summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/asn1/a_bitstr.c259
-rw-r--r--src/lib/libcrypto/asn1/a_bool.c112
-rw-r--r--src/lib/libcrypto/asn1/a_bytes.c323
-rw-r--r--src/lib/libcrypto/asn1/a_d2i_fp.c195
-rw-r--r--src/lib/libcrypto/asn1/a_digest.c90
-rw-r--r--src/lib/libcrypto/asn1/a_dup.c83
-rw-r--r--src/lib/libcrypto/asn1/a_enum.c224
-rw-r--r--src/lib/libcrypto/asn1/a_i2d_fp.c113
-rw-r--r--src/lib/libcrypto/asn1/a_int.c473
-rw-r--r--src/lib/libcrypto/asn1/a_mbstr.c400
-rw-r--r--src/lib/libcrypto/asn1/a_object.c320
-rw-r--r--src/lib/libcrypto/asn1/a_octet.c95
-rw-r--r--src/lib/libcrypto/asn1/a_print.c197
-rw-r--r--src/lib/libcrypto/asn1/a_set.c217
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c148
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c533
-rw-r--r--src/lib/libcrypto/asn1/a_strnid.c250
-rw-r--r--src/lib/libcrypto/asn1/a_time.c127
-rw-r--r--src/lib/libcrypto/asn1/a_type.c352
-rw-r--r--src/lib/libcrypto/asn1/a_utf8.c238
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c119
-rw-r--r--src/lib/libcrypto/asn1/asn1.h1151
-rw-r--r--src/lib/libcrypto/asn1/asn1_err.c352
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c427
-rw-r--r--src/lib/libcrypto/asn1/asn1_mac.h583
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c423
-rw-r--r--src/lib/libcrypto/asn1/asn_pack.c145
-rw-r--r--src/lib/libcrypto/asn1/charmap.h15
-rw-r--r--src/lib/libcrypto/asn1/charmap.pl80
-rw-r--r--src/lib/libcrypto/asn1/d2i_pr.c137
-rw-r--r--src/lib/libcrypto/asn1/d2i_pu.c114
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c185
-rw-r--r--src/lib/libcrypto/asn1/f_enum.c207
-rw-r--r--src/lib/libcrypto/asn1/f_int.c214
-rw-r--r--src/lib/libcrypto/asn1/f_string.c212
-rw-r--r--src/lib/libcrypto/asn1/i2d_pr.c84
-rw-r--r--src/lib/libcrypto/asn1/i2d_pu.c82
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c388
-rw-r--r--src/lib/libcrypto/asn1/nsseq.c118
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c157
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c282
-rw-r--r--src/lib/libcrypto/asn1/p8_pkey.c127
-rw-r--r--src/lib/libcrypto/asn1/t_bitst.c99
-rw-r--r--src/lib/libcrypto/asn1/t_crl.c166
-rw-r--r--src/lib/libcrypto/asn1/t_pkey.c361
-rw-r--r--src/lib/libcrypto/asn1/t_req.c254
-rw-r--r--src/lib/libcrypto/asn1/t_spki.c116
-rw-r--r--src/lib/libcrypto/asn1/t_x509.c411
-rw-r--r--src/lib/libcrypto/asn1/t_x509a.c110
-rw-r--r--src/lib/libcrypto/asn1/x_algor.c118
-rw-r--r--src/lib/libcrypto/asn1/x_attrib.c165
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c348
-rw-r--r--src/lib/libcrypto/asn1/x_exten.c139
-rw-r--r--src/lib/libcrypto/asn1/x_info.c114
-rw-r--r--src/lib/libcrypto/asn1/x_name.c281
-rw-r--r--src/lib/libcrypto/asn1/x_pkey.c151
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c366
-rw-r--r--src/lib/libcrypto/asn1/x_req.c257
-rw-r--r--src/lib/libcrypto/asn1/x_sig.c110
-rw-r--r--src/lib/libcrypto/asn1/x_spki.c166
-rw-r--r--src/lib/libcrypto/asn1/x_val.c109
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c216
-rw-r--r--src/lib/libcrypto/asn1/x_x509a.c208
-rw-r--r--src/lib/libcrypto/bf/COPYRIGHT46
-rw-r--r--src/lib/libcrypto/bf/INSTALL14
-rw-r--r--src/lib/libcrypto/bf/README8
-rw-r--r--src/lib/libcrypto/bf/VERSION6
-rw-r--r--src/lib/libcrypto/bf/asm/bf-586.pl136
-rw-r--r--src/lib/libcrypto/bf/bf_cbc.c143
-rw-r--r--src/lib/libcrypto/bf/bf_cfb64.c121
-rw-r--r--src/lib/libcrypto/bf/bf_ecb.c96
-rw-r--r--src/lib/libcrypto/bf/bf_enc.c306
-rw-r--r--src/lib/libcrypto/bf/bf_locl.h219
-rw-r--r--src/lib/libcrypto/bf/bf_ofb64.c110
-rw-r--r--src/lib/libcrypto/bf/bf_pi.h325
-rw-r--r--src/lib/libcrypto/bf/bf_skey.c116
-rw-r--r--src/lib/libcrypto/bf/blowfish.h125
-rw-r--r--src/lib/libcrypto/bio/b_dump.c152
-rw-r--r--src/lib/libcrypto/bio/b_print.c819
-rw-r--r--src/lib/libcrypto/bio/b_sock.c722
-rw-r--r--src/lib/libcrypto/bio/bf_buff.c511
-rw-r--r--src/lib/libcrypto/bio/bf_lbuf.c397
-rw-r--r--src/lib/libcrypto/bio/bf_nbio.c256
-rw-r--r--src/lib/libcrypto/bio/bf_null.c184
-rw-r--r--src/lib/libcrypto/bio/bio.h687
-rw-r--r--src/lib/libcrypto/bio/bio_cb.c133
-rw-r--r--src/lib/libcrypto/bio/bio_err.c150
-rw-r--r--src/lib/libcrypto/bio/bio_lib.c542
-rw-r--r--src/lib/libcrypto/bio/bss_acpt.c467
-rw-r--r--src/lib/libcrypto/bio/bss_bio.c857
-rw-r--r--src/lib/libcrypto/bio/bss_conn.c651
-rw-r--r--src/lib/libcrypto/bio/bss_fd.c62
-rw-r--r--src/lib/libcrypto/bio/bss_file.c310
-rw-r--r--src/lib/libcrypto/bio/bss_log.c394
-rw-r--r--src/lib/libcrypto/bio/bss_mem.c317
-rw-r--r--src/lib/libcrypto/bio/bss_null.c150
-rw-r--r--src/lib/libcrypto/bio/bss_sock.c424
-rw-r--r--src/lib/libcrypto/bn/asm/bn-586.pl384
-rw-r--r--src/lib/libcrypto/bn/asm/co-586.pl286
-rw-r--r--src/lib/libcrypto/bn/asm/pa-risc2.s1618
-rw-r--r--src/lib/libcrypto/bn/asm/pa-risc2W.s1605
-rw-r--r--src/lib/libcrypto/bn/asm/sparcv8.S1458
-rw-r--r--src/lib/libcrypto/bn/asm/sparcv8plus.S1535
-rw-r--r--src/lib/libcrypto/bn/asm/x86.pl28
-rw-r--r--src/lib/libcrypto/bn/asm/x86/add.pl76
-rw-r--r--src/lib/libcrypto/bn/asm/x86/comba.pl277
-rw-r--r--src/lib/libcrypto/bn/asm/x86/div.pl15
-rw-r--r--src/lib/libcrypto/bn/asm/x86/mul.pl77
-rw-r--r--src/lib/libcrypto/bn/asm/x86/mul_add.pl87
-rw-r--r--src/lib/libcrypto/bn/asm/x86/sqr.pl60
-rw-r--r--src/lib/libcrypto/bn/asm/x86/sub.pl76
-rw-r--r--src/lib/libcrypto/bn/bn.h520
-rw-r--r--src/lib/libcrypto/bn/bn_add.c307
-rw-r--r--src/lib/libcrypto/bn/bn_asm.c832
-rw-r--r--src/lib/libcrypto/bn/bn_blind.c144
-rw-r--r--src/lib/libcrypto/bn/bn_ctx.c144
-rw-r--r--src/lib/libcrypto/bn/bn_div.c381
-rw-r--r--src/lib/libcrypto/bn/bn_err.c124
-rw-r--r--src/lib/libcrypto/bn/bn_exp.c696
-rw-r--r--src/lib/libcrypto/bn/bn_exp2.c300
-rw-r--r--src/lib/libcrypto/bn/bn_gcd.c210
-rw-r--r--src/lib/libcrypto/bn/bn_lcl.h419
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c762
-rw-r--r--src/lib/libcrypto/bn/bn_mont.c346
-rw-r--r--src/lib/libcrypto/bn/bn_mpi.c129
-rw-r--r--src/lib/libcrypto/bn/bn_mul.c794
-rw-r--r--src/lib/libcrypto/bn/bn_prime.c465
-rw-r--r--src/lib/libcrypto/bn/bn_prime.h325
-rw-r--r--src/lib/libcrypto/bn/bn_prime.pl117
-rw-r--r--src/lib/libcrypto/bn/bn_print.c332
-rw-r--r--src/lib/libcrypto/bn/bn_rand.c223
-rw-r--r--src/lib/libcrypto/bn/bn_recp.c220
-rw-r--r--src/lib/libcrypto/bn/bn_shift.c205
-rw-r--r--src/lib/libcrypto/bn/bn_sqr.c288
-rw-r--r--src/lib/libcrypto/bn/bn_word.c199
-rw-r--r--src/lib/libcrypto/buffer/buf_err.c95
-rw-r--r--src/lib/libcrypto/buffer/buffer.c144
-rw-r--r--src/lib/libcrypto/buffer/buffer.h98
-rw-r--r--src/lib/libcrypto/cast/asm/cast-586.pl176
-rw-r--r--src/lib/libcrypto/cast/c_cfb64.c122
-rw-r--r--src/lib/libcrypto/cast/c_ecb.c80
-rw-r--r--src/lib/libcrypto/cast/c_enc.c207
-rw-r--r--src/lib/libcrypto/cast/c_ofb64.c111
-rw-r--r--src/lib/libcrypto/cast/c_skey.c166
-rw-r--r--src/lib/libcrypto/cast/cast.h103
-rw-r--r--src/lib/libcrypto/cast/cast_lcl.h226
-rw-r--r--src/lib/libcrypto/cast/cast_s.h585
-rw-r--r--src/lib/libcrypto/comp/c_rle.c61
-rw-r--r--src/lib/libcrypto/comp/c_zlib.c133
-rw-r--r--src/lib/libcrypto/comp/comp.h61
-rw-r--r--src/lib/libcrypto/comp/comp_err.c92
-rw-r--r--src/lib/libcrypto/comp/comp_lib.c78
-rw-r--r--src/lib/libcrypto/conf/conf.h179
-rw-r--r--src/lib/libcrypto/conf/conf_api.c289
-rw-r--r--src/lib/libcrypto/conf/conf_api.h87
-rw-r--r--src/lib/libcrypto/conf/conf_def.c703
-rw-r--r--src/lib/libcrypto/conf/conf_def.h145
-rw-r--r--src/lib/libcrypto/conf/conf_err.c112
-rw-r--r--src/lib/libcrypto/conf/conf_lib.c392
-rw-r--r--src/lib/libcrypto/conf/keysets.pl179
-rw-r--r--src/lib/libcrypto/conf/ssleay.cnf78
-rw-r--r--src/lib/libcrypto/cpt_err.c97
-rw-r--r--src/lib/libcrypto/cryptlib.c489
-rw-r--r--src/lib/libcrypto/cryptlib.h96
-rw-r--r--src/lib/libcrypto/crypto.h403
-rw-r--r--src/lib/libcrypto/cversion.c112
-rw-r--r--src/lib/libcrypto/des/COPYRIGHT50
-rw-r--r--src/lib/libcrypto/des/asm/crypt586.pl204
-rw-r--r--src/lib/libcrypto/des/asm/des-586.pl253
-rw-r--r--src/lib/libcrypto/des/asm/desboth.pl79
-rw-r--r--src/lib/libcrypto/des/cbc_cksm.c97
-rw-r--r--src/lib/libcrypto/des/cbc_enc.c61
-rw-r--r--src/lib/libcrypto/des/cfb64ede.c141
-rw-r--r--src/lib/libcrypto/des/cfb64enc.c121
-rw-r--r--src/lib/libcrypto/des/cfb_enc.c165
-rw-r--r--src/lib/libcrypto/des/des.h266
-rw-r--r--src/lib/libcrypto/des/des_enc.c406
-rw-r--r--src/lib/libcrypto/des/des_locl.h412
-rw-r--r--src/lib/libcrypto/des/ecb3_enc.c82
-rw-r--r--src/lib/libcrypto/des/ecb_enc.c122
-rw-r--r--src/lib/libcrypto/des/ede_cbcm_enc.c197
-rw-r--r--src/lib/libcrypto/des/enc_read.c228
-rw-r--r--src/lib/libcrypto/des/enc_writ.c171
-rw-r--r--src/lib/libcrypto/des/fcrypt.c152
-rw-r--r--src/lib/libcrypto/des/fcrypt_b.c145
-rw-r--r--src/lib/libcrypto/des/ncbc_enc.c148
-rw-r--r--src/lib/libcrypto/des/ofb64ede.c124
-rw-r--r--src/lib/libcrypto/des/ofb64enc.c110
-rw-r--r--src/lib/libcrypto/des/ofb_enc.c134
-rw-r--r--src/lib/libcrypto/des/pcbc_enc.c122
-rw-r--r--src/lib/libcrypto/des/qud_cksm.c139
-rw-r--r--src/lib/libcrypto/des/rand_key.c73
-rw-r--r--src/lib/libcrypto/des/set_key.c402
-rw-r--r--src/lib/libcrypto/des/spr.h204
-rw-r--r--src/lib/libcrypto/des/str2key.c155
-rw-r--r--src/lib/libcrypto/des/xcbc_enc.c194
-rw-r--r--src/lib/libcrypto/dh/dh.h213
-rw-r--r--src/lib/libcrypto/dh/dh_check.c120
-rw-r--r--src/lib/libcrypto/dh/dh_err.c99
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c153
-rw-r--r--src/lib/libcrypto/dh/dh_key.c216
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c237
-rw-r--r--src/lib/libcrypto/doc/DH_generate_key.pod50
-rw-r--r--src/lib/libcrypto/doc/DH_generate_parameters.pod72
-rw-r--r--src/lib/libcrypto/doc/DH_get_ex_new_index.pod36
-rw-r--r--src/lib/libcrypto/doc/DH_new.pod40
-rw-r--r--src/lib/libcrypto/doc/DH_set_method.pod111
-rw-r--r--src/lib/libcrypto/doc/DH_size.pod33
-rw-r--r--src/lib/libcrypto/doc/DSA_SIG_new.pod39
-rw-r--r--src/lib/libcrypto/doc/DSA_do_sign.pod47
-rw-r--r--src/lib/libcrypto/doc/DSA_dup_DH.pod36
-rw-r--r--src/lib/libcrypto/doc/DSA_generate_key.pod33
-rw-r--r--src/lib/libcrypto/doc/DSA_generate_parameters.pod105
-rw-r--r--src/lib/libcrypto/doc/DSA_get_ex_new_index.pod36
-rw-r--r--src/lib/libcrypto/doc/DSA_new.pod41
-rw-r--r--src/lib/libcrypto/doc/DSA_set_method.pod118
-rw-r--r--src/lib/libcrypto/doc/DSA_sign.pod66
-rw-r--r--src/lib/libcrypto/doc/DSA_size.pod33
-rw-r--r--src/lib/libcrypto/doc/ERR_GET_LIB.pod51
-rw-r--r--src/lib/libcrypto/doc/ERR_clear_error.pod29
-rw-r--r--src/lib/libcrypto/doc/ERR_error_string.pod73
-rw-r--r--src/lib/libcrypto/doc/ERR_get_error.pod63
-rw-r--r--src/lib/libcrypto/doc/ERR_load_crypto_strings.pod46
-rw-r--r--src/lib/libcrypto/doc/ERR_load_strings.pod54
-rw-r--r--src/lib/libcrypto/doc/ERR_print_errors.pod51
-rw-r--r--src/lib/libcrypto/doc/ERR_put_error.pod44
-rw-r--r--src/lib/libcrypto/doc/ERR_remove_state.pod34
-rw-r--r--src/lib/libcrypto/doc/EVP_DigestInit.pod202
-rw-r--r--src/lib/libcrypto/doc/EVP_EncryptInit.pod359
-rw-r--r--src/lib/libcrypto/doc/EVP_OpenInit.pod63
-rw-r--r--src/lib/libcrypto/doc/EVP_SealInit.pod76
-rw-r--r--src/lib/libcrypto/doc/EVP_SignInit.pod85
-rw-r--r--src/lib/libcrypto/doc/EVP_VerifyInit.pod72
-rw-r--r--src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod88
-rw-r--r--src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod66
-rw-r--r--src/lib/libcrypto/doc/RAND_add.pod77
-rw-r--r--src/lib/libcrypto/doc/RAND_bytes.pod46
-rw-r--r--src/lib/libcrypto/doc/RAND_cleanup.pod29
-rw-r--r--src/lib/libcrypto/doc/RAND_load_file.pod53
-rw-r--r--src/lib/libcrypto/doc/RAND_set_rand_method.pod59
-rw-r--r--src/lib/libcrypto/doc/RSA_blinding_on.pod43
-rw-r--r--src/lib/libcrypto/doc/RSA_check_key.pod39
-rw-r--r--src/lib/libcrypto/doc/RSA_generate_key.pod68
-rw-r--r--src/lib/libcrypto/doc/RSA_get_ex_new_index.pod120
-rw-r--r--src/lib/libcrypto/doc/RSA_new.pod39
-rw-r--r--src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod124
-rw-r--r--src/lib/libcrypto/doc/RSA_print.pod49
-rw-r--r--src/lib/libcrypto/doc/RSA_private_encrypt.pod70
-rw-r--r--src/lib/libcrypto/doc/RSA_public_encrypt.pod86
-rw-r--r--src/lib/libcrypto/doc/RSA_set_method.pod168
-rw-r--r--src/lib/libcrypto/doc/RSA_sign.pod62
-rw-r--r--src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod59
-rw-r--r--src/lib/libcrypto/doc/RSA_size.pod33
-rw-r--r--src/lib/libcrypto/doc/bn.pod149
-rw-r--r--src/lib/libcrypto/doc/d2i_DHparams.pod30
-rw-r--r--src/lib/libcrypto/doc/d2i_RSAPublicKey.pod39
-rw-r--r--src/lib/libcrypto/doc/dh.pod69
-rw-r--r--src/lib/libcrypto/doc/dsa.pod105
-rw-r--r--src/lib/libcrypto/doc/evp.pod37
-rw-r--r--src/lib/libcrypto/doc/lh_stats.pod60
-rw-r--r--src/lib/libcrypto/doc/rsa.pod117
-rw-r--r--src/lib/libcrypto/dsa/dsa.h257
-rw-r--r--src/lib/libcrypto/dsa/dsa_asn1.c96
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c107
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c294
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c108
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c296
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c393
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c93
-rw-r--r--src/lib/libcrypto/dsa/dsa_vrf.c95
-rw-r--r--src/lib/libcrypto/dso/dso.h250
-rw-r--r--src/lib/libcrypto/dso/dso_dlfcn.c276
-rw-r--r--src/lib/libcrypto/dso/dso_err.c128
-rw-r--r--src/lib/libcrypto/dso/dso_lib.c306
-rw-r--r--src/lib/libcrypto/dso/dso_null.c86
-rw-r--r--src/lib/libcrypto/dso/dso_openssl.c81
-rw-r--r--src/lib/libcrypto/engine/README278
-rw-r--r--src/lib/libcrypto/engine/engine.h398
-rw-r--r--src/lib/libcrypto/err/err.c801
-rw-r--r--src/lib/libcrypto/err/err.h278
-rw-r--r--src/lib/libcrypto/err/err_all.c126
-rw-r--r--src/lib/libcrypto/err/err_prn.c107
-rw-r--r--src/lib/libcrypto/err/openssl.ec74
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c547
-rw-r--r--src/lib/libcrypto/evp/bio_enc.c425
-rw-r--r--src/lib/libcrypto/evp/bio_md.c261
-rw-r--r--src/lib/libcrypto/evp/c_all.c67
-rw-r--r--src/lib/libcrypto/evp/digest.c92
-rw-r--r--src/lib/libcrypto/evp/e_bf.c80
-rw-r--r--src/lib/libcrypto/evp/e_cast.c82
-rw-r--r--src/lib/libcrypto/evp/e_des.c118
-rw-r--r--src/lib/libcrypto/evp/e_des3.c165
-rw-r--r--src/lib/libcrypto/evp/e_idea.c112
-rw-r--r--src/lib/libcrypto/evp/e_null.c101
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c222
-rw-r--r--src/lib/libcrypto/evp/e_rc4.c125
-rw-r--r--src/lib/libcrypto/evp/e_xcbc_d.c111
-rw-r--r--src/lib/libcrypto/evp/encode.c437
-rw-r--r--src/lib/libcrypto/evp/evp.h851
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c341
-rw-r--r--src/lib/libcrypto/evp/evp_err.c153
-rw-r--r--src/lib/libcrypto/evp/evp_key.c159
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c142
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h168
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c136
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c408
-rw-r--r--src/lib/libcrypto/evp/m_dss.c83
-rw-r--r--src/lib/libcrypto/evp/m_dss1.c83
-rw-r--r--src/lib/libcrypto/evp/m_md4.c83
-rw-r--r--src/lib/libcrypto/evp/m_md5.c83
-rw-r--r--src/lib/libcrypto/evp/m_null.c88
-rw-r--r--src/lib/libcrypto/evp/m_ripemd.c84
-rw-r--r--src/lib/libcrypto/evp/m_sha1.c83
-rw-r--r--src/lib/libcrypto/evp/names.c123
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c149
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c248
-rw-r--r--src/lib/libcrypto/evp/p_dec.c87
-rw-r--r--src/lib/libcrypto/evp/p_enc.c86
-rw-r--r--src/lib/libcrypto/evp/p_lib.c333
-rw-r--r--src/lib/libcrypto/evp/p_open.c123
-rw-r--r--src/lib/libcrypto/evp/p_seal.c112
-rw-r--r--src/lib/libcrypto/evp/p_sign.c112
-rw-r--r--src/lib/libcrypto/evp/p_verify.c99
-rw-r--r--src/lib/libcrypto/ex_data.c223
-rw-r--r--src/lib/libcrypto/hmac/hmac.c152
-rw-r--r--src/lib/libcrypto/hmac/hmac.h100
-rw-r--r--src/lib/libcrypto/idea/idea.h99
-rw-r--r--src/lib/libcrypto/lhash/lh_stats.c274
-rw-r--r--src/lib/libcrypto/lhash/lhash.c461
-rw-r--r--src/lib/libcrypto/lhash/lhash.h149
-rw-r--r--src/lib/libcrypto/md32_common.h607
-rw-r--r--src/lib/libcrypto/md4/md4.h114
-rw-r--r--src/lib/libcrypto/md4/md4_dgst.c285
-rw-r--r--src/lib/libcrypto/md4/md4_locl.h154
-rw-r--r--src/lib/libcrypto/md4/md4_one.c95
-rw-r--r--src/lib/libcrypto/md5/asm/md5-586.pl306
-rw-r--r--src/lib/libcrypto/md5/md5.h114
-rw-r--r--src/lib/libcrypto/md5/md5_dgst.c319
-rw-r--r--src/lib/libcrypto/md5/md5_locl.h172
-rw-r--r--src/lib/libcrypto/md5/md5_one.c95
-rw-r--r--src/lib/libcrypto/mem_dbg.c756
-rw-r--r--src/lib/libcrypto/objects/o_names.c266
-rw-r--r--src/lib/libcrypto/objects/obj_dat.c657
-rw-r--r--src/lib/libcrypto/objects/obj_dat.pl302
-rw-r--r--src/lib/libcrypto/objects/obj_err.c99
-rw-r--r--src/lib/libcrypto/objects/obj_lib.c126
-rw-r--r--src/lib/libcrypto/objects/obj_mac.num392
-rw-r--r--src/lib/libcrypto/objects/objects.README44
-rw-r--r--src/lib/libcrypto/objects/objects.h1038
-rw-r--r--src/lib/libcrypto/objects/objects.pl224
-rw-r--r--src/lib/libcrypto/objects/objects.txt593
-rw-r--r--src/lib/libcrypto/opensslv.h85
-rw-r--r--src/lib/libcrypto/pem/message16
-rw-r--r--src/lib/libcrypto/pem/pem.h667
-rw-r--r--src/lib/libcrypto/pem/pem2.h68
-rw-r--r--src/lib/libcrypto/pem/pem_all.c203
-rw-r--r--src/lib/libcrypto/pem/pem_err.c131
-rw-r--r--src/lib/libcrypto/pem/pem_info.c364
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c963
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c184
-rw-r--r--src/lib/libcrypto/pem/pem_sign.c102
-rw-r--r--src/lib/libcrypto/pem/pkcs7.lis22
-rw-r--r--src/lib/libcrypto/perlasm/cbc.pl342
-rw-r--r--src/lib/libcrypto/perlasm/readme124
-rw-r--r--src/lib/libcrypto/perlasm/x86asm.pl118
-rw-r--r--src/lib/libcrypto/pkcs12/p12_add.c218
-rw-r--r--src/lib/libcrypto/pkcs12/p12_attr.c238
-rw-r--r--src/lib/libcrypto/pkcs12/p12_crpt.c124
-rw-r--r--src/lib/libcrypto/pkcs12/p12_crt.c164
-rw-r--r--src/lib/libcrypto/pkcs12/p12_decr.c187
-rw-r--r--src/lib/libcrypto/pkcs12/p12_init.c98
-rw-r--r--src/lib/libcrypto/pkcs12/p12_key.c204
-rw-r--r--src/lib/libcrypto/pkcs12/p12_kiss.c285
-rw-r--r--src/lib/libcrypto/pkcs12/p12_mutl.c170
-rw-r--r--src/lib/libcrypto/pkcs12/p12_npas.c217
-rw-r--r--src/lib/libcrypto/pkcs12/p12_utl.c122
-rw-r--r--src/lib/libcrypto/pkcs12/pk12err.c139
-rw-r--r--src/lib/libcrypto/pkcs12/pkcs12.h345
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_attr.c89
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c946
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_lib.c469
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_mime.c685
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_smime.c432
-rw-r--r--src/lib/libcrypto/pkcs7/pkcs7.h505
-rw-r--r--src/lib/libcrypto/pkcs7/pkcs7err.c161
-rw-r--r--src/lib/libcrypto/rand/rand.h134
-rw-r--r--src/lib/libcrypto/rand/rand_err.c94
-rw-r--r--src/lib/libcrypto/rand/rand_lib.c136
-rw-r--r--src/lib/libcrypto/rand/randfile.c271
-rw-r--r--src/lib/libcrypto/rc2/rc2.h101
-rw-r--r--src/lib/libcrypto/rc2/rc2_cbc.c226
-rw-r--r--src/lib/libcrypto/rc2/rc2_ecb.c88
-rw-r--r--src/lib/libcrypto/rc2/rc2_locl.h156
-rw-r--r--src/lib/libcrypto/rc2/rc2_skey.c138
-rw-r--r--src/lib/libcrypto/rc2/rc2cfb64.c122
-rw-r--r--src/lib/libcrypto/rc2/rc2ofb64.c111
-rw-r--r--src/lib/libcrypto/rc2/rrc2.doc219
-rw-r--r--src/lib/libcrypto/rc2/version22
-rw-r--r--src/lib/libcrypto/rc4/asm/rc4-586.pl173
-rw-r--r--src/lib/libcrypto/rc4/rc4.h88
-rw-r--r--src/lib/libcrypto/rc4/rc4_enc.c315
-rw-r--r--src/lib/libcrypto/rc4/rc4_locl.h4
-rw-r--r--src/lib/libcrypto/rc4/rc4_skey.c117
-rw-r--r--src/lib/libcrypto/ripemd/README15
-rw-r--r--src/lib/libcrypto/ripemd/asm/rmd-586.pl590
-rw-r--r--src/lib/libcrypto/ripemd/ripemd.h101
-rw-r--r--src/lib/libcrypto/ripemd/rmd_dgst.c493
-rw-r--r--src/lib/libcrypto/ripemd/rmd_locl.h160
-rw-r--r--src/lib/libcrypto/ripemd/rmd_one.c76
-rw-r--r--src/lib/libcrypto/ripemd/rmdconst.h399
-rw-r--r--src/lib/libcrypto/rsa/rsa.h357
-rw-r--r--src/lib/libcrypto/rsa/rsa_chk.c184
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c579
-rw-r--r--src/lib/libcrypto/rsa/rsa_err.c148
-rw-r--r--src/lib/libcrypto/rsa/rsa_gen.c197
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c388
-rw-r--r--src/lib/libcrypto/rsa/rsa_none.c98
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep.c168
-rw-r--r--src/lib/libcrypto/rsa/rsa_pk1.c224
-rw-r--r--src/lib/libcrypto/rsa/rsa_saos.c144
-rw-r--r--src/lib/libcrypto/rsa/rsa_sign.c224
-rw-r--r--src/lib/libcrypto/rsa/rsa_ssl.c154
-rw-r--r--src/lib/libcrypto/sha/asm/sha1-586.pl540
-rw-r--r--src/lib/libcrypto/sha/sha.h119
-rw-r--r--src/lib/libcrypto/sha/sha1_one.c76
-rw-r--r--src/lib/libcrypto/sha/sha1dgst.c73
-rw-r--r--src/lib/libcrypto/sha/sha_locl.h471
-rw-r--r--src/lib/libcrypto/stack/safestack.h1134
-rw-r--r--src/lib/libcrypto/stack/stack.c332
-rw-r--r--src/lib/libcrypto/stack/stack.h107
-rw-r--r--src/lib/libcrypto/txt_db/txt_db.c383
-rw-r--r--src/lib/libcrypto/txt_db/txt_db.h108
-rw-r--r--src/lib/libcrypto/util/mkerr.pl529
-rw-r--r--src/lib/libcrypto/util/mkstack.pl124
-rw-r--r--src/lib/libcrypto/x509/by_dir.c351
-rw-r--r--src/lib/libcrypto/x509/by_file.c298
-rw-r--r--src/lib/libcrypto/x509/x509.h1294
-rw-r--r--src/lib/libcrypto/x509/x509_att.c326
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c308
-rw-r--r--src/lib/libcrypto/x509/x509_d2.c107
-rw-r--r--src/lib/libcrypto/x509/x509_def.c81
-rw-r--r--src/lib/libcrypto/x509/x509_err.c152
-rw-r--r--src/lib/libcrypto/x509/x509_ext.c191
-rw-r--r--src/lib/libcrypto/x509/x509_lu.c529
-rw-r--r--src/lib/libcrypto/x509/x509_obj.c225
-rw-r--r--src/lib/libcrypto/x509/x509_r2x.c110
-rw-r--r--src/lib/libcrypto/x509/x509_req.c278
-rw-r--r--src/lib/libcrypto/x509/x509_set.c150
-rw-r--r--src/lib/libcrypto/x509/x509_trs.c267
-rw-r--r--src/lib/libcrypto/x509/x509_txt.c150
-rw-r--r--src/lib/libcrypto/x509/x509_v3.c267
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c920
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.h390
-rw-r--r--src/lib/libcrypto/x509/x509name.c383
-rw-r--r--src/lib/libcrypto/x509/x509rset.c83
-rw-r--r--src/lib/libcrypto/x509/x509spki.c121
-rw-r--r--src/lib/libcrypto/x509/x509type.c114
-rw-r--r--src/lib/libcrypto/x509/x_all.c565
-rw-r--r--src/lib/libcrypto/x509v3/ext_dat.h97
-rw-r--r--src/lib/libcrypto/x509v3/v3_akey.c249
-rw-r--r--src/lib/libcrypto/x509v3/v3_alt.c401
-rw-r--r--src/lib/libcrypto/x509v3/v3_bcons.c164
-rw-r--r--src/lib/libcrypto/x509v3/v3_bitst.c141
-rw-r--r--src/lib/libcrypto/x509v3/v3_conf.c390
-rw-r--r--src/lib/libcrypto/x509v3/v3_cpols.c660
-rw-r--r--src/lib/libcrypto/x509v3/v3_crld.c285
-rw-r--r--src/lib/libcrypto/x509v3/v3_enum.c96
-rw-r--r--src/lib/libcrypto/x509v3/v3_extku.c150
-rw-r--r--src/lib/libcrypto/x509v3/v3_genn.c291
-rw-r--r--src/lib/libcrypto/x509v3/v3_ia5.c113
-rw-r--r--src/lib/libcrypto/x509v3/v3_info.c236
-rw-r--r--src/lib/libcrypto/x509v3/v3_int.c72
-rw-r--r--src/lib/libcrypto/x509v3/v3_lib.c225
-rw-r--r--src/lib/libcrypto/x509v3/v3_pku.c151
-rw-r--r--src/lib/libcrypto/x509v3/v3_prn.c165
-rw-r--r--src/lib/libcrypto/x509v3/v3_purp.c535
-rw-r--r--src/lib/libcrypto/x509v3/v3_skey.c149
-rw-r--r--src/lib/libcrypto/x509v3/v3_sxnet.c340
-rw-r--r--src/lib/libcrypto/x509v3/v3_utl.c516
-rw-r--r--src/lib/libcrypto/x509v3/v3err.c176
-rw-r--r--src/lib/libcrypto/x509v3/x509v3.h653
-rw-r--r--src/lib/libssl/LICENSE127
-rw-r--r--src/lib/libssl/bio_ssl.c586
-rw-r--r--src/lib/libssl/doc/openssl.cnf244
-rw-r--r--src/lib/libssl/doc/openssl.txt1235
-rw-r--r--src/lib/libssl/doc/standards.txt121
-rw-r--r--src/lib/libssl/s23_clnt.c475
-rw-r--r--src/lib/libssl/s23_lib.c236
-rw-r--r--src/lib/libssl/s23_pkt.c117
-rw-r--r--src/lib/libssl/s23_srvr.c576
-rw-r--r--src/lib/libssl/s3_both.c588
-rw-r--r--src/lib/libssl/s3_clnt.c1741
-rw-r--r--src/lib/libssl/s3_lib.c1379
-rw-r--r--src/lib/libssl/s3_pkt.c1204
-rw-r--r--src/lib/libssl/s3_srvr.c1777
-rw-r--r--src/lib/libssl/shlib_version2
-rw-r--r--src/lib/libssl/ssl.h1566
-rw-r--r--src/lib/libssl/ssl2.h269
-rw-r--r--src/lib/libssl/ssl23.h83
-rw-r--r--src/lib/libssl/ssl3.h429
-rw-r--r--src/lib/libssl/ssl_algs.c107
-rw-r--r--src/lib/libssl/ssl_asn1.c349
-rw-r--r--src/lib/libssl/ssl_cert.c757
-rw-r--r--src/lib/libssl/ssl_ciph.c1071
-rw-r--r--src/lib/libssl/ssl_err.c435
-rw-r--r--src/lib/libssl/ssl_err2.c70
-rw-r--r--src/lib/libssl/ssl_lib.c2074
-rw-r--r--src/lib/libssl/ssl_locl.h609
-rw-r--r--src/lib/libssl/ssl_rsa.c815
-rw-r--r--src/lib/libssl/ssl_sess.c681
-rw-r--r--src/lib/libssl/ssl_stat.c454
-rw-r--r--src/lib/libssl/ssl_txt.c174
-rw-r--r--src/lib/libssl/t1_clnt.c90
-rw-r--r--src/lib/libssl/t1_enc.c648
-rw-r--r--src/lib/libssl/t1_lib.c149
-rw-r--r--src/lib/libssl/t1_meth.c88
-rw-r--r--src/lib/libssl/t1_srvr.c91
-rw-r--r--src/lib/libssl/test/CAss.cnf25
-rw-r--r--src/lib/libssl/test/CAssdh.cnf24
-rw-r--r--src/lib/libssl/test/CAssdsa.cnf23
-rw-r--r--src/lib/libssl/test/CAssrsa.cnf24
-rw-r--r--src/lib/libssl/test/Sssdsa.cnf27
-rw-r--r--src/lib/libssl/test/Sssrsa.cnf26
-rw-r--r--src/lib/libssl/test/Uss.cnf28
-rw-r--r--src/lib/libssl/test/VMSca-response.11
-rw-r--r--src/lib/libssl/test/VMSca-response.22
-rw-r--r--src/lib/libssl/test/bctest111
-rw-r--r--src/lib/libssl/test/methtest.c105
-rw-r--r--src/lib/libssl/test/pkcs7-1.pem15
-rw-r--r--src/lib/libssl/test/pkcs7.pem54
-rw-r--r--src/lib/libssl/test/r160test.c57
-rw-r--r--src/lib/libssl/test/tcrl81
-rw-r--r--src/lib/libssl/test/test.cnf88
-rw-r--r--src/lib/libssl/test/testca44
-rw-r--r--src/lib/libssl/test/testcrl.pem16
-rw-r--r--src/lib/libssl/test/testenc54
-rw-r--r--src/lib/libssl/test/testgen32
-rw-r--r--src/lib/libssl/test/testp7.pem46
-rw-r--r--src/lib/libssl/test/testreq2.pem7
-rw-r--r--src/lib/libssl/test/testrsa.pem9
-rw-r--r--src/lib/libssl/test/testsid.pem12
-rw-r--r--src/lib/libssl/test/testss90
-rw-r--r--src/lib/libssl/test/testssl81
-rw-r--r--src/lib/libssl/test/testx509.pem10
-rw-r--r--src/lib/libssl/test/times113
-rw-r--r--src/lib/libssl/test/tpkcs751
-rw-r--r--src/lib/libssl/test/tpkcs7d44
-rw-r--r--src/lib/libssl/test/treq81
-rw-r--r--src/lib/libssl/test/trsa81
-rw-r--r--src/lib/libssl/test/tsid81
-rw-r--r--src/lib/libssl/test/tx50981
-rw-r--r--src/lib/libssl/test/v3-cert1.pem16
-rw-r--r--src/lib/libssl/test/v3-cert2.pem16
-rw-r--r--src/lib/libssl/tls1.h164
554 files changed, 0 insertions, 134967 deletions
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
deleted file mode 100644
index 7013a407ad..0000000000
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ /dev/null
@@ -1,259 +0,0 @@
1/* crypto/asn1/a_bitstr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63ASN1_BIT_STRING *ASN1_BIT_STRING_new(void)
64{ return M_ASN1_BIT_STRING_new(); }
65
66void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x)
67{ M_ASN1_BIT_STRING_free(x); }
68
69int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
70{ return M_ASN1_BIT_STRING_set(x, d, len); }
71
72int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
73{
74 int len, ret;
75 len = i2c_ASN1_BIT_STRING(a, NULL);
76 ret=ASN1_object_size(0,len,V_ASN1_BIT_STRING);
77 if(pp) {
78 ASN1_put_object(pp,0,len,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
79 i2c_ASN1_BIT_STRING(a, pp);
80 }
81 return ret;
82}
83
84int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
85 {
86 int ret,j,bits,len;
87 unsigned char *p,*d;
88
89 if (a == NULL) return(0);
90
91 len=a->length;
92 ret=1+len;
93 if (pp == NULL) return(ret);
94
95 if (len > 0)
96 {
97 if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
98 {
99 bits=(int)a->flags&0x07;
100 }
101 else
102 {
103 for ( ; len > 0; len--)
104 {
105 if (a->data[len-1]) break;
106 }
107 j=a->data[len-1];
108 if (j & 0x01) bits=0;
109 else if (j & 0x02) bits=1;
110 else if (j & 0x04) bits=2;
111 else if (j & 0x08) bits=3;
112 else if (j & 0x10) bits=4;
113 else if (j & 0x20) bits=5;
114 else if (j & 0x40) bits=6;
115 else if (j & 0x80) bits=7;
116 else bits=0; /* should not happen */
117 }
118 }
119 else
120 bits=0;
121 p= *pp;
122
123 *(p++)=(unsigned char)bits;
124 d=a->data;
125 memcpy(p,d,len);
126 p+=len;
127 if (len > 0) p[-1]&=(0xff<<bits);
128 *pp=p;
129 return(ret);
130 }
131
132
133/* Convert DER encoded ASN1 BIT_STRING to ASN1_BIT_STRING structure */
134ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
135 long length)
136{
137 unsigned char *p;
138 long len;
139 int i;
140 int inf,tag,xclass;
141 ASN1_BIT_STRING *ret;
142
143 p= *pp;
144 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
145 if (inf & 0x80)
146 {
147 i=ASN1_R_BAD_OBJECT_HEADER;
148 goto err;
149 }
150
151 if (tag != V_ASN1_BIT_STRING)
152 {
153 i=ASN1_R_EXPECTING_A_BIT_STRING;
154 goto err;
155 }
156 if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
157 ret = c2i_ASN1_BIT_STRING(a, &p, len);
158 if(ret) *pp = p;
159 return ret;
160err:
161 ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
162 return(NULL);
163
164}
165
166ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
167 long len)
168 {
169 ASN1_BIT_STRING *ret=NULL;
170 unsigned char *p,*s;
171 int i;
172
173 if ((a == NULL) || ((*a) == NULL))
174 {
175 if ((ret=M_ASN1_BIT_STRING_new()) == NULL) return(NULL);
176 }
177 else
178 ret=(*a);
179
180 p= *pp;
181 i= *(p++);
182 /* We do this to preserve the settings. If we modify
183 * the settings, via the _set_bit function, we will recalculate
184 * on output */
185 ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
186 ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
187
188 if (len-- > 1) /* using one because of the bits left byte */
189 {
190 s=(unsigned char *)OPENSSL_malloc((int)len);
191 if (s == NULL)
192 {
193 i=ERR_R_MALLOC_FAILURE;
194 goto err;
195 }
196 memcpy(s,p,(int)len);
197 s[len-1]&=(0xff<<i);
198 p+=len;
199 }
200 else
201 s=NULL;
202
203 ret->length=(int)len;
204 if (ret->data != NULL) OPENSSL_free(ret->data);
205 ret->data=s;
206 ret->type=V_ASN1_BIT_STRING;
207 if (a != NULL) (*a)=ret;
208 *pp=p;
209 return(ret);
210err:
211 ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
212 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
213 M_ASN1_BIT_STRING_free(ret);
214 return(NULL);
215 }
216
217/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
218 */
219int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
220 {
221 int w,v,iv;
222 unsigned char *c;
223
224 w=n/8;
225 v=1<<(7-(n&0x07));
226 iv= ~v;
227
228 a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
229
230 if (a == NULL) return(0);
231 if ((a->length < (w+1)) || (a->data == NULL))
232 {
233 if (!value) return(1); /* Don't need to set */
234 if (a->data == NULL)
235 c=(unsigned char *)OPENSSL_malloc(w+1);
236 else
237 c=(unsigned char *)OPENSSL_realloc(a->data,w+1);
238 if (c == NULL) return(0);
239 if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
240 a->data=c;
241 a->length=w+1;
242 }
243 a->data[w]=((a->data[w])&iv)|v;
244 while ((a->length > 0) && (a->data[a->length-1] == 0))
245 a->length--;
246 return(1);
247 }
248
249int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
250 {
251 int w,v;
252
253 w=n/8;
254 v=1<<(7-(n&0x07));
255 if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
256 return(0);
257 return((a->data[w]&v) != 0);
258 }
259
diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c
deleted file mode 100644
index 18fa61840b..0000000000
--- a/src/lib/libcrypto/asn1/a_bool.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/asn1/a_bool.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
64 {
65 int r;
66 unsigned char *p;
67
68 r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
69 if (pp == NULL) return(r);
70 p= *pp;
71
72 ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
73 *(p++)= (unsigned char)a;
74 *pp=p;
75 return(r);
76 }
77
78int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length)
79 {
80 int ret= -1;
81 unsigned char *p;
82 long len;
83 int inf,tag,xclass;
84 int i=0;
85
86 p= *pp;
87 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
88 if (inf & 0x80)
89 {
90 i=ASN1_R_BAD_OBJECT_HEADER;
91 goto err;
92 }
93
94 if (tag != V_ASN1_BOOLEAN)
95 {
96 i=ASN1_R_EXPECTING_A_BOOLEAN;
97 goto err;
98 }
99
100 if (len != 1)
101 {
102 i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
103 goto err;
104 }
105 ret= (int)*(p++);
106 if (a != NULL) (*a)=ret;
107 *pp=p;
108 return(ret);
109err:
110 ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
111 return(ret);
112 }
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c
deleted file mode 100644
index 3a0c0c7835..0000000000
--- a/src/lib/libcrypto/asn1/a_bytes.c
+++ /dev/null
@@ -1,323 +0,0 @@
1/* crypto/asn1/a_bytes.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62
63static unsigned long tag2bit[32]={
640, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
65B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
66B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
67B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
680, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
69B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
700,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
71B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
72 };
73
74static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
75/* type is a 'bitmap' of acceptable string types.
76 */
77ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
78 long length, int type)
79 {
80 ASN1_STRING *ret=NULL;
81 unsigned char *p,*s;
82 long len;
83 int inf,tag,xclass;
84 int i=0;
85
86 p= *pp;
87 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
88 if (inf & 0x80) goto err;
89
90 if (tag >= 32)
91 {
92 i=ASN1_R_TAG_VALUE_TOO_HIGH;;
93 goto err;
94 }
95 if (!(tag2bit[tag] & type))
96 {
97 i=ASN1_R_WRONG_TYPE;
98 goto err;
99 }
100
101 /* If a bit-string, exit early */
102 if (tag == V_ASN1_BIT_STRING)
103 return(d2i_ASN1_BIT_STRING(a,pp,length));
104
105 if ((a == NULL) || ((*a) == NULL))
106 {
107 if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
108 }
109 else
110 ret=(*a);
111
112 if (len != 0)
113 {
114 s=(unsigned char *)OPENSSL_malloc((int)len+1);
115 if (s == NULL)
116 {
117 i=ERR_R_MALLOC_FAILURE;
118 goto err;
119 }
120 memcpy(s,p,(int)len);
121 s[len]='\0';
122 p+=len;
123 }
124 else
125 s=NULL;
126
127 if (ret->data != NULL) OPENSSL_free(ret->data);
128 ret->length=(int)len;
129 ret->data=s;
130 ret->type=tag;
131 if (a != NULL) (*a)=ret;
132 *pp=p;
133 return(ret);
134err:
135 ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
136 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
137 ASN1_STRING_free(ret);
138 return(NULL);
139 }
140
141int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
142 {
143 int ret,r,constructed;
144 unsigned char *p;
145
146 if (a == NULL) return(0);
147
148 if (tag == V_ASN1_BIT_STRING)
149 return(i2d_ASN1_BIT_STRING(a,pp));
150
151 ret=a->length;
152 r=ASN1_object_size(0,ret,tag);
153 if (pp == NULL) return(r);
154 p= *pp;
155
156 if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
157 constructed=1;
158 else
159 constructed=0;
160 ASN1_put_object(&p,constructed,ret,tag,xclass);
161 memcpy(p,a->data,a->length);
162 p+=a->length;
163 *pp= p;
164 return(r);
165 }
166
167ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
168 int Ptag, int Pclass)
169 {
170 ASN1_STRING *ret=NULL;
171 unsigned char *p,*s;
172 long len;
173 int inf,tag,xclass;
174 int i=0;
175
176 if ((a == NULL) || ((*a) == NULL))
177 {
178 if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
179 }
180 else
181 ret=(*a);
182
183 p= *pp;
184 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
185 if (inf & 0x80)
186 {
187 i=ASN1_R_BAD_OBJECT_HEADER;
188 goto err;
189 }
190
191 if (tag != Ptag)
192 {
193 i=ASN1_R_WRONG_TAG;
194 goto err;
195 }
196
197 if (inf & V_ASN1_CONSTRUCTED)
198 {
199 ASN1_CTX c;
200
201 c.pp=pp;
202 c.p=p;
203 c.inf=inf;
204 c.slen=len;
205 c.tag=Ptag;
206 c.xclass=Pclass;
207 c.max=(length == 0)?0:(p+length);
208 if (!asn1_collate_primitive(ret,&c))
209 goto err;
210 else
211 {
212 p=c.p;
213 }
214 }
215 else
216 {
217 if (len != 0)
218 {
219 if ((ret->length < len) || (ret->data == NULL))
220 {
221 if (ret->data != NULL) OPENSSL_free(ret->data);
222 s=(unsigned char *)OPENSSL_malloc((int)len + 1);
223 if (s == NULL)
224 {
225 i=ERR_R_MALLOC_FAILURE;
226 goto err;
227 }
228 }
229 else
230 s=ret->data;
231 memcpy(s,p,(int)len);
232 s[len] = '\0';
233 p+=len;
234 }
235 else
236 {
237 s=NULL;
238 if (ret->data != NULL) OPENSSL_free(ret->data);
239 }
240
241 ret->length=(int)len;
242 ret->data=s;
243 ret->type=Ptag;
244 }
245
246 if (a != NULL) (*a)=ret;
247 *pp=p;
248 return(ret);
249err:
250 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
251 ASN1_STRING_free(ret);
252 ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
253 return(NULL);
254 }
255
256
257/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
258 * them into the one structure that is then returned */
259/* There have been a few bug fixes for this function from
260 * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
261static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
262 {
263 ASN1_STRING *os=NULL;
264 BUF_MEM b;
265 int num;
266
267 b.length=0;
268 b.max=0;
269 b.data=NULL;
270
271 if (a == NULL)
272 {
273 c->error=ERR_R_PASSED_NULL_PARAMETER;
274 goto err;
275 }
276
277 num=0;
278 for (;;)
279 {
280 if (c->inf & 1)
281 {
282 c->eos=ASN1_check_infinite_end(&c->p,
283 (long)(c->max-c->p));
284 if (c->eos) break;
285 }
286 else
287 {
288 if (c->slen <= 0) break;
289 }
290
291 c->q=c->p;
292 if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
293 == NULL)
294 {
295 c->error=ERR_R_ASN1_LIB;
296 goto err;
297 }
298
299 if (!BUF_MEM_grow(&b,num+os->length))
300 {
301 c->error=ERR_R_BUF_LIB;
302 goto err;
303 }
304 memcpy(&(b.data[num]),os->data,os->length);
305 if (!(c->inf & 1))
306 c->slen-=(c->p-c->q);
307 num+=os->length;
308 }
309
310 if (!asn1_Finish(c)) goto err;
311
312 a->length=num;
313 if (a->data != NULL) OPENSSL_free(a->data);
314 a->data=(unsigned char *)b.data;
315 if (os != NULL) ASN1_STRING_free(os);
316 return(1);
317err:
318 ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error);
319 if (os != NULL) ASN1_STRING_free(os);
320 if (b.data != NULL) OPENSSL_free(b.data);
321 return(0);
322 }
323
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c
deleted file mode 100644
index a49d1cb289..0000000000
--- a/src/lib/libcrypto/asn1/a_d2i_fp.c
+++ /dev/null
@@ -1,195 +0,0 @@
1/* crypto/asn1/a_d2i_fp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/asn1_mac.h>
63
64#define HEADER_SIZE 8
65
66#ifndef NO_FP_API
67char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
68 unsigned char **x)
69 {
70 BIO *b;
71 char *ret;
72
73 if ((b=BIO_new(BIO_s_file())) == NULL)
74 {
75 ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
76 return(NULL);
77 }
78 BIO_set_fp(b,in,BIO_NOCLOSE);
79 ret=ASN1_d2i_bio(xnew,d2i,b,x);
80 BIO_free(b);
81 return(ret);
82 }
83#endif
84
85char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in,
86 unsigned char **x)
87 {
88 BUF_MEM *b;
89 unsigned char *p;
90 int i;
91 char *ret=NULL;
92 ASN1_CTX c;
93 int want=HEADER_SIZE;
94 int eos=0;
95 int off=0;
96 int len=0;
97
98 b=BUF_MEM_new();
99 if (b == NULL)
100 {
101 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
102 return(NULL);
103 }
104
105 ERR_clear_error();
106 for (;;)
107 {
108 if (want >= (len-off))
109 {
110 want-=(len-off);
111
112 if (!BUF_MEM_grow(b,len+want))
113 {
114 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
115 goto err;
116 }
117 i=BIO_read(in,&(b->data[len]),want);
118 if ((i < 0) && ((len-off) == 0))
119 {
120 ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
121 goto err;
122 }
123 if (i > 0)
124 len+=i;
125 }
126 /* else data already loaded */
127
128 p=(unsigned char *)&(b->data[off]);
129 c.p=p;
130 c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
131 len-off);
132 if (c.inf & 0x80)
133 {
134 unsigned long e;
135
136 e=ERR_GET_REASON(ERR_peek_error());
137 if (e != ASN1_R_TOO_LONG)
138 goto err;
139 else
140 ERR_get_error(); /* clear error */
141 }
142 i=c.p-p;/* header length */
143 off+=i; /* end of data */
144
145 if (c.inf & 1)
146 {
147 /* no data body so go round again */
148 eos++;
149 want=HEADER_SIZE;
150 }
151 else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
152 {
153 /* eos value, so go back and read another header */
154 eos--;
155 if (eos <= 0)
156 break;
157 else
158 want=HEADER_SIZE;
159 }
160 else
161 {
162 /* suck in c.slen bytes of data */
163 want=(int)c.slen;
164 if (want > (len-off))
165 {
166 want-=(len-off);
167 if (!BUF_MEM_grow(b,len+want))
168 {
169 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
170 goto err;
171 }
172 i=BIO_read(in,&(b->data[len]),want);
173 if (i <= 0)
174 {
175 ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
176 goto err;
177 }
178 len+=i;
179 }
180 off+=(int)c.slen;
181 if (eos <= 0)
182 {
183 break;
184 }
185 else
186 want=HEADER_SIZE;
187 }
188 }
189
190 p=(unsigned char *)b->data;
191 ret=d2i(x,&p,off);
192err:
193 if (b != NULL) BUF_MEM_free(b);
194 return(ret);
195 }
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c
deleted file mode 100644
index 8257b8639e..0000000000
--- a/src/lib/libcrypto/asn1/a_digest.c
+++ /dev/null
@@ -1,90 +0,0 @@
1/* crypto/asn1/a_digest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61
62#include "cryptlib.h"
63
64#ifndef NO_SYS_TYPES_H
65# include <sys/types.h>
66#endif
67
68#include <openssl/evp.h>
69#include <openssl/buffer.h>
70#include <openssl/x509.h>
71
72int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
73 unsigned char *md, unsigned int *len)
74 {
75 EVP_MD_CTX ctx;
76 int i;
77 unsigned char *str,*p;
78
79 i=i2d(data,NULL);
80 if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0);
81 p=str;
82 i2d(data,&p);
83
84 EVP_DigestInit(&ctx,type);
85 EVP_DigestUpdate(&ctx,str,i);
86 EVP_DigestFinal(&ctx,md,len);
87 OPENSSL_free(str);
88 return(1);
89 }
90
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c
deleted file mode 100644
index c3bda58a5d..0000000000
--- a/src/lib/libcrypto/asn1/a_dup.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/asn1/a_dup.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62
63#define READ_CHUNK 2048
64
65char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x)
66 {
67 unsigned char *b,*p;
68 long i;
69 char *ret;
70
71 if (x == NULL) return(NULL);
72
73 i=(long)i2d(x,NULL);
74 b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
75 if (b == NULL)
76 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
77 p= b;
78 i=i2d(x,&p);
79 p= b;
80 ret=d2i(NULL,&p,i);
81 OPENSSL_free(b);
82 return(ret);
83 }
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
deleted file mode 100644
index 1428d1df7a..0000000000
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ /dev/null
@@ -1,224 +0,0 @@
1/* crypto/asn1/a_enum.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63/*
64 * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
65 * for comments on encoding see a_int.c
66 */
67
68ASN1_ENUMERATED *ASN1_ENUMERATED_new(void)
69{ return M_ASN1_ENUMERATED_new(); }
70
71void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x)
72{ M_ASN1_ENUMERATED_free(x); }
73
74
75int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp)
76{
77 int len, ret;
78 if(!a) return 0;
79 len = i2c_ASN1_INTEGER(a, NULL);
80 ret=ASN1_object_size(0,len,V_ASN1_ENUMERATED);
81 if(pp) {
82 ASN1_put_object(pp,0,len,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL);
83 i2c_ASN1_INTEGER(a, pp);
84 }
85 return ret;
86}
87
88ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp,
89 long length)
90{
91 unsigned char *p;
92 long len;
93 int i;
94 int inf,tag,xclass;
95 ASN1_ENUMERATED *ret;
96
97 p= *pp;
98 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
99 if (inf & 0x80)
100 {
101 i=ASN1_R_BAD_OBJECT_HEADER;
102 goto err;
103 }
104
105 if (tag != V_ASN1_ENUMERATED)
106 {
107 i=ASN1_R_EXPECTING_AN_ENUMERATED;
108 goto err;
109 }
110 ret = c2i_ASN1_INTEGER(a, &p, len);
111 if(ret) {
112 ret->type = (V_ASN1_NEG & ret->type) | V_ASN1_ENUMERATED;
113 *pp = p;
114 }
115 return ret;
116err:
117 ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i);
118 return(NULL);
119
120}
121
122int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
123 {
124 int i,j,k;
125 unsigned char buf[sizeof(long)+1];
126 long d;
127
128 a->type=V_ASN1_ENUMERATED;
129 if (a->length < (sizeof(long)+1))
130 {
131 if (a->data != NULL)
132 OPENSSL_free(a->data);
133 if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
134 memset((char *)a->data,0,sizeof(long)+1);
135 }
136 if (a->data == NULL)
137 {
138 ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
139 return(0);
140 }
141 d=v;
142 if (d < 0)
143 {
144 d= -d;
145 a->type=V_ASN1_NEG_ENUMERATED;
146 }
147
148 for (i=0; i<sizeof(long); i++)
149 {
150 if (d == 0) break;
151 buf[i]=(int)d&0xff;
152 d>>=8;
153 }
154 j=0;
155 for (k=i-1; k >=0; k--)
156 a->data[j++]=buf[k];
157 a->length=j;
158 return(1);
159 }
160
161long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
162 {
163 int neg=0,i;
164 long r=0;
165
166 if (a == NULL) return(0L);
167 i=a->type;
168 if (i == V_ASN1_NEG_ENUMERATED)
169 neg=1;
170 else if (i != V_ASN1_ENUMERATED)
171 return(0);
172
173 if (a->length > sizeof(long))
174 {
175 /* hmm... a bit ugly */
176 return(0xffffffffL);
177 }
178 if (a->data == NULL)
179 return(0);
180
181 for (i=0; i<a->length; i++)
182 {
183 r<<=8;
184 r|=(unsigned char)a->data[i];
185 }
186 if (neg) r= -r;
187 return(r);
188 }
189
190ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
191 {
192 ASN1_ENUMERATED *ret;
193 int len,j;
194
195 if (ai == NULL)
196 ret=M_ASN1_ENUMERATED_new();
197 else
198 ret=ai;
199 if (ret == NULL)
200 {
201 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
202 goto err;
203 }
204 if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED;
205 else ret->type=V_ASN1_ENUMERATED;
206 j=BN_num_bits(bn);
207 len=((j == 0)?0:((j/8)+1));
208 ret->data=(unsigned char *)OPENSSL_malloc(len+4);
209 ret->length=BN_bn2bin(bn,ret->data);
210 return(ret);
211err:
212 if (ret != ai) M_ASN1_ENUMERATED_free(ret);
213 return(NULL);
214 }
215
216BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
217 {
218 BIGNUM *ret;
219
220 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
221 ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
222 else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1;
223 return(ret);
224 }
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c
deleted file mode 100644
index aee29a7790..0000000000
--- a/src/lib/libcrypto/asn1/a_i2d_fp.c
+++ /dev/null
@@ -1,113 +0,0 @@
1/* crypto/asn1/a_i2d_fp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/asn1_mac.h>
63
64#ifndef NO_FP_API
65int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
66 {
67 BIO *b;
68 int ret;
69
70 if ((b=BIO_new(BIO_s_file())) == NULL)
71 {
72 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
73 return(0);
74 }
75 BIO_set_fp(b,out,BIO_NOCLOSE);
76 ret=ASN1_i2d_bio(i2d,b,x);
77 BIO_free(b);
78 return(ret);
79 }
80#endif
81
82int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x)
83 {
84 char *b;
85 unsigned char *p;
86 int i,j=0,n,ret=1;
87
88 n=i2d(x,NULL);
89 b=(char *)OPENSSL_malloc(n);
90 if (b == NULL)
91 {
92 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
93 return(0);
94 }
95
96 p=(unsigned char *)b;
97 i2d(x,&p);
98
99 for (;;)
100 {
101 i=BIO_write(out,&(b[j]),n);
102 if (i == n) break;
103 if (i <= 0)
104 {
105 ret=0;
106 break;
107 }
108 j+=i;
109 n-=i;
110 }
111 OPENSSL_free(b);
112 return(ret);
113 }
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
deleted file mode 100644
index 6f0413f885..0000000000
--- a/src/lib/libcrypto/asn1/a_int.c
+++ /dev/null
@@ -1,473 +0,0 @@
1/* crypto/asn1/a_int.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63ASN1_INTEGER *ASN1_INTEGER_new(void)
64{ return M_ASN1_INTEGER_new();}
65
66void ASN1_INTEGER_free(ASN1_INTEGER *x)
67{ M_ASN1_INTEGER_free(x);}
68
69ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
70{ return M_ASN1_INTEGER_dup(x);}
71
72int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
73{ return M_ASN1_INTEGER_cmp(x,y);}
74
75/* Output ASN1 INTEGER including tag+length */
76
77int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
78{
79 int len, ret;
80 if(!a) return 0;
81 len = i2c_ASN1_INTEGER(a, NULL);
82 ret=ASN1_object_size(0,len,V_ASN1_INTEGER);
83 if(pp) {
84 ASN1_put_object(pp,0,len,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
85 i2c_ASN1_INTEGER(a, pp);
86 }
87 return ret;
88}
89
90/*
91 * This converts an ASN1 INTEGER into its content encoding.
92 * The internal representation is an ASN1_STRING whose data is a big endian
93 * representation of the value, ignoring the sign. The sign is determined by
94 * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
95 *
96 * Positive integers are no problem: they are almost the same as the DER
97 * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
98 *
99 * Negative integers are a bit trickier...
100 * The DER representation of negative integers is in 2s complement form.
101 * The internal form is converted by complementing each octet and finally
102 * adding one to the result. This can be done less messily with a little trick.
103 * If the internal form has trailing zeroes then they will become FF by the
104 * complement and 0 by the add one (due to carry) so just copy as many trailing
105 * zeros to the destination as there are in the source. The carry will add one
106 * to the last none zero octet: so complement this octet and add one and finally
107 * complement any left over until you get to the start of the string.
108 *
109 * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
110 * with 0xff. However if the first byte is 0x80 and one of the following bytes
111 * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
112 * followed by optional zeros isn't padded.
113 */
114
115int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
116 {
117 int pad=0,ret,i,neg;
118 unsigned char *p,*n,pb=0;
119
120 if ((a == NULL) || (a->data == NULL)) return(0);
121 neg=a->type & V_ASN1_NEG;
122 if (a->length == 0)
123 ret=1;
124 else
125 {
126 ret=a->length;
127 i=a->data[0];
128 if (!neg && (i > 127)) {
129 pad=1;
130 pb=0;
131 } else if(neg) {
132 if(i>128) {
133 pad=1;
134 pb=0xFF;
135 } else if(i == 128) {
136 /*
137 * Special case: if any other bytes non zero we pad:
138 * otherwise we don't.
139 */
140 for(i = 1; i < a->length; i++) if(a->data[i]) {
141 pad=1;
142 pb=0xFF;
143 break;
144 }
145 }
146 }
147 ret+=pad;
148 }
149 if (pp == NULL) return(ret);
150 p= *pp;
151
152 if (pad) *(p++)=pb;
153 if (a->length == 0) *(p++)=0;
154 else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
155 else {
156 /* Begin at the end of the encoding */
157 n=a->data + a->length - 1;
158 p += a->length - 1;
159 i = a->length;
160 /* Copy zeros to destination as long as source is zero */
161 while(!*n) {
162 *(p--) = 0;
163 n--;
164 i--;
165 }
166 /* Complement and increment next octet */
167 *(p--) = ((*(n--)) ^ 0xff) + 1;
168 i--;
169 /* Complement any octets left */
170 for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
171 }
172
173 *pp+=ret;
174 return(ret);
175 }
176
177/* Convert DER encoded ASN1 INTEGER to ASN1_INTEGER structure */
178ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
179 long length)
180{
181 unsigned char *p;
182 long len;
183 int i;
184 int inf,tag,xclass;
185 ASN1_INTEGER *ret;
186
187 p= *pp;
188 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
189 if (inf & 0x80)
190 {
191 i=ASN1_R_BAD_OBJECT_HEADER;
192 goto err;
193 }
194
195 if (tag != V_ASN1_INTEGER)
196 {
197 i=ASN1_R_EXPECTING_AN_INTEGER;
198 goto err;
199 }
200 ret = c2i_ASN1_INTEGER(a, &p, len);
201 if(ret) *pp = p;
202 return ret;
203err:
204 ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
205 return(NULL);
206
207}
208
209
210/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
211
212ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
213 long len)
214 {
215 ASN1_INTEGER *ret=NULL;
216 unsigned char *p,*to,*s, *pend;
217 int i;
218
219 if ((a == NULL) || ((*a) == NULL))
220 {
221 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
222 ret->type=V_ASN1_INTEGER;
223 }
224 else
225 ret=(*a);
226
227 p= *pp;
228 pend = p + len;
229
230 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
231 * signifies a missing NULL parameter. */
232 s=(unsigned char *)OPENSSL_malloc((int)len+1);
233 if (s == NULL)
234 {
235 i=ERR_R_MALLOC_FAILURE;
236 goto err;
237 }
238 to=s;
239 if(!len) {
240 /* Strictly speaking this is an illegal INTEGER but we
241 * tolerate it.
242 */
243 ret->type=V_ASN1_INTEGER;
244 } else if (*p & 0x80) /* a negative number */
245 {
246 ret->type=V_ASN1_NEG_INTEGER;
247 if ((*p == 0xff) && (len != 1)) {
248 p++;
249 len--;
250 }
251 i = len;
252 p += i - 1;
253 to += i - 1;
254 while((!*p) && i) {
255 *(to--) = 0;
256 i--;
257 p--;
258 }
259 /* Special case: if all zeros then the number will be of
260 * the form FF followed by n zero bytes: this corresponds to
261 * 1 followed by n zero bytes. We've already written n zeros
262 * so we just append an extra one and set the first byte to
263 * a 1. This is treated separately because it is the only case
264 * where the number of bytes is larger than len.
265 */
266 if(!i) {
267 *s = 1;
268 s[len] = 0;
269 len++;
270 } else {
271 *(to--) = (*(p--) ^ 0xff) + 1;
272 i--;
273 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
274 }
275 } else {
276 ret->type=V_ASN1_INTEGER;
277 if ((*p == 0) && (len != 1))
278 {
279 p++;
280 len--;
281 }
282 memcpy(s,p,(int)len);
283 }
284
285 if (ret->data != NULL) OPENSSL_free(ret->data);
286 ret->data=s;
287 ret->length=(int)len;
288 if (a != NULL) (*a)=ret;
289 *pp=pend;
290 return(ret);
291err:
292 ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
293 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
294 M_ASN1_INTEGER_free(ret);
295 return(NULL);
296 }
297
298
299/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
300 * ASN1 integers: some broken software can encode a positive INTEGER
301 * with its MSB set as negative (it doesn't add a padding zero).
302 */
303
304ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp,
305 long length)
306 {
307 ASN1_INTEGER *ret=NULL;
308 unsigned char *p,*to,*s;
309 long len;
310 int inf,tag,xclass;
311 int i;
312
313 if ((a == NULL) || ((*a) == NULL))
314 {
315 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
316 ret->type=V_ASN1_INTEGER;
317 }
318 else
319 ret=(*a);
320
321 p= *pp;
322 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
323 if (inf & 0x80)
324 {
325 i=ASN1_R_BAD_OBJECT_HEADER;
326 goto err;
327 }
328
329 if (tag != V_ASN1_INTEGER)
330 {
331 i=ASN1_R_EXPECTING_AN_INTEGER;
332 goto err;
333 }
334
335 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
336 * signifies a missing NULL parameter. */
337 s=(unsigned char *)OPENSSL_malloc((int)len+1);
338 if (s == NULL)
339 {
340 i=ERR_R_MALLOC_FAILURE;
341 goto err;
342 }
343 to=s;
344 ret->type=V_ASN1_INTEGER;
345 if(len) {
346 if ((*p == 0) && (len != 1))
347 {
348 p++;
349 len--;
350 }
351 memcpy(s,p,(int)len);
352 p+=len;
353 }
354
355 if (ret->data != NULL) OPENSSL_free(ret->data);
356 ret->data=s;
357 ret->length=(int)len;
358 if (a != NULL) (*a)=ret;
359 *pp=p;
360 return(ret);
361err:
362 ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
363 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
364 M_ASN1_INTEGER_free(ret);
365 return(NULL);
366 }
367
368int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
369 {
370 int i,j,k;
371 unsigned char buf[sizeof(long)+1];
372 long d;
373
374 a->type=V_ASN1_INTEGER;
375 if (a->length < (sizeof(long)+1))
376 {
377 if (a->data != NULL)
378 OPENSSL_free(a->data);
379 if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
380 memset((char *)a->data,0,sizeof(long)+1);
381 }
382 if (a->data == NULL)
383 {
384 ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
385 return(0);
386 }
387 d=v;
388 if (d < 0)
389 {
390 d= -d;
391 a->type=V_ASN1_NEG_INTEGER;
392 }
393
394 for (i=0; i<sizeof(long); i++)
395 {
396 if (d == 0) break;
397 buf[i]=(int)d&0xff;
398 d>>=8;
399 }
400 j=0;
401 for (k=i-1; k >=0; k--)
402 a->data[j++]=buf[k];
403 a->length=j;
404 return(1);
405 }
406
407long ASN1_INTEGER_get(ASN1_INTEGER *a)
408 {
409 int neg=0,i;
410 long r=0;
411
412 if (a == NULL) return(0L);
413 i=a->type;
414 if (i == V_ASN1_NEG_INTEGER)
415 neg=1;
416 else if (i != V_ASN1_INTEGER)
417 return(0);
418
419 if (a->length > sizeof(long))
420 {
421 /* hmm... a bit ugly */
422 return(0xffffffffL);
423 }
424 if (a->data == NULL)
425 return(0);
426
427 for (i=0; i<a->length; i++)
428 {
429 r<<=8;
430 r|=(unsigned char)a->data[i];
431 }
432 if (neg) r= -r;
433 return(r);
434 }
435
436ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
437 {
438 ASN1_INTEGER *ret;
439 int len,j;
440
441 if (ai == NULL)
442 ret=M_ASN1_INTEGER_new();
443 else
444 ret=ai;
445 if (ret == NULL)
446 {
447 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
448 goto err;
449 }
450 if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
451 else ret->type=V_ASN1_INTEGER;
452 j=BN_num_bits(bn);
453 len=((j == 0)?0:((j/8)+1));
454 ret->data=(unsigned char *)OPENSSL_malloc(len+4);
455 ret->length=BN_bn2bin(bn,ret->data);
456 return(ret);
457err:
458 if (ret != ai) M_ASN1_INTEGER_free(ret);
459 return(NULL);
460 }
461
462BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
463 {
464 BIGNUM *ret;
465
466 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
467 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
468 else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1;
469 return(ret);
470 }
471
472IMPLEMENT_STACK_OF(ASN1_INTEGER)
473IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
deleted file mode 100644
index 5d981c6553..0000000000
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ /dev/null
@@ -1,400 +0,0 @@
1/* a_mbstr.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63
64static int traverse_string(const unsigned char *p, int len, int inform,
65 int (*rfunc)(unsigned long value, void *in), void *arg);
66static int in_utf8(unsigned long value, void *arg);
67static int out_utf8(unsigned long value, void *arg);
68static int type_str(unsigned long value, void *arg);
69static int cpy_asc(unsigned long value, void *arg);
70static int cpy_bmp(unsigned long value, void *arg);
71static int cpy_univ(unsigned long value, void *arg);
72static int cpy_utf8(unsigned long value, void *arg);
73static int is_printable(unsigned long value);
74
75/* These functions take a string in UTF8, ASCII or multibyte form and
76 * a mask of permissible ASN1 string types. It then works out the minimal
77 * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
78 * and creates a string of the correct type with the supplied data.
79 * Yes this is horrible: it has to be :-(
80 * The 'ncopy' form checks minimum and maximum size limits too.
81 */
82
83int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
84 int inform, unsigned long mask)
85{
86 return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
87}
88
89int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
90 int inform, unsigned long mask,
91 long minsize, long maxsize)
92{
93 int str_type;
94 int ret;
95 char free_out;
96 int outform, outlen;
97 ASN1_STRING *dest;
98 unsigned char *p;
99 int nchar;
100 char strbuf[32];
101 int (*cpyfunc)(unsigned long,void *) = NULL;
102 if(len == -1) len = strlen((const char *)in);
103 if(!mask) mask = DIRSTRING_TYPE;
104
105 /* First do a string check and work out the number of characters */
106 switch(inform) {
107
108 case MBSTRING_BMP:
109 if(len & 1) {
110 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
111 ASN1_R_INVALID_BMPSTRING_LENGTH);
112 return -1;
113 }
114 nchar = len >> 1;
115 break;
116
117 case MBSTRING_UNIV:
118 if(len & 3) {
119 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
120 ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
121 return -1;
122 }
123 nchar = len >> 2;
124 break;
125
126 case MBSTRING_UTF8:
127 nchar = 0;
128 /* This counts the characters and does utf8 syntax checking */
129 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
130 if(ret < 0) {
131 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
132 ASN1_R_INVALID_UTF8STRING);
133 return -1;
134 }
135 break;
136
137 case MBSTRING_ASC:
138 nchar = len;
139 break;
140
141 default:
142 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT);
143 return -1;
144 }
145
146 if((minsize > 0) && (nchar < minsize)) {
147 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
148 sprintf(strbuf, "%ld", minsize);
149 ERR_add_error_data(2, "minsize=", strbuf);
150 return -1;
151 }
152
153 if((maxsize > 0) && (nchar > maxsize)) {
154 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
155 sprintf(strbuf, "%ld", maxsize);
156 ERR_add_error_data(2, "maxsize=", strbuf);
157 return -1;
158 }
159
160 /* Now work out minimal type (if any) */
161 if(traverse_string(in, len, inform, type_str, &mask) < 0) {
162 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS);
163 return -1;
164 }
165
166
167 /* Now work out output format and string type */
168 outform = MBSTRING_ASC;
169 if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING;
170 else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING;
171 else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING;
172 else if(mask & B_ASN1_BMPSTRING) {
173 str_type = V_ASN1_BMPSTRING;
174 outform = MBSTRING_BMP;
175 } else if(mask & B_ASN1_UNIVERSALSTRING) {
176 str_type = V_ASN1_UNIVERSALSTRING;
177 outform = MBSTRING_UNIV;
178 } else {
179 str_type = V_ASN1_UTF8STRING;
180 outform = MBSTRING_UTF8;
181 }
182 if(!out) return str_type;
183 if(*out) {
184 free_out = 0;
185 dest = *out;
186 if(dest->data) {
187 dest->length = 0;
188 OPENSSL_free(dest->data);
189 dest->data = NULL;
190 }
191 dest->type = str_type;
192 } else {
193 free_out = 1;
194 dest = ASN1_STRING_type_new(str_type);
195 if(!dest) {
196 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
197 ERR_R_MALLOC_FAILURE);
198 return -1;
199 }
200 *out = dest;
201 }
202 /* If both the same type just copy across */
203 if(inform == outform) {
204 if(!ASN1_STRING_set(dest, in, len)) {
205 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
206 return -1;
207 }
208 return str_type;
209 }
210
211 /* Work out how much space the destination will need */
212 switch(outform) {
213 case MBSTRING_ASC:
214 outlen = nchar;
215 cpyfunc = cpy_asc;
216 break;
217
218 case MBSTRING_BMP:
219 outlen = nchar << 1;
220 cpyfunc = cpy_bmp;
221 break;
222
223 case MBSTRING_UNIV:
224 outlen = nchar << 2;
225 cpyfunc = cpy_univ;
226 break;
227
228 case MBSTRING_UTF8:
229 outlen = 0;
230 traverse_string(in, len, inform, out_utf8, &outlen);
231 cpyfunc = cpy_utf8;
232 break;
233 }
234 if(!(p = OPENSSL_malloc(outlen + 1))) {
235 if(free_out) ASN1_STRING_free(dest);
236 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
237 return -1;
238 }
239 dest->length = outlen;
240 dest->data = p;
241 p[outlen] = 0;
242 traverse_string(in, len, inform, cpyfunc, &p);
243 return str_type;
244}
245
246/* This function traverses a string and passes the value of each character
247 * to an optional function along with a void * argument.
248 */
249
250static int traverse_string(const unsigned char *p, int len, int inform,
251 int (*rfunc)(unsigned long value, void *in), void *arg)
252{
253 unsigned long value;
254 int ret;
255 while(len) {
256 if(inform == MBSTRING_ASC) {
257 value = *p++;
258 len--;
259 } else if(inform == MBSTRING_BMP) {
260 value = *p++ << 8;
261 value |= *p++;
262 len -= 2;
263 } else if(inform == MBSTRING_UNIV) {
264 value = ((unsigned long)*p++) << 24;
265 value |= ((unsigned long)*p++) << 16;
266 value |= *p++ << 8;
267 value |= *p++;
268 len -= 4;
269 } else {
270 ret = UTF8_getc(p, len, &value);
271 if(ret < 0) return -1;
272 len -= ret;
273 p += ret;
274 }
275 if(rfunc) {
276 ret = rfunc(value, arg);
277 if(ret <= 0) return ret;
278 }
279 }
280 return 1;
281}
282
283/* Various utility functions for traverse_string */
284
285/* Just count number of characters */
286
287static int in_utf8(unsigned long value, void *arg)
288{
289 int *nchar;
290 nchar = arg;
291 (*nchar)++;
292 return 1;
293}
294
295/* Determine size of output as a UTF8 String */
296
297static int out_utf8(unsigned long value, void *arg)
298{
299 long *outlen;
300 outlen = arg;
301 *outlen += UTF8_putc(NULL, -1, value);
302 return 1;
303}
304
305/* Determine the "type" of a string: check each character against a
306 * supplied "mask".
307 */
308
309static int type_str(unsigned long value, void *arg)
310{
311 unsigned long types;
312 types = *((unsigned long *)arg);
313 if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
314 types &= ~B_ASN1_PRINTABLESTRING;
315 if((types & B_ASN1_IA5STRING) && (value > 127))
316 types &= ~B_ASN1_IA5STRING;
317 if((types & B_ASN1_T61STRING) && (value > 0xff))
318 types &= ~B_ASN1_T61STRING;
319 if((types & B_ASN1_BMPSTRING) && (value > 0xffff))
320 types &= ~B_ASN1_BMPSTRING;
321 if(!types) return -1;
322 *((unsigned long *)arg) = types;
323 return 1;
324}
325
326/* Copy one byte per character ASCII like strings */
327
328static int cpy_asc(unsigned long value, void *arg)
329{
330 unsigned char **p, *q;
331 p = arg;
332 q = *p;
333 *q = (unsigned char) value;
334 (*p)++;
335 return 1;
336}
337
338/* Copy two byte per character BMPStrings */
339
340static int cpy_bmp(unsigned long value, void *arg)
341{
342 unsigned char **p, *q;
343 p = arg;
344 q = *p;
345 *q++ = (unsigned char) ((value >> 8) & 0xff);
346 *q = (unsigned char) (value & 0xff);
347 *p += 2;
348 return 1;
349}
350
351/* Copy four byte per character UniversalStrings */
352
353static int cpy_univ(unsigned long value, void *arg)
354{
355 unsigned char **p, *q;
356 p = arg;
357 q = *p;
358 *q++ = (unsigned char) ((value >> 24) & 0xff);
359 *q++ = (unsigned char) ((value >> 16) & 0xff);
360 *q++ = (unsigned char) ((value >> 8) & 0xff);
361 *q = (unsigned char) (value & 0xff);
362 *p += 4;
363 return 1;
364}
365
366/* Copy to a UTF8String */
367
368static int cpy_utf8(unsigned long value, void *arg)
369{
370 unsigned char **p;
371 int ret;
372 p = arg;
373 /* We already know there is enough room so pass 0xff as the length */
374 ret = UTF8_putc(*p, 0xff, value);
375 *p += ret;
376 return 1;
377}
378
379/* Return 1 if the character is permitted in a PrintableString */
380static int is_printable(unsigned long value)
381{
382 int ch;
383 if(value > 0x7f) return 0;
384 ch = (int) value;
385 /* Note: we can't use 'isalnum' because certain accented
386 * characters may count as alphanumeric in some environments.
387 */
388#ifndef CHARSET_EBCDIC
389 if((ch >= 'a') && (ch <= 'z')) return 1;
390 if((ch >= 'A') && (ch <= 'Z')) return 1;
391 if((ch >= '0') && (ch <= '9')) return 1;
392 if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
393#else /*CHARSET_EBCDIC*/
394 if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1;
395 if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1;
396 if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1;
397 if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1;
398#endif /*CHARSET_EBCDIC*/
399 return 0;
400}
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
deleted file mode 100644
index 20caa2d3bd..0000000000
--- a/src/lib/libcrypto/asn1/a_object.c
+++ /dev/null
@@ -1,320 +0,0 @@
1/* crypto/asn1/a_object.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/asn1.h>
63#include <openssl/objects.h>
64
65int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
66 {
67 unsigned char *p;
68 int objsize;
69
70 if ((a == NULL) || (a->data == NULL)) return(0);
71
72 objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
73 if (pp == NULL) return objsize;
74
75 p= *pp;
76 ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
77 memcpy(p,a->data,a->length);
78 p+=a->length;
79
80 *pp=p;
81 return(objsize);
82 }
83
84int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
85 {
86 int i,first,len=0,c;
87 char tmp[24];
88 const char *p;
89 unsigned long l;
90
91 if (num == 0)
92 return(0);
93 else if (num == -1)
94 num=strlen(buf);
95
96 p=buf;
97 c= *(p++);
98 num--;
99 if ((c >= '0') && (c <= '2'))
100 {
101 first=(c-'0')*40;
102 }
103 else
104 {
105 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
106 goto err;
107 }
108
109 if (num <= 0)
110 {
111 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
112 goto err;
113 }
114 c= *(p++);
115 num--;
116 for (;;)
117 {
118 if (num <= 0) break;
119 if ((c != '.') && (c != ' '))
120 {
121 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
122 goto err;
123 }
124 l=0;
125 for (;;)
126 {
127 if (num <= 0) break;
128 num--;
129 c= *(p++);
130 if ((c == ' ') || (c == '.'))
131 break;
132 if ((c < '0') || (c > '9'))
133 {
134 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
135 goto err;
136 }
137 l=l*10L+(long)(c-'0');
138 }
139 if (len == 0)
140 {
141 if ((first < 2) && (l >= 40))
142 {
143 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
144 goto err;
145 }
146 l+=(long)first;
147 }
148 i=0;
149 for (;;)
150 {
151 tmp[i++]=(unsigned char)l&0x7f;
152 l>>=7L;
153 if (l == 0L) break;
154 }
155 if (out != NULL)
156 {
157 if (len+i > olen)
158 {
159 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
160 goto err;
161 }
162 while (--i > 0)
163 out[len++]=tmp[i]|0x80;
164 out[len++]=tmp[0];
165 }
166 else
167 len+=i;
168 }
169 return(len);
170err:
171 return(0);
172 }
173
174int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
175{
176 return OBJ_obj2txt(buf, buf_len, a, 0);
177}
178
179int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
180 {
181 char buf[80];
182 int i;
183
184 if ((a == NULL) || (a->data == NULL))
185 return(BIO_write(bp,"NULL",4));
186 i=i2t_ASN1_OBJECT(buf,80,a);
187 if (i > 80) i=80;
188 BIO_write(bp,buf,i);
189 return(i);
190 }
191
192ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
193 long length)
194{
195 unsigned char *p;
196 long len;
197 int tag,xclass;
198 int inf,i;
199 ASN1_OBJECT *ret = NULL;
200 p= *pp;
201 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
202 if (inf & 0x80)
203 {
204 i=ASN1_R_BAD_OBJECT_HEADER;
205 goto err;
206 }
207
208 if (tag != V_ASN1_OBJECT)
209 {
210 i=ASN1_R_EXPECTING_AN_OBJECT;
211 goto err;
212 }
213 ret = c2i_ASN1_OBJECT(a, &p, len);
214 if(ret) *pp = p;
215 return ret;
216err:
217 ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
218 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
219 ASN1_OBJECT_free(ret);
220 return(NULL);
221}
222ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
223 long len)
224 {
225 ASN1_OBJECT *ret=NULL;
226 unsigned char *p;
227 int i;
228
229 /* only the ASN1_OBJECTs from the 'table' will have values
230 * for ->sn or ->ln */
231 if ((a == NULL) || ((*a) == NULL) ||
232 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
233 {
234 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
235 }
236 else ret=(*a);
237
238 p= *pp;
239 if ((ret->data == NULL) || (ret->length < len))
240 {
241 if (ret->data != NULL) OPENSSL_free(ret->data);
242 ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
243 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
244 if (ret->data == NULL)
245 { i=ERR_R_MALLOC_FAILURE; goto err; }
246 }
247 memcpy(ret->data,p,(int)len);
248 ret->length=(int)len;
249 ret->sn=NULL;
250 ret->ln=NULL;
251 /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
252 p+=len;
253
254 if (a != NULL) (*a)=ret;
255 *pp=p;
256 return(ret);
257err:
258 ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
259 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
260 ASN1_OBJECT_free(ret);
261 return(NULL);
262 }
263
264ASN1_OBJECT *ASN1_OBJECT_new(void)
265 {
266 ASN1_OBJECT *ret;
267
268 ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
269 if (ret == NULL)
270 {
271 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
272 return(NULL);
273 }
274 ret->length=0;
275 ret->data=NULL;
276 ret->nid=0;
277 ret->sn=NULL;
278 ret->ln=NULL;
279 ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
280 return(ret);
281 }
282
283void ASN1_OBJECT_free(ASN1_OBJECT *a)
284 {
285 if (a == NULL) return;
286 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
287 {
288#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
289 if (a->sn != NULL) OPENSSL_free((void *)a->sn);
290 if (a->ln != NULL) OPENSSL_free((void *)a->ln);
291#endif
292 a->sn=a->ln=NULL;
293 }
294 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
295 {
296 if (a->data != NULL) OPENSSL_free(a->data);
297 a->data=NULL;
298 a->length=0;
299 }
300 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
301 OPENSSL_free(a);
302 }
303
304ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
305 char *sn, char *ln)
306 {
307 ASN1_OBJECT o;
308
309 o.sn=sn;
310 o.ln=ln;
311 o.data=data;
312 o.nid=nid;
313 o.length=len;
314 o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
315 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
316 return(OBJ_dup(&o));
317 }
318
319IMPLEMENT_STACK_OF(ASN1_OBJECT)
320IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c
deleted file mode 100644
index 2586f4327d..0000000000
--- a/src/lib/libcrypto/asn1/a_octet.c
+++ /dev/null
@@ -1,95 +0,0 @@
1/* crypto/asn1/a_octet.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void)
64{ return M_ASN1_OCTET_STRING_new(); }
65
66void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x)
67{ M_ASN1_OCTET_STRING_free(x); }
68
69ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
70{ return M_ASN1_OCTET_STRING_dup(x); }
71
72int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
73{ return M_ASN1_OCTET_STRING_cmp(a, b); }
74
75int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
76{ return M_ASN1_OCTET_STRING_set(x, d, len); }
77
78int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp)
79{ return M_i2d_ASN1_OCTET_STRING(a, pp); }
80
81ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
82 unsigned char **pp, long length)
83 {
84 ASN1_OCTET_STRING *ret=NULL;
85
86 ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
87 pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
88 if (ret == NULL)
89 {
90 ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
91 return(NULL);
92 }
93 return(ret);
94 }
95
diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c
deleted file mode 100644
index b7bd2bd18a..0000000000
--- a/src/lib/libcrypto/asn1/a_print.c
+++ /dev/null
@@ -1,197 +0,0 @@
1/* crypto/asn1/a_print.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63ASN1_IA5STRING *ASN1_IA5STRING_new(void)
64{ return M_ASN1_IA5STRING_new();}
65
66void ASN1_IA5STRING_free(ASN1_IA5STRING *x)
67{ M_ASN1_IA5STRING_free(x);}
68
69int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp)
70 { return(M_i2d_ASN1_IA5STRING(a,pp)); }
71
72ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp,
73 long l)
74 { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
75
76ASN1_T61STRING *ASN1_T61STRING_new(void)
77{ return M_ASN1_T61STRING_new();}
78
79void ASN1_T61STRING_free(ASN1_T61STRING *x)
80{ M_ASN1_T61STRING_free(x);}
81
82ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp,
83 long l)
84 { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
85
86ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void)
87{ return M_ASN1_PRINTABLESTRING_new();}
88
89void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x)
90{ M_ASN1_PRINTABLESTRING_free(x);}
91
92ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
93 unsigned char **pp, long l)
94 { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,
95 l)); }
96
97int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp)
98 { return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); }
99
100int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp)
101 { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
102
103ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp,
104 long l)
105 { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
106
107int ASN1_PRINTABLE_type(unsigned char *s, int len)
108 {
109 int c;
110 int ia5=0;
111 int t61=0;
112
113 if (len <= 0) len= -1;
114 if (s == NULL) return(V_ASN1_PRINTABLESTRING);
115
116 while ((*s) && (len-- != 0))
117 {
118 c= *(s++);
119#ifndef CHARSET_EBCDIC
120 if (!( ((c >= 'a') && (c <= 'z')) ||
121 ((c >= 'A') && (c <= 'Z')) ||
122 (c == ' ') ||
123 ((c >= '0') && (c <= '9')) ||
124 (c == ' ') || (c == '\'') ||
125 (c == '(') || (c == ')') ||
126 (c == '+') || (c == ',') ||
127 (c == '-') || (c == '.') ||
128 (c == '/') || (c == ':') ||
129 (c == '=') || (c == '?')))
