b1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/Makefile.ssl
@@ -0,0 +1,115 @@
1#
2# SSLeay/crypto/sha/Makefile
3#
4
5DIR= sha
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20SHA1_ASM_OBJ=
21
22CFLAGS= $(INCLUDES) $(CFLAG)
23
24GENERAL=Makefile
25TEST=shatest.c sha1test.c
26APPS=
27
28LIB=$(TOP)/libcrypto.a
29LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
30LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ)
31
32SRC= $(LIBSRC)
33
34EXHEADER= sha.h
35HEADER= sha_locl.h $(EXHEADER)
36
37ALL= $(GENERAL) $(SRC) $(HEADER)
38
39top:
40 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
41
42all: lib
43
44lib: $(LIBOBJ)
45 $(AR) $(LIB) $(LIBOBJ)
46 $(RANLIB) $(LIB) || echo Never mind.
47 @touch lib
48
49# elf
50asm/sx86-elf.o: asm/sx86unix.cpp
51 $(CPP) -DELF -x c asm/sx86unix.cpp | as -o asm/sx86-elf.o
52
53# solaris
54asm/sx86-sol.o: asm/sx86unix.cpp
55 $(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s
56 as -o asm/sx86-sol.o asm/sx86-sol.s
57 rm -f asm/sx86-sol.s
58
59# a.out
60asm/sx86-out.o: asm/sx86unix.cpp
61 $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
62
63# bsdi
64asm/sx86bsdi.o: asm/sx86unix.cpp
65 $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o
66
67asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl
68 (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp)
69
70files:
71 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
72
73links:
74 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
75 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
76 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
77 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
78
79install:
80 @for i in $(EXHEADER) ; \
81 do \
82 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
83 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
84 done;
85
86tags:
87 ctags $(SRC)
88
89tests:
90
91lint:
92 lint -DLINT $(INCLUDES) $(SRC)>fluff
93
94depend:
95 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
96
97dclean:
98 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
99 mv -f Makefile.new $(MAKEFILE)
100
101clean:
102 rm -f asm/sx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
103
104# DO NOT DELETE THIS LINE -- make depend depends on it.
105
106sha1_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
107sha1_one.o: ../../include/openssl/sha.h sha1_one.c
108sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
109sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
110sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
111sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
112sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
113sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
114sha_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
115sha_one.o: ../../include/openssl/sha.h sha_one.c
diff --git a/src/lib/libssl/src/crypto/stack/Makefile.ssl b/src/lib/libssl/src/crypto/stack/Makefile.ssl
new file mode 100644
index 0000000000..e04066dcd6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/stack/Makefile.ssl
@@ -0,0 +1,88 @@
1#
2# SSLeay/crypto/stack/Makefile
3#
4
5DIR= stack
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=stack.c
27LIBOBJ=stack.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= stack.h safestack.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82stack.o: ../../e_os.h ../../include/openssl/bio.h
83stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
84stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
86stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
87stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
88stack.o: ../cryptlib.h stack.c
diff --git a/src/lib/libssl/src/crypto/threads/mttest.c b/src/lib/libssl/src/crypto/threads/mttest.c
index 7142e4edc7..c474a63c74 100644
--- a/src/lib/libssl/src/crypto/threads/mttest.c
+++ b/src/lib/libssl/src/crypto/threads/mttest.c
@@ -248,7 +248,8 @@ bad:
248 goto end; 248 goto end;
249 } 249 }
250 250
251 if (cipher == NULL) cipher=getenv("SSL_CIPHER"); 251 if (cipher == NULL && issetugid() == 0)
252 cipher=getenv("SSL_CIPHER");
252 253
253 SSL_load_error_strings(); 254 SSL_load_error_strings();
254 OpenSSL_add_ssl_algorithms(); 255 OpenSSL_add_ssl_algorithms();
diff --git a/src/lib/libssl/src/crypto/txt_db/Makefile.ssl b/src/lib/libssl/src/crypto/txt_db/Makefile.ssl
new file mode 100644
index 0000000000..8e697fc863
--- /dev/null
+++ b/src/lib/libssl/src/crypto/txt_db/Makefile.ssl
@@ -0,0 +1,88 @@
1#
2# SSLeay/crypto/txt_db/Makefile
3#
4
5DIR= txt_db
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC=txt_db.c
27LIBOBJ=txt_db.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= txt_db.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82txt_db.o: ../../e_os.h ../../include/openssl/bio.h
83txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
84txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
86txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
87txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
88txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h txt_db.c
diff --git a/src/lib/libssl/src/crypto/ui/Makefile.ssl b/src/lib/libssl/src/crypto/ui/Makefile.ssl
new file mode 100644
index 0000000000..7de1d0022b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ui/Makefile.ssl
@@ -0,0 +1,117 @@
1#
2# OpenSSL/crypto/ui/Makefile
3#
4
5DIR= ui
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22#TEST= uitest.c
23TEST=
24APPS=
25
26COMPATSRC= ui_compat.c
27COMPATOBJ= ui_compat.o
28
29LIB=$(TOP)/libcrypto.a
30LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
31LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
32
33SRC= $(LIBSRC)
34
35EXHEADER= ui.h ui_compat.h
36HEADER= $(EXHEADER) ui_locl.h
37
38ALL= $(GENERAL) $(SRC) $(HEADER)
39
40top:
41 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
42
43all: lib
44
45lib: $(LIBOBJ)
46 $(AR) $(LIB) $(LIBOBJ)
47 $(RANLIB) $(LIB)
48 @touch lib
49
50files:
51 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
52
53links:
54 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
55 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
56 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
57 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
58
59install:
60 @for i in $(EXHEADER) ; \
61 do \
62 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
63 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
64 done;
65
66tags:
67 ctags $(SRC)
68
69tests:
70
71lint:
72 lint -DLINT $(INCLUDES) $(SRC)>fluff
73
74depend:
75 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
76
77dclean:
78 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
79 mv -f Makefile.new $(MAKEFILE)
80
81clean:
82 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
83
84# DO NOT DELETE THIS LINE -- make depend depends on it.
85
86ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
87ui_compat.o: ../../include/openssl/opensslconf.h
88ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
89ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
90ui_compat.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
91ui_compat.o: ui_compat.c
92ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
93ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
94ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
95ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
96ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
97ui_err.o: ../../include/openssl/ui.h ui_err.c
98ui_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
99ui_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
100ui_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
101ui_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
102ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
103ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_lib.c
104ui_lib.o: ui_locl.h
105ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
106ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
108ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
109ui_openssl.o: ../../include/openssl/opensslv.h
110ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
111ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
112ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c
113ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
114ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
115ui_util.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
116ui_util.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
117ui_util.o: ui_util.c
diff --git a/src/lib/libssl/src/crypto/ui/ui_openssl.c b/src/lib/libssl/src/crypto/ui/ui_openssl.c
index 4e12165410..821dd29eaa 100644
--- a/src/lib/libssl/src/crypto/ui/ui_openssl.c
+++ b/src/lib/libssl/src/crypto/ui/ui_openssl.c
@@ -378,7 +378,7 @@ static void read_till_nl(FILE *in)
378 } while (strchr(buf,'\n') == NULL); 378 } while (strchr(buf,'\n') == NULL);
379 } 379 }
380 380
381static sig_atomic_t intr_signal; 381static volatile sig_atomic_t intr_signal;
382 382
383static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) 383static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
384 { 384 {
diff --git a/src/lib/libssl/src/crypto/x509/Makefile.ssl b/src/lib/libssl/src/crypto/x509/Makefile.ssl
new file mode 100644
index 0000000000..2df6ddcd34
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/Makefile.ssl
@@ -0,0 +1,410 @@
1#
2# SSLeay/crypto/x509/Makefile
3#
4
5DIR= x509
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
27 x509_obj.c x509_req.c x509spki.c x509_vfy.c \
28 x509_set.c x509cset.c x509rset.c x509_err.c \
29 x509name.c x509_v3.c x509_ext.c x509_att.c \
30 x509type.c x509_lu.c x_all.c x509_txt.c \
31 x509_trs.c by_file.c by_dir.c
32LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
33 x509_obj.o x509_req.o x509spki.o x509_vfy.o \
34 x509_set.o x509cset.o x509rset.o x509_err.o \
35 x509name.o x509_v3.o x509_ext.o x509_att.o \
36 x509type.o x509_lu.o x_all.o x509_txt.o \
37 x509_trs.o by_file.o by_dir.o
38
39SRC= $(LIBSRC)
40
41EXHEADER= x509.h x509_vfy.h
42HEADER= $(EXHEADER)
43
44ALL= $(GENERAL) $(SRC) $(HEADER)
45
46top:
47 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
48
49all: lib
50
51lib: $(LIBOBJ)
52 $(AR) $(LIB) $(LIBOBJ)
53 $(RANLIB) $(LIB) || echo Never mind.
54 @touch lib
55
56files:
57 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
58
59links:
60 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
61 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
62 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
63 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
64
65install:
66 @for i in $(EXHEADER) ; \
67 do \
68 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
69 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
70 done;
71
72tags:
73 ctags $(SRC)
74
75tests:
76
77lint:
78 lint -DLINT $(INCLUDES) $(SRC)>fluff
79
80depend:
81 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
82
83dclean:
84 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
85 mv -f Makefile.new $(MAKEFILE)
86
87clean:
88 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
89
90# DO NOT DELETE THIS LINE -- make depend depends on it.
91
92by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
93by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
94by_dir.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
95by_dir.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
96by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h
97by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
98by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
99by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
100by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
101by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
102by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
103by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
104by_dir.o: ../cryptlib.h by_dir.c
105by_file.o: ../../e_os.h ../../include/openssl/asn1.h
106by_file.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
107by_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
108by_file.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
109by_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
110by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
111by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
112by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
113by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
114by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
115by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
116by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
117by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
118by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
119x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
120x509_att.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
121x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
122x509_att.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
123x509_att.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
124x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
125x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
126x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
127x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
128x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
129x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
130x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
131x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
132x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c
133x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h
134x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
135x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
136x509_cmp.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
137x509_cmp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
138x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
139x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
140x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
141x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
142x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
143x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
144x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
145x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
146x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c
147x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h
148x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
149x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
150x509_d2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
151x509_d2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
152x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
153x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
154x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
155x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
156x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
157x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
158x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
159x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
160x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
161x509_def.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
162x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
163x509_def.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
164x509_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
165x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
166x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
167x509_def.o: ../../include/openssl/opensslconf.h
168x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
169x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
170x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
171x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
172x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
173x509_def.o: ../cryptlib.h x509_def.c
174x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
175x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
176x509_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
177x509_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
178x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
179x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
180x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
181x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
182x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
183x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
184x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
185x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
186x509_err.o: x509_err.c
187x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h
188x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
189x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
190x509_ext.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
191x509_ext.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
192x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
193x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
194x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
195x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
196x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
197x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
198x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
199x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
200x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c
201x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h
202x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
203x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
204x509_lu.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
205x509_lu.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
206x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
207x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
208x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
209x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
210x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
211x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
212x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
213x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
214x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
215x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
216x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
217x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
218x509_obj.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
219x509_obj.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
220x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
221x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
222x509_obj.o: ../../include/openssl/opensslconf.h
223x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
224x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
225x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
226x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
227x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
228x509_obj.o: ../cryptlib.h x509_obj.c
229x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h
230x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
231x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
232x509_r2x.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
233x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
234x509_r2x.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
235x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
236x509_r2x.o: ../../include/openssl/opensslconf.h
237x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
238x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
239x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
240x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
241x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
242x509_r2x.o: ../cryptlib.h x509_r2x.c
243x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
244x509_req.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
245x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
246x509_req.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
247x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
248x509_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
249x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
250x509_req.o: ../../include/openssl/opensslconf.h
251x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
252x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
253x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
254x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
255x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
256x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
257x509_req.o: ../cryptlib.h x509_req.c
258x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
259x509_set.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
260x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
261x509_set.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
262x509_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
263x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
264x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
265x509_set.o: ../../include/openssl/opensslconf.h
266x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
267x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
268x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
269x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
270x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
271x509_set.o: ../cryptlib.h x509_set.c
272x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h
273x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
274x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
275x509_trs.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
276x509_trs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
277x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
278x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
279x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
280x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
281x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
282x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
283x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
284x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
285x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c
286x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
287x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
288x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
289x509_txt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
290x509_txt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
291x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
292x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
293x509_txt.o: ../../include/openssl/opensslconf.h
294x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
295x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
296x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
297x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
298x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
299x509_txt.o: ../cryptlib.h x509_txt.c
300x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h
301x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
302x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
303x509_v3.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
304x509_v3.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
305x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
306x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
307x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
308x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
309x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
310x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
311x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
312x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
313x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
314x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
315x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
316x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
317x509_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
318x509_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
319x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
320x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
321x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
322x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
323x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
324x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
325x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
326x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
327x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c
328x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
329x509cset.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
330x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
331x509cset.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
332x509cset.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
333x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
334x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
335x509cset.o: ../../include/openssl/opensslconf.h
336x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
337x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
338x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
339x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
340x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
341x509cset.o: ../cryptlib.h x509cset.c
342x509name.o: ../../e_os.h ../../include/openssl/asn1.h
343x509name.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
344x509name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
345x509name.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
346x509name.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
347x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
348x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
349x509name.o: ../../include/openssl/opensslconf.h
350x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
351x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
352x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
353x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
354x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
355x509name.o: ../cryptlib.h x509name.c
356x509rset.o: ../../e_os.h ../../include/openssl/asn1.h
357x509rset.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
358x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
359x509rset.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
360x509rset.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
361x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
362x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
363x509rset.o: ../../include/openssl/opensslconf.h
364x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
365x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
366x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
367x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
368x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
369x509rset.o: ../cryptlib.h x509rset.c
370x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
371x509spki.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
372x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
373x509spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
374x509spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
375x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
376x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
377x509spki.o: ../../include/openssl/opensslconf.h
378x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
379x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
380x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
381x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
382x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
383x509spki.o: ../cryptlib.h x509spki.c
384x509type.o: ../../e_os.h ../../include/openssl/asn1.h
385x509type.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
386x509type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
387x509type.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
388x509type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
389x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
390x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
391x509type.o: ../../include/openssl/opensslconf.h
392x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
393x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
394x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
395x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
396x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
397x509type.o: ../cryptlib.h x509type.c
398x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
399x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
400x_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
401x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
402x_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
403x_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
404x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
405x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
406x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
407x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
408x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
409x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
410x_all.o: ../cryptlib.h x_all.c
diff --git a/src/lib/libssl/src/crypto/x509v3/Makefile.ssl b/src/lib/libssl/src/crypto/x509v3/Makefile.ssl
new file mode 100644
index 0000000000..40fe46f983
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509v3/Makefile.ssl
@@ -0,0 +1,420 @@
1#
2# SSLeay/crypto/x509v3/Makefile
3#
4
5DIR= x509v3
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
27v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
28v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
29v3_ocsp.c v3_akeya.c
30LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
31v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
32v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
33v3_ocsp.o v3_akeya.o
34
35SRC= $(LIBSRC)
36
37EXHEADER= x509v3.h
38HEADER= $(EXHEADER)
39
40ALL= $(GENERAL) $(SRC) $(HEADER)
41
42top:
43 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
44
45all: lib
46
47lib: $(LIBOBJ)
48 $(AR) $(LIB) $(LIBOBJ)
49 $(RANLIB) $(LIB) || echo Never mind.
50 @touch lib
51
52files:
53 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
54
55links:
56 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
57 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
58 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
59 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
60
61install:
62 @for i in $(EXHEADER) ; \
63 do \
64 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
65 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
66 done;
67
68tags:
69 ctags $(SRC)
70
71tests:
72
73lint:
74 lint -DLINT $(INCLUDES) $(SRC)>fluff
75
76depend:
77 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
78
79dclean:
80 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
81 mv -f Makefile.new $(MAKEFILE)
82
83clean:
84 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
85
86# DO NOT DELETE THIS LINE -- make depend depends on it.
87
88v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h
89v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
90v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
91v3_akey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
92v3_akey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
93v3_akey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
94v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
95v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
96v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
97v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
98v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
99v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
100v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
101v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
102v3_akey.o: ../cryptlib.h v3_akey.c
103v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h
104v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
105v3_akeya.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
106v3_akeya.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
107v3_akeya.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
108v3_akeya.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
109v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
110v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
111v3_akeya.o: ../../include/openssl/opensslconf.h
112v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
113v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
114v3_akeya.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
115v3_akeya.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
116v3_akeya.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
117v3_akeya.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akeya.c
118v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
119v3_alt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
120v3_alt.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
121v3_alt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
122v3_alt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
123v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
124v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
125v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
126v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
127v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
128v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
129v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
130v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
131v3_alt.o: ../cryptlib.h v3_alt.c
132v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h
133v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
134v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
135v3_bcons.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
136v3_bcons.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
137v3_bcons.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
138v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
139v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
140v3_bcons.o: ../../include/openssl/opensslconf.h
141v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
142v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
143v3_bcons.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
144v3_bcons.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
145v3_bcons.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
146v3_bcons.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.c
147v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
148v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
149v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
150v3_bitst.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
151v3_bitst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
152v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
153v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
154v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
155v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
156v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
157v3_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
158v3_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
159v3_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
160v3_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bitst.c
161v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h
162v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
163v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
164v3_conf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
165v3_conf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
166v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
167v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
168v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
169v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
170v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
171v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
172v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
173v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
174v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
175v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h
176v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
177v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
178v3_cpols.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
179v3_cpols.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
180v3_cpols.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
181v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
182v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
183v3_cpols.o: ../../include/openssl/opensslconf.h
184v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
185v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
186v3_cpols.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
187v3_cpols.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
188v3_cpols.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
189v3_cpols.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.c
190v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h
191v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
192v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
193v3_crld.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
194v3_crld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
195v3_crld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
196v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
197v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
198v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
199v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
200v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
201v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
202v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
203v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
204v3_crld.o: ../cryptlib.h v3_crld.c
205v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h
206v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
207v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
208v3_enum.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
209v3_enum.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
210v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h
211v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
212v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
213v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
214v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
215v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
216v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
217v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
218v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
219v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h
220v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
221v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
222v3_extku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
223v3_extku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
224v3_extku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
225v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
226v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
227v3_extku.o: ../../include/openssl/opensslconf.h
228v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
229v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
230v3_extku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
231v3_extku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
232v3_extku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
233v3_extku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.c
234v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h
235v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
236v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
237v3_genn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
238v3_genn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
239v3_genn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
240v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
241v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
242v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
243v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
244v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
245v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
246v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
247v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
248v3_genn.o: ../cryptlib.h v3_genn.c
249v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
250v3_ia5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
251v3_ia5.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
252v3_ia5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
253v3_ia5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
254v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
255v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
256v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
257v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
258v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
259v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
260v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
261v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
262v3_ia5.o: ../cryptlib.h v3_ia5.c
263v3_info.o: ../../e_os.h ../../include/openssl/asn1.h
264v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
265v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
266v3_info.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
267v3_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
268v3_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
269v3_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
270v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
271v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
272v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
273v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
274v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
275v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
276v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
277v3_info.o: ../cryptlib.h v3_info.c
278v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
279v3_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
280v3_int.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
281v3_int.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
282v3_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
283v3_int.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
284v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
285v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
286v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
287v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
288v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
289v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
290v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
291v3_int.o: ../cryptlib.h v3_int.c
292v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
293v3_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
294v3_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
295v3_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
296v3_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
297v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
298v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
299v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
300v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
301v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
302v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
303v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
304v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
305v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
306v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h
307v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
308v3_ocsp.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
309v3_ocsp.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
310v3_ocsp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
311v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
312v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
313v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
314v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
315v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
316v3_ocsp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
317v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
318v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
319v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
320v3_ocsp.o: ../cryptlib.h v3_ocsp.c
321v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h
322v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
323v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
324v3_pku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
325v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
326v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
327v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
328v3_pku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
329v3_pku.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
330v3_pku.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
331v3_pku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
332v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
333v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
334v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
335v3_pku.o: ../cryptlib.h v3_pku.c
336v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
337v3_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
338v3_prn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
339v3_prn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
340v3_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
341v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
342v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
343v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
344v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
345v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
346v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
347v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
348v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
349v3_prn.o: ../cryptlib.h v3_prn.c
350v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
351v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
352v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
353v3_purp.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
354v3_purp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
355v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
356v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
357v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
358v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
359v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
360v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
361v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
362v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
363v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
364v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h
365v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
366v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
367v3_skey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
368v3_skey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
369v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
370v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
371v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
372v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
373v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
374v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
375v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
376v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
377v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
378v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
379v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
380v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
381v3_sxnet.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
382v3_sxnet.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
383v3_sxnet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
384v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
385v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
386v3_sxnet.o: ../../include/openssl/opensslconf.h
387v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
388v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
389v3_sxnet.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
390v3_sxnet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
391v3_sxnet.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
392v3_sxnet.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.c
393v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
394v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
395v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
396v3_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
397v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
398v3_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
399v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
400v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
401v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
402v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
403v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
404v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
405v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
406v3_utl.o: ../cryptlib.h v3_utl.c
407v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
408v3err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
409v3err.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
410v3err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
411v3err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
412v3err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
413v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
414v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
415v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
416v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
417v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
418v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
419v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
420v3err.o: v3err.c
diff --git a/src/lib/libssl/src/demos/easy_tls/Makefile b/src/lib/libssl/src/demos/easy_tls/Makefile
index 31a54eaf27..fd3c246ef4 100644
--- a/src/lib/libssl/src/demos/easy_tls/Makefile
+++ b/src/lib/libssl/src/demos/easy_tls/Makefile
@@ -1,5 +1,5 @@
1# Makefile for easy-tls example application (rudimentary client and server) 1# Makefile for easy-tls example application (rudimentary client and server)
2# $Id: Makefile,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ 2# $Id: Makefile,v 1.1 2002/05/15 02:29:18 beck Exp $
3 3
4SOLARIS_CFLAGS=-Wall -pedantic -g -O2 4SOLARIS_CFLAGS=-Wall -pedantic -g -O2
5SOLARIS_LIBS=-lxnet 5SOLARIS_LIBS=-lxnet
diff --git a/src/lib/libssl/src/demos/easy_tls/cacerts.pem b/src/lib/libssl/src/demos/easy_tls/cacerts.pem
index 18ab66b57c..0b1c91f95e 100644
--- a/src/lib/libssl/src/demos/easy_tls/cacerts.pem
+++ b/src/lib/libssl/src/demos/easy_tls/cacerts.pem
@@ -1,4 +1,4 @@
1$Id: cacerts.pem,v 1.1.1.1 2002/09/05 12:51:05 markus Exp $ 1$Id: cacerts.pem,v 1.1 2002/05/15 02:29:18 beck Exp $
2 2
3issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) 3issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
4subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) 4subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
diff --git a/src/lib/libssl/src/demos/easy_tls/cert.pem b/src/lib/libssl/src/demos/easy_tls/cert.pem
index c984d023b7..d4d19d9ad1 100644
--- a/src/lib/libssl/src/demos/easy_tls/cert.pem
+++ b/src/lib/libssl/src/demos/easy_tls/cert.pem
@@ -1,4 +1,4 @@
1$Id: cert.pem,v 1.1.1.1 2002/09/05 12:51:05 markus Exp $ 1$Id: cert.pem,v 1.1 2002/05/15 02:29:18 beck Exp $
2 2
3Example certificate and key. 3Example certificate and key.
4 4
diff --git a/src/lib/libssl/src/demos/easy_tls/easy-tls.c b/src/lib/libssl/src/demos/easy_tls/easy-tls.c
index 66fac1f1e6..9fa0ef9a6b 100644
--- a/src/lib/libssl/src/demos/easy_tls/easy-tls.c
+++ b/src/lib/libssl/src/demos/easy_tls/easy-tls.c
@@ -1,7 +1,7 @@
1/* -*- Mode: C; c-file-style: "bsd" -*- */ 1/* -*- Mode: C; c-file-style: "bsd" -*- */
2/* 2/*
3 * easy-tls.c -- generic TLS proxy. 3 * easy-tls.c -- generic TLS proxy.
4 * $Id: easy-tls.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ 4 * $Id: easy-tls.c,v 1.1 2002/05/15 02:29:18 beck Exp $
5 */ 5 */
6/* 6/*
7 (c) Copyright 1999 Bodo Moeller. All rights reserved. 7 (c) Copyright 1999 Bodo Moeller. All rights reserved.
@@ -73,7 +73,7 @@
73 */ 73 */
74 74
75static char const rcsid[] = 75static char const rcsid[] =
76"$Id: easy-tls.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $"; 76"$Id: easy-tls.c,v 1.1 2002/05/15 02:29:18 beck Exp $";
77 77
78#include <assert.h> 78#include <assert.h>
79#include <errno.h> 79#include <errno.h>
@@ -567,13 +567,8 @@ no_passphrase_callback(char *buf, int num, int w, void *arg)
567 return -1; 567 return -1;
568} 568}
569 569
570#if OPENSSL_VERSION_NUMBER >= 0x00907000L
571static int 570static int
572verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg) 571verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg)
573#else
574static int
575verify_dont_fail_cb(X509_STORE_CTX *c)
576#endif
577{ 572{
578 int i; 573 int i;
579 574
diff --git a/src/lib/libssl/src/demos/easy_tls/easy-tls.h b/src/lib/libssl/src/demos/easy_tls/easy-tls.h
index c1a6448116..0cfbd8fe7b 100644
--- a/src/lib/libssl/src/demos/easy_tls/easy-tls.h
+++ b/src/lib/libssl/src/demos/easy_tls/easy-tls.h
@@ -1,7 +1,7 @@
1/* -*- Mode: C; c-file-style: "bsd" -*- */ 1/* -*- Mode: C; c-file-style: "bsd" -*- */
2/* 2/*
3 * easy-tls.h -- generic TLS proxy. 3 * easy-tls.h -- generic TLS proxy.
4 * $Id: easy-tls.h,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ 4 * $Id: easy-tls.h,v 1.1 2002/05/15 02:29:18 beck Exp $
5 */ 5 */
6/* 6/*
7 * (c) Copyright 1999 Bodo Moeller. All rights reserved. 7 * (c) Copyright 1999 Bodo Moeller. All rights reserved.
diff --git a/src/lib/libssl/src/demos/easy_tls/test.c b/src/lib/libssl/src/demos/easy_tls/test.c
index e7ccd26d30..4ce676ca93 100644
--- a/src/lib/libssl/src/demos/easy_tls/test.c
+++ b/src/lib/libssl/src/demos/easy_tls/test.c
@@ -1,5 +1,5 @@
1/* test.c */ 1/* test.c */
2/* $Id: test.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ */ 2/* $Id: test.c,v 1.1 2002/05/15 02:29:18 beck Exp $ */
3 3
4#define L_PORT 9999 4#define L_PORT 9999
5#define C_PORT 443 5#define C_PORT 443
diff --git a/src/lib/libssl/src/demos/easy_tls/test.h b/src/lib/libssl/src/demos/easy_tls/test.h
index 1af31dc456..c580169464 100644
--- a/src/lib/libssl/src/demos/easy_tls/test.h
+++ b/src/lib/libssl/src/demos/easy_tls/test.h
@@ -1,5 +1,5 @@
1/* test.h */ 1/* test.h */
2/* $Id: test.h,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ */ 2/* $Id: test.h,v 1.1 2002/05/15 02:29:18 beck Exp $ */
3 3
4 4
5void test_process_init(int fd, int client_p, void *apparg); 5void test_process_init(int fd, int client_p, void *apparg);
diff --git a/src/lib/libssl/src/doc/crypto/BIO_new_bio_pair.pod b/src/lib/libssl/src/doc/crypto/BIO_new_bio_pair.pod
new file mode 100644
index 0000000000..1a8dbc577b
--- /dev/null
+++ b/src/lib/libssl/src/doc/crypto/BIO_new_bio_pair.pod
@@ -0,0 +1,103 @@
1=pod
2
3=head1 NAME
4
5BIO_new_bio_pair - create a new BIO pair
6
7=head1 SYNOPSIS
8
9 #include <openssl/bio.h>
10
11 int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
12
13=head1 DESCRIPTION
14
15BIO_new_bio_pair() creates a buffering BIO pair based on the
16L<SSL_set_bio(3)|SSL_set_bio(3)> method. The BIO pair has two endpoints between which
17data can be buffered. Its typical use is to connect one endpoint as underlying
18input/output BIO to an SSL and access the other one controlled by the program
19instead of accessing the network connection directly.
20
21The two new BIOs B<bio1> and B<bio2> are symmetric with respect to their
22functionality. The size of their buffers is determined by B<writebuf1> and
23B<writebuf2>. If the size give is 0, the default size is used.
24
25BIO_new_bio_pair() does not check whether B<bio1> or B<bio2> do point to
26some other BIO, the values are overwritten, BIO_free() is not called.
27
28The two BIOs, even though forming a BIO pair and must be BIO_free()'ed
29separately. This can be of importance, as some SSL-functions like SSL_set_bio()
30or SSL_free() call BIO_free() implicitly, so that the peer-BIO is left
31untouched and must also be BIO_free()'ed.
32
33=head1 EXAMPLE
34
35The BIO pair can be used to have full control over the network access of an
36application. The application can call select() on the socket as required
37without having to go through the SSL-interface.
38
39 BIO *internal_bio, *network_bio;
40 ...
41 BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
42 SSL_set_bio(ssl, internal_bio, internal_bio);
43 SSL_operations();
44 ...
45
46 application | TLS-engine
47 | |
48 +----------> SSL_operations()
49 | /\ ||
50 | || \/
51 | BIO-pair (internal_bio)
52 +----------< BIO-pair (network_bio)
53 | |
54 socket |
55
56 ...
57 SSL_free(ssl); /* implicitly frees internal_bio */
58 BIO_free(network_bio);
59 ...
60
61As the BIO pair will only buffer the data and never directly access the
62connection, it behaves non-blocking and will return as soon as the write
63buffer is full or the read buffer is drained. Then the application has to
64flush the write buffer and/or fill the read buffer.
65
66Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO
67and must be transfered to the network. Use BIO_ctrl_get_read_request() to
68find out, how many bytes must be written into the buffer before the
69SSL_operation() can successfully be continued.
70
71=head1 WARNING
72
73As the data is buffered, SSL_operation() may return with a ERROR_SSL_WANT_READ
74condition, but there is still data in the write buffer. An application must
75not rely on the error value of SSL_operation() but must assure that the
76write buffer is always flushed first. Otherwise a deadlock may occur as
77the peer might be waiting for the data before being able to continue.
78
79=head1 RETURN VALUES
80
81The following return values can occur:
82
83=over 4
84
85=item 1
86
87The BIO pair was created successfully. The new BIOs are available in
88B<bio1> and B<bio2>.
89
90=item 0
91
92The operation failed. The NULL pointer is stored into the locations for
93B<bio1> and B<bio2>. Check the error stack for more information.
94
95=back
96
97=head1 SEE ALSO
98
99L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
100L<BIO_ctrl_pending(3)|BIO_ctrl_pending(3)>,
101L<BIO_ctrl_get_read_request(3)|BIO_ctrl_get_read_request(3)>
102
103=cut
diff --git a/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod b/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod
index c94d8c610d..ad8d07db89 100644
--- a/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod
@@ -42,7 +42,7 @@ BN_CTX_init() and BN_CTX_free() have no return values.
42 42
43=head1 SEE ALSO 43=head1 SEE ALSO
44 44
45L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)>, 45L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
46L<BN_CTX_start(3)|BN_CTX_start(3)> 46L<BN_CTX_start(3)|BN_CTX_start(3)>
47 47
48=head1 HISTORY 48=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/BN_add.pod b/src/lib/libssl/src/doc/crypto/BN_add.pod
index a99fe33808..88c7a799ee 100644
--- a/src/lib/libssl/src/doc/crypto/BN_add.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_add.pod
@@ -111,7 +111,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
111 111
112=head1 SEE ALSO 112=head1 SEE ALSO
113 113
114L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>, 114L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
115L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)> 115L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)>
116 116
117=head1 HISTORY 117=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/BN_add_word.pod b/src/lib/libssl/src/doc/crypto/BN_add_word.pod
index 66bedfb924..94244adea4 100644
--- a/src/lib/libssl/src/doc/crypto/BN_add_word.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_add_word.pod
@@ -46,7 +46,7 @@ BN_mod_word() and BN_div_word() return B<a>%B<w>.
46 46
47=head1 SEE ALSO 47=head1 SEE ALSO
48 48
49L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)> 49L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
50 50
51=head1 HISTORY 51=head1 HISTORY
52 52
diff --git a/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod b/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod
index b62d1af0ff..a4b17ca60a 100644
--- a/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod
@@ -80,7 +80,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
80 80
81=head1 SEE ALSO 81=head1 SEE ALSO
82 82
83L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_zero(3)|BN_zero(3)>, 83L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_zero(3)|BN_zero(3)>,
84L<ASN1_INTEGER_to_BN(3)|ASN1_INTEGER_to_BN(3)>, 84L<ASN1_INTEGER_to_BN(3)|ASN1_INTEGER_to_BN(3)>,
85L<BN_num_bytes(3)|BN_num_bytes(3)> 85L<BN_num_bytes(3)|BN_num_bytes(3)>
86 86
diff --git a/src/lib/libssl/src/doc/crypto/BN_copy.pod b/src/lib/libssl/src/doc/crypto/BN_copy.pod
index 8ad25e7834..388dd7df26 100644
--- a/src/lib/libssl/src/doc/crypto/BN_copy.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_copy.pod
@@ -25,7 +25,7 @@ by L<ERR_get_error(3)|ERR_get_error(3)>.
25 25
26=head1 SEE ALSO 26=head1 SEE ALSO
27 27
28L<bn(3)|bn(3)>, L<err(3)|err(3)> 28L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
29 29
30=head1 HISTORY 30=head1 HISTORY
31 31
diff --git a/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod b/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod
index 638f6514ee..6ea23791d1 100644
--- a/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod
@@ -90,7 +90,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
90 90
91=head1 SEE ALSO 91=head1 SEE ALSO
92 92
93L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)> 93L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
94 94
95=head1 HISTORY 95=head1 HISTORY
96 96
diff --git a/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod b/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod
index 49e62daf9f..3ea3975c74 100644
--- a/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod
@@ -27,7 +27,7 @@ NULL on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_err
27 27
28=head1 SEE ALSO 28=head1 SEE ALSO
29 29
30L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)> 30L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
31 31
32=head1 HISTORY 32=head1 HISTORY
33 33
diff --git a/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod b/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod
index ed4af7a214..6b16351b92 100644
--- a/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod
@@ -87,7 +87,7 @@ outside the expected range.
87 87
88=head1 SEE ALSO 88=head1 SEE ALSO
89 89
90L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)>, 90L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
91L<BN_CTX_new(3)|BN_CTX_new(3)> 91L<BN_CTX_new(3)|BN_CTX_new(3)>
92 92
93=head1 HISTORY 93=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod b/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod
index a28925f8a9..74a216ddc2 100644
--- a/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod
@@ -69,7 +69,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
69 69
70=head1 SEE ALSO 70=head1 SEE ALSO
71 71
72L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<BN_add(3)|BN_add(3)>, 72L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
73L<BN_CTX_new(3)|BN_CTX_new(3)> 73L<BN_CTX_new(3)|BN_CTX_new(3)>
74 74
75=head1 HISTORY 75=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/BN_new.pod b/src/lib/libssl/src/doc/crypto/BN_new.pod
index c1394ff2a3..3033789c51 100644
--- a/src/lib/libssl/src/doc/crypto/BN_new.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_new.pod
@@ -42,7 +42,7 @@ values.
42 42
43=head1 SEE ALSO 43=head1 SEE ALSO
44 44
45L<bn(3)|bn(3)>, L<err(3)|err(3)> 45L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
46 46
47=head1 HISTORY 47=head1 HISTORY
48 48
diff --git a/src/lib/libssl/src/doc/crypto/BN_rand.pod b/src/lib/libssl/src/doc/crypto/BN_rand.pod
index ecd410f7f2..81f93c2eb3 100644
--- a/src/lib/libssl/src/doc/crypto/BN_rand.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_rand.pod
@@ -14,7 +14,7 @@ BN_rand, BN_pseudo_rand - generate pseudo-random number
14 14
15 int BN_rand_range(BIGNUM *rnd, BIGNUM *range); 15 int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
16 16
17 int BN_pseudo_rand_range(BIGNUM *rnd, int bits, int top, int bottom); 17 int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
18 18
19=head1 DESCRIPTION 19=head1 DESCRIPTION
20 20
@@ -45,7 +45,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
45 45
46=head1 SEE ALSO 46=head1 SEE ALSO
47 47
48L<bn(3)|bn(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, 48L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
49L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)> 49L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
50 50
51=head1 HISTORY 51=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/DH_generate_key.pod b/src/lib/libssl/src/doc/crypto/DH_generate_key.pod
index 920995b2e5..81f09fdf45 100644
--- a/src/lib/libssl/src/doc/crypto/DH_generate_key.pod
+++ b/src/lib/libssl/src/doc/crypto/DH_generate_key.pod
@@ -40,7 +40,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
40 40
41=head1 SEE ALSO 41=head1 SEE ALSO
42 42
43L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)> 43L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
44 44
45=head1 HISTORY 45=head1 HISTORY
46 46
diff --git a/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod b/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod
index a7d0c75f0c..4a2d653758 100644
--- a/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod
+++ b/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod
@@ -59,7 +59,7 @@ a usable generator.
59 59
60=head1 SEE ALSO 60=head1 SEE ALSO
61 61
62L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<DH_free(3)|DH_free(3)> 62L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_free(3)|DH_free(3)>
63 63
64=head1 HISTORY 64=head1 HISTORY
65 65
diff --git a/src/lib/libssl/src/doc/crypto/DH_new.pod b/src/lib/libssl/src/doc/crypto/DH_new.pod
index 64624b9d15..60c930093e 100644
--- a/src/lib/libssl/src/doc/crypto/DH_new.pod
+++ b/src/lib/libssl/src/doc/crypto/DH_new.pod
@@ -29,7 +29,7 @@ DH_free() returns no value.
29 29
30=head1 SEE ALSO 30=head1 SEE ALSO
31 31
32L<dh(3)|dh(3)>, L<err(3)|err(3)>, 32L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
33L<DH_generate_parameters(3)|DH_generate_parameters(3)>, 33L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
34L<DH_generate_key(3)|DH_generate_key(3)> 34L<DH_generate_key(3)|DH_generate_key(3)>
35 35
diff --git a/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod b/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod
index 671655554a..45df4c0661 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod
@@ -30,7 +30,7 @@ DSA_SIG_free() returns no value.
30 30
31=head1 SEE ALSO 31=head1 SEE ALSO
32 32
33L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)> 33L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)>
34 34
35=head1 HISTORY 35=head1 HISTORY
36 36
diff --git a/src/lib/libssl/src/doc/crypto/DSA_do_sign.pod b/src/lib/libssl/src/doc/crypto/DSA_do_sign.pod
index a24fd5714e..5dfc733b20 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_do_sign.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_do_sign.pod
@@ -36,7 +36,7 @@ L<ERR_get_error(3)|ERR_get_error(3)>.
36 36
37=head1 SEE ALSO 37=head1 SEE ALSO
38 38
39L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, 39L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
40L<DSA_SIG_new(3)|DSA_SIG_new(3)>, 40L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
41L<DSA_sign(3)|DSA_sign(3)> 41L<DSA_sign(3)|DSA_sign(3)>
42 42
diff --git a/src/lib/libssl/src/doc/crypto/DSA_dup_DH.pod b/src/lib/libssl/src/doc/crypto/DSA_dup_DH.pod
index 29cb1075d1..695f99a13b 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_dup_DH.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_dup_DH.pod
@@ -27,7 +27,7 @@ Be careful to avoid small subgroup attacks when using this.
27 27
28=head1 SEE ALSO 28=head1 SEE ALSO
29 29
30L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)> 30L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
31 31
32=head1 HISTORY 32=head1 HISTORY
33 33
diff --git a/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod b/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod
index 52890db5be..9906a2d7e0 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod
@@ -24,7 +24,7 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
24 24
25=head1 SEE ALSO 25=head1 SEE ALSO
26 26
27L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<DSA_generate_parameters(3)|DSA_generate_parameters(3)> 27L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
28 28
29=head1 HISTORY 29=head1 HISTORY
30 30
diff --git a/src/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod b/src/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod
index 43f60b0eb9..be7c924ff8 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod
@@ -90,7 +90,7 @@ Seed lengths E<gt> 20 are not supported.
90 90
91=head1 SEE ALSO 91=head1 SEE ALSO
92 92
93L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, 93L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
94L<DSA_free(3)|DSA_free(3)> 94L<DSA_free(3)|DSA_free(3)>
95 95
96=head1 HISTORY 96=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/DSA_new.pod b/src/lib/libssl/src/doc/crypto/DSA_new.pod
index 7dde54445b..301af912dd 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_new.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_new.pod
@@ -30,7 +30,7 @@ DSA_free() returns no value.
30 30
31=head1 SEE ALSO 31=head1 SEE ALSO
32 32
33L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, 33L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
34L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>, 34L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
35L<DSA_generate_key(3)|DSA_generate_key(3)> 35L<DSA_generate_key(3)|DSA_generate_key(3)>
36 36
diff --git a/src/lib/libssl/src/doc/crypto/DSA_sign.pod b/src/lib/libssl/src/doc/crypto/DSA_sign.pod
index f6e60a8ca3..97389e8ec8 100644
--- a/src/lib/libssl/src/doc/crypto/DSA_sign.pod
+++ b/src/lib/libssl/src/doc/crypto/DSA_sign.pod
@@ -55,7 +55,7 @@ Standard, DSS), ANSI X9.30
55 55
56=head1 SEE ALSO 56=head1 SEE ALSO
57 57
58L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, 58L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
59L<DSA_do_sign(3)|DSA_do_sign(3)> 59L<DSA_do_sign(3)|DSA_do_sign(3)>
60 60
61=head1 HISTORY 61=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
index b3a61f1c5d..acd4d0167a 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
@@ -236,9 +236,9 @@ even though they are identical digests.
236 236
237=head1 SEE ALSO 237=head1 SEE ALSO
238 238
239L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, 239L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
240L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, 240L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD160(3)|RIPEMD160(3)>,
241L<sha(3)|sha(3)>, L<digest(1)|digest(1)> 241L<SHA1(3)|SHA1(3)>
242 242
243=head1 HISTORY 243=head1 HISTORY
244 244
diff --git a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
index 32e9d54809..b1ac129430 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
@@ -81,10 +81,10 @@ EVP_SignUpdate() could not be made after calling EVP_SignFinal().
81=head1 SEE ALSO 81=head1 SEE ALSO
82 82
83L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>, 83L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
84L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, 84L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
85L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, 85L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
86L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, 86L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD(3)|RIPEMD(3)>,
87L<sha(3)|sha(3)>, L<digest(1)|digest(1)> 87L<SHA1(3)|SHA1(3)>, L<digest(1)|digest(1)>
88 88
89=head1 HISTORY 89=head1 HISTORY
90 90
diff --git a/src/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod b/src/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod
index 486c903430..e63411b5bb 100644
--- a/src/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod
+++ b/src/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod
@@ -36,7 +36,7 @@ None of the functions return a value.
36 36
37=head1 NOTES 37=head1 NOTES
38 38
39A typical application will will call OpenSSL_add_all_algorithms() initially and 39A typical application will call OpenSSL_add_all_algorithms() initially and
40EVP_cleanup() before exiting. 40EVP_cleanup() before exiting.
41 41
42An application does not need to add algorithms to use them explicitly, for example 42An application does not need to add algorithms to use them explicitly, for example
diff --git a/src/lib/libssl/src/doc/crypto/RAND_bytes.pod b/src/lib/libssl/src/doc/crypto/RAND_bytes.pod
index b6ebd50527..b03748b918 100644
--- a/src/lib/libssl/src/doc/crypto/RAND_bytes.pod
+++ b/src/lib/libssl/src/doc/crypto/RAND_bytes.pod
@@ -35,7 +35,7 @@ method.
35 35
36=head1 SEE ALSO 36=head1 SEE ALSO
37 37
38L<rand(3)|rand(3)>, L<err(3)|err(3)>, L<RAND_add(3)|RAND_add(3)> 38L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<RAND_add(3)|RAND_add(3)>
39 39
40=head1 HISTORY 40=head1 HISTORY
41 41
diff --git a/src/lib/libssl/src/doc/crypto/RSA_check_key.pod b/src/lib/libssl/src/doc/crypto/RSA_check_key.pod
index 79fed753ad..1db6d736ab 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_check_key.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_check_key.pod
@@ -30,7 +30,7 @@ obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
30 30
31=head1 SEE ALSO 31=head1 SEE ALSO
32 32
33L<rsa(3)|rsa(3)>, L<err(3)|err(3)> 33L<rsa(3)|rsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
34 34
35=head1 HISTORY 35=head1 HISTORY
36 36
diff --git a/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod b/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod
index 8714f7179d..11bc0b3459 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod
@@ -59,7 +59,7 @@ RSA_generate_key() goes into an infinite loop for illegal input values.
59 59
60=head1 SEE ALSO 60=head1 SEE ALSO
61 61
62L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_free(3)|RSA_free(3)> 62L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_free(3)|RSA_free(3)>
63 63
64=head1 HISTORY 64=head1 HISTORY
65 65
diff --git a/src/lib/libssl/src/doc/crypto/RSA_new.pod b/src/lib/libssl/src/doc/crypto/RSA_new.pod
index f16490ea6a..299047f31f 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_new.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_new.pod
@@ -29,7 +29,8 @@ RSA_free() returns no value.
29 29
30=head1 SEE ALSO 30=head1 SEE ALSO
31 31
32L<err(3)|err(3)>, L<rsa(3)|rsa(3)>, L<RSA_generate_key(3)|RSA_generate_key(3)> 32L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
33L<RSA_generate_key(3)|RSA_generate_key(3)>
33 34
34=head1 HISTORY 35=head1 HISTORY
35 36
diff --git a/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod b/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod
index 6861a98a10..0d1b2bd541 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod
@@ -59,7 +59,8 @@ obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
59 59
60=head1 SEE ALSO 60=head1 SEE ALSO
61 61
62L<err(3)|err(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)> 62L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
63L<RSA_verify(3)|RSA_verify(3)>
63 64
64=head1 HISTORY 65=head1 HISTORY
65 66
diff --git a/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod b/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod
index e20dfcb551..8022a23f99 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod
@@ -72,7 +72,7 @@ SSL, PKCS #1 v2.0
72 72
73=head1 SEE ALSO 73=head1 SEE ALSO
74 74
75L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)> 75L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)>
76 76
77=head1 HISTORY 77=head1 HISTORY
78 78
diff --git a/src/lib/libssl/src/doc/crypto/RSA_sign.pod b/src/lib/libssl/src/doc/crypto/RSA_sign.pod
index f0bf6eea1b..71688a665e 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_sign.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_sign.pod
@@ -50,8 +50,8 @@ SSL, PKCS #1 v2.0
50 50
51=head1 SEE ALSO 51=head1 SEE ALSO
52 52
53L<err(3)|err(3)>, L<objects(3)|objects(3)>, L<rsa(3)|rsa(3)>, 53L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
54L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>, 54L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
55L<RSA_public_decrypt(3)|RSA_public_decrypt(3)> 55L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
56 56
57=head1 HISTORY 57=head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
index df9ceb339a..b8c7bbb7e3 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
@@ -47,7 +47,7 @@ These functions serve no recognizable purpose.
47 47
48=head1 SEE ALSO 48=head1 SEE ALSO
49 49
50L<err(3)|err(3)>, L<objects(3)|objects(3)>, L<rand(3)|rand(3)>, 50L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, L<rand(3)|rand(3)>,
51L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, 51L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
52L<RSA_verify(3)|RSA_verify(3)> 52L<RSA_verify(3)|RSA_verify(3)>
53 53
diff --git a/src/lib/libssl/src/doc/crypto/des_modes.pod b/src/lib/libssl/src/doc/crypto/des_modes.pod
index da75e8007d..dc17942f97 100644
--- a/src/lib/libssl/src/doc/crypto/des_modes.pod
+++ b/src/lib/libssl/src/doc/crypto/des_modes.pod
@@ -2,7 +2,7 @@
2 2
3=head1 NAME 3=head1 NAME
4 4
5Modes of DES - the variants of DES and other crypto algorithms of OpenSSL 5des_modes - the variants of DES and other crypto algorithms of OpenSSL
6 6
7=head1 DESCRIPTION 7=head1 DESCRIPTION
8 8
@@ -204,8 +204,8 @@ just one key.
204=item * 204=item *
205 205
206If the first and last key are the same, the key length is 112 bits. 206If the first and last key are the same, the key length is 112 bits.
207There are attacks that could reduce the effective key strength 207There are attacks that could reduce the key space to 55 bit's but it
208to only slightly more than 56 bits, but these require a lot of memory. 208requires 2^56 blocks of memory.
209 209
210=item * 210=item *
211 211
@@ -246,8 +246,7 @@ it to:
246 246
247=head1 SEE ALSO 247=head1 SEE ALSO
248 248
249L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>, 249L<blowfish(3)|blowfish(3)>
250L<rc2(3)|rc2(3)>
251 250
252=cut 251=cut
253 252
diff --git a/src/lib/libssl/src/doc/crypto/dsa.pod b/src/lib/libssl/src/doc/crypto/dsa.pod
index 82d7fb77cd..573500204b 100644
--- a/src/lib/libssl/src/doc/crypto/dsa.pod
+++ b/src/lib/libssl/src/doc/crypto/dsa.pod
@@ -93,7 +93,7 @@ Standard, DSS), ANSI X9.30
93=head1 SEE ALSO 93=head1 SEE ALSO
94 94
95L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, 95L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
96L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<DSA_new(3)|DSA_new(3)>, 96L<rsa(3)|rsa(3)>, L<SHA1(3)|SHA1(3)>, L<DSA_new(3)|DSA_new(3)>,
97L<DSA_size(3)|DSA_size(3)>, 97L<DSA_size(3)|DSA_size(3)>,
98L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>, 98L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
99L<DSA_dup_DH(3)|DSA_dup_DH(3)>, 99L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
diff --git a/src/lib/libssl/src/doc/crypto/hmac.pod b/src/lib/libssl/src/doc/crypto/hmac.pod
index 579bf9e8a0..3cc29dfc83 100644
--- a/src/lib/libssl/src/doc/crypto/hmac.pod
+++ b/src/lib/libssl/src/doc/crypto/hmac.pod
@@ -89,7 +89,7 @@ RFC 2104
89 89
90=head1 SEE ALSO 90=head1 SEE ALSO
91 91
92L<sha(3)|sha(3)>, L<evp(3)|evp(3)> 92L<SHA1(3)|SHA1(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
93 93
94=head1 HISTORY 94=head1 HISTORY
95 95
diff --git a/src/lib/libssl/src/doc/crypto/mdc2.pod b/src/lib/libssl/src/doc/crypto/mdc2.pod
index 11dc303e04..538f474e30 100644
--- a/src/lib/libssl/src/doc/crypto/mdc2.pod
+++ b/src/lib/libssl/src/doc/crypto/mdc2.pod
@@ -54,7 +54,7 @@ ISO/IEC 10118-2, with DES
54 54
55=head1 SEE ALSO 55=head1 SEE ALSO
56 56
57L<sha(3)|sha(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)> 57L<SHA1(3)|SHA1(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
58 58
59=head1 HISTORY 59=head1 HISTORY
60 60
diff --git a/src/lib/libssl/src/doc/crypto/ripemd.pod b/src/lib/libssl/src/doc/crypto/ripemd.pod
index 31054b6a8c..9a634ca866 100644
--- a/src/lib/libssl/src/doc/crypto/ripemd.pod
+++ b/src/lib/libssl/src/doc/crypto/ripemd.pod
@@ -56,7 +56,7 @@ ISO/IEC 10118-3 (draft) (??)
56 56
57=head1 SEE ALSO 57=head1 SEE ALSO
58 58
59L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)> 59L<SHA1(3)|SHA1(3)>, L<HMAC(3)|HMAC(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
60 60
61=head1 HISTORY 61=head1 HISTORY
62 62
diff --git a/src/lib/libssl/src/doc/crypto/sha.pod b/src/lib/libssl/src/doc/crypto/sha.pod
index 0ba315d6d7..158457270f 100644
--- a/src/lib/libssl/src/doc/crypto/sha.pod
+++ b/src/lib/libssl/src/doc/crypto/sha.pod
@@ -60,7 +60,7 @@ ANSI X9.30
60 60
61=head1 SEE ALSO 61=head1 SEE ALSO
62 62
63L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)> 63L<RIPEMD160(3)|RIPEMD160(3)>, L<HMAC(3)|HMAC(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
64 64
65=head1 HISTORY 65=head1 HISTORY
66 66
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod
index 81286ee650..3a240c4d37 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod
@@ -14,7 +14,7 @@ SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate ver
14=head1 DESCRIPTION 14=head1 DESCRIPTION
15 15
16SSL_CTX_set_cert_store() sets/replaces the certificate verification storage 16SSL_CTX_set_cert_store() sets/replaces the certificate verification storage
17of B<ctx> to/with B<store>. If another X505_STORE object is currently 17of B<ctx> to/with B<store>. If another X509_STORE object is currently
18set in B<ctx>, it will be X509_STORE_free()ed. 18set in B<ctx>, it will be X509_STORE_free()ed.
19 19
20SSL_CTX_get_cert_store() returns a pointer to the current certificate 20SSL_CTX_get_cert_store() returns a pointer to the current certificate
diff --git a/src/lib/libssl/src/doc/ssl/ssl.pod b/src/lib/libssl/src/doc/ssl/ssl.pod
index d0525582b0..ce41b3e17d 100644
--- a/src/lib/libssl/src/doc/ssl/ssl.pod
+++ b/src/lib/libssl/src/doc/ssl/ssl.pod
@@ -3,7 +3,7 @@
3 3
4=head1 NAME 4=head1 NAME
5 5
6SSL - OpenSSL SSL/TLS library 6ssl - OpenSSL SSL/TLS library
7 7
8=head1 SYNOPSIS 8=head1 SYNOPSIS
9 9
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h
index f216936e18..055c1b0e29 100644
--- a/src/lib/libssl/src/e_os.h
+++ b/src/lib/libssl/src/e_os.h
@@ -79,7 +79,7 @@ extern "C" {
79#ifndef DEVRANDOM 79#ifndef DEVRANDOM
80/* set this to a comma-separated list of 'random' device files to try out. 80/* set this to a comma-separated list of 'random' device files to try out.
81 * My default, we will try to read at least one of these files */ 81 * My default, we will try to read at least one of these files */
82#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" 82#define DEVRANDOM "/dev/arandom","/dev/urandom","/dev/random","/dev/srandom"
83#endif 83#endif
84#ifndef DEVRANDOM_EGD 84#ifndef DEVRANDOM_EGD
85/* set this to a comma-seperated list of 'egd' sockets to try out. These 85/* set this to a comma-seperated list of 'egd' sockets to try out. These
diff --git a/src/lib/libssl/src/rsaref/Makefile.ssl b/src/lib/libssl/src/rsaref/Makefile.ssl
new file mode 100644
index 0000000000..4085e9dba0
--- /dev/null
+++ b/src/lib/libssl/src/rsaref/Makefile.ssl
@@ -0,0 +1,102 @@
1#
2# SSLeay/rsaref/Makefile
3#
4
5DIR= rsaref
6TOP= ..
7CC= cc
8INCLUDES= -I../crypto -I../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPEND= $(TOP)/util/domd $(TOP)
15MAKEFILE= Makefile.ssl
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile rsaref-lib.com install.com
21TEST=
22APPS=
23
24LIB=$(TOP)/libRSAglue.a
25LIBSRC= rsaref.c rsar_err.c
26LIBOBJ= rsaref.o rsar_err.o
27
28SRC= $(LIBSRC)
29
30EXHEADER= rsaref.h
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd ..; $(MAKE) DIRS=rsaref all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 $(AR) $(LIB) $(LIBOBJ)
42 @echo You may get an error following this line. Please ignore.
43 - $(RANLIB) $(LIB)
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
54
55install:
56 -@if [ "x`echo x $(EX_LIBS) | grep RSAglue`" != x ]; then \
57 echo "installing libRSAglue.a"; \
58 cp $(LIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
59 $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
60 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
61 fi
62
63# @for i in $(EXHEADER) ; \
64# do \
65# (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
66# chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
67# done;
68
69tags:
70 ctags $(SRC)
71
72tests:
73
74lint:
75 lint -DLINT $(INCLUDES) $(SRC)>fluff
76
77depend:
78 $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
79
80dclean:
81 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
82 mv -f Makefile.new $(MAKEFILE)
83
84clean:
85 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
86
87# DO NOT DELETE THIS LINE -- make depend depends on it.
88
89rsar_err.o: ../include/openssl/bio.h ../include/openssl/bn.h
90rsar_err.o: ../include/openssl/crypto.h ../include/openssl/err.h
91rsar_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
92rsar_err.o: ../include/openssl/opensslv.h ../include/openssl/rsa.h
93rsar_err.o: ../include/openssl/rsaref.h ../include/openssl/safestack.h
94rsar_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
95rsaref.o: ../crypto/cryptlib.h ../include/openssl/bio.h ../include/openssl/bn.h
96rsaref.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
97rsaref.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
98rsaref.o: ../include/openssl/err.h ../include/openssl/lhash.h
99rsaref.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
100rsaref.o: ../include/openssl/rand.h ../include/openssl/rsa.h
101rsaref.o: ../include/openssl/rsaref.h ../include/openssl/safestack.h
102rsaref.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
diff --git a/src/lib/libssl/src/rsaref/install.com b/src/lib/libssl/src/rsaref/install.com
new file mode 100644
index 0000000000..c32cea5da8
--- /dev/null
+++ b/src/lib/libssl/src/rsaref/install.com
@@ -0,0 +1,69 @@
1$! INSTALL.COM -- Installs the files in a given directory tree
2$!
3$! Author: Richard Levitte <richard@levitte.org>
4$! Time of creation: 22-MAY-1998 10:13
5$!
6$! P1 root of the directory tree
7$!
8$ IF P1 .EQS. ""
9$ THEN
10$ WRITE SYS$OUTPUT "First argument missing."
11$ WRITE SYS$OUTPUT "Should be the directory where you want things installed."
12$ EXIT
13$ ENDIF
14$
15$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
16$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
17$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
18 - "[000000." - "][" - "[" - "]"
19$ ROOT = ROOT_DEV + "[" + ROOT_DIR
20$
21$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
22$ DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
23$ DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
24$
25$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
26 CREATE/DIR/LOG WRK_SSLROOT:[000000]
27$ IF F$PARSE("WRK_SSLVLIB:") .EQS. "" THEN -
28 CREATE/DIR/LOG WRK_SSLVLIB:
29$ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN -
30 CREATE/DIR/LOG WRK_SSLALIB:
31$
32$ LIBS := LIBRSAGLUE
33$
34$ VEXE_DIR := [-.VAX.EXE.CRYPTO]
35$ AEXE_DIR := [-.AXP.EXE.CRYPTO]
36$
37$ I = 0
38$ LOOP_LIB:
39$ E = F$EDIT(F$ELEMENT(I, ",", LIBS),"TRIM")
40$ I = I + 1
41$ IF E .EQS. "," THEN GOTO LOOP_LIB_END
42$ SET NOON
43$ IF F$SEARCH(VEXE_DIR+E+".OLB") .NES. ""
44$ THEN
45$ COPY 'VEXE_DIR''E'.OLB WRK_SSLVLIB:'E'.OLB/log
46$ SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.OLB
47$ ENDIF
48$ ! Preparing for the time when we have shareable images
49$ IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
50$ THEN
51$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'E'.EXE/log
52$ SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.EXE
53$ ENDIF
54$ IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. ""
55$ THEN
56$ COPY 'AEXE_DIR''E'.OLB WRK_SSLALIB:'E'.OLB/log
57$ SET FILE/PROT=W:RE WRK_SSLALIB:'E'.OLB
58$ ENDIF
59$ ! Preparing for the time when we have shareable images
60$ IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
61$ THEN
62$ COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'E'.EXE/log
63$ SET FILE/PROT=W:RE WRK_SSLALIB:'E'.EXE
64$ ENDIF
65$ SET ON
66$ GOTO LOOP_LIB
67$ LOOP_LIB_END:
68$
69$ EXIT
diff --git a/src/lib/libssl/src/rsaref/rsar_err.c b/src/lib/libssl/src/rsaref/rsar_err.c
new file mode 100644
index 0000000000..5e7871f803
--- /dev/null
+++ b/src/lib/libssl/src/rsaref/rsar_err.c
@@ -0,0 +1,119 @@
1/* rsaref/rsar_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/rsaref.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA RSAREF_str_functs[]=
68 {
69{ERR_PACK(0,RSAREF_F_BN_REF_MOD_EXP,0), "BN_REF_MOD_EXP"},
70{ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0), "RSAREF_BN2BIN"},
71{ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0), "RSA_BN2BIN"},
72{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0), "RSA_private_decrypt"},
73{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0), "RSA_private_encrypt"},
74{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0), "RSA_public_decrypt"},
75{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0), "RSA_public_encrypt"},
76{ERR_PACK(0,RSAREF_F_RSA_REF_BN2BIN,0), "RSA_REF_BN2BIN"},
77{ERR_PACK(0,RSAREF_F_RSA_REF_MOD_EXP,0), "RSA_REF_MOD_EXP"},
78{ERR_PACK(0,RSAREF_F_RSA_REF_PRIVATE_DECRYPT,0), "RSA_REF_PRIVATE_DECRYPT"},
79{ERR_PACK(0,RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,0), "RSA_REF_PRIVATE_ENCRYPT"},
80{ERR_PACK(0,RSAREF_F_RSA_REF_PUBLIC_DECRYPT,0), "RSA_REF_PUBLIC_DECRYPT"},
81{ERR_PACK(0,RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,0), "RSA_REF_PUBLIC_ENCRYPT"},
82{0,NULL}
83 };
84
85static ERR_STRING_DATA RSAREF_str_reasons[]=
86 {
87{RSAREF_R_CONTENT_ENCODING ,"content encoding"},
88{RSAREF_R_DATA ,"data"},
89{RSAREF_R_DIGEST_ALGORITHM ,"digest algorithm"},
90{RSAREF_R_ENCODING ,"encoding"},
91{RSAREF_R_ENCRYPTION_ALGORITHM ,"encryption algorithm"},
92{RSAREF_R_KEY ,"key"},
93{RSAREF_R_KEY_ENCODING ,"key encoding"},
94{RSAREF_R_LEN ,"len"},
95{RSAREF_R_MODULUS_LEN ,"modulus len"},
96{RSAREF_R_NEED_RANDOM ,"need random"},
97{RSAREF_R_PRIVATE_KEY ,"private key"},
98{RSAREF_R_PUBLIC_KEY ,"public key"},
99{RSAREF_R_SIGNATURE ,"signature"},
100{RSAREF_R_SIGNATURE_ENCODING ,"signature encoding"},
101{0,NULL}
102 };
103
104#endif
105
106void ERR_load_RSAREF_strings(void)
107 {
108 static int init=1;
109
110 if (init)
111 {
112 init=0;
113#ifndef NO_ERR
114 ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_functs);
115 ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_reasons);
116#endif
117
118 }
119 }
diff --git a/src/lib/libssl/src/rsaref/rsaref-lib.com b/src/lib/libssl/src/rsaref/rsaref-lib.com
new file mode 100644
index 0000000000..53193720b6
--- /dev/null
+++ b/src/lib/libssl/src/rsaref/rsaref-lib.com
@@ -0,0 +1,902 @@
1$!
2$! RSAREF-LIB.COM
3$! Written By: Robert Byer
4$! Vice-President
5$! A-Com Computing, Inc.
6$! byer@mail.all-net.net
7$!
8$! Changes by Richard Levitte <richard@levitte.org>
9$!
10$! This command files compiles and creates the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB"
11$! library. The "xxx" denotes the machine architecture of AXP or VAX.
12$!
13$! Specify one of the following to build just that part or "ALL" to
14$! just build everything.
15$!
16$! ALL To Just Build "Everything".
17$! LIBRARY To Just Build The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library.
18$! DHDEMO To Just Build The [.xxx.EXE.RSAREF]DHDEMO.EXE Program.
19$! RDEMO To Just Build The [.xxx.EXE.RSAREF]RDEMO.EXE Program.
20$!
21$! Specify DEBUG or NODEBUG as P2 to compile with or without debugging
22$! information.
23$!
24$! Specify which compiler at P3 to try to compile under.
25$!
26$! VAXC For VAX C.
27$! DECC For DEC C.
28$! GNUC For GNU C.
29$!
30$! If you don't speficy a compiler, it will prompt you for one.
31$!
32$! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
33$!
34$!
35$! Check Which Architecture We Are Using.
36$!
37$ IF (F$GETSYI("CPU").GE.128)
38$ THEN
39$!
40$! The Architecture Is AXP
41$!
42$ ARCH := AXP
43$!
44$! Else...
45$!
46$ ELSE
47$!
48$! The Architecture Is VAX.
49$!
50$ ARCH := VAX
51$!
52$! End The Architecture Check.
53$!
54$ ENDIF
55$!
56$! Check To Make Sure We Have Valid Command Line Parameters.
57$!
58$ GOSUB CHECK_OPTIONS
59$!
60$! Initialise logical names and such
61$!
62$ GOSUB INITIALISE
63$!
64$! Tell The User What Kind of Machine We Run On.
65$!
66$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
67$!
68$! Define The OBJ Directory Name.
69$!
70$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.RSAREF]
71$!
72$! Check To See If The Architecture Specific OBJ Directory Exists.
73$!
74$ IF (F$PARSE(OBJ_DIR).EQS."")
75$ THEN
76$!
77$! It Dosen't Exist, So Create It.
78$!
79$ CREATE/DIR 'OBJ_DIR'
80$!
81$! End The Architecture Specific OBJ Directory Check.
82$!
83$ ENDIF
84$!
85$! Define The EXE Directory Name.
86$!
87$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.RSAREF]
88$!
89$! Check To See If The Architecture Specific EXE Directory Exists.
90$!
91$ IF (F$PARSE(EXE_DIR).EQS."")
92$ THEN
93$!
94$! It Dosen't Exist, So Create It.
95$!
96$ CREATE/DIR 'EXE_DIR'
97$!
98$! End The Architecture Specific EXE Directory Check.
99$!
100$ ENDIF
101$!
102$! Define The Library Name.
103$!
104$ LIB_NAME := 'EXE_DIR'LIBRSAGLUE.OLB
105$!
106$! Check To See What We Are To Do.
107$!
108$ IF (BUILDALL.EQS."TRUE")
109$ THEN
110$!
111$! Since Nothing Special Was Specified, Do Everything.
112$!
113$ GOSUB LIBRARY
114$ GOSUB DHDEMO
115$ GOSUB RDEMO
116$!
117$! Else...
118$!
119$ ELSE
120$!
121$! Build Just What The User Wants Us To Build.
122$!
123$ GOSUB 'BUILDALL'
124$!
125$! End The BUILDALL Check.
126$!
127$ ENDIF
128$!
129$! Time To EXIT.
130$!
131$ EXIT:
132$ GOSUB CLEANUP
133$ EXIT
134$!
135$ LIBRARY:
136$!
137$! Tell The User That We Are Compiling.
138$!
139$ WRITE SYS$OUTPUT "Compiling The ",LIB_NAME," Files."
140$!
141$! Check To See If We Already Have A "LIBRSAGLUE.OLB" Library...
142$!
143$ IF (F$SEARCH(LIB_NAME).EQS."")
144$ THEN
145$!
146$! Guess Not, Create The Library.