130 ia5=1;
131 if (c&0x80)
132 t61=1;
133#else
134 if (!isalnum(c) && (c != ' ') &&
135 strchr("'()+,-./:=?", c) == NULL)
136 ia5=1;
137 if (os_toascii[c] & 0x80)
138 t61=1;
139#endif
140 }
141 if (t61) return(V_ASN1_T61STRING);
142 if (ia5) return(V_ASN1_IA5STRING);
143 return(V_ASN1_PRINTABLESTRING);
144 }
145
146int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
147 {
148 int i;
149 unsigned char *p;
150
151 if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
152 if ((s->length%4) != 0) return(0);
153 p=s->data;
154 for (i=0; i<s->length; i+=4)
155 {
156 if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
157 break;
158 else
159 p+=4;
160 }
161 if (i < s->length) return(0);
162 p=s->data;
163 for (i=3; i<s->length; i+=4)
164 {
165 *(p++)=s->data[i];
166 }
167 *(p)='\0';
168 s->length/=4;
169 s->type=ASN1_PRINTABLE_type(s->data,s->length);
170 return(1);
171 }
172
173ASN1_STRING *DIRECTORYSTRING_new(void)
174{ return M_DIRECTORYSTRING_new();}
175
176void DIRECTORYSTRING_free(ASN1_STRING *x)
177{ M_DIRECTORYSTRING_free(x);}
178
179int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp)
180 { return(M_i2d_DIRECTORYSTRING(a,pp)); }
181
182ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
183 long l)
184 { return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
185
186ASN1_STRING *DISPLAYTEXT_new(void)
187{ return M_DISPLAYTEXT_new();}
188
189void DISPLAYTEXT_free(ASN1_STRING *x)
190{ M_DISPLAYTEXT_free(x);}
191
192int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp)
193 { return(M_i2d_DISPLAYTEXT(a,pp)); }
194
195ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp,
196 long l)
197 { return(M_d2i_DISPLAYTEXT(a,pp,l)); }
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
deleted file mode 100644
index caf5a1419c..0000000000
--- a/src/lib/libcrypto/asn1/a_set.c
+++ /dev/null
@@ -1,217 +0,0 @@
1/* crypto/asn1/a_set.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62
63typedef struct
64 {
65 unsigned char *pbData;
66 int cbData;
67 } MYBLOB;
68
69/* SetBlobCmp
70 * This function compares two elements of SET_OF block
71 */
72static int SetBlobCmp(const void *elem1, const void *elem2 )
73 {
74 const MYBLOB *b1 = (const MYBLOB *)elem1;
75 const MYBLOB *b2 = (const MYBLOB *)elem2;
76 int r;
77
78 r = memcmp(b1->pbData, b2->pbData,
79 b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
80 if(r != 0)
81 return r;
82 return b1->cbData-b2->cbData;
83 }
84
85/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
86int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
87 int ex_class, int is_set)
88 {
89 int ret=0,r;
90 int i;
91 unsigned char *p;
92 unsigned char *pStart, *pTempMem;
93 MYBLOB *rgSetBlob;
94 int totSize;
95
96 if (a == NULL) return(0);
97 for (i=sk_num(a)-1; i>=0; i--)
98 ret+=func(sk_value(a,i),NULL);
99 r=ASN1_object_size(1,ret,ex_tag);
100 if (pp == NULL) return(r);
101
102 p= *pp;
103 ASN1_put_object(&p,1,ret,ex_tag,ex_class);
104
105/* Modified by gp@nsj.co.jp */
106 /* And then again by Ben */
107 /* And again by Steve */
108
109 if(!is_set || (sk_num(a) < 2))
110 {
111 for (i=0; i<sk_num(a); i++)
112 func(sk_value(a,i),&p);
113
114 *pp=p;
115 return(r);
116 }
117
118 pStart = p; /* Catch the beg of Setblobs*/
119 rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
120we will store the SET blobs */
121
122 for (i=0; i<sk_num(a); i++)
123 {
124 rgSetBlob[i].pbData = p; /* catch each set encode blob */
125 func(sk_value(a,i),&p);
126 rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
127SetBlob
128*/
129 }
130 *pp=p;
131 totSize = p - pStart; /* This is the total size of all set blobs */
132
133 /* Now we have to sort the blobs. I am using a simple algo.
134 *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
135 qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
136 pTempMem = OPENSSL_malloc(totSize);
137
138/* Copy to temp mem */
139 p = pTempMem;
140 for(i=0; i<sk_num(a); ++i)
141 {
142 memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
143 p += rgSetBlob[i].cbData;
144 }
145
146/* Copy back to user mem*/
147 memcpy(pStart, pTempMem, totSize);
148 OPENSSL_free(pTempMem);
149 OPENSSL_free(rgSetBlob);
150
151 return(r);
152 }
153
154STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
155 char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
156 {
157 ASN1_CTX c;
158 STACK *ret=NULL;
159
160 if ((a == NULL) || ((*a) == NULL))
161 { if ((ret=sk_new_null()) == NULL) goto err; }
162 else
163 ret=(*a);
164
165 c.p= *pp;
166 c.max=(length == 0)?0:(c.p+length);
167
168 c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
169 if (c.inf & 0x80) goto err;
170 if (ex_class != c.xclass)
171 {
172 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
173 goto err;
174 }
175 if (ex_tag != c.tag)
176 {
177 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
178 goto err;
179 }
180 if ((c.slen+c.p) > c.max)
181 {
182 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
183 goto err;
184 }
185 /* check for infinite constructed - it can be as long
186 * as the amount of data passed to us */
187 if (c.inf == (V_ASN1_CONSTRUCTED+1))
188 c.slen=length+ *pp-c.p;
189 c.max=c.p+c.slen;
190
191 while (c.p < c.max)
192 {
193 char *s;
194
195 if (M_ASN1_D2I_end_sequence()) break;
196 if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
197 {
198 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
199 asn1_add_error(*pp,(int)(c.q- *pp));
200 goto err;
201 }
202 if (!sk_push(ret,s)) goto err;
203 }
204 if (a != NULL) (*a)=ret;
205 *pp=c.p;
206 return(ret);
207err:
208 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
209 {
210 if (free_func != NULL)
211 sk_pop_free(ret,free_func);
212 else
213 sk_free(ret);
214 }
215 return(NULL);
216 }
217
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
deleted file mode 100644
index 4c651706d2..0000000000
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ /dev/null
@@ -1,148 +0,0 @@
1/* crypto/asn1/a_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61
62#include "cryptlib.h"
63
64#ifndef NO_SYS_TYPES_H
65# include <sys/types.h>
66#endif
67
68#include <openssl/bn.h>
69#include <openssl/evp.h>
70#include <openssl/x509.h>
71#include <openssl/objects.h>
72#include <openssl/buffer.h>
73
74int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
75 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
76 const EVP_MD *type)
77 {
78 EVP_MD_CTX ctx;
79 unsigned char *p,*buf_in=NULL,*buf_out=NULL;
80 int i,inl=0,outl=0,outll=0;
81 X509_ALGOR *a;
82
83 for (i=0; i<2; i++)
84 {
85 if (i == 0)
86 a=algor1;
87 else
88 a=algor2;
89 if (a == NULL) continue;
90 if ( (a->parameter == NULL) ||
91 (a->parameter->type != V_ASN1_NULL))
92 {
93 ASN1_TYPE_free(a->parameter);
94 if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
95 a->parameter->type=V_ASN1_NULL;
96 }
97 ASN1_OBJECT_free(a->algorithm);
98 a->algorithm=OBJ_nid2obj(type->pkey_type);
99 if (a->algorithm == NULL)
100 {
101 ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
102 goto err;
103 }
104 if (a->algorithm->length == 0)
105 {
106 ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
107 goto err;
108 }
109 }
110 inl=i2d(data,NULL);
111 buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
112 outll=outl=EVP_PKEY_size(pkey);
113 buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
114 if ((buf_in == NULL) || (buf_out == NULL))
115 {
116 outl=0;
117 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
118 goto err;
119 }
120 p=buf_in;
121
122 i2d(data,&p);
123 EVP_SignInit(&ctx,type);
124 EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
125 if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
126 (unsigned int *)&outl,pkey))
127 {
128 outl=0;
129 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
130 goto err;
131 }
132 if (signature->data != NULL) OPENSSL_free(signature->data);
133 signature->data=buf_out;
134 buf_out=NULL;
135 signature->length=outl;
136 /* In the interests of compatibility, I'll make sure that
137 * the bit string has a 'not-used bits' value of 0
138 */
139 signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
140 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
141err:
142 memset(&ctx,0,sizeof(ctx));
143 if (buf_in != NULL)
144 { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
145 if (buf_out != NULL)
146 { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
147 return(outl);
148 }
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
deleted file mode 100644
index 569b811998..0000000000
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ /dev/null
@@ -1,533 +0,0 @@
1/* a_strex.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/crypto.h>
62#include <openssl/x509.h>
63#include <openssl/asn1.h>
64
65#include "charmap.h"
66
67/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
68 * Enhanced string and name printing routines handling
69 * multibyte characters, RFC2253 and a host of other
70 * options.
71 */
72
73
74#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
75
76
77/* Three IO functions for sending data to memory, a BIO and
78 * and a FILE pointer.
79 */
80
81int send_mem_chars(void *arg, const void *buf, int len)
82{
83 unsigned char **out = arg;
84 if(!out) return 1;
85 memcpy(*out, buf, len);
86 *out += len;
87 return 1;
88}
89
90int send_bio_chars(void *arg, const void *buf, int len)
91{
92 if(!arg) return 1;
93 if(BIO_write(arg, buf, len) != len) return 0;
94 return 1;
95}
96
97int send_fp_chars(void *arg, const void *buf, int len)
98{
99 if(!arg) return 1;
100 if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0;
101 return 1;
102}
103
104typedef int char_io(void *arg, const void *buf, int len);
105
106/* This function handles display of
107 * strings, one character at a time.
108 * It is passed an unsigned long for each
109 * character because it could come from 2 or even
110 * 4 byte forms.
111 */
112
113static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg)
114{
115 unsigned char chflgs, chtmp;
116 char tmphex[11];
117 if(c > 0xffff) {
118 BIO_snprintf(tmphex, 11, "\\W%08lX", c);
119 if(!io_ch(arg, tmphex, 10)) return -1;
120 return 10;
121 }
122 if(c > 0xff) {
123 BIO_snprintf(tmphex, 11, "\\U%04lX", c);
124 if(!io_ch(arg, tmphex, 6)) return -1;
125 return 6;
126 }
127 chtmp = (unsigned char)c;
128 if(chtmp > 0x7f) chflgs = flags & ASN1_STRFLGS_ESC_MSB;
129 else chflgs = char_type[chtmp] & flags;
130 if(chflgs & CHARTYPE_BS_ESC) {
131 /* If we don't escape with quotes, signal we need quotes */
132 if(chflgs & ASN1_STRFLGS_ESC_QUOTE) {
133 if(do_quotes) *do_quotes = 1;
134 if(!io_ch(arg, &chtmp, 1)) return -1;
135 return 1;
136 }
137 if(!io_ch(arg, "\\", 1)) return -1;
138 if(!io_ch(arg, &chtmp, 1)) return -1;
139 return 2;
140 }
141 if(chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) {
142 BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
143 if(!io_ch(arg, tmphex, 3)) return -1;
144 return 3;
145 }
146 if(!io_ch(arg, &chtmp, 1)) return -1;
147 return 1;
148}
149
150#define BUF_TYPE_WIDTH_MASK 0x7
151#define BUF_TYPE_CONVUTF8 0x8
152
153/* This function sends each character in a buffer to
154 * do_esc_char(). It interprets the content formats
155 * and converts to or from UTF8 as appropriate.
156 */
157
158static int do_buf(unsigned char *buf, int buflen,
159 int type, unsigned char flags, char *quotes, char_io *io_ch, void *arg)
160{
161 int i, outlen, len;
162 unsigned char orflags, *p, *q;
163 unsigned long c;
164 p = buf;
165 q = buf + buflen;
166 outlen = 0;
167 while(p != q) {
168 if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
169 else orflags = 0;
170 switch(type & BUF_TYPE_WIDTH_MASK) {
171 case 4:
172 c = ((unsigned long)*p++) << 24;
173 c |= ((unsigned long)*p++) << 16;
174 c |= ((unsigned long)*p++) << 8;
175 c |= *p++;
176 break;
177
178 case 2:
179 c = ((unsigned long)*p++) << 8;
180 c |= *p++;
181 break;
182
183 case 1:
184 c = *p++;
185 break;
186
187 case 0:
188 i = UTF8_getc(p, buflen, &c);
189 if(i < 0) return -1; /* Invalid UTF8String */
190 p += i;
191 break;
192 }
193 if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
194 if(type & BUF_TYPE_CONVUTF8) {
195 unsigned char utfbuf[6];
196 int utflen;
197 utflen = UTF8_putc(utfbuf, 6, c);
198 for(i = 0; i < utflen; i++) {
199 /* We don't need to worry about setting orflags correctly
200 * because if utflen==1 its value will be correct anyway
201 * otherwise each character will be > 0x7f and so the
202 * character will never be escaped on first and last.
203 */
204 len = do_esc_char(utfbuf[i], (unsigned char)(flags | orflags), quotes, io_ch, arg);
205 if(len < 0) return -1;
206 outlen += len;
207 }
208 } else {
209 len = do_esc_char(c, (unsigned char)(flags | orflags), quotes, io_ch, arg);
210 if(len < 0) return -1;
211 outlen += len;
212 }
213 }
214 return outlen;
215}
216
217/* This function hex dumps a buffer of characters */
218
219static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
220{
221 const static char hexdig[] = "0123456789ABCDEF";
222 unsigned char *p, *q;
223 char hextmp[2];
224 if(arg) {
225 p = buf;
226 q = buf + buflen;
227 while(p != q) {
228 hextmp[0] = hexdig[*p >> 4];
229 hextmp[1] = hexdig[*p & 0xf];
230 if(!io_ch(arg, hextmp, 2)) return -1;
231 p++;
232 }
233 }
234 return buflen << 1;
235}
236
237/* "dump" a string. This is done when the type is unknown,
238 * or the flags request it. We can either dump the content
239 * octets or the entire DER encoding. This uses the RFC2253
240 * #01234 format.
241 */
242
243int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
244{
245 /* Placing the ASN1_STRING in a temp ASN1_TYPE allows
246 * the DER encoding to readily obtained
247 */
248 ASN1_TYPE t;
249 unsigned char *der_buf, *p;
250 int outlen, der_len;
251
252 if(!io_ch(arg, "#", 1)) return -1;
253 /* If we don't dump DER encoding just dump content octets */
254 if(!(lflags & ASN1_STRFLGS_DUMP_DER)) {
255 outlen = do_hex_dump(io_ch, arg, str->data, str->length);
256 if(outlen < 0) return -1;
257 return outlen + 1;
258 }
259 t.type = str->type;
260 t.value.ptr = (char *)str;
261 der_len = i2d_ASN1_TYPE(&t, NULL);
262 der_buf = OPENSSL_malloc(der_len);
263 if(!der_buf) return -1;
264 p = der_buf;
265 i2d_ASN1_TYPE(&t, &p);
266 outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
267 OPENSSL_free(der_buf);
268 if(outlen < 0) return -1;
269 return outlen + 1;
270}
271
272/* Lookup table to convert tags to character widths,
273 * 0 = UTF8 encoded, -1 is used for non string types
274 * otherwise it is the number of bytes per character
275 */
276
277const static char tag2nbyte[] = {
278 -1, -1, -1, -1, -1, /* 0-4 */
279 -1, -1, -1, -1, -1, /* 5-9 */
280 -1, -1, 0, -1, /* 10-13 */
281 -1, -1, -1, -1, /* 15-17 */
282 -1, 1, 1, /* 18-20 */
283 -1, 1, -1,-1, /* 21-24 */
284 -1, 1, -1, /* 25-27 */
285 4, -1, 2 /* 28-30 */
286};
287
288#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
289 ASN1_STRFLGS_ESC_QUOTE | \
290 ASN1_STRFLGS_ESC_CTRL | \
291 ASN1_STRFLGS_ESC_MSB)
292
293/* This is the main function, print out an
294 * ASN1_STRING taking note of various escape
295 * and display options. Returns number of
296 * characters written or -1 if an error
297 * occurred.
298 */
299
300static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str)
301{
302 int outlen, len;
303 int type;
304 char quotes;
305 unsigned char flags;
306 quotes = 0;
307 /* Keep a copy of escape flags */
308 flags = (unsigned char)(lflags & ESC_FLAGS);
309
310 type = str->type;
311
312 outlen = 0;
313
314
315 if(lflags & ASN1_STRFLGS_SHOW_TYPE) {
316 const char *tagname;
317 tagname = ASN1_tag2str(type);
318 outlen += strlen(tagname);
319 if(!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1)) return -1;
320 outlen++;
321 }
322
323 /* Decide what to do with type, either dump content or display it */
324
325 /* Dump everything */
326 if(lflags & ASN1_STRFLGS_DUMP_ALL) type = -1;
327 /* Ignore the string type */
328 else if(lflags & ASN1_STRFLGS_IGNORE_TYPE) type = 1;
329 else {
330 /* Else determine width based on type */
331 if((type > 0) && (type < 31)) type = tag2nbyte[type];
332 else type = -1;
333 if((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN)) type = 1;
334 }
335
336 if(type == -1) {
337 len = do_dump(lflags, io_ch, arg, str);
338 if(len < 0) return -1;
339 outlen += len;
340 return outlen;
341 }
342
343 if(lflags & ASN1_STRFLGS_UTF8_CONVERT) {
344 /* Note: if string is UTF8 and we want
345 * to convert to UTF8 then we just interpret
346 * it as 1 byte per character to avoid converting
347 * twice.
348 */
349 if(!type) type = 1;
350 else type |= BUF_TYPE_CONVUTF8;
351 }
352
353 len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
354 if(outlen < 0) return -1;
355 outlen += len;
356 if(quotes) outlen += 2;
357 if(!arg) return outlen;
358 if(quotes && !io_ch(arg, "\"", 1)) return -1;
359 do_buf(str->data, str->length, type, flags, NULL, io_ch, arg);
360 if(quotes && !io_ch(arg, "\"", 1)) return -1;
361 return outlen;
362}
363
364/* Used for line indenting: print 'indent' spaces */
365
366static int do_indent(char_io *io_ch, void *arg, int indent)
367{
368 int i;
369 for(i = 0; i < indent; i++)
370 if(!io_ch(arg, " ", 1)) return 0;
371 return 1;
372}
373
374
375static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
376 int indent, unsigned long flags)
377{
378 int i, prev = -1, orflags, cnt;
379 int fn_opt, fn_nid;
380 ASN1_OBJECT *fn;
381 ASN1_STRING *val;
382 X509_NAME_ENTRY *ent;
383 char objtmp[80];
384 const char *objbuf;
385 int outlen, len;
386 char *sep_dn, *sep_mv, *sep_eq;
387 int sep_dn_len, sep_mv_len, sep_eq_len;
388 if(indent < 0) indent = 0;
389 outlen = indent;
390 if(!do_indent(io_ch, arg, indent)) return -1;
391 switch (flags & XN_FLAG_SEP_MASK)
392 {
393 case XN_FLAG_SEP_MULTILINE:
394 sep_dn = "\n";
395 sep_dn_len = 1;
396 sep_mv = " + ";
397 sep_mv_len = 3;
398 break;
399
400 case XN_FLAG_SEP_COMMA_PLUS:
401 sep_dn = ",";
402 sep_dn_len = 1;
403 sep_mv = "+";
404 sep_mv_len = 1;
405 indent = 0;
406 break;
407
408 case XN_FLAG_SEP_CPLUS_SPC:
409 sep_dn = ", ";
410 sep_dn_len = 2;
411 sep_mv = " + ";
412 sep_mv_len = 3;
413 indent = 0;
414 break;
415
416 case XN_FLAG_SEP_SPLUS_SPC:
417 sep_dn = "; ";
418 sep_dn_len = 2;
419 sep_mv = " + ";
420 sep_mv_len = 3;
421 indent = 0;
422 break;
423
424 default:
425 return -1;
426 }
427
428 if(flags & XN_FLAG_SPC_EQ) {
429 sep_eq = " = ";
430 sep_eq_len = 3;
431 } else {
432 sep_eq = "=";
433 sep_eq_len = 1;
434 }
435
436 fn_opt = flags & XN_FLAG_FN_MASK;
437
438 cnt = X509_NAME_entry_count(n);
439 for(i = 0; i < cnt; i++) {
440 if(flags & XN_FLAG_DN_REV)
441 ent = X509_NAME_get_entry(n, cnt - i - 1);
442 else ent = X509_NAME_get_entry(n, i);
443 if(prev != -1) {
444 if(prev == ent->set) {
445 if(!io_ch(arg, sep_mv, sep_mv_len)) return -1;
446 outlen += sep_mv_len;
447 } else {
448 if(!io_ch(arg, sep_dn, sep_dn_len)) return -1;
449 outlen += sep_dn_len;
450 if(!do_indent(io_ch, arg, indent)) return -1;
451 outlen += indent;
452 }
453 }
454 prev = ent->set;
455 fn = X509_NAME_ENTRY_get_object(ent);
456 val = X509_NAME_ENTRY_get_data(ent);
457 fn_nid = OBJ_obj2nid(fn);
458 if(fn_opt != XN_FLAG_FN_NONE) {
459 int objlen;
460 if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
461 OBJ_obj2txt(objtmp, 80, fn, 1);
462 objbuf = objtmp;
463 } else {
464 if(fn_opt == XN_FLAG_FN_SN)
465 objbuf = OBJ_nid2sn(fn_nid);
466 else if(fn_opt == XN_FLAG_FN_LN)
467 objbuf = OBJ_nid2ln(fn_nid);
468 else objbuf = "";
469 }
470 objlen = strlen(objbuf);
471 if(!io_ch(arg, objbuf, objlen)) return -1;
472 if(!io_ch(arg, sep_eq, sep_eq_len)) return -1;
473 outlen += objlen + sep_eq_len;
474 }
475 /* If the field name is unknown then fix up the DER dump
476 * flag. We might want to limit this further so it will
477 * DER dump on anything other than a few 'standard' fields.
478 */
479 if((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
480 orflags = ASN1_STRFLGS_DUMP_ALL;
481 else orflags = 0;
482
483 len = do_print_ex(io_ch, arg, flags | orflags, val);
484 if(len < 0) return -1;
485 outlen += len;
486 }
487 return outlen;
488}
489
490/* Wrappers round the main functions */
491
492int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
493{
494 return do_name_ex(send_bio_chars, out, nm, indent, flags);
495}
496
497
498int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
499{
500 return do_name_ex(send_fp_chars, fp, nm, indent, flags);
501}
502
503int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
504{
505 return do_print_ex(send_bio_chars, out, flags, str);
506}
507
508
509int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
510{
511 return do_print_ex(send_fp_chars, fp, flags, str);
512}
513
514/* Utility function: convert any string type to UTF8, returns number of bytes
515 * in output string or a negative error code
516 */
517
518int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
519{
520 ASN1_STRING stmp, *str = &stmp;
521 int mbflag, type, ret;
522 if(!*out || !in) return -1;
523 type = in->type;
524 if((type < 0) || (type > 30)) return -1;
525 mbflag = tag2nbyte[type];
526 if(mbflag == -1) return -1;
527 mbflag |= MBSTRING_FLAG;
528 stmp.data = NULL;
529 ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
530 if(ret < 0) return ret;
531 if(out) *out = stmp.data;
532 return stmp.length;
533}
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
deleted file mode 100644
index 732e68fe46..0000000000
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ /dev/null
@@ -1,250 +0,0 @@
1/* a_strnid.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/objects.h>
64
65
66static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
67static void st_free(ASN1_STRING_TABLE *tbl);
68static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
69 const ASN1_STRING_TABLE * const *b);
70static int table_cmp(const void *a, const void *b);
71
72
73/* This is the global mask for the mbstring functions: this is use to
74 * mask out certain types (such as BMPString and UTF8String) because
75 * certain software (e.g. Netscape) has problems with them.
76 */
77
78static unsigned long global_mask = 0xFFFFFFFFL;
79
80void ASN1_STRING_set_default_mask(unsigned long mask)
81{
82 global_mask = mask;
83}
84
85unsigned long ASN1_STRING_get_default_mask(void)
86{
87 return global_mask;
88}
89
90/* This function sets the default to various "flavours" of configuration.
91 * based on an ASCII string. Currently this is:
92 * MASK:XXXX : a numerical mask value.
93 * nobmp : Don't use BMPStrings (just Printable, T61).
94 * pkix : PKIX recommendation in RFC2459.
95 * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
96 * default: the default value, Printable, T61, BMP.
97 */
98
99int ASN1_STRING_set_default_mask_asc(char *p)
100{
101 unsigned long mask;
102 char *end;
103 if(!strncmp(p, "MASK:", 5)) {
104 if(!p[5]) return 0;
105 mask = strtoul(p + 5, &end, 0);
106 if(*end) return 0;
107 } else if(!strcmp(p, "nombstr"))
108 mask = ~(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING);
109 else if(!strcmp(p, "pkix"))
110 mask = ~B_ASN1_T61STRING;
111 else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING;
112 else if(!strcmp(p, "default"))
113 mask = 0xFFFFFFFFL;
114 else return 0;
115 ASN1_STRING_set_default_mask(mask);
116 return 1;
117}
118
119/* The following function generates an ASN1_STRING based on limits in a table.
120 * Frequently the types and length of an ASN1_STRING are restricted by a
121 * corresponding OID. For example certificates and certificate requests.
122 */
123
124ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
125 int inlen, int inform, int nid)
126{
127 ASN1_STRING_TABLE *tbl;
128 ASN1_STRING *str = NULL;
129 unsigned long mask;
130 int ret;
131 if(!out) out = &str;
132 tbl = ASN1_STRING_TABLE_get(nid);
133 if(tbl) {
134 mask = tbl->mask;
135 if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
136 ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
137 tbl->minsize, tbl->maxsize);
138 } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
139 if(ret <= 0) return NULL;
140 return *out;
141}
142
143/* Now the tables and helper functions for the string table:
144 */
145
146/* size limits: this stuff is taken straight from RFC2459 */
147
148#define ub_name 32768
149#define ub_common_name 64
150#define ub_locality_name 128
151#define ub_state_name 128
152#define ub_organization_name 64
153#define ub_organization_unit_name 64
154#define ub_title 64
155#define ub_email_address 128
156
157/* This table must be kept in NID order */
158
159static ASN1_STRING_TABLE tbl_standard[] = {
160{NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
161{NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
162{NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
163{NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
164{NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
165{NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
166{NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
167{NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
168{NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
169{NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
170{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
171{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
172{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
173{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
174{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
175};
176
177static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
178 const ASN1_STRING_TABLE * const *b)
179{
180 return (*a)->nid - (*b)->nid;
181}
182
183static int table_cmp(const void *a, const void *b)
184{
185 const ASN1_STRING_TABLE *sa = a, *sb = b;
186 return sa->nid - sb->nid;
187}
188
189ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
190{
191 int idx;
192 ASN1_STRING_TABLE *ttmp;
193 ASN1_STRING_TABLE fnd;
194 fnd.nid = nid;
195 ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
196 (char *)tbl_standard,
197 sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
198 sizeof(ASN1_STRING_TABLE), table_cmp);
199 if(ttmp) return ttmp;
200 if(!stable) return NULL;
201 idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
202 if(idx < 0) return NULL;
203 return sk_ASN1_STRING_TABLE_value(stable, idx);
204}
205
206int ASN1_STRING_TABLE_add(int nid,
207 long minsize, long maxsize, unsigned long mask,
208 unsigned long flags)
209{
210 ASN1_STRING_TABLE *tmp;
211 char new_nid = 0;
212 flags &= ~STABLE_FLAGS_MALLOC;
213 if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
214 if(!stable) {
215 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
216 return 0;
217 }
218 if(!(tmp = ASN1_STRING_TABLE_get(nid))) {
219 tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
220 if(!tmp) {
221 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
222 ERR_R_MALLOC_FAILURE);
223 return 0;
224 }
225 tmp->flags = flags | STABLE_FLAGS_MALLOC;
226 tmp->nid = nid;
227 new_nid = 1;
228 } else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
229 if(minsize != -1) tmp->minsize = minsize;
230 if(maxsize != -1) tmp->maxsize = maxsize;
231 tmp->mask = mask;
232 if(new_nid) sk_ASN1_STRING_TABLE_push(stable, tmp);
233 return 1;
234}
235
236void ASN1_STRING_TABLE_cleanup(void)
237{
238 STACK_OF(ASN1_STRING_TABLE) *tmp;
239 tmp = stable;
240 if(!tmp) return;
241 stable = NULL;
242 sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
243}
244
245static void st_free(ASN1_STRING_TABLE *tbl)
246{
247 if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl);
248}
249
250IMPLEMENT_STACK_OF(ASN1_STRING_TABLE)
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
deleted file mode 100644
index 8c0ddee4ac..0000000000
--- a/src/lib/libcrypto/asn1/a_time.c
+++ /dev/null
@@ -1,127 +0,0 @@
1/* crypto/asn1/a_time.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56
57/* This is an implementation of the ASN1 Time structure which is:
58 * Time ::= CHOICE {
59 * utcTime UTCTime,
60 * generalTime GeneralizedTime }
61 * written by Steve Henson.
62 */
63
64#include <stdio.h>
65#include <time.h>
66#include "cryptlib.h"
67#include <openssl/asn1.h>
68
69ASN1_TIME *ASN1_TIME_new(void)
70{ return M_ASN1_TIME_new(); }
71
72void ASN1_TIME_free(ASN1_TIME *x)
73{ M_ASN1_TIME_free(x); }
74
75int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
76 {
77#ifdef CHARSET_EBCDIC
78 /* KLUDGE! We convert to ascii before writing DER */
79 char tmp[24];
80 ASN1_STRING tmpstr;
81
82 if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
83 int len;
84
85 tmpstr = *(ASN1_STRING *)a;
86 len = tmpstr.length;
87 ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
88 tmpstr.data = tmp;
89 a = (ASN1_GENERALIZEDTIME *) &tmpstr;
90 }
91#endif
92 if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
93 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
94 a->type ,V_ASN1_UNIVERSAL));
95 ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
96 return -1;
97 }
98
99
100ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length)
101 {
102 unsigned char tag;
103 tag = **pp & ~V_ASN1_CONSTRUCTED;
104 if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL))
105 return d2i_ASN1_UTCTIME(a, pp, length);
106 if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL))
107 return d2i_ASN1_GENERALIZEDTIME(a, pp, length);
108 ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
109 return(NULL);
110 }
111
112
113ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
114 {
115 struct tm *ts;
116#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__)
117 struct tm data;
118
119 gmtime_r(&t,&data);
120 ts=&data; /* should return &data, but doesn't on some systems, so we don't even look at the return value */
121#else
122 ts=gmtime(&t);
123#endif
124 if((ts->tm_year >= 50) && (ts->tm_year < 150))
125 return ASN1_UTCTIME_set(s, t);
126 return ASN1_GENERALIZEDTIME_set(s,t);
127 }
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
deleted file mode 100644
index e72a6b29e0..0000000000
--- a/src/lib/libcrypto/asn1/a_type.c
+++ /dev/null
@@ -1,352 +0,0 @@
1/* crypto/asn1/a_type.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62
63static void ASN1_TYPE_component_free(ASN1_TYPE *a);
64int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
65 {
66 int r=0;
67
68 if (a == NULL) return(0);
69
70 switch (a->type)
71 {
72 case V_ASN1_NULL:
73 if (pp != NULL)
74 ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
75 r=2;
76 break;
77 case V_ASN1_INTEGER:
78 case V_ASN1_NEG_INTEGER:
79 r=i2d_ASN1_INTEGER(a->value.integer,pp);
80 break;
81 case V_ASN1_ENUMERATED:
82 case V_ASN1_NEG_ENUMERATED:
83 r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp);
84 break;
85 case V_ASN1_BIT_STRING:
86 r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
87 break;
88 case V_ASN1_OCTET_STRING:
89 r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
90 break;
91 case V_ASN1_OBJECT:
92 r=i2d_ASN1_OBJECT(a->value.object,pp);
93 break;
94 case V_ASN1_PRINTABLESTRING:
95 r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
96 break;
97 case V_ASN1_T61STRING:
98 r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
99 break;
100 case V_ASN1_IA5STRING:
101 r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
102 break;
103 case V_ASN1_GENERALSTRING:
104 r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
105 break;
106 case V_ASN1_UNIVERSALSTRING:
107 r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
108 break;
109 case V_ASN1_UTF8STRING:
110 r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp);
111 break;
112 case V_ASN1_VISIBLESTRING:
113 r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp);
114 break;
115 case V_ASN1_BMPSTRING:
116 r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
117 break;
118 case V_ASN1_UTCTIME:
119 r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
120 break;
121 case V_ASN1_GENERALIZEDTIME:
122 r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp);
123 break;
124 case V_ASN1_SET:
125 case V_ASN1_SEQUENCE:
126 case V_ASN1_OTHER:
127 default:
128 if (a->value.set == NULL)
129 r=0;
130 else
131 {
132 r=a->value.set->length;
133 if (pp != NULL)
134 {
135 memcpy(*pp,a->value.set->data,r);
136 *pp+=r;
137 }
138 }
139 break;
140 }
141 return(r);
142 }
143
144ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
145 {
146 ASN1_TYPE *ret=NULL;
147 unsigned char *q,*p,*max;
148 int inf,tag,xclass;
149 long len;
150
151 if ((a == NULL) || ((*a) == NULL))
152 {
153 if ((ret=ASN1_TYPE_new()) == NULL) goto err;
154 }
155 else
156 ret=(*a);
157
158 p= *pp;
159 q=p;
160 max=(p+length);
161
162 inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
163 if (inf & 0x80) goto err;
164 /* If not universal tag we've no idea what it is */
165 if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
166
167 ASN1_TYPE_component_free(ret);
168
169 switch (tag)
170 {
171 case V_ASN1_NULL:
172 p=q;
173 ret->value.ptr=NULL;
174 break;
175 case V_ASN1_INTEGER:
176 if ((ret->value.integer=
177 d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
178 goto err;
179 break;
180 case V_ASN1_ENUMERATED:
181 if ((ret->value.enumerated=
182 d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL)
183 goto err;
184 break;
185 case V_ASN1_BIT_STRING:
186 if ((ret->value.bit_string=
187 d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
188 goto err;
189 break;
190 case V_ASN1_OCTET_STRING:
191 if ((ret->value.octet_string=
192 d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
193 goto err;
194 break;
195 case V_ASN1_VISIBLESTRING:
196 if ((ret->value.visiblestring=
197 d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL)
198 goto err;
199 break;
200 case V_ASN1_UTF8STRING:
201 if ((ret->value.utf8string=
202 d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL)
203 goto err;
204 break;
205 case V_ASN1_OBJECT:
206 if ((ret->value.object=
207 d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
208 goto err;
209 break;
210 case V_ASN1_PRINTABLESTRING:
211 if ((ret->value.printablestring=
212 d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
213 goto err;
214 break;
215 case V_ASN1_T61STRING:
216 if ((ret->value.t61string=
217 M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
218 goto err;
219 break;
220 case V_ASN1_IA5STRING:
221 if ((ret->value.ia5string=
222 M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
223 goto err;
224 break;
225 case V_ASN1_GENERALSTRING:
226 if ((ret->value.generalstring=
227 M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
228 goto err;
229 break;
230 case V_ASN1_UNIVERSALSTRING:
231 if ((ret->value.universalstring=
232 M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
233 goto err;
234 break;
235 case V_ASN1_BMPSTRING:
236 if ((ret->value.bmpstring=
237 M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
238 goto err;
239 break;
240 case V_ASN1_UTCTIME:
241 if ((ret->value.utctime=
242 d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
243 goto err;
244 break;
245 case V_ASN1_GENERALIZEDTIME:
246 if ((ret->value.generalizedtime=
247 d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL)
248 goto err;
249 break;
250 case V_ASN1_SET:
251 case V_ASN1_SEQUENCE:
252 case V_ASN1_OTHER:
253 default:
254 /* Sets and sequences are left complete */
255 if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
256 ret->value.set->type=tag;
257 len+=(q-p);
258 if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
259 p+=len;
260 break;
261 }
262
263 ret->type=tag;
264 if (a != NULL) (*a)=ret;
265 *pp=p;
266 return(ret);
267err:
268 if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
269 return(NULL);
270 }
271
272ASN1_TYPE *ASN1_TYPE_new(void)
273 {
274 ASN1_TYPE *ret=NULL;
275 ASN1_CTX c;
276
277 M_ASN1_New_Malloc(ret,ASN1_TYPE);
278 ret->type= -1;
279 ret->value.ptr=NULL;
280 return(ret);
281 M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
282 }
283
284void ASN1_TYPE_free(ASN1_TYPE *a)
285 {
286 if (a == NULL) return;
287 ASN1_TYPE_component_free(a);
288 OPENSSL_free(a);
289 }
290
291int ASN1_TYPE_get(ASN1_TYPE *a)
292 {
293 if (a->value.ptr != NULL)
294 return(a->type);
295 else
296 return(0);
297 }
298
299void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
300 {
301 if (a->value.ptr != NULL)
302 ASN1_TYPE_component_free(a);
303 a->type=type;
304 a->value.ptr=value;
305 }
306
307static void ASN1_TYPE_component_free(ASN1_TYPE *a)
308 {
309 if (a == NULL) return;
310
311 if (a->value.ptr != NULL)
312 {
313 switch (a->type)
314 {
315 case V_ASN1_OBJECT:
316 ASN1_OBJECT_free(a->value.object);
317 break;
318 case V_ASN1_NULL:
319 break;
320 case V_ASN1_INTEGER:
321 case V_ASN1_NEG_INTEGER:
322 case V_ASN1_ENUMERATED:
323 case V_ASN1_NEG_ENUMERATED:
324 case V_ASN1_BIT_STRING:
325 case V_ASN1_OCTET_STRING:
326 case V_ASN1_SEQUENCE:
327 case V_ASN1_SET:
328 case V_ASN1_NUMERICSTRING:
329 case V_ASN1_PRINTABLESTRING:
330 case V_ASN1_T61STRING:
331 case V_ASN1_VIDEOTEXSTRING:
332 case V_ASN1_IA5STRING:
333 case V_ASN1_UTCTIME:
334 case V_ASN1_GENERALIZEDTIME:
335 case V_ASN1_GRAPHICSTRING:
336 case V_ASN1_VISIBLESTRING:
337 case V_ASN1_GENERALSTRING:
338 case V_ASN1_UNIVERSALSTRING:
339 case V_ASN1_BMPSTRING:
340 case V_ASN1_UTF8STRING:
341 case V_ASN1_OTHER:
342 default:
343 ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
344 break;
345 }
346 a->type=0;
347 a->value.ptr=NULL;
348 }
349 }
350
351IMPLEMENT_STACK_OF(ASN1_TYPE)
352IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c
deleted file mode 100644
index 854278f136..0000000000
--- a/src/lib/libcrypto/asn1/a_utf8.c
+++ /dev/null
@@ -1,238 +0,0 @@
1/* crypto/asn1/a_utf8.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63ASN1_UTF8STRING *ASN1_UTF8STRING_new(void)
64{ return M_ASN1_UTF8STRING_new();}
65
66void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x)
67{ M_ASN1_UTF8STRING_free(x);}
68
69int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp)
70 {
71 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
72 V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL));
73 }
74
75ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp,
76 long length)
77 {
78 ASN1_UTF8STRING *ret=NULL;
79
80 ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
81 pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL);
82 if (ret == NULL)
83 {
84 ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR);
85 return(NULL);
86 }
87 return(ret);
88 }
89
90
91/* UTF8 utilities */
92
93/* This parses a UTF8 string one character at a time. It is passed a pointer
94 * to the string and the length of the string. It sets 'value' to the value of
95 * the current character. It returns the number of characters read or a
96 * negative error code:
97 * -1 = string too short
98 * -2 = illegal character
99 * -3 = subsequent characters not of the form 10xxxxxx
100 * -4 = character encoded incorrectly (not minimal length).
101 */
102
103int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
104{
105 const unsigned char *p;
106 unsigned long value;
107 int ret;
108 if(len <= 0) return 0;
109 p = str;
110
111 /* Check syntax and work out the encoded value (if correct) */
112 if((*p & 0x80) == 0) {
113 value = *p++ & 0x7f;
114 ret = 1;
115 } else if((*p & 0xe0) == 0xc0) {
116 if(len < 2) return -1;
117 if((p[1] & 0xc0) != 0x80) return -3;
118 value = (*p++ & 0x1f) << 6;
119 value |= *p++ & 0x3f;
120 if(value < 0x80) return -4;
121 ret = 2;
122 } else if((*p & 0xf0) == 0xe0) {
123 if(len < 3) return -1;
124 if( ((p[1] & 0xc0) != 0x80)
125 || ((p[2] & 0xc0) != 0x80) ) return -3;
126 value = (*p++ & 0xf) << 12;
127 value |= (*p++ & 0x3f) << 6;
128 value |= *p++ & 0x3f;
129 if(value < 0x800) return -4;
130 ret = 3;
131 } else if((*p & 0xf8) == 0xf0) {
132 if(len < 4) return -1;
133 if( ((p[1] & 0xc0) != 0x80)
134 || ((p[2] & 0xc0) != 0x80)
135 || ((p[3] & 0xc0) != 0x80) ) return -3;
136 value = ((unsigned long)(*p++ & 0x7)) << 18;
137 value |= (*p++ & 0x3f) << 12;
138 value |= (*p++ & 0x3f) << 6;
139 value |= *p++ & 0x3f;
140 if(value < 0x10000) return -4;
141 ret = 4;
142 } else if((*p & 0xfc) == 0xf8) {
143 if(len < 5) return -1;
144 if( ((p[1] & 0xc0) != 0x80)
145 || ((p[2] & 0xc0) != 0x80)
146 || ((p[3] & 0xc0) != 0x80)
147 || ((p[4] & 0xc0) != 0x80) ) return -3;
148 value = ((unsigned long)(*p++ & 0x3)) << 24;
149 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
150 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
151 value |= (*p++ & 0x3f) << 6;
152 value |= *p++ & 0x3f;
153 if(value < 0x200000) return -4;
154 ret = 5;
155 } else if((*p & 0xfe) == 0xfc) {
156 if(len < 6) return -1;
157 if( ((p[1] & 0xc0) != 0x80)
158 || ((p[2] & 0xc0) != 0x80)
159 || ((p[3] & 0xc0) != 0x80)
160 || ((p[4] & 0xc0) != 0x80)
161 || ((p[5] & 0xc0) != 0x80) ) return -3;
162 value = ((unsigned long)(*p++ & 0x1)) << 30;
163 value |= ((unsigned long)(*p++ & 0x3f)) << 24;
164 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
165 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
166 value |= (*p++ & 0x3f) << 6;
167 value |= *p++ & 0x3f;
168 if(value < 0x4000000) return -4;
169 ret = 6;
170 } else return -2;
171 *val = value;
172 return ret;
173}
174
175/* This takes a character 'value' and writes the UTF8 encoded value in
176 * 'str' where 'str' is a buffer containing 'len' characters. Returns
177 * the number of characters written or -1 if 'len' is too small. 'str' can
178 * be set to NULL in which case it just returns the number of characters.
179 * It will need at most 6 characters.
180 */
181
182int UTF8_putc(unsigned char *str, int len, unsigned long value)
183{
184 if(!str) len = 6; /* Maximum we will need */
185 else if(len <= 0) return -1;
186 if(value < 0x80) {
187 if(str) *str = (unsigned char)value;
188 return 1;
189 }
190 if(value < 0x800) {
191 if(len < 2) return -1;
192 if(str) {
193 *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
194 *str = (unsigned char)((value & 0x3f) | 0x80);
195 }
196 return 2;
197 }
198 if(value < 0x10000) {
199 if(len < 3) return -1;
200 if(str) {
201 *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
202 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
203 *str = (unsigned char)((value & 0x3f) | 0x80);
204 }
205 return 3;
206 }
207 if(value < 0x200000) {
208 if(len < 4) return -1;
209 if(str) {
210 *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
211 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
212 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
213 *str = (unsigned char)((value & 0x3f) | 0x80);
214 }
215 return 4;
216 }
217 if(value < 0x4000000) {
218 if(len < 5) return -1;
219 if(str) {
220 *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
221 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
222 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
223 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
224 *str = (unsigned char)((value & 0x3f) | 0x80);
225 }
226 return 5;
227 }
228 if(len < 6) return -1;
229 if(str) {
230 *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
231 *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
232 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
233 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
234 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
235 *str = (unsigned char)((value & 0x3f) | 0x80);
236 }
237 return 6;
238}
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
deleted file mode 100644
index 2a11927e5c..0000000000
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ /dev/null
@@ -1,119 +0,0 @@
1/* crypto/asn1/a_verify.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61
62#include "cryptlib.h"
63
64#ifndef NO_SYS_TYPES_H
65# include <sys/types.h>
66#endif
67
68#include <openssl/bn.h>
69#include <openssl/x509.h>
70#include <openssl/objects.h>
71#include <openssl/buffer.h>
72#include <openssl/evp.h>
73
74int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
75 char *data, EVP_PKEY *pkey)
76 {
77 EVP_MD_CTX ctx;
78 const EVP_MD *type;
79 unsigned char *p,*buf_in=NULL;
80 int ret= -1,i,inl;
81
82 i=OBJ_obj2nid(a->algorithm);
83 type=EVP_get_digestbyname(OBJ_nid2sn(i));
84 if (type == NULL)
85 {
86 ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
87 goto err;
88 }
89
90 inl=i2d(data,NULL);
91 buf_in=OPENSSL_malloc((unsigned int)inl);
92 if (buf_in == NULL)
93 {
94 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
95 goto err;
96 }
97 p=buf_in;
98
99 i2d(data,&p);
100 EVP_VerifyInit(&ctx,type);
101 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
102
103 memset(buf_in,0,(unsigned int)inl);
104 OPENSSL_free(buf_in);
105
106 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
107 (unsigned int)signature->length,pkey) <= 0)
108 {
109 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
110 ret=0;
111 goto err;
112 }
113 /* we don't need to zero the 'ctx' because we just checked
114 * public information */
115 /* memset(&ctx,0,sizeof(ctx)); */
116 ret=1;
117err:
118 return(ret);
119 }
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
deleted file mode 100644
index 6f956b1963..0000000000
--- a/src/lib/libcrypto/asn1/asn1.h
+++ /dev/null
@@ -1,1151 +0,0 @@
1/* crypto/asn1/asn1.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ASN1_H
60#define HEADER_ASN1_H
61
62#include <time.h>
63#ifndef NO_BIO
64#include <openssl/bio.h>
65#endif
66#include <openssl/bn.h>
67#include <openssl/stack.h>
68#include <openssl/safestack.h>
69
70#include <openssl/symhacks.h>
71
72#ifdef __cplusplus
73extern "C" {
74#endif
75
76#define V_ASN1_UNIVERSAL 0x00
77#define V_ASN1_APPLICATION 0x40
78#define V_ASN1_CONTEXT_SPECIFIC 0x80
79#define V_ASN1_PRIVATE 0xc0
80
81#define V_ASN1_CONSTRUCTED 0x20
82#define V_ASN1_PRIMITIVE_TAG 0x1f
83#define V_ASN1_PRIMATIVE_TAG 0x1f
84
85#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
86#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
87
88#define V_ASN1_NEG 0x100 /* negative flag */
89
90#define V_ASN1_UNDEF -1
91#define V_ASN1_EOC 0
92#define V_ASN1_BOOLEAN 1 /**/
93#define V_ASN1_INTEGER 2
94#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
95#define V_ASN1_BIT_STRING 3
96#define V_ASN1_OCTET_STRING 4
97#define V_ASN1_NULL 5
98#define V_ASN1_OBJECT 6
99#define V_ASN1_OBJECT_DESCRIPTOR 7
100#define V_ASN1_EXTERNAL 8
101#define V_ASN1_REAL 9
102#define V_ASN1_ENUMERATED 10
103#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
104#define V_ASN1_UTF8STRING 12
105#define V_ASN1_SEQUENCE 16
106#define V_ASN1_SET 17
107#define V_ASN1_NUMERICSTRING 18 /**/
108#define V_ASN1_PRINTABLESTRING 19
109#define V_ASN1_T61STRING 20
110#define V_ASN1_TELETEXSTRING 20 /* alias */
111#define V_ASN1_VIDEOTEXSTRING 21 /**/
112#define V_ASN1_IA5STRING 22
113#define V_ASN1_UTCTIME 23
114#define V_ASN1_GENERALIZEDTIME 24 /**/
115#define V_ASN1_GRAPHICSTRING 25 /**/
116#define V_ASN1_ISO64STRING 26 /**/
117#define V_ASN1_VISIBLESTRING 26 /* alias */
118#define V_ASN1_GENERALSTRING 27 /**/
119#define V_ASN1_UNIVERSALSTRING 28 /**/
120#define V_ASN1_BMPSTRING 30
121
122/* For use with d2i_ASN1_type_bytes() */
123#define B_ASN1_NUMERICSTRING 0x0001
124#define B_ASN1_PRINTABLESTRING 0x0002
125#define B_ASN1_T61STRING 0x0004
126#define B_ASN1_TELETEXSTRING 0x0008
127#define B_ASN1_VIDEOTEXSTRING 0x0008
128#define B_ASN1_IA5STRING 0x0010
129#define B_ASN1_GRAPHICSTRING 0x0020
130#define B_ASN1_ISO64STRING 0x0040
131#define B_ASN1_VISIBLESTRING 0x0040
132#define B_ASN1_GENERALSTRING 0x0080
133#define B_ASN1_UNIVERSALSTRING 0x0100
134#define B_ASN1_OCTET_STRING 0x0200
135#define B_ASN1_BIT_STRING 0x0400
136#define B_ASN1_BMPSTRING 0x0800
137#define B_ASN1_UNKNOWN 0x1000
138#define B_ASN1_UTF8STRING 0x2000
139
140/* For use with ASN1_mbstring_copy() */
141#define MBSTRING_FLAG 0x1000
142#define MBSTRING_ASC (MBSTRING_FLAG|1)
143#define MBSTRING_BMP (MBSTRING_FLAG|2)
144#define MBSTRING_UNIV (MBSTRING_FLAG|3)
145#define MBSTRING_UTF8 (MBSTRING_FLAG|4)
146
147struct X509_algor_st;
148
149#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
150#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
151
152typedef struct asn1_ctx_st
153 {
154 unsigned char *p;/* work char pointer */
155 int eos; /* end of sequence read for indefinite encoding */
156 int error; /* error code to use when returning an error */
157 int inf; /* constructed if 0x20, indefinite is 0x21 */
158 int tag; /* tag from last 'get object' */
159 int xclass; /* class from last 'get object' */
160 long slen; /* length of last 'get object' */
161 unsigned char *max; /* largest value of p allowed */
162 unsigned char *q;/* temporary variable */
163 unsigned char **pp;/* variable */
164 int line; /* used in error processing */
165 } ASN1_CTX;
166
167/* These are used internally in the ASN1_OBJECT to keep track of
168 * whether the names and data need to be free()ed */
169#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
170#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
171#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
172#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
173typedef struct asn1_object_st
174 {
175 const char *sn,*ln;
176 int nid;
177 int length;
178 unsigned char *data;
179 int flags; /* Should we free this one */
180 } ASN1_OBJECT;
181
182#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
183/* This is the base type that holds just about everything :-) */
184typedef struct asn1_string_st
185 {
186 int length;
187 int type;
188 unsigned char *data;
189 /* The value of the following field depends on the type being
190 * held. It is mostly being used for BIT_STRING so if the
191 * input data has a non-zero 'unused bits' value, it will be
192 * handled correctly */
193 long flags;
194 } ASN1_STRING;
195
196#define STABLE_FLAGS_MALLOC 0x01
197#define STABLE_NO_MASK 0x02
198#define DIRSTRING_TYPE \
199 (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
200#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
201
202typedef struct asn1_string_table_st {
203 int nid;
204 long minsize;
205 long maxsize;
206 unsigned long mask;
207 unsigned long flags;
208} ASN1_STRING_TABLE;
209
210DECLARE_STACK_OF(ASN1_STRING_TABLE)
211
212/* size limits: this stuff is taken straight from RFC2459 */
213
214#define ub_name 32768
215#define ub_common_name 64
216#define ub_locality_name 128
217#define ub_state_name 128
218#define ub_organization_name 64
219#define ub_organization_unit_name 64
220#define ub_title 64
221#define ub_email_address 128
222
223#ifdef NO_ASN1_TYPEDEFS
224#define ASN1_INTEGER ASN1_STRING
225#define ASN1_ENUMERATED ASN1_STRING
226#define ASN1_BIT_STRING ASN1_STRING
227#define ASN1_OCTET_STRING ASN1_STRING
228#define ASN1_PRINTABLESTRING ASN1_STRING
229#define ASN1_T61STRING ASN1_STRING
230#define ASN1_IA5STRING ASN1_STRING
231#define ASN1_UTCTIME ASN1_STRING
232#define ASN1_GENERALIZEDTIME ASN1_STRING
233#define ASN1_TIME ASN1_STRING
234#define ASN1_GENERALSTRING ASN1_STRING
235#define ASN1_UNIVERSALSTRING ASN1_STRING
236#define ASN1_BMPSTRING ASN1_STRING
237#define ASN1_VISIBLESTRING ASN1_STRING
238#define ASN1_UTF8STRING ASN1_STRING
239#define ASN1_BOOLEAN int
240#else
241typedef struct asn1_string_st ASN1_INTEGER;
242typedef struct asn1_string_st ASN1_ENUMERATED;
243typedef struct asn1_string_st ASN1_BIT_STRING;
244typedef struct asn1_string_st ASN1_OCTET_STRING;
245typedef struct asn1_string_st ASN1_PRINTABLESTRING;
246typedef struct asn1_string_st ASN1_T61STRING;
247typedef struct asn1_string_st ASN1_IA5STRING;
248typedef struct asn1_string_st ASN1_GENERALSTRING;
249typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
250typedef struct asn1_string_st ASN1_BMPSTRING;
251typedef struct asn1_string_st ASN1_UTCTIME;
252typedef struct asn1_string_st ASN1_TIME;
253typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
254typedef struct asn1_string_st ASN1_VISIBLESTRING;
255typedef struct asn1_string_st ASN1_UTF8STRING;
256typedef int ASN1_BOOLEAN;
257#endif
258
259typedef int ASN1_NULL;
260
261/* Parameters used by ASN1_STRING_print_ex() */
262
263/* These determine which characters to escape:
264 * RFC2253 special characters, control characters and
265 * MSB set characters
266 */
267
268#define ASN1_STRFLGS_ESC_2253 1
269#define ASN1_STRFLGS_ESC_CTRL 2
270#define ASN1_STRFLGS_ESC_MSB 4
271
272
273/* This flag determines how we do escaping: normally
274 * RC2253 backslash only, set this to use backslash and
275 * quote.
276 */
277
278#define ASN1_STRFLGS_ESC_QUOTE 8
279
280
281/* These three flags are internal use only. */
282
283/* Character is a valid PrintableString character */
284#define CHARTYPE_PRINTABLESTRING 0x10
285/* Character needs escaping if it is the first character */
286#define CHARTYPE_FIRST_ESC_2253 0x20
287/* Character needs escaping if it is the last character */
288#define CHARTYPE_LAST_ESC_2253 0x40
289
290/* NB the internal flags are safely reused below by flags
291 * handled at the top level.
292 */
293
294/* If this is set we convert all character strings
295 * to UTF8 first
296 */
297
298#define ASN1_STRFLGS_UTF8_CONVERT 0x10
299
300/* If this is set we don't attempt to interpret content:
301 * just assume all strings are 1 byte per character. This
302 * will produce some pretty odd looking output!
303 */
304
305#define ASN1_STRFLGS_IGNORE_TYPE 0x20
306
307/* If this is set we include the string type in the output */
308#define ASN1_STRFLGS_SHOW_TYPE 0x40
309
310/* This determines which strings to display and which to
311 * 'dump' (hex dump of content octets or DER encoding). We can
312 * only dump non character strings or everything. If we
313 * don't dump 'unknown' they are interpreted as character
314 * strings with 1 octet per character and are subject to
315 * the usual escaping options.
316 */
317
318#define ASN1_STRFLGS_DUMP_ALL 0x80
319#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
320
321/* These determine what 'dumping' does, we can dump the
322 * content octets or the DER encoding: both use the
323 * RFC2253 #XXXXX notation.
324 */
325
326#define ASN1_STRFLGS_DUMP_DER 0x200
327
328/* All the string flags consistent with RFC2253,
329 * escaping control characters isn't essential in
330 * RFC2253 but it is advisable anyway.
331 */
332
333#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
334 ASN1_STRFLGS_ESC_CTRL | \
335 ASN1_STRFLGS_ESC_MSB | \
336 ASN1_STRFLGS_UTF8_CONVERT | \
337 ASN1_STRFLGS_DUMP_UNKNOWN | \
338 ASN1_STRFLGS_DUMP_DER)
339
340DECLARE_STACK_OF(ASN1_INTEGER)
341DECLARE_ASN1_SET_OF(ASN1_INTEGER)
342
343typedef struct asn1_type_st
344 {
345 int type;
346 union {
347 char *ptr;
348 ASN1_BOOLEAN boolean;
349 ASN1_STRING * asn1_string;
350 ASN1_OBJECT * object;
351 ASN1_INTEGER * integer;
352 ASN1_ENUMERATED * enumerated;
353 ASN1_BIT_STRING * bit_string;
354 ASN1_OCTET_STRING * octet_string;
355 ASN1_PRINTABLESTRING * printablestring;
356 ASN1_T61STRING * t61string;
357 ASN1_IA5STRING * ia5string;
358 ASN1_GENERALSTRING * generalstring;
359 ASN1_BMPSTRING * bmpstring;
360 ASN1_UNIVERSALSTRING * universalstring;
361 ASN1_UTCTIME * utctime;
362 ASN1_GENERALIZEDTIME * generalizedtime;
363 ASN1_VISIBLESTRING * visiblestring;
364 ASN1_UTF8STRING * utf8string;
365 /* set and sequence are left complete and still
366 * contain the set or sequence bytes */
367 ASN1_STRING * set;
368 ASN1_STRING * sequence;
369 } value;
370 } ASN1_TYPE;
371
372DECLARE_STACK_OF(ASN1_TYPE)
373DECLARE_ASN1_SET_OF(ASN1_TYPE)
374
375typedef struct asn1_method_st
376 {
377 int (*i2d)();
378 char *(*d2i)();
379 char *(*create)();
380 void (*destroy)();
381 } ASN1_METHOD;
382
383/* This is used when parsing some Netscape objects */
384typedef struct asn1_header_st
385 {
386 ASN1_OCTET_STRING *header;
387 char *data;
388 ASN1_METHOD *meth;
389 } ASN1_HEADER;
390
391/* This is used to contain a list of bit names */
392typedef struct BIT_STRING_BITNAME_st {
393 int bitnum;
394 const char *lname;
395 const char *sname;
396} BIT_STRING_BITNAME;
397
398
399#define M_ASN1_STRING_length(x) ((x)->length)
400#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
401#define M_ASN1_STRING_type(x) ((x)->type)
402#define M_ASN1_STRING_data(x) ((x)->data)
403
404/* Macros for string operations */
405#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
406 ASN1_STRING_type_new(V_ASN1_BIT_STRING)
407#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
408#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
409 ASN1_STRING_dup((ASN1_STRING *)a)
410#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
411 (ASN1_STRING *)a,(ASN1_STRING *)b)
412#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
413
414#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
415 ASN1_STRING_type_new(V_ASN1_INTEGER)
416#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
417#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
418#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
419 (ASN1_STRING *)a,(ASN1_STRING *)b)
420
421#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
422 ASN1_STRING_type_new(V_ASN1_ENUMERATED)
423#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
424#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
425#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
426 (ASN1_STRING *)a,(ASN1_STRING *)b)
427
428#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
429 ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
430#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
431#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
432 ASN1_STRING_dup((ASN1_STRING *)a)
433#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
434 (ASN1_STRING *)a,(ASN1_STRING *)b)
435#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
436#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
437#define M_i2d_ASN1_OCTET_STRING(a,pp) \
438 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
439 V_ASN1_UNIVERSAL)
440
441#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
442#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
443#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
444 pp,a->type,V_ASN1_UNIVERSAL)
445#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
446 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
447 B_ASN1_PRINTABLESTRING| \
448 B_ASN1_T61STRING| \
449 B_ASN1_IA5STRING| \
450 B_ASN1_BIT_STRING| \
451 B_ASN1_UNIVERSALSTRING|\
452 B_ASN1_BMPSTRING|\
453 B_ASN1_UTF8STRING|\
454 B_ASN1_UNKNOWN)
455
456#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
457#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
458#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
459 pp,a->type,V_ASN1_UNIVERSAL)
460#define M_d2i_DIRECTORYSTRING(a,pp,l) \
461 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
462 B_ASN1_PRINTABLESTRING| \
463 B_ASN1_TELETEXSTRING|\
464 B_ASN1_BMPSTRING|\
465 B_ASN1_UNIVERSALSTRING|\
466 B_ASN1_UTF8STRING)
467
468#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
469#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
470#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
471 pp,a->type,V_ASN1_UNIVERSAL)
472#define M_d2i_DISPLAYTEXT(a,pp,l) \
473 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
474 B_ASN1_VISIBLESTRING| \
475 B_ASN1_BMPSTRING|\
476 B_ASN1_UTF8STRING)
477
478#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
479 ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
480#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
481#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
482 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
483 V_ASN1_UNIVERSAL)
484#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
485 (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
486 ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
487
488#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
489 ASN1_STRING_type_new(V_ASN1_T61STRING)
490#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
491#define M_i2d_ASN1_T61STRING(a,pp) \
492 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
493 V_ASN1_UNIVERSAL)
494#define M_d2i_ASN1_T61STRING(a,pp,l) \
495 (ASN1_T61STRING *)d2i_ASN1_type_bytes\
496 ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
497
498#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
499 ASN1_STRING_type_new(V_ASN1_IA5STRING)
500#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
501#define M_ASN1_IA5STRING_dup(a) \
502 (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
503#define M_i2d_ASN1_IA5STRING(a,pp) \
504 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
505 V_ASN1_UNIVERSAL)
506#define M_d2i_ASN1_IA5STRING(a,pp,l) \
507 (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
508 B_ASN1_IA5STRING)
509
510#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
511 ASN1_STRING_type_new(V_ASN1_UTCTIME)
512#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
513#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
514
515#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
516 ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
517#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
518#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
519 (ASN1_STRING *)a)
520
521#define M_ASN1_TIME_new() (ASN1_TIME *)\
522 ASN1_STRING_type_new(V_ASN1_UTCTIME)
523#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
524#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
525
526#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
527 ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
528#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
529#define M_i2d_ASN1_GENERALSTRING(a,pp) \
530 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
531 V_ASN1_UNIVERSAL)
532#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
533 (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
534 ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
535
536#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
537 ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
538#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
539#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
540 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
541 V_ASN1_UNIVERSAL)
542#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
543 (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
544 ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
545
546#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
547 ASN1_STRING_type_new(V_ASN1_BMPSTRING)
548#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
549#define M_i2d_ASN1_BMPSTRING(a,pp) \
550 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
551 V_ASN1_UNIVERSAL)
552#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
553 (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
554 ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
555
556#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
557 ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
558#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
559#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
560 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
561 V_ASN1_UNIVERSAL)
562#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
563 (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
564 ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
565
566#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
567 ASN1_STRING_type_new(V_ASN1_UTF8STRING)
568#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
569#define M_i2d_ASN1_UTF8STRING(a,pp) \
570 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
571 V_ASN1_UNIVERSAL)
572#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
573 (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
574 ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
575
576 /* for the is_set parameter to i2d_ASN1_SET */
577#define IS_SEQUENCE 0
578#define IS_SET 1
579
580ASN1_TYPE * ASN1_TYPE_new(void );
581void ASN1_TYPE_free(ASN1_TYPE *a);
582int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
583ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
584int ASN1_TYPE_get(ASN1_TYPE *a);
585void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
586
587ASN1_OBJECT * ASN1_OBJECT_new(void );
588void ASN1_OBJECT_free(ASN1_OBJECT *a);
589int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
590ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
591 long length);
592ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
593 long length);
594
595DECLARE_STACK_OF(ASN1_OBJECT)
596DECLARE_ASN1_SET_OF(ASN1_OBJECT)
597
598ASN1_STRING * ASN1_STRING_new(void);
599void ASN1_STRING_free(ASN1_STRING *a);
600ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
601ASN1_STRING * ASN1_STRING_type_new(int type );
602int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
603 /* Since this is used to store all sorts of things, via macros, for now, make
604 its data void * */
605int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
606int ASN1_STRING_length(ASN1_STRING *x);
607void ASN1_STRING_length_set(ASN1_STRING *x, int n);
608int ASN1_STRING_type(ASN1_STRING *x);
609unsigned char * ASN1_STRING_data(ASN1_STRING *x);
610
611ASN1_BIT_STRING * ASN1_BIT_STRING_new(void);
612void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a);
613int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
614int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
615ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
616 long length);
617ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
618 long length);
619int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
620 int length );
621int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
622int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
623
624#ifndef NO_BIO
625int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
626 BIT_STRING_BITNAME *tbl, int indent);
627#endif
628int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
629int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
630 BIT_STRING_BITNAME *tbl);
631
632int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
633int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
634
635ASN1_INTEGER * ASN1_INTEGER_new(void);
636void ASN1_INTEGER_free(ASN1_INTEGER *a);
637int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
638int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
639ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
640 long length);
641ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
642 long length);
643ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
644 long length);
645ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
646int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
647
648ASN1_ENUMERATED * ASN1_ENUMERATED_new(void);
649void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a);
650int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a,unsigned char **pp);
651ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp,
652 long length);
653
654int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
655ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
656int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str);
657int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
658#if 0
659time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
660#endif
661
662int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
663ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
664int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str);
665
666ASN1_OCTET_STRING * ASN1_OCTET_STRING_new(void);
667void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a);
668int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
669ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
670 unsigned char **pp,long length);
671ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
672int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
673int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
674
675ASN1_VISIBLESTRING * ASN1_VISIBLESTRING_new(void);
676void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a);
677int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a,unsigned char **pp);
678ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
679 unsigned char **pp,long length);
680
681ASN1_UTF8STRING * ASN1_UTF8STRING_new(void);
682void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a);
683int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a,unsigned char **pp);
684ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a,
685 unsigned char **pp,long length);
686
687ASN1_NULL * ASN1_NULL_new(void);
688void ASN1_NULL_free(ASN1_NULL *a);
689int i2d_ASN1_NULL(ASN1_NULL *a,unsigned char **pp);
690ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp,long length);
691
692ASN1_BMPSTRING * ASN1_BMPSTRING_new(void);
693void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a);
694int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp);
695ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
696 long length);
697
698
699int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
700int UTF8_putc(unsigned char *str, int len, unsigned long value);
701
702int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
703ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
704 unsigned char **pp, long l);
705
706ASN1_PRINTABLESTRING * ASN1_PRINTABLESTRING_new(void);
707void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a);
708ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
709 unsigned char **pp, long l);
710int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp);
711
712ASN1_STRING * DIRECTORYSTRING_new(void);
713void DIRECTORYSTRING_free(ASN1_STRING *a);
714int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp);
715ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
716 long length);
717
718ASN1_STRING * DISPLAYTEXT_new(void);
719void DISPLAYTEXT_free(ASN1_STRING *a);
720int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp);
721ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length);
722
723ASN1_T61STRING * ASN1_T61STRING_new(void);
724void ASN1_T61STRING_free(ASN1_IA5STRING *a);
725ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
726 unsigned char **pp, long l);
727
728ASN1_IA5STRING * ASN1_IA5STRING_new(void);
729void ASN1_IA5STRING_free(ASN1_IA5STRING *a);
730int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
731ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
732 unsigned char **pp, long l);
733
734ASN1_UTCTIME * ASN1_UTCTIME_new(void);
735void ASN1_UTCTIME_free(ASN1_UTCTIME *a);
736int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
737ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
738 long length);
739
740ASN1_GENERALIZEDTIME * ASN1_GENERALIZEDTIME_new(void);
741void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a);
742int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a,unsigned char **pp);
743ASN1_GENERALIZEDTIME * d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,unsigned char **pp,
744 long length);
745
746ASN1_TIME * ASN1_TIME_new(void);
747void ASN1_TIME_free(ASN1_TIME *a);
748int i2d_ASN1_TIME(ASN1_TIME *a,unsigned char **pp);
749ASN1_TIME * d2i_ASN1_TIME(ASN1_TIME **a,unsigned char **pp, long length);
750ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
751
752int i2d_ASN1_SET(STACK *a, unsigned char **pp,
753 int (*func)(), int ex_tag, int ex_class, int is_set);
754STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
755 char *(*func)(), void (*free_func)(void *),
756 int ex_tag, int ex_class);
757
758#ifndef NO_BIO
759int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
760int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
761int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
762int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size);
763int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
764int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
765int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
766#endif
767int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
768
769int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num);
770ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
771 char *sn, char *ln);
772
773int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
774long ASN1_INTEGER_get(ASN1_INTEGER *a);
775ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
776BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
777
778int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
779long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
780ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
781BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
782
783/* General */
784/* given a string, return the correct type, max is the maximum length */
785int ASN1_PRINTABLE_type(unsigned char *s, int max);
786
787int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
788ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
789 long length, int Ptag, int Pclass);
790/* type is one or more of the B_ASN1_ values. */
791ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
792 long length,int type);
793
794/* PARSING */
795int asn1_Finish(ASN1_CTX *c);
796
797/* SPECIALS */
798int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
799 int *pclass, long omax);
800int ASN1_check_infinite_end(unsigned char **p,long len);
801void ASN1_put_object(unsigned char **pp, int constructed, int length,
802 int tag, int xclass);
803int ASN1_object_size(int constructed, int length, int tag);
804
805/* Used to implement other functions */
806char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
807
808#ifndef NO_FP_API
809char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
810int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
811int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
812#endif
813
814int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
815
816#ifndef NO_BIO
817char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
818int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
819int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
820int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
821int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
822int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
823int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
824int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
825int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump);
826#endif
827const char *ASN1_tag2str(int tag);
828
829/* Used to load and write netscape format cert/key */
830int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
831ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length);
832ASN1_HEADER *ASN1_HEADER_new(void );
833void ASN1_HEADER_free(ASN1_HEADER *a);
834
835int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
836
837void ERR_load_ASN1_strings(void);
838
839/* Not used that much at this point, except for the first two */
840ASN1_METHOD *X509_asn1_meth(void);
841ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
842ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
843ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
844
845int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
846 unsigned char *data, int len);
847int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
848 unsigned char *data, int max_len);
849int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
850 unsigned char *data, int len);
851int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
852 unsigned char *data, int max_len);
853
854STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
855 void (*free_func)(void *) );
856unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
857 int *len );
858void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
859ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct);
860
861void ASN1_STRING_set_default_mask(unsigned long mask);
862int ASN1_STRING_set_default_mask_asc(char *p);
863unsigned long ASN1_STRING_get_default_mask(void);
864int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
865 int inform, unsigned long mask);
866int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
867 int inform, unsigned long mask,
868 long minsize, long maxsize);
869
870ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
871 const unsigned char *in, int inlen, int inform, int nid);
872ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
873int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
874void ASN1_STRING_TABLE_cleanup(void);
875
876/* BEGIN ERROR CODES */
877/* The following lines are auto generated by the script mkerr.pl. Any changes
878 * made after this point may be overwritten when the script is next run.
879 */
880
881/* Error codes for the ASN1 functions. */
882
883/* Function codes. */
884#define ASN1_F_A2D_ASN1_OBJECT 100
885#define ASN1_F_A2I_ASN1_ENUMERATED 236
886#define ASN1_F_A2I_ASN1_INTEGER 101
887#define ASN1_F_A2I_ASN1_STRING 102
888#define ASN1_F_ACCESS_DESCRIPTION_NEW 291
889#define ASN1_F_ASN1_COLLATE_PRIMITIVE 103
890#define ASN1_F_ASN1_D2I_BIO 104
891#define ASN1_F_ASN1_D2I_FP 105
892#define ASN1_F_ASN1_DUP 106
893#define ASN1_F_ASN1_ENUMERATED_SET 232
894#define ASN1_F_ASN1_ENUMERATED_TO_BN 233
895#define ASN1_F_ASN1_GENERALIZEDTIME_NEW 222
896#define ASN1_F_ASN1_GET_OBJECT 107
897#define ASN1_F_ASN1_HEADER_NEW 108
898#define ASN1_F_ASN1_I2D_BIO 109
899#define ASN1_F_ASN1_I2D_FP 110
900#define ASN1_F_ASN1_INTEGER_SET 111
901#define ASN1_F_ASN1_INTEGER_TO_BN 112
902#define ASN1_F_ASN1_MBSTRING_COPY 282
903#define ASN1_F_ASN1_OBJECT_NEW 113
904#define ASN1_F_ASN1_PACK_STRING 245
905#define ASN1_F_ASN1_PBE_SET 253
906#define ASN1_F_ASN1_SEQ_PACK 246
907#define ASN1_F_ASN1_SEQ_UNPACK 247
908#define ASN1_F_ASN1_SIGN 114
909#define ASN1_F_ASN1_STRING_NEW 115
910#define ASN1_F_ASN1_STRING_TABLE_ADD 283
911#define ASN1_F_ASN1_STRING_TYPE_NEW 116
912#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117
913#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118
914#define ASN1_F_ASN1_TYPE_NEW 119
915#define ASN1_F_ASN1_UNPACK_STRING 248
916#define ASN1_F_ASN1_UTCTIME_NEW 120
917#define ASN1_F_ASN1_VERIFY 121
918#define ASN1_F_AUTHORITY_KEYID_NEW 237
919#define ASN1_F_BASIC_CONSTRAINTS_NEW 226
920#define ASN1_F_BN_TO_ASN1_ENUMERATED 234
921#define ASN1_F_BN_TO_ASN1_INTEGER 122
922#define ASN1_F_D2I_ACCESS_DESCRIPTION 284
923#define ASN1_F_D2I_ASN1_BIT_STRING 123
924#define ASN1_F_D2I_ASN1_BMPSTRING 124
925#define ASN1_F_D2I_ASN1_BOOLEAN 125
926#define ASN1_F_D2I_ASN1_BYTES 126
927#define ASN1_F_D2I_ASN1_ENUMERATED 235
928#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 223
929#define ASN1_F_D2I_ASN1_HEADER 127
930#define ASN1_F_D2I_ASN1_INTEGER 128
931#define ASN1_F_D2I_ASN1_NULL 292
932#define ASN1_F_D2I_ASN1_OBJECT 129
933#define ASN1_F_D2I_ASN1_OCTET_STRING 130
934#define ASN1_F_D2I_ASN1_PRINT_TYPE 131
935#define ASN1_F_D2I_ASN1_SET 132
936#define ASN1_F_D2I_ASN1_TIME 224
937#define ASN1_F_D2I_ASN1_TYPE 133
938#define ASN1_F_D2I_ASN1_TYPE_BYTES 134
939#define ASN1_F_D2I_ASN1_UINTEGER 280
940#define ASN1_F_D2I_ASN1_UTCTIME 135
941#define ASN1_F_D2I_ASN1_UTF8STRING 266
942#define ASN1_F_D2I_ASN1_VISIBLESTRING 267
943#define ASN1_F_D2I_AUTHORITY_KEYID 238
944#define ASN1_F_D2I_BASIC_CONSTRAINTS 227
945#define ASN1_F_D2I_DHPARAMS 136
946#define ASN1_F_D2I_DIST_POINT 276
947#define ASN1_F_D2I_DIST_POINT_NAME 277
948#define ASN1_F_D2I_DSAPARAMS 137
949#define ASN1_F_D2I_DSAPRIVATEKEY 138
950#define ASN1_F_D2I_DSAPUBLICKEY 139
951#define ASN1_F_D2I_GENERAL_NAME 230
952#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228
953#define ASN1_F_D2I_NETSCAPE_PKEY 140
954#define ASN1_F_D2I_NETSCAPE_RSA 141
955#define ASN1_F_D2I_NETSCAPE_RSA_2 142
956#define ASN1_F_D2I_NETSCAPE_SPKAC 143
957#define ASN1_F_D2I_NETSCAPE_SPKI 144
958#define ASN1_F_D2I_NOTICEREF 268
959#define ASN1_F_D2I_OTHERNAME 287
960#define ASN1_F_D2I_PBE2PARAM 262
961#define ASN1_F_D2I_PBEPARAM 249
962#define ASN1_F_D2I_PBKDF2PARAM 263
963#define ASN1_F_D2I_PKCS12 254
964#define ASN1_F_D2I_PKCS12_BAGS 255
965#define ASN1_F_D2I_PKCS12_MAC_DATA 256
966#define ASN1_F_D2I_PKCS12_SAFEBAG 257
967#define ASN1_F_D2I_PKCS7 145
968#define ASN1_F_D2I_PKCS7_DIGEST 146
969#define ASN1_F_D2I_PKCS7_ENCRYPT 147
970#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148
971#define ASN1_F_D2I_PKCS7_ENVELOPE 149
972#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150
973#define ASN1_F_D2I_PKCS7_RECIP_INFO 151
974#define ASN1_F_D2I_PKCS7_SIGNED 152
975#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153
976#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
977#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
978#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
979#define ASN1_F_D2I_POLICYINFO 269
980#define ASN1_F_D2I_POLICYQUALINFO 270
981#define ASN1_F_D2I_PRIVATEKEY 155
982#define ASN1_F_D2I_PUBLICKEY 156
983#define ASN1_F_D2I_RSAPRIVATEKEY 157
984#define ASN1_F_D2I_RSAPUBLICKEY 158
985#define ASN1_F_D2I_SXNET 241
986#define ASN1_F_D2I_SXNETID 243
987#define ASN1_F_D2I_USERNOTICE 271
988#define ASN1_F_D2I_X509 159
989#define ASN1_F_D2I_X509_ALGOR 160
990#define ASN1_F_D2I_X509_ATTRIBUTE 161
991#define ASN1_F_D2I_X509_CERT_AUX 285
992#define ASN1_F_D2I_X509_CINF 162
993#define ASN1_F_D2I_X509_CRL 163
994#define ASN1_F_D2I_X509_CRL_INFO 164
995#define ASN1_F_D2I_X509_EXTENSION 165
996#define ASN1_F_D2I_X509_KEY 166
997#define ASN1_F_D2I_X509_NAME 167
998#define ASN1_F_D2I_X509_NAME_ENTRY 168
999#define ASN1_F_D2I_X509_PKEY 169
1000#define ASN1_F_D2I_X509_PUBKEY 170
1001#define ASN1_F_D2I_X509_REQ 171
1002#define ASN1_F_D2I_X509_REQ_INFO 172
1003#define ASN1_F_D2I_X509_REVOKED 173
1004#define ASN1_F_D2I_X509_SIG 174
1005#define ASN1_F_D2I_X509_VAL 175
1006#define ASN1_F_DIST_POINT_NAME_NEW 278
1007#define ASN1_F_DIST_POINT_NEW 279
1008#define ASN1_F_GENERAL_NAME_NEW 231
1009#define ASN1_F_I2D_ASN1_HEADER 176
1010#define ASN1_F_I2D_ASN1_TIME 225
1011#define ASN1_F_I2D_DHPARAMS 177
1012#define ASN1_F_I2D_DSAPARAMS 178
1013#define ASN1_F_I2D_DSAPRIVATEKEY 179
1014#define ASN1_F_I2D_DSAPUBLICKEY 180
1015#define ASN1_F_I2D_DSA_PUBKEY 290
1016#define ASN1_F_I2D_NETSCAPE_RSA 181
1017#define ASN1_F_I2D_PKCS7 182
1018#define ASN1_F_I2D_PRIVATEKEY 183
1019#define ASN1_F_I2D_PUBLICKEY 184
1020#define ASN1_F_I2D_RSAPRIVATEKEY 185
1021#define ASN1_F_I2D_RSAPUBLICKEY 186
1022#define ASN1_F_I2D_RSA_PUBKEY 289
1023#define ASN1_F_I2D_X509_ATTRIBUTE 187
1024#define ASN1_F_I2T_ASN1_OBJECT 188
1025#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229
1026#define ASN1_F_NETSCAPE_PKEY_NEW 189
1027#define ASN1_F_NETSCAPE_SPKAC_NEW 190
1028#define ASN1_F_NETSCAPE_SPKI_NEW 191
1029#define ASN1_F_NOTICEREF_NEW 272
1030#define ASN1_F_OTHERNAME_NEW 288
1031#define ASN1_F_PBE2PARAM_NEW 264
1032#define ASN1_F_PBEPARAM_NEW 251
1033#define ASN1_F_PBKDF2PARAM_NEW 265
1034#define ASN1_F_PKCS12_BAGS_NEW 258
1035#define ASN1_F_PKCS12_MAC_DATA_NEW 259
1036#define ASN1_F_PKCS12_NEW 260
1037#define ASN1_F_PKCS12_SAFEBAG_NEW 261
1038#define ASN1_F_PKCS5_PBE2_SET 281
1039#define ASN1_F_PKCS7_DIGEST_NEW 192
1040#define ASN1_F_PKCS7_ENCRYPT_NEW 193
1041#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
1042#define ASN1_F_PKCS7_ENVELOPE_NEW 195
1043#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196
1044#define ASN1_F_PKCS7_NEW 197
1045#define ASN1_F_PKCS7_RECIP_INFO_NEW 198
1046#define ASN1_F_PKCS7_SIGNED_NEW 199
1047#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
1048#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
1049#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
1050#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
1051#define ASN1_F_POLICYINFO_NEW 273
1052#define ASN1_F_POLICYQUALINFO_NEW 274
1053#define ASN1_F_SXNETID_NEW 244
1054#define ASN1_F_SXNET_NEW 242
1055#define ASN1_F_USERNOTICE_NEW 275
1056#define ASN1_F_X509_ALGOR_NEW 202
1057#define ASN1_F_X509_ATTRIBUTE_NEW 203
1058#define ASN1_F_X509_CERT_AUX_NEW 286
1059#define ASN1_F_X509_CINF_NEW 204
1060#define ASN1_F_X509_CRL_INFO_NEW 205
1061#define ASN1_F_X509_CRL_NEW 206
1062#define ASN1_F_X509_DHPARAMS_NEW 207
1063#define ASN1_F_X509_EXTENSION_NEW 208
1064#define ASN1_F_X509_INFO_NEW 209
1065#define ASN1_F_X509_KEY_NEW 210
1066#define ASN1_F_X509_NAME_ENTRY_NEW 211
1067#define ASN1_F_X509_NAME_NEW 212
1068#define ASN1_F_X509_NEW 213
1069#define ASN1_F_X509_PKEY_NEW 214
1070#define ASN1_F_X509_PUBKEY_NEW 215
1071#define ASN1_F_X509_REQ_INFO_NEW 216
1072#define ASN1_F_X509_REQ_NEW 217
1073#define ASN1_F_X509_REVOKED_NEW 218
1074#define ASN1_F_X509_SIG_NEW 219
1075#define ASN1_F_X509_VAL_FREE 220
1076#define ASN1_F_X509_VAL_NEW 221
1077
1078/* Reason codes. */
1079#define ASN1_R_BAD_CLASS 100
1080#define ASN1_R_BAD_OBJECT_HEADER 101
1081#define ASN1_R_BAD_PASSWORD_READ 102
1082#define ASN1_R_BAD_PKCS7_CONTENT 103
1083#define ASN1_R_BAD_PKCS7_TYPE 104
1084#define ASN1_R_BAD_TAG 105
1085#define ASN1_R_BAD_TYPE 106
1086#define ASN1_R_BN_LIB 107
1087#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108
1088#define ASN1_R_BUFFER_TOO_SMALL 109
1089#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 166
1090#define ASN1_R_DATA_IS_WRONG 110
1091#define ASN1_R_DECODE_ERROR 155
1092#define ASN1_R_DECODING_ERROR 111
1093#define ASN1_R_ENCODE_ERROR 156
1094#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112
1095#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 157
1096#define ASN1_R_EXPECTING_AN_ENUMERATED 154
1097#define ASN1_R_EXPECTING_AN_INTEGER 113
1098#define ASN1_R_EXPECTING_AN_OBJECT 114
1099#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
1100#define ASN1_R_EXPECTING_A_BIT_STRING 116
1101#define ASN1_R_EXPECTING_A_BOOLEAN 117
1102#define ASN1_R_EXPECTING_A_GENERALIZEDTIME 151
1103#define ASN1_R_EXPECTING_A_NULL 164
1104#define ASN1_R_EXPECTING_A_TIME 152
1105#define ASN1_R_EXPECTING_A_UTCTIME 118
1106#define ASN1_R_FIRST_NUM_TOO_LARGE 119
1107#define ASN1_R_GENERALIZEDTIME_TOO_LONG 153
1108#define ASN1_R_HEADER_TOO_LONG 120
1109#define ASN1_R_ILLEGAL_CHARACTERS 158
1110#define ASN1_R_INVALID_BMPSTRING_LENGTH 159
1111#define ASN1_R_INVALID_DIGIT 121
1112#define ASN1_R_INVALID_SEPARATOR 122
1113#define ASN1_R_INVALID_TIME_FORMAT 123
1114#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 160
1115#define ASN1_R_INVALID_UTF8STRING 161
1116#define ASN1_R_IV_TOO_LARGE 124
1117#define ASN1_R_LENGTH_ERROR 125
1118#define ASN1_R_MISSING_SECOND_NUMBER 126
1119#define ASN1_R_NON_HEX_CHARACTERS 127
1120#define ASN1_R_NOT_ENOUGH_DATA 128
1121#define ASN1_R_NULL_IS_WRONG_LENGTH 165
1122#define ASN1_R_ODD_NUMBER_OF_CHARS 129
1123#define ASN1_R_PARSING 130
1124#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131
1125#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132
1126#define ASN1_R_SHORT_LINE 133
1127#define ASN1_R_STRING_TOO_LONG 163
1128#define ASN1_R_STRING_TOO_SHORT 134
1129#define ASN1_R_TAG_VALUE_TOO_HIGH 135
1130#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
1131#define ASN1_R_TOO_LONG 137
1132#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138
1133#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139
1134#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140
1135#define ASN1_R_UNKNOWN_FORMAT 162
1136#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141
1137#define ASN1_R_UNKNOWN_OBJECT_TYPE 142
1138#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143
1139#define ASN1_R_UNSUPPORTED_CIPHER 144
1140#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145
1141#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146
1142#define ASN1_R_UTCTIME_TOO_LONG 147
1143#define ASN1_R_WRONG_PRINTABLE_TYPE 148
1144#define ASN1_R_WRONG_TAG 149
1145#define ASN1_R_WRONG_TYPE 150
1146
1147#ifdef __cplusplus
1148}
1149#endif
1150#endif
1151
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
deleted file mode 100644
index cecd555c88..0000000000
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ /dev/null
@@ -1,352 +0,0 @@
1/* crypto/asn1/asn1_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/asn1.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA ASN1_str_functs[]=
68 {
69{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"},
70{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"},
71{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
72{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
73{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0), "ACCESS_DESCRIPTION_new"},
74{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
75{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
76{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
77{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
78{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"},
79{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"},
80{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_NEW,0), "ASN1_GENERALIZEDTIME_new"},
81{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
82{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
83{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
84{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"},
85{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
86{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
87{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"},
88{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
89{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"},
90{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0), "ASN1_PBE_SET"},
91{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"},
92{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
93{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"},
94{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"},
95{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"},
96{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
97{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
98{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
99{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"},
100{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
101{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_new"},
102{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"},
103{ERR_PACK(0,ASN1_F_AUTHORITY_KEYID_NEW,0), "AUTHORITY_KEYID_new"},
104{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0), "BASIC_CONSTRAINTS_new"},
105{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
106{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
107{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0), "d2i_ACCESS_DESCRIPTION"},
108{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
109{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"},
110{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
111{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
112{ERR_PACK(0,ASN1_F_D2I_ASN1_ENUMERATED,0), "d2i_ASN1_ENUMERATED"},
113{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "d2i_ASN1_GENERALIZEDTIME"},
114{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
115{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"},
116{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "d2i_ASN1_NULL"},
117{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
118{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"},
119{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"},
120{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"},
121{ERR_PACK(0,ASN1_F_D2I_ASN1_TIME,0), "d2i_ASN1_TIME"},
122{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"},
123{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"},
124{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"},
125{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"},
126{ERR_PACK(0,ASN1_F_D2I_ASN1_UTF8STRING,0), "d2i_ASN1_UTF8STRING"},
127{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "d2i_ASN1_VISIBLESTRING"},
128{ERR_PACK(0,ASN1_F_D2I_AUTHORITY_KEYID,0), "d2i_AUTHORITY_KEYID"},
129{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0), "d2i_BASIC_CONSTRAINTS"},
130{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"},
131{ERR_PACK(0,ASN1_F_D2I_DIST_POINT,0), "d2i_DIST_POINT"},
132{ERR_PACK(0,ASN1_F_D2I_DIST_POINT_NAME,0), "d2i_DIST_POINT_NAME"},
133{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"},
134{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"},
135{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"},
136{ERR_PACK(0,ASN1_F_D2I_GENERAL_NAME,0), "d2i_GENERAL_NAME"},
137{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0), "d2i_NETSCAPE_CERT_SEQUENCE"},
138{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"},
139{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"},
140{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"},
141{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "d2i_NETSCAPE_SPKAC"},
142{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "d2i_NETSCAPE_SPKI"},
143{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "d2i_NOTICEREF"},
144{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0), "d2i_OTHERNAME"},
145{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "d2i_PBE2PARAM"},
146{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "d2i_PBEPARAM"},
147{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "d2i_PBKDF2PARAM"},
148{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "d2i_PKCS12"},
149{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "d2i_PKCS12_BAGS"},
150{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "d2i_PKCS12_MAC_DATA"},
151{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "d2i_PKCS12_SAFEBAG"},
152{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "d2i_PKCS7"},
153{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "d2i_PKCS7_DIGEST"},
154{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "d2i_PKCS7_ENCRYPT"},
155{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "d2i_PKCS7_ENC_CONTENT"},
156{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "d2i_PKCS7_ENVELOPE"},
157{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "d2i_PKCS7_ISSUER_AND_SERIAL"},
158{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "d2i_PKCS7_RECIP_INFO"},
159{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "d2i_PKCS7_SIGNED"},
160{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "d2i_PKCS7_SIGNER_INFO"},
161{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "d2i_PKCS7_SIGN_ENVELOPE"},
162{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "d2i_PKCS8_PRIV_KEY_INFO"},
163{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "d2i_PKEY_USAGE_PERIOD"},
164{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "d2i_POLICYINFO"},
165{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "d2i_POLICYQUALINFO"},
166{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"},
167{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"},
168{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "d2i_RSAPrivateKey"},
169{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "d2i_RSAPublicKey"},
170{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "d2i_SXNET"},
171{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "d2i_SXNETID"},
172{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "d2i_USERNOTICE"},
173{ERR_PACK(0,ASN1_F_D2I_X509,0), "d2i_X509"},
174{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "d2i_X509_ALGOR"},
175{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "d2i_X509_ATTRIBUTE"},
176{ERR_PACK(0,ASN1_F_D2I_X509_CERT_AUX,0), "d2i_X509_CERT_AUX"},
177{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "d2i_X509_CINF"},
178{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "d2i_X509_CRL"},
179{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "d2i_X509_CRL_INFO"},
180{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "d2i_X509_EXTENSION"},
181{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"},
182{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "d2i_X509_NAME"},
183{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "d2i_X509_NAME_ENTRY"},
184{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
185{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "d2i_X509_PUBKEY"},
186{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "d2i_X509_REQ"},
187{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "d2i_X509_REQ_INFO"},
188{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "d2i_X509_REVOKED"},
189{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "d2i_X509_SIG"},
190{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "d2i_X509_VAL"},
191{ERR_PACK(0,ASN1_F_DIST_POINT_NAME_NEW,0), "DIST_POINT_NAME_new"},
192{ERR_PACK(0,ASN1_F_DIST_POINT_NEW,0), "DIST_POINT_new"},
193{ERR_PACK(0,ASN1_F_GENERAL_NAME_NEW,0), "GENERAL_NAME_new"},
194{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"},
195{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "i2d_ASN1_TIME"},
196{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "i2d_DHparams"},
197{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "i2d_DSAparams"},
198{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "i2d_DSAPrivateKey"},
199{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "i2d_DSAPublicKey"},
200{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
201{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
202{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "i2d_PKCS7"},
203{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"},
204{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"},
205{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "i2d_RSAPrivateKey"},
206{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "i2d_RSAPublicKey"},
207{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"},
208{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "i2d_X509_ATTRIBUTE"},
209{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"},
210{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0), "NETSCAPE_CERT_SEQUENCE_new"},
211{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
212{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_new"},
213{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_new"},
214{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_new"},
215{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0), "OTHERNAME_new"},
216{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_new"},
217{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_new"},
218{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_new"},
219{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_new"},
220{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_new"},
221{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_new"},
222{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_new"},
223{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"},
224{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_new"},
225{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_new"},
226{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_new"},
227{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_new"},
228{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_new"},
229{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_new"},
230{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_new"},
231{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_new"},
232{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_new"},
233{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_new"},
234{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_new"},
235{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_new"},
236{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_new"},
237{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_new"},
238{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_new"},
239{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_new"},
240{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_new"},
241{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_new"},
242{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_new"},
243{ERR_PACK(0,ASN1_F_X509_CERT_AUX_NEW,0), "X509_CERT_AUX_new"},
244{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_new"},
245{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_new"},
246{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_new"},
247{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"},
248{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_new"},
249{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"},
250{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"},
251{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_new"},
252{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_new"},
253{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_new"},
254{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"},
255{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_new"},
256{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_new"},
257{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_new"},
258{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_new"},
259{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_new"},
260{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_free"},
261{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_new"},
262{0,NULL}
263 };
264
265static ERR_STRING_DATA ASN1_str_reasons[]=
266 {
267{ASN1_R_BAD_CLASS ,"bad class"},
268{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
269{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
270{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
271{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"},
272{ASN1_R_BAD_TAG ,"bad tag"},
273{ASN1_R_BAD_TYPE ,"bad type"},
274{ASN1_R_BN_LIB ,"bn lib"},
275{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"},
276{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"},
277{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
278{ASN1_R_DATA_IS_WRONG ,"data is wrong"},
279{ASN1_R_DECODE_ERROR ,"decode error"},
280{ASN1_R_DECODING_ERROR ,"decoding error"},
281{ASN1_R_ENCODE_ERROR ,"encode error"},
282{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
283{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"},
284{ASN1_R_EXPECTING_AN_ENUMERATED ,"expecting an enumerated"},
285{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
286{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
287{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
288{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
289{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
290{ASN1_R_EXPECTING_A_GENERALIZEDTIME ,"expecting a generalizedtime"},
291{ASN1_R_EXPECTING_A_NULL ,"expecting a null"},
292{ASN1_R_EXPECTING_A_TIME ,"expecting a time"},
293{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"},
294{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
295{ASN1_R_GENERALIZEDTIME_TOO_LONG ,"generalizedtime too long"},
296{ASN1_R_HEADER_TOO_LONG ,"header too long"},
297{ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"},
298{ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"},
299{ASN1_R_INVALID_DIGIT ,"invalid digit"},
300{ASN1_R_INVALID_SEPARATOR ,"invalid separator"},
301{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"},
302{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ,"invalid universalstring length"},
303{ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"},
304{ASN1_R_IV_TOO_LARGE ,"iv too large"},
305{ASN1_R_LENGTH_ERROR ,"length error"},
306{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
307{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
308{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
309{ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"},
310{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"},
311{ASN1_R_PARSING ,"parsing"},
312{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"},
313{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"},
314{ASN1_R_SHORT_LINE ,"short line"},
315{ASN1_R_STRING_TOO_LONG ,"string too long"},
316{ASN1_R_STRING_TOO_SHORT ,"string too short"},
317{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"},
318{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
319{ASN1_R_TOO_LONG ,"too long"},
320{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"},
321{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
322{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"},
323{ASN1_R_UNKNOWN_FORMAT ,"unknown format"},
324{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
325{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"},
326{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"},
327{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
328{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
329{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"},
330{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"},
331{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"},
332{ASN1_R_WRONG_TAG ,"wrong tag"},
333{ASN1_R_WRONG_TYPE ,"wrong type"},
334{0,NULL}
335 };
336
337#endif
338
339void ERR_load_ASN1_strings(void)
340 {
341 static int init=1;
342
343 if (init)
344 {
345 init=0;
346#ifndef NO_ERR
347 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
348 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
349#endif
350
351 }
352 }
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
deleted file mode 100644
index a8b651e54e..0000000000
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ /dev/null
@@ -1,427 +0,0 @@
1/* crypto/asn1/asn1_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/asn1_mac.h>
63
64static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
65static void asn1_put_length(unsigned char **pp, int length);
66const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
67
68int ASN1_check_infinite_end(unsigned char **p, long len)
69 {
70 /* If there is 0 or 1 byte left, the length check should pick
71 * things up */
72 if (len <= 0)
73 return(1);
74 else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
75 {
76 (*p)+=2;
77 return(1);
78 }
79 return(0);
80 }
81
82
83int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
84 long omax)
85 {
86 int i,ret;
87 long l;
88 unsigned char *p= *pp;
89 int tag,xclass,inf;
90 long max=omax;
91
92 if (!max) goto err;
93 ret=(*p&V_ASN1_CONSTRUCTED);
94 xclass=(*p&V_ASN1_PRIVATE);
95 i= *p&V_ASN1_PRIMITIVE_TAG;
96 if (i == V_ASN1_PRIMITIVE_TAG)
97 { /* high-tag */
98 p++;
99 if (--max == 0) goto err;
100 l=0;
101 while (*p&0x80)
102 {
103 l<<=7L;
104 l|= *(p++)&0x7f;
105 if (--max == 0) goto err;
106 }
107 l<<=7L;
108 l|= *(p++)&0x7f;
109 tag=(int)l;
110 }
111 else
112 {
113 tag=i;
114 p++;
115 if (--max == 0) goto err;
116 }
117 *ptag=tag;
118 *pclass=xclass;
119 if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
120
121#if 0
122 fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
123 (int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
124 (int)(omax+ *pp));
125
126#endif
127#if 0
128 if ((p+ *plength) > (omax+ *pp))
129 {
130 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
131 /* Set this so that even if things are not long enough
132 * the values are set correctly */
133 ret|=0x80;
134 }
135#endif
136 *pp=p;
137 return(ret|inf);
138err:
139 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
140 return(0x80);
141 }
142
143static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
144 {
145 unsigned char *p= *pp;
146 long ret=0;
147 int i;
148
149 if (max-- < 1) return(0);
150 if (*p == 0x80)
151 {
152 *inf=1;
153 ret=0;
154 p++;
155 }
156 else
157 {
158 *inf=0;
159 i= *p&0x7f;
160 if (*(p++) & 0x80)
161 {
162 if (max-- == 0) return(0);
163 while (i-- > 0)
164 {
165 ret<<=8L;
166 ret|= *(p++);
167 if (max-- == 0) return(0);
168 }
169 }
170 else
171 ret=i;
172 }
173 *pp=p;
174 *rl=ret;
175 return(1);
176 }
177
178/* class 0 is constructed
179 * constructed == 2 for indefinite length constructed */
180void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
181 int xclass)
182 {
183 unsigned char *p= *pp;
184 int i, ttag;
185
186 i=(constructed)?V_ASN1_CONSTRUCTED:0;
187 i|=(xclass&V_ASN1_PRIVATE);
188 if (tag < 31)
189 *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
190 else
191 {
192 *(p++)=i|V_ASN1_PRIMITIVE_TAG;
193 for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7;
194 ttag = i;
195 while(i-- > 0)
196 {
197 p[i] = tag & 0x7f;
198 if(i != (ttag - 1)) p[i] |= 0x80;
199 tag >>= 7;
200 }
201 p += ttag;
202 }
203 if ((constructed == 2) && (length == 0))
204 *(p++)=0x80; /* der_put_length would output 0 instead */
205 else
206 asn1_put_length(&p,length);
207 *pp=p;
208 }
209
210static void asn1_put_length(unsigned char **pp, int length)
211 {
212 unsigned char *p= *pp;
213 int i,l;
214 if (length <= 127)
215 *(p++)=(unsigned char)length;
216 else
217 {
218 l=length;
219 for (i=0; l > 0; i++)
220 l>>=8;
221 *(p++)=i|0x80;
222 l=i;
223 while (i-- > 0)
224 {
225 p[i]=length&0xff;
226 length>>=8;
227 }
228 p+=l;
229 }
230 *pp=p;
231 }
232
233int ASN1_object_size(int constructed, int length, int tag)
234 {
235 int ret;
236
237 ret=length;
238 ret++;
239 if (tag >= 31)
240 {
241 while (tag > 0)
242 {
243 tag>>=7;
244 ret++;
245 }
246 }
247 if ((length == 0) && (constructed == 2))
248 ret+=2;
249 ret++;
250 if (length > 127)
251 {
252 while (length > 0)
253 {
254 length>>=8;
255 ret++;
256 }
257 }
258 return(ret);
259 }
260
261int asn1_Finish(ASN1_CTX *c)
262 {
263 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
264 {
265 if (!ASN1_check_infinite_end(&c->p,c->slen))
266 {
267 c->error=ERR_R_MISSING_ASN1_EOS;
268 return(0);
269 }
270 }
271 if ( ((c->slen != 0) && !(c->inf & 1)) ||
272 ((c->slen < 0) && (c->inf & 1)))
273 {
274 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
275 return(0);
276 }
277 return(1);
278 }
279
280int asn1_GetSequence(ASN1_CTX *c, long *length)
281 {
282 unsigned char *q;
283
284 q=c->p;
285 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
286 *length);
287 if (c->inf & 0x80)
288 {
289 c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
290 return(0);
291 }
292 if (c->tag != V_ASN1_SEQUENCE)
293 {
294 c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
295 return(0);
296 }
297 (*length)-=(c->p-q);
298 if (c->max && (*length < 0))
299 {
300 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
301 return(0);
302 }
303 if (c->inf == (1|V_ASN1_CONSTRUCTED))
304 c->slen= *length;
305 c->eos=0;
306 return(1);
307 }
308
309ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
310 {
311 ASN1_STRING *ret;
312
313 if (str == NULL) return(NULL);
314 if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
315 return(NULL);
316 if (!ASN1_STRING_set(ret,str->data,str->length))
317 {
318 ASN1_STRING_free(ret);
319 return(NULL);
320 }
321 ret->flags = str->flags;
322 return(ret);
323 }
324
325int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
326 {
327 unsigned char *c;
328 const char *data=_data;
329
330 if (len < 0)
331 {
332 if (data == NULL)
333 return(0);
334 else
335 len=strlen(data);
336 }
337 if ((str->length < len) || (str->data == NULL))
338 {
339 c=str->data;
340 if (c == NULL)
341 str->data=OPENSSL_malloc(len+1);
342 else
343 str->data=OPENSSL_realloc(c,len+1);
344
345 if (str->data == NULL)
346 {
347 str->data=c;
348 return(0);
349 }
350 }
351 str->length=len;
352 if (data != NULL)
353 {
354 memcpy(str->data,data,len);
355 /* an allowance for strings :-) */
356 str->data[len]='\0';
357 }
358 return(1);
359 }
360
361ASN1_STRING *ASN1_STRING_new(void)
362 {
363 return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
364 }
365
366
367ASN1_STRING *ASN1_STRING_type_new(int type)
368 {
369 ASN1_STRING *ret;
370
371 ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
372 if (ret == NULL)
373 {
374 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
375 return(NULL);
376 }
377 ret->length=0;
378 ret->type=type;
379 ret->data=NULL;
380 ret->flags=0;
381 return(ret);
382 }
383
384void ASN1_STRING_free(ASN1_STRING *a)
385 {
386 if (a == NULL) return;
387 if (a->data != NULL) OPENSSL_free(a->data);
388 OPENSSL_free(a);
389 }
390
391int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
392 {
393 int i;
394
395 i=(a->length-b->length);
396 if (i == 0)
397 {
398 i=memcmp(a->data,b->data,a->length);
399 if (i == 0)
400 return(a->type-b->type);
401 else
402 return(i);
403 }
404 else
405 return(i);
406 }
407
408void asn1_add_error(unsigned char *address, int offset)
409 {
410 char buf1[16],buf2[16];
411
412 sprintf(buf1,"%lu",(unsigned long)address);
413 sprintf(buf2,"%d",offset);
414 ERR_add_error_data(4,"address=",buf1," offset=",buf2);
415 }
416
417int ASN1_STRING_length(ASN1_STRING *x)
418{ return M_ASN1_STRING_length(x); }
419
420void ASN1_STRING_length_set(ASN1_STRING *x, int len)
421{ M_ASN1_STRING_length_set(x, len); return; }
422
423int ASN1_STRING_type(ASN1_STRING *x)
424{ return M_ASN1_STRING_type(x); }
425
426unsigned char * ASN1_STRING_data(ASN1_STRING *x)
427{ return M_ASN1_STRING_data(x); }
diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h
deleted file mode 100644
index af0e664b2d..0000000000
--- a/src/lib/libcrypto/asn1/asn1_mac.h
+++ /dev/null
@@ -1,583 +0,0 @@
1/* crypto/asn1/asn1_mac.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ASN1_MAC_H
60#define HEADER_ASN1_MAC_H
61
62#include <openssl/asn1.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68#ifndef ASN1_MAC_ERR_LIB
69#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
70#endif
71
72#define ASN1_MAC_H_err(f,r,line) \
73 ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),ERR_file_name,(line))
74
75#define M_ASN1_D2I_vars(a,type,func) \
76 ASN1_CTX c; \
77 type ret=NULL; \
78 \
79 c.pp=pp; \
80 c.q= *pp; \
81 c.error=ERR_R_NESTED_ASN1_ERROR; \
82 if ((a == NULL) || ((*a) == NULL)) \
83 { if ((ret=(type)func()) == NULL) \
84 { c.line=__LINE__; goto err; } } \
85 else ret=(*a);
86
87#define M_ASN1_D2I_Init() \
88 c.p= *pp; \
89 c.max=(length == 0)?0:(c.p+length);
90
91#define M_ASN1_D2I_Finish_2(a) \
92 if (!asn1_Finish(&c)) \
93 { c.line=__LINE__; goto err; } \
94 *pp=c.p; \
95 if (a != NULL) (*a)=ret; \
96 return(ret);
97
98#define M_ASN1_D2I_Finish(a,func,e) \
99 M_ASN1_D2I_Finish_2(a); \
100err:\
101 ASN1_MAC_H_err((e),c.error,c.line); \
102 asn1_add_error(*pp,(int)(c.q- *pp)); \
103 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
104 return(NULL)
105
106#define M_ASN1_D2I_start_sequence() \
107 if (!asn1_GetSequence(&c,&length)) \
108 { c.line=__LINE__; goto err; }
109/* Begin reading ASN1 without a surrounding sequence */
110#define M_ASN1_D2I_begin() \
111 c.slen = length;
112
113/* End reading ASN1 with no check on length */
114#define M_ASN1_D2I_Finish_nolen(a, func, e) \
115 *pp=c.p; \
116 if (a != NULL) (*a)=ret; \
117 return(ret); \
118err:\
119 ASN1_MAC_H_err((e),c.error,c.line); \
120 asn1_add_error(*pp,(int)(c.q- *pp)); \
121 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
122 return(NULL)
123
124#define M_ASN1_D2I_end_sequence() \
125 (((c.inf&1) == 0)?(c.slen <= 0): \
126 (c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
127
128/* Don't use this with d2i_ASN1_BOOLEAN() */
129#define M_ASN1_D2I_get(b,func) \
130 c.q=c.p; \
131 if (func(&(b),&c.p,c.slen) == NULL) \
132 {c.line=__LINE__; goto err; } \
133 c.slen-=(c.p-c.q);
134
135/* use this instead () */
136#define M_ASN1_D2I_get_int(b,func) \
137 c.q=c.p; \
138 if (func(&(b),&c.p,c.slen) < 0) \
139 {c.line=__LINE__; goto err; } \
140 c.slen-=(c.p-c.q);
141
142#define M_ASN1_D2I_get_opt(b,func,type) \
143 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
144 == (V_ASN1_UNIVERSAL|(type)))) \
145 { \
146 M_ASN1_D2I_get(b,func); \
147 }
148
149#define M_ASN1_D2I_get_imp(b,func, type) \
150 M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
151 c.q=c.p; \
152 if (func(&(b),&c.p,c.slen) == NULL) \
153 {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
154 c.slen-=(c.p-c.q);\
155 M_ASN1_next_prev=_tmp;
156
157#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
158 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
159 (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
160 { \
161 unsigned char _tmp = M_ASN1_next; \
162 M_ASN1_D2I_get_imp(b,func, type);\
163 }
164
165#define M_ASN1_D2I_get_set(r,func,free_func) \
166 M_ASN1_D2I_get_imp_set(r,func,free_func, \
167 V_ASN1_SET,V_ASN1_UNIVERSAL);
168
169#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
170 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
171 V_ASN1_SET,V_ASN1_UNIVERSAL);
172
173#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
174 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
175 V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
176 { M_ASN1_D2I_get_set(r,func,free_func); }
177
178#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
179 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
180 V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
181 { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
182
183#define M_ASN1_I2D_len_SET_opt(a,f) \
184 if ((a != NULL) && (sk_num(a) != 0)) \
185 M_ASN1_I2D_len_SET(a,f);
186
187#define M_ASN1_I2D_put_SET_opt(a,f) \
188 if ((a != NULL) && (sk_num(a) != 0)) \
189 M_ASN1_I2D_put_SET(a,f);
190
191#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
192 if ((a != NULL) && (sk_num(a) != 0)) \
193 M_ASN1_I2D_put_SEQUENCE(a,f);
194
195#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
196 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
197 M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
198
199#define M_ASN1_I2D_put_SEQUENCE_opt_ex_type(type,a,f) \
200 if (a) M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
201
202#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
203 if ((c.slen != 0) && \
204 (M_ASN1_next == \
205 (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
206 { \
207 M_ASN1_D2I_get_imp_set(b,func,free_func,\
208 tag,V_ASN1_CONTEXT_SPECIFIC); \
209 }
210
211#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
212 if ((c.slen != 0) && \
213 (M_ASN1_next == \
214 (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
215 { \
216 M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
217 tag,V_ASN1_CONTEXT_SPECIFIC); \
218 }
219
220#define M_ASN1_D2I_get_seq(r,func,free_func) \
221 M_ASN1_D2I_get_imp_set(r,func,free_func,\
222 V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
223
224#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
225 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
226 V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
227
228#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
229 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
230 V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
231 { M_ASN1_D2I_get_seq(r,func,free_func); }
232
233#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
234 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
235 V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
236 { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
237
238#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
239 M_ASN1_D2I_get_imp_set(r,func,free_func,\
240 x,V_ASN1_CONTEXT_SPECIFIC);
241
242#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
243 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
244 x,V_ASN1_CONTEXT_SPECIFIC);
245
246#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
247 c.q=c.p; \
248 if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
249 (void (*)())free_func,a,b) == NULL) \
250 { c.line=__LINE__; goto err; } \
251 c.slen-=(c.p-c.q);
252
253#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
254 c.q=c.p; \
255 if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
256 free_func,a,b) == NULL) \
257 { c.line=__LINE__; goto err; } \
258 c.slen-=(c.p-c.q);
259
260#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
261 c.q=c.p; \
262 if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
263 { c.line=__LINE__; goto err; } \
264 c.slen-=(c.p-c.q);
265
266#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
267 if ((c.slen != 0L) && (M_ASN1_next == \
268 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
269 { \
270 int Tinf,Ttag,Tclass; \
271 long Tlen; \
272 \
273 c.q=c.p; \
274 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
275 if (Tinf & 0x80) \
276 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
277 c.line=__LINE__; goto err; } \
278 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
279 Tlen = c.slen - (c.p - c.q) - 2; \
280 if (func(&(r),&c.p,Tlen) == NULL) \
281 { c.line=__LINE__; goto err; } \
282 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
283 Tlen = c.slen - (c.p - c.q); \
284 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
285 { c.error=ERR_R_MISSING_ASN1_EOS; \
286 c.line=__LINE__; goto err; } \
287 }\
288 c.slen-=(c.p-c.q); \
289 }
290
291#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
292 if ((c.slen != 0) && (M_ASN1_next == \
293 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
294 { \
295 int Tinf,Ttag,Tclass; \
296 long Tlen; \
297 \
298 c.q=c.p; \
299 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
300 if (Tinf & 0x80) \
301 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
302 c.line=__LINE__; goto err; } \
303 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
304 Tlen = c.slen - (c.p - c.q) - 2; \
305 if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
306 (void (*)())free_func, \
307 b,V_ASN1_UNIVERSAL) == NULL) \
308 { c.line=__LINE__; goto err; } \
309 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
310 Tlen = c.slen - (c.p - c.q); \
311 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
312 { c.error=ERR_R_MISSING_ASN1_EOS; \
313 c.line=__LINE__; goto err; } \
314 }\
315 c.slen-=(c.p-c.q); \
316 }
317
318#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
319 if ((c.slen != 0) && (M_ASN1_next == \
320 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
321 { \
322 int Tinf,Ttag,Tclass; \
323 long Tlen; \
324 \
325 c.q=c.p; \
326 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
327 if (Tinf & 0x80) \
328 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
329 c.line=__LINE__; goto err; } \
330 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
331 Tlen = c.slen - (c.p - c.q) - 2; \
332 if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
333 free_func,b,V_ASN1_UNIVERSAL) == NULL) \
334 { c.line=__LINE__; goto err; } \
335 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
336 Tlen = c.slen - (c.p - c.q); \
337 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
338 { c.error=ERR_R_MISSING_ASN1_EOS; \
339 c.line=__LINE__; goto err; } \
340 }\
341 c.slen-=(c.p-c.q); \
342 }
343
344/* New macros */
345#define M_ASN1_New_Malloc(ret,type) \
346 if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
347 { c.line=__LINE__; goto err2; }
348
349#define M_ASN1_New(arg,func) \
350 if (((arg)=func()) == NULL) return(NULL)
351
352#define M_ASN1_New_Error(a) \
353/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
354 return(NULL);*/ \
355 err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
356 return(NULL)
357
358
359#define M_ASN1_next (*c.p)
360#define M_ASN1_next_prev (*c.q)
361
362/*************************************************/
363
364#define M_ASN1_I2D_vars(a) int r=0,ret=0; \
365 unsigned char *p; \
366 if (a == NULL) return(0)
367
368/* Length Macros */
369#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
370#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
371
372#define M_ASN1_I2D_len_SET(a,f) \
373 ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
374
375#define M_ASN1_I2D_len_SET_type(type,a,f) \
376 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
377 V_ASN1_UNIVERSAL,IS_SET);
378
379#define M_ASN1_I2D_len_SEQUENCE(a,f) \
380 ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
381 IS_SEQUENCE);
382
383#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
384 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
385 V_ASN1_UNIVERSAL,IS_SEQUENCE)
386
387#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
388 if ((a != NULL) && (sk_num(a) != 0)) \
389 M_ASN1_I2D_len_SEQUENCE(a,f);
390
391#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
392 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
393 M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
394
395#define M_ASN1_I2D_len_SEQUENCE_opt_ex_type(type,a,f) \
396 if (a) M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
397
398#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
399 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
400
401#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
402 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
403 V_ASN1_CONTEXT_SPECIFIC,IS_SET);
404
405#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
406 if ((a != NULL) && (sk_num(a) != 0)) \
407 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
408 IS_SET);
409
410#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
411 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
412 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
413 V_ASN1_CONTEXT_SPECIFIC,IS_SET);
414
415#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
416 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
417 IS_SEQUENCE);
418
419#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
420 if ((a != NULL) && (sk_num(a) != 0)) \
421 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
422 IS_SEQUENCE);
423
424#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
425 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
426 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
427 V_ASN1_CONTEXT_SPECIFIC, \
428 IS_SEQUENCE);
429
430#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
431 if (a != NULL)\
432 { \
433 v=f(a,NULL); \
434 ret+=ASN1_object_size(1,v,mtag); \
435 }
436
437#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
438 if ((a != NULL) && (sk_num(a) != 0))\
439 { \
440 v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
441 ret+=ASN1_object_size(1,v,mtag); \
442 }
443
444#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
445 if ((a != NULL) && (sk_num(a) != 0))\
446 { \
447 v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
448 IS_SEQUENCE); \
449 ret+=ASN1_object_size(1,v,mtag); \
450 }
451
452#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
453 if ((a != NULL) && (sk_##type##_num(a) != 0))\
454 { \
455 v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
456 V_ASN1_UNIVERSAL, \
457 IS_SEQUENCE); \
458 ret+=ASN1_object_size(1,v,mtag); \
459 }
460
461#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
462 if (a)\
463 { \
464 v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
465 V_ASN1_UNIVERSAL, \
466 IS_SEQUENCE); \
467 ret+=ASN1_object_size(1,v,mtag); \
468 }
469
470/* Put Macros */
471#define M_ASN1_I2D_put(a,f) f(a,&p)
472
473#define M_ASN1_I2D_put_IMP_opt(a,f,t) \
474 if (a != NULL) \
475 { \
476 unsigned char *q=p; \
477 f(a,&p); \
478 *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
479 }
480
481#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
482 V_ASN1_UNIVERSAL,IS_SET)
483#define M_ASN1_I2D_put_SET_type(type,a,f) \
484 i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
485#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
486 V_ASN1_CONTEXT_SPECIFIC,IS_SET)
487#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
488 i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
489#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
490 V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
491
492#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
493 V_ASN1_UNIVERSAL,IS_SEQUENCE)
494
495#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
496 i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
497 IS_SEQUENCE)
498
499#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
500 if ((a != NULL) && (sk_num(a) != 0)) \
501 M_ASN1_I2D_put_SEQUENCE(a,f);
502
503#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
504 if ((a != NULL) && (sk_num(a) != 0)) \
505 { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
506 IS_SET); }
507
508#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
509 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
510 { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
511 V_ASN1_CONTEXT_SPECIFIC, \
512 IS_SET); }
513
514#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
515 if ((a != NULL) && (sk_num(a) != 0)) \
516 { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
517 IS_SEQUENCE); }
518
519#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
520 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
521 { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
522 V_ASN1_CONTEXT_SPECIFIC, \
523 IS_SEQUENCE); }
524
525#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
526 if (a != NULL) \
527 { \
528 ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
529 f(a,&p); \
530 }
531
532#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
533 if ((a != NULL) && (sk_num(a) != 0)) \
534 { \
535 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
536 i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
537 }
538
539#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
540 if ((a != NULL) && (sk_num(a) != 0)) \
541 { \
542 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
543 i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
544 }
545
546#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
547 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
548 { \
549 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
550 i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
551 IS_SEQUENCE); \
552 }
553
554#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
555 if (a) \
556 { \
557 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
558 i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
559 IS_SEQUENCE); \
560 }
561
562#define M_ASN1_I2D_seq_total() \
563 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
564 if (pp == NULL) return(r); \
565 p= *pp; \
566 ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
567
568#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
569 *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
570 *(p++)=0x80
571
572#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
573
574#define M_ASN1_I2D_finish() *pp=p; \
575 return(r);
576
577int asn1_GetSequence(ASN1_CTX *c, long *length);
578void asn1_add_error(unsigned char *address,int offset);
579#ifdef __cplusplus
580}
581#endif
582
583#endif
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
deleted file mode 100644
index facfdd27fc..0000000000
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ /dev/null
@@ -1,423 +0,0 @@
1/* crypto/asn1/asn1_par.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/asn1.h>
64
65static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
66 int indent);
67static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
68 int offset, int depth, int indent, int dump);
69static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
70 int indent)
71 {
72 static const char fmt[]="%-18s";
73 static const char fmt2[]="%2d %-15s";
74 char str[128];
75 const char *p,*p2=NULL;
76
77 if (constructed & V_ASN1_CONSTRUCTED)
78 p="cons: ";
79 else
80 p="prim: ";
81 if (BIO_write(bp,p,6) < 6) goto err;
82 if (indent)
83 {
84 if (indent > 128) indent=128;
85 memset(str,' ',indent);
86 if (BIO_write(bp,str,indent) < indent) goto err;
87 }
88
89 p=str;
90 if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
91 sprintf(str,"priv [ %d ] ",tag);
92 else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
93 sprintf(str,"cont [ %d ]",tag);
94 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
95 sprintf(str,"appl [ %d ]",tag);
96 else p = ASN1_tag2str(tag);
97
98 if (p2 != NULL)
99 {
100 if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
101 }
102 else
103 {
104 if (BIO_printf(bp,fmt,p) <= 0) goto err;
105 }
106 return(1);
107err:
108 return(0);
109 }
110
111int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent)
112 {
113 return(asn1_parse2(bp,&pp,len,0,0,indent,0));
114 }
115
116int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump)
117 {
118 return(asn1_parse2(bp,&pp,len,0,0,indent,dump));
119 }
120
121static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
122 int depth, int indent, int dump)
123 {
124 unsigned char *p,*ep,*tot,*op,*opp;
125 long len;
126 int tag,xclass,ret=0;
127 int nl,hl,j,r;
128 ASN1_OBJECT *o=NULL;
129 ASN1_OCTET_STRING *os=NULL;
130 /* ASN1_BMPSTRING *bmp=NULL;*/
131 int dump_indent;
132
133#if 0
134 dump_indent = indent;
135#else
136 dump_indent = 6; /* Because we know BIO_dump_indent() */
137#endif
138 p= *pp;
139 tot=p+length;
140 op=p-1;
141 while ((p < tot) && (op < p))
142 {
143 op=p;
144 j=ASN1_get_object(&p,&len,&tag,&xclass,length);
145#ifdef LINT
146 j=j;
147#endif
148 if (j & 0x80)
149 {
150 if (BIO_write(bp,"Error in encoding\n",18) <= 0)
151 goto end;
152 ret=0;
153 goto end;
154 }
155 hl=(p-op);
156 length-=hl;
157 /* if j == 0x21 it is a constructed indefinite length object */
158 if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
159 <= 0) goto end;
160
161 if (j != (V_ASN1_CONSTRUCTED | 1))
162 {
163 if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
164 depth,(long)hl,len) <= 0)
165 goto end;
166 }
167 else
168 {
169 if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ",
170 depth,(long)hl) <= 0)
171 goto end;
172 }
173 if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
174 goto end;
175 if (j & V_ASN1_CONSTRUCTED)
176 {
177 ep=p+len;
178 if (BIO_write(bp,"\n",1) <= 0) goto end;
179 if (len > length)
180 {
181 BIO_printf(bp,
182 "length is greater than %ld\n",length);
183 ret=0;
184 goto end;
185 }
186 if ((j == 0x21) && (len == 0))
187 {
188 for (;;)
189 {
190 r=asn1_parse2(bp,&p,(long)(tot-p),
191 offset+(p - *pp),depth+1,
192 indent,dump);
193 if (r == 0) { ret=0; goto end; }
194 if ((r == 2) || (p >= tot)) break;
195 }
196 }
197 else
198 while (p < ep)
199 {
200 r=asn1_parse2(bp,&p,(long)len,
201 offset+(p - *pp),depth+1,
202 indent,dump);
203 if (r == 0) { ret=0; goto end; }
204 }
205 }
206 else if (xclass != 0)
207 {
208 p+=len;
209 if (BIO_write(bp,"\n",1) <= 0) goto end;
210 }
211 else
212 {
213 nl=0;
214 if ( (tag == V_ASN1_PRINTABLESTRING) ||
215 (tag == V_ASN1_T61STRING) ||
216 (tag == V_ASN1_IA5STRING) ||
217 (tag == V_ASN1_VISIBLESTRING) ||
218 (tag == V_ASN1_UTCTIME) ||
219 (tag == V_ASN1_GENERALIZEDTIME))
220 {
221 if (BIO_write(bp,":",1) <= 0) goto end;
222 if ((len > 0) &&
223 BIO_write(bp,(char *)p,(int)len)
224 != (int)len)
225 goto end;
226 }
227 else if (tag == V_ASN1_OBJECT)
228 {
229 opp=op;
230 if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL)
231 {
232 if (BIO_write(bp,":",1) <= 0) goto end;
233 i2a_ASN1_OBJECT(bp,o);
234 }
235 else
236 {
237 if (BIO_write(bp,":BAD OBJECT",11) <= 0)
238 goto end;
239 }
240 }
241 else if (tag == V_ASN1_BOOLEAN)
242 {
243 int ii;
244
245 opp=op;
246 ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
247 if (ii < 0)
248 {
249 if (BIO_write(bp,"Bad boolean\n",12))
250 goto end;
251 }
252 BIO_printf(bp,":%d",ii);
253 }
254 else if (tag == V_ASN1_BMPSTRING)
255 {
256 /* do the BMP thang */
257 }
258 else if (tag == V_ASN1_OCTET_STRING)
259 {
260 int i,printable=1;
261
262 opp=op;
263 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
264 if (os != NULL)
265 {
266 opp=os->data;
267 for (i=0; i<os->length; i++)
268 {
269 if (( (opp[i] < ' ') &&
270 (opp[i] != '\n') &&
271 (opp[i] != '\r') &&
272 (opp[i] != '\t')) ||
273 (opp[i] > '~'))
274 {
275 printable=0;
276 break;
277 }
278 }
279 if (printable && (os->length > 0))
280 {
281 if (BIO_write(bp,":",1) <= 0)
282 goto end;
283 if (BIO_write(bp,(char *)opp,
284 os->length) <= 0)
285 goto end;
286 }
287 if (!printable && (os->length > 0)
288 && dump)
289 {
290 if (!nl)
291 {
292 if (BIO_write(bp,"\n",1) <= 0)
293 goto end;
294 }
295 if (BIO_dump_indent(bp,(char *)opp,
296 ((dump == -1 || dump > os->length)?os->length:dump),
297 dump_indent) <= 0)
298 goto end;
299 nl=1;
300 }
301 M_ASN1_OCTET_STRING_free(os);
302 os=NULL;
303 }
304 }
305 else if (tag == V_ASN1_INTEGER)
306 {
307 ASN1_INTEGER *bs;
308 int i;
309
310 opp=op;
311 bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
312 if (bs != NULL)
313 {
314 if (BIO_write(bp,":",1) <= 0) goto end;
315 if (bs->type == V_ASN1_NEG_INTEGER)
316 if (BIO_write(bp,"-",1) <= 0)
317 goto end;
318 for (i=0; i<bs->length; i++)
319 {
320 if (BIO_printf(bp,"%02X",
321 bs->data[i]) <= 0)
322 goto end;
323 }
324 if (bs->length == 0)
325 {
326 if (BIO_write(bp,"00",2) <= 0)
327 goto end;
328 }
329 }
330 else
331 {
332 if (BIO_write(bp,"BAD INTEGER",11) <= 0)
333 goto end;
334 }
335 M_ASN1_INTEGER_free(bs);
336 }
337 else if (tag == V_ASN1_ENUMERATED)
338 {
339 ASN1_ENUMERATED *bs;
340 int i;
341
342 opp=op;
343 bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl);
344 if (bs != NULL)
345 {
346 if (BIO_write(bp,":",1) <= 0) goto end;
347 if (bs->type == V_ASN1_NEG_ENUMERATED)
348 if (BIO_write(bp,"-",1) <= 0)
349 goto end;
350 for (i=0; i<bs->length; i++)
351 {
352 if (BIO_printf(bp,"%02X",
353 bs->data[i]) <= 0)
354 goto end;
355 }
356 if (bs->length == 0)
357 {
358 if (BIO_write(bp,"00",2) <= 0)
359 goto end;
360 }
361 }
362 else
363 {
364 if (BIO_write(bp,"BAD ENUMERATED",11) <= 0)
365 goto end;
366 }
367 M_ASN1_ENUMERATED_free(bs);
368 }
369 else if (len > 0 && dump)
370 {
371 if (!nl)
372 {
373 if (BIO_write(bp,"\n",1) <= 0)
374 goto end;
375 }
376 if (BIO_dump_indent(bp,(char *)p,
377 ((dump == -1 || dump > len)?len:dump),
378 dump_indent) <= 0)
379 goto end;
380 nl=1;
381 }
382
383 if (!nl)
384 {
385 if (BIO_write(bp,"\n",1) <= 0) goto end;
386 }
387 p+=len;
388 if ((tag == V_ASN1_EOC) && (xclass == 0))
389 {
390 ret=2; /* End of sequence */
391 goto end;
392 }
393 }
394 length-=len;
395 }
396 ret=1;
397end:
398 if (o != NULL) ASN1_OBJECT_free(o);
399 if (os != NULL) M_ASN1_OCTET_STRING_free(os);
400 *pp=p;
401 return(ret);
402 }
403
404const char *ASN1_tag2str(int tag)
405{
406 const static char *tag2str[] = {
407 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
408 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
409 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */
410 "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET", /* 15-17 */
411 "NUMERICSTRING", "PRINTABLESTRING", "T61STRING", /* 18-20 */
412 "VIDEOTEXSTRING", "IA5STRING", "UTCTIME","GENERALIZEDTIME", /* 21-24 */
413 "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", /* 25-27 */
414 "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING" /* 28-30 */
415 };
416
417 if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
418 tag &= ~0x100;
419
420 if(tag < 0 || tag > 30) return "(unknown)";
421 return tag2str[tag];
422}
423
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c
deleted file mode 100644
index bdf5f130b3..0000000000
--- a/src/lib/libcrypto/asn1/asn_pack.c
+++ /dev/null
@@ -1,145 +0,0 @@
1/* asn_pack.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62
63/* ASN1 packing and unpacking functions */
64
65/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
66
67STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
68 void (*free_func)(void *))
69{
70 STACK *sk;
71 unsigned char *pbuf;
72 pbuf = buf;
73 if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
74 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
75 ASN1err(ASN1_F_ASN1_SEQ_UNPACK,ASN1_R_DECODE_ERROR);
76 return sk;
77}
78
79/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
80 * OPENSSL_malloc'ed buffer
81 */
82
83unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
84 int *len)
85{
86 int safelen;
87 unsigned char *safe, *p;
88 if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
89 V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
90 ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR);
91 return NULL;
92 }
93 if (!(safe = OPENSSL_malloc (safelen))) {
94 ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE);
95 return NULL;
96 }
97 p = safe;
98 i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
99 IS_SEQUENCE);
100 if (len) *len = safelen;
101 if (buf) *buf = safe;
102 return safe;
103}
104
105/* Extract an ASN1 object from an ASN1_STRING */
106
107void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
108{
109 unsigned char *p;
110 char *ret;
111
112 p = oct->data;
113 if(!(ret = d2i(NULL, &p, oct->length)))
114 ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
115 return ret;
116}
117
118/* Pack an ASN1 object into an ASN1_STRING */
119
120ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct)
121{
122 unsigned char *p;
123 ASN1_STRING *octmp;
124
125 if (!oct || !*oct) {
126 if (!(octmp = ASN1_STRING_new ())) {
127 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
128 return NULL;
129 }
130 if (oct) *oct = octmp;
131 } else octmp = *oct;
132
133 if (!(octmp->length = i2d(obj, NULL))) {
134 ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
135 return NULL;
136 }
137 if (!(p = OPENSSL_malloc (octmp->length))) {
138 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
139 return NULL;
140 }
141 octmp->data = p;
142 i2d (obj, &p);
143 return octmp;
144}
145
diff --git a/src/lib/libcrypto/asn1/charmap.h b/src/lib/libcrypto/asn1/charmap.h
deleted file mode 100644
index bd020a9562..0000000000
--- a/src/lib/libcrypto/asn1/charmap.h
+++ /dev/null
@@ -1,15 +0,0 @@
1/* Auto generated with chartype.pl script.
2 * Mask of various character properties
3 */
4
5static unsigned char char_type[] = {
6 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
7 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
8120, 0, 1,40, 0, 0, 0,16,16,16, 0,25,25,16,16,16,
916,16,16,16,16,16,16,16,16,16,16, 9, 9,16, 9,16,
10 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,
1116,16,16,16,16,16,16,16,16,16,16, 0, 1, 0, 0, 0,
12 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,
1316,16,16,16,16,16,16,16,16,16,16, 0, 0, 0, 0, 2
14};
15
diff --git a/src/lib/libcrypto/asn1/charmap.pl b/src/lib/libcrypto/asn1/charmap.pl
deleted file mode 100644
index 2875c59867..0000000000
--- a/src/lib/libcrypto/asn1/charmap.pl
+++ /dev/null
@@ -1,80 +0,0 @@
1#!/usr/local/bin/perl -w
2
3use strict;
4
5my ($i, @arr);
6
7# Set up an array with the type of ASCII characters
8# Each set bit represents a character property.
9
10# RFC2253 character properties
11my $RFC2253_ESC = 1; # Character escaped with \
12my $ESC_CTRL = 2; # Escaped control character
13# These are used with RFC1779 quoting using "
14my $NOESC_QUOTE = 8; # Not escaped if quoted
15my $PSTRING_CHAR = 0x10; # Valid PrintableString character
16my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
17my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character
18
19for($i = 0; $i < 128; $i++) {
20 # Set the RFC2253 escape characters (control)
21 $arr[$i] = 0;
22 if(($i < 32) || ($i > 126)) {
23 $arr[$i] |= $ESC_CTRL;
24 }
25
26 # Some PrintableString characters
27 if( ( ( $i >= ord("a")) && ( $i <= ord("z")) )
28 || ( ( $i >= ord("A")) && ( $i <= ord("Z")) )
29 || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) {
30 $arr[$i] |= $PSTRING_CHAR;
31 }
32}
33
34# Now setup the rest
35
36# Remaining RFC2253 escaped characters
37
38$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
39$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;
40
41$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC;
42$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC;
43$arr[ord("\"")] |= $RFC2253_ESC;
44$arr[ord("\\")] |= $RFC2253_ESC;
45$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
46$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
47$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
48
49# Remaining PrintableString characters
50
51$arr[ord(" ")] |= $PSTRING_CHAR;
52$arr[ord("'")] |= $PSTRING_CHAR;
53$arr[ord("(")] |= $PSTRING_CHAR;
54$arr[ord(")")] |= $PSTRING_CHAR;
55$arr[ord("+")] |= $PSTRING_CHAR;
56$arr[ord(",")] |= $PSTRING_CHAR;
57$arr[ord("-")] |= $PSTRING_CHAR;
58$arr[ord(".")] |= $PSTRING_CHAR;
59$arr[ord("/")] |= $PSTRING_CHAR;
60$arr[ord(":")] |= $PSTRING_CHAR;
61$arr[ord("=")] |= $PSTRING_CHAR;
62$arr[ord("?")] |= $PSTRING_CHAR;
63
64# Now generate the C code
65
66print <<EOF;
67/* Auto generated with chartype.pl script.
68 * Mask of various character properties
69 */
70
71static unsigned char char_type[] = {
72EOF
73
74for($i = 0; $i < 128; $i++) {
75 print("\n") if($i && (($i % 16) == 0));
76 printf("%2d", $arr[$i]);
77 print(",") if ($i != 127);
78}
79print("\n};\n\n");
80
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
deleted file mode 100644
index c92b8325d8..0000000000
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ /dev/null
@@ -1,137 +0,0 @@
1/* crypto/asn1/d2i_pr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/asn1.h>
65
66EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
67 long length)
68 {
69 EVP_PKEY *ret;
70
71 if ((a == NULL) || (*a == NULL))
72 {
73 if ((ret=EVP_PKEY_new()) == NULL)
74 {
75 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
76 return(NULL);
77 }
78 }
79 else ret= *a;
80
81 ret->save_type=type;
82 ret->type=EVP_PKEY_type(type);
83 switch (ret->type)
84 {
85#ifndef NO_RSA
86 case EVP_PKEY_RSA:
87 if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL)
88 {
89 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
90 goto err;
91 }
92 break;
93#endif
94#ifndef NO_DSA
95 case EVP_PKEY_DSA:
96 if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL)
97 {
98 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
99 goto err;
100 }
101 break;
102#endif
103 default:
104 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
105 goto err;
106 /* break; */
107 }
108 if (a != NULL) (*a)=ret;
109 return(ret);
110err:
111 if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
112 return(NULL);
113 }
114
115/* This works like d2i_PrivateKey() except it automatically works out the type */
116
117EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
118 long length)
119{
120 STACK_OF(ASN1_TYPE) *inkey;
121 unsigned char *p;
122 int keytype;
123 p = *pp;
124 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
125 * by analyzing it we can determine the passed structure: this
126 * assumes the input is surrounded by an ASN1 SEQUENCE.
127 */
128 inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE,
129 ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
130 /* Since we only need to discern "traditional format" RSA and DSA
131 * keys we can just count the elements.
132 */
133 if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA;
134 else keytype = EVP_PKEY_RSA;
135 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
136 return d2i_PrivateKey(keytype, a, pp, length);
137}
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c
deleted file mode 100644
index e0d203cef7..0000000000
--- a/src/lib/libcrypto/asn1/d2i_pu.c
+++ /dev/null
@@ -1,114 +0,0 @@
1/* crypto/asn1/d2i_pu.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/asn1.h>
65
66EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
67 long length)
68 {
69 EVP_PKEY *ret;
70
71 if ((a == NULL) || (*a == NULL))
72 {
73 if ((ret=EVP_PKEY_new()) == NULL)
74 {
75 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
76 return(NULL);
77 }
78 }
79 else ret= *a;
80
81 ret->save_type=type;
82 ret->type=EVP_PKEY_type(type);
83 switch (ret->type)
84 {
85#ifndef NO_RSA
86 case EVP_PKEY_RSA:
87 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL)
88 {
89 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
90 goto err;
91 }
92 break;
93#endif
94#ifndef NO_DSA
95 case EVP_PKEY_DSA:
96 if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL)
97 {
98 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
99 goto err;
100 }
101 break;
102#endif
103 default:
104 ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
105 goto err;
106 /* break; */
107 }
108 if (a != NULL) (*a)=ret;
109 return(ret);
110err:
111 if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
112 return(NULL);
113 }
114
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
deleted file mode 100644
index 3506005a71..0000000000
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ /dev/null
@@ -1,185 +0,0 @@
1/* crypto/asn1/evp_asn1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/asn1_mac.h>
63
64int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
65 {
66 ASN1_STRING *os;
67
68 if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
69 if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
70 ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
71 return(1);
72 }
73
74/* int max_len: for returned value */
75int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data,
76 int max_len)
77 {
78 int ret,num;
79 unsigned char *p;
80
81 if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL))
82 {
83 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
84 return(-1);
85 }
86 p=M_ASN1_STRING_data(a->value.octet_string);
87 ret=M_ASN1_STRING_length(a->value.octet_string);
88 if (ret < max_len)
89 num=ret;
90 else
91 num=max_len;
92 memcpy(data,p,num);
93 return(ret);
94 }
95
96int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
97 int len)
98 {
99 int n,size;
100 ASN1_OCTET_STRING os,*osp;
101 ASN1_INTEGER in;
102 unsigned char *p;
103 unsigned char buf[32]; /* when they have 256bit longs,
104 * I'll be in trouble */
105 in.data=buf;
106 in.length=32;
107 os.data=data;
108 os.type=V_ASN1_OCTET_STRING;
109 os.length=len;
110 ASN1_INTEGER_set(&in,num);
111 n = i2d_ASN1_INTEGER(&in,NULL);
112 n+=M_i2d_ASN1_OCTET_STRING(&os,NULL);
113
114 size=ASN1_object_size(1,n,V_ASN1_SEQUENCE);
115
116 if ((osp=ASN1_STRING_new()) == NULL) return(0);
117 /* Grow the 'string' */
118 ASN1_STRING_set(osp,NULL,size);
119
120 M_ASN1_STRING_length_set(osp, size);
121 p=M_ASN1_STRING_data(osp);
122
123 ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
124 i2d_ASN1_INTEGER(&in,&p);
125 M_i2d_ASN1_OCTET_STRING(&os,&p);
126
127 ASN1_TYPE_set(a,V_ASN1_SEQUENCE,osp);
128 return(1);
129 }
130
131/* we return the actual length..., num may be missing, in which
132 * case, set it to zero */
133/* int max_len: for returned value */
134int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
135 int max_len)
136 {
137 int ret= -1,n;
138 ASN1_INTEGER *ai=NULL;
139 ASN1_OCTET_STRING *os=NULL;
140 unsigned char *p;
141 long length;
142 ASN1_CTX c;
143
144 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL))
145 {
146 goto err;
147 }
148 p=M_ASN1_STRING_data(a->value.sequence);
149 length=M_ASN1_STRING_length(a->value.sequence);
150
151 c.pp= &p;
152 c.p=p;
153 c.max=p+length;
154 c.error=ASN1_R_DATA_IS_WRONG;
155
156 M_ASN1_D2I_start_sequence();
157 c.q=c.p;
158 if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err;
159 c.slen-=(c.p-c.q);
160 c.q=c.p;
161 if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err;
162 c.slen-=(c.p-c.q);
163 if (!M_ASN1_D2I_end_sequence()) goto err;
164
165 if (num != NULL)
166 *num=ASN1_INTEGER_get(ai);
167
168 ret=M_ASN1_STRING_length(os);
169 if (max_len > ret)
170 n=ret;
171 else
172 n=max_len;
173
174 if (data != NULL)
175 memcpy(data,M_ASN1_STRING_data(os),n);
176 if (0)
177 {
178err:
179 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
180 }
181 if (os != NULL) M_ASN1_OCTET_STRING_free(os);
182 if (ai != NULL) M_ASN1_INTEGER_free(ai);
183 return(ret);
184 }
185
diff --git a/src/lib/libcrypto/asn1/f_enum.c b/src/lib/libcrypto/asn1/f_enum.c
deleted file mode 100644
index 56e3cc8df2..0000000000
--- a/src/lib/libcrypto/asn1/f_enum.c
+++ /dev/null
@@ -1,207 +0,0 @@
1/* crypto/asn1/f_enum.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/asn1.h>
63
64/* Based on a_int.c: equivalent ENUMERATED functions */
65
66int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
67 {
68 int i,n=0;
69 static const char *h="0123456789ABCDEF";
70 char buf[2];
71
72 if (a == NULL) return(0);
73
74 if (a->length == 0)
75 {
76 if (BIO_write(bp,"00",2) != 2) goto err;
77 n=2;
78 }
79 else
80 {
81 for (i=0; i<a->length; i++)
82 {
83 if ((i != 0) && (i%35 == 0))
84 {
85 if (BIO_write(bp,"\\\n",2) != 2) goto err;
86 n+=2;
87 }
88 buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
89 buf[1]=h[((unsigned char)a->data[i] )&0x0f];
90 if (BIO_write(bp,buf,2) != 2) goto err;
91 n+=2;
92 }
93 }
94 return(n);
95err:
96 return(-1);
97 }
98
99int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
100 {
101 int ret=0;
102 int i,j,k,m,n,again,bufsize;
103 unsigned char *s=NULL,*sp;
104 unsigned char *bufp;
105 int num=0,slen=0,first=1;
106
107 bs->type=V_ASN1_ENUMERATED;
108
109 bufsize=BIO_gets(bp,buf,size);
110 for (;;)
111 {
112 if (bufsize < 1) goto err_sl;
113 i=bufsize;
114 if (buf[i-1] == '\n') buf[--i]='\0';
115 if (i == 0) goto err_sl;
116 if (buf[i-1] == '\r') buf[--i]='\0';
117 if (i == 0) goto err_sl;
118 again=(buf[i-1] == '\\');
119
120 for (j=0; j<i; j++)
121 {
122 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
123 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
124 ((buf[j] >= 'A') && (buf[j] <= 'F'))))
125 {
126 i=j;
127 break;
128 }
129 }
130 buf[i]='\0';
131 /* We have now cleared all the crap off the end of the
132 * line */
133 if (i < 2) goto err_sl;
134
135 bufp=(unsigned char *)buf;
136 if (first)
137 {
138 first=0;
139 if ((bufp[0] == '0') && (buf[1] == '0'))
140 {
141 bufp+=2;
142 i-=2;
143 }
144 }
145 k=0;
146 i-=again;
147 if (i%2 != 0)
148 {
149 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS);
150 goto err;
151 }
152 i/=2;
153 if (num+i > slen)
154 {
155 if (s == NULL)
156 sp=(unsigned char *)OPENSSL_malloc(
157 (unsigned int)num+i*2);
158 else
159 sp=(unsigned char *)OPENSSL_realloc(s,
160 (unsigned int)num+i*2);
161 if (sp == NULL)
162 {
163 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
164 if (s != NULL) OPENSSL_free(s);
165 goto err;
166 }
167 s=sp;
168 slen=num+i*2;
169 }
170 for (j=0; j<i; j++,k+=2)
171 {
172 for (n=0; n<2; n++)
173 {
174 m=bufp[k+n];
175 if ((m >= '0') && (m <= '9'))
176 m-='0';
177 else if ((m >= 'a') && (m <= 'f'))
178 m=m-'a'+10;
179 else if ((m >= 'A') && (m <= 'F'))
180 m=m-'A'+10;
181 else
182 {
183 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS);
184 goto err;
185 }
186 s[num+j]<<=4;
187 s[num+j]|=m;
188 }
189 }
190 num+=i;
191 if (again)
192 bufsize=BIO_gets(bp,buf,size);
193 else
194 break;
195 }
196 bs->length=num;
197 bs->data=s;
198 ret=1;
199err:
200 if (0)
201 {
202err_sl:
203 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE);
204 }
205 return(ret);
206 }
207
diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c
deleted file mode 100644
index 6b090f6740..0000000000
--- a/src/lib/libcrypto/asn1/f_int.c
+++ /dev/null
@@ -1,214 +0,0 @@
1/* crypto/asn1/f_int.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/asn1.h>
63
64int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
65 {
66 int i,n=0;
67 static const char *h="0123456789ABCDEF";
68 char buf[2];
69
70 if (a == NULL) return(0);
71
72 if (a->length == 0)
73 {
74 if (BIO_write(bp,"00",2) != 2) goto err;
75 n=2;
76 }
77 else
78 {
79 for (i=0; i<a->length; i++)
80 {
81 if ((i != 0) && (i%35 == 0))
82 {
83 if (BIO_write(bp,"\\\n",2) != 2) goto err;
84 n+=2;
85 }
86 buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
87 buf[1]=h[((unsigned char)a->data[i] )&0x0f];
88 if (BIO_write(bp,buf,2) != 2) goto err;
89 n+=2;
90 }
91 }
92 return(n);
93err:
94 return(-1);
95 }
96
97int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
98 {
99 int ret=0;
100 int i,j,k,m,n,again,bufsize;
101 unsigned char *s=NULL,*sp;
102 unsigned char *bufp;
103 int num=0,slen=0,first=1;
104
105 bs->type=V_ASN1_INTEGER;
106
107 bufsize=BIO_gets(bp,buf,size);
108 for (;;)
109 {
110 if (bufsize < 1) goto err_sl;
111 i=bufsize;
112 if (buf[i-1] == '\n') buf[--i]='\0';
113 if (i == 0) goto err_sl;
114 if (buf[i-1] == '\r') buf[--i]='\0';
115 if (i == 0) goto err_sl;
116 again=(buf[i-1] == '\\');
117
118 for (j=0; j<i; j++)
119 {
120#ifndef CHARSET_EBCDIC
121 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
122 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
123 ((buf[j] >= 'A') && (buf[j] <= 'F'))))
124#else
125 /* This #ifdef is not strictly necessary, since
126 * the characters A...F a...f 0...9 are contiguous
127 * (yes, even in EBCDIC - but not the whole alphabet).
128 * Nevertheless, isxdigit() is faster.
129 */
130 if (!isxdigit(buf[j]))
131#endif
132 {
133 i=j;
134 break;
135 }
136 }
137 buf[i]='\0';
138 /* We have now cleared all the crap off the end of the
139 * line */
140 if (i < 2) goto err_sl;
141
142 bufp=(unsigned char *)buf;
143 if (first)
144 {
145 first=0;
146 if ((bufp[0] == '0') && (buf[1] == '0'))
147 {
148 bufp+=2;
149 i-=2;
150 }
151 }
152 k=0;
153 i-=again;
154 if (i%2 != 0)
155 {
156 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
157 goto err;
158 }
159 i/=2;
160 if (num+i > slen)
161 {
162 if (s == NULL)
163 sp=(unsigned char *)OPENSSL_malloc(
164 (unsigned int)num+i*2);
165 else
166 sp=(unsigned char *)OPENSSL_realloc(s,
167 (unsigned int)num+i*2);
168 if (sp == NULL)
169 {
170 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
171 if (s != NULL) OPENSSL_free(s);
172 goto err;
173 }
174 s=sp;
175 slen=num+i*2;
176 }
177 for (j=0; j<i; j++,k+=2)
178 {
179 for (n=0; n<2; n++)
180 {
181 m=bufp[k+n];
182 if ((m >= '0') && (m <= '9'))
183 m-='0';
184 else if ((m >= 'a') && (m <= 'f'))
185 m=m-'a'+10;
186 else if ((m >= 'A') && (m <= 'F'))
187 m=m-'A'+10;
188 else
189 {
190 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
191 goto err;
192 }
193 s[num+j]<<=4;
194 s[num+j]|=m;
195 }
196 }
197 num+=i;
198 if (again)
199 bufsize=BIO_gets(bp,buf,size);
200 else
201 break;
202 }
203 bs->length=num;
204 bs->data=s;
205 ret=1;
206err:
207 if (0)
208 {
209err_sl:
210 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
211 }
212 return(ret);
213 }
214
diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c
deleted file mode 100644
index 968698a798..0000000000
--- a/src/lib/libcrypto/asn1/f_string.c
+++ /dev/null
@@ -1,212 +0,0 @@
1/* crypto/asn1/f_string.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/asn1.h>
63
64int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
65 {
66 int i,n=0;
67 static const char *h="0123456789ABCDEF";
68 char buf[2];
69
70 if (a == NULL) return(0);
71
72 if (a->length == 0)
73 {
74 if (BIO_write(bp,"0",1) != 1) goto err;
75 n=1;
76 }
77 else
78 {
79 for (i=0; i<a->length; i++)
80 {
81 if ((i != 0) && (i%35 == 0))
82 {
83 if (BIO_write(bp,"\\\n",2) != 2) goto err;
84 n+=2;
85 }
86 buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
87 buf[1]=h[((unsigned char)a->data[i] )&0x0f];
88 if (BIO_write(bp,buf,2) != 2) goto err;
89 n+=2;
90 }
91 }
92 return(n);
93err:
94 return(-1);
95 }
96
97int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
98 {
99 int ret=0;
100 int i,j,k,m,n,again,bufsize;
101 unsigned char *s=NULL,*sp;
102 unsigned char *bufp;
103 int num=0,slen=0,first=1;
104
105 bufsize=BIO_gets(bp,buf,size);
106 for (;;)
107 {
108 if (bufsize < 1)
109 {
110 if (first)
111 break;
112 else
113 goto err_sl;
114 }
115 first=0;
116
117 i=bufsize;
118 if (buf[i-1] == '\n') buf[--i]='\0';
119 if (i == 0) goto err_sl;
120 if (buf[i-1] == '\r') buf[--i]='\0';
121 if (i == 0) goto err_sl;
122 again=(buf[i-1] == '\\');
123
124 for (j=i-1; j>0; j--)
125 {
126#ifndef CHARSET_EBCDIC
127 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
128 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
129 ((buf[j] >= 'A') && (buf[j] <= 'F'))))
130#else
131 /* This #ifdef is not strictly necessary, since
132 * the characters A...F a...f 0...9 are contiguous
133 * (yes, even in EBCDIC - but not the whole alphabet).
134 * Nevertheless, isxdigit() is faster.
135 */
136 if (!isxdigit(buf[j]))
137#endif
138 {
139 i=j;
140 break;
141 }
142 }
143 buf[i]='\0';
144 /* We have now cleared all the crap off the end of the
145 * line */
146 if (i < 2) goto err_sl;
147
148 bufp=(unsigned char *)buf;
149
150 k=0;
151 i-=again;
152 if (i%2 != 0)
153 {
154 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
155 goto err;
156 }
157 i/=2;
158 if (num+i > slen)
159 {
160 if (s == NULL)
161 sp=(unsigned char *)OPENSSL_malloc(
162 (unsigned int)num+i*2);
163 else
164 sp=(unsigned char *)OPENSSL_realloc(s,
165 (unsigned int)num+i*2);
166 if (sp == NULL)
167 {
168 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
169 if (s != NULL) OPENSSL_free(s);
170 goto err;
171 }
172 s=sp;
173 slen=num+i*2;
174 }
175 for (j=0; j<i; j++,k+=2)
176 {
177 for (n=0; n<2; n++)
178 {
179 m=bufp[k+n];
180 if ((m >= '0') && (m <= '9'))
181 m-='0';
182 else if ((m >= 'a') && (m <= 'f'))
183 m=m-'a'+10;
184 else if ((m >= 'A') && (m <= 'F'))
185 m=m-'A'+10;
186 else
187 {
188 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
189 goto err;
190 }
191 s[num+j]<<=4;
192 s[num+j]|=m;
193 }
194 }
195 num+=i;
196 if (again)
197 bufsize=BIO_gets(bp,buf,size);
198 else
199 break;
200 }
201 bs->length=num;
202 bs->data=s;
203 ret=1;
204err:
205 if (0)
206 {
207err_sl:
208 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
209 }
210 return(ret);
211 }
212
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c
deleted file mode 100644
index 71d6910204..0000000000
--- a/src/lib/libcrypto/asn1/i2d_pr.c
+++ /dev/null
@@ -1,84 +0,0 @@
1/* crypto/asn1/i2d_pr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64
65int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
66 {
67#ifndef NO_RSA
68 if (a->type == EVP_PKEY_RSA)
69 {
70 return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
71 }
72 else
73#endif
74#ifndef NO_DSA
75 if (a->type == EVP_PKEY_DSA)
76 {
77 return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
78 }
79#endif
80
81 ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
82 return(-1);
83 }
84
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c
deleted file mode 100644
index 8f73d37d03..0000000000
--- a/src/lib/libcrypto/asn1/i2d_pu.c
+++ /dev/null
@@ -1,82 +0,0 @@
1/* crypto/asn1/i2d_pu.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64
65int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
66 {
67 switch (a->type)
68 {
69#ifndef NO_RSA
70 case EVP_PKEY_RSA:
71 return(i2d_RSAPublicKey(a->pkey.rsa,pp));
72#endif
73#ifndef NO_DSA
74 case EVP_PKEY_DSA:
75 return(i2d_DSAPublicKey(a->pkey.dsa,pp));
76#endif
77 default:
78 ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
79 return(-1);
80 }
81 }
82
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
deleted file mode 100644
index 9840193538..0000000000
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ /dev/null
@@ -1,388 +0,0 @@
1/* crypto/asn1/n_pkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RSA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/rsa.h>
63#include <openssl/objects.h>
64#include <openssl/asn1_mac.h>
65#include <openssl/evp.h>
66#include <openssl/x509.h>
67
68
69#ifndef NO_RC4
70
71typedef struct netscape_pkey_st
72 {
73 ASN1_INTEGER *version;
74 X509_ALGOR *algor;
75 ASN1_OCTET_STRING *private_key;
76 } NETSCAPE_PKEY;
77
78static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
79static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
80static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
81static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
82
83int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)())
84{
85 return i2d_RSA_NET(a, pp, cb, 0);
86}
87
88int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
89 {
90 int i,j,l[6];
91 NETSCAPE_PKEY *pkey;
92 unsigned char buf[256],*zz;
93 unsigned char key[EVP_MAX_KEY_LENGTH];
94 EVP_CIPHER_CTX ctx;
95 X509_ALGOR *alg=NULL;
96 ASN1_OCTET_STRING os,os2;
97 M_ASN1_I2D_vars(a);
98
99 if (a == NULL) return(0);
100
101#ifdef WIN32
102 r=r; /* shut the damn compiler up :-) */
103#endif
104
105 os.data=os2.data=NULL;
106 if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
107 if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
108
109 if (pkey->algor->algorithm != NULL)
110 ASN1_OBJECT_free(pkey->algor->algorithm);
111 pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
112 if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
113 pkey->algor->parameter->type=V_ASN1_NULL;
114
115 l[0]=i2d_RSAPrivateKey(a,NULL);
116 pkey->private_key->length=l[0];
117
118 os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
119 l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
120
121 if ((alg=X509_ALGOR_new()) == NULL) goto err;
122 if (alg->algorithm != NULL)
123 ASN1_OBJECT_free(alg->algorithm);
124 alg->algorithm=OBJ_nid2obj(NID_rc4);
125 if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
126 alg->parameter->type=V_ASN1_NULL;
127
128 l[2]=i2d_X509_ALGOR(alg,NULL);
129 l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
130
131#ifndef CONST_STRICT
132 os.data=(unsigned char *)"private-key";
133#endif
134 os.length=11;
135 l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
136
137 l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
138
139 if (pp == NULL)
140 {
141 if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
142 if (alg != NULL) X509_ALGOR_free(alg);
143 return(l[5]);
144 }
145
146 if (pkey->private_key->data != NULL)
147 OPENSSL_free(pkey->private_key->data);
148 if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL)
149 {
150 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
151 goto err;
152 }
153 zz=pkey->private_key->data;
154 i2d_RSAPrivateKey(a,&zz);
155
156 if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL)
157 {
158 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
159 goto err;
160 }
161 zz=os2.data;
162 i2d_NETSCAPE_PKEY(pkey,&zz);
163
164 if (cb == NULL)
165 cb=EVP_read_pw_string;
166 i=cb(buf,256,"Enter Private Key password:",1);
167 if (i != 0)
168 {
169 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
170 goto err;
171 }
172 i = strlen((char *)buf);
173 /* If the key is used for SGC the algorithm is modified a little. */
174 if(sgckey){
175 EVP_MD_CTX mctx;
176 EVP_DigestInit(&mctx, EVP_md5());
177 EVP_DigestUpdate(&mctx, buf, i);
178 EVP_DigestFinal(&mctx, buf, NULL);
179 memcpy(buf + 16, "SGCKEYSALT", 10);
180 i = 26;
181 }
182
183 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
184 memset(buf,0,256);
185
186 EVP_CIPHER_CTX_init(&ctx);
187 EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
188 EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
189 EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
190 EVP_CIPHER_CTX_cleanup(&ctx);
191
192 p= *pp;
193 ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
194 i2d_ASN1_OCTET_STRING(&os,&p);
195 ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
196 i2d_X509_ALGOR(alg,&p);
197 i2d_ASN1_OCTET_STRING(&os2,&p);
198 ret=l[5];
199err:
200 if (os2.data != NULL) OPENSSL_free(os2.data);
201 if (alg != NULL) X509_ALGOR_free(alg);
202 if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
203 r=r;
204 return(ret);
205 }
206
207
208RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)())
209{
210 return d2i_RSA_NET(a, pp, length, cb, 0);
211}
212
213RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey)
214 {
215 RSA *ret=NULL;
216 ASN1_OCTET_STRING *os=NULL;
217 ASN1_CTX c;
218
219 c.pp=pp;
220 c.error=ASN1_R_DECODING_ERROR;
221
222 M_ASN1_D2I_Init();
223 M_ASN1_D2I_start_sequence();
224 M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
225 if ((os->length != 11) || (strncmp("private-key",
226 (char *)os->data,os->length) != 0))
227 {
228 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
229 M_ASN1_BIT_STRING_free(os);
230 goto err;
231 }
232 M_ASN1_BIT_STRING_free(os);
233 c.q=c.p;
234 if ((ret=d2i_RSA_NET_2(a,&c.p,c.slen,cb, sgckey)) == NULL) goto err;
235 /* Note: some versions of IIS key files use length values that are
236 * too small for the surrounding SEQUENCEs. This following line
237 * effectively disable length checking.
238 */
239 c.slen = 0;
240
241 M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
242 }
243
244RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
245 int (*cb)())
246{
247 return d2i_RSA_NET_2(a, pp, length, cb, 0);
248}
249
250RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length,
251 int (*cb)(), int sgckey)
252 {
253 NETSCAPE_PKEY *pkey=NULL;
254 RSA *ret=NULL;
255 int i,j;
256 unsigned char buf[256],*zz;
257 unsigned char key[EVP_MAX_KEY_LENGTH];
258 EVP_CIPHER_CTX ctx;
259 X509_ALGOR *alg=NULL;
260 ASN1_OCTET_STRING *os=NULL;
261 ASN1_CTX c;
262
263 c.error=ERR_R_NESTED_ASN1_ERROR;
264 c.pp=pp;
265
266 M_ASN1_D2I_Init();
267 M_ASN1_D2I_start_sequence();
268 M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
269 if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
270 {
271 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
272 goto err;
273 }
274 M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
275 if (cb == NULL)
276 cb=EVP_read_pw_string;
277 i=cb(buf,256,"Enter Private Key password:",0);
278 if (i != 0)
279 {
280 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
281 goto err;
282 }
283
284 i = strlen((char *)buf);
285 if(sgckey){
286 EVP_MD_CTX mctx;
287 EVP_DigestInit(&mctx, EVP_md5());
288 EVP_DigestUpdate(&mctx, buf, i);
289 EVP_DigestFinal(&mctx, buf, NULL);
290 memcpy(buf + 16, "SGCKEYSALT", 10);
291 i = 26;
292 }
293
294 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
295 memset(buf,0,256);
296
297 EVP_CIPHER_CTX_init(&ctx);
298 EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
299 EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
300 EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
301 EVP_CIPHER_CTX_cleanup(&ctx);
302 os->length=i+j;
303
304 zz=os->data;
305
306 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
307 {
308 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
309 goto err;
310 }
311
312 zz=pkey->private_key->data;
313 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
314 {
315 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
316 goto err;
317 }
318 if (!asn1_Finish(&c)) goto err;
319 *pp=c.p;
320err:
321 if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
322 if (os != NULL) M_ASN1_BIT_STRING_free(os);
323 if (alg != NULL) X509_ALGOR_free(alg);
324 return(ret);
325 }
326
327static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp)
328 {
329 M_ASN1_I2D_vars(a);
330
331
332 M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
333 M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
334 M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING);
335
336 M_ASN1_I2D_seq_total();
337
338 M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
339 M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
340 M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING);
341
342 M_ASN1_I2D_finish();
343 }
344
345static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp,
346 long length)
347 {
348 M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
349
350 M_ASN1_D2I_Init();
351 M_ASN1_D2I_start_sequence();
352 M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
353 M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
354 M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
355 M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
356 }
357
358static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void)
359 {
360 NETSCAPE_PKEY *ret=NULL;
361 ASN1_CTX c;
362
363 M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
364 M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
365 M_ASN1_New(ret->algor,X509_ALGOR_new);
366 M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new);
367 return(ret);
368 M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
369 }
370
371static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
372 {
373 if (a == NULL) return;
374 M_ASN1_INTEGER_free(a->version);
375 X509_ALGOR_free(a->algor);
376 M_ASN1_OCTET_STRING_free(a->private_key);
377 OPENSSL_free(a);
378 }
379
380#endif /* NO_RC4 */
381
382#else /* !NO_RSA */
383
384# if PEDANTIC
385static void *dummy=&dummy;
386# endif
387
388#endif
diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c
deleted file mode 100644
index 6e7f09ba23..0000000000
--- a/src/lib/libcrypto/asn1/nsseq.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* nsseq.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/asn1_mac.h>
62#include <openssl/err.h>
63#include <openssl/x509.h>
64#include <openssl/objects.h>
65
66/* Netscape certificate sequence structure */
67
68int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp)
69{
70 int v = 0;
71 M_ASN1_I2D_vars(a);
72 M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT);
73 M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
74 V_ASN1_SEQUENCE,v);
75
76 M_ASN1_I2D_seq_total();
77
78 M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
79 M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
80 V_ASN1_SEQUENCE,v);
81
82 M_ASN1_I2D_finish();
83}
84
85NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void)
86{
87 NETSCAPE_CERT_SEQUENCE *ret=NULL;
88 ASN1_CTX c;
89 M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE);
90 /* Note hardcoded object type */
91 ret->type = OBJ_nid2obj(NID_netscape_cert_sequence);
92 ret->certs = NULL;
93 return (ret);
94 M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW);
95}
96
97NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a,
98 unsigned char **pp, long length)
99{
100 M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *,
101 NETSCAPE_CERT_SEQUENCE_new);
102 M_ASN1_D2I_Init();
103 M_ASN1_D2I_start_sequence();
104 M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
105 M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0,
106 V_ASN1_SEQUENCE);
107 M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free,
108 ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE);
109}
110
111void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a)
112{
113 if (a == NULL) return;
114 ASN1_OBJECT_free(a->type);
115 if(a->certs)
116 sk_X509_pop_free(a->certs, X509_free);
117 OPENSSL_free (a);
118}
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
deleted file mode 100644
index b7ed538eb2..0000000000
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ /dev/null
@@ -1,157 +0,0 @@
1/* p5_pbe.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63#include <openssl/rand.h>
64
65/* PKCS#5 password based encryption structure */
66
67int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp)
68{
69 M_ASN1_I2D_vars(a);
70 M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
71 M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
72
73 M_ASN1_I2D_seq_total ();
74
75 M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING);
76 M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
77 M_ASN1_I2D_finish();
78}
79
80PBEPARAM *PBEPARAM_new(void)
81{
82 PBEPARAM *ret=NULL;
83 ASN1_CTX c;
84 M_ASN1_New_Malloc(ret, PBEPARAM);
85 M_ASN1_New(ret->iter,M_ASN1_INTEGER_new);
86 M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new);
87 return (ret);
88 M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
89}
90
91PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
92{
93 M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
94 M_ASN1_D2I_Init();
95 M_ASN1_D2I_start_sequence();
96 M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING);
97 M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
98 M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
99}
100
101void PBEPARAM_free (PBEPARAM *a)
102{
103 if(a==NULL) return;
104 M_ASN1_OCTET_STRING_free(a->salt);
105 M_ASN1_INTEGER_free (a->iter);
106 OPENSSL_free (a);
107}
108
109/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
110
111X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
112 int saltlen)
113{
114 PBEPARAM *pbe;
115 ASN1_OBJECT *al;
116 X509_ALGOR *algor;
117 ASN1_TYPE *astype;
118
119 if (!(pbe = PBEPARAM_new ())) {
120 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
121 return NULL;
122 }
123 if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
124 ASN1_INTEGER_set (pbe->iter, iter);
125 if (!saltlen) saltlen = PKCS5_SALT_LEN;
126 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
127 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
128 return NULL;
129 }
130 pbe->salt->length = saltlen;
131 if (salt) memcpy (pbe->salt->data, salt, saltlen);
132 else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
133 return NULL;
134
135 if (!(astype = ASN1_TYPE_new())) {
136 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
137 return NULL;
138 }
139
140 astype->type = V_ASN1_SEQUENCE;
141 if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
142 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
143 return NULL;
144 }
145 PBEPARAM_free (pbe);
146
147 al = OBJ_nid2obj(alg); /* never need to free al */
148 if (!(algor = X509_ALGOR_new())) {
149 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
150 return NULL;
151 }
152 ASN1_OBJECT_free(algor->algorithm);
153 algor->algorithm = al;
154 algor->parameter = astype;
155
156 return (algor);
157}
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
deleted file mode 100644
index 6a7b578c0e..0000000000
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ /dev/null
@@ -1,282 +0,0 @@
1/* p5_pbev2.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63#include <openssl/rand.h>
64
65/* PKCS#5 v2.0 password based encryption structures */
66
67int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp)
68{
69 M_ASN1_I2D_vars(a);
70 M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR);
71 M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR);
72
73 M_ASN1_I2D_seq_total ();
74
75 M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR);
76 M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR);
77
78 M_ASN1_I2D_finish();
79}
80
81PBE2PARAM *PBE2PARAM_new(void)
82{
83 PBE2PARAM *ret=NULL;
84 ASN1_CTX c;
85 M_ASN1_New_Malloc(ret, PBE2PARAM);
86 M_ASN1_New(ret->keyfunc,X509_ALGOR_new);
87 M_ASN1_New(ret->encryption,X509_ALGOR_new);
88 return (ret);
89 M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW);
90}
91
92PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length)
93{
94 M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new);
95 M_ASN1_D2I_Init();
96 M_ASN1_D2I_start_sequence();
97 M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR);
98 M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR);
99 M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM);
100}
101
102void PBE2PARAM_free (PBE2PARAM *a)
103{
104 if(a==NULL) return;
105 X509_ALGOR_free(a->keyfunc);
106 X509_ALGOR_free(a->encryption);
107 OPENSSL_free (a);
108}
109
110int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp)
111{
112 M_ASN1_I2D_vars(a);
113 M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE);
114 M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
115 M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER);
116 M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR);
117
118 M_ASN1_I2D_seq_total ();
119
120 M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE);
121 M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
122 M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER);
123 M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR);
124
125 M_ASN1_I2D_finish();
126}
127
128PBKDF2PARAM *PBKDF2PARAM_new(void)
129{
130 PBKDF2PARAM *ret=NULL;
131 ASN1_CTX c;
132 M_ASN1_New_Malloc(ret, PBKDF2PARAM);
133 M_ASN1_New(ret->salt, ASN1_TYPE_new);
134 M_ASN1_New(ret->iter, M_ASN1_INTEGER_new);
135 ret->keylength = NULL;
136 ret->prf = NULL;
137 return (ret);
138 M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW);
139}
140
141PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp,
142 long length)
143{
144 M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new);
145 M_ASN1_D2I_Init();
146 M_ASN1_D2I_start_sequence();
147 M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE);
148 M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
149 M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
150 M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE);
151 M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM);
152}
153
154void PBKDF2PARAM_free (PBKDF2PARAM *a)
155{
156 if(a==NULL) return;
157 ASN1_TYPE_free(a->salt);
158 M_ASN1_INTEGER_free(a->iter);
159 M_ASN1_INTEGER_free(a->keylength);
160 X509_ALGOR_free(a->prf);
161 OPENSSL_free (a);
162}
163
164/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
165 * yes I know this is horrible!