147$!
148$ LIBRARY/CREATE/OBJECT 'LIB_NAME'
149$!
150$! End The Library Exist Check.
151$!
152$ ENDIF
153$!
154$! Define The RSAREF Library Files.
155$!
156$ LIB_RSAREF = "DESC,DIGIT,MD2C,MD5C,NN,PRIME,RSA,R_DH,R_ENCODE,R_ENHANC," + -
157 "R_KEYGEN,R_RANDOM,R_STDLIB"
158$!
159$! Define A File Counter And Set It To "0".
160$!
161$ FILE_COUNTER = 0
162$!
163$! Top Of The File Loop.
164$!
165$ NEXT_FILE:
166$!
167$! O.K, Extract The File Name From The File List.
168$!
169$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",LIB_RSAREF)
170$!
171$! Check To See If We Are At The End Of The File List.
172$!
173$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
174$!
175$! Increment The Counter.
176$!
177$ FILE_COUNTER = FILE_COUNTER + 1
178$!
179$! Create The Source File Name.
180$!
181$ SOURCE_FILE = "SYS$DISK:[.SOURCE]" + FILE_NAME + ".C"
182$!
183$! Tell The User We Are Compiling The Source File.
184$!
185$ WRITE SYS$OUTPUT " ",FILE_NAME,".C"
186$!
187$! Create The Object File Name.
188$!
189$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
190$ ON WARNING THEN GOTO NEXT_FILE
191$!
192$! Check To See If The File We Want To Compile Actually Exists.
193$!
194$ IF (F$SEARCH(SOURCE_FILE).EQS."")
195$ THEN
196$!
197$! Tell The User That The File Dosen't Exist.
198$!
199$ WRITE SYS$OUTPUT ""
200$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
201$ WRITE SYS$OUTPUT ""
202$!
203$! Exit The Build.
204$!
205$ EXIT
206$!
207$! End The File Exist Check.
208$!
209$ ENDIF
210$!
211$! Compile The File.
212$!
213$ ON ERROR THEN GOTO NEXT_FILE
214$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
215$!
216$! Add It To The Library.
217$!
218$ LIBRARY/REPLACE/OBJECT 'LIB_NAME' 'OBJECT_FILE'
219$!
220$! Time To Clean Up The Object File.
221$!
222$ DELETE 'OBJECT_FILE';*
223$!
224$! Go Back And Do It Again.
225$!
226$ GOTO NEXT_FILE
227$!
228$! All Done With This Library Part.
229$!
230$ FILE_DONE:
231$!
232$! Tell The User That We Are All Done.
233$!
234$ WRITE SYS$OUTPUT "Library ",LIB_NAME," Built."
235$!
236$! All Done, Time To Return.
237$!
238$ RETURN
239$!
240$! Compile The [.xxx.EXE.RSAREF]DHDEMO Program.
241$!
242$ DHDEMO:
243$!
244$! Check To See If We Have The Proper Libraries.
245$!
246$ GOSUB LIB_CHECK
247$!
248$! Check To See If We Have A Linker Option File.
249$!
250$ GOSUB CHECK_OPT_FILE
251$!
252$! Check To See If The File We Want To Compile Actually Exists.
253$!
254$ IF (F$SEARCH("SYS$DISK:[.RDEMO]DHDEMO.C").EQS."")
255$ THEN
256$!
257$! Tell The User That The File Dosen't Exist.
258$!
259$ WRITE SYS$OUTPUT ""
260$ WRITE SYS$OUTPUT "The File [.RDEMO]DHDEMO.C Dosen't Exist."
261$ WRITE SYS$OUTPUT ""
262$!
263$! Exit The Build.
264$!
265$ EXIT
266$!
267$! End The [.RDEMO]DHDEMO.C File Check.
268$!
269$ ENDIF
270$!
271$! Tell The User What We Are Building.
272$!
273$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DHDEMO.EXE"
274$!
275$! Compile The DHDEMO Program.
276$!
277$ CC/OBJECT='OBJ_DIR'DHDEMO.OBJ SYS$DISK:[.RDEMO]DHDEMO.C
278$!
279$! Link The DHDEMO Program.
280$!
281$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS -
282 /EXE='EXE_DIR'DHDEMO.EXE 'OBJ_DIR'DHDEMO.OBJ, -
283 'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
284$!
285$! All Done, Time To Return.
286$!
287$ RETURN
288$!
289$! Compile The RDEMO Program.
290$!
291$ RDEMO:
292$!
293$! Check To See If We Have The Proper Libraries.
294$!
295$ GOSUB LIB_CHECK
296$!
297$! Check To See If We Have A Linker Option File.
298$!
299$ GOSUB CHECK_OPT_FILE
300$!
301$! Check To See If The File We Want To Compile Actually Exists.
302$!
303$ IF (F$SEARCH("SYS$DISK:[.RDEMO]RDEMO.C").EQS."")
304$ THEN
305$!
306$! Tell The User That The File Dosen't Exist.
307$!
308$ WRITE SYS$OUTPUT ""
309$ WRITE SYS$OUTPUT "The File [.RDEMO]RDEMO.C Dosen't Exist."
310$ WRITE SYS$OUTPUT ""
311$!
312$! Exit The Build.
313$!
314$ EXIT
315$!
316$! End The [.RDEMO]RDEMO.C File Check.
317$!
318$ ENDIF
319$!
320$! Tell The User What We Are Building.
321$!
322$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"RDEMO.EXE"
323$!
324$! Compile The RDEMO Program.
325$!
326$ CC/OBJECT='OBJ_DIR'RDEMO.OBJ SYS$DISK:[.RDEMO]RDEMO.C
327$!
328$! Link The RDEMO Program.
329$!
330$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS -
331 /EXE='EXE_DIR'RDEMO.EXE 'OBJ_DIR'RDEMO.OBJ, -
332 'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
333$!
334$! All Done, Time To Return.
335$!
336$ RETURN
337$!
338$! Check For The Link Option FIle.
339$!
340$ CHECK_OPT_FILE:
341$!
342$! Check To See If We Need To Make A VAX C Option File.
343$!
344$ IF (COMPILER.EQS."VAXC")
345$ THEN
346$!
347$! Check To See If We Already Have A VAX C Linker Option File.
348$!
349$ IF (F$SEARCH(OPT_FILE).EQS."")
350$ THEN
351$!
352$! We Need A VAX C Linker Option File.
353$!
354$ CREATE 'OPT_FILE'
355$DECK
356!
357! Default System Options File To Link Agianst
358! The Sharable VAX C Runtime Library.
359!
360SYS$SHARE:VAXCRTL.EXE/SHARE
361$EOD
362$!
363$! End The Option File Check.
364$!
365$ ENDIF
366$!
367$! End The VAXC Check.
368$!
369$ ENDIF
370$!
371$! Check To See If We Need A GNU C Option File.
372$!
373$ IF (COMPILER.EQS."GNUC")
374$ THEN
375$!
376$! Check To See If We Already Have A GNU C Linker Option File.
377$!
378$ IF (F$SEARCH(OPT_FILE).EQS."")
379$ THEN
380$!
381$! We Need A GNU C Linker Option File.
382$!
383$ CREATE 'OPT_FILE'
384$DECK
385!
386! Default System Options File To Link Agianst
387! The Sharable C Runtime Library.
388!
389GNU_CC:[000000]GCCLIB/LIBRARY
390SYS$SHARE:VAXCRTL/SHARE
391$EOD
392$!
393$! End The Option File Check.
394$!
395$ ENDIF
396$!
397$! End The GNU C Check.
398$!
399$ ENDIF
400$!
401$! Check To See If We Need A DEC C Option File.
402$!
403$ IF (COMPILER.EQS."DECC")
404$ THEN
405$!
406$! Check To See If We Already Have A DEC C Linker Option File.
407$!
408$ IF (F$SEARCH(OPT_FILE).EQS."")
409$ THEN
410$!
411$! Figure Out If We Need An AXP Or A VAX Linker Option File.
412$!
413$ IF (ARCH.EQS."VAX")
414$ THEN
415$!
416$! We Need A DEC C Linker Option File For VAX.
417$!
418$ CREATE 'OPT_FILE'
419$DECK
420!
421! Default System Options File To Link Agianst
422! The Sharable DEC C Runtime Library.
423!
424SYS$SHARE:DECC$SHR.EXE/SHARE
425$EOD
426$!
427$! Else...
428$!
429$ ELSE
430$!
431$! Create The AXP Linker Option File.
432$!
433$ CREATE 'OPT_FILE'
434$DECK
435!
436! Default System Options File For AXP To Link Agianst
437! The Sharable C Runtime Library.
438!
439SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
440SYS$SHARE:CMA$OPEN_RTL/SHARE
441$EOD
442$!
443$! End The VAX/AXP DEC C Option File Check.
444$!
445$ ENDIF
446$!
447$! End The Option File Search.
448$!
449$ ENDIF
450$!
451$! End The DEC C Check.
452$!
453$ ENDIF
454$!
455$! Tell The User What Linker Option File We Are Using.
456$!
457$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."
458$!
459$! Time To RETURN.
460$!
461$ RETURN
462$ LIB_CHECK:
463$!
464$! Look For The Library LIBRSAGLUE.OLB.
465$!
466$ IF (F$SEARCH(LIB_NAME).EQS."")
467$ THEN
468$!
469$! Tell The User We Can't Find The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library.
470$!
471$ WRITE SYS$OUTPUT ""
472$ WRITE SYS$OUTPUT "Can't Find The Library ",LIB_NAME,"."
473$ WRITE SYS$OUTPUT "We Can't Link Without It."
474$ WRITE SYS$OUTPUT ""
475$!
476$! And Ask If They Would Like To Build It.
477$!
478$ INQUIRE YESNO "Would You Like To Build The Library Now (Y/N)?"
479$!
480$! Check The Answer.
481$!
482$ IF (YESNO.EQS."Y").OR.(YESNO.EQS."y")
483$ THEN
484$!
485$! Then Build The Library.
486$!
487$ GOSUB LIBRARY
488$!
489$! When Done With That, RETURN To Finish What Ever We Were Doing
490$! That Needed The Library.
491$!
492$ RETURN
493$!
494$! Else...
495$!
496$ ELSE
497$!
498$! Since We Can't Link Without It, Exit.
499$!
500$ EXIT
501$!
502$! End The Answer Check.
503$!
504$ ENDIF
505$!
506$! End The Library Check.
507$!
508$ ENDIF
509$!
510$! Time To Return.
511$!
512$ RETURN
513$!
514$! Check The User's Options.
515$!
516$ CHECK_OPTIONS:
517$!
518$! Check To See If P1 Is Blank.
519$!
520$ IF (P1.EQS."ALL")
521$ THEN
522$!
523$! P1 Is Blank, So Build Everything.
524$!
525$ BUILDALL = "TRUE"
526$!
527$! Else...
528$!
529$ ELSE
530$!
531$! Else, Check To See If P1 Has A Valid Arguement.
532$!
533$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."DHDEMO").OR.(P1.EQS."RDEMO")
534$ THEN
535$!
536$! A Valid Arguement.
537$!
538$ BUILDALL = P1
539$!
540$! Else....
541$!
542$ ELSE
543$!
544$! Tell The User We Don't Know What They Want.
545$!
546$ WRITE SYS$OUTPUT ""
547$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
548$ WRITE SYS$OUTPUT ""
549$ WRITE SYS$OUTPUT " ALL : To Just Build Everything."
550$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library."
551$ WRITE SYS$OUTPUT " DHDEMO : To Compile Just The [.xxx.EXE.RSAREF]DHDEMO Program."
552$ WRITE SYS$OUTPUT " RDEMO : To Compile Just The [.xxx.EXE.RSAREF]RDEMO Program.
553$ WRITE SYS$OUTPUT ""
554$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
555$ WRITE SYS$OUTPUT ""
556$ WRITE SYS$OUTPUT " AXP : Alpha Architecture."
557$ WRITE SYS$OUTPUT " VAX : VAX Architecture."
558$ WRITE SYS$OUTPUT ""
559$!
560$! Time To EXIT.
561$!
562$ EXIT
563$!
564$! End The Valid Arguement Check.
565$!
566$ ENDIF
567$!
568$! End The P1 Check.
569$!
570$ ENDIF
571$!
572$! Check To See If P2 Is Blank.
573$!
574$ IF (P2.EQS."NODEBUG")
575$ THEN
576$!
577$! P2 Is "NODEBUG" So Compile Without Debugger Information.
578$!
579$ DEBUGGER = "NODEBUG"
580$ TRACEBACK = "NOTRACEBACK"
581$ GCC_OPTIMIZE = "OPTIMIZE"
582$ CC_OPTIMIZE = "OPTIMIZE"
583$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
584$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
585$ ELSE
586$!
587$! Check To See If We Are To Compile With Debugger Information.
588$!
589$ IF (P2.EQS."DEBUG")
590$ THEN
591$!
592$! Compile With Debugger Information.
593$!
594$ DEBUGGER = "DEBUG"
595$ TRACEBACK = "TRACEBACK"
596$ GCC_OPTIMIZE = "NOOPTIMIZE"
597$ CC_OPTIMIZE = "NOOPTIMIZE"
598$ WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
599$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
600$ ELSE
601$!
602$! Tell The User Entered An Invalid Option..
603$!
604$ WRITE SYS$OUTPUT ""
605$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:"
606$ WRITE SYS$OUTPUT ""
607$ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information."
608$ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information."
609$ WRITE SYS$OUTPUT ""
610$!
611$! Time To EXIT.
612$!
613$ EXIT
614$!
615$! End The Valid Arguement Check.
616$!
617$ ENDIF
618$!
619$! End The P2 Check.
620$!
621$ ENDIF
622$!
623$! Special Threads For OpenVMS v7.1 Or Later.
624$!
625$! Written By: Richard Levitte
626$! richard@levitte.org
627$!
628$!
629$! Check To See If We Have A Option For P4.
630$!
631$ IF (P4.EQS."")
632$ THEN
633$!
634$! Get The Version Of VMS We Are Using.
635$!
636$ ISSEVEN :=
637$ TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
638$ TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
639$!
640$! Check To See If The VMS Version Is v7.1 Or Later.
641$!
642$ IF (TMP.GE.71)
643$ THEN
644$!
645$! We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
646$!
647$ ISSEVEN := ,PTHREAD_USE_D4
648$!
649$! End The VMS Version Check.
650$!
651$ ENDIF
652$!
653$! End The P4 Check.
654$!
655$ ENDIF
656$!
657$! Check To See If P3 Is Blank.
658$!
659$ IF (P3.EQS."")
660$ THEN
661$!
662$! O.K., The User Didn't Specify A Compiler, Let's Try To
663$! Find Out Which One To Use.
664$!
665$! Check To See If We Have GNU C.
666$!
667$ IF (F$TRNLNM("GNU_CC").NES."")
668$ THEN
669$!
670$! Looks Like GNUC, Set To Use GNUC.
671$!
672$ COMPILER = "GNUC"
673$!
674$! End The GNU C Compiler Check.
675$!
676$ ELSE
677$!
678$! Check To See If We Have VAXC Or DECC.
679$!
680$ IF (ARCH.EQS."ALPHA").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
681$ THEN
682$!
683$! Looks Like DECC, Set To Use DECC.
684$!
685$ COMPILER = "DECC"
686$!
687$! Tell The User We Are Using DECC.
688$!
689$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
690$!
691$! Else...
692$!
693$ ELSE
694$!
695$! Looks Like VAXC, Set To Use VAXC.
696$!
697$ COMPILER = "VAXC"
698$!
699$! End The VAXC Compiler Check.
700$!
701$ ENDIF
702$!
703$! End The DECC & VAXC Compiler Check.
704$!
705$ ENDIF
706$!
707$! End The Compiler Check.
708$!
709$ ENDIF
710$!
711$! Set Up Initial CC Definitions, Possibly With User Ones
712$!
713$ CCDEFS = "VMS=1"
714$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
715$ CCEXTRAFLAGS = ""
716$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
717$ CCDISABLEWARNINGS = ""
718$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
719 CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
720$!
721$! Check To See If The User Entered A Valid Paramter.
722$!
723$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
724$ THEN
725$!
726$! Check To See If The User Wanted DECC.
727$!
728$ IF (P3.EQS."DECC")
729$ THEN
730$!
731$! Looks Like DECC, Set To Use DECC.
732$!
733$ COMPILER = "DECC"
734$!
735$! Tell The User We Are Using DECC.
736$!
737$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
738$!
739$! Use DECC...
740$!
741$ CC = "CC"
742$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
743 THEN CC = "CC/DECC"
744$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
745 "/NOLIST/PREFIX=ALL" + -
746 "/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[.SOURCE])" + CCEXTRAFLAGS
747$!
748$! Define The Linker Options File Name.
749$!
750$ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
751$!
752$! End DECC Check.
753$!
754$ ENDIF
755$!
756$! Check To See If We Are To Use VAXC.
757$!
758$ IF (P3.EQS."VAXC")
759$ THEN
760$!
761$! Looks Like VAXC, Set To Use VAXC.
762$!
763$ COMPILER = "VAXC"
764$!
765$! Tell The User We Are Using VAX C.
766$!
767$ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
768$!
769$! Compile Using VAXC.
770$!
771$ CC = "CC"
772$ IF ARCH.EQS."AXP"
773$ THEN
774$ WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
775$ EXIT
776$ ENDIF
777$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
778$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
779 "/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[.SOURCE])" + CCEXTRAFLAGS
780$ CCDEFS = CCDEFS + ",""VAXC"""
781$!
782$! Define <sys> As SYS$COMMON:[SYSLIB]
783$!
784$ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
785$!
786$! Define The Linker Options File Name.
787$!
788$ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
789$!
790$! End VAXC Check
791$!
792$ ENDIF
793$!
794$! Check To See If We Are To Use GNU C.
795$!
796$ IF (P3.EQS."GNUC")
797$ THEN
798$!
799$! Looks Like GNUC, Set To Use GNUC.
800$!
801$ COMPILER = "GNUC"
802$!
803$! Tell The User We Are Using GNUC.
804$!
805$ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
806$!
807$! Use GNU C...
808$!
809$ IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
810$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
811 "/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[.SOURCE])" + CCEXTRAFLAGS
812$!
813$! Define The Linker Options File Name.
814$!
815$ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
816$!
817$! End The GNU C Check.
818$!
819$ ENDIF
820$!
821$! Set up default defines
822$!
823$ CCDEFS = """FLAT_INC=1""," + CCDEFS
824$ CCDEFS = CCDEFS + ",""RSAref=1"""
825$!
826$! Finish up the definition of CC.
827$!
828$ IF COMPILER .EQS. "DECC"
829$ THEN
830$ IF CCDISABLEWARNINGS .NES. ""
831$ THEN
832$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
833$ ENDIF
834$ ELSE
835$ CCDISABLEWARNINGS = ""
836$ ENDIF
837$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
838$!
839$! Show user the result
840$!
841$ WRITE SYS$OUTPUT "Main Compiling Command: ",CC
842$!
843$! Else The User Entered An Invalid Arguement.
844$!
845$ ELSE
846$!
847$! Tell The User We Don't Know What They Want.
848$!
849$ WRITE SYS$OUTPUT ""
850$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:"
851$ WRITE SYS$OUTPUT ""
852$ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C."
853$ WRITE SYS$OUTPUT " DECC : To Compile With DEC C."
854$ WRITE SYS$OUTPUT " GNUC : To Compile With GNU C."
855$ WRITE SYS$OUTPUT ""
856$!
857$! Time To EXIT.
858$!
859$ EXIT
860$!
861$! End The P3 Check.
862$!
863$ ENDIF
864$!
865$! Time To RETURN...
866$!
867$ RETURN
868$!
869$ INITIALISE:
870$!
871$! Save old value of the logical name OPENSSL
872$!
873$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
874$!
875$! Save directory information
876$!
877$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
878$ __TOP = __HERE - "RSAREF]"
879$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
880$!
881$! Set up the logical name OPENSSL to point at the include directory
882$!
883$ DEFINE OPENSSL/NOLOG '__INCLUDE'
884$!
885$! Done
886$!
887$ RETURN
888$!
889$ CLEANUP:
890$!
891$! Restore the logical name OPENSSL if it had a value
892$!
893$ IF __SAVE_OPENSSL .EQS. ""
894$ THEN
895$ DEASSIGN OPENSSL
896$ ELSE
897$ DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
898$ ENDIF
899$!
900$! Done
901$!
902$ RETURN
diff --git a/src/lib/libssl/src/rsaref/rsaref.c b/src/lib/libssl/src/rsaref/rsaref.c
new file mode 100644
index 0000000000..ae70feb3e9
--- /dev/null
+++ b/src/lib/libssl/src/rsaref/rsaref.c
@@ -0,0 +1,308 @@
1/* rsaref/rsaref.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RSA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/bn.h>
63#include <openssl/rsa.h>
64#include <openssl/rsaref.h>
65#include <openssl/rand.h>
66
67static int RSAref_bn2bin(BIGNUM * from, unsigned char* to, int max);
68#ifdef undef
69static BIGNUM* RSAref_bin2bn(unsigned char* from, BIGNUM * to, int max);
70#endif
71static int RSAref_Public_eay2ref(RSA * from, RSArefPublicKey * to);
72static int RSAref_Private_eay2ref(RSA * from, RSArefPrivateKey * to);
73int RSA_ref_private_decrypt(int len, unsigned char *from,
74 unsigned char *to, RSA *rsa, int padding);
75int RSA_ref_private_encrypt(int len, unsigned char *from,
76 unsigned char *to, RSA *rsa, int padding);
77int RSA_ref_public_encrypt(int len, unsigned char *from,
78 unsigned char *to, RSA *rsa, int padding);
79int RSA_ref_public_decrypt(int len, unsigned char *from,
80 unsigned char *to, RSA *rsa, int padding);
81static int BN_ref_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
82 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
83static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
84static RSA_METHOD rsa_pkcs1_ref_meth={
85 "RSAref PKCS#1 RSA",
86 RSA_ref_public_encrypt,
87 RSA_ref_public_decrypt,
88 RSA_ref_private_encrypt,
89 RSA_ref_private_decrypt,
90 RSA_ref_mod_exp,
91 BN_ref_mod_exp,
92 NULL,
93 NULL,
94 0,
95 NULL,
96 };
97
98RSA_METHOD *RSA_PKCS1_RSAref(void)
99 {
100 return(&rsa_pkcs1_ref_meth);
101 }
102
103static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
104 {
105 RSAREFerr(RSAREF_F_RSA_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
106 return(0);
107 }
108
109static int BN_ref_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
110 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
111 {
112 RSAREFerr(RSAREF_F_BN_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
113 return(0);
114 }
115
116/* unsigned char *to: [max] */
117static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
118 {
119 int i;
120
121 i=BN_num_bytes(from);
122 if (i > max)
123 {
124 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
125 return(0);
126 }
127
128 memset(to,0,(unsigned int)max);
129 if (!BN_bn2bin(from,&(to[max-i])))
130 return(0);
131 return(1);
132 }
133
134#ifdef undef
135/* unsigned char *from: [max] */
136static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
137 {
138 int i;
139 BIGNUM *ret;
140
141 for (i=0; i<max; i++)
142 if (from[i]) break;
143
144 ret=BN_bin2bn(&(from[i]),max-i,to);
145 return(ret);
146 }
147
148static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
149 {
150 to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
151 to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
152 if ((to->n == NULL) || (to->e == NULL)) return(0);
153 return(1);
154 }
155#endif
156
157static int RSAref_Public_eay2ref(RSA *from, RSArefPublicKey *to)
158 {
159 to->bits=BN_num_bits(from->n);
160 if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
161 if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
162 return(1);
163 }
164
165#ifdef undef
166static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
167 {
168 if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
169 return(0);
170 if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
171 return(0);
172 if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
173 return(0);
174 if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
175 return(0);
176 if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
177 return(0);
178 if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
179 == NULL)
180 return(0);
181 if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
182 == NULL)
183 return(0);
184 if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
185 return(0);
186 return(1);
187 }
188#endif
189
190static int RSAref_Private_eay2ref(RSA *from, RSArefPrivateKey *to)
191 {
192 to->bits=BN_num_bits(from->n);
193 if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
194 if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
195 if (!RSAref_bn2bin(from->d,to->d,RSAref_MAX_LEN)) return(0);
196 if (!RSAref_bn2bin(from->p,to->prime[0],RSAref_MAX_PLEN)) return(0);
197 if (!RSAref_bn2bin(from->q,to->prime[1],RSAref_MAX_PLEN)) return(0);
198 if (!RSAref_bn2bin(from->dmp1,to->pexp[0],RSAref_MAX_PLEN)) return(0);
199 if (!RSAref_bn2bin(from->dmq1,to->pexp[1],RSAref_MAX_PLEN)) return(0);
200 if (!RSAref_bn2bin(from->iqmp,to->coef,RSAref_MAX_PLEN)) return(0);
201 return(1);
202 }
203
204int RSA_ref_private_decrypt(int len, unsigned char *from, unsigned char *to,
205 RSA *rsa, int padding)
206 {
207 int i,outlen= -1;
208 RSArefPrivateKey RSAkey;
209
210 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
211 goto err;
212 if ((i=RSAPrivateDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
213 {
214 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,i);
215 outlen= -1;
216 }
217err:
218 memset(&RSAkey,0,sizeof(RSAkey));
219 return(outlen);
220 }
221
222int RSA_ref_private_encrypt(int len, unsigned char *from, unsigned char *to,
223 RSA *rsa, int padding)
224 {
225 int i,outlen= -1;
226 RSArefPrivateKey RSAkey;
227
228 if (padding != RSA_PKCS1_PADDING)
229 {
230 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
231 goto err;
232 }
233 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
234 goto err;
235 if ((i=RSAPrivateEncrypt(to,&outlen,from,len,&RSAkey)) != 0)
236 {
237 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,i);
238 outlen= -1;
239 }
240err:
241 memset(&RSAkey,0,sizeof(RSAkey));
242 return(outlen);
243 }
244
245int RSA_ref_public_decrypt(int len, unsigned char *from, unsigned char *to,
246 RSA *rsa, int padding)
247 {
248 int i,outlen= -1;
249 RSArefPublicKey RSAkey;
250
251 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
252 goto err;
253 if ((i=RSAPublicDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
254 {
255 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,i);
256 outlen= -1;
257 }
258err:
259 memset(&RSAkey,0,sizeof(RSAkey));
260 return(outlen);
261 }
262
263int RSA_ref_public_encrypt(int len, unsigned char *from, unsigned char *to,
264 RSA *rsa, int padding)
265 {
266 int outlen= -1;
267 int i;
268 RSArefPublicKey RSAkey;
269 RSARandomState rnd;
270 unsigned char buf[16];
271
272 if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING)
273 {
274 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
275 goto err;
276 }
277
278 R_RandomInit(&rnd);
279 R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
280 while (i > 0)
281 {
282 if (RAND_bytes(buf,16) <= 0)
283 goto err;
284 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
285 i-=16;
286 }
287
288 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
289 goto err;
290 if ((i=RSAPublicEncrypt(to,&outlen,from,len,&RSAkey,&rnd)) != 0)
291 {
292 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,i);
293 outlen= -1;
294 goto err;
295 }
296err:
297 memset(&RSAkey,0,sizeof(RSAkey));
298 R_RandomFinal(&rnd);
299 memset(&rnd,0,sizeof(rnd));
300 return(outlen);
301 }
302#else /* !NO_RSA */
303
304# if PEDANTIC
305static void *dummy=&dummy;
306# endif
307
308#endif
diff --git a/src/lib/libssl/src/rsaref/rsaref.h b/src/lib/libssl/src/rsaref/rsaref.h
new file mode 100644
index 0000000000..498449f40e
--- /dev/null
+++ b/src/lib/libssl/src/rsaref/rsaref.h
@@ -0,0 +1,180 @@
1/* rsaref/rsaref.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RSAREF_H
60#define HEADER_RSAREF_H
61
62#ifndef NO_RSA
63#include <openssl/rsa.h>
64
65#ifdef __cplusplus
66extern "C" {
67#endif
68
69/* RSAeuro */
70/*#define RSAref_MAX_BITS 2048*/
71
72/* RSAref */
73#define RSAref_MAX_BITS 1024
74
75#define RSAref_MIN_BITS 508
76#define RSAref_MAX_LEN ((RSAref_MAX_BITS+7)/8)
77#define RSAref_MAX_PBITS (RSAref_MAX_BITS+1)/2
78#define RSAref_MAX_PLEN ((RSAref_MAX_PBITS+7)/8)
79
80typedef struct RSArefPublicKey_st
81 {
82 unsigned int bits;
83 unsigned char m[RSAref_MAX_LEN];
84 unsigned char e[RSAref_MAX_LEN];
85 } RSArefPublicKey;
86
87typedef struct RSArefPrivateKey_st
88 {
89 unsigned int bits;
90 unsigned char m[RSAref_MAX_LEN];
91 unsigned char e[RSAref_MAX_LEN];
92 unsigned char d[RSAref_MAX_LEN];
93 unsigned char prime[2][RSAref_MAX_PLEN];/* p & q */
94 unsigned char pexp[2][RSAref_MAX_PLEN]; /* dmp1 & dmq1 */
95 unsigned char coef[RSAref_MAX_PLEN]; /* iqmp */
96 } RSArefPrivateKey;
97
98typedef struct RSARandomState_st
99 {
100 unsigned int needed;
101 unsigned char state[16];
102 unsigned int outputnum;
103 unsigned char output[16];
104 } RSARandomState;
105
106#define RE_CONTENT_ENCODING 0x0400
107#define RE_DATA 0x0401
108#define RE_DIGEST_ALGORITHM 0x0402
109#define RE_ENCODING 0x0403
110#define RE_KEY 0x0404
111#define RE_KEY_ENCODING 0x0405
112#define RE_LEN 0x0406
113#define RE_MODULUS_LEN 0x0407
114#define RE_NEED_RANDOM 0x0408
115#define RE_PRIVATE_KEY 0x0409
116#define RE_PUBLIC_KEY 0x040a
117#define RE_SIGNATURE 0x040b
118#define RE_SIGNATURE_ENCODING 0x040c
119#define RE_ENCRYPTION_ALGORITHM 0x040d
120
121int RSAPrivateDecrypt(unsigned char *to, int *outlen, unsigned char *from,
122 int len, RSArefPrivateKey *RSAkey);
123int RSAPrivateEncrypt(unsigned char *to, int *outlen, unsigned char *from,
124 int len, RSArefPrivateKey *RSAkey);
125int RSAPublicDecrypt(unsigned char *to, int *outlen, unsigned char *from,
126 int len, RSArefPublicKey *RSAkey);
127int RSAPublicEncrypt(unsigned char *to, int *outlen, unsigned char *from,
128 int len, RSArefPublicKey *RSAkey,RSARandomState *rnd);
129int R_RandomInit(RSARandomState *rnd);
130int R_GetRandomBytesNeeded(unsigned int *,RSARandomState *rnd);
131int R_RandomUpdate(RSARandomState *rnd, unsigned char *data, unsigned int n);
132int R_RandomFinal(RSARandomState *rnd);
133
134void ERR_load_RSAREF_strings(void );
135RSA_METHOD *RSA_PKCS1_RSAref(void );
136
137#ifdef __cplusplus
138}
139#endif
140#endif
141
142/* BEGIN ERROR CODES */
143/* The following lines are auto generated by the script mkerr.pl. Any changes
144 * made after this point may be overwritten when the script is next run.
145 */
146
147/* Error codes for the RSAREF functions. */
148
149/* Function codes. */
150#define RSAREF_F_BN_REF_MOD_EXP 100
151#define RSAREF_F_RSAREF_BN2BIN 101
152#define RSAREF_F_RSA_BN2BIN 102
153#define RSAREF_F_RSA_PRIVATE_DECRYPT 103
154#define RSAREF_F_RSA_PRIVATE_ENCRYPT 104
155#define RSAREF_F_RSA_PUBLIC_DECRYPT 105
156#define RSAREF_F_RSA_PUBLIC_ENCRYPT 106
157#define RSAREF_F_RSA_REF_BN2BIN 107
158#define RSAREF_F_RSA_REF_MOD_EXP 108
159#define RSAREF_F_RSA_REF_PRIVATE_DECRYPT 109
160#define RSAREF_F_RSA_REF_PRIVATE_ENCRYPT 110
161#define RSAREF_F_RSA_REF_PUBLIC_DECRYPT 111
162#define RSAREF_F_RSA_REF_PUBLIC_ENCRYPT 112
163
164/* Reason codes. */
165#define RSAREF_R_CONTENT_ENCODING 0x0400
166#define RSAREF_R_DATA 0x0401
167#define RSAREF_R_DIGEST_ALGORITHM 0x0402
168#define RSAREF_R_ENCODING 0x0403
169#define RSAREF_R_ENCRYPTION_ALGORITHM 0x040d
170#define RSAREF_R_KEY 0x0404
171#define RSAREF_R_KEY_ENCODING 0x0405
172#define RSAREF_R_LEN 0x0406
173#define RSAREF_R_MODULUS_LEN 0x0407
174#define RSAREF_R_NEED_RANDOM 0x0408
175#define RSAREF_R_PRIVATE_KEY 0x0409
176#define RSAREF_R_PUBLIC_KEY 0x040a
177#define RSAREF_R_SIGNATURE 0x040b
178#define RSAREF_R_SIGNATURE_ENCODING 0x040c
179
180#endif
diff --git a/src/lib/libssl/src/ssl/Makefile.ssl b/src/lib/libssl/src/ssl/Makefile.ssl
new file mode 100644
index 0000000000..74bf2c4931
--- /dev/null
+++ b/src/lib/libssl/src/ssl/Makefile.ssl
@@ -0,0 +1,736 @@
1#
2# SSLeay/ssl/Makefile
3#
4
5DIR= ssl
6TOP= ..
7CC= cc
8INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18# KRB5 stuff
19KRB5_INCLUDES=
20LIBKRB5=
21
22CFLAGS= $(INCLUDES) $(CFLAG)
23
24GENERAL=Makefile README ssl-lib.com install.com
25TEST=ssltest.c
26APPS=
27
28LIB=$(TOP)/libssl.a
29SHARED_LIB= libssl$(SHLIB_EXT)
30LIBSRC= \
31 s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \
32 s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \
33 s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
34 t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
35 ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
36 ssl_ciph.c ssl_stat.c ssl_rsa.c \
37 ssl_asn1.c ssl_txt.c ssl_algs.c \
38 bio_ssl.c ssl_err.c kssl.c
39LIBOBJ= \
40 s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
41 s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \
42 s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
43 t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \
44 ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
45 ssl_ciph.o ssl_stat.o ssl_rsa.o \
46 ssl_asn1.o ssl_txt.o ssl_algs.o \
47 bio_ssl.o ssl_err.o kssl.o
48
49SRC= $(LIBSRC)
50
51EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h
52HEADER= $(EXHEADER) ssl_locl.h kssl_lcl.h
53
54ALL= $(GENERAL) $(SRC) $(HEADER)
55
56top:
57 (cd ..; $(MAKE) DIRS=$(DIR) all)
58
59all: lib shared
60
61lib: $(LIBOBJ)
62 $(AR) $(LIB) $(LIBOBJ)
63 $(RANLIB) $(LIB) || echo Never mind.
64 @touch lib
65
66shared:
67 if [ -n "$(SHARED_LIBS)" ]; then \
68 (cd ..; make $(SHARED_LIB)); \
69 fi
70
71files:
72 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
73
74links:
75 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
76 @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
77 @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
78 @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
79
80install:
81 @for i in $(EXHEADER) ; \
82 do \
83 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
84 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
85 done;
86
87tags:
88 ctags $(SRC)
89
90tests:
91
92lint:
93 lint -DLINT $(INCLUDES) $(SRC)>fluff
94
95depend:
96 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
97
98dclean:
99 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
100 mv -f Makefile.new $(MAKEFILE)
101
102clean:
103 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
104
105# DO NOT DELETE THIS LINE -- make depend depends on it.
106
107bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
108bio_ssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
109bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h
110bio_ssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
111bio_ssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
112bio_ssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h
113bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
114bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
115bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
116bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
117bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
118bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
119bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
120bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
121bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
122bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h
123bio_ssl.o: ../include/openssl/x509_vfy.h bio_ssl.c
124kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
125kssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
126kssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h
127kssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
128kssl.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
129kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
130kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
131kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
132kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
133kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
134kssl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
135kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
136kssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
137kssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
138kssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
139kssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h
140kssl.o: ../include/openssl/x509_vfy.h kssl.c
141s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
142s23_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
143s23_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
144s23_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
145s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
146s23_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
147s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
148s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
149s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
150s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
151s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
152s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
153s23_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
154s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
155s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
156s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
157s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_clnt.c
158s23_clnt.o: ssl_locl.h
159s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
160s23_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
161s23_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
162s23_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
163s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
164s23_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h
165s23_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
166s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
167s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
168s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
169s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
170s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
171s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
172s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
173s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
174s23_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
175s23_lib.o: ../include/openssl/x509_vfy.h s23_lib.c ssl_locl.h
176s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
177s23_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
178s23_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
179s23_meth.o: ../include/openssl/dh.h ../include/openssl/dsa.h
180s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
181s23_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h
182s23_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
183s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
184s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
185s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
186s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
187s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
188s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
189s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
190s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
191s23_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
192s23_meth.o: ../include/openssl/x509_vfy.h s23_meth.c ssl_locl.h
193s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
194s23_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
195s23_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
196s23_pkt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
197s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
198s23_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
199s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
200s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
201s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
202s23_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
203s23_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
204s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
205s23_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
206s23_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
207s23_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
208s23_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
209s23_pkt.o: ../include/openssl/x509_vfy.h s23_pkt.c ssl_locl.h
210s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
211s23_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
212s23_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
213s23_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
214s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
215s23_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h
216s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
217s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
218s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
219s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
220s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
221s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
222s23_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
223s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
224s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
225s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
226s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_srvr.c
227s23_srvr.o: ssl_locl.h
228s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
229s2_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
230s2_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
231s2_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
232s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
233s2_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
234s2_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
235s2_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
236s2_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
237s2_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
238s2_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
239s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
240s2_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
241s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
242s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
243s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
244s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
245s2_clnt.o: ssl_locl.h
246s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
247s2_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
248s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
249s2_enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
250s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
251s2_enc.o: ../include/openssl/evp.h ../include/openssl/kssl.h
252s2_enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
253s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
254s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
255s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
256s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
257s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
258s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
259s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
260s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
261s2_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
262s2_enc.o: ../include/openssl/x509_vfy.h s2_enc.c ssl_locl.h
263s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
264s2_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
265s2_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
266s2_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
267s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
268s2_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h
269s2_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
270s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
271s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
272s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
273s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
274s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
275s2_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
276s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
277s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
278s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
279s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
280s2_lib.o: ssl_locl.h
281s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
282s2_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
283s2_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
284s2_meth.o: ../include/openssl/dh.h ../include/openssl/dsa.h
285s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
286s2_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h
287s2_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
288s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
289s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
290s2_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
291s2_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
292s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
293s2_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
294s2_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
295s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
296s2_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
297s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h
298s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
299s2_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
300s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
301s2_pkt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
302s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
303s2_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
304s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
305s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
306s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
307s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
308s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
309s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
310s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
311s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
312s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
313s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
314s2_pkt.o: ../include/openssl/x509_vfy.h s2_pkt.c ssl_locl.h
315s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
316s2_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
317s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
318s2_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
319s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
320s2_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h
321s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
322s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
323s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
324s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
325s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
326s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
327s2_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
328s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
329s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
330s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
331s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
332s2_srvr.o: ssl_locl.h
333s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
334s3_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h
335s3_both.o: ../include/openssl/comp.h ../include/openssl/crypto.h
336s3_both.o: ../include/openssl/dh.h ../include/openssl/dsa.h
337s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
338s3_both.o: ../include/openssl/evp.h ../include/openssl/kssl.h
339s3_both.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
340s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
341s3_both.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
342s3_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h
343s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
344s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
345s3_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h
346s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
347s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
348s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
349s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_both.c
350s3_both.o: ssl_locl.h
351s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
352s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
353s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
354s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
355s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
356s3_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
357s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h
358s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
359s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
360s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
361s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
362s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
363s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
364s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
365s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
366s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
367s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
368s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h
369s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
370s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
371s3_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
372s3_enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
373s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
374s3_enc.o: ../include/openssl/evp.h ../include/openssl/kssl.h
375s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
376s3_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
377s3_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
378s3_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
379s3_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
380s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
381s3_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
382s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
383s3_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
384s3_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
385s3_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_enc.c
386s3_enc.o: ssl_locl.h
387s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
388s3_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
389s3_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
390s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
391s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
392s3_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h
393s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
394s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
395s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
396s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
397s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
398s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
399s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
400s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
401s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
402s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
403s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
404s3_lib.o: s3_lib.c ssl_locl.h
405s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
406s3_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
407s3_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
408s3_meth.o: ../include/openssl/dh.h ../include/openssl/dsa.h
409s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
410s3_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h
411s3_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
412s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
413s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
414s3_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
415s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
416s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
417s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
418s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
419s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
420s3_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
421s3_meth.o: ../include/openssl/x509_vfy.h s3_meth.c ssl_locl.h
422s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
423s3_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
424s3_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
425s3_pkt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
426s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
427s3_pkt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
428s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
429s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
430s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
431s3_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
432s3_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
433s3_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
434s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
435s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
436s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
437s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
438s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
439s3_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
440s3_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
441s3_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
442s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
443s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
444s3_srvr.o: ../include/openssl/evp.h ../include/openssl/krb5_asn.h
445s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
446s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
447s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
448s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
449s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
450s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
451s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
452s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
453s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
454s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
455s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
456s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
457s3_srvr.o: s3_srvr.c ssl_locl.h
458ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
459ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h
460ssl_algs.o: ../include/openssl/comp.h ../include/openssl/crypto.h
461ssl_algs.o: ../include/openssl/dh.h ../include/openssl/dsa.h
462ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
463ssl_algs.o: ../include/openssl/evp.h ../include/openssl/kssl.h
464ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
465ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
466ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
467ssl_algs.o: ../include/openssl/pem.h ../include/openssl/pem2.h
468ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
469ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
470ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
471ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
472ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
473ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/x509.h
474ssl_algs.o: ../include/openssl/x509_vfy.h ssl_algs.c ssl_locl.h
475ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
476ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/bn.h
477ssl_asn1.o: ../include/openssl/buffer.h ../include/openssl/comp.h
478ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dh.h
479ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
480ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
481ssl_asn1.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
482ssl_asn1.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
483ssl_asn1.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
484ssl_asn1.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
485ssl_asn1.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
486ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
487ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/ssl.h
488ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
489ssl_asn1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
490ssl_asn1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
491ssl_asn1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_asn1.c
492ssl_asn1.o: ssl_locl.h
493ssl_cert.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
494ssl_cert.o: ../include/openssl/bn.h ../include/openssl/buffer.h
495ssl_cert.o: ../include/openssl/comp.h ../include/openssl/conf.h
496ssl_cert.o: ../include/openssl/crypto.h ../include/openssl/dh.h
497ssl_cert.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
498ssl_cert.o: ../include/openssl/err.h ../include/openssl/evp.h
499ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
500ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
501ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
502ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
503ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
504ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
505ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h
506ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
507ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
508ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
509ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
510ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
511ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
512ssl_ciph.o: ../include/openssl/bn.h ../include/openssl/buffer.h
513ssl_ciph.o: ../include/openssl/comp.h ../include/openssl/crypto.h
514ssl_ciph.o: ../include/openssl/dh.h ../include/openssl/dsa.h
515ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h
516ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/kssl.h
517ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
518ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
519ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
520ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
521ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
522ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h
523ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
524ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
525ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
526ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h
527ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
528ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
529ssl_err.o: ../include/openssl/bn.h ../include/openssl/buffer.h
530ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h
531ssl_err.o: ../include/openssl/dh.h ../include/openssl/dsa.h
532ssl_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
533ssl_err.o: ../include/openssl/evp.h ../include/openssl/kssl.h
534ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
535ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
536ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
537ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
538ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
539ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
540ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
541ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
542ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
543ssl_err.o: ../include/openssl/tls1.h ../include/openssl/x509.h
544ssl_err.o: ../include/openssl/x509_vfy.h ssl_err.c
545ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
546ssl_err2.o: ../include/openssl/bn.h ../include/openssl/buffer.h
547ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h
548ssl_err2.o: ../include/openssl/dh.h ../include/openssl/dsa.h
549ssl_err2.o: ../include/openssl/e_os2.h ../include/openssl/err.h
550ssl_err2.o: ../include/openssl/evp.h ../include/openssl/kssl.h
551ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
552ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
553ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
554ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
555ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
556ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
557ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
558ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
559ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
560ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/x509.h
561ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c
562ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
563ssl_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
564ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h
565ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
566ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
567ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
568ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
569ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
570ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
571ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
572ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
573ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
574ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
575ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
576ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
577ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
578ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
579ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
580ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
581ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
582ssl_rsa.o: ../include/openssl/comp.h ../include/openssl/crypto.h
583ssl_rsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
584ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
585ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/kssl.h
586ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
587ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
588ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
589ssl_rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
590ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
591ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
592ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
593ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
594ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
595ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/x509.h
596ssl_rsa.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_rsa.c
597ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
598ssl_sess.o: ../include/openssl/bn.h ../include/openssl/buffer.h
599ssl_sess.o: ../include/openssl/comp.h ../include/openssl/crypto.h
600ssl_sess.o: ../include/openssl/dh.h ../include/openssl/dsa.h
601ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h
602ssl_sess.o: ../include/openssl/evp.h ../include/openssl/kssl.h
603ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
604ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
605ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
606ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h
607ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
608ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
609ssl_sess.o: ../include/openssl/sha.h ../include/openssl/ssl.h
610ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
611ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
612ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
613ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
614ssl_sess.o: ssl_sess.c
615ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
616ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h
617ssl_stat.o: ../include/openssl/comp.h ../include/openssl/crypto.h
618ssl_stat.o: ../include/openssl/dh.h ../include/openssl/dsa.h
619ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h
620ssl_stat.o: ../include/openssl/evp.h ../include/openssl/kssl.h
621ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
622ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
623ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
624ssl_stat.o: ../include/openssl/pem.h ../include/openssl/pem2.h
625ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
626ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
627ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
628ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
629ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
630ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/x509.h
631ssl_stat.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.c
632ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
633ssl_txt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
634ssl_txt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
635ssl_txt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
636ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
637ssl_txt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
638ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
639ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
640ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
641ssl_txt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
642ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
643ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
644ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
645ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
646ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
647ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
648ssl_txt.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.c
649t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
650t1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
651t1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
652t1_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
653t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
654t1_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h
655t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
656t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
657t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
658t1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
659t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
660t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
661t1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
662t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
663t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
664t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
665t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
666t1_clnt.o: t1_clnt.c
667t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
668t1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
669t1_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
670t1_enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
671t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
672t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
673t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
674t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
675t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
676t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
677t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
678t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
679t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
680t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
681t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
682t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
683t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
684t1_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_enc.c
685t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
686t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
687t1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
688t1_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
689t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
690t1_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h
691t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
692t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
693t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
694t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
695t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
696t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
697t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
698t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
699t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
700t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
701t1_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_lib.c
702t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
703t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
704t1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
705t1_meth.o: ../include/openssl/dh.h ../include/openssl/dsa.h
706t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
707t1_meth.o: ../include/openssl/evp.h ../include/openssl/kssl.h
708t1_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
709t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
710t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
711t1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
712t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
713t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
714t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
715t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
716t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
717t1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
718t1_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.c
719t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
720t1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
721t1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
722t1_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
723t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
724t1_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h
725t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
726t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
727t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
728t1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
729t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
730t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
731t1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
732t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
733t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
734t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
735t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
736t1_srvr.o: t1_srvr.c
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
index 4cb1184161..42ad313183 100644
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -116,6 +116,7 @@
116#include <openssl/buffer.h> 116#include <openssl/buffer.h>
117#include <openssl/objects.h> 117#include <openssl/objects.h>
118#include <openssl/evp.h> 118#include <openssl/evp.h>
119#include "ssl_locl.h"
119 120
120static SSL_METHOD *ssl2_get_client_method(int ver); 121static SSL_METHOD *ssl2_get_client_method(int ver);
121static int get_server_finished(SSL *s); 122static int get_server_finished(SSL *s);
@@ -535,6 +536,7 @@ static int get_server_hello(SSL *s)
535 } 536 }
536 537
537 s->s2->conn_id_length=s->s2->tmp.conn_id_length; 538 s->s2->conn_id_length=s->s2->tmp.conn_id_length;
539 die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
538 memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); 540 memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
539 return(1); 541 return(1);
540 } 542 }
@@ -636,6 +638,7 @@ static int client_master_key(SSL *s)
636 /* make key_arg data */ 638 /* make key_arg data */
637 i=EVP_CIPHER_iv_length(c); 639 i=EVP_CIPHER_iv_length(c);
638 sess->key_arg_length=i; 640 sess->key_arg_length=i;
641 die(i <= SSL_MAX_KEY_ARG_LENGTH);
639 if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); 642 if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
640 643
641 /* make a master key */ 644 /* make a master key */
@@ -643,6 +646,7 @@ static int client_master_key(SSL *s)
643 sess->master_key_length=i; 646 sess->master_key_length=i;
644 if (i > 0) 647 if (i > 0)
645 { 648 {
649 die(i <= sizeof sess->master_key);
646 if (RAND_bytes(sess->master_key,i) <= 0) 650 if (RAND_bytes(sess->master_key,i) <= 0)
647 { 651 {
648 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 652 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
@@ -686,6 +690,7 @@ static int client_master_key(SSL *s)
686 d+=enc; 690 d+=enc;
687 karg=sess->key_arg_length; 691 karg=sess->key_arg_length;
688 s2n(karg,p); /* key arg size */ 692 s2n(karg,p); /* key arg size */
693 die(karg <= sizeof sess->key_arg);
689 memcpy(d,sess->key_arg,(unsigned int)karg); 694 memcpy(d,sess->key_arg,(unsigned int)karg);
690 d+=karg; 695 d+=karg;
691 696
@@ -706,6 +711,7 @@ static int client_finished(SSL *s)
706 { 711 {
707 p=(unsigned char *)s->init_buf->data; 712 p=(unsigned char *)s->init_buf->data;
708 *(p++)=SSL2_MT_CLIENT_FINISHED; 713 *(p++)=SSL2_MT_CLIENT_FINISHED;
714 die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
709 memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); 715 memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
710 716
711 s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; 717 s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
@@ -978,6 +984,8 @@ static int get_server_finished(SSL *s)
978 { 984 {
979 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) 985 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
980 { 986 {
987 die(s->session->session_id_length
988 <= sizeof s->session->session_id);
981 if (memcmp(buf,s->session->session_id, 989 if (memcmp(buf,s->session->session_id,
982 (unsigned int)s->session->session_id_length) != 0) 990 (unsigned int)s->session->session_id_length) != 0)
983 { 991 {
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
index bce2b4e83f..83d5730ff3 100644
--- a/src/lib/libssl/src/ssl/s2_lib.c
+++ b/src/lib/libssl/src/ssl/s2_lib.c
@@ -63,6 +63,7 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/evp.h> 64#include <openssl/evp.h>
65#include <openssl/md5.h> 65#include <openssl/md5.h>
66#include "ssl_locl.h"
66 67
67static long ssl2_default_timeout(void ); 68static long ssl2_default_timeout(void );
68const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; 69const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
@@ -137,6 +138,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
137 SSL_ALL_STRENGTHS, 138 SSL_ALL_STRENGTHS,
138 }, 139 },
139/* IDEA_128_CBC_WITH_MD5 */ 140/* IDEA_128_CBC_WITH_MD5 */
141#ifndef OPENSSL_NO_IDEA
140 { 142 {
141 1, 143 1,
142 SSL2_TXT_IDEA_128_CBC_WITH_MD5, 144 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
@@ -149,6 +151,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
149 SSL_ALL_CIPHERS, 151 SSL_ALL_CIPHERS,
150 SSL_ALL_STRENGTHS, 152 SSL_ALL_STRENGTHS,
151 }, 153 },
154#endif
152/* DES_64_CBC_WITH_MD5 */ 155/* DES_64_CBC_WITH_MD5 */
153 { 156 {
154 1, 157 1,
@@ -426,10 +429,14 @@ void ssl2_generate_key_material(SSL *s)
426#endif 429#endif
427 EVP_MD_CTX_init(&ctx); 430 EVP_MD_CTX_init(&ctx);
428 km=s->s2->key_material; 431 km=s->s2->key_material;
432 die(s->s2->key_material_length <= sizeof s->s2->key_material);
429 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) 433 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
430 { 434 {
431 EVP_DigestInit_ex(&ctx,EVP_md5(), NULL); 435 EVP_DigestInit_ex(&ctx,EVP_md5(), NULL);
432 436
437 die(s->session->master_key_length >= 0
438 && s->session->master_key_length
439 < sizeof s->session->master_key);
433 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); 440 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
434 EVP_DigestUpdate(&ctx,&c,1); 441 EVP_DigestUpdate(&ctx,&c,1);
435 c++; 442 c++;
@@ -465,6 +472,7 @@ void ssl2_write_error(SSL *s)
465/* state=s->rwstate;*/ 472/* state=s->rwstate;*/
466 error=s->error; 473 error=s->error;
467 s->error=0; 474 s->error=0;
475 die(error >= 0 && error <= 3);
468 i=ssl2_write(s,&(buf[3-error]),error); 476 i=ssl2_write(s,&(buf[3-error]),error);
469/* if (i == error) s->rwstate=state; */ 477/* if (i == error) s->rwstate=state; */
470 478
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
index 56da65195e..a83605a1b7 100644
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -116,6 +116,7 @@
116#include <openssl/rand.h> 116#include <openssl/rand.h>
117#include <openssl/objects.h> 117#include <openssl/objects.h>
118#include <openssl/evp.h> 118#include <openssl/evp.h>
119#include "ssl_locl.h"
119 120
120static SSL_METHOD *ssl2_get_server_method(int ver); 121static SSL_METHOD *ssl2_get_server_method(int ver);
121static int get_client_master_key(SSL *s); 122static int get_client_master_key(SSL *s);
@@ -417,11 +418,18 @@ static int get_client_master_key(SSL *s)
417 n2s(p,i); s->s2->tmp.clear=i; 418 n2s(p,i); s->s2->tmp.clear=i;
418 n2s(p,i); s->s2->tmp.enc=i; 419 n2s(p,i); s->s2->tmp.enc=i;
419 n2s(p,i); s->session->key_arg_length=i; 420 n2s(p,i); s->session->key_arg_length=i;
421 if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)
422 {
423 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
424 SSL_R_KEY_ARG_TOO_LONG);
425 return -1;
426 }
420 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; 427 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
421 } 428 }
422 429
423 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ 430 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
424 p=(unsigned char *)s->init_buf->data; 431 p=(unsigned char *)s->init_buf->data;
432 die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER);
425 keya=s->session->key_arg_length; 433 keya=s->session->key_arg_length;
426 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; 434 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
427 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 435 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
@@ -504,6 +512,7 @@ static int get_client_master_key(SSL *s)
504#endif 512#endif
505 513
506 if (is_export) i+=s->s2->tmp.clear; 514 if (is_export) i+=s->s2->tmp.clear;
515 die(i <= SSL_MAX_MASTER_KEY_LENGTH);
507 s->session->master_key_length=i; 516 s->session->master_key_length=i;
508 memcpy(s->session->master_key,p,(unsigned int)i); 517 memcpy(s->session->master_key,p,(unsigned int)i);
509 return(1); 518 return(1);
@@ -670,6 +679,7 @@ static int get_client_hello(SSL *s)
670 p+=s->s2->tmp.session_id_length; 679 p+=s->s2->tmp.session_id_length;
671 680
672 /* challenge */ 681 /* challenge */
682 die(s->s2->challenge_length <= sizeof s->s2->challenge);
673 memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); 683 memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
674 return(1); 684 return(1);
675mem_err: 685mem_err:
@@ -826,6 +836,7 @@ static int get_client_finished(SSL *s)
826 } 836 }
827 837
828 /* SSL2_ST_GET_CLIENT_FINISHED_B */ 838 /* SSL2_ST_GET_CLIENT_FINISHED_B */
839 die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
829 len = 1 + (unsigned long)s->s2->conn_id_length; 840 len = 1 + (unsigned long)s->s2->conn_id_length;
830 n = (int)len - s->init_num; 841 n = (int)len - s->init_num;
831 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 842 i = ssl2_read(s,(char *)&(p[s->init_num]),n);
@@ -853,6 +864,7 @@ static int server_verify(SSL *s)
853 { 864 {
854 p=(unsigned char *)s->init_buf->data; 865 p=(unsigned char *)s->init_buf->data;
855 *(p++)=SSL2_MT_SERVER_VERIFY; 866 *(p++)=SSL2_MT_SERVER_VERIFY;
867 die(s->s2->challenge_length <= sizeof s->s2->challenge);
856 memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); 868 memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
857 /* p+=s->s2->challenge_length; */ 869 /* p+=s->s2->challenge_length; */
858 870
@@ -872,6 +884,8 @@ static int server_finish(SSL *s)
872 p=(unsigned char *)s->init_buf->data; 884 p=(unsigned char *)s->init_buf->data;
873 *(p++)=SSL2_MT_SERVER_FINISHED; 885 *(p++)=SSL2_MT_SERVER_FINISHED;
874 886
887 die(s->session->session_id_length
888 <= sizeof s->session->session_id);
875 memcpy(p,s->session->session_id, 889 memcpy(p,s->session->session_id,
876 (unsigned int)s->session->session_id_length); 890 (unsigned int)s->session->session_id_length);
877 /* p+=s->session->session_id_length; */ 891 /* p+=s->session->session_id_length; */
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index e5853ede95..5d3efac2cd 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -545,6 +545,7 @@ static int ssl3_client_hello(SSL *s)
545 *(p++)=i; 545 *(p++)=i;
546 if (i != 0) 546 if (i != 0)
547 { 547 {
548 die(i <= sizeof s->session->session_id);
548 memcpy(p,s->session->session_id,i); 549 memcpy(p,s->session->session_id,i);
549 p+=i; 550 p+=i;
550 } 551 }
@@ -626,6 +627,14 @@ static int ssl3_get_server_hello(SSL *s)
626 /* get the session-id */ 627 /* get the session-id */
627 j= *(p++); 628 j= *(p++);
628 629
630 if(j > sizeof s->session->session_id)
631 {
632 al=SSL_AD_ILLEGAL_PARAMETER;
633 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
634 SSL_R_SSL3_SESSION_ID_TOO_LONG);
635 goto f_err;
636 }
637
629 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) 638 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
630 { 639 {
631 /* SSLref returns 16 :-( */ 640 /* SSLref returns 16 :-( */
@@ -1588,6 +1597,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
1588 SSL_MAX_MASTER_KEY_LENGTH); 1597 SSL_MAX_MASTER_KEY_LENGTH);
1589 EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); 1598 EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
1590 outl += padl; 1599 outl += padl;
1600 die(outl <= sizeof epms);
1591 EVP_CIPHER_CTX_cleanup(&ciph_ctx); 1601 EVP_CIPHER_CTX_cleanup(&ciph_ctx);
1592 1602
1593 /* KerberosWrapper.EncryptedPreMasterSecret */ 1603 /* KerberosWrapper.EncryptedPreMasterSecret */
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 686992406c..838071b16b 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -271,6 +271,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
271 SSL_ALL_STRENGTHS, 271 SSL_ALL_STRENGTHS,
272 }, 272 },
273/* Cipher 07 */ 273/* Cipher 07 */
274#ifndef OPENSSL_NO_IDEA
274 { 275 {
275 1, 276 1,
276 SSL3_TXT_RSA_IDEA_128_SHA, 277 SSL3_TXT_RSA_IDEA_128_SHA,
@@ -283,6 +284,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
283 SSL_ALL_CIPHERS, 284 SSL_ALL_CIPHERS,
284 SSL_ALL_STRENGTHS, 285 SSL_ALL_STRENGTHS,
285 }, 286 },
287#endif
286/* Cipher 08 */ 288/* Cipher 08 */
287 { 289 {
288 1, 290 1,
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 99b6a86983..dfffed7165 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -114,14 +114,16 @@
114 114
115 115
116#include <stdio.h> 116#include <stdio.h>
117#include "ssl_locl.h"
118#include "kssl_lcl.h"
117#include <openssl/buffer.h> 119#include <openssl/buffer.h>
118#include <openssl/rand.h> 120#include <openssl/rand.h>
119#include <openssl/objects.h> 121#include <openssl/objects.h>
120#include <openssl/evp.h> 122#include <openssl/evp.h>
121#include <openssl/x509.h> 123#include <openssl/x509.h>
124#ifndef OPENSSL_NO_KRB5
122#include <openssl/krb5_asn.h> 125#include <openssl/krb5_asn.h>
123#include "ssl_locl.h" 126#endif
124#include "kssl_lcl.h"
125#include <openssl/md5.h> 127#include <openssl/md5.h>
126 128
127static SSL_METHOD *ssl3_get_server_method(int ver); 129static SSL_METHOD *ssl3_get_server_method(int ver);
@@ -964,6 +966,7 @@ static int ssl3_send_server_hello(SSL *s)
964 s->session->session_id_length=0; 966 s->session->session_id_length=0;
965 967
966 sl=s->session->session_id_length; 968 sl=s->session->session_id_length;
969 die(sl <= sizeof s->session->session_id);
967 *(p++)=sl; 970 *(p++)=sl;
968 memcpy(p,s->session->session_id,sl); 971 memcpy(p,s->session->session_id,sl);
969 p+=sl; 972 p+=sl;
@@ -1559,8 +1562,8 @@ static int ssl3_get_client_key_exchange(SSL *s)
1559 EVP_CIPHER *enc = NULL; 1562 EVP_CIPHER *enc = NULL;
1560 unsigned char iv[EVP_MAX_IV_LENGTH]; 1563 unsigned char iv[EVP_MAX_IV_LENGTH];
1561 unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH 1564 unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH
1562 + EVP_MAX_IV_LENGTH + 1]; 1565 + EVP_MAX_BLOCK_LENGTH];
1563 int padl, outl = sizeof(pms); 1566 int padl, outl;
1564 krb5_timestamp authtime = 0; 1567 krb5_timestamp authtime = 0;
1565 krb5_ticket_times ttimes; 1568 krb5_ticket_times ttimes;
1566 1569
@@ -1583,6 +1586,16 @@ static int ssl3_get_client_key_exchange(SSL *s)
1583 enc_pms.data = (char *)p; 1586 enc_pms.data = (char *)p;
1584 p+=enc_pms.length; 1587 p+=enc_pms.length;
1585 1588
1589 /* Note that the length is checked again below,
1590 ** after decryption
1591 */
1592 if(enc_pms.length > sizeof pms)
1593 {
1594 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1595 SSL_R_DATA_LENGTH_TOO_LONG);
1596 goto err;
1597 }
1598
1586 if (n != enc_ticket.length + authenticator.length + 1599 if (n != enc_ticket.length + authenticator.length +
1587 enc_pms.length + 6) 1600 enc_pms.length + 6)
1588 { 1601 {
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 833f761690..ce6354b2ff 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -1637,6 +1637,7 @@ void ERR_load_SSL_strings(void);
1637#define SSL_R_INVALID_COMMAND 280 1637#define SSL_R_INVALID_COMMAND 280
1638#define SSL_R_INVALID_PURPOSE 278 1638#define SSL_R_INVALID_PURPOSE 278
1639#define SSL_R_INVALID_TRUST 279 1639#define SSL_R_INVALID_TRUST 279
1640#define SSL_R_KEY_ARG_TOO_LONG 1112
1640#define SSL_R_KRB5 1104 1641#define SSL_R_KRB5 1104
1641#define SSL_R_KRB5_C_CC_PRINC 1094 1642#define SSL_R_KRB5_C_CC_PRINC 1094
1642#define SSL_R_KRB5_C_GET_CRED 1095 1643#define SSL_R_KRB5_C_GET_CRED 1095
@@ -1716,6 +1717,7 @@ void ERR_load_SSL_strings(void);
1716#define SSL_R_SHORT_READ 219 1717#define SSL_R_SHORT_READ 219
1717#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 1718#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
1718#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 1719#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
1720#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113
1719#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 1721#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
1720#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 1722#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
1721#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 1723#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c
index c5eeeb6bc5..39ffa46cee 100644
--- a/src/lib/libssl/src/ssl/ssl_asn1.c
+++ b/src/lib/libssl/src/ssl/ssl_asn1.c
@@ -296,6 +296,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
296 os.length=i; 296 os.length=i;
297 297
298 ret->session_id_length=os.length; 298 ret->session_id_length=os.length;
299 die(os.length <= sizeof ret->session_id);
299 memcpy(ret->session_id,os.data,os.length); 300 memcpy(ret->session_id,os.data,os.length);
300 301
301 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); 302 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c
index cdd8dde128..57bbde5f27 100644
--- a/src/lib/libssl/src/ssl/ssl_ciph.c
+++ b/src/lib/libssl/src/ssl/ssl_ciph.c
@@ -124,7 +124,9 @@ static const SSL_CIPHER cipher_aliases[]={
124 {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0}, 124 {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
125 {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0}, 125 {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
126 {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0}, 126 {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
127#ifndef OPENSSL_NO_IDEA
127 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, 128 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
129#endif
128 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, 130 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
129 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, 131 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
130 {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0}, 132 {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
@@ -165,8 +167,12 @@ static void load_ciphers(void)
165 EVP_get_cipherbyname(SN_rc4); 167 EVP_get_cipherbyname(SN_rc4);
166 ssl_cipher_methods[SSL_ENC_RC2_IDX]= 168 ssl_cipher_methods[SSL_ENC_RC2_IDX]=
167 EVP_get_cipherbyname(SN_rc2_cbc); 169 EVP_get_cipherbyname(SN_rc2_cbc);
170#ifndef OPENSSL_NO_IDEA
168 ssl_cipher_methods[SSL_ENC_IDEA_IDX]= 171 ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
169 EVP_get_cipherbyname(SN_idea_cbc); 172 EVP_get_cipherbyname(SN_idea_cbc);
173#else
174 ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL;
175#endif
170 ssl_cipher_methods[SSL_ENC_AES128_IDX]= 176 ssl_cipher_methods[SSL_ENC_AES128_IDX]=
171 EVP_get_cipherbyname(SN_aes_128_cbc); 177 EVP_get_cipherbyname(SN_aes_128_cbc);
172 ssl_cipher_methods[SSL_ENC_AES256_IDX]= 178 ssl_cipher_methods[SSL_ENC_AES256_IDX]=
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c
index c32c4ef6e9..0cad32c855 100644
--- a/src/lib/libssl/src/ssl/ssl_err.c
+++ b/src/lib/libssl/src/ssl/ssl_err.c
@@ -1,6 +1,6 @@
1/* ssl/ssl_err.c */ 1/* ssl/ssl_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -275,6 +275,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
275{SSL_R_INVALID_COMMAND ,"invalid command"}, 275{SSL_R_INVALID_COMMAND ,"invalid command"},
276{SSL_R_INVALID_PURPOSE ,"invalid purpose"}, 276{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
277{SSL_R_INVALID_TRUST ,"invalid trust"}, 277{SSL_R_INVALID_TRUST ,"invalid trust"},
278{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"},
278{SSL_R_KRB5 ,"krb5"}, 279{SSL_R_KRB5 ,"krb5"},
279{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"}, 280{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"},
280{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"}, 281{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"},
@@ -354,6 +355,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
354{SSL_R_SHORT_READ ,"short read"}, 355{SSL_R_SHORT_READ ,"short read"},
355{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, 356{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
356{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, 357{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
358{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"},
357{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, 359{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
358{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, 360{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
359{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, 361{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index df307a80c5..e516382b6c 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -2289,3 +2289,10 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
2289 2289
2290IMPLEMENT_STACK_OF(SSL_CIPHER) 2290IMPLEMENT_STACK_OF(SSL_CIPHER)
2291IMPLEMENT_STACK_OF(SSL_COMP) 2291IMPLEMENT_STACK_OF(SSL_COMP)
2292
2293void OpenSSLDie(const char *file,int line,const char *assertion)
2294 {
2295 fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",
2296 file,line,assertion);
2297 abort();
2298 }
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 17e9bef832..0029edc3a6 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -116,7 +116,7 @@
116#include <string.h> 116#include <string.h>
117#include <errno.h> 117#include <errno.h>
118 118
119#include "e_os.h" 119#include <e_os.h>
120 120
121#include <openssl/buffer.h> 121#include <openssl/buffer.h>
122#include <openssl/comp.h> 122#include <openssl/comp.h>
@@ -615,5 +615,8 @@ int ssl_ok(SSL *s);
615SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); 615SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
616STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); 616STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
617 617
618/* die if we have to */
619void OpenSSLDie(const char *file,int line,const char *assertion);
620#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
618 621
619#endif 622#endif
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c
index 6424f775e2..a0c3100b29 100644
--- a/src/lib/libssl/src/ssl/ssl_sess.c
+++ b/src/lib/libssl/src/ssl/ssl_sess.c
@@ -250,6 +250,7 @@ int ssl_get_new_session(SSL *s, int session)
250 ss->session_id_length=0; 250 ss->session_id_length=0;
251 } 251 }
252 252
253 die(s->sid_ctx_length <= sizeof ss->sid_ctx);
253 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); 254 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
254 ss->sid_ctx_length=s->sid_ctx_length; 255 ss->sid_ctx_length=s->sid_ctx_length;
255 s->session=ss; 256 s->session=ss;
diff --git a/src/lib/libssl/src/test/Makefile.ssl b/src/lib/libssl/src/test/Makefile.ssl
new file mode 100644
index 0000000000..952ab16371
--- /dev/null
+++ b/src/lib/libssl/src/test/Makefile.ssl
@@ -0,0 +1,540 @@
1#
2# test/Makefile.ssl
3#
4
5DIR= test
6TOP= ..