166 */
167
168X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
169 unsigned char *salt, int saltlen)
170{
171 X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
172 int alg_nid;
173 EVP_CIPHER_CTX ctx;
174 unsigned char iv[EVP_MAX_IV_LENGTH];
175 PBKDF2PARAM *kdf = NULL;
176 PBE2PARAM *pbe2 = NULL;
177 ASN1_OCTET_STRING *osalt = NULL;
178 ASN1_OBJECT *obj;
179
180 alg_nid = EVP_CIPHER_type(cipher);
181 if(alg_nid == NID_undef) {
182 ASN1err(ASN1_F_PKCS5_PBE2_SET,
183 ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
184 goto err;
185 }
186 obj = OBJ_nid2obj(alg_nid);
187
188 if(!(pbe2 = PBE2PARAM_new())) goto merr;
189
190 /* Setup the AlgorithmIdentifier for the encryption scheme */
191 scheme = pbe2->encryption;
192
193 scheme->algorithm = obj;
194 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
195
196 /* Create random IV */
197 if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
198 goto err;
199
200 /* Dummy cipherinit to just setup the IV */
201 EVP_CipherInit(&ctx, cipher, NULL, iv, 0);
202 if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
203 ASN1err(ASN1_F_PKCS5_PBE2_SET,
204 ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
205 goto err;
206 }
207 EVP_CIPHER_CTX_cleanup(&ctx);
208
209 if(!(kdf = PBKDF2PARAM_new())) goto merr;
210 if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
211
212 if (!saltlen) saltlen = PKCS5_SALT_LEN;
213 if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
214 osalt->length = saltlen;
215 if (salt) memcpy (osalt->data, salt, saltlen);
216 else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
217
218 if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
219 if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
220
221 /* Now include salt in kdf structure */
222 kdf->salt->value.octet_string = osalt;
223 kdf->salt->type = V_ASN1_OCTET_STRING;
224 osalt = NULL;
225
226 /* If its RC2 then we'd better setup the key length */
227
228 if(alg_nid == NID_rc2_cbc) {
229 if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
230 if(!ASN1_INTEGER_set (kdf->keylength,
231 EVP_CIPHER_key_length(cipher))) goto merr;
232 }
233
234 /* prf can stay NULL because we are using hmacWithSHA1 */
235
236 /* Now setup the PBE2PARAM keyfunc structure */
237
238 pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
239
240 /* Encode PBKDF2PARAM into parameter of pbe2 */
241
242 if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
243
244 if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM,
245 &pbe2->keyfunc->parameter->value.sequence)) goto merr;
246 pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
247
248 PBKDF2PARAM_free(kdf);
249 kdf = NULL;
250
251 /* Now set up top level AlgorithmIdentifier */
252
253 if(!(ret = X509_ALGOR_new())) goto merr;
254 if(!(ret->parameter = ASN1_TYPE_new())) goto merr;
255
256 ret->algorithm = OBJ_nid2obj(NID_pbes2);
257
258 /* Encode PBE2PARAM into parameter */
259
260 if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM,
261 &ret->parameter->value.sequence)) goto merr;
262 ret->parameter->type = V_ASN1_SEQUENCE;
263
264 PBE2PARAM_free(pbe2);
265 pbe2 = NULL;
266
267 return ret;
268
269 merr:
270 ASN1err(ASN1_F_PKCS5_PBE2_SET,ERR_R_MALLOC_FAILURE);
271
272 err:
273 PBE2PARAM_free(pbe2);
274 /* Note 'scheme' is freed as part of pbe2 */
275 M_ASN1_OCTET_STRING_free(osalt);
276 PBKDF2PARAM_free(kdf);
277 X509_ALGOR_free(kalg);
278 X509_ALGOR_free(ret);
279
280 return NULL;
281
282}
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
deleted file mode 100644
index fa6cbfb6f8..0000000000
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ /dev/null
@@ -1,127 +0,0 @@
1/* p8_pkey.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp)
65{
66
67 M_ASN1_I2D_vars(a);
68
69 M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
70 M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR);
71 M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE);
72 M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
73 i2d_X509_ATTRIBUTE, 0);
74
75 M_ASN1_I2D_seq_total ();
76
77 M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
78 M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
79 M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
80 M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
81 i2d_X509_ATTRIBUTE, 0);
82
83 M_ASN1_I2D_finish();
84}
85
86PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void)
87{
88 PKCS8_PRIV_KEY_INFO *ret=NULL;
89 ASN1_CTX c;
90 M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO);
91 M_ASN1_New (ret->version, M_ASN1_INTEGER_new);
92 M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
93 M_ASN1_New (ret->pkey, ASN1_TYPE_new);
94 ret->attributes = NULL;
95 ret->broken = PKCS8_OK;
96 return (ret);
97 M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
98}
99
100PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
101 unsigned char **pp, long length)
102{
103 M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
104 M_ASN1_D2I_Init();
105 M_ASN1_D2I_start_sequence();
106 M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
107 M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
108 M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
109 M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
110 d2i_X509_ATTRIBUTE,
111 X509_ATTRIBUTE_free, 0);
112 M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
113}
114
115void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
116{
117 if (a == NULL) return;
118 M_ASN1_INTEGER_free (a->version);
119 X509_ALGOR_free(a->pkeyalg);
120 /* Clear sensitive data */
121 if (a->pkey->value.octet_string)
122 memset (a->pkey->value.octet_string->data,
123 0, a->pkey->value.octet_string->length);
124 ASN1_TYPE_free (a->pkey);
125 sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
126 OPENSSL_free (a);
127}
diff --git a/src/lib/libcrypto/asn1/t_bitst.c b/src/lib/libcrypto/asn1/t_bitst.c
deleted file mode 100644
index 8ee789f082..0000000000
--- a/src/lib/libcrypto/asn1/t_bitst.c
+++ /dev/null
@@ -1,99 +0,0 @@
1/* t_bitst.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/x509v3.h>
63
64int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
65 BIT_STRING_BITNAME *tbl, int indent)
66{
67 BIT_STRING_BITNAME *bnam;
68 char first = 1;
69 BIO_printf(out, "%*s", indent, "");
70 for(bnam = tbl; bnam->lname; bnam++) {
71 if(ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
72 if(!first) BIO_puts(out, ", ");
73 BIO_puts(out, bnam->lname);
74 first = 0;
75 }
76 }
77 BIO_puts(out, "\n");
78 return 1;
79}
80
81int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
82 BIT_STRING_BITNAME *tbl)
83{
84 int bitnum;
85 bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
86 if(bitnum < 0) return 0;
87 if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value);
88 return 1;
89}
90
91int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
92{
93 BIT_STRING_BITNAME *bnam;
94 for(bnam = tbl; bnam->lname; bnam++) {
95 if(!strcmp(bnam->sname, name) ||
96 !strcmp(bnam->lname, name) ) return bnam->bitnum;
97 }
98 return -1;
99}
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
deleted file mode 100644
index d78e4a8f88..0000000000
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ /dev/null
@@ -1,166 +0,0 @@
1/* t_crl.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/bn.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65#include <openssl/x509v3.h>
66
67static void ext_print(BIO *out, X509_EXTENSION *ex);
68#ifndef NO_FP_API
69int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
70 {
71 BIO *b;
72 int ret;
73
74 if ((b=BIO_new(BIO_s_file())) == NULL)
75 {
76 X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
77 return(0);
78 }
79 BIO_set_fp(b,fp,BIO_NOCLOSE);
80 ret=X509_CRL_print(b, x);
81 BIO_free(b);
82 return(ret);
83 }
84#endif
85
86int X509_CRL_print(BIO *out, X509_CRL *x)
87{
88 char buf[256];
89 unsigned char *s;
90 STACK_OF(X509_REVOKED) *rev;
91 X509_REVOKED *r;
92 long l;
93 int i, j, n;
94
95 BIO_printf(out, "Certificate Revocation List (CRL):\n");
96 l = X509_CRL_get_version(x);
97 BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l+1, l);
98 i = OBJ_obj2nid(x->sig_alg->algorithm);
99 BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
100 (i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
101 X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256);
102 BIO_printf(out,"%8sIssuer: %s\n","",buf);
103 BIO_printf(out,"%8sLast Update: ","");
104 ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x));
105 BIO_printf(out,"\n%8sNext Update: ","");
106 if (X509_CRL_get_nextUpdate(x))
107 ASN1_TIME_print(out,X509_CRL_get_nextUpdate(x));
108 else BIO_printf(out,"NONE");
109 BIO_printf(out,"\n");
110
111 n=X509_CRL_get_ext_count(x);
112 if (n > 0) {
113 BIO_printf(out,"%8sCRL extensions:\n","");
114 for (i=0; i<n; i++) ext_print(out, X509_CRL_get_ext(x, i));
115 }
116
117
118 rev = X509_CRL_get_REVOKED(x);
119
120 if(sk_X509_REVOKED_num(rev))
121 BIO_printf(out, "Revoked Certificates:\n");
122 else BIO_printf(out, "No Revoked Certificates.\n");
123
124 for(i = 0; i < sk_X509_REVOKED_num(rev); i++) {
125 r = sk_X509_REVOKED_value(rev, i);
126 BIO_printf(out," Serial Number: ");
127 i2a_ASN1_INTEGER(out,r->serialNumber);
128 BIO_printf(out,"\n Revocation Date: ","");
129 ASN1_TIME_print(out,r->revocationDate);
130 BIO_printf(out,"\n");
131 for(j = 0; j < X509_REVOKED_get_ext_count(r); j++)
132 ext_print(out, X509_REVOKED_get_ext(r, j));
133 }
134
135 i=OBJ_obj2nid(x->sig_alg->algorithm);
136 BIO_printf(out," Signature Algorithm: %s",
137 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
138
139 s = x->signature->data;
140 n = x->signature->length;
141 for (i=0; i<n; i++, s++)
142 {
143 if ((i%18) == 0) BIO_write(out,"\n ",9);
144 BIO_printf(out,"%02x%s",*s, ((i+1) == n)?"":":");
145 }
146 BIO_write(out,"\n",1);
147
148 return 1;
149
150}
151
152static void ext_print(BIO *out, X509_EXTENSION *ex)
153{
154 ASN1_OBJECT *obj;
155 int j;
156 BIO_printf(out,"%12s","");
157 obj=X509_EXTENSION_get_object(ex);
158 i2a_ASN1_OBJECT(out,obj);
159 j=X509_EXTENSION_get_critical(ex);
160 BIO_printf(out, ": %s\n", j ? "critical":"","");
161 if(!X509V3_EXT_print(out, ex, 0, 16)) {
162 BIO_printf(out, "%16s", "");
163 M_ASN1_OCTET_STRING_print(out,ex->value);
164 }
165 BIO_write(out,"\n",1);
166}
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
deleted file mode 100644
index ae18da96e3..0000000000
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ /dev/null
@@ -1,361 +0,0 @@
1/* crypto/asn1/t_pkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/bn.h>
63#ifndef NO_RSA
64#include <openssl/rsa.h>
65#endif
66#ifndef NO_DH
67#include <openssl/dh.h>
68#endif
69#ifndef NO_DSA
70#include <openssl/dsa.h>
71#endif
72
73static int print(BIO *fp,const char *str,BIGNUM *num,
74 unsigned char *buf,int off);
75#ifndef NO_RSA
76#ifndef NO_FP_API
77int RSA_print_fp(FILE *fp, RSA *x, int off)
78 {
79 BIO *b;
80 int ret;
81
82 if ((b=BIO_new(BIO_s_file())) == NULL)
83 {
84 RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
85 return(0);
86 }
87 BIO_set_fp(b,fp,BIO_NOCLOSE);
88 ret=RSA_print(b,x,off);
89 BIO_free(b);
90 return(ret);
91 }
92#endif
93
94int RSA_print(BIO *bp, RSA *x, int off)
95 {
96 char str[128];
97 const char *s;
98 unsigned char *m=NULL;
99 int i,ret=0;
100
101 i=RSA_size(x);
102 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
103 if (m == NULL)
104 {
105 RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
106 goto err;
107 }
108
109 if (off)
110 {
111 if (off > 128) off=128;
112 memset(str,' ',off);
113 }
114 if (x->d != NULL)
115 {
116 if (off && (BIO_write(bp,str,off) <= 0)) goto err;
117 if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
118 <= 0) goto err;
119 }
120
121 if (x->d == NULL)
122 sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
123 else
124 strcpy(str,"modulus:");
125 if (!print(bp,str,x->n,m,off)) goto err;
126 s=(x->d == NULL)?"Exponent:":"publicExponent:";
127 if (!print(bp,s,x->e,m,off)) goto err;
128 if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
129 if (!print(bp,"prime1:",x->p,m,off)) goto err;
130 if (!print(bp,"prime2:",x->q,m,off)) goto err;
131 if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
132 if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
133 if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
134 ret=1;
135err:
136 if (m != NULL) OPENSSL_free(m);
137 return(ret);
138 }
139#endif /* NO_RSA */
140
141#ifndef NO_DSA
142#ifndef NO_FP_API
143int DSA_print_fp(FILE *fp, DSA *x, int off)
144 {
145 BIO *b;
146 int ret;
147
148 if ((b=BIO_new(BIO_s_file())) == NULL)
149 {
150 DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
151 return(0);
152 }
153 BIO_set_fp(b,fp,BIO_NOCLOSE);
154 ret=DSA_print(b,x,off);
155 BIO_free(b);
156 return(ret);
157 }
158#endif
159
160int DSA_print(BIO *bp, DSA *x, int off)
161 {
162 char str[128];
163 unsigned char *m=NULL;
164 int i,ret=0;
165 BIGNUM *bn=NULL;
166
167 if (x->p != NULL)
168 bn=x->p;
169 else if (x->priv_key != NULL)
170 bn=x->priv_key;
171 else if (x->pub_key != NULL)
172 bn=x->pub_key;
173
174 /* larger than needed but what the hell :-) */
175 if (bn != NULL)
176 i=BN_num_bytes(bn)*2;
177 else
178 i=256;
179 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
180 if (m == NULL)
181 {
182 DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
183 goto err;
184 }
185
186 if (off)
187 {
188 if (off > 128) off=128;
189 memset(str,' ',off);
190 }
191 if (x->priv_key != NULL)
192 {
193 if (off && (BIO_write(bp,str,off) <= 0)) goto err;
194 if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
195 <= 0) goto err;
196 }
197
198 if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
199 goto err;
200 if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
201 goto err;
202 if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err;
203 if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err;
204 if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err;
205 ret=1;
206err:
207 if (m != NULL) OPENSSL_free(m);
208 return(ret);
209 }
210#endif /* !NO_DSA */
211
212static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
213 int off)
214 {
215 int n,i;
216 char str[128];
217 const char *neg;
218
219 if (num == NULL) return(1);
220 neg=(num->neg)?"-":"";
221 if (off)
222 {
223 if (off > 128) off=128;
224 memset(str,' ',off);
225 if (BIO_write(bp,str,off) <= 0) return(0);
226 }
227
228 if (BN_num_bytes(num) <= BN_BYTES)
229 {
230 if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
231 (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
232 <= 0) return(0);
233 }
234 else
235 {
236 buf[0]=0;
237 if (BIO_printf(bp,"%s%s",number,
238 (neg[0] == '-')?" (Negative)":"") <= 0)
239 return(0);
240 n=BN_bn2bin(num,&buf[1]);
241
242 if (buf[1] & 0x80)
243 n++;
244 else buf++;
245
246 for (i=0; i<n; i++)
247 {
248 if ((i%15) == 0)
249 {
250 str[0]='\n';
251 memset(&(str[1]),' ',off+4);
252 if (BIO_write(bp,str,off+1+4) <= 0) return(0);
253 }
254 if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
255 <= 0) return(0);
256 }
257 if (BIO_write(bp,"\n",1) <= 0) return(0);
258 }
259 return(1);
260 }
261
262#ifndef NO_DH
263#ifndef NO_FP_API
264int DHparams_print_fp(FILE *fp, DH *x)
265 {
266 BIO *b;
267 int ret;
268
269 if ((b=BIO_new(BIO_s_file())) == NULL)
270 {
271 DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
272 return(0);
273 }
274 BIO_set_fp(b,fp,BIO_NOCLOSE);
275 ret=DHparams_print(b, x);
276 BIO_free(b);
277 return(ret);
278 }
279#endif
280
281int DHparams_print(BIO *bp, DH *x)
282 {
283 unsigned char *m=NULL;
284 int reason=ERR_R_BUF_LIB,i,ret=0;
285
286 i=BN_num_bytes(x->p);
287 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
288 if (m == NULL)
289 {
290 reason=ERR_R_MALLOC_FAILURE;
291 goto err;
292 }
293
294 if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
295 BN_num_bits(x->p)) <= 0)
296 goto err;
297 if (!print(bp,"prime:",x->p,m,4)) goto err;
298 if (!print(bp,"generator:",x->g,m,4)) goto err;
299 if (x->length != 0)
300 {
301 if (BIO_printf(bp," recommended-private-length: %d bits\n",
302 (int)x->length) <= 0) goto err;
303 }
304 ret=1;
305 if (0)
306 {
307err:
308 DHerr(DH_F_DHPARAMS_PRINT,reason);
309 }
310 if (m != NULL) OPENSSL_free(m);
311 return(ret);
312 }
313#endif
314
315#ifndef NO_DSA
316#ifndef NO_FP_API
317int DSAparams_print_fp(FILE *fp, DSA *x)
318 {
319 BIO *b;
320 int ret;
321
322 if ((b=BIO_new(BIO_s_file())) == NULL)
323 {
324 DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
325 return(0);
326 }
327 BIO_set_fp(b,fp,BIO_NOCLOSE);
328 ret=DSAparams_print(b, x);
329 BIO_free(b);
330 return(ret);
331 }
332#endif
333
334int DSAparams_print(BIO *bp, DSA *x)
335 {
336 unsigned char *m=NULL;
337 int reason=ERR_R_BUF_LIB,i,ret=0;
338
339 i=BN_num_bytes(x->p);
340 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
341 if (m == NULL)
342 {
343 reason=ERR_R_MALLOC_FAILURE;
344 goto err;
345 }
346
347 if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
348 BN_num_bits(x->p)) <= 0)
349 goto err;
350 if (!print(bp,"p:",x->p,m,4)) goto err;
351 if (!print(bp,"q:",x->q,m,4)) goto err;
352 if (!print(bp,"g:",x->g,m,4)) goto err;
353 ret=1;
354err:
355 if (m != NULL) OPENSSL_free(m);
356 DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
357 return(ret);
358 }
359
360#endif /* !NO_DSA */
361
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
deleted file mode 100644
index ea1af092db..0000000000
--- a/src/lib/libcrypto/asn1/t_req.c
+++ /dev/null
@@ -1,254 +0,0 @@
1/* crypto/asn1/t_req.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/bn.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65#include <openssl/x509v3.h>
66
67#ifndef NO_FP_API
68int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
69 {
70 BIO *b;
71 int ret;
72
73 if ((b=BIO_new(BIO_s_file())) == NULL)
74 {
75 X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
76 return(0);
77 }
78 BIO_set_fp(b,fp,BIO_NOCLOSE);
79 ret=X509_REQ_print(b, x);
80 BIO_free(b);
81 return(ret);
82 }
83#endif
84
85int X509_REQ_print(BIO *bp, X509_REQ *x)
86 {
87 unsigned long l;
88 int i,n;
89 char *s;
90 const char *neg;
91 X509_REQ_INFO *ri;
92 EVP_PKEY *pkey;
93 STACK_OF(X509_ATTRIBUTE) *sk;
94 STACK_OF(X509_EXTENSION) *exts;
95 char str[128];
96
97 ri=x->req_info;
98 sprintf(str,"Certificate Request:\n");
99 if (BIO_puts(bp,str) <= 0) goto err;
100 sprintf(str,"%4sData:\n","");
101 if (BIO_puts(bp,str) <= 0) goto err;
102
103 neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
104 l=0;
105 for (i=0; i<ri->version->length; i++)
106 { l<<=8; l+=ri->version->data[i]; }
107 sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l);
108 if (BIO_puts(bp,str) <= 0) goto err;
109 sprintf(str,"%8sSubject: ","");
110 if (BIO_puts(bp,str) <= 0) goto err;
111
112 X509_NAME_print(bp,ri->subject,16);
113 sprintf(str,"\n%8sSubject Public Key Info:\n","");
114 if (BIO_puts(bp,str) <= 0) goto err;
115 i=OBJ_obj2nid(ri->pubkey->algor->algorithm);
116 sprintf(str,"%12sPublic Key Algorithm: %s\n","",
117 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
118 if (BIO_puts(bp,str) <= 0) goto err;
119
120 pkey=X509_REQ_get_pubkey(x);
121#ifndef NO_RSA
122 if (pkey != NULL && pkey->type == EVP_PKEY_RSA)
123 {
124 BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
125 BN_num_bits(pkey->pkey.rsa->n));
126 RSA_print(bp,pkey->pkey.rsa,16);
127 }
128 else
129#endif
130#ifndef NO_DSA
131 if (pkey != NULL && pkey->type == EVP_PKEY_DSA)
132 {
133 BIO_printf(bp,"%12sDSA Public Key:\n","");
134 DSA_print(bp,pkey->pkey.dsa,16);
135 }
136 else
137#endif
138 BIO_printf(bp,"%12sUnknown Public Key:\n","");
139
140 if (pkey != NULL)
141 EVP_PKEY_free(pkey);
142
143 /* may not be */
144 sprintf(str,"%8sAttributes:\n","");
145 if (BIO_puts(bp,str) <= 0) goto err;
146
147 sk=x->req_info->attributes;
148 if ((sk == NULL) || (sk_X509_ATTRIBUTE_num(sk) == 0))
149 {
150 if (!x->req_info->req_kludge)
151 {
152 sprintf(str,"%12sa0:00\n","");
153 if (BIO_puts(bp,str) <= 0) goto err;
154 }
155 }
156 else
157 {
158 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
159 {
160 ASN1_TYPE *at;
161 X509_ATTRIBUTE *a;
162 ASN1_BIT_STRING *bs=NULL;
163 ASN1_TYPE *t;
164 int j,type=0,count=1,ii=0;
165
166 a=sk_X509_ATTRIBUTE_value(sk,i);
167 if(X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
168 continue;
169 sprintf(str,"%12s","");
170 if (BIO_puts(bp,str) <= 0) goto err;
171 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
172 {
173 if (a->set)
174 {
175 ii=0;
176 count=sk_ASN1_TYPE_num(a->value.set);
177get_next:
178 at=sk_ASN1_TYPE_value(a->value.set,ii);
179 type=at->type;
180 bs=at->value.asn1_string;
181 }
182 else
183 {
184 t=a->value.single;
185 type=t->type;
186 bs=t->value.bit_string;
187 }
188 }
189 for (j=25-j; j>0; j--)
190 if (BIO_write(bp," ",1) != 1) goto err;
191 if (BIO_puts(bp,":") <= 0) goto err;
192 if ( (type == V_ASN1_PRINTABLESTRING) ||
193 (type == V_ASN1_T61STRING) ||
194 (type == V_ASN1_IA5STRING))
195 {
196 if (BIO_write(bp,(char *)bs->data,bs->length)
197 != bs->length)
198 goto err;
199 BIO_puts(bp,"\n");
200 }
201 else
202 {
203 BIO_puts(bp,"unable to print attribute\n");
204 }
205 if (++ii < count) goto get_next;
206 }
207 }
208
209 exts = X509_REQ_get_extensions(x);
210 if(exts) {
211 BIO_printf(bp,"%8sRequested Extensions:\n","");
212 for (i=0; i<sk_X509_EXTENSION_num(exts); i++) {
213 ASN1_OBJECT *obj;
214 X509_EXTENSION *ex;
215 int j;
216 ex=sk_X509_EXTENSION_value(exts, i);
217 if (BIO_printf(bp,"%12s","") <= 0) goto err;
218 obj=X509_EXTENSION_get_object(ex);
219 i2a_ASN1_OBJECT(bp,obj);
220 j=X509_EXTENSION_get_critical(ex);
221 if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
222 goto err;
223 if(!X509V3_EXT_print(bp, ex, 0, 16)) {
224 BIO_printf(bp, "%16s", "");
225 M_ASN1_OCTET_STRING_print(bp,ex->value);
226 }
227 if (BIO_write(bp,"\n",1) <= 0) goto err;
228 }
229 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
230 }
231
232 i=OBJ_obj2nid(x->sig_alg->algorithm);
233 sprintf(str,"%4sSignature Algorithm: %s","",
234 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
235 if (BIO_puts(bp,str) <= 0) goto err;
236
237 n=x->signature->length;
238 s=(char *)x->signature->data;
239 for (i=0; i<n; i++)
240 {
241 if ((i%18) == 0)
242 {
243 sprintf(str,"\n%8s","");
244 if (BIO_puts(bp,str) <= 0) goto err;
245 }
246 sprintf(str,"%02x%s",(unsigned char)s[i],((i+1) == n)?"":":");
247 if (BIO_puts(bp,str) <= 0) goto err;
248 }
249 if (BIO_puts(bp,"\n") <= 0) goto err;
250 return(1);
251err:
252 X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
253 return(0);
254 }
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c
deleted file mode 100644
index d708434fca..0000000000
--- a/src/lib/libcrypto/asn1/t_spki.c
+++ /dev/null
@@ -1,116 +0,0 @@
1/* t_spki.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509.h>
62#include <openssl/asn1_mac.h>
63
64/* Print out an SPKI */
65
66int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
67{
68 EVP_PKEY *pkey;
69 ASN1_IA5STRING *chal;
70 int i, n;
71 char *s;
72 BIO_printf(out, "Netscape SPKI:\n");
73 i=OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
74 BIO_printf(out," Public Key Algorithm: %s\n",
75 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
76 pkey = X509_PUBKEY_get(spki->spkac->pubkey);
77 if(!pkey) BIO_printf(out, " Unable to load public key\n");
78 else {
79#ifndef NO_RSA
80 if (pkey->type == EVP_PKEY_RSA)
81 {
82 BIO_printf(out," RSA Public Key: (%d bit)\n",
83 BN_num_bits(pkey->pkey.rsa->n));
84 RSA_print(out,pkey->pkey.rsa,2);
85 }
86 else
87#endif
88#ifndef NO_DSA
89 if (pkey->type == EVP_PKEY_DSA)
90 {
91 BIO_printf(out," DSA Public Key:\n");
92 DSA_print(out,pkey->pkey.dsa,2);
93 }
94 else
95#endif
96 BIO_printf(out," Unknown Public Key:\n");
97 EVP_PKEY_free(pkey);
98 }
99 chal = spki->spkac->challenge;
100 if(chal->length)
101 BIO_printf(out, " Challenge String: %s\n", chal->data);
102 i=OBJ_obj2nid(spki->sig_algor->algorithm);
103 BIO_printf(out," Signature Algorithm: %s",
104 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
105
106 n=spki->signature->length;
107 s=(char *)spki->signature->data;
108 for (i=0; i<n; i++)
109 {
110 if ((i%18) == 0) BIO_write(out,"\n ",7);
111 BIO_printf(out,"%02x%s",(unsigned char)s[i],
112 ((i+1) == n)?"":":");
113 }
114 BIO_write(out,"\n",1);
115 return 1;
116}
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
deleted file mode 100644
index 89ae73a6de..0000000000
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ /dev/null
@@ -1,411 +0,0 @@
1/* crypto/asn1/t_x509.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/bn.h>
63#ifndef NO_RSA
64#include <openssl/rsa.h>
65#endif
66#ifndef NO_DSA
67#include <openssl/dsa.h>
68#endif
69#include <openssl/objects.h>
70#include <openssl/x509.h>
71#include <openssl/x509v3.h>
72
73#ifndef NO_FP_API
74int X509_print_fp(FILE *fp, X509 *x)
75 {
76 BIO *b;
77 int ret;
78
79 if ((b=BIO_new(BIO_s_file())) == NULL)
80 {
81 X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
82 return(0);
83 }
84 BIO_set_fp(b,fp,BIO_NOCLOSE);
85 ret=X509_print(b, x);
86 BIO_free(b);
87 return(ret);
88 }
89#endif
90
91int X509_print(BIO *bp, X509 *x)
92 {
93 long l;
94 int ret=0,i,j,n;
95 char *m=NULL,*s;
96 X509_CINF *ci;
97 ASN1_INTEGER *bs;
98 EVP_PKEY *pkey=NULL;
99 const char *neg;
100 X509_EXTENSION *ex;
101 ASN1_STRING *str=NULL;
102
103 ci=x->cert_info;
104 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
105 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
106 l=X509_get_version(x);
107 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
108 if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
109
110 bs=X509_get_serialNumber(x);
111 if (bs->length <= 4)
112 {
113 l=ASN1_INTEGER_get(bs);
114 if (l < 0)
115 {
116 l= -l;
117 neg="-";
118 }
119 else
120 neg="";
121 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
122 goto err;
123 }
124 else
125 {
126 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
127 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
128
129 for (i=0; i<bs->length; i++)
130 {
131 if (BIO_printf(bp,"%02x%c",bs->data[i],
132 ((i+1 == bs->length)?'\n':':')) <= 0)
133 goto err;
134 }
135 }
136
137 i=OBJ_obj2nid(ci->signature->algorithm);
138 if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
139 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
140 goto err;
141
142 if (BIO_write(bp," Issuer: ",16) <= 0) goto err;
143 if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
144 if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
145 if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
146 if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
147 if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
148 if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
149 if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
150 if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
151 if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
152 goto err;
153 i=OBJ_obj2nid(ci->key->algor->algorithm);
154 if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
155 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
156
157 pkey=X509_get_pubkey(x);
158 if (pkey == NULL)
159 {
160 BIO_printf(bp,"%12sUnable to load Public Key\n","");
161 ERR_print_errors(bp);
162 }
163 else
164#ifndef NO_RSA
165 if (pkey->type == EVP_PKEY_RSA)
166 {
167 BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
168 BN_num_bits(pkey->pkey.rsa->n));
169 RSA_print(bp,pkey->pkey.rsa,16);
170 }
171 else
172#endif
173#ifndef NO_DSA
174 if (pkey->type == EVP_PKEY_DSA)
175 {
176 BIO_printf(bp,"%12sDSA Public Key:\n","");
177 DSA_print(bp,pkey->pkey.dsa,16);
178 }
179 else
180#endif
181 BIO_printf(bp,"%12sUnknown Public Key:\n","");
182
183 EVP_PKEY_free(pkey);
184
185 n=X509_get_ext_count(x);
186 if (n > 0)
187 {
188 BIO_printf(bp,"%8sX509v3 extensions:\n","");
189 for (i=0; i<n; i++)
190 {
191 ASN1_OBJECT *obj;
192 ex=X509_get_ext(x,i);
193 if (BIO_printf(bp,"%12s","") <= 0) goto err;
194 obj=X509_EXTENSION_get_object(ex);
195 i2a_ASN1_OBJECT(bp,obj);
196 j=X509_EXTENSION_get_critical(ex);
197 if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
198 goto err;
199 if(!X509V3_EXT_print(bp, ex, 0, 16))
200 {
201 BIO_printf(bp, "%16s", "");
202 M_ASN1_OCTET_STRING_print(bp,ex->value);
203 }
204 if (BIO_write(bp,"\n",1) <= 0) goto err;
205 }
206 }
207
208 i=OBJ_obj2nid(x->sig_alg->algorithm);
209 if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
210 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
211
212 n=x->signature->length;
213 s=(char *)x->signature->data;
214 for (i=0; i<n; i++)
215 {
216 if ((i%18) == 0)
217 if (BIO_write(bp,"\n ",9) <= 0) goto err;
218 if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
219 ((i+1) == n)?"":":") <= 0) goto err;
220 }
221 if (BIO_write(bp,"\n",1) != 1) goto err;
222 if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
223 ret=1;
224err:
225 if (str != NULL) ASN1_STRING_free(str);
226 if (m != NULL) OPENSSL_free(m);
227 return(ret);
228 }
229
230int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
231 {
232 int i,n;
233 char buf[80],*p;;
234
235 if (v == NULL) return(0);
236 n=0;
237 p=(char *)v->data;
238 for (i=0; i<v->length; i++)
239 {
240 if ((p[i] > '~') || ((p[i] < ' ') &&
241 (p[i] != '\n') && (p[i] != '\r')))
242 buf[n]='.';
243 else
244 buf[n]=p[i];
245 n++;
246 if (n >= 80)
247 {
248 if (BIO_write(bp,buf,n) <= 0)
249 return(0);
250 n=0;
251 }
252 }
253 if (n > 0)
254 if (BIO_write(bp,buf,n) <= 0)
255 return(0);
256 return(1);
257 }
258
259int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
260{
261 if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
262 if(tm->type == V_ASN1_GENERALIZEDTIME)
263 return ASN1_GENERALIZEDTIME_print(bp, tm);
264 BIO_write(bp,"Bad time value",14);
265 return(0);
266}
267
268static const char *mon[12]=
269 {
270 "Jan","Feb","Mar","Apr","May","Jun",
271 "Jul","Aug","Sep","Oct","Nov","Dec"
272 };
273
274int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
275 {
276 char *v;
277 int gmt=0;
278 int i;
279 int y=0,M=0,d=0,h=0,m=0,s=0;
280
281 i=tm->length;
282 v=(char *)tm->data;
283
284 if (i < 12) goto err;
285 if (v[i-1] == 'Z') gmt=1;
286 for (i=0; i<12; i++)
287 if ((v[i] > '9') || (v[i] < '0')) goto err;
288 y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0');
289 M= (v[4]-'0')*10+(v[5]-'0');
290 if ((M > 12) || (M < 1)) goto err;
291 d= (v[6]-'0')*10+(v[7]-'0');
292 h= (v[8]-'0')*10+(v[9]-'0');
293 m= (v[10]-'0')*10+(v[11]-'0');
294 if ( (v[12] >= '0') && (v[12] <= '9') &&
295 (v[13] >= '0') && (v[13] <= '9'))
296 s= (v[12]-'0')*10+(v[13]-'0');
297
298 if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
299 mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
300 return(0);
301 else
302 return(1);
303err:
304 BIO_write(bp,"Bad time value",14);
305 return(0);
306 }
307
308int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
309 {
310 char *v;
311 int gmt=0;
312 int i;
313 int y=0,M=0,d=0,h=0,m=0,s=0;
314
315 i=tm->length;
316 v=(char *)tm->data;
317
318 if (i < 10) goto err;
319 if (v[i-1] == 'Z') gmt=1;
320 for (i=0; i<10; i++)
321 if ((v[i] > '9') || (v[i] < '0')) goto err;
322 y= (v[0]-'0')*10+(v[1]-'0');
323 if (y < 50) y+=100;
324 M= (v[2]-'0')*10+(v[3]-'0');
325 if ((M > 12) || (M < 1)) goto err;
326 d= (v[4]-'0')*10+(v[5]-'0');
327 h= (v[6]-'0')*10+(v[7]-'0');
328 m= (v[8]-'0')*10+(v[9]-'0');
329 if ( (v[10] >= '0') && (v[10] <= '9') &&
330 (v[11] >= '0') && (v[11] <= '9'))
331 s= (v[10]-'0')*10+(v[11]-'0');
332
333 if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
334 mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
335 return(0);
336 else
337 return(1);
338err:
339 BIO_write(bp,"Bad time value",14);
340 return(0);
341 }
342
343int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
344 {
345 char *s,*c;
346 int ret=0,l,ll,i,first=1;
347 char buf[256];
348
349 ll=80-2-obase;
350
351 s=X509_NAME_oneline(name,buf,256);
352 if (!*s)
353 return 1;
354 s++; /* skip the first slash */
355
356 l=ll;
357 c=s;
358 for (;;)
359 {
360#ifndef CHARSET_EBCDIC
361 if ( ((*s == '/') &&
362 ((s[1] >= 'A') && (s[1] <= 'Z') && (
363 (s[2] == '=') ||
364 ((s[2] >= 'A') && (s[2] <= 'Z') &&
365 (s[3] == '='))
366 ))) ||
367 (*s == '\0'))
368#else
369 if ( ((*s == '/') &&
370 (isupper(s[1]) && (
371 (s[2] == '=') ||
372 (isupper(s[2]) &&
373 (s[3] == '='))
374 ))) ||
375 (*s == '\0'))
376#endif
377 {
378 if ((l <= 0) && !first)
379 {
380 first=0;
381 if (BIO_write(bp,"\n",1) != 1) goto err;
382 for (i=0; i<obase; i++)
383 {
384 if (BIO_write(bp," ",1) != 1) goto err;
385 }
386 l=ll;
387 }
388 i=s-c;
389 if (BIO_write(bp,c,i) != i) goto err;
390 c+=i;
391 c++;
392 if (*s != '\0')
393 {
394 if (BIO_write(bp,", ",2) != 2) goto err;
395 }
396 l--;
397 }
398 if (*s == '\0') break;
399 s++;
400 l--;
401 }
402
403 ret=1;
404 if (0)
405 {
406err:
407 X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
408 }
409 return(ret);
410 }
411
diff --git a/src/lib/libcrypto/asn1/t_x509a.c b/src/lib/libcrypto/asn1/t_x509a.c
deleted file mode 100644
index f06af5b576..0000000000
--- a/src/lib/libcrypto/asn1/t_x509a.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* t_x509a.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64
65/* X509_CERT_AUX and string set routines
66 */
67
68int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
69{
70 char oidstr[80], first;
71 int i;
72 if(!aux) return 1;
73 if(aux->trust) {
74 first = 1;
75 BIO_printf(out, "%*sTrusted Uses:\n%*s",
76 indent, "", indent + 2, "");
77 for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
78 if(!first) BIO_puts(out, ", ");
79 else first = 0;
80 OBJ_obj2txt(oidstr, 80,
81 sk_ASN1_OBJECT_value(aux->trust, i), 0);
82 BIO_puts(out, oidstr);
83 }
84 BIO_puts(out, "\n");
85 } else BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
86 if(aux->reject) {
87 first = 1;
88 BIO_printf(out, "%*sRejected Uses:\n%*s",
89 indent, "", indent + 2, "");
90 for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
91 if(!first) BIO_puts(out, ", ");
92 else first = 0;
93 OBJ_obj2txt(oidstr, 80,
94 sk_ASN1_OBJECT_value(aux->reject, i), 0);
95 BIO_puts(out, oidstr);
96 }
97 BIO_puts(out, "\n");
98 } else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
99 if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "",
100 aux->alias->data);
101 if(aux->keyid) {
102 BIO_printf(out, "%*sKey Id: ", indent, "");
103 for(i = 0; i < aux->keyid->length; i++)
104 BIO_printf(out, "%s%02X",
105 i ? ":" : "",
106 aux->keyid->data[i]);
107 BIO_write(out,"\n",1);
108 }
109 return 1;
110}
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
deleted file mode 100644
index 853a8dfeef..0000000000
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* crypto/asn1/x_algor.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp)
65 {
66 M_ASN1_I2D_vars(a);
67
68 M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
69 if (a->parameter != NULL)
70 { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
71
72 M_ASN1_I2D_seq_total();
73 M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
74 if (a->parameter != NULL)
75 { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
76
77 M_ASN1_I2D_finish();
78 }
79
80X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length)
81 {
82 M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
83
84 M_ASN1_D2I_Init();
85 M_ASN1_D2I_start_sequence();
86 M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
87 if (!M_ASN1_D2I_end_sequence())
88 { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
89 else
90 {
91 ASN1_TYPE_free(ret->parameter);
92 ret->parameter=NULL;
93 }
94 M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
95 }
96
97X509_ALGOR *X509_ALGOR_new(void)
98 {
99 X509_ALGOR *ret=NULL;
100 ASN1_CTX c;
101
102 M_ASN1_New_Malloc(ret,X509_ALGOR);
103 ret->algorithm=OBJ_nid2obj(NID_undef);
104 ret->parameter=NULL;
105 return(ret);
106 M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
107 }
108
109void X509_ALGOR_free(X509_ALGOR *a)
110 {
111 if (a == NULL) return;
112 ASN1_OBJECT_free(a->algorithm);
113 ASN1_TYPE_free(a->parameter);
114 OPENSSL_free(a);
115 }
116
117IMPLEMENT_STACK_OF(X509_ALGOR)
118IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c
deleted file mode 100644
index 14e5ea27aa..0000000000
--- a/src/lib/libcrypto/asn1/x_attrib.c
+++ /dev/null
@@ -1,165 +0,0 @@
1/* crypto/asn1/x_attrib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/objects.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64
65/* sequence */
66int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **pp)
67 {
68 int k=0;
69 int r=0,ret=0;
70 unsigned char **p=NULL;
71
72 if (a == NULL) return(0);
73
74 p=NULL;
75 for (;;)
76 {
77 if (k)
78 {
79 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
80 if (pp == NULL) return(r);
81 p=pp;
82 ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
83 V_ASN1_UNIVERSAL);
84 }
85
86 ret+=i2d_ASN1_OBJECT(a->object,p);
87 if (a->set)
88 ret+=i2d_ASN1_SET_OF_ASN1_TYPE(a->value.set,p,i2d_ASN1_TYPE,
89 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
90 else
91 ret+=i2d_ASN1_TYPE(a->value.single,p);
92 if (k++) return(r);
93 }
94 }
95
96X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, unsigned char **pp,
97 long length)
98 {
99 M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
100
101 M_ASN1_D2I_Init();
102 M_ASN1_D2I_start_sequence();
103 M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
104
105 if ((c.slen != 0) &&
106 (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
107 {
108 ret->set=1;
109 M_ASN1_D2I_get_set_type(ASN1_TYPE,ret->value.set,d2i_ASN1_TYPE,
110 ASN1_TYPE_free);
111 }
112 else
113 {
114 ret->set=0;
115 M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
116 }
117
118 M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
119 }
120
121X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
122 {
123 X509_ATTRIBUTE *ret=NULL;
124 ASN1_TYPE *val=NULL;
125
126 if ((ret=X509_ATTRIBUTE_new()) == NULL)
127 return(NULL);
128 ret->object=OBJ_nid2obj(nid);
129 ret->set=1;
130 if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
131 if ((val=ASN1_TYPE_new()) == NULL) goto err;
132 if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
133
134 ASN1_TYPE_set(val,atrtype,value);
135 return(ret);
136err:
137 if (ret != NULL) X509_ATTRIBUTE_free(ret);
138 if (val != NULL) ASN1_TYPE_free(val);
139 return(NULL);
140 }
141
142X509_ATTRIBUTE *X509_ATTRIBUTE_new(void)
143 {
144 X509_ATTRIBUTE *ret=NULL;
145 ASN1_CTX c;
146
147 M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
148 ret->object=OBJ_nid2obj(NID_undef);
149 ret->set=0;
150 ret->value.ptr=NULL;
151 return(ret);
152 M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
153 }
154
155void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
156 {
157 if (a == NULL) return;
158 ASN1_OBJECT_free(a->object);
159 if (a->set)
160 sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free);
161 else
162 ASN1_TYPE_free(a->value.single);
163 OPENSSL_free(a);
164 }
165
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
deleted file mode 100644
index 51518cdf35..0000000000
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ /dev/null
@@ -1,348 +0,0 @@
1/* crypto/asn1/x_crl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
65 const X509_REVOKED * const *b);
66static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
67 const X509_REVOKED * const *b);
68int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp)
69 {
70 M_ASN1_I2D_vars(a);
71
72 M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
73 M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME);
74 M_ASN1_I2D_len_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
75 i2d_X509_EXTENSION);
76
77 M_ASN1_I2D_seq_total();
78
79 M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
80 M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME);
81 M_ASN1_I2D_put_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
82 i2d_X509_EXTENSION);
83
84 M_ASN1_I2D_finish();
85 }
86
87X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, unsigned char **pp,
88 long length)
89 {
90 M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
91
92 M_ASN1_D2I_Init();
93 M_ASN1_D2I_start_sequence();
94 M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
95 M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_TIME);
96 M_ASN1_D2I_get_seq_opt_type(X509_EXTENSION,ret->extensions,
97 d2i_X509_EXTENSION,X509_EXTENSION_free);
98 M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
99 }
100
101int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
102 {
103 int v1=0;
104 long l=0;
105 int (*old_cmp)(const X509_REVOKED * const *,
106 const X509_REVOKED * const *);
107 M_ASN1_I2D_vars(a);
108
109 old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
110 sk_X509_REVOKED_sort(a->revoked);
111 sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
112
113 if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
114 {
115 M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
116 }
117 M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
118 M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
119 M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME);
120 if (a->nextUpdate != NULL)
121 { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); }
122 M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
123 i2d_X509_REVOKED);
124 M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
125 i2d_X509_EXTENSION,0,
126 V_ASN1_SEQUENCE,v1);
127
128 M_ASN1_I2D_seq_total();
129
130 if ((a->version != NULL) && (l != 0))
131 {
132 M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
133 }
134 M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
135 M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
136 M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_TIME);
137 if (a->nextUpdate != NULL)
138 { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); }
139 M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
140 i2d_X509_REVOKED);
141 M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
142 i2d_X509_EXTENSION,0,
143 V_ASN1_SEQUENCE,v1);
144
145 M_ASN1_I2D_finish();
146 }
147
148X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp,
149 long length)
150 {
151 int i,ver=0;
152 M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
153
154
155 M_ASN1_D2I_Init();
156 M_ASN1_D2I_start_sequence();
157 M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
158 if (ret->version != NULL)
159 ver=ret->version->data[0];
160
161 if ((ver == 0) && (ret->version != NULL))
162 {
163 M_ASN1_INTEGER_free(ret->version);
164 ret->version=NULL;
165 }
166 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
167 M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
168 M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_TIME);
169 /* Manually handle the OPTIONAL ASN1_TIME stuff */
170 /* First try UTCTime */
171 M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME, V_ASN1_UTCTIME);
172 /* If that doesn't work try GeneralizedTime */
173 if(!ret->nextUpdate)
174 M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_GENERALIZEDTIME,
175 V_ASN1_GENERALIZEDTIME);
176 if (ret->revoked != NULL)
177 {
178 while (sk_X509_REVOKED_num(ret->revoked))
179 X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked));
180 }
181 M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED,
182 X509_REVOKED_free);
183
184 if (ret->revoked != NULL)
185 {
186 for (i=0; i<sk_X509_REVOKED_num(ret->revoked); i++)
187 {
188 sk_X509_REVOKED_value(ret->revoked,i)->sequence=i;
189 }
190 }
191
192 if (ret->extensions != NULL)
193 {
194 while (sk_X509_EXTENSION_num(ret->extensions))
195 X509_EXTENSION_free(
196 sk_X509_EXTENSION_pop(ret->extensions));
197 }
198
199 M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
200 d2i_X509_EXTENSION,
201 X509_EXTENSION_free,0,
202 V_ASN1_SEQUENCE);
203
204 M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
205 }
206
207int i2d_X509_CRL(X509_CRL *a, unsigned char **pp)
208 {
209 M_ASN1_I2D_vars(a);
210
211 M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
212 M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
213 M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
214
215 M_ASN1_I2D_seq_total();
216
217 M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
218 M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
219 M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
220
221 M_ASN1_I2D_finish();
222 }
223
224X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length)
225 {
226 M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
227
228 M_ASN1_D2I_Init();
229 M_ASN1_D2I_start_sequence();
230 M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
231 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
232 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
233
234 M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
235 }
236
237
238X509_REVOKED *X509_REVOKED_new(void)
239 {
240 X509_REVOKED *ret=NULL;
241 ASN1_CTX c;
242
243 M_ASN1_New_Malloc(ret,X509_REVOKED);
244 M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
245 M_ASN1_New(ret->revocationDate,M_ASN1_UTCTIME_new);
246 ret->extensions=NULL;
247 return(ret);
248 M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
249 }
250
251X509_CRL_INFO *X509_CRL_INFO_new(void)
252 {
253 X509_CRL_INFO *ret=NULL;
254 ASN1_CTX c;
255
256 M_ASN1_New_Malloc(ret,X509_CRL_INFO);
257 ret->version=NULL;
258 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
259 M_ASN1_New(ret->issuer,X509_NAME_new);
260 M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new);
261 ret->nextUpdate=NULL;
262 M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null);
263 ret->extensions = NULL;
264 sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp);
265 return(ret);
266 M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
267 }
268
269X509_CRL *X509_CRL_new(void)
270 {
271 X509_CRL *ret=NULL;
272 ASN1_CTX c;
273
274 M_ASN1_New_Malloc(ret,X509_CRL);
275 ret->references=1;
276 M_ASN1_New(ret->crl,X509_CRL_INFO_new);
277 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
278 M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
279 return(ret);
280 M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
281 }
282
283void X509_REVOKED_free(X509_REVOKED *a)
284 {
285 if (a == NULL) return;
286 M_ASN1_INTEGER_free(a->serialNumber);
287 M_ASN1_UTCTIME_free(a->revocationDate);
288 sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
289 OPENSSL_free(a);
290 }
291
292void X509_CRL_INFO_free(X509_CRL_INFO *a)
293 {
294 if (a == NULL) return;
295 M_ASN1_INTEGER_free(a->version);
296 X509_ALGOR_free(a->sig_alg);
297 X509_NAME_free(a->issuer);
298 M_ASN1_UTCTIME_free(a->lastUpdate);
299 if (a->nextUpdate)
300 M_ASN1_UTCTIME_free(a->nextUpdate);
301 sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free);
302 sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
303 OPENSSL_free(a);
304 }
305
306void X509_CRL_free(X509_CRL *a)
307 {
308 int i;
309
310 if (a == NULL) return;
311
312 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
313#ifdef REF_PRINT
314 REF_PRINT("X509_CRL",a);
315#endif
316 if (i > 0) return;
317#ifdef REF_CHECK
318 if (i < 0)
319 {
320 fprintf(stderr,"X509_CRL_free, bad reference count\n");
321 abort();
322 }
323#endif
324
325 X509_CRL_INFO_free(a->crl);
326 X509_ALGOR_free(a->sig_alg);
327 M_ASN1_BIT_STRING_free(a->signature);
328 OPENSSL_free(a);
329 }
330
331static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
332 const X509_REVOKED * const *b)
333 {
334 return(ASN1_STRING_cmp(
335 (ASN1_STRING *)(*a)->serialNumber,
336 (ASN1_STRING *)(*b)->serialNumber));
337 }
338
339static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
340 const X509_REVOKED * const *b)
341 {
342 return((*a)->sequence-(*b)->sequence);
343 }
344
345IMPLEMENT_STACK_OF(X509_REVOKED)
346IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
347IMPLEMENT_STACK_OF(X509_CRL)
348IMPLEMENT_ASN1_SET_OF(X509_CRL)
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c
deleted file mode 100644
index fbfd963b40..0000000000
--- a/src/lib/libcrypto/asn1/x_exten.c
+++ /dev/null
@@ -1,139 +0,0 @@
1/* crypto/asn1/x_exten.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/objects.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64
65int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **pp)
66 {
67 int k=0;
68 int r=0,ret=0;
69 unsigned char **p=NULL;
70
71 if (a == NULL) return(0);
72
73 p=NULL;
74 for (;;)
75 {
76 if (k)
77 {
78 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
79 if (pp == NULL) return(r);
80 p=pp;
81 ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
82 V_ASN1_UNIVERSAL);
83 }
84
85 ret+=i2d_ASN1_OBJECT(a->object,p);
86 if ((a->critical) || a->netscape_hack)
87 ret+=i2d_ASN1_BOOLEAN(a->critical,p);
88 ret+=i2d_ASN1_OCTET_STRING(a->value,p);
89 if (k++) return(r);
90 }
91 }
92
93X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, unsigned char **pp,
94 long length)
95 {
96 int i;
97 M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
98
99 M_ASN1_D2I_Init();
100 M_ASN1_D2I_start_sequence();
101 M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
102
103 ret->netscape_hack=0;
104 if ((c.slen != 0) &&
105 (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
106 {
107 c.q=c.p;
108 if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
109 ret->critical=i;
110 c.slen-=(c.p-c.q);
111 if (ret->critical == 0) ret->netscape_hack=1;
112 }
113 M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
114
115 M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
116 }
117
118X509_EXTENSION *X509_EXTENSION_new(void)
119 {
120 X509_EXTENSION *ret=NULL;
121 ASN1_CTX c;
122
123 M_ASN1_New_Malloc(ret,X509_EXTENSION);
124 ret->object=OBJ_nid2obj(NID_undef);
125 M_ASN1_New(ret->value,M_ASN1_OCTET_STRING_new);
126 ret->critical=0;
127 ret->netscape_hack=0;
128 return(ret);
129 M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
130 }
131
132void X509_EXTENSION_free(X509_EXTENSION *a)
133 {
134 if (a == NULL) return;
135 ASN1_OBJECT_free(a->object);
136 M_ASN1_OCTET_STRING_free(a->value);
137 OPENSSL_free(a);
138 }
139
diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c
deleted file mode 100644
index 5e62fc2f6f..0000000000
--- a/src/lib/libcrypto/asn1/x_info.c
+++ /dev/null
@@ -1,114 +0,0 @@
1/* crypto/asn1/x_info.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64
65X509_INFO *X509_INFO_new(void)
66 {
67 X509_INFO *ret=NULL;
68
69 ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO));
70 if (ret == NULL)
71 {
72 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
73 return(NULL);
74 }
75
76 ret->enc_cipher.cipher=NULL;
77 ret->enc_len=0;
78 ret->enc_data=NULL;
79
80 ret->references=1;
81 ret->x509=NULL;
82 ret->crl=NULL;
83 ret->x_pkey=NULL;
84 return(ret);
85 }
86
87void X509_INFO_free(X509_INFO *x)
88 {
89 int i;
90
91 if (x == NULL) return;
92
93 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
94#ifdef REF_PRINT
95 REF_PRINT("X509_INFO",x);
96#endif
97 if (i > 0) return;
98#ifdef REF_CHECK
99 if (i < 0)
100 {
101 fprintf(stderr,"X509_INFO_free, bad reference count\n");
102 abort();
103 }
104#endif
105
106 if (x->x509 != NULL) X509_free(x->x509);
107 if (x->crl != NULL) X509_CRL_free(x->crl);
108 if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
109 if (x->enc_data != NULL) OPENSSL_free(x->enc_data);
110 OPENSSL_free(x);
111 }
112
113IMPLEMENT_STACK_OF(X509_INFO)
114
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
deleted file mode 100644
index 1885d699ef..0000000000
--- a/src/lib/libcrypto/asn1/x_name.c
+++ /dev/null
@@ -1,281 +0,0 @@
1/* crypto/asn1/x_name.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/objects.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64
65static int i2d_X509_NAME_entries(X509_NAME *a);
66int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **pp)
67 {
68 M_ASN1_I2D_vars(a);
69
70 M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
71 M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
72
73 M_ASN1_I2D_seq_total();
74
75 M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
76 M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
77
78 M_ASN1_I2D_finish();
79 }
80
81X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, unsigned char **pp,
82 long length)
83 {
84 M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
85
86 M_ASN1_D2I_Init();
87 M_ASN1_D2I_start_sequence();
88 M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
89 M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
90 ret->set=0;
91 M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
92 }
93
94int i2d_X509_NAME(X509_NAME *a, unsigned char **pp)
95 {
96 int ret;
97
98 if (a == NULL) return(0);
99 if (a->modified)
100 {
101 ret=i2d_X509_NAME_entries(a);
102 if (ret < 0) return(ret);
103 }
104
105 ret=a->bytes->length;
106 if (pp != NULL)
107 {
108 memcpy(*pp,a->bytes->data,ret);
109 *pp+=ret;
110 }
111 return(ret);
112 }
113
114static int i2d_X509_NAME_entries(X509_NAME *a)
115 {
116 X509_NAME_ENTRY *ne,*fe=NULL;
117 STACK_OF(X509_NAME_ENTRY) *sk;
118 BUF_MEM *buf=NULL;
119 int set=0,r,ret=0;
120 int i;
121 unsigned char *p;
122 int size=0;
123
124 sk=a->entries;
125 for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
126 {
127 ne=sk_X509_NAME_ENTRY_value(sk,i);
128 if (fe == NULL)
129 {
130 fe=ne;
131 size=0;
132 }
133
134 if (ne->set != set)
135 {
136 ret+=ASN1_object_size(1,size,V_ASN1_SET);
137 fe->size=size;
138 fe=ne;
139 size=0;
140 set=ne->set;
141 }
142 size+=i2d_X509_NAME_ENTRY(ne,NULL);
143 }
144 if (fe != NULL)
145 {
146 /* SET OF needed only if entries is non empty */
147 ret+=ASN1_object_size(1,size,V_ASN1_SET);
148 fe->size=size;
149 }
150
151 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
152
153 buf=a->bytes;
154 if (!BUF_MEM_grow(buf,r)) goto err;
155 p=(unsigned char *)buf->data;
156
157 ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
158
159 set= -1;
160 for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
161 {
162 ne=sk_X509_NAME_ENTRY_value(sk,i);
163 if (set != ne->set)
164 {
165 set=ne->set;
166 ASN1_put_object(&p,1,ne->size,
167 V_ASN1_SET,V_ASN1_UNIVERSAL);
168 }
169 i2d_X509_NAME_ENTRY(ne,&p);
170 }
171 a->modified=0;
172 return(r);
173err:
174 return(-1);
175 }
176
177X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length)
178 {
179 int set=0,i;
180 int idx=0;
181 unsigned char *orig;
182 M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
183
184 orig= *pp;
185 if (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
186 {
187 while (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
188 X509_NAME_ENTRY_free(
189 sk_X509_NAME_ENTRY_pop(ret->entries));
190 }
191
192 M_ASN1_D2I_Init();
193 M_ASN1_D2I_start_sequence();
194 for (;;)
195 {
196 if (M_ASN1_D2I_end_sequence()) break;
197 M_ASN1_D2I_get_set_type(X509_NAME_ENTRY,ret->entries,
198 d2i_X509_NAME_ENTRY,
199 X509_NAME_ENTRY_free);
200 for (; idx < sk_X509_NAME_ENTRY_num(ret->entries); idx++)
201 {
202 sk_X509_NAME_ENTRY_value(ret->entries,idx)->set=set;
203 }
204 set++;
205 }
206
207 i=(int)(c.p-orig);
208 if (!BUF_MEM_grow(ret->bytes,i)) goto err;
209 memcpy(ret->bytes->data,orig,i);
210 ret->bytes->length=i;
211 ret->modified=0;
212
213 M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
214 }
215
216X509_NAME *X509_NAME_new(void)
217 {
218 X509_NAME *ret=NULL;
219 ASN1_CTX c;
220
221 M_ASN1_New_Malloc(ret,X509_NAME);
222 if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
223 { c.line=__LINE__; goto err2; }
224 M_ASN1_New(ret->bytes,BUF_MEM_new);
225 ret->modified=1;
226 return(ret);
227 M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
228 }
229
230X509_NAME_ENTRY *X509_NAME_ENTRY_new(void)
231 {
232 X509_NAME_ENTRY *ret=NULL;
233 ASN1_CTX c;
234
235 M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
236/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
237 ret->object=NULL;
238 ret->set=0;
239 M_ASN1_New(ret->value,ASN1_STRING_new);
240 return(ret);
241 M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
242 }
243
244void X509_NAME_free(X509_NAME *a)
245 {
246 if(a == NULL)
247 return;
248
249 BUF_MEM_free(a->bytes);
250 sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
251 OPENSSL_free(a);
252 }
253
254void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a)
255 {
256 if (a == NULL) return;
257 ASN1_OBJECT_free(a->object);
258 M_ASN1_BIT_STRING_free(a->value);
259 OPENSSL_free(a);
260 }
261
262int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
263 {
264 X509_NAME *in;
265
266 if (*xn == NULL) return(0);
267
268 if (*xn != name)
269 {
270 in=X509_NAME_dup(name);
271 if (in != NULL)
272 {
273 X509_NAME_free(*xn);
274 *xn=in;
275 }
276 }
277 return(*xn != NULL);
278 }
279
280IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
281IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
deleted file mode 100644
index f1c6221ac3..0000000000
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ /dev/null
@@ -1,151 +0,0 @@
1/* crypto/asn1/x_pkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509.h>
65
66/* need to implement */
67int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
68 {
69 return(0);
70 }
71
72X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length)
73 {
74 int i;
75 M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
76
77 M_ASN1_D2I_Init();
78 M_ASN1_D2I_start_sequence();
79 M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
80 M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
81
82 ret->cipher.cipher=EVP_get_cipherbyname(
83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
84 if (ret->cipher.cipher == NULL)
85 {
86 c.error=ASN1_R_UNSUPPORTED_CIPHER;
87 c.line=__LINE__;
88 goto err;
89 }
90 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING)
91 {
92 i=ret->enc_algor->parameter->value.octet_string->length;
93 if (i > EVP_MAX_IV_LENGTH)
94 {
95 c.error=ASN1_R_IV_TOO_LARGE;
96 c.line=__LINE__;
97 goto err;
98 }
99 memcpy(ret->cipher.iv,
100 ret->enc_algor->parameter->value.octet_string->data,i);
101 }
102 else
103 memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
104 M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
105 }
106
107X509_PKEY *X509_PKEY_new(void)
108 {
109 X509_PKEY *ret=NULL;
110 ASN1_CTX c;
111
112 M_ASN1_New_Malloc(ret,X509_PKEY);
113 ret->version=0;
114 M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
115 M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new);
116 ret->dec_pkey=NULL;
117 ret->key_length=0;
118 ret->key_data=NULL;
119 ret->key_free=0;
120 ret->cipher.cipher=NULL;
121 memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
122 ret->references=1;
123 return(ret);
124 M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
125 }
126
127void X509_PKEY_free(X509_PKEY *x)
128 {
129 int i;
130
131 if (x == NULL) return;
132
133 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
134#ifdef REF_PRINT
135 REF_PRINT("X509_PKEY",x);
136#endif
137 if (i > 0) return;
138#ifdef REF_CHECK
139 if (i < 0)
140 {
141 fprintf(stderr,"X509_PKEY_free, bad reference count\n");
142 abort();
143 }
144#endif
145
146 if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
147 if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey);
148 if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
149 if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data);
150 OPENSSL_free(x);
151 }
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
deleted file mode 100644
index 4397a404b5..0000000000
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ /dev/null
@@ -1,366 +0,0 @@
1/* crypto/asn1/x_pubkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **pp)
65 {
66 M_ASN1_I2D_vars(a);
67
68 M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
69 M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING);
70
71 M_ASN1_I2D_seq_total();
72
73 M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
74 M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING);
75
76 M_ASN1_I2D_finish();
77 }
78
79X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, unsigned char **pp,
80 long length)
81 {
82 M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
83
84 M_ASN1_D2I_Init();
85 M_ASN1_D2I_start_sequence();
86 M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
87 M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
88 if (ret->pkey != NULL)
89 {
90 EVP_PKEY_free(ret->pkey);
91 ret->pkey=NULL;
92 }
93 M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
94 }
95
96X509_PUBKEY *X509_PUBKEY_new(void)
97 {
98 X509_PUBKEY *ret=NULL;
99 ASN1_CTX c;
100
101 M_ASN1_New_Malloc(ret,X509_PUBKEY);
102 M_ASN1_New(ret->algor,X509_ALGOR_new);
103 M_ASN1_New(ret->public_key,M_ASN1_BIT_STRING_new);
104 ret->pkey=NULL;
105 return(ret);
106 M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
107 }
108
109void X509_PUBKEY_free(X509_PUBKEY *a)
110 {
111 if (a == NULL) return;
112 X509_ALGOR_free(a->algor);
113 M_ASN1_BIT_STRING_free(a->public_key);
114 if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
115 OPENSSL_free(a);
116 }
117
118int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
119 {
120 int ok=0;
121 X509_PUBKEY *pk;
122 X509_ALGOR *a;
123 ASN1_OBJECT *o;
124 unsigned char *s,*p;
125 int i;
126
127 if (x == NULL) return(0);
128
129 if ((pk=X509_PUBKEY_new()) == NULL) goto err;
130 a=pk->algor;
131
132 /* set the algorithm id */
133 if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
134 ASN1_OBJECT_free(a->algorithm);
135 a->algorithm=o;
136
137 /* Set the parameter list */
138 if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
139 {
140 if ((a->parameter == NULL) ||
141 (a->parameter->type != V_ASN1_NULL))
142 {
143 ASN1_TYPE_free(a->parameter);
144 a->parameter=ASN1_TYPE_new();
145 a->parameter->type=V_ASN1_NULL;
146 }
147 }
148 else
149#ifndef NO_DSA
150 if (pkey->type == EVP_PKEY_DSA)
151 {
152 unsigned char *pp;
153 DSA *dsa;
154
155 dsa=pkey->pkey.dsa;
156 dsa->write_params=0;
157 ASN1_TYPE_free(a->parameter);
158 i=i2d_DSAparams(dsa,NULL);
159 p=(unsigned char *)OPENSSL_malloc(i);
160 pp=p;
161 i2d_DSAparams(dsa,&pp);
162 a->parameter=ASN1_TYPE_new();
163 a->parameter->type=V_ASN1_SEQUENCE;
164 a->parameter->value.sequence=ASN1_STRING_new();
165 ASN1_STRING_set(a->parameter->value.sequence,p,i);
166 OPENSSL_free(p);
167 }
168 else
169#endif
170 {
171 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
172 goto err;
173 }
174
175 if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
176 if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err;
177 p=s;
178 i2d_PublicKey(pkey,&p);
179 if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
180 /* Set number of unused bits to zero */
181 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
182 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
183
184 OPENSSL_free(s);
185
186#if 0
187 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
188 pk->pkey=pkey;
189#endif
190
191 if (*x != NULL)
192 X509_PUBKEY_free(*x);
193
194 *x=pk;
195 pk=NULL;
196
197 ok=1;
198err:
199 if (pk != NULL) X509_PUBKEY_free(pk);
200 return(ok);
201 }
202
203EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
204 {
205 EVP_PKEY *ret=NULL;
206 long j;
207 int type;
208 unsigned char *p;
209#ifndef NO_DSA
210 X509_ALGOR *a;
211#endif
212
213 if (key == NULL) goto err;
214
215 if (key->pkey != NULL)
216 {
217 CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
218 return(key->pkey);
219 }
220
221 if (key->public_key == NULL) goto err;
222
223 type=OBJ_obj2nid(key->algor->algorithm);
224 p=key->public_key->data;
225 j=key->public_key->length;
226 if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
227 {
228 X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
229 goto err;
230 }
231 ret->save_parameters=0;
232
233#ifndef NO_DSA
234 a=key->algor;
235 if (ret->type == EVP_PKEY_DSA)
236 {
237 if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
238 {
239 ret->pkey.dsa->write_params=0;
240 p=a->parameter->value.sequence->data;
241 j=a->parameter->value.sequence->length;
242 if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j))
243 goto err;
244 }
245 ret->save_parameters=1;
246 }
247#endif
248 key->pkey=ret;
249 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
250 return(ret);
251err:
252 if (ret != NULL)
253 EVP_PKEY_free(ret);
254 return(NULL);
255 }
256
257/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
258 * and encode or decode as X509_PUBKEY
259 */
260
261EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
262 long length)
263{
264 X509_PUBKEY *xpk;
265 EVP_PKEY *pktmp;
266 xpk = d2i_X509_PUBKEY(NULL, pp, length);
267 if(!xpk) return NULL;
268 pktmp = X509_PUBKEY_get(xpk);
269 X509_PUBKEY_free(xpk);
270 if(!pktmp) return NULL;
271 if(a) {
272 EVP_PKEY_free(*a);
273 *a = pktmp;
274 }
275 return pktmp;
276}
277
278int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
279{
280 X509_PUBKEY *xpk=NULL;
281 int ret;
282 if(!a) return 0;
283 if(!X509_PUBKEY_set(&xpk, a)) return 0;
284 ret = i2d_X509_PUBKEY(xpk, pp);
285 X509_PUBKEY_free(xpk);
286 return ret;
287}
288
289/* The following are equivalents but which return RSA and DSA
290 * keys
291 */
292#ifndef NO_RSA
293RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
294 long length)
295{
296 EVP_PKEY *pkey;
297 RSA *key;
298 unsigned char *q;
299 q = *pp;
300 pkey = d2i_PUBKEY(NULL, &q, length);
301 if(!pkey) return NULL;
302 key = EVP_PKEY_get1_RSA(pkey);
303 EVP_PKEY_free(pkey);
304 if(!key) return NULL;
305 *pp = q;
306 if(a) {
307 RSA_free(*a);
308 *a = key;
309 }
310 return key;
311}
312
313int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
314{
315 EVP_PKEY *pktmp;
316 int ret;
317 if(!a) return 0;
318 pktmp = EVP_PKEY_new();
319 if(!pktmp) {
320 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
321 return 0;
322 }
323 EVP_PKEY_set1_RSA(pktmp, a);
324 ret = i2d_PUBKEY(pktmp, pp);
325 EVP_PKEY_free(pktmp);
326 return ret;
327}
328#endif
329
330#ifndef NO_DSA
331DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
332 long length)
333{
334 EVP_PKEY *pkey;
335 DSA *key;
336 unsigned char *q;
337 q = *pp;
338 pkey = d2i_PUBKEY(NULL, &q, length);
339 if(!pkey) return NULL;
340 key = EVP_PKEY_get1_DSA(pkey);
341 EVP_PKEY_free(pkey);
342 if(!key) return NULL;
343 *pp = q;
344 if(a) {
345 DSA_free(*a);
346 *a = key;
347 }
348 return key;
349}
350
351int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
352{
353 EVP_PKEY *pktmp;
354 int ret;
355 if(!a) return 0;
356 pktmp = EVP_PKEY_new();
357 if(!pktmp) {
358 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
359 return 0;
360 }
361 EVP_PKEY_set1_DSA(pktmp, a);
362 ret = i2d_PUBKEY(pktmp, pp);
363 EVP_PKEY_free(pktmp);
364 return ret;
365}
366#endif
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c
deleted file mode 100644
index 6dddd4f653..0000000000
--- a/src/lib/libcrypto/asn1/x_req.c
+++ /dev/null
@@ -1,257 +0,0 @@
1/* crypto/asn1/x_req.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp)
65 {
66 M_ASN1_I2D_vars(a);
67
68 if(a->asn1) {
69 if(pp) {
70 memcpy(*pp, a->asn1, a->length);
71 *pp += a->length;
72 }
73 return a->length;
74 }
75
76 M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
77 M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
78 M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
79
80 /* this is a *nasty* hack reported to be required to
81 * allow some CA Software to accept the cert request.
82 * It is not following the PKCS standards ...
83 * PKCS#10 pg 5
84 * attributes [0] IMPLICIT Attributes
85 * NOTE: no OPTIONAL ... so it *must* be there
86 */
87 if (a->req_kludge)
88 {
89 M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0);
90 }
91 else
92 {
93 M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
94 i2d_X509_ATTRIBUTE,0);
95 }
96
97 M_ASN1_I2D_seq_total();
98 M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
99 M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
100 M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
101
102 /* this is a *nasty* hack reported to be required by some CA's.
103 * It is not following the PKCS standards ...
104 * PKCS#10 pg 5
105 * attributes [0] IMPLICIT Attributes
106 * NOTE: no OPTIONAL ... so it *must* be there
107 */
108 if (a->req_kludge)
109 {
110 M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,
111 i2d_X509_ATTRIBUTE,0);
112 }
113 else
114 {
115 M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
116 i2d_X509_ATTRIBUTE,0);
117 }
118
119 M_ASN1_I2D_finish();
120 }
121
122X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp,
123 long length)
124 {
125 M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
126
127 M_ASN1_D2I_Init();
128 M_ASN1_D2I_start_sequence();
129 M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
130 M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
131 M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
132
133 /* this is a *nasty* hack to allow for some CA's that
134 * have been reported as requiring it.
135 * It is not following the PKCS standards ...
136 * PKCS#10 pg 5
137 * attributes [0] IMPLICIT Attributes
138 * NOTE: no OPTIONAL ... so it *must* be there
139 */
140 if (asn1_Finish(&c))
141 ret->req_kludge=1;
142 else
143 {
144 M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes,
145 d2i_X509_ATTRIBUTE,
146 X509_ATTRIBUTE_free,0);
147 }
148
149 M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
150 }
151
152X509_REQ_INFO *X509_REQ_INFO_new(void)
153 {
154 X509_REQ_INFO *ret=NULL;
155 ASN1_CTX c;
156
157 M_ASN1_New_Malloc(ret,X509_REQ_INFO);
158 M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
159 M_ASN1_New(ret->subject,X509_NAME_new);
160 M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
161 M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null);
162 ret->req_kludge=0;
163 ret->asn1 = NULL;
164 return(ret);
165 M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
166 }
167
168void X509_REQ_INFO_free(X509_REQ_INFO *a)
169 {
170 if (a == NULL) return;
171 if(a->asn1) OPENSSL_free(a->asn1);
172 M_ASN1_INTEGER_free(a->version);
173 X509_NAME_free(a->subject);
174 X509_PUBKEY_free(a->pubkey);
175 sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free);
176 OPENSSL_free(a);
177 }
178
179int i2d_X509_REQ(X509_REQ *a, unsigned char **pp)
180 {
181 M_ASN1_I2D_vars(a);
182 M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO);
183 M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
184 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
185
186 M_ASN1_I2D_seq_total();
187
188 M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO);
189 M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
190 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
191
192 M_ASN1_I2D_finish();
193 }
194
195X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length)
196 {
197 M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
198
199 M_ASN1_D2I_Init();
200 M_ASN1_D2I_start_sequence();
201 M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
202
203 /* Keep a copy of the original encoding for signature checking */
204 ret->req_info->length = c.p - c.q;
205 if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) {
206 c.line=__LINE__;
207 c.error = ERR_R_MALLOC_FAILURE;
208 goto err;
209 }
210
211 memcpy(ret->req_info->asn1, c.q, ret->req_info->length);
212
213 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
214 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
215 M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
216 }
217
218X509_REQ *X509_REQ_new(void)
219 {
220 X509_REQ *ret=NULL;
221 ASN1_CTX c;
222
223 M_ASN1_New_Malloc(ret,X509_REQ);
224 ret->references=1;
225 M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
226 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
227 M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
228 return(ret);
229 M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
230 }
231
232void X509_REQ_free(X509_REQ *a)
233 {
234 int i;
235
236 if (a == NULL) return;
237
238 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
239#ifdef REF_PRINT
240 REF_PRINT("X509_REQ",a);
241#endif
242 if (i > 0) return;
243#ifdef REF_CHECK
244 if (i < 0)
245 {
246 fprintf(stderr,"X509_REQ_free, bad reference count\n");
247 abort();
248 }
249#endif
250
251 X509_REQ_INFO_free(a->req_info);
252 X509_ALGOR_free(a->sig_alg);
253 M_ASN1_BIT_STRING_free(a->signature);
254 OPENSSL_free(a);
255 }
256
257
diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c
deleted file mode 100644
index d79f147647..0000000000
--- a/src/lib/libcrypto/asn1/x_sig.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* crypto/asn1/x_sig.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_X509_SIG(X509_SIG *a, unsigned char **pp)
65 {
66 M_ASN1_I2D_vars(a);
67
68 M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
69 M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
70
71 M_ASN1_I2D_seq_total();
72
73 M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
74 M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
75
76 M_ASN1_I2D_finish();
77 }
78
79X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length)
80 {
81 M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
82
83 M_ASN1_D2I_Init();
84 M_ASN1_D2I_start_sequence();
85 M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
86 M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
87 M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
88 }
89
90X509_SIG *X509_SIG_new(void)
91 {
92 X509_SIG *ret=NULL;
93 ASN1_CTX c;
94
95 M_ASN1_New_Malloc(ret,X509_SIG);
96 M_ASN1_New(ret->algor,X509_ALGOR_new);
97 M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
98 return(ret);
99 M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
100 }
101
102void X509_SIG_free(X509_SIG *a)
103 {
104 if (a == NULL) return;
105 X509_ALGOR_free(a->algor);
106 M_ASN1_OCTET_STRING_free(a->digest);
107 OPENSSL_free(a);
108 }
109
110
diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c
deleted file mode 100644
index 4f01888f7d..0000000000
--- a/src/lib/libcrypto/asn1/x_spki.c
+++ /dev/null
@@ -1,166 +0,0 @@
1/* crypto/asn1/x_spki.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 /* This module was send to me my Pat Richards <patr@x509.com> who
60 * wrote it. It is under my Copyright with his permission
61 */
62
63#include <stdio.h>
64#include "cryptlib.h"
65#include <openssl/x509.h>
66#include <openssl/asn1_mac.h>
67
68int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **pp)
69 {
70 M_ASN1_I2D_vars(a);
71
72 M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
73 M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING);
74
75 M_ASN1_I2D_seq_total();
76
77 M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
78 M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING);
79
80 M_ASN1_I2D_finish();
81 }
82
83NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, unsigned char **pp,
84 long length)
85 {
86 M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
87
88 M_ASN1_D2I_Init();
89 M_ASN1_D2I_start_sequence();
90 M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
91 M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
92 M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
93 }
94
95NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void)
96 {
97 NETSCAPE_SPKAC *ret=NULL;
98 ASN1_CTX c;
99
100 M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
101 M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
102 M_ASN1_New(ret->challenge,M_ASN1_IA5STRING_new);
103 return(ret);
104 M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
105 }
106
107void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
108 {
109 if (a == NULL) return;
110 X509_PUBKEY_free(a->pubkey);
111 M_ASN1_IA5STRING_free(a->challenge);
112 OPENSSL_free(a);
113 }
114
115int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp)
116 {
117 M_ASN1_I2D_vars(a);
118
119 M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC);
120 M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR);
121 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
122
123 M_ASN1_I2D_seq_total();
124
125 M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC);
126 M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR);
127 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
128
129 M_ASN1_I2D_finish();
130 }
131
132NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, unsigned char **pp,
133 long length)
134 {
135 M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
136
137 M_ASN1_D2I_Init();
138 M_ASN1_D2I_start_sequence();
139 M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
140 M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
141 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
142 M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
143 }
144
145NETSCAPE_SPKI *NETSCAPE_SPKI_new(void)
146 {
147 NETSCAPE_SPKI *ret=NULL;
148 ASN1_CTX c;
149
150 M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
151 M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
152 M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
153 M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
154 return(ret);
155 M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
156 }
157
158void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
159 {
160 if (a == NULL) return;
161 NETSCAPE_SPKAC_free(a->spkac);
162 X509_ALGOR_free(a->sig_algor);
163 M_ASN1_BIT_STRING_free(a->signature);
164 OPENSSL_free(a);
165 }
166
diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c
deleted file mode 100644
index 0f8f020b57..0000000000
--- a/src/lib/libcrypto/asn1/x_val.c
+++ /dev/null
@@ -1,109 +0,0 @@
1/* crypto/asn1/x_val.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1_mac.h>
62#include <openssl/x509.h>
63
64int i2d_X509_VAL(X509_VAL *a, unsigned char **pp)
65 {
66 M_ASN1_I2D_vars(a);
67
68 M_ASN1_I2D_len(a->notBefore,i2d_ASN1_TIME);
69 M_ASN1_I2D_len(a->notAfter,i2d_ASN1_TIME);
70
71 M_ASN1_I2D_seq_total();
72
73 M_ASN1_I2D_put(a->notBefore,i2d_ASN1_TIME);
74 M_ASN1_I2D_put(a->notAfter,i2d_ASN1_TIME);
75
76 M_ASN1_I2D_finish();
77 }
78
79X509_VAL *d2i_X509_VAL(X509_VAL **a, unsigned char **pp, long length)
80 {
81 M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
82
83 M_ASN1_D2I_Init();
84 M_ASN1_D2I_start_sequence();
85 M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_TIME);
86 M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_TIME);
87 M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
88 }
89
90X509_VAL *X509_VAL_new(void)
91 {
92 X509_VAL *ret=NULL;
93 ASN1_CTX c;
94
95 M_ASN1_New_Malloc(ret,X509_VAL);
96 M_ASN1_New(ret->notBefore,M_ASN1_TIME_new);
97 M_ASN1_New(ret->notAfter,M_ASN1_TIME_new);
98 return(ret);
99 M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
100 }
101
102void X509_VAL_free(X509_VAL *a)
103 {
104 if (a == NULL) return;
105 M_ASN1_TIME_free(a->notBefore);
106 M_ASN1_TIME_free(a->notAfter);
107 OPENSSL_free(a);
108 }
109
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
deleted file mode 100644
index 61ba856b17..0000000000
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ /dev/null
@@ -1,216 +0,0 @@
1/* crypto/asn1/x_x509.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64#include <openssl/x509v3.h>
65
66static int x509_meth_num = 0;
67static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
68
69static ASN1_METHOD meth={
70 (int (*)()) i2d_X509,
71 (char *(*)())d2i_X509,
72 (char *(*)())X509_new,
73 (void (*)()) X509_free};
74
75ASN1_METHOD *X509_asn1_meth(void)
76 {
77 return(&meth);
78 }
79
80int i2d_X509(X509 *a, unsigned char **pp)
81 {
82 M_ASN1_I2D_vars(a);
83
84 M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
85 M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
86 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
87
88 M_ASN1_I2D_seq_total();
89
90 M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF);
91 M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
92 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
93
94 M_ASN1_I2D_finish();
95 }
96
97X509 *d2i_X509(X509 **a, unsigned char **pp, long length)
98 {
99 M_ASN1_D2I_vars(a,X509 *,X509_new);
100
101 M_ASN1_D2I_Init();
102 M_ASN1_D2I_start_sequence();
103 M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
104 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
105 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
106 if (ret->name != NULL) OPENSSL_free(ret->name);
107 ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
108
109 M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
110 }
111
112X509 *X509_new(void)
113 {
114 X509 *ret=NULL;
115 ASN1_CTX c;
116
117 M_ASN1_New_Malloc(ret,X509);
118 ret->valid=0;
119 ret->references=1;
120 ret->name = NULL;
121 ret->ex_flags = 0;
122 ret->ex_pathlen = -1;
123 ret->skid = NULL;
124 ret->akid = NULL;
125 ret->aux = NULL;
126 M_ASN1_New(ret->cert_info,X509_CINF_new);
127 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
128 M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
129 CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
130 return(ret);
131 M_ASN1_New_Error(ASN1_F_X509_NEW);
132 }
133
134void X509_free(X509 *a)
135 {
136 int i;
137
138 if (a == NULL) return;
139
140 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
141#ifdef REF_PRINT
142 REF_PRINT("X509",a);
143#endif
144 if (i > 0) return;
145#ifdef REF_CHECK
146 if (i < 0)
147 {
148 fprintf(stderr,"X509_free, bad reference count\n");
149 abort();
150 }
151#endif
152
153 CRYPTO_free_ex_data(x509_meth,a,&a->ex_data);
154 X509_CINF_free(a->cert_info);
155 X509_ALGOR_free(a->sig_alg);
156 M_ASN1_BIT_STRING_free(a->signature);
157 X509_CERT_AUX_free(a->aux);
158 ASN1_OCTET_STRING_free(a->skid);
159 AUTHORITY_KEYID_free(a->akid);
160
161 if (a->name != NULL) OPENSSL_free(a->name);
162 OPENSSL_free(a);
163 }
164
165int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
166 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
167 {
168 x509_meth_num++;
169 return(CRYPTO_get_ex_new_index(x509_meth_num-1,
170 &x509_meth,argl,argp,new_func,dup_func,free_func));
171 }
172
173int X509_set_ex_data(X509 *r, int idx, void *arg)
174 {
175 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
176 }
177
178void *X509_get_ex_data(X509 *r, int idx)
179 {
180 return(CRYPTO_get_ex_data(&r->ex_data,idx));
181 }
182
183/* X509_AUX ASN1 routines. X509_AUX is the name given to
184 * a certificate with extra info tagged on the end. Since these
185 * functions set how a certificate is trusted they should only
186 * be used when the certificate comes from a reliable source
187 * such as local storage.
188 *
189 */
190
191X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
192{
193 unsigned char *q;
194 X509 *ret;
195 /* Save start position */
196 q = *pp;
197 ret = d2i_X509(a, pp, length);
198 /* If certificate unreadable then forget it */
199 if(!ret) return NULL;
200 /* update length */
201 length -= *pp - q;
202 if(!length) return ret;
203 if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
204 return ret;
205 err:
206 X509_free(ret);
207 return NULL;
208}
209
210int i2d_X509_AUX(X509 *a, unsigned char **pp)
211{
212 int length;
213 length = i2d_X509(a, pp);
214 if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
215 return length;
216}
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
deleted file mode 100644
index ebcce87bf2..0000000000
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ /dev/null
@@ -1,208 +0,0 @@
1/* a_x509a.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509.h>
64
65/* X509_CERT_AUX routines. These are used to encode additional
66 * user modifiable data about a certificate. This data is
67 * appended to the X509 encoding when the *_X509_AUX routines
68 * are used. This means that the "traditional" X509 routines
69 * will simply ignore the extra data.
70 */
71
72static X509_CERT_AUX *aux_get(X509 *x);
73
74X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length)
75{
76 M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new);
77
78 M_ASN1_D2I_Init();
79 M_ASN1_D2I_start_sequence();
80
81 M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust,
82 d2i_ASN1_OBJECT, ASN1_OBJECT_free);
83 M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject,
84 d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0);
85 M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING);
86 M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
87 M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other,
88 d2i_X509_ALGOR, X509_ALGOR_free, 1);
89
90 M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX);
91}
92
93X509_CERT_AUX *X509_CERT_AUX_new()
94{
95 X509_CERT_AUX *ret = NULL;
96 ASN1_CTX c;
97 M_ASN1_New_Malloc(ret, X509_CERT_AUX);
98 ret->trust = NULL;
99 ret->reject = NULL;
100 ret->alias = NULL;
101 ret->keyid = NULL;
102 ret->other = NULL;
103 return(ret);
104 M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW);
105}
106
107void X509_CERT_AUX_free(X509_CERT_AUX *a)
108{
109 if(a == NULL) return;
110 sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free);
111 sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free);
112 ASN1_UTF8STRING_free(a->alias);
113 ASN1_OCTET_STRING_free(a->keyid);
114 sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free);
115 OPENSSL_free(a);
116}
117
118int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp)
119{
120 M_ASN1_I2D_vars(a);
121
122 M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
123 M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
124
125 M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING);
126 M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING);
127 M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
128
129 M_ASN1_I2D_seq_total();
130
131 M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
132 M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
133
134 M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING);
135 M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING);
136 M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
137
138 M_ASN1_I2D_finish();
139}
140
141static X509_CERT_AUX *aux_get(X509 *x)
142{
143 if(!x) return NULL;
144 if(!x->aux && !(x->aux = X509_CERT_AUX_new())) return NULL;
145 return x->aux;
146}
147
148int X509_alias_set1(X509 *x, unsigned char *name, int len)
149{
150 X509_CERT_AUX *aux;
151 if(!(aux = aux_get(x))) return 0;
152 if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0;
153 return ASN1_STRING_set(aux->alias, name, len);
154}
155
156int X509_keyid_set1(X509 *x, unsigned char *id, int len)
157{
158 X509_CERT_AUX *aux;
159 if(!(aux = aux_get(x))) return 0;
160 if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
161 return ASN1_STRING_set(aux->keyid, id, len);
162}
163
164unsigned char *X509_alias_get0(X509 *x, int *len)
165{
166 if(!x->aux || !x->aux->alias) return NULL;
167 if(len) *len = x->aux->alias->length;
168 return x->aux->alias->data;
169}
170
171int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
172{
173 X509_CERT_AUX *aux;
174 ASN1_OBJECT *objtmp;
175 if(!(objtmp = OBJ_dup(obj))) return 0;
176 if(!(aux = aux_get(x))) return 0;
177 if(!aux->trust
178 && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;
179 return sk_ASN1_OBJECT_push(aux->trust, objtmp);
180}
181
182int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
183{
184 X509_CERT_AUX *aux;
185 ASN1_OBJECT *objtmp;
186 if(!(objtmp = OBJ_dup(obj))) return 0;
187 if(!(aux = aux_get(x))) return 0;
188 if(!aux->reject
189 && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0;
190 return sk_ASN1_OBJECT_push(aux->reject, objtmp);
191}
192
193void X509_trust_clear(X509 *x)
194{
195 if(x->aux && x->aux->trust) {
196 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
197 x->aux->trust = NULL;
198 }
199}
200
201void X509_reject_clear(X509 *x)
202{
203 if(x->aux && x->aux->reject) {
204 sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
205 x->aux->reject = NULL;
206 }
207}
208
diff --git a/src/lib/libcrypto/bf/COPYRIGHT b/src/lib/libcrypto/bf/COPYRIGHT
deleted file mode 100644
index 6857223506..0000000000
--- a/src/lib/libcrypto/bf/COPYRIGHT
+++ /dev/null
@@ -1,46 +0,0 @@
1Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
2All rights reserved.
3
4This package is an Blowfish implementation written
5by Eric Young (eay@cryptsoft.com).
6
7This library is free for commercial and non-commercial use as long as
8the following conditions are aheared to. The following conditions
9apply to all code found in this distribution.
10
11Copyright remains Eric Young's, and as such any Copyright notices in
12the code are not to be removed.
13
14Redistribution and use in source and binary forms, with or without
15modification, are permitted provided that the following conditions
16are met:
171. Redistributions of source code must retain the copyright
18 notice, this list of conditions and the following disclaimer.
192. Redistributions in binary form must reproduce the above copyright
20 notice, this list of conditions and the following disclaimer in the
21 documentation and/or other materials provided with the distribution.
223. All advertising materials mentioning features or use of this software
23 must display the following acknowledgement:
24 This product includes software developed by Eric Young (eay@cryptsoft.com)
25
26THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
27ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36SUCH DAMAGE.
37
38The license and distribution terms for any publically available version or
39derivative of this code cannot be changed. i.e. this code cannot simply be
40copied and put under another distrubution license
41[including the GNU Public License.]
42
43The reason behind this being stated in this direct manner is past
44experience in code simply being copied and the attribution removed
45from it and then being distributed as part of other packages. This
46implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libcrypto/bf/INSTALL b/src/lib/libcrypto/bf/INSTALL
deleted file mode 100644
index 3b25923532..0000000000
--- a/src/lib/libcrypto/bf/INSTALL
+++ /dev/null
@@ -1,14 +0,0 @@
1This Eric Young's blowfish implementation, taken from his SSLeay library
2and made available as a separate library.
3
4The version number (0.7.2m) is the SSLeay version that this library was
5taken from.
6
7To build, just unpack and type make.
8If you are not using gcc, edit the Makefile.
9If you are compiling for an x86 box, try the assembler (it needs improving).
10There are also some compile time options that can improve performance,
11these are documented in the Makefile.
12
13eric 15-Apr-1997
14
diff --git a/src/lib/libcrypto/bf/README b/src/lib/libcrypto/bf/README
deleted file mode 100644
index f2712fd0e7..0000000000
--- a/src/lib/libcrypto/bf/README
+++ /dev/null
@@ -1,8 +0,0 @@
1This is a quick packaging up of my blowfish code into a library.
2It has been lifted from SSLeay.
3The copyright notices seem a little harsh because I have not spent the
4time to rewrite the conditions from the normal SSLeay ones.
5
6Basically if you just want to play with the library, not a problem.
7
8eric 15-Apr-1997
diff --git a/src/lib/libcrypto/bf/VERSION b/src/lib/libcrypto/bf/VERSION
deleted file mode 100644
index be995855e4..0000000000
--- a/src/lib/libcrypto/bf/VERSION
+++ /dev/null
@@ -1,6 +0,0 @@
1The version numbers will follow my SSL implementation
2
30.7.2r - Some reasonable default compiler options from
4 Peter Gutman <pgut001@cs.auckland.ac.nz>
5
60.7.2m - the first release
diff --git a/src/lib/libcrypto/bf/asm/bf-586.pl b/src/lib/libcrypto/bf/asm/bf-586.pl
deleted file mode 100644
index b556642c94..0000000000
--- a/src/lib/libcrypto/bf/asm/bf-586.pl
+++ /dev/null
@@ -1,136 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5require "cbc.pl";
6
7&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386");
8
9$BF_ROUNDS=16;
10$BF_OFF=($BF_ROUNDS+2)*4;
11$L="edi";
12$R="esi";
13$P="ebp";
14$tmp1="eax";
15$tmp2="ebx";
16$tmp3="ecx";
17$tmp4="edx";
18
19&BF_encrypt("BF_encrypt",1);
20&BF_encrypt("BF_decrypt",0);
21&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
22&asm_finish();
23
24sub BF_encrypt
25 {
26 local($name,$enc)=@_;
27
28 &function_begin_B($name,"");
29
30 &comment("");
31
32 &push("ebp");
33 &push("ebx");
34 &mov($tmp2,&wparam(0));
35 &mov($P,&wparam(1));
36 &push("esi");
37 &push("edi");
38
39 &comment("Load the 2 words");
40 &mov($L,&DWP(0,$tmp2,"",0));
41 &mov($R,&DWP(4,$tmp2,"",0));
42
43 &xor( $tmp1, $tmp1);
44
45 # encrypting part
46
47 if ($enc)
48 {
49 &mov($tmp2,&DWP(0,$P,"",0));
50 &xor( $tmp3, $tmp3);
51
52 &xor($L,$tmp2);
53 for ($i=0; $i<$BF_ROUNDS; $i+=2)
54 {
55 &comment("");
56 &comment("Round $i");
57 &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
58
59 &comment("");
60 &comment("Round ".sprintf("%d",$i+1));
61 &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
62 }
63 # &mov($tmp1,&wparam(0)); In last loop
64 &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
65 }
66 else
67 {
68 &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
69 &xor( $tmp3, $tmp3);
70
71 &xor($L,$tmp2);
72 for ($i=$BF_ROUNDS; $i>0; $i-=2)
73 {
74 &comment("");
75 &comment("Round $i");
76 &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
77 &comment("");
78 &comment("Round ".sprintf("%d",$i-1));
79 &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
80 }
81 # &mov($tmp1,&wparam(0)); In last loop
82 &mov($tmp4,&DWP(0,$P,"",0));
83 }
84
85 &xor($R,$tmp4);
86 &mov(&DWP(4,$tmp1,"",0),$L);
87
88 &mov(&DWP(0,$tmp1,"",0),$R);
89 &function_end($name);
90 }
91
92sub BF_ENCRYPT
93 {
94 local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
95
96 &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round
97
98 &mov( $tmp2, $R);
99 &xor( $L, $tmp4);
100
101 &shr( $tmp2, 16);
102 &mov( $tmp4, $R);
103
104 &movb( &LB($tmp1), &HB($tmp2)); # A
105 &and( $tmp2, 0xff); # B
106
107 &movb( &LB($tmp3), &HB($tmp4)); # C
108 &and( $tmp4, 0xff); # D
109
110 &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
111 &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
112
113 &add( $tmp2, $tmp1);
114 &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
115
116 &xor( $tmp2, $tmp1);
117 &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
118
119 &add( $tmp2, $tmp4);
120 if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
121 { &xor( $tmp1, $tmp1); }
122 else
123 {
124 &comment("Load parameter 0 ($i) enc=$enc");
125 &mov($tmp1,&wparam(0));
126 } # In last loop
127
128 &xor( $L, $tmp2);
129 # delay
130 }
131
132sub n2a
133 {
134 sprintf("%d",$_[0]);
135 }
136
diff --git a/src/lib/libcrypto/bf/bf_cbc.c b/src/lib/libcrypto/bf/bf_cbc.c
deleted file mode 100644
index f949629dc6..0000000000
--- a/src/lib/libcrypto/bf/bf_cbc.c
+++ /dev/null
@@ -1,143 +0,0 @@
1/* crypto/bf/bf_cbc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/blowfish.h>
60#include "bf_locl.h"
61
62void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
63 const BF_KEY *schedule, unsigned char *ivec, int encrypt)
64 {
65 register BF_LONG tin0,tin1;
66 register BF_LONG tout0,tout1,xor0,xor1;
67 register long l=length;
68 BF_LONG tin[2];
69
70 if (encrypt)
71 {
72 n2l(ivec,tout0);
73 n2l(ivec,tout1);
74 ivec-=8;
75 for (l-=8; l>=0; l-=8)
76 {
77 n2l(in,tin0);
78 n2l(in,tin1);
79 tin0^=tout0;
80 tin1^=tout1;
81 tin[0]=tin0;
82 tin[1]=tin1;
83 BF_encrypt(tin,schedule);
84 tout0=tin[0];
85 tout1=tin[1];
86 l2n(tout0,out);
87 l2n(tout1,out);
88 }
89 if (l != -8)
90 {
91 n2ln(in,tin0,tin1,l+8);
92 tin0^=tout0;
93 tin1^=tout1;
94 tin[0]=tin0;
95 tin[1]=tin1;
96 BF_encrypt(tin,schedule);
97 tout0=tin[0];
98 tout1=tin[1];
99 l2n(tout0,out);
100 l2n(tout1,out);
101 }
102 l2n(tout0,ivec);
103 l2n(tout1,ivec);
104 }
105 else
106 {
107 n2l(ivec,xor0);
108 n2l(ivec,xor1);
109 ivec-=8;
110 for (l-=8; l>=0; l-=8)
111 {
112 n2l(in,tin0);
113 n2l(in,tin1);
114 tin[0]=tin0;
115 tin[1]=tin1;
116 BF_decrypt(tin,schedule);
117 tout0=tin[0]^xor0;
118 tout1=tin[1]^xor1;
119 l2n(tout0,out);
120 l2n(tout1,out);
121 xor0=tin0;
122 xor1=tin1;
123 }
124 if (l != -8)
125 {
126 n2l(in,tin0);
127 n2l(in,tin1);
128 tin[0]=tin0;
129 tin[1]=tin1;
130 BF_decrypt(tin,schedule);
131 tout0=tin[0]^xor0;
132 tout1=tin[1]^xor1;
133 l2nn(tout0,tout1,out,l+8);
134 xor0=tin0;
135 xor1=tin1;
136 }
137 l2n(xor0,ivec);
138 l2n(xor1,ivec);
139 }
140 tin0=tin1=tout0=tout1=xor0=xor1=0;
141 tin[0]=tin[1]=0;
142 }
143
diff --git a/src/lib/libcrypto/bf/bf_cfb64.c b/src/lib/libcrypto/bf/bf_cfb64.c
deleted file mode 100644
index 6451c8d407..0000000000
--- a/src/lib/libcrypto/bf/bf_cfb64.c
+++ /dev/null
@@ -1,121 +0,0 @@
1/* crypto/bf/bf_cfb64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/blowfish.h>
60#include "bf_locl.h"
61
62/* The input and output encrypted as though 64bit cfb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66
67void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
68 const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
69 {
70 register BF_LONG v0,v1,t;
71 register int n= *num;
72 register long l=length;
73 BF_LONG ti[2];
74 unsigned char *iv,c,cc;
75
76 iv=(unsigned char *)ivec;
77 if (encrypt)
78 {
79 while (l--)
80 {
81 if (n == 0)
82 {
83 n2l(iv,v0); ti[0]=v0;
84 n2l(iv,v1); ti[1]=v1;
85 BF_encrypt((BF_LONG *)ti,schedule);
86 iv=(unsigned char *)ivec;
87 t=ti[0]; l2n(t,iv);
88 t=ti[1]; l2n(t,iv);
89 iv=(unsigned char *)ivec;
90 }
91 c= *(in++)^iv[n];
92 *(out++)=c;
93 iv[n]=c;
94 n=(n+1)&0x07;
95 }
96 }
97 else
98 {
99 while (l--)
100 {
101 if (n == 0)
102 {
103 n2l(iv,v0); ti[0]=v0;
104 n2l(iv,v1); ti[1]=v1;
105 BF_encrypt((BF_LONG *)ti,schedule);
106 iv=(unsigned char *)ivec;
107 t=ti[0]; l2n(t,iv);
108 t=ti[1]; l2n(t,iv);
109 iv=(unsigned char *)ivec;
110 }
111 cc= *(in++);
112 c=iv[n];
113 iv[n]=cc;
114 *(out++)=c^cc;
115 n=(n+1)&0x07;
116 }
117 }
118 v0=v1=ti[0]=ti[1]=t=c=cc=0;
119 *num=n;
120 }
121
diff --git a/src/lib/libcrypto/bf/bf_ecb.c b/src/lib/libcrypto/bf/bf_ecb.c
deleted file mode 100644
index 341991636f..0000000000
--- a/src/lib/libcrypto/bf/bf_ecb.c
+++ /dev/null
@@ -1,96 +0,0 @@
1/* crypto/bf/bf_ecb.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/blowfish.h>
60#include "bf_locl.h"
61#include <openssl/opensslv.h>
62
63/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
64 * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
65 * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
66 */
67
68const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
69
70const char *BF_options(void)
71 {
72#ifdef BF_PTR
73 return("blowfish(ptr)");
74#elif defined(BF_PTR2)
75 return("blowfish(ptr2)");
76#else
77 return("blowfish(idx)");
78#endif
79 }
80
81void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
82 const BF_KEY *key, int encrypt)
83 {
84 BF_LONG l,d[2];
85
86 n2l(in,l); d[0]=l;
87 n2l(in,l); d[1]=l;
88 if (encrypt)
89 BF_encrypt(d,key);
90 else
91 BF_decrypt(d,key);
92 l=d[0]; l2n(l,out);
93 l=d[1]; l2n(l,out);
94 l=d[0]=d[1]=0;
95 }
96
diff --git a/src/lib/libcrypto/bf/bf_enc.c b/src/lib/libcrypto/bf/bf_enc.c
deleted file mode 100644
index b380acf959..0000000000
--- a/src/lib/libcrypto/bf/bf_enc.c
+++ /dev/null
@@ -1,306 +0,0 @@
1/* crypto/bf/bf_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/blowfish.h>
60#include "bf_locl.h"
61
62/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
63 * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
64 * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
65 */
66
67#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
68#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
69to modify the code.
70#endif
71
72void BF_encrypt(BF_LONG *data, const BF_KEY *key)
73 {
74#ifndef BF_PTR2
75 register BF_LONG l,r;
76 const register BF_LONG *p,*s;
77
78 p=key->P;
79 s= &(key->S[0]);
80 l=data[0];
81 r=data[1];
82
83 l^=p[0];
84 BF_ENC(r,l,s,p[ 1]);
85 BF_ENC(l,r,s,p[ 2]);
86 BF_ENC(r,l,s,p[ 3]);
87 BF_ENC(l,r,s,p[ 4]);
88 BF_ENC(r,l,s,p[ 5]);
89 BF_ENC(l,r,s,p[ 6]);
90 BF_ENC(r,l,s,p[ 7]);
91 BF_ENC(l,r,s,p[ 8]);
92 BF_ENC(r,l,s,p[ 9]);
93 BF_ENC(l,r,s,p[10]);
94 BF_ENC(r,l,s,p[11]);
95 BF_ENC(l,r,s,p[12]);
96 BF_ENC(r,l,s,p[13]);
97 BF_ENC(l,r,s,p[14]);
98 BF_ENC(r,l,s,p[15]);
99 BF_ENC(l,r,s,p[16]);
100#if BF_ROUNDS == 20
101 BF_ENC(r,l,s,p[17]);
102 BF_ENC(l,r,s,p[18]);
103 BF_ENC(r,l,s,p[19]);
104 BF_ENC(l,r,s,p[20]);
105#endif
106 r^=p[BF_ROUNDS+1];
107
108 data[1]=l&0xffffffffL;
109 data[0]=r&0xffffffffL;
110#else
111 register BF_LONG l,r,t,*k;
112
113 l=data[0];
114 r=data[1];
115 k=(BF_LONG*)key;
116
117 l^=k[0];
118 BF_ENC(r,l,k, 1);
119 BF_ENC(l,r,k, 2);
120 BF_ENC(r,l,k, 3);
121 BF_ENC(l,r,k, 4);
122 BF_ENC(r,l,k, 5);
123 BF_ENC(l,r,k, 6);
124 BF_ENC(r,l,k, 7);
125 BF_ENC(l,r,k, 8);
126 BF_ENC(r,l,k, 9);
127 BF_ENC(l,r,k,10);
128 BF_ENC(r,l,k,11);
129 BF_ENC(l,r,k,12);
130 BF_ENC(r,l,k,13);
131 BF_ENC(l,r,k,14);
132 BF_ENC(r,l,k,15);
133 BF_ENC(l,r,k,16);
134#if BF_ROUNDS == 20
135 BF_ENC(r,l,k,17);
136 BF_ENC(l,r,k,18);
137 BF_ENC(r,l,k,19);
138 BF_ENC(l,r,k,20);
139#endif
140 r^=k[BF_ROUNDS+1];
141
142 data[1]=l&0xffffffffL;
143 data[0]=r&0xffffffffL;
144#endif
145 }
146
147#ifndef BF_DEFAULT_OPTIONS
148
149void BF_decrypt(BF_LONG *data, const BF_KEY *key)
150 {
151#ifndef BF_PTR2
152 register BF_LONG l,r;
153 const register BF_LONG *p,*s;
154
155 p=key->P;
156 s= &(key->S[0]);
157 l=data[0];
158 r=data[1];
159
160 l^=p[BF_ROUNDS+1];
161#if BF_ROUNDS == 20
162 BF_ENC(r,l,s,p[20]);
163 BF_ENC(l,r,s,p[19]);
164 BF_ENC(r,l,s,p[18]);
165 BF_ENC(l,r,s,p[17]);
166#endif
167 BF_ENC(r,l,s,p[16]);
168 BF_ENC(l,r,s,p[15]);
169 BF_ENC(r,l,s,p[14]);
170 BF_ENC(l,r,s,p[13]);
171 BF_ENC(r,l,s,p[12]);
172 BF_ENC(l,r,s,p[11]);
173 BF_ENC(r,l,s,p[10]);
174 BF_ENC(l,r,s,p[ 9]);
175 BF_ENC(r,l,s,p[ 8]);
176 BF_ENC(l,r,s,p[ 7]);
177 BF_ENC(r,l,s,p[ 6]);
178 BF_ENC(l,r,s,p[ 5]);
179 BF_ENC(r,l,s,p[ 4]);
180 BF_ENC(l,r,s,p[ 3]);
181 BF_ENC(r,l,s,p[ 2]);
182 BF_ENC(l,r,s,p[ 1]);
183 r^=p[0];
184
185 data[1]=l&0xffffffffL;
186 data[0]=r&0xffffffffL;
187#else
188 register BF_LONG l,r,t,*k;
189
190 l=data[0];
191 r=data[1];
192 k=(BF_LONG *)key;
193
194 l^=k[BF_ROUNDS+1];
195#if BF_ROUNDS == 20
196 BF_ENC(r,l,k,20);
197 BF_ENC(l,r,k,19);
198 BF_ENC(r,l,k,18);
199 BF_ENC(l,r,k,17);
200#endif
201 BF_ENC(r,l,k,16);
202 BF_ENC(l,r,k,15);
203 BF_ENC(r,l,k,14);
204 BF_ENC(l,r,k,13);
205 BF_ENC(r,l,k,12);
206 BF_ENC(l,r,k,11);
207 BF_ENC(r,l,k,10);
208 BF_ENC(l,r,k, 9);
209 BF_ENC(r,l,k, 8);
210 BF_ENC(l,r,k, 7);
211 BF_ENC(r,l,k, 6);
212 BF_ENC(l,r,k, 5);
213 BF_ENC(r,l,k, 4);
214 BF_ENC(l,r,k, 3);
215 BF_ENC(r,l,k, 2);
216 BF_ENC(l,r,k, 1);
217 r^=k[0];
218
219 data[1]=l&0xffffffffL;
220 data[0]=r&0xffffffffL;
221#endif
222 }
223
224void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
225 const BF_KEY *schedule, unsigned char *ivec, int encrypt)
226 {
227 register BF_LONG tin0,tin1;
228 register BF_LONG tout0,tout1,xor0,xor1;
229 register long l=length;
230 BF_LONG tin[2];
231
232 if (encrypt)
233 {
234 n2l(ivec,tout0);
235 n2l(ivec,tout1);
236 ivec-=8;
237 for (l-=8; l>=0; l-=8)
238 {
239 n2l(in,tin0);
240 n2l(in,tin1);
241 tin0^=tout0;
242 tin1^=tout1;
243 tin[0]=tin0;
244 tin[1]=tin1;
245 BF_encrypt(tin,schedule);
246 tout0=tin[0];
247 tout1=tin[1];
248 l2n(tout0,out);
249 l2n(tout1,out);
250 }
251 if (l != -8)
252 {
253 n2ln(in,tin0,tin1,l+8);
254 tin0^=tout0;
255 tin1^=tout1;
256 tin[0]=tin0;
257 tin[1]=tin1;
258 BF_encrypt(tin,schedule);
259 tout0=tin[0];
260 tout1=tin[1];
261 l2n(tout0,out);
262 l2n(tout1,out);
263 }
264 l2n(tout0,ivec);
265 l2n(tout1,ivec);
266 }
267 else
268 {
269 n2l(ivec,xor0);
270 n2l(ivec,xor1);
271 ivec-=8;
272 for (l-=8; l>=0; l-=8)
273 {
274 n2l(in,tin0);
275 n2l(in,tin1);
276 tin[0]=tin0;
277 tin[1]=tin1;
278 BF_decrypt(tin,schedule);
279 tout0=tin[0]^xor0;
280 tout1=tin[1]^xor1;
281 l2n(tout0,out);
282 l2n(tout1,out);
283 xor0=tin0;
284 xor1=tin1;
285 }
286 if (l != -8)
287 {
288 n2l(in,tin0);
289 n2l(in,tin1);
290 tin[0]=tin0;
291 tin[1]=tin1;
292 BF_decrypt(tin,schedule);
293 tout0=tin[0]^xor0;
294 tout1=tin[1]^xor1;
295 l2nn(tout0,tout1,out,l+8);
296 xor0=tin0;
297 xor1=tin1;
298 }
299 l2n(xor0,ivec);
300 l2n(xor1,ivec);
301 }
302 tin0=tin1=tout0=tout1=xor0=xor1=0;
303 tin[0]=tin[1]=0;
304 }
305
306#endif
diff --git a/src/lib/libcrypto/bf/bf_locl.h b/src/lib/libcrypto/bf/bf_locl.h
deleted file mode 100644
index cc7c3ec992..0000000000
--- a/src/lib/libcrypto/bf/bf_locl.h
+++ /dev/null
@@ -1,219 +0,0 @@
1/* crypto/bf/bf_locl.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BF_LOCL_H
60#define HEADER_BF_LOCL_H
61#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
62
63#undef c2l
64#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
65 l|=((unsigned long)(*((c)++)))<< 8L, \
66 l|=((unsigned long)(*((c)++)))<<16L, \
67 l|=((unsigned long)(*((c)++)))<<24L)
68
69/* NOTE - c is not incremented as per c2l */
70#undef c2ln
71#define c2ln(c,l1,l2,n) { \
72 c+=n; \
73 l1=l2=0; \
74 switch (n) { \
75 case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
76 case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
77 case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
78 case 5: l2|=((unsigned long)(*(--(c)))); \
79 case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
80 case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
81 case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
82 case 1: l1|=((unsigned long)(*(--(c)))); \
83 } \
84 }
85
86#undef l2c
87#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
88 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
89 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
90 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
91
92/* NOTE - c is not incremented as per l2c */
93#undef l2cn
94#define l2cn(l1,l2,c,n) { \
95 c+=n; \
96 switch (n) { \
97 case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
98 case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
99 case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
100 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
101 case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
102 case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
103 case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
104 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
105 } \
106 }
107
108/* NOTE - c is not incremented as per n2l */
109#define n2ln(c,l1,l2,n) { \
110 c+=n; \
111 l1=l2=0; \
112 switch (n) { \
113 case 8: l2 =((unsigned long)(*(--(c)))) ; \
114 case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
115 case 6: l2|=((unsigned long)(*(--(c))))<<16; \
116 case 5: l2|=((unsigned long)(*(--(c))))<<24; \
117 case 4: l1 =((unsigned long)(*(--(c)))) ; \
118 case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
119 case 2: l1|=((unsigned long)(*(--(c))))<<16; \
120 case 1: l1|=((unsigned long)(*(--(c))))<<24; \
121 } \
122 }
123
124/* NOTE - c is not incremented as per l2n */
125#define l2nn(l1,l2,c,n) { \
126 c+=n; \
127 switch (n) { \
128 case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
129 case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
130 case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
131 case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
132 case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
133 case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
134 case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
135 case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
136 } \
137 }
138
139#undef n2l
140#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
141 l|=((unsigned long)(*((c)++)))<<16L, \
142 l|=((unsigned long)(*((c)++)))<< 8L, \
143 l|=((unsigned long)(*((c)++))))
144
145#undef l2n
146#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
147 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
148 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
149 *((c)++)=(unsigned char)(((l) )&0xff))
150
151/* This is actually a big endian algorithm, the most significant byte
152 * is used to lookup array 0 */
153
154#if defined(BF_PTR2)
155
156/*
157 * This is basically a special Intel version. Point is that Intel
158 * doesn't have many registers, but offers a reach choice of addressing
159 * modes. So we spare some registers by directly traversing BF_KEY
160 * structure and hiring the most decorated addressing mode. The code
161 * generated by EGCS is *perfectly* competitive with assembler
162 * implementation!
163 */
164#define BF_ENC(LL,R,KEY,Pi) (\
165 LL^=KEY[Pi], \
166 t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \
167 t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
168 t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
169 t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \
170 LL^=t \
171 )
172
173#elif defined(BF_PTR)
174
175#ifndef BF_LONG_LOG2
176#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */
177#endif
178#define BF_M (0xFF<<BF_LONG_LOG2)
179#define BF_0 (24-BF_LONG_LOG2)
180#define BF_1 (16-BF_LONG_LOG2)
181#define BF_2 ( 8-BF_LONG_LOG2)
182#define BF_3 BF_LONG_LOG2 /* left shift */
183
184/*
185 * This is normally very good on RISC platforms where normally you
186 * have to explicitly "multiply" array index by sizeof(BF_LONG)
187 * in order to calculate the effective address. This implementation
188 * excuses CPU from this extra work. Power[PC] uses should have most
189 * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
190 * rlwinm. So let'em double-check if their compiler does it.
191 */
192
193#define BF_ENC(LL,R,S,P) ( \
194 LL^=P, \
195 LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
196 *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
197 *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
198 *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
199 )
200#else
201
202/*
203 * This is a *generic* version. Seem to perform best on platforms that
204 * offer explicit support for extraction of 8-bit nibbles preferably
205 * complemented with "multiplying" of array index by sizeof(BF_LONG).
206 * For the moment of this writing the list comprises Alpha CPU featuring
207 * extbl and s[48]addq instructions.
208 */
209
210#define BF_ENC(LL,R,S,P) ( \
211 LL^=P, \
212 LL^=((( S[ ((int)(R>>24)&0xff)] + \
213 S[0x0100+((int)(R>>16)&0xff)])^ \
214 S[0x0200+((int)(R>> 8)&0xff)])+ \
215 S[0x0300+((int)(R )&0xff)])&0xffffffffL \
216 )
217#endif
218
219#endif
diff --git a/src/lib/libcrypto/bf/bf_ofb64.c b/src/lib/libcrypto/bf/bf_ofb64.c
deleted file mode 100644
index f2a9ff6e41..0000000000
--- a/src/lib/libcrypto/bf/bf_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* crypto/bf/bf_ofb64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/blowfish.h>
60#include "bf_locl.h"
61
62/* The input and output encrypted as though 64bit ofb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
67 const BF_KEY *schedule, unsigned char *ivec, int *num)
68 {
69 register BF_LONG v0,v1,t;
70 register int n= *num;
71 register long l=length;
72 unsigned char d[8];
73 register char *dp;
74 BF_LONG ti[2];
75 unsigned char *iv;
76 int save=0;
77
78 iv=(unsigned char *)ivec;
79 n2l(iv,v0);
80 n2l(iv,v1);
81 ti[0]=v0;
82 ti[1]=v1;
83 dp=(char *)d;
84 l2n(v0,dp);
85 l2n(v1,dp);
86 while (l--)
87 {
88 if (n == 0)
89 {
90 BF_encrypt((BF_LONG *)ti,schedule);
91 dp=(char *)d;
92 t=ti[0]; l2n(t,dp);
93 t=ti[1]; l2n(t,dp);
94 save++;
95 }
96 *(out++)= *(in++)^d[n];
97 n=(n+1)&0x07;
98 }
99 if (save)
100 {
101 v0=ti[0];
102 v1=ti[1];
103 iv=(unsigned char *)ivec;
104 l2n(v0,iv);
105 l2n(v1,iv);
106 }
107 t=v0=v1=ti[0]=ti[1]=0;
108 *num=n;
109 }
110
diff --git a/src/lib/libcrypto/bf/bf_pi.h b/src/lib/libcrypto/bf/bf_pi.h
deleted file mode 100644
index 9949513c68..0000000000
--- a/src/lib/libcrypto/bf/bf_pi.h
+++ /dev/null
@@ -1,325 +0,0 @@
1/* crypto/bf/bf_pi.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59static const BF_KEY bf_init= {
60 {
61 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
62 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
63 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
64 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
65 0x9216d5d9L, 0x8979fb1b
66 },{
67 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
68 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
69 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
70 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
71 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
72 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
73 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
74 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
75 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
76 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
77 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
78 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
79 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
80 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
81 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
82 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
83 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
84 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
85 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
86 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
87 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
88 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
89 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
90 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
91 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
92 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
93 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
94 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
95 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
96 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
97 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
98 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
99 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
100 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
101 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
102 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
103 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
104 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
105 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
106 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
107 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
108 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
109 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
110 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
111 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
112 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
113 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
114 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
115 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
116 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
117 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
118 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
119 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
120 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
121 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
122 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
123 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
124 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
125 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
126 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
127 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
128 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
129 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
130 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
131 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
132 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
133 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
134 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
135 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
136 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
137 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
138 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
139 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
140 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
141 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
142 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
143 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
144 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
145 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
146 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
147 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
148 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
149 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
150 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
151 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
152 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
153 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
154 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
155 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
156 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
157 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
158 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
159 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
160 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
161 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
162 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
163 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
164 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
165 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
166 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
167 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
168 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
169 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
170 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
171 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
172 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
173 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
174 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
175 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
176 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
177 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
178 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
179 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
180 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
181 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
182 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
183 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
184 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
185 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
186 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
187 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
188 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
189 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
190 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
191 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
192 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
193 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
194 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
195 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
196 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
197 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
198 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
199 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
200 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
201 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
202 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
203 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
204 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
205 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
206 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
207 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
208 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
209 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
210 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
211 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
212 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
213 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
214 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
215 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
216 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
217 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
218 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
219 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
220 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
221 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
222 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
223 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
224 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
225 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
226 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
227 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
228 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
229 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
230 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
231 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
232 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
233 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
234 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
235 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
236 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
237 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
238 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
239 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
240 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
241 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
242 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
243 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
244 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
245 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
246 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
247 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
248 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
249 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
250 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
251 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
252 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
253 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
254 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
255 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
256 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
257 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
258 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
259 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
260 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
261 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
262 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
263 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
264 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
265 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
266 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
267 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
268 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
269 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
270 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
271 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
272 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
273 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
274 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
275 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
276 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
277 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
278 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
279 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
280 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
281 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
282 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
283 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
284 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
285 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
286 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
287 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
288 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
289 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
290 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
291 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
292 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
293 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
294 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
295 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
296 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
297 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
298 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
299 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
300 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
301 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
302 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
303 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
304 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
305 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
306 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
307 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
308 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
309 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
310 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
311 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
312 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
313 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
314 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
315 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
316 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
317 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
318 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
319 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
320 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
321 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
322 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
323 }
324 };
325
diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/bf_skey.c
deleted file mode 100644
index 4d6a232fe0..0000000000
--- a/src/lib/libcrypto/bf/bf_skey.c
+++ /dev/null
@@ -1,116 +0,0 @@
1/* crypto/bf/bf_skey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/blowfish.h>
62#include "bf_locl.h"
63#include "bf_pi.h"
64
65void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
66 {
67 int i;
68 BF_LONG *p,ri,in[2];
69 const unsigned char *d,*end;
70
71
72 memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY));
73 p=key->P;
74
75 if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
76
77 d=data;
78 end= &(data[len]);
79 for (i=0; i<(BF_ROUNDS+2); i++)
80 {
81 ri= *(d++);
82 if (d >= end) d=data;
83
84 ri<<=8;
85 ri|= *(d++);
86 if (d >= end) d=data;
87
88 ri<<=8;
89 ri|= *(d++);
90 if (d >= end) d=data;
91
92 ri<<=8;
93 ri|= *(d++);
94 if (d >= end) d=data;
95
96 p[i]^=ri;
97 }
98
99 in[0]=0L;
100 in[1]=0L;
101 for (i=0; i<(BF_ROUNDS+2); i+=2)
102 {
103 BF_encrypt(in,key);
104 p[i ]=in[0];
105 p[i+1]=in[1];
106 }
107
108 p=key->S;
109 for (i=0; i<4*256; i+=2)
110 {
111 BF_encrypt(in,key);
112 p[i ]=in[0];
113 p[i+1]=in[1];
114 }
115 }
116
diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h
deleted file mode 100644
index 78acfd63b4..0000000000
--- a/src/lib/libcrypto/bf/blowfish.h
+++ /dev/null
@@ -1,125 +0,0 @@
1/* crypto/bf/blowfish.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BLOWFISH_H
60#define HEADER_BLOWFISH_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#ifdef NO_BF
67#error BF is disabled.
68#endif
69
70#define BF_ENCRYPT 1
71#define BF_DECRYPT 0
72
73/*
74 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
75 * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
76 * ! BF_LONG_LOG2 has to be defined along. !
77 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
78 */
79
80#if defined(WIN16) || defined(__LP32__)
81#define BF_LONG unsigned long
82#elif defined(_CRAY) || defined(__ILP64__)
83#define BF_LONG unsigned long
84#define BF_LONG_LOG2 3
85/*
86 * _CRAY note. I could declare short, but I have no idea what impact
87 * does it have on performance on none-T3E machines. I could declare
88 * int, but at least on C90 sizeof(int) can be chosen at compile time.
89 * So I've chosen long...
90 * <appro@fy.chalmers.se>
91 */
92#else
93#define BF_LONG unsigned int
94#endif
95
96#define BF_ROUNDS 16
97#define BF_BLOCK 8
98
99typedef struct bf_key_st
100 {
101 BF_LONG P[BF_ROUNDS+2];
102 BF_LONG S[4*256];
103 } BF_KEY;
104
105
106void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
107
108void BF_encrypt(BF_LONG *data,const BF_KEY *key);
109void BF_decrypt(BF_LONG *data,const BF_KEY *key);
110
111void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
112 const BF_KEY *key, int enc);
113void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
114 const BF_KEY *schedule, unsigned char *ivec, int enc);
115void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
116 const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
117void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
118 const BF_KEY *schedule, unsigned char *ivec, int *num);
119const char *BF_options(void);
120
121#ifdef __cplusplus
122}
123#endif
124
125#endif
diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c
deleted file mode 100644
index 8397cfab6a..0000000000
--- a/src/lib/libcrypto/bio/b_dump.c
+++ /dev/null
@@ -1,152 +0,0 @@
1/* crypto/bio/b_dump.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * Stolen from tjh's ssl/ssl_trc.c stuff.
61 */
62
63#include <stdio.h>
64#include "cryptlib.h"
65#include <openssl/bio.h>
66
67#define TRUNCATE
68#define DUMP_WIDTH 16
69#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
70
71int BIO_dump(BIO *bio, const char *s, int len)
72 {
73 return BIO_dump_indent(bio, s, len, 0);
74 }
75
76int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
77 {
78 int ret=0;
79 char buf[288+1],tmp[20],str[128+1];
80 int i,j,rows,trunc;
81 unsigned char ch;
82 int dump_width;
83
84 trunc=0;
85
86#ifdef TRUNCATE
87 for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--)
88 trunc++;
89#endif
90
91 if (indent < 0)
92 indent = 0;
93 if (indent)
94 {
95 if (indent > 128) indent=128;
96 memset(str,' ',indent);
97 }
98 str[indent]='\0';
99
100 dump_width=DUMP_WIDTH_LESS_INDENT(indent);
101 rows=(len/dump_width);
102 if ((rows*dump_width)<len)
103 rows++;
104 for(i=0;i<rows;i++)
105 {
106 buf[0]='\0'; /* start with empty string */
107 strcpy(buf,str);
108 sprintf(tmp,"%04x - ",i*dump_width);
109 strcat(buf,tmp);
110 for(j=0;j<dump_width;j++)
111 {
112 if (((i*dump_width)+j)>=len)
113 {
114 strcat(buf," ");
115 }
116 else
117 {
118 ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
119 sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
120 strcat(buf,tmp);
121 }
122 }
123 strcat(buf," ");
124 for(j=0;j<dump_width;j++)
125 {
126 if (((i*dump_width)+j)>=len)
127 break;
128 ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
129#ifndef CHARSET_EBCDIC
130 sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
131#else
132 sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
133 ? os_toebcdic[ch]
134 : '.');
135#endif
136 strcat(buf,tmp);
137 }
138 strcat(buf,"\n");
139 /* if this is the last call then update the ddt_dump thing so that
140 * we will move the selection point in the debug window
141 */
142 ret+=BIO_write(bio,(char *)buf,strlen(buf));
143 }
144#ifdef TRUNCATE
145 if (trunc > 0)
146 {
147 sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trunc);
148 ret+=BIO_write(bio,(char *)buf,strlen(buf));
149 }
150#endif
151 return(ret);
152 }
diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c
deleted file mode 100644
index 91a049406e..0000000000
--- a/src/lib/libcrypto/bio/b_print.c
+++ /dev/null
@@ -1,819 +0,0 @@
1/* crypto/bio/b_print.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * Stolen from tjh's ssl/ssl_trc.c stuff.
61 */
62
63#include <stdio.h>
64#include <string.h>
65#include <ctype.h>
66#include <assert.h>
67#include <limits.h>
68#include "cryptlib.h"
69#ifndef NO_SYS_TYPES_H
70#include <sys/types.h>
71#endif
72#include <openssl/bn.h> /* To get BN_LLONG properly defined */
73#include <openssl/bio.h>
74
75#ifdef BN_LLONG
76# ifndef HAVE_LONG_LONG
77# define HAVE_LONG_LONG 1
78# endif
79#endif
80
81/***************************************************************************/
82
83/*
84 * Copyright Patrick Powell 1995
85 * This code is based on code written by Patrick Powell <papowell@astart.com>
86 * It may be used for any purpose as long as this notice remains intact
87 * on all source code distributions.
88 */
89
90/*
91 * This code contains numerious changes and enhancements which were
92 * made by lots of contributors over the last years to Patrick Powell's
93 * original code:
94 *
95 * o Patrick Powell <papowell@astart.com> (1995)
96 * o Brandon Long <blong@fiction.net> (1996, for Mutt)
97 * o Thomas Roessler <roessler@guug.de> (1998, for Mutt)
98 * o Michael Elkins <me@cs.hmc.edu> (1998, for Mutt)
99 * o Andrew Tridgell <tridge@samba.org> (1998, for Samba)
100 * o Luke Mewburn <lukem@netbsd.org> (1999, for LukemFTP)
101 * o Ralf S. Engelschall <rse@engelschall.com> (1999, for Pth)
102 * o ... (for OpenSSL)
103 */
104
105#if HAVE_LONG_DOUBLE
106#define LDOUBLE long double
107#else
108#define LDOUBLE double
109#endif
110
111#if HAVE_LONG_LONG
112# if defined(WIN32) && !defined(__GNUC__)
113# define LLONG _int64
114# else
115# define LLONG long long
116# endif
117#else
118#define LLONG long
119#endif
120
121static void fmtstr (char **, char **, size_t *, size_t *,
122 const char *, int, int, int);
123static void fmtint (char **, char **, size_t *, size_t *,
124 LLONG, int, int, int, int);
125static void fmtfp (char **, char **, size_t *, size_t *,
126 LDOUBLE, int, int, int);
127static void doapr_outch (char **, char **, size_t *, size_t *, int);
128static void _dopr(char **sbuffer, char **buffer,
129 size_t *maxlen, size_t *retlen, int *truncated,
130 const char *format, va_list args);
131
132/* format read states */
133#define DP_S_DEFAULT 0
134#define DP_S_FLAGS 1
135#define DP_S_MIN 2
136#define DP_S_DOT 3
137#define DP_S_MAX 4
138#define DP_S_MOD 5
139#define DP_S_CONV 6
140#define DP_S_DONE 7
141
142/* format flags - Bits */
143#define DP_F_MINUS (1 << 0)
144#define DP_F_PLUS (1 << 1)
145#define DP_F_SPACE (1 << 2)
146#define DP_F_NUM (1 << 3)
147#define DP_F_ZERO (1 << 4)
148#define DP_F_UP (1 << 5)
149#define DP_F_UNSIGNED (1 << 6)
150
151/* conversion flags */
152#define DP_C_SHORT 1
153#define DP_C_LONG 2
154#define DP_C_LDOUBLE 3
155#define DP_C_LLONG 4
156
157/* some handy macros */
158#define char_to_int(p) (p - '0')
159#define OSSL_MAX(p,q) ((p >= q) ? p : q)
160
161static void
162_dopr(
163 char **sbuffer,
164 char **buffer,
165 size_t *maxlen,
166 size_t *retlen,
167 int *truncated,
168 const char *format,
169 va_list args)
170{
171 char ch;
172 LLONG value;
173 LDOUBLE fvalue;
174 char *strvalue;
175 int min;
176 int max;
177 int state;
178 int flags;
179 int cflags;
180 size_t currlen;
181
182 state = DP_S_DEFAULT;
183 flags = currlen = cflags = min = 0;
184 max = -1;
185 ch = *format++;
186
187 while (state != DP_S_DONE) {
188 if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
189 state = DP_S_DONE;
190
191 switch (state) {
192 case DP_S_DEFAULT:
193 if (ch == '%')
194 state = DP_S_FLAGS;
195 else
196 doapr_outch(sbuffer,buffer, &currlen, maxlen, ch);
197 ch = *format++;
198 break;
199 case DP_S_FLAGS:
200 switch (ch) {
201 case '-':
202 flags |= DP_F_MINUS;
203 ch = *format++;
204 break;
205 case '+':
206 flags |= DP_F_PLUS;
207 ch = *format++;
208 break;
209 case ' ':
210 flags |= DP_F_SPACE;
211 ch = *format++;
212 break;
213 case '#':
214 flags |= DP_F_NUM;
215 ch = *format++;
216 break;
217 case '0':
218 flags |= DP_F_ZERO;
219 ch = *format++;
220 break;
221 default:
222 state = DP_S_MIN;
223 break;
224 }
225 break;
226 case DP_S_MIN:
227 if (isdigit((unsigned char)ch)) {
228 min = 10 * min + char_to_int(ch);
229 ch = *format++;
230 } else if (ch == '*') {
231 min = va_arg(args, int);
232 ch = *format++;
233 state = DP_S_DOT;
234 } else
235 state = DP_S_DOT;
236 break;
237 case DP_S_DOT:
238 if (ch == '.') {
239 state = DP_S_MAX;
240 ch = *format++;
241 } else
242 state = DP_S_MOD;
243 break;
244 case DP_S_MAX:
245 if (isdigit((unsigned char)ch)) {
246 if (max < 0)
247 max = 0;
248 max = 10 * max + char_to_int(ch);
249 ch = *format++;
250 } else if (ch == '*') {
251 max = va_arg(args, int);
252 ch = *format++;
253 state = DP_S_MOD;
254 } else
255 state = DP_S_MOD;
256 break;
257 case DP_S_MOD:
258 switch (ch) {
259 case 'h':
260 cflags = DP_C_SHORT;
261 ch = *format++;
262 break;
263 case 'l':
264 if (*format == 'l') {
265 cflags = DP_C_LLONG;
266 format++;
267 } else
268 cflags = DP_C_LONG;
269 ch = *format++;
270 break;
271 case 'q':
272 cflags = DP_C_LLONG;
273 ch = *format++;
274 break;
275 case 'L':
276 cflags = DP_C_LDOUBLE;
277 ch = *format++;
278 break;
279 default:
280 break;
281 }
282 state = DP_S_CONV;
283 break;
284 case DP_S_CONV:
285 switch (ch) {
286 case 'd':
287 case 'i':
288 switch (cflags) {
289 case DP_C_SHORT:
290 value = (short int)va_arg(args, int);
291 break;
292 case DP_C_LONG:
293 value = va_arg(args, long int);
294 break;
295 case DP_C_LLONG:
296 value = va_arg(args, LLONG);
297 break;
298 default:
299 value = va_arg(args, int);
300 break;
301 }
302 fmtint(sbuffer, buffer, &currlen, maxlen,
303 value, 10, min, max, flags);
304 break;
305 case 'X':
306 flags |= DP_F_UP;
307 /* FALLTHROUGH */
308 case 'x':
309 case 'o':
310 case 'u':
311 flags |= DP_F_UNSIGNED;
312 switch (cflags) {
313 case DP_C_SHORT:
314 value = (unsigned short int)va_arg(args, unsigned int);
315 break;
316 case DP_C_LONG:
317 value = (LLONG) va_arg(args,
318 unsigned long int);
319 break;
320 case DP_C_LLONG:
321 value = va_arg(args, unsigned LLONG);
322 break;
323 default:
324 value = (LLONG) va_arg(args,
325 unsigned int);
326 break;
327 }
328 fmtint(sbuffer, buffer, &currlen, maxlen, value,
329 ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
330 min, max, flags);
331 break;
332 case 'f':
333 if (cflags == DP_C_LDOUBLE)
334 fvalue = va_arg(args, LDOUBLE);
335 else
336 fvalue = va_arg(args, double);
337 fmtfp(sbuffer, buffer, &currlen, maxlen,
338 fvalue, min, max, flags);
339 break;
340 case 'E':
341 flags |= DP_F_UP;
342 case 'e':
343 if (cflags == DP_C_LDOUBLE)
344 fvalue = va_arg(args, LDOUBLE);
345 else
346 fvalue = va_arg(args, double);
347 break;
348 case 'G':
349 flags |= DP_F_UP;
350 case 'g':
351 if (cflags == DP_C_LDOUBLE)
352 fvalue = va_arg(args, LDOUBLE);
353 else
354 fvalue = va_arg(args, double);
355 break;
356 case 'c':
357 doapr_outch(sbuffer, buffer, &currlen, maxlen,
358 va_arg(args, int));
359 break;
360 case 's':
361 strvalue = va_arg(args, char *);
362 if (max < 0) {
363 if (buffer)
364 max = INT_MAX;
365 else
366 max = *maxlen;
367 }
368 fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
369 flags, min, max);
370 break;
371 case 'p':
372 value = (long)va_arg(args, void *);
373 fmtint(sbuffer, buffer, &currlen, maxlen,
374 value, 16, min, max, flags);
375 break;
376 case 'n': /* XXX */
377 if (cflags == DP_C_SHORT) {
378 short int *num;
379 num = va_arg(args, short int *);
380 *num = currlen;
381 } else if (cflags == DP_C_LONG) { /* XXX */
382 long int *num;
383 num = va_arg(args, long int *);
384 *num = (long int) currlen;
385 } else if (cflags == DP_C_LLONG) { /* XXX */
386 LLONG *num;
387 num = va_arg(args, LLONG *);
388 *num = (LLONG) currlen;
389 } else {
390 int *num;
391 num = va_arg(args, int *);
392 *num = currlen;
393 }
394 break;
395 case '%':
396 doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
397 break;
398 case 'w':
399 /* not supported yet, treat as next char */
400 ch = *format++;
401 break;
402 default:
403 /* unknown, skip */
404 break;
405 }
406 ch = *format++;
407 state = DP_S_DEFAULT;
408 flags = cflags = min = 0;
409 max = -1;
410 break;
411 case DP_S_DONE:
412 break;
413 default:
414 break;
415 }
416 }
417 *truncated = (currlen > *maxlen - 1);
418 if (*truncated)
419 currlen = *maxlen - 1;
420 doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
421 *retlen = currlen - 1;
422 return;
423}
424
425static void
426fmtstr(
427 char **sbuffer,
428 char **buffer,
429 size_t *currlen,
430 size_t *maxlen,
431 const char *value,
432 int flags,
433 int min,
434 int max)
435{
436 int padlen, strln;
437 int cnt = 0;
438
439 if (value == 0)
440 value = "<NULL>";
441 for (strln = 0; value[strln]; ++strln)
442 ;
443 padlen = min - strln;
444 if (padlen < 0)
445 padlen = 0;
446 if (flags & DP_F_MINUS)
447 padlen = -padlen;
448
449 while ((padlen > 0) && (cnt < max)) {
450 doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
451 --padlen;
452 ++cnt;
453 }
454 while (*value && (cnt < max)) {
455 doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
456 ++cnt;
457 }
458 while ((padlen < 0) && (cnt < max)) {
459 doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
460 ++padlen;
461 ++cnt;
462 }
463}
464
465static void
466fmtint(
467 char **sbuffer,
468 char **buffer,
469 size_t *currlen,
470 size_t *maxlen,
471 LLONG value,
472 int base,
473 int min,
474 int max,
475 int flags)
476{
477 int signvalue = 0;
478 unsigned LLONG uvalue;
479 char convert[20];
480 int place = 0;
481 int spadlen = 0;
482 int zpadlen = 0;
483 int caps = 0;
484
485 if (max < 0)
486 max = 0;
487 uvalue = value;
488 if (!(flags & DP_F_UNSIGNED)) {
489 if (value < 0) {
490 signvalue = '-';
491 uvalue = -value;
492 } else if (flags & DP_F_PLUS)
493 signvalue = '+';
494 else if (flags & DP_F_SPACE)
495 signvalue = ' ';
496 }
497 if (flags & DP_F_UP)
498 caps = 1;
499 do {
500 convert[place++] =
501 (caps ? "0123456789ABCDEF" : "0123456789abcdef")
502 [uvalue % (unsigned) base];
503 uvalue = (uvalue / (unsigned) base);
504 } while (uvalue && (place < 20));
505 if (place == 20)
506 place--;
507 convert[place] = 0;
508
509 zpadlen = max - place;
510 spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
511 if (zpadlen < 0)
512 zpadlen = 0;
513 if (spadlen < 0)
514 spadlen = 0;
515 if (flags & DP_F_ZERO) {
516 zpadlen = OSSL_MAX(zpadlen, spadlen);
517 spadlen = 0;
518 }
519 if (flags & DP_F_MINUS)
520 spadlen = -spadlen;
521
522 /* spaces */
523 while (spadlen > 0) {
524 doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
525 --spadlen;
526 }
527
528 /* sign */
529 if (signvalue)
530 doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
531
532 /* zeros */
533 if (zpadlen > 0) {
534 while (zpadlen > 0) {
535 doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
536 --zpadlen;
537 }
538 }
539 /* digits */
540 while (place > 0)
541 doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
542
543 /* left justified spaces */
544 while (spadlen < 0) {
545 doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
546 ++spadlen;
547 }
548 return;
549}
550
551static LDOUBLE
552abs_val(LDOUBLE value)
553{
554 LDOUBLE result = value;
555 if (value < 0)
556 result = -value;
557 return result;
558}
559
560static LDOUBLE
561pow10(int exp)
562{
563 LDOUBLE result = 1;
564 while (exp) {
565 result *= 10;
566 exp--;
567 }
568 return result;
569}
570
571static long
572round(LDOUBLE value)
573{
574 long intpart;
575 intpart = (long) value;
576 value = value - intpart;
577 if (value >= 0.5)
578 intpart++;
579 return intpart;
580}
581
582static void
583fmtfp(
584 char **sbuffer,
585 char **buffer,
586 size_t *currlen,
587 size_t *maxlen,
588 LDOUBLE fvalue,
589 int min,
590 int max,
591 int flags)
592{
593 int signvalue = 0;
594 LDOUBLE ufvalue;
595 char iconvert[20];
596 char fconvert[20];
597 int iplace = 0;
598 int fplace = 0;
599 int padlen = 0;
600 int zpadlen = 0;
601 int caps = 0;
602 long intpart;
603 long fracpart;
604
605 if (max < 0)
606 max = 6;
607 ufvalue = abs_val(fvalue);
608 if (fvalue < 0)
609 signvalue = '-';
610 else if (flags & DP_F_PLUS)
611 signvalue = '+';
612 else if (flags & DP_F_SPACE)
613 signvalue = ' ';
614
615 intpart = (long)ufvalue;
616
617 /* sorry, we only support 9 digits past the decimal because of our
618 conversion method */
619 if (max > 9)
620 max = 9;
621
622 /* we "cheat" by converting the fractional part to integer by
623 multiplying by a factor of 10 */
624 fracpart = round((pow10(max)) * (ufvalue - intpart));
625
626 if (fracpart >= pow10(max)) {
627 intpart++;
628 fracpart -= (long)pow10(max);
629 }
630
631 /* convert integer part */
632 do {
633 iconvert[iplace++] =
634 (caps ? "0123456789ABCDEF"
635 : "0123456789abcdef")[intpart % 10];
636 intpart = (intpart / 10);
637 } while (intpart && (iplace < 20));
638 if (iplace == 20)
639 iplace--;
640 iconvert[iplace] = 0;
641
642 /* convert fractional part */
643 do {
644 fconvert[fplace++] =
645 (caps ? "0123456789ABCDEF"
646 : "0123456789abcdef")[fracpart % 10];
647 fracpart = (fracpart / 10);
648 } while (fplace < max);
649 if (fplace == 20)
650 fplace--;
651 fconvert[fplace] = 0;
652
653 /* -1 for decimal point, another -1 if we are printing a sign */
654 padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
655 zpadlen = max - fplace;
656 if (zpadlen < 0)
657 zpadlen = 0;
658 if (padlen < 0)
659 padlen = 0;
660 if (flags & DP_F_MINUS)
661 padlen = -padlen;
662
663 if ((flags & DP_F_ZERO) && (padlen > 0)) {
664 if (signvalue) {
665 doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
666 --padlen;
667 signvalue = 0;
668 }
669 while (padlen > 0) {
670 doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
671 --padlen;
672 }
673 }
674 while (padlen > 0) {
675 doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
676 --padlen;
677 }
678 if (signvalue)
679 doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
680
681 while (iplace > 0)
682 doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
683
684 /*
685 * Decimal point. This should probably use locale to find the correct
686 * char to print out.
687 */
688 if (max > 0) {
689 doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
690
691 while (fplace > 0)
692 doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
693 }
694 while (zpadlen > 0) {
695 doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
696 --zpadlen;
697 }
698
699 while (padlen < 0) {
700 doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
701 ++padlen;
702 }
703}
704
705static void
706doapr_outch(
707 char **sbuffer,
708 char **buffer,
709 size_t *currlen,
710 size_t *maxlen,
711 int c)
712{
713 /* If we haven't at least one buffer, someone has doe a big booboo */
714 assert(*sbuffer != NULL || buffer != NULL);
715
716 if (buffer) {
717 while (*currlen >= *maxlen) {
718 if (*buffer == NULL) {
719 assert(*sbuffer != NULL);
720 if (*maxlen == 0)
721 *maxlen = 1024;
722 *buffer = OPENSSL_malloc(*maxlen);
723 if (*currlen > 0)
724 memcpy(*buffer, *sbuffer, *currlen);
725 *sbuffer = NULL;
726 } else {
727 *maxlen += 1024;
728 *buffer = OPENSSL_realloc(*buffer, *maxlen);
729 }
730 }
731 /* What to do if *buffer is NULL? */
732 assert(*sbuffer != NULL || *buffer != NULL);
733 }
734
735 if (*currlen < *maxlen) {
736 if (*sbuffer)
737 (*sbuffer)[(*currlen)++] = (char)c;
738 else
739 (*buffer)[(*currlen)++] = (char)c;
740 }
741
742 return;
743}
744
745/***************************************************************************/
746
747int BIO_printf (BIO *bio, const char *format, ...)
748 {
749 va_list args;
750 int ret;
751
752 va_start(args, format);
753
754 ret = BIO_vprintf(bio, format, args);
755
756 va_end(args);
757 return(ret);
758 }
759
760int BIO_vprintf (BIO *bio, const char *format, va_list args)
761 {
762 int ret;
763 size_t retlen;
764 MS_STATIC char hugebuf[1024*10];
765 char *hugebufp = hugebuf;
766 size_t hugebufsize = sizeof(hugebuf);
767 char *dynbuf = NULL;
768 int ignored;
769
770 dynbuf = NULL;
771 CRYPTO_push_info("doapr()");
772 _dopr(&hugebufp, &dynbuf, &hugebufsize,
773 &retlen, &ignored, format, args);
774 if (dynbuf)
775 {
776 ret=BIO_write(bio, dynbuf, (int)retlen);
777 OPENSSL_free(dynbuf);
778 }
779 else
780 {
781 ret=BIO_write(bio, hugebuf, (int)retlen);
782 }
783 CRYPTO_pop_info();
784 return(ret);
785 }
786
787/* As snprintf is not available everywhere, we provide our own implementation.
788 * This function has nothing to do with BIOs, but it's closely related
789 * to BIO_printf, and we need *some* name prefix ...
790 * (XXX the function should be renamed, but to what?) */
791int BIO_snprintf(char *buf, size_t n, const char *format, ...)
792 {
793 va_list args;
794 int ret;
795
796 va_start(args, format);
797
798 ret = BIO_vsnprintf(buf, n, format, args);
799
800 va_end(args);
801 return(ret);
802 }
803
804int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
805 {
806 size_t retlen;
807 int truncated;
808
809 _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
810
811 if (truncated)
812 /* In case of truncation, return -1 like traditional snprintf.
813 * (Current drafts for ISO/IEC 9899 say snprintf should return
814 * the number of characters that would have been written,
815 * had the buffer been large enough.) */
816 return -1;
817 else
818 return (retlen <= INT_MAX) ? retlen : -1;
819 }
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c
deleted file mode 100644
index 62cc3f1a0c..0000000000
--- a/src/lib/libcrypto/bio/b_sock.c
+++ /dev/null
@@ -1,722 +0,0 @@
1/* crypto/bio/b_sock.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SOCK
60
61#include <stdio.h>
62#include <stdlib.h>
63#include <errno.h>
64#define USE_SOCKETS
65#include "cryptlib.h"
66#include <openssl/bio.h>
67
68#ifdef WIN16
69#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
70#else
71#define SOCKET_PROTOCOL IPPROTO_TCP
72#endif
73
74#ifdef SO_MAXCONN
75#define MAX_LISTEN SOMAXCONN
76#elif defined(SO_MAXCONN)
77#define MAX_LISTEN SO_MAXCONN
78#else
79#define MAX_LISTEN 32
80#endif
81
82#ifdef WINDOWS
83static int wsa_init_done=0;
84#endif
85
86static unsigned long BIO_ghbn_hits=0L;
87static unsigned long BIO_ghbn_miss=0L;
88
89#define GHBN_NUM 4
90static struct ghbn_cache_st
91 {
92 char name[129];
93 struct hostent *ent;
94 unsigned long order;
95 } ghbn_cache[GHBN_NUM];
96
97static int get_ip(const char *str,unsigned char *ip);
98static void ghbn_free(struct hostent *a);
99static struct hostent *ghbn_dup(struct hostent *a);
100int BIO_get_host_ip(const char *str, unsigned char *ip)
101 {
102 int i;
103 int err = 1;
104 int locked = 0;
105 struct hostent *he;
106
107 i=get_ip(str,ip);
108 if (i < 0)
109 {
110 BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
111 goto err;
112 }
113
114 /* At this point, we have something that is most probably correct
115 in some way, so let's init the socket. */
116 if (BIO_sock_init() != 1)
117 return 0; /* don't generate another error code here */
118
119 /* If the string actually contained an IP address, we need not do
120 anything more */
121 if (i > 0) return(1);
122
123 /* do a gethostbyname */
124 CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
125 locked = 1;
126 he=BIO_gethostbyname(str);
127 if (he == NULL)
128 {
129 BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
130 goto err;
131 }
132
133 /* cast to short because of win16 winsock definition */
134 if ((short)he->h_addrtype != AF_INET)
135 {
136 BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
137 goto err;
138 }
139 for (i=0; i<4; i++)
140 ip[i]=he->h_addr_list[0][i];
141 err = 0;
142
143 err:
144 if (locked)
145 CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
146 if (err)
147 {
148 ERR_add_error_data(2,"host=",str);
149 return 0;
150 }
151 else
152 return 1;
153 }
154
155int BIO_get_port(const char *str, unsigned short *port_ptr)
156 {
157 int i;
158 struct servent *s;
159
160 if (str == NULL)
161 {
162 BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED);
163 return(0);
164 }
165 i=atoi(str);
166 if (i != 0)
167 *port_ptr=(unsigned short)i;
168 else
169 {
170 CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
171 /* Note: under VMS with SOCKETSHR, it seems like the first
172 * parameter is 'char *', instead of 'const char *'
173 */
174 s=getservbyname(
175#ifndef CONST_STRICT
176 (char *)
177#endif
178 str,"tcp");
179 if(s != NULL)
180 *port_ptr=ntohs((unsigned short)s->s_port);
181 CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
182 if(s == NULL)
183 {
184 if (strcmp(str,"http") == 0)
185 *port_ptr=80;
186 else if (strcmp(str,"telnet") == 0)
187 *port_ptr=23;
188 else if (strcmp(str,"socks") == 0)
189 *port_ptr=1080;
190 else if (strcmp(str,"https") == 0)
191 *port_ptr=443;
192 else if (strcmp(str,"ssl") == 0)
193 *port_ptr=443;
194 else if (strcmp(str,"ftp") == 0)
195 *port_ptr=21;
196 else if (strcmp(str,"gopher") == 0)
197 *port_ptr=70;
198#if 0
199 else if (strcmp(str,"wais") == 0)
200 *port_ptr=21;
201#endif
202 else
203 {
204 SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error());
205 ERR_add_error_data(3,"service='",str,"'");
206 return(0);
207 }
208 }
209 }
210 return(1);
211 }
212
213int BIO_sock_error(int sock)
214 {
215 int j,i;
216 int size;
217
218 size=sizeof(int);
219 /* Note: under Windows the third parameter is of type (char *)
220 * whereas under other systems it is (void *) if you don't have
221 * a cast it will choke the compiler: if you do have a cast then
222 * you can either go for (char *) or (void *).
223 */
224 i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(void *)&j,(void *)&size);
225 if (i < 0)
226 return(1);
227 else
228 return(j);
229 }
230
231long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
232 {
233 int i;
234 char **p;
235
236 switch (cmd)
237 {
238 case BIO_GHBN_CTRL_HITS:
239 return(BIO_ghbn_hits);
240 /* break; */
241 case BIO_GHBN_CTRL_MISSES:
242 return(BIO_ghbn_miss);
243 /* break; */
244 case BIO_GHBN_CTRL_CACHE_SIZE:
245 return(GHBN_NUM);
246 /* break; */
247 case BIO_GHBN_CTRL_GET_ENTRY:
248 if ((iarg >= 0) && (iarg <GHBN_NUM) &&
249 (ghbn_cache[iarg].order > 0))
250 {
251 p=(char **)parg;
252 if (p == NULL) return(0);
253 *p=ghbn_cache[iarg].name;
254 ghbn_cache[iarg].name[128]='\0';
255 return(1);
256 }
257 return(0);
258 /* break; */
259 case BIO_GHBN_CTRL_FLUSH:
260 for (i=0; i<GHBN_NUM; i++)
261 ghbn_cache[i].order=0;
262 break;
263 default:
264 return(0);
265 }
266 return(1);
267 }
268
269static struct hostent *ghbn_dup(struct hostent *a)
270 {
271 struct hostent *ret;
272 int i,j;
273
274 MemCheck_off();
275 ret=(struct hostent *)OPENSSL_malloc(sizeof(struct hostent));
276 if (ret == NULL) return(NULL);
277 memset(ret,0,sizeof(struct hostent));
278
279 for (i=0; a->h_aliases[i] != NULL; i++)
280 ;
281 i++;
282 ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *));
283 if (ret->h_aliases == NULL)
284 goto err;
285 memset(ret->h_aliases, 0, i*sizeof(char *));
286
287 for (i=0; a->h_addr_list[i] != NULL; i++)
288 ;
289 i++;
290 ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *));
291 if (ret->h_addr_list == NULL)
292 goto err;
293 memset(ret->h_addr_list, 0, i*sizeof(char *));
294
295 j=strlen(a->h_name)+1;
296 if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err;
297 memcpy((char *)ret->h_name,a->h_name,j);
298 for (i=0; a->h_aliases[i] != NULL; i++)
299 {
300 j=strlen(a->h_aliases[i])+1;
301 if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err;
302 memcpy(ret->h_aliases[i],a->h_aliases[i],j);
303 }
304 ret->h_length=a->h_length;
305 ret->h_addrtype=a->h_addrtype;
306 for (i=0; a->h_addr_list[i] != NULL; i++)
307 {
308 if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL)
309 goto err;
310 memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length);
311 }
312 if (0)
313 {
314err:
315 if (ret != NULL)
316 ghbn_free(ret);
317 ret=NULL;
318 }
319 MemCheck_on();
320 return(ret);
321 }
322
323static void ghbn_free(struct hostent *a)
324 {
325 int i;
326
327 if(a == NULL)
328 return;
329
330 if (a->h_aliases != NULL)
331 {
332 for (i=0; a->h_aliases[i] != NULL; i++)
333 OPENSSL_free(a->h_aliases[i]);
334 OPENSSL_free(a->h_aliases);
335 }
336 if (a->h_addr_list != NULL)
337 {
338 for (i=0; a->h_addr_list[i] != NULL; i++)
339 OPENSSL_free(a->h_addr_list[i]);
340 OPENSSL_free(a->h_addr_list);
341 }
342 if (a->h_name != NULL) OPENSSL_free(a->h_name);
343 OPENSSL_free(a);
344 }
345
346struct hostent *BIO_gethostbyname(const char *name)
347 {
348 struct hostent *ret;
349 int i,lowi=0,j;
350 unsigned long low= (unsigned long)-1;
351
352/* return(gethostbyname(name)); */
353
354#if 0 /* It doesn't make sense to use locking here: The function interface
355 * is not thread-safe, because threads can never be sure when
356 * some other thread destroys the data they were given a pointer to.
357 */
358 CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
359#endif
360 j=strlen(name);
361 if (j < 128)
362 {
363 for (i=0; i<GHBN_NUM; i++)
364 {
365 if (low > ghbn_cache[i].order)
366 {
367 low=ghbn_cache[i].order;
368 lowi=i;
369 }
370 if (ghbn_cache[i].order > 0)
371 {
372 if (strncmp(name,ghbn_cache[i].name,128) == 0)
373 break;
374 }
375 }
376 }
377 else
378 i=GHBN_NUM;
379
380 if (i == GHBN_NUM) /* no hit*/
381 {
382 BIO_ghbn_miss++;
383 /* Note: under VMS with SOCKETSHR, it seems like the first
384 * parameter is 'char *', instead of 'const char *'
385 */
386 ret=gethostbyname(
387#ifndef CONST_STRICT
388 (char *)
389#endif
390 name);
391
392 if (ret == NULL)
393 goto end;
394 if (j > 128) /* too big to cache */
395 {
396#if 0 /* If we were trying to make this function thread-safe (which
397 * is bound to fail), we'd have to give up in this case
398 * (or allocate more memory). */
399 ret = NULL;
400#endif
401 goto end;
402 }
403
404 /* else add to cache */
405 if (ghbn_cache[lowi].ent != NULL)
406 ghbn_free(ghbn_cache[lowi].ent); /* XXX not thread-safe */
407 ghbn_cache[lowi].name[0] = '\0';
408
409 if((ret=ghbn_cache[lowi].ent=ghbn_dup(ret)) == NULL)
410 {
411 BIOerr(BIO_F_BIO_GETHOSTBYNAME,ERR_R_MALLOC_FAILURE);
412 goto end;
413 }
414 strncpy(ghbn_cache[lowi].name,name,128);
415 ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
416 }
417 else
418 {
419 BIO_ghbn_hits++;
420 ret= ghbn_cache[i].ent;
421 ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
422 }
423end:
424#if 0
425 CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
426#endif
427 return(ret);
428 }
429
430int BIO_sock_init(void)
431 {
432#ifdef WINDOWS
433 static struct WSAData wsa_state;
434
435 if (!wsa_init_done)
436 {
437 int err;
438
439#ifdef SIGINT
440 signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
441#endif
442 wsa_init_done=1;
443 memset(&wsa_state,0,sizeof(wsa_state));
444 if (WSAStartup(0x0101,&wsa_state)!=0)
445 {
446 err=WSAGetLastError();
447 SYSerr(SYS_F_WSASTARTUP,err);
448 BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP);
449 return(-1);
450 }
451 }
452#endif /* WINDOWS */
453 return(1);
454 }
455
456void BIO_sock_cleanup(void)
457 {
458#ifdef WINDOWS
459 if (wsa_init_done)
460 {
461 wsa_init_done=0;
462 WSACancelBlockingCall();
463 WSACleanup();
464 }
465#endif
466 }
467
468#if !defined(VMS) || __VMS_VER >= 70000000
469
470int BIO_socket_ioctl(int fd, long type, unsigned long *arg)
471 {
472 int i;
473
474 i=ioctlsocket(fd,type,arg);
475 if (i < 0)
476 SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
477 return(i);
478 }
479#endif /* __VMS_VER */
480
481/* The reason I have implemented this instead of using sscanf is because
482 * Visual C 1.52c gives an unresolved external when linking a DLL :-( */
483static int get_ip(const char *str, unsigned char ip[4])
484 {
485 unsigned int tmp[4];
486 int num=0,c,ok=0;
487
488 tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
489
490 for (;;)
491 {
492 c= *(str++);
493 if ((c >= '0') && (c <= '9'))
494 {
495 ok=1;
496 tmp[num]=tmp[num]*10+c-'0';
497 if (tmp[num] > 255) return(-1);
498 }
499 else if (c == '.')
500 {
501 if (!ok) return(-1);
502 if (num == 3) break;
503 num++;
504 ok=0;
505 }
506 else if ((num == 3) && ok)
507 break;
508 else
509 return(0);
510 }
511 ip[0]=tmp[0];
512 ip[1]=tmp[1];
513 ip[2]=tmp[2];
514 ip[3]=tmp[3];
515 return(1);
516 }
517
518int BIO_get_accept_socket(char *host, int bind_mode)
519 {
520 int ret=0;
521 struct sockaddr_in server,client;
522 int s=INVALID_SOCKET,cs;
523 unsigned char ip[4];
524 unsigned short port;
525 char *str=NULL,*e;
526 const char *h,*p;
527 unsigned long l;
528 int err_num;
529
530 if (BIO_sock_init() != 1) return(INVALID_SOCKET);
531
532 if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
533
534 h=p=NULL;
535 h=str;
536 for (e=str; *e; e++)
537 {
538 if (*e == ':')
539 {
540 p= &(e[1]);
541 *e='\0';
542 }
543 else if (*e == '/')
544 {
545 *e='\0';
546 break;
547 }
548 }
549
550 if (p == NULL)
551 {
552 p=h;
553 h="*";
554 }
555
556 if (!BIO_get_port(p,&port)) goto err;
557
558 memset((char *)&server,0,sizeof(server));
559 server.sin_family=AF_INET;
560 server.sin_port=htons(port);
561
562 if (strcmp(h,"*") == 0)
563 server.sin_addr.s_addr=INADDR_ANY;
564 else
565 {
566 if (!BIO_get_host_ip(h,&(ip[0]))) goto err;
567 l=(unsigned long)
568 ((unsigned long)ip[0]<<24L)|
569 ((unsigned long)ip[1]<<16L)|
570 ((unsigned long)ip[2]<< 8L)|
571 ((unsigned long)ip[3]);
572 server.sin_addr.s_addr=htonl(l);
573 }
574
575again:
576 s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
577 if (s == INVALID_SOCKET)
578 {
579 SYSerr(SYS_F_SOCKET,get_last_socket_error());
580 ERR_add_error_data(3,"port='",host,"'");
581 BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET);
582 goto err;
583 }
584
585#ifdef SO_REUSEADDR
586 if (bind_mode == BIO_BIND_REUSEADDR)
587 {
588 int i=1;
589
590 ret=setsockopt(s,SOL_SOCKET,SO_REUSEADDR,(char *)&i,sizeof(i));
591 bind_mode=BIO_BIND_NORMAL;
592 }
593#endif
594 if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
595 {
596#ifdef SO_REUSEADDR
597 err_num=get_last_socket_error();
598 if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
599 (err_num == EADDRINUSE))
600 {
601 memcpy((char *)&client,(char *)&server,sizeof(server));
602 if (strcmp(h,"*") == 0)
603 client.sin_addr.s_addr=htonl(0x7F000001);
604 cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
605 if (cs != INVALID_SOCKET)
606 {
607 int ii;
608 ii=connect(cs,(struct sockaddr *)&client,
609 sizeof(client));
610 closesocket(cs);
611 if (ii == INVALID_SOCKET)
612 {
613 bind_mode=BIO_BIND_REUSEADDR;
614 closesocket(s);
615 goto again;
616 }
617 /* else error */
618 }
619 /* else error */
620 }
621#endif
622 SYSerr(SYS_F_BIND,err_num);
623 ERR_add_error_data(3,"port='",host,"'");
624 BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
625 goto err;
626 }
627 if (listen(s,MAX_LISTEN) == -1)
628 {
629 SYSerr(SYS_F_BIND,get_last_socket_error());
630 ERR_add_error_data(3,"port='",host,"'");
631 BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
632 goto err;
633 }
634 ret=1;
635err:
636 if (str != NULL) OPENSSL_free(str);
637 if ((ret == 0) && (s != INVALID_SOCKET))
638 {
639 closesocket(s);
640 s= INVALID_SOCKET;
641 }
642 return(s);
643 }
644
645int BIO_accept(int sock, char **addr)
646 {
647 int ret=INVALID_SOCKET;
648 static struct sockaddr_in from;
649 unsigned long l;
650 unsigned short port;
651 int len;
652 char *p;
653
654 memset((char *)&from,0,sizeof(from));
655 len=sizeof(from);
656 /* Note: under VMS with SOCKETSHR the fourth parameter is currently
657 * of type (int *) whereas under other systems it is (void *) if
658 * you don't have a cast it will choke the compiler: if you do
659 * have a cast then you can either go for (int *) or (void *).
660 */
661 ret=accept(sock,(struct sockaddr *)&from,(void *)&len);
662 if (ret == INVALID_SOCKET)
663 {
664 SYSerr(SYS_F_ACCEPT,get_last_socket_error());
665 BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
666 goto end;
667 }
668
669 if (addr == NULL) goto end;
670
671 l=ntohl(from.sin_addr.s_addr);
672 port=ntohs(from.sin_port);
673 if (*addr == NULL)
674 {
675 if ((p=OPENSSL_malloc(24)) == NULL)
676 {
677 BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
678 goto end;
679 }
680 *addr=p;
681 }
682 sprintf(*addr,"%d.%d.%d.%d:%d",
683 (unsigned char)(l>>24L)&0xff,
684 (unsigned char)(l>>16L)&0xff,
685 (unsigned char)(l>> 8L)&0xff,
686 (unsigned char)(l )&0xff,
687 port);
688end:
689 return(ret);
690 }
691
692int BIO_set_tcp_ndelay(int s, int on)
693 {
694 int ret=0;
695#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
696 int opt;
697
698#ifdef SOL_TCP
699 opt=SOL_TCP;
700#else
701#ifdef IPPROTO_TCP
702 opt=IPPROTO_TCP;
703#endif
704#endif
705
706 ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on));
707#endif
708 return(ret == 0);
709 }
710#endif
711
712int BIO_socket_nbio(int s, int mode)
713 {
714 int ret= -1;
715 unsigned long l;
716
717 l=mode;
718#ifdef FIONBIO
719 ret=BIO_socket_ioctl(s,FIONBIO,&l);
720#endif
721 return(ret == 0);
722 }
diff --git a/src/lib/libcrypto/bio/bf_buff.c b/src/lib/libcrypto/bio/bf_buff.c
deleted file mode 100644
index c90238bae1..0000000000
--- a/src/lib/libcrypto/bio/bf_buff.c
+++ /dev/null
@@ -1,511 +0,0 @@
1/* crypto/bio/bf_buff.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64
65static int buffer_write(BIO *h, const char *buf,int num);
66static int buffer_read(BIO *h, char *buf, int size);
67static int buffer_puts(BIO *h, const char *str);
68static int buffer_gets(BIO *h, char *str, int size);
69static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int buffer_new(BIO *h);
71static int buffer_free(BIO *data);
72static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
73#define DEFAULT_BUFFER_SIZE 4096
74
75static BIO_METHOD methods_buffer=
76 {
77 BIO_TYPE_BUFFER,
78 "buffer",
79 buffer_write,
80 buffer_read,
81 buffer_puts,
82 buffer_gets,
83 buffer_ctrl,
84 buffer_new,
85 buffer_free,
86 buffer_callback_ctrl,
87 };
88
89BIO_METHOD *BIO_f_buffer(void)
90 {
91 return(&methods_buffer);
92 }
93
94static int buffer_new(BIO *bi)
95 {
96 BIO_F_BUFFER_CTX *ctx;
97
98 ctx=(BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX));
99 if (ctx == NULL) return(0);
100 ctx->ibuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
101 if (ctx->ibuf == NULL) { OPENSSL_free(ctx); return(0); }
102 ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
103 if (ctx->obuf == NULL) { OPENSSL_free(ctx->ibuf); OPENSSL_free(ctx); return(0); }
104 ctx->ibuf_size=DEFAULT_BUFFER_SIZE;
105 ctx->obuf_size=DEFAULT_BUFFER_SIZE;
106 ctx->ibuf_len=0;
107 ctx->ibuf_off=0;
108 ctx->obuf_len=0;
109 ctx->obuf_off=0;
110
111 bi->init=1;
112 bi->ptr=(char *)ctx;
113 bi->flags=0;
114 return(1);
115 }
116
117static int buffer_free(BIO *a)
118 {
119 BIO_F_BUFFER_CTX *b;
120
121 if (a == NULL) return(0);
122 b=(BIO_F_BUFFER_CTX *)a->ptr;
123 if (b->ibuf != NULL) OPENSSL_free(b->ibuf);
124 if (b->obuf != NULL) OPENSSL_free(b->obuf);
125 OPENSSL_free(a->ptr);
126 a->ptr=NULL;
127 a->init=0;
128 a->flags=0;
129 return(1);
130 }
131
132static int buffer_read(BIO *b, char *out, int outl)
133 {
134 int i,num=0;
135 BIO_F_BUFFER_CTX *ctx;
136
137 if (out == NULL) return(0);
138 ctx=(BIO_F_BUFFER_CTX *)b->ptr;
139
140 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
141 num=0;
142 BIO_clear_retry_flags(b);
143
144start:
145 i=ctx->ibuf_len;
146 /* If there is stuff left over, grab it */
147 if (i != 0)
148 {
149 if (i > outl) i=outl;
150 memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i);
151 ctx->ibuf_off+=i;
152 ctx->ibuf_len-=i;
153 num+=i;
154 if (outl == i) return(num);
155 outl-=i;
156 out+=i;
157 }
158
159 /* We may have done a partial read. try to do more.
160 * We have nothing in the buffer.
161 * If we get an error and have read some data, just return it
162 * and let them retry to get the error again.
163 * copy direct to parent address space */
164 if (outl > ctx->ibuf_size)
165 {
166 for (;;)
167 {
168 i=BIO_read(b->next_bio,out,outl);
169 if (i <= 0)
170 {
171 BIO_copy_next_retry(b);
172 if (i < 0) return((num > 0)?num:i);
173 if (i == 0) return(num);
174 }
175 num+=i;
176 if (outl == i) return(num);
177 out+=i;
178 outl-=i;
179 }
180 }
181 /* else */
182
183 /* we are going to be doing some buffering */
184 i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
185 if (i <= 0)
186 {
187 BIO_copy_next_retry(b);
188 if (i < 0) return((num > 0)?num:i);
189 if (i == 0) return(num);
190 }
191 ctx->ibuf_off=0;
192 ctx->ibuf_len=i;
193
194 /* Lets re-read using ourselves :-) */
195 goto start;
196 }
197
198static int buffer_write(BIO *b, const char *in, int inl)
199 {
200 int i,num=0;
201 BIO_F_BUFFER_CTX *ctx;
202
203 if ((in == NULL) || (inl <= 0)) return(0);
204 ctx=(BIO_F_BUFFER_CTX *)b->ptr;
205 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
206
207 BIO_clear_retry_flags(b);
208start:
209 i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off);
210 /* add to buffer and return */
211 if (i >= inl)
212 {
213 memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl);
214 ctx->obuf_len+=inl;
215 return(num+inl);
216 }
217 /* else */
218 /* stuff already in buffer, so add to it first, then flush */
219 if (ctx->obuf_len != 0)
220 {
221 if (i > 0) /* lets fill it up if we can */
222 {
223 memcpy(&(ctx->obuf[ctx->obuf_len]),in,i);
224 in+=i;
225 inl-=i;
226 num+=i;
227 ctx->obuf_len+=i;
228 }
229 /* we now have a full buffer needing flushing */
230 for (;;)
231 {
232 i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]),
233 ctx->obuf_len);
234 if (i <= 0)
235 {
236 BIO_copy_next_retry(b);
237
238 if (i < 0) return((num > 0)?num:i);
239 if (i == 0) return(num);
240 }
241 ctx->obuf_off+=i;
242 ctx->obuf_len-=i;
243 if (ctx->obuf_len == 0) break;
244 }
245 }
246 /* we only get here if the buffer has been flushed and we
247 * still have stuff to write */
248 ctx->obuf_off=0;
249
250 /* we now have inl bytes to write */
251 while (inl >= ctx->obuf_size)
252 {
253 i=BIO_write(b->next_bio,in,inl);
254 if (i <= 0)
255 {
256 BIO_copy_next_retry(b);
257 if (i < 0) return((num > 0)?num:i);
258 if (i == 0) return(num);
259 }
260 num+=i;
261 in+=i;
262 inl-=i;
263 if (inl == 0) return(num);
264 }
265
266 /* copy the rest into the buffer since we have only a small
267 * amount left */
268 goto start;
269 }
270
271static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr)
272 {
273 BIO *dbio;
274 BIO_F_BUFFER_CTX *ctx;
275 long ret=1;
276 char *p1,*p2;
277 int r,i,*ip;
278 int ibs,obs;
279
280 ctx=(BIO_F_BUFFER_CTX *)b->ptr;
281
282 switch (cmd)
283 {
284 case BIO_CTRL_RESET:
285 ctx->ibuf_off=0;
286 ctx->ibuf_len=0;
287 ctx->obuf_off=0;
288 ctx->obuf_len=0;
289 if (b->next_bio == NULL) return(0);
290 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
291 break;
292 case BIO_CTRL_INFO:
293 ret=(long)ctx->obuf_len;
294 break;
295 case BIO_C_GET_BUFF_NUM_LINES:
296 ret=0;
297 p1=ctx->ibuf;
298 for (i=ctx->ibuf_off; i<ctx->ibuf_len; i++)
299 {
300 if (p1[i] == '\n') ret++;
301 }
302 break;
303 case BIO_CTRL_WPENDING:
304 ret=(long)ctx->obuf_len;
305 if (ret == 0)
306 {
307 if (b->next_bio == NULL) return(0);
308 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
309 }
310 break;
311 case BIO_CTRL_PENDING:
312 ret=(long)ctx->ibuf_len;
313 if (ret == 0)
314 {
315 if (b->next_bio == NULL) return(0);
316 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
317 }
318 break;
319 case BIO_C_SET_BUFF_READ_DATA:
320 if (num > ctx->ibuf_size)
321 {
322 p1=OPENSSL_malloc((int)num);
323 if (p1 == NULL) goto malloc_error;
324 if (ctx->ibuf != NULL) OPENSSL_free(ctx->ibuf);
325 ctx->ibuf=p1;
326 }
327 ctx->ibuf_off=0;
328 ctx->ibuf_len=(int)num;
329 memcpy(ctx->ibuf,ptr,(int)num);
330 ret=1;
331 break;
332 case BIO_C_SET_BUFF_SIZE:
333 if (ptr != NULL)
334 {
335 ip=(int *)ptr;
336 if (*ip == 0)
337 {
338 ibs=(int)num;
339 obs=ctx->obuf_size;
340 }
341 else /* if (*ip == 1) */
342 {
343 ibs=ctx->ibuf_size;
344 obs=(int)num;
345 }
346 }
347 else
348 {
349 ibs=(int)num;
350 obs=(int)num;
351 }
352 p1=ctx->ibuf;
353 p2=ctx->obuf;
354 if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
355 {
356 p1=(char *)OPENSSL_malloc((int)num);
357 if (p1 == NULL) goto malloc_error;
358 }
359 if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
360 {
361 p2=(char *)OPENSSL_malloc((int)num);
362 if (p2 == NULL)
363 {
364 if (p1 != ctx->ibuf) OPENSSL_free(p1);
365 goto malloc_error;
366 }
367 }
368 if (ctx->ibuf != p1)
369 {
370 OPENSSL_free(ctx->ibuf);
371 ctx->ibuf=p1;
372 ctx->ibuf_off=0;
373 ctx->ibuf_len=0;
374 ctx->ibuf_size=ibs;
375 }
376 if (ctx->obuf != p2)
377 {
378 OPENSSL_free(ctx->obuf);
379 ctx->obuf=p2;
380 ctx->obuf_off=0;
381 ctx->obuf_len=0;
382 ctx->obuf_size=obs;
383 }
384 break;
385 case BIO_C_DO_STATE_MACHINE:
386 if (b->next_bio == NULL) return(0);
387 BIO_clear_retry_flags(b);
388 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
389 BIO_copy_next_retry(b);
390 break;
391
392 case BIO_CTRL_FLUSH:
393 if (b->next_bio == NULL) return(0);
394 if (ctx->obuf_len <= 0)
395 {
396 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
397 break;
398 }
399
400 for (;;)
401 {
402 BIO_clear_retry_flags(b);
403 if (ctx->obuf_len > ctx->obuf_off)
404 {
405 r=BIO_write(b->next_bio,
406 &(ctx->obuf[ctx->obuf_off]),
407 ctx->obuf_len-ctx->obuf_off);
408#if 0
409fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r);
410#endif
411 BIO_copy_next_retry(b);
412 if (r <= 0) return((long)r);
413 ctx->obuf_off+=r;
414 }
415 else
416 {
417 ctx->obuf_len=0;
418 ctx->obuf_off=0;
419 ret=1;
420 break;
421 }
422 }
423 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
424 break;
425 case BIO_CTRL_DUP:
426 dbio=(BIO *)ptr;
427 if ( !BIO_set_read_buffer_size(dbio,ctx->ibuf_size) ||
428 !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
429 ret=0;
430 break;
431 default:
432 if (b->next_bio == NULL) return(0);
433 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
434 break;
435 }
436 return(ret);
437malloc_error:
438 BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE);
439 return(0);
440 }
441
442static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
443 {
444 long ret=1;
445
446 if (b->next_bio == NULL) return(0);
447 switch (cmd)
448 {
449 default:
450 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
451 break;
452 }
453 return(ret);
454 }
455
456static int buffer_gets(BIO *b, char *buf, int size)
457 {
458 BIO_F_BUFFER_CTX *ctx;
459 int num=0,i,flag;
460 char *p;
461
462 ctx=(BIO_F_BUFFER_CTX *)b->ptr;
463 size--; /* reserve space for a '\0' */
464 BIO_clear_retry_flags(b);
465
466 for (;;)
467 {
468 if (ctx->ibuf_len > 0)
469 {
470 p= &(ctx->ibuf[ctx->ibuf_off]);
471 flag=0;
472 for (i=0; (i<ctx->ibuf_len) && (i<size); i++)
473 {
474 *(buf++)=p[i];
475 if (p[i] == '\n')
476 {
477 flag=1;
478 i++;
479 break;
480 }
481 }
482 num+=i;
483 size-=i;
484 ctx->ibuf_len-=i;
485 ctx->ibuf_off+=i;
486 if ((flag) || (i == size))
487 {
488 *buf='\0';
489 return(num);
490 }
491 }
492 else /* read another chunk */
493 {
494 i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
495 if (i <= 0)
496 {
497 BIO_copy_next_retry(b);
498 if (i < 0) return((num > 0)?num:i);
499 if (i == 0) return(num);
500 }
501 ctx->ibuf_len=i;
502 ctx->ibuf_off=0;
503 }
504 }
505 }
506
507static int buffer_puts(BIO *b, const char *str)
508 {
509 return(buffer_write(b,str,strlen(str)));
510 }
511
diff --git a/src/lib/libcrypto/bio/bf_lbuf.c b/src/lib/libcrypto/bio/bf_lbuf.c
deleted file mode 100644
index 7bcf8ed941..0000000000
--- a/src/lib/libcrypto/bio/bf_lbuf.c
+++ /dev/null
@@ -1,397 +0,0 @@
1/* crypto/bio/bf_buff.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64
65static int linebuffer_write(BIO *h, const char *buf,int num);
66static int linebuffer_read(BIO *h, char *buf, int size);
67static int linebuffer_puts(BIO *h, const char *str);
68static int linebuffer_gets(BIO *h, char *str, int size);
69static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int linebuffer_new(BIO *h);
71static int linebuffer_free(BIO *data);
72static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
73
74/* A 10k maximum should be enough for most purposes */
75#define DEFAULT_LINEBUFFER_SIZE 1024*10
76
77/* #define DEBUG */
78
79static BIO_METHOD methods_linebuffer=
80 {
81 BIO_TYPE_LINEBUFFER,
82 "linebuffer",
83 linebuffer_write,
84 linebuffer_read,
85 linebuffer_puts,
86 linebuffer_gets,
87 linebuffer_ctrl,
88 linebuffer_new,
89 linebuffer_free,
90 linebuffer_callback_ctrl,
91 };
92
93BIO_METHOD *BIO_f_linebuffer(void)
94 {
95 return(&methods_linebuffer);
96 }
97
98typedef struct bio_linebuffer_ctx_struct
99 {
100 char *obuf; /* the output char array */
101 int obuf_size; /* how big is the output buffer */
102 int obuf_len; /* how many bytes are in it */
103 } BIO_LINEBUFFER_CTX;
104
105static int linebuffer_new(BIO *bi)
106 {
107 BIO_LINEBUFFER_CTX *ctx;
108
109 ctx=(BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
110 if (ctx == NULL) return(0);
111 ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
112 if (ctx->obuf == NULL) { OPENSSL_free(ctx); return(0); }
113 ctx->obuf_size=DEFAULT_LINEBUFFER_SIZE;
114 ctx->obuf_len=0;
115
116 bi->init=1;
117 bi->ptr=(char *)ctx;
118 bi->flags=0;
119 return(1);
120 }
121
122static int linebuffer_free(BIO *a)
123 {
124 BIO_LINEBUFFER_CTX *b;
125
126 if (a == NULL) return(0);
127 b=(BIO_LINEBUFFER_CTX *)a->ptr;
128 if (b->obuf != NULL) OPENSSL_free(b->obuf);
129 OPENSSL_free(a->ptr);
130 a->ptr=NULL;
131 a->init=0;
132 a->flags=0;
133 return(1);
134 }
135
136static int linebuffer_read(BIO *b, char *out, int outl)
137 {
138 int ret=0;
139
140 if (out == NULL) return(0);
141 if (b->next_bio == NULL) return(0);
142 ret=BIO_read(b->next_bio,out,outl);
143 BIO_clear_retry_flags(b);
144 BIO_copy_next_retry(b);
145 return(ret);
146 }
147
148static int linebuffer_write(BIO *b, const char *in, int inl)
149 {
150 int i,num=0,foundnl;
151 BIO_LINEBUFFER_CTX *ctx;
152
153 if ((in == NULL) || (inl <= 0)) return(0);
154 ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
155 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
156
157 BIO_clear_retry_flags(b);
158
159 do
160 {
161 const char *p;
162
163 for(p = in; p < in + inl && *p != '\n'; p++)
164 ;
165 if (*p == '\n')
166 {
167 p++;
168 foundnl = 1;
169 }
170 else
171 foundnl = 0;
172
173 /* If a NL was found and we already have text in the save
174 buffer, concatenate them and write */
175 while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
176 && ctx->obuf_len > 0)
177 {
178 int orig_olen = ctx->obuf_len;
179
180 i = ctx->obuf_size - ctx->obuf_len;
181 if (p - in > 0)
182 {
183 if (i >= p - in)
184 {
185 memcpy(&(ctx->obuf[ctx->obuf_len]),
186 in,p - in);
187 ctx->obuf_len += p - in;
188 inl -= p - in;
189 num += p - in;
190 in = p;
191 }
192 else
193 {
194 memcpy(&(ctx->obuf[ctx->obuf_len]),
195 in,i);
196 ctx->obuf_len += i;
197 inl -= i;
198 in += i;
199 num += i;
200 }
201 }
202
203#ifdef DEBUG
204BIO_write(b->next_bio, "<*<", 3);
205#endif
206 i=BIO_write(b->next_bio,
207 ctx->obuf, ctx->obuf_len);
208 if (i <= 0)
209 {
210 ctx->obuf_len = orig_olen;
211 BIO_copy_next_retry(b);
212
213#ifdef DEBUG
214BIO_write(b->next_bio, ">*>", 3);
215#endif
216 if (i < 0) return((num > 0)?num:i);
217 if (i == 0) return(num);
218 }
219#ifdef DEBUG
220BIO_write(b->next_bio, ">*>", 3);
221#endif
222 if (i < ctx->obuf_len)
223 memmove(ctx->obuf, ctx->obuf + i,
224 ctx->obuf_len - i);
225 ctx->obuf_len-=i;
226 }
227
228 /* Now that the save buffer is emptied, let's write the input
229 buffer if a NL was found and there is anything to write. */
230 if ((foundnl || p - in > ctx->obuf_size) && p - in > 0)
231 {
232#ifdef DEBUG
233BIO_write(b->next_bio, "<*<", 3);
234#endif
235 i=BIO_write(b->next_bio,in,p - in);
236 if (i <= 0)
237 {
238 BIO_copy_next_retry(b);
239#ifdef DEBUG
240BIO_write(b->next_bio, ">*>", 3);
241#endif
242 if (i < 0) return((num > 0)?num:i);
243 if (i == 0) return(num);
244 }
245#ifdef DEBUG
246BIO_write(b->next_bio, ">*>", 3);
247#endif
248 num+=i;
249 in+=i;
250 inl-=i;
251 }
252 }
253 while(foundnl && inl > 0);
254 /* We've written as much as we can. The rest of the input buffer, if
255 any, is text that doesn't and with a NL and therefore needs to be
256 saved for the next trip. */
257 if (inl > 0)
258 {
259 memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
260 ctx->obuf_len += inl;
261 num += inl;
262 }
263 return num;
264 }
265
266static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
267 {
268 BIO *dbio;
269 BIO_LINEBUFFER_CTX *ctx;
270 long ret=1;
271 char *p;
272 int r;
273 int obs;
274
275 ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
276
277 switch (cmd)
278 {
279 case BIO_CTRL_RESET:
280 ctx->obuf_len=0;
281 if (b->next_bio == NULL) return(0);
282 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
283 break;
284 case BIO_CTRL_INFO:
285 ret=(long)ctx->obuf_len;
286 break;
287 case BIO_CTRL_WPENDING:
288 ret=(long)ctx->obuf_len;
289 if (ret == 0)
290 {
291 if (b->next_bio == NULL) return(0);
292 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
293 }
294 break;
295 case BIO_C_SET_BUFF_SIZE:
296 obs=(int)num;
297 p=ctx->obuf;
298 if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size))
299 {
300 p=(char *)OPENSSL_malloc((int)num);
301 if (p == NULL)
302 goto malloc_error;
303 }
304 if (ctx->obuf != p)
305 {
306 if (ctx->obuf_len > obs)
307 {
308 ctx->obuf_len = obs;
309 }
310 memcpy(p, ctx->obuf, ctx->obuf_len);
311 OPENSSL_free(ctx->obuf);
312 ctx->obuf=p;
313 ctx->obuf_size=obs;
314 }
315 break;
316 case BIO_C_DO_STATE_MACHINE:
317 if (b->next_bio == NULL) return(0);
318 BIO_clear_retry_flags(b);
319 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
320 BIO_copy_next_retry(b);
321 break;
322
323 case BIO_CTRL_FLUSH:
324 if (b->next_bio == NULL) return(0);
325 if (ctx->obuf_len <= 0)
326 {
327 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
328 break;
329 }
330
331 for (;;)
332 {
333 BIO_clear_retry_flags(b);
334 if (ctx->obuf_len > 0)
335 {
336 r=BIO_write(b->next_bio,
337 ctx->obuf, ctx->obuf_len);
338#if 0
339fprintf(stderr,"FLUSH %3d -> %3d\n",ctx->obuf_len,r);
340#endif
341 BIO_copy_next_retry(b);
342 if (r <= 0) return((long)r);
343 if (r < ctx->obuf_len)
344 memmove(ctx->obuf, ctx->obuf + r,
345 ctx->obuf_len - r);
346 ctx->obuf_len-=r;
347 }
348 else
349 {
350 ctx->obuf_len=0;
351 ret=1;
352 break;
353 }
354 }
355 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
356 break;
357 case BIO_CTRL_DUP:
358 dbio=(BIO *)ptr;
359 if ( !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
360 ret=0;
361 break;
362 default:
363 if (b->next_bio == NULL) return(0);
364 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
365 break;
366 }
367 return(ret);
368malloc_error:
369 BIOerr(BIO_F_LINEBUFFER_CTRL,ERR_R_MALLOC_FAILURE);
370 return(0);
371 }
372
373static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
374 {
375 long ret=1;
376
377 if (b->next_bio == NULL) return(0);
378 switch (cmd)
379 {
380 default:
381 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
382 break;
383 }
384 return(ret);
385 }
386
387static int linebuffer_gets(BIO *b, char *buf, int size)
388 {
389 if (b->next_bio == NULL) return(0);
390 return(BIO_gets(b->next_bio,buf,size));
391 }
392
393static int linebuffer_puts(BIO *b, const char *str)
394 {
395 return(linebuffer_write(b,str,strlen(str)));
396 }
397
diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c
deleted file mode 100644
index 413ef5c4c5..0000000000
--- a/src/lib/libcrypto/bio/bf_nbio.c
+++ /dev/null
@@ -1,256 +0,0 @@
1/* crypto/bio/bf_nbio.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/rand.h>
63#include <openssl/bio.h>
64#include <openssl/evp.h>
65
66/* BIO_put and BIO_get both add to the digest,
67 * BIO_gets returns the digest */
68
69static int nbiof_write(BIO *h,const char *buf,int num);
70static int nbiof_read(BIO *h,char *buf,int size);
71static int nbiof_puts(BIO *h,const char *str);
72static int nbiof_gets(BIO *h,char *str,int size);
73static long nbiof_ctrl(BIO *h,int cmd,long arg1,void *arg2);
74static int nbiof_new(BIO *h);
75static int nbiof_free(BIO *data);
76static long nbiof_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
77typedef struct nbio_test_st
78 {
79 /* only set if we sent a 'should retry' error */
80 int lrn;
81 int lwn;
82 } NBIO_TEST;
83
84static BIO_METHOD methods_nbiof=
85 {
86 BIO_TYPE_NBIO_TEST,
87 "non-blocking IO test filter",
88 nbiof_write,
89 nbiof_read,
90 nbiof_puts,
91 nbiof_gets,
92 nbiof_ctrl,
93 nbiof_new,
94 nbiof_free,
95 nbiof_callback_ctrl,
96 };
97
98BIO_METHOD *BIO_f_nbio_test(void)
99 {
100 return(&methods_nbiof);
101 }
102
103static int nbiof_new(BIO *bi)
104 {
105 NBIO_TEST *nt;
106
107 nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST));
108 nt->lrn= -1;
109 nt->lwn= -1;
110 bi->ptr=(char *)nt;
111 bi->init=1;
112 bi->flags=0;
113 return(1);
114 }
115
116static int nbiof_free(BIO *a)
117 {
118 if (a == NULL) return(0);
119 if (a->ptr != NULL)
120 OPENSSL_free(a->ptr);
121 a->ptr=NULL;
122 a->init=0;
123 a->flags=0;
124 return(1);
125 }
126
127static int nbiof_read(BIO *b, char *out, int outl)
128 {
129 NBIO_TEST *nt;
130 int ret=0;
131#if 0
132 int num;
133 unsigned char n;
134#endif
135
136 if (out == NULL) return(0);
137 if (b->next_bio == NULL) return(0);
138 nt=(NBIO_TEST *)b->ptr;
139
140 BIO_clear_retry_flags(b);
141#if 0
142 RAND_pseudo_bytes(&n,1);
143 num=(n&0x07);
144
145 if (outl > num) outl=num;
146
147 if (num == 0)
148 {
149 ret= -1;
150 BIO_set_retry_read(b);
151 }
152 else
153#endif
154 {
155 ret=BIO_read(b->next_bio,out,outl);
156 if (ret < 0)
157 BIO_copy_next_retry(b);
158 }
159 return(ret);
160 }
161
162static int nbiof_write(BIO *b, const char *in, int inl)
163 {
164 NBIO_TEST *nt;
165 int ret=0;
166 int num;
167 unsigned char n;
168
169 if ((in == NULL) || (inl <= 0)) return(0);
170 if (b->next_bio == NULL) return(0);
171 nt=(NBIO_TEST *)b->ptr;
172
173 BIO_clear_retry_flags(b);
174
175#if 1
176 if (nt->lwn > 0)
177 {
178 num=nt->lwn;
179 nt->lwn=0;
180 }
181 else
182 {
183 RAND_pseudo_bytes(&n,1);
184 num=(n&7);
185 }
186
187 if (inl > num) inl=num;
188
189 if (num == 0)
190 {
191 ret= -1;
192 BIO_set_retry_write(b);
193 }
194 else
195#endif
196 {
197 ret=BIO_write(b->next_bio,in,inl);
198 if (ret < 0)
199 {
200 BIO_copy_next_retry(b);
201 nt->lwn=inl;
202 }
203 }
204 return(ret);
205 }
206
207static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
208 {
209 long ret;
210
211 if (b->next_bio == NULL) return(0);
212 switch (cmd)
213 {
214 case BIO_C_DO_STATE_MACHINE:
215 BIO_clear_retry_flags(b);
216 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
217 BIO_copy_next_retry(b);
218 break;
219 case BIO_CTRL_DUP:
220 ret=0L;
221 break;
222 default:
223 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
224 break;
225 }
226 return(ret);
227 }
228
229static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
230 {
231 long ret=1;
232
233 if (b->next_bio == NULL) return(0);
234 switch (cmd)
235 {
236 default:
237 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
238 break;
239 }
240 return(ret);
241 }
242
243static int nbiof_gets(BIO *bp, char *buf, int size)
244 {
245 if (bp->next_bio == NULL) return(0);
246 return(BIO_gets(bp->next_bio,buf,size));
247 }
248
249
250static int nbiof_puts(BIO *bp, const char *str)
251 {
252 if (bp->next_bio == NULL) return(0);
253 return(BIO_puts(bp->next_bio,str));
254 }
255
256
diff --git a/src/lib/libcrypto/bio/bf_null.c b/src/lib/libcrypto/bio/bf_null.c
deleted file mode 100644
index 2678a1a85d..0000000000
--- a/src/lib/libcrypto/bio/bf_null.c
+++ /dev/null
@@ -1,184 +0,0 @@
1/* crypto/bio/bf_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64
65/* BIO_put and BIO_get both add to the digest,
66 * BIO_gets returns the digest */
67
68static int nullf_write(BIO *h, const char *buf, int num);
69static int nullf_read(BIO *h, char *buf, int size);
70static int nullf_puts(BIO *h, const char *str);
71static int nullf_gets(BIO *h, char *str, int size);
72static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
73static int nullf_new(BIO *h);
74static int nullf_free(BIO *data);
75static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
76static BIO_METHOD methods_nullf=
77 {
78 BIO_TYPE_NULL_FILTER,
79 "NULL filter",
80 nullf_write,
81 nullf_read,
82 nullf_puts,
83 nullf_gets,
84 nullf_ctrl,
85 nullf_new,
86 nullf_free,
87 nullf_callback_ctrl,
88 };
89
90BIO_METHOD *BIO_f_null(void)
91 {
92 return(&methods_nullf);
93 }
94
95static int nullf_new(BIO *bi)
96 {
97 bi->init=1;
98 bi->ptr=NULL;
99 bi->flags=0;
100 return(1);
101 }
102
103static int nullf_free(BIO *a)
104 {
105 if (a == NULL) return(0);
106/* a->ptr=NULL;
107 a->init=0;
108 a->flags=0;*/
109 return(1);
110 }
111
112static int nullf_read(BIO *b, char *out, int outl)
113 {
114 int ret=0;
115
116 if (out == NULL) return(0);
117 if (b->next_bio == NULL) return(0);
118 ret=BIO_read(b->next_bio,out,outl);
119 BIO_clear_retry_flags(b);
120 BIO_copy_next_retry(b);
121 return(ret);
122 }
123
124static int nullf_write(BIO *b, const char *in, int inl)
125 {
126 int ret=0;
127
128 if ((in == NULL) || (inl <= 0)) return(0);
129 if (b->next_bio == NULL) return(0);
130 ret=BIO_write(b->next_bio,in,inl);
131 BIO_clear_retry_flags(b);
132 BIO_copy_next_retry(b);
133 return(ret);
134 }
135
136static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
137 {
138 long ret;
139
140 if (b->next_bio == NULL) return(0);
141 switch(cmd)
142 {
143 case BIO_C_DO_STATE_MACHINE:
144 BIO_clear_retry_flags(b);
145 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
146 BIO_copy_next_retry(b);
147 break;
148 case BIO_CTRL_DUP:
149 ret=0L;
150 break;
151 default:
152 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
153 }
154 return(ret);
155 }
156
157static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
158 {
159 long ret=1;
160
161 if (b->next_bio == NULL) return(0);
162 switch (cmd)
163 {
164 default:
165 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
166 break;
167 }
168 return(ret);
169 }
170
171static int nullf_gets(BIO *bp, char *buf, int size)
172 {
173 if (bp->next_bio == NULL) return(0);
174 return(BIO_gets(bp->next_bio,buf,size));
175 }
176
177
178static int nullf_puts(BIO *bp, const char *str)
179 {
180 if (bp->next_bio == NULL) return(0);
181 return(BIO_puts(bp->next_bio,str));
182 }
183
184
diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h
deleted file mode 100644
index 97003b503c..0000000000
--- a/src/lib/libcrypto/bio/bio.h
+++ /dev/null
@@ -1,687 +0,0 @@
1/* crypto/bio/bio.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BIO_H
60#define HEADER_BIO_H
61
62#ifndef NO_FP_API
63# include <stdio.h>
64#endif
65#include <stdarg.h>
66
67#include <openssl/crypto.h>
68
69#ifdef __cplusplus
70extern "C" {
71#endif
72
73/* These are the 'types' of BIOs */
74#define BIO_TYPE_NONE 0
75#define BIO_TYPE_MEM (1|0x0400)
76#define BIO_TYPE_FILE (2|0x0400)
77
78#define BIO_TYPE_FD (4|0x0400|0x0100)
79#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
80#define BIO_TYPE_NULL (6|0x0400)
81#define BIO_TYPE_SSL (7|0x0200)
82#define BIO_TYPE_MD (8|0x0200) /* passive filter */
83#define BIO_TYPE_BUFFER (9|0x0200) /* filter */
84#define BIO_TYPE_CIPHER (10|0x0200) /* filter */
85#define BIO_TYPE_BASE64 (11|0x0200) /* filter */
86#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */
87#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */
88#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */
89#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */
90#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */
91#define BIO_TYPE_NULL_FILTER (17|0x0200)
92#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */
93#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
94#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
95
96#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
97#define BIO_TYPE_FILTER 0x0200
98#define BIO_TYPE_SOURCE_SINK 0x0400
99
100/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
101 * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
102#define BIO_NOCLOSE 0x00
103#define BIO_CLOSE 0x01
104
105/* These are used in the following macros and are passed to
106 * BIO_ctrl() */
107#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */
108#define BIO_CTRL_EOF 2 /* opt - are we at the eof */
109#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */
110#define BIO_CTRL_SET 4 /* man - set the 'IO' type */
111#define BIO_CTRL_GET 5 /* man - get the 'IO' type */
112#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */
113#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */
114#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */
115#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */
116#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */
117#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */
118#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */
119#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */
120/* callback is int cb(BIO *bio,state,ret); */
121#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */
122#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */
123
124#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */
125
126/* modifiers */
127#define BIO_FP_READ 0x02
128#define BIO_FP_WRITE 0x04
129#define BIO_FP_APPEND 0x08
130#define BIO_FP_TEXT 0x10
131
132#define BIO_FLAGS_READ 0x01
133#define BIO_FLAGS_WRITE 0x02
134#define BIO_FLAGS_IO_SPECIAL 0x04
135#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
136#define BIO_FLAGS_SHOULD_RETRY 0x08
137
138/* Used in BIO_gethostbyname() */
139#define BIO_GHBN_CTRL_HITS 1
140#define BIO_GHBN_CTRL_MISSES 2
141#define BIO_GHBN_CTRL_CACHE_SIZE 3
142#define BIO_GHBN_CTRL_GET_ENTRY 4
143#define BIO_GHBN_CTRL_FLUSH 5
144
145/* Mostly used in the SSL BIO */
146/* Not used anymore
147 * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
148 * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
149 * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
150 */
151
152#define BIO_FLAGS_BASE64_NO_NL 0x100
153
154/* This is used with memory BIOs: it means we shouldn't free up or change the
155 * data in any way.