7CC= cc
8INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES)
9CFLAG= -g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP= /usr/local/ssl
13MAKEFILE= Makefile.ssl
14MAKE= make -f $(MAKEFILE)
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17
18PEX_LIBS=
19EX_LIBS= #-lnsl -lsocket
20
21CFLAGS= $(INCLUDES) $(CFLAG)
22
23GENERAL=Makefile.ssl maketests.com \
24 tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
25 tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
26 testca.com VMSca-response.1 VMSca-response.2
27
28DLIBCRYPTO= ../libcrypto.a
29DLIBSSL= ../libssl.a
30LIBCRYPTO= -L.. -lcrypto
31LIBSSL= -L.. -lssl
32
33BNTEST= bntest
34ECTEST= ectest
35EXPTEST= exptest
36IDEATEST= ideatest
37SHATEST= shatest
38SHA1TEST= sha1test
39MDC2TEST= mdc2test
40RMDTEST= rmdtest
41MD2TEST= md2test
42MD4TEST= md4test
43MD5TEST= md5test
44HMACTEST= hmactest
45RC2TEST= rc2test
46RC4TEST= rc4test
47RC5TEST= rc5test
48BFTEST= bftest
49CASTTEST= casttest
50DESTEST= destest
51RANDTEST= randtest
52DHTEST= dhtest
53DSATEST= dsatest
54METHTEST= methtest
55SSLTEST= ssltest
56RSATEST= rsa_test
57ENGINETEST= enginetest
58EVPTEST= evp_test
59
60TESTS= alltests
61
62EXE= $(BNTEST) $(ECTEST) $(IDEATEST) $(MD2TEST) $(MD4TEST) $(MD5TEST) $(HMACTEST) \
63 $(RC2TEST) $(RC4TEST) $(RC5TEST) \
64 $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
65 $(RANDTEST) $(DHTEST) $(ENGINETEST) \
66 $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
67 $(EVPTEST)
68
69# $(METHTEST)
70
71OBJ= $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
72 $(HMACTEST).o \
73 $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
74 $(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
75 $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
76 $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
77 $(EVPTEST).o
78SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
79 $(HMACTEST).c \
80 $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
81 $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
82 $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
83 $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
84 $(EVPTEST).c
85
86EXHEADER=
87HEADER= $(EXHEADER)
88
89ALL= $(GENERAL) $(SRC) $(HEADER)
90
91top:
92 (cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
93
94all: exe
95
96exe: $(EXE)
97
98files:
99 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
100
101links:
102 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
103
104errors:
105
106install:
107
108tags:
109 ctags $(SRC)
110
111tests: exe apps $(TESTS)
112
113apps:
114 @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all)
115
116alltests:
117 (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \
118 export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
119 $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' alltests.chooser)
120alltests.chooser: \
121 test_des test_idea test_sha test_md4 test_md5 test_hmac \
122 test_md2 test_mdc2 \
123 test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \
124 test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
125 test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
126 test_ss test_ca test_engine test_evp test_ssl
127
128test_evp:
129 ./$(EVPTEST) evptests.txt
130
131test_des:
132 ./$(DESTEST)
133
134test_idea:
135 ./$(IDEATEST)
136
137test_sha:
138 ./$(SHATEST)
139 ./$(SHA1TEST)
140
141test_mdc2:
142 ./$(MDC2TEST)
143
144test_md5:
145 ./$(MD5TEST)
146
147test_md4:
148 ./$(MD4TEST)
149
150test_hmac:
151 ./$(HMACTEST)
152
153test_md2:
154 ./$(MD2TEST)
155
156test_rmd:
157 ./$(RMDTEST)
158
159test_bf:
160 ./$(BFTEST)
161
162test_cast:
163 ./$(CASTTEST)
164
165test_rc2:
166 ./$(RC2TEST)
167
168test_rc4:
169 ./$(RC4TEST)
170
171test_rc5:
172 ./$(RC5TEST)
173
174test_rand:
175 ./$(RANDTEST)
176
177test_enc:
178 @sh ./testenc
179
180test_x509:
181 echo test normal x509v1 certificate
182 sh ./tx509 2>/dev/null
183 echo test first x509v3 certificate
184 sh ./tx509 v3-cert1.pem 2>/dev/null
185 echo test second x509v3 certificate
186 sh ./tx509 v3-cert2.pem 2>/dev/null
187
188test_rsa:
189 @sh ./trsa 2>/dev/null
190 ./$(RSATEST)
191
192test_crl:
193 @sh ./tcrl 2>/dev/null
194
195test_sid:
196 @sh ./tsid 2>/dev/null
197
198test_req:
199 @sh ./treq 2>/dev/null
200 @sh ./treq testreq2.pem 2>/dev/null
201
202test_pkcs7:
203 @sh ./tpkcs7 2>/dev/null
204 @sh ./tpkcs7d 2>/dev/null
205
206test_bn:
207 @echo starting big number library test, could take a while...
208 @./$(BNTEST) >tmp.bntest
209 @echo quit >>tmp.bntest
210 @echo "running bc"
211 @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
212 @echo 'test a^b%c implementations'
213 ./$(EXPTEST)
214
215test_ec:
216 @echo 'test elliptic curves'
217 ./$(ECTEST)
218
219test_verify:
220 @echo "The following command should have some OK's and some failures"
221 @echo "There are definitly a few expired certificates"
222 ../apps/openssl verify -CApath ../certs ../certs/*.pem
223
224test_dh:
225 @echo "Generate a set of DH parameters"
226 ./$(DHTEST)
227
228test_dsa:
229 @echo "Generate a set of DSA parameters"
230 ./$(DSATEST)
231 ./$(DSATEST) -app2_1
232
233test_gen:
234 @echo "Generate and verify a certificate request"
235 @sh ./testgen
236
237test_ss:
238 @echo "Generate and certify a test certificate"
239 @sh ./testss
240
241test_engine:
242 @echo "Manipulate the ENGINE structures"
243 ./$(ENGINETEST)
244
245test_ssl:
246 @echo "test SSL protocol"
247 @sh ./testssl
248
249test_ca:
250 @echo "Generate and certify a test certificate via the 'ca' program"
251 @sh ./testca
252
253test_rd: #$(RDTEST)
254# @echo "test Rijndael"
255# ./$(RDTEST)
256
257lint:
258 lint -DLINT $(INCLUDES) $(SRC)>fluff
259
260depend:
261 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
262
263dclean:
264 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
265 mv -f Makefile.new $(MAKEFILE)
266
267clean:
268 rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
269
270$(DLIBSSL):
271 (cd ../ssl; $(MAKE))
272
273$(DLIBCRYPTO):
274 (cd ../crypto; $(MAKE))
275
276$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
277 $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
278
279$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
280 $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
281
282$(ECTEST): $(ECTEST).o $(DLIBCRYPTO)
283 $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
284
285$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
286 $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
287
288$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
289 $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
290
291$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
292 $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
293
294$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
295 $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
296
297$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
298 $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
299
300$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
301 $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
302
303$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
304 $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
305
306$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
307 $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
308
309$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
310 $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
311
312$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
313 $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
314
315$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
316 $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
317
318$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
319 $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
320
321$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
322 $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
323
324$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
325 $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
326
327$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
328 $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
329
330$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
331 $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
332
333$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
334 $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
335
336$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
337 $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
338
339$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
340 $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
341
342$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
343 $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
344
345$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
346 $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS)
347
348$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
349 $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
350
351$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
352 $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
353
354#$(RDTEST).o: $(RDTEST).c
355# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c
356
357#$(RDTEST): $(RDTEST).o $(DLIBCRYPTO)
358# $(CC) -o $(RDTEST) $(CFLAGS) $(RDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
359
360# DO NOT DELETE THIS LINE -- make depend depends on it.
361
362bftest.o: ../include/openssl/blowfish.h ../include/openssl/e_os2.h
363bftest.o: ../include/openssl/opensslconf.h bftest.c
364bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
365bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
366bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
367bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
368bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
369bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
370bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
371bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
372bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
373bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
374bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
375bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
376bntest.o: ../include/openssl/x509_vfy.h bntest.c
377casttest.o: ../include/openssl/cast.h casttest.c
378destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
379destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
380destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
381destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
382destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
383destest.o: ../include/openssl/ui_compat.h destest.c
384dhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
385dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
386dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
387dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
388dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
389dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
390dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
391dsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
392dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
393dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
394dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
395dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
396dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
397dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
398dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
399dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
400dsatest.o: ../include/openssl/ui.h dsatest.c
401ectest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
402ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
403ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
404ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
405ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
406ectest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
407ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
408ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
409ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
410ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
411enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
412enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
413enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
414enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
415enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
416enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
417enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
418enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
419enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
420enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
421enginetest.o: enginetest.c
422evp_test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
423evp_test.o: ../include/openssl/bn.h ../include/openssl/conf.h
424evp_test.o: ../include/openssl/crypto.h ../include/openssl/dh.h
425evp_test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
426evp_test.o: ../include/openssl/engine.h ../include/openssl/err.h
427evp_test.o: ../include/openssl/evp.h ../include/openssl/lhash.h
428evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
429evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
430evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
431evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
432evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
433evp_test.o: ../include/openssl/ui.h evp_test.c
434exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
435exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
436exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
437exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
438exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
439exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
440exptest.o: ../include/openssl/symhacks.h exptest.c
441hmactest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
442hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
443hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
444hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
445hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
446hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
447hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
448hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
449ideatest.o: ../include/openssl/idea.h ../include/openssl/opensslconf.h
450ideatest.o: ideatest.c
451md2test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
452md2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
453md2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
454md2test.o: ../include/openssl/md2.h ../include/openssl/obj_mac.h
455md2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
456md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
457md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
458md2test.o: ../include/openssl/symhacks.h md2test.c
459md4test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
460md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
461md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
462md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
463md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
464md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
465md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
466md4test.o: ../include/openssl/symhacks.h md4test.c
467md5test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
468md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
469md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
470md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
471md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
472md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
473md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
474md5test.o: ../include/openssl/symhacks.h md5test.c
475mdc2test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
476mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
477mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h
478mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
479mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
480mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
481mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
482mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
483mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
484mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c
485randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h randtest.c
486rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
487rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
488rc5test.o: ../include/openssl/rc5.h rc5test.c
489rmdtest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
490rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
491rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
492rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
493rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
494rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
495rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
496rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
497rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
498rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
499rsa_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
500rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
501rsa_test.o: ../include/openssl/err.h ../include/openssl/lhash.h
502rsa_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
503rsa_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
504rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
505rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
506rsa_test.o: ../include/openssl/ui.h rsa_test.c
507sha1test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
508sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
509sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
510sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
511sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
512sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
513sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
514sha1test.o: ../include/openssl/symhacks.h sha1test.c
515shatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
516shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
517shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
518shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
519shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
520shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
521shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
522shatest.o: ../include/openssl/symhacks.h shatest.c
523ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
524ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
525ssltest.o: ../include/openssl/comp.h ../include/openssl/crypto.h
526ssltest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
527ssltest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
528ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
529ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
530ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
531ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
532ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
533ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
534ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
535ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
536ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
537ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
538ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
539ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
540ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssltest.c
diff --git a/src/lib/libssl/src/test/enginetest.c b/src/lib/libssl/src/test/enginetest.c
new file mode 100644
index 0000000000..87fa8c57b7
--- /dev/null
+++ b/src/lib/libssl/src/test/enginetest.c
@@ -0,0 +1,274 @@
1/* crypto/engine/enginetest.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/e_os2.h>
60#include <stdio.h>
61#include <string.h>
62#include <openssl/buffer.h>
63#include <openssl/crypto.h>
64#include <openssl/engine.h>
65#include <openssl/err.h>
66
67static void display_engine_list()
68 {
69 ENGINE *h;
70 int loop;
71
72 h = ENGINE_get_first();
73 loop = 0;
74 printf("listing available engine types\n");
75 while(h)
76 {
77 printf("engine %i, id = \"%s\", name = \"%s\"\n",
78 loop++, ENGINE_get_id(h), ENGINE_get_name(h));
79 h = ENGINE_get_next(h);
80 }
81 printf("end of list\n");
82 /* ENGINE_get_first() increases the struct_ref counter, so we
83 must call ENGINE_free() to decrease it again */
84 ENGINE_free(h);
85 }
86
87int main(int argc, char *argv[])
88 {
89 ENGINE *block[512];
90 char buf[256];
91 const char *id, *name;
92 ENGINE *ptr;
93 int loop;
94 int to_return = 1;
95 ENGINE *new_h1 = NULL;
96 ENGINE *new_h2 = NULL;
97 ENGINE *new_h3 = NULL;
98 ENGINE *new_h4 = NULL;
99
100 /* enable memory leak checking unless explicitly disabled */
101 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
102 {
103 CRYPTO_malloc_debug_init();
104 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
105 }
106 else
107 {
108 /* OPENSSL_DEBUG_MEMORY=off */
109 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
110 }
111 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
112 ERR_load_crypto_strings();
113
114 memset(block, 0, 512 * sizeof(ENGINE *));
115 if(((new_h1 = ENGINE_new()) == NULL) ||
116 !ENGINE_set_id(new_h1, "test_id0") ||
117 !ENGINE_set_name(new_h1, "First test item") ||
118 ((new_h2 = ENGINE_new()) == NULL) ||
119 !ENGINE_set_id(new_h2, "test_id1") ||
120 !ENGINE_set_name(new_h2, "Second test item") ||
121 ((new_h3 = ENGINE_new()) == NULL) ||
122 !ENGINE_set_id(new_h3, "test_id2") ||
123 !ENGINE_set_name(new_h3, "Third test item") ||
124 ((new_h4 = ENGINE_new()) == NULL) ||
125 !ENGINE_set_id(new_h4, "test_id3") ||
126 !ENGINE_set_name(new_h4, "Fourth test item"))
127 {
128 printf("Couldn't set up test ENGINE structures\n");
129 goto end;
130 }
131 printf("\nenginetest beginning\n\n");
132 display_engine_list();
133 if(!ENGINE_add(new_h1))
134 {
135 printf("Add failed!\n");
136 goto end;
137 }
138 display_engine_list();
139 ptr = ENGINE_get_first();
140 if(!ENGINE_remove(ptr))
141 {
142 printf("Remove failed!\n");
143 goto end;
144 }
145 if (ptr)
146 ENGINE_free(ptr);
147 display_engine_list();
148 if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
149 {
150 printf("Add failed!\n");
151 goto end;
152 }
153 display_engine_list();
154 if(!ENGINE_remove(new_h2))
155 {
156 printf("Remove failed!\n");
157 goto end;
158 }
159 display_engine_list();
160 if(!ENGINE_add(new_h4))
161 {
162 printf("Add failed!\n");
163 goto end;
164 }
165 display_engine_list();
166 if(ENGINE_add(new_h3))
167 {
168 printf("Add *should* have failed but didn't!\n");
169 goto end;
170 }
171 else
172 printf("Add that should fail did.\n");
173 ERR_clear_error();
174 if(ENGINE_remove(new_h2))
175 {
176 printf("Remove *should* have failed but didn't!\n");
177 goto end;
178 }
179 else
180 printf("Remove that should fail did.\n");
181 ERR_clear_error();
182 if(!ENGINE_remove(new_h3))
183 {
184 printf("Remove failed!\n");
185 goto end;
186 }
187 display_engine_list();
188 if(!ENGINE_remove(new_h4))
189 {
190 printf("Remove failed!\n");
191 goto end;
192 }
193 display_engine_list();
194 /* Depending on whether there's any hardware support compiled
195 * in, this remove may be destined to fail. */
196 ptr = ENGINE_get_first();
197 if(ptr)
198 if(!ENGINE_remove(ptr))
199 printf("Remove failed!i - probably no hardware "
200 "support present.\n");
201 if (ptr)
202 ENGINE_free(ptr);
203 display_engine_list();
204 if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
205 {
206 printf("Couldn't add and remove to an empty list!\n");
207 goto end;
208 }
209 else
210 printf("Successfully added and removed to an empty list!\n");
211 printf("About to beef up the engine-type list\n");
212 for(loop = 0; loop < 512; loop++)
213 {
214 sprintf(buf, "id%i", loop);
215 id = BUF_strdup(buf);
216 sprintf(buf, "Fake engine type %i", loop);
217 name = BUF_strdup(buf);
218 if(((block[loop] = ENGINE_new()) == NULL) ||
219 !ENGINE_set_id(block[loop], id) ||
220 !ENGINE_set_name(block[loop], name))
221 {
222 printf("Couldn't create block of ENGINE structures.\n"
223 "I'll probably also core-dump now, damn.\n");
224 goto end;
225 }
226 }
227 for(loop = 0; loop < 512; loop++)
228 {
229 if(!ENGINE_add(block[loop]))
230 {
231 printf("\nAdding stopped at %i, (%s,%s)\n",
232 loop, ENGINE_get_id(block[loop]),
233 ENGINE_get_name(block[loop]));
234 goto cleanup_loop;
235 }
236 else
237 printf("."); fflush(stdout);
238 }
239cleanup_loop:
240 printf("\nAbout to empty the engine-type list\n");
241 while((ptr = ENGINE_get_first()) != NULL)
242 {
243 if(!ENGINE_remove(ptr))
244 {
245 printf("\nRemove failed!\n");
246 goto end;
247 }
248 ENGINE_free(ptr);
249 printf("."); fflush(stdout);
250 }
251 for(loop = 0; loop < 512; loop++)
252 {
253 OPENSSL_free((void *)ENGINE_get_id(block[loop]));
254 OPENSSL_free((void *)ENGINE_get_name(block[loop]));
255 }
256 printf("\nTests completed happily\n");
257 to_return = 0;
258end:
259 if(to_return)
260 ERR_print_errors_fp(stderr);
261 if(new_h1) ENGINE_free(new_h1);
262 if(new_h2) ENGINE_free(new_h2);
263 if(new_h3) ENGINE_free(new_h3);
264 if(new_h4) ENGINE_free(new_h4);
265 for(loop = 0; loop < 512; loop++)
266 if(block[loop])
267 ENGINE_free(block[loop]);
268 ENGINE_cleanup();
269 CRYPTO_cleanup_all_ex_data();
270 ERR_free_strings();
271 ERR_remove_state(0);
272 CRYPTO_mem_leaks_fp(stderr);
273 return to_return;
274 }
diff --git a/src/lib/libssl/src/test/md4test.c b/src/lib/libssl/src/test/md4test.c
new file mode 100644
index 0000000000..e0fdc42282
--- /dev/null
+++ b/src/lib/libssl/src/test/md4test.c
@@ -0,0 +1,134 @@
1/* crypto/md4/md4test.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <stdlib.h>
62
63#ifdef OPENSSL_NO_MD4
64int main(int argc, char *argv[])
65{
66 printf("No MD4 support\n");
67 return(0);
68}
69#else
70#include <openssl/evp.h>
71#include <openssl/md4.h>
72
73static char *test[]={
74 "",
75 "a",
76 "abc",
77 "message digest",
78 "abcdefghijklmnopqrstuvwxyz",
79 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
80 "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
81 NULL,
82 };
83
84static char *ret[]={
85"31d6cfe0d16ae931b73c59d7e0c089c0",
86"bde52cb31de33e46245e05fbdbd6fb24",
87"a448017aaf21d8525fc10ae87aa6729d",
88"d9130a8164549fe818874806e1c7014b",
89"d79e1c308aa5bbcdeea8ed63df412da9",
90"043f8582f241db351ce627e153e7f0e4",
91"e33b4ddc9c38f2199c3e7b164fcc0536",
92};
93
94static char *pt(unsigned char *md);
95int main(int argc, char *argv[])
96 {
97 int i,err=0;
98 unsigned char **P,**R;
99 char *p;
100 unsigned char md[MD4_DIGEST_LENGTH];
101
102 P=(unsigned char **)test;
103 R=(unsigned char **)ret;
104 i=1;
105 while (*P != NULL)
106 {
107 EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
108 p=pt(md);
109 if (strcmp(p,(char *)*R) != 0)
110 {
111 printf("error calculating MD4 on '%s'\n",*P);
112 printf("got %s instead of %s\n",p,*R);
113 err++;
114 }
115 else
116 printf("test %d ok\n",i);
117 i++;
118 R++;
119 P++;
120 }
121 exit(err);
122 return(0);
123 }
124
125static char *pt(unsigned char *md)
126 {
127 int i;
128 static char buf[80];
129
130 for (i=0; i<MD4_DIGEST_LENGTH; i++)
131 sprintf(&(buf[i*2]),"%02x",md[i]);
132 return(buf);
133 }
134#endif
diff --git a/src/lib/libssl/src/test/rsa_test.c b/src/lib/libssl/src/test/rsa_test.c
new file mode 100644
index 0000000000..b8b462d33b
--- /dev/null
+++ b/src/lib/libssl/src/test/rsa_test.c
@@ -0,0 +1,318 @@
1/* test vectors from p1ovect1.txt */
2
3#include <stdio.h>
4#include <string.h>
5
6#include "e_os.h"
7
8#include <openssl/crypto.h>
9#include <openssl/err.h>
10#include <openssl/rand.h>
11#ifdef OPENSSL_NO_RSA
12int main(int argc, char *argv[])
13{
14 printf("No RSA support\n");
15 return(0);
16}
17#else
18#include <openssl/rsa.h>
19#include <openssl/engine.h>
20
21#define SetKey \
22 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
23 key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
24 key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
25 key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
26 key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
27 key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
28 key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
29 key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
30 memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
31 return (sizeof(ctext_ex) - 1);
32
33static int key1(RSA *key, unsigned char *c)
34 {
35 static unsigned char n[] =
36"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
37"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
38"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
39"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
40"\xF5";
41
42 static unsigned char e[] = "\x11";
43
44 static unsigned char d[] =
45"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
46"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
47"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
48"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
49
50 static unsigned char p[] =
51"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
52"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
53"\x0D";
54
55 static unsigned char q[] =
56"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
57"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
58"\x89";
59
60 static unsigned char dmp1[] =
61"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
62"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
63
64 static unsigned char dmq1[] =
65"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
66"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
67"\x51";
68
69 static unsigned char iqmp[] =
70"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
71"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
72
73 static unsigned char ctext_ex[] =
74"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
75"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
76"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
77"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
78
79 SetKey;
80 }
81
82static int key2(RSA *key, unsigned char *c)
83 {
84 static unsigned char n[] =
85"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
86"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
87"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
88"\x34\x77\xCF";
89
90 static unsigned char e[] = "\x3";
91
92 static unsigned char d[] =
93"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
94"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
95"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
96"\xE5\xEB";
97
98 static unsigned char p[] =
99"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
100"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
101
102 static unsigned char q[] =
103"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
104"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
105
106 static unsigned char dmp1[] =
107"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
108"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
109
110 static unsigned char dmq1[] =
111"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
112"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
113
114 static unsigned char iqmp[] =
115"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
116"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
117
118 static unsigned char ctext_ex[] =
119"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
120"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
121"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
122"\x62\x51";
123
124 SetKey;
125 }
126
127static int key3(RSA *key, unsigned char *c)
128 {
129 static unsigned char n[] =
130"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
131"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
132"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
133"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
134"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
135"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
136"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
137"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
138"\xCB";
139
140 static unsigned char e[] = "\x11";
141
142 static unsigned char d[] =
143"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
144"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
145"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
146"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
147"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
148"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
149"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
150"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
151"\xC1";
152
153 static unsigned char p[] =
154"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
155"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
156"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
157"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
158"\x99";
159
160 static unsigned char q[] =
161"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
162"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
163"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
164"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
165"\x03";
166
167 static unsigned char dmp1[] =
168"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
169"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
170"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
171"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
172
173 static unsigned char dmq1[] =
174"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
175"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
176"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
177"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
178
179 static unsigned char iqmp[] =
180"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
181"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
182"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
183"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
184"\xF7";
185
186 static unsigned char ctext_ex[] =
187"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
188"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
189"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
190"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
191"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
192"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
193"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
194"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
195
196 SetKey;
197 }
198
199static int pad_unknown(void)
200{
201 unsigned long l;
202 while ((l = ERR_get_error()) != 0)
203 if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
204 return(1);
205 return(0);
206}
207
208static const char rnd_seed[] = "string to make the random number generator think it has entropy";
209
210int main(int argc, char *argv[])
211 {
212 int err=0;
213 int v;
214 RSA *key;
215 unsigned char ptext[256];
216 unsigned char ctext[256];
217 static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
218 unsigned char ctext_ex[256];
219 int plen;
220 int clen = 0;
221 int num;
222
223 CRYPTO_malloc_debug_init();
224 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
225 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
226
227 RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
228
229 plen = sizeof(ptext_ex) - 1;
230
231 for (v = 0; v < 3; v++)
232 {
233 key = RSA_new();
234 switch (v) {
235 case 0:
236 clen = key1(key, ctext_ex);
237 break;
238 case 1:
239 clen = key2(key, ctext_ex);
240 break;
241 case 2:
242 clen = key3(key, ctext_ex);
243 break;
244 }
245
246 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
247 RSA_PKCS1_PADDING);
248 if (num != clen)
249 {
250 printf("PKCS#1 v1.5 encryption failed!\n");
251 err=1;
252 goto oaep;
253 }
254
255 num = RSA_private_decrypt(num, ctext, ptext, key,
256 RSA_PKCS1_PADDING);
257 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
258 {
259 printf("PKCS#1 v1.5 decryption failed!\n");
260 err=1;
261 }
262 else
263 printf("PKCS #1 v1.5 encryption/decryption ok\n");
264
265 oaep:
266 ERR_clear_error();
267 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
268 RSA_PKCS1_OAEP_PADDING);
269 if (num == -1 && pad_unknown())
270 {
271 printf("No OAEP support\n");
272 goto next;
273 }
274 if (num != clen)
275 {
276 printf("OAEP encryption failed!\n");
277 err=1;
278 goto next;
279 }
280
281 num = RSA_private_decrypt(num, ctext, ptext, key,
282 RSA_PKCS1_OAEP_PADDING);
283 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
284 {
285 printf("OAEP decryption (encrypted data) failed!\n");
286 err=1;
287 }
288 else if (memcmp(ctext, ctext_ex, num) == 0)
289 {
290 printf("OAEP test vector %d passed!\n", v);
291 goto next;
292 }
293
294 /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
295 Try decrypting ctext_ex */
296
297 num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
298 RSA_PKCS1_OAEP_PADDING);
299
300 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
301 {
302 printf("OAEP decryption (test vector data) failed!\n");
303 err=1;
304 }
305 else
306 printf("OAEP encryption/decryption ok\n");
307 next:
308 RSA_free(key);
309 }
310
311 CRYPTO_cleanup_all_ex_data();
312 ERR_remove_state(0);
313
314 CRYPTO_mem_leaks_fp(stderr);
315
316 return err;
317 }
318#endif
diff --git a/src/lib/libssl/src/tools/Makefile.ssl b/src/lib/libssl/src/tools/Makefile.ssl
new file mode 100644
index 0000000000..32d0b516ba
--- /dev/null
+++ b/src/lib/libssl/src/tools/Makefile.ssl
@@ -0,0 +1,62 @@
1#
2# SSLeay/tools/Makefile
3#
4
5DIR= tools
6TOP= ..
7CC= cc
8INCLUDES= -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile.ssl
21TEST=
22APPS= c_rehash
23MISC_APPS= c_hash c_info c_issuer c_name
24
25all:
26
27install:
28 @for i in $(APPS) ; \
29 do \
30 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
31 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
32 done;
33 @for i in $(MISC_APPS) ; \
34 do \
35 (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \
36 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
37 done;
38
39files:
40 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
41
42links:
43 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
44
45lint:
46
47tags:
48
49errors:
50
51depend:
52
53dclean:
54 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
55 mv -f Makefile.new $(MAKEFILE)
56
57clean:
58 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
59
60errors:
61
62# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/src/lib/libssl/src/tools/c_rehash b/src/lib/libssl/src/tools/c_rehash
deleted file mode 100644
index 9fb18674ac..0000000000
--- a/src/lib/libssl/src/tools/c_rehash
+++ /dev/null
@@ -1,158 +0,0 @@
1#!/usr/bin/perl
2
3
4# Perl c_rehash script, scan all files in a directory
5# and add symbolic links to their hash values.
6
7my $openssl;
8
9my $dir = "/usr/local/ssl";
10
11if(defined $ENV{OPENSSL}) {
12 $openssl = $ENV{OPENSSL};
13} else {
14 $openssl = "openssl";
15 $ENV{OPENSSL} = $openssl;
16}
17
18$ENV{PATH} .= ":$dir/bin";
19
20if(! -f $openssl) {
21 my $found = 0;
22 foreach (split /:/, $ENV{PATH}) {
23 if(-f "$_/$openssl") {
24 $found = 1;
25 last;
26 }
27 }
28 if($found == 0) {
29 print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
30 exit 0;
31 }
32}
33
34if(@ARGV) {
35 @dirlist = @ARGV;
36} elsif($ENV{SSL_CERT_DIR}) {
37 @dirlist = split /:/, $ENV{SSL_CERT_DIR};
38} else {
39 $dirlist[0] = "$dir/certs";
40}
41
42
43foreach (@dirlist) {
44 if(-d $_ and -w $_) {
45 hash_dir($_);
46 }
47}
48
49sub hash_dir {
50 my %hashlist;
51 print "Doing $_[0]\n";
52 chdir $_[0];
53 opendir(DIR, ".");
54 my @flist = readdir(DIR);
55 # Delete any existing symbolic links
56 foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
57 if(-l $_) {
58 unlink $_;
59 }
60 }
61 closedir DIR;
62 FILE: foreach $fname (grep {/\.pem$/} @flist) {
63 # Check to see if certificates and/or CRLs present.
64 my ($cert, $crl) = check_file($fname);
65 if(!$cert && !$crl) {
66 print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
67 next;
68 }
69 link_hash_cert($fname) if($cert);
70 link_hash_crl($fname) if($crl);
71 }
72}
73
74sub check_file {
75 my ($is_cert, $is_crl) = (0,0);
76 my $fname = $_[0];
77 open IN, $fname;
78 while(<IN>) {
79 if(/^-----BEGIN (.*)-----/) {
80 my $hdr = $1;
81 if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
82 $is_cert = 1;
83 last if($is_crl);
84 } elsif($hdr eq "X509 CRL") {
85 $is_crl = 1;
86 last if($is_cert);
87 }
88 }
89 }
90 close IN;
91 return ($is_cert, $is_crl);
92}
93
94
95# Link a certificate to its subject name hash value, each hash is of
96# the form <hash>.<n> where n is an integer. If the hash value already exists
97# then we need to up the value of n, unless its a duplicate in which
98# case we skip the link. We check for duplicates by comparing the
99# certificate fingerprints
100
101sub link_hash_cert {
102 my $fname = $_[0];
103 my ($hash, $fprint) = `$openssl x509 -hash -fingerprint -noout -in "$fname"`;
104 chomp $hash;
105 chomp $fprint;
106 $fprint =~ s/^.*=//;
107 $fprint =~ tr/://d;
108 my $suffix = 0;
109 # Search for an unused hash filename
110 while(exists $hashlist{"$hash.$suffix"}) {
111 # Hash matches: if fingerprint matches its a duplicate cert
112 if($hashlist{"$hash.$suffix"} eq $fprint) {
113 print STDERR "WARNING: Skipping duplicate certificate $fname\n";
114 return;
115 }
116 $suffix++;
117 }
118 $hash .= ".$suffix";
119 print "$fname => $hash\n";
120 $symlink_exists=eval {symlink("",""); 1};
121 if ($symlink_exists) {
122 symlink $fname, $hash;
123 } else {
124 system ("cp", $fname, $hash);
125 }
126 $hashlist{$hash} = $fprint;
127}
128
129# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
130
131sub link_hash_crl {
132 my $fname = $_[0];
133 my ($hash, $fprint) = `$openssl crl -hash -fingerprint -noout -in "$fname"`;
134 chomp $hash;
135 chomp $fprint;
136 $fprint =~ s/^.*=//;
137 $fprint =~ tr/://d;
138 my $suffix = 0;
139 # Search for an unused hash filename
140 while(exists $hashlist{"$hash.r$suffix"}) {
141 # Hash matches: if fingerprint matches its a duplicate cert
142 if($hashlist{"$hash.r$suffix"} eq $fprint) {
143 print STDERR "WARNING: Skipping duplicate CRL $fname\n";
144 return;
145 }
146 $suffix++;
147 }
148 $hash .= ".r$suffix";
149 print "$fname => $hash\n";
150 $symlink_exists=eval {symlink("",""); 1};
151 if ($symlink_exists) {
152 symlink $fname, $hash;
153 } else {
154 system ("cp", $fname, $hash);
155 }
156 $hashlist{$hash} = $fprint;
157}
158
diff --git a/src/lib/libssl/src/util/domd b/src/lib/libssl/src/util/domd
index aa99cb0523..8cbe383c16 100644
--- a/src/lib/libssl/src/util/domd
+++ b/src/lib/libssl/src/util/domd
@@ -18,11 +18,11 @@ if [ "$MAKEDEPEND" = "gcc" ]; then
18 sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp 18 sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp
19 echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp 19 echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
20 gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp 20 gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp
21 perl $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new 21 ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
22 rm -f Makefile.tmp 22 rm -f Makefile.tmp
23else 23else
24 ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@ 24 ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@
25 perl $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new 25 ${PERL} $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new
26fi 26fi
27mv Makefile.new Makefile.ssl 27mv Makefile.new Makefile.ssl
28# unfake the presence of Kerberos 28# unfake the presence of Kerberos
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num
index b74749e5de..4845158158 100644
--- a/src/lib/libssl/src/util/libeay.num
+++ b/src/lib/libssl/src/util/libeay.num
@@ -2774,3 +2774,9 @@ AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES
2774AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES 2774AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES
2775ENGINE_load_4758cca 3218 EXIST::FUNCTION: 2775ENGINE_load_4758cca 3218 EXIST::FUNCTION:
2776_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES 2776_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES
2777EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES
2778EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES
2779EVP_aes_128_cfb 3222 EXIST::FUNCTION:AES
2780EVP_aes_256_cfb 3223 EXIST::FUNCTION:AES
2781EVP_aes_128_ofb 3224 EXIST::FUNCTION:AES
2782EVP_aes_192_cfb 3225 EXIST::FUNCTION:AES
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl
index 071036a6d2..ecba93cd94 100644
--- a/src/lib/libssl/src/util/mkdef.pl
+++ b/src/lib/libssl/src/util/mkdef.pl
@@ -43,8 +43,8 @@
43# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found 43# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found
44# in the file crypto/symhacks.h. 44# in the file crypto/symhacks.h.
45# The semantics for the platforms is that every item is checked against the 45# The semantics for the platforms is that every item is checked against the
46# enviroment. For the negative items ("!FOO"), if any of them is false 46# environment. For the negative items ("!FOO"), if any of them is false
47# (i.e. "FOO" is true) in the enviroment, the corresponding symbol can't be 47# (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
48# used. For the positive itms, if all of them are false in the environment, 48# used. For the positive itms, if all of them are false in the environment,
49# the corresponding symbol can't be used. Any combination of positive and 49# the corresponding symbol can't be used. Any combination of positive and
50# negative items are possible, and of course leave room for some redundancy. 50# negative items are possible, and of course leave room for some redundancy.
diff --git a/src/lib/libssl/src/util/pl/Mingw32f.pl b/src/lib/libssl/src/util/pl/Mingw32f.pl
new file mode 100644
index 0000000000..44f5673d7a
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/Mingw32f.pl
@@ -0,0 +1,73 @@
1#!/usr/local/bin/perl
2#
3# Mingw32f.pl -- copy files; Mingw32.pl is needed to do the compiling.
4#
5
6$o='\\';
7$cp='copy';
8$rm='del';
9
10# C compiler stuff
11
12$cc='gcc';
13if ($debug)
14 { $cflags="-g2 -ggdb -DDSO_WIN32"; }
15else
16 { $cflags="-O3 -fomit-frame-pointer -DDSO_WIN32"; }
17
18$obj='.o';
19$ofile='-o ';
20
21# EXE linking stuff
22$link='${CC}';
23$lflags='${CFLAGS}';
24$efile='-o ';
25$exep='';
26$ex_libs="-lwsock32 -lgdi32";
27
28# static library stuff
29$mklib='ar r';
30$mlflags='';
31$ranlib='ranlib';
32$plib='lib';
33$libp=".a";
34$shlibp=".a";
35$lfile='';
36
37$asm='as';
38$afile='-o ';
39$bn_asm_obj="";
40$bn_asm_src="";
41$des_enc_obj="";
42$des_enc_src="";
43$bf_enc_obj="";
44$bf_enc_src="";
45
46sub do_lib_rule
47 {
48 local($obj,$target,$name,$shlib)=@_;
49 local($ret,$_,$Name);
50
51 $target =~ s/\//$o/g if $o ne '/';
52 $target="$target";
53 ($Name=$name) =~ tr/a-z/A-Z/;
54
55 $ret.="$target: \$(${Name}OBJ)\n";
56 $ret.="\t\$(RM) $target\n";
57 $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
58 $ret.="\t\$(RANLIB) $target\n\n";
59 }
60
61sub do_link_rule
62 {
63 local($target,$files,$dep_libs,$libs)=@_;
64 local($ret,$_);
65
66 $file =~ s/\//$o/g if $o ne '/';
67 $n=&bname($target);
68 $ret.="$target: $files $dep_libs\n";
69 $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
70 return($ret);
71 }
721;
73
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
new file mode 100644
index 0000000000..ce6354b2ff
--- /dev/null
+++ b/src/lib/libssl/ssl.h
@@ -0,0 +1,1802 @@
1/* ssl/ssl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
113 *
114 * Redistribution and use in source and binary forms, with or without
115 * modification, are permitted provided that the following conditions
116 * are met:
117 *
118 * 1. Redistributions of source code must retain the above copyright
119 * notice, this list of conditions and the following disclaimer.
120 *
121 * 2. Redistributions in binary form must reproduce the above copyright
122 * notice, this list of conditions and the following disclaimer in
123 * the documentation and/or other materials provided with the
124 * distribution.
125 *
126 * 3. All advertising materials mentioning features or use of this
127 * software must display the following acknowledgment:
128 * "This product includes software developed by the OpenSSL Project
129 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
130 *
131 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
132 * endorse or promote products derived from this software without
133 * prior written permission. For written permission, please contact
134 * openssl-core@openssl.org.
135 *
136 * 5. Products derived from this software may not be called "OpenSSL"
137 * nor may "OpenSSL" appear in their names without prior written
138 * permission of the OpenSSL Project.
139 *
140 * 6. Redistributions of any form whatsoever must retain the following
141 * acknowledgment:
142 * "This product includes software developed by the OpenSSL Project
143 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
144 *
145 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
146 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
147 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
148 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
149 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
150 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
151 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
152 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
153 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
154 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
155 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
156 * OF THE POSSIBILITY OF SUCH DAMAGE.
157 * ====================================================================
158 *
159 * This product includes cryptographic software written by Eric Young
160 * (eay@cryptsoft.com). This product includes software written by Tim
161 * Hudson (tjh@cryptsoft.com).
162 *
163 */
164
165#ifndef HEADER_SSL_H
166#define HEADER_SSL_H
167
168#include <openssl/e_os2.h>
169
170#ifndef OPENSSL_NO_COMP
171#include <openssl/comp.h>
172#endif
173#ifndef OPENSSL_NO_BIO
174#include <openssl/bio.h>
175#endif
176#ifndef OPENSSL_NO_X509
177#include <openssl/x509.h>
178#endif
179#include <openssl/kssl.h>
180#include <openssl/safestack.h>
181#include <openssl/symhacks.h>
182
183#ifdef __cplusplus
184extern "C" {
185#endif
186
187/* SSLeay version number for ASN.1 encoding of the session information */
188/* Version 0 - initial version
189 * Version 1 - added the optional peer certificate
190 */
191#define SSL_SESSION_ASN1_VERSION 0x0001
192
193/* text strings for the ciphers */
194#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
195#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
196#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
197#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
198#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
199#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
200#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
201#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
202#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
203#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
204
205/* VRS Additional Kerberos5 entries
206 */
207#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
208#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
209#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
210#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
211#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
212#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
213#define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
214
215#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
216#define SSL_MAX_SID_CTX_LENGTH 32
217
218#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
219#define SSL_MAX_KEY_ARG_LENGTH 8
220#define SSL_MAX_MASTER_KEY_LENGTH 48
221
222/* These are used to specify which ciphers to use and not to use */
223#define SSL_TXT_LOW "LOW"
224#define SSL_TXT_MEDIUM "MEDIUM"
225#define SSL_TXT_HIGH "HIGH"
226#define SSL_TXT_kFZA "kFZA"
227#define SSL_TXT_aFZA "aFZA"
228#define SSL_TXT_eFZA "eFZA"
229#define SSL_TXT_FZA "FZA"
230
231#define SSL_TXT_aNULL "aNULL"
232#define SSL_TXT_eNULL "eNULL"
233#define SSL_TXT_NULL "NULL"
234
235#define SSL_TXT_kKRB5 "kKRB5"
236#define SSL_TXT_aKRB5 "aKRB5"
237#define SSL_TXT_KRB5 "KRB5"
238
239#define SSL_TXT_kRSA "kRSA"
240#define SSL_TXT_kDHr "kDHr"
241#define SSL_TXT_kDHd "kDHd"
242#define SSL_TXT_kEDH "kEDH"
243#define SSL_TXT_aRSA "aRSA"
244#define SSL_TXT_aDSS "aDSS"
245#define SSL_TXT_aDH "aDH"
246#define SSL_TXT_DSS "DSS"
247#define SSL_TXT_DH "DH"
248#define SSL_TXT_EDH "EDH"
249#define SSL_TXT_ADH "ADH"
250#define SSL_TXT_RSA "RSA"
251#define SSL_TXT_DES "DES"
252#define SSL_TXT_3DES "3DES"
253#define SSL_TXT_RC4 "RC4"
254#define SSL_TXT_RC2 "RC2"
255#define SSL_TXT_IDEA "IDEA"
256#define SSL_TXT_AES "AESdraft" /* AES ciphersuites are not yet official (thus excluded from 'ALL') */
257#define SSL_TXT_MD5 "MD5"
258#define SSL_TXT_SHA1 "SHA1"
259#define SSL_TXT_SHA "SHA"
260#define SSL_TXT_EXP "EXP"
261#define SSL_TXT_EXPORT "EXPORT"
262#define SSL_TXT_EXP40 "EXPORT40"
263#define SSL_TXT_EXP56 "EXPORT56"
264#define SSL_TXT_SSLV2 "SSLv2"
265#define SSL_TXT_SSLV3 "SSLv3"
266#define SSL_TXT_TLSV1 "TLSv1"
267#define SSL_TXT_ALL "ALL"
268
269/* The following cipher list is used by default.
270 * It also is substituted when an application-defined cipher list string
271 * starts with 'DEFAULT'. */
272#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
273
274/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
275#define SSL_SENT_SHUTDOWN 1
276#define SSL_RECEIVED_SHUTDOWN 2
277
278#ifdef __cplusplus
279}
280#endif
281
282#include <openssl/crypto.h>
283#include <openssl/lhash.h>
284#include <openssl/buffer.h>
285#include <openssl/bio.h>
286#include <openssl/pem.h>
287#include <openssl/x509.h>
288
289#ifdef __cplusplus
290extern "C" {
291#endif
292
293#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
294#define OPENSSL_NO_SSL2
295#endif
296
297#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
298#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
299
300/* This is needed to stop compilers complaining about the
301 * 'struct ssl_st *' function parameters used to prototype callbacks
302 * in SSL_CTX. */
303typedef struct ssl_st *ssl_crock_st;
304
305/* used to hold info on the particular ciphers used */
306typedef struct ssl_cipher_st
307 {
308 int valid;
309 const char *name; /* text name */
310 unsigned long id; /* id, 4 bytes, first is version */
311 unsigned long algorithms; /* what ciphers are used */
312 unsigned long algo_strength; /* strength and export flags */
313 unsigned long algorithm2; /* Extra flags */
314 int strength_bits; /* Number of bits really used */
315 int alg_bits; /* Number of bits for algorithm */
316 unsigned long mask; /* used for matching */
317 unsigned long mask_strength; /* also used for matching */
318 } SSL_CIPHER;
319
320DECLARE_STACK_OF(SSL_CIPHER)
321
322typedef struct ssl_st SSL;
323typedef struct ssl_ctx_st SSL_CTX;
324
325/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
326typedef struct ssl_method_st
327 {
328 int version;
329 int (*ssl_new)(SSL *s);
330 void (*ssl_clear)(SSL *s);
331 void (*ssl_free)(SSL *s);
332 int (*ssl_accept)(SSL *s);
333 int (*ssl_connect)(SSL *s);
334 int (*ssl_read)(SSL *s,void *buf,int len);
335 int (*ssl_peek)(SSL *s,void *buf,int len);
336 int (*ssl_write)(SSL *s,const void *buf,int len);
337 int (*ssl_shutdown)(SSL *s);
338 int (*ssl_renegotiate)(SSL *s);
339 int (*ssl_renegotiate_check)(SSL *s);
340 long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
341 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
342 SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
343 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
344 int (*ssl_pending)(SSL *s);
345 int (*num_ciphers)(void);
346 SSL_CIPHER *(*get_cipher)(unsigned ncipher);
347 struct ssl_method_st *(*get_ssl_method)(int version);
348 long (*get_timeout)(void);
349 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
350 int (*ssl_version)();
351 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
352 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
353 } SSL_METHOD;
354
355/* Lets make this into an ASN.1 type structure as follows
356 * SSL_SESSION_ID ::= SEQUENCE {
357 * version INTEGER, -- structure version number
358 * SSLversion INTEGER, -- SSL version number
359 * Cipher OCTET_STRING, -- the 3 byte cipher ID
360 * Session_ID OCTET_STRING, -- the Session ID
361 * Master_key OCTET_STRING, -- the master key
362 * KRB5_principal OCTET_STRING -- optional Kerberos principal
363 * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
364 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
365 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
366 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
367 * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
368 * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
369 * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
370 * }
371 * Look in ssl/ssl_asn1.c for more details
372 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
373 */
374typedef struct ssl_session_st
375 {
376 int ssl_version; /* what ssl version session info is
377 * being kept in here? */
378
379 /* only really used in SSLv2 */
380 unsigned int key_arg_length;
381 unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
382 int master_key_length;
383 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
384 /* session_id - valid? */
385 unsigned int session_id_length;
386 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
387 /* this is used to determine whether the session is being reused in
388 * the appropriate context. It is up to the application to set this,
389 * via SSL_new */
390 unsigned int sid_ctx_length;
391 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
392
393#ifndef OPENSSL_NO_KRB5
394 unsigned int krb5_client_princ_len;
395 unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
396#endif /* OPENSSL_NO_KRB5 */
397
398 int not_resumable;
399
400 /* The cert is the certificate used to establish this connection */
401 struct sess_cert_st /* SESS_CERT */ *sess_cert;
402
403 /* This is the cert for the other end.
404 * On clients, it will be the same as sess_cert->peer_key->x509
405 * (the latter is not enough as sess_cert is not retained
406 * in the external representation of sessions, see ssl_asn1.c). */
407 X509 *peer;
408 /* when app_verify_callback accepts a session where the peer's certificate
409 * is not ok, we must remember the error for session reuse: */
410 long verify_result; /* only for servers */
411
412 int references;
413 long timeout;
414 long time;
415
416 int compress_meth; /* Need to lookup the method */
417
418 SSL_CIPHER *cipher;
419 unsigned long cipher_id; /* when ASN.1 loaded, this
420 * needs to be used to load
421 * the 'cipher' structure */
422
423 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
424
425 CRYPTO_EX_DATA ex_data; /* application specific data */
426
427 /* These are used to make removal of session-ids more
428 * efficient and to implement a maximum cache size. */
429 struct ssl_session_st *prev,*next;
430 } SSL_SESSION;
431
432#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
433#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
434#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
435#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
436#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
437#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
438#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
439#define SSL_OP_TLS_D5_BUG 0x00000100L
440#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
441
442/* If set, always create a new key when using tmp_dh parameters */
443#define SSL_OP_SINGLE_DH_USE 0x00100000L
444/* Set to always use the tmp_rsa key when doing RSA operations,
445 * even when this violates protocol specs */
446#define SSL_OP_EPHEMERAL_RSA 0x00200000L
447/* Set on servers to choose the cipher according to the server's
448 * preferences */
449#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
450/* If set, a server will allow a client to issue a SSLv3.0 version number
451 * as latest version supported in the premaster secret, even when TLSv1.0
452 * (version 3.1) was announced in the client hello. Normally this is
453 * forbidden to prevent version rollback attacks. */
454#define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
455/* As server, disallow session resumption on renegotiation */
456#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x01000000L
457
458/* The next flag deliberately changes the ciphertest, this is a check
459 * for the PKCS#1 attack */
460#define SSL_OP_PKCS1_CHECK_1 0x08000000L
461#define SSL_OP_PKCS1_CHECK_2 0x10000000L
462#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
463#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
464#define SSL_OP_ALL 0x000FFFFFL
465
466#define SSL_OP_NO_SSLv2 0x01000000L
467#define SSL_OP_NO_SSLv3 0x02000000L
468#define SSL_OP_NO_TLSv1 0x04000000L
469
470/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
471 * when just a single record has been written): */
472#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
473/* Make it possible to retry SSL_write() with changed buffer location
474 * (buffer contents must stay the same!); this is not the default to avoid
475 * the misconception that non-blocking SSL_write() behaves like
476 * non-blocking write(): */
477#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
478/* Never bother the application with retries if the transport
479 * is blocking: */
480#define SSL_MODE_AUTO_RETRY 0x00000004L
481
482/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
483 * they cannot be used to clear bits. */
484
485#define SSL_CTX_set_options(ctx,op) \
486 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
487#define SSL_CTX_get_options(ctx) \
488 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
489#define SSL_set_options(ssl,op) \
490 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
491#define SSL_get_options(ssl) \
492 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
493
494#define SSL_CTX_set_mode(ctx,op) \
495 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
496#define SSL_CTX_get_mode(ctx) \
497 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
498#define SSL_set_mode(ssl,op) \
499 SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
500#define SSL_get_mode(ssl) \
501 SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
502
503
504void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
505void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
506#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
507#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
508
509
510
511#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
512#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
513#else
514#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
515#endif
516
517#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
518
519/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
520 * them. It is used to override the generation of SSL/TLS session IDs in a
521 * server. Return value should be zero on an error, non-zero to proceed. Also,
522 * callbacks should themselves check if the id they generate is unique otherwise
523 * the SSL handshake will fail with an error - callbacks can do this using the
524 * 'ssl' value they're passed by;
525 * SSL_has_matching_session_id(ssl, id, *id_len)
526 * The length value passed in is set at the maximum size the session ID can be.
527 * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
528 * can alter this length to be less if desired, but under SSLv2 session IDs are
529 * supposed to be fixed at 16 bytes so the id will be padded after the callback
530 * returns in this case. It is also an error for the callback to set the size to
531 * zero. */
532typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
533 unsigned int *id_len);
534
535typedef struct ssl_comp_st
536 {
537 int id;
538 char *name;
539#ifndef OPENSSL_NO_COMP
540 COMP_METHOD *method;
541#else
542 char *method;
543#endif
544 } SSL_COMP;
545
546DECLARE_STACK_OF(SSL_COMP)
547
548struct ssl_ctx_st
549 {
550 SSL_METHOD *method;
551
552 STACK_OF(SSL_CIPHER) *cipher_list;
553 /* same as above but sorted for lookup */
554 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
555
556 struct x509_store_st /* X509_STORE */ *cert_store;
557 struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
558 /* Most session-ids that will be cached, default is
559 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
560 unsigned long session_cache_size;
561 struct ssl_session_st *session_cache_head;
562 struct ssl_session_st *session_cache_tail;
563
564 /* This can have one of 2 values, ored together,
565 * SSL_SESS_CACHE_CLIENT,
566 * SSL_SESS_CACHE_SERVER,
567 * Default is SSL_SESSION_CACHE_SERVER, which means only
568 * SSL_accept which cache SSL_SESSIONS. */
569 int session_cache_mode;
570
571 /* If timeout is not 0, it is the default timeout value set
572 * when SSL_new() is called. This has been put in to make
573 * life easier to set things up */
574 long session_timeout;
575
576 /* If this callback is not null, it will be called each
577 * time a session id is added to the cache. If this function
578 * returns 1, it means that the callback will do a
579 * SSL_SESSION_free() when it has finished using it. Otherwise,
580 * on 0, it means the callback has finished with it.
581 * If remove_session_cb is not null, it will be called when
582 * a session-id is removed from the cache. After the call,
583 * OpenSSL will SSL_SESSION_free() it. */
584 int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
585 void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
586 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
587 unsigned char *data,int len,int *copy);
588
589 struct
590 {
591 int sess_connect; /* SSL new conn - started */
592 int sess_connect_renegotiate;/* SSL reneg - requested */
593 int sess_connect_good; /* SSL new conne/reneg - finished */
594 int sess_accept; /* SSL new accept - started */
595 int sess_accept_renegotiate;/* SSL reneg - requested */
596 int sess_accept_good; /* SSL accept/reneg - finished */
597 int sess_miss; /* session lookup misses */
598 int sess_timeout; /* reuse attempt on timeouted session */
599 int sess_cache_full; /* session removed due to full cache */
600 int sess_hit; /* session reuse actually done */
601 int sess_cb_hit; /* session-id that was not
602 * in the cache was
603 * passed back via the callback. This
604 * indicates that the application is
605 * supplying session-id's from other
606 * processes - spooky :-) */
607 } stats;
608
609 int references;
610
611 /* if defined, these override the X509_verify_cert() calls */
612 int (*app_verify_callback)(X509_STORE_CTX *, void *);
613 void *app_verify_arg;
614 /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
615 * ('app_verify_callback' was called with just one argument) */
616
617 /* Default password callback. */
618 pem_password_cb *default_passwd_callback;
619
620 /* Default password callback user data. */
621 void *default_passwd_callback_userdata;
622
623 /* get client cert callback */
624 int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
625
626 CRYPTO_EX_DATA ex_data;
627
628 const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
629 const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
630 const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
631
632 STACK_OF(X509) *extra_certs;
633 STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
634
635
636 /* Default values used when no per-SSL value is defined follow */
637
638 void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
639
640 /* what we put in client cert requests */
641 STACK_OF(X509_NAME) *client_CA;
642
643
644 /* Default values to use in SSL structures follow (these are copied by SSL_new) */
645
646 unsigned long options;
647 unsigned long mode;
648 long max_cert_list;
649
650 struct cert_st /* CERT */ *cert;
651 int read_ahead;
652
653 /* callback that allows applications to peek at protocol messages */
654 void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
655 void *msg_callback_arg;
656
657 int verify_mode;
658 int verify_depth;
659 unsigned int sid_ctx_length;
660 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
661 int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
662
663 /* Default generate session ID callback. */
664 GEN_SESSION_CB generate_session_id;
665
666 int purpose; /* Purpose setting */
667 int trust; /* Trust setting */
668
669 int quiet_shutdown;
670 };
671
672#define SSL_SESS_CACHE_OFF 0x0000
673#define SSL_SESS_CACHE_CLIENT 0x0001
674#define SSL_SESS_CACHE_SERVER 0x0002
675#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
676#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
677/* This one, when set, makes the server session-id lookup not look
678 * in the cache. If there is an application get_session callback
679 * defined, this will still get called. */
680#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
681
682 struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
683#define SSL_CTX_sess_number(ctx) \
684 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
685#define SSL_CTX_sess_connect(ctx) \
686 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
687#define SSL_CTX_sess_connect_good(ctx) \
688 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
689#define SSL_CTX_sess_connect_renegotiate(ctx) \
690 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
691#define SSL_CTX_sess_accept(ctx) \
692 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
693#define SSL_CTX_sess_accept_renegotiate(ctx) \
694 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
695#define SSL_CTX_sess_accept_good(ctx) \
696 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
697#define SSL_CTX_sess_hits(ctx) \
698 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
699#define SSL_CTX_sess_cb_hits(ctx) \
700 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
701#define SSL_CTX_sess_misses(ctx) \
702 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
703#define SSL_CTX_sess_timeouts(ctx) \
704 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
705#define SSL_CTX_sess_cache_full(ctx) \
706 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
707
708#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
709#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
710#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
711#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
712#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
713#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
714#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
715#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
716#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
717#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
718
719#define SSL_NOTHING 1
720#define SSL_WRITING 2
721#define SSL_READING 3
722#define SSL_X509_LOOKUP 4
723
724/* These will only be used when doing non-blocking IO */
725#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
726#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
727#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
728#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
729
730struct ssl_st
731 {
732 /* protocol version
733 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
734 */
735 int version;
736 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
737
738 SSL_METHOD *method; /* SSLv3 */
739
740 /* There are 2 BIO's even though they are normally both the
741 * same. This is so data can be read and written to different
742 * handlers */
743
744#ifndef OPENSSL_NO_BIO
745 BIO *rbio; /* used by SSL_read */
746 BIO *wbio; /* used by SSL_write */
747 BIO *bbio; /* used during session-id reuse to concatenate
748 * messages */
749#else
750 char *rbio; /* used by SSL_read */
751 char *wbio; /* used by SSL_write */
752 char *bbio;
753#endif
754 /* This holds a variable that indicates what we were doing
755 * when a 0 or -1 is returned. This is needed for
756 * non-blocking IO so we know what request needs re-doing when
757 * in SSL_accept or SSL_connect */
758 int rwstate;
759
760 /* true when we are actually in SSL_accept() or SSL_connect() */
761 int in_handshake;
762 int (*handshake_func)();
763
764 /* Imagine that here's a boolean member "init" that is
765 * switched as soon as SSL_set_{accept/connect}_state
766 * is called for the first time, so that "state" and
767 * "handshake_func" are properly initialized. But as
768 * handshake_func is == 0 until then, we use this
769 * test instead of an "init" member.
770 */
771
772 int server; /* are we the server side? - mostly used by SSL_clear*/
773
774 int new_session;/* 1 if we are to use a new session.
775 * 2 if we are a server and are inside a handshake
776 * (i.e. not just sending a HelloRequest)
777 * NB: For servers, the 'new' session may actually be a previously
778 * cached session or even the previous session unless
779 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
780 int quiet_shutdown;/* don't send shutdown packets */
781 int shutdown; /* we have shut things down, 0x01 sent, 0x02
782 * for received */
783 int state; /* where we are */
784 int rstate; /* where we are when reading */
785
786 BUF_MEM *init_buf; /* buffer used during init */
787 void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
788 int init_num; /* amount read/written */
789 int init_off; /* amount read/written */
790
791 /* used internally to point at a raw packet */
792 unsigned char *packet;
793 unsigned int packet_length;
794
795 struct ssl2_state_st *s2; /* SSLv2 variables */
796 struct ssl3_state_st *s3; /* SSLv3 variables */
797
798 int read_ahead; /* Read as many input bytes as possible
799 * (for non-blocking reads) */
800
801 /* callback that allows applications to peek at protocol messages */
802 void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
803 void *msg_callback_arg;
804
805 int hit; /* reusing a previous session */
806
807 int purpose; /* Purpose setting */
808 int trust; /* Trust setting */
809
810 /* crypto */
811 STACK_OF(SSL_CIPHER) *cipher_list;
812 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
813
814 /* These are the ones being used, the ones in SSL_SESSION are
815 * the ones to be 'copied' into these ones */
816
817 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
818 const EVP_MD *read_hash; /* used for mac generation */
819#ifndef OPENSSL_NO_COMP
820 COMP_CTX *expand; /* uncompress */
821#else
822 char *expand;
823#endif
824
825 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
826 const EVP_MD *write_hash; /* used for mac generation */
827#ifndef OPENSSL_NO_COMP
828 COMP_CTX *compress; /* compression */
829#else
830 char *compress;
831#endif
832
833 /* session info */
834
835 /* client cert? */
836 /* This is used to hold the server certificate used */
837 struct cert_st /* CERT */ *cert;
838
839 /* the session_id_context is used to ensure sessions are only reused
840 * in the appropriate context */
841 unsigned int sid_ctx_length;
842 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
843
844 /* This can also be in the session once a session is established */
845 SSL_SESSION *session;
846
847 /* Default generate session ID callback. */
848 GEN_SESSION_CB generate_session_id;
849
850 /* Used in SSL2 and SSL3 */
851 int verify_mode; /* 0 don't care about verify failure.
852 * 1 fail if verify fails */
853 int verify_depth;
854 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
855
856 void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
857
858 int error; /* error bytes to be written */
859 int error_code; /* actual code */
860
861#ifndef OPENSSL_NO_KRB5
862 KSSL_CTX *kssl_ctx; /* Kerberos 5 context */
863#endif /* OPENSSL_NO_KRB5 */
864
865 SSL_CTX *ctx;
866 /* set this flag to 1 and a sleep(1) is put into all SSL_read()
867 * and SSL_write() calls, good for nbio debuging :-) */
868 int debug;
869
870 /* extra application data */
871 long verify_result;
872 CRYPTO_EX_DATA ex_data;
873
874 /* for server side, keep the list of CA_dn we can use */
875 STACK_OF(X509_NAME) *client_CA;
876
877 int references;
878 unsigned long options; /* protocol behaviour */
879 unsigned long mode; /* API behaviour */
880 long max_cert_list;
881 int first_packet;
882 int client_version; /* what was passed, used for
883 * SSLv3/TLS rollback check */
884 };
885
886#ifdef __cplusplus
887}
888#endif
889
890#include <openssl/ssl2.h>
891#include <openssl/ssl3.h>
892#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
893#include <openssl/ssl23.h>
894
895#ifdef __cplusplus
896extern "C" {
897#endif
898
899/* compatibility */
900#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
901#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
902#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
903#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
904#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
905#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
906
907/* The following are the possible values for ssl->state are are
908 * used to indicate where we are up to in the SSL connection establishment.
909 * The macros that follow are about the only things you should need to use
910 * and even then, only when using non-blocking IO.
911 * It can also be useful to work out where you were when the connection
912 * failed */
913
914#define SSL_ST_CONNECT 0x1000
915#define SSL_ST_ACCEPT 0x2000
916#define SSL_ST_MASK 0x0FFF
917#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
918#define SSL_ST_BEFORE 0x4000
919#define SSL_ST_OK 0x03
920#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
921
922#define SSL_CB_LOOP 0x01
923#define SSL_CB_EXIT 0x02
924#define SSL_CB_READ 0x04
925#define SSL_CB_WRITE 0x08
926#define SSL_CB_ALERT 0x4000 /* used in callback */
927#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
928#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
929#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
930#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
931#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
932#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
933#define SSL_CB_HANDSHAKE_START 0x10
934#define SSL_CB_HANDSHAKE_DONE 0x20
935
936/* Is the SSL_connection established? */
937#define SSL_get_state(a) SSL_state(a)
938#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
939#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
940#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
941#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
942#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
943
944/* The following 2 states are kept in ssl->rstate when reads fail,
945 * you should not need these */
946#define SSL_ST_READ_HEADER 0xF0
947#define SSL_ST_READ_BODY 0xF1
948#define SSL_ST_READ_DONE 0xF2
949
950/* Obtain latest Finished message
951 * -- that we sent (SSL_get_finished)
952 * -- that we expected from peer (SSL_get_peer_finished).