156 */
157#define BIO_FLAGS_MEM_RDONLY 0x200
158
159#define BIO_set_flags(b,f) ((b)->flags|=(f))
160#define BIO_get_flags(b) ((b)->flags)
161#define BIO_set_retry_special(b) \
162 ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
163#define BIO_set_retry_read(b) \
164 ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
165#define BIO_set_retry_write(b) \
166 ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
167
168/* These are normally used internally in BIOs */
169#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
170#define BIO_clear_retry_flags(b) \
171 ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
172#define BIO_get_retry_flags(b) \
173 ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
174
175/* These should be used by the application to tell why we should retry */
176#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
177#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
178#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
179#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
180#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
181
182/* The next two are used in conjunction with the
183 * BIO_should_io_special() condition. After this returns true,
184 * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO
185 * stack and return the 'reason' for the special and the offending BIO.
186 * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
187/* Returned from the SSL bio when the certificate retrieval code had an error */
188#define BIO_RR_SSL_X509_LOOKUP 0x01
189/* Returned from the connect BIO when a connect would have blocked */
190#define BIO_RR_CONNECT 0x02
191
192/* These are passed by the BIO callback */
193#define BIO_CB_FREE 0x01
194#define BIO_CB_READ 0x02
195#define BIO_CB_WRITE 0x03
196#define BIO_CB_PUTS 0x04
197#define BIO_CB_GETS 0x05
198#define BIO_CB_CTRL 0x06
199
200/* The callback is called before and after the underling operation,
201 * The BIO_CB_RETURN flag indicates if it is after the call */
202#define BIO_CB_RETURN 0x80
203#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
204#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
205#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
206
207#define BIO_set_callback(b,cb) ((b)->callback=(cb))
208#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
209#define BIO_get_callback_arg(b) ((b)->cb_arg)
210#define BIO_get_callback(b) ((b)->callback)
211#define BIO_method_name(b) ((b)->method->name)
212#define BIO_method_type(b) ((b)->method->type)
213
214typedef struct bio_st BIO;
215
216typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
217
218#ifndef WIN16
219typedef struct bio_method_st
220 {
221 int type;
222 const char *name;
223 int (*bwrite)(BIO *, const char *, int);
224 int (*bread)(BIO *, char *, int);
225 int (*bputs)(BIO *, const char *);
226 int (*bgets)(BIO *, char *, int);
227 long (*ctrl)(BIO *, int, long, void *);
228 int (*create)(BIO *);
229 int (*destroy)(BIO *);
230 long (*callback_ctrl)(BIO *, int, bio_info_cb *);
231 } BIO_METHOD;
232#else
233typedef struct bio_method_st
234 {
235 int type;
236 const char *name;
237 int (_far *bwrite)();
238 int (_far *bread)();
239 int (_far *bputs)();
240 int (_far *bgets)();
241 long (_far *ctrl)();
242 int (_far *create)();
243 int (_far *destroy)();
244 long (_fat *callback_ctrl)();
245 } BIO_METHOD;
246#endif
247
248struct bio_st
249 {
250 BIO_METHOD *method;
251 /* bio, mode, argp, argi, argl, ret */
252 long (*callback)(struct bio_st *,int,const char *,int, long,long);
253 char *cb_arg; /* first argument for the callback */
254
255 int init;
256 int shutdown;
257 int flags; /* extra storage */
258 int retry_reason;
259 int num;
260 void *ptr;
261 struct bio_st *next_bio; /* used by filter BIOs */
262 struct bio_st *prev_bio; /* used by filter BIOs */
263 int references;
264 unsigned long num_read;
265 unsigned long num_write;
266
267 CRYPTO_EX_DATA ex_data;
268 };
269
270DECLARE_STACK_OF(BIO)
271
272typedef struct bio_f_buffer_ctx_struct
273 {
274 /* BIO *bio; */ /* this is now in the BIO struct */
275 int ibuf_size; /* how big is the input buffer */
276 int obuf_size; /* how big is the output buffer */
277
278 char *ibuf; /* the char array */
279 int ibuf_len; /* how many bytes are in it */
280 int ibuf_off; /* write/read offset */
281
282 char *obuf; /* the char array */
283 int obuf_len; /* how many bytes are in it */
284 int obuf_off; /* write/read offset */
285 } BIO_F_BUFFER_CTX;
286
287/* connect BIO stuff */
288#define BIO_CONN_S_BEFORE 1
289#define BIO_CONN_S_GET_IP 2
290#define BIO_CONN_S_GET_PORT 3
291#define BIO_CONN_S_CREATE_SOCKET 4
292#define BIO_CONN_S_CONNECT 5
293#define BIO_CONN_S_OK 6
294#define BIO_CONN_S_BLOCKED_CONNECT 7
295#define BIO_CONN_S_NBIO 8
296/*#define BIO_CONN_get_param_hostname BIO_ctrl */
297
298#define BIO_C_SET_CONNECT 100
299#define BIO_C_DO_STATE_MACHINE 101
300#define BIO_C_SET_NBIO 102
301#define BIO_C_SET_PROXY_PARAM 103
302#define BIO_C_SET_FD 104
303#define BIO_C_GET_FD 105
304#define BIO_C_SET_FILE_PTR 106
305#define BIO_C_GET_FILE_PTR 107
306#define BIO_C_SET_FILENAME 108
307#define BIO_C_SET_SSL 109
308#define BIO_C_GET_SSL 110
309#define BIO_C_SET_MD 111
310#define BIO_C_GET_MD 112
311#define BIO_C_GET_CIPHER_STATUS 113
312#define BIO_C_SET_BUF_MEM 114
313#define BIO_C_GET_BUF_MEM_PTR 115
314#define BIO_C_GET_BUFF_NUM_LINES 116
315#define BIO_C_SET_BUFF_SIZE 117
316#define BIO_C_SET_ACCEPT 118
317#define BIO_C_SSL_MODE 119
318#define BIO_C_GET_MD_CTX 120
319#define BIO_C_GET_PROXY_PARAM 121
320#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */
321#define BIO_C_GET_CONNECT 123
322#define BIO_C_GET_ACCEPT 124
323#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
324#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
325#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
326#define BIO_C_FILE_SEEK 128
327#define BIO_C_GET_CIPHER_CTX 129
328#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/
329#define BIO_C_SET_BIND_MODE 131
330#define BIO_C_GET_BIND_MODE 132
331#define BIO_C_FILE_TELL 133
332#define BIO_C_GET_SOCKS 134
333#define BIO_C_SET_SOCKS 135
334
335#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
336#define BIO_C_GET_WRITE_BUF_SIZE 137
337#define BIO_C_MAKE_BIO_PAIR 138
338#define BIO_C_DESTROY_BIO_PAIR 139
339#define BIO_C_GET_WRITE_GUARANTEE 140
340#define BIO_C_GET_READ_REQUEST 141
341#define BIO_C_SHUTDOWN_WR 142
342#define BIO_C_NREAD0 143
343#define BIO_C_NREAD 144
344#define BIO_C_NWRITE0 145
345#define BIO_C_NWRITE 146
346#define BIO_C_RESET_READ_REQUEST 147
347
348
349#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
350#define BIO_get_app_data(s) BIO_get_ex_data(s,0)
351
352/* BIO_s_connect() and BIO_s_socks4a_connect() */
353#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
354#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
355#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
356#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
357#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
358#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
359#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2)
360#define BIO_get_conn_int_port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port)
361
362
363#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
364
365/* BIO_s_accept_socket() */
366#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
367#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
368/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
369#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
370#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
371
372#define BIO_BIND_NORMAL 0
373#define BIO_BIND_REUSEADDR_IF_UNUSED 1
374#define BIO_BIND_REUSEADDR 2
375#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
376#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
377
378#define BIO_do_connect(b) BIO_do_handshake(b)
379#define BIO_do_accept(b) BIO_do_handshake(b)
380#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
381
382/* BIO_s_proxy_client() */
383#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
384#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
385/* BIO_set_nbio(b,n) */
386#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
387/* BIO *BIO_get_filter_bio(BIO *bio); */
388#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
389#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
390#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
391
392#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
393#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
394#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
395#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
396
397#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
398#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
399
400#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
401#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
402
403#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
404#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
405
406/* name is cast to lose const, but might be better to route through a function
407 so we can do it safely */
408#ifdef CONST_STRICT
409/* If you are wondering why this isn't defined, its because CONST_STRICT is
410 * purely a compile-time kludge to allow const to be checked.
411 */
412int BIO_read_filename(BIO *b,const char *name);
413#else
414#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
415 BIO_CLOSE|BIO_FP_READ,(char *)name)
416#endif
417#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
418 BIO_CLOSE|BIO_FP_WRITE,name)
419#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
420 BIO_CLOSE|BIO_FP_APPEND,name)
421#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
422 BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
423
424/* WARNING WARNING, this ups the reference count on the read bio of the
425 * SSL structure. This is because the ssl read BIO is now pointed to by
426 * the next_bio field in the bio. So when you free the BIO, make sure
427 * you are doing a BIO_free_all() to catch the underlying BIO. */
428#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
429#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
430#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
431#define BIO_set_ssl_renegotiate_bytes(b,num) \
432 BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
433#define BIO_get_num_renegotiates(b) \
434 BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
435#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
436 BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
437
438/* defined in evp.h */
439/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
440
441#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
442#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
443#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
444#define BIO_set_mem_eof_return(b,v) \
445 BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
446
447/* For the BIO_f_buffer() type */
448#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
449#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
450#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
451#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
452#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
453
454/* Don't use the next one unless you know what you are doing :-) */
455#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
456
457#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
458#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
459#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
460#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
461#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
462#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
463/* ...pending macros have inappropriate return type */
464size_t BIO_ctrl_pending(BIO *b);
465size_t BIO_ctrl_wpending(BIO *b);
466#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
467#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(bio_info_cb **)(cbp))
468#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,(bio_info_cb *)(cb))
469
470/* For the BIO_f_buffer() type */
471#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
472
473/* For BIO_s_bio() */
474#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
475#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
476#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
477#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
478#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
479/* macros with inappropriate type -- but ...pending macros use int too: */
480#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
481#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
482size_t BIO_ctrl_get_write_guarantee(BIO *b);
483size_t BIO_ctrl_get_read_request(BIO *b);
484int BIO_ctrl_reset_read_request(BIO *b);
485
486/* These two aren't currently implemented */
487/* int BIO_get_ex_num(BIO *bio); */
488/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
489int BIO_set_ex_data(BIO *bio,int idx,void *data);
490void *BIO_get_ex_data(BIO *bio,int idx);
491int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
492 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
493unsigned long BIO_number_read(BIO *bio);
494unsigned long BIO_number_written(BIO *bio);
495
496# ifndef NO_FP_API
497# if defined(WIN16) && defined(_WINDLL)
498BIO_METHOD *BIO_s_file_internal(void);
499BIO *BIO_new_file_internal(char *filename, char *mode);
500BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
501# define BIO_s_file BIO_s_file_internal
502# define BIO_new_file BIO_new_file_internal
503# define BIO_new_fp BIO_new_fp_internal
504# else /* FP_API */
505BIO_METHOD *BIO_s_file(void );
506BIO *BIO_new_file(const char *filename, const char *mode);
507BIO *BIO_new_fp(FILE *stream, int close_flag);
508# define BIO_s_file_internal BIO_s_file
509# define BIO_new_file_internal BIO_new_file
510# define BIO_new_fp_internal BIO_s_file
511# endif /* FP_API */
512# endif
513BIO * BIO_new(BIO_METHOD *type);
514int BIO_set(BIO *a,BIO_METHOD *type);
515int BIO_free(BIO *a);
516void BIO_vfree(BIO *a);
517int BIO_read(BIO *b, void *data, int len);
518int BIO_gets(BIO *bp,char *buf, int size);
519int BIO_write(BIO *b, const void *data, int len);
520int BIO_puts(BIO *bp,const char *buf);
521long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
522long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
523char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
524long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
525BIO * BIO_push(BIO *b,BIO *append);
526BIO * BIO_pop(BIO *b);
527void BIO_free_all(BIO *a);
528BIO * BIO_find_type(BIO *b,int bio_type);
529BIO * BIO_next(BIO *b);
530BIO * BIO_get_retry_BIO(BIO *bio, int *reason);
531int BIO_get_retry_reason(BIO *bio);
532BIO * BIO_dup_chain(BIO *in);
533
534int BIO_nread0(BIO *bio, char **buf);
535int BIO_nread(BIO *bio, char **buf, int num);
536int BIO_nwrite0(BIO *bio, char **buf);
537int BIO_nwrite(BIO *bio, char **buf, int num);
538
539#ifndef WIN16
540long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
541 long argl,long ret);
542#else
543long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
544 long argl,long ret);
545#endif
546
547BIO_METHOD *BIO_s_mem(void);
548BIO *BIO_new_mem_buf(void *buf, int len);
549BIO_METHOD *BIO_s_socket(void);
550BIO_METHOD *BIO_s_connect(void);
551BIO_METHOD *BIO_s_accept(void);
552BIO_METHOD *BIO_s_fd(void);
553BIO_METHOD *BIO_s_log(void);
554BIO_METHOD *BIO_s_bio(void);
555BIO_METHOD *BIO_s_null(void);
556BIO_METHOD *BIO_f_null(void);
557BIO_METHOD *BIO_f_buffer(void);
558#ifdef VMS
559BIO_METHOD *BIO_f_linebuffer(void);
560#endif
561BIO_METHOD *BIO_f_nbio_test(void);
562/* BIO_METHOD *BIO_f_ber(void); */
563
564int BIO_sock_should_retry(int i);
565int BIO_sock_non_fatal_error(int error);
566int BIO_fd_should_retry(int i);
567int BIO_fd_non_fatal_error(int error);
568int BIO_dump(BIO *b,const char *bytes,int len);
569int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
570
571struct hostent *BIO_gethostbyname(const char *name);
572/* We might want a thread-safe interface too:
573 * struct hostent *BIO_gethostbyname_r(const char *name,
574 * struct hostent *result, void *buffer, size_t buflen);
575 * or something similar (caller allocates a struct hostent,
576 * pointed to by "result", and additional buffer space for the various
577 * substructures; if the buffer does not suffice, NULL is returned
578 * and an appropriate error code is set).
579 */
580int BIO_sock_error(int sock);
581int BIO_socket_ioctl(int fd, long type, unsigned long *arg);
582int BIO_socket_nbio(int fd,int mode);
583int BIO_get_port(const char *str, unsigned short *port_ptr);
584int BIO_get_host_ip(const char *str, unsigned char *ip);
585int BIO_get_accept_socket(char *host_port,int mode);
586int BIO_accept(int sock,char **ip_port);
587int BIO_sock_init(void );
588void BIO_sock_cleanup(void);
589int BIO_set_tcp_ndelay(int sock,int turn_on);
590
591void ERR_load_BIO_strings(void );
592
593BIO *BIO_new_socket(int sock, int close_flag);
594BIO *BIO_new_fd(int fd, int close_flag);
595BIO *BIO_new_connect(char *host_port);
596BIO *BIO_new_accept(char *host_port);
597
598int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
599 BIO **bio2, size_t writebuf2);
600/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
601 * Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
602 * Size 0 uses default value.
603 */
604
605void BIO_copy_next_retry(BIO *b);
606
607long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
608
609int BIO_printf(BIO *bio, const char *format, ...);
610int BIO_vprintf(BIO *bio, const char *format, va_list args);
611int BIO_snprintf(char *buf, size_t n, const char *format, ...);
612int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);
613
614/* BEGIN ERROR CODES */
615/* The following lines are auto generated by the script mkerr.pl. Any changes
616 * made after this point may be overwritten when the script is next run.
617 */
618
619/* Error codes for the BIO functions. */
620
621/* Function codes. */
622#define BIO_F_ACPT_STATE 100
623#define BIO_F_BIO_ACCEPT 101
624#define BIO_F_BIO_BER_GET_HEADER 102
625#define BIO_F_BIO_CTRL 103
626#define BIO_F_BIO_GETHOSTBYNAME 120
627#define BIO_F_BIO_GETS 104
628#define BIO_F_BIO_GET_ACCEPT_SOCKET 105
629#define BIO_F_BIO_GET_HOST_IP 106
630#define BIO_F_BIO_GET_PORT 107
631#define BIO_F_BIO_MAKE_PAIR 121
632#define BIO_F_BIO_NEW 108
633#define BIO_F_BIO_NEW_FILE 109
634#define BIO_F_BIO_NEW_MEM_BUF 126
635#define BIO_F_BIO_NREAD 123
636#define BIO_F_BIO_NREAD0 124
637#define BIO_F_BIO_NWRITE 125
638#define BIO_F_BIO_NWRITE0 122
639#define BIO_F_BIO_PUTS 110
640#define BIO_F_BIO_READ 111
641#define BIO_F_BIO_SOCK_INIT 112
642#define BIO_F_BIO_WRITE 113
643#define BIO_F_BUFFER_CTRL 114
644#define BIO_F_CONN_CTRL 127
645#define BIO_F_CONN_STATE 115
646#define BIO_F_FILE_CTRL 116
647#define BIO_F_LINEBUFFER_CTRL 129
648#define BIO_F_MEM_READ 128
649#define BIO_F_MEM_WRITE 117
650#define BIO_F_SSL_NEW 118
651#define BIO_F_WSASTARTUP 119
652
653/* Reason codes. */
654#define BIO_R_ACCEPT_ERROR 100
655#define BIO_R_BAD_FOPEN_MODE 101
656#define BIO_R_BAD_HOSTNAME_LOOKUP 102
657#define BIO_R_BROKEN_PIPE 124
658#define BIO_R_CONNECT_ERROR 103
659#define BIO_R_EOF_ON_MEMORY_BIO 127
660#define BIO_R_ERROR_SETTING_NBIO 104
661#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
662#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
663#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
664#define BIO_R_INVALID_ARGUMENT 125
665#define BIO_R_INVALID_IP_ADDRESS 108
666#define BIO_R_IN_USE 123
667#define BIO_R_KEEPALIVE 109
668#define BIO_R_NBIO_CONNECT_ERROR 110
669#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
670#define BIO_R_NO_HOSTNAME_SPECIFIED 112
671#define BIO_R_NO_PORT_DEFINED 113
672#define BIO_R_NO_PORT_SPECIFIED 114
673#define BIO_R_NULL_PARAMETER 115
674#define BIO_R_TAG_MISMATCH 116
675#define BIO_R_UNABLE_TO_BIND_SOCKET 117
676#define BIO_R_UNABLE_TO_CREATE_SOCKET 118
677#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
678#define BIO_R_UNINITIALIZED 120
679#define BIO_R_UNSUPPORTED_METHOD 121
680#define BIO_R_WRITE_TO_READ_ONLY_BIO 126
681#define BIO_R_WSASTARTUP 122
682
683#ifdef __cplusplus
684}
685#endif
686#endif
687
diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c
deleted file mode 100644
index 37c7c22666..0000000000
--- a/src/lib/libcrypto/bio/bio_cb.c
+++ /dev/null
@@ -1,133 +0,0 @@
1/* crypto/bio/bio_cb.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <stdlib.h>
62#include "cryptlib.h"
63#include <openssl/bio.h>
64#include <openssl/err.h>
65
66long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
67 int argi, long argl, long ret)
68 {
69 BIO *b;
70 MS_STATIC char buf[256];
71 char *p;
72 long r=1;
73
74 if (BIO_CB_RETURN & cmd)
75 r=ret;
76
77 sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
78 p= &(buf[14]);
79 switch (cmd)
80 {
81 case BIO_CB_FREE:
82 sprintf(p,"Free - %s\n",bio->method->name);
83 break;
84 case BIO_CB_READ:
85 if (bio->method->type & BIO_TYPE_DESCRIPTOR)
86 sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
87 else
88 sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
89 break;
90 case BIO_CB_WRITE:
91 if (bio->method->type & BIO_TYPE_DESCRIPTOR)
92 sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
93 else
94 sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
95 break;
96 case BIO_CB_PUTS:
97 sprintf(p,"puts() - %s\n",bio->method->name);
98 break;
99 case BIO_CB_GETS:
100 sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
101 break;
102 case BIO_CB_CTRL:
103 sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
104 break;
105 case BIO_CB_RETURN|BIO_CB_READ:
106 sprintf(p,"read return %ld\n",ret);
107 break;
108 case BIO_CB_RETURN|BIO_CB_WRITE:
109 sprintf(p,"write return %ld\n",ret);
110 break;
111 case BIO_CB_RETURN|BIO_CB_GETS:
112 sprintf(p,"gets return %ld\n",ret);
113 break;
114 case BIO_CB_RETURN|BIO_CB_PUTS:
115 sprintf(p,"puts return %ld\n",ret);
116 break;
117 case BIO_CB_RETURN|BIO_CB_CTRL:
118 sprintf(p,"ctrl return %ld\n",ret);
119 break;
120 default:
121 sprintf(p,"bio callback - unknown type (%d)\n",cmd);
122 break;
123 }
124
125 b=(BIO *)bio->cb_arg;
126 if (b != NULL)
127 BIO_write(b,buf,strlen(buf));
128#if !defined(NO_STDIO) && !defined(WIN16)
129 else
130 fputs(buf,stderr);
131#endif
132 return(r);
133 }
diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c
deleted file mode 100644
index bb815fb1e6..0000000000
--- a/src/lib/libcrypto/bio/bio_err.c
+++ /dev/null
@@ -1,150 +0,0 @@
1/* crypto/bio/bio_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/bio.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA BIO_str_functs[]=
68 {
69{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"},
70{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"},
71{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"},
72{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"},
73{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"},
74{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"},
75{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"},
76{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"},
77{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"},
78{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0), "BIO_MAKE_PAIR"},
79{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"},
80{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"},
81{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0), "BIO_new_mem_buf"},
82{ERR_PACK(0,BIO_F_BIO_NREAD,0), "BIO_nread"},
83{ERR_PACK(0,BIO_F_BIO_NREAD0,0), "BIO_nread0"},
84{ERR_PACK(0,BIO_F_BIO_NWRITE,0), "BIO_nwrite"},
85{ERR_PACK(0,BIO_F_BIO_NWRITE0,0), "BIO_nwrite0"},
86{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"},
87{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"},
88{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"},
89{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"},
90{ERR_PACK(0,BIO_F_BUFFER_CTRL,0), "BUFFER_CTRL"},
91{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"},
92{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
93{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
94{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"},
95{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"},
96{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
97{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_new"},
98{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"},
99{0,NULL}
100 };
101
102static ERR_STRING_DATA BIO_str_reasons[]=
103 {
104{BIO_R_ACCEPT_ERROR ,"accept error"},
105{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"},
106{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"},
107{BIO_R_BROKEN_PIPE ,"broken pipe"},
108{BIO_R_CONNECT_ERROR ,"connect error"},
109{BIO_R_EOF_ON_MEMORY_BIO ,"EOF on memory BIO"},
110{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"},
111{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
112{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
113{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
114{BIO_R_INVALID_ARGUMENT ,"invalid argument"},
115{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"},
116{BIO_R_IN_USE ,"in use"},
117{BIO_R_KEEPALIVE ,"keepalive"},
118{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"},
119{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"},
120{BIO_R_NO_HOSTNAME_SPECIFIED ,"no hostname specified"},
121{BIO_R_NO_PORT_DEFINED ,"no port defined"},
122{BIO_R_NO_PORT_SPECIFIED ,"no port specified"},
123{BIO_R_NULL_PARAMETER ,"null parameter"},
124{BIO_R_TAG_MISMATCH ,"tag mismatch"},
125{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"},
126{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"},
127{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"},
128{BIO_R_UNINITIALIZED ,"uninitialized"},
129{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"},
130{BIO_R_WRITE_TO_READ_ONLY_BIO ,"write to read only BIO"},
131{BIO_R_WSASTARTUP ,"WSAStartup"},
132{0,NULL}
133 };
134
135#endif
136
137void ERR_load_BIO_strings(void)
138 {
139 static int init=1;
140
141 if (init)
142 {
143 init=0;
144#ifndef NO_ERR
145 ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
146 ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
147#endif
148
149 }
150 }
diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c
deleted file mode 100644
index 381afc9b8e..0000000000
--- a/src/lib/libcrypto/bio/bio_lib.c
+++ /dev/null
@@ -1,542 +0,0 @@
1/* crypto/bio/bio_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include <openssl/crypto.h>
62#include "cryptlib.h"
63#include <openssl/bio.h>
64#include <openssl/stack.h>
65
66static STACK_OF(CRYPTO_EX_DATA_FUNCS) *bio_meth=NULL;
67static int bio_meth_num=0;
68
69BIO *BIO_new(BIO_METHOD *method)
70 {
71 BIO *ret=NULL;
72
73 ret=(BIO *)OPENSSL_malloc(sizeof(BIO));
74 if (ret == NULL)
75 {
76 BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE);
77 return(NULL);
78 }
79 if (!BIO_set(ret,method))
80 {
81 OPENSSL_free(ret);
82 ret=NULL;
83 }
84 return(ret);
85 }
86
87int BIO_set(BIO *bio, BIO_METHOD *method)
88 {
89 bio->method=method;
90 bio->callback=NULL;
91 bio->cb_arg=NULL;
92 bio->init=0;
93 bio->shutdown=1;
94 bio->flags=0;
95 bio->retry_reason=0;
96 bio->num=0;
97 bio->ptr=NULL;
98 bio->prev_bio=NULL;
99 bio->next_bio=NULL;
100 bio->references=1;
101 bio->num_read=0L;
102 bio->num_write=0L;
103 CRYPTO_new_ex_data(bio_meth,bio,&bio->ex_data);
104 if (method->create != NULL)
105 if (!method->create(bio))
106 return(0);
107 return(1);
108 }
109
110int BIO_free(BIO *a)
111 {
112 int ret=0,i;
113
114 if (a == NULL) return(0);
115
116 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
117#ifdef REF_PRINT
118 REF_PRINT("BIO",a);
119#endif
120 if (i > 0) return(1);
121#ifdef REF_CHECK
122 if (i < 0)
123 {
124 fprintf(stderr,"BIO_free, bad reference count\n");
125 abort();
126 }
127#endif
128 if ((a->callback != NULL) &&
129 ((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
130 return(i);
131
132 CRYPTO_free_ex_data(bio_meth,a,&a->ex_data);
133
134 if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
135 ret=a->method->destroy(a);
136 OPENSSL_free(a);
137 return(1);
138 }
139
140void BIO_vfree(BIO *a)
141 { BIO_free(a); }
142
143int BIO_read(BIO *b, void *out, int outl)
144 {
145 int i;
146 long (*cb)();
147
148 if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
149 {
150 BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD);
151 return(-2);
152 }
153
154 cb=b->callback;
155 if ((cb != NULL) &&
156 ((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
157 return(i);
158
159 if (!b->init)
160 {
161 BIOerr(BIO_F_BIO_READ,BIO_R_UNINITIALIZED);
162 return(-2);
163 }
164
165 i=b->method->bread(b,out,outl);
166
167 if (i > 0) b->num_read+=(unsigned long)i;
168
169 if (cb != NULL)
170 i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
171 0L,(long)i);
172 return(i);
173 }
174
175int BIO_write(BIO *b, const void *in, int inl)
176 {
177 int i;
178 long (*cb)();
179
180 if (b == NULL)
181 return(0);
182
183 cb=b->callback;
184 if ((b->method == NULL) || (b->method->bwrite == NULL))
185 {
186 BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
187 return(-2);
188 }
189
190 if ((cb != NULL) &&
191 ((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
192 return(i);
193
194 if (!b->init)
195 {
196 BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITIALIZED);
197 return(-2);
198 }
199
200 i=b->method->bwrite(b,in,inl);
201
202 if (i > 0) b->num_write+=(unsigned long)i;
203
204 if (cb != NULL)
205 i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
206 0L,(long)i);
207 return(i);
208 }
209
210int BIO_puts(BIO *b, const char *in)
211 {
212 int i;
213 long (*cb)();
214
215 if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
216 {
217 BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD);
218 return(-2);
219 }
220
221 cb=b->callback;
222
223 if ((cb != NULL) &&
224 ((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
225 return(i);
226
227 if (!b->init)
228 {
229 BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITIALIZED);
230 return(-2);
231 }
232
233 i=b->method->bputs(b,in);
234
235 if (i > 0) b->num_write+=(unsigned long)i;
236
237 if (cb != NULL)
238 i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
239 0L,(long)i);
240 return(i);
241 }
242
243int BIO_gets(BIO *b, char *in, int inl)
244 {
245 int i;
246 long (*cb)();
247
248 if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
249 {
250 BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD);
251 return(-2);
252 }
253
254 cb=b->callback;
255
256 if ((cb != NULL) &&
257 ((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
258 return(i);
259
260 if (!b->init)
261 {
262 BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITIALIZED);
263 return(-2);
264 }
265
266 i=b->method->bgets(b,in,inl);
267
268 if (cb != NULL)
269 i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
270 0L,(long)i);
271 return(i);
272 }
273
274long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
275 {
276 int i;
277
278 i=iarg;
279 return(BIO_ctrl(b,cmd,larg,(char *)&i));
280 }
281
282char *BIO_ptr_ctrl(BIO *b, int cmd, long larg)
283 {
284 char *p=NULL;
285
286 if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0)
287 return(NULL);
288 else
289 return(p);
290 }
291
292long BIO_ctrl(BIO *b, int cmd, long larg, void *parg)
293 {
294 long ret;
295 long (*cb)();
296
297 if (b == NULL) return(0);
298
299 if ((b->method == NULL) || (b->method->ctrl == NULL))
300 {
301 BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
302 return(-2);
303 }
304
305 cb=b->callback;
306
307 if ((cb != NULL) &&
308 ((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
309 return(ret);
310
311 ret=b->method->ctrl(b,cmd,larg,parg);
312
313 if (cb != NULL)
314 ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
315 larg,ret);
316 return(ret);
317 }
318
319long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long))
320 {
321 long ret;
322 long (*cb)();
323
324 if (b == NULL) return(0);
325
326 if ((b->method == NULL) || (b->method->callback_ctrl == NULL))
327 {
328 BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
329 return(-2);
330 }
331
332 cb=b->callback;
333
334 if ((cb != NULL) &&
335 ((ret=cb(b,BIO_CB_CTRL,(void *)&fp,cmd,0,1L)) <= 0))
336 return(ret);
337
338 ret=b->method->callback_ctrl(b,cmd,fp);
339
340 if (cb != NULL)
341 ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,(void *)&fp,cmd,
342 0,ret);
343 return(ret);
344 }
345
346/* It is unfortunate to duplicate in functions what the BIO_(w)pending macros
347 * do; but those macros have inappropriate return type, and for interfacing
348 * from other programming languages, C macros aren't much of a help anyway. */
349size_t BIO_ctrl_pending(BIO *bio)
350 {
351 return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
352 }
353
354size_t BIO_ctrl_wpending(BIO *bio)
355 {
356 return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
357 }
358
359
360/* put the 'bio' on the end of b's list of operators */
361BIO *BIO_push(BIO *b, BIO *bio)
362 {
363 BIO *lb;
364
365 if (b == NULL) return(bio);
366 lb=b;
367 while (lb->next_bio != NULL)
368 lb=lb->next_bio;
369 lb->next_bio=bio;
370 if (bio != NULL)
371 bio->prev_bio=lb;
372 /* called to do internal processing */
373 BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
374 return(b);
375 }
376
377/* Remove the first and return the rest */
378BIO *BIO_pop(BIO *b)
379 {
380 BIO *ret;
381
382 if (b == NULL) return(NULL);
383 ret=b->next_bio;
384
385 if (b->prev_bio != NULL)
386 b->prev_bio->next_bio=b->next_bio;
387 if (b->next_bio != NULL)
388 b->next_bio->prev_bio=b->prev_bio;
389
390 b->next_bio=NULL;
391 b->prev_bio=NULL;
392 BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
393 return(ret);
394 }
395
396BIO *BIO_get_retry_BIO(BIO *bio, int *reason)
397 {
398 BIO *b,*last;
399
400 b=last=bio;
401 for (;;)
402 {
403 if (!BIO_should_retry(b)) break;
404 last=b;
405 b=b->next_bio;
406 if (b == NULL) break;
407 }
408 if (reason != NULL) *reason=last->retry_reason;
409 return(last);
410 }
411
412int BIO_get_retry_reason(BIO *bio)
413 {
414 return(bio->retry_reason);
415 }
416
417BIO *BIO_find_type(BIO *bio, int type)
418 {
419 int mt,mask;
420
421 if(!bio) return NULL;
422 mask=type&0xff;
423 do {
424 if (bio->method != NULL)
425 {
426 mt=bio->method->type;
427
428 if (!mask)
429 {
430 if (mt & type) return(bio);
431 }
432 else if (mt == type)
433 return(bio);
434 }
435 bio=bio->next_bio;
436 } while (bio != NULL);
437 return(NULL);
438 }
439
440BIO *BIO_next(BIO *b)
441 {
442 if(!b) return NULL;
443 return b->next_bio;
444 }
445
446void BIO_free_all(BIO *bio)
447 {
448 BIO *b;
449 int ref;
450
451 while (bio != NULL)
452 {
453 b=bio;
454 ref=b->references;
455 bio=bio->next_bio;
456 BIO_free(b);
457 /* Since ref count > 1, don't free anyone else. */
458 if (ref > 1) break;
459 }
460 }
461
462BIO *BIO_dup_chain(BIO *in)
463 {
464 BIO *ret=NULL,*eoc=NULL,*bio,*new;
465
466 for (bio=in; bio != NULL; bio=bio->next_bio)
467 {
468 if ((new=BIO_new(bio->method)) == NULL) goto err;
469 new->callback=bio->callback;
470 new->cb_arg=bio->cb_arg;
471 new->init=bio->init;
472 new->shutdown=bio->shutdown;
473 new->flags=bio->flags;
474
475 /* This will let SSL_s_sock() work with stdin/stdout */
476 new->num=bio->num;
477
478 if (!BIO_dup_state(bio,(char *)new))
479 {
480 BIO_free(new);
481 goto err;
482 }
483
484 /* copy app data */
485 if (!CRYPTO_dup_ex_data(bio_meth,&new->ex_data,&bio->ex_data))
486 goto err;
487
488 if (ret == NULL)
489 {
490 eoc=new;
491 ret=eoc;
492 }
493 else
494 {
495 BIO_push(eoc,new);
496 eoc=new;
497 }
498 }
499 return(ret);
500err:
501 if (ret != NULL)
502 BIO_free(ret);
503 return(NULL);
504 }
505
506void BIO_copy_next_retry(BIO *b)
507 {
508 BIO_set_flags(b,BIO_get_retry_flags(b->next_bio));
509 b->retry_reason=b->next_bio->retry_reason;
510 }
511
512int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
513 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
514 {
515 bio_meth_num++;
516 return(CRYPTO_get_ex_new_index(bio_meth_num-1,&bio_meth,
517 argl,argp,new_func,dup_func,free_func));
518 }
519
520int BIO_set_ex_data(BIO *bio, int idx, void *data)
521 {
522 return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data));
523 }
524
525void *BIO_get_ex_data(BIO *bio, int idx)
526 {
527 return(CRYPTO_get_ex_data(&(bio->ex_data),idx));
528 }
529
530unsigned long BIO_number_read(BIO *bio)
531{
532 if(bio) return bio->num_read;
533 return 0;
534}
535
536unsigned long BIO_number_written(BIO *bio)
537{
538 if(bio) return bio->num_write;
539 return 0;
540}
541
542IMPLEMENT_STACK_OF(BIO)
diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c
deleted file mode 100644
index 4da5822062..0000000000
--- a/src/lib/libcrypto/bio/bss_acpt.c
+++ /dev/null
@@ -1,467 +0,0 @@
1/* crypto/bio/bss_acpt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SOCK
60
61#include <stdio.h>
62#include <errno.h>
63#define USE_SOCKETS
64#include "cryptlib.h"
65#include <openssl/bio.h>
66
67#ifdef WIN16
68#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
69#else
70#define SOCKET_PROTOCOL IPPROTO_TCP
71#endif
72
73#if (defined(VMS) && __VMS_VER < 70000000)
74/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
75#undef FIONBIO
76#endif
77
78typedef struct bio_accept_st
79 {
80 int state;
81 char *param_addr;
82
83 int accept_sock;
84 int accept_nbio;
85
86 char *addr;
87 int nbio;
88 /* If 0, it means normal, if 1, do a connect on bind failure,
89 * and if there is no-one listening, bind with SO_REUSEADDR.
90 * If 2, always use SO_REUSEADDR. */
91 int bind_mode;
92 BIO *bio_chain;
93 } BIO_ACCEPT;
94
95static int acpt_write(BIO *h, const char *buf, int num);
96static int acpt_read(BIO *h, char *buf, int size);
97static int acpt_puts(BIO *h, const char *str);
98static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2);
99static int acpt_new(BIO *h);
100static int acpt_free(BIO *data);
101static int acpt_state(BIO *b, BIO_ACCEPT *c);
102static void acpt_close_socket(BIO *data);
103BIO_ACCEPT *BIO_ACCEPT_new(void );
104void BIO_ACCEPT_free(BIO_ACCEPT *a);
105
106#define ACPT_S_BEFORE 1
107#define ACPT_S_GET_ACCEPT_SOCKET 2
108#define ACPT_S_OK 3
109
110static BIO_METHOD methods_acceptp=
111 {
112 BIO_TYPE_ACCEPT,
113 "socket accept",
114 acpt_write,
115 acpt_read,
116 acpt_puts,
117 NULL, /* connect_gets, */
118 acpt_ctrl,
119 acpt_new,
120 acpt_free,
121 NULL,
122 };
123
124BIO_METHOD *BIO_s_accept(void)
125 {
126 return(&methods_acceptp);
127 }
128
129static int acpt_new(BIO *bi)
130 {
131 BIO_ACCEPT *ba;
132
133 bi->init=0;
134 bi->num=INVALID_SOCKET;
135 bi->flags=0;
136 if ((ba=BIO_ACCEPT_new()) == NULL)
137 return(0);
138 bi->ptr=(char *)ba;
139 ba->state=ACPT_S_BEFORE;
140 bi->shutdown=1;
141 return(1);
142 }
143
144BIO_ACCEPT *BIO_ACCEPT_new(void)
145 {
146 BIO_ACCEPT *ret;
147
148 if ((ret=(BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL)
149 return(NULL);
150
151 memset(ret,0,sizeof(BIO_ACCEPT));
152 ret->accept_sock=INVALID_SOCKET;
153 ret->bind_mode=BIO_BIND_NORMAL;
154 return(ret);
155 }
156
157void BIO_ACCEPT_free(BIO_ACCEPT *a)
158 {
159 if(a == NULL)
160 return;
161
162 if (a->param_addr != NULL) OPENSSL_free(a->param_addr);
163 if (a->addr != NULL) OPENSSL_free(a->addr);
164 if (a->bio_chain != NULL) BIO_free(a->bio_chain);
165 OPENSSL_free(a);
166 }
167
168static void acpt_close_socket(BIO *bio)
169 {
170 BIO_ACCEPT *c;
171
172 c=(BIO_ACCEPT *)bio->ptr;
173 if (c->accept_sock != INVALID_SOCKET)
174 {
175 shutdown(c->accept_sock,2);
176 closesocket(c->accept_sock);
177 c->accept_sock=INVALID_SOCKET;
178 bio->num=INVALID_SOCKET;
179 }
180 }
181
182static int acpt_free(BIO *a)
183 {
184 BIO_ACCEPT *data;
185
186 if (a == NULL) return(0);
187 data=(BIO_ACCEPT *)a->ptr;
188
189 if (a->shutdown)
190 {
191 acpt_close_socket(a);
192 BIO_ACCEPT_free(data);
193 a->ptr=NULL;
194 a->flags=0;
195 a->init=0;
196 }
197 return(1);
198 }
199
200static int acpt_state(BIO *b, BIO_ACCEPT *c)
201 {
202 BIO *bio=NULL,*dbio;
203 int s= -1;
204 int i;
205
206again:
207 switch (c->state)
208 {
209 case ACPT_S_BEFORE:
210 if (c->param_addr == NULL)
211 {
212 BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED);
213 return(-1);
214 }
215 s=BIO_get_accept_socket(c->param_addr,c->bind_mode);
216 if (s == INVALID_SOCKET)
217 return(-1);
218
219 if (c->accept_nbio)
220 {
221 if (!BIO_socket_nbio(s,1))
222 {
223 closesocket(s);
224 BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
225 return(-1);
226 }
227 }
228 c->accept_sock=s;
229 b->num=s;
230 c->state=ACPT_S_GET_ACCEPT_SOCKET;
231 return(1);
232 /* break; */
233 case ACPT_S_GET_ACCEPT_SOCKET:
234 if (b->next_bio != NULL)
235 {
236 c->state=ACPT_S_OK;
237 goto again;
238 }
239 i=BIO_accept(c->accept_sock,&(c->addr));
240 if (i < 0) return(i);
241 bio=BIO_new_socket(i,BIO_CLOSE);
242 if (bio == NULL) goto err;
243
244 BIO_set_callback(bio,BIO_get_callback(b));
245 BIO_set_callback_arg(bio,BIO_get_callback_arg(b));
246
247 if (c->nbio)
248 {
249 if (!BIO_socket_nbio(i,1))
250 {
251 BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
252 goto err;
253 }
254 }
255
256 /* If the accept BIO has an bio_chain, we dup it and
257 * put the new socket at the end. */
258 if (c->bio_chain != NULL)
259 {
260 if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL)
261 goto err;
262 if (!BIO_push(dbio,bio)) goto err;
263 bio=dbio;
264 }
265 if (BIO_push(b,bio) == NULL) goto err;
266
267 c->state=ACPT_S_OK;
268 return(1);
269err:
270 if (bio != NULL)
271 BIO_free(bio);
272 else if (s >= 0)
273 closesocket(s);
274 return(0);
275 /* break; */
276 case ACPT_S_OK:
277 if (b->next_bio == NULL)
278 {
279 c->state=ACPT_S_GET_ACCEPT_SOCKET;
280 goto again;
281 }
282 return(1);
283 /* break; */
284 default:
285 return(0);
286 /* break; */
287 }
288
289 }
290
291static int acpt_read(BIO *b, char *out, int outl)
292 {
293 int ret=0;
294 BIO_ACCEPT *data;
295
296 BIO_clear_retry_flags(b);
297 data=(BIO_ACCEPT *)b->ptr;
298
299 while (b->next_bio == NULL)
300 {
301 ret=acpt_state(b,data);
302 if (ret <= 0) return(ret);
303 }
304
305 ret=BIO_read(b->next_bio,out,outl);
306 BIO_copy_next_retry(b);
307 return(ret);
308 }
309
310static int acpt_write(BIO *b, const char *in, int inl)
311 {
312 int ret;
313 BIO_ACCEPT *data;
314
315 BIO_clear_retry_flags(b);
316 data=(BIO_ACCEPT *)b->ptr;
317
318 while (b->next_bio == NULL)
319 {
320 ret=acpt_state(b,data);
321 if (ret <= 0) return(ret);
322 }
323
324 ret=BIO_write(b->next_bio,in,inl);
325 BIO_copy_next_retry(b);
326 return(ret);
327 }
328
329static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
330 {
331 BIO *dbio;
332 int *ip;
333 long ret=1;
334 BIO_ACCEPT *data;
335 char **pp;
336
337 data=(BIO_ACCEPT *)b->ptr;
338
339 switch (cmd)
340 {
341 case BIO_CTRL_RESET:
342 ret=0;
343 data->state=ACPT_S_BEFORE;
344 acpt_close_socket(b);
345 b->flags=0;
346 break;
347 case BIO_C_DO_STATE_MACHINE:
348 /* use this one to start the connection */
349 ret=(long)acpt_state(b,data);
350 break;
351 case BIO_C_SET_ACCEPT:
352 if (ptr != NULL)
353 {
354 if (num == 0)
355 {
356 b->init=1;
357 if (data->param_addr != NULL)
358 OPENSSL_free(data->param_addr);
359 data->param_addr=BUF_strdup(ptr);
360 }
361 else if (num == 1)
362 {
363 data->accept_nbio=(ptr != NULL);
364 }
365 else if (num == 2)
366 {
367 if (data->bio_chain != NULL)
368 BIO_free(data->bio_chain);
369 data->bio_chain=(BIO *)ptr;
370 }
371 }
372 break;
373 case BIO_C_SET_NBIO:
374 data->nbio=(int)num;
375 break;
376 case BIO_C_SET_FD:
377 b->init=1;
378 b->num= *((int *)ptr);
379 data->accept_sock=b->num;
380 data->state=ACPT_S_GET_ACCEPT_SOCKET;
381 b->shutdown=(int)num;
382 b->init=1;
383 break;
384 case BIO_C_GET_FD:
385 if (b->init)
386 {
387 ip=(int *)ptr;
388 if (ip != NULL)
389 *ip=data->accept_sock;
390 ret=data->accept_sock;
391 }
392 else
393 ret= -1;
394 break;
395 case BIO_C_GET_ACCEPT:
396 if (b->init)
397 {
398 if (ptr != NULL)
399 {
400 pp=(char **)ptr;
401 *pp=data->param_addr;
402 }
403 else
404 ret= -1;
405 }
406 else
407 ret= -1;
408 break;
409 case BIO_CTRL_GET_CLOSE:
410 ret=b->shutdown;
411 break;
412 case BIO_CTRL_SET_CLOSE:
413 b->shutdown=(int)num;
414 break;
415 case BIO_CTRL_PENDING:
416 case BIO_CTRL_WPENDING:
417 ret=0;
418 break;
419 case BIO_CTRL_FLUSH:
420 break;
421 case BIO_C_SET_BIND_MODE:
422 data->bind_mode=(int)num;
423 break;
424 case BIO_C_GET_BIND_MODE:
425 ret=(long)data->bind_mode;
426 break;
427 case BIO_CTRL_DUP:
428 dbio=(BIO *)ptr;
429/* if (data->param_port) EAY EAY
430 BIO_set_port(dbio,data->param_port);
431 if (data->param_hostname)
432 BIO_set_hostname(dbio,data->param_hostname);
433 BIO_set_nbio(dbio,data->nbio); */
434 break;
435
436 default:
437 ret=0;
438 break;
439 }
440 return(ret);
441 }
442
443static int acpt_puts(BIO *bp, const char *str)
444 {
445 int n,ret;
446
447 n=strlen(str);
448 ret=acpt_write(bp,str,n);
449 return(ret);
450 }
451
452BIO *BIO_new_accept(char *str)
453 {
454 BIO *ret;
455
456 ret=BIO_new(BIO_s_accept());
457 if (ret == NULL) return(NULL);
458 if (BIO_set_accept_port(ret,str))
459 return(ret);
460 else
461 {
462 BIO_free(ret);
463 return(NULL);
464 }
465 }
466
467#endif
diff --git a/src/lib/libcrypto/bio/bss_bio.c b/src/lib/libcrypto/bio/bss_bio.c
deleted file mode 100644
index 78c6ab4fdd..0000000000
--- a/src/lib/libcrypto/bio/bss_bio.c
+++ /dev/null
@@ -1,857 +0,0 @@
1/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */
2
3/* Special method for a BIO where the other endpoint is also a BIO
4 * of this kind, handled by the same thread (i.e. the "peer" is actually
5 * ourselves, wearing a different hat).
6 * Such "BIO pairs" are mainly for using the SSL library with I/O interfaces
7 * for which no specific BIO method is available.
8 * See ssl/ssltest.c for some hints on how this can be used. */
9
10#ifndef BIO_PAIR_DEBUG
11# undef NDEBUG /* avoid conflicting definitions */
12# define NDEBUG
13#endif
14
15#include <assert.h>
16#include <limits.h>
17#include <stdlib.h>
18#include <string.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/err.h>
23#include <openssl/crypto.h>
24
25#include "openssl/e_os.h"
26#ifndef SSIZE_MAX
27# define SSIZE_MAX INT_MAX
28#endif
29
30static int bio_new(BIO *bio);
31static int bio_free(BIO *bio);
32static int bio_read(BIO *bio, char *buf, int size);
33static int bio_write(BIO *bio, const char *buf, int num);
34static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
35static int bio_puts(BIO *bio, const char *str);
36
37static int bio_make_pair(BIO *bio1, BIO *bio2);
38static void bio_destroy_pair(BIO *bio);
39
40static BIO_METHOD methods_biop =
41{
42 BIO_TYPE_BIO,
43 "BIO pair",
44 bio_write,
45 bio_read,
46 bio_puts,
47 NULL /* no bio_gets */,
48 bio_ctrl,
49 bio_new,
50 bio_free,
51 NULL /* no bio_callback_ctrl */
52};
53
54BIO_METHOD *BIO_s_bio(void)
55 {
56 return &methods_biop;
57 }
58
59struct bio_bio_st
60{
61 BIO *peer; /* NULL if buf == NULL.
62 * If peer != NULL, then peer->ptr is also a bio_bio_st,
63 * and its "peer" member points back to us.
64 * peer != NULL iff init != 0 in the BIO. */
65
66 /* This is for what we write (i.e. reading uses peer's struct): */
67 int closed; /* valid iff peer != NULL */
68 size_t len; /* valid iff buf != NULL; 0 if peer == NULL */
69 size_t offset; /* valid iff buf != NULL; 0 if len == 0 */
70 size_t size;
71 char *buf; /* "size" elements (if != NULL) */
72
73 size_t request; /* valid iff peer != NULL; 0 if len != 0,
74 * otherwise set by peer to number of bytes
75 * it (unsuccessfully) tried to read,
76 * never more than buffer space (size-len) warrants. */
77};
78
79static int bio_new(BIO *bio)
80 {
81 struct bio_bio_st *b;
82
83 b = OPENSSL_malloc(sizeof *b);
84 if (b == NULL)
85 return 0;
86
87 b->peer = NULL;
88 b->size = 17*1024; /* enough for one TLS record (just a default) */
89 b->buf = NULL;
90
91 bio->ptr = b;
92 return 1;
93 }
94
95
96static int bio_free(BIO *bio)
97 {
98 struct bio_bio_st *b;
99
100 if (bio == NULL)
101 return 0;
102 b = bio->ptr;
103
104 assert(b != NULL);
105
106 if (b->peer)
107 bio_destroy_pair(bio);
108
109 if (b->buf != NULL)
110 {
111 OPENSSL_free(b->buf);
112 }
113
114 OPENSSL_free(b);
115
116 return 1;
117 }
118
119
120
121static int bio_read(BIO *bio, char *buf, int size_)
122 {
123 size_t size = size_;
124 size_t rest;
125 struct bio_bio_st *b, *peer_b;
126
127 BIO_clear_retry_flags(bio);
128
129 if (!bio->init)
130 return 0;
131
132 b = bio->ptr;
133 assert(b != NULL);
134 assert(b->peer != NULL);
135 peer_b = b->peer->ptr;
136 assert(peer_b != NULL);
137 assert(peer_b->buf != NULL);
138
139 peer_b->request = 0; /* will be set in "retry_read" situation */
140
141 if (buf == NULL || size == 0)
142 return 0;
143
144 if (peer_b->len == 0)
145 {
146 if (peer_b->closed)
147 return 0; /* writer has closed, and no data is left */
148 else
149 {
150 BIO_set_retry_read(bio); /* buffer is empty */
151 if (size <= peer_b->size)
152 peer_b->request = size;
153 else
154 /* don't ask for more than the peer can
155 * deliver in one write */
156 peer_b->request = peer_b->size;
157 return -1;
158 }
159 }
160
161 /* we can read */
162 if (peer_b->len < size)
163 size = peer_b->len;
164
165 /* now read "size" bytes */
166
167 rest = size;
168
169 assert(rest > 0);
170 do /* one or two iterations */
171 {
172 size_t chunk;
173
174 assert(rest <= peer_b->len);
175 if (peer_b->offset + rest <= peer_b->size)
176 chunk = rest;
177 else
178 /* wrap around ring buffer */
179 chunk = peer_b->size - peer_b->offset;
180 assert(peer_b->offset + chunk <= peer_b->size);
181
182 memcpy(buf, peer_b->buf + peer_b->offset, chunk);
183
184 peer_b->len -= chunk;
185 if (peer_b->len)
186 {
187 peer_b->offset += chunk;
188 assert(peer_b->offset <= peer_b->size);
189 if (peer_b->offset == peer_b->size)
190 peer_b->offset = 0;
191 buf += chunk;
192 }
193 else
194 {
195 /* buffer now empty, no need to advance "buf" */
196 assert(chunk == rest);
197 peer_b->offset = 0;
198 }
199 rest -= chunk;
200 }
201 while (rest);
202
203 return size;
204 }
205
206/* non-copying interface: provide pointer to available data in buffer
207 * bio_nread0: return number of available bytes
208 * bio_nread: also advance index
209 * (example usage: bio_nread0(), read from buffer, bio_nread()
210 * or just bio_nread(), read from buffer)
211 */
212/* WARNING: The non-copying interface is largely untested as of yet
213 * and may contain bugs. */
214static ssize_t bio_nread0(BIO *bio, char **buf)
215 {
216 struct bio_bio_st *b, *peer_b;
217 ssize_t num;
218
219 BIO_clear_retry_flags(bio);
220
221 if (!bio->init)
222 return 0;
223
224 b = bio->ptr;
225 assert(b != NULL);
226 assert(b->peer != NULL);
227 peer_b = b->peer->ptr;
228 assert(peer_b != NULL);
229 assert(peer_b->buf != NULL);
230
231 peer_b->request = 0;
232
233 if (peer_b->len == 0)
234 {
235 char dummy;
236
237 /* avoid code duplication -- nothing available for reading */
238 return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
239 }
240
241 num = peer_b->len;
242 if (peer_b->size < peer_b->offset + num)
243 /* no ring buffer wrap-around for non-copying interface */
244 num = peer_b->size - peer_b->offset;
245 assert(num > 0);
246
247 if (buf != NULL)
248 *buf = peer_b->buf + peer_b->offset;
249 return num;
250 }
251
252static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
253 {
254 struct bio_bio_st *b, *peer_b;
255 ssize_t num, available;
256
257 if (num_ > SSIZE_MAX)
258 num = SSIZE_MAX;
259 else
260 num = (ssize_t)num_;
261
262 available = bio_nread0(bio, buf);
263 if (num > available)
264 num = available;
265 if (num <= 0)
266 return num;
267
268 b = bio->ptr;
269 peer_b = b->peer->ptr;
270
271 peer_b->len -= num;
272 if (peer_b->len)
273 {
274 peer_b->offset += num;
275 assert(peer_b->offset <= peer_b->size);
276 if (peer_b->offset == peer_b->size)
277 peer_b->offset = 0;
278 }
279 else
280 peer_b->offset = 0;
281
282 return num;
283 }
284
285
286static int bio_write(BIO *bio, const char *buf, int num_)
287 {
288 size_t num = num_;
289 size_t rest;
290 struct bio_bio_st *b;
291
292 BIO_clear_retry_flags(bio);
293
294 if (!bio->init || buf == NULL || num == 0)
295 return 0;
296
297 b = bio->ptr;
298 assert(b != NULL);
299 assert(b->peer != NULL);
300 assert(b->buf != NULL);
301
302 b->request = 0;
303 if (b->closed)
304 {
305 /* we already closed */
306 BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
307 return -1;
308 }
309
310 assert(b->len <= b->size);
311
312 if (b->len == b->size)
313 {
314 BIO_set_retry_write(bio); /* buffer is full */
315 return -1;
316 }
317
318 /* we can write */
319 if (num > b->size - b->len)
320 num = b->size - b->len;
321
322 /* now write "num" bytes */
323
324 rest = num;
325
326 assert(rest > 0);
327 do /* one or two iterations */
328 {
329 size_t write_offset;
330 size_t chunk;
331
332 assert(b->len + rest <= b->size);
333
334 write_offset = b->offset + b->len;
335 if (write_offset >= b->size)
336 write_offset -= b->size;
337 /* b->buf[write_offset] is the first byte we can write to. */
338
339 if (write_offset + rest <= b->size)
340 chunk = rest;
341 else
342 /* wrap around ring buffer */
343 chunk = b->size - write_offset;
344
345 memcpy(b->buf + write_offset, buf, chunk);
346
347 b->len += chunk;
348
349 assert(b->len <= b->size);
350
351 rest -= chunk;
352 buf += chunk;
353 }
354 while (rest);
355
356 return num;
357 }
358
359/* non-copying interface: provide pointer to region to write to
360 * bio_nwrite0: check how much space is available
361 * bio_nwrite: also increase length
362 * (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
363 * or just bio_nwrite(), write to buffer)
364 */
365static ssize_t bio_nwrite0(BIO *bio, char **buf)
366 {
367 struct bio_bio_st *b;
368 size_t num;
369 size_t write_offset;
370
371 BIO_clear_retry_flags(bio);
372
373 if (!bio->init)
374 return 0;
375
376 b = bio->ptr;
377 assert(b != NULL);
378 assert(b->peer != NULL);
379 assert(b->buf != NULL);
380
381 b->request = 0;
382 if (b->closed)
383 {
384 BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
385 return -1;
386 }
387
388 assert(b->len <= b->size);
389
390 if (b->len == b->size)
391 {
392 BIO_set_retry_write(bio);
393 return -1;
394 }
395
396 num = b->size - b->len;
397 write_offset = b->offset + b->len;
398 if (write_offset >= b->size)
399 write_offset -= b->size;
400 if (write_offset + num > b->size)
401 /* no ring buffer wrap-around for non-copying interface
402 * (to fulfil the promise by BIO_ctrl_get_write_guarantee,
403 * BIO_nwrite may have to be called twice) */
404 num = b->size - write_offset;
405
406 if (buf != NULL)
407 *buf = b->buf + write_offset;
408 assert(write_offset + num <= b->size);
409
410 return num;
411 }
412
413static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
414 {
415 struct bio_bio_st *b;
416 ssize_t num, space;
417
418 if (num_ > SSIZE_MAX)
419 num = SSIZE_MAX;
420 else
421 num = (ssize_t)num_;
422
423 space = bio_nwrite0(bio, buf);
424 if (num > space)
425 num = space;
426 if (num <= 0)
427 return num;
428 b = bio->ptr;
429 assert(b != NULL);
430 b->len += num;
431 assert(b->len <= b->size);
432
433 return num;
434 }
435
436
437static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
438 {
439 long ret;
440 struct bio_bio_st *b = bio->ptr;
441
442 assert(b != NULL);
443
444 switch (cmd)
445 {
446 /* specific CTRL codes */
447
448 case BIO_C_SET_WRITE_BUF_SIZE:
449 if (b->peer)
450 {
451 BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
452 ret = 0;
453 }
454 else if (num == 0)
455 {
456 BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
457 ret = 0;
458 }
459 else
460 {
461 size_t new_size = num;
462
463 if (b->size != new_size)
464 {
465 if (b->buf)
466 {
467 OPENSSL_free(b->buf);
468 b->buf = NULL;
469 }
470 b->size = new_size;
471 }
472 ret = 1;
473 }
474 break;
475
476 case BIO_C_GET_WRITE_BUF_SIZE:
477 num = (long) b->size;
478
479 case BIO_C_MAKE_BIO_PAIR:
480 {
481 BIO *other_bio = ptr;
482
483 if (bio_make_pair(bio, other_bio))
484 ret = 1;
485 else
486 ret = 0;
487 }
488 break;
489
490 case BIO_C_DESTROY_BIO_PAIR:
491 /* Effects both BIOs in the pair -- call just once!
492 * Or let BIO_free(bio1); BIO_free(bio2); do the job. */
493 bio_destroy_pair(bio);
494 ret = 1;
495 break;
496
497 case BIO_C_GET_WRITE_GUARANTEE:
498 /* How many bytes can the caller feed to the next write
499 * without having to keep any? */
500 if (b->peer == NULL || b->closed)
501 ret = 0;
502 else
503 ret = (long) b->size - b->len;
504 break;
505
506 case BIO_C_GET_READ_REQUEST:
507 /* If the peer unsuccessfully tried to read, how many bytes
508 * were requested? (As with BIO_CTRL_PENDING, that number
509 * can usually be treated as boolean.) */
510 ret = (long) b->request;
511 break;
512
513 case BIO_C_RESET_READ_REQUEST:
514 /* Reset request. (Can be useful after read attempts
515 * at the other side that are meant to be non-blocking,
516 * e.g. when probing SSL_read to see if any data is
517 * available.) */
518 b->request = 0;
519 ret = 1;
520 break;
521
522 case BIO_C_SHUTDOWN_WR:
523 /* similar to shutdown(..., SHUT_WR) */
524 b->closed = 1;
525 ret = 1;
526 break;
527
528 case BIO_C_NREAD0:
529 /* prepare for non-copying read */
530 ret = (long) bio_nread0(bio, ptr);
531 break;
532
533 case BIO_C_NREAD:
534 /* non-copying read */
535 ret = (long) bio_nread(bio, ptr, (size_t) num);
536 break;
537
538 case BIO_C_NWRITE0:
539 /* prepare for non-copying write */
540 ret = (long) bio_nwrite0(bio, ptr);
541 break;
542
543 case BIO_C_NWRITE:
544 /* non-copying write */
545 ret = (long) bio_nwrite(bio, ptr, (size_t) num);
546 break;
547
548
549 /* standard CTRL codes follow */
550
551 case BIO_CTRL_RESET:
552 if (b->buf != NULL)
553 {
554 b->len = 0;
555 b->offset = 0;
556 }
557 ret = 0;
558 break;
559
560 case BIO_CTRL_GET_CLOSE:
561 ret = bio->shutdown;
562 break;
563
564 case BIO_CTRL_SET_CLOSE:
565 bio->shutdown = (int) num;
566 ret = 1;
567 break;
568
569 case BIO_CTRL_PENDING:
570 if (b->peer != NULL)
571 {
572 struct bio_bio_st *peer_b = b->peer->ptr;
573
574 ret = (long) peer_b->len;
575 }
576 else
577 ret = 0;
578 break;
579
580 case BIO_CTRL_WPENDING:
581 if (b->buf != NULL)
582 ret = (long) b->len;
583 else
584 ret = 0;
585 break;
586
587 case BIO_CTRL_DUP:
588 /* See BIO_dup_chain for circumstances we have to expect. */
589 {
590 BIO *other_bio = ptr;
591 struct bio_bio_st *other_b;
592
593 assert(other_bio != NULL);
594 other_b = other_bio->ptr;
595 assert(other_b != NULL);
596
597 assert(other_b->buf == NULL); /* other_bio is always fresh */
598
599 other_b->size = b->size;
600 }
601
602 ret = 1;
603 break;
604
605 case BIO_CTRL_FLUSH:
606 ret = 1;
607 break;
608
609 case BIO_CTRL_EOF:
610 {
611 BIO *other_bio = ptr;
612
613 if (other_bio)
614 {
615 struct bio_bio_st *other_b = other_bio->ptr;
616
617 assert(other_b != NULL);
618 ret = other_b->len == 0 && other_b->closed;
619 }
620 else
621 ret = 1;
622 }
623 break;
624
625 default:
626 ret = 0;
627 }
628 return ret;
629 }
630
631static int bio_puts(BIO *bio, const char *str)
632 {
633 return bio_write(bio, str, strlen(str));
634 }
635
636
637static int bio_make_pair(BIO *bio1, BIO *bio2)
638 {
639 struct bio_bio_st *b1, *b2;
640
641 assert(bio1 != NULL);
642 assert(bio2 != NULL);
643
644 b1 = bio1->ptr;
645 b2 = bio2->ptr;
646
647 if (b1->peer != NULL || b2->peer != NULL)
648 {
649 BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
650 return 0;
651 }
652
653 if (b1->buf == NULL)
654 {
655 b1->buf = OPENSSL_malloc(b1->size);
656 if (b1->buf == NULL)
657 {
658 BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
659 return 0;
660 }
661 b1->len = 0;
662 b1->offset = 0;
663 }
664
665 if (b2->buf == NULL)
666 {
667 b2->buf = OPENSSL_malloc(b2->size);
668 if (b2->buf == NULL)
669 {
670 BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
671 return 0;
672 }
673 b2->len = 0;
674 b2->offset = 0;
675 }
676
677 b1->peer = bio2;
678 b1->closed = 0;
679 b1->request = 0;
680 b2->peer = bio1;
681 b2->closed = 0;
682 b2->request = 0;
683
684 bio1->init = 1;
685 bio2->init = 1;
686
687 return 1;
688 }
689
690static void bio_destroy_pair(BIO *bio)
691 {
692 struct bio_bio_st *b = bio->ptr;
693
694 if (b != NULL)
695 {
696 BIO *peer_bio = b->peer;
697
698 if (peer_bio != NULL)
699 {
700 struct bio_bio_st *peer_b = peer_bio->ptr;
701
702 assert(peer_b != NULL);
703 assert(peer_b->peer == bio);
704
705 peer_b->peer = NULL;
706 peer_bio->init = 0;
707 assert(peer_b->buf != NULL);
708 peer_b->len = 0;
709 peer_b->offset = 0;
710
711 b->peer = NULL;
712 bio->init = 0;
713 assert(b->buf != NULL);
714 b->len = 0;
715 b->offset = 0;
716 }
717 }
718 }
719
720
721/* Exported convenience functions */
722int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
723 BIO **bio2_p, size_t writebuf2)
724 {
725 BIO *bio1 = NULL, *bio2 = NULL;
726 long r;
727 int ret = 0;
728
729 bio1 = BIO_new(BIO_s_bio());
730 if (bio1 == NULL)
731 goto err;
732 bio2 = BIO_new(BIO_s_bio());
733 if (bio2 == NULL)
734 goto err;
735
736 if (writebuf1)
737 {
738 r = BIO_set_write_buf_size(bio1, writebuf1);
739 if (!r)
740 goto err;
741 }
742 if (writebuf2)
743 {
744 r = BIO_set_write_buf_size(bio2, writebuf2);
745 if (!r)
746 goto err;
747 }
748
749 r = BIO_make_bio_pair(bio1, bio2);
750 if (!r)
751 goto err;
752 ret = 1;
753
754 err:
755 if (ret == 0)
756 {
757 if (bio1)
758 {
759 BIO_free(bio1);
760 bio1 = NULL;
761 }
762 if (bio2)
763 {
764 BIO_free(bio2);
765 bio2 = NULL;
766 }
767 }
768
769 *bio1_p = bio1;
770 *bio2_p = bio2;
771 return ret;
772 }
773
774size_t BIO_ctrl_get_write_guarantee(BIO *bio)
775 {
776 return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
777 }
778
779size_t BIO_ctrl_get_read_request(BIO *bio)
780 {
781 return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
782 }
783
784int BIO_ctrl_reset_read_request(BIO *bio)
785 {
786 return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
787 }
788
789
790/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
791 * (conceivably some other BIOs could allow non-copying reads and writes too.)
792 */
793int BIO_nread0(BIO *bio, char **buf)
794 {
795 long ret;
796
797 if (!bio->init)
798 {
799 BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
800 return -2;
801 }
802
803 ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
804 if (ret > INT_MAX)
805 return INT_MAX;
806 else
807 return (int) ret;
808 }
809
810int BIO_nread(BIO *bio, char **buf, int num)
811 {
812 int ret;
813
814 if (!bio->init)
815 {
816 BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
817 return -2;
818 }
819
820 ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf);
821 if (ret > 0)
822 bio->num_read += ret;
823 return ret;
824 }
825
826int BIO_nwrite0(BIO *bio, char **buf)
827 {
828 long ret;
829
830 if (!bio->init)
831 {
832 BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
833 return -2;
834 }
835
836 ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
837 if (ret > INT_MAX)
838 return INT_MAX;
839 else
840 return (int) ret;
841 }
842
843int BIO_nwrite(BIO *bio, char **buf, int num)
844 {
845 int ret;
846
847 if (!bio->init)
848 {
849 BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
850 return -2;
851 }
852
853 ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
854 if (ret > 0)
855 bio->num_read += ret;
856 return ret;
857 }
diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c
deleted file mode 100644
index a6b77a2cb9..0000000000
--- a/src/lib/libcrypto/bio/bss_conn.c
+++ /dev/null
@@ -1,651 +0,0 @@
1/* crypto/bio/bss_conn.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SOCK
60
61#include <stdio.h>
62#include <errno.h>
63#define USE_SOCKETS
64#include "cryptlib.h"
65#include <openssl/bio.h>
66
67#ifdef WIN16
68#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
69#else
70#define SOCKET_PROTOCOL IPPROTO_TCP
71#endif
72
73#if (defined(VMS) && __VMS_VER < 70000000)
74/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
75#undef FIONBIO
76#endif
77
78
79typedef struct bio_connect_st
80 {
81 int state;
82
83 char *param_hostname;
84 char *param_port;
85 int nbio;
86
87 unsigned char ip[4];
88 unsigned short port;
89
90 struct sockaddr_in them;
91
92 /* int socket; this will be kept in bio->num so that it is
93 * compatible with the bss_sock bio */
94
95 /* called when the connection is initially made
96 * callback(BIO,state,ret); The callback should return
97 * 'ret'. state is for compatibility with the ssl info_callback */
98 int (*info_callback)();
99 } BIO_CONNECT;
100
101static int conn_write(BIO *h, const char *buf, int num);
102static int conn_read(BIO *h, char *buf, int size);
103static int conn_puts(BIO *h, const char *str);
104static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
105static int conn_new(BIO *h);
106static int conn_free(BIO *data);
107static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
108
109static int conn_state(BIO *b, BIO_CONNECT *c);
110static void conn_close_socket(BIO *data);
111BIO_CONNECT *BIO_CONNECT_new(void );
112void BIO_CONNECT_free(BIO_CONNECT *a);
113
114static BIO_METHOD methods_connectp=
115 {
116 BIO_TYPE_CONNECT,
117 "socket connect",
118 conn_write,
119 conn_read,
120 conn_puts,
121 NULL, /* connect_gets, */
122 conn_ctrl,
123 conn_new,
124 conn_free,
125 conn_callback_ctrl,
126 };
127
128static int conn_state(BIO *b, BIO_CONNECT *c)
129 {
130 int ret= -1,i;
131 unsigned long l;
132 char *p,*q;
133 int (*cb)()=NULL;
134
135 if (c->info_callback != NULL)
136 cb=c->info_callback;
137
138 for (;;)
139 {
140 switch (c->state)
141 {
142 case BIO_CONN_S_BEFORE:
143 p=c->param_hostname;
144 if (p == NULL)
145 {
146 BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTNAME_SPECIFIED);
147 goto exit_loop;
148 }
149 for ( ; *p != '\0'; p++)
150 {
151 if ((*p == ':') || (*p == '/')) break;
152 }
153
154 i= *p;
155 if ((i == ':') || (i == '/'))
156 {
157
158 *(p++)='\0';
159 if (i == ':')
160 {
161 for (q=p; *q; q++)
162 if (*q == '/')
163 {
164 *q='\0';
165 break;
166 }
167 if (c->param_port != NULL)
168 OPENSSL_free(c->param_port);
169 c->param_port=BUF_strdup(p);
170 }
171 }
172
173 if (c->param_port == NULL)
174 {
175 BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
176 ERR_add_error_data(2,"host=",c->param_hostname);
177 goto exit_loop;
178 }
179 c->state=BIO_CONN_S_GET_IP;
180 break;
181
182 case BIO_CONN_S_GET_IP:
183 if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
184 goto exit_loop;
185 c->state=BIO_CONN_S_GET_PORT;
186 break;
187
188 case BIO_CONN_S_GET_PORT:
189 if (c->param_port == NULL)
190 {
191 /* abort(); */
192 goto exit_loop;
193 }
194 else if (BIO_get_port(c->param_port,&c->port) <= 0)
195 goto exit_loop;
196 c->state=BIO_CONN_S_CREATE_SOCKET;
197 break;
198
199 case BIO_CONN_S_CREATE_SOCKET:
200 /* now setup address */
201 memset((char *)&c->them,0,sizeof(c->them));
202 c->them.sin_family=AF_INET;
203 c->them.sin_port=htons((unsigned short)c->port);
204 l=(unsigned long)
205 ((unsigned long)c->ip[0]<<24L)|
206 ((unsigned long)c->ip[1]<<16L)|
207 ((unsigned long)c->ip[2]<< 8L)|
208 ((unsigned long)c->ip[3]);
209 c->them.sin_addr.s_addr=htonl(l);
210 c->state=BIO_CONN_S_CREATE_SOCKET;
211
212 ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
213 if (ret == INVALID_SOCKET)
214 {
215 SYSerr(SYS_F_SOCKET,get_last_socket_error());
216 ERR_add_error_data(4,"host=",c->param_hostname,
217 ":",c->param_port);
218 BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
219 goto exit_loop;
220 }
221 b->num=ret;
222 c->state=BIO_CONN_S_NBIO;
223 break;
224
225 case BIO_CONN_S_NBIO:
226 if (c->nbio)
227 {
228 if (!BIO_socket_nbio(b->num,1))
229 {
230 BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
231 ERR_add_error_data(4,"host=",
232 c->param_hostname,
233 ":",c->param_port);
234 goto exit_loop;
235 }
236 }
237 c->state=BIO_CONN_S_CONNECT;
238
239#if defined(SO_KEEPALIVE) && !defined(MPE)
240 i=1;
241 i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
242 if (i < 0)
243 {
244 SYSerr(SYS_F_SOCKET,get_last_socket_error());
245 ERR_add_error_data(4,"host=",c->param_hostname,
246 ":",c->param_port);
247 BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE);
248 goto exit_loop;
249 }
250#endif
251 break;
252
253 case BIO_CONN_S_CONNECT:
254 BIO_clear_retry_flags(b);
255 ret=connect(b->num,
256 (struct sockaddr *)&c->them,
257 sizeof(c->them));
258 b->retry_reason=0;
259 if (ret < 0)
260 {
261 if (BIO_sock_should_retry(ret))
262 {
263 BIO_set_retry_special(b);
264 c->state=BIO_CONN_S_BLOCKED_CONNECT;
265 b->retry_reason=BIO_RR_CONNECT;
266 }
267 else
268 {
269 SYSerr(SYS_F_CONNECT,get_last_socket_error());
270 ERR_add_error_data(4,"host=",
271 c->param_hostname,
272 ":",c->param_port);
273 BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
274 }
275 goto exit_loop;
276 }
277 else
278 c->state=BIO_CONN_S_OK;
279 break;
280
281 case BIO_CONN_S_BLOCKED_CONNECT:
282 i=BIO_sock_error(b->num);
283 if (i)
284 {
285 BIO_clear_retry_flags(b);
286 SYSerr(SYS_F_CONNECT,i);
287 ERR_add_error_data(4,"host=",
288 c->param_hostname,
289 ":",c->param_port);
290 BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
291 ret=0;
292 goto exit_loop;
293 }
294 else
295 c->state=BIO_CONN_S_OK;
296 break;
297
298 case BIO_CONN_S_OK:
299 ret=1;
300 goto exit_loop;
301 default:
302 /* abort(); */
303 goto exit_loop;
304 }
305
306 if (cb != NULL)
307 {
308 if (!(ret=cb((BIO *)b,c->state,ret)))
309 goto end;
310 }
311 }
312
313 /* Loop does not exit */
314exit_loop:
315 if (cb != NULL)
316 ret=cb((BIO *)b,c->state,ret);
317end:
318 return(ret);
319 }
320
321BIO_CONNECT *BIO_CONNECT_new(void)
322 {
323 BIO_CONNECT *ret;
324
325 if ((ret=(BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
326 return(NULL);
327 ret->state=BIO_CONN_S_BEFORE;
328 ret->param_hostname=NULL;
329 ret->param_port=NULL;
330 ret->info_callback=NULL;
331 ret->nbio=0;
332 ret->ip[0]=0;
333 ret->ip[1]=0;
334 ret->ip[2]=0;
335 ret->ip[3]=0;
336 ret->port=0;
337 memset((char *)&ret->them,0,sizeof(ret->them));
338 return(ret);
339 }
340
341void BIO_CONNECT_free(BIO_CONNECT *a)
342 {
343 if(a == NULL)
344 return;
345
346 if (a->param_hostname != NULL)
347 OPENSSL_free(a->param_hostname);
348 if (a->param_port != NULL)
349 OPENSSL_free(a->param_port);
350 OPENSSL_free(a);
351 }
352
353BIO_METHOD *BIO_s_connect(void)
354 {
355 return(&methods_connectp);
356 }
357
358static int conn_new(BIO *bi)
359 {
360 bi->init=0;
361 bi->num=INVALID_SOCKET;
362 bi->flags=0;
363 if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL)
364 return(0);
365 else
366 return(1);
367 }
368
369static void conn_close_socket(BIO *bio)
370 {
371 BIO_CONNECT *c;
372
373 c=(BIO_CONNECT *)bio->ptr;
374 if (bio->num != INVALID_SOCKET)
375 {
376 /* Only do a shutdown if things were established */
377 if (c->state == BIO_CONN_S_OK)
378 shutdown(bio->num,2);
379 closesocket(bio->num);
380 bio->num=INVALID_SOCKET;
381 }
382 }
383
384static int conn_free(BIO *a)
385 {
386 BIO_CONNECT *data;
387
388 if (a == NULL) return(0);
389 data=(BIO_CONNECT *)a->ptr;
390
391 if (a->shutdown)
392 {
393 conn_close_socket(a);
394 BIO_CONNECT_free(data);
395 a->ptr=NULL;
396 a->flags=0;
397 a->init=0;
398 }
399 return(1);
400 }
401
402static int conn_read(BIO *b, char *out, int outl)
403 {
404 int ret=0;
405 BIO_CONNECT *data;
406
407 data=(BIO_CONNECT *)b->ptr;
408 if (data->state != BIO_CONN_S_OK)
409 {
410 ret=conn_state(b,data);
411 if (ret <= 0)
412 return(ret);
413 }
414
415 if (out != NULL)
416 {
417 clear_socket_error();
418 ret=readsocket(b->num,out,outl);
419 BIO_clear_retry_flags(b);
420 if (ret <= 0)
421 {
422 if (BIO_sock_should_retry(ret))
423 BIO_set_retry_read(b);
424 }
425 }
426 return(ret);
427 }
428
429static int conn_write(BIO *b, const char *in, int inl)
430 {
431 int ret;
432 BIO_CONNECT *data;
433
434 data=(BIO_CONNECT *)b->ptr;
435 if (data->state != BIO_CONN_S_OK)
436 {
437 ret=conn_state(b,data);
438 if (ret <= 0) return(ret);
439 }
440
441 clear_socket_error();
442 ret=writesocket(b->num,in,inl);
443 BIO_clear_retry_flags(b);
444 if (ret <= 0)
445 {
446 if (BIO_sock_should_retry(ret))
447 BIO_set_retry_write(b);
448 }
449 return(ret);
450 }
451
452static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
453 {
454 BIO *dbio;
455 int *ip;
456 const char **pptr;
457 long ret=1;
458 BIO_CONNECT *data;
459
460 data=(BIO_CONNECT *)b->ptr;
461
462 switch (cmd)
463 {
464 case BIO_CTRL_RESET:
465 ret=0;
466 data->state=BIO_CONN_S_BEFORE;
467 conn_close_socket(b);
468 b->flags=0;
469 break;
470 case BIO_C_DO_STATE_MACHINE:
471 /* use this one to start the connection */
472 if (!data->state != BIO_CONN_S_OK)
473 ret=(long)conn_state(b,data);
474 else
475 ret=1;
476 break;
477 case BIO_C_GET_CONNECT:
478 if (ptr != NULL)
479 {
480 pptr=(const char **)ptr;
481 if (num == 0)
482 {
483 *pptr=data->param_hostname;
484
485 }
486 else if (num == 1)
487 {
488 *pptr=data->param_port;
489 }
490 else if (num == 2)
491 {
492 *pptr= (char *)&(data->ip[0]);
493 }
494 else if (num == 3)
495 {
496 *((int *)ptr)=data->port;
497 }
498 if ((!b->init) || (ptr == NULL))
499 *pptr="not initialized";
500 ret=1;
501 }
502 break;
503 case BIO_C_SET_CONNECT:
504 if (ptr != NULL)
505 {
506 b->init=1;
507 if (num == 0)
508 {
509 if (data->param_hostname != NULL)
510 OPENSSL_free(data->param_hostname);
511 data->param_hostname=BUF_strdup(ptr);
512 }
513 else if (num == 1)
514 {
515 if (data->param_port != NULL)
516 OPENSSL_free(data->param_port);
517 data->param_port=BUF_strdup(ptr);
518 }
519 else if (num == 2)
520 {
521 char buf[16];
522 char *p = ptr;
523
524 sprintf(buf,"%d.%d.%d.%d",
525 p[0],p[1],p[2],p[3]);
526 if (data->param_hostname != NULL)
527 OPENSSL_free(data->param_hostname);
528 data->param_hostname=BUF_strdup(buf);
529 memcpy(&(data->ip[0]),ptr,4);
530 }
531 else if (num == 3)
532 {
533 char buf[16];
534
535 sprintf(buf,"%d",*(int *)ptr);
536 if (data->param_port != NULL)
537 OPENSSL_free(data->param_port);
538 data->param_port=BUF_strdup(buf);
539 data->port= *(int *)ptr;
540 }
541 }
542 break;
543 case BIO_C_SET_NBIO:
544 data->nbio=(int)num;
545 break;
546 case BIO_C_GET_FD:
547 if (b->init)
548 {
549 ip=(int *)ptr;
550 if (ip != NULL)
551 *ip=b->num;
552 ret=b->num;
553 }
554 else
555 ret= -1;
556 break;
557 case BIO_CTRL_GET_CLOSE:
558 ret=b->shutdown;
559 break;
560 case BIO_CTRL_SET_CLOSE:
561 b->shutdown=(int)num;
562 break;
563 case BIO_CTRL_PENDING:
564 case BIO_CTRL_WPENDING:
565 ret=0;
566 break;
567 case BIO_CTRL_FLUSH:
568 break;
569 case BIO_CTRL_DUP:
570 {
571 dbio=(BIO *)ptr;
572 if (data->param_port)
573 BIO_set_conn_port(dbio,data->param_port);
574 if (data->param_hostname)
575 BIO_set_conn_hostname(dbio,data->param_hostname);
576 BIO_set_nbio(dbio,data->nbio);
577 (void)BIO_set_info_callback(dbio,data->info_callback);
578 }
579 break;
580 case BIO_CTRL_SET_CALLBACK:
581 {
582#if 0 /* FIXME: Should this be used? -- Richard Levitte */
583 BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
584 ret = -1;
585#else
586 ret=0;
587#endif
588 }
589 break;
590 case BIO_CTRL_GET_CALLBACK:
591 {
592 int (**fptr)();
593
594 fptr=(int (**)())ptr;
595 *fptr=data->info_callback;
596 }
597 break;
598 default:
599 ret=0;
600 break;
601 }
602 return(ret);
603 }
604
605static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
606 {
607 long ret=1;
608 BIO_CONNECT *data;
609
610 data=(BIO_CONNECT *)b->ptr;
611
612 switch (cmd)
613 {
614 case BIO_CTRL_SET_CALLBACK:
615 {
616 data->info_callback=(int (*)())fp;
617 }
618 break;
619 default:
620 ret=0;
621 break;
622 }
623 return(ret);
624 }
625
626static int conn_puts(BIO *bp, const char *str)
627 {
628 int n,ret;
629
630 n=strlen(str);
631 ret=conn_write(bp,str,n);
632 return(ret);
633 }
634
635BIO *BIO_new_connect(char *str)
636 {
637 BIO *ret;
638
639 ret=BIO_new(BIO_s_connect());
640 if (ret == NULL) return(NULL);
641 if (BIO_set_conn_hostname(ret,str))
642 return(ret);
643 else
644 {
645 BIO_free(ret);
646 return(NULL);
647 }
648 }
649
650#endif
651
diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c
deleted file mode 100644
index 686c4909a2..0000000000
--- a/src/lib/libcrypto/bio/bss_fd.c
+++ /dev/null
@@ -1,62 +0,0 @@
1/* crypto/bio/bss_fd.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#define BIO_FD
60#include "bss_sock.c"
61#undef BIO_FD
62
diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c
deleted file mode 100644
index 1f770b390f..0000000000
--- a/src/lib/libcrypto/bio/bss_file.c
+++ /dev/null
@@ -1,310 +0,0 @@
1/* crypto/bio/bss_file.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout
61 * with binary data (e.g. asn1parse -inform DER < xxx) under
62 * Windows
63 */
64
65#ifndef HEADER_BSS_FILE_C
66#define HEADER_BSS_FILE_C
67
68#include <stdio.h>
69#include <errno.h>
70#include "cryptlib.h"
71#include <openssl/bio.h>
72#include <openssl/err.h>
73
74#if !defined(NO_STDIO)
75
76static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
77static int MS_CALLBACK file_read(BIO *h, char *buf, int size);
78static int MS_CALLBACK file_puts(BIO *h, const char *str);
79static int MS_CALLBACK file_gets(BIO *h, char *str, int size);
80static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
81static int MS_CALLBACK file_new(BIO *h);
82static int MS_CALLBACK file_free(BIO *data);
83static BIO_METHOD methods_filep=
84 {
85 BIO_TYPE_FILE,
86 "FILE pointer",
87 file_write,
88 file_read,
89 file_puts,
90 file_gets,
91 file_ctrl,
92 file_new,
93 file_free,
94 NULL,
95 };
96
97BIO *BIO_new_file(const char *filename, const char *mode)
98 {
99 BIO *ret;
100 FILE *file;
101
102 if ((file=fopen(filename,mode)) == NULL)
103 {
104 SYSerr(SYS_F_FOPEN,get_last_sys_error());
105 ERR_add_error_data(5,"fopen('",filename,"','",mode,"')");
106 BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
107 return(NULL);
108 }
109 if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
110 return(NULL);
111
112 BIO_set_fp(ret,file,BIO_CLOSE);
113 return(ret);
114 }
115
116BIO *BIO_new_fp(FILE *stream, int close_flag)
117 {
118 BIO *ret;
119
120 if ((ret=BIO_new(BIO_s_file())) == NULL)
121 return(NULL);
122
123 BIO_set_fp(ret,stream,close_flag);
124 return(ret);
125 }
126
127BIO_METHOD *BIO_s_file(void)
128 {
129 return(&methods_filep);
130 }
131
132static int MS_CALLBACK file_new(BIO *bi)
133 {
134 bi->init=0;
135 bi->num=0;
136 bi->ptr=NULL;
137 return(1);
138 }
139
140static int MS_CALLBACK file_free(BIO *a)
141 {
142 if (a == NULL) return(0);
143 if (a->shutdown)
144 {
145 if ((a->init) && (a->ptr != NULL))
146 {
147 fclose((FILE *)a->ptr);
148 a->ptr=NULL;
149 }
150 a->init=0;
151 }
152 return(1);
153 }
154
155static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
156 {
157 int ret=0;
158
159 if (b->init && (out != NULL))
160 {
161 ret=fread(out,1,(int)outl,(FILE *)b->ptr);
162 }
163 return(ret);
164 }
165
166static int MS_CALLBACK file_write(BIO *b, const char *in, int inl)
167 {
168 int ret=0;
169
170 if (b->init && (in != NULL))
171 {
172 if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
173 ret=inl;
174 /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
175 /* according to Tim Hudson <tjh@cryptsoft.com>, the commented
176 * out version above can cause 'inl' write calls under
177 * some stupid stdio implementations (VMS) */
178 }
179 return(ret);
180 }
181
182static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
183 {
184 long ret=1;
185 FILE *fp=(FILE *)b->ptr;
186 FILE **fpp;
187 char p[4];
188
189 switch (cmd)
190 {
191 case BIO_C_FILE_SEEK:
192 case BIO_CTRL_RESET:
193 ret=(long)fseek(fp,num,0);
194 break;
195 case BIO_CTRL_EOF:
196 ret=(long)feof(fp);
197 break;
198 case BIO_C_FILE_TELL:
199 case BIO_CTRL_INFO:
200 ret=ftell(fp);
201 break;
202 case BIO_C_SET_FILE_PTR:
203 file_free(b);
204 b->shutdown=(int)num&BIO_CLOSE;
205 b->ptr=(char *)ptr;
206 b->init=1;
207#if defined(MSDOS) || defined(WINDOWS)
208 /* Set correct text/binary mode */
209 if (num & BIO_FP_TEXT)
210 _setmode(fileno((FILE *)ptr),_O_TEXT);
211 else
212 _setmode(fileno((FILE *)ptr),_O_BINARY);
213#endif
214 break;
215 case BIO_C_SET_FILENAME:
216 file_free(b);
217 b->shutdown=(int)num&BIO_CLOSE;
218 if (num & BIO_FP_APPEND)
219 {
220 if (num & BIO_FP_READ)
221 strcpy(p,"a+");
222 else strcpy(p,"a");
223 }
224 else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
225 strcpy(p,"r+");
226 else if (num & BIO_FP_WRITE)
227 strcpy(p,"w");
228 else if (num & BIO_FP_READ)
229 strcpy(p,"r");
230 else
231 {
232 BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
233 ret=0;
234 break;
235 }
236#if defined(MSDOS) || defined(WINDOWS)
237 if (!(num & BIO_FP_TEXT))
238 strcat(p,"b");
239 else
240 strcat(p,"t");
241#endif
242 fp=fopen(ptr,p);
243 if (fp == NULL)
244 {
245 SYSerr(SYS_F_FOPEN,get_last_sys_error());
246 ERR_add_error_data(5,"fopen('",ptr,"','",p,"')");
247 BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
248 ret=0;
249 break;
250 }
251 b->ptr=(char *)fp;
252 b->init=1;
253 break;
254 case BIO_C_GET_FILE_PTR:
255 /* the ptr parameter is actually a FILE ** in this case. */
256 if (ptr != NULL)
257 {
258 fpp=(FILE **)ptr;
259 *fpp=(FILE *)b->ptr;
260 }
261 break;
262 case BIO_CTRL_GET_CLOSE:
263 ret=(long)b->shutdown;
264 break;
265 case BIO_CTRL_SET_CLOSE:
266 b->shutdown=(int)num;
267 break;
268 case BIO_CTRL_FLUSH:
269 fflush((FILE *)b->ptr);
270 break;
271 case BIO_CTRL_DUP:
272 ret=1;
273 break;
274
275 case BIO_CTRL_WPENDING:
276 case BIO_CTRL_PENDING:
277 case BIO_CTRL_PUSH:
278 case BIO_CTRL_POP:
279 default:
280 ret=0;
281 break;
282 }
283 return(ret);
284 }
285
286static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size)
287 {
288 int ret=0;
289
290 buf[0]='\0';
291 fgets(buf,size,(FILE *)bp->ptr);
292 if (buf[0] != '\0')
293 ret=strlen(buf);
294 return(ret);
295 }
296
297static int MS_CALLBACK file_puts(BIO *bp, const char *str)
298 {
299 int n,ret;
300
301 n=strlen(str);
302 ret=file_write(bp,str,n);
303 return(ret);
304 }
305
306#endif /* NO_STDIO */
307
308#endif /* HEADER_BSS_FILE_C */
309
310
diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c
deleted file mode 100644
index 1edf16a76f..0000000000
--- a/src/lib/libcrypto/bio/bss_log.c
+++ /dev/null
@@ -1,394 +0,0 @@
1/* crypto/bio/bss_log.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/*
57 Why BIO_s_log?
58
59 BIO_s_log is useful for system daemons (or services under NT).
60 It is one-way BIO, it sends all stuff to syslogd (on system that
61 commonly use that), or event log (on NT), or OPCOM (on OpenVMS).
62
63*/
64
65
66#include <stdio.h>
67#include <errno.h>
68
69#if defined(WIN32)
70# include <process.h>
71#elif defined(VMS) || defined(__VMS)
72# include <opcdef.h>
73# include <descrip.h>
74# include <lib$routines.h>
75# include <starlet.h>
76#elif defined(__ultrix)
77# include <sys/syslog.h>
78#elif !defined(MSDOS) /* Unix */
79# include <syslog.h>
80#endif
81
82#include "cryptlib.h"
83#include <openssl/buffer.h>
84#include <openssl/err.h>
85
86#ifndef NO_SYSLOG
87
88#if defined(WIN32)
89#define LOG_EMERG 0
90#define LOG_ALERT 1
91#define LOG_CRIT 2
92#define LOG_ERR 3
93#define LOG_WARNING 4
94#define LOG_NOTICE 5
95#define LOG_INFO 6
96#define LOG_DEBUG 7
97
98#define LOG_DAEMON (3<<3)
99#elif defined(VMS)
100/* On VMS, we don't really care about these, but we need them to compile */
101#define LOG_EMERG 0
102#define LOG_ALERT 1
103#define LOG_CRIT 2
104#define LOG_ERR 3
105#define LOG_WARNING 4
106#define LOG_NOTICE 5
107#define LOG_INFO 6
108#define LOG_DEBUG 7
109
110#define LOG_DAEMON OPC$M_NM_NTWORK
111#endif
112
113static int MS_CALLBACK slg_write(BIO *h, const char *buf, int num);
114static int MS_CALLBACK slg_puts(BIO *h, const char *str);
115static long MS_CALLBACK slg_ctrl(BIO *h, int cmd, long arg1, void *arg2);
116static int MS_CALLBACK slg_new(BIO *h);
117static int MS_CALLBACK slg_free(BIO *data);
118static void xopenlog(BIO* bp, char* name, int level);
119static void xsyslog(BIO* bp, int priority, const char* string);
120static void xcloselog(BIO* bp);
121#ifdef WIN32
122LONG (WINAPI *go_for_advapi)() = RegOpenKeyEx;
123HANDLE (WINAPI *register_event_source)() = NULL;
124BOOL (WINAPI *deregister_event_source)() = NULL;
125BOOL (WINAPI *report_event)() = NULL;
126#define DL_PROC(m,f) (GetProcAddress( m, f ))
127#ifdef UNICODE
128#define DL_PROC_X(m,f) DL_PROC( m, f "W" )
129#else
130#define DL_PROC_X(m,f) DL_PROC( m, f "A" )
131#endif
132#endif
133
134static BIO_METHOD methods_slg=
135 {
136 BIO_TYPE_MEM,"syslog",
137 slg_write,
138 NULL,
139 slg_puts,
140 NULL,
141 slg_ctrl,
142 slg_new,
143 slg_free,
144 NULL,
145 };
146
147BIO_METHOD *BIO_s_log(void)
148 {
149 return(&methods_slg);
150 }
151
152static int MS_CALLBACK slg_new(BIO *bi)
153 {
154 bi->init=1;
155 bi->num=0;
156 bi->ptr=NULL;
157 xopenlog(bi, "application", LOG_DAEMON);
158 return(1);
159 }
160
161static int MS_CALLBACK slg_free(BIO *a)
162 {
163 if (a == NULL) return(0);
164 xcloselog(a);
165 return(1);
166 }
167
168static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl)
169 {
170 int ret= inl;
171 char* buf;
172 char* pp;
173 int priority, i;
174 static struct
175 {
176 int strl;
177 char str[10];
178 int log_level;
179 }
180 mapping[] =
181 {
182 { 6, "PANIC ", LOG_EMERG },
183 { 6, "EMERG ", LOG_EMERG },
184 { 4, "EMR ", LOG_EMERG },
185 { 6, "ALERT ", LOG_ALERT },
186 { 4, "ALR ", LOG_ALERT },
187 { 5, "CRIT ", LOG_CRIT },
188 { 4, "CRI ", LOG_CRIT },
189 { 6, "ERROR ", LOG_ERR },
190 { 4, "ERR ", LOG_ERR },
191 { 8, "WARNING ", LOG_WARNING },
192 { 5, "WARN ", LOG_WARNING },
193 { 4, "WAR ", LOG_WARNING },
194 { 7, "NOTICE ", LOG_NOTICE },
195 { 5, "NOTE ", LOG_NOTICE },
196 { 4, "NOT ", LOG_NOTICE },
197 { 5, "INFO ", LOG_INFO },
198 { 4, "INF ", LOG_INFO },
199 { 6, "DEBUG ", LOG_DEBUG },
200 { 4, "DBG ", LOG_DEBUG },
201 { 0, "", LOG_ERR } /* The default */
202 };
203
204 if((buf= (char *)OPENSSL_malloc(inl+ 1)) == NULL){
205 return(0);
206 }
207 strncpy(buf, in, inl);
208 buf[inl]= '\0';
209
210 i = 0;
211 while(strncmp(buf, mapping[i].str, mapping[i].strl) != 0) i++;
212 priority = mapping[i].log_level;
213 pp = buf + mapping[i].strl;
214
215 xsyslog(b, priority, pp);
216
217 OPENSSL_free(buf);
218 return(ret);
219 }
220
221static long MS_CALLBACK slg_ctrl(BIO *b, int cmd, long num, void *ptr)
222 {
223 switch (cmd)
224 {
225 case BIO_CTRL_SET:
226 xcloselog(b);
227 xopenlog(b, ptr, num);
228 break;
229 default:
230 break;
231 }
232 return(0);
233 }
234
235static int MS_CALLBACK slg_puts(BIO *bp, const char *str)
236 {
237 int n,ret;
238
239 n=strlen(str);
240 ret=slg_write(bp,str,n);
241 return(ret);
242 }
243
244#if defined(WIN32)
245
246static void xopenlog(BIO* bp, char* name, int level)
247{
248 if ( !register_event_source )
249 {
250 HANDLE advapi;
251 if ( !(advapi = GetModuleHandle("advapi32")) )
252 return;
253 register_event_source = (HANDLE (WINAPI *)())DL_PROC_X(advapi,
254 "RegisterEventSource" );
255 deregister_event_source = (BOOL (WINAPI *)())DL_PROC(advapi,
256 "DeregisterEventSource");
257 report_event = (BOOL (WINAPI *)())DL_PROC_X(advapi,
258 "ReportEvent" );
259 if ( !(register_event_source && deregister_event_source &&
260 report_event) )
261 {
262 register_event_source = NULL;
263 deregister_event_source = NULL;
264 report_event = NULL;
265 return;
266 }
267 }
268 bp->ptr= (char *)register_event_source(NULL, name);
269}
270
271static void xsyslog(BIO *bp, int priority, const char *string)
272{
273 LPCSTR lpszStrings[2];
274 WORD evtype= EVENTLOG_ERROR_TYPE;
275 int pid = _getpid();
276 char pidbuf[20];
277
278 switch (priority)
279 {
280 case LOG_EMERG:
281 case LOG_ALERT:
282 case LOG_CRIT:
283 case LOG_ERR:
284 evtype = EVENTLOG_ERROR_TYPE;
285 break;
286 case LOG_WARNING:
287 evtype = EVENTLOG_WARNING_TYPE;
288 break;
289 case LOG_NOTICE:
290 case LOG_INFO:
291 case LOG_DEBUG:
292 evtype = EVENTLOG_INFORMATION_TYPE;
293 break;
294 default: /* Should never happen, but set it
295 as error anyway. */
296 evtype = EVENTLOG_ERROR_TYPE;
297 break;
298 }
299
300 sprintf(pidbuf, "[%d] ", pid);
301 lpszStrings[0] = pidbuf;
302 lpszStrings[1] = string;
303
304 if(report_event && bp->ptr)
305 report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
306 lpszStrings, NULL);
307}
308
309static void xcloselog(BIO* bp)
310{
311 if(deregister_event_source && bp->ptr)
312 deregister_event_source((HANDLE)(bp->ptr));
313 bp->ptr= NULL;
314}
315
316#elif defined(VMS)
317
318static int VMS_OPC_target = LOG_DAEMON;
319
320static void xopenlog(BIO* bp, char* name, int level)
321{
322 VMS_OPC_target = level;
323}
324
325static void xsyslog(BIO *bp, int priority, const char *string)
326{
327 struct dsc$descriptor_s opc_dsc;
328 struct opcdef *opcdef_p;
329 char buf[10240];
330 unsigned int len;
331 struct dsc$descriptor_s buf_dsc;
332 $DESCRIPTOR(fao_cmd, "!AZ: !AZ");
333 char *priority_tag;
334
335 switch (priority)
336 {
337 case LOG_EMERG: priority_tag = "Emergency"; break;
338 case LOG_ALERT: priority_tag = "Alert"; break;
339 case LOG_CRIT: priority_tag = "Critical"; break;
340 case LOG_ERR: priority_tag = "Error"; break;
341 case LOG_WARNING: priority_tag = "Warning"; break;
342 case LOG_NOTICE: priority_tag = "Notice"; break;
343 case LOG_INFO: priority_tag = "Info"; break;
344 case LOG_DEBUG: priority_tag = "DEBUG"; break;
345 }
346
347 buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
348 buf_dsc.dsc$b_class = DSC$K_CLASS_S;
349 buf_dsc.dsc$a_pointer = buf;
350 buf_dsc.dsc$w_length = sizeof(buf) - 1;
351
352 lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
353
354 /* we know there's an 8 byte header. That's documented */
355 opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len);
356 opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
357 memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
358 opcdef_p->opc$l_ms_rqstid = 0;
359 memcpy(&opcdef_p->opc$l_ms_text, buf, len);
360
361 opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
362 opc_dsc.dsc$b_class = DSC$K_CLASS_S;
363 opc_dsc.dsc$a_pointer = (char *)opcdef_p;
364 opc_dsc.dsc$w_length = len + 8;
365
366 sys$sndopr(opc_dsc, 0);
367
368 OPENSSL_free(opcdef_p);
369}
370
371static void xcloselog(BIO* bp)
372{
373}
374
375#else /* Unix */
376
377static void xopenlog(BIO* bp, char* name, int level)
378{
379 openlog(name, LOG_PID|LOG_CONS, level);
380}
381
382static void xsyslog(BIO *bp, int priority, const char *string)
383{
384 syslog(priority, "%s", string);
385}
386
387static void xcloselog(BIO* bp)
388{
389 closelog();
390}
391
392#endif /* Unix */
393
394#endif /* NO_SYSLOG */
diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c
deleted file mode 100644
index 28ff7582bf..0000000000
--- a/src/lib/libcrypto/bio/bss_mem.c
+++ /dev/null
@@ -1,317 +0,0 @@
1/* crypto/bio/bss_mem.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/bio.h>
63
64static int mem_write(BIO *h, const char *buf, int num);
65static int mem_read(BIO *h, char *buf, int size);
66static int mem_puts(BIO *h, const char *str);
67static int mem_gets(BIO *h, char *str, int size);
68static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2);
69static int mem_new(BIO *h);
70static int mem_free(BIO *data);
71static BIO_METHOD mem_method=
72 {
73 BIO_TYPE_MEM,
74 "memory buffer",
75 mem_write,
76 mem_read,
77 mem_puts,
78 mem_gets,
79 mem_ctrl,
80 mem_new,
81 mem_free,
82 NULL,
83 };
84
85/* bio->num is used to hold the value to return on 'empty', if it is
86 * 0, should_retry is not set */
87
88BIO_METHOD *BIO_s_mem(void)
89 {
90 return(&mem_method);
91 }
92
93BIO *BIO_new_mem_buf(void *buf, int len)
94{
95 BIO *ret;
96 BUF_MEM *b;
97 if (!buf) {
98 BIOerr(BIO_F_BIO_NEW_MEM_BUF,BIO_R_NULL_PARAMETER);
99 return NULL;
100 }
101 if(len == -1) len = strlen(buf);
102 if(!(ret = BIO_new(BIO_s_mem())) ) return NULL;
103 b = (BUF_MEM *)ret->ptr;
104 b->data = buf;
105 b->length = len;
106 b->max = len;
107 ret->flags |= BIO_FLAGS_MEM_RDONLY;
108 /* Since this is static data retrying wont help */
109 ret->num = 0;
110 return ret;
111}
112
113static int mem_new(BIO *bi)
114 {
115 BUF_MEM *b;
116
117 if ((b=BUF_MEM_new()) == NULL)
118 return(0);
119 bi->shutdown=1;
120 bi->init=1;
121 bi->num= -1;
122 bi->ptr=(char *)b;
123 return(1);
124 }
125
126static int mem_free(BIO *a)
127 {
128 if (a == NULL) return(0);
129 if (a->shutdown)
130 {
131 if ((a->init) && (a->ptr != NULL))
132 {
133 BUF_MEM *b;
134 b = (BUF_MEM *)a->ptr;
135 if(a->flags & BIO_FLAGS_MEM_RDONLY) b->data = NULL;
136 BUF_MEM_free(b);
137 a->ptr=NULL;
138 }
139 }
140 return(1);
141 }
142
143static int mem_read(BIO *b, char *out, int outl)
144 {
145 int ret= -1;
146 BUF_MEM *bm;
147 int i;
148 char *from,*to;
149
150 bm=(BUF_MEM *)b->ptr;
151 BIO_clear_retry_flags(b);
152 ret=(outl > bm->length)?bm->length:outl;
153 if ((out != NULL) && (ret > 0)) {
154 memcpy(out,bm->data,ret);
155 bm->length-=ret;
156 /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
157 if(b->flags & BIO_FLAGS_MEM_RDONLY) bm->data += ret;
158 else {
159 from=(char *)&(bm->data[ret]);
160 to=(char *)&(bm->data[0]);
161 for (i=0; i<bm->length; i++)
162 to[i]=from[i];
163 }
164 } else if (bm->length == 0)
165 {
166 ret = b->num;
167 if (ret != 0)
168 BIO_set_retry_read(b);
169 }
170 return(ret);
171 }
172
173static int mem_write(BIO *b, const char *in, int inl)
174 {
175 int ret= -1;
176 int blen;
177 BUF_MEM *bm;
178
179 bm=(BUF_MEM *)b->ptr;
180 if (in == NULL)
181 {
182 BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER);
183 goto end;
184 }
185
186 if(b->flags & BIO_FLAGS_MEM_RDONLY) {
187 BIOerr(BIO_F_MEM_WRITE,BIO_R_WRITE_TO_READ_ONLY_BIO);
188 goto end;
189 }
190
191 BIO_clear_retry_flags(b);
192 blen=bm->length;
193 if (BUF_MEM_grow(bm,blen+inl) != (blen+inl))
194 goto end;
195 memcpy(&(bm->data[blen]),in,inl);
196 ret=inl;
197end:
198 return(ret);
199 }
200
201static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
202 {
203 long ret=1;
204 char **pptr;
205
206 BUF_MEM *bm=(BUF_MEM *)b->ptr;
207
208 switch (cmd)
209 {
210 case BIO_CTRL_RESET:
211 if (bm->data != NULL)
212 {
213 /* For read only case reset to the start again */
214 if(b->flags & BIO_FLAGS_MEM_RDONLY)
215 {
216 bm->data -= bm->max - bm->length;
217 bm->length = bm->max;
218 }
219 else
220 {
221 memset(bm->data,0,bm->max);
222 bm->length=0;
223 }
224 }
225 break;
226 case BIO_CTRL_EOF:
227 ret=(long)(bm->length == 0);
228 break;
229 case BIO_C_SET_BUF_MEM_EOF_RETURN:
230 b->num=(int)num;
231 break;
232 case BIO_CTRL_INFO:
233 ret=(long)bm->length;
234 if (ptr != NULL)
235 {
236 pptr=(char **)ptr;
237 *pptr=(char *)&(bm->data[0]);
238 }
239 break;
240 case BIO_C_SET_BUF_MEM:
241 mem_free(b);
242 b->shutdown=(int)num;
243 b->ptr=ptr;
244 break;
245 case BIO_C_GET_BUF_MEM_PTR:
246 if (ptr != NULL)
247 {
248 pptr=(char **)ptr;
249 *pptr=(char *)bm;
250 }
251 break;
252 case BIO_CTRL_GET_CLOSE:
253 ret=(long)b->shutdown;
254 break;
255 case BIO_CTRL_SET_CLOSE:
256 b->shutdown=(int)num;
257 break;
258
259 case BIO_CTRL_WPENDING:
260 ret=0L;
261 break;
262 case BIO_CTRL_PENDING:
263 ret=(long)bm->length;
264 break;
265 case BIO_CTRL_DUP:
266 case BIO_CTRL_FLUSH:
267 ret=1;
268 break;
269 case BIO_CTRL_PUSH:
270 case BIO_CTRL_POP:
271 default:
272 ret=0;
273 break;
274 }
275 return(ret);
276 }
277
278static int mem_gets(BIO *bp, char *buf, int size)
279 {
280 int i,j;
281 int ret= -1;
282 char *p;
283 BUF_MEM *bm=(BUF_MEM *)bp->ptr;
284
285 BIO_clear_retry_flags(bp);
286 j=bm->length;
287 if (j <= 0) return(0);
288 p=bm->data;
289 for (i=0; i<j; i++)
290 {
291 if (p[i] == '\n') break;
292 }
293 if (i == j)
294 {
295 BIO_set_retry_read(bp);
296 /* return(-1); change the semantics 0.6.6a */
297 }
298 else
299 i++;
300 /* i is the max to copy */
301 if ((size-1) < i) i=size-1;
302 i=mem_read(bp,buf,i);
303 if (i > 0) buf[i]='\0';
304 ret=i;
305 return(ret);
306 }
307
308static int mem_puts(BIO *bp, const char *str)
309 {
310 int n,ret;
311
312 n=strlen(str);
313 ret=mem_write(bp,str,n);
314 /* memory semantics is that it will always work */
315 return(ret);
316 }
317
diff --git a/src/lib/libcrypto/bio/bss_null.c b/src/lib/libcrypto/bio/bss_null.c
deleted file mode 100644
index 46b73339df..0000000000
--- a/src/lib/libcrypto/bio/bss_null.c
+++ /dev/null
@@ -1,150 +0,0 @@
1/* crypto/bio/bss_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/bio.h>
63
64static int null_write(BIO *h, const char *buf, int num);
65static int null_read(BIO *h, char *buf, int size);
66static int null_puts(BIO *h, const char *str);
67static int null_gets(BIO *h, char *str, int size);
68static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2);
69static int null_new(BIO *h);
70static int null_free(BIO *data);
71static BIO_METHOD null_method=
72 {
73 BIO_TYPE_NULL,
74 "NULL",
75 null_write,
76 null_read,
77 null_puts,
78 null_gets,
79 null_ctrl,
80 null_new,
81 null_free,
82 NULL,
83 };
84
85BIO_METHOD *BIO_s_null(void)
86 {
87 return(&null_method);
88 }
89
90static int null_new(BIO *bi)
91 {
92 bi->init=1;
93 bi->num=0;
94 bi->ptr=(NULL);
95 return(1);
96 }
97
98static int null_free(BIO *a)
99 {
100 if (a == NULL) return(0);
101 return(1);
102 }
103
104static int null_read(BIO *b, char *out, int outl)
105 {
106 return(0);
107 }
108
109static int null_write(BIO *b, const char *in, int inl)
110 {
111 return(inl);
112 }
113
114static long null_ctrl(BIO *b, int cmd, long num, void *ptr)
115 {
116 long ret=1;
117
118 switch (cmd)
119 {
120 case BIO_CTRL_RESET:
121 case BIO_CTRL_EOF:
122 case BIO_CTRL_SET:
123 case BIO_CTRL_SET_CLOSE:
124 case BIO_CTRL_FLUSH:
125 case BIO_CTRL_DUP:
126 ret=1;
127 break;
128 case BIO_CTRL_GET_CLOSE:
129 case BIO_CTRL_INFO:
130 case BIO_CTRL_GET:
131 case BIO_CTRL_PENDING:
132 case BIO_CTRL_WPENDING:
133 default:
134 ret=0;
135 break;
136 }
137 return(ret);
138 }
139
140static int null_gets(BIO *bp, char *buf, int size)
141 {
142 return(0);
143 }
144
145static int null_puts(BIO *bp, const char *str)
146 {
147 if (str == NULL) return(0);
148 return(strlen(str));
149 }
150
diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c
deleted file mode 100644
index 50c6744c06..0000000000
--- a/src/lib/libcrypto/bio/bss_sock.c
+++ /dev/null
@@ -1,424 +0,0 @@
1/* crypto/bio/bss_sock.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#if !defined(NO_SOCK) || defined(BIO_FD)
60
61#include <stdio.h>
62#include <errno.h>
63#define USE_SOCKETS
64#include "cryptlib.h"
65#include <openssl/bio.h>
66
67#ifndef BIO_FD
68static int sock_write(BIO *h, const char *buf, int num);
69static int sock_read(BIO *h, char *buf, int size);
70static int sock_puts(BIO *h, const char *str);
71static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2);
72static int sock_new(BIO *h);
73static int sock_free(BIO *data);
74int BIO_sock_should_retry(int s);
75#else
76
77static int fd_write(BIO *h, const char *buf, int num);
78static int fd_read(BIO *h, char *buf, int size);
79static int fd_puts(BIO *h, const char *str);
80static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
81static int fd_new(BIO *h);
82static int fd_free(BIO *data);
83int BIO_fd_should_retry(int s);
84#endif
85
86#ifndef BIO_FD
87static BIO_METHOD methods_sockp=
88 {
89 BIO_TYPE_SOCKET,
90 "socket",
91 sock_write,
92 sock_read,
93 sock_puts,
94 NULL, /* sock_gets, */
95 sock_ctrl,
96 sock_new,
97 sock_free,
98 NULL,
99 };
100
101BIO_METHOD *BIO_s_socket(void)
102 {
103 return(&methods_sockp);
104 }
105#else
106static BIO_METHOD methods_fdp=
107 {
108 BIO_TYPE_FD,"file descriptor",
109 fd_write,
110 fd_read,
111 fd_puts,
112 NULL, /* fd_gets, */
113 fd_ctrl,
114 fd_new,
115 fd_free,
116 NULL,
117 };
118
119BIO_METHOD *BIO_s_fd(void)
120 {
121 return(&methods_fdp);
122 }
123#endif
124
125#ifndef BIO_FD
126BIO *BIO_new_socket(int fd, int close_flag)
127#else
128BIO *BIO_new_fd(int fd,int close_flag)
129#endif
130 {
131 BIO *ret;
132
133#ifndef BIO_FD
134 ret=BIO_new(BIO_s_socket());
135#else
136 ret=BIO_new(BIO_s_fd());
137#endif
138 if (ret == NULL) return(NULL);
139 BIO_set_fd(ret,fd,close_flag);
140 return(ret);
141 }
142
143#ifndef BIO_FD
144static int sock_new(BIO *bi)
145#else
146static int fd_new(BIO *bi)
147#endif
148 {
149 bi->init=0;
150 bi->num=0;
151 bi->ptr=NULL;
152 bi->flags=0;
153 return(1);
154 }
155
156#ifndef BIO_FD
157static int sock_free(BIO *a)
158#else
159static int fd_free(BIO *a)
160#endif
161 {
162 if (a == NULL) return(0);
163 if (a->shutdown)
164 {
165 if (a->init)
166 {
167#ifndef BIO_FD
168 SHUTDOWN2(a->num);
169#else /* BIO_FD */
170 close(a->num);
171#endif
172
173 }
174 a->init=0;
175 a->flags=0;
176 }
177 return(1);
178 }
179
180#ifndef BIO_FD
181static int sock_read(BIO *b, char *out, int outl)
182#else
183static int fd_read(BIO *b, char *out,int outl)
184#endif
185 {
186 int ret=0;
187
188 if (out != NULL)
189 {
190#ifndef BIO_FD
191 clear_socket_error();
192 ret=readsocket(b->num,out,outl);
193#else
194 clear_sys_error();
195 ret=read(b->num,out,outl);
196#endif
197 BIO_clear_retry_flags(b);
198 if (ret <= 0)
199 {
200#ifndef BIO_FD
201 if (BIO_sock_should_retry(ret))
202#else
203 if (BIO_fd_should_retry(ret))
204#endif
205 BIO_set_retry_read(b);
206 }
207 }
208 return(ret);
209 }
210
211#ifndef BIO_FD
212static int sock_write(BIO *b, const char *in, int inl)
213#else
214static int fd_write(BIO *b, const char *in, int inl)
215#endif
216 {
217 int ret;
218
219#ifndef BIO_FD
220 clear_socket_error();
221 ret=writesocket(b->num,in,inl);
222#else
223 clear_sys_error();
224 ret=write(b->num,in,inl);
225#endif
226 BIO_clear_retry_flags(b);
227 if (ret <= 0)
228 {
229#ifndef BIO_FD
230 if (BIO_sock_should_retry(ret))
231#else
232 if (BIO_fd_should_retry(ret))
233#endif
234 BIO_set_retry_write(b);
235 }
236 return(ret);
237 }
238
239#ifndef BIO_FD
240static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
241#else
242static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
243#endif
244 {
245 long ret=1;
246 int *ip;
247
248 switch (cmd)
249 {
250 case BIO_CTRL_RESET:
251 num=0;
252 case BIO_C_FILE_SEEK:
253#ifdef BIO_FD
254 ret=(long)lseek(b->num,num,0);
255#else
256 ret=0;
257#endif
258 break;
259 case BIO_C_FILE_TELL:
260 case BIO_CTRL_INFO:
261#ifdef BIO_FD
262 ret=(long)lseek(b->num,0,1);
263#else
264 ret=0;
265#endif
266 break;
267 case BIO_C_SET_FD:
268#ifndef BIO_FD
269 sock_free(b);
270#else
271 fd_free(b);
272#endif
273 b->num= *((int *)ptr);
274 b->shutdown=(int)num;
275 b->init=1;
276 break;
277 case BIO_C_GET_FD:
278 if (b->init)
279 {
280 ip=(int *)ptr;
281 if (ip != NULL) *ip=b->num;
282 ret=b->num;
283 }
284 else
285 ret= -1;
286 break;
287 case BIO_CTRL_GET_CLOSE:
288 ret=b->shutdown;
289 break;
290 case BIO_CTRL_SET_CLOSE:
291 b->shutdown=(int)num;
292 break;
293 case BIO_CTRL_PENDING:
294 case BIO_CTRL_WPENDING:
295 ret=0;
296 break;
297 case BIO_CTRL_DUP:
298 case BIO_CTRL_FLUSH:
299 ret=1;
300 break;
301 default:
302 ret=0;
303 break;
304 }
305 return(ret);
306 }
307
308#ifdef undef
309static int sock_gets(BIO *bp, char *buf,int size)
310 {
311 return(-1);
312 }
313#endif
314
315#ifndef BIO_FD
316static int sock_puts(BIO *bp, const char *str)
317#else
318static int fd_puts(BIO *bp, const char *str)
319#endif
320 {
321 int n,ret;
322
323 n=strlen(str);
324#ifndef BIO_FD
325 ret=sock_write(bp,str,n);
326#else
327 ret=fd_write(bp,str,n);
328#endif
329 return(ret);
330 }
331
332#ifndef BIO_FD
333int BIO_sock_should_retry(int i)
334#else
335int BIO_fd_should_retry(int i)
336#endif
337 {
338 int err;
339
340 if ((i == 0) || (i == -1))
341 {
342#ifndef BIO_FD
343 err=get_last_socket_error();
344#else
345 err=get_last_sys_error();
346#endif
347
348#if defined(WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */
349 if ((i == -1) && (err == 0))
350 return(1);
351#endif
352
353#ifndef BIO_FD
354 return(BIO_sock_non_fatal_error(err));
355#else
356 return(BIO_fd_non_fatal_error(err));
357#endif
358 }
359 return(0);
360 }
361
362#ifndef BIO_FD
363int BIO_sock_non_fatal_error(int err)
364#else
365int BIO_fd_non_fatal_error(int err)
366#endif
367 {
368 switch (err)
369 {
370#if !defined(BIO_FD) && defined(WINDOWS)
371# if defined(WSAEWOULDBLOCK)
372 case WSAEWOULDBLOCK:
373# endif
374
375# if 0 /* This appears to always be an error */
376# if defined(WSAENOTCONN)
377 case WSAENOTCONN:
378# endif
379# endif
380#endif
381
382#ifdef EWOULDBLOCK
383# ifdef WSAEWOULDBLOCK
384# if WSAEWOULDBLOCK != EWOULDBLOCK
385 case EWOULDBLOCK:
386# endif
387# else
388 case EWOULDBLOCK:
389# endif
390#endif
391
392#if defined(ENOTCONN)
393 case ENOTCONN:
394#endif
395
396#ifdef EINTR
397 case EINTR:
398#endif
399
400#ifdef EAGAIN
401#if EWOULDBLOCK != EAGAIN
402 case EAGAIN:
403# endif
404#endif
405
406#ifdef EPROTO
407 case EPROTO:
408#endif
409
410#ifdef EINPROGRESS
411 case EINPROGRESS:
412#endif
413
414#ifdef EALREADY
415 case EALREADY:
416#endif
417 return(1);
418 /* break; */
419 default:
420 break;
421 }
422 return(0);
423 }
424#endif
diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl
deleted file mode 100644
index 5191bed273..0000000000
--- a/src/lib/libcrypto/bn/asm/bn-586.pl
+++ /dev/null
@@ -1,384 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5
6&asm_init($ARGV[0],$0);
7
8&bn_mul_add_words("bn_mul_add_words");
9&bn_mul_words("bn_mul_words");
10&bn_sqr_words("bn_sqr_words");
11&bn_div_words("bn_div_words");
12&bn_add_words("bn_add_words");
13&bn_sub_words("bn_sub_words");
14
15&asm_finish();
16
17sub bn_mul_add_words
18 {
19 local($name)=@_;
20
21 &function_begin($name,"");
22
23 &comment("");
24 $Low="eax";
25 $High="edx";
26 $a="ebx";
27 $w="ebp";
28 $r="edi";
29 $c="esi";
30
31 &xor($c,$c); # clear carry
32 &mov($r,&wparam(0)); #
33
34 &mov("ecx",&wparam(2)); #
35 &mov($a,&wparam(1)); #
36
37 &and("ecx",0xfffffff8); # num / 8
38 &mov($w,&wparam(3)); #
39
40 &push("ecx"); # Up the stack for a tmp variable
41
42 &jz(&label("maw_finish"));
43
44 &set_label("maw_loop",0);
45
46 &mov(&swtmp(0),"ecx"); #
47
48 for ($i=0; $i<32; $i+=4)
49 {
50 &comment("Round $i");
51
52 &mov("eax",&DWP($i,$a,"",0)); # *a
53 &mul($w); # *a * w
54 &add("eax",$c); # L(t)+= *r
55 &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
56 &adc("edx",0); # H(t)+=carry
57 &add("eax",$c); # L(t)+=c
58 &adc("edx",0); # H(t)+=carry
59 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
60 &mov($c,"edx"); # c= H(t);
61 }
62
63 &comment("");
64 &mov("ecx",&swtmp(0)); #
65 &add($a,32);
66 &add($r,32);
67 &sub("ecx",8);
68 &jnz(&label("maw_loop"));
69
70 &set_label("maw_finish",0);
71 &mov("ecx",&wparam(2)); # get num
72 &and("ecx",7);
73 &jnz(&label("maw_finish2")); # helps branch prediction
74 &jmp(&label("maw_end"));
75
76 &set_label("maw_finish2",1);
77 for ($i=0; $i<7; $i++)
78 {
79 &comment("Tail Round $i");
80 &mov("eax",&DWP($i*4,$a,"",0));# *a
81 &mul($w); # *a * w
82 &add("eax",$c); # L(t)+=c
83 &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
84 &adc("edx",0); # H(t)+=carry
85 &add("eax",$c);
86 &adc("edx",0); # H(t)+=carry
87 &dec("ecx") if ($i != 7-1);
88 &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
89 &mov($c,"edx"); # c= H(t);
90 &jz(&label("maw_end")) if ($i != 7-1);
91 }
92 &set_label("maw_end",0);
93 &mov("eax",$c);
94
95 &pop("ecx"); # clear variable from
96
97 &function_end($name);
98 }
99
100sub bn_mul_words
101 {
102 local($name)=@_;
103
104 &function_begin($name,"");
105
106 &comment("");
107 $Low="eax";
108 $High="edx";
109 $a="ebx";
110 $w="ecx";
111 $r="edi";
112 $c="esi";
113 $num="ebp";
114
115 &xor($c,$c); # clear carry
116 &mov($r,&wparam(0)); #
117 &mov($a,&wparam(1)); #
118 &mov($num,&wparam(2)); #
119 &mov($w,&wparam(3)); #
120
121 &and($num,0xfffffff8); # num / 8
122 &jz(&label("mw_finish"));
123
124 &set_label("mw_loop",0);
125 for ($i=0; $i<32; $i+=4)
126 {
127 &comment("Round $i");
128
129 &mov("eax",&DWP($i,$a,"",0)); # *a
130 &mul($w); # *a * w
131 &add("eax",$c); # L(t)+=c
132 # XXX
133
134 &adc("edx",0); # H(t)+=carry
135 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
136
137 &mov($c,"edx"); # c= H(t);
138 }
139
140 &comment("");
141 &add($a,32);
142 &add($r,32);
143 &sub($num,8);
144 &jz(&label("mw_finish"));
145 &jmp(&label("mw_loop"));
146
147 &set_label("mw_finish",0);
148 &mov($num,&wparam(2)); # get num
149 &and($num,7);
150 &jnz(&label("mw_finish2"));
151 &jmp(&label("mw_end"));
152
153 &set_label("mw_finish2",1);
154 for ($i=0; $i<7; $i++)
155 {
156 &comment("Tail Round $i");
157 &mov("eax",&DWP($i*4,$a,"",0));# *a
158 &mul($w); # *a * w
159 &add("eax",$c); # L(t)+=c
160 # XXX
161 &adc("edx",0); # H(t)+=carry
162 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
163 &mov($c,"edx"); # c= H(t);
164 &dec($num) if ($i != 7-1);
165 &jz(&label("mw_end")) if ($i != 7-1);
166 }
167 &set_label("mw_end",0);
168 &mov("eax",$c);
169
170 &function_end($name);
171 }
172
173sub bn_sqr_words
174 {
175 local($name)=@_;
176
177 &function_begin($name,"");
178
179 &comment("");
180 $r="esi";
181 $a="edi";
182 $num="ebx";
183
184 &mov($r,&wparam(0)); #
185 &mov($a,&wparam(1)); #
186 &mov($num,&wparam(2)); #
187
188 &and($num,0xfffffff8); # num / 8
189 &jz(&label("sw_finish"));
190
191 &set_label("sw_loop",0);
192 for ($i=0; $i<32; $i+=4)
193 {
194 &comment("Round $i");
195 &mov("eax",&DWP($i,$a,"",0)); # *a
196 # XXX
197 &mul("eax"); # *a * *a
198 &mov(&DWP($i*2,$r,"",0),"eax"); #
199 &mov(&DWP($i*2+4,$r,"",0),"edx");#
200 }
201
202 &comment("");
203 &add($a,32);
204 &add($r,64);
205 &sub($num,8);
206 &jnz(&label("sw_loop"));
207
208 &set_label("sw_finish",0);
209 &mov($num,&wparam(2)); # get num
210 &and($num,7);
211 &jz(&label("sw_end"));
212
213 for ($i=0; $i<7; $i++)
214 {
215 &comment("Tail Round $i");
216 &mov("eax",&DWP($i*4,$a,"",0)); # *a
217 # XXX
218 &mul("eax"); # *a * *a
219 &mov(&DWP($i*8,$r,"",0),"eax"); #
220 &dec($num) if ($i != 7-1);
221 &mov(&DWP($i*8+4,$r,"",0),"edx");
222 &jz(&label("sw_end")) if ($i != 7-1);
223 }
224 &set_label("sw_end",0);
225
226 &function_end($name);
227 }
228
229sub bn_div_words
230 {
231 local($name)=@_;
232
233 &function_begin($name,"");
234 &mov("edx",&wparam(0)); #
235 &mov("eax",&wparam(1)); #
236 &mov("ebx",&wparam(2)); #
237 &div("ebx");
238 &function_end($name);
239 }
240
241sub bn_add_words
242 {
243 local($name)=@_;
244
245 &function_begin($name,"");
246
247 &comment("");
248 $a="esi";
249 $b="edi";
250 $c="eax";
251 $r="ebx";
252 $tmp1="ecx";
253 $tmp2="edx";
254 $num="ebp";
255
256 &mov($r,&wparam(0)); # get r
257 &mov($a,&wparam(1)); # get a
258 &mov($b,&wparam(2)); # get b
259 &mov($num,&wparam(3)); # get num
260 &xor($c,$c); # clear carry
261 &and($num,0xfffffff8); # num / 8
262
263 &jz(&label("aw_finish"));
264
265 &set_label("aw_loop",0);
266 for ($i=0; $i<8; $i++)
267 {
268 &comment("Round $i");
269
270 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
271 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
272 &add($tmp1,$c);
273 &mov($c,0);
274 &adc($c,$c);
275 &add($tmp1,$tmp2);
276 &adc($c,0);
277 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
278 }
279
280 &comment("");
281 &add($a,32);
282 &add($b,32);
283 &add($r,32);
284 &sub($num,8);
285 &jnz(&label("aw_loop"));
286
287 &set_label("aw_finish",0);
288 &mov($num,&wparam(3)); # get num
289 &and($num,7);
290 &jz(&label("aw_end"));
291
292 for ($i=0; $i<7; $i++)
293 {
294 &comment("Tail Round $i");
295 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
296 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
297 &add($tmp1,$c);
298 &mov($c,0);
299 &adc($c,$c);
300 &add($tmp1,$tmp2);
301 &adc($c,0);
302 &dec($num) if ($i != 6);
303 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
304 &jz(&label("aw_end")) if ($i != 6);
305 }
306 &set_label("aw_end",0);
307
308# &mov("eax",$c); # $c is "eax"
309
310 &function_end($name);
311 }
312
313sub bn_sub_words
314 {
315 local($name)=@_;
316
317 &function_begin($name,"");
318
319 &comment("");
320 $a="esi";
321 $b="edi";
322 $c="eax";
323 $r="ebx";
324 $tmp1="ecx";
325 $tmp2="edx";
326 $num="ebp";
327
328 &mov($r,&wparam(0)); # get r
329 &mov($a,&wparam(1)); # get a
330 &mov($b,&wparam(2)); # get b
331 &mov($num,&wparam(3)); # get num
332 &xor($c,$c); # clear carry
333 &and($num,0xfffffff8); # num / 8
334
335 &jz(&label("aw_finish"));
336
337 &set_label("aw_loop",0);
338 for ($i=0; $i<8; $i++)
339 {
340 &comment("Round $i");
341
342 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
343 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
344 &sub($tmp1,$c);
345 &mov($c,0);
346 &adc($c,$c);
347 &sub($tmp1,$tmp2);
348 &adc($c,0);
349 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
350 }
351
352 &comment("");
353 &add($a,32);
354 &add($b,32);
355 &add($r,32);
356 &sub($num,8);
357 &jnz(&label("aw_loop"));
358
359 &set_label("aw_finish",0);
360 &mov($num,&wparam(3)); # get num
361 &and($num,7);
362 &jz(&label("aw_end"));
363
364 for ($i=0; $i<7; $i++)
365 {
366 &comment("Tail Round $i");
367 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
368 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
369 &sub($tmp1,$c);
370 &mov($c,0);
371 &adc($c,$c);
372 &sub($tmp1,$tmp2);
373 &adc($c,0);
374 &dec($num) if ($i != 6);
375 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
376 &jz(&label("aw_end")) if ($i != 6);
377 }
378 &set_label("aw_end",0);
379
380# &mov("eax",$c); # $c is "eax"
381
382 &function_end($name);
383 }
384
diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl
deleted file mode 100644
index 5d962cb957..0000000000
--- a/src/lib/libcrypto/bn/asm/co-586.pl
+++ /dev/null
@@ -1,286 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5
6&asm_init($ARGV[0],$0);
7
8&bn_mul_comba("bn_mul_comba8",8);
9&bn_mul_comba("bn_mul_comba4",4);
10&bn_sqr_comba("bn_sqr_comba8",8);
11&bn_sqr_comba("bn_sqr_comba4",4);
12
13&asm_finish();
14
15sub mul_add_c
16 {
17 local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
18
19 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
20 # words, and 1 if load return value
21
22 &comment("mul a[$ai]*b[$bi]");
23
24 # "eax" and "edx" will always be pre-loaded.
25 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
26 # &mov("edx",&DWP($bi*4,$b,"",0));
27
28 &mul("edx");
29 &add($c0,"eax");
30 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
31 &mov("eax",&wparam(0)) if $pos > 0; # load r[]
32 ###
33 &adc($c1,"edx");
34 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
35 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
36 ###
37 &adc($c2,0);
38 # is pos > 1, it means it is the last loop
39 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
40 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
41 }
42
43sub sqr_add_c
44 {
45 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
46
47 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
48 # words, and 1 if load return value
49
50 &comment("sqr a[$ai]*a[$bi]");
51
52 # "eax" and "edx" will always be pre-loaded.
53 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
54 # &mov("edx",&DWP($bi*4,$b,"",0));
55
56 if ($ai == $bi)
57 { &mul("eax");}
58 else
59 { &mul("edx");}
60 &add($c0,"eax");
61 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
62 ###
63 &adc($c1,"edx");
64 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
65 ###
66 &adc($c2,0);
67 # is pos > 1, it means it is the last loop
68 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
69 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
70 }
71
72sub sqr_add_c2
73 {
74 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
75
76 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
77 # words, and 1 if load return value
78
79 &comment("sqr a[$ai]*a[$bi]");
80
81 # "eax" and "edx" will always be pre-loaded.
82 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
83 # &mov("edx",&DWP($bi*4,$a,"",0));
84
85 if ($ai == $bi)
86 { &mul("eax");}
87 else
88 { &mul("edx");}
89 &add("eax","eax");
90 ###
91 &adc("edx","edx");
92 ###
93 &adc($c2,0);
94 &add($c0,"eax");
95 &adc($c1,"edx");
96 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
97 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
98 &adc($c2,0);
99 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
100 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
101 ###
102 }
103
104sub bn_mul_comba
105 {
106 local($name,$num)=@_;
107 local($a,$b,$c0,$c1,$c2);
108 local($i,$as,$ae,$bs,$be,$ai,$bi);
109 local($tot,$end);
110
111 &function_begin_B($name,"");
112
113 $c0="ebx";
114 $c1="ecx";
115 $c2="ebp";
116 $a="esi";
117 $b="edi";
118
119 $as=0;
120 $ae=0;
121 $bs=0;
122 $be=0;
123 $tot=$num+$num-1;
124
125 &push("esi");
126 &mov($a,&wparam(1));
127 &push("edi");
128 &mov($b,&wparam(2));
129 &push("ebp");
130 &push("ebx");
131
132 &xor($c0,$c0);
133 &mov("eax",&DWP(0,$a,"",0)); # load the first word
134 &xor($c1,$c1);
135 &mov("edx",&DWP(0,$b,"",0)); # load the first second
136
137 for ($i=0; $i<$tot; $i++)
138 {
139 $ai=$as;
140 $bi=$bs;
141 $end=$be+1;
142
143 &comment("################## Calculate word $i");
144
145 for ($j=$bs; $j<$end; $j++)
146 {
147 &xor($c2,$c2) if ($j == $bs);
148 if (($j+1) == $end)
149 {
150 $v=1;
151 $v=2 if (($i+1) == $tot);
152 }
153 else
154 { $v=0; }
155 if (($j+1) != $end)
156 {
157 $na=($ai-1);
158 $nb=($bi+1);
159 }
160 else
161 {
162 $na=$as+($i < ($num-1));
163 $nb=$bs+($i >= ($num-1));
164 }
165#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
166 &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
167 if ($v)
168 {
169 &comment("saved r[$i]");
170 # &mov("eax",&wparam(0));
171 # &mov(&DWP($i*4,"eax","",0),$c0);
172 ($c0,$c1,$c2)=($c1,$c2,$c0);
173 }
174 $ai--;
175 $bi++;
176 }
177 $as++ if ($i < ($num-1));
178 $ae++ if ($i >= ($num-1));
179
180 $bs++ if ($i >= ($num-1));
181 $be++ if ($i < ($num-1));
182 }
183 &comment("save r[$i]");
184 # &mov("eax",&wparam(0));
185 &mov(&DWP($i*4,"eax","",0),$c0);
186
187 &pop("ebx");
188 &pop("ebp");
189 &pop("edi");
190 &pop("esi");
191 &ret();
192 &function_end_B($name);
193 }
194
195sub bn_sqr_comba
196 {
197 local($name,$num)=@_;
198 local($r,$a,$c0,$c1,$c2)=@_;
199 local($i,$as,$ae,$bs,$be,$ai,$bi);
200 local($b,$tot,$end,$half);
201
202 &function_begin_B($name,"");
203
204 $c0="ebx";
205 $c1="ecx";
206 $c2="ebp";
207 $a="esi";
208 $r="edi";
209
210 &push("esi");
211 &push("edi");
212 &push("ebp");
213 &push("ebx");
214 &mov($r,&wparam(0));
215 &mov($a,&wparam(1));
216 &xor($c0,$c0);
217 &xor($c1,$c1);
218 &mov("eax",&DWP(0,$a,"",0)); # load the first word
219
220 $as=0;
221 $ae=0;
222 $bs=0;
223 $be=0;
224 $tot=$num+$num-1;
225
226 for ($i=0; $i<$tot; $i++)
227 {
228 $ai=$as;
229 $bi=$bs;
230 $end=$be+1;
231
232 &comment("############### Calculate word $i");
233 for ($j=$bs; $j<$end; $j++)
234 {
235 &xor($c2,$c2) if ($j == $bs);
236 if (($ai-1) < ($bi+1))
237 {
238 $v=1;
239 $v=2 if ($i+1) == $tot;
240 }
241 else
242 { $v=0; }
243 if (!$v)
244 {
245 $na=$ai-1;
246 $nb=$bi+1;
247 }
248 else
249 {
250 $na=$as+($i < ($num-1));
251 $nb=$bs+($i >= ($num-1));
252 }
253 if ($ai == $bi)
254 {
255 &sqr_add_c($r,$a,$ai,$bi,
256 $c0,$c1,$c2,$v,$i,$na,$nb);
257 }
258 else
259 {
260 &sqr_add_c2($r,$a,$ai,$bi,
261 $c0,$c1,$c2,$v,$i,$na,$nb);
262 }
263 if ($v)
264 {
265 &comment("saved r[$i]");
266 #&mov(&DWP($i*4,$r,"",0),$c0);
267 ($c0,$c1,$c2)=($c1,$c2,$c0);
268 last;
269 }
270 $ai--;
271 $bi++;
272 }
273 $as++ if ($i < ($num-1));
274 $ae++ if ($i >= ($num-1));
275
276 $bs++ if ($i >= ($num-1));
277 $be++ if ($i < ($num-1));
278 }
279 &mov(&DWP($i*4,$r,"",0),$c0);
280 &pop("ebx");
281 &pop("ebp");
282 &pop("edi");
283 &pop("esi");
284 &ret();
285 &function_end_B($name);
286 }
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2.s b/src/lib/libcrypto/bn/asm/pa-risc2.s
deleted file mode 100644
index af9730d062..0000000000
--- a/src/lib/libcrypto/bn/asm/pa-risc2.s
+++ /dev/null
@@ -1,1618 +0,0 @@
1;
2; PA-RISC 2.0 implementation of bn_asm code, based on the
3; 64-bit version of the code. This code is effectively the
4; same as the 64-bit version except the register model is
5; slightly different given all values must be 32-bit between
6; function calls. Thus the 64-bit return values are returned
7; in %ret0 and %ret1 vs just %ret0 as is done in 64-bit
8;
9;
10; This code is approximately 2x faster than the C version
11; for RSA/DSA.
12;
13; See http://devresource.hp.com/ for more details on the PA-RISC
14; architecture. Also see the book "PA-RISC 2.0 Architecture"
15; by Gerry Kane for information on the instruction set architecture.
16;
17; Code written by Chris Ruemmler (with some help from the HP C
18; compiler).
19;
20; The code compiles with HP's assembler
21;
22
23 .level 2.0N
24 .space $TEXT$
25 .subspa $CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
26
27;
28; Global Register definitions used for the routines.
29;
30; Some information about HP's runtime architecture for 32-bits.
31;
32; "Caller save" means the calling function must save the register
33; if it wants the register to be preserved.
34; "Callee save" means if a function uses the register, it must save
35; the value before using it.
36;
37; For the floating point registers
38;
39; "caller save" registers: fr4-fr11, fr22-fr31
40; "callee save" registers: fr12-fr21
41; "special" registers: fr0-fr3 (status and exception registers)
42;
43; For the integer registers
44; value zero : r0
45; "caller save" registers: r1,r19-r26
46; "callee save" registers: r3-r18
47; return register : r2 (rp)
48; return values ; r28,r29 (ret0,ret1)
49; Stack pointer ; r30 (sp)
50; millicode return ptr ; r31 (also a caller save register)
51
52
53;
54; Arguments to the routines
55;
56r_ptr .reg %r26
57a_ptr .reg %r25
58b_ptr .reg %r24
59num .reg %r24
60n .reg %r23
61
62;
63; Note that the "w" argument for bn_mul_add_words and bn_mul_words
64; is passed on the stack at a delta of -56 from the top of stack
65; as the routine is entered.
66;
67
68;
69; Globals used in some routines
70;
71
72top_overflow .reg %r23
73high_mask .reg %r22 ; value 0xffffffff80000000L
74
75
76;------------------------------------------------------------------------------
77;
78; bn_mul_add_words
79;
80;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr,
81; int num, BN_ULONG w)
82;
83; arg0 = r_ptr
84; arg1 = a_ptr
85; arg3 = num
86; -56(sp) = w
87;
88; Local register definitions
89;
90
91fm1 .reg %fr22
92fm .reg %fr23
93ht_temp .reg %fr24
94ht_temp_1 .reg %fr25
95lt_temp .reg %fr26
96lt_temp_1 .reg %fr27
97fm1_1 .reg %fr28
98fm_1 .reg %fr29
99
100fw_h .reg %fr7L
101fw_l .reg %fr7R
102fw .reg %fr7
103
104fht_0 .reg %fr8L
105flt_0 .reg %fr8R
106t_float_0 .reg %fr8
107
108fht_1 .reg %fr9L
109flt_1 .reg %fr9R
110t_float_1 .reg %fr9
111
112tmp_0 .reg %r31
113tmp_1 .reg %r21
114m_0 .reg %r20
115m_1 .reg %r19
116ht_0 .reg %r1
117ht_1 .reg %r3
118lt_0 .reg %r4
119lt_1 .reg %r5
120m1_0 .reg %r6
121m1_1 .reg %r7
122rp_val .reg %r8
123rp_val_1 .reg %r9
124
125bn_mul_add_words
126 .export bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
127 .proc
128 .callinfo frame=128
129 .entry
130 .align 64
131
132 STD %r3,0(%sp) ; save r3
133 STD %r4,8(%sp) ; save r4
134 NOP ; Needed to make the loop 16-byte aligned
135 NOP ; needed to make the loop 16-byte aligned
136
137 STD %r5,16(%sp) ; save r5
138 NOP
139 STD %r6,24(%sp) ; save r6
140 STD %r7,32(%sp) ; save r7
141
142 STD %r8,40(%sp) ; save r8
143 STD %r9,48(%sp) ; save r9
144 COPY %r0,%ret1 ; return 0 by default
145 DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
146
147 CMPIB,>= 0,num,bn_mul_add_words_exit ; if (num <= 0) then exit
148 LDO 128(%sp),%sp ; bump stack
149
150 ;
151 ; The loop is unrolled twice, so if there is only 1 number
152 ; then go straight to the cleanup code.
153 ;
154 CMPIB,= 1,num,bn_mul_add_words_single_top
155 FLDD -184(%sp),fw ; (-56-128) load up w into fw (fw_h/fw_l)
156
157 ;
158 ; This loop is unrolled 2 times (64-byte aligned as well)
159 ;
160 ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
161 ; two 32-bit mutiplies can be issued per cycle.
162 ;
163bn_mul_add_words_unroll2
164
165 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
166 FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
167 LDD 0(r_ptr),rp_val ; rp[0]
168 LDD 8(r_ptr),rp_val_1 ; rp[1]
169
170 XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
171 XMPYU fht_1,fw_l,fm1_1 ; m1[1] = fht_1*fw_l
172 FSTD fm1,-16(%sp) ; -16(sp) = m1[0]
173 FSTD fm1_1,-48(%sp) ; -48(sp) = m1[1]
174
175 XMPYU flt_0,fw_h,fm ; m[0] = flt_0*fw_h
176 XMPYU flt_1,fw_h,fm_1 ; m[1] = flt_1*fw_h
177 FSTD fm,-8(%sp) ; -8(sp) = m[0]
178 FSTD fm_1,-40(%sp) ; -40(sp) = m[1]
179
180 XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
181 XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp_1 = fht_1*fw_h
182 FSTD ht_temp,-24(%sp) ; -24(sp) = ht_temp
183 FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht_temp_1
184
185 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
186 XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
187 FSTD lt_temp,-32(%sp) ; -32(sp) = lt_temp
188 FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt_temp_1
189
190 LDD -8(%sp),m_0 ; m[0]
191 LDD -40(%sp),m_1 ; m[1]
192 LDD -16(%sp),m1_0 ; m1[0]
193 LDD -48(%sp),m1_1 ; m1[1]
194
195 LDD -24(%sp),ht_0 ; ht[0]
196 LDD -56(%sp),ht_1 ; ht[1]
197 ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m[0] + m1[0];
198 ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m[1] + m1[1];
199
200 LDD -32(%sp),lt_0
201 LDD -64(%sp),lt_1
202 CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m[0] < m1[0])
203 ADD,L ht_0,top_overflow,ht_0 ; ht[0] += (1<<32)
204
205 CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m[1] < m1[1])
206 ADD,L ht_1,top_overflow,ht_1 ; ht[1] += (1<<32)
207 EXTRD,U tmp_0,31,32,m_0 ; m[0]>>32
208 DEPD,Z tmp_0,31,32,m1_0 ; m1[0] = m[0]<<32
209
210 EXTRD,U tmp_1,31,32,m_1 ; m[1]>>32
211 DEPD,Z tmp_1,31,32,m1_1 ; m1[1] = m[1]<<32
212 ADD,L ht_0,m_0,ht_0 ; ht[0]+= (m[0]>>32)
213 ADD,L ht_1,m_1,ht_1 ; ht[1]+= (m[1]>>32)
214
215 ADD lt_0,m1_0,lt_0 ; lt[0] = lt[0]+m1[0];
216 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
217 ADD lt_1,m1_1,lt_1 ; lt[1] = lt[1]+m1[1];
218 ADD,DC ht_1,%r0,ht_1 ; ht[1]++
219
220 ADD %ret1,lt_0,lt_0 ; lt[0] = lt[0] + c;
221 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
222 ADD lt_0,rp_val,lt_0 ; lt[0] = lt[0]+rp[0]
223 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
224
225 LDO -2(num),num ; num = num - 2;
226 ADD ht_0,lt_1,lt_1 ; lt[1] = lt[1] + ht_0 (c);
227 ADD,DC ht_1,%r0,ht_1 ; ht[1]++
228 STD lt_0,0(r_ptr) ; rp[0] = lt[0]
229
230 ADD lt_1,rp_val_1,lt_1 ; lt[1] = lt[1]+rp[1]
231 ADD,DC ht_1,%r0,%ret1 ; ht[1]++
232 LDO 16(a_ptr),a_ptr ; a_ptr += 2
233
234 STD lt_1,8(r_ptr) ; rp[1] = lt[1]
235 CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
236 LDO 16(r_ptr),r_ptr ; r_ptr += 2
237
238 CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
239
240 ;
241 ; Top of loop aligned on 64-byte boundary
242 ;
243bn_mul_add_words_single_top
244 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
245 LDD 0(r_ptr),rp_val ; rp[0]
246 LDO 8(a_ptr),a_ptr ; a_ptr++
247 XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
248 FSTD fm1,-16(%sp) ; -16(sp) = m1
249 XMPYU flt_0,fw_h,fm ; m = lt*fw_h
250 FSTD fm,-8(%sp) ; -8(sp) = m
251 XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
252 FSTD ht_temp,-24(%sp) ; -24(sp) = ht
253 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
254 FSTD lt_temp,-32(%sp) ; -32(sp) = lt
255
256 LDD -8(%sp),m_0
257 LDD -16(%sp),m1_0 ; m1 = temp1
258 ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
259 LDD -24(%sp),ht_0
260 LDD -32(%sp),lt_0
261
262 CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
263 ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
264
265 EXTRD,U tmp_0,31,32,m_0 ; m>>32
266 DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
267
268 ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
269 ADD lt_0,m1_0,tmp_0 ; tmp_0 = lt+m1;
270 ADD,DC ht_0,%r0,ht_0 ; ht++
271 ADD %ret1,tmp_0,lt_0 ; lt = lt + c;
272 ADD,DC ht_0,%r0,ht_0 ; ht++
273 ADD lt_0,rp_val,lt_0 ; lt = lt+rp[0]
274 ADD,DC ht_0,%r0,%ret1 ; ht++
275 STD lt_0,0(r_ptr) ; rp[0] = lt
276
277bn_mul_add_words_exit
278 .EXIT
279
280 EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
281 LDD -80(%sp),%r9 ; restore r9
282 LDD -88(%sp),%r8 ; restore r8
283 LDD -96(%sp),%r7 ; restore r7
284 LDD -104(%sp),%r6 ; restore r6
285 LDD -112(%sp),%r5 ; restore r5
286 LDD -120(%sp),%r4 ; restore r4
287 BVE (%rp)
288 LDD,MB -128(%sp),%r3 ; restore r3
289 .PROCEND ;in=23,24,25,26,29;out=28;
290
291;----------------------------------------------------------------------------
292;
293;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
294;
295; arg0 = rp
296; arg1 = ap
297; arg3 = num
298; w on stack at -56(sp)
299
300bn_mul_words
301 .proc
302 .callinfo frame=128
303 .entry
304 .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
305 .align 64
306
307 STD %r3,0(%sp) ; save r3
308 STD %r4,8(%sp) ; save r4
309 NOP
310 STD %r5,16(%sp) ; save r5
311
312 STD %r6,24(%sp) ; save r6
313 STD %r7,32(%sp) ; save r7
314 COPY %r0,%ret1 ; return 0 by default
315 DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
316
317 CMPIB,>= 0,num,bn_mul_words_exit
318 LDO 128(%sp),%sp ; bump stack
319
320 ;
321 ; See if only 1 word to do, thus just do cleanup
322 ;
323 CMPIB,= 1,num,bn_mul_words_single_top
324 FLDD -184(%sp),fw ; (-56-128) load up w into fw (fw_h/fw_l)
325
326 ;
327 ; This loop is unrolled 2 times (64-byte aligned as well)
328 ;
329 ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
330 ; two 32-bit mutiplies can be issued per cycle.
331 ;
332bn_mul_words_unroll2
333
334 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
335 FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
336 XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
337 XMPYU fht_1,fw_l,fm1_1 ; m1[1] = ht*fw_l
338
339 FSTD fm1,-16(%sp) ; -16(sp) = m1
340 FSTD fm1_1,-48(%sp) ; -48(sp) = m1
341 XMPYU flt_0,fw_h,fm ; m = lt*fw_h
342 XMPYU flt_1,fw_h,fm_1 ; m = lt*fw_h
343
344 FSTD fm,-8(%sp) ; -8(sp) = m
345 FSTD fm_1,-40(%sp) ; -40(sp) = m
346 XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
347 XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp = ht*fw_h
348
349 FSTD ht_temp,-24(%sp) ; -24(sp) = ht
350 FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht
351 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
352 XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
353
354 FSTD lt_temp,-32(%sp) ; -32(sp) = lt
355 FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt
356 LDD -8(%sp),m_0
357 LDD -40(%sp),m_1
358
359 LDD -16(%sp),m1_0
360 LDD -48(%sp),m1_1
361 LDD -24(%sp),ht_0
362 LDD -56(%sp),ht_1
363
364 ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m + m1;
365 ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m + m1;
366 LDD -32(%sp),lt_0
367 LDD -64(%sp),lt_1
368
369 CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m < m1)
370 ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
371 CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m < m1)
372 ADD,L ht_1,top_overflow,ht_1 ; ht += (1<<32)
373
374 EXTRD,U tmp_0,31,32,m_0 ; m>>32
375 DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
376 EXTRD,U tmp_1,31,32,m_1 ; m>>32
377 DEPD,Z tmp_1,31,32,m1_1 ; m1 = m<<32
378
379 ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
380 ADD,L ht_1,m_1,ht_1 ; ht+= (m>>32)
381 ADD lt_0,m1_0,lt_0 ; lt = lt+m1;
382 ADD,DC ht_0,%r0,ht_0 ; ht++
383
384 ADD lt_1,m1_1,lt_1 ; lt = lt+m1;
385 ADD,DC ht_1,%r0,ht_1 ; ht++
386 ADD %ret1,lt_0,lt_0 ; lt = lt + c (ret1);
387 ADD,DC ht_0,%r0,ht_0 ; ht++
388
389 ADD ht_0,lt_1,lt_1 ; lt = lt + c (ht_0)
390 ADD,DC ht_1,%r0,ht_1 ; ht++
391 STD lt_0,0(r_ptr) ; rp[0] = lt
392 STD lt_1,8(r_ptr) ; rp[1] = lt
393
394 COPY ht_1,%ret1 ; carry = ht
395 LDO -2(num),num ; num = num - 2;
396 LDO 16(a_ptr),a_ptr ; ap += 2
397 CMPIB,<= 2,num,bn_mul_words_unroll2
398 LDO 16(r_ptr),r_ptr ; rp++
399
400 CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
401
402 ;
403 ; Top of loop aligned on 64-byte boundary
404 ;
405bn_mul_words_single_top
406 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
407
408 XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
409 FSTD fm1,-16(%sp) ; -16(sp) = m1
410 XMPYU flt_0,fw_h,fm ; m = lt*fw_h
411 FSTD fm,-8(%sp) ; -8(sp) = m
412 XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
413 FSTD ht_temp,-24(%sp) ; -24(sp) = ht
414 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
415 FSTD lt_temp,-32(%sp) ; -32(sp) = lt
416
417 LDD -8(%sp),m_0
418 LDD -16(%sp),m1_0
419 ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
420 LDD -24(%sp),ht_0
421 LDD -32(%sp),lt_0
422
423 CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
424 ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
425
426 EXTRD,U tmp_0,31,32,m_0 ; m>>32
427 DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
428
429 ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
430 ADD lt_0,m1_0,lt_0 ; lt= lt+m1;
431 ADD,DC ht_0,%r0,ht_0 ; ht++
432
433 ADD %ret1,lt_0,lt_0 ; lt = lt + c;
434 ADD,DC ht_0,%r0,ht_0 ; ht++
435
436 COPY ht_0,%ret1 ; copy carry
437 STD lt_0,0(r_ptr) ; rp[0] = lt
438
439bn_mul_words_exit
440 .EXIT
441 EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
442 LDD -96(%sp),%r7 ; restore r7
443 LDD -104(%sp),%r6 ; restore r6
444 LDD -112(%sp),%r5 ; restore r5
445 LDD -120(%sp),%r4 ; restore r4
446 BVE (%rp)
447 LDD,MB -128(%sp),%r3 ; restore r3
448 .PROCEND
449
450;----------------------------------------------------------------------------
451;
452;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
453;
454; arg0 = rp
455; arg1 = ap
456; arg2 = num
457;
458
459bn_sqr_words
460 .proc
461 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
462 .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
463 .entry
464 .align 64
465
466 STD %r3,0(%sp) ; save r3
467 STD %r4,8(%sp) ; save r4
468 NOP
469 STD %r5,16(%sp) ; save r5
470
471 CMPIB,>= 0,num,bn_sqr_words_exit
472 LDO 128(%sp),%sp ; bump stack
473
474 ;
475 ; If only 1, the goto straight to cleanup
476 ;
477 CMPIB,= 1,num,bn_sqr_words_single_top
478 DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
479
480 ;
481 ; This loop is unrolled 2 times (64-byte aligned as well)
482 ;
483
484bn_sqr_words_unroll2
485 FLDD 0(a_ptr),t_float_0 ; a[0]
486 FLDD 8(a_ptr),t_float_1 ; a[1]
487 XMPYU fht_0,flt_0,fm ; m[0]
488 XMPYU fht_1,flt_1,fm_1 ; m[1]
489
490 FSTD fm,-24(%sp) ; store m[0]
491 FSTD fm_1,-56(%sp) ; store m[1]
492 XMPYU flt_0,flt_0,lt_temp ; lt[0]
493 XMPYU flt_1,flt_1,lt_temp_1 ; lt[1]
494
495 FSTD lt_temp,-16(%sp) ; store lt[0]
496 FSTD lt_temp_1,-48(%sp) ; store lt[1]
497 XMPYU fht_0,fht_0,ht_temp ; ht[0]
498 XMPYU fht_1,fht_1,ht_temp_1 ; ht[1]
499
500 FSTD ht_temp,-8(%sp) ; store ht[0]
501 FSTD ht_temp_1,-40(%sp) ; store ht[1]
502 LDD -24(%sp),m_0
503 LDD -56(%sp),m_1
504
505 AND m_0,high_mask,tmp_0 ; m[0] & Mask
506 AND m_1,high_mask,tmp_1 ; m[1] & Mask
507 DEPD,Z m_0,30,31,m_0 ; m[0] << 32+1
508 DEPD,Z m_1,30,31,m_1 ; m[1] << 32+1
509
510 LDD -16(%sp),lt_0
511 LDD -48(%sp),lt_1
512 EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m[0]&Mask >> 32-1
513 EXTRD,U tmp_1,32,33,tmp_1 ; tmp_1 = m[1]&Mask >> 32-1
514
515 LDD -8(%sp),ht_0
516 LDD -40(%sp),ht_1
517 ADD,L ht_0,tmp_0,ht_0 ; ht[0] += tmp_0
518 ADD,L ht_1,tmp_1,ht_1 ; ht[1] += tmp_1
519
520 ADD lt_0,m_0,lt_0 ; lt = lt+m
521 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
522 STD lt_0,0(r_ptr) ; rp[0] = lt[0]
523 STD ht_0,8(r_ptr) ; rp[1] = ht[1]
524
525 ADD lt_1,m_1,lt_1 ; lt = lt+m
526 ADD,DC ht_1,%r0,ht_1 ; ht[1]++
527 STD lt_1,16(r_ptr) ; rp[2] = lt[1]
528 STD ht_1,24(r_ptr) ; rp[3] = ht[1]
529
530 LDO -2(num),num ; num = num - 2;
531 LDO 16(a_ptr),a_ptr ; ap += 2
532 CMPIB,<= 2,num,bn_sqr_words_unroll2
533 LDO 32(r_ptr),r_ptr ; rp += 4
534
535 CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
536
537 ;
538 ; Top of loop aligned on 64-byte boundary
539 ;
540bn_sqr_words_single_top
541 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
542
543 XMPYU fht_0,flt_0,fm ; m
544 FSTD fm,-24(%sp) ; store m
545
546 XMPYU flt_0,flt_0,lt_temp ; lt
547 FSTD lt_temp,-16(%sp) ; store lt
548
549 XMPYU fht_0,fht_0,ht_temp ; ht
550 FSTD ht_temp,-8(%sp) ; store ht
551
552 LDD -24(%sp),m_0 ; load m
553 AND m_0,high_mask,tmp_0 ; m & Mask
554 DEPD,Z m_0,30,31,m_0 ; m << 32+1
555 LDD -16(%sp),lt_0 ; lt
556
557 LDD -8(%sp),ht_0 ; ht
558 EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m&Mask >> 32-1
559 ADD m_0,lt_0,lt_0 ; lt = lt+m
560 ADD,L ht_0,tmp_0,ht_0 ; ht += tmp_0
561 ADD,DC ht_0,%r0,ht_0 ; ht++
562
563 STD lt_0,0(r_ptr) ; rp[0] = lt
564 STD ht_0,8(r_ptr) ; rp[1] = ht
565
566bn_sqr_words_exit
567 .EXIT
568 LDD -112(%sp),%r5 ; restore r5
569 LDD -120(%sp),%r4 ; restore r4
570 BVE (%rp)
571 LDD,MB -128(%sp),%r3
572 .PROCEND ;in=23,24,25,26,29;out=28;
573
574
575;----------------------------------------------------------------------------
576;
577;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
578;
579; arg0 = rp
580; arg1 = ap
581; arg2 = bp
582; arg3 = n
583
584t .reg %r22
585b .reg %r21
586l .reg %r20
587
588bn_add_words
589 .proc
590 .entry
591 .callinfo
592 .EXPORT bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
593 .align 64
594
595 CMPIB,>= 0,n,bn_add_words_exit
596 COPY %r0,%ret1 ; return 0 by default
597
598 ;
599 ; If 2 or more numbers do the loop
600 ;
601 CMPIB,= 1,n,bn_add_words_single_top
602 NOP
603
604 ;
605 ; This loop is unrolled 2 times (64-byte aligned as well)
606 ;
607bn_add_words_unroll2
608 LDD 0(a_ptr),t
609 LDD 0(b_ptr),b
610 ADD t,%ret1,t ; t = t+c;
611 ADD,DC %r0,%r0,%ret1 ; set c to carry
612 ADD t,b,l ; l = t + b[0]
613 ADD,DC %ret1,%r0,%ret1 ; c+= carry
614 STD l,0(r_ptr)
615
616 LDD 8(a_ptr),t
617 LDD 8(b_ptr),b
618 ADD t,%ret1,t ; t = t+c;
619 ADD,DC %r0,%r0,%ret1 ; set c to carry
620 ADD t,b,l ; l = t + b[0]
621 ADD,DC %ret1,%r0,%ret1 ; c+= carry
622 STD l,8(r_ptr)
623
624 LDO -2(n),n
625 LDO 16(a_ptr),a_ptr
626 LDO 16(b_ptr),b_ptr
627
628 CMPIB,<= 2,n,bn_add_words_unroll2
629 LDO 16(r_ptr),r_ptr
630
631 CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
632
633bn_add_words_single_top
634 LDD 0(a_ptr),t
635 LDD 0(b_ptr),b
636
637 ADD t,%ret1,t ; t = t+c;
638 ADD,DC %r0,%r0,%ret1 ; set c to carry (could use CMPCLR??)
639 ADD t,b,l ; l = t + b[0]
640 ADD,DC %ret1,%r0,%ret1 ; c+= carry
641 STD l,0(r_ptr)
642
643bn_add_words_exit
644 .EXIT
645 BVE (%rp)
646 EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
647 .PROCEND ;in=23,24,25,26,29;out=28;
648
649;----------------------------------------------------------------------------
650;
651;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
652;
653; arg0 = rp
654; arg1 = ap
655; arg2 = bp
656; arg3 = n
657
658t1 .reg %r22
659t2 .reg %r21
660sub_tmp1 .reg %r20
661sub_tmp2 .reg %r19
662
663
664bn_sub_words
665 .proc
666 .callinfo
667 .EXPORT bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
668 .entry
669 .align 64
670
671 CMPIB,>= 0,n,bn_sub_words_exit
672 COPY %r0,%ret1 ; return 0 by default
673
674 ;
675 ; If 2 or more numbers do the loop
676 ;
677 CMPIB,= 1,n,bn_sub_words_single_top
678 NOP
679
680 ;
681 ; This loop is unrolled 2 times (64-byte aligned as well)
682 ;
683bn_sub_words_unroll2
684 LDD 0(a_ptr),t1
685 LDD 0(b_ptr),t2
686 SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
687 SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c;
688
689 CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
690 LDO 1(%r0),sub_tmp2
691
692 CMPCLR,*= t1,t2,%r0
693 COPY sub_tmp2,%ret1
694 STD sub_tmp1,0(r_ptr)
695
696 LDD 8(a_ptr),t1
697 LDD 8(b_ptr),t2
698 SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
699 SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c;
700 CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
701 LDO 1(%r0),sub_tmp2
702
703 CMPCLR,*= t1,t2,%r0
704 COPY sub_tmp2,%ret1
705 STD sub_tmp1,8(r_ptr)
706
707 LDO -2(n),n
708 LDO 16(a_ptr),a_ptr
709 LDO 16(b_ptr),b_ptr
710
711 CMPIB,<= 2,n,bn_sub_words_unroll2
712 LDO 16(r_ptr),r_ptr
713
714 CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
715
716bn_sub_words_single_top
717 LDD 0(a_ptr),t1
718 LDD 0(b_ptr),t2
719 SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
720 SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c;
721 CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
722 LDO 1(%r0),sub_tmp2
723
724 CMPCLR,*= t1,t2,%r0
725 COPY sub_tmp2,%ret1
726
727 STD sub_tmp1,0(r_ptr)
728
729bn_sub_words_exit
730 .EXIT
731 BVE (%rp)
732 EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
733 .PROCEND ;in=23,24,25,26,29;out=28;
734
735;------------------------------------------------------------------------------
736;
737; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
738;
739; arg0 = h
740; arg1 = l
741; arg2 = d
742;
743; This is mainly just output from the HP C compiler.
744;
745;------------------------------------------------------------------------------
746bn_div_words
747 .PROC
748 .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN
749 .IMPORT BN_num_bits_word,CODE
750 .IMPORT __iob,DATA
751 .IMPORT fprintf,CODE
752 .IMPORT abort,CODE
753 .IMPORT $$div2U,MILLICODE
754 .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
755 .ENTRY
756 STW %r2,-20(%r30) ;offset 0x8ec
757 STW,MA %r3,192(%r30) ;offset 0x8f0
758 STW %r4,-188(%r30) ;offset 0x8f4
759 DEPD %r5,31,32,%r6 ;offset 0x8f8
760 STD %r6,-184(%r30) ;offset 0x8fc
761 DEPD %r7,31,32,%r8 ;offset 0x900
762 STD %r8,-176(%r30) ;offset 0x904
763 STW %r9,-168(%r30) ;offset 0x908
764 LDD -248(%r30),%r3 ;offset 0x90c
765 COPY %r26,%r4 ;offset 0x910
766 COPY %r24,%r5 ;offset 0x914
767 DEPD %r25,31,32,%r4 ;offset 0x918
768 CMPB,*<> %r3,%r0,$0006000C ;offset 0x91c
769 DEPD %r23,31,32,%r5 ;offset 0x920
770 MOVIB,TR -1,%r29,$00060002 ;offset 0x924
771 EXTRD,U %r29,31,32,%r28 ;offset 0x928
772$0006002A
773 LDO -1(%r29),%r29 ;offset 0x92c
774 SUB %r23,%r7,%r23 ;offset 0x930
775$00060024
776 SUB %r4,%r31,%r25 ;offset 0x934
777 AND %r25,%r19,%r26 ;offset 0x938
778 CMPB,*<>,N %r0,%r26,$00060046 ;offset 0x93c
779 DEPD,Z %r25,31,32,%r20 ;offset 0x940
780 OR %r20,%r24,%r21 ;offset 0x944
781 CMPB,*<<,N %r21,%r23,$0006002A ;offset 0x948
782 SUB %r31,%r2,%r31 ;offset 0x94c
783$00060046
784$0006002E
785 DEPD,Z %r23,31,32,%r25 ;offset 0x950
786 EXTRD,U %r23,31,32,%r26 ;offset 0x954
787 AND %r25,%r19,%r24 ;offset 0x958
788 ADD,L %r31,%r26,%r31 ;offset 0x95c
789 CMPCLR,*>>= %r5,%r24,%r0 ;offset 0x960
790 LDO 1(%r31),%r31 ;offset 0x964
791$00060032
792 CMPB,*<<=,N %r31,%r4,$00060036 ;offset 0x968
793 LDO -1(%r29),%r29 ;offset 0x96c
794 ADD,L %r4,%r3,%r4 ;offset 0x970
795$00060036
796 ADDIB,=,N -1,%r8,$D0 ;offset 0x974
797 SUB %r5,%r24,%r28 ;offset 0x978
798$0006003A
799 SUB %r4,%r31,%r24 ;offset 0x97c
800 SHRPD %r24,%r28,32,%r4 ;offset 0x980
801 DEPD,Z %r29,31,32,%r9 ;offset 0x984
802 DEPD,Z %r28,31,32,%r5 ;offset 0x988
803$0006001C
804 EXTRD,U %r4,31,32,%r31 ;offset 0x98c
805 CMPB,*<>,N %r31,%r2,$00060020 ;offset 0x990
806 MOVB,TR %r6,%r29,$D1 ;offset 0x994
807 STD %r29,-152(%r30) ;offset 0x998
808$0006000C
809 EXTRD,U %r3,31,32,%r25 ;offset 0x99c
810 COPY %r3,%r26 ;offset 0x9a0
811 EXTRD,U %r3,31,32,%r9 ;offset 0x9a4
812 EXTRD,U %r4,31,32,%r8 ;offset 0x9a8
813 .CALL ARGW0=GR,ARGW1=GR,RTNVAL=GR ;in=25,26;out=28;
814 B,L BN_num_bits_word,%r2 ;offset 0x9ac
815 EXTRD,U %r5,31,32,%r7 ;offset 0x9b0
816 LDI 64,%r20 ;offset 0x9b4
817 DEPD %r7,31,32,%r5 ;offset 0x9b8
818 DEPD %r8,31,32,%r4 ;offset 0x9bc
819 DEPD %r9,31,32,%r3 ;offset 0x9c0
820 CMPB,= %r28,%r20,$00060012 ;offset 0x9c4
821 COPY %r28,%r24 ;offset 0x9c8
822 MTSARCM %r24 ;offset 0x9cc
823 DEPDI,Z -1,%sar,1,%r19 ;offset 0x9d0
824 CMPB,*>>,N %r4,%r19,$D2 ;offset 0x9d4
825$00060012
826 SUBI 64,%r24,%r31 ;offset 0x9d8
827 CMPCLR,*<< %r4,%r3,%r0 ;offset 0x9dc
828 SUB %r4,%r3,%r4 ;offset 0x9e0
829$00060016
830 CMPB,= %r31,%r0,$0006001A ;offset 0x9e4
831 COPY %r0,%r9 ;offset 0x9e8
832 MTSARCM %r31 ;offset 0x9ec
833 DEPD,Z %r3,%sar,64,%r3 ;offset 0x9f0
834 SUBI 64,%r31,%r26 ;offset 0x9f4
835 MTSAR %r26 ;offset 0x9f8
836 SHRPD %r4,%r5,%sar,%r4 ;offset 0x9fc
837 MTSARCM %r31 ;offset 0xa00
838 DEPD,Z %r5,%sar,64,%r5 ;offset 0xa04
839$0006001A
840 DEPDI,Z -1,31,32,%r19 ;offset 0xa08
841 AND %r3,%r19,%r29 ;offset 0xa0c
842 EXTRD,U %r29,31,32,%r2 ;offset 0xa10
843 DEPDI,Z -1,63,32,%r6 ;offset 0xa14
844 MOVIB,TR 2,%r8,$0006001C ;offset 0xa18
845 EXTRD,U %r3,63,32,%r7 ;offset 0xa1c
846$D2
847 ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20
848 LDIL LR'C$7,%r21 ;offset 0xa24
849 LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28
850 .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28;
851 B,L fprintf,%r2 ;offset 0xa2c
852 LDO RR'C$7(%r21),%r25 ;offset 0xa30
853 .CALL ;
854 B,L abort,%r2 ;offset 0xa34
855 NOP ;offset 0xa38
856 B $D3 ;offset 0xa3c
857 LDW -212(%r30),%r2 ;offset 0xa40
858$00060020
859 COPY %r4,%r26 ;offset 0xa44
860 EXTRD,U %r4,31,32,%r25 ;offset 0xa48
861 COPY %r2,%r24 ;offset 0xa4c
862 .CALL ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
863 B,L $$div2U,%r31 ;offset 0xa50
864 EXTRD,U %r2,31,32,%r23 ;offset 0xa54
865 DEPD %r28,31,32,%r29 ;offset 0xa58
866$00060022
867 STD %r29,-152(%r30) ;offset 0xa5c
868$D1
869 AND %r5,%r19,%r24 ;offset 0xa60
870 EXTRD,U %r24,31,32,%r24 ;offset 0xa64
871 STW %r2,-160(%r30) ;offset 0xa68
872 STW %r7,-128(%r30) ;offset 0xa6c
873 FLDD -152(%r30),%fr4 ;offset 0xa70
874 FLDD -152(%r30),%fr7 ;offset 0xa74
875 FLDW -160(%r30),%fr8L ;offset 0xa78
876 FLDW -128(%r30),%fr5L ;offset 0xa7c
877 XMPYU %fr8L,%fr7L,%fr10 ;offset 0xa80
878 FSTD %fr10,-136(%r30) ;offset 0xa84
879 XMPYU %fr8L,%fr7R,%fr22 ;offset 0xa88
880 FSTD %fr22,-144(%r30) ;offset 0xa8c
881 XMPYU %fr5L,%fr4L,%fr11 ;offset 0xa90
882 XMPYU %fr5L,%fr4R,%fr23 ;offset 0xa94
883 FSTD %fr11,-112(%r30) ;offset 0xa98
884 FSTD %fr23,-120(%r30) ;offset 0xa9c
885 LDD -136(%r30),%r28 ;offset 0xaa0
886 DEPD,Z %r28,31,32,%r31 ;offset 0xaa4
887 LDD -144(%r30),%r20 ;offset 0xaa8
888 ADD,L %r20,%r31,%r31 ;offset 0xaac
889 LDD -112(%r30),%r22 ;offset 0xab0
890 DEPD,Z %r22,31,32,%r22 ;offset 0xab4
891 LDD -120(%r30),%r21 ;offset 0xab8
892 B $00060024 ;offset 0xabc
893 ADD,L %r21,%r22,%r23 ;offset 0xac0
894$D0
895 OR %r9,%r29,%r29 ;offset 0xac4
896$00060040
897 EXTRD,U %r29,31,32,%r28 ;offset 0xac8
898$00060002
899$L2
900 LDW -212(%r30),%r2 ;offset 0xacc
901$D3
902 LDW -168(%r30),%r9 ;offset 0xad0
903 LDD -176(%r30),%r8 ;offset 0xad4
904 EXTRD,U %r8,31,32,%r7 ;offset 0xad8
905 LDD -184(%r30),%r6 ;offset 0xadc
906 EXTRD,U %r6,31,32,%r5 ;offset 0xae0
907 LDW -188(%r30),%r4 ;offset 0xae4
908 BVE (%r2) ;offset 0xae8
909 .EXIT
910 LDW,MB -192(%r30),%r3 ;offset 0xaec
911 .PROCEND ;in=23,25;out=28,29;fpin=105,107;
912
913
914
915
916;----------------------------------------------------------------------------
917;
918; Registers to hold 64-bit values to manipulate. The "L" part
919; of the register corresponds to the upper 32-bits, while the "R"
920; part corresponds to the lower 32-bits
921;
922; Note, that when using b6 and b7, the code must save these before
923; using them because they are callee save registers
924;
925;
926; Floating point registers to use to save values that
927; are manipulated. These don't collide with ftemp1-6 and
928; are all caller save registers
929;
930a0 .reg %fr22
931a0L .reg %fr22L
932a0R .reg %fr22R
933
934a1 .reg %fr23
935a1L .reg %fr23L
936a1R .reg %fr23R
937
938a2 .reg %fr24
939a2L .reg %fr24L
940a2R .reg %fr24R
941
942a3 .reg %fr25
943a3L .reg %fr25L
944a3R .reg %fr25R
945
946a4 .reg %fr26
947a4L .reg %fr26L
948a4R .reg %fr26R
949
950a5 .reg %fr27
951a5L .reg %fr27L
952a5R .reg %fr27R
953
954a6 .reg %fr28
955a6L .reg %fr28L
956a6R .reg %fr28R
957
958a7 .reg %fr29
959a7L .reg %fr29L
960a7R .reg %fr29R
961
962b0 .reg %fr30
963b0L .reg %fr30L
964b0R .reg %fr30R
965
966b1 .reg %fr31
967b1L .reg %fr31L
968b1R .reg %fr31R
969
970;
971; Temporary floating point variables, these are all caller save
972; registers
973;
974ftemp1 .reg %fr4
975ftemp2 .reg %fr5
976ftemp3 .reg %fr6
977ftemp4 .reg %fr7
978
979;
980; The B set of registers when used.