953 * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
954size_t SSL_get_finished(SSL *s, void *buf, size_t count);
955size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
956
957/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
958 * are 'ored' with SSL_VERIFY_PEER if they are desired */
959#define SSL_VERIFY_NONE 0x00
960#define SSL_VERIFY_PEER 0x01
961#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
962#define SSL_VERIFY_CLIENT_ONCE 0x04
963
964#define OpenSSL_add_ssl_algorithms() SSL_library_init()
965#define SSLeay_add_ssl_algorithms() SSL_library_init()
966
967/* this is for backward compatibility */
968#if 0 /* NEW_SSLEAY */
969#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
970#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
971#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
972#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
973#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
974#endif
975/* More backward compatibility */
976#define SSL_get_cipher(s) \
977 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
978#define SSL_get_cipher_bits(s,np) \
979 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
980#define SSL_get_cipher_version(s) \
981 SSL_CIPHER_get_version(SSL_get_current_cipher(s))
982#define SSL_get_cipher_name(s) \
983 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
984#define SSL_get_time(a) SSL_SESSION_get_time(a)
985#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
986#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
987#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
988
989#if 1 /*SSLEAY_MACROS*/
990#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
991 (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
992 (bp),(unsigned char **)(s_id))
993#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
994 bp,(unsigned char *)s_id)
995#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
996 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
997#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
998 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
999#define PEM_write_SSL_SESSION(fp,x) \
1000 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
1001 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
1002#define PEM_write_bio_SSL_SESSION(bp,x) \
1003 PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
1004 PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
1005#endif
1006
1007#define SSL_AD_REASON_OFFSET 1000
1008/* These alert types are for SSLv3 and TLSv1 */
1009#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
1010#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
1011#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
1012#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
1013#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
1014#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
1015#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
1016#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
1017#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
1018#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
1019#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
1020#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
1021#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
1022#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
1023#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
1024#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
1025#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
1026#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
1027#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
1028#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
1029#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
1030#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
1031#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
1032#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
1033
1034#define SSL_ERROR_NONE 0
1035#define SSL_ERROR_SSL 1
1036#define SSL_ERROR_WANT_READ 2
1037#define SSL_ERROR_WANT_WRITE 3
1038#define SSL_ERROR_WANT_X509_LOOKUP 4
1039#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
1040#define SSL_ERROR_ZERO_RETURN 6
1041#define SSL_ERROR_WANT_CONNECT 7
1042#define SSL_ERROR_WANT_ACCEPT 8
1043
1044#define SSL_CTRL_NEED_TMP_RSA 1
1045#define SSL_CTRL_SET_TMP_RSA 2
1046#define SSL_CTRL_SET_TMP_DH 3
1047#define SSL_CTRL_SET_TMP_RSA_CB 4
1048#define SSL_CTRL_SET_TMP_DH_CB 5
1049
1050#define SSL_CTRL_GET_SESSION_REUSED 6
1051#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
1052#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
1053#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
1054#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
1055#define SSL_CTRL_GET_FLAGS 11
1056#define SSL_CTRL_EXTRA_CHAIN_CERT 12
1057
1058#define SSL_CTRL_SET_MSG_CALLBACK 13
1059#define SSL_CTRL_SET_MSG_CALLBACK_ARG 14
1060
1061/* Stats */
1062#define SSL_CTRL_SESS_NUMBER 20
1063#define SSL_CTRL_SESS_CONNECT 21
1064#define SSL_CTRL_SESS_CONNECT_GOOD 22
1065#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
1066#define SSL_CTRL_SESS_ACCEPT 24
1067#define SSL_CTRL_SESS_ACCEPT_GOOD 25
1068#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
1069#define SSL_CTRL_SESS_HIT 27
1070#define SSL_CTRL_SESS_CB_HIT 28
1071#define SSL_CTRL_SESS_MISSES 29
1072#define SSL_CTRL_SESS_TIMEOUTS 30
1073#define SSL_CTRL_SESS_CACHE_FULL 31
1074#define SSL_CTRL_OPTIONS 32
1075#define SSL_CTRL_MODE 33
1076
1077#define SSL_CTRL_GET_READ_AHEAD 40
1078#define SSL_CTRL_SET_READ_AHEAD 41
1079#define SSL_CTRL_SET_SESS_CACHE_SIZE 42
1080#define SSL_CTRL_GET_SESS_CACHE_SIZE 43
1081#define SSL_CTRL_SET_SESS_CACHE_MODE 44
1082#define SSL_CTRL_GET_SESS_CACHE_MODE 45
1083
1084#define SSL_CTRL_GET_MAX_CERT_LIST 50
1085#define SSL_CTRL_SET_MAX_CERT_LIST 51
1086
1087#define SSL_session_reused(ssl) \
1088 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
1089#define SSL_num_renegotiations(ssl) \
1090 SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
1091#define SSL_clear_num_renegotiations(ssl) \
1092 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
1093#define SSL_total_renegotiations(ssl) \
1094 SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
1095
1096#define SSL_CTX_need_tmp_RSA(ctx) \
1097 SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1098#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
1099 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1100#define SSL_CTX_set_tmp_dh(ctx,dh) \
1101 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1102
1103#define SSL_need_tmp_RSA(ssl) \
1104 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1105#define SSL_set_tmp_rsa(ssl,rsa) \
1106 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1107#define SSL_set_tmp_dh(ssl,dh) \
1108 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1109
1110#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1111 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
1112
1113#ifndef OPENSSL_NO_BIO
1114BIO_METHOD *BIO_f_ssl(void);
1115BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
1116BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
1117BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
1118int BIO_ssl_copy_session_id(BIO *to,BIO *from);
1119void BIO_ssl_shutdown(BIO *ssl_bio);
1120
1121#endif
1122
1123int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
1124SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
1125void SSL_CTX_free(SSL_CTX *);
1126long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
1127long SSL_CTX_get_timeout(SSL_CTX *ctx);
1128X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);
1129void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
1130int SSL_want(SSL *s);
1131int SSL_clear(SSL *s);
1132
1133void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
1134
1135SSL_CIPHER *SSL_get_current_cipher(SSL *s);
1136int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
1137char * SSL_CIPHER_get_version(SSL_CIPHER *c);
1138const char * SSL_CIPHER_get_name(SSL_CIPHER *c);
1139
1140int SSL_get_fd(SSL *s);
1141int SSL_get_rfd(SSL *s);
1142int SSL_get_wfd(SSL *s);
1143const char * SSL_get_cipher_list(SSL *s,int n);
1144char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
1145int SSL_get_read_ahead(SSL * s);
1146int SSL_pending(SSL *s);
1147#ifndef OPENSSL_NO_SOCK
1148int SSL_set_fd(SSL *s, int fd);
1149int SSL_set_rfd(SSL *s, int fd);
1150int SSL_set_wfd(SSL *s, int fd);
1151#endif
1152#ifndef OPENSSL_NO_BIO
1153void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
1154BIO * SSL_get_rbio(SSL *s);
1155BIO * SSL_get_wbio(SSL *s);
1156#endif
1157int SSL_set_cipher_list(SSL *s, const char *str);
1158void SSL_set_read_ahead(SSL *s, int yes);
1159int SSL_get_verify_mode(SSL *s);
1160int SSL_get_verify_depth(SSL *s);
1161int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
1162void SSL_set_verify(SSL *s, int mode,
1163 int (*callback)(int ok,X509_STORE_CTX *ctx));
1164void SSL_set_verify_depth(SSL *s, int depth);
1165#ifndef OPENSSL_NO_RSA
1166int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
1167#endif
1168int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
1169int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
1170int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
1171int SSL_use_certificate(SSL *ssl, X509 *x);
1172int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
1173
1174#ifndef OPENSSL_NO_STDIO
1175int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
1176int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
1177int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
1178int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1179int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1180int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
1181int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
1182STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
1183int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1184 const char *file);
1185#ifndef OPENSSL_SYS_WIN32
1186#ifndef OPENSSL_SYS_VMS
1187#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
1188int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1189 const char *dir);
1190#endif
1191#endif
1192#endif
1193
1194#endif
1195
1196void SSL_load_error_strings(void );
1197const char *SSL_state_string(const SSL *s);
1198const char *SSL_rstate_string(const SSL *s);
1199const char *SSL_state_string_long(const SSL *s);
1200const char *SSL_rstate_string_long(const SSL *s);
1201long SSL_SESSION_get_time(SSL_SESSION *s);
1202long SSL_SESSION_set_time(SSL_SESSION *s, long t);
1203long SSL_SESSION_get_timeout(SSL_SESSION *s);
1204long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
1205void SSL_copy_session_id(SSL *to,SSL *from);
1206
1207SSL_SESSION *SSL_SESSION_new(void);
1208unsigned long SSL_SESSION_hash(SSL_SESSION *a);
1209int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
1210#ifndef OPENSSL_NO_FP_API
1211int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
1212#endif
1213#ifndef OPENSSL_NO_BIO
1214int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
1215#endif
1216void SSL_SESSION_free(SSL_SESSION *ses);
1217int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
1218int SSL_set_session(SSL *to, SSL_SESSION *session);
1219int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
1220int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
1221int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
1222int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
1223int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
1224 unsigned int id_len);
1225SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
1226
1227#ifdef HEADER_X509_H
1228X509 * SSL_get_peer_certificate(SSL *s);
1229#endif
1230
1231STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
1232
1233int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
1234int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
1235int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
1236void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
1237 int (*callback)(int, X509_STORE_CTX *));
1238void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
1239void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg);
1240#ifndef OPENSSL_NO_RSA
1241int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
1242#endif
1243int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
1244int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
1245int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
1246 unsigned char *d, long len);
1247int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
1248int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
1249
1250void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
1251void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
1252
1253int SSL_CTX_check_private_key(SSL_CTX *ctx);
1254int SSL_check_private_key(SSL *ctx);
1255
1256int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
1257 unsigned int sid_ctx_len);
1258
1259SSL * SSL_new(SSL_CTX *ctx);
1260int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
1261 unsigned int sid_ctx_len);
1262
1263int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
1264int SSL_set_purpose(SSL *s, int purpose);
1265int SSL_CTX_set_trust(SSL_CTX *s, int trust);
1266int SSL_set_trust(SSL *s, int trust);
1267
1268void SSL_free(SSL *ssl);
1269int SSL_accept(SSL *ssl);
1270int SSL_connect(SSL *ssl);
1271int SSL_read(SSL *ssl,void *buf,int num);
1272int SSL_peek(SSL *ssl,void *buf,int num);
1273int SSL_write(SSL *ssl,const void *buf,int num);
1274long SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
1275long SSL_callback_ctrl(SSL *, int, void (*)());
1276long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg);
1277long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
1278
1279int SSL_get_error(SSL *s,int ret_code);
1280const char *SSL_get_version(SSL *s);
1281
1282/* This sets the 'default' SSL version that SSL_new() will create */
1283int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
1284
1285SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1286SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1287SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1288
1289SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1290SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1291SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
1292
1293SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
1294SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
1295SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
1296
1297SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1298SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1299SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1300
1301STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
1302
1303int SSL_do_handshake(SSL *s);
1304int SSL_renegotiate(SSL *s);
1305int SSL_renegotiate_pending(SSL *s);
1306int SSL_shutdown(SSL *s);
1307
1308SSL_METHOD *SSL_get_ssl_method(SSL *s);
1309int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
1310const char *SSL_alert_type_string_long(int value);
1311const char *SSL_alert_type_string(int value);
1312const char *SSL_alert_desc_string_long(int value);
1313const char *SSL_alert_desc_string(int value);
1314
1315void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
1316void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
1317STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
1318STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
1319int SSL_add_client_CA(SSL *ssl,X509 *x);
1320int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
1321
1322void SSL_set_connect_state(SSL *s);
1323void SSL_set_accept_state(SSL *s);
1324
1325long SSL_get_default_timeout(SSL *s);
1326
1327int SSL_library_init(void );
1328
1329char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
1330STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
1331
1332SSL *SSL_dup(SSL *ssl);
1333
1334X509 *SSL_get_certificate(SSL *ssl);
1335/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
1336
1337void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
1338int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
1339void SSL_set_quiet_shutdown(SSL *ssl,int mode);
1340int SSL_get_quiet_shutdown(SSL *ssl);
1341void SSL_set_shutdown(SSL *ssl,int mode);
1342int SSL_get_shutdown(SSL *ssl);
1343int SSL_version(SSL *ssl);
1344int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
1345int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
1346 const char *CApath);
1347#define SSL_get0_session SSL_get_session /* just peek at pointer */
1348SSL_SESSION *SSL_get_session(SSL *ssl);
1349SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
1350SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
1351void SSL_set_info_callback(SSL *ssl,
1352 void (*cb)(const SSL *ssl,int type,int val));
1353void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val);
1354int SSL_state(SSL *ssl);
1355
1356void SSL_set_verify_result(SSL *ssl,long v);
1357long SSL_get_verify_result(SSL *ssl);
1358
1359int SSL_set_ex_data(SSL *ssl,int idx,void *data);
1360void *SSL_get_ex_data(SSL *ssl,int idx);
1361int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1362 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1363
1364int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
1365void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
1366int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1367 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1368
1369int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
1370void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
1371int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1372 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1373
1374int SSL_get_ex_data_X509_STORE_CTX_idx(void );
1375
1376#define SSL_CTX_sess_set_cache_size(ctx,t) \
1377 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
1378#define SSL_CTX_sess_get_cache_size(ctx) \
1379 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
1380#define SSL_CTX_set_session_cache_mode(ctx,m) \
1381 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
1382#define SSL_CTX_get_session_cache_mode(ctx) \
1383 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
1384
1385#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
1386#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
1387#define SSL_CTX_get_read_ahead(ctx) \
1388 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
1389#define SSL_CTX_set_read_ahead(ctx,m) \
1390 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
1391#define SSL_CTX_get_max_cert_list(ctx) \
1392 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1393#define SSL_CTX_set_max_cert_list(ctx,m) \
1394 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1395#define SSL_get_max_cert_list(ssl) \
1396 SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1397#define SSL_set_max_cert_list(ssl,m) \
1398 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1399
1400 /* NB: the keylength is only applicable when is_export is true */
1401#ifndef OPENSSL_NO_RSA
1402void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
1403 RSA *(*cb)(SSL *ssl,int is_export,
1404 int keylength));
1405
1406void SSL_set_tmp_rsa_callback(SSL *ssl,
1407 RSA *(*cb)(SSL *ssl,int is_export,
1408 int keylength));
1409#endif
1410#ifndef OPENSSL_NO_DH
1411void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
1412 DH *(*dh)(SSL *ssl,int is_export,
1413 int keylength));
1414void SSL_set_tmp_dh_callback(SSL *ssl,
1415 DH *(*dh)(SSL *ssl,int is_export,
1416 int keylength));
1417#endif
1418
1419#ifndef OPENSSL_NO_COMP
1420int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
1421#else
1422int SSL_COMP_add_compression_method(int id,char *cm);
1423#endif
1424
1425/* BEGIN ERROR CODES */
1426/* The following lines are auto generated by the script mkerr.pl. Any changes
1427 * made after this point may be overwritten when the script is next run.
1428 */
1429void ERR_load_SSL_strings(void);
1430
1431/* Error codes for the SSL functions. */
1432
1433/* Function codes. */
1434#define SSL_F_CLIENT_CERTIFICATE 100
1435#define SSL_F_CLIENT_HELLO 101
1436#define SSL_F_CLIENT_MASTER_KEY 102
1437#define SSL_F_D2I_SSL_SESSION 103
1438#define SSL_F_DO_SSL3_WRITE 104
1439#define SSL_F_GET_CLIENT_FINISHED 105
1440#define SSL_F_GET_CLIENT_HELLO 106
1441#define SSL_F_GET_CLIENT_MASTER_KEY 107
1442#define SSL_F_GET_SERVER_FINISHED 108
1443#define SSL_F_GET_SERVER_HELLO 109
1444#define SSL_F_GET_SERVER_VERIFY 110
1445#define SSL_F_I2D_SSL_SESSION 111
1446#define SSL_F_READ_N 112
1447#define SSL_F_REQUEST_CERTIFICATE 113
1448#define SSL_F_SERVER_HELLO 114
1449#define SSL_F_SSL23_ACCEPT 115
1450#define SSL_F_SSL23_CLIENT_HELLO 116
1451#define SSL_F_SSL23_CONNECT 117
1452#define SSL_F_SSL23_GET_CLIENT_HELLO 118
1453#define SSL_F_SSL23_GET_SERVER_HELLO 119
1454#define SSL_F_SSL23_PEEK 237
1455#define SSL_F_SSL23_READ 120
1456#define SSL_F_SSL23_WRITE 121
1457#define SSL_F_SSL2_ACCEPT 122
1458#define SSL_F_SSL2_CONNECT 123
1459#define SSL_F_SSL2_ENC_INIT 124
1460#define SSL_F_SSL2_PEEK 234
1461#define SSL_F_SSL2_READ 125
1462#define SSL_F_SSL2_READ_INTERNAL 236
1463#define SSL_F_SSL2_SET_CERTIFICATE 126
1464#define SSL_F_SSL2_WRITE 127
1465#define SSL_F_SSL3_ACCEPT 128
1466#define SSL_F_SSL3_CALLBACK_CTRL 233
1467#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
1468#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
1469#define SSL_F_SSL3_CLIENT_HELLO 131
1470#define SSL_F_SSL3_CONNECT 132
1471#define SSL_F_SSL3_CTRL 213
1472#define SSL_F_SSL3_CTX_CTRL 133
1473#define SSL_F_SSL3_ENC 134
1474#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
1475#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
1476#define SSL_F_SSL3_GET_CERT_VERIFY 136
1477#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
1478#define SSL_F_SSL3_GET_CLIENT_HELLO 138
1479#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
1480#define SSL_F_SSL3_GET_FINISHED 140
1481#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
1482#define SSL_F_SSL3_GET_MESSAGE 142
1483#define SSL_F_SSL3_GET_RECORD 143
1484#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
1485#define SSL_F_SSL3_GET_SERVER_DONE 145
1486#define SSL_F_SSL3_GET_SERVER_HELLO 146
1487#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
1488#define SSL_F_SSL3_PEEK 235
1489#define SSL_F_SSL3_READ_BYTES 148
1490#define SSL_F_SSL3_READ_N 149
1491#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
1492#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
1493#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
1494#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
1495#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
1496#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
1497#define SSL_F_SSL3_SETUP_BUFFERS 156
1498#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
1499#define SSL_F_SSL3_WRITE_BYTES 158
1500#define SSL_F_SSL3_WRITE_PENDING 159
1501#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
1502#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
1503#define SSL_F_SSL_BAD_METHOD 160
1504#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
1505#define SSL_F_SSL_CERT_DUP 221
1506#define SSL_F_SSL_CERT_INST 222
1507#define SSL_F_SSL_CERT_INSTANTIATE 214
1508#define SSL_F_SSL_CERT_NEW 162
1509#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
1510#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
1511#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
1512#define SSL_F_SSL_CLEAR 164
1513#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
1514#define SSL_F_SSL_CREATE_CIPHER_LIST 166
1515#define SSL_F_SSL_CTRL 232
1516#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1517#define SSL_F_SSL_CTX_NEW 169
1518#define SSL_F_SSL_CTX_SET_PURPOSE 226
1519#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
1520#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
1521#define SSL_F_SSL_CTX_SET_TRUST 229
1522#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
1523#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
1524#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
1525#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
1526#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
1527#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
1528#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
1529#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
1530#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
1531#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
1532#define SSL_F_SSL_DO_HANDSHAKE 180
1533#define SSL_F_SSL_GET_NEW_SESSION 181
1534#define SSL_F_SSL_GET_PREV_SESSION 217
1535#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
1536#define SSL_F_SSL_GET_SIGN_PKEY 183
1537#define SSL_F_SSL_INIT_WBIO_BUFFER 184
1538#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
1539#define SSL_F_SSL_NEW 186
1540#define SSL_F_SSL_READ 223
1541#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
1542#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
1543#define SSL_F_SSL_SESSION_NEW 189
1544#define SSL_F_SSL_SESSION_PRINT_FP 190
1545#define SSL_F_SSL_SESS_CERT_NEW 225
1546#define SSL_F_SSL_SET_CERT 191
1547#define SSL_F_SSL_SET_FD 192
1548#define SSL_F_SSL_SET_PKEY 193
1549#define SSL_F_SSL_SET_PURPOSE 227
1550#define SSL_F_SSL_SET_RFD 194
1551#define SSL_F_SSL_SET_SESSION 195
1552#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
1553#define SSL_F_SSL_SET_TRUST 228
1554#define SSL_F_SSL_SET_WFD 196
1555#define SSL_F_SSL_SHUTDOWN 224
1556#define SSL_F_SSL_UNDEFINED_FUNCTION 197
1557#define SSL_F_SSL_USE_CERTIFICATE 198
1558#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
1559#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
1560#define SSL_F_SSL_USE_PRIVATEKEY 201
1561#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
1562#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
1563#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
1564#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
1565#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
1566#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
1567#define SSL_F_SSL_WRITE 208
1568#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
1569#define SSL_F_TLS1_ENC 210
1570#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
1571#define SSL_F_WRITE_PENDING 212
1572
1573/* Reason codes. */
1574#define SSL_R_APP_DATA_IN_HANDSHAKE 100
1575#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
1576#define SSL_R_BAD_ALERT_RECORD 101
1577#define SSL_R_BAD_AUTHENTICATION_TYPE 102
1578#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
1579#define SSL_R_BAD_CHECKSUM 104
1580#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
1581#define SSL_R_BAD_DECOMPRESSION 107
1582#define SSL_R_BAD_DH_G_LENGTH 108
1583#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
1584#define SSL_R_BAD_DH_P_LENGTH 110
1585#define SSL_R_BAD_DIGEST_LENGTH 111
1586#define SSL_R_BAD_DSA_SIGNATURE 112
1587#define SSL_R_BAD_HELLO_REQUEST 105
1588#define SSL_R_BAD_LENGTH 271
1589#define SSL_R_BAD_MAC_DECODE 113
1590#define SSL_R_BAD_MESSAGE_TYPE 114
1591#define SSL_R_BAD_PACKET_LENGTH 115
1592#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
1593#define SSL_R_BAD_RESPONSE_ARGUMENT 117
1594#define SSL_R_BAD_RSA_DECRYPT 118
1595#define SSL_R_BAD_RSA_ENCRYPT 119
1596#define SSL_R_BAD_RSA_E_LENGTH 120
1597#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
1598#define SSL_R_BAD_RSA_SIGNATURE 122
1599#define SSL_R_BAD_SIGNATURE 123
1600#define SSL_R_BAD_SSL_FILETYPE 124
1601#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
1602#define SSL_R_BAD_STATE 126
1603#define SSL_R_BAD_WRITE_RETRY 127
1604#define SSL_R_BIO_NOT_SET 128
1605#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
1606#define SSL_R_BN_LIB 130
1607#define SSL_R_CA_DN_LENGTH_MISMATCH 131
1608#define SSL_R_CA_DN_TOO_LONG 132
1609#define SSL_R_CCS_RECEIVED_EARLY 133
1610#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
1611#define SSL_R_CERT_LENGTH_MISMATCH 135
1612#define SSL_R_CHALLENGE_IS_DIFFERENT 136
1613#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
1614#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
1615#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
1616#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
1617#define SSL_R_COMPRESSION_FAILURE 141
1618#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
1619#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
1620#define SSL_R_CONNECTION_TYPE_NOT_SET 144
1621#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
1622#define SSL_R_DATA_LENGTH_TOO_LONG 146
1623#define SSL_R_DECRYPTION_FAILED 147
1624#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 1109
1625#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
1626#define SSL_R_DIGEST_CHECK_FAILED 149
1627#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
1628#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092
1629#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
1630#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
1631#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
1632#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
1633#define SSL_R_HTTPS_PROXY_REQUEST 155
1634#define SSL_R_HTTP_REQUEST 156
1635#define SSL_R_ILLEGAL_PADDING 1110
1636#define SSL_R_INVALID_CHALLENGE_LENGTH 158
1637#define SSL_R_INVALID_COMMAND 280
1638#define SSL_R_INVALID_PURPOSE 278
1639#define SSL_R_INVALID_TRUST 279
1640#define SSL_R_KEY_ARG_TOO_LONG 1112
1641#define SSL_R_KRB5 1104
1642#define SSL_R_KRB5_C_CC_PRINC 1094
1643#define SSL_R_KRB5_C_GET_CRED 1095
1644#define SSL_R_KRB5_C_INIT 1096
1645#define SSL_R_KRB5_C_MK_REQ 1097
1646#define SSL_R_KRB5_S_BAD_TICKET 1098
1647#define SSL_R_KRB5_S_INIT 1099
1648#define SSL_R_KRB5_S_RD_REQ 1108
1649#define SSL_R_KRB5_S_TKT_EXPIRED 1105
1650#define SSL_R_KRB5_S_TKT_NYV 1106
1651#define SSL_R_KRB5_S_TKT_SKEW 1107
1652#define SSL_R_LENGTH_MISMATCH 159
1653#define SSL_R_LENGTH_TOO_SHORT 160
1654#define SSL_R_LIBRARY_BUG 274
1655#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
1656#define SSL_R_MESSAGE_TOO_LONG 1111
1657#define SSL_R_MISSING_DH_DSA_CERT 162
1658#define SSL_R_MISSING_DH_KEY 163
1659#define SSL_R_MISSING_DH_RSA_CERT 164
1660#define SSL_R_MISSING_DSA_SIGNING_CERT 165
1661#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
1662#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
1663#define SSL_R_MISSING_RSA_CERTIFICATE 168
1664#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
1665#define SSL_R_MISSING_RSA_SIGNING_CERT 170
1666#define SSL_R_MISSING_TMP_DH_KEY 171
1667#define SSL_R_MISSING_TMP_RSA_KEY 172
1668#define SSL_R_MISSING_TMP_RSA_PKEY 173
1669#define SSL_R_MISSING_VERIFY_MESSAGE 174
1670#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
1671#define SSL_R_NO_CERTIFICATES_RETURNED 176
1672#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
1673#define SSL_R_NO_CERTIFICATE_RETURNED 178
1674#define SSL_R_NO_CERTIFICATE_SET 179
1675#define SSL_R_NO_CERTIFICATE_SPECIFIED 180
1676#define SSL_R_NO_CIPHERS_AVAILABLE 181
1677#define SSL_R_NO_CIPHERS_PASSED 182
1678#define SSL_R_NO_CIPHERS_SPECIFIED 183
1679#define SSL_R_NO_CIPHER_LIST 184
1680#define SSL_R_NO_CIPHER_MATCH 185
1681#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
1682#define SSL_R_NO_COMPRESSION_SPECIFIED 187
1683#define SSL_R_NO_METHOD_SPECIFIED 188
1684#define SSL_R_NO_PRIVATEKEY 189
1685#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
1686#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
1687#define SSL_R_NO_PUBLICKEY 192
1688#define SSL_R_NO_SHARED_CIPHER 193
1689#define SSL_R_NO_VERIFY_CALLBACK 194
1690#define SSL_R_NULL_SSL_CTX 195
1691#define SSL_R_NULL_SSL_METHOD_PASSED 196
1692#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
1693#define SSL_R_PACKET_LENGTH_TOO_LONG 198
1694#define SSL_R_PATH_TOO_LONG 270
1695#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
1696#define SSL_R_PEER_ERROR 200
1697#define SSL_R_PEER_ERROR_CERTIFICATE 201
1698#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
1699#define SSL_R_PEER_ERROR_NO_CIPHER 203
1700#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
1701#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
1702#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
1703#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
1704#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
1705#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
1706#define SSL_R_PUBLIC_KEY_NOT_RSA 210
1707#define SSL_R_READ_BIO_NOT_SET 211
1708#define SSL_R_READ_WRONG_PACKET_TYPE 212
1709#define SSL_R_RECORD_LENGTH_MISMATCH 213
1710#define SSL_R_RECORD_TOO_LARGE 214
1711#define SSL_R_RECORD_TOO_SMALL 1093
1712#define SSL_R_REQUIRED_CIPHER_MISSING 215
1713#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
1714#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
1715#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
1716#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
1717#define SSL_R_SHORT_READ 219
1718#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
1719#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
1720#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113
1721#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
1722#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
1723#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
1724#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
1725#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
1726#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
1727#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
1728#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
1729#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
1730#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
1731#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223
1732#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224
1733#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225
1734#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
1735#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
1736#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227
1737#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
1738#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
1739#define SSL_R_SSL_HANDSHAKE_FAILURE 229
1740#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
1741#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 1102
1742#define SSL_R_SSL_SESSION_ID_CONFLICT 1103
1743#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
1744#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 1101
1745#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
1746#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
1747#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
1748#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
1749#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
1750#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
1751#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
1752#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
1753#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
1754#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
1755#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
1756#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
1757#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
1758#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
1759#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
1760#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
1761#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
1762#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
1763#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
1764#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
1765#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
1766#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
1767#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
1768#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
1769#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
1770#define SSL_R_UNEXPECTED_MESSAGE 244
1771#define SSL_R_UNEXPECTED_RECORD 245
1772#define SSL_R_UNINITIALIZED 276
1773#define SSL_R_UNKNOWN_ALERT_TYPE 246
1774#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
1775#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
1776#define SSL_R_UNKNOWN_CIPHER_TYPE 249
1777#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
1778#define SSL_R_UNKNOWN_PKEY_TYPE 251
1779#define SSL_R_UNKNOWN_PROTOCOL 252
1780#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
1781#define SSL_R_UNKNOWN_SSL_VERSION 254
1782#define SSL_R_UNKNOWN_STATE 255
1783#define SSL_R_UNSUPPORTED_CIPHER 256
1784#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
1785#define SSL_R_UNSUPPORTED_OPTION 1091
1786#define SSL_R_UNSUPPORTED_PROTOCOL 258
1787#define SSL_R_UNSUPPORTED_SSL_VERSION 259
1788#define SSL_R_WRITE_BIO_NOT_SET 260
1789#define SSL_R_WRONG_CIPHER_RETURNED 261
1790#define SSL_R_WRONG_MESSAGE_TYPE 262
1791#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
1792#define SSL_R_WRONG_SIGNATURE_LENGTH 264
1793#define SSL_R_WRONG_SIGNATURE_SIZE 265
1794#define SSL_R_WRONG_SSL_VERSION 266
1795#define SSL_R_WRONG_VERSION_NUMBER 267
1796#define SSL_R_X509_LIB 268
1797#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
1798
1799#ifdef __cplusplus
1800}
1801#endif
1802#endif
diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile
new file mode 100644
index 0000000000..7282f43793
--- /dev/null
+++ b/src/lib/libssl/ssl/Makefile
@@ -0,0 +1,58 @@
1# $OpenBSD: Makefile,v 1.15 2002/09/03 18:59:56 markus Exp $
2
3LIB= ssl
4
5SSLEAYDIST= src
6
7LSSL_SRC= ${.CURDIR}/../${SSLEAYDIST}/ssl
8
9.if ${MACHINE_ARCH} == "i386"
10CFLAGS+= -DL_ENDIAN -DBN_ASM
11.else
12.if ${MACHINE_ARCH} == "mips"
13CFLAGS+= -DL_ENDIAN
14.else
15.if ${MACHINE_ARCH} == "vax"
16CFLAGS+= -DL_ENDIAN
17.else
18.if ${MACHINE_ARCH} == "alpha"
19# no ENDIAN stuff defined for alpha
20.else
21CFLAGS+= -DB_ENDIAN
22.endif
23.endif
24.endif
25.endif
26
27CFLAGS+= -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR
28CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DSO_DLFCN -DHAVE_DLFCN_H
29CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}
30
31SRCS= bio_ssl.c s2_clnt.c s3_both.c s3_srvr.c ssl_err2.c ssl_txt.c \
32 t1_srvr.c s23_clnt.c s2_enc.c s3_clnt.c ssl_algs.c ssl_lib.c \
33 ssltest.c s23_lib.c s2_lib.c s3_enc.c ssl_asn1.c ssl_rsa.c \
34 t1_clnt.c s23_meth.c s2_meth.c s3_lib.c ssl_cert.c ssl_sess.c \
35 t1_enc.c s23_pkt.c s2_pkt.c s3_meth.c ssl_ciph.c ssl_stat.c \
36 t1_lib.c s23_srvr.c s2_srvr.c s3_pkt.c ssl_err.c \
37 t1_meth.c
38
39HDRS= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h
40
41.PATH: ${LSSL_SRC}
42
43includes:
44 @test -d ${DESTDIR}/usr/include/ssl || mkdir ${DESTDIR}/usr/include/ssl
45 @d=`mktemp -d /tmp/libsslXXXXXXXXXX`; \
46 cd ${LSSL_SRC}; for i in $(HDRS); do \
47 f=`basename $$i`; \
48 j="sed 's/<openssl/<ssl/' \
49 $$i >$$d/$$f && \
50 (cmp -s $$d/$$f ${DESTDIR}/usr/include/ssl/$$f || \
51 ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \
52 $$d/$$f ${DESTDIR}/usr/include/ssl)"; \
53 echo $$j; \
54 eval "$$j"; \
55 done; \
56 rm -rf $$d
57
58.include <bsd.lib.mk>
diff --git a/src/lib/libssl/ssl/shlib_version b/src/lib/libssl/ssl/shlib_version
new file mode 100644
index 0000000000..9c1551636c
--- /dev/null
+++ b/src/lib/libssl/ssl/shlib_version
@@ -0,0 +1,2 @@
1major=6
2minor=0
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
new file mode 100644
index 0000000000..99a52ea0dd
--- /dev/null
+++ b/src/lib/libssl/ssl2.h
@@ -0,0 +1,268 @@
1/* ssl/ssl2.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL2_H
60#define HEADER_SSL2_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/* Protocol Version Codes */
67#define SSL2_VERSION 0x0002
68#define SSL2_VERSION_MAJOR 0x00
69#define SSL2_VERSION_MINOR 0x02
70/* #define SSL2_CLIENT_VERSION 0x0002 */
71/* #define SSL2_SERVER_VERSION 0x0002 */
72
73/* Protocol Message Codes */
74#define SSL2_MT_ERROR 0
75#define SSL2_MT_CLIENT_HELLO 1
76#define SSL2_MT_CLIENT_MASTER_KEY 2
77#define SSL2_MT_CLIENT_FINISHED 3
78#define SSL2_MT_SERVER_HELLO 4
79#define SSL2_MT_SERVER_VERIFY 5
80#define SSL2_MT_SERVER_FINISHED 6
81#define SSL2_MT_REQUEST_CERTIFICATE 7
82#define SSL2_MT_CLIENT_CERTIFICATE 8
83
84/* Error Message Codes */
85#define SSL2_PE_UNDEFINED_ERROR 0x0000
86#define SSL2_PE_NO_CIPHER 0x0001
87#define SSL2_PE_NO_CERTIFICATE 0x0002
88#define SSL2_PE_BAD_CERTIFICATE 0x0004
89#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
90
91/* Cipher Kind Values */
92#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
93#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
94#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
95#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
96#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
97#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
98#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
99#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
100#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
101#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
102#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
103
104#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
105#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
106
107#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
108#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
109#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
110#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
111#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
112#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
113#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
114#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
115#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
116#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
117#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
118#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
119
120#define SSL2_TXT_NULL "NULL"
121
122/* Flags for the SSL_CIPHER.algorithm2 field */
123#define SSL2_CF_5_BYTE_ENC 0x01
124#define SSL2_CF_8_BYTE_ENC 0x02
125
126/* Certificate Type Codes */
127#define SSL2_CT_X509_CERTIFICATE 0x01
128
129/* Authentication Type Code */
130#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
131
132#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
133
134/* Upper/Lower Bounds */
135#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
136#ifdef OPENSSL_SYS_MPE
137#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
138#else
139#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
140#endif
141#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
142
143#define SSL2_CHALLENGE_LENGTH 16
144/*#define SSL2_CHALLENGE_LENGTH 32 */
145#define SSL2_MIN_CHALLENGE_LENGTH 16
146#define SSL2_MAX_CHALLENGE_LENGTH 32
147#define SSL2_CONNECTION_ID_LENGTH 16
148#define SSL2_MAX_CONNECTION_ID_LENGTH 16
149#define SSL2_SSL_SESSION_ID_LENGTH 16
150#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
151#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
152#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
153
154#ifndef HEADER_SSL_LOCL_H
155#define CERT char
156#endif
157
158typedef struct ssl2_state_st
159 {
160 int three_byte_header;
161 int clear_text; /* clear text */
162 int escape; /* not used in SSLv2 */
163 int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
164
165 /* non-blocking io info, used to make sure the same
166 * args were passwd */
167 unsigned int wnum; /* number of bytes sent so far */
168 int wpend_tot;
169 const unsigned char *wpend_buf;
170
171 int wpend_off; /* offset to data to write */
172 int wpend_len; /* number of bytes passwd to write */
173 int wpend_ret; /* number of bytes to return to caller */
174
175 /* buffer raw data */
176 int rbuf_left;
177 int rbuf_offs;
178 unsigned char *rbuf;
179 unsigned char *wbuf;
180
181 unsigned char *write_ptr;/* used to point to the start due to
182 * 2/3 byte header. */
183
184 unsigned int padding;
185 unsigned int rlength; /* passed to ssl2_enc */
186 int ract_data_length; /* Set when things are encrypted. */
187 unsigned int wlength; /* passed to ssl2_enc */
188 int wact_data_length; /* Set when things are decrypted. */
189 unsigned char *ract_data;
190 unsigned char *wact_data;
191 unsigned char *mac_data;
192
193 unsigned char *read_key;
194 unsigned char *write_key;
195
196 /* Stuff specifically to do with this SSL session */
197 unsigned int challenge_length;
198 unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
199 unsigned int conn_id_length;
200 unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
201 unsigned int key_material_length;
202 unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
203
204 unsigned long read_sequence;
205 unsigned long write_sequence;
206
207 struct {
208 unsigned int conn_id_length;
209 unsigned int cert_type;
210 unsigned int cert_length;
211 unsigned int csl;
212 unsigned int clear;
213 unsigned int enc;
214 unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
215 unsigned int cipher_spec_length;
216 unsigned int session_id_length;
217 unsigned int clen;
218 unsigned int rlen;
219 } tmp;
220 } SSL2_STATE;
221
222/* SSLv2 */
223/* client */
224#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
225#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
226#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
227#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
228#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
229#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
230#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
231#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
232#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
233#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
234#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
235#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
236#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
237#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
238#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
239#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
240#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
241#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
242/* server */
243#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
244#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
245#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
246#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
247#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
248#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
249#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
250#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
251#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
252#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
253#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
254#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
255#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
256#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
257#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
258#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
259#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
260#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
261#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
262#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
263
264#ifdef __cplusplus
265}
266#endif
267#endif
268
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
new file mode 100644
index 0000000000..d3228983c7
--- /dev/null
+++ b/src/lib/libssl/ssl23.h
@@ -0,0 +1,83 @@
1/* ssl/ssl23.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL23_H
60#define HEADER_SSL23_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/*client */
67/* write to server */
68#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
69#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
70/* read from server */
71#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
72#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
73
74/* server */
75/* read from client */
76#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
77#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
78
79#ifdef __cplusplus
80}
81#endif
82#endif
83
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
new file mode 100644
index 0000000000..8fd6951d77
--- /dev/null
+++ b/src/lib/libssl/ssl3.h
@@ -0,0 +1,504 @@
1/* ssl/ssl3.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_SSL3_H
113#define HEADER_SSL3_H
114
115#ifndef OPENSSL_NO_COMP
116#include <openssl/comp.h>
117#endif
118#include <openssl/buffer.h>
119#include <openssl/evp.h>
120#include <openssl/ssl.h>
121
122#ifdef __cplusplus
123extern "C" {
124#endif
125
126#define SSL3_CK_RSA_NULL_MD5 0x03000001
127#define SSL3_CK_RSA_NULL_SHA 0x03000002
128#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
129#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
130#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
131#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
132#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
133#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
134#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
135#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
136
137#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
138#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
139#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
140#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
141#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
142#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
143
144#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
145#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
146#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
147#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
148#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
149#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
150
151#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
152#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
153#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
154#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
155#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
156
157#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
158#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
159#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
160
161/* VRS Additional Kerberos5 entries
162 */
163#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021
164#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022
165#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023
166#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024
167#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025
168#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026
169
170#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
171#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
172#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
173#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
174#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
175#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
176
177#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
178#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
179#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
180#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
181#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
182#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
183#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
184#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
185#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
186#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
187
188#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
189#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
190#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
191#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
192#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
193#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
194
195#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
196#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
197#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
198#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
199#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
200#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
201
202#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
203#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
204#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
205#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
206#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
207
208#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
209#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
210#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
211
212#define SSL3_SSL_SESSION_ID_LENGTH 32
213#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
214
215#define SSL3_MASTER_SECRET_SIZE 48
216#define SSL3_RANDOM_SIZE 32
217#define SSL3_SESSION_ID_SIZE 32
218#define SSL3_RT_HEADER_LENGTH 5
219
220/* Due to MS stuffing up, this can change.... */
221#if defined(OPENSSL_SYS_WIN16) || \
222 (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
223#define SSL3_RT_MAX_EXTRA (14000)
224#else
225#define SSL3_RT_MAX_EXTRA (16384)
226#endif
227
228#define SSL3_RT_MAX_PLAIN_LENGTH 16384
229#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
230#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
231#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
232#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
233
234#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
235#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
236
237#define SSL3_VERSION 0x0300
238#define SSL3_VERSION_MAJOR 0x03
239#define SSL3_VERSION_MINOR 0x00
240
241#define SSL3_RT_CHANGE_CIPHER_SPEC 20
242#define SSL3_RT_ALERT 21
243#define SSL3_RT_HANDSHAKE 22
244#define SSL3_RT_APPLICATION_DATA 23
245
246#define SSL3_AL_WARNING 1
247#define SSL3_AL_FATAL 2
248
249#define SSL3_AD_CLOSE_NOTIFY 0
250#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
251#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
252#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
253#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
254#define SSL3_AD_NO_CERTIFICATE 41
255#define SSL3_AD_BAD_CERTIFICATE 42
256#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
257#define SSL3_AD_CERTIFICATE_REVOKED 44
258#define SSL3_AD_CERTIFICATE_EXPIRED 45
259#define SSL3_AD_CERTIFICATE_UNKNOWN 46
260#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
261
262typedef struct ssl3_record_st
263 {
264/*r */ int type; /* type of record */
265/*rw*/ unsigned int length; /* How many bytes available */
266/*r */ unsigned int off; /* read/write offset into 'buf' */
267/*rw*/ unsigned char *data; /* pointer to the record data */
268/*rw*/ unsigned char *input; /* where the decode bytes are */
269/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
270 } SSL3_RECORD;
271
272typedef struct ssl3_buffer_st
273 {
274 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
275 * see ssl3_setup_buffers() */
276 size_t len; /* buffer size */
277 int offset; /* where to 'copy from' */
278 int left; /* how many bytes left */
279 } SSL3_BUFFER;
280
281#define SSL3_CT_RSA_SIGN 1
282#define SSL3_CT_DSS_SIGN 2
283#define SSL3_CT_RSA_FIXED_DH 3
284#define SSL3_CT_DSS_FIXED_DH 4
285#define SSL3_CT_RSA_EPHEMERAL_DH 5
286#define SSL3_CT_DSS_EPHEMERAL_DH 6
287#define SSL3_CT_FORTEZZA_DMS 20
288#define SSL3_CT_NUMBER 7
289
290#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
291#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
292#define SSL3_FLAGS_POP_BUFFER 0x0004
293#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
294
295typedef struct ssl3_state_st
296 {
297 long flags;
298 int delay_buf_pop_ret;
299
300 unsigned char read_sequence[8];
301 unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
302 unsigned char write_sequence[8];
303 unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
304
305 unsigned char server_random[SSL3_RANDOM_SIZE];
306 unsigned char client_random[SSL3_RANDOM_SIZE];
307
308 /* flags for countermeasure against known-IV weakness */
309 int need_empty_fragments;
310 int empty_fragment_done;
311
312 SSL3_BUFFER rbuf; /* read IO goes into here */
313 SSL3_BUFFER wbuf; /* write IO goes into here */
314
315 SSL3_RECORD rrec; /* each decoded record goes in here */
316 SSL3_RECORD wrec; /* goes out from here */
317
318 /* storage for Alert/Handshake protocol data received but not
319 * yet processed by ssl3_read_bytes: */
320 unsigned char alert_fragment[2];
321 unsigned int alert_fragment_len;
322 unsigned char handshake_fragment[4];
323 unsigned int handshake_fragment_len;
324
325 /* partial write - check the numbers match */
326 unsigned int wnum; /* number of bytes sent so far */
327 int wpend_tot; /* number bytes written */
328 int wpend_type;
329 int wpend_ret; /* number of bytes submitted */
330 const unsigned char *wpend_buf;
331
332 /* used during startup, digest all incoming/outgoing packets */
333 EVP_MD_CTX finish_dgst1;
334 EVP_MD_CTX finish_dgst2;
335
336 /* this is set whenerver we see a change_cipher_spec message
337 * come in when we are not looking for one */
338 int change_cipher_spec;
339
340 int warn_alert;
341 int fatal_alert;
342 /* we allow one fatal and one warning alert to be outstanding,
343 * send close alert via the warning alert */
344 int alert_dispatch;
345 unsigned char send_alert[2];
346
347 /* This flag is set when we should renegotiate ASAP, basically when
348 * there is no more data in the read or write buffers */
349 int renegotiate;
350 int total_renegotiations;
351 int num_renegotiations;
352
353 int in_read_app_data;
354
355 struct {
356 /* actually only needs to be 16+20 */
357 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
358
359 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
360 unsigned char finish_md[EVP_MAX_MD_SIZE*2];
361 int finish_md_len;
362 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
363 int peer_finish_md_len;
364
365 unsigned long message_size;
366 int message_type;
367
368 /* used to hold the new cipher we are going to use */
369 SSL_CIPHER *new_cipher;
370#ifndef OPENSSL_NO_DH
371 DH *dh;
372#endif
373 /* used when SSL_ST_FLUSH_DATA is entered */
374 int next_state;
375
376 int reuse_message;
377
378 /* used for certificate requests */
379 int cert_req;
380 int ctype_num;
381 char ctype[SSL3_CT_NUMBER];
382 STACK_OF(X509_NAME) *ca_names;
383
384 int use_rsa_tmp;
385
386 int key_block_length;
387 unsigned char *key_block;
388
389 const EVP_CIPHER *new_sym_enc;
390 const EVP_MD *new_hash;
391#ifndef OPENSSL_NO_COMP
392 const SSL_COMP *new_compression;
393#else
394 char *new_compression;
395#endif
396 int cert_request;
397 } tmp;
398
399 } SSL3_STATE;
400
401/* SSLv3 */
402/*client */
403/* extra state */
404#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
405/* write to server */
406#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
407#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
408/* read from server */
409#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
410#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
411#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
412#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
413#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
414#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
415#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
416#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
417#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
418#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
419/* write to server */
420#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
421#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
422#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
423#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
424#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
425#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
426#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
427#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
428#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
429#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
430#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
431#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
432/* read from server */
433#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
434#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
435#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
436#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
437
438/* server */
439/* extra state */
440#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
441/* read from client */
442/* Do not change the number values, they do matter */
443#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
444#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
445#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
446/* write to client */
447#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
448#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
449#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
450#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
451#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
452#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
453#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
454#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
455#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
456#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
457#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
458#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
459#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
460/* read from client */
461#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
462#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
463#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
464#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
465#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
466#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
467#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
468#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
469#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
470#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
471/* write to client */
472#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
473#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
474#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
475#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
476
477#define SSL3_MT_HELLO_REQUEST 0
478#define SSL3_MT_CLIENT_HELLO 1
479#define SSL3_MT_SERVER_HELLO 2
480#define SSL3_MT_CERTIFICATE 11
481#define SSL3_MT_SERVER_KEY_EXCHANGE 12
482#define SSL3_MT_CERTIFICATE_REQUEST 13
483#define SSL3_MT_SERVER_DONE 14
484#define SSL3_MT_CERTIFICATE_VERIFY 15
485#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
486#define SSL3_MT_FINISHED 20
487
488#define SSL3_MT_CCS 1
489
490/* These are used when changing over to a new cipher */
491#define SSL3_CC_READ 0x01
492#define SSL3_CC_WRITE 0x02
493#define SSL3_CC_CLIENT 0x10
494#define SSL3_CC_SERVER 0x20
495#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
496#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
497#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
498#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
499
500#ifdef __cplusplus
501}
502#endif
503#endif
504
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
new file mode 100644
index 0000000000..3d1299ee7b
--- /dev/null
+++ b/src/lib/libssl/ssl_algs.c
@@ -0,0 +1,111 @@
1/* ssl/ssl_algs.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include <openssl/lhash.h>
62#include "ssl_locl.h"
63
64int SSL_library_init(void)
65 {
66
67#ifndef OPENSSL_NO_DES
68 EVP_add_cipher(EVP_des_cbc());
69 EVP_add_cipher(EVP_des_ede3_cbc());
70#endif
71#ifndef OPENSSL_NO_IDEA
72 EVP_add_cipher(EVP_idea_cbc());
73#endif
74#ifndef OPENSSL_NO_RC4
75 EVP_add_cipher(EVP_rc4());
76#endif
77#ifndef OPENSSL_NO_RC2
78 EVP_add_cipher(EVP_rc2_cbc());
79#endif
80#ifndef OPENSSL_NO_AES
81 EVP_add_cipher(EVP_aes_128_cbc());
82 EVP_add_cipher(EVP_aes_192_cbc());
83 EVP_add_cipher(EVP_aes_256_cbc());
84#endif
85#ifndef OPENSSL_NO_MD2
86 EVP_add_digest(EVP_md2());
87#endif
88#ifndef OPENSSL_NO_MD5
89 EVP_add_digest(EVP_md5());
90 EVP_add_digest_alias(SN_md5,"ssl2-md5");
91 EVP_add_digest_alias(SN_md5,"ssl3-md5");
92#endif
93#ifndef OPENSSL_NO_SHA
94 EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
95 EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
96 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
97#endif
98#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
99 EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
100 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
101 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
102 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
103#endif
104 /* If you want support for phased out ciphers, add the following */
105#if 0
106 EVP_add_digest(EVP_sha());
107 EVP_add_digest(EVP_dss());
108#endif
109 return(1);
110 }
111
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
new file mode 100644
index 0000000000..39ffa46cee
--- /dev/null
+++ b/src/lib/libssl/ssl_asn1.c
@@ -0,0 +1,390 @@
1/* ssl/ssl_asn1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/asn1_mac.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include "ssl_locl.h"
65
66typedef struct ssl_session_asn1_st
67 {
68 ASN1_INTEGER version;
69 ASN1_INTEGER ssl_version;
70 ASN1_OCTET_STRING cipher;
71 ASN1_OCTET_STRING master_key;
72 ASN1_OCTET_STRING session_id;
73 ASN1_OCTET_STRING session_id_context;
74 ASN1_OCTET_STRING key_arg;
75#ifndef OPENSSL_NO_KRB5
76 ASN1_OCTET_STRING krb5_princ;
77#endif /* OPENSSL_NO_KRB5 */
78 ASN1_INTEGER time;
79 ASN1_INTEGER timeout;
80 ASN1_INTEGER verify_result;
81 } SSL_SESSION_ASN1;
82
83int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
84 {
85#define LSIZE2 (sizeof(long)*2)
86 int v1=0,v2=0,v3=0,v4=0,v5=0;
87 unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
88 unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
89 long l;
90 SSL_SESSION_ASN1 a;
91 M_ASN1_I2D_vars(in);
92
93 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
94 return(0);
95
96 /* Note that I cheat in the following 2 assignments. I know
97 * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
98 * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed.
99 * This is a bit evil but makes things simple, no dynamic allocation
100 * to clean up :-) */
101 a.version.length=LSIZE2;
102 a.version.type=V_ASN1_INTEGER;
103 a.version.data=ibuf1;
104 ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
105
106 a.ssl_version.length=LSIZE2;
107 a.ssl_version.type=V_ASN1_INTEGER;
108 a.ssl_version.data=ibuf2;
109 ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
110
111 a.cipher.type=V_ASN1_OCTET_STRING;
112 a.cipher.data=buf;
113
114 if (in->cipher == NULL)
115 l=in->cipher_id;
116 else
117 l=in->cipher->id;
118 if (in->ssl_version == SSL2_VERSION)
119 {
120 a.cipher.length=3;
121 buf[0]=((unsigned char)(l>>16L))&0xff;
122 buf[1]=((unsigned char)(l>> 8L))&0xff;
123 buf[2]=((unsigned char)(l ))&0xff;
124 }
125 else
126 {
127 a.cipher.length=2;
128 buf[0]=((unsigned char)(l>>8L))&0xff;
129 buf[1]=((unsigned char)(l ))&0xff;
130 }
131
132 a.master_key.length=in->master_key_length;
133 a.master_key.type=V_ASN1_OCTET_STRING;
134 a.master_key.data=in->master_key;
135
136 a.session_id.length=in->session_id_length;
137 a.session_id.type=V_ASN1_OCTET_STRING;
138 a.session_id.data=in->session_id;
139
140 a.session_id_context.length=in->sid_ctx_length;
141 a.session_id_context.type=V_ASN1_OCTET_STRING;
142 a.session_id_context.data=in->sid_ctx;
143
144 a.key_arg.length=in->key_arg_length;
145 a.key_arg.type=V_ASN1_OCTET_STRING;
146 a.key_arg.data=in->key_arg;
147
148#ifndef OPENSSL_NO_KRB5
149 if (in->krb5_client_princ_len)
150 {
151 a.krb5_princ.length=in->krb5_client_princ_len;
152 a.krb5_princ.type=V_ASN1_OCTET_STRING;
153 a.krb5_princ.data=in->krb5_client_princ;
154 }
155#endif /* OPENSSL_NO_KRB5 */
156
157 if (in->time != 0L)
158 {
159 a.time.length=LSIZE2;
160 a.time.type=V_ASN1_INTEGER;
161 a.time.data=ibuf3;
162 ASN1_INTEGER_set(&(a.time),in->time);
163 }
164
165 if (in->timeout != 0L)
166 {
167 a.timeout.length=LSIZE2;
168 a.timeout.type=V_ASN1_INTEGER;
169 a.timeout.data=ibuf4;
170 ASN1_INTEGER_set(&(a.timeout),in->timeout);
171 }
172
173 if (in->verify_result != X509_V_OK)
174 {
175 a.verify_result.length=LSIZE2;
176 a.verify_result.type=V_ASN1_INTEGER;
177 a.verify_result.data=ibuf5;
178 ASN1_INTEGER_set(&a.verify_result,in->verify_result);
179 }
180
181
182 M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
183 M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
184 M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
185 M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
186 M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
187#ifndef OPENSSL_NO_KRB5
188 if (in->krb5_client_princ_len)
189 M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
190#endif /* OPENSSL_NO_KRB5 */
191 if (in->key_arg_length > 0)
192 M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
193 if (in->time != 0L)
194 M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
195 if (in->timeout != 0L)
196 M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
197 if (in->peer != NULL)
198 M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
199 M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4);
200 if (in->verify_result != X509_V_OK)
201 M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
202
203 M_ASN1_I2D_seq_total();
204
205 M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
206 M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
207 M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
208 M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
209 M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
210#ifndef OPENSSL_NO_KRB5
211 if (in->krb5_client_princ_len)
212 M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
213#endif /* OPENSSL_NO_KRB5 */
214 if (in->key_arg_length > 0)
215 M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
216 if (in->time != 0L)
217 M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
218 if (in->timeout != 0L)
219 M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
220 if (in->peer != NULL)
221 M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
222 M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,
223 v4);
224 if (in->verify_result != X509_V_OK)
225 M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
226 M_ASN1_I2D_finish();
227 }
228
229SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
230 long length)
231 {
232 int version,ssl_version=0,i;
233 long id;
234 ASN1_INTEGER ai,*aip;
235 ASN1_OCTET_STRING os,*osp;
236 M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
237
238 aip= &ai;
239 osp= &os;
240
241 M_ASN1_D2I_Init();
242 M_ASN1_D2I_start_sequence();
243
244 ai.data=NULL; ai.length=0;
245 M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
246 version=(int)ASN1_INTEGER_get(aip);
247 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
248
249 /* we don't care about the version right now :-) */
250 M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
251 ssl_version=(int)ASN1_INTEGER_get(aip);
252 ret->ssl_version=ssl_version;
253 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
254
255 os.data=NULL; os.length=0;
256 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
257 if (ssl_version == SSL2_VERSION)
258 {
259 if (os.length != 3)
260 {
261 c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
262 goto err;
263 }
264 id=0x02000000L|
265 ((unsigned long)os.data[0]<<16L)|
266 ((unsigned long)os.data[1]<< 8L)|
267 (unsigned long)os.data[2];
268 }
269 else if ((ssl_version>>8) == 3)
270 {
271 if (os.length != 2)
272 {
273 c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
274 goto err;
275 }
276 id=0x03000000L|
277 ((unsigned long)os.data[0]<<8L)|
278 (unsigned long)os.data[1];
279 }
280 else
281 {
282 SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
283 return(NULL);
284 }
285
286 ret->cipher=NULL;
287 ret->cipher_id=id;
288
289 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
290 if ((ssl_version>>8) == SSL3_VERSION)
291 i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
292 else /* if (ssl_version == SSL2_VERSION) */
293 i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
294
295 if (os.length > i)
296 os.length=i;
297
298 ret->session_id_length=os.length;
299 die(os.length <= sizeof ret->session_id);
300 memcpy(ret->session_id,os.data,os.length);
301
302 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
303 if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
304 ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
305 else
306 ret->master_key_length=os.length;
307 memcpy(ret->master_key,os.data,ret->master_key_length);
308
309 os.length=0;
310
311#ifndef OPENSSL_NO_KRB5
312 os.length=0;
313 M_ASN1_D2I_get_opt(osp,d2i_ASN1_OCTET_STRING,V_ASN1_OCTET_STRING);
314 if (os.data)
315 {
316 if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
317 ret->krb5_client_princ_len=0;
318 else
319 ret->krb5_client_princ_len=os.length;
320 memcpy(ret->krb5_client_princ,os.data,ret->krb5_client_princ_len);
321 OPENSSL_free(os.data);
322 os.data = NULL;
323 os.length = 0;
324 }
325 else
326 ret->krb5_client_princ_len=0;
327#endif /* OPENSSL_NO_KRB5 */
328
329 M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
330 if (os.length > SSL_MAX_KEY_ARG_LENGTH)
331 ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
332 else
333 ret->key_arg_length=os.length;
334 memcpy(ret->key_arg,os.data,ret->key_arg_length);
335 if (os.data != NULL) OPENSSL_free(os.data);
336
337 ai.length=0;
338 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
339 if (ai.data != NULL)
340 {
341 ret->time=ASN1_INTEGER_get(aip);
342 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
343 }
344 else
345 ret->time=time(NULL);
346
347 ai.length=0;
348 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
349 if (ai.data != NULL)
350 {
351 ret->timeout=ASN1_INTEGER_get(aip);
352 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
353 }
354 else
355 ret->timeout=3;
356
357 if (ret->peer != NULL)
358 {
359 X509_free(ret->peer);
360 ret->peer=NULL;
361 }
362 M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
363
364 os.length=0;
365 os.data=NULL;
366 M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4);
367
368 if(os.data != NULL)
369 {
370 if (os.length > SSL_MAX_SID_CTX_LENGTH)
371 SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
372 ret->sid_ctx_length=os.length;
373 memcpy(ret->sid_ctx,os.data,os.length);
374 OPENSSL_free(os.data); os.data=NULL; os.length=0;
375 }
376 else
377 ret->sid_ctx_length=0;
378
379 ai.length=0;
380 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5);
381 if (ai.data != NULL)
382 {
383 ret->verify_result=ASN1_INTEGER_get(aip);
384 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
385 }
386 else
387 ret->verify_result=X509_V_OK;
388
389 M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
390 }
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
new file mode 100644
index 0000000000..3d31bbf05f
--- /dev/null
+++ b/src/lib/libssl/ssl_cert.c
@@ -0,0 +1,832 @@
1/*! \file ssl/ssl_cert.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@OpenSSL.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 */
106
107#include <stdio.h>
108
109#include "e_os.h"
110#ifndef NO_SYS_TYPES_H
111# include <sys/types.h>
112#endif
113
114#if !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) && !defined(NeXT) && !defined(MAC_OS_pre_X)
115#include <dirent.h>
116#endif
117
118#if defined(WIN32)
119#include <windows.h>
120#endif
121
122#ifdef NeXT
123#include <sys/dir.h>
124#define dirent direct
125#endif
126
127#include <openssl/objects.h>
128#include <openssl/bio.h>
129#include <openssl/pem.h>
130#include <openssl/x509v3.h>
131#include "ssl_locl.h"
132
133int SSL_get_ex_data_X509_STORE_CTX_idx(void)
134 {
135 static volatile int ssl_x509_store_ctx_idx= -1;
136
137 if (ssl_x509_store_ctx_idx < 0)
138 {
139 /* any write lock will do; usually this branch
140 * will only be taken once anyway */
141 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
142
143 if (ssl_x509_store_ctx_idx < 0)
144 {
145 ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
146 0,"SSL for verify callback",NULL,NULL,NULL);
147 }
148
149 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
150 }
151 return ssl_x509_store_ctx_idx;
152 }
153
154CERT *ssl_cert_new(void)
155 {
156 CERT *ret;
157
158 ret=(CERT *)OPENSSL_malloc(sizeof(CERT));
159 if (ret == NULL)
160 {
161 SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
162 return(NULL);
163 }
164 memset(ret,0,sizeof(CERT));
165
166 ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
167 ret->references=1;
168
169 return(ret);
170 }
171
172CERT *ssl_cert_dup(CERT *cert)
173 {
174 CERT *ret;
175 int i;
176
177 ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
178 if (ret == NULL)
179 {
180 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
181 return(NULL);
182 }
183
184 memset(ret, 0, sizeof(CERT));
185
186 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
187 /* or ret->key = ret->pkeys + (cert->key - cert->pkeys),
188 * if you find that more readable */
189
190 ret->valid = cert->valid;
191 ret->mask = cert->mask;
192 ret->export_mask = cert->export_mask;
193
194#ifndef OPENSSL_NO_RSA
195 if (cert->rsa_tmp != NULL)
196 {
197 RSA_up_ref(cert->rsa_tmp);
198 ret->rsa_tmp = cert->rsa_tmp;
199 }
200 ret->rsa_tmp_cb = cert->rsa_tmp_cb;
201#endif
202
203#ifndef OPENSSL_NO_DH
204 if (cert->dh_tmp != NULL)
205 {
206 /* DH parameters don't have a reference count */
207 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
208 if (ret->dh_tmp == NULL)
209 {
210 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
211 goto err;
212 }
213 if (cert->dh_tmp->priv_key)
214 {
215 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
216 if (!b)
217 {
218 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
219 goto err;
220 }
221 ret->dh_tmp->priv_key = b;
222 }
223 if (cert->dh_tmp->pub_key)
224 {
225 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
226 if (!b)
227 {
228 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
229 goto err;
230 }
231 ret->dh_tmp->pub_key = b;
232 }
233 }
234 ret->dh_tmp_cb = cert->dh_tmp_cb;
235#endif
236
237 for (i = 0; i < SSL_PKEY_NUM; i++)
238 {
239 if (cert->pkeys[i].x509 != NULL)
240 {
241 ret->pkeys[i].x509 = cert->pkeys[i].x509;
242 CRYPTO_add(&ret->pkeys[i].x509->references, 1,
243 CRYPTO_LOCK_X509);
244 }
245
246 if (cert->pkeys[i].privatekey != NULL)
247 {
248 ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
249 CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
250 CRYPTO_LOCK_EVP_PKEY);
251
252 switch(i)
253 {
254 /* If there was anything special to do for
255 * certain types of keys, we'd do it here.
256 * (Nothing at the moment, I think.) */
257
258 case SSL_PKEY_RSA_ENC:
259 case SSL_PKEY_RSA_SIGN:
260 /* We have an RSA key. */
261 break;
262
263 case SSL_PKEY_DSA_SIGN:
264 /* We have a DSA key. */
265 break;
266
267 case SSL_PKEY_DH_RSA:
268 case SSL_PKEY_DH_DSA:
269 /* We have a DH key. */
270 break;
271
272 default:
273 /* Can't happen. */
274 SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
275 }
276 }
277 }
278
279 /* ret->extra_certs *should* exist, but currently the own certificate
280 * chain is held inside SSL_CTX */
281
282 ret->references=1;
283
284 return(ret);
285
286#ifndef OPENSSL_NO_DH /* avoid 'unreferenced label' warning if OPENSSL_NO_DH is defined */
287err:
288#endif
289#ifndef OPENSSL_NO_RSA
290 if (ret->rsa_tmp != NULL)
291 RSA_free(ret->rsa_tmp);
292#endif
293#ifndef OPENSSL_NO_DH
294 if (ret->dh_tmp != NULL)
295 DH_free(ret->dh_tmp);
296#endif
297
298 for (i = 0; i < SSL_PKEY_NUM; i++)
299 {
300 if (ret->pkeys[i].x509 != NULL)
301 X509_free(ret->pkeys[i].x509);
302 if (ret->pkeys[i].privatekey != NULL)
303 EVP_PKEY_free(ret->pkeys[i].privatekey);
304 }
305
306 return NULL;
307 }
308
309
310void ssl_cert_free(CERT *c)
311 {
312 int i;
313
314 if(c == NULL)
315 return;
316
317 i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
318#ifdef REF_PRINT
319 REF_PRINT("CERT",c);
320#endif
321 if (i > 0) return;
322#ifdef REF_CHECK
323 if (i < 0)
324 {
325 fprintf(stderr,"ssl_cert_free, bad reference count\n");
326 abort(); /* ok */
327 }
328#endif
329
330#ifndef OPENSSL_NO_RSA
331 if (c->rsa_tmp) RSA_free(c->rsa_tmp);
332#endif
333#ifndef OPENSSL_NO_DH
334 if (c->dh_tmp) DH_free(c->dh_tmp);
335#endif
336
337 for (i=0; i<SSL_PKEY_NUM; i++)
338 {
339 if (c->pkeys[i].x509 != NULL)
340 X509_free(c->pkeys[i].x509);
341 if (c->pkeys[i].privatekey != NULL)
342 EVP_PKEY_free(c->pkeys[i].privatekey);
343#if 0
344 if (c->pkeys[i].publickey != NULL)
345 EVP_PKEY_free(c->pkeys[i].publickey);
346#endif
347 }
348 OPENSSL_free(c);
349 }
350
351int ssl_cert_inst(CERT **o)
352 {
353 /* Create a CERT if there isn't already one
354 * (which cannot really happen, as it is initially created in
355 * SSL_CTX_new; but the earlier code usually allows for that one
356 * being non-existant, so we follow that behaviour, as it might
357 * turn out that there actually is a reason for it -- but I'm
358 * not sure that *all* of the existing code could cope with
359 * s->cert being NULL, otherwise we could do without the
360 * initialization in SSL_CTX_new).
361 */
362
363 if (o == NULL)
364 {
365 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
366 return(0);
367 }
368 if (*o == NULL)
369 {
370 if ((*o = ssl_cert_new()) == NULL)
371 {
372 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
373 return(0);
374 }
375 }
376 return(1);
377 }
378
379
380SESS_CERT *ssl_sess_cert_new(void)
381 {
382 SESS_CERT *ret;
383
384 ret = OPENSSL_malloc(sizeof *ret);
385 if (ret == NULL)
386 {
387 SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
388 return NULL;
389 }
390
391 memset(ret, 0 ,sizeof *ret);
392 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
393 ret->references = 1;
394
395 return ret;
396 }
397
398void ssl_sess_cert_free(SESS_CERT *sc)
399 {
400 int i;
401
402 if (sc == NULL)
403 return;
404
405 i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
406#ifdef REF_PRINT
407 REF_PRINT("SESS_CERT", sc);
408#endif
409 if (i > 0)
410 return;
411#ifdef REF_CHECK
412 if (i < 0)
413 {
414 fprintf(stderr,"ssl_sess_cert_free, bad reference count\n");
415 abort(); /* ok */
416 }
417#endif
418
419 /* i == 0 */
420 if (sc->cert_chain != NULL)
421 sk_X509_pop_free(sc->cert_chain, X509_free);
422 for (i = 0; i < SSL_PKEY_NUM; i++)
423 {
424 if (sc->peer_pkeys[i].x509 != NULL)
425 X509_free(sc->peer_pkeys[i].x509);
426#if 0 /* We don't have the peer's private key. These lines are just
427 * here as a reminder that we're still using a not-quite-appropriate
428 * data structure. */
429 if (sc->peer_pkeys[i].privatekey != NULL)
430 EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
431#endif
432 }
433
434#ifndef OPENSSL_NO_RSA
435 if (sc->peer_rsa_tmp != NULL)
436 RSA_free(sc->peer_rsa_tmp);
437#endif
438#ifndef OPENSSL_NO_DH
439 if (sc->peer_dh_tmp != NULL)
440 DH_free(sc->peer_dh_tmp);
441#endif
442
443 OPENSSL_free(sc);
444 }
445
446int ssl_set_peer_cert_type(SESS_CERT *sc,int type)
447 {
448 sc->peer_cert_type = type;
449 return(1);
450 }
451
452int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
453 {
454 X509 *x;
455 int i;
456 X509_STORE_CTX ctx;
457
458 if ((sk == NULL) || (sk_X509_num(sk) == 0))
459 return(0);
460
461 x=sk_X509_value(sk,0);
462 if(!X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk))
463 {
464 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,ERR_R_X509_LIB);
465 return(0);
466 }
467 if (SSL_get_verify_depth(s) >= 0)
468 X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
469 X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
470
471 /* We need to set the verify purpose. The purpose can be determined by
472 * the context: if its a server it will verify SSL client certificates
473 * or vice versa.
474 */
475 if (s->server)
476 i = X509_PURPOSE_SSL_CLIENT;
477 else
478 i = X509_PURPOSE_SSL_SERVER;
479
480 X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
481
482 if (s->verify_callback)
483 X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
484
485 if (s->ctx->app_verify_callback != NULL)
486#if 1 /* new with OpenSSL 0.9.7 */
487 i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
488#else
489 i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
490#endif
491 else
492 {
493#ifndef OPENSSL_NO_X509_VERIFY
494 i=X509_verify_cert(&ctx);
495#else
496 i=0;
497 ctx.error=X509_V_ERR_APPLICATION_VERIFICATION;
498 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK);
499#endif
500 }
501
502 s->verify_result=ctx.error;
503 X509_STORE_CTX_cleanup(&ctx);
504
505 return(i);
506 }
507
508static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list)
509 {
510 if (*ca_list != NULL)
511 sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
512
513 *ca_list=list;
514 }
515
516STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
517 {
518 int i;
519 STACK_OF(X509_NAME) *ret;
520 X509_NAME *name;
521
522 ret=sk_X509_NAME_new_null();
523 for (i=0; i<sk_X509_NAME_num(sk); i++)
524 {
525 name=X509_NAME_dup(sk_X509_NAME_value(sk,i));
526 if ((name == NULL) || !sk_X509_NAME_push(ret,name))
527 {
528 sk_X509_NAME_pop_free(ret,X509_NAME_free);
529 return(NULL);
530 }
531 }
532 return(ret);
533 }
534
535void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list)
536 {
537 set_client_CA_list(&(s->client_CA),list);
538 }
539
540void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list)
541 {
542 set_client_CA_list(&(ctx->client_CA),list);
543 }
544
545STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
546 {
547 return(ctx->client_CA);
548 }
549
550STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
551 {
552 if (s->type == SSL_ST_CONNECT)
553 { /* we are in the client */
554 if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
555 (s->s3 != NULL))
556 return(s->s3->tmp.ca_names);
557 else
558 return(NULL);
559 }
560 else
561 {
562 if (s->client_CA != NULL)
563 return(s->client_CA);
564 else
565 return(s->ctx->client_CA);
566 }
567 }
568
569static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
570 {
571 X509_NAME *name;
572
573 if (x == NULL) return(0);
574 if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
575 return(0);
576
577 if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
578 return(0);
579
580 if (!sk_X509_NAME_push(*sk,name))
581 {
582 X509_NAME_free(name);
583 return(0);
584 }
585 return(1);
586 }
587
588int SSL_add_client_CA(SSL *ssl,X509 *x)
589 {
590 return(add_client_CA(&(ssl->client_CA),x));
591 }
592
593int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
594 {
595 return(add_client_CA(&(ctx->client_CA),x));
596 }
597
598static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
599 {
600 return(X509_NAME_cmp(*a,*b));
601 }
602
603#ifndef OPENSSL_NO_STDIO
604/*!
605 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
606 * it doesn't really have anything to do with clients (except that a common use
607 * for a stack of CAs is to send it to the client). Actually, it doesn't have
608 * much to do with CAs, either, since it will load any old cert.
609 * \param file the file containing one or more certs.
610 * \return a ::STACK containing the certs.
611 */
612STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
613 {
614 BIO *in;
615 X509 *x=NULL;
616 X509_NAME *xn=NULL;
617 STACK_OF(X509_NAME) *ret,*sk;
618
619 ret=sk_X509_NAME_new_null();
620 sk=sk_X509_NAME_new(xname_cmp);
621
622 in=BIO_new(BIO_s_file_internal());
623
624 if ((ret == NULL) || (sk == NULL) || (in == NULL))
625 {
626 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
627 goto err;
628 }
629
630 if (!BIO_read_filename(in,file))
631 goto err;
632
633 for (;;)
634 {
635 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
636 break;
637 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
638 /* check for duplicates */
639 xn=X509_NAME_dup(xn);
640 if (xn == NULL) goto err;
641 if (sk_X509_NAME_find(sk,xn) >= 0)
642 X509_NAME_free(xn);
643 else
644 {
645 sk_X509_NAME_push(sk,xn);
646 sk_X509_NAME_push(ret,xn);
647 }
648 }
649
650 if (0)
651 {
652err:
653 if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
654 ret=NULL;
655 }
656 if (sk != NULL) sk_X509_NAME_free(sk);
657 if (in != NULL) BIO_free(in);
658 if (x != NULL) X509_free(x);
659 return(ret);
660 }
661#endif
662
663/*!
664 * Add a file of certs to a stack.
665 * \param stack the stack to add to.
666 * \param file the file to add from. All certs in this file that are not
667 * already in the stack will be added.
668 * \return 1 for success, 0 for failure. Note that in the case of failure some
669 * certs may have been added to \c stack.
670 */
671
672int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
673 const char *file)
674 {
675 BIO *in;
676 X509 *x=NULL;
677 X509_NAME *xn=NULL;
678 int ret=1;
679 int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
680
681 oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp);
682
683 in=BIO_new(BIO_s_file_internal());
684
685 if (in == NULL)
686 {
687 SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
688 goto err;
689 }
690
691 if (!BIO_read_filename(in,file))
692 goto err;
693
694 for (;;)
695 {
696 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
697 break;
698 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
699 xn=X509_NAME_dup(xn);
700 if (xn == NULL) goto err;
701 if (sk_X509_NAME_find(stack,xn) >= 0)
702 X509_NAME_free(xn);
703 else
704 sk_X509_NAME_push(stack,xn);
705 }
706
707 if (0)
708 {
709err:
710 ret=0;
711 }
712 if(in != NULL)
713 BIO_free(in);
714 if(x != NULL)
715 X509_free(x);
716
717 sk_X509_NAME_set_cmp_func(stack,oldcmp);
718
719 return ret;
720 }
721
722/*!
723 * Add a directory of certs to a stack.
724 * \param stack the stack to append to.
725 * \param dir the directory to append from. All files in this directory will be
726 * examined as potential certs. Any that are acceptable to
727 * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
728 * included.
729 * \return 1 for success, 0 for failure. Note that in the case of failure some
730 * certs may have been added to \c stack.
731 */
732
733#ifndef OPENSSL_SYS_WIN32
734#ifndef OPENSSL_SYS_VMS /* XXXX This may be fixed in the future */
735#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! */
736
737int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
738 const char *dir)
739 {
740 DIR *d;
741 struct dirent *dstruct;
742 int ret = 0;
743
744 CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
745 d = opendir(dir);
746
747 /* Note that a side effect is that the CAs will be sorted by name */
748 if(!d)
749 {
750 SYSerr(SYS_F_OPENDIR, get_last_sys_error());
751 ERR_add_error_data(3, "opendir('", dir, "')");
752 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
753 goto err;
754 }
755
756 while((dstruct=readdir(d)))
757 {
758 char buf[1024];
759 int r;
760
761 if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
762 {
763 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
764 goto err;
765 }
766
767 r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name);
768 if (r <= 0 || r >= sizeof buf)
769 goto err;
770 if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
771 goto err;
772 }
773 ret = 1;
774
775err:
776 if (d) closedir(d);
777 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
778 return ret;
779 }
780
781#endif
782#endif
783
784#else
785
786int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
787 const char *dir)
788 {
789 WIN32_FIND_DATA FindFileData;
790 HANDLE hFind;
791 int ret = 0;
792
793 CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
794
795 hFind = FindFirstFile(dir, &FindFileData);
796 /* Note that a side effect is that the CAs will be sorted by name */
797 if(hFind == INVALID_HANDLE_VALUE)
798 {
799 SYSerr(SYS_F_OPENDIR, get_last_sys_error());
800 ERR_add_error_data(3, "opendir('", dir, "')");
801 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
802 goto err_noclose;
803 }
804
805 do
806 {
807 char buf[1024];
808 int r;
809
810 if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf)
811 {
812 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
813 goto err;
814 }
815
816 r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,FindFileData.cFileName);
817 if (r <= 0 || r >= sizeof buf)
818 goto err;
819 if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
820 goto err;
821 }
822 while (FindNextFile(hFind, &FindFileData) != FALSE);
823 ret = 1;
824
825err:
826 FindClose(hFind);
827err_noclose:
828 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
829 return ret;
830 }
831
832#endif
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
new file mode 100644
index 0000000000..57bbde5f27
--- /dev/null
+++ b/src/lib/libssl/ssl_ciph.c
@@ -0,0 +1,1138 @@
1/* ssl/ssl_ciph.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include <openssl/comp.h>
62#include "ssl_locl.h"
63
64#define SSL_ENC_DES_IDX 0
65#define SSL_ENC_3DES_IDX 1
66#define SSL_ENC_RC4_IDX 2
67#define SSL_ENC_RC2_IDX 3
68#define SSL_ENC_IDEA_IDX 4
69#define SSL_ENC_eFZA_IDX 5
70#define SSL_ENC_NULL_IDX 6
71#define SSL_ENC_AES128_IDX 7
72#define SSL_ENC_AES256_IDX 8
73#define SSL_ENC_NUM_IDX 9
74
75static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
76 NULL,NULL,NULL,NULL,NULL,NULL,
77 };
78
79static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
80
81#define SSL_MD_MD5_IDX 0
82#define SSL_MD_SHA1_IDX 1
83#define SSL_MD_NUM_IDX 2
84static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
85 NULL,NULL,
86 };
87
88#define CIPHER_ADD 1
89#define CIPHER_KILL 2
90#define CIPHER_DEL 3
91#define CIPHER_ORD 4
92#define CIPHER_SPECIAL 5
93
94typedef struct cipher_order_st
95 {
96 SSL_CIPHER *cipher;
97 int active;
98 int dead;
99 struct cipher_order_st *next,*prev;
100 } CIPHER_ORDER;
101
102static const SSL_CIPHER cipher_aliases[]={
103 /* Don't include eNULL unless specifically enabled.
104 * Similarly, don't include AES in ALL because these ciphers are not yet official. */
105 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_AES, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
106 {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */
107 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
108 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
109 {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
110 {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
111 {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
112 {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
113 {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
114
115 {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */
116 {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
117 {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
118 {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0},
119 {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
120 {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0},
121 {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
122
123 {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0},
124 {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
125 {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
126 {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
127#ifndef OPENSSL_NO_IDEA
128 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
129#endif
130 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
131 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
132 {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
133
134 {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
135 {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
136 {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0},
137
138 {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0},
139 {0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
140 {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
141 {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
142 {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
143
144 {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
145 {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
146 {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
147
148 {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
149 {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
150 {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
151 {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
152 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
153 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
154 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
155 };
156
157static int init_ciphers=1;
158
159static void load_ciphers(void)
160 {
161 init_ciphers=0;
162 ssl_cipher_methods[SSL_ENC_DES_IDX]=
163 EVP_get_cipherbyname(SN_des_cbc);
164 ssl_cipher_methods[SSL_ENC_3DES_IDX]=
165 EVP_get_cipherbyname(SN_des_ede3_cbc);
166 ssl_cipher_methods[SSL_ENC_RC4_IDX]=
167 EVP_get_cipherbyname(SN_rc4);
168 ssl_cipher_methods[SSL_ENC_RC2_IDX]=
169 EVP_get_cipherbyname(SN_rc2_cbc);
170#ifndef OPENSSL_NO_IDEA
171 ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
172 EVP_get_cipherbyname(SN_idea_cbc);
173#else
174 ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL;
175#endif
176 ssl_cipher_methods[SSL_ENC_AES128_IDX]=
177 EVP_get_cipherbyname(SN_aes_128_cbc);
178 ssl_cipher_methods[SSL_ENC_AES256_IDX]=
179 EVP_get_cipherbyname(SN_aes_256_cbc);
180
181 ssl_digest_methods[SSL_MD_MD5_IDX]=
182 EVP_get_digestbyname(SN_md5);
183 ssl_digest_methods[SSL_MD_SHA1_IDX]=
184 EVP_get_digestbyname(SN_sha1);
185 }
186
187int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
188 const EVP_MD **md, SSL_COMP **comp)
189 {
190 int i;
191 SSL_CIPHER *c;
192
193 c=s->cipher;
194 if (c == NULL) return(0);
195 if (comp != NULL)
196 {
197 SSL_COMP ctmp;
198
199 if (s->compress_meth == 0)
200 *comp=NULL;
201 else if (ssl_comp_methods == NULL)
202 {
203 /* bad */
204 *comp=NULL;
205 }
206 else
207 {
208
209 ctmp.id=s->compress_meth;
210 i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
211 if (i >= 0)
212 *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
213 else
214 *comp=NULL;
215 }
216 }
217
218 if ((enc == NULL) || (md == NULL)) return(0);
219
220 switch (c->algorithms & SSL_ENC_MASK)
221 {
222 case SSL_DES:
223 i=SSL_ENC_DES_IDX;
224 break;
225 case SSL_3DES:
226 i=SSL_ENC_3DES_IDX;
227 break;
228 case SSL_RC4:
229 i=SSL_ENC_RC4_IDX;
230 break;
231 case SSL_RC2:
232 i=SSL_ENC_RC2_IDX;
233 break;
234 case SSL_IDEA:
235 i=SSL_ENC_IDEA_IDX;
236 break;
237 case SSL_eNULL:
238 i=SSL_ENC_NULL_IDX;
239 break;
240 case SSL_AES:
241 switch(c->alg_bits)
242 {
243 case 128: i=SSL_ENC_AES128_IDX; break;
244 case 256: i=SSL_ENC_AES256_IDX; break;
245 default: i=-1; break;
246 }
247 break;
248 default:
249 i= -1;
250 break;
251 }
252
253 if ((i < 0) || (i > SSL_ENC_NUM_IDX))
254 *enc=NULL;
255 else
256 {
257 if (i == SSL_ENC_NULL_IDX)
258 *enc=EVP_enc_null();
259 else
260 *enc=ssl_cipher_methods[i];
261 }
262
263 switch (c->algorithms & SSL_MAC_MASK)
264 {
265 case SSL_MD5:
266 i=SSL_MD_MD5_IDX;
267 break;
268 case SSL_SHA1:
269 i=SSL_MD_SHA1_IDX;
270 break;
271 default:
272 i= -1;
273 break;
274 }
275 if ((i < 0) || (i > SSL_MD_NUM_IDX))
276 *md=NULL;
277 else
278 *md=ssl_digest_methods[i];
279
280 if ((*enc != NULL) && (*md != NULL))
281 return(1);
282 else
283 return(0);
284 }
285
286#define ITEM_SEP(a) \
287 (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
288
289static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
290 CIPHER_ORDER **tail)
291 {
292 if (curr == *tail) return;
293 if (curr == *head)
294 *head=curr->next;
295 if (curr->prev != NULL)
296 curr->prev->next=curr->next;
297 if (curr->next != NULL) /* should always be true */
298 curr->next->prev=curr->prev;
299 (*tail)->next=curr;
300 curr->prev= *tail;
301 curr->next=NULL;
302 *tail=curr;
303 }
304
305static unsigned long ssl_cipher_get_disabled(void)
306 {
307 unsigned long mask;
308
309 mask = SSL_kFZA;
310#ifdef OPENSSL_NO_RSA
311 mask |= SSL_aRSA|SSL_kRSA;
312#endif
313#ifdef OPENSSL_NO_DSA
314 mask |= SSL_aDSS;
315#endif
316#ifdef OPENSSL_NO_DH
317 mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
318#endif
319#ifdef OPENSSL_NO_KRB5
320 mask |= SSL_kKRB5|SSL_aKRB5;
321#endif
322
323#ifdef SSL_FORBID_ENULL
324 mask |= SSL_eNULL;
325#endif
326
327 mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
328 mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
329 mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
330 mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
331 mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
332 mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
333 mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
334
335 mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
336 mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
337
338 return(mask);
339 }
340
341static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
342 int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list,
343 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
344 {
345 int i, list_num;
346 SSL_CIPHER *c;
347
348 /*
349 * We have num_of_ciphers descriptions compiled in, depending on the
350 * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
351 * These will later be sorted in a linked list with at most num
352 * entries.
353 */
354
355 /* Get the initial list of ciphers */
356 list_num = 0; /* actual count of ciphers */
357 for (i = 0; i < num_of_ciphers; i++)
358 {
359 c = ssl_method->get_cipher(i);
360 /* drop those that use any of that is not available */
361 if ((c != NULL) && c->valid && !(c->algorithms & mask))
362 {
363 list[list_num].cipher = c;
364 list[list_num].next = NULL;
365 list[list_num].prev = NULL;
366 list[list_num].active = 0;
367 list_num++;
368#ifdef KSSL_DEBUG
369 printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms);
370#endif /* KSSL_DEBUG */
371 /*
372 if (!sk_push(ca_list,(char *)c)) goto err;
373 */
374 }
375 }
376
377 /*
378 * Prepare linked list from list entries
379 */
380 for (i = 1; i < list_num - 1; i++)
381 {
382 list[i].prev = &(list[i-1]);
383 list[i].next = &(list[i+1]);
384 }
385 if (list_num > 0)
386 {
387 (*head_p) = &(list[0]);
388 (*head_p)->prev = NULL;
389 (*head_p)->next = &(list[1]);
390 (*tail_p) = &(list[list_num - 1]);
391 (*tail_p)->prev = &(list[list_num - 2]);
392 (*tail_p)->next = NULL;
393 }
394 }
395
396static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
397 int num_of_group_aliases, unsigned long mask,
398 CIPHER_ORDER *head)
399 {
400 CIPHER_ORDER *ciph_curr;
401 SSL_CIPHER **ca_curr;
402 int i;
403
404 /*
405 * First, add the real ciphers as already collected
406 */
407 ciph_curr = head;
408 ca_curr = ca_list;
409 while (ciph_curr != NULL)
410 {
411 *ca_curr = ciph_curr->cipher;
412 ca_curr++;
413 ciph_curr = ciph_curr->next;
414 }
415
416 /*
417 * Now we add the available ones from the cipher_aliases[] table.
418 * They represent either an algorithm, that must be fully
419 * supported (not match any bit in mask) or represent a cipher
420 * strength value (will be added in any case because algorithms=0).
421 */
422 for (i = 0; i < num_of_group_aliases; i++)
423 {
424 if ((i == 0) || /* always fetch "ALL" */
425 !(cipher_aliases[i].algorithms & mask))
426 {
427 *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
428 ca_curr++;
429 }
430 }
431
432 *ca_curr = NULL; /* end of list */
433 }
434
435static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
436 unsigned long algo_strength, unsigned long mask_strength,
437 int rule, int strength_bits, CIPHER_ORDER *list,
438 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
439 {
440 CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
441 SSL_CIPHER *cp;
442 unsigned long ma, ma_s;
443
444#ifdef CIPHER_DEBUG
445 printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
446 rule, algorithms, mask, algo_strength, mask_strength,
447 strength_bits);
448#endif
449
450 curr = head = *head_p;
451 curr2 = head;
452 tail2 = tail = *tail_p;
453 for (;;)
454 {
455 if ((curr == NULL) || (curr == tail2)) break;
456 curr = curr2;
457 curr2 = curr->next;
458
459 cp = curr->cipher;
460
461 /*
462 * Selection criteria is either the number of strength_bits
463 * or the algorithm used.
464 */
465 if (strength_bits == -1)
466 {
467 ma = mask & cp->algorithms;
468 ma_s = mask_strength & cp->algo_strength;
469
470#ifdef CIPHER_DEBUG
471 printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
472 printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
473#endif
474 /*
475 * Select: if none of the mask bit was met from the
476 * cipher or not all of the bits were met, the
477 * selection does not apply.
478 */
479 if (((ma == 0) && (ma_s == 0)) ||
480 ((ma & algorithms) != ma) ||
481 ((ma_s & algo_strength) != ma_s))
482 continue; /* does not apply */
483 }
484 else if (strength_bits != cp->strength_bits)
485 continue; /* does not apply */
486
487#ifdef CIPHER_DEBUG
488 printf("Action = %d\n", rule);
489#endif
490
491 /* add the cipher if it has not been added yet. */
492 if (rule == CIPHER_ADD)
493 {
494 if (!curr->active)
495 {
496 ll_append_tail(&head, curr, &tail);
497 curr->active = 1;
498 }
499 }
500 /* Move the added cipher to this location */
501 else if (rule == CIPHER_ORD)
502 {
503 if (curr->active)
504 {
505 ll_append_tail(&head, curr, &tail);
506 }
507 }
508 else if (rule == CIPHER_DEL)
509 curr->active = 0;
510 else if (rule == CIPHER_KILL)
511 {
512 if (head == curr)
513 head = curr->next;
514 else
515 curr->prev->next = curr->next;
516 if (tail == curr)
517 tail = curr->prev;
518 curr->active = 0;
519 if (curr->next != NULL)
520 curr->next->prev = curr->prev;
521 if (curr->prev != NULL)
522 curr->prev->next = curr->next;
523 curr->next = NULL;
524 curr->prev = NULL;
525 }
526 }
527
528 *head_p = head;
529 *tail_p = tail;
530 }
531
532static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p,
533 CIPHER_ORDER **tail_p)
534 {
535 int max_strength_bits, i, *number_uses;
536 CIPHER_ORDER *curr;
537
538 /*
539 * This routine sorts the ciphers with descending strength. The sorting
540 * must keep the pre-sorted sequence, so we apply the normal sorting
541 * routine as '+' movement to the end of the list.
542 */
543 max_strength_bits = 0;
544 curr = *head_p;
545 while (curr != NULL)
546 {
547 if (curr->active &&
548 (curr->cipher->strength_bits > max_strength_bits))
549 max_strength_bits = curr->cipher->strength_bits;
550 curr = curr->next;
551 }
552
553 number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
554 if (!number_uses)
555 {
556 SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
557 return(0);
558 }
559 memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
560
561 /*
562 * Now find the strength_bits values actually used
563 */
564 curr = *head_p;
565 while (curr != NULL)
566 {
567 if (curr->active)
568 number_uses[curr->cipher->strength_bits]++;
569 curr = curr->next;
570 }
571 /*
572 * Go through the list of used strength_bits values in descending
573 * order.
574 */
575 for (i = max_strength_bits; i >= 0; i--)
576 if (number_uses[i] > 0)
577 ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
578 list, head_p, tail_p);
579
580 OPENSSL_free(number_uses);
581 return(1);
582 }
583
584static int ssl_cipher_process_rulestr(const char *rule_str,
585 CIPHER_ORDER *list, CIPHER_ORDER **head_p,
586 CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
587 {
588 unsigned long algorithms, mask, algo_strength, mask_strength;
589 const char *l, *start, *buf;
590 int j, multi, found, rule, retval, ok, buflen;
591 char ch;
592
593 retval = 1;
594 l = rule_str;
595 for (;;)
596 {
597 ch = *l;
598
599 if (ch == '\0')
600 break; /* done */
601 if (ch == '-')
602 { rule = CIPHER_DEL; l++; }
603 else if (ch == '+')
604 { rule = CIPHER_ORD; l++; }
605 else if (ch == '!')
606 { rule = CIPHER_KILL; l++; }
607 else if (ch == '@')
608 { rule = CIPHER_SPECIAL; l++; }
609 else
610 { rule = CIPHER_ADD; }
611
612 if (ITEM_SEP(ch))
613 {
614 l++;
615 continue;
616 }
617
618 algorithms = mask = algo_strength = mask_strength = 0;
619
620 start=l;
621 for (;;)
622 {
623 ch = *l;
624 buf = l;
625 buflen = 0;
626#ifndef CHARSET_EBCDIC
627 while ( ((ch >= 'A') && (ch <= 'Z')) ||
628 ((ch >= '0') && (ch <= '9')) ||
629 ((ch >= 'a') && (ch <= 'z')) ||
630 (ch == '-'))
631#else
632 while ( isalnum(ch) || (ch == '-'))
633#endif
634 {
635 ch = *(++l);
636 buflen++;
637 }
638
639 if (buflen == 0)
640 {
641 /*
642 * We hit something we cannot deal with,
643 * it is no command or separator nor
644 * alphanumeric, so we call this an error.
645 */
646 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
647 SSL_R_INVALID_COMMAND);
648 retval = found = 0;
649 l++;
650 break;
651 }
652
653 if (rule == CIPHER_SPECIAL)
654 {
655 found = 0; /* unused -- avoid compiler warning */
656 break; /* special treatment */
657 }
658
659 /* check for multi-part specification */
660 if (ch == '+')
661 {
662 multi=1;
663 l++;
664 }
665 else
666 multi=0;
667
668 /*
669 * Now search for the cipher alias in the ca_list. Be careful
670 * with the strncmp, because the "buflen" limitation
671 * will make the rule "ADH:SOME" and the cipher
672 * "ADH-MY-CIPHER" look like a match for buflen=3.
673 * So additionally check whether the cipher name found
674 * has the correct length. We can save a strlen() call:
675 * just checking for the '\0' at the right place is
676 * sufficient, we have to strncmp() anyway.
677 */
678 j = found = 0;
679 while (ca_list[j])
680 {
681 if ((ca_list[j]->name[buflen] == '\0') &&
682 !strncmp(buf, ca_list[j]->name, buflen))
683 {
684 found = 1;
685 break;
686 }
687 else
688 j++;
689 }
690 if (!found)
691 break; /* ignore this entry */
692
693 algorithms |= ca_list[j]->algorithms;
694 mask |= ca_list[j]->mask;
695 algo_strength |= ca_list[j]->algo_strength;
696 mask_strength |= ca_list[j]->mask_strength;
697
698 if (!multi) break;
699 }
700
701 /*
702 * Ok, we have the rule, now apply it
703 */
704 if (rule == CIPHER_SPECIAL)
705 { /* special command */
706 ok = 0;
707 if ((buflen == 8) &&
708 !strncmp(buf, "STRENGTH", 8))
709 ok = ssl_cipher_strength_sort(list,
710 head_p, tail_p);
711 else
712 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
713 SSL_R_INVALID_COMMAND);
714 if (ok == 0)
715 retval = 0;
716 /*
717 * We do not support any "multi" options
718 * together with "@", so throw away the
719 * rest of the command, if any left, until
720 * end or ':' is found.
721 */
722 while ((*l != '\0') && ITEM_SEP(*l))
723 l++;
724 }
725 else if (found)
726 {
727 ssl_cipher_apply_rule(algorithms, mask,
728 algo_strength, mask_strength, rule, -1,
729 list, head_p, tail_p);
730 }
731 else
732 {
733 while ((*l != '\0') && ITEM_SEP(*l))
734 l++;
735 }
736 if (*l == '\0') break; /* done */
737 }
738
739 return(retval);
740 }
741
742STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
743 STACK_OF(SSL_CIPHER) **cipher_list,
744 STACK_OF(SSL_CIPHER) **cipher_list_by_id,
745 const char *rule_str)
746 {
747 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
748 unsigned long disabled_mask;
749 STACK_OF(SSL_CIPHER) *cipherstack;
750 const char *rule_p;
751 CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr;
752 SSL_CIPHER **ca_list = NULL;
753
754 /*
755 * Return with error if nothing to do.
756 */
757 if (rule_str == NULL) return(NULL);
758
759 if (init_ciphers) load_ciphers();
760
761 /*
762 * To reduce the work to do we only want to process the compiled
763 * in algorithms, so we first get the mask of disabled ciphers.
764 */
765 disabled_mask = ssl_cipher_get_disabled();
766
767 /*
768 * Now we have to collect the available ciphers from the compiled
769 * in ciphers. We cannot get more than the number compiled in, so
770 * it is used for allocation.
771 */
772 num_of_ciphers = ssl_method->num_ciphers();
773#ifdef KSSL_DEBUG
774 printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
775#endif /* KSSL_DEBUG */
776 list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
777 if (list == NULL)
778 {
779 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
780 return(NULL); /* Failure */
781 }
782
783 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
784 list, &head, &tail);
785
786 /*
787 * We also need cipher aliases for selecting based on the rule_str.
788 * There might be two types of entries in the rule_str: 1) names
789 * of ciphers themselves 2) aliases for groups of ciphers.
790 * For 1) we need the available ciphers and for 2) the cipher
791 * groups of cipher_aliases added together in one list (otherwise
792 * we would be happy with just the cipher_aliases table).
793 */
794 num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
795 num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
796 ca_list =
797 (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
798 if (ca_list == NULL)
799 {
800 OPENSSL_free(list);
801 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
802 return(NULL); /* Failure */
803 }
804 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
805 head);
806
807 /*
808 * If the rule_string begins with DEFAULT, apply the default rule
809 * before using the (possibly available) additional rules.
810 */
811 ok = 1;
812 rule_p = rule_str;
813 if (strncmp(rule_str,"DEFAULT",7) == 0)
814 {
815 ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
816 list, &head, &tail, ca_list);
817 rule_p += 7;
818 if (*rule_p == ':')
819 rule_p++;
820 }
821
822 if (ok && (strlen(rule_p) > 0))
823 ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail,
824 ca_list);
825
826 OPENSSL_free(ca_list); /* Not needed anymore */
827
828 if (!ok)
829 { /* Rule processing failure */
830 OPENSSL_free(list);
831 return(NULL);
832 }
833 /*
834 * Allocate new "cipherstack" for the result, return with error
835 * if we cannot get one.
836 */
837 if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
838 {
839 OPENSSL_free(list);
840 return(NULL);
841 }
842
843 /*
844 * The cipher selection for the list is done. The ciphers are added
845 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
846 */
847 for (curr = head; curr != NULL; curr = curr->next)
848 {
849 if (curr->active)
850 {
851 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
852#ifdef CIPHER_DEBUG
853 printf("<%s>\n",curr->cipher->name);
854#endif
855 }
856 }
857 OPENSSL_free(list); /* Not needed any longer */
858
859 /*
860 * The following passage is a little bit odd. If pointer variables
861 * were supplied to hold STACK_OF(SSL_CIPHER) return information,
862 * the old memory pointed to is free()ed. Then, however, the
863 * cipher_list entry will be assigned just a copy of the returned
864 * cipher stack. For cipher_list_by_id a copy of the cipher stack
865 * will be created. See next comment...
866 */
867 if (cipher_list != NULL)
868 {
869 if (*cipher_list != NULL)
870 sk_SSL_CIPHER_free(*cipher_list);
871 *cipher_list = cipherstack;
872 }
873
874 if (cipher_list_by_id != NULL)
875 {
876 if (*cipher_list_by_id != NULL)
877 sk_SSL_CIPHER_free(*cipher_list_by_id);
878 *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
879 }
880
881 /*
882 * Now it is getting really strange. If something failed during
883 * the previous pointer assignment or if one of the pointers was
884 * not requested, the error condition is met. That might be
885 * discussable. The strange thing is however that in this case
886 * the memory "ret" pointed to is "free()ed" and hence the pointer
887 * cipher_list becomes wild. The memory reserved for
888 * cipher_list_by_id however is not "free()ed" and stays intact.
889 */
890 if ( (cipher_list_by_id == NULL) ||
891 (*cipher_list_by_id == NULL) ||
892 (cipher_list == NULL) ||
893 (*cipher_list == NULL))
894 {
895 sk_SSL_CIPHER_free(cipherstack);
896 return(NULL);
897 }
898
899 sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
900
901 return(cipherstack);
902 }
903
904char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
905 {
906 int is_export,pkl,kl;
907 char *ver,*exp;
908 char *kx,*au,*enc,*mac;
909 unsigned long alg,alg2,alg_s;
910#ifdef KSSL_DEBUG
911 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
912#else
913 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
914#endif /* KSSL_DEBUG */
915
916 alg=cipher->algorithms;
917 alg_s=cipher->algo_strength;
918 alg2=cipher->algorithm2;
919
920 is_export=SSL_C_IS_EXPORT(cipher);
921 pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
922 kl=SSL_C_EXPORT_KEYLENGTH(cipher);
923 exp=is_export?" export":"";
924
925 if (alg & SSL_SSLV2)
926 ver="SSLv2";
927 else if (alg & SSL_SSLV3)
928 ver="SSLv3";
929 else
930 ver="unknown";
931
932 switch (alg&SSL_MKEY_MASK)
933 {
934 case SSL_kRSA:
935 kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
936 break;
937 case SSL_kDHr:
938 kx="DH/RSA";
939 break;
940 case SSL_kDHd:
941 kx="DH/DSS";
942 break;
943 case SSL_kKRB5: /* VRS */
944 case SSL_KRB5: /* VRS */
945 kx="KRB5";
946 break;
947 case SSL_kFZA:
948 kx="Fortezza";
949 break;
950 case SSL_kEDH:
951 kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
952 break;
953 default:
954 kx="unknown";
955 }
956
957 switch (alg&SSL_AUTH_MASK)
958 {
959 case SSL_aRSA:
960 au="RSA";
961 break;
962 case SSL_aDSS:
963 au="DSS";
964 break;
965 case SSL_aDH:
966 au="DH";
967 break;
968 case SSL_aKRB5: /* VRS */
969 case SSL_KRB5: /* VRS */
970 au="KRB5";
971 break;
972 case SSL_aFZA:
973 case SSL_aNULL:
974 au="None";
975 break;
976 default:
977 au="unknown";
978 break;
979 }
980
981 switch (alg&SSL_ENC_MASK)
982 {
983 case SSL_DES:
984 enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
985 break;
986 case SSL_3DES:
987 enc="3DES(168)";
988 break;
989 case SSL_RC4:
990 enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
991 :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
992 break;
993 case SSL_RC2:
994 enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
995 break;
996 case SSL_IDEA:
997 enc="IDEA(128)";
998 break;
999 case SSL_eFZA:
1000 enc="Fortezza";
1001 break;
1002 case SSL_eNULL:
1003 enc="None";
1004 break;
1005 case SSL_AES:
1006 switch(cipher->strength_bits)
1007 {
1008 case 128: enc="AESdraft(128)"; break;
1009 case 192: enc="AESdraft(192)"; break;
1010 case 256: enc="AESdraft(256)"; break;
1011 default: enc="AESdraft(?""?""?)"; break;
1012 }
1013 break;
1014 default:
1015 enc="unknown";
1016 break;
1017 }
1018
1019 switch (alg&SSL_MAC_MASK)
1020 {
1021 case SSL_MD5:
1022 mac="MD5";
1023 break;
1024 case SSL_SHA1:
1025 mac="SHA1";
1026 break;
1027 default:
1028 mac="unknown";
1029 break;
1030 }
1031
1032 if (buf == NULL)
1033 {
1034 len=128;
1035 buf=OPENSSL_malloc(len);
1036 if (buf == NULL) return("OPENSSL_malloc Error");
1037 }
1038 else if (len < 128)
1039 return("Buffer too small");
1040
1041#ifdef KSSL_DEBUG
1042 BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp,alg);
1043#else
1044 BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
1045#endif /* KSSL_DEBUG */
1046 return(buf);
1047 }
1048
1049char *SSL_CIPHER_get_version(SSL_CIPHER *c)
1050 {
1051 int i;
1052
1053 if (c == NULL) return("(NONE)");
1054 i=(int)(c->id>>24L);
1055 if (i == 3)
1056 return("TLSv1/SSLv3");
1057 else if (i == 2)
1058 return("SSLv2");
1059 else
1060 return("unknown");
1061 }
1062
1063/* return the actual cipher being used */
1064const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
1065 {
1066 if (c != NULL)
1067 return(c->name);
1068 return("(NONE)");
1069 }
1070
1071/* number of bits for symmetric cipher */
1072int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
1073 {
1074 int ret=0;
1075
1076 if (c != NULL)
1077 {
1078 if (alg_bits != NULL) *alg_bits = c->alg_bits;
1079 ret = c->strength_bits;
1080 }
1081 return(ret);
1082 }
1083
1084SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
1085 {
1086 SSL_COMP *ctmp;
1087 int i,nn;
1088
1089 if ((n == 0) || (sk == NULL)) return(NULL);
1090 nn=sk_SSL_COMP_num(sk);
1091 for (i=0; i<nn; i++)
1092 {
1093 ctmp=sk_SSL_COMP_value(sk,i);
1094 if (ctmp->id == n)
1095 return(ctmp);
1096 }
1097 return(NULL);
1098 }
1099
1100static int sk_comp_cmp(const SSL_COMP * const *a,
1101 const SSL_COMP * const *b)
1102 {
1103 return((*a)->id-(*b)->id);
1104 }
1105
1106STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
1107 {
1108 return(ssl_comp_methods);
1109 }
1110
1111int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
1112 {
1113 SSL_COMP *comp;
1114 STACK_OF(SSL_COMP) *sk;
1115
1116 if (cm == NULL || cm->type == NID_undef)
1117 return 1;
1118
1119 MemCheck_off();
1120 comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
1121 comp->id=id;
1122 comp->method=cm;
1123 if (ssl_comp_methods == NULL)
1124 sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
1125 else
1126 sk=ssl_comp_methods;
1127 if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
1128 {
1129 MemCheck_on();
1130 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
1131 return(0);
1132 }
1133 else
1134 {
1135 MemCheck_on();
1136 return(1);
1137 }
1138 }
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
new file mode 100644
index 0000000000..0cad32c855
--- /dev/null
+++ b/src/lib/libssl/ssl_err.c
@@ -0,0 +1,454 @@
1/* ssl/ssl_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/ssl.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67static ERR_STRING_DATA SSL_str_functs[]=
68 {
69{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
70{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
71{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
72{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
73{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"},
74{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"},
75{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"},
76{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"},
77{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"},
78{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"},
79{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
80{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
81{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
82{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
83{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
84{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
85{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
86{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
87{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"},
88{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"},
89{ERR_PACK(0,SSL_F_SSL23_PEEK,0), "SSL23_PEEK"},
90{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"},
91{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"},
92{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
93{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
94{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
95{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
96{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
97{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0), "SSL2_READ_INTERNAL"},
98{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"},
99{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"},
100{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"},
101{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0), "SSL3_CALLBACK_CTRL"},
102{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"},
103{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"},
104{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
105{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"},
106{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
107{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
108{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
109{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0), "SSL3_GENERATE_KEY_BLOCK"},
110{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
111{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
112{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
113{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"},
114{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
115{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
116{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"},
117{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"},
118{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"},
119{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"},
120{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"},
121{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"},
122{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"},
123{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"},
124{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"},
125{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"},
126{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"},
127{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"},
128{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
129{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
130{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
131{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
132{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
133{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
134{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"},
135{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"},
136{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0), "SSL_add_dir_cert_subjects_to_stack"},
137{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0), "SSL_add_file_cert_subjects_to_stack"},
138{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"},
139{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"},
140{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0), "SSL_CERT_DUP"},
141{ERR_PACK(0,SSL_F_SSL_CERT_INST,0), "SSL_CERT_INST"},
142{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0), "SSL_CERT_INSTANTIATE"},
143{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"},
144{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"},
145{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0), "SSL_CIPHER_PROCESS_RULESTR"},
146{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0), "SSL_CIPHER_STRENGTH_SORT"},
147{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"},
148{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0), "SSL_COMP_add_compression_method"},
149{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
150{ERR_PACK(0,SSL_F_SSL_CTRL,0), "SSL_ctrl"},
151{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
152{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
153{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0), "SSL_CTX_set_purpose"},
154{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"},
155{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
156{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"},
157{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
158{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
159{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0), "SSL_CTX_use_certificate_chain_file"},
160{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"},
161{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"},
162{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"},
163{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"},
164{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
165{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"},
166{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"},
167{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"},
168{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"},
169{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0), "SSL_GET_PREV_SESSION"},
170{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"},
171{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
172{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"},
173{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"},
174{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"},
175{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"},
176{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"},
177{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"},
178{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"},
179{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"},
180{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"},
181{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"},
182{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"},
183{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"},
184{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0), "SSL_set_purpose"},
185{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"},
186{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"},
187{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"},
188{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0), "SSL_set_trust"},
189{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"},
190{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"},
191{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"},
192{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"},
193{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"},
194{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"},
195{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"},
196{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"},
197{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"},
198{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"},
199{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"},
200{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"},
201{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"},
202{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
203{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"},
204{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"},
205{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"},
206{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"},
207{0,NULL}
208 };
209
210static ERR_STRING_DATA SSL_str_reasons[]=
211 {
212{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"},
213{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
214{SSL_R_BAD_ALERT_RECORD ,"bad alert record"},
215{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
216{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
217{SSL_R_BAD_CHECKSUM ,"bad checksum"},
218{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
219{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
220{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
221{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"},
222{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
223{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
224{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
225{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"},
226{SSL_R_BAD_LENGTH ,"bad length"},
227{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
228{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
229{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"},
230{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"},
231{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"},
232{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"},
233{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"},
234{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"},
235{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"},
236{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"},
237{SSL_R_BAD_SIGNATURE ,"bad signature"},
238{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"},
239{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"},
240{SSL_R_BAD_STATE ,"bad state"},
241{SSL_R_BAD_WRITE_RETRY ,"bad write retry"},
242{SSL_R_BIO_NOT_SET ,"bio not set"},
243{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"},
244{SSL_R_BN_LIB ,"bn lib"},
245{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"},
246{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"},
247{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"},
248{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"},
249{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"},
250{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"},
251{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"},
252{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"},
253{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"},
254{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"},
255{SSL_R_COMPRESSION_FAILURE ,"compression failure"},
256{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"},
257{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"},
258{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"},
259{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
260{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
261{SSL_R_DECRYPTION_FAILED ,"decryption failed"},
262{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
263{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
264{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
265{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
266{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"},
267{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
268{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
269{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},
270{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
271{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"},
272{SSL_R_HTTP_REQUEST ,"http request"},
273{SSL_R_ILLEGAL_PADDING ,"illegal padding"},
274{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
275{SSL_R_INVALID_COMMAND ,"invalid command"},
276{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
277{SSL_R_INVALID_TRUST ,"invalid trust"},
278{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"},
279{SSL_R_KRB5 ,"krb5"},
280{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"},
281{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"},
282{SSL_R_KRB5_C_INIT ,"krb5 client init"},
283{SSL_R_KRB5_C_MK_REQ ,"krb5 client mk_req (expired tkt?)"},
284{SSL_R_KRB5_S_BAD_TICKET ,"krb5 server bad ticket"},
285{SSL_R_KRB5_S_INIT ,"krb5 server init"},
286{SSL_R_KRB5_S_RD_REQ ,"krb5 server rd_req (keytab perms?)"},
287{SSL_R_KRB5_S_TKT_EXPIRED ,"krb5 server tkt expired"},
288{SSL_R_KRB5_S_TKT_NYV ,"krb5 server tkt not yet valid"},
289{SSL_R_KRB5_S_TKT_SKEW ,"krb5 server tkt skew"},
290{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
291{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
292{SSL_R_LIBRARY_BUG ,"library bug"},
293{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"},
294{SSL_R_MESSAGE_TOO_LONG ,"message too long"},
295{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"},
296{SSL_R_MISSING_DH_KEY ,"missing dh key"},
297{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"},
298{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"},
299{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"},
300{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"},
301{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"},
302{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"},
303{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"},
304{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"},
305{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"},
306{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"},
307{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"},
308{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"},
309{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"},
310{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"},
311{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"},
312{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"},
313{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"},
314{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"},
315{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"},
316{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"},
317{SSL_R_NO_CIPHER_LIST ,"no cipher list"},
318{SSL_R_NO_CIPHER_MATCH ,"no cipher match"},
319{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"},
320{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"},
321{SSL_R_NO_METHOD_SPECIFIED ,"no method specified"},
322{SSL_R_NO_PRIVATEKEY ,"no privatekey"},
323{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"},
324{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"},
325{SSL_R_NO_PUBLICKEY ,"no publickey"},
326{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"},
327{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"},
328{SSL_R_NULL_SSL_CTX ,"null ssl ctx"},
329{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"},
330{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"},
331{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"},
332{SSL_R_PATH_TOO_LONG ,"path too long"},
333{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
334{SSL_R_PEER_ERROR ,"peer error"},
335{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"},
336{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"},
337{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"},
338{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
339{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"},
340{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
341{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"},
342{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"},
343{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"},
344{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
345{SSL_R_READ_BIO_NOT_SET ,"read bio not set"},
346{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"},
347{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"},
348{SSL_R_RECORD_TOO_LARGE ,"record too large"},
349{SSL_R_RECORD_TOO_SMALL ,"record too small"},
350{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"},
351{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"},
352{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"},
353{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"},
354{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"},
355{SSL_R_SHORT_READ ,"short read"},
356{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
357{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
358{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"},
359{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
360{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
361{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
362{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"},
363{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"},
364{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"},
365{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
366{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"},
367{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"},
368{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"},
369{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
370{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
371{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"},
372{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
373{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"},
374{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
375{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
376{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
377{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"},
378{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"},
379{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED ,"ssl session id callback failed"},
380{SSL_R_SSL_SESSION_ID_CONFLICT ,"ssl session id conflict"},
381{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ,"ssl session id context too long"},
382{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH ,"ssl session id has bad length"},
383{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"},
384{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"},
385{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"},
386{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"},
387{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"},
388{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"},
389{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
390{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"},
391{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"},
392{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"},
393{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"},
394{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"},
395{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"},
396{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
397{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
398{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
399{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"},
400{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"},
401{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"},
402{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"},
403{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
404{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"},
405{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"},
406{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"},
407{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
408{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"},
409{SSL_R_UNEXPECTED_RECORD ,"unexpected record"},
410{SSL_R_UNINITIALIZED ,"uninitialized"},
411{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"},
412{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"},
413{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"},
414{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"},
415{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"},
416{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"},
417{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"},
418{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"},
419{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"},
420{SSL_R_UNKNOWN_STATE ,"unknown state"},
421{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
422{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
423{SSL_R_UNSUPPORTED_OPTION ,"unsupported option"},
424{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"},
425{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"},
426{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"},
427{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"},
428{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"},
429{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
430{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
431{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
432{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
433{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
434{SSL_R_X509_LIB ,"x509 lib"},
435{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"},
436{0,NULL}
437 };
438
439#endif
440
441void ERR_load_SSL_strings(void)
442 {
443 static int init=1;
444
445 if (init)
446 {
447 init=0;
448#ifndef OPENSSL_NO_ERR
449 ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
450 ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
451#endif
452
453 }
454 }
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
new file mode 100644
index 0000000000..ea95a5f983
--- /dev/null
+++ b/src/lib/libssl/ssl_err2.c
@@ -0,0 +1,70 @@
1/* ssl/ssl_err2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/err.h>
61#include <openssl/ssl.h>
62
63void SSL_load_error_strings(void)
64 {
65#ifndef OPENSSL_NO_ERR
66 ERR_load_crypto_strings();
67 ERR_load_SSL_strings();
68#endif
69 }
70
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
new file mode 100644
index 0000000000..e516382b6c
--- /dev/null
+++ b/src/lib/libssl/ssl_lib.c
@@ -0,0 +1,2298 @@
1/*! \file ssl/ssl_lib.c
2 * \brief Version independent SSL functions.
3 */
4/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * All rights reserved.
6 *
7 * This package is an SSL implementation written
8 * by Eric Young (eay@cryptsoft.com).
9 * The implementation was written so as to conform with Netscapes SSL.
10 *
11 * This library is free for commercial and non-commercial use as long as
12 * the following conditions are aheared to. The following conditions
13 * apply to all code found in this distribution, be it the RC4, RSA,
14 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
15 * included with this distribution is covered by the same copyright terms
16 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17 *
18 * Copyright remains Eric Young's, and as such any Copyright notices in
19 * the code are not to be removed.
20 * If this package is used in a product, Eric Young should be given attribution
21 * as the author of the parts of the library used.
22 * This can be in the form of a textual message at program startup or
23 * in documentation (online or textual) provided with the package.
24 *
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
27 * are met:
28 * 1. Redistributions of source code must retain the copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 * 3. All advertising materials mentioning features or use of this software
34 * must display the following acknowledgement:
35 * "This product includes cryptographic software written by
36 * Eric Young (eay@cryptsoft.com)"
37 * The word 'cryptographic' can be left out if the rouines from the library
38 * being used are not cryptographic related :-).
39 * 4. If you include any Windows specific code (or a derivative thereof) from
40 * the apps directory (application code) you must include an acknowledgement:
41 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42 *
43 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
44 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
47 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
48 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
49 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * SUCH DAMAGE.
54 *
55 * The licence and distribution terms for any publically available version or
56 * derivative of this code cannot be changed. i.e. this code cannot simply be
57 * copied and put under another distribution licence
58 * [including the GNU Public Licence.]
59 */
60/* ====================================================================
61 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
62 *
63 * Redistribution and use in source and binary forms, with or without
64 * modification, are permitted provided that the following conditions
65 * are met:
66 *
67 * 1. Redistributions of source code must retain the above copyright
68 * notice, this list of conditions and the following disclaimer.
69 *
70 * 2. Redistributions in binary form must reproduce the above copyright
71 * notice, this list of conditions and the following disclaimer in
72 * the documentation and/or other materials provided with the
73 * distribution.
74 *
75 * 3. All advertising materials mentioning features or use of this
76 * software must display the following acknowledgment:
77 * "This product includes software developed by the OpenSSL Project
78 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
79 *
80 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
81 * endorse or promote products derived from this software without
82 * prior written permission. For written permission, please contact
83 * openssl-core@openssl.org.
84 *
85 * 5. Products derived from this software may not be called "OpenSSL"
86 * nor may "OpenSSL" appear in their names without prior written
87 * permission of the OpenSSL Project.
88 *
89 * 6. Redistributions of any form whatsoever must retain the following
90 * acknowledgment:
91 * "This product includes software developed by the OpenSSL Project
92 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
93 *
94 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
95 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
97 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
98 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
99 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
100 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
101 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
102 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
103 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
104 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
105 * OF THE POSSIBILITY OF SUCH DAMAGE.
106 * ====================================================================
107 *
108 * This product includes cryptographic software written by Eric Young
109 * (eay@cryptsoft.com). This product includes software written by Tim
110 * Hudson (tjh@cryptsoft.com).
111 *
112 */
113
114
115#ifdef REF_CHECK
116# include <assert.h>
117#endif
118#include <stdio.h>
119#include <openssl/objects.h>
120#include <openssl/lhash.h>
121#include <openssl/x509v3.h>
122#include "ssl_locl.h"
123#include "kssl_lcl.h"
124
125const char *SSL_version_str=OPENSSL_VERSION_TEXT;
126
127OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
128 /* evil casts, but these functions are only called if there's a library bug */
129 (int (*)(SSL *,int))ssl_undefined_function,
130 (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
131 ssl_undefined_function,
132 (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
133 (int (*)(SSL*, int))ssl_undefined_function,
134 (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
135 };
136
137int SSL_clear(SSL *s)
138 {
139
140 if (s->method == NULL)
141 {
142 SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
143 return(0);
144 }
145
146 if (ssl_clear_bad_session(s))
147 {
148 SSL_SESSION_free(s->session);
149 s->session=NULL;
150 }
151
152 s->error=0;
153 s->hit=0;
154 s->shutdown=0;
155
156#if 0 /* Disabled since version 1.10 of this file (early return not
157 * needed because SSL_clear is not called when doing renegotiation) */
158 /* This is set if we are doing dynamic renegotiation so keep
159 * the old cipher. It is sort of a SSL_clear_lite :-) */
160 if (s->new_session) return(1);
161#else
162 if (s->new_session)
163 {
164 SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
165 return 0;
166 }
167#endif
168
169 s->type=0;
170
171 s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
172
173 s->version=s->method->version;
174 s->client_version=s->version;
175 s->rwstate=SSL_NOTHING;
176 s->rstate=SSL_ST_READ_HEADER;
177#if 0
178 s->read_ahead=s->ctx->read_ahead;
179#endif
180
181 if (s->init_buf != NULL)
182 {
183 BUF_MEM_free(s->init_buf);
184 s->init_buf=NULL;
185 }
186
187 ssl_clear_cipher_ctx(s);
188
189 s->first_packet=0;
190
191#if 1
192 /* Check to see if we were changed into a different method, if
193 * so, revert back if we are not doing session-id reuse. */
194 if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
195 {
196 s->method->ssl_free(s);
197 s->method=s->ctx->method;
198 if (!s->method->ssl_new(s))
199 return(0);
200 }
201 else
202#endif
203 s->method->ssl_clear(s);
204 return(1);
205 }
206
207/** Used to change an SSL_CTXs default SSL method type */
208int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
209 {
210 STACK_OF(SSL_CIPHER) *sk;
211
212 ctx->method=meth;
213
214 sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
215 &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
216 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
217 {
218 SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
219 return(0);
220 }
221 return(1);
222 }
223
224SSL *SSL_new(SSL_CTX *ctx)
225 {
226 SSL *s;
227
228 if (ctx == NULL)
229 {
230 SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
231 return(NULL);
232 }
233 if (ctx->method == NULL)
234 {
235 SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
236 return(NULL);
237 }
238
239 s=(SSL *)OPENSSL_malloc(sizeof(SSL));
240 if (s == NULL) goto err;
241 memset(s,0,sizeof(SSL));
242
243#ifndef OPENSSL_NO_KRB5
244 s->kssl_ctx = kssl_ctx_new();
245#endif /* OPENSSL_NO_KRB5 */
246
247 s->options=ctx->options;
248 s->mode=ctx->mode;
249 s->max_cert_list=ctx->max_cert_list;
250
251 if (ctx->cert != NULL)
252 {
253 /* Earlier library versions used to copy the pointer to
254 * the CERT, not its contents; only when setting new
255 * parameters for the per-SSL copy, ssl_cert_new would be
256 * called (and the direct reference to the per-SSL_CTX
257 * settings would be lost, but those still were indirectly
258 * accessed for various purposes, and for that reason they
259 * used to be known as s->ctx->default_cert).
260 * Now we don't look at the SSL_CTX's CERT after having
261 * duplicated it once. */
262
263 s->cert = ssl_cert_dup(ctx->cert);
264 if (s->cert == NULL)
265 goto err;
266 }
267 else
268 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
269
270 s->read_ahead=ctx->read_ahead;
271 s->msg_callback=ctx->msg_callback;
272 s->msg_callback_arg=ctx->msg_callback_arg;
273 s->verify_mode=ctx->verify_mode;
274 s->verify_depth=ctx->verify_depth;
275 s->sid_ctx_length=ctx->sid_ctx_length;
276 memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
277 s->verify_callback=ctx->default_verify_callback;
278 s->generate_session_id=ctx->generate_session_id;
279 s->purpose = ctx->purpose;
280 s->trust = ctx->trust;
281 s->quiet_shutdown=ctx->quiet_shutdown;
282
283 CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
284 s->ctx=ctx;
285
286 s->verify_result=X509_V_OK;
287
288 s->method=ctx->method;
289
290 if (!s->method->ssl_new(s))
291 goto err;
292
293 s->references=1;
294 s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
295
296 SSL_clear(s);
297
298 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
299
300 return(s);
301err:
302 if (s != NULL)
303 {
304 if (s->cert != NULL)
305 ssl_cert_free(s->cert);
306 if (s->ctx != NULL)
307 SSL_CTX_free(s->ctx); /* decrement reference count */
308 OPENSSL_free(s);
309 }
310 SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
311 return(NULL);
312 }
313
314int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
315 unsigned int sid_ctx_len)
316 {
317 if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
318 {
319 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
320 return 0;
321 }
322 ctx->sid_ctx_length=sid_ctx_len;
323 memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
324
325 return 1;
326 }
327
328int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
329 unsigned int sid_ctx_len)
330 {
331 if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
332 {
333 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
334 return 0;
335 }
336 ssl->sid_ctx_length=sid_ctx_len;
337 memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
338
339 return 1;
340 }
341
342int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
343 {
344 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
345 ctx->generate_session_id = cb;
346 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
347 return 1;
348 }
349
350int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
351 {
352 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
353 ssl->generate_session_id = cb;
354 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
355 return 1;
356 }
357
358int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
359 unsigned int id_len)
360 {
361 /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
362 * we can "construct" a session to give us the desired check - ie. to
363 * find if there's a session in the hash table that would conflict with
364 * any new session built out of this id/id_len and the ssl_version in
365 * use by this SSL. */
366 SSL_SESSION r, *p;
367 r.ssl_version = ssl->version;
368 r.session_id_length = id_len;
369 memcpy(r.session_id, id, id_len);
370 /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
371 * callback is calling us to check the uniqueness of a shorter ID, it
372 * must be compared as a padded-out ID because that is what it will be
373 * converted to when the callback has finished choosing it. */
374 if((r.ssl_version == SSL2_VERSION) &&
375 (id_len < SSL2_SSL_SESSION_ID_LENGTH))
376 {
377 memset(r.session_id + id_len, 0,
378 SSL2_SSL_SESSION_ID_LENGTH - id_len);
379 r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
380 }
381
382 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
383 p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
384 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
385 return (p != NULL);
386 }
387
388int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
389 {
390 return X509_PURPOSE_set(&s->purpose, purpose);
391 }
392
393int SSL_set_purpose(SSL *s, int purpose)
394 {
395 return X509_PURPOSE_set(&s->purpose, purpose);
396 }
397
398int SSL_CTX_set_trust(SSL_CTX *s, int trust)
399 {
400 return X509_TRUST_set(&s->trust, trust);
401 }
402
403int SSL_set_trust(SSL *s, int trust)
404 {
405 return X509_TRUST_set(&s->trust, trust);
406 }
407
408void SSL_free(SSL *s)
409 {
410 int i;
411
412 if(s == NULL)
413 return;
414
415 i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
416#ifdef REF_PRINT
417 REF_PRINT("SSL",s);
418#endif
419 if (i > 0) return;
420#ifdef REF_CHECK
421 if (i < 0)
422 {
423 fprintf(stderr,"SSL_free, bad reference count\n");
424 abort(); /* ok */
425 }
426#endif
427
428 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
429
430 if (s->bbio != NULL)
431 {
432 /* If the buffering BIO is in place, pop it off */
433 if (s->bbio == s->wbio)
434 {
435 s->wbio=BIO_pop(s->wbio);
436 }
437 BIO_free(s->bbio);
438 s->bbio=NULL;
439 }
440 if (s->rbio != NULL)
441 BIO_free_all(s->rbio);
442 if ((s->wbio != NULL) && (s->wbio != s->rbio))
443 BIO_free_all(s->wbio);
444
445 if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
446
447 /* add extra stuff */
448 if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
449 if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
450
451 /* Make the next call work :-) */
452 if (s->session != NULL)
453 {
454 ssl_clear_bad_session(s);
455 SSL_SESSION_free(s->session);
456 }
457
458 ssl_clear_cipher_ctx(s);
459
460 if (s->cert != NULL) ssl_cert_free(s->cert);
461 /* Free up if allocated */
462
463 if (s->ctx) SSL_CTX_free(s->ctx);
464
465 if (s->client_CA != NULL)
466 sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
467
468 if (s->method != NULL) s->method->ssl_free(s);
469
470 OPENSSL_free(s);
471 }
472
473void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
474 {
475 /* If the output buffering BIO is still in place, remove it
476 */
477 if (s->bbio != NULL)
478 {
479 if (s->wbio == s->bbio)
480 {
481 s->wbio=s->wbio->next_bio;
482 s->bbio->next_bio=NULL;
483 }
484 }
485 if ((s->rbio != NULL) && (s->rbio != rbio))
486 BIO_free_all(s->rbio);
487 if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
488 BIO_free_all(s->wbio);
489 s->rbio=rbio;
490 s->wbio=wbio;
491 }
492
493BIO *SSL_get_rbio(SSL *s)
494 { return(s->rbio); }
495
496BIO *SSL_get_wbio(SSL *s)
497 { return(s->wbio); }
498
499int SSL_get_fd(SSL *s)
500 {
501 return(SSL_get_rfd(s));
502 }
503
504int SSL_get_rfd(SSL *s)
505 {
506 int ret= -1;
507 BIO *b,*r;
508
509 b=SSL_get_rbio(s);
510 r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
511 if (r != NULL)
512 BIO_get_fd(r,&ret);
513 return(ret);
514 }
515
516int SSL_get_wfd(SSL *s)
517 {
518 int ret= -1;
519 BIO *b,*r;
520
521 b=SSL_get_wbio(s);
522 r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
523 if (r != NULL)
524 BIO_get_fd(r,&ret);
525 return(ret);
526 }
527
528#ifndef OPENSSL_NO_SOCK
529int SSL_set_fd(SSL *s,int fd)
530 {
531 int ret=0;
532 BIO *bio=NULL;
533
534 bio=BIO_new(BIO_s_socket());
535
536 if (bio == NULL)
537 {
538 SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
539 goto err;
540 }
541 BIO_set_fd(bio,fd,BIO_NOCLOSE);
542 SSL_set_bio(s,bio,bio);
543 ret=1;
544err:
545 return(ret);
546 }
547
548int SSL_set_wfd(SSL *s,int fd)
549 {
550 int ret=0;
551 BIO *bio=NULL;
552
553 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
554 || ((int)BIO_get_fd(s->rbio,NULL) != fd))
555 {
556 bio=BIO_new(BIO_s_socket());
557
558 if (bio == NULL)
559 { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
560 BIO_set_fd(bio,fd,BIO_NOCLOSE);
561 SSL_set_bio(s,SSL_get_rbio(s),bio);
562 }
563 else
564 SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
565 ret=1;
566err:
567 return(ret);
568 }
569
570int SSL_set_rfd(SSL *s,int fd)
571 {
572 int ret=0;
573 BIO *bio=NULL;
574
575 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
576 || ((int)BIO_get_fd(s->wbio,NULL) != fd))
577 {
578 bio=BIO_new(BIO_s_socket());
579
580 if (bio == NULL)
581 {
582 SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
583 goto err;
584 }
585 BIO_set_fd(bio,fd,BIO_NOCLOSE);
586 SSL_set_bio(s,bio,SSL_get_wbio(s));
587 }
588 else
589 SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
590 ret=1;
591err:
592 return(ret);
593 }
594#endif
595
596
597/* return length of latest Finished message we sent, copy to 'buf' */
598size_t SSL_get_finished(SSL *s, void *buf, size_t count)
599 {
600 size_t ret = 0;
601
602 if (s->s3 != NULL)
603 {
604 ret = s->s3->tmp.finish_md_len;
605 if (count > ret)
606 count = ret;
607 memcpy(buf, s->s3->tmp.finish_md, count);
608 }
609 return ret;
610 }
611
612/* return length of latest Finished message we expected, copy to 'buf' */
613size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
614 {
615 size_t ret = 0;
616
617 if (s->s3 != NULL)
618 {
619 ret = s->s3->tmp.peer_finish_md_len;
620 if (count > ret)
621 count = ret;
622 memcpy(buf, s->s3->tmp.peer_finish_md, count);
623 }
624 return ret;
625 }
626
627
628int SSL_get_verify_mode(SSL *s)
629 {
630 return(s->verify_mode);
631 }
632
633int SSL_get_verify_depth(SSL *s)
634 {
635 return(s->verify_depth);
636 }
637
638int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
639 {
640 return(s->verify_callback);
641 }
642
643int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
644 {
645 return(ctx->verify_mode);
646 }
647
648int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
649 {
650 return(ctx->verify_depth);
651 }
652
653int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
654 {
655 return(ctx->default_verify_callback);
656 }
657
658void SSL_set_verify(SSL *s,int mode,
659 int (*callback)(int ok,X509_STORE_CTX *ctx))
660 {
661 s->verify_mode=mode;
662 if (callback != NULL)
663 s->verify_callback=callback;
664 }
665
666void SSL_set_verify_depth(SSL *s,int depth)
667 {
668 s->verify_depth=depth;
669 }
670
671void SSL_set_read_ahead(SSL *s,int yes)
672 {
673 s->read_ahead=yes;
674 }
675
676int SSL_get_read_ahead(SSL *s)
677 {
678 return(s->read_ahead);
679 }
680
681int SSL_pending(SSL *s)
682 {
683 /* SSL_pending cannot work properly if read-ahead is enabled
684 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
685 * and it is impossible to fix since SSL_pending cannot report
686 * errors that may be observed while scanning the new data.
687 * (Note that SSL_pending() is often used as a boolean value,
688 * so we'd better not return -1.)
689 */
690 return(s->method->ssl_pending(s));
691 }
692
693X509 *SSL_get_peer_certificate(SSL *s)
694 {
695 X509 *r;
696
697 if ((s == NULL) || (s->session == NULL))
698 r=NULL;
699 else
700 r=s->session->peer;
701
702 if (r == NULL) return(r);
703
704 CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
705
706 return(r);
707 }
708
709STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
710 {
711 STACK_OF(X509) *r;
712
713 if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
714 r=NULL;
715 else
716 r=s->session->sess_cert->cert_chain;
717
718 /* If we are a client, cert_chain includes the peer's own
719 * certificate; if we are a server, it does not. */
720
721 return(r);
722 }
723
724/* Now in theory, since the calling process own 't' it should be safe to
725 * modify. We need to be able to read f without being hassled */
726void SSL_copy_session_id(SSL *t,SSL *f)
727 {
728 CERT *tmp;
729
730 /* Do we need to to SSL locking? */
731 SSL_set_session(t,SSL_get_session(f));
732
733 /* what if we are setup as SSLv2 but want to talk SSLv3 or
734 * vice-versa */
735 if (t->method != f->method)
736 {
737 t->method->ssl_free(t); /* cleanup current */
738 t->method=f->method; /* change method */
739 t->method->ssl_new(t); /* setup new */
740 }
741
742 tmp=t->cert;
743 if (f->cert != NULL)
744 {
745 CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
746 t->cert=f->cert;
747 }
748 else
749 t->cert=NULL;
750 if (tmp != NULL) ssl_cert_free(tmp);
751 SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
752 }
753
754/* Fix this so it checks all the valid key/cert options */
755int SSL_CTX_check_private_key(SSL_CTX *ctx)
756 {
757 if ( (ctx == NULL) ||
758 (ctx->cert == NULL) ||
759 (ctx->cert->key->x509 == NULL))
760 {
761 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
762 return(0);
763 }
764 if (ctx->cert->key->privatekey == NULL)
765 {
766 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
767 return(0);
768 }
769 return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
770 }
771
772/* Fix this function so that it takes an optional type parameter */
773int SSL_check_private_key(SSL *ssl)
774 {
775 if (ssl == NULL)
776 {
777 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
778 return(0);
779 }
780 if (ssl->cert == NULL)
781 {
782 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
783 return 0;
784 }
785 if (ssl->cert->key->x509 == NULL)
786 {
787 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
788 return(0);
789 }
790 if (ssl->cert->key->privatekey == NULL)
791 {
792 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
793 return(0);
794 }
795 return(X509_check_private_key(ssl->cert->key->x509,
796 ssl->cert->key->privatekey));
797 }
798
799int SSL_accept(SSL *s)
800 {
801 if (s->handshake_func == 0)
802 /* Not properly initialized yet */
803 SSL_set_accept_state(s);
804
805 return(s->method->ssl_accept(s));
806 }
807
808int SSL_connect(SSL *s)
809 {
810 if (s->handshake_func == 0)
811 /* Not properly initialized yet */
812 SSL_set_connect_state(s);
813
814 return(s->method->ssl_connect(s));
815 }
816
817long SSL_get_default_timeout(SSL *s)
818 {
819 return(s->method->get_timeout());
820 }
821
822int SSL_read(SSL *s,void *buf,int num)
823 {
824 if (s->handshake_func == 0)
825 {
826 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
827 return -1;
828 }
829
830 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
831 {
832 s->rwstate=SSL_NOTHING;
833 return(0);
834 }
835 return(s->method->ssl_read(s,buf,num));
836 }
837
838int SSL_peek(SSL *s,void *buf,int num)
839 {
840 if (s->handshake_func == 0)
841 {
842 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
843 return -1;
844 }
845
846 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
847 {
848 return(0);
849 }
850 return(s->method->ssl_peek(s,buf,num));
851 }
852
853int SSL_write(SSL *s,const void *buf,int num)
854 {
855 if (s->handshake_func == 0)
856 {
857 SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
858 return -1;
859 }
860
861 if (s->shutdown & SSL_SENT_SHUTDOWN)
862 {
863 s->rwstate=SSL_NOTHING;
864 SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
865 return(-1);
866 }
867 return(s->method->ssl_write(s,buf,num));
868 }
869
870int SSL_shutdown(SSL *s)
871 {
872 /* Note that this function behaves differently from what one might
873 * expect. Return values are 0 for no success (yet),
874 * 1 for success; but calling it once is usually not enough,
875 * even if blocking I/O is used (see ssl3_shutdown).