981;
982
983b2 .reg %fr8
984b2L .reg %fr8L
985b2R .reg %fr8R
986
987b3 .reg %fr9
988b3L .reg %fr9L
989b3R .reg %fr9R
990
991b4 .reg %fr10
992b4L .reg %fr10L
993b4R .reg %fr10R
994
995b5 .reg %fr11
996b5L .reg %fr11L
997b5R .reg %fr11R
998
999b6 .reg %fr12
1000b6L .reg %fr12L
1001b6R .reg %fr12R
1002
1003b7 .reg %fr13
1004b7L .reg %fr13L
1005b7R .reg %fr13R
1006
1007c1 .reg %r21 ; only reg
1008temp1 .reg %r20 ; only reg
1009temp2 .reg %r19 ; only reg
1010temp3 .reg %r31 ; only reg
1011
1012m1 .reg %r28
1013c2 .reg %r23
1014high_one .reg %r1
1015ht .reg %r6
1016lt .reg %r5
1017m .reg %r4
1018c3 .reg %r3
1019
1020SQR_ADD_C .macro A0L,A0R,C1,C2,C3
1021 XMPYU A0L,A0R,ftemp1 ; m
1022 FSTD ftemp1,-24(%sp) ; store m
1023
1024 XMPYU A0R,A0R,ftemp2 ; lt
1025 FSTD ftemp2,-16(%sp) ; store lt
1026
1027 XMPYU A0L,A0L,ftemp3 ; ht
1028 FSTD ftemp3,-8(%sp) ; store ht
1029
1030 LDD -24(%sp),m ; load m
1031 AND m,high_mask,temp2 ; m & Mask
1032 DEPD,Z m,30,31,temp3 ; m << 32+1
1033 LDD -16(%sp),lt ; lt
1034
1035 LDD -8(%sp),ht ; ht
1036 EXTRD,U temp2,32,33,temp1 ; temp1 = m&Mask >> 32-1
1037 ADD temp3,lt,lt ; lt = lt+m
1038 ADD,L ht,temp1,ht ; ht += temp1
1039 ADD,DC ht,%r0,ht ; ht++
1040
1041 ADD C1,lt,C1 ; c1=c1+lt
1042 ADD,DC ht,%r0,ht ; ht++
1043
1044 ADD C2,ht,C2 ; c2=c2+ht
1045 ADD,DC C3,%r0,C3 ; c3++
1046.endm
1047
1048SQR_ADD_C2 .macro A0L,A0R,A1L,A1R,C1,C2,C3
1049 XMPYU A0L,A1R,ftemp1 ; m1 = bl*ht
1050 FSTD ftemp1,-16(%sp) ;
1051 XMPYU A0R,A1L,ftemp2 ; m = bh*lt
1052 FSTD ftemp2,-8(%sp) ;
1053 XMPYU A0R,A1R,ftemp3 ; lt = bl*lt
1054 FSTD ftemp3,-32(%sp)
1055 XMPYU A0L,A1L,ftemp4 ; ht = bh*ht
1056 FSTD ftemp4,-24(%sp) ;
1057
1058 LDD -8(%sp),m ; r21 = m
1059 LDD -16(%sp),m1 ; r19 = m1
1060 ADD,L m,m1,m ; m+m1
1061
1062 DEPD,Z m,31,32,temp3 ; (m+m1<<32)
1063 LDD -24(%sp),ht ; r24 = ht
1064
1065 CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
1066 ADD,L ht,high_one,ht ; ht+=high_one
1067
1068 EXTRD,U m,31,32,temp1 ; m >> 32
1069 LDD -32(%sp),lt ; lt
1070 ADD,L ht,temp1,ht ; ht+= m>>32
1071 ADD lt,temp3,lt ; lt = lt+m1
1072 ADD,DC ht,%r0,ht ; ht++
1073
1074 ADD ht,ht,ht ; ht=ht+ht;
1075 ADD,DC C3,%r0,C3 ; add in carry (c3++)
1076
1077 ADD lt,lt,lt ; lt=lt+lt;
1078 ADD,DC ht,%r0,ht ; add in carry (ht++)
1079
1080 ADD C1,lt,C1 ; c1=c1+lt
1081 ADD,DC,*NUV ht,%r0,ht ; add in carry (ht++)
1082 LDO 1(C3),C3 ; bump c3 if overflow,nullify otherwise
1083
1084 ADD C2,ht,C2 ; c2 = c2 + ht
1085 ADD,DC C3,%r0,C3 ; add in carry (c3++)
1086.endm
1087
1088;
1089;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
1090; arg0 = r_ptr
1091; arg1 = a_ptr
1092;
1093
1094bn_sqr_comba8
1095 .PROC
1096 .CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1097 .EXPORT bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1098 .ENTRY
1099 .align 64
1100
1101 STD %r3,0(%sp) ; save r3
1102 STD %r4,8(%sp) ; save r4
1103 STD %r5,16(%sp) ; save r5
1104 STD %r6,24(%sp) ; save r6
1105
1106 ;
1107 ; Zero out carries
1108 ;
1109 COPY %r0,c1
1110 COPY %r0,c2
1111 COPY %r0,c3
1112
1113 LDO 128(%sp),%sp ; bump stack
1114 DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
1115 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1116
1117 ;
1118 ; Load up all of the values we are going to use
1119 ;
1120 FLDD 0(a_ptr),a0
1121 FLDD 8(a_ptr),a1
1122 FLDD 16(a_ptr),a2
1123 FLDD 24(a_ptr),a3
1124 FLDD 32(a_ptr),a4
1125 FLDD 40(a_ptr),a5
1126 FLDD 48(a_ptr),a6
1127 FLDD 56(a_ptr),a7
1128
1129 SQR_ADD_C a0L,a0R,c1,c2,c3
1130 STD c1,0(r_ptr) ; r[0] = c1;
1131 COPY %r0,c1
1132
1133 SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
1134 STD c2,8(r_ptr) ; r[1] = c2;
1135 COPY %r0,c2
1136
1137 SQR_ADD_C a1L,a1R,c3,c1,c2
1138 SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
1139 STD c3,16(r_ptr) ; r[2] = c3;
1140 COPY %r0,c3
1141
1142 SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
1143 SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
1144 STD c1,24(r_ptr) ; r[3] = c1;
1145 COPY %r0,c1
1146
1147 SQR_ADD_C a2L,a2R,c2,c3,c1
1148 SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
1149 SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
1150 STD c2,32(r_ptr) ; r[4] = c2;
1151 COPY %r0,c2
1152
1153 SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
1154 SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
1155 SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
1156 STD c3,40(r_ptr) ; r[5] = c3;
1157 COPY %r0,c3
1158
1159 SQR_ADD_C a3L,a3R,c1,c2,c3
1160 SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
1161 SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
1162 SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
1163 STD c1,48(r_ptr) ; r[6] = c1;
1164 COPY %r0,c1
1165
1166 SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
1167 SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
1168 SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
1169 SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
1170 STD c2,56(r_ptr) ; r[7] = c2;
1171 COPY %r0,c2
1172
1173 SQR_ADD_C a4L,a4R,c3,c1,c2
1174 SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
1175 SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
1176 SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
1177 STD c3,64(r_ptr) ; r[8] = c3;
1178 COPY %r0,c3
1179
1180 SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
1181 SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
1182 SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
1183 STD c1,72(r_ptr) ; r[9] = c1;
1184 COPY %r0,c1
1185
1186 SQR_ADD_C a5L,a5R,c2,c3,c1
1187 SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
1188 SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
1189 STD c2,80(r_ptr) ; r[10] = c2;
1190 COPY %r0,c2
1191
1192 SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
1193 SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
1194 STD c3,88(r_ptr) ; r[11] = c3;
1195 COPY %r0,c3
1196
1197 SQR_ADD_C a6L,a6R,c1,c2,c3
1198 SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
1199 STD c1,96(r_ptr) ; r[12] = c1;
1200 COPY %r0,c1
1201
1202 SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
1203 STD c2,104(r_ptr) ; r[13] = c2;
1204 COPY %r0,c2
1205
1206 SQR_ADD_C a7L,a7R,c3,c1,c2
1207 STD c3, 112(r_ptr) ; r[14] = c3
1208 STD c1, 120(r_ptr) ; r[15] = c1
1209
1210 .EXIT
1211 LDD -104(%sp),%r6 ; restore r6
1212 LDD -112(%sp),%r5 ; restore r5
1213 LDD -120(%sp),%r4 ; restore r4
1214 BVE (%rp)
1215 LDD,MB -128(%sp),%r3
1216
1217 .PROCEND
1218
1219;-----------------------------------------------------------------------------
1220;
1221;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
1222; arg0 = r_ptr
1223; arg1 = a_ptr
1224;
1225
1226bn_sqr_comba4
1227 .proc
1228 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1229 .EXPORT bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1230 .entry
1231 .align 64
1232 STD %r3,0(%sp) ; save r3
1233 STD %r4,8(%sp) ; save r4
1234 STD %r5,16(%sp) ; save r5
1235 STD %r6,24(%sp) ; save r6
1236
1237 ;
1238 ; Zero out carries
1239 ;
1240 COPY %r0,c1
1241 COPY %r0,c2
1242 COPY %r0,c3
1243
1244 LDO 128(%sp),%sp ; bump stack
1245 DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
1246 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1247
1248 ;
1249 ; Load up all of the values we are going to use
1250 ;
1251 FLDD 0(a_ptr),a0
1252 FLDD 8(a_ptr),a1
1253 FLDD 16(a_ptr),a2
1254 FLDD 24(a_ptr),a3
1255 FLDD 32(a_ptr),a4
1256 FLDD 40(a_ptr),a5
1257 FLDD 48(a_ptr),a6
1258 FLDD 56(a_ptr),a7
1259
1260 SQR_ADD_C a0L,a0R,c1,c2,c3
1261
1262 STD c1,0(r_ptr) ; r[0] = c1;
1263 COPY %r0,c1
1264
1265 SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
1266
1267 STD c2,8(r_ptr) ; r[1] = c2;
1268 COPY %r0,c2
1269
1270 SQR_ADD_C a1L,a1R,c3,c1,c2
1271 SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
1272
1273 STD c3,16(r_ptr) ; r[2] = c3;
1274 COPY %r0,c3
1275
1276 SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
1277 SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
1278
1279 STD c1,24(r_ptr) ; r[3] = c1;
1280 COPY %r0,c1
1281
1282 SQR_ADD_C a2L,a2R,c2,c3,c1
1283 SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
1284
1285 STD c2,32(r_ptr) ; r[4] = c2;
1286 COPY %r0,c2
1287
1288 SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
1289 STD c3,40(r_ptr) ; r[5] = c3;
1290 COPY %r0,c3
1291
1292 SQR_ADD_C a3L,a3R,c1,c2,c3
1293 STD c1,48(r_ptr) ; r[6] = c1;
1294 STD c2,56(r_ptr) ; r[7] = c2;
1295
1296 .EXIT
1297 LDD -104(%sp),%r6 ; restore r6
1298 LDD -112(%sp),%r5 ; restore r5
1299 LDD -120(%sp),%r4 ; restore r4
1300 BVE (%rp)
1301 LDD,MB -128(%sp),%r3
1302
1303 .PROCEND
1304
1305
1306;---------------------------------------------------------------------------
1307
1308MUL_ADD_C .macro A0L,A0R,B0L,B0R,C1,C2,C3
1309 XMPYU A0L,B0R,ftemp1 ; m1 = bl*ht
1310 FSTD ftemp1,-16(%sp) ;
1311 XMPYU A0R,B0L,ftemp2 ; m = bh*lt
1312 FSTD ftemp2,-8(%sp) ;
1313 XMPYU A0R,B0R,ftemp3 ; lt = bl*lt
1314 FSTD ftemp3,-32(%sp)
1315 XMPYU A0L,B0L,ftemp4 ; ht = bh*ht
1316 FSTD ftemp4,-24(%sp) ;
1317
1318 LDD -8(%sp),m ; r21 = m
1319 LDD -16(%sp),m1 ; r19 = m1
1320 ADD,L m,m1,m ; m+m1
1321
1322 DEPD,Z m,31,32,temp3 ; (m+m1<<32)
1323 LDD -24(%sp),ht ; r24 = ht
1324
1325 CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
1326 ADD,L ht,high_one,ht ; ht+=high_one
1327
1328 EXTRD,U m,31,32,temp1 ; m >> 32
1329 LDD -32(%sp),lt ; lt
1330 ADD,L ht,temp1,ht ; ht+= m>>32
1331 ADD lt,temp3,lt ; lt = lt+m1
1332 ADD,DC ht,%r0,ht ; ht++
1333
1334 ADD C1,lt,C1 ; c1=c1+lt
1335 ADD,DC ht,%r0,ht ; bump c3 if overflow,nullify otherwise
1336
1337 ADD C2,ht,C2 ; c2 = c2 + ht
1338 ADD,DC C3,%r0,C3 ; add in carry (c3++)
1339.endm
1340
1341
1342;
1343;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
1344; arg0 = r_ptr
1345; arg1 = a_ptr
1346; arg2 = b_ptr
1347;
1348
1349bn_mul_comba8
1350 .proc
1351 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1352 .EXPORT bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1353 .entry
1354 .align 64
1355
1356 STD %r3,0(%sp) ; save r3
1357 STD %r4,8(%sp) ; save r4
1358 STD %r5,16(%sp) ; save r5
1359 STD %r6,24(%sp) ; save r6
1360 FSTD %fr12,32(%sp) ; save r6
1361 FSTD %fr13,40(%sp) ; save r7
1362
1363 ;
1364 ; Zero out carries
1365 ;
1366 COPY %r0,c1
1367 COPY %r0,c2
1368 COPY %r0,c3
1369
1370 LDO 128(%sp),%sp ; bump stack
1371 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1372
1373 ;
1374 ; Load up all of the values we are going to use
1375 ;
1376 FLDD 0(a_ptr),a0
1377 FLDD 8(a_ptr),a1
1378 FLDD 16(a_ptr),a2
1379 FLDD 24(a_ptr),a3
1380 FLDD 32(a_ptr),a4
1381 FLDD 40(a_ptr),a5
1382 FLDD 48(a_ptr),a6
1383 FLDD 56(a_ptr),a7
1384
1385 FLDD 0(b_ptr),b0
1386 FLDD 8(b_ptr),b1
1387 FLDD 16(b_ptr),b2
1388 FLDD 24(b_ptr),b3
1389 FLDD 32(b_ptr),b4
1390 FLDD 40(b_ptr),b5
1391 FLDD 48(b_ptr),b6
1392 FLDD 56(b_ptr),b7
1393
1394 MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
1395 STD c1,0(r_ptr)
1396 COPY %r0,c1
1397
1398 MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
1399 MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
1400 STD c2,8(r_ptr)
1401 COPY %r0,c2
1402
1403 MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
1404 MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
1405 MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
1406 STD c3,16(r_ptr)
1407 COPY %r0,c3
1408
1409 MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
1410 MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
1411 MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
1412 MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
1413 STD c1,24(r_ptr)
1414 COPY %r0,c1
1415
1416 MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
1417 MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
1418 MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
1419 MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
1420 MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
1421 STD c2,32(r_ptr)
1422 COPY %r0,c2
1423
1424 MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
1425 MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
1426 MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
1427 MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
1428 MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
1429 MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
1430 STD c3,40(r_ptr)
1431 COPY %r0,c3
1432
1433 MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
1434 MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
1435 MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
1436 MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
1437 MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
1438 MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
1439 MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
1440 STD c1,48(r_ptr)
1441 COPY %r0,c1
1442
1443 MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
1444 MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
1445 MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
1446 MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
1447 MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
1448 MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
1449 MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
1450 MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
1451 STD c2,56(r_ptr)
1452 COPY %r0,c2
1453
1454 MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
1455 MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
1456 MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
1457 MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
1458 MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
1459 MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
1460 MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
1461 STD c3,64(r_ptr)
1462 COPY %r0,c3
1463
1464 MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
1465 MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
1466 MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
1467 MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
1468 MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
1469 MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
1470 STD c1,72(r_ptr)
1471 COPY %r0,c1
1472
1473 MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
1474 MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
1475 MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
1476 MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
1477 MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
1478 STD c2,80(r_ptr)
1479 COPY %r0,c2
1480
1481 MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
1482 MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
1483 MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
1484 MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
1485 STD c3,88(r_ptr)
1486 COPY %r0,c3
1487
1488 MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
1489 MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
1490 MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
1491 STD c1,96(r_ptr)
1492 COPY %r0,c1
1493
1494 MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
1495 MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
1496 STD c2,104(r_ptr)
1497 COPY %r0,c2
1498
1499 MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
1500 STD c3,112(r_ptr)
1501 STD c1,120(r_ptr)
1502
1503 .EXIT
1504 FLDD -88(%sp),%fr13
1505 FLDD -96(%sp),%fr12
1506 LDD -104(%sp),%r6 ; restore r6
1507 LDD -112(%sp),%r5 ; restore r5
1508 LDD -120(%sp),%r4 ; restore r4
1509 BVE (%rp)
1510 LDD,MB -128(%sp),%r3
1511
1512 .PROCEND
1513
1514;-----------------------------------------------------------------------------
1515;
1516;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
1517; arg0 = r_ptr
1518; arg1 = a_ptr
1519; arg2 = b_ptr
1520;
1521
1522bn_mul_comba4
1523 .proc
1524 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1525 .EXPORT bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1526 .entry
1527 .align 64
1528
1529 STD %r3,0(%sp) ; save r3
1530 STD %r4,8(%sp) ; save r4
1531 STD %r5,16(%sp) ; save r5
1532 STD %r6,24(%sp) ; save r6
1533 FSTD %fr12,32(%sp) ; save r6
1534 FSTD %fr13,40(%sp) ; save r7
1535
1536 ;
1537 ; Zero out carries
1538 ;
1539 COPY %r0,c1
1540 COPY %r0,c2
1541 COPY %r0,c3
1542
1543 LDO 128(%sp),%sp ; bump stack
1544 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1545
1546 ;
1547 ; Load up all of the values we are going to use
1548 ;
1549 FLDD 0(a_ptr),a0
1550 FLDD 8(a_ptr),a1
1551 FLDD 16(a_ptr),a2
1552 FLDD 24(a_ptr),a3
1553
1554 FLDD 0(b_ptr),b0
1555 FLDD 8(b_ptr),b1
1556 FLDD 16(b_ptr),b2
1557 FLDD 24(b_ptr),b3
1558
1559 MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
1560 STD c1,0(r_ptr)
1561 COPY %r0,c1
1562
1563 MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
1564 MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
1565 STD c2,8(r_ptr)
1566 COPY %r0,c2
1567
1568 MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
1569 MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
1570 MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
1571 STD c3,16(r_ptr)
1572 COPY %r0,c3
1573
1574 MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
1575 MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
1576 MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
1577 MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
1578 STD c1,24(r_ptr)
1579 COPY %r0,c1
1580
1581 MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
1582 MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
1583 MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
1584 STD c2,32(r_ptr)
1585 COPY %r0,c2
1586
1587 MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
1588 MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
1589 STD c3,40(r_ptr)
1590 COPY %r0,c3
1591
1592 MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
1593 STD c1,48(r_ptr)
1594 STD c2,56(r_ptr)
1595
1596 .EXIT
1597 FLDD -88(%sp),%fr13
1598 FLDD -96(%sp),%fr12
1599 LDD -104(%sp),%r6 ; restore r6
1600 LDD -112(%sp),%r5 ; restore r5
1601 LDD -120(%sp),%r4 ; restore r4
1602 BVE (%rp)
1603 LDD,MB -128(%sp),%r3
1604
1605 .PROCEND
1606
1607
1608 .SPACE $TEXT$
1609 .SUBSPA $CODE$
1610 .SPACE $PRIVATE$,SORT=16
1611 .IMPORT $global$,DATA
1612 .SPACE $TEXT$
1613 .SUBSPA $CODE$
1614 .SUBSPA $LIT$,ACCESS=0x2c
1615C$7
1616 .ALIGN 8
1617 .STRINGZ "Division would overflow (%d)\n"
1618 .END
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2W.s b/src/lib/libcrypto/bn/asm/pa-risc2W.s
deleted file mode 100644
index a99545754d..0000000000
--- a/src/lib/libcrypto/bn/asm/pa-risc2W.s
+++ /dev/null
@@ -1,1605 +0,0 @@
1;
2; PA-RISC 64-bit implementation of bn_asm code
3;
4; This code is approximately 2x faster than the C version
5; for RSA/DSA.
6;
7; See http://devresource.hp.com/ for more details on the PA-RISC
8; architecture. Also see the book "PA-RISC 2.0 Architecture"
9; by Gerry Kane for information on the instruction set architecture.
10;
11; Code written by Chris Ruemmler (with some help from the HP C
12; compiler).
13;
14; The code compiles with HP's assembler
15;
16
17 .level 2.0W
18 .space $TEXT$
19 .subspa $CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
20
21;
22; Global Register definitions used for the routines.
23;
24; Some information about HP's runtime architecture for 64-bits.
25;
26; "Caller save" means the calling function must save the register
27; if it wants the register to be preserved.
28; "Callee save" means if a function uses the register, it must save
29; the value before using it.
30;
31; For the floating point registers
32;
33; "caller save" registers: fr4-fr11, fr22-fr31
34; "callee save" registers: fr12-fr21
35; "special" registers: fr0-fr3 (status and exception registers)
36;
37; For the integer registers
38; value zero : r0
39; "caller save" registers: r1,r19-r26
40; "callee save" registers: r3-r18
41; return register : r2 (rp)
42; return values ; r28 (ret0,ret1)
43; Stack pointer ; r30 (sp)
44; global data pointer ; r27 (dp)
45; argument pointer ; r29 (ap)
46; millicode return ptr ; r31 (also a caller save register)
47
48
49;
50; Arguments to the routines
51;
52r_ptr .reg %r26
53a_ptr .reg %r25
54b_ptr .reg %r24
55num .reg %r24
56w .reg %r23
57n .reg %r23
58
59
60;
61; Globals used in some routines
62;
63
64top_overflow .reg %r29
65high_mask .reg %r22 ; value 0xffffffff80000000L
66
67
68;------------------------------------------------------------------------------
69;
70; bn_mul_add_words
71;
72;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr,
73; int num, BN_ULONG w)
74;
75; arg0 = r_ptr
76; arg1 = a_ptr
77; arg2 = num
78; arg3 = w
79;
80; Local register definitions
81;
82
83fm1 .reg %fr22
84fm .reg %fr23
85ht_temp .reg %fr24
86ht_temp_1 .reg %fr25
87lt_temp .reg %fr26
88lt_temp_1 .reg %fr27
89fm1_1 .reg %fr28
90fm_1 .reg %fr29
91
92fw_h .reg %fr7L
93fw_l .reg %fr7R
94fw .reg %fr7
95
96fht_0 .reg %fr8L
97flt_0 .reg %fr8R
98t_float_0 .reg %fr8
99
100fht_1 .reg %fr9L
101flt_1 .reg %fr9R
102t_float_1 .reg %fr9
103
104tmp_0 .reg %r31
105tmp_1 .reg %r21
106m_0 .reg %r20
107m_1 .reg %r19
108ht_0 .reg %r1
109ht_1 .reg %r3
110lt_0 .reg %r4
111lt_1 .reg %r5
112m1_0 .reg %r6
113m1_1 .reg %r7
114rp_val .reg %r8
115rp_val_1 .reg %r9
116
117bn_mul_add_words
118 .export bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
119 .proc
120 .callinfo frame=128
121 .entry
122 .align 64
123
124 STD %r3,0(%sp) ; save r3
125 STD %r4,8(%sp) ; save r4
126 NOP ; Needed to make the loop 16-byte aligned
127 NOP ; Needed to make the loop 16-byte aligned
128
129 STD %r5,16(%sp) ; save r5
130 STD %r6,24(%sp) ; save r6
131 STD %r7,32(%sp) ; save r7
132 STD %r8,40(%sp) ; save r8
133
134 STD %r9,48(%sp) ; save r9
135 COPY %r0,%ret0 ; return 0 by default
136 DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
137 STD w,56(%sp) ; store w on stack
138
139 CMPIB,>= 0,num,bn_mul_add_words_exit ; if (num <= 0) then exit
140 LDO 128(%sp),%sp ; bump stack
141
142 ;
143 ; The loop is unrolled twice, so if there is only 1 number
144 ; then go straight to the cleanup code.
145 ;
146 CMPIB,= 1,num,bn_mul_add_words_single_top
147 FLDD -72(%sp),fw ; load up w into fp register fw (fw_h/fw_l)
148
149 ;
150 ; This loop is unrolled 2 times (64-byte aligned as well)
151 ;
152 ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
153 ; two 32-bit mutiplies can be issued per cycle.
154 ;
155bn_mul_add_words_unroll2
156
157 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
158 FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
159 LDD 0(r_ptr),rp_val ; rp[0]
160 LDD 8(r_ptr),rp_val_1 ; rp[1]
161
162 XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
163 XMPYU fht_1,fw_l,fm1_1 ; m1[1] = fht_1*fw_l
164 FSTD fm1,-16(%sp) ; -16(sp) = m1[0]
165 FSTD fm1_1,-48(%sp) ; -48(sp) = m1[1]
166
167 XMPYU flt_0,fw_h,fm ; m[0] = flt_0*fw_h
168 XMPYU flt_1,fw_h,fm_1 ; m[1] = flt_1*fw_h
169 FSTD fm,-8(%sp) ; -8(sp) = m[0]
170 FSTD fm_1,-40(%sp) ; -40(sp) = m[1]
171
172 XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
173 XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp_1 = fht_1*fw_h
174 FSTD ht_temp,-24(%sp) ; -24(sp) = ht_temp
175 FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht_temp_1
176
177 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
178 XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
179 FSTD lt_temp,-32(%sp) ; -32(sp) = lt_temp
180 FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt_temp_1
181
182 LDD -8(%sp),m_0 ; m[0]
183 LDD -40(%sp),m_1 ; m[1]
184 LDD -16(%sp),m1_0 ; m1[0]
185 LDD -48(%sp),m1_1 ; m1[1]
186
187 LDD -24(%sp),ht_0 ; ht[0]
188 LDD -56(%sp),ht_1 ; ht[1]
189 ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m[0] + m1[0];
190 ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m[1] + m1[1];
191
192 LDD -32(%sp),lt_0
193 LDD -64(%sp),lt_1
194 CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m[0] < m1[0])
195 ADD,L ht_0,top_overflow,ht_0 ; ht[0] += (1<<32)
196
197 CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m[1] < m1[1])
198 ADD,L ht_1,top_overflow,ht_1 ; ht[1] += (1<<32)
199 EXTRD,U tmp_0,31,32,m_0 ; m[0]>>32
200 DEPD,Z tmp_0,31,32,m1_0 ; m1[0] = m[0]<<32
201
202 EXTRD,U tmp_1,31,32,m_1 ; m[1]>>32
203 DEPD,Z tmp_1,31,32,m1_1 ; m1[1] = m[1]<<32
204 ADD,L ht_0,m_0,ht_0 ; ht[0]+= (m[0]>>32)
205 ADD,L ht_1,m_1,ht_1 ; ht[1]+= (m[1]>>32)
206
207 ADD lt_0,m1_0,lt_0 ; lt[0] = lt[0]+m1[0];
208 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
209 ADD lt_1,m1_1,lt_1 ; lt[1] = lt[1]+m1[1];
210 ADD,DC ht_1,%r0,ht_1 ; ht[1]++
211
212 ADD %ret0,lt_0,lt_0 ; lt[0] = lt[0] + c;
213 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
214 ADD lt_0,rp_val,lt_0 ; lt[0] = lt[0]+rp[0]
215 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
216
217 LDO -2(num),num ; num = num - 2;
218 ADD ht_0,lt_1,lt_1 ; lt[1] = lt[1] + ht_0 (c);
219 ADD,DC ht_1,%r0,ht_1 ; ht[1]++
220 STD lt_0,0(r_ptr) ; rp[0] = lt[0]
221
222 ADD lt_1,rp_val_1,lt_1 ; lt[1] = lt[1]+rp[1]
223 ADD,DC ht_1,%r0,%ret0 ; ht[1]++
224 LDO 16(a_ptr),a_ptr ; a_ptr += 2
225
226 STD lt_1,8(r_ptr) ; rp[1] = lt[1]
227 CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
228 LDO 16(r_ptr),r_ptr ; r_ptr += 2
229
230 CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
231
232 ;
233 ; Top of loop aligned on 64-byte boundary
234 ;
235bn_mul_add_words_single_top
236 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
237 LDD 0(r_ptr),rp_val ; rp[0]
238 LDO 8(a_ptr),a_ptr ; a_ptr++
239 XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
240 FSTD fm1,-16(%sp) ; -16(sp) = m1
241 XMPYU flt_0,fw_h,fm ; m = lt*fw_h
242 FSTD fm,-8(%sp) ; -8(sp) = m
243 XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
244 FSTD ht_temp,-24(%sp) ; -24(sp) = ht
245 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
246 FSTD lt_temp,-32(%sp) ; -32(sp) = lt
247
248 LDD -8(%sp),m_0
249 LDD -16(%sp),m1_0 ; m1 = temp1
250 ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
251 LDD -24(%sp),ht_0
252 LDD -32(%sp),lt_0
253
254 CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
255 ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
256
257 EXTRD,U tmp_0,31,32,m_0 ; m>>32
258 DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
259
260 ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
261 ADD lt_0,m1_0,tmp_0 ; tmp_0 = lt+m1;
262 ADD,DC ht_0,%r0,ht_0 ; ht++
263 ADD %ret0,tmp_0,lt_0 ; lt = lt + c;
264 ADD,DC ht_0,%r0,ht_0 ; ht++
265 ADD lt_0,rp_val,lt_0 ; lt = lt+rp[0]
266 ADD,DC ht_0,%r0,%ret0 ; ht++
267 STD lt_0,0(r_ptr) ; rp[0] = lt
268
269bn_mul_add_words_exit
270 .EXIT
271 LDD -80(%sp),%r9 ; restore r9
272 LDD -88(%sp),%r8 ; restore r8
273 LDD -96(%sp),%r7 ; restore r7
274 LDD -104(%sp),%r6 ; restore r6
275 LDD -112(%sp),%r5 ; restore r5
276 LDD -120(%sp),%r4 ; restore r4
277 BVE (%rp)
278 LDD,MB -128(%sp),%r3 ; restore r3
279 .PROCEND ;in=23,24,25,26,29;out=28;
280
281;----------------------------------------------------------------------------
282;
283;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
284;
285; arg0 = rp
286; arg1 = ap
287; arg2 = num
288; arg3 = w
289
290bn_mul_words
291 .proc
292 .callinfo frame=128
293 .entry
294 .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
295 .align 64
296
297 STD %r3,0(%sp) ; save r3
298 STD %r4,8(%sp) ; save r4
299 STD %r5,16(%sp) ; save r5
300 STD %r6,24(%sp) ; save r6
301
302 STD %r7,32(%sp) ; save r7
303 COPY %r0,%ret0 ; return 0 by default
304 DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
305 STD w,56(%sp) ; w on stack
306
307 CMPIB,>= 0,num,bn_mul_words_exit
308 LDO 128(%sp),%sp ; bump stack
309
310 ;
311 ; See if only 1 word to do, thus just do cleanup
312 ;
313 CMPIB,= 1,num,bn_mul_words_single_top
314 FLDD -72(%sp),fw ; load up w into fp register fw (fw_h/fw_l)
315
316 ;
317 ; This loop is unrolled 2 times (64-byte aligned as well)
318 ;
319 ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
320 ; two 32-bit mutiplies can be issued per cycle.
321 ;
322bn_mul_words_unroll2
323
324 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
325 FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
326 XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
327 XMPYU fht_1,fw_l,fm1_1 ; m1[1] = ht*fw_l
328
329 FSTD fm1,-16(%sp) ; -16(sp) = m1
330 FSTD fm1_1,-48(%sp) ; -48(sp) = m1
331 XMPYU flt_0,fw_h,fm ; m = lt*fw_h
332 XMPYU flt_1,fw_h,fm_1 ; m = lt*fw_h
333
334 FSTD fm,-8(%sp) ; -8(sp) = m
335 FSTD fm_1,-40(%sp) ; -40(sp) = m
336 XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
337 XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp = ht*fw_h
338
339 FSTD ht_temp,-24(%sp) ; -24(sp) = ht
340 FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht
341 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
342 XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
343
344 FSTD lt_temp,-32(%sp) ; -32(sp) = lt
345 FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt
346 LDD -8(%sp),m_0
347 LDD -40(%sp),m_1
348
349 LDD -16(%sp),m1_0
350 LDD -48(%sp),m1_1
351 LDD -24(%sp),ht_0
352 LDD -56(%sp),ht_1
353
354 ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m + m1;
355 ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m + m1;
356 LDD -32(%sp),lt_0
357 LDD -64(%sp),lt_1
358
359 CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m < m1)
360 ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
361 CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m < m1)
362 ADD,L ht_1,top_overflow,ht_1 ; ht += (1<<32)
363
364 EXTRD,U tmp_0,31,32,m_0 ; m>>32
365 DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
366 EXTRD,U tmp_1,31,32,m_1 ; m>>32
367 DEPD,Z tmp_1,31,32,m1_1 ; m1 = m<<32
368
369 ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
370 ADD,L ht_1,m_1,ht_1 ; ht+= (m>>32)
371 ADD lt_0,m1_0,lt_0 ; lt = lt+m1;
372 ADD,DC ht_0,%r0,ht_0 ; ht++
373
374 ADD lt_1,m1_1,lt_1 ; lt = lt+m1;
375 ADD,DC ht_1,%r0,ht_1 ; ht++
376 ADD %ret0,lt_0,lt_0 ; lt = lt + c (ret0);
377 ADD,DC ht_0,%r0,ht_0 ; ht++
378
379 ADD ht_0,lt_1,lt_1 ; lt = lt + c (ht_0)
380 ADD,DC ht_1,%r0,ht_1 ; ht++
381 STD lt_0,0(r_ptr) ; rp[0] = lt
382 STD lt_1,8(r_ptr) ; rp[1] = lt
383
384 COPY ht_1,%ret0 ; carry = ht
385 LDO -2(num),num ; num = num - 2;
386 LDO 16(a_ptr),a_ptr ; ap += 2
387 CMPIB,<= 2,num,bn_mul_words_unroll2
388 LDO 16(r_ptr),r_ptr ; rp++
389
390 CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
391
392 ;
393 ; Top of loop aligned on 64-byte boundary
394 ;
395bn_mul_words_single_top
396 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
397
398 XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
399 FSTD fm1,-16(%sp) ; -16(sp) = m1
400 XMPYU flt_0,fw_h,fm ; m = lt*fw_h
401 FSTD fm,-8(%sp) ; -8(sp) = m
402 XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
403 FSTD ht_temp,-24(%sp) ; -24(sp) = ht
404 XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
405 FSTD lt_temp,-32(%sp) ; -32(sp) = lt
406
407 LDD -8(%sp),m_0
408 LDD -16(%sp),m1_0
409 ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
410 LDD -24(%sp),ht_0
411 LDD -32(%sp),lt_0
412
413 CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
414 ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
415
416 EXTRD,U tmp_0,31,32,m_0 ; m>>32
417 DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
418
419 ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
420 ADD lt_0,m1_0,lt_0 ; lt= lt+m1;
421 ADD,DC ht_0,%r0,ht_0 ; ht++
422
423 ADD %ret0,lt_0,lt_0 ; lt = lt + c;
424 ADD,DC ht_0,%r0,ht_0 ; ht++
425
426 COPY ht_0,%ret0 ; copy carry
427 STD lt_0,0(r_ptr) ; rp[0] = lt
428
429bn_mul_words_exit
430 .EXIT
431 LDD -96(%sp),%r7 ; restore r7
432 LDD -104(%sp),%r6 ; restore r6
433 LDD -112(%sp),%r5 ; restore r5
434 LDD -120(%sp),%r4 ; restore r4
435 BVE (%rp)
436 LDD,MB -128(%sp),%r3 ; restore r3
437 .PROCEND ;in=23,24,25,26,29;out=28;
438
439;----------------------------------------------------------------------------
440;
441;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
442;
443; arg0 = rp
444; arg1 = ap
445; arg2 = num
446;
447
448bn_sqr_words
449 .proc
450 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
451 .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
452 .entry
453 .align 64
454
455 STD %r3,0(%sp) ; save r3
456 STD %r4,8(%sp) ; save r4
457 NOP
458 STD %r5,16(%sp) ; save r5
459
460 CMPIB,>= 0,num,bn_sqr_words_exit
461 LDO 128(%sp),%sp ; bump stack
462
463 ;
464 ; If only 1, the goto straight to cleanup
465 ;
466 CMPIB,= 1,num,bn_sqr_words_single_top
467 DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
468
469 ;
470 ; This loop is unrolled 2 times (64-byte aligned as well)
471 ;
472
473bn_sqr_words_unroll2
474 FLDD 0(a_ptr),t_float_0 ; a[0]
475 FLDD 8(a_ptr),t_float_1 ; a[1]
476 XMPYU fht_0,flt_0,fm ; m[0]
477 XMPYU fht_1,flt_1,fm_1 ; m[1]
478
479 FSTD fm,-24(%sp) ; store m[0]
480 FSTD fm_1,-56(%sp) ; store m[1]
481 XMPYU flt_0,flt_0,lt_temp ; lt[0]
482 XMPYU flt_1,flt_1,lt_temp_1 ; lt[1]
483
484 FSTD lt_temp,-16(%sp) ; store lt[0]
485 FSTD lt_temp_1,-48(%sp) ; store lt[1]
486 XMPYU fht_0,fht_0,ht_temp ; ht[0]
487 XMPYU fht_1,fht_1,ht_temp_1 ; ht[1]
488
489 FSTD ht_temp,-8(%sp) ; store ht[0]
490 FSTD ht_temp_1,-40(%sp) ; store ht[1]
491 LDD -24(%sp),m_0
492 LDD -56(%sp),m_1
493
494 AND m_0,high_mask,tmp_0 ; m[0] & Mask
495 AND m_1,high_mask,tmp_1 ; m[1] & Mask
496 DEPD,Z m_0,30,31,m_0 ; m[0] << 32+1
497 DEPD,Z m_1,30,31,m_1 ; m[1] << 32+1
498
499 LDD -16(%sp),lt_0
500 LDD -48(%sp),lt_1
501 EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m[0]&Mask >> 32-1
502 EXTRD,U tmp_1,32,33,tmp_1 ; tmp_1 = m[1]&Mask >> 32-1
503
504 LDD -8(%sp),ht_0
505 LDD -40(%sp),ht_1
506 ADD,L ht_0,tmp_0,ht_0 ; ht[0] += tmp_0
507 ADD,L ht_1,tmp_1,ht_1 ; ht[1] += tmp_1
508
509 ADD lt_0,m_0,lt_0 ; lt = lt+m
510 ADD,DC ht_0,%r0,ht_0 ; ht[0]++
511 STD lt_0,0(r_ptr) ; rp[0] = lt[0]
512 STD ht_0,8(r_ptr) ; rp[1] = ht[1]
513
514 ADD lt_1,m_1,lt_1 ; lt = lt+m
515 ADD,DC ht_1,%r0,ht_1 ; ht[1]++
516 STD lt_1,16(r_ptr) ; rp[2] = lt[1]
517 STD ht_1,24(r_ptr) ; rp[3] = ht[1]
518
519 LDO -2(num),num ; num = num - 2;
520 LDO 16(a_ptr),a_ptr ; ap += 2
521 CMPIB,<= 2,num,bn_sqr_words_unroll2
522 LDO 32(r_ptr),r_ptr ; rp += 4
523
524 CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
525
526 ;
527 ; Top of loop aligned on 64-byte boundary
528 ;
529bn_sqr_words_single_top
530 FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
531
532 XMPYU fht_0,flt_0,fm ; m
533 FSTD fm,-24(%sp) ; store m
534
535 XMPYU flt_0,flt_0,lt_temp ; lt
536 FSTD lt_temp,-16(%sp) ; store lt
537
538 XMPYU fht_0,fht_0,ht_temp ; ht
539 FSTD ht_temp,-8(%sp) ; store ht
540
541 LDD -24(%sp),m_0 ; load m
542 AND m_0,high_mask,tmp_0 ; m & Mask
543 DEPD,Z m_0,30,31,m_0 ; m << 32+1
544 LDD -16(%sp),lt_0 ; lt
545
546 LDD -8(%sp),ht_0 ; ht
547 EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m&Mask >> 32-1
548 ADD m_0,lt_0,lt_0 ; lt = lt+m
549 ADD,L ht_0,tmp_0,ht_0 ; ht += tmp_0
550 ADD,DC ht_0,%r0,ht_0 ; ht++
551
552 STD lt_0,0(r_ptr) ; rp[0] = lt
553 STD ht_0,8(r_ptr) ; rp[1] = ht
554
555bn_sqr_words_exit
556 .EXIT
557 LDD -112(%sp),%r5 ; restore r5
558 LDD -120(%sp),%r4 ; restore r4
559 BVE (%rp)
560 LDD,MB -128(%sp),%r3
561 .PROCEND ;in=23,24,25,26,29;out=28;
562
563
564;----------------------------------------------------------------------------
565;
566;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
567;
568; arg0 = rp
569; arg1 = ap
570; arg2 = bp
571; arg3 = n
572
573t .reg %r22
574b .reg %r21
575l .reg %r20
576
577bn_add_words
578 .proc
579 .entry
580 .callinfo
581 .EXPORT bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
582 .align 64
583
584 CMPIB,>= 0,n,bn_add_words_exit
585 COPY %r0,%ret0 ; return 0 by default
586
587 ;
588 ; If 2 or more numbers do the loop
589 ;
590 CMPIB,= 1,n,bn_add_words_single_top
591 NOP
592
593 ;
594 ; This loop is unrolled 2 times (64-byte aligned as well)
595 ;
596bn_add_words_unroll2
597 LDD 0(a_ptr),t
598 LDD 0(b_ptr),b
599 ADD t,%ret0,t ; t = t+c;
600 ADD,DC %r0,%r0,%ret0 ; set c to carry
601 ADD t,b,l ; l = t + b[0]
602 ADD,DC %ret0,%r0,%ret0 ; c+= carry
603 STD l,0(r_ptr)
604
605 LDD 8(a_ptr),t
606 LDD 8(b_ptr),b
607 ADD t,%ret0,t ; t = t+c;
608 ADD,DC %r0,%r0,%ret0 ; set c to carry
609 ADD t,b,l ; l = t + b[0]
610 ADD,DC %ret0,%r0,%ret0 ; c+= carry
611 STD l,8(r_ptr)
612
613 LDO -2(n),n
614 LDO 16(a_ptr),a_ptr
615 LDO 16(b_ptr),b_ptr
616
617 CMPIB,<= 2,n,bn_add_words_unroll2
618 LDO 16(r_ptr),r_ptr
619
620 CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
621
622bn_add_words_single_top
623 LDD 0(a_ptr),t
624 LDD 0(b_ptr),b
625
626 ADD t,%ret0,t ; t = t+c;
627 ADD,DC %r0,%r0,%ret0 ; set c to carry (could use CMPCLR??)
628 ADD t,b,l ; l = t + b[0]
629 ADD,DC %ret0,%r0,%ret0 ; c+= carry
630 STD l,0(r_ptr)
631
632bn_add_words_exit
633 .EXIT
634 BVE (%rp)
635 NOP
636 .PROCEND ;in=23,24,25,26,29;out=28;
637
638;----------------------------------------------------------------------------
639;
640;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
641;
642; arg0 = rp
643; arg1 = ap
644; arg2 = bp
645; arg3 = n
646
647t1 .reg %r22
648t2 .reg %r21
649sub_tmp1 .reg %r20
650sub_tmp2 .reg %r19
651
652
653bn_sub_words
654 .proc
655 .callinfo
656 .EXPORT bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
657 .entry
658 .align 64
659
660 CMPIB,>= 0,n,bn_sub_words_exit
661 COPY %r0,%ret0 ; return 0 by default
662
663 ;
664 ; If 2 or more numbers do the loop
665 ;
666 CMPIB,= 1,n,bn_sub_words_single_top
667 NOP
668
669 ;
670 ; This loop is unrolled 2 times (64-byte aligned as well)
671 ;
672bn_sub_words_unroll2
673 LDD 0(a_ptr),t1
674 LDD 0(b_ptr),t2
675 SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
676 SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c;
677
678 CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
679 LDO 1(%r0),sub_tmp2
680
681 CMPCLR,*= t1,t2,%r0
682 COPY sub_tmp2,%ret0
683 STD sub_tmp1,0(r_ptr)
684
685 LDD 8(a_ptr),t1
686 LDD 8(b_ptr),t2
687 SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
688 SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c;
689 CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
690 LDO 1(%r0),sub_tmp2
691
692 CMPCLR,*= t1,t2,%r0
693 COPY sub_tmp2,%ret0
694 STD sub_tmp1,8(r_ptr)
695
696 LDO -2(n),n
697 LDO 16(a_ptr),a_ptr
698 LDO 16(b_ptr),b_ptr
699
700 CMPIB,<= 2,n,bn_sub_words_unroll2
701 LDO 16(r_ptr),r_ptr
702
703 CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
704
705bn_sub_words_single_top
706 LDD 0(a_ptr),t1
707 LDD 0(b_ptr),t2
708 SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
709 SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c;
710 CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
711 LDO 1(%r0),sub_tmp2
712
713 CMPCLR,*= t1,t2,%r0
714 COPY sub_tmp2,%ret0
715
716 STD sub_tmp1,0(r_ptr)
717
718bn_sub_words_exit
719 .EXIT
720 BVE (%rp)
721 NOP
722 .PROCEND ;in=23,24,25,26,29;out=28;
723
724;------------------------------------------------------------------------------
725;
726; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
727;
728; arg0 = h
729; arg1 = l
730; arg2 = d
731;
732; This is mainly just modified assembly from the compiler, thus the
733; lack of variable names.
734;
735;------------------------------------------------------------------------------
736bn_div_words
737 .proc
738 .callinfo CALLER,FRAME=272,ENTRY_GR=%r10,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
739 .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
740 .IMPORT BN_num_bits_word,CODE,NO_RELOCATION
741 .IMPORT __iob,DATA
742 .IMPORT fprintf,CODE,NO_RELOCATION
743 .IMPORT abort,CODE,NO_RELOCATION
744 .IMPORT $$div2U,MILLICODE
745 .entry
746 STD %r2,-16(%r30)
747 STD,MA %r3,352(%r30)
748 STD %r4,-344(%r30)
749 STD %r5,-336(%r30)
750 STD %r6,-328(%r30)
751 STD %r7,-320(%r30)
752 STD %r8,-312(%r30)
753 STD %r9,-304(%r30)
754 STD %r10,-296(%r30)
755
756 STD %r27,-288(%r30) ; save gp
757
758 COPY %r24,%r3 ; save d
759 COPY %r26,%r4 ; save h (high 64-bits)
760 LDO -1(%r0),%ret0 ; return -1 by default
761
762 CMPB,*= %r0,%arg2,$D3 ; if (d == 0)
763 COPY %r25,%r5 ; save l (low 64-bits)
764
765 LDO -48(%r30),%r29 ; create ap
766 .CALL ;in=26,29;out=28;
767 B,L BN_num_bits_word,%r2
768 COPY %r3,%r26
769 LDD -288(%r30),%r27 ; restore gp
770 LDI 64,%r21
771
772 CMPB,= %r21,%ret0,$00000012 ;if (i == 64) (forward)
773 COPY %ret0,%r24 ; i
774 MTSARCM %r24
775 DEPDI,Z -1,%sar,1,%r29
776 CMPB,*<<,N %r29,%r4,bn_div_err_case ; if (h > 1<<i) (forward)
777
778$00000012
779 SUBI 64,%r24,%r31 ; i = 64 - i;
780 CMPCLR,*<< %r4,%r3,%r0 ; if (h >= d)
781 SUB %r4,%r3,%r4 ; h -= d
782 CMPB,= %r31,%r0,$0000001A ; if (i)
783 COPY %r0,%r10 ; ret = 0
784 MTSARCM %r31 ; i to shift
785 DEPD,Z %r3,%sar,64,%r3 ; d <<= i;
786 SUBI 64,%r31,%r19 ; 64 - i; redundent
787 MTSAR %r19 ; (64 -i) to shift
788 SHRPD %r4,%r5,%sar,%r4 ; l>> (64-i)
789 MTSARCM %r31 ; i to shift
790 DEPD,Z %r5,%sar,64,%r5 ; l <<= i;
791
792$0000001A
793 DEPDI,Z -1,31,32,%r19
794 EXTRD,U %r3,31,32,%r6 ; dh=(d&0xfff)>>32
795 EXTRD,U %r3,63,32,%r8 ; dl = d&0xffffff
796 LDO 2(%r0),%r9
797 STD %r3,-280(%r30) ; "d" to stack
798
799$0000001C
800 DEPDI,Z -1,63,32,%r29 ;
801 EXTRD,U %r4,31,32,%r31 ; h >> 32
802 CMPB,*=,N %r31,%r6,$D2 ; if ((h>>32) != dh)(forward) div
803 COPY %r4,%r26
804 EXTRD,U %r4,31,32,%r25
805 COPY %r6,%r24
806 .CALL ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
807 B,L $$div2U,%r2
808 EXTRD,U %r6,31,32,%r23
809 DEPD %r28,31,32,%r29
810$D2
811 STD %r29,-272(%r30) ; q
812 AND %r5,%r19,%r24 ; t & 0xffffffff00000000;
813 EXTRD,U %r24,31,32,%r24 ; ???
814 FLDD -272(%r30),%fr7 ; q
815 FLDD -280(%r30),%fr8 ; d
816 XMPYU %fr8L,%fr7L,%fr10
817 FSTD %fr10,-256(%r30)
818 XMPYU %fr8L,%fr7R,%fr22
819 FSTD %fr22,-264(%r30)
820 XMPYU %fr8R,%fr7L,%fr11
821 XMPYU %fr8R,%fr7R,%fr23
822 FSTD %fr11,-232(%r30)
823 FSTD %fr23,-240(%r30)
824 LDD -256(%r30),%r28
825 DEPD,Z %r28,31,32,%r2
826 LDD -264(%r30),%r20
827 ADD,L %r20,%r2,%r31
828 LDD -232(%r30),%r22
829 DEPD,Z %r22,31,32,%r22
830 LDD -240(%r30),%r21
831 B $00000024 ; enter loop
832 ADD,L %r21,%r22,%r23
833
834$0000002A
835 LDO -1(%r29),%r29
836 SUB %r23,%r8,%r23
837$00000024
838 SUB %r4,%r31,%r25
839 AND %r25,%r19,%r26
840 CMPB,*<>,N %r0,%r26,$00000046 ; (forward)
841 DEPD,Z %r25,31,32,%r20
842 OR %r20,%r24,%r21
843 CMPB,*<<,N %r21,%r23,$0000002A ;(backward)
844 SUB %r31,%r6,%r31
845;-------------Break path---------------------
846
847$00000046
848 DEPD,Z %r23,31,32,%r25 ;tl
849 EXTRD,U %r23,31,32,%r26 ;t
850 AND %r25,%r19,%r24 ;tl = (tl<<32)&0xfffffff0000000L
851 ADD,L %r31,%r26,%r31 ;th += t;
852 CMPCLR,*>>= %r5,%r24,%r0 ;if (l<tl)
853 LDO 1(%r31),%r31 ; th++;
854 CMPB,*<<=,N %r31,%r4,$00000036 ;if (n < th) (forward)
855 LDO -1(%r29),%r29 ;q--;
856 ADD,L %r4,%r3,%r4 ;h += d;
857$00000036
858 ADDIB,=,N -1,%r9,$D1 ;if (--count == 0) break (forward)
859 SUB %r5,%r24,%r28 ; l -= tl;
860 SUB %r4,%r31,%r24 ; h -= th;
861 SHRPD %r24,%r28,32,%r4 ; h = ((h<<32)|(l>>32));
862 DEPD,Z %r29,31,32,%r10 ; ret = q<<32
863 b $0000001C
864 DEPD,Z %r28,31,32,%r5 ; l = l << 32
865
866$D1
867 OR %r10,%r29,%r28 ; ret |= q
868$D3
869 LDD -368(%r30),%r2
870$D0
871 LDD -296(%r30),%r10
872 LDD -304(%r30),%r9
873 LDD -312(%r30),%r8
874 LDD -320(%r30),%r7
875 LDD -328(%r30),%r6
876 LDD -336(%r30),%r5
877 LDD -344(%r30),%r4
878 BVE (%r2)
879 .EXIT
880 LDD,MB -352(%r30),%r3
881
882bn_div_err_case
883 MFIA %r6
884 ADDIL L'bn_div_words-bn_div_err_case,%r6,%r1
885 LDO R'bn_div_words-bn_div_err_case(%r1),%r6
886 ADDIL LT'__iob,%r27,%r1
887 LDD RT'__iob(%r1),%r26
888 ADDIL L'C$4-bn_div_words,%r6,%r1
889 LDO R'C$4-bn_div_words(%r1),%r25
890 LDO 64(%r26),%r26
891 .CALL ;in=24,25,26,29;out=28;
892 B,L fprintf,%r2
893 LDO -48(%r30),%r29
894 LDD -288(%r30),%r27
895 .CALL ;in=29;
896 B,L abort,%r2
897 LDO -48(%r30),%r29
898 LDD -288(%r30),%r27
899 B $D0
900 LDD -368(%r30),%r2
901 .PROCEND ;in=24,25,26,29;out=28;
902
903;----------------------------------------------------------------------------
904;
905; Registers to hold 64-bit values to manipulate. The "L" part
906; of the register corresponds to the upper 32-bits, while the "R"
907; part corresponds to the lower 32-bits
908;
909; Note, that when using b6 and b7, the code must save these before
910; using them because they are callee save registers
911;
912;
913; Floating point registers to use to save values that
914; are manipulated. These don't collide with ftemp1-6 and
915; are all caller save registers
916;
917a0 .reg %fr22
918a0L .reg %fr22L
919a0R .reg %fr22R
920
921a1 .reg %fr23
922a1L .reg %fr23L
923a1R .reg %fr23R
924
925a2 .reg %fr24
926a2L .reg %fr24L
927a2R .reg %fr24R
928
929a3 .reg %fr25
930a3L .reg %fr25L
931a3R .reg %fr25R
932
933a4 .reg %fr26
934a4L .reg %fr26L
935a4R .reg %fr26R
936
937a5 .reg %fr27
938a5L .reg %fr27L
939a5R .reg %fr27R
940
941a6 .reg %fr28
942a6L .reg %fr28L
943a6R .reg %fr28R
944
945a7 .reg %fr29
946a7L .reg %fr29L
947a7R .reg %fr29R
948
949b0 .reg %fr30
950b0L .reg %fr30L
951b0R .reg %fr30R
952
953b1 .reg %fr31
954b1L .reg %fr31L
955b1R .reg %fr31R
956
957;
958; Temporary floating point variables, these are all caller save
959; registers
960;
961ftemp1 .reg %fr4
962ftemp2 .reg %fr5
963ftemp3 .reg %fr6
964ftemp4 .reg %fr7
965
966;
967; The B set of registers when used.
968;
969
970b2 .reg %fr8
971b2L .reg %fr8L
972b2R .reg %fr8R
973
974b3 .reg %fr9
975b3L .reg %fr9L
976b3R .reg %fr9R
977
978b4 .reg %fr10
979b4L .reg %fr10L
980b4R .reg %fr10R
981
982b5 .reg %fr11
983b5L .reg %fr11L
984b5R .reg %fr11R
985
986b6 .reg %fr12
987b6L .reg %fr12L
988b6R .reg %fr12R
989
990b7 .reg %fr13
991b7L .reg %fr13L
992b7R .reg %fr13R
993
994c1 .reg %r21 ; only reg
995temp1 .reg %r20 ; only reg
996temp2 .reg %r19 ; only reg
997temp3 .reg %r31 ; only reg
998
999m1 .reg %r28
1000c2 .reg %r23
1001high_one .reg %r1
1002ht .reg %r6
1003lt .reg %r5
1004m .reg %r4
1005c3 .reg %r3
1006
1007SQR_ADD_C .macro A0L,A0R,C1,C2,C3
1008 XMPYU A0L,A0R,ftemp1 ; m
1009 FSTD ftemp1,-24(%sp) ; store m
1010
1011 XMPYU A0R,A0R,ftemp2 ; lt
1012 FSTD ftemp2,-16(%sp) ; store lt
1013
1014 XMPYU A0L,A0L,ftemp3 ; ht
1015 FSTD ftemp3,-8(%sp) ; store ht
1016
1017 LDD -24(%sp),m ; load m
1018 AND m,high_mask,temp2 ; m & Mask
1019 DEPD,Z m,30,31,temp3 ; m << 32+1
1020 LDD -16(%sp),lt ; lt
1021
1022 LDD -8(%sp),ht ; ht
1023 EXTRD,U temp2,32,33,temp1 ; temp1 = m&Mask >> 32-1
1024 ADD temp3,lt,lt ; lt = lt+m
1025 ADD,L ht,temp1,ht ; ht += temp1
1026 ADD,DC ht,%r0,ht ; ht++
1027
1028 ADD C1,lt,C1 ; c1=c1+lt
1029 ADD,DC ht,%r0,ht ; ht++
1030
1031 ADD C2,ht,C2 ; c2=c2+ht
1032 ADD,DC C3,%r0,C3 ; c3++
1033.endm
1034
1035SQR_ADD_C2 .macro A0L,A0R,A1L,A1R,C1,C2,C3
1036 XMPYU A0L,A1R,ftemp1 ; m1 = bl*ht
1037 FSTD ftemp1,-16(%sp) ;
1038 XMPYU A0R,A1L,ftemp2 ; m = bh*lt
1039 FSTD ftemp2,-8(%sp) ;
1040 XMPYU A0R,A1R,ftemp3 ; lt = bl*lt
1041 FSTD ftemp3,-32(%sp)
1042 XMPYU A0L,A1L,ftemp4 ; ht = bh*ht
1043 FSTD ftemp4,-24(%sp) ;
1044
1045 LDD -8(%sp),m ; r21 = m
1046 LDD -16(%sp),m1 ; r19 = m1
1047 ADD,L m,m1,m ; m+m1
1048
1049 DEPD,Z m,31,32,temp3 ; (m+m1<<32)
1050 LDD -24(%sp),ht ; r24 = ht
1051
1052 CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
1053 ADD,L ht,high_one,ht ; ht+=high_one
1054
1055 EXTRD,U m,31,32,temp1 ; m >> 32
1056 LDD -32(%sp),lt ; lt
1057 ADD,L ht,temp1,ht ; ht+= m>>32
1058 ADD lt,temp3,lt ; lt = lt+m1
1059 ADD,DC ht,%r0,ht ; ht++
1060
1061 ADD ht,ht,ht ; ht=ht+ht;
1062 ADD,DC C3,%r0,C3 ; add in carry (c3++)
1063
1064 ADD lt,lt,lt ; lt=lt+lt;
1065 ADD,DC ht,%r0,ht ; add in carry (ht++)
1066
1067 ADD C1,lt,C1 ; c1=c1+lt
1068 ADD,DC,*NUV ht,%r0,ht ; add in carry (ht++)
1069 LDO 1(C3),C3 ; bump c3 if overflow,nullify otherwise
1070
1071 ADD C2,ht,C2 ; c2 = c2 + ht
1072 ADD,DC C3,%r0,C3 ; add in carry (c3++)
1073.endm
1074
1075;
1076;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
1077; arg0 = r_ptr
1078; arg1 = a_ptr
1079;
1080
1081bn_sqr_comba8
1082 .PROC
1083 .CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1084 .EXPORT bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1085 .ENTRY
1086 .align 64
1087
1088 STD %r3,0(%sp) ; save r3
1089 STD %r4,8(%sp) ; save r4
1090 STD %r5,16(%sp) ; save r5
1091 STD %r6,24(%sp) ; save r6
1092
1093 ;
1094 ; Zero out carries
1095 ;
1096 COPY %r0,c1
1097 COPY %r0,c2
1098 COPY %r0,c3
1099
1100 LDO 128(%sp),%sp ; bump stack
1101 DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
1102 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1103
1104 ;
1105 ; Load up all of the values we are going to use
1106 ;
1107 FLDD 0(a_ptr),a0
1108 FLDD 8(a_ptr),a1
1109 FLDD 16(a_ptr),a2
1110 FLDD 24(a_ptr),a3
1111 FLDD 32(a_ptr),a4
1112 FLDD 40(a_ptr),a5
1113 FLDD 48(a_ptr),a6
1114 FLDD 56(a_ptr),a7
1115
1116 SQR_ADD_C a0L,a0R,c1,c2,c3
1117 STD c1,0(r_ptr) ; r[0] = c1;
1118 COPY %r0,c1
1119
1120 SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
1121 STD c2,8(r_ptr) ; r[1] = c2;
1122 COPY %r0,c2
1123
1124 SQR_ADD_C a1L,a1R,c3,c1,c2
1125 SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
1126 STD c3,16(r_ptr) ; r[2] = c3;
1127 COPY %r0,c3
1128
1129 SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
1130 SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
1131 STD c1,24(r_ptr) ; r[3] = c1;
1132 COPY %r0,c1
1133
1134 SQR_ADD_C a2L,a2R,c2,c3,c1
1135 SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
1136 SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
1137 STD c2,32(r_ptr) ; r[4] = c2;
1138 COPY %r0,c2
1139
1140 SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
1141 SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
1142 SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
1143 STD c3,40(r_ptr) ; r[5] = c3;
1144 COPY %r0,c3
1145
1146 SQR_ADD_C a3L,a3R,c1,c2,c3
1147 SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
1148 SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
1149 SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
1150 STD c1,48(r_ptr) ; r[6] = c1;
1151 COPY %r0,c1
1152
1153 SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
1154 SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
1155 SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
1156 SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
1157 STD c2,56(r_ptr) ; r[7] = c2;
1158 COPY %r0,c2
1159
1160 SQR_ADD_C a4L,a4R,c3,c1,c2
1161 SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
1162 SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
1163 SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
1164 STD c3,64(r_ptr) ; r[8] = c3;
1165 COPY %r0,c3
1166
1167 SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
1168 SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
1169 SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
1170 STD c1,72(r_ptr) ; r[9] = c1;
1171 COPY %r0,c1
1172
1173 SQR_ADD_C a5L,a5R,c2,c3,c1
1174 SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
1175 SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
1176 STD c2,80(r_ptr) ; r[10] = c2;
1177 COPY %r0,c2
1178
1179 SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
1180 SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
1181 STD c3,88(r_ptr) ; r[11] = c3;
1182 COPY %r0,c3
1183
1184 SQR_ADD_C a6L,a6R,c1,c2,c3
1185 SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
1186 STD c1,96(r_ptr) ; r[12] = c1;
1187 COPY %r0,c1
1188
1189 SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
1190 STD c2,104(r_ptr) ; r[13] = c2;
1191 COPY %r0,c2
1192
1193 SQR_ADD_C a7L,a7R,c3,c1,c2
1194 STD c3, 112(r_ptr) ; r[14] = c3
1195 STD c1, 120(r_ptr) ; r[15] = c1
1196
1197 .EXIT
1198 LDD -104(%sp),%r6 ; restore r6
1199 LDD -112(%sp),%r5 ; restore r5
1200 LDD -120(%sp),%r4 ; restore r4
1201 BVE (%rp)
1202 LDD,MB -128(%sp),%r3
1203
1204 .PROCEND
1205
1206;-----------------------------------------------------------------------------
1207;
1208;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
1209; arg0 = r_ptr
1210; arg1 = a_ptr
1211;
1212
1213bn_sqr_comba4
1214 .proc
1215 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1216 .EXPORT bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1217 .entry
1218 .align 64
1219 STD %r3,0(%sp) ; save r3
1220 STD %r4,8(%sp) ; save r4
1221 STD %r5,16(%sp) ; save r5
1222 STD %r6,24(%sp) ; save r6
1223
1224 ;
1225 ; Zero out carries
1226 ;
1227 COPY %r0,c1
1228 COPY %r0,c2
1229 COPY %r0,c3
1230
1231 LDO 128(%sp),%sp ; bump stack
1232 DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
1233 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1234
1235 ;
1236 ; Load up all of the values we are going to use
1237 ;
1238 FLDD 0(a_ptr),a0
1239 FLDD 8(a_ptr),a1
1240 FLDD 16(a_ptr),a2
1241 FLDD 24(a_ptr),a3
1242 FLDD 32(a_ptr),a4
1243 FLDD 40(a_ptr),a5
1244 FLDD 48(a_ptr),a6
1245 FLDD 56(a_ptr),a7
1246
1247 SQR_ADD_C a0L,a0R,c1,c2,c3
1248
1249 STD c1,0(r_ptr) ; r[0] = c1;
1250 COPY %r0,c1
1251
1252 SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
1253
1254 STD c2,8(r_ptr) ; r[1] = c2;
1255 COPY %r0,c2
1256
1257 SQR_ADD_C a1L,a1R,c3,c1,c2
1258 SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
1259
1260 STD c3,16(r_ptr) ; r[2] = c3;
1261 COPY %r0,c3
1262
1263 SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
1264 SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
1265
1266 STD c1,24(r_ptr) ; r[3] = c1;
1267 COPY %r0,c1
1268
1269 SQR_ADD_C a2L,a2R,c2,c3,c1
1270 SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
1271
1272 STD c2,32(r_ptr) ; r[4] = c2;
1273 COPY %r0,c2
1274
1275 SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
1276 STD c3,40(r_ptr) ; r[5] = c3;
1277 COPY %r0,c3
1278
1279 SQR_ADD_C a3L,a3R,c1,c2,c3
1280 STD c1,48(r_ptr) ; r[6] = c1;
1281 STD c2,56(r_ptr) ; r[7] = c2;
1282
1283 .EXIT
1284 LDD -104(%sp),%r6 ; restore r6
1285 LDD -112(%sp),%r5 ; restore r5
1286 LDD -120(%sp),%r4 ; restore r4
1287 BVE (%rp)
1288 LDD,MB -128(%sp),%r3
1289
1290 .PROCEND
1291
1292
1293;---------------------------------------------------------------------------
1294
1295MUL_ADD_C .macro A0L,A0R,B0L,B0R,C1,C2,C3
1296 XMPYU A0L,B0R,ftemp1 ; m1 = bl*ht
1297 FSTD ftemp1,-16(%sp) ;
1298 XMPYU A0R,B0L,ftemp2 ; m = bh*lt
1299 FSTD ftemp2,-8(%sp) ;
1300 XMPYU A0R,B0R,ftemp3 ; lt = bl*lt
1301 FSTD ftemp3,-32(%sp)
1302 XMPYU A0L,B0L,ftemp4 ; ht = bh*ht
1303 FSTD ftemp4,-24(%sp) ;
1304
1305 LDD -8(%sp),m ; r21 = m
1306 LDD -16(%sp),m1 ; r19 = m1
1307 ADD,L m,m1,m ; m+m1
1308
1309 DEPD,Z m,31,32,temp3 ; (m+m1<<32)
1310 LDD -24(%sp),ht ; r24 = ht
1311
1312 CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
1313 ADD,L ht,high_one,ht ; ht+=high_one
1314
1315 EXTRD,U m,31,32,temp1 ; m >> 32
1316 LDD -32(%sp),lt ; lt
1317 ADD,L ht,temp1,ht ; ht+= m>>32
1318 ADD lt,temp3,lt ; lt = lt+m1
1319 ADD,DC ht,%r0,ht ; ht++
1320
1321 ADD C1,lt,C1 ; c1=c1+lt
1322 ADD,DC ht,%r0,ht ; bump c3 if overflow,nullify otherwise
1323
1324 ADD C2,ht,C2 ; c2 = c2 + ht
1325 ADD,DC C3,%r0,C3 ; add in carry (c3++)
1326.endm
1327
1328
1329;
1330;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
1331; arg0 = r_ptr
1332; arg1 = a_ptr
1333; arg2 = b_ptr
1334;
1335
1336bn_mul_comba8
1337 .proc
1338 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1339 .EXPORT bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1340 .entry
1341 .align 64
1342
1343 STD %r3,0(%sp) ; save r3
1344 STD %r4,8(%sp) ; save r4
1345 STD %r5,16(%sp) ; save r5
1346 STD %r6,24(%sp) ; save r6
1347 FSTD %fr12,32(%sp) ; save r6
1348 FSTD %fr13,40(%sp) ; save r7
1349
1350 ;
1351 ; Zero out carries
1352 ;
1353 COPY %r0,c1
1354 COPY %r0,c2
1355 COPY %r0,c3
1356
1357 LDO 128(%sp),%sp ; bump stack
1358 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1359
1360 ;
1361 ; Load up all of the values we are going to use
1362 ;
1363 FLDD 0(a_ptr),a0
1364 FLDD 8(a_ptr),a1
1365 FLDD 16(a_ptr),a2
1366 FLDD 24(a_ptr),a3
1367 FLDD 32(a_ptr),a4
1368 FLDD 40(a_ptr),a5
1369 FLDD 48(a_ptr),a6
1370 FLDD 56(a_ptr),a7
1371
1372 FLDD 0(b_ptr),b0
1373 FLDD 8(b_ptr),b1
1374 FLDD 16(b_ptr),b2
1375 FLDD 24(b_ptr),b3
1376 FLDD 32(b_ptr),b4
1377 FLDD 40(b_ptr),b5
1378 FLDD 48(b_ptr),b6
1379 FLDD 56(b_ptr),b7
1380
1381 MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
1382 STD c1,0(r_ptr)
1383 COPY %r0,c1
1384
1385 MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
1386 MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
1387 STD c2,8(r_ptr)
1388 COPY %r0,c2
1389
1390 MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
1391 MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
1392 MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
1393 STD c3,16(r_ptr)
1394 COPY %r0,c3
1395
1396 MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
1397 MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
1398 MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
1399 MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
1400 STD c1,24(r_ptr)
1401 COPY %r0,c1
1402
1403 MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
1404 MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
1405 MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
1406 MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
1407 MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
1408 STD c2,32(r_ptr)
1409 COPY %r0,c2
1410
1411 MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
1412 MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
1413 MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
1414 MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
1415 MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
1416 MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
1417 STD c3,40(r_ptr)
1418 COPY %r0,c3
1419
1420 MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
1421 MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
1422 MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
1423 MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
1424 MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
1425 MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
1426 MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
1427 STD c1,48(r_ptr)
1428 COPY %r0,c1
1429
1430 MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
1431 MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
1432 MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
1433 MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
1434 MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
1435 MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
1436 MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
1437 MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
1438 STD c2,56(r_ptr)
1439 COPY %r0,c2
1440
1441 MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
1442 MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
1443 MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
1444 MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
1445 MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
1446 MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
1447 MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
1448 STD c3,64(r_ptr)
1449 COPY %r0,c3
1450
1451 MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
1452 MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
1453 MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
1454 MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
1455 MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
1456 MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
1457 STD c1,72(r_ptr)
1458 COPY %r0,c1
1459
1460 MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
1461 MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
1462 MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
1463 MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
1464 MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
1465 STD c2,80(r_ptr)
1466 COPY %r0,c2
1467
1468 MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
1469 MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
1470 MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
1471 MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
1472 STD c3,88(r_ptr)
1473 COPY %r0,c3
1474
1475 MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
1476 MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
1477 MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
1478 STD c1,96(r_ptr)
1479 COPY %r0,c1
1480
1481 MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
1482 MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
1483 STD c2,104(r_ptr)
1484 COPY %r0,c2
1485
1486 MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
1487 STD c3,112(r_ptr)
1488 STD c1,120(r_ptr)
1489
1490 .EXIT
1491 FLDD -88(%sp),%fr13
1492 FLDD -96(%sp),%fr12
1493 LDD -104(%sp),%r6 ; restore r6
1494 LDD -112(%sp),%r5 ; restore r5
1495 LDD -120(%sp),%r4 ; restore r4
1496 BVE (%rp)
1497 LDD,MB -128(%sp),%r3
1498
1499 .PROCEND
1500
1501;-----------------------------------------------------------------------------
1502;
1503;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
1504; arg0 = r_ptr
1505; arg1 = a_ptr
1506; arg2 = b_ptr
1507;
1508
1509bn_mul_comba4
1510 .proc
1511 .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
1512 .EXPORT bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
1513 .entry
1514 .align 64
1515
1516 STD %r3,0(%sp) ; save r3
1517 STD %r4,8(%sp) ; save r4
1518 STD %r5,16(%sp) ; save r5
1519 STD %r6,24(%sp) ; save r6
1520 FSTD %fr12,32(%sp) ; save r6
1521 FSTD %fr13,40(%sp) ; save r7
1522
1523 ;
1524 ; Zero out carries
1525 ;
1526 COPY %r0,c1
1527 COPY %r0,c2
1528 COPY %r0,c3
1529
1530 LDO 128(%sp),%sp ; bump stack
1531 DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
1532
1533 ;
1534 ; Load up all of the values we are going to use
1535 ;
1536 FLDD 0(a_ptr),a0
1537 FLDD 8(a_ptr),a1
1538 FLDD 16(a_ptr),a2
1539 FLDD 24(a_ptr),a3
1540
1541 FLDD 0(b_ptr),b0
1542 FLDD 8(b_ptr),b1
1543 FLDD 16(b_ptr),b2
1544 FLDD 24(b_ptr),b3
1545
1546 MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
1547 STD c1,0(r_ptr)
1548 COPY %r0,c1
1549
1550 MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
1551 MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
1552 STD c2,8(r_ptr)
1553 COPY %r0,c2
1554
1555 MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
1556 MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
1557 MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
1558 STD c3,16(r_ptr)
1559 COPY %r0,c3
1560
1561 MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
1562 MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
1563 MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
1564 MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
1565 STD c1,24(r_ptr)
1566 COPY %r0,c1
1567
1568 MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
1569 MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
1570 MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
1571 STD c2,32(r_ptr)
1572 COPY %r0,c2
1573
1574 MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
1575 MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
1576 STD c3,40(r_ptr)
1577 COPY %r0,c3
1578
1579 MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
1580 STD c1,48(r_ptr)
1581 STD c2,56(r_ptr)
1582
1583 .EXIT
1584 FLDD -88(%sp),%fr13
1585 FLDD -96(%sp),%fr12
1586 LDD -104(%sp),%r6 ; restore r6
1587 LDD -112(%sp),%r5 ; restore r5
1588 LDD -120(%sp),%r4 ; restore r4
1589 BVE (%rp)
1590 LDD,MB -128(%sp),%r3
1591
1592 .PROCEND
1593
1594
1595 .SPACE $TEXT$
1596 .SUBSPA $CODE$
1597 .SPACE $PRIVATE$,SORT=16
1598 .IMPORT $global$,DATA
1599 .SPACE $TEXT$
1600 .SUBSPA $CODE$
1601 .SUBSPA $LIT$,ACCESS=0x2c
1602C$4
1603 .ALIGN 8
1604 .STRINGZ "Division would overflow (%d)\n"
1605 .END
diff --git a/src/lib/libcrypto/bn/asm/sparcv8.S b/src/lib/libcrypto/bn/asm/sparcv8.S
deleted file mode 100644
index 88c5dc480a..0000000000
--- a/src/lib/libcrypto/bn/asm/sparcv8.S
+++ /dev/null
@@ -1,1458 +0,0 @@
1.ident "sparcv8.s, Version 1.4"
2.ident "SPARC v8 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
3
4/*
5 * ====================================================================
6 * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
7 * project.
8 *
9 * Rights for redistribution and usage in source and binary forms are
10 * granted according to the OpenSSL license. Warranty of any kind is
11 * disclaimed.
12 * ====================================================================
13 */
14
15/*
16 * This is my modest contributon to OpenSSL project (see
17 * http://www.openssl.org/ for more information about it) and is
18 * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c
19 * module. For updates see http://fy.chalmers.se/~appro/hpe/.
20 *
21 * See bn_asm.sparc.v8plus.S for more details.
22 */
23
24/*
25 * Revision history.
26 *
27 * 1.1 - new loop unrolling model(*);
28 * 1.2 - made gas friendly;
29 * 1.3 - fixed problem with /usr/ccs/lib/cpp;
30 * 1.4 - some retunes;
31 *
32 * (*) see bn_asm.sparc.v8plus.S for details
33 */
34
35.section ".text",#alloc,#execinstr
36.file "bn_asm.sparc.v8.S"
37
38.align 32
39
40.global bn_mul_add_words
41/*
42 * BN_ULONG bn_mul_add_words(rp,ap,num,w)
43 * BN_ULONG *rp,*ap;
44 * int num;
45 * BN_ULONG w;
46 */
47bn_mul_add_words:
48 cmp %o2,0
49 bg,a .L_bn_mul_add_words_proceed
50 ld [%o1],%g2
51 retl
52 clr %o0
53
54.L_bn_mul_add_words_proceed:
55 andcc %o2,-4,%g0
56 bz .L_bn_mul_add_words_tail
57 clr %o5
58
59.L_bn_mul_add_words_loop:
60 ld [%o0],%o4
61 ld [%o1+4],%g3
62 umul %o3,%g2,%g2
63 rd %y,%g1
64 addcc %o4,%o5,%o4
65 addx %g1,0,%g1
66 addcc %o4,%g2,%o4
67 st %o4,[%o0]
68 addx %g1,0,%o5
69
70 ld [%o0+4],%o4
71 ld [%o1+8],%g2
72 umul %o3,%g3,%g3
73 dec 4,%o2
74 rd %y,%g1
75 addcc %o4,%o5,%o4
76 addx %g1,0,%g1
77 addcc %o4,%g3,%o4
78 st %o4,[%o0+4]
79 addx %g1,0,%o5
80
81 ld [%o0+8],%o4
82 ld [%o1+12],%g3
83 umul %o3,%g2,%g2
84 inc 16,%o1
85 rd %y,%g1
86 addcc %o4,%o5,%o4
87 addx %g1,0,%g1
88 addcc %o4,%g2,%o4
89 st %o4,[%o0+8]
90 addx %g1,0,%o5
91
92 ld [%o0+12],%o4
93 umul %o3,%g3,%g3
94 inc 16,%o0
95 rd %y,%g1
96 addcc %o4,%o5,%o4
97 addx %g1,0,%g1
98 addcc %o4,%g3,%o4
99 st %o4,[%o0-4]
100 addx %g1,0,%o5
101 andcc %o2,-4,%g0
102 bnz,a .L_bn_mul_add_words_loop
103 ld [%o1],%g2
104
105 tst %o2
106 bnz,a .L_bn_mul_add_words_tail
107 ld [%o1],%g2
108.L_bn_mul_add_words_return:
109 retl
110 mov %o5,%o0
111 nop
112
113.L_bn_mul_add_words_tail:
114 ld [%o0],%o4
115 umul %o3,%g2,%g2
116 addcc %o4,%o5,%o4
117 rd %y,%g1
118 addx %g1,0,%g1
119 addcc %o4,%g2,%o4
120 addx %g1,0,%o5
121 deccc %o2
122 bz .L_bn_mul_add_words_return
123 st %o4,[%o0]
124
125 ld [%o1+4],%g2
126 ld [%o0+4],%o4
127 umul %o3,%g2,%g2
128 rd %y,%g1
129 addcc %o4,%o5,%o4
130 addx %g1,0,%g1
131 addcc %o4,%g2,%o4
132 addx %g1,0,%o5
133 deccc %o2
134 bz .L_bn_mul_add_words_return
135 st %o4,[%o0+4]
136
137 ld [%o1+8],%g2
138 ld [%o0+8],%o4
139 umul %o3,%g2,%g2
140 rd %y,%g1
141 addcc %o4,%o5,%o4
142 addx %g1,0,%g1
143 addcc %o4,%g2,%o4
144 st %o4,[%o0+8]
145 retl
146 addx %g1,0,%o0
147
148.type bn_mul_add_words,#function
149.size bn_mul_add_words,(.-bn_mul_add_words)
150
151.align 32
152
153.global bn_mul_words
154/*
155 * BN_ULONG bn_mul_words(rp,ap,num,w)
156 * BN_ULONG *rp,*ap;
157 * int num;
158 * BN_ULONG w;
159 */
160bn_mul_words:
161 cmp %o2,0
162 bg,a .L_bn_mul_words_proceeed
163 ld [%o1],%g2
164 retl
165 clr %o0
166
167.L_bn_mul_words_proceeed:
168 andcc %o2,-4,%g0
169 bz .L_bn_mul_words_tail
170 clr %o5
171
172.L_bn_mul_words_loop:
173 ld [%o1+4],%g3
174 umul %o3,%g2,%g2
175 addcc %g2,%o5,%g2
176 rd %y,%g1
177 addx %g1,0,%o5
178 st %g2,[%o0]
179
180 ld [%o1+8],%g2
181 umul %o3,%g3,%g3
182 addcc %g3,%o5,%g3
183 rd %y,%g1
184 dec 4,%o2
185 addx %g1,0,%o5
186 st %g3,[%o0+4]
187
188 ld [%o1+12],%g3
189 umul %o3,%g2,%g2
190 addcc %g2,%o5,%g2
191 rd %y,%g1
192 inc 16,%o1
193 st %g2,[%o0+8]
194 addx %g1,0,%o5
195
196 umul %o3,%g3,%g3
197 addcc %g3,%o5,%g3
198 rd %y,%g1
199 inc 16,%o0
200 addx %g1,0,%o5
201 st %g3,[%o0-4]
202 andcc %o2,-4,%g0
203 nop
204 bnz,a .L_bn_mul_words_loop
205 ld [%o1],%g2
206
207 tst %o2
208 bnz,a .L_bn_mul_words_tail
209 ld [%o1],%g2
210.L_bn_mul_words_return:
211 retl
212 mov %o5,%o0
213 nop
214
215.L_bn_mul_words_tail:
216 umul %o3,%g2,%g2
217 addcc %g2,%o5,%g2
218 rd %y,%g1
219 addx %g1,0,%o5
220 deccc %o2
221 bz .L_bn_mul_words_return
222 st %g2,[%o0]
223 nop
224
225 ld [%o1+4],%g2
226 umul %o3,%g2,%g2
227 addcc %g2,%o5,%g2
228 rd %y,%g1
229 addx %g1,0,%o5
230 deccc %o2
231 bz .L_bn_mul_words_return
232 st %g2,[%o0+4]
233
234 ld [%o1+8],%g2
235 umul %o3,%g2,%g2
236 addcc %g2,%o5,%g2
237 rd %y,%g1
238 st %g2,[%o0+8]
239 retl
240 addx %g1,0,%o0
241
242.type bn_mul_words,#function
243.size bn_mul_words,(.-bn_mul_words)
244
245.align 32
246.global bn_sqr_words
247/*
248 * void bn_sqr_words(r,a,n)
249 * BN_ULONG *r,*a;
250 * int n;
251 */
252bn_sqr_words:
253 cmp %o2,0
254 bg,a .L_bn_sqr_words_proceeed
255 ld [%o1],%g2
256 retl
257 clr %o0
258
259.L_bn_sqr_words_proceeed:
260 andcc %o2,-4,%g0
261 bz .L_bn_sqr_words_tail
262 clr %o5
263
264.L_bn_sqr_words_loop:
265 ld [%o1+4],%g3
266 umul %g2,%g2,%o4
267 st %o4,[%o0]
268 rd %y,%o5
269 st %o5,[%o0+4]
270
271 ld [%o1+8],%g2
272 umul %g3,%g3,%o4
273 dec 4,%o2
274 st %o4,[%o0+8]
275 rd %y,%o5
276 st %o5,[%o0+12]
277 nop
278
279 ld [%o1+12],%g3
280 umul %g2,%g2,%o4
281 st %o4,[%o0+16]
282 rd %y,%o5
283 inc 16,%o1
284 st %o5,[%o0+20]
285
286 umul %g3,%g3,%o4
287 inc 32,%o0
288 st %o4,[%o0-8]
289 rd %y,%o5
290 st %o5,[%o0-4]
291 andcc %o2,-4,%g2
292 bnz,a .L_bn_sqr_words_loop
293 ld [%o1],%g2
294
295 tst %o2
296 nop
297 bnz,a .L_bn_sqr_words_tail
298 ld [%o1],%g2
299.L_bn_sqr_words_return:
300 retl
301 clr %o0
302
303.L_bn_sqr_words_tail:
304 umul %g2,%g2,%o4
305 st %o4,[%o0]
306 deccc %o2
307 rd %y,%o5
308 bz .L_bn_sqr_words_return
309 st %o5,[%o0+4]
310
311 ld [%o1+4],%g2
312 umul %g2,%g2,%o4
313 st %o4,[%o0+8]
314 deccc %o2
315 rd %y,%o5
316 nop
317 bz .L_bn_sqr_words_return
318 st %o5,[%o0+12]
319
320 ld [%o1+8],%g2
321 umul %g2,%g2,%o4
322 st %o4,[%o0+16]
323 rd %y,%o5
324 st %o5,[%o0+20]
325 retl
326 clr %o0
327
328.type bn_sqr_words,#function
329.size bn_sqr_words,(.-bn_sqr_words)
330
331.align 32
332
333.global bn_div_words
334/*
335 * BN_ULONG bn_div_words(h,l,d)
336 * BN_ULONG h,l,d;
337 */
338bn_div_words:
339 wr %o0,%y
340 udiv %o1,%o2,%o0
341 retl
342 nop
343
344.type bn_div_words,#function
345.size bn_div_words,(.-bn_div_words)
346
347.align 32
348
349.global bn_add_words
350/*
351 * BN_ULONG bn_add_words(rp,ap,bp,n)
352 * BN_ULONG *rp,*ap,*bp;
353 * int n;
354 */
355bn_add_words:
356 cmp %o3,0
357 bg,a .L_bn_add_words_proceed
358 ld [%o1],%o4
359 retl
360 clr %o0
361
362.L_bn_add_words_proceed:
363 andcc %o3,-4,%g0
364 bz .L_bn_add_words_tail
365 clr %g1
366 ba .L_bn_add_words_warn_loop
367 addcc %g0,0,%g0 ! clear carry flag
368
369.L_bn_add_words_loop:
370 ld [%o1],%o4
371.L_bn_add_words_warn_loop:
372 ld [%o2],%o5
373 ld [%o1+4],%g3
374 ld [%o2+4],%g4
375 dec 4,%o3
376 addxcc %o5,%o4,%o5
377 st %o5,[%o0]
378
379 ld [%o1+8],%o4
380 ld [%o2+8],%o5
381 inc 16,%o1
382 addxcc %g3,%g4,%g3
383 st %g3,[%o0+4]
384
385 ld [%o1-4],%g3
386 ld [%o2+12],%g4
387 inc 16,%o2
388 addxcc %o5,%o4,%o5
389 st %o5,[%o0+8]
390
391 inc 16,%o0
392 addxcc %g3,%g4,%g3
393 st %g3,[%o0-4]
394 addx %g0,0,%g1
395 andcc %o3,-4,%g0
396 bnz,a .L_bn_add_words_loop
397 addcc %g1,-1,%g0
398
399 tst %o3
400 bnz,a .L_bn_add_words_tail
401 ld [%o1],%o4
402.L_bn_add_words_return:
403 retl
404 mov %g1,%o0
405
406.L_bn_add_words_tail:
407 addcc %g1,-1,%g0
408 ld [%o2],%o5
409 addxcc %o5,%o4,%o5
410 addx %g0,0,%g1
411 deccc %o3
412 bz .L_bn_add_words_return
413 st %o5,[%o0]
414
415 ld [%o1+4],%o4
416 addcc %g1,-1,%g0
417 ld [%o2+4],%o5
418 addxcc %o5,%o4,%o5
419 addx %g0,0,%g1
420 deccc %o3
421 bz .L_bn_add_words_return
422 st %o5,[%o0+4]
423
424 ld [%o1+8],%o4
425 addcc %g1,-1,%g0
426 ld [%o2+8],%o5
427 addxcc %o5,%o4,%o5
428 st %o5,[%o0+8]
429 retl
430 addx %g0,0,%o0
431
432.type bn_add_words,#function
433.size bn_add_words,(.-bn_add_words)
434
435.align 32
436
437.global bn_sub_words
438/*
439 * BN_ULONG bn_sub_words(rp,ap,bp,n)
440 * BN_ULONG *rp,*ap,*bp;
441 * int n;
442 */
443bn_sub_words:
444 cmp %o3,0
445 bg,a .L_bn_sub_words_proceed
446 ld [%o1],%o4
447 retl
448 clr %o0
449
450.L_bn_sub_words_proceed:
451 andcc