876 */
877
878 if (s->handshake_func == 0)
879 {
880 SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
881 return -1;
882 }
883
884 if ((s != NULL) && !SSL_in_init(s))
885 return(s->method->ssl_shutdown(s));
886 else
887 return(1);
888 }
889
890int SSL_renegotiate(SSL *s)
891 {
892 if (s->new_session == 0)
893 {
894 s->new_session=1;
895 }
896 return(s->method->ssl_renegotiate(s));
897 }
898
899int SSL_renegotiate_pending(SSL *s)
900 {
901 /* becomes true when negotiation is requested;
902 * false again once a handshake has finished */
903 return (s->new_session != 0);
904 }
905
906long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
907 {
908 long l;
909
910 switch (cmd)
911 {
912 case SSL_CTRL_GET_READ_AHEAD:
913 return(s->read_ahead);
914 case SSL_CTRL_SET_READ_AHEAD:
915 l=s->read_ahead;
916 s->read_ahead=larg;
917 return(l);
918
919 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
920 s->msg_callback_arg = parg;
921 return 1;
922
923 case SSL_CTRL_OPTIONS:
924 return(s->options|=larg);
925 case SSL_CTRL_MODE:
926 return(s->mode|=larg);
927 case SSL_CTRL_GET_MAX_CERT_LIST:
928 return(s->max_cert_list);
929 case SSL_CTRL_SET_MAX_CERT_LIST:
930 l=s->max_cert_list;
931 s->max_cert_list=larg;
932 return(l);
933 default:
934 return(s->method->ssl_ctrl(s,cmd,larg,parg));
935 }
936 }
937
938long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
939 {
940 switch(cmd)
941 {
942 case SSL_CTRL_SET_MSG_CALLBACK:
943 s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
944 return 1;
945
946 default:
947 return(s->method->ssl_callback_ctrl(s,cmd,fp));
948 }
949 }
950
951struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
952 {
953 return ctx->sessions;
954 }
955
956long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
957 {
958 long l;
959
960 switch (cmd)
961 {
962 case SSL_CTRL_GET_READ_AHEAD:
963 return(ctx->read_ahead);
964 case SSL_CTRL_SET_READ_AHEAD:
965 l=ctx->read_ahead;
966 ctx->read_ahead=larg;
967 return(l);
968
969 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
970 ctx->msg_callback_arg = parg;
971 return 1;
972
973 case SSL_CTRL_GET_MAX_CERT_LIST:
974 return(ctx->max_cert_list);
975 case SSL_CTRL_SET_MAX_CERT_LIST:
976 l=ctx->max_cert_list;
977 ctx->max_cert_list=larg;
978 return(l);
979
980 case SSL_CTRL_SET_SESS_CACHE_SIZE:
981 l=ctx->session_cache_size;
982 ctx->session_cache_size=larg;
983 return(l);
984 case SSL_CTRL_GET_SESS_CACHE_SIZE:
985 return(ctx->session_cache_size);
986 case SSL_CTRL_SET_SESS_CACHE_MODE:
987 l=ctx->session_cache_mode;
988 ctx->session_cache_mode=larg;
989 return(l);
990 case SSL_CTRL_GET_SESS_CACHE_MODE:
991 return(ctx->session_cache_mode);
992
993 case SSL_CTRL_SESS_NUMBER:
994 return(ctx->sessions->num_items);
995 case SSL_CTRL_SESS_CONNECT:
996 return(ctx->stats.sess_connect);
997 case SSL_CTRL_SESS_CONNECT_GOOD:
998 return(ctx->stats.sess_connect_good);
999 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1000 return(ctx->stats.sess_connect_renegotiate);
1001 case SSL_CTRL_SESS_ACCEPT:
1002 return(ctx->stats.sess_accept);
1003 case SSL_CTRL_SESS_ACCEPT_GOOD:
1004 return(ctx->stats.sess_accept_good);
1005 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1006 return(ctx->stats.sess_accept_renegotiate);
1007 case SSL_CTRL_SESS_HIT:
1008 return(ctx->stats.sess_hit);
1009 case SSL_CTRL_SESS_CB_HIT:
1010 return(ctx->stats.sess_cb_hit);
1011 case SSL_CTRL_SESS_MISSES:
1012 return(ctx->stats.sess_miss);
1013 case SSL_CTRL_SESS_TIMEOUTS:
1014 return(ctx->stats.sess_timeout);
1015 case SSL_CTRL_SESS_CACHE_FULL:
1016 return(ctx->stats.sess_cache_full);
1017 case SSL_CTRL_OPTIONS:
1018 return(ctx->options|=larg);
1019 case SSL_CTRL_MODE:
1020 return(ctx->mode|=larg);
1021 default:
1022 return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
1023 }
1024 }
1025
1026long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1027 {
1028 switch(cmd)
1029 {
1030 case SSL_CTRL_SET_MSG_CALLBACK:
1031 ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
1032 return 1;
1033
1034 default:
1035 return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
1036 }
1037 }
1038
1039int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1040 {
1041 long l;
1042
1043 l=a->id-b->id;
1044 if (l == 0L)
1045 return(0);
1046 else
1047 return((l > 0)?1:-1);
1048 }
1049
1050int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1051 const SSL_CIPHER * const *bp)
1052 {
1053 long l;
1054
1055 l=(*ap)->id-(*bp)->id;
1056 if (l == 0L)
1057 return(0);
1058 else
1059 return((l > 0)?1:-1);
1060 }
1061
1062/** return a STACK of the ciphers available for the SSL and in order of
1063 * preference */
1064STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
1065 {
1066 if ((s != NULL) && (s->cipher_list != NULL))
1067 {
1068 return(s->cipher_list);
1069 }
1070 else if ((s->ctx != NULL) &&
1071 (s->ctx->cipher_list != NULL))
1072 {
1073 return(s->ctx->cipher_list);
1074 }
1075 return(NULL);
1076 }
1077
1078/** return a STACK of the ciphers available for the SSL and in order of
1079 * algorithm id */
1080STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
1081 {
1082 if ((s != NULL) && (s->cipher_list_by_id != NULL))
1083 {
1084 return(s->cipher_list_by_id);
1085 }
1086 else if ((s != NULL) && (s->ctx != NULL) &&
1087 (s->ctx->cipher_list_by_id != NULL))
1088 {
1089 return(s->ctx->cipher_list_by_id);
1090 }
1091 return(NULL);
1092 }
1093
1094/** The old interface to get the same thing as SSL_get_ciphers() */
1095const char *SSL_get_cipher_list(SSL *s,int n)
1096 {
1097 SSL_CIPHER *c;
1098 STACK_OF(SSL_CIPHER) *sk;
1099
1100 if (s == NULL) return(NULL);
1101 sk=SSL_get_ciphers(s);
1102 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1103 return(NULL);
1104 c=sk_SSL_CIPHER_value(sk,n);
1105 if (c == NULL) return(NULL);
1106 return(c->name);
1107 }
1108
1109/** specify the ciphers to be used by default by the SSL_CTX */
1110int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1111 {
1112 STACK_OF(SSL_CIPHER) *sk;
1113
1114 sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
1115 &ctx->cipher_list_by_id,str);
1116/* XXXX */
1117 return((sk == NULL)?0:1);
1118 }
1119
1120/** specify the ciphers to be used by the SSL */
1121int SSL_set_cipher_list(SSL *s,const char *str)
1122 {
1123 STACK_OF(SSL_CIPHER) *sk;
1124
1125 sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
1126 &s->cipher_list_by_id,str);
1127/* XXXX */
1128 return((sk == NULL)?0:1);
1129 }
1130
1131/* works well for SSLv2, not so good for SSLv3 */
1132char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
1133 {
1134 char *p;
1135 const char *cp;
1136 STACK_OF(SSL_CIPHER) *sk;
1137 SSL_CIPHER *c;
1138 int i;
1139
1140 if ((s->session == NULL) || (s->session->ciphers == NULL) ||
1141 (len < 2))
1142 return(NULL);
1143
1144 p=buf;
1145 sk=s->session->ciphers;
1146 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1147 {
1148 /* Decrement for either the ':' or a '\0' */
1149 len--;
1150 c=sk_SSL_CIPHER_value(sk,i);
1151 for (cp=c->name; *cp; )
1152 {
1153 if (len-- == 0)
1154 {
1155 *p='\0';
1156 return(buf);
1157 }
1158 else
1159 *(p++)= *(cp++);
1160 }
1161 *(p++)=':';
1162 }
1163 p[-1]='\0';
1164 return(buf);
1165 }
1166
1167int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
1168 {
1169 int i,j=0;
1170 SSL_CIPHER *c;
1171 unsigned char *q;
1172#ifndef OPENSSL_NO_KRB5
1173 int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
1174#endif /* OPENSSL_NO_KRB5 */
1175
1176 if (sk == NULL) return(0);
1177 q=p;
1178
1179 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1180 {
1181 c=sk_SSL_CIPHER_value(sk,i);
1182#ifndef OPENSSL_NO_KRB5
1183 if ((c->algorithms & SSL_KRB5) && nokrb5)
1184 continue;
1185#endif /* OPENSSL_NO_KRB5 */
1186 j=ssl_put_cipher_by_char(s,c,p);
1187 p+=j;
1188 }
1189 return(p-q);
1190 }
1191
1192STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
1193 STACK_OF(SSL_CIPHER) **skp)
1194 {
1195 SSL_CIPHER *c;
1196 STACK_OF(SSL_CIPHER) *sk;
1197 int i,n;
1198
1199 n=ssl_put_cipher_by_char(s,NULL,NULL);
1200 if ((num%n) != 0)
1201 {
1202 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1203 return(NULL);
1204 }
1205 if ((skp == NULL) || (*skp == NULL))
1206 sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
1207 else
1208 {
1209 sk= *skp;
1210 sk_SSL_CIPHER_zero(sk);
1211 }
1212
1213 for (i=0; i<num; i+=n)
1214 {
1215 c=ssl_get_cipher_by_char(s,p);
1216 p+=n;
1217 if (c != NULL)
1218 {
1219 if (!sk_SSL_CIPHER_push(sk,c))
1220 {
1221 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
1222 goto err;
1223 }
1224 }
1225 }
1226
1227 if (skp != NULL)
1228 *skp=sk;
1229 return(sk);
1230err:
1231 if ((skp == NULL) || (*skp == NULL))
1232 sk_SSL_CIPHER_free(sk);
1233 return(NULL);
1234 }
1235
1236unsigned long SSL_SESSION_hash(SSL_SESSION *a)
1237 {
1238 unsigned long l;
1239
1240 l=(unsigned long)
1241 ((unsigned int) a->session_id[0] )|
1242 ((unsigned int) a->session_id[1]<< 8L)|
1243 ((unsigned long)a->session_id[2]<<16L)|
1244 ((unsigned long)a->session_id[3]<<24L);
1245 return(l);
1246 }
1247
1248/* NB: If this function (or indeed the hash function which uses a sort of
1249 * coarser function than this one) is changed, ensure
1250 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1251 * able to construct an SSL_SESSION that will collide with any existing session
1252 * with a matching session ID. */
1253int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
1254 {
1255 if (a->ssl_version != b->ssl_version)
1256 return(1);
1257 if (a->session_id_length != b->session_id_length)
1258 return(1);
1259 return(memcmp(a->session_id,b->session_id,a->session_id_length));
1260 }
1261
1262/* These wrapper functions should remain rather than redeclaring
1263 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1264 * variable. The reason is that the functions aren't static, they're exposed via
1265 * ssl.h. */
1266static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
1267static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
1268
1269SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
1270 {
1271 SSL_CTX *ret=NULL;
1272
1273 if (meth == NULL)
1274 {
1275 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
1276 return(NULL);
1277 }
1278
1279 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
1280 {
1281 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1282 goto err;
1283 }
1284 ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
1285 if (ret == NULL)
1286 goto err;
1287
1288 memset(ret,0,sizeof(SSL_CTX));
1289
1290 ret->method=meth;
1291
1292 ret->cert_store=NULL;
1293 ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
1294 ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1295 ret->session_cache_head=NULL;
1296 ret->session_cache_tail=NULL;
1297
1298 /* We take the system default */
1299 ret->session_timeout=meth->get_timeout();
1300
1301 ret->new_session_cb=0;
1302 ret->remove_session_cb=0;
1303 ret->get_session_cb=0;
1304 ret->generate_session_id=0;
1305
1306 memset((char *)&ret->stats,0,sizeof(ret->stats));
1307
1308 ret->references=1;
1309 ret->quiet_shutdown=0;
1310
1311/* ret->cipher=NULL;*/
1312/* ret->s2->challenge=NULL;
1313 ret->master_key=NULL;
1314 ret->key_arg=NULL;
1315 ret->s2->conn_id=NULL; */
1316
1317 ret->info_callback=NULL;
1318
1319 ret->app_verify_callback=0;
1320 ret->app_verify_arg=NULL;
1321
1322 ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
1323 ret->read_ahead=0;
1324 ret->msg_callback=0;
1325 ret->msg_callback_arg=NULL;
1326 ret->verify_mode=SSL_VERIFY_NONE;
1327 ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
1328 ret->sid_ctx_length=0;
1329 ret->default_verify_callback=NULL;
1330 if ((ret->cert=ssl_cert_new()) == NULL)
1331 goto err;
1332
1333 ret->default_passwd_callback=0;
1334 ret->default_passwd_callback_userdata=NULL;
1335 ret->client_cert_cb=0;
1336
1337 ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
1338 LHASH_COMP_FN(SSL_SESSION_cmp));
1339 if (ret->sessions == NULL) goto err;
1340 ret->cert_store=X509_STORE_new();
1341 if (ret->cert_store == NULL) goto err;
1342
1343 ssl_create_cipher_list(ret->method,
1344 &ret->cipher_list,&ret->cipher_list_by_id,
1345 SSL_DEFAULT_CIPHER_LIST);
1346 if (ret->cipher_list == NULL
1347 || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
1348 {
1349 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
1350 goto err2;
1351 }
1352
1353 if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
1354 {
1355 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
1356 goto err2;
1357 }
1358 if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
1359 {
1360 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1361 goto err2;
1362 }
1363 if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
1364 {
1365 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1366 goto err2;
1367 }
1368
1369 if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
1370 goto err;
1371
1372 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1373
1374 ret->extra_certs=NULL;
1375 ret->comp_methods=SSL_COMP_get_compression_methods();
1376
1377 return(ret);
1378err:
1379 SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
1380err2:
1381 if (ret != NULL) SSL_CTX_free(ret);
1382 return(NULL);
1383 }
1384
1385#if 0
1386static void SSL_COMP_free(SSL_COMP *comp)
1387 { OPENSSL_free(comp); }
1388#endif
1389
1390void SSL_CTX_free(SSL_CTX *a)
1391 {
1392 int i;
1393
1394 if (a == NULL) return;
1395
1396 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
1397#ifdef REF_PRINT
1398 REF_PRINT("SSL_CTX",a);
1399#endif
1400 if (i > 0) return;
1401#ifdef REF_CHECK
1402 if (i < 0)
1403 {
1404 fprintf(stderr,"SSL_CTX_free, bad reference count\n");
1405 abort(); /* ok */
1406 }
1407#endif
1408 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
1409
1410 if (a->sessions != NULL)
1411 {
1412 SSL_CTX_flush_sessions(a,0);
1413 lh_free(a->sessions);
1414 }
1415 if (a->cert_store != NULL)
1416 X509_STORE_free(a->cert_store);
1417 if (a->cipher_list != NULL)
1418 sk_SSL_CIPHER_free(a->cipher_list);
1419 if (a->cipher_list_by_id != NULL)
1420 sk_SSL_CIPHER_free(a->cipher_list_by_id);
1421 if (a->cert != NULL)
1422 ssl_cert_free(a->cert);
1423 if (a->client_CA != NULL)
1424 sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
1425 if (a->extra_certs != NULL)
1426 sk_X509_pop_free(a->extra_certs,X509_free);
1427#if 0 /* This should never be done, since it removes a global database */
1428 if (a->comp_methods != NULL)
1429 sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
1430#else
1431 a->comp_methods = NULL;
1432#endif
1433 OPENSSL_free(a);
1434 }
1435
1436void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
1437 {
1438 ctx->default_passwd_callback=cb;
1439 }
1440
1441void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
1442 {
1443 ctx->default_passwd_callback_userdata=u;
1444 }
1445
1446void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
1447 {
1448 ctx->app_verify_callback=cb;
1449 ctx->app_verify_arg=arg;
1450 }
1451
1452void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
1453 {
1454 ctx->verify_mode=mode;
1455 ctx->default_verify_callback=cb;
1456 }
1457
1458void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
1459 {
1460 ctx->verify_depth=depth;
1461 }
1462
1463void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
1464 {
1465 CERT_PKEY *cpk;
1466 int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
1467 int rsa_enc_export,dh_rsa_export,dh_dsa_export;
1468 int rsa_tmp_export,dh_tmp_export,kl;
1469 unsigned long mask,emask;
1470
1471 if (c == NULL) return;
1472
1473 kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
1474
1475#ifndef OPENSSL_NO_RSA
1476 rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1477 rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
1478 (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
1479#else
1480 rsa_tmp=rsa_tmp_export=0;
1481#endif
1482#ifndef OPENSSL_NO_DH
1483 dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1484 dh_tmp_export=(c->dh_tmp_cb != NULL ||
1485 (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
1486#else
1487 dh_tmp=dh_tmp_export=0;
1488#endif
1489
1490 cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
1491 rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
1492 rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1493 cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
1494 rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1495 cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
1496 dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1497 cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
1498 dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
1499 dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1500 cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
1501/* FIX THIS EAY EAY EAY */
1502 dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
1503 dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1504
1505 mask=0;
1506 emask=0;
1507
1508#ifdef CIPHER_DEBUG
1509 printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
1510 rsa_tmp,rsa_tmp_export,dh_tmp,
1511 rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
1512#endif
1513
1514 if (rsa_enc || (rsa_tmp && rsa_sign))
1515 mask|=SSL_kRSA;
1516 if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
1517 emask|=SSL_kRSA;
1518
1519#if 0
1520 /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
1521 if ( (dh_tmp || dh_rsa || dh_dsa) &&
1522 (rsa_enc || rsa_sign || dsa_sign))
1523 mask|=SSL_kEDH;
1524 if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
1525 (rsa_enc || rsa_sign || dsa_sign))
1526 emask|=SSL_kEDH;
1527#endif
1528
1529 if (dh_tmp_export)
1530 emask|=SSL_kEDH;
1531
1532 if (dh_tmp)
1533 mask|=SSL_kEDH;
1534
1535 if (dh_rsa) mask|=SSL_kDHr;
1536 if (dh_rsa_export) emask|=SSL_kDHr;
1537
1538 if (dh_dsa) mask|=SSL_kDHd;
1539 if (dh_dsa_export) emask|=SSL_kDHd;
1540
1541 if (rsa_enc || rsa_sign)
1542 {
1543 mask|=SSL_aRSA;
1544 emask|=SSL_aRSA;
1545 }
1546
1547 if (dsa_sign)
1548 {
1549 mask|=SSL_aDSS;
1550 emask|=SSL_aDSS;
1551 }
1552
1553 mask|=SSL_aNULL;
1554 emask|=SSL_aNULL;
1555
1556#ifndef OPENSSL_NO_KRB5
1557 mask|=SSL_kKRB5|SSL_aKRB5;
1558 emask|=SSL_kKRB5|SSL_aKRB5;
1559#endif
1560
1561 c->mask=mask;
1562 c->export_mask=emask;
1563 c->valid=1;
1564 }
1565
1566/* THIS NEEDS CLEANING UP */
1567X509 *ssl_get_server_send_cert(SSL *s)
1568 {
1569 unsigned long alg,mask,kalg;
1570 CERT *c;
1571 int i,is_export;
1572
1573 c=s->cert;
1574 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
1575 alg=s->s3->tmp.new_cipher->algorithms;
1576 is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
1577 mask=is_export?c->export_mask:c->mask;
1578 kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1579
1580 if (kalg & SSL_kDHr)
1581 i=SSL_PKEY_DH_RSA;
1582 else if (kalg & SSL_kDHd)
1583 i=SSL_PKEY_DH_DSA;
1584 else if (kalg & SSL_aDSS)
1585 i=SSL_PKEY_DSA_SIGN;
1586 else if (kalg & SSL_aRSA)
1587 {
1588 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
1589 i=SSL_PKEY_RSA_SIGN;
1590 else
1591 i=SSL_PKEY_RSA_ENC;
1592 }
1593 else if (kalg & SSL_aKRB5)
1594 {
1595 /* VRS something else here? */
1596 return(NULL);
1597 }
1598 else /* if (kalg & SSL_aNULL) */
1599 {
1600 SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
1601 return(NULL);
1602 }
1603 if (c->pkeys[i].x509 == NULL) return(NULL);
1604 return(c->pkeys[i].x509);
1605 }
1606
1607EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
1608 {
1609 unsigned long alg;
1610 CERT *c;
1611
1612 alg=cipher->algorithms;
1613 c=s->cert;
1614
1615 if ((alg & SSL_aDSS) &&
1616 (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
1617 return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
1618 else if (alg & SSL_aRSA)
1619 {
1620 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
1621 return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
1622 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
1623 return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
1624 else
1625 return(NULL);
1626 }
1627 else /* if (alg & SSL_aNULL) */
1628 {
1629 SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
1630 return(NULL);
1631 }
1632 }
1633
1634void ssl_update_cache(SSL *s,int mode)
1635 {
1636 int i;
1637
1638 /* If the session_id_length is 0, we are not supposed to cache it,
1639 * and it would be rather hard to do anyway :-) */
1640 if (s->session->session_id_length == 0) return;
1641
1642 i=s->ctx->session_cache_mode;
1643 if ((i & mode) && (!s->hit)
1644 && ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)
1645 || SSL_CTX_add_session(s->ctx,s->session))
1646 && (s->ctx->new_session_cb != NULL))
1647 {
1648 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
1649 if (!s->ctx->new_session_cb(s,s->session))
1650 SSL_SESSION_free(s->session);
1651 }
1652
1653 /* auto flush every 255 connections */
1654 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
1655 ((i & mode) == mode))
1656 {
1657 if ( (((mode & SSL_SESS_CACHE_CLIENT)
1658 ?s->ctx->stats.sess_connect_good
1659 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
1660 {
1661 SSL_CTX_flush_sessions(s->ctx,time(NULL));
1662 }
1663 }
1664 }
1665
1666SSL_METHOD *SSL_get_ssl_method(SSL *s)
1667 {
1668 return(s->method);
1669 }
1670
1671int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
1672 {
1673 int conn= -1;
1674 int ret=1;
1675
1676 if (s->method != meth)
1677 {
1678 if (s->handshake_func != NULL)
1679 conn=(s->handshake_func == s->method->ssl_connect);
1680
1681 if (s->method->version == meth->version)
1682 s->method=meth;
1683 else
1684 {
1685 s->method->ssl_free(s);
1686 s->method=meth;
1687 ret=s->method->ssl_new(s);
1688 }
1689
1690 if (conn == 1)
1691 s->handshake_func=meth->ssl_connect;
1692 else if (conn == 0)
1693 s->handshake_func=meth->ssl_accept;
1694 }
1695 return(ret);
1696 }
1697
1698int SSL_get_error(SSL *s,int i)
1699 {
1700 int reason;
1701 unsigned long l;
1702 BIO *bio;
1703
1704 if (i > 0) return(SSL_ERROR_NONE);
1705
1706 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
1707 * etc, where we do encode the error */
1708 if ((l=ERR_peek_error()) != 0)
1709 {
1710 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
1711 return(SSL_ERROR_SYSCALL);
1712 else
1713 return(SSL_ERROR_SSL);
1714 }
1715
1716 if ((i < 0) && SSL_want_read(s))
1717 {
1718 bio=SSL_get_rbio(s);
1719 if (BIO_should_read(bio))
1720 return(SSL_ERROR_WANT_READ);
1721 else if (BIO_should_write(bio))
1722 /* This one doesn't make too much sense ... We never try
1723 * to write to the rbio, and an application program where
1724 * rbio and wbio are separate couldn't even know what it
1725 * should wait for.
1726 * However if we ever set s->rwstate incorrectly
1727 * (so that we have SSL_want_read(s) instead of
1728 * SSL_want_write(s)) and rbio and wbio *are* the same,
1729 * this test works around that bug; so it might be safer
1730 * to keep it. */
1731 return(SSL_ERROR_WANT_WRITE);
1732 else if (BIO_should_io_special(bio))
1733 {
1734 reason=BIO_get_retry_reason(bio);
1735 if (reason == BIO_RR_CONNECT)
1736 return(SSL_ERROR_WANT_CONNECT);
1737 else if (reason == BIO_RR_ACCEPT)
1738 return(SSL_ERROR_WANT_ACCEPT);
1739 else
1740 return(SSL_ERROR_SYSCALL); /* unknown */
1741 }
1742 }
1743
1744 if ((i < 0) && SSL_want_write(s))
1745 {
1746 bio=SSL_get_wbio(s);
1747 if (BIO_should_write(bio))
1748 return(SSL_ERROR_WANT_WRITE);
1749 else if (BIO_should_read(bio))
1750 /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
1751 return(SSL_ERROR_WANT_READ);
1752 else if (BIO_should_io_special(bio))
1753 {
1754 reason=BIO_get_retry_reason(bio);
1755 if (reason == BIO_RR_CONNECT)
1756 return(SSL_ERROR_WANT_CONNECT);
1757 else if (reason == BIO_RR_ACCEPT)
1758 return(SSL_ERROR_WANT_ACCEPT);
1759 else
1760 return(SSL_ERROR_SYSCALL);
1761 }
1762 }
1763 if ((i < 0) && SSL_want_x509_lookup(s))
1764 {
1765 return(SSL_ERROR_WANT_X509_LOOKUP);
1766 }
1767
1768 if (i == 0)
1769 {
1770 if (s->version == SSL2_VERSION)
1771 {
1772 /* assume it is the socket being closed */
1773 return(SSL_ERROR_ZERO_RETURN);
1774 }
1775 else
1776 {
1777 if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
1778 (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
1779 return(SSL_ERROR_ZERO_RETURN);
1780 }
1781 }
1782 return(SSL_ERROR_SYSCALL);
1783 }
1784
1785int SSL_do_handshake(SSL *s)
1786 {
1787 int ret=1;
1788
1789 if (s->handshake_func == NULL)
1790 {
1791 SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
1792 return(-1);
1793 }
1794
1795 s->method->ssl_renegotiate_check(s);
1796
1797 if (SSL_in_init(s) || SSL_in_before(s))
1798 {
1799 ret=s->handshake_func(s);
1800 }
1801 return(ret);
1802 }
1803
1804/* For the next 2 functions, SSL_clear() sets shutdown and so
1805 * one of these calls will reset it */
1806void SSL_set_accept_state(SSL *s)
1807 {
1808 s->server=1;
1809 s->shutdown=0;
1810 s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
1811 s->handshake_func=s->method->ssl_accept;
1812 /* clear the current cipher */
1813 ssl_clear_cipher_ctx(s);
1814 }
1815
1816void SSL_set_connect_state(SSL *s)
1817 {
1818 s->server=0;
1819 s->shutdown=0;
1820 s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
1821 s->handshake_func=s->method->ssl_connect;
1822 /* clear the current cipher */
1823 ssl_clear_cipher_ctx(s);
1824 }
1825
1826int ssl_undefined_function(SSL *s)
1827 {
1828 SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1829 return(0);
1830 }
1831
1832SSL_METHOD *ssl_bad_method(int ver)
1833 {
1834 SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1835 return(NULL);
1836 }
1837
1838const char *SSL_get_version(SSL *s)
1839 {
1840 if (s->version == TLS1_VERSION)
1841 return("TLSv1");
1842 else if (s->version == SSL3_VERSION)
1843 return("SSLv3");
1844 else if (s->version == SSL2_VERSION)
1845 return("SSLv2");
1846 else
1847 return("unknown");
1848 }
1849
1850SSL *SSL_dup(SSL *s)
1851 {
1852 STACK_OF(X509_NAME) *sk;
1853 X509_NAME *xn;
1854 SSL *ret;
1855 int i;
1856
1857 if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
1858 return(NULL);
1859
1860 ret->version = s->version;
1861 ret->type = s->type;
1862 ret->method = s->method;
1863
1864 if (s->session != NULL)
1865 {
1866 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
1867 SSL_copy_session_id(ret,s);
1868 }
1869 else
1870 {
1871 /* No session has been established yet, so we have to expect
1872 * that s->cert or ret->cert will be changed later --
1873 * they should not both point to the same object,
1874 * and thus we can't use SSL_copy_session_id. */
1875
1876 ret->method = s->method;
1877 ret->method->ssl_new(ret);
1878
1879 if (s->cert != NULL)
1880 {
1881 if (ret->cert != NULL)
1882 {
1883 ssl_cert_free(ret->cert);
1884 }
1885 ret->cert = ssl_cert_dup(s->cert);
1886 if (ret->cert == NULL)
1887 goto err;
1888 }
1889
1890 SSL_set_session_id_context(ret,
1891 s->sid_ctx, s->sid_ctx_length);
1892 }
1893
1894 ret->options=s->options;
1895 ret->mode=s->mode;
1896 SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
1897 SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
1898 ret->msg_callback = s->msg_callback;
1899 ret->msg_callback_arg = s->msg_callback_arg;
1900 SSL_set_verify(ret,SSL_get_verify_mode(s),
1901 SSL_get_verify_callback(s));
1902 SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
1903 ret->generate_session_id = s->generate_session_id;
1904
1905 SSL_set_info_callback(ret,SSL_get_info_callback(s));
1906
1907 ret->debug=s->debug;
1908
1909 /* copy app data, a little dangerous perhaps */
1910 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
1911 goto err;
1912
1913 /* setup rbio, and wbio */
1914 if (s->rbio != NULL)
1915 {
1916 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
1917 goto err;
1918 }
1919 if (s->wbio != NULL)
1920 {
1921 if (s->wbio != s->rbio)
1922 {
1923 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
1924 goto err;
1925 }
1926 else
1927 ret->wbio=ret->rbio;
1928 }
1929 ret->rwstate = s->rwstate;
1930 ret->in_handshake = s->in_handshake;
1931 ret->handshake_func = s->handshake_func;
1932 ret->server = s->server;
1933 ret->new_session = s->new_session;
1934 ret->quiet_shutdown = s->quiet_shutdown;
1935 ret->shutdown=s->shutdown;
1936 ret->state=s->state; /* SSL_dup does not really work at any state, though */
1937 ret->rstate=s->rstate;
1938 ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
1939 ret->hit=s->hit;
1940 ret->purpose=s->purpose;
1941 ret->trust=s->trust;
1942
1943 /* dup the cipher_list and cipher_list_by_id stacks */
1944 if (s->cipher_list != NULL)
1945 {
1946 if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
1947 goto err;
1948 }
1949 if (s->cipher_list_by_id != NULL)
1950 if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
1951 == NULL)
1952 goto err;
1953
1954 /* Dup the client_CA list */
1955 if (s->client_CA != NULL)
1956 {
1957 if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
1958 ret->client_CA=sk;
1959 for (i=0; i<sk_X509_NAME_num(sk); i++)
1960 {
1961 xn=sk_X509_NAME_value(sk,i);
1962 if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
1963 {
1964 X509_NAME_free(xn);
1965 goto err;
1966 }
1967 }
1968 }
1969
1970 if (0)
1971 {
1972err:
1973 if (ret != NULL) SSL_free(ret);
1974 ret=NULL;
1975 }
1976 return(ret);
1977 }
1978
1979void ssl_clear_cipher_ctx(SSL *s)
1980 {
1981 if (s->enc_read_ctx != NULL)
1982 {
1983 EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
1984 OPENSSL_free(s->enc_read_ctx);
1985 s->enc_read_ctx=NULL;
1986 }
1987 if (s->enc_write_ctx != NULL)
1988 {
1989 EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
1990 OPENSSL_free(s->enc_write_ctx);
1991 s->enc_write_ctx=NULL;
1992 }
1993 if (s->expand != NULL)
1994 {
1995 COMP_CTX_free(s->expand);
1996 s->expand=NULL;
1997 }
1998 if (s->compress != NULL)
1999 {
2000 COMP_CTX_free(s->compress);
2001 s->compress=NULL;
2002 }
2003 }
2004
2005/* Fix this function so that it takes an optional type parameter */
2006X509 *SSL_get_certificate(SSL *s)
2007 {
2008 if (s->cert != NULL)
2009 return(s->cert->key->x509);
2010 else
2011 return(NULL);
2012 }
2013
2014/* Fix this function so that it takes an optional type parameter */
2015EVP_PKEY *SSL_get_privatekey(SSL *s)
2016 {
2017 if (s->cert != NULL)
2018 return(s->cert->key->privatekey);
2019 else
2020 return(NULL);
2021 }
2022
2023SSL_CIPHER *SSL_get_current_cipher(SSL *s)
2024 {
2025 if ((s->session != NULL) && (s->session->cipher != NULL))
2026 return(s->session->cipher);
2027 return(NULL);
2028 }
2029
2030int ssl_init_wbio_buffer(SSL *s,int push)
2031 {
2032 BIO *bbio;
2033
2034 if (s->bbio == NULL)
2035 {
2036 bbio=BIO_new(BIO_f_buffer());
2037 if (bbio == NULL) return(0);
2038 s->bbio=bbio;
2039 }
2040 else
2041 {
2042 bbio=s->bbio;
2043 if (s->bbio == s->wbio)
2044 s->wbio=BIO_pop(s->wbio);
2045 }
2046 (void)BIO_reset(bbio);
2047/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2048 if (!BIO_set_read_buffer_size(bbio,1))
2049 {
2050 SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
2051 return(0);
2052 }
2053 if (push)
2054 {
2055 if (s->wbio != bbio)
2056 s->wbio=BIO_push(bbio,s->wbio);
2057 }
2058 else
2059 {
2060 if (s->wbio == bbio)
2061 s->wbio=BIO_pop(bbio);
2062 }
2063 return(1);
2064 }
2065
2066void ssl_free_wbio_buffer(SSL *s)
2067 {
2068 if (s->bbio == NULL) return;
2069
2070 if (s->bbio == s->wbio)
2071 {
2072 /* remove buffering */
2073 s->wbio=BIO_pop(s->wbio);
2074#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
2075 assert(s->wbio != NULL);
2076#endif
2077 }
2078 BIO_free(s->bbio);
2079 s->bbio=NULL;
2080 }
2081
2082void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
2083 {
2084 ctx->quiet_shutdown=mode;
2085 }
2086
2087int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
2088 {
2089 return(ctx->quiet_shutdown);
2090 }
2091
2092void SSL_set_quiet_shutdown(SSL *s,int mode)
2093 {
2094 s->quiet_shutdown=mode;
2095 }
2096
2097int SSL_get_quiet_shutdown(SSL *s)
2098 {
2099 return(s->quiet_shutdown);
2100 }
2101
2102void SSL_set_shutdown(SSL *s,int mode)
2103 {
2104 s->shutdown=mode;
2105 }
2106
2107int SSL_get_shutdown(SSL *s)
2108 {
2109 return(s->shutdown);
2110 }
2111
2112int SSL_version(SSL *s)
2113 {
2114 return(s->version);
2115 }
2116
2117SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
2118 {
2119 return(ssl->ctx);
2120 }
2121
2122#ifndef OPENSSL_NO_STDIO
2123int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2124 {
2125 return(X509_STORE_set_default_paths(ctx->cert_store));
2126 }
2127
2128int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2129 const char *CApath)
2130 {
2131 return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
2132 }
2133#endif
2134
2135void SSL_set_info_callback(SSL *ssl,
2136 void (*cb)(const SSL *ssl,int type,int val))
2137 {
2138 ssl->info_callback=cb;
2139 }
2140
2141void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
2142 {
2143 return ssl->info_callback;
2144 }
2145
2146int SSL_state(SSL *ssl)
2147 {
2148 return(ssl->state);
2149 }
2150
2151void SSL_set_verify_result(SSL *ssl,long arg)
2152 {
2153 ssl->verify_result=arg;
2154 }
2155
2156long SSL_get_verify_result(SSL *ssl)
2157 {
2158 return(ssl->verify_result);
2159 }
2160
2161int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
2162 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
2163 {
2164 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2165 new_func, dup_func, free_func);
2166 }
2167
2168int SSL_set_ex_data(SSL *s,int idx,void *arg)
2169 {
2170 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
2171 }
2172
2173void *SSL_get_ex_data(SSL *s,int idx)
2174 {
2175 return(CRYPTO_get_ex_data(&s->ex_data,idx));
2176 }
2177
2178int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
2179 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
2180 {
2181 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2182 new_func, dup_func, free_func);
2183 }
2184
2185int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
2186 {
2187 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
2188 }
2189
2190void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
2191 {
2192 return(CRYPTO_get_ex_data(&s->ex_data,idx));
2193 }
2194
2195int ssl_ok(SSL *s)
2196 {
2197 return(1);
2198 }
2199
2200X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
2201 {
2202 return(ctx->cert_store);
2203 }
2204
2205void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
2206 {
2207 if (ctx->cert_store != NULL)
2208 X509_STORE_free(ctx->cert_store);
2209 ctx->cert_store=store;
2210 }
2211
2212int SSL_want(SSL *s)
2213 {
2214 return(s->rwstate);
2215 }
2216
2217/*!
2218 * \brief Set the callback for generating temporary RSA keys.
2219 * \param ctx the SSL context.
2220 * \param cb the callback
2221 */
2222
2223#ifndef OPENSSL_NO_RSA
2224void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
2225 int is_export,
2226 int keylength))
2227 {
2228 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
2229 }
2230
2231void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
2232 int is_export,
2233 int keylength))
2234 {
2235 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
2236 }
2237#endif
2238
2239#ifdef DOXYGEN
2240/*!
2241 * \brief The RSA temporary key callback function.
2242 * \param ssl the SSL session.
2243 * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
2244 * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
2245 * of the required key in bits.
2246 * \return the temporary RSA key.
2247 * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
2248 */
2249
2250RSA *cb(SSL *ssl,int is_export,int keylength)
2251 {}
2252#endif
2253
2254/*!
2255 * \brief Set the callback for generating temporary DH keys.
2256 * \param ctx the SSL context.
2257 * \param dh the callback
2258 */
2259
2260#ifndef OPENSSL_NO_DH
2261void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
2262 int keylength))
2263 {
2264 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
2265 }
2266
2267void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
2268 int keylength))
2269 {
2270 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
2271 }
2272#endif
2273
2274
2275void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
2276 {
2277 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
2278 }
2279void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
2280 {
2281 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
2282 }
2283
2284
2285
2286#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
2287#include "../crypto/bio/bss_file.c"
2288#endif
2289
2290IMPLEMENT_STACK_OF(SSL_CIPHER)
2291IMPLEMENT_STACK_OF(SSL_COMP)
2292
2293void OpenSSLDie(const char *file,int line,const char *assertion)
2294 {
2295 fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",
2296 file,line,assertion);
2297 abort();
2298 }
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
new file mode 100644
index 0000000000..0029edc3a6
--- /dev/null
+++ b/src/lib/libssl/ssl_locl.h
@@ -0,0 +1,622 @@
1/* ssl/ssl_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_SSL_LOCL_H
113#define HEADER_SSL_LOCL_H
114#include <stdlib.h>
115#include <time.h>
116#include <string.h>
117#include <errno.h>
118
119#include <e_os.h>
120
121#include <openssl/buffer.h>
122#include <openssl/comp.h>
123#include <openssl/bio.h>
124#include <openssl/crypto.h>
125#include <openssl/evp.h>
126#include <openssl/stack.h>
127#include <openssl/x509.h>
128#include <openssl/err.h>
129#include <openssl/ssl.h>
130#include <openssl/symhacks.h>
131
132#ifdef OPENSSL_BUILD_SHLIBSSL
133# undef OPENSSL_EXTERN
134# define OPENSSL_EXTERN OPENSSL_EXPORT
135#endif
136
137#define PKCS1_CHECK
138
139#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
140 l|=(((unsigned long)(*((c)++)))<< 8), \
141 l|=(((unsigned long)(*((c)++)))<<16), \
142 l|=(((unsigned long)(*((c)++)))<<24))
143
144/* NOTE - c is not incremented as per c2l */
145#define c2ln(c,l1,l2,n) { \
146 c+=n; \
147 l1=l2=0; \
148 switch (n) { \
149 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
150 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
151 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
152 case 5: l2|=((unsigned long)(*(--(c)))); \
153 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
154 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
155 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
156 case 1: l1|=((unsigned long)(*(--(c)))); \
157 } \
158 }
159
160#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
161 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
162 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
163 *((c)++)=(unsigned char)(((l)>>24)&0xff))
164
165#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
166 l|=((unsigned long)(*((c)++)))<<16, \
167 l|=((unsigned long)(*((c)++)))<< 8, \
168 l|=((unsigned long)(*((c)++))))
169
170#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
171 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
172 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
173 *((c)++)=(unsigned char)(((l) )&0xff))
174
175/* NOTE - c is not incremented as per l2c */
176#define l2cn(l1,l2,c,n) { \
177 c+=n; \
178 switch (n) { \
179 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
180 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
181 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
182 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
183 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
184 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
185 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
186 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
187 } \
188 }
189
190#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
191 (((unsigned int)(c[1])) )),c+=2)
192#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
193 c[1]=(unsigned char)(((s) )&0xff)),c+=2)
194
195#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
196 (((unsigned long)(c[1]))<< 8)| \
197 (((unsigned long)(c[2])) )),c+=3)
198
199#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
200 c[1]=(unsigned char)(((l)>> 8)&0xff), \
201 c[2]=(unsigned char)(((l) )&0xff)),c+=3)
202
203/* LOCAL STUFF */
204
205#define SSL_DECRYPT 0
206#define SSL_ENCRYPT 1
207
208#define TWO_BYTE_BIT 0x80
209#define SEC_ESC_BIT 0x40
210#define TWO_BYTE_MASK 0x7fff
211#define THREE_BYTE_MASK 0x3fff
212
213#define INC32(a) ((a)=((a)+1)&0xffffffffL)
214#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
215#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
216
217/*
218 * Define the Bitmasks for SSL_CIPHER.algorithms.
219 * This bits are used packed as dense as possible. If new methods/ciphers
220 * etc will be added, the bits a likely to change, so this information
221 * is for internal library use only, even though SSL_CIPHER.algorithms
222 * can be publicly accessed.
223 * Use the according functions for cipher management instead.
224 *
225 * The bit mask handling in the selection and sorting scheme in
226 * ssl_create_cipher_list() has only limited capabilities, reflecting
227 * that the different entities within are mutually exclusive:
228 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
229 */
230#define SSL_MKEY_MASK 0x0000003FL
231#define SSL_kRSA 0x00000001L /* RSA key exchange */
232#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
233#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
234#define SSL_kFZA 0x00000008L
235#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
236#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */
237#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
238
239#define SSL_AUTH_MASK 0x00000FC0L
240#define SSL_aRSA 0x00000040L /* Authenticate with RSA */
241#define SSL_aDSS 0x00000080L /* Authenticate with DSS */
242#define SSL_DSS SSL_aDSS
243#define SSL_aFZA 0x00000100L
244#define SSL_aNULL 0x00000200L /* no Authenticate, ADH */
245#define SSL_aDH 0x00000400L /* no Authenticate, ADH */
246#define SSL_aKRB5 0x00000800L /* Authenticate with KRB5 */
247
248#define SSL_NULL (SSL_eNULL)
249#define SSL_ADH (SSL_kEDH|SSL_aNULL)
250#define SSL_RSA (SSL_kRSA|SSL_aRSA)
251#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
252#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
253#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
254
255#define SSL_ENC_MASK 0x0087F000L
256#define SSL_DES 0x00001000L
257#define SSL_3DES 0x00002000L
258#define SSL_RC4 0x00004000L
259#define SSL_RC2 0x00008000L
260#define SSL_IDEA 0x00010000L
261#define SSL_eFZA 0x00020000L
262#define SSL_eNULL 0x00040000L
263#define SSL_AES 0x00800000L
264
265#define SSL_MAC_MASK 0x00180000L
266#define SSL_MD5 0x00080000L
267#define SSL_SHA1 0x00100000L
268#define SSL_SHA (SSL_SHA1)
269
270#define SSL_SSL_MASK 0x00600000L
271#define SSL_SSLV2 0x00200000L
272#define SSL_SSLV3 0x00400000L
273#define SSL_TLSV1 SSL_SSLV3 /* for now */
274
275/* we have used 007fffff - 9 bits left to go */
276
277/*
278 * Export and cipher strength information. For each cipher we have to decide
279 * whether it is exportable or not. This information is likely to change
280 * over time, since the export control rules are no static technical issue.
281 *
282 * Independent of the export flag the cipher strength is sorted into classes.
283 * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
284 * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
285 * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
286 * since SSL_EXP64 could be similar to SSL_LOW.
287 * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
288 * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
289 * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
290 * be possible.
291 */
292#define SSL_EXP_MASK 0x00000003L
293#define SSL_NOT_EXP 0x00000001L
294#define SSL_EXPORT 0x00000002L
295
296#define SSL_STRONG_MASK 0x0000007cL
297#define SSL_EXP40 0x00000004L
298#define SSL_MICRO (SSL_EXP40)
299#define SSL_EXP56 0x00000008L
300#define SSL_MINI (SSL_EXP56)
301#define SSL_LOW 0x00000010L
302#define SSL_MEDIUM 0x00000020L
303#define SSL_HIGH 0x00000040L
304
305/* we have used 0000007f - 25 bits left to go */
306
307/*
308 * Macros to check the export status and cipher strength for export ciphers.
309 * Even though the macros for EXPORT and EXPORT40/56 have similar names,
310 * their meaning is different:
311 * *_EXPORT macros check the 'exportable' status.
312 * *_EXPORT40/56 macros are used to check whether a certain cipher strength
313 * is given.
314 * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
315 * algorithm structure element to be passed (algorithms, algo_strength) and no
316 * typechecking can be done as they are all of type unsigned long, their
317 * direct usage is discouraged.
318 * Use the SSL_C_* macros instead.
319 */
320#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
321#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
322#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
323#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
324#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
325#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
326
327#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
328 ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
329#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
330#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
331 (c)->algo_strength)
332#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
333
334
335#define SSL_ALL 0xffffffffL
336#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
337 SSL_MAC_MASK)
338#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
339
340/* Mostly for SSLv3 */
341#define SSL_PKEY_RSA_ENC 0
342#define SSL_PKEY_RSA_SIGN 1
343#define SSL_PKEY_DSA_SIGN 2
344#define SSL_PKEY_DH_RSA 3
345#define SSL_PKEY_DH_DSA 4
346#define SSL_PKEY_NUM 5
347
348/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
349 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
350 * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
351 * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
352 * SSL_aRSA <- RSA_ENC | RSA_SIGN
353 * SSL_aDSS <- DSA_SIGN
354 */
355
356/*
357#define CERT_INVALID 0
358#define CERT_PUBLIC_KEY 1
359#define CERT_PRIVATE_KEY 2
360*/
361
362typedef struct cert_pkey_st
363 {
364 X509 *x509;
365 EVP_PKEY *privatekey;
366 } CERT_PKEY;
367
368typedef struct cert_st
369 {
370 /* Current active set */
371 CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
372 * Probably it would make more sense to store
373 * an index, not a pointer. */
374
375 /* The following masks are for the key and auth
376 * algorithms that are supported by the certs below */
377 int valid;
378 unsigned long mask;
379 unsigned long export_mask;
380#ifndef OPENSSL_NO_RSA
381 RSA *rsa_tmp;
382 RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
383#endif
384#ifndef OPENSSL_NO_DH
385 DH *dh_tmp;
386 DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
387#endif
388
389 CERT_PKEY pkeys[SSL_PKEY_NUM];
390
391 int references; /* >1 only if SSL_copy_session_id is used */
392 } CERT;
393
394
395typedef struct sess_cert_st
396 {
397 STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
398
399 /* The 'peer_...' members are used only by clients. */
400 int peer_cert_type;
401
402 CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
403 CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
404 /* Obviously we don't have the private keys of these,
405 * so maybe we shouldn't even use the CERT_PKEY type here. */
406
407#ifndef OPENSSL_NO_RSA
408 RSA *peer_rsa_tmp; /* not used for SSL 2 */
409#endif
410#ifndef OPENSSL_NO_DH
411 DH *peer_dh_tmp; /* not used for SSL 2 */
412#endif
413
414 int references; /* actually always 1 at the moment */
415 } SESS_CERT;
416
417
418/*#define MAC_DEBUG */
419
420/*#define ERR_DEBUG */
421/*#define ABORT_DEBUG */
422/*#define PKT_DEBUG 1 */
423/*#define DES_DEBUG */
424/*#define DES_OFB_DEBUG */
425/*#define SSL_DEBUG */
426/*#define RSA_DEBUG */
427/*#define IDEA_DEBUG */
428
429#define FP_ICC (int (*)(const void *,const void *))
430#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
431 ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
432#define ssl_get_cipher_by_char(ssl,ptr) \
433 ((ssl)->method->get_cipher_by_char(ptr))
434
435/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
436 * It is a bit of a mess of functions, but hell, think of it as
437 * an opaque structure :-) */
438typedef struct ssl3_enc_method
439 {
440 int (*enc)(SSL *, int);
441 int (*mac)(SSL *, unsigned char *, int);
442 int (*setup_key_block)(SSL *);
443 int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
444 int (*change_cipher_state)(SSL *, int);
445 int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
446 int finish_mac_length;
447 int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
448 const char *client_finished_label;
449 int client_finished_label_len;
450 const char *server_finished_label;
451 int server_finished_label_len;
452 int (*alert_value)(int);
453 } SSL3_ENC_METHOD;
454
455/* Used for holding the relevant compression methods loaded into SSL_CTX */
456typedef struct ssl3_comp_st
457 {
458 int comp_id; /* The identifier byte for this compression type */
459 char *name; /* Text name used for the compression type */
460 COMP_METHOD *method; /* The method :-) */
461 } SSL3_COMP;
462
463OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
464OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
465OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
466
467#ifdef OPENSSL_SYS_VMS
468#undef SSL_COMP_get_compression_methods
469#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
470#endif
471
472
473SSL_METHOD *ssl_bad_method(int ver);
474SSL_METHOD *sslv2_base_method(void);
475SSL_METHOD *sslv23_base_method(void);
476SSL_METHOD *sslv3_base_method(void);
477
478void ssl_clear_cipher_ctx(SSL *s);
479int ssl_clear_bad_session(SSL *s);
480CERT *ssl_cert_new(void);
481CERT *ssl_cert_dup(CERT *cert);
482int ssl_cert_inst(CERT **o);
483void ssl_cert_free(CERT *c);
484SESS_CERT *ssl_sess_cert_new(void);
485void ssl_sess_cert_free(SESS_CERT *sc);
486int ssl_set_peer_cert_type(SESS_CERT *c, int type);
487int ssl_get_new_session(SSL *s, int session);
488int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
489int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
490int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
491 const SSL_CIPHER * const *bp);
492STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
493 STACK_OF(SSL_CIPHER) **skp);
494int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
495STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
496 STACK_OF(SSL_CIPHER) **pref,
497 STACK_OF(SSL_CIPHER) **sorted,
498 const char *rule_str);
499void ssl_update_cache(SSL *s, int mode);
500int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
501 SSL_COMP **comp);
502int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
503int ssl_undefined_function(SSL *s);
504X509 *ssl_get_server_send_cert(SSL *);
505EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
506int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
507void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
508STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
509int ssl_verify_alarm_type(long type);
510
511int ssl2_enc_init(SSL *s, int client);
512void ssl2_generate_key_material(SSL *s);
513void ssl2_enc(SSL *s,int send_data);
514void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
515SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
516int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
517int ssl2_part_read(SSL *s, unsigned long f, int i);
518int ssl2_do_write(SSL *s);
519int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
520void ssl2_return_error(SSL *s,int reason);
521void ssl2_write_error(SSL *s);
522int ssl2_num_ciphers(void);
523SSL_CIPHER *ssl2_get_cipher(unsigned int u);
524int ssl2_new(SSL *s);
525void ssl2_free(SSL *s);
526int ssl2_accept(SSL *s);
527int ssl2_connect(SSL *s);
528int ssl2_read(SSL *s, void *buf, int len);
529int ssl2_peek(SSL *s, void *buf, int len);
530int ssl2_write(SSL *s, const void *buf, int len);
531int ssl2_shutdown(SSL *s);
532void ssl2_clear(SSL *s);
533long ssl2_ctrl(SSL *s,int cmd, long larg, void *parg);
534long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
535long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
536long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
537int ssl2_pending(SSL *s);
538
539SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
540int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
541void ssl3_init_finished_mac(SSL *s);
542int ssl3_send_server_certificate(SSL *s);
543int ssl3_get_finished(SSL *s,int state_a,int state_b);
544int ssl3_setup_key_block(SSL *s);
545int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
546int ssl3_change_cipher_state(SSL *s,int which);
547void ssl3_cleanup_key_block(SSL *s);
548int ssl3_do_write(SSL *s,int type);
549void ssl3_send_alert(SSL *s,int level, int desc);
550int ssl3_generate_master_secret(SSL *s, unsigned char *out,
551 unsigned char *p, int len);
552int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
553long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
554int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
555int ssl3_num_ciphers(void);
556SSL_CIPHER *ssl3_get_cipher(unsigned int u);
557int ssl3_renegotiate(SSL *ssl);
558int ssl3_renegotiate_check(SSL *ssl);
559int ssl3_dispatch_alert(SSL *s);
560int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
561int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
562int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
563 const char *sender, int slen,unsigned char *p);
564int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
565void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
566int ssl3_enc(SSL *s, int send_data);
567int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
568unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
569SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt,
570 STACK_OF(SSL_CIPHER) *srvr);
571int ssl3_setup_buffers(SSL *s);
572int ssl3_new(SSL *s);
573void ssl3_free(SSL *s);
574int ssl3_accept(SSL *s);
575int ssl3_connect(SSL *s);
576int ssl3_read(SSL *s, void *buf, int len);
577int ssl3_peek(SSL *s, void *buf, int len);
578int ssl3_write(SSL *s, const void *buf, int len);
579int ssl3_shutdown(SSL *s);
580void ssl3_clear(SSL *s);
581long ssl3_ctrl(SSL *s,int cmd, long larg, void *parg);
582long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
583long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
584long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
585int ssl3_pending(SSL *s);
586
587int ssl23_accept(SSL *s);
588int ssl23_connect(SSL *s);
589int ssl23_read_bytes(SSL *s, int n);
590int ssl23_write_bytes(SSL *s);
591
592int tls1_new(SSL *s);
593void tls1_free(SSL *s);
594void tls1_clear(SSL *s);
595long tls1_ctrl(SSL *s,int cmd, long larg, void *parg);
596long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
597SSL_METHOD *tlsv1_base_method(void );
598
599int ssl_init_wbio_buffer(SSL *s, int push);
600void ssl_free_wbio_buffer(SSL *s);
601
602int tls1_change_cipher_state(SSL *s, int which);
603int tls1_setup_key_block(SSL *s);
604int tls1_enc(SSL *s, int snd);
605int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
606 const char *str, int slen, unsigned char *p);
607int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
608int tls1_mac(SSL *ssl, unsigned char *md, int snd);
609int tls1_generate_master_secret(SSL *s, unsigned char *out,
610 unsigned char *p, int len);
611int tls1_alert_code(int code);
612int ssl3_alert_code(int code);
613int ssl_ok(SSL *s);
614
615SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
616STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
617
618/* die if we have to */
619void OpenSSLDie(const char *file,int line,const char *assertion);
620#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
621
622#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
new file mode 100644
index 0000000000..1cf8e20934
--- /dev/null
+++ b/src/lib/libssl/ssl_rsa.c
@@ -0,0 +1,815 @@
1/* ssl/ssl_rsa.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bio.h>
61#include <openssl/objects.h>
62#include <openssl/evp.h>
63#include <openssl/x509.h>
64#include <openssl/pem.h>
65#include "ssl_locl.h"
66
67static int ssl_set_cert(CERT *c, X509 *x509);
68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
69int SSL_use_certificate(SSL *ssl, X509 *x)
70 {
71 if (x == NULL)
72 {
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
74 return(0);
75 }
76 if (!ssl_cert_inst(&ssl->cert))
77 {
78 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
79 return(0);
80 }
81 return(ssl_set_cert(ssl->cert,x));
82 }
83
84#ifndef OPENSSL_NO_STDIO
85int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
86 {
87 int j;
88 BIO *in;
89 int ret=0;
90 X509 *x=NULL;
91
92 in=BIO_new(BIO_s_file_internal());
93 if (in == NULL)
94 {
95 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
96 goto end;
97 }
98
99 if (BIO_read_filename(in,file) <= 0)
100 {
101 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
102 goto end;
103 }
104 if (type == SSL_FILETYPE_ASN1)
105 {
106 j=ERR_R_ASN1_LIB;
107 x=d2i_X509_bio(in,NULL);
108 }
109 else if (type == SSL_FILETYPE_PEM)
110 {
111 j=ERR_R_PEM_LIB;
112 x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
113 }
114 else
115 {
116 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
117 goto end;
118 }
119
120 if (x == NULL)
121 {
122 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
123 goto end;
124 }
125
126 ret=SSL_use_certificate(ssl,x);
127end:
128 if (x != NULL) X509_free(x);
129 if (in != NULL) BIO_free(in);
130 return(ret);
131 }
132#endif
133
134int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
135 {
136 X509 *x;
137 int ret;
138
139 x=d2i_X509(NULL,&d,(long)len);
140 if (x == NULL)
141 {
142 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
143 return(0);
144 }
145
146 ret=SSL_use_certificate(ssl,x);
147 X509_free(x);
148 return(ret);
149 }
150
151#ifndef OPENSSL_NO_RSA
152int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
153 {
154 EVP_PKEY *pkey;
155 int ret;
156
157 if (rsa == NULL)
158 {
159 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
160 return(0);
161 }
162 if (!ssl_cert_inst(&ssl->cert))
163 {
164 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
165 return(0);
166 }
167 if ((pkey=EVP_PKEY_new()) == NULL)
168 {
169 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
170 return(0);
171 }
172
173 RSA_up_ref(rsa);
174 EVP_PKEY_assign_RSA(pkey,rsa);
175
176 ret=ssl_set_pkey(ssl->cert,pkey);
177 EVP_PKEY_free(pkey);
178 return(ret);
179 }
180#endif
181
182static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
183 {
184 int i,ok=0,bad=0;
185
186 i=ssl_cert_type(NULL,pkey);
187 if (i < 0)
188 {
189 SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
190 return(0);
191 }
192
193 if (c->pkeys[i].x509 != NULL)
194 {
195 EVP_PKEY *pktmp;
196 pktmp = X509_get_pubkey(c->pkeys[i].x509);
197 EVP_PKEY_copy_parameters(pktmp,pkey);
198 EVP_PKEY_free(pktmp);
199 ERR_clear_error();
200
201#ifndef OPENSSL_NO_RSA
202 /* Don't check the public/private key, this is mostly
203 * for smart cards. */
204 if ((pkey->type == EVP_PKEY_RSA) &&
205 (RSA_flags(pkey->pkey.rsa) &
206 RSA_METHOD_FLAG_NO_CHECK))
207 ok=1;
208 else
209#endif
210 if (!X509_check_private_key(c->pkeys[i].x509,pkey))
211 {
212 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
213 {
214 i=(i == SSL_PKEY_DH_RSA)?
215 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
216
217 if (c->pkeys[i].x509 == NULL)
218 ok=1;
219 else
220 {
221 if (!X509_check_private_key(
222 c->pkeys[i].x509,pkey))
223 bad=1;
224 else
225 ok=1;
226 }
227 }
228 else
229 bad=1;
230 }
231 else
232 ok=1;
233 }
234 else
235 ok=1;
236
237 if (bad)
238 {
239 X509_free(c->pkeys[i].x509);
240 c->pkeys[i].x509=NULL;
241 return(0);
242 }
243
244 if (c->pkeys[i].privatekey != NULL)
245 EVP_PKEY_free(c->pkeys[i].privatekey);
246 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
247 c->pkeys[i].privatekey=pkey;
248 c->key= &(c->pkeys[i]);
249
250 c->valid=0;
251 return(1);
252 }
253
254#ifndef OPENSSL_NO_RSA
255#ifndef OPENSSL_NO_STDIO
256int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
257 {
258 int j,ret=0;
259 BIO *in;
260 RSA *rsa=NULL;
261
262 in=BIO_new(BIO_s_file_internal());
263 if (in == NULL)
264 {
265 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
266 goto end;
267 }
268
269 if (BIO_read_filename(in,file) <= 0)
270 {
271 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
272 goto end;
273 }
274 if (type == SSL_FILETYPE_ASN1)
275 {
276 j=ERR_R_ASN1_LIB;
277 rsa=d2i_RSAPrivateKey_bio(in,NULL);
278 }
279 else if (type == SSL_FILETYPE_PEM)
280 {
281 j=ERR_R_PEM_LIB;
282 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
283 ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
284 }
285 else
286 {
287 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
288 goto end;
289 }
290 if (rsa == NULL)
291 {
292 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
293 goto end;
294 }
295 ret=SSL_use_RSAPrivateKey(ssl,rsa);
296 RSA_free(rsa);
297end:
298 if (in != NULL) BIO_free(in);
299 return(ret);
300 }
301#endif
302
303int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
304 {
305 int ret;
306 const unsigned char *p;
307 RSA *rsa;
308
309 p=d;
310 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
311 {
312 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
313 return(0);
314 }
315
316 ret=SSL_use_RSAPrivateKey(ssl,rsa);
317 RSA_free(rsa);
318 return(ret);
319 }
320#endif /* !OPENSSL_NO_RSA */
321
322int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
323 {
324 int ret;
325
326 if (pkey == NULL)
327 {
328 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
329 return(0);
330 }
331 if (!ssl_cert_inst(&ssl->cert))
332 {
333 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
334 return(0);
335 }
336 ret=ssl_set_pkey(ssl->cert,pkey);
337 return(ret);
338 }
339
340#ifndef OPENSSL_NO_STDIO
341int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
342 {
343 int j,ret=0;
344 BIO *in;
345 EVP_PKEY *pkey=NULL;
346
347 in=BIO_new(BIO_s_file_internal());
348 if (in == NULL)
349 {
350 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
351 goto end;
352 }
353
354 if (BIO_read_filename(in,file) <= 0)
355 {
356 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
357 goto end;
358 }
359 if (type == SSL_FILETYPE_PEM)
360 {
361 j=ERR_R_PEM_LIB;
362 pkey=PEM_read_bio_PrivateKey(in,NULL,
363 ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
364 }
365 else
366 {
367 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
368 goto end;
369 }
370 if (pkey == NULL)
371 {
372 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
373 goto end;
374 }
375 ret=SSL_use_PrivateKey(ssl,pkey);
376 EVP_PKEY_free(pkey);
377end:
378 if (in != NULL) BIO_free(in);
379 return(ret);
380 }
381#endif
382
383int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len)
384 {
385 int ret;
386 unsigned char *p;
387 EVP_PKEY *pkey;
388
389 p=d;
390 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
391 {
392 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
393 return(0);
394 }
395
396 ret=SSL_use_PrivateKey(ssl,pkey);
397 EVP_PKEY_free(pkey);
398 return(ret);
399 }
400
401int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
402 {
403 if (x == NULL)
404 {
405 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
406 return(0);
407 }
408 if (!ssl_cert_inst(&ctx->cert))
409 {
410 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
411 return(0);
412 }
413 return(ssl_set_cert(ctx->cert, x));
414 }
415
416static int ssl_set_cert(CERT *c, X509 *x)
417 {
418 EVP_PKEY *pkey;
419 int i,ok=0,bad=0;
420
421 pkey=X509_get_pubkey(x);
422 if (pkey == NULL)
423 {
424 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
425 return(0);
426 }
427
428 i=ssl_cert_type(x,pkey);
429 if (i < 0)
430 {
431 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
432 EVP_PKEY_free(pkey);
433 return(0);
434 }
435
436 if (c->pkeys[i].privatekey != NULL)
437 {
438 EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
439 ERR_clear_error();
440
441#ifndef OPENSSL_NO_RSA
442 /* Don't check the public/private key, this is mostly
443 * for smart cards. */
444 if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
445 (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
446 RSA_METHOD_FLAG_NO_CHECK))
447 ok=1;
448 else
449#endif
450 {
451 if (!X509_check_private_key(x,c->pkeys[i].privatekey))
452 {
453 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
454 {
455 i=(i == SSL_PKEY_DH_RSA)?
456 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
457
458 if (c->pkeys[i].privatekey == NULL)
459 ok=1;
460 else
461 {
462 if (!X509_check_private_key(x,
463 c->pkeys[i].privatekey))
464 bad=1;
465 else
466 ok=1;
467 }
468 }
469 else
470 bad=1;
471 }
472 else
473 ok=1;
474 } /* OPENSSL_NO_RSA */
475 }
476 else
477 ok=1;
478
479 EVP_PKEY_free(pkey);
480 if (bad)
481 {
482 EVP_PKEY_free(c->pkeys[i].privatekey);
483 c->pkeys[i].privatekey=NULL;
484 }
485
486 if (c->pkeys[i].x509 != NULL)
487 X509_free(c->pkeys[i].x509);
488 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
489 c->pkeys[i].x509=x;
490 c->key= &(c->pkeys[i]);
491
492 c->valid=0;
493 return(1);
494 }
495
496#ifndef OPENSSL_NO_STDIO
497int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
498 {
499 int j;
500 BIO *in;
501 int ret=0;
502 X509 *x=NULL;
503
504 in=BIO_new(BIO_s_file_internal());
505 if (in == NULL)
506 {
507 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
508 goto end;
509 }
510
511 if (BIO_read_filename(in,file) <= 0)
512 {
513 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
514 goto end;
515 }
516 if (type == SSL_FILETYPE_ASN1)
517 {
518 j=ERR_R_ASN1_LIB;
519 x=d2i_X509_bio(in,NULL);
520 }
521 else if (type == SSL_FILETYPE_PEM)
522 {
523 j=ERR_R_PEM_LIB;
524 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
525 }
526 else
527 {
528 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
529 goto end;
530 }
531
532 if (x == NULL)
533 {
534 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
535 goto end;
536 }
537
538 ret=SSL_CTX_use_certificate(ctx,x);
539end:
540 if (x != NULL) X509_free(x);
541 if (in != NULL) BIO_free(in);
542 return(ret);
543 }
544#endif
545
546int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
547 {
548 X509 *x;
549 int ret;
550
551 x=d2i_X509(NULL,&d,(long)len);
552 if (x == NULL)
553 {
554 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
555 return(0);
556 }
557
558 ret=SSL_CTX_use_certificate(ctx,x);
559 X509_free(x);
560 return(ret);
561 }
562
563#ifndef OPENSSL_NO_RSA
564int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
565 {
566 int ret;
567 EVP_PKEY *pkey;
568
569 if (rsa == NULL)
570 {
571 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
572 return(0);
573 }
574 if (!ssl_cert_inst(&ctx->cert))
575 {
576 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
577 return(0);
578 }
579 if ((pkey=EVP_PKEY_new()) == NULL)
580 {
581 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
582 return(0);
583 }
584
585 RSA_up_ref(rsa);
586 EVP_PKEY_assign_RSA(pkey,rsa);
587
588 ret=ssl_set_pkey(ctx->cert, pkey);
589 EVP_PKEY_free(pkey);
590 return(ret);
591 }
592
593#ifndef OPENSSL_NO_STDIO
594int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
595 {
596 int j,ret=0;
597 BIO *in;
598 RSA *rsa=NULL;
599
600 in=BIO_new(BIO_s_file_internal());
601 if (in == NULL)
602 {
603 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
604 goto end;
605 }
606
607 if (BIO_read_filename(in,file) <= 0)
608 {
609 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
610 goto end;
611 }
612 if (type == SSL_FILETYPE_ASN1)
613 {
614 j=ERR_R_ASN1_LIB;
615 rsa=d2i_RSAPrivateKey_bio(in,NULL);
616 }
617 else if (type == SSL_FILETYPE_PEM)
618 {
619 j=ERR_R_PEM_LIB;
620 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
621 ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
622 }
623 else
624 {
625 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
626 goto end;
627 }
628 if (rsa == NULL)
629 {
630 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
631 goto end;
632 }
633 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
634 RSA_free(rsa);
635end:
636 if (in != NULL) BIO_free(in);
637 return(ret);
638 }
639#endif
640
641int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
642 {
643 int ret;
644 const unsigned char *p;
645 RSA *rsa;
646
647 p=d;
648 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
649 {
650 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
651 return(0);
652 }
653
654 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
655 RSA_free(rsa);
656 return(ret);
657 }
658#endif /* !OPENSSL_NO_RSA */
659
660int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
661 {
662 if (pkey == NULL)
663 {
664 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
665 return(0);
666 }
667 if (!ssl_cert_inst(&ctx->cert))
668 {
669 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
670 return(0);
671 }
672 return(ssl_set_pkey(ctx->cert,pkey));
673 }
674
675#ifndef OPENSSL_NO_STDIO
676int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
677 {
678 int j,ret=0;
679 BIO *in;
680 EVP_PKEY *pkey=NULL;
681
682 in=BIO_new(BIO_s_file_internal());
683 if (in == NULL)
684 {
685 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
686 goto end;
687 }
688
689 if (BIO_read_filename(in,file) <= 0)
690 {
691 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
692 goto end;
693 }
694 if (type == SSL_FILETYPE_PEM)
695 {
696 j=ERR_R_PEM_LIB;
697 pkey=PEM_read_bio_PrivateKey(in,NULL,
698 ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
699 }
700 else
701 {
702 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
703 goto end;
704 }
705 if (pkey == NULL)
706 {
707 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
708 goto end;
709 }
710 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
711 EVP_PKEY_free(pkey);
712end:
713 if (in != NULL) BIO_free(in);
714 return(ret);
715 }
716#endif
717
718int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
719 long len)
720 {
721 int ret;
722 unsigned char *p;
723 EVP_PKEY *pkey;
724
725 p=d;
726 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
727 {
728 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
729 return(0);
730 }
731
732 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
733 EVP_PKEY_free(pkey);
734 return(ret);
735 }
736
737
738#ifndef OPENSSL_NO_STDIO
739/* Read a file that contains our certificate in "PEM" format,
740 * possibly followed by a sequence of CA certificates that should be
741 * sent to the peer in the Certificate message.
742 */
743int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
744 {
745 BIO *in;
746 int ret=0;
747 X509 *x=NULL;
748
749 in=BIO_new(BIO_s_file_internal());
750 if (in == NULL)
751 {
752 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
753 goto end;
754 }
755
756 if (BIO_read_filename(in,file) <= 0)
757 {
758 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB);
759 goto end;
760 }
761
762 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
763 if (x == NULL)
764 {
765 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
766 goto end;
767 }
768
769 ret=SSL_CTX_use_certificate(ctx,x);
770 if (ERR_peek_error() != 0)
771 ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
772 if (ret)
773 {
774 /* If we could set up our certificate, now proceed to
775 * the CA certificates.
776 */
777 X509 *ca;
778 int r;
779 unsigned long err;
780
781 if (ctx->extra_certs != NULL)
782 {
783 sk_X509_pop_free(ctx->extra_certs, X509_free);
784 ctx->extra_certs = NULL;
785 }
786
787 while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
788 != NULL)
789 {
790 r = SSL_CTX_add_extra_chain_cert(ctx, ca);
791 if (!r)
792 {
793 X509_free(ca);
794 ret = 0;
795 goto end;
796 }
797 /* Note that we must not free r if it was successfully
798 * added to the chain (while we must free the main
799 * certificate, since its reference count is increased
800 * by SSL_CTX_use_certificate). */
801 }
802 /* When the while loop ends, it's usually just EOF. */
803 err = ERR_peek_last_error();
804 if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
805 (void)ERR_get_error();
806 else
807 ret = 0; /* some real error */
808 }
809
810end:
811 if (x != NULL) X509_free(x);
812 if (in != NULL) BIO_free(in);
813 return(ret);
814 }
815#endif
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
new file mode 100644
index 0000000000..a0c3100b29
--- /dev/null
+++ b/src/lib/libssl/ssl_sess.c
@@ -0,0 +1,746 @@
1/* ssl/ssl_sess.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/lhash.h>
61#include <openssl/rand.h>
62#include "ssl_locl.h"
63
64static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
65static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
66static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
67
68SSL_SESSION *SSL_get_session(SSL *ssl)
69/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
70 {
71 return(ssl->session);
72 }
73
74SSL_SESSION *SSL_get1_session(SSL *ssl)
75/* variant of SSL_get_session: caller really gets something */
76 {
77 SSL_SESSION *sess;
78 /* Need to lock this all up rather than just use CRYPTO_add so that
79 * somebody doesn't free ssl->session between when we check it's
80 * non-null and when we up the reference count. */
81 CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION);
82 sess = ssl->session;
83 if(sess)
84 sess->references++;
85 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION);
86 return(sess);
87 }
88
89int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
90 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
91 {
92 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
93 new_func, dup_func, free_func);
94 }
95
96int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
97 {
98 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
99 }
100
101void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx)
102 {
103 return(CRYPTO_get_ex_data(&s->ex_data,idx));
104 }
105
106SSL_SESSION *SSL_SESSION_new(void)
107 {
108 SSL_SESSION *ss;
109
110 ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
111 if (ss == NULL)
112 {
113 SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
114 return(0);
115 }
116 memset(ss,0,sizeof(SSL_SESSION));
117
118 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
119 ss->references=1;
120 ss->timeout=60*5+4; /* 5 minute timeout by default */
121 ss->time=time(NULL);
122 ss->prev=NULL;
123 ss->next=NULL;
124 ss->compress_meth=0;
125 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
126 return(ss);
127 }
128
129/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
130 * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
131 * until we have no conflict is going to complete in one iteration pretty much
132 * "most" of the time (btw: understatement). So, if it takes us 10 iterations
133 * and we still can't avoid a conflict - well that's a reasonable point to call
134 * it quits. Either the RAND code is broken or someone is trying to open roughly
135 * very close to 2^128 (or 2^256) SSL sessions to our server. How you might
136 * store that many sessions is perhaps a more interesting question ... */
137
138#define MAX_SESS_ID_ATTEMPTS 10
139static int def_generate_session_id(const SSL *ssl, unsigned char *id,
140 unsigned int *id_len)
141{
142 unsigned int retry = 0;
143 do
144 RAND_pseudo_bytes(id, *id_len);
145 while(SSL_has_matching_session_id(ssl, id, *id_len) &&
146 (++retry < MAX_SESS_ID_ATTEMPTS));
147 if(retry < MAX_SESS_ID_ATTEMPTS)
148 return 1;
149 /* else - woops a session_id match */
150 /* XXX We should also check the external cache --
151 * but the probability of a collision is negligible, and
152 * we could not prevent the concurrent creation of sessions
153 * with identical IDs since we currently don't have means
154 * to atomically check whether a session ID already exists
155 * and make a reservation for it if it does not
156 * (this problem applies to the internal cache as well).
157 */
158 return 0;
159}
160
161int ssl_get_new_session(SSL *s, int session)
162 {
163 /* This gets used by clients and servers. */
164
165 unsigned int tmp;
166 SSL_SESSION *ss=NULL;
167 GEN_SESSION_CB cb = def_generate_session_id;
168
169 if ((ss=SSL_SESSION_new()) == NULL) return(0);
170
171 /* If the context has a default timeout, use it */
172 if (s->ctx->session_timeout == 0)
173 ss->timeout=SSL_get_default_timeout(s);
174 else
175 ss->timeout=s->ctx->session_timeout;
176
177 if (s->session != NULL)
178 {
179 SSL_SESSION_free(s->session);
180 s->session=NULL;
181 }
182
183 if (session)
184 {
185 if (s->version == SSL2_VERSION)
186 {
187 ss->ssl_version=SSL2_VERSION;
188 ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
189 }
190 else if (s->version == SSL3_VERSION)
191 {
192 ss->ssl_version=SSL3_VERSION;
193 ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
194 }
195 else if (s->version == TLS1_VERSION)
196 {
197 ss->ssl_version=TLS1_VERSION;
198 ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
199 }
200 else
201 {
202 SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
203 SSL_SESSION_free(ss);
204 return(0);
205 }
206 /* Choose which callback will set the session ID */
207 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
208 if(s->generate_session_id)
209 cb = s->generate_session_id;
210 else if(s->ctx->generate_session_id)
211 cb = s->ctx->generate_session_id;
212 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
213 /* Choose a session ID */
214 tmp = ss->session_id_length;
215 if(!cb(s, ss->session_id, &tmp))
216 {
217 /* The callback failed */
218 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
219 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
220 SSL_SESSION_free(ss);
221 return(0);
222 }
223 /* Don't allow the callback to set the session length to zero.
224 * nor set it higher than it was. */
225 if(!tmp || (tmp > ss->session_id_length))
226 {
227 /* The callback set an illegal length */
228 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
229 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
230 SSL_SESSION_free(ss);
231 return(0);
232 }
233 /* If the session length was shrunk and we're SSLv2, pad it */
234 if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
235 memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
236 else
237 ss->session_id_length = tmp;
238 /* Finally, check for a conflict */
239 if(SSL_has_matching_session_id(s, ss->session_id,
240 ss->session_id_length))
241 {
242 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
243 SSL_R_SSL_SESSION_ID_CONFLICT);
244 SSL_SESSION_free(ss);
245 return(0);
246 }
247 }
248 else
249 {
250 ss->session_id_length=0;
251 }
252
253 die(s->sid_ctx_length <= sizeof ss->sid_ctx);
254 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
255 ss->sid_ctx_length=s->sid_ctx_length;
256 s->session=ss;
257 ss->ssl_version=s->version;
258 ss->verify_result = X509_V_OK;
259
260 return(1);
261 }
262
263int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
264 {
265 /* This is used only by servers. */
266
267 SSL_SESSION *ret=NULL,data;
268 int fatal = 0;
269
270 data.ssl_version=s->version;
271 data.session_id_length=len;
272 if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
273 goto err;
274 memcpy(data.session_id,session_id,len);
275
276 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
277 {
278 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
279 ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
280 if (ret != NULL)
281 /* don't allow other threads to steal it: */
282 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
283 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
284 }
285
286 if (ret == NULL)
287 {
288 int copy=1;
289
290 s->ctx->stats.sess_miss++;
291 ret=NULL;
292 if (s->ctx->get_session_cb != NULL
293 && (ret=s->ctx->get_session_cb(s,session_id,len,&copy))
294 != NULL)
295 {
296 s->ctx->stats.sess_cb_hit++;
297
298 /* Increment reference count now if the session callback
299 * asks us to do so (note that if the session structures
300 * returned by the callback are shared between threads,
301 * it must handle the reference count itself [i.e. copy == 0],
302 * or things won't be thread-safe). */
303 if (copy)
304 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
305
306 /* The following should not return 1, otherwise,
307 * things are very strange */
308 SSL_CTX_add_session(s->ctx,ret);
309 }
310 if (ret == NULL)
311 goto err;
312 }
313
314 /* Now ret is non-NULL, and we own one of its reference counts. */
315
316 if((s->verify_mode&SSL_VERIFY_PEER)
317 && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
318 || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
319 {
320 /* We've found the session named by the client, but we don't
321 * want to use it in this context. */
322
323 if (s->sid_ctx_length == 0)
324 {
325 /* application should have used SSL[_CTX]_set_session_id_context
326 * -- we could tolerate this and just pretend we never heard
327 * of this session, but then applications could effectively
328 * disable the session cache by accident without anyone noticing */
329
330 SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
331 fatal = 1;
332 goto err;
333 }
334 else
335 {
336#if 0 /* The client cannot always know when a session is not appropriate,
337 * so we shouldn't generate an error message. */
338
339 SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
340#endif
341 goto err; /* treat like cache miss */
342 }
343 }
344
345 if (ret->cipher == NULL)
346 {
347 unsigned char buf[5],*p;
348 unsigned long l;
349
350 p=buf;
351 l=ret->cipher_id;
352 l2n(l,p);
353 if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
354 ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
355 else
356 ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
357 if (ret->cipher == NULL)
358 goto err;
359 }
360
361
362#if 0 /* This is way too late. */
363
364 /* If a thread got the session, then 'swaped', and another got
365 * it and then due to a time-out decided to 'OPENSSL_free' it we could
366 * be in trouble. So I'll increment it now, then double decrement
367 * later - am I speaking rubbish?. */
368 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
369#endif
370
371 if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
372 {
373 s->ctx->stats.sess_timeout++;
374 /* remove it from the cache */
375 SSL_CTX_remove_session(s->ctx,ret);
376 goto err;
377 }
378
379 s->ctx->stats.sess_hit++;
380
381 /* ret->time=time(NULL); */ /* rezero timeout? */
382 /* again, just leave the session
383 * if it is the same session, we have just incremented and
384 * then decremented the reference count :-) */
385 if (s->session != NULL)
386 SSL_SESSION_free(s->session);
387 s->session=ret;
388 s->verify_result = s->session->verify_result;
389 return(1);
390
391 err:
392 if (ret != NULL)
393 SSL_SESSION_free(ret);
394 if (fatal)
395 return -1;
396 else
397 return 0;
398 }
399
400int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
401 {
402 int ret=0;
403 SSL_SESSION *s;
404
405 /* add just 1 reference count for the SSL_CTX's session cache
406 * even though it has two ways of access: each session is in a
407 * doubly linked list and an lhash */
408 CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
409 /* if session c is in already in cache, we take back the increment later */
410
411 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
412 s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
413
414 /* s != NULL iff we already had a session with the given PID.
415 * In this case, s == c should hold (then we did not really modify
416 * ctx->sessions), or we're in trouble. */
417 if (s != NULL && s != c)
418 {
419 /* We *are* in trouble ... */
420 SSL_SESSION_list_remove(ctx,s);
421 SSL_SESSION_free(s);
422 /* ... so pretend the other session did not exist in cache
423 * (we cannot handle two SSL_SESSION structures with identical
424 * session ID in the same cache, which could happen e.g. when
425 * two threads concurrently obtain the same session from an external
426 * cache) */
427 s = NULL;
428 }
429
430 /* Put at the head of the queue unless it is already in the cache */
431 if (s == NULL)
432 SSL_SESSION_list_add(ctx,c);
433
434 if (s != NULL)
435 {
436 /* existing cache entry -- decrement previously incremented reference
437 * count because it already takes into account the cache */
438
439 SSL_SESSION_free(s); /* s == c */
440 ret=0;
441 }
442 else
443 {
444 /* new cache entry -- remove old ones if cache has become too large */
445
446 ret=1;
447
448 if (SSL_CTX_sess_get_cache_size(ctx) > 0)
449 {
450 while (SSL_CTX_sess_number(ctx) >
451 SSL_CTX_sess_get_cache_size(ctx))
452 {
453 if (!remove_session_lock(ctx,
454 ctx->session_cache_tail, 0))
455 break;
456 else
457 ctx->stats.sess_cache_full++;
458 }
459 }
460 }
461 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
462 return(ret);
463 }
464
465int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
466{
467 return remove_session_lock(ctx, c, 1);
468}
469
470static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
471 {
472 SSL_SESSION *r;
473 int ret=0;
474
475 if ((c != NULL) && (c->session_id_length != 0))
476 {
477 if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
478 if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
479 {
480 ret=1;
481 r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
482 SSL_SESSION_list_remove(ctx,c);
483 }
484
485 if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
486
487 if (ret)
488 {
489 r->not_resumable=1;
490 if (ctx->remove_session_cb != NULL)
491 ctx->remove_session_cb(ctx,r);
492 SSL_SESSION_free(r);
493 }
494 }
495 else
496 ret=0;
497 return(ret);
498 }
499
500void SSL_SESSION_free(SSL_SESSION *ss)
501 {
502 int i;
503
504 if(ss == NULL)
505 return;
506
507 i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
508#ifdef REF_PRINT
509 REF_PRINT("SSL_SESSION",ss);
510#endif
511 if (i > 0) return;
512#ifdef REF_CHECK
513 if (i < 0)
514 {
515 fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
516 abort(); /* ok */
517 }
518#endif
519
520 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
521
522 memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
523 memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
524 memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
525 if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
526 if (ss->peer != NULL) X509_free(ss->peer);
527 if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
528 memset(ss,0,sizeof(*ss));
529 OPENSSL_free(ss);
530 }
531
532int SSL_set_session(SSL *s, SSL_SESSION *session)
533 {
534 int ret=0;
535 SSL_METHOD *meth;
536
537 if (session != NULL)
538 {
539 meth=s->ctx->method->get_ssl_method(session->ssl_version);
540 if (meth == NULL)
541 meth=s->method->get_ssl_method(session->ssl_version);
542 if (meth == NULL)
543 {
544 SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
545 return(0);
546 }
547
548 if (meth != s->method)
549 {
550 if (!SSL_set_ssl_method(s,meth))
551 return(0);
552 if (s->ctx->session_timeout == 0)
553 session->timeout=SSL_get_default_timeout(s);
554 else
555 session->timeout=s->ctx->session_timeout;
556 }
557
558#ifndef OPENSSL_NO_KRB5
559 if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
560 session->krb5_client_princ_len > 0)
561 {
562 s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1);
563 memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
564 session->krb5_client_princ_len);
565 s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
566 }
567#endif /* OPENSSL_NO_KRB5 */
568
569 /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
570 CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
571 if (s->session != NULL)
572 SSL_SESSION_free(s->session);
573 s->session=session;
574 s->verify_result = s->session->verify_result;
575 /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
576 ret=1;
577 }
578 else
579 {
580 if (s->session != NULL)
581 {
582 SSL_SESSION_free(s->session);
583 s->session=NULL;
584 }
585
586 meth=s->ctx->method;
587 if (meth != s->method)
588 {
589 if (!SSL_set_ssl_method(s,meth))
590 return(0);
591 }
592 ret=1;
593 }
594 return(ret);
595 }
596
597long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
598 {
599 if (s == NULL) return(0);
600 s->timeout=t;
601 return(1);
602 }
603
604long SSL_SESSION_get_timeout(SSL_SESSION *s)
605 {
606 if (s == NULL) return(0);
607 return(s->timeout);
608 }
609
610long SSL_SESSION_get_time(SSL_SESSION *s)
611 {
612 if (s == NULL) return(0);
613 return(s->time);
614 }
615
616long SSL_SESSION_set_time(SSL_SESSION *s, long t)
617 {
618 if (s == NULL) return(0);
619 s->time=t;
620 return(t);
621 }
622
623long SSL_CTX_set_timeout(SSL_CTX *s, long t)
624 {
625 long l;
626 if (s == NULL) return(0);
627 l=s->session_timeout;
628 s->session_timeout=t;
629 return(l);
630 }
631
632long SSL_CTX_get_timeout(SSL_CTX *s)
633 {
634 if (s == NULL) return(0);
635 return(s->session_timeout);
636 }
637
638typedef struct timeout_param_st
639 {
640 SSL_CTX *ctx;
641 long time;
642 LHASH *cache;
643 } TIMEOUT_PARAM;
644
645static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
646 {
647 if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
648 {
649 /* The reason we don't call SSL_CTX_remove_session() is to
650 * save on locking overhead */
651 lh_delete(p->cache,s);
652 SSL_SESSION_list_remove(p->ctx,s);
653 s->not_resumable=1;
654 if (p->ctx->remove_session_cb != NULL)
655 p->ctx->remove_session_cb(p->ctx,s);
656 SSL_SESSION_free(s);
657 }
658 }
659
660static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
661
662void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
663 {
664 unsigned long i;
665 TIMEOUT_PARAM tp;
666
667 tp.ctx=s;
668 tp.cache=s->sessions;
669 if (tp.cache == NULL) return;
670 tp.time=t;
671 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
672 i=tp.cache->down_load;
673 tp.cache->down_load=0;
674 lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
675 tp.cache->down_load=i;
676 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
677 }
678
679int ssl_clear_bad_session(SSL *s)
680 {
681 if ( (s->session != NULL) &&
682 !(s->shutdown & SSL_SENT_SHUTDOWN) &&
683 !(SSL_in_init(s) || SSL_in_before(s)))
684 {
685 SSL_CTX_remove_session(s->ctx,s->session);
686 return(1);
687 }
688 else
689 return(0);
690 }
691
692/* locked by SSL_CTX in the calling function */
693static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
694 {
695 if ((s->next == NULL) || (s->prev == NULL)) return;
696
697 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
698 { /* last element in list */
699 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
700 { /* only one element in list */
701 ctx->session_cache_head=NULL;
702 ctx->session_cache_tail=NULL;
703 }
704 else
705 {
706 ctx->session_cache_tail=s->prev;
707 s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
708 }
709 }
710 else
711 {
712 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
713 { /* first element in list */
714 ctx->session_cache_head=s->next;
715 s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
716 }
717 else
718 { /* middle of list */
719 s->next->prev=s->prev;
720 s->prev->next=s->next;
721 }
722 }
723 s->prev=s->next=NULL;
724 }
725
726static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
727 {
728 if ((s->next != NULL) && (s->prev != NULL))
729 SSL_SESSION_list_remove(ctx,s);
730
731 if (ctx->session_cache_head == NULL)
732 {
733 ctx->session_cache_head=s;
734 ctx->session_cache_tail=s;
735 s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
736 s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
737 }
738 else
739 {
740 s->next=ctx->session_cache_head;
741 s->next->prev=s;
742 s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
743 ctx->session_cache_head=s;
744 }
745 }
746
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
new file mode 100644
index 0000000000..b16d253081
--- /dev/null
+++ b/src/lib/libssl/ssl_stat.c
@@ -0,0 +1,502 @@
1/* ssl/ssl_stat.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61
62const char *SSL_state_string_long(const SSL *s)
63 {
64 const char *str;
65
66 switch (s->state)
67 {
68case SSL_ST_BEFORE: str="before SSL initialization"; break;
69case SSL_ST_ACCEPT: str="before accept initialization"; break;
70case SSL_ST_CONNECT: str="before connect initialization"; break;
71case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
72case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break;
73case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
74case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
75case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
76case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
77#ifndef OPENSSL_NO_SSL2
78case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
79case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
80case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
81case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
82case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
83case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
84case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
85case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
86case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
87case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
88case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
89case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
90case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
91case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
92case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
93case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
94case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
95case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
96case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
97case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
98case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
99case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
100case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
101case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
102case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
103case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
104case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
105case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
106case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
107case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
108case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
109case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
110case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
111case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
112case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
113case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
114case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
115case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
116#endif
117
118#ifndef OPENSSL_NO_SSL3
119/* SSLv3 additions */
120case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
121case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
122case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break;
123case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break;
124case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break;
125case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break;
126case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break;
127case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break;
128case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break;
129case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break;
130case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break;
131case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break;
132case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break;
133case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break;
134case SSL3_ST_CW_CERT_C: str="SSLv3 write client certificate C"; break;
135case SSL3_ST_CW_CERT_D: str="SSLv3 write client certificate D"; break;
136case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break;
137case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break;
138case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break;
139case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify B"; break;
140
141case SSL3_ST_CW_CHANGE_A:
142case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break;
143case SSL3_ST_CW_CHANGE_B:
144case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break;
145case SSL3_ST_CW_FINISHED_A:
146case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break;
147case SSL3_ST_CW_FINISHED_B:
148case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished B"; break;
149case SSL3_ST_CR_CHANGE_A:
150case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break;
151case SSL3_ST_CR_CHANGE_B:
152case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break;
153case SSL3_ST_CR_FINISHED_A:
154case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break;
155case SSL3_ST_CR_FINISHED_B:
156case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break;
157
158case SSL3_ST_CW_FLUSH:
159case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break;
160
161case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break;
162case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break;
163case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break;
164case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break;
165case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break;
166case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break;
167case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break;
168case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break;
169case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break;
170case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break;
171case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break;
172case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break;
173case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break;
174case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break;
175case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break;
176case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break;
177case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break;
178case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break;
179case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
180case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
181case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
182case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
183#endif
184
185#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
186/* SSLv2/v3 compatibility states */
187/* client */
188case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
189case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
190case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break;
191case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
192/* server */
193case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
194case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
195#endif
196
197default: str="unknown state"; break;
198 }
199 return(str);
200 }
201
202const char *SSL_rstate_string_long(const SSL *s)
203 {
204 const char *str;
205
206 switch (s->rstate)
207 {
208 case SSL_ST_READ_HEADER: str="read header"; break;
209 case SSL_ST_READ_BODY: str="read body"; break;
210 case SSL_ST_READ_DONE: str="read done"; break;
211 default: str="unknown"; break;
212 }
213 return(str);
214 }
215
216const char *SSL_state_string(const SSL *s)
217 {
218 const char *str;
219
220 switch (s->state)
221 {
222case SSL_ST_BEFORE: str="PINIT "; break;
223case SSL_ST_ACCEPT: str="AINIT "; break;
224case SSL_ST_CONNECT: str="CINIT "; break;
225case SSL_ST_OK: str="SSLOK "; break;
226#ifndef OPENSSL_NO_SSL2
227case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
228case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
229case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
230case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break;
231case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break;
232case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break;
233case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break;
234case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break;
235case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break;
236case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break;
237case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break;
238case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break;
239case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break;
240case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break;
241case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break;
242case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break;
243case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break;
244case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break;
245case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break;
246case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break;
247case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break;
248case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break;
249case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break;
250case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break;
251case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break;
252case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break;
253case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break;
254case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break;
255case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break;
256case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break;
257case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break;
258case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break;
259case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break;
260case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break;
261case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break;
262case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break;
263case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
264case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
265#endif
266
267#ifndef OPENSSL_NO_SSL3
268/* SSLv3 additions */
269case SSL3_ST_SW_FLUSH:
270case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
271case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break;
272case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break;
273case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break;
274case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break;
275case SSL3_ST_CR_CERT_A: str="3RSC_A"; break;
276case SSL3_ST_CR_CERT_B: str="3RSC_B"; break;
277case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break;
278case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break;
279case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break;
280case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break;
281case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break;
282case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break;
283case SSL3_ST_CW_CERT_A: str="3WCC_A"; break;
284case SSL3_ST_CW_CERT_B: str="3WCC_B"; break;
285case SSL3_ST_CW_CERT_C: str="3WCC_C"; break;
286case SSL3_ST_CW_CERT_D: str="3WCC_D"; break;
287case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break;
288case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break;
289case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break;
290case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break;
291
292case SSL3_ST_SW_CHANGE_A:
293case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break;
294case SSL3_ST_SW_CHANGE_B:
295case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break;
296case SSL3_ST_SW_FINISHED_A:
297case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break;
298case SSL3_ST_SW_FINISHED_B:
299case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break;
300case SSL3_ST_SR_CHANGE_A:
301case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break;
302case SSL3_ST_SR_CHANGE_B:
303case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break;
304case SSL3_ST_SR_FINISHED_A:
305case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break;
306case SSL3_ST_SR_FINISHED_B:
307case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break;
308
309case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break;
310case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break;
311case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
312case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
313case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
314case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
315case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
316case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
317case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;
318case SSL3_ST_SW_CERT_B: str="3WSC_B"; break;
319case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break;
320case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break;
321case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break;
322case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break;
323case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break;
324case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break;
325case SSL3_ST_SR_CERT_A: str="3RCC_A"; break;
326case SSL3_ST_SR_CERT_B: str="3RCC_B"; break;
327case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break;
328case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break;
329case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
330case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
331#endif
332
333#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
334/* SSLv2/v3 compatibility states */
335/* client */
336case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
337case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
338case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break;
339case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
340/* server */
341case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
342case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
343#endif
344
345default: str="UNKWN "; break;
346 }
347 return(str);
348 }
349
350const char *SSL_alert_type_string_long(int value)
351 {
352 value>>=8;
353 if (value == SSL3_AL_WARNING)
354 return("warning");
355 else if (value == SSL3_AL_FATAL)
356 return("fatal");
357 else
358 return("unknown");
359 }
360
361const char *SSL_alert_type_string(int value)
362 {
363 value>>=8;
364 if (value == SSL3_AL_WARNING)
365 return("W");
366 else if (value == SSL3_AL_FATAL)
367 return("F");
368 else
369 return("U");
370 }
371
372const char *SSL_alert_desc_string(int value)
373 {
374 const char *str;
375
376 switch (value & 0xff)
377 {
378 case SSL3_AD_CLOSE_NOTIFY: str="CN"; break;
379 case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break;
380 case SSL3_AD_BAD_RECORD_MAC: str="BM"; break;
381 case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break;
382 case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break;
383 case SSL3_AD_NO_CERTIFICATE: str="NC"; break;
384 case SSL3_AD_BAD_CERTIFICATE: str="BC"; break;
385 case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break;
386 case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break;
387 case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break;
388 case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break;
389 case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break;
390 case TLS1_AD_DECRYPTION_FAILED: str="DC"; break;
391 case TLS1_AD_RECORD_OVERFLOW: str="RO"; break;
392 case TLS1_AD_UNKNOWN_CA: str="CA"; break;
393 case TLS1_AD_ACCESS_DENIED: str="AD"; break;
394 case TLS1_AD_DECODE_ERROR: str="DE"; break;
395 case TLS1_AD_DECRYPT_ERROR: str="CY"; break;
396 case TLS1_AD_EXPORT_RESTRICTION: str="ER"; break;
397 case TLS1_AD_PROTOCOL_VERSION: str="PV"; break;
398 case TLS1_AD_INSUFFICIENT_SECURITY: str="IS"; break;
399 case TLS1_AD_INTERNAL_ERROR: str="IE"; break;
400 case TLS1_AD_USER_CANCELLED: str="US"; break;
401 case TLS1_AD_NO_RENEGOTIATION: str="NR"; break;
402 default: str="UK"; break;
403 }
404 return(str);
405 }
406
407const char *SSL_alert_desc_string_long(int value)
408 {
409 const char *str;
410
411 switch (value & 0xff)
412 {
413 case SSL3_AD_CLOSE_NOTIFY:
414 str="close notify";
415 break;
416 case SSL3_AD_UNEXPECTED_MESSAGE:
417 str="unexpected_message";
418 break;
419 case SSL3_AD_BAD_RECORD_MAC:
420 str="bad record mac";
421 break;
422 case SSL3_AD_DECOMPRESSION_FAILURE:
423 str="decompression failure";
424 break;
425 case SSL3_AD_HANDSHAKE_FAILURE:
426 str="handshake failure";
427 break;
428 case SSL3_AD_NO_CERTIFICATE:
429 str="no certificate";
430 break;
431 case SSL3_AD_BAD_CERTIFICATE:
432 str="bad certificate";
433 break;
434 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
435 str="unsupported certificate";
436 break;
437 case SSL3_AD_CERTIFICATE_REVOKED:
438 str="certificate revoked";
439 break;
440 case SSL3_AD_CERTIFICATE_EXPIRED:
441 str="certificate expired";
442 break;
443 case SSL3_AD_CERTIFICATE_UNKNOWN:
444 str="certificate unknown";
445 break;
446 case SSL3_AD_ILLEGAL_PARAMETER:
447 str="illegal parameter";
448 break;
449 case TLS1_AD_DECRYPTION_FAILED:
450 str="decryption failed";
451 break;
452 case TLS1_AD_RECORD_OVERFLOW:
453 str="record overflow";
454 break;
455 case TLS1_AD_UNKNOWN_CA:
456 str="unknown CA";
457 break;
458 case TLS1_AD_ACCESS_DENIED:
459 str="access denied";
460 break;
461 case TLS1_AD_DECODE_ERROR:
462 str="decode error";
463 break;
464 case TLS1_AD_DECRYPT_ERROR:
465 str="decrypt error";
466 break;
467 case TLS1_AD_EXPORT_RESTRICTION:
468 str="export restriction";
469 break;
470 case TLS1_AD_PROTOCOL_VERSION:
471 str="protocol version";
472 break;
473 case TLS1_AD_INSUFFICIENT_SECURITY:
474 str="insufficient security";
475 break;
476 case TLS1_AD_INTERNAL_ERROR:
477 str="internal error";
478 break;
479 case TLS1_AD_USER_CANCELLED:
480 str="user canceled";
481 break;
482 case TLS1_AD_NO_RENEGOTIATION:
483 str="no renegotiation";
484 break;
485 default: str="unknown"; break;
486 }
487 return(str);
488 }
489
490const char *SSL_rstate_string(const SSL *s)
491 {
492 const char *str;
493
494 switch (s->rstate)
495 {
496 case SSL_ST_READ_HEADER:str="RH"; break;
497 case SSL_ST_READ_BODY: str="RB"; break;
498 case SSL_ST_READ_DONE: str="RD"; break;
499 default: str="unknown"; break;
500 }
501 return(str);
502 }
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
new file mode 100644
index 0000000000..40b76b1b26
--- /dev/null
+++ b/src/lib/libssl/ssl_txt.c
@@ -0,0 +1,186 @@
1/* ssl/ssl_txt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include "ssl_locl.h"
62
63#ifndef OPENSSL_NO_FP_API
64int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
65 {
66 BIO *b;
67 int ret;
68
69 if ((b=BIO_new(BIO_s_file_internal())) == NULL)
70 {
71 SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
72 return(0);
73 }
74 BIO_set_fp(b,fp,BIO_NOCLOSE);
75 ret=SSL_SESSION_print(b,x);
76 BIO_free(b);
77 return(ret);
78 }
79#endif
80
81int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
82 {
83 unsigned int i;
84 char *s;
85
86 if (x == NULL) goto err;
87 if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
88 if (x->ssl_version == SSL2_VERSION)
89 s="SSLv2";
90 else if (x->ssl_version == SSL3_VERSION)
91 s="SSLv3";
92 else if (x->ssl_version == TLS1_VERSION)
93 s="TLSv1";
94 else
95 s="unknown";
96 if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err;
97
98 if (x->cipher == NULL)
99 {
100 if (((x->cipher_id) & 0xff000000) == 0x02000000)
101 {
102 if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0)
103 goto err;
104 }
105 else
106 {
107 if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0)
108 goto err;
109 }
110 }
111 else
112 {
113 if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
114 goto err;
115 }
116 if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
117 for (i=0; i<x->session_id_length; i++)
118 {
119 if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
120 }
121 if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
122 for (i=0; i<x->sid_ctx_length; i++)
123 {
124 if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
125 goto err;
126 }
127 if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
128 for (i=0; i<(unsigned int)x->master_key_length; i++)
129 {
130 if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
131 }
132 if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
133 if (x->key_arg_length == 0)
134 {
135 if (BIO_puts(bp,"None") <= 0) goto err;
136 }
137 else
138 for (i=0; i<x->key_arg_length; i++)
139 {
140 if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
141 }
142#ifndef OPENSSL_NO_KRB5
143 if (BIO_puts(bp,"\n Krb5 Principal: ") <= 0) goto err;
144 if (x->krb5_client_princ_len == 0)
145 {
146 if (BIO_puts(bp,"None") <= 0) goto err;
147 }
148 else
149 for (i=0; i<x->krb5_client_princ_len; i++)
150 {
151 if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
152 }
153#endif /* OPENSSL_NO_KRB5 */
154 if (x->compress_meth != 0)
155 {
156 SSL_COMP *comp;
157
158 ssl_cipher_get_evp(x,NULL,NULL,&comp);
159 if (comp == NULL)
160 {
161 if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
162 }
163 else
164 {
165 if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
166 }
167 }
168 if (x->time != 0L)
169 {
170 if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err;
171 }
172 if (x->timeout != 0L)
173 {
174 if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err;
175 }
176 if (BIO_puts(bp,"\n") <= 0) goto err;
177
178 if (BIO_puts(bp, " Verify return code: ") <= 0) goto err;
179 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
180 X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
181
182 return(1);
183err:
184 return(0);
185 }
186
diff --git a/src/lib/libssl/ssleay.cnf b/src/lib/libssl/ssleay.cnf
new file mode 100644
index 0000000000..c6480ee465
--- /dev/null
+++ b/src/lib/libssl/ssleay.cnf
@@ -0,0 +1,65 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = /dev/arandom
7
8####################################################################
9[ req ]
10default_bits = 1024
11default_keyfile = privkey.pem
12distinguished_name = req_distinguished_name
13attributes = req_attributes
14
15[ req_distinguished_name ]
16countryName = Country Name (2 letter code)
17#countryName_default = AU
18countryName_min = 2
19countryName_max = 2
20
21stateOrProvinceName = State or Province Name (full name)
22#stateOrProvinceName_default = Some-State
23
24localityName = Locality Name (eg, city)
25
260.organizationName = Organization Name (eg, company)
27#0.organizationName_default = Internet Widgits Pty Ltd
28
29# we can do this but it is not needed normally :-)
30#1.organizationName = Second Organization Name (eg, company)
31#1.organizationName_default = CryptSoft Pty Ltd
32
33organizationalUnitName = Organizational Unit Name (eg, section)
34#organizationalUnitName_default =
35
36commonName = Common Name (eg, fully qualified host name)
37commonName_max = 64
38
39emailAddress = Email Address
40emailAddress_max = 64
41
42[ req_attributes ]
43challengePassword = A challenge password
44challengePassword_min = 4
45challengePassword_max = 20
46
47unstructuredName = An optional company name
48
49[ x509v3_extensions ]
50
51nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
52nsComment = "This is a comment"
53
54# under ASN.1, the 0 bit would be encoded as 80
55nsCertType = 0x40
56
57#nsBaseUrl
58#nsRevocationUrl
59#nsRenewalUrl
60#nsCaPolicyUrl
61#nsSslServerName
62#nsCertSequence
63#nsCertExt
64#nsDataType
65
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c
new file mode 100644
index 0000000000..9745630a00
--- /dev/null
+++ b/src/lib/libssl/t1_clnt.c
@@ -0,0 +1,90 @@
1/* ssl/t1_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "ssl_locl.h"
65
66static SSL_METHOD *tls1_get_client_method(int ver);
67static SSL_METHOD *tls1_get_client_method(int ver)
68 {
69 if (ver == TLS1_VERSION)
70 return(TLSv1_client_method());
71 else
72 return(NULL);
73 }
74
75SSL_METHOD *TLSv1_client_method(void)
76 {
77 static int init=1;
78 static SSL_METHOD TLSv1_client_data;
79
80 if (init)
81 {
82 memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
83 sizeof(SSL_METHOD));
84 TLSv1_client_data.ssl_connect=ssl3_connect;
85 TLSv1_client_data.get_ssl_method=tls1_get_client_method;
86 init=0;
87 }
88 return(&TLSv1_client_data);
89 }
90
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
new file mode 100644
index 0000000000..b80525f3ba
--- /dev/null
+++ b/src/lib/libssl/t1_enc.c
@@ -0,0 +1,803 @@
1/* ssl/t1_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/comp.h>
114#include <openssl/evp.h>
115#include <openssl/hmac.h>
116#include "ssl_locl.h"
117#include <openssl/md5.h>
118
119static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
120 int sec_len, unsigned char *seed, int seed_len,
121 unsigned char *out, int olen)
122 {
123 int chunk,n;
124 unsigned int j;
125 HMAC_CTX ctx;
126 HMAC_CTX ctx_tmp;
127 unsigned char A1[HMAC_MAX_MD_CBLOCK];
128 unsigned int A1_len;
129
130 chunk=EVP_MD_size(md);
131
132 HMAC_CTX_init(&ctx);
133 HMAC_CTX_init(&ctx_tmp);
134 HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
135 HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
136 HMAC_Update(&ctx,seed,seed_len);
137 HMAC_Final(&ctx,A1,&A1_len);
138
139 n=0;
140 for (;;)
141 {
142 HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
143 HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */
144 HMAC_Update(&ctx,A1,A1_len);
145 HMAC_Update(&ctx_tmp,A1,A1_len);
146 HMAC_Update(&ctx,seed,seed_len);
147
148 if (olen > chunk)
149 {
150 HMAC_Final(&ctx,out,&j);
151 out+=j;
152 olen-=j;
153 HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
154 }
155 else /* last one */
156 {
157 HMAC_Final(&ctx,A1,&A1_len);
158 memcpy(out,A1,olen);
159 break;
160 }
161 }
162 HMAC_CTX_cleanup(&ctx);
163 HMAC_CTX_cleanup(&ctx_tmp);
164 memset(A1,0,sizeof(A1));
165 }
166
167static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
168 unsigned char *label, int label_len,
169 const unsigned char *sec, int slen, unsigned char *out1,
170 unsigned char *out2, int olen)
171 {
172 int len,i;
173 const unsigned char *S1,*S2;
174
175 len=slen/2;
176 S1=sec;
177 S2= &(sec[len]);
178 len+=(slen&1); /* add for odd, make longer */
179
180
181 tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
182 tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
183
184 for (i=0; i<olen; i++)
185 out1[i]^=out2[i];
186 }
187
188static void tls1_generate_key_block(SSL *s, unsigned char *km,
189 unsigned char *tmp, int num)
190 {
191 unsigned char *p;
192 unsigned char buf[SSL3_RANDOM_SIZE*2+
193 TLS_MD_MAX_CONST_SIZE];
194 p=buf;
195
196 memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
197 TLS_MD_KEY_EXPANSION_CONST_SIZE);
198 p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
199 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
200 p+=SSL3_RANDOM_SIZE;
201 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
202 p+=SSL3_RANDOM_SIZE;
203
204 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
205 s->session->master_key,s->session->master_key_length,
206 km,tmp,num);
207#ifdef KSSL_DEBUG
208 printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
209 s->session->master_key_length);
210 {
211 int i;
212 for (i=0; i < s->session->master_key_length; i++)
213 {
214 printf("%02X", s->session->master_key[i]);
215 }
216 printf("\n"); }
217#endif /* KSSL_DEBUG */
218 }
219
220int tls1_change_cipher_state(SSL *s, int which)
221 {
222 static const unsigned char empty[]="";
223 unsigned char *p,*key_block,*mac_secret;
224 unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
225 SSL3_RANDOM_SIZE*2];
226 unsigned char tmp1[EVP_MAX_KEY_LENGTH];
227 unsigned char tmp2[EVP_MAX_KEY_LENGTH];
228 unsigned char iv1[EVP_MAX_IV_LENGTH*2];
229 unsigned char iv2[EVP_MAX_IV_LENGTH*2];
230 unsigned char *ms,*key,*iv,*er1,*er2;
231 int client_write;
232 EVP_CIPHER_CTX *dd;
233 const EVP_CIPHER *c;
234 const SSL_COMP *comp;
235 const EVP_MD *m;
236 int is_export,n,i,j,k,exp_label_len,cl;
237 int reuse_dd = 0;
238
239 is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
240 c=s->s3->tmp.new_sym_enc;
241 m=s->s3->tmp.new_hash;
242 comp=s->s3->tmp.new_compression;
243 key_block=s->s3->tmp.key_block;
244
245#ifdef KSSL_DEBUG
246 printf("tls1_change_cipher_state(which= %d) w/\n", which);
247 printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
248 comp);
249 printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
250 printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
251 c->nid,c->block_size,c->key_len,c->iv_len);
252 printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
253 {
254 int i;
255 for (i=0; i<s->s3->tmp.key_block_length; i++)
256 printf("%02x", key_block[i]); printf("\n");
257 }
258#endif /* KSSL_DEBUG */
259
260 if (which & SSL3_CC_READ)
261 {
262 if (s->enc_read_ctx != NULL)
263 reuse_dd = 1;
264 else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
265 goto err;
266 dd= s->enc_read_ctx;
267 s->read_hash=m;
268 if (s->expand != NULL)
269 {
270 COMP_CTX_free(s->expand);
271 s->expand=NULL;
272 }
273 if (comp != NULL)
274 {
275 s->expand=COMP_CTX_new(comp->method);
276 if (s->expand == NULL)
277 {
278 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
279 goto err2;
280 }
281 if (s->s3->rrec.comp == NULL)
282 s->s3->rrec.comp=(unsigned char *)
283 OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
284 if (s->s3->rrec.comp == NULL)
285 goto err;
286 }
287 memset(&(s->s3->read_sequence[0]),0,8);
288 mac_secret= &(s->s3->read_mac_secret[0]);
289 }
290 else
291 {
292 if (s->enc_write_ctx != NULL)
293 reuse_dd = 1;
294 else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
295 goto err;
296 if ((s->enc_write_ctx == NULL) &&
297 ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
298 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
299 goto err;
300 dd= s->enc_write_ctx;
301 s->write_hash=m;
302 if (s->compress != NULL)
303 {
304 COMP_CTX_free(s->compress);
305 s->compress=NULL;
306 }
307 if (comp != NULL)
308 {
309 s->compress=COMP_CTX_new(comp->method);
310 if (s->compress == NULL)
311 {
312 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
313 goto err2;
314 }
315 }
316 memset(&(s->s3->write_sequence[0]),0,8);
317 mac_secret= &(s->s3->write_mac_secret[0]);
318 }
319
320 if (reuse_dd)
321 EVP_CIPHER_CTX_cleanup(dd);
322 EVP_CIPHER_CTX_init(dd);
323
324 p=s->s3->tmp.key_block;
325 i=EVP_MD_size(m);
326 cl=EVP_CIPHER_key_length(c);
327 j=is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
328 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
329 /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
330 k=EVP_CIPHER_iv_length(c);
331 er1= &(s->s3->client_random[0]);
332 er2= &(s->s3->server_random[0]);
333 if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
334 (which == SSL3_CHANGE_CIPHER_SERVER_READ))
335 {
336 ms= &(p[ 0]); n=i+i;
337 key= &(p[ n]); n+=j+j;
338 iv= &(p[ n]); n+=k+k;
339 exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
340 exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
341 client_write=1;
342 }
343 else
344 {
345 n=i;
346 ms= &(p[ n]); n+=i+j;
347 key= &(p[ n]); n+=j+k;
348 iv= &(p[ n]); n+=k;
349 exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
350 exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
351 client_write=0;
352 }
353
354 if (n > s->s3->tmp.key_block_length)
355 {
356 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_INTERNAL_ERROR);
357 goto err2;
358 }
359
360 memcpy(mac_secret,ms,i);
361#ifdef TLS_DEBUG
362printf("which = %04X\nmac key=",which);
363{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
364#endif
365 if (is_export)
366 {
367 /* In here I set both the read and write key/iv to the
368 * same value since only the correct one will be used :-).
369 */
370 p=buf;
371 memcpy(p,exp_label,exp_label_len);
372 p+=exp_label_len;
373 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
374 p+=SSL3_RANDOM_SIZE;
375 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
376 p+=SSL3_RANDOM_SIZE;
377 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
378 tmp1,tmp2,EVP_CIPHER_key_length(c));
379 key=tmp1;
380
381 if (k > 0)
382 {
383 p=buf;
384 memcpy(p,TLS_MD_IV_BLOCK_CONST,
385 TLS_MD_IV_BLOCK_CONST_SIZE);
386 p+=TLS_MD_IV_BLOCK_CONST_SIZE;
387 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
388 p+=SSL3_RANDOM_SIZE;
389 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
390 p+=SSL3_RANDOM_SIZE;
391 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
392 iv1,iv2,k*2);
393 if (client_write)
394 iv=iv1;
395 else
396 iv= &(iv1[k]);
397 }
398 }
399
400 s->session->key_arg_length=0;
401#ifdef KSSL_DEBUG
402 {
403 int i;
404 printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
405 printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]);
406 printf("\n");
407 printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]);
408 printf("\n");
409 }
410#endif /* KSSL_DEBUG */
411
412 EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
413#ifdef TLS_DEBUG
414printf("which = %04X\nkey=",which);
415{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
416printf("\niv=");
417{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
418printf("\n");
419#endif
420
421 memset(tmp1,0,sizeof(tmp1));
422 memset(tmp2,0,sizeof(tmp1));
423 memset(iv1,0,sizeof(iv1));
424 memset(iv2,0,sizeof(iv2));
425 return(1);
426err:
427 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
428err2:
429 return(0);
430 }
431
432int tls1_setup_key_block(SSL *s)
433 {
434 unsigned char *p1,*p2;
435 const EVP_CIPHER *c;
436 const EVP_MD *hash;
437 int num;
438 SSL_COMP *comp;
439
440#ifdef KSSL_DEBUG
441 printf ("tls1_setup_key_block()\n");
442#endif /* KSSL_DEBUG */
443
444 if (s->s3->tmp.key_block_length != 0)
445 return(1);
446
447 if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
448 {
449 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
450 return(0);
451 }
452
453 s->s3->tmp.new_sym_enc=c;
454 s->s3->tmp.new_hash=hash;
455
456 num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
457 num*=2;
458
459 ssl3_cleanup_key_block(s);
460
461 if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
462 goto err;
463 if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
464 goto err;
465
466 s->s3->tmp.key_block_length=num;
467 s->s3->tmp.key_block=p1;
468
469
470#ifdef TLS_DEBUG
471printf("client random\n");
472{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
473printf("server random\n");
474{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
475printf("pre-master\n");
476{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
477#endif
478 tls1_generate_key_block(s,p1,p2,num);
479 memset(p2,0,num);
480 OPENSSL_free(p2);
481#ifdef TLS_DEBUG
482printf("\nkey block\n");
483{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
484#endif
485
486 /* enable vulnerability countermeasure for CBC ciphers with
487 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) */
488 s->s3->need_empty_fragments = 1;
489#ifndef NO_RC4
490 if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4))
491 s->s3->need_empty_fragments = 0;
492#endif
493
494 return(1);
495err:
496 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
497 return(0);
498 }
499
500int tls1_enc(SSL *s, int send)
501 {
502 SSL3_RECORD *rec;
503 EVP_CIPHER_CTX *ds;
504 unsigned long l;
505 int bs,i,ii,j,k,n=0;
506 const EVP_CIPHER *enc;
507
508 if (send)
509 {
510 if (s->write_hash != NULL)
511 n=EVP_MD_size(s->write_hash);
512 ds=s->enc_write_ctx;
513 rec= &(s->s3->wrec);
514 if (s->enc_write_ctx == NULL)
515 enc=NULL;
516 else
517 enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
518 }
519 else
520 {
521 if (s->read_hash != NULL)
522 n=EVP_MD_size(s->read_hash);
523 ds=s->enc_read_ctx;
524 rec= &(s->s3->rrec);
525 if (s->enc_read_ctx == NULL)
526 enc=NULL;
527 else
528 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
529 }
530
531#ifdef KSSL_DEBUG
532 printf("tls1_enc(%d)\n", send);
533#endif /* KSSL_DEBUG */
534
535 if ((s->session == NULL) || (ds == NULL) ||
536 (enc == NULL))
537 {
538 memmove(rec->data,rec->input,rec->length);
539 rec->input=rec->data;
540 }
541 else
542 {
543 l=rec->length;
544 bs=EVP_CIPHER_block_size(ds->cipher);
545
546 if ((bs != 1) && send)
547 {
548 i=bs-((int)l%bs);
549
550 /* Add weird padding of upto 256 bytes */
551
552 /* we need to add 'i' padding bytes of value j */
553 j=i-1;
554 if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
555 {
556 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
557 j++;
558 }
559 for (k=(int)l; k<(int)(l+i); k++)
560 rec->input[k]=j;
561 l+=i;
562 rec->length+=i;
563 }
564
565#ifdef KSSL_DEBUG
566 {
567 unsigned long ui;
568 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
569 ds,rec->data,rec->input,l);
570 printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
571 ds->buf_len, ds->cipher->key_len,
572 DES_KEY_SZ, DES_SCHEDULE_SZ,
573 ds->cipher->iv_len);
574 printf("\t\tIV: ");
575 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
576 printf("\n");
577 printf("\trec->input=");
578 for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
579 printf("\n");
580 }
581#endif /* KSSL_DEBUG */
582
583 if (!send)
584 {
585 if (l == 0 || l%bs != 0)
586 {
587 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
588 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
589 return 0;
590 }
591 }
592
593 EVP_Cipher(ds,rec->data,rec->input,l);
594
595#ifdef KSSL_DEBUG
596 {
597 unsigned long i;
598 printf("\trec->data=");
599 for (i=0; i<l; i++)
600 printf(" %02x", rec->data[i]); printf("\n");
601 }
602#endif /* KSSL_DEBUG */
603
604 if ((bs != 1) && !send)
605 {
606 ii=i=rec->data[l-1]; /* padding_length */
607 i++;
608 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
609 {
610 /* First packet is even in size, so check */
611 if ((memcmp(s->s3->read_sequence,
612 "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
613 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
614 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
615 i--;
616 }
617 /* TLS 1.0 does not bound the number of padding bytes by the block size.
618 * All of them must have value 'padding_length'. */
619 if (i > (int)rec->length)
620 {
621 /* Incorrect padding. SSLerr() and ssl3_alert are done
622 * by caller: we don't want to reveal whether this is
623 * a decryption error or a MAC verification failure
624 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
625 return -1;
626 }
627 for (j=(int)(l-i); j<(int)l; j++)
628 {
629 if (rec->data[j] != ii)
630 {
631 /* Incorrect padding */
632 return -1;
633 }
634 }
635 rec->length-=i;
636 }
637 }
638 return(1);
639 }
640
641int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
642 {
643 unsigned int ret;
644 EVP_MD_CTX ctx;
645
646 EVP_MD_CTX_init(&ctx);
647 EVP_MD_CTX_copy_ex(&ctx,in_ctx);
648 EVP_DigestFinal_ex(&ctx,out,&ret);
649 EVP_MD_CTX_cleanup(&ctx);
650 return((int)ret);
651 }
652
653int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
654 const char *str, int slen, unsigned char *out)
655 {
656 unsigned int i;
657 EVP_MD_CTX ctx;
658 unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
659 unsigned char *q,buf2[12];
660
661 q=buf;
662 memcpy(q,str,slen);
663 q+=slen;
664
665 EVP_MD_CTX_init(&ctx);
666 EVP_MD_CTX_copy_ex(&ctx,in1_ctx);
667 EVP_DigestFinal_ex(&ctx,q,&i);
668 q+=i;
669 EVP_MD_CTX_copy_ex(&ctx,in2_ctx);
670 EVP_DigestFinal_ex(&ctx,q,&i);
671 q+=i;
672
673 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
674 s->session->master_key,s->session->master_key_length,
675 out,buf2,12);
676 EVP_MD_CTX_cleanup(&ctx);
677
678 return((int)12);
679 }
680
681int tls1_mac(SSL *ssl, unsigned char *md, int send)
682 {
683 SSL3_RECORD *rec;
684 unsigned char *mac_sec,*seq;
685 const EVP_MD *hash;
686 unsigned int md_size;
687 int i;
688 HMAC_CTX hmac;
689 unsigned char buf[5];
690
691 if (send)
692 {
693 rec= &(ssl->s3->wrec);
694 mac_sec= &(ssl->s3->write_mac_secret[0]);
695 seq= &(ssl->s3->write_sequence[0]);
696 hash=ssl->write_hash;
697 }
698 else
699 {
700 rec= &(ssl->s3->rrec);
701 mac_sec= &(ssl->s3->read_mac_secret[0]);
702 seq= &(ssl->s3->read_sequence[0]);
703 hash=ssl->read_hash;
704 }
705
706 md_size=EVP_MD_size(hash);
707
708 buf[0]=rec->type;
709 buf[1]=TLS1_VERSION_MAJOR;
710 buf[2]=TLS1_VERSION_MINOR;
711 buf[3]=rec->length>>8;
712 buf[4]=rec->length&0xff;
713
714 /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
715 HMAC_CTX_init(&hmac);
716 HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
717 HMAC_Update(&hmac,seq,8);
718 HMAC_Update(&hmac,buf,5);
719 HMAC_Update(&hmac,rec->input,rec->length);
720 HMAC_Final(&hmac,md,&md_size);
721 HMAC_CTX_cleanup(&hmac);
722
723#ifdef TLS_DEBUG
724printf("sec=");
725{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
726printf("seq=");
727{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
728printf("buf=");
729{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
730printf("rec=");
731{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
732#endif
733
734 for (i=7; i>=0; i--)
735 {
736 ++seq[i];
737 if (seq[i] != 0) break;
738 }
739
740#ifdef TLS_DEBUG
741{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
742#endif
743 return(md_size);
744 }
745
746int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
747 int len)
748 {
749 unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
750 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
751
752#ifdef KSSL_DEBUG
753 printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
754#endif /* KSSL_DEBUG */
755
756 /* Setup the stuff to munge */
757 memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
758 TLS_MD_MASTER_SECRET_CONST_SIZE);
759 memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
760 s->s3->client_random,SSL3_RANDOM_SIZE);
761 memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
762 s->s3->server_random,SSL3_RANDOM_SIZE);
763 tls1_PRF(s->ctx->md5,s->ctx->sha1,
764 buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
765 s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE);
766#ifdef KSSL_DEBUG
767 printf ("tls1_generate_master_secret() complete\n");
768#endif /* KSSL_DEBUG */
769 return(SSL3_MASTER_SECRET_SIZE);
770 }
771
772int tls1_alert_code(int code)
773 {
774 switch (code)
775 {
776 case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY);
777 case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
778 case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC);
779 case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED);
780 case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW);
781 case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
782 case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE);
783 case SSL_AD_NO_CERTIFICATE: return(-1);
784 case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE);
785 case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
786 case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
787 case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
788 case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
789 case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER);
790 case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA);
791 case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED);
792 case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR);
793 case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR);
794 case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION);
795 case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION);
796 case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
797 case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
798 case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
799 case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
800 default: return(-1);
801 }
802 }
803
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
new file mode 100644
index 0000000000..ca6c03d5af
--- /dev/null
+++ b/src/lib/libssl/t1_lib.c
@@ -0,0 +1,149 @@
1/* ssl/t1_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
64
65static long tls1_default_timeout(void);
66
67static SSL3_ENC_METHOD TLSv1_enc_data={
68 tls1_enc,
69 tls1_mac,
70 tls1_setup_key_block,
71 tls1_generate_master_secret,
72 tls1_change_cipher_state,
73 tls1_final_finish_mac,
74 TLS1_FINISH_MAC_LENGTH,
75 tls1_cert_verify_mac,
76 TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
77 TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
78 tls1_alert_code,
79 };
80
81static SSL_METHOD TLSv1_data= {
82 TLS1_VERSION,
83 tls1_new,
84 tls1_clear,
85 tls1_free,
86 ssl_undefined_function,
87 ssl_undefined_function,
88 ssl3_read,
89 ssl3_peek,
90 ssl3_write,
91 ssl3_shutdown,
92 ssl3_renegotiate,
93 ssl3_renegotiate_check,
94 ssl3_ctrl,
95 ssl3_ctx_ctrl,
96 ssl3_get_cipher_by_char,
97 ssl3_put_cipher_by_char,
98 ssl3_pending,
99 ssl3_num_ciphers,
100 ssl3_get_cipher,
101 ssl_bad_method,
102 tls1_default_timeout,
103 &TLSv1_enc_data,
104 ssl_undefined_function,
105 ssl3_callback_ctrl,
106 ssl3_ctx_callback_ctrl,
107 };
108
109static long tls1_default_timeout(void)
110 {
111 /* 2 hours, the 24 hours mentioned in the TLSv1 spec
112 * is way too long for http, the cache would over fill */
113 return(60*60*2);
114 }
115
116SSL_METHOD *tlsv1_base_method(void)
117 {
118 return(&TLSv1_data);
119 }
120
121int tls1_new(SSL *s)
122 {
123 if (!ssl3_new(s)) return(0);
124 s->method->ssl_clear(s);
125 return(1);
126 }
127
128void tls1_free(SSL *s)
129 {
130 ssl3_free(s);
131 }
132
133void tls1_clear(SSL *s)
134 {
135 ssl3_clear(s);
136 s->version=TLS1_VERSION;
137 }
138
139#if 0
140long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
141 {
142 return(0);
143 }
144
145long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
146 {
147 return(0);
148 }
149#endif
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c
new file mode 100644
index 0000000000..9bb36a7d1c
--- /dev/null
+++ b/src/lib/libssl/t1_meth.c
@@ -0,0 +1,88 @@
1/* ssl/t1_meth.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63static SSL_METHOD *tls1_get_method(int ver);
64static SSL_METHOD *tls1_get_method(int ver)
65 {
66 if (ver == TLS1_VERSION)
67 return(TLSv1_method());
68 else
69 return(NULL);
70 }
71
72SSL_METHOD *TLSv1_method(void)
73 {
74 static int init=1;
75 static SSL_METHOD TLSv1_data;
76
77 if (init)
78 {
79 memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
80 sizeof(SSL_METHOD));
81 TLSv1_data.ssl_connect=ssl3_connect;
82 TLSv1_data.ssl_accept=ssl3_accept;
83 TLSv1_data.get_ssl_method=tls1_get_method;
84 init=0;
85 }
86 return(&TLSv1_data);
87 }
88
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c
new file mode 100644
index 0000000000..996b7ca8e2
--- /dev/null
+++ b/src/lib/libssl/t1_srvr.c
@@ -0,0 +1,91 @@
1/* ssl/t1_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include "ssl_locl.h"
66
67static SSL_METHOD *tls1_get_server_method(int ver);
68static SSL_METHOD *tls1_get_server_method(int ver)
69 {
70 if (ver == TLS1_VERSION)
71 return(TLSv1_server_method());
72 else
73 return(NULL);
74 }
75
76SSL_METHOD *TLSv1_server_method(void)
77 {
78 static int init=1;
79 static SSL_METHOD TLSv1_server_data;
80
81 if (init)
82 {
83 memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
84 sizeof(SSL_METHOD));
85 TLSv1_server_data.ssl_accept=ssl3_accept;
86 TLSv1_server_data.get_ssl_method=tls1_get_server_method;
87 init=0;
88 }
89 return(&TLSv1_server_data);
90 }
91
diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf
new file mode 100644
index 0000000000..b941b7ae15
--- /dev/null
+++ b/src/lib/libssl/test/CAss.cnf
@@ -0,0 +1,25 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ req ]
10default_bits = 512
11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no
14default_md = sha1
15
16[ req_distinguished_name ]
17countryName = Country Name (2 letter code)
18countryName_default = AU
19countryName_value = AU
20
21organizationName = Organization Name (eg, company)
22organizationName_value = Dodgy Brothers
23
24commonName = Common Name (eg, YOUR name)
25commonName_value = Dodgy CA
diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf
new file mode 100644
index 0000000000..4e0a908679
--- /dev/null
+++ b/src/lib/libssl/test/CAssdh.cnf
@@ -0,0 +1,24 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DH certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = CU
17countryName_value = CU
18
19organizationName = Organization Name (eg, company)
20organizationName_value = La Junta de la Revolucion
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Junta
24
diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf
new file mode 100644
index 0000000000..a6b4d1810c
--- /dev/null
+++ b/src/lib/libssl/test/CAssdsa.cnf
@@ -0,0 +1,23 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DSA certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Hermanos Locos
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Hermanos Locos CA
diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf
new file mode 100644
index 0000000000..eb24a6dfc0
--- /dev/null
+++ b/src/lib/libssl/test/CAssrsa.cnf
@@ -0,0 +1,24 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# create RSA certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Hermanos Locos
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Hermanos Locos CA
24
diff --git a/src/lib/libssl/test/Makefile.ssl b/src/lib/libssl/test/Makefile.ssl
new file mode 100644
index 0000000000..952ab16371
--- /dev/null
+++ b/src/lib/libssl/test/Makefile.ssl
@@ -0,0 +1,540 @@
1#
2# test/Makefile.ssl
3#
4
5DIR= test
6TOP= ..
7CC= cc
8INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES)
9CFLAG= -g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP= /usr/local/ssl
13MAKEFILE= Makefile.ssl
14MAKE= make -f $(MAKEFILE)
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17
18PEX_LIBS=
19EX_LIBS= #-lnsl -lsocket
20
21CFLAGS= $(INCLUDES) $(CFLAG)
22
23GENERAL=Makefile.ssl maketests.com \
24 tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
25 tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
26 testca.com VMSca-response.1 VMSca-response.2
27
28DLIBCRYPTO= ../libcrypto.a
29DLIBSSL= ../libssl.a
30LIBCRYPTO= -L.. -lcrypto
31LIBSSL= -L.. -lssl
32
33BNTEST= bntest
34ECTEST= ectest
35EXPTEST= exptest
36IDEATEST= ideatest
37SHATEST= shatest
38SHA1TEST= sha1test
39MDC2TEST= mdc2test
40RMDTEST= rmdtest
41MD2TEST= md2test
42MD4TEST= md4test
43MD5TEST= md5test
44HMACTEST= hmactest
45RC2TEST= rc2test
46RC4TEST= rc4test
47RC5TEST= rc5test
48BFTEST= bftest
49CASTTEST= casttest
50DESTEST= destest
51RANDTEST= randtest
52DHTEST= dhtest
53DSATEST= dsatest
54METHTEST= methtest
55SSLTEST= ssltest
56RSATEST= rsa_test
57ENGINETEST= enginetest
58EVPTEST= evp_test
59
60TESTS= alltests
61
62EXE= $(BNTEST) $(ECTEST) $(IDEATEST) $(MD2TEST) $(MD4TEST) $(MD5TEST) $(HMACTEST) \
63 $(RC2TEST) $(RC4TEST) $(RC5TEST) \
64 $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
65 $(RANDTEST) $(DHTEST) $(ENGINETEST) \
66 $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
67 $(EVPTEST)
68
69# $(METHTEST)
70
71OBJ= $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
72 $(HMACTEST).o \
73 $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
74 $(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
75 $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
76 $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
77 $(EVPTEST).o
78SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
79 $(HMACTEST).c \
80 $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
81 $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
82 $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
83 $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
84 $(EVPTEST).c
85
86EXHEADER=
87HEADER= $(EXHEADER)
88
89ALL= $(GENERAL) $(SRC) $(HEADER)
90
91top:
92 (cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
93
94all: exe
95
96exe: $(EXE)
97
98files:
99 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
100
101links:
102 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
103
104errors:
105
106install:
107
108tags:
109 ctags $(SRC)
110
111tests: exe apps $(TESTS)
112
113apps:
114 @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all)
115
116alltests:
117 (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \
118 export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
119 $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' alltests.chooser)
120alltests.chooser: \
121 test_des test_idea test_sha test_md4 test_md5 test_hmac \
122 test_md2 test_mdc2 \
123 test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \
124 test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
125 test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
126 test_ss test_ca test_engine test_evp test_ssl
127
128test_evp:
129 ./$(EVPTEST) evptests.txt
130
131test_des:
132 ./$(DESTEST)
133
134test_idea:
135 ./$(IDEATEST)
136
137test_sha:
138 ./$(SHATEST)
139 ./$(SHA1TEST)
140
141test_mdc2:
142 ./$(MDC2TEST)
143
144test_md5:
145 ./$(MD5TEST)
146
147test_md4:
148 ./$(MD4TEST)
149
150test_hmac:
151 ./$(HMACTEST)
152
153test_md2:
154 ./$(MD2TEST)
155
156test_rmd:
157 ./$(RMDTEST)
158
159test_bf:
160 ./$(BFTEST)
161
162test_cast:
163 ./$(CASTTEST)
164
165test_rc2:
166 ./$(RC2TEST)
167
168test_rc4:
169 ./$(RC4TEST)
170
171test_rc5:
172 ./$(RC5TEST)
173
174test_rand:
175 ./$(RANDTEST)
176
177test_enc:
178 @sh ./testenc
179
180test_x509:
181 echo test normal x509v1 certificate
182 sh ./tx509 2>/dev/null
183 echo test first x509v3 certificate
184 sh ./tx509 v3-cert1.pem 2>/dev/null
185 echo test second x509v3 certificate
186 sh ./tx509 v3-cert2.pem 2>/dev/null
187
188test_rsa:
189 @sh ./trsa 2>/dev/null
190 ./$(RSATEST)
191
192test_crl:
193 @sh ./tcrl 2>/dev/null
194
195test_sid:
196 @sh ./tsid 2>/dev/null
197
198test_req:
199 @sh ./treq 2>/dev/null
200 @sh ./treq testreq2.pem 2>/dev/null
201
202test_pkcs7:
203 @sh ./tpkcs7 2>/dev/null
204 @sh ./tpkcs7d 2>/dev/null
205
206test_bn:
207 @echo starting big number library test, could take a while...
208 @./$(BNTEST) >tmp.bntest
209 @echo quit >>tmp.bntest
210 @echo "running bc"
211 @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
212 @echo 'test a^b%c implementations'
213 ./$(EXPTEST)
214
215test_ec:
216 @echo 'test elliptic curves'
217 ./$(ECTEST)
218
219test_verify:
220 @echo "The following command should have some OK's and some failures"
221 @echo "There are definitly a few expired certificates"
222 ../apps/openssl verify -CApath ../certs ../certs/*.pem
223
224test_dh:
225 @echo "Generate a set of DH parameters"
226 ./$(DHTEST)
227
228test_dsa:
229 @echo "Generate a set of DSA parameters"
230 ./$(DSATEST)
231 ./$(DSATEST) -app2_1
232
233test_gen:
234 @echo "Generate and verify a certificate request"
235 @sh ./testgen
236
237test_ss:
238 @echo "Generate and certify a test certificate"
239 @sh ./testss
240
241test_engine:
242 @echo "Manipulate the ENGINE structures"
243 ./$(ENGINETEST)
244
245test_ssl:
246 @echo "test SSL protocol"
247 @sh ./testssl
248
249test_ca:
250 @echo "Generate and certify a test certificate via the 'ca' program"
251 @sh ./testca
252
253test_rd: #$(RDTEST)
254# @echo "test Rijndael"
255# ./$(RDTEST)
256
257lint:
258 lint -DLINT $(INCLUDES) $(SRC)>fluff
259
260depend:
261 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
262
263dclean:
264 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
265 mv -f Makefile.new $(MAKEFILE)
266
267clean:
268 rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
269
270$(DLIBSSL):
271 (cd ../ssl; $(MAKE))
272
273$(DLIBCRYPTO):
274 (cd ../crypto; $(MAKE))
275
276$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
277 $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
278
279$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
280 $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
281
282$(ECTEST): $(ECTEST).o $(DLIBCRYPTO)
283 $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
284
285$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
286 $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
287
288$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
289 $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
290
291$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
292 $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
293
294$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
295 $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
296
297$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
298 $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
299
300$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
301 $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
302
303$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
304 $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
305
306$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
307 $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
308
309$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
310 $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
311
312$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
313 $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
314
315$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
316 $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
317
318$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
319 $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
320
321$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
322 $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
323
324$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
325 $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
326
327$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
328 $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
329
330$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
331 $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
332
333$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
334 $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
335
336$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
337 $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
338
339$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
340 $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
341
342$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
343 $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
344
345$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
346 $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS)
347
348$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
349 $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
350
351$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
352 $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
353
354#$(RDTEST).o: $(RDTEST).c
355# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c
356
357#$(RDTEST): $(RDTEST).o $(DLIBCRYPTO)
358# $(CC) -o $(RDTEST) $(CFLAGS) $(RDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
359
360# DO NOT DELETE THIS LINE -- make depend depends on it.
361
362bftest.o: ../include/openssl/blowfish.h ../include/openssl/e_os2.h
363bftest.o: ../include/openssl/opensslconf.h bftest.c
364bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
365bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
366bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
367bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
368bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
369bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
370bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
371bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
372bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
373bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
374bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
375bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
376bntest.o: ../include/openssl/x509_vfy.h bntest.c
377casttest.o: ../include/openssl/cast.h casttest.c
378destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
379destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
380destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
381destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
382destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
383destest.o: ../include/openssl/ui_compat.h destest.c
384dhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
385dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
386dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
387dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
388dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
389dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
390dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
391dsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
392dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
393dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
394dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
395dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
396dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
397dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
398dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
399dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
400dsatest.o: ../include/openssl/ui.h dsatest.c
401ectest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
402ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
403ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
404ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
405ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
406ectest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
407ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
408ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
409ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
410ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
411enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
412enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
413enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
414enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
415enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
416enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
417enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
418enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
419enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
420enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
421enginetest.o: enginetest.c
422evp_test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
423evp_test.o: ../include/openssl/bn.h ../include/openssl/conf.h
424evp_test.o: ../include/openssl/crypto.h ../include/openssl/dh.h
425evp_test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
426evp_test.o: ../include/openssl/engine.h ../include/openssl/err.h
427evp_test.o: ../include/openssl/evp.h ../include/openssl/lhash.h
428evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
429evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
430evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
431evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
432evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
433evp_test.o: ../include/openssl/ui.h evp_test.c
434exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
435exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
436exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
437exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
438exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
439exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
440exptest.o: ../include/openssl/symhacks.h exptest.c
441hmactest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
442hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
443hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
444hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
445hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
446hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
447hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
448hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
449ideatest.o: ../include/openssl/idea.h ../include/openssl/opensslconf.h
450ideatest.o: ideatest.c
451md2test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
452md2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
453md2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
454md2test.o: ../include/openssl/md2.h ../include/openssl/obj_mac.h
455md2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
456md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
457md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
458md2test.o: ../include/openssl/symhacks.h md2test.c
459md4test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
460md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
461md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
462md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
463md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
464md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
465md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
466md4test.o: ../include/openssl/symhacks.h md4test.c
467md5test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
468md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
469md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
470md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
471md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
472md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
473md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
474md5test.o: ../include/openssl/symhacks.h md5test.c
475mdc2test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
476mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
477mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h
478mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
479mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
480mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
481mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
482mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
483mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
484mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c
485randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h randtest.c
486rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
487rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
488rc5test.o: ../include/openssl/rc5.h rc5test.c
489rmdtest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
490rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
491rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
492rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
493rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
494rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
495rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
496rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
497rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
498rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
499rsa_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
500rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
501rsa_test.o: ../include/openssl/err.h ../include/openssl/lhash.h
502rsa_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
503rsa_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
504rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
505rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
506rsa_test.o: ../include/openssl/ui.h rsa_test.c
507sha1test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
508sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
509sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
510sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
511sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
512sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
513sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
514sha1test.o: ../include/openssl/symhacks.h sha1test.c
515shatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
516shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
517shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
518shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
519shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
520shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
521shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
522shatest.o: ../include/openssl/symhacks.h shatest.c
523ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
524ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
525ssltest.o: ../include/openssl/comp.h ../include/openssl/crypto.h
526ssltest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
527ssltest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
528ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
529ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
530ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
531ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
532ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
533ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
534ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
535ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
536ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
537ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
538ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
539ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
540ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssltest.c
diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf
new file mode 100644
index 0000000000..8e170a28ef
--- /dev/null
+++ b/src/lib/libssl/test/Sssdsa.cnf
@@ -0,0 +1,27 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DSA certs - Server
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Tortilleras S.A.
21
220.commonName = Common Name (eg, YOUR name)
230.commonName_value = Torti
24
251.commonName = Common Name (eg, YOUR name)
261.commonName_value = Gordita
27
diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf
new file mode 100644
index 0000000000..8c79a03fca
--- /dev/null
+++ b/src/lib/libssl/test/Sssrsa.cnf
@@ -0,0 +1,26 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# create RSA certs - Server
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Tortilleras S.A.
21
220.commonName = Common Name (eg, YOUR name)
230.commonName_value = Torti
24
251.commonName = Common Name (eg, YOUR name)
261.commonName_value = Gordita
diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf
new file mode 100644
index 0000000000..c89692d519
--- /dev/null
+++ b/src/lib/libssl/test/Uss.cnf
@@ -0,0 +1,28 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ req ]
10default_bits = 512
11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no
14default_md = md2
15
16[ req_distinguished_name ]
17countryName = Country Name (2 letter code)
18countryName_default = AU
19countryName_value = AU
20
21organizationName = Organization Name (eg, company)
22organizationName_value = Dodgy Brothers
23
240.commonName = Common Name (eg, YOUR name)
250.commonName_value = Brother 1
26
271.commonName = Common Name (eg, YOUR name)
281.commonName_value = Brother 2
diff --git a/src/lib/libssl/test/VMSca-response.1 b/src/lib/libssl/test/VMSca-response.1
new file mode 100644
index 0000000000..8b13789179
--- /dev/null
+++ b/src/lib/libssl/test/VMSca-response.1
@@ -0,0 +1 @@
diff --git a/src/lib/libssl/test/VMSca-response.2 b/src/lib/libssl/test/VMSca-response.2
new file mode 100644
index 0000000000..9b48ee4cf9
--- /dev/null
+++ b/src/lib/libssl/test/VMSca-response.2
@@ -0,0 +1,2 @@
1y
2y
diff --git a/src/lib/libssl/test/bctest b/src/lib/libssl/test/bctest
new file mode 100644
index 0000000000..bdb3218f7a
--- /dev/null
+++ b/src/lib/libssl/test/bctest
@@ -0,0 +1,111 @@
1#!/bin/sh
2
3# This script is used by test/Makefile.ssl to check whether a sane 'bc'
4# is installed.
5# ('make test_bn' should not try to run 'bc' if it does not exist or if
6# it is a broken 'bc' version that is known to cause trouble.)
7#
8# If 'bc' works, we also test if it knows the 'print' command.
9#
10# In any case, output an appropriate command line for running (or not
11# running) bc.
12
13
14IFS=:
15try_without_dir=true
16# First we try "bc", then "$dir/bc" for each item in $PATH.
17for dir in dummy:$PATH; do
18 if [ "$try_without_dir" = true ]; then
19 # first iteration
20 bc=bc
21 try_without_dir=false
22 else
23 # second and later iterations
24 bc="$dir/bc"
25 if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix
26 bc=''
27 fi
28 fi
29
30 if [ ! "$bc" = '' ]; then
31 failure=none
32
33
34 # Test for SunOS 5.[78] bc bug
35 "$bc" >tmp.bctest <<\EOF
36obase=16
37ibase=16
38a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
39CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
4010F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
41C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
423BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
434FC3CADF855448B24A9D7640BCF473E
44b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
459209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
468B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
473ED0E2017D60A68775B75481449
48(a/b)*b + (a%b) - a
49EOF
50 if [ 0 != "`cat tmp.bctest`" ]; then
51 failure=SunOStest
52 fi
53
54
55 if [ "$failure" = none ]; then
56 # Test for SCO bc bug.
57 "$bc" >tmp.bctest <<\EOF
58obase=16
59ibase=16
60-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
619DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
6211B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
631239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
64AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
65F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
66B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
6702EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
6885EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
69A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
70E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
718C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
7204E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
7389C8D71
74AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
75928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
768A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
7737F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
78E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
79F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
809E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
81D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
825296964
83EOF
84 if [ "0
850" != "`cat tmp.bctest`" ]; then
86 failure=SCOtest
87 fi
88 fi
89
90
91 if [ "$failure" = none ]; then
92 # bc works; now check if it knows the 'print' command.
93 if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
94 then
95 echo "$bc"
96 else
97 echo "sed 's/print.*//' | $bc"
98 fi
99 exit 0
100 fi
101
102 echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2
103 fi
104done
105
106echo "No working bc found. Consider installing GNU bc." >&2
107if [ "$1" = ignore ]; then
108 echo "cat >/dev/null"
109 exit 0
110fi
111exit 1
diff --git a/src/lib/libssl/test/enginetest.c b/src/lib/libssl/test/enginetest.c
new file mode 100644
index 0000000000..87fa8c57b7
--- /dev/null
+++ b/src/lib/libssl/test/enginetest.c
@@ -0,0 +1,274 @@
1/* crypto/engine/enginetest.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/e_os2.h>
60#include <stdio.h>
61#include <string.h>
62#include <openssl/buffer.h>
63#include <openssl/crypto.h>
64#include <openssl/engine.h>
65#include <openssl/err.h>
66
67static void display_engine_list()
68 {
69 ENGINE *h;
70 int loop;
71
72 h = ENGINE_get_first();
73 loop = 0;
74 printf("listing available engine types\n");
75 while(h)
76 {
77 printf("engine %i, id = \"%s\", name = \"%s\"\n",
78 loop++, ENGINE_get_id(h), ENGINE_get_name(h));
79 h = ENGINE_get_next(h);
80 }
81 printf("end of list\n");
82 /* ENGINE_get_first() increases the struct_ref counter, so we
83 must call ENGINE_free() to decrease it again */
84 ENGINE_free(h);
85 }
86
87int main(int argc, char *argv[])
88 {
89 ENGINE *block[512];
90 char buf[256];
91 const char *id, *name;
92 ENGINE *ptr;
93 int loop;
94 int to_return = 1;
95 ENGINE *new_h1 = NULL;
96 ENGINE *new_h2 = NULL;
97 ENGINE *new_h3 = NULL;
98 ENGINE *new_h4 = NULL;
99
100 /* enable memory leak checking unless explicitly disabled */
101 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
102 {
103 CRYPTO_malloc_debug_init();
104 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
105 }
106 else
107 {
108 /* OPENSSL_DEBUG_MEMORY=off */
109 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
110 }
111 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
112 ERR_load_crypto_strings();
113
114 memset(block, 0, 512 * sizeof(ENGINE *));
115 if(((new_h1 = ENGINE_new()) == NULL) ||
116 !ENGINE_set_id(new_h1, "test_id0") ||
117 !ENGINE_set_name(new_h1, "First test item") ||
118 ((new_h2 = ENGINE_new()) == NULL) ||
119 !ENGINE_set_id(new_h2, "test_id1") ||
120 !ENGINE_set_name(new_h2, "Second test item") ||
121 ((new_h3 = ENGINE_new()) == NULL) ||
122 !ENGINE_set_id(new_h3, "test_id2") ||
123 !ENGINE_set_name(new_h3, "Third test item") ||
124 ((new_h4 = ENGINE_new()) == NULL) ||
125 !ENGINE_set_id(new_h4, "test_id3") ||
126 !ENGINE_set_name(new_h4, "Fourth test item"))
127 {
128 printf("Couldn't set up test ENGINE structures\n");
129 goto end;
130 }
131 printf("\nenginetest beginning\n\n");
132 display_engine_list();
133 if(!ENGINE_add(new_h1))
134 {
135 printf("Add failed!\n");
136 goto end;
137 }
138 display_engine_list();
139 ptr = ENGINE_get_first();
140 if(!ENGINE_remove(ptr))
141 {
142 printf("Remove failed!\n");
143 goto end;
144 }
145 if (ptr)
146 ENGINE_free(ptr);
147 display_engine_list();
148 if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
149 {
150 printf("Add failed!\n");
151 goto end;
152 }
153 display_engine_list();
154 if(!ENGINE_remove(new_h2))
155 {
156 printf("Remove failed!\n");
157 goto end;
158 }
159 display_engine_list();
160 if(!ENGINE_add(new_h4))
161 {
162 printf("Add failed!\n");
163 goto end;
164 }
165 display_engine_list();
166 if(ENGINE_add(new_h3))
167 {
168 printf("Add *should* have failed but didn't!\n");
169 goto end;
170 }
171 else
172 printf("Add that should fail did.\n");
173 ERR_clear_error();
174 if(ENGINE_remove(new_h2))
175 {
176 printf("Remove *should* have failed but didn't!\n");
177 goto end;
178 }
179 else
180 printf("Remove that should fail did.\n");
181 ERR_clear_error();
182 if(!ENGINE_remove(new_h3))
183 {
184 printf("Remove failed!\n");
185 goto end;
186 }
187 display_engine_list();
188 if(!ENGINE_remove(new_h4))
189 {
190 printf("Remove failed!\n");
191 goto end;
192 }
193 display_engine_list();
194 /* Depending on whether there's any hardware support compiled
195 * in, this remove may be destined to fail. */
196 ptr = ENGINE_get_first();
197 if(ptr)
198 if(!ENGINE_remove(ptr))
199 printf("Remove failed!i - probably no hardware "
200 "support present.\n");
201 if (ptr)
202 ENGINE_free(ptr);
203 display_engine_list();
204 if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
205 {
206 printf("Couldn't add and remove to an empty list!\n");
207 goto end;
208 }
209 else
210 printf("Successfully added and removed to an empty list!\n");
211 printf("About to beef up the engine-type list\n");
212 for(loop = 0; loop < 512; loop++)
213 {
214 sprintf(buf, "id%i", loop);
215 id = BUF_strdup(buf);
216 sprintf(buf, "Fake engine type %i", loop);
217 name = BUF_strdup(buf);
218 if(((block[loop] = ENGINE_new()) == NULL) ||
219 !ENGINE_set_id(block[loop], id) ||
220 !ENGINE_set_name(block[loop], name))
221 {
222 printf("Couldn't create block of ENGINE structures.\n"
223 "I'll probably also core-dump now, damn.\n");
224 goto end;
225 }
226 }
227 for(loop = 0; loop < 512; loop++)
228 {
229 if(!ENGINE_add(block[loop]))
230 {
231 printf("\nAdding stopped at %i, (%s,%s)\n",
232 loop, ENGINE_get_id(block[loop]),
233 ENGINE_get_name(block[loop]));
234 goto cleanup_loop;
235 }
236 else
237 printf("."); fflush(stdout);
238 }
239cleanup_loop:
240 printf("\nAbout to empty the engine-type list\n");
241 while((ptr = ENGINE_get_first()) != NULL)
242 {
243 if(!ENGINE_remove(ptr))
244 {
245 printf("\nRemove failed!\n");
246 goto end;
247 }
248 ENGINE_free(ptr);
249 printf("."); fflush(stdout);
250 }
251 for(loop = 0; loop < 512; loop++)
252 {
253 OPENSSL_free((void *)ENGINE_get_id(block[loop]));
254 OPENSSL_free((void *)ENGINE_get_name(block[loop]));
255 }
256 printf("\nTests completed happily\n");
257 to_return = 0;
258end:
259 if(to_return)
260 ERR_print_errors_fp(stderr);
261 if(new_h1) ENGINE_free(new_h1);
262 if(new_h2) ENGINE_free(new_h2);
263 if(new_h3) ENGINE_free(new_h3);
264 if(new_h4) ENGINE_free(new_h4);
265 for(loop = 0; loop < 512; loop++)
266 if(block[loop])
267 ENGINE_free(block[loop]);
268 ENGINE_cleanup();
269 CRYPTO_cleanup_all_ex_data();
270 ERR_free_strings();
271 ERR_remove_state(0);
272 CRYPTO_mem_leaks_fp(stderr);
273 return to_return;
274 }
diff --git a/src/lib/libssl/test/md4test.c b/src/lib/libssl/test/md4test.c
new file mode 100644
index 0000000000..e0fdc42282
--- /dev/null
+++ b/src/lib/libssl/test/md4test.c
@@ -0,0 +1,134 @@
1/* crypto/md4/md4test.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <stdlib.h>
62
63#ifdef OPENSSL_NO_MD4
64int main(int argc, char *argv[])
65{
66 printf("No MD4 support\n");
67 return(0);
68}
69#else
70#include <openssl/evp.h>
71#include <openssl/md4.h>
72
73static char *test[]={
74 "",
75 "a",
76 "abc",
77 "message digest",
78 "abcdefghijklmnopqrstuvwxyz",
79 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
80 "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
81 NULL,
82 };
83
84static char *ret[]={
85"31d6cfe0d16ae931b73c59d7e0c089c0",
86"bde52cb31de33e46245e05fbdbd6fb24",
87"a448017aaf21d8525fc10ae87aa6729d",
88"d9130a8164549fe818874806e1c7014b",
89"d79e1c308aa5bbcdeea8ed63df412da9",
90"043f8582f241db351ce627e153e7f0e4",
91"e33b4ddc9c38f2199c3e7b164fcc0536",
92};
93
94static char *pt(unsigned char *md);
95int main(int argc, char *argv[])
96 {
97 int i,err=0;
98 unsigned char **P,**R;
99 char *p;
100 unsigned char md[MD4_DIGEST_LENGTH];
101
102 P=(unsigned char **)test;
103 R=(unsigned char **)ret;
104 i=1;
105 while (*P != NULL)
106 {
107 EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
108 p=pt(md);
109 if (strcmp(p,(char *)*R) != 0)
110 {
111 printf("error calculating MD4 on '%s'\n",*P);
112 printf("got %s instead of %s\n",p,*R);
113 err++;
114 }
115 else
116 printf("test %d ok\n",i);
117 i++;
118 R++;
119 P++;
120 }
121 exit(err);
122 return(0);
123 }
124
125static char *pt(unsigned char *md)
126 {
127 int i;
128 static char buf[80];
129
130 for (i=0; i<MD4_DIGEST_LENGTH; i++)
131 sprintf(&(buf[i*2]),"%02x",md[i]);
132 return(buf);
133 }
134#endif
diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c
new file mode 100644
index 0000000000..06ccb3b310
--- /dev/null
+++ b/src/lib/libssl/test/methtest.c
@@ -0,0 +1,105 @@
1/* test/methtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/rsa.h>
62#include <openssl/x509.h>
63#include "meth.h"
64#include <openssl/err.h>
65
66int main(argc,argv)
67int argc;
68char *argv[];
69 {
70 METHOD_CTX *top,*tmp1,*tmp2;
71
72 top=METH_new(x509_lookup()); /* get a top level context */
73 if (top == NULL) goto err;
74
75 tmp1=METH_new(x509_by_file());
76 if (top == NULL) goto err;
77 METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
78 METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
79 METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
80
81 tmp2=METH_new(x509_by_dir());
82 METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
83 METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
84 METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
85 METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
86
87/* tmp=METH_new(x509_by_issuer_dir);
88 METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
89 METH_push(top,METH_X509_BY_ISSUER,tmp);
90
91 tmp=METH_new(x509_by_issuer_primary);
92 METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
93 METH_push(top,METH_X509_BY_ISSUER,tmp);
94*/
95
96 METH_init(top);
97 METH_control(tmp1,METH_CONTROL_DUMP,stdout);
98 METH_control(tmp2,METH_CONTROL_DUMP,stdout);
99 exit(0);
100err:
101 ERR_load_crypto_strings();
102 ERR_print_errors_fp(stderr);
103 exit(1);
104 return(0);
105 }
diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem
new file mode 100644
index 0000000000..c47b27af88
--- /dev/null
+++ b/src/lib/libssl/test/pkcs7-1.pem
@@ -0,0 +1,15 @@
1-----BEGIN PKCS7-----
2MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
3SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
4AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
5eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
6MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
7bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
8ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
9FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
109XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
11BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
12bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
13BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
14j7Kie1x339mxW/w9VZNTUDQQweHh
15-----END PKCS7-----
diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem
new file mode 100644
index 0000000000..d55c60b94e
--- /dev/null
+++ b/src/lib/libssl/test/pkcs7.pem
@@ -0,0 +1,54 @@
1 MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
2 AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
3 EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
4 cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
5 ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
6 MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
7 c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
8 bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
9 CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
10 Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
11 CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
12 ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
13 l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
14 HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
15 Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
16 c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
17 YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
18 dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
19 dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
20 LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
21 ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
22 biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
23 IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
24 AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
25 L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
26 HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
27 slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
28 ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
29 /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
30 aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
31 ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
32 OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
33 MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
34 Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
35 qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
36 sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
37 P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
38 A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
39 KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
40 Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
41 Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
42 hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
43 Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
44 dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
45 KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
46 dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
47 I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
48 ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
49 ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
50 ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
51 MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
52 /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
53 DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
54 b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c
new file mode 100644
index 0000000000..a172e393ca
--- /dev/null
+++ b/src/lib/libssl/test/r160test.c
@@ -0,0 +1,57 @@
1/* test/r160test.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
diff --git a/src/lib/libssl/test/rsa_test.c b/src/lib/libssl/test/rsa_test.c
new file mode 100644
index 0000000000..b8b462d33b
--- /dev/null
+++ b/src/lib/libssl/test/rsa_test.c
@@ -0,0 +1,318 @@
1/* test vectors from p1ovect1.txt */
2
3#include <stdio.h>
4#include <string.h>
5
6#include "e_os.h"
7
8#include <openssl/crypto.h>
9#include <openssl/err.h>
10#include <openssl/rand.h>
11#ifdef OPENSSL_NO_RSA
12int main(int argc, char *argv[])
13{
14 printf("No RSA support\n");
15 return(0);
16}
17#else
18#include <openssl/rsa.h>
19#include <openssl/engine.h>
20
21#define SetKey \
22 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
23 key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
24 key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
25 key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
26 key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
27 key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
28 key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
29 key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
30 memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
31 return (sizeof(ctext_ex) - 1);
32
33static int key1(RSA *key, unsigned char *c)
34 {
35 static unsigned char n[] =
36"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
37"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
38"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
39"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
40"\xF5";
41
42 static unsigned char e[] = "\x11";
43
44 static unsigned char d[] =
45"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
46"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
47"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
48"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
49
50 static unsigned char p[] =
51"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
52"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
53"\x0D";
54
55 static unsigned char q[] =
56"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
57"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
58"\x89";
59
60 static unsigned char dmp1[] =
61"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
62"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
63
64 static unsigned char dmq1[] =
65"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
66"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
67"\x51";
68
69 static unsigned char iqmp[] =
70"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
71"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
72
73 static unsigned char ctext_ex[] =
74"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
75"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
76"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
77"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
78
79 SetKey;
80 }
81
82static int key2(RSA *key, unsigned char *c)
83 {
84 static unsigned char n[] =
85"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
86"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
87"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
88"\x34\x77\xCF";
89
90 static unsigned char e[] = "\x3";
91
92 static unsigned char d[] =
93"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
94"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
95"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
96"\xE5\xEB";
97
98 static unsigned char p[] =
99"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
100"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
101
102 static unsigned char q[] =
103"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
104"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
105
106 static unsigned char dmp1[] =
107"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
108"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
109
110 static unsigned char dmq1[] =
111"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
112"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
113
114 static unsigned char iqmp[] =
115"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
116"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
117
118 static unsigned char ctext_ex[] =
119"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
120"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
121"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
122"\x62\x51";
123
124 SetKey;
125 }
126
127static int key3(RSA *key, unsigned char *c)
128 {
129 static unsigned char n[] =
130"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
131"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
132"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
133"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
134"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
135"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
136"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
137"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
138"\xCB";
139
140 static unsigned char e[] = "\x11";
141
142 static unsigned char d[] =
143"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
144"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
145"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
146"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
147"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
148"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
149"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
150"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
151"\xC1";
152
153 static unsigned char p[] =
154"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
155"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
156"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
157"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
158"\x99";
159
160 static unsigned char q[] =
161"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
162"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
163"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
164"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
165"\x03";
166
167 static unsigned char dmp1[] =
168"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
169"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
170"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
171"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
172
173 static unsigned char dmq1[] =
174"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
175"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
176"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
177"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
178
179 static unsigned char iqmp[] =
180"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
181"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
182"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
183"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
184"\xF7";
185
186 static unsigned char ctext_ex[] =
187"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
188"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
189"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
190"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
191"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
192"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
193"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
194"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
195
196 SetKey;
197 }
198
199static int pad_unknown(void)
200{
201 unsigned long l;
202 while ((l = ERR_get_error()) != 0)
203 if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
204 return(1);
205 return(0);
206}
207
208static const char rnd_seed[] = "string to make the random number generator think it has entropy";
209
210int main(int argc, char *argv[])
211 {
212 int err=0;
213 int v;
214 RSA *key;
215 unsigned char ptext[256];
216 unsigned char ctext[256];
217 static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
218 unsigned char ctext_ex[256];
219 int plen;
220 int clen = 0;
221 int num;
222
223 CRYPTO_malloc_debug_init();
224 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
225 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
226
227 RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
228
229 plen = sizeof(ptext_ex) - 1;
230
231 for (v = 0; v < 3; v++)
232 {
233 key = RSA_new();
234 switch (v) {
235 case 0:
236 clen = key1(key, ctext_ex);
237 break;
238 case 1:
239 clen = key2(key, ctext_ex);
240 break;
241 case 2:
242 clen = key3(key, ctext_ex);
243 break;
244 }
245
246 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
247 RSA_PKCS1_PADDING);
248 if (num != clen)
249 {
250 printf("PKCS#1 v1.5 encryption failed!\n");
251 err=1;
252 goto oaep;
253 }
254
255 num = RSA_private_decrypt(num, ctext, ptext, key,
256 RSA_PKCS1_PADDING);
257 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
258 {
259 printf("PKCS#1 v1.5 decryption failed!\n");
260 err=1;
261 }
262 else
263 printf("PKCS #1 v1.5 encryption/decryption ok\n");
264
265 oaep:
266 ERR_clear_error();
267 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
268 RSA_PKCS1_OAEP_PADDING);
269 if (num == -1 && pad_unknown())
270 {
271 printf("No OAEP support\n");
272 goto next;
273 }
274 if (num != clen)
275 {
276 printf("OAEP encryption failed!\n");
277 err=1;
278 goto next;
279 }
280
281 num = RSA_private_decrypt(num, ctext, ptext, key,
282 RSA_PKCS1_OAEP_PADDING);
283 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
284 {
285 printf("OAEP decryption (encrypted data) failed!\n");
286 err=1;
287 }
288 else if (memcmp(ctext, ctext_ex, num) == 0)
289 {
290 printf("OAEP test vector %d passed!\n", v);
291 goto next;
292 }
293
294 /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
295 Try decrypting ctext_ex */
296
297 num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
298 RSA_PKCS1_OAEP_PADDING);
299
300 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
301 {
302 printf("OAEP decryption (test vector data) failed!\n");
303 err=1;
304 }
305 else
306 printf("OAEP encryption/decryption ok\n");
307 next:
308 RSA_free(key);
309 }
310
311 CRYPTO_cleanup_all_ex_data();
312 ERR_remove_state(0);
313
314 CRYPTO_mem_leaks_fp(stderr);
315
316 return err;
317 }
318#endif
diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl
new file mode 100644
index 0000000000..acaf8f3c47
--- /dev/null
+++ b/src/lib/libssl/test/tcrl
@@ -0,0 +1,81 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl crl'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testcrl.pem
12fi
13
14echo testing crl conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20#echo "p -> t"
21#$cmd -in fff.p -inform p -outform t >f.t
22#if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30#echo "t -> d"
31#$cmd -in f.t -inform t -outform d >ff.d2
32#if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37#echo "d -> t"
38#$cmd -in f.d -inform d -outform t >ff.t1
39#if [ $? != 0 ]; then exit 1; fi
40#echo "t -> t"
41#$cmd -in f.t -inform t -outform t >ff.t2
42#if [ $? != 0 ]; then exit 1; fi
43#echo "p -> t"
44#$cmd -in f.p -inform p -outform t >ff.t3
45#if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50#echo "t -> p"
51#$cmd -in f.t -inform t -outform p >ff.p2
52#if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61#cmp fff.p ff.p2
62#if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66#cmp f.t ff.t1
67#if [ $? != 0 ]; then exit 1; fi
68#cmp f.t ff.t2
69#if [ $? != 0 ]; then exit 1; fi
70#cmp f.t ff.t3
71#if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75#cmp f.p ff.p2
76#if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf
new file mode 100644
index 0000000000..faad3914a8
--- /dev/null
+++ b/src/lib/libssl/test/test.cnf
@@ -0,0 +1,88 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ ca ]
10default_ca = CA_default # The default ca section
11
12####################################################################
13[ CA_default ]
14
15dir = ./demoCA # Where everything is kept
16certs = $dir/certs # Where the issued certs are kept
17crl_dir = $dir/crl # Where the issued crl are kept
18database = $dir/index.txt # database index file.
19new_certs_dir = $dir/new_certs # default place for new certs.
20
21certificate = $dir/CAcert.pem # The CA certificate
22serial = $dir/serial # The current serial number
23crl = $dir/crl.pem # The current CRL
24private_key = $dir/private/CAkey.pem# The private key
25RANDFILE = $dir/private/.rand # private random number file
26
27default_days = 365 # how long to certify for
28default_crl_days= 30 # how long before next CRL
29default_md = md5 # which md to use.
30
31# A few difference way of specifying how similar the request should look
32# For type CA, the listed attributes must be the same, and the optional
33# and supplied fields are just that :-)
34policy = policy_match
35
36# For the CA policy
37[ policy_match ]
38countryName = match
39stateOrProvinceName = match
40organizationName = match
41organizationalUnitName = optional
42commonName = supplied
43emailAddress = optional
44
45# For the 'anything' policy
46# At this point in time, you must list all acceptable 'object'
47# types.
48[ policy_anything ]
49countryName = optional
50stateOrProvinceName = optional
51localityName = optional
52organizationName = optional
53organizationalUnitName = optional
54commonName = supplied
55emailAddress = optional
56
57####################################################################
58[ req ]
59default_bits = 512
60default_keyfile = testkey.pem
61distinguished_name = req_distinguished_name
62encrypt_rsa_key = no
63
64[ req_distinguished_name ]
65countryName = Country Name (2 letter code)
66countryName_default = AU
67countryName_value = AU
68
69stateOrProvinceName = State or Province Name (full name)
70stateOrProvinceName_default = Queensland
71stateOrProvinceName_value =
72
73localityName = Locality Name (eg, city)
74localityName_value = Brisbane
75
76organizationName = Organization Name (eg, company)
77organizationName_default =
78organizationName_value = CryptSoft Pty Ltd
79
80organizationalUnitName = Organizational Unit Name (eg, section)
81organizationalUnitName_default =
82organizationalUnitName_value = .
83
84commonName = Common Name (eg, YOUR name)
85commonName_value = Eric Young
86
87emailAddress = Email Address
88emailAddress_value = eay@mincom.oz.au
diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca
new file mode 100644
index 0000000000..88c186b6ab
--- /dev/null
+++ b/src/lib/libssl/test/testca
@@ -0,0 +1,44 @@
1#!/bin/sh
2
3SH="/bin/sh"
4PATH=../apps:$PATH
5export SH PATH
6
7SSLEAY_CONFIG="-config CAss.cnf"
8export SSLEAY_CONFIG
9
10/bin/rm -fr demoCA
11$SH ../apps/CA.sh -newca <<EOF
12EOF
13
14if [ $? != 0 ]; then
15 exit 1;
16fi
17
18SSLEAY_CONFIG="-config Uss.cnf"
19export SSLEAY_CONFIG
20$SH ../apps/CA.sh -newreq
21if [ $? != 0 ]; then
22 exit 1;
23fi
24
25
26SSLEAY_CONFIG="-config ../apps/openssl.cnf"
27export SSLEAY_CONFIG
28$SH ../apps/CA.sh -sign <<EOF
29y
30y
31EOF
32if [ $? != 0 ]; then
33 exit 1;
34fi
35
36
37$SH ../apps/CA.sh -verify newcert.pem
38if [ $? != 0 ]; then
39 exit 1;
40fi
41
42/bin/rm -fr demoCA newcert.pem newreq.pem
43#usage: CA -newcert|-newreq|-newca|-sign|-verify
44
diff --git a/src/lib/libssl/test/testcrl.pem b/src/lib/libssl/test/testcrl.pem
new file mode 100644
index 0000000000..0989788354
--- /dev/null
+++ b/src/lib/libssl/test/testcrl.pem
@@ -0,0 +1,16 @@
1-----BEGIN X509 CRL-----
2MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
3F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
4IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
5MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
6MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
7MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
8MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
9MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
10MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
11NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
12NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
13AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
14wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
15JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
16-----END X509 CRL-----
diff --git a/src/lib/libssl/test/testenc b/src/lib/libssl/test/testenc
new file mode 100644
index 0000000000..0656c7f525
--- /dev/null
+++ b/src/lib/libssl/test/testenc
@@ -0,0 +1,54 @@
1#!/bin/sh
2
3testsrc=Makefile.ssl
4test=./p
5cmd=../apps/openssl
6
7cat $testsrc >$test;
8
9echo cat
10$cmd enc < $test > $test.cipher
11$cmd enc < $test.cipher >$test.clear
12cmp $test $test.clear
13if [ $? != 0 ]
14then
15 exit 1
16else
17 /bin/rm $test.cipher $test.clear
18fi
19echo base64
20$cmd enc -a -e < $test > $test.cipher
21$cmd enc -a -d < $test.cipher >$test.clear
22cmp $test $test.clear
23if [ $? != 0 ]
24then
25 exit 1
26else
27 /bin/rm $test.cipher $test.clear
28fi
29
30for i in `$cmd list-cipher-commands`
31do
32 echo $i
33 $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
34 $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
35 cmp $test $test.$i.clear
36 if [ $? != 0 ]
37 then
38 exit 1
39 else
40 /bin/rm $test.$i.cipher $test.$i.clear
41 fi
42
43 echo $i base64
44 $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
45 $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
46 cmp $test $test.$i.clear
47 if [ $? != 0 ]
48 then
49 exit 1
50 else
51 /bin/rm $test.$i.cipher $test.$i.clear
52 fi
53done
54rm -f $test
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen
new file mode 100644
index 0000000000..6a4b6b9221
--- /dev/null
+++ b/src/lib/libssl/test/testgen
@@ -0,0 +1,38 @@
1#!/bin/sh
2
3T=testcert
4KEY=512
5CA=../certs/testca.pem
6
7/bin/rm -f $T.1 $T.2 $T.key
8
9PATH=../apps:$PATH;
10export PATH
11
12echo "generating certificate request"
13
14echo "string to make the random number generator think it has entropy" >> ./.rnd
15
16if ../apps/openssl no-rsa; then
17 req_new='-newkey dsa:../apps/dsa512.pem'
18else
19 req_new='-new'
20 echo "There should be a 2 sequences of .'s and some +'s."
21 echo "There should not be more that at most 80 per line"
22fi
23
24echo "This could take some time."
25
26../apps/openssl req -config test.cnf $req_new -out testreq.pem
27if [ $? != 0 ]; then
28echo problems creating request
29exit 1
30fi
31
32../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
33if [ $? != 0 ]; then
34echo signature on req is wrong
35exit 1
36fi
37
38exit 0
diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem
new file mode 100644
index 0000000000..e5b7866c31
--- /dev/null
+++ b/src/lib/libssl/test/testp7.pem
@@ -0,0 +1,46 @@
1-----BEGIN PKCS7-----
2MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
3cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
4DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
5BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
6HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
7ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
8biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
9aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
10aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
11VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
12UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
13AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
14BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
15ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
16IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
17bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
18L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
19OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
20IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
21ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
22cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
23QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
24MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
25AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
26cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
27AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
28MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
29QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
30dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
31Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
32DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
33TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
34AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
352d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
3647ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
37MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
38QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
39AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
40ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
41BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
42ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
43MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
44sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
45XfZsaiiIgotQHjEA
46-----END PKCS7-----
diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem
new file mode 100644
index 0000000000..c3cdcffcbc
--- /dev/null
+++ b/src/lib/libssl/test/testreq2.pem
@@ -0,0 +1,7 @@
1-----BEGIN CERTIFICATE REQUEST-----
2MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
3QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
4DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
5hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
6gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
7-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem
new file mode 100644
index 0000000000..aad21067a8
--- /dev/null
+++ b/src/lib/libssl/test/testrsa.pem
@@ -0,0 +1,9 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
3Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
4rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
5oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
6mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
7rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
8mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
9-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem
new file mode 100644
index 0000000000..7ffd008f66
--- /dev/null
+++ b/src/lib/libssl/test/testsid.pem
@@ -0,0 +1,12 @@
1-----BEGIN SSL SESSION PARAMETERS-----
2MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
3bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
4ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
5YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
6A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
7LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
8CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
9TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
10hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
11CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
12-----END SSL SESSION PARAMETERS-----
diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss
new file mode 100644
index 0000000000..8d3557f356
--- /dev/null
+++ b/src/lib/libssl/test/testss
@@ -0,0 +1,99 @@
1#!/bin/sh
2
3digest='-md5'
4reqcmd="../apps/openssl req"
5x509cmd="../apps/openssl x509 $digest"
6verifycmd="../apps/openssl verify"
7dummycnf="../apps/openssl.cnf"
8
9CAkey="keyCA.ss"
10CAcert="certCA.ss"
11CAreq="reqCA.ss"
12CAconf="CAss.cnf"
13CAreq2="req2CA.ss" # temp
14
15Uconf="Uss.cnf"
16Ukey="keyU.ss"
17Ureq="reqU.ss"
18Ucert="certU.ss"
19
20echo
21echo "make a certificate request using 'req'"
22
23echo "string to make the random number generator think it has entropy" >> ./.rnd
24
25if ../apps/openssl no-rsa; then
26 req_new='-newkey dsa:../apps/dsa512.pem'
27else
28 req_new='-new'
29fi
30
31$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
32if [ $? != 0 ]; then
33 echo "error using 'req' to generate a certificate request"
34 exit 1
35fi
36echo
37echo "convert the certificate request into a self signed certificate using 'x509'"
38$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
39if [ $? != 0 ]; then
40 echo "error using 'x509' to self sign a certificate request"
41 exit 1
42fi
43
44echo
45echo "convert a certificate into a certificate request using 'x509'"
46$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
47if [ $? != 0 ]; then
48 echo "error using 'x509' convert a certificate to a certificate request"
49 exit 1
50fi
51
52$reqcmd -config $dummycnf -verify -in $CAreq -noout
53if [ $? != 0 ]; then
54 echo first generated request is invalid
55 exit 1
56fi
57
58$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
59if [ $? != 0 ]; then
60 echo second generated request is invalid
61 exit 1
62fi
63
64$verifycmd -CAfile $CAcert $CAcert
65if [ $? != 0 ]; then
66 echo first generated cert is invalid
67 exit 1
68fi
69
70echo
71echo "make another certificate request using 'req'"
72$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
73if [ $? != 0 ]; then
74 echo "error using 'req' to generate a certificate request"
75 exit 1
76fi
77
78echo
79echo "sign certificate request with the just created CA via 'x509'"
80$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
81if [ $? != 0 ]; then
82 echo "error using 'x509' to sign a certificate request"
83 exit 1
84fi
85
86$verifycmd -CAfile $CAcert $Ucert
87echo
88echo "Certificate details"
89$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
90
91echo
92echo The generated CA certificate is $CAcert
93echo The generated CA private key is $CAkey
94
95echo The generated user certificate is $Ucert
96echo The generated user private key is $Ukey
97
98/bin/rm err.ss
99exit 0
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
new file mode 100644
index 0000000000..ba5e41c861
--- /dev/null
+++ b/src/lib/libssl/test/testssl
@@ -0,0 +1,137 @@
1#!/bin/sh
2
3if [ "$1" = "" ]; then
4 key=../apps/server.pem
5else
6 key="$1"
7fi
8if [ "$2" = "" ]; then
9 cert=../apps/server.pem
10else
11 cert="$2"
12fi
13ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
14
15if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
16 dsa_cert=YES
17else
18 dsa_cert=NO
19fi
20
21if [ "$3" = "" ]; then
22 CA="-CApath ../certs"
23else
24 CA="-CAfile $3"
25fi
26
27if [ "$4" = "" ]; then
28 extra=""
29else
30 extra="$4"
31fi
32
33#############################################################################
34
35echo test sslv2
36$ssltest -ssl2 $extra || exit 1
37
38echo test sslv2 with server authentication
39$ssltest -ssl2 -server_auth $CA $extra || exit 1
40
41if [ $dsa_cert = NO ]; then
42 echo test sslv2 with client authentication
43 $ssltest -ssl2 -client_auth $CA $extra || exit 1
44
45 echo test sslv2 with both client and server authentication
46 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
47fi
48
49echo test sslv3
50$ssltest -ssl3 $extra || exit 1
51
52echo test sslv3 with server authentication
53$ssltest -ssl3 -server_auth $CA $extra || exit 1
54
55echo test sslv3 with client authentication
56$ssltest -ssl3 -client_auth $CA $extra || exit 1
57
58echo test sslv3 with both client and server authentication
59$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
60
61echo test sslv2/sslv3
62$ssltest $extra || exit 1
63
64echo test sslv2/sslv3 with server authentication
65$ssltest -server_auth $CA $extra || exit 1
66
67echo test sslv2/sslv3 with client authentication
68$ssltest -client_auth $CA $extra || exit 1
69
70echo test sslv2/sslv3 with both client and server authentication
71$ssltest -server_auth -client_auth $CA $extra || exit 1
72
73echo test sslv2 via BIO pair
74$ssltest -bio_pair -ssl2 $extra || exit 1
75
76echo test sslv2 with server authentication via BIO pair
77$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
78
79if [ $dsa_cert = NO ]; then
80 echo test sslv2 with client authentication via BIO pair
81 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
82
83 echo test sslv2 with both client and server authentication via BIO pair
84 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
85fi
86
87echo test sslv3 via BIO pair
88$ssltest -bio_pair -ssl3 $extra || exit 1
89
90echo test sslv3 with server authentication via BIO pair
91$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
92
93echo test sslv3 with client authentication via BIO pair
94$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
95
96echo test sslv3 with both client and server authentication via BIO pair
97$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
98
99echo test sslv2/sslv3 via BIO pair
100$ssltest $extra || exit 1
101
102if [ $dsa_cert = NO ]; then
103 echo test sslv2/sslv3 w/o DHE via BIO pair
104 $ssltest -bio_pair -no_dhe $extra || exit 1
105fi
106
107echo test sslv2/sslv3 with 1024bit DHE via BIO pair
108$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
109
110echo test sslv2/sslv3 with server authentication
111$ssltest -bio_pair -server_auth $CA $extra || exit 1
112
113echo test sslv2/sslv3 with client authentication via BIO pair
114$ssltest -bio_pair -client_auth $CA $extra || exit 1
115
116echo test sslv2/sslv3 with both client and server authentication via BIO pair
117$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
118
119echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
120$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
121
122#############################################################################
123
124echo test tls1 with 1024bit anonymous DH, multiple handshakes
125$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
126
127if ../apps/openssl no-rsa; then
128 echo skipping RSA tests
129else
130 echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
131 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
132
133 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
134 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
135fi
136
137exit 0
diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem
new file mode 100644
index 0000000000..8a85d14964
--- /dev/null
+++ b/src/lib/libssl/test/testx509.pem
@@ -0,0 +1,10 @@
1-----BEGIN CERTIFICATE-----
2MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
3BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
4MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
5RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
6AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
7/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
8Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
9zl9HYIMxATFyqSiD9jsx
10-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times
new file mode 100644
index 0000000000..49aeebf216
--- /dev/null
+++ b/src/lib/libssl/test/times
@@ -0,0 +1,113 @@
1
2More number for the questions about SSL overheads....
3
4The following numbers were generated on a pentium pro 200, running linux.
5They give an indication of the SSL protocol and encryption overheads.
6
7The program that generated them is an unreleased version of ssl/ssltest.c
8which is the SSLeay ssl protocol testing program. It is a single process that
9talks both sides of the SSL protocol via a non-blocking memory buffer
10interface.
11
12How do I read this? The protocol and cipher are reasonable obvious.
13The next number is the number of connections being made. The next is the
14number of bytes exchanged bewteen the client and server side of the protocol.
15This is the number of bytes that the client sends to the server, and then
16the server sends back. Because this is all happening in one process,
17the data is being encrypted, decrypted, encrypted and then decrypted again.
18It is a round trip of that many bytes. Because the one process performs
19both the client and server sides of the protocol and it sends this many bytes
20each direction, multiply this number by 4 to generate the number
21of bytes encrypted/decrypted/MACed. The first time value is how many seconds
22elapsed doing a full SSL handshake, the second is the cost of one
23full handshake and the rest being session-id reuse.
24
25SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
26SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
27SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
28SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
29SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
30SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
31SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
32
33SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
34SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
35SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
36SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
37SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
38SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
39
40SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
41SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
42SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
43SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
44SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
45SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
46SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
47
48SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
49SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
50SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
51SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
52SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
53SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
54SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
55
56What does this all mean? Well for a server, with no session-id reuse, with
57a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
58a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
59about 49 connections a second. Reality will be quite different :-).
60
61Remeber the first number is 1000 full ssl handshakes, the second is
621 full and 999 with session-id reuse. The RSA overheads for each exchange
63would be one public and one private operation, but the protocol/MAC/cipher
64cost would be quite similar in both the client and server.
65
66eric (adding numbers to speculation)
67
68--- Appendix ---
69- The time measured is user time but these number a very rough.
70- Remember this is the cost of both client and server sides of the protocol.
71- The TCP/kernal overhead of connection establishment is normally the
72 killer in SSL. Often delays in the TCP protocol will make session-id
73 reuse look slower that new sessions, but this would not be the case on
74 a loaded server.
75- The TCP round trip latencies, while slowing indervidual connections,
76 would have minimal impact on throughput.
77- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
78- the required number of bytes are processed.
79- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
80- A 512bit server key was being used except where noted.
81- No server key verification was being performed on the client side of the
82 protocol. This would slow things down very little.
83- The library being used is SSLeay 0.8.x.
84- The normal mesauring system was commands of the form
85 time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
86 This modified version of ssltest should be in the next public release of
87 SSLeay.
88
89The general cipher performace number for this platform are
90
91SSLeay 0.8.2a 04-Sep-1997
92built on Fri Sep 5 17:37:05 EST 1997
93options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
94C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
95The 'numbers' are in 1000s of bytes per second processed.
96type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
97md2 131.02k 368.41k 500.57k 549.21k 566.09k
98mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
99md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
100sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
101sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
102rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
103des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
104des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
105idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
106rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
107blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
108 sign verify
109rsa 512 bits 0.0100s 0.0011s
110rsa 1024 bits 0.0451s 0.0012s
111rsa 2048 bits 0.2605s 0.0086s
112rsa 4096 bits 1.6883s 0.0302s
113
diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7
new file mode 100644
index 0000000000..15bbba42c0
--- /dev/null
+++ b/src/lib/libssl/test/tpkcs7
@@ -0,0 +1,51 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl pkcs7'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testp7.pem
12fi
13
14echo testing pkcs7 conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20echo "p -> p"
21$cmd -in fff.p -inform p -outform p >f.p
22if [ $? != 0 ]; then exit 1; fi
23
24echo "d -> d"
25$cmd -in f.d -inform d -outform d >ff.d1
26if [ $? != 0 ]; then exit 1; fi
27echo "p -> d"
28$cmd -in f.p -inform p -outform d >ff.d3
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> p"
32$cmd -in f.d -inform d -outform p >ff.p1
33if [ $? != 0 ]; then exit 1; fi
34echo "p -> p"
35$cmd -in f.p -inform p -outform p >ff.p3
36if [ $? != 0 ]; then exit 1; fi
37
38cmp fff.p f.p
39if [ $? != 0 ]; then exit 1; fi
40cmp fff.p ff.p1
41if [ $? != 0 ]; then exit 1; fi
42cmp fff.p ff.p3
43if [ $? != 0 ]; then exit 1; fi
44
45cmp f.p ff.p1
46if [ $? != 0 ]; then exit 1; fi
47cmp f.p ff.p3
48if [ $? != 0 ]; then exit 1; fi
49
50/bin/rm -f f.* ff.* fff.*
51exit 0
diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d
new file mode 100644
index 0000000000..46e5aa2bd6
--- /dev/null
+++ b/src/lib/libssl/test/tpkcs7d
@@ -0,0 +1,44 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl pkcs7'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=pkcs7-1.pem
12fi
13
14echo "testing pkcs7 conversions (2)"
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20echo "p -> p"
21$cmd -in fff.p -inform p -outform p >f.p
22if [ $? != 0 ]; then exit 1; fi
23
24echo "d -> d"
25$cmd -in f.d -inform d -outform d >ff.d1
26if [ $? != 0 ]; then exit 1; fi
27echo "p -> d"
28$cmd -in f.p -inform p -outform d >ff.d3
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> p"
32$cmd -in f.d -inform d -outform p >ff.p1
33if [ $? != 0 ]; then exit 1; fi
34echo "p -> p"
35$cmd -in f.p -inform p -outform p >ff.p3
36if [ $? != 0 ]; then exit 1; fi
37
38cmp f.p ff.p1
39if [ $? != 0 ]; then exit 1; fi
40cmp f.p ff.p3
41if [ $? != 0 ]; then exit 1; fi
42
43/bin/rm -f f.* ff.* fff.*
44exit 0
diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq
new file mode 100644
index 0000000000..9f5eb7eea5
--- /dev/null
+++ b/src/lib/libssl/test/treq
@@ -0,0 +1,86 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl req -config ../apps/openssl.cnf'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testreq.pem
12fi
13
14if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
15 echo "skipping req conversion test for $t"
16 exit 0
17fi
18
19echo testing req conversions
20cp $t fff.p
21
22echo "p -> d"
23$cmd -in fff.p -inform p -outform d >f.d
24if [ $? != 0 ]; then exit 1; fi
25#echo "p -> t"
26#$cmd -in fff.p -inform p -outform t >f.t
27#if [ $? != 0 ]; then exit 1; fi
28echo "p -> p"
29$cmd -in fff.p -inform p -outform p >f.p
30if [ $? != 0 ]; then exit 1; fi
31
32echo "d -> d"
33$cmd -verify -in f.d -inform d -outform d >ff.d1
34if [ $? != 0 ]; then exit 1; fi
35#echo "t -> d"
36#$cmd -in f.t -inform t -outform d >ff.d2
37#if [ $? != 0 ]; then exit 1; fi
38echo "p -> d"
39$cmd -verify -in f.p -inform p -outform d >ff.d3
40if [ $? != 0 ]; then exit 1; fi
41
42#echo "d -> t"
43#$cmd -in f.d -inform d -outform t >ff.t1
44#if [ $? != 0 ]; then exit 1; fi
45#echo "t -> t"
46#$cmd -in f.t -inform t -outform t >ff.t2
47#if [ $? != 0 ]; then exit 1; fi
48#echo "p -> t"
49#$cmd -in f.p -inform p -outform t >ff.t3
50#if [ $? != 0 ]; then exit 1; fi
51
52echo "d -> p"
53$cmd -in f.d -inform d -outform p >ff.p1
54if [ $? != 0 ]; then exit 1; fi
55#echo "t -> p"
56#$cmd -in f.t -inform t -outform p >ff.p2
57#if [ $? != 0 ]; then exit 1; fi
58echo "p -> p"
59$cmd -in f.p -inform p -outform p >ff.p3
60if [ $? != 0 ]; then exit 1; fi
61
62cmp fff.p f.p
63if [ $? != 0 ]; then exit 1; fi
64cmp fff.p ff.p1
65if [ $? != 0 ]; then exit 1; fi
66#cmp fff.p ff.p2
67#if [ $? != 0 ]; then exit 1; fi
68cmp fff.p ff.p3
69if [ $? != 0 ]; then exit 1; fi
70
71#cmp f.t ff.t1
72#if [ $? != 0 ]; then exit 1; fi
73#cmp f.t ff.t2
74#if [ $? != 0 ]; then exit 1; fi
75#cmp f.t ff.t3
76#if [ $? != 0 ]; then exit 1; fi
77
78cmp f.p ff.p1
79if [ $? != 0 ]; then exit 1; fi
80#cmp f.p ff.p2
81#if [ $? != 0 ]; then exit 1; fi
82cmp f.p ff.p3
83if [ $? != 0 ]; then exit 1; fi
84
85/bin/rm -f f.* ff.* fff.*
86exit 0
diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa
new file mode 100644
index 0000000000..bd6c07650a
--- /dev/null
+++ b/src/lib/libssl/test/trsa
@@ -0,0 +1,86 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6if ../apps/openssl no-rsa; then
7 echo skipping rsa conversion test
8 exit 0
9fi
10
11cmd='../apps/openssl rsa'
12
13if [ "$1"x != "x" ]; then
14 t=$1
15else
16 t=testrsa.pem
17fi
18
19echo testing rsa conversions
20cp $t fff.p
21
22echo "p -> d"
23$cmd -in fff.p -inform p -outform d >f.d
24if [ $? != 0 ]; then exit 1; fi
25#echo "p -> t"
26#$cmd -in fff.p -inform p -outform t >f.t
27#if [ $? != 0 ]; then exit 1; fi
28echo "p -> p"
29$cmd -in fff.p -inform p -outform p >f.p
30if [ $? != 0 ]; then exit 1; fi
31
32echo "d -> d"
33$cmd -in f.d -inform d -outform d >ff.d1
34if [ $? != 0 ]; then exit 1; fi
35#echo "t -> d"
36#$cmd -in f.t -inform t -outform d >ff.d2
37#if [ $? != 0 ]; then exit 1; fi
38echo "p -> d"
39$cmd -in f.p -inform p -outform d >ff.d3
40if [ $? != 0 ]; then exit 1; fi
41
42#echo "d -> t"
43#$cmd -in f.d -inform d -outform t >ff.t1
44#if [ $? != 0 ]; then exit 1; fi
45#echo "t -> t"
46#$cmd -in f.t -inform t -outform t >ff.t2
47#if [ $? != 0 ]; then exit 1; fi
48#echo "p -> t"
49#$cmd -in f.p -inform p -outform t >ff.t3
50#if [ $? != 0 ]; then exit 1; fi
51
52echo "d -> p"
53$cmd -in f.d -inform d -outform p >ff.p1
54if [ $? != 0 ]; then exit 1; fi
55#echo "t -> p"
56#$cmd -in f.t -inform t -outform p >ff.p2
57#if [ $? != 0 ]; then exit 1; fi
58echo "p -> p"
59$cmd -in f.p -inform p -outform p >ff.p3
60if [ $? != 0 ]; then exit 1; fi
61
62cmp fff.p f.p
63if [ $? != 0 ]; then exit 1; fi
64cmp fff.p ff.p1
65if [ $? != 0 ]; then exit 1; fi
66#cmp fff.p ff.p2
67#if [ $? != 0 ]; then exit 1; fi
68cmp fff.p ff.p3
69if [ $? != 0 ]; then exit 1; fi
70
71#cmp f.t ff.t1
72#if [ $? != 0 ]; then exit 1; fi
73#cmp f.t ff.t2
74#if [ $? != 0 ]; then exit 1; fi
75#cmp f.t ff.t3
76#if [ $? != 0 ]; then exit 1; fi
77
78cmp f.p ff.p1
79if [ $? != 0 ]; then exit 1; fi
80#cmp f.p ff.p2
81#if [ $? != 0 ]; then exit 1; fi
82cmp f.p ff.p3
83if [ $? != 0 ]; then exit 1; fi
84
85/bin/rm -f f.* ff.* fff.*
86exit 0
diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid
new file mode 100644
index 0000000000..9e0854516c
--- /dev/null
+++ b/src/lib/libssl/test/tsid
@@ -0,0 +1,81 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl sess_id'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testsid.pem
12fi
13
14echo testing session-id conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20#echo "p -> t"
21#$cmd -in fff.p -inform p -outform t >f.t
22#if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30#echo "t -> d"
31#$cmd -in f.t -inform t -outform d >ff.d2
32#if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37#echo "d -> t"
38#$cmd -in f.d -inform d -outform t >ff.t1
39#if [ $? != 0 ]; then exit 1; fi
40#echo "t -> t"
41#$cmd -in f.t -inform t -outform t >ff.t2
42#if [ $? != 0 ]; then exit 1; fi
43#echo "p -> t"
44#$cmd -in f.p -inform p -outform t >ff.t3
45#if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50#echo "t -> p"
51#$cmd -in f.t -inform t -outform p >ff.p2
52#if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61#cmp fff.p ff.p2
62#if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66#cmp f.t ff.t1
67#if [ $? != 0 ]; then exit 1; fi
68#cmp f.t ff.t2
69#if [ $? != 0 ]; then exit 1; fi
70#cmp f.t ff.t3
71#if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75#cmp f.p ff.p2
76#if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509
new file mode 100644
index 0000000000..35169f3a43
--- /dev/null
+++ b/src/lib/libssl/test/tx509
@@ -0,0 +1,81 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl x509'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testx509.pem
12fi
13
14echo testing X509 conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20echo "p -> n"
21$cmd -in fff.p -inform p -outform n >f.n
22if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30echo "n -> d"
31$cmd -in f.n -inform n -outform d >ff.d2
32if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37echo "d -> n"
38$cmd -in f.d -inform d -outform n >ff.n1
39if [ $? != 0 ]; then exit 1; fi
40echo "n -> n"
41$cmd -in f.n -inform n -outform n >ff.n2
42if [ $? != 0 ]; then exit 1; fi
43echo "p -> n"
44$cmd -in f.p -inform p -outform n >ff.n3
45if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50echo "n -> p"
51$cmd -in f.n -inform n -outform p >ff.p2
52if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61cmp fff.p ff.p2
62if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66cmp f.n ff.n1
67if [ $? != 0 ]; then exit 1; fi
68cmp f.n ff.n2
69if [ $? != 0 ]; then exit 1; fi
70cmp f.n ff.n3
71if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75cmp f.p ff.p2
76if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem
new file mode 100644
index 0000000000..0da253d5c3
--- /dev/null
+++ b/src/lib/libssl/test/v3-cert1.pem
@@ -0,0 +1,16 @@
1-----BEGIN CERTIFICATE-----
2MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
3NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
4dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
5ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
6ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
7ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
8miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
9AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
10Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
11DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
12MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
13AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
14X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
15WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
16-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem
new file mode 100644
index 0000000000..de0723ff8d
--- /dev/null
+++ b/src/lib/libssl/test/v3-cert2.pem
@@ -0,0 +1,16 @@
1-----BEGIN CERTIFICATE-----
2MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
3YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
4ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
5dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
6WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
7BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
8FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
96ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
10G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
11YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
12b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
13F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
14lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
15jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
16-----END CERTIFICATE-----
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
new file mode 100644
index 0000000000..88ec5fb527
--- /dev/null
+++ b/src/lib/libssl/tls1.h
@@ -0,0 +1,194 @@
1/* ssl/tls1.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_TLS1_H
60#define HEADER_TLS1_H
61
62#include <openssl/buffer.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
69
70#define TLS1_VERSION 0x0301
71#define TLS1_VERSION_MAJOR 0x03
72#define TLS1_VERSION_MINOR 0x01
73
74#define TLS1_AD_DECRYPTION_FAILED 21
75#define TLS1_AD_RECORD_OVERFLOW 22
76#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
77#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
78#define TLS1_AD_DECODE_ERROR 50 /* fatal */
79#define TLS1_AD_DECRYPT_ERROR 51
80#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
81#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
82#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
83#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
84#define TLS1_AD_USER_CANCELLED 90
85#define TLS1_AD_NO_RENEGOTIATION 100
86
87/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
88 * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
89 * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
90 * shouldn't. */
91#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
92#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
93#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
94#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
95#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
96#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
97#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
98
99 /* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */
100
101#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
102#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
103#define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
104#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
105#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
106#define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
107
108#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
109#define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
110#define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
111#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
112#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
113#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
114
115/* XXX
116 * Inconsistency alert:
117 * The OpenSSL names of ciphers with ephemeral DH here include the string
118 * "DHE", while elsewhere it has always been "EDH".
119 * (The alias for the list of all such ciphers also is "EDH".)
120 * The specifications speak of "EDH"; maybe we should allow both forms
121 * for everything. */
122#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
123#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
124#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
125#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
126#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
127#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
128#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
129 /* AES ciphersuites from draft-ietf-tls-ciphersuite-06.txt */
130#define TLS1_TXT_RSA_WITH_AES_128_SHA "AESdraft128-SHA"
131#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AESdraft128-SHA"
132#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AESdraft128-SHA"
133#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AESdraft128-SHA"
134#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AESdraft128-SHA"
135#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AESdraft128-SHA"
136
137#define TLS1_TXT_RSA_WITH_AES_256_SHA "AESdraft256-SHA"
138#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AESdraft256-SHA"
139#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AESdraft256-SHA"
140#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AESdraft256-SHA"
141#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AESdraft256-SHA"
142#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AESdraft256-SHA"
143
144
145#define TLS_CT_RSA_SIGN 1
146#define TLS_CT_DSS_SIGN 2
147#define TLS_CT_RSA_FIXED_DH 3
148#define TLS_CT_DSS_FIXED_DH 4
149#define TLS_CT_NUMBER 4
150
151#define TLS1_FINISH_MAC_LENGTH 12
152
153#define TLS_MD_MAX_CONST_SIZE 20
154#define TLS_MD_CLIENT_FINISH_CONST "client finished"
155#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
156#define TLS_MD_SERVER_FINISH_CONST "server finished"
157#define TLS_MD_SERVER_FINISH_CONST_SIZE 15
158#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
159#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
160#define TLS_MD_KEY_EXPANSION_CONST "key expansion"
161#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
162#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
163#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
164#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
165#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
166#define TLS_MD_IV_BLOCK_CONST "IV block"
167#define TLS_MD_IV_BLOCK_CONST_SIZE 8
168#define TLS_MD_MASTER_SECRET_CONST "master secret"
169#define TLS_MD_MASTER_SECRET_CONST_SIZE 13
170
171#ifdef CHARSET_EBCDIC
172#undef TLS_MD_CLIENT_FINISH_CONST
173#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/
174#undef TLS_MD_SERVER_FINISH_CONST
175#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/
176#undef TLS_MD_SERVER_WRITE_KEY_CONST
177#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
178#undef TLS_MD_KEY_EXPANSION_CONST
179#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/
180#undef TLS_MD_CLIENT_WRITE_KEY_CONST
181#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/
182#undef TLS_MD_SERVER_WRITE_KEY_CONST
183#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
184#undef TLS_MD_IV_BLOCK_CONST
185#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/
186#undef TLS_MD_MASTER_SECRET_CONST
187#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
188#endif
189
190#ifdef __cplusplus
191}
192#endif
193#endif
194
diff --git a/src/lib/libssl/x509v3.cnf b/src/lib/libssl/x509v3.cnf
new file mode 100644
index 0000000000..e430088671
--- /dev/null
+++ b/src/lib/libssl/x509v3.cnf
@@ -0,0 +1,26 @@
1# default settings
2CERTPATHLEN = 1
3CERTUSAGE = digitalSignature,keyCertSign
4CERTIP = 0.0.0.0
5CERTFQDN = nohost.nodomain
6
7# This section should be referenced when building an x509v3 CA
8# Certificate.
9# The default path length and the key usage can be overriden
10# modified by setting the CERTPATHLEN and CERTUSAGE environment
11# variables.
12[x509v3_CA]
13basicConstraints=critical,CA:true,pathlen:$ENV::CERTPATHLEN
14keyUsage=$ENV::CERTUSAGE
15
16# This section should be referenced to add an IP Address
17# as an alternate subject name, needed by isakmpd
18# The address must be provided in the CERTIP environment variable
19[x509v3_IPAddr]
20subjectAltName=IP:$ENV::CERTIP
21
22# This section should be referenced to add a FQDN hostname
23# as an alternate subject name, needed by isakmpd
24# The address must be provided in the CERTFQDN environment variable
25[x509v3_FQDN]
26subjectAltName=DNS:$ENV::CERTFQDN
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 06:05:41 +0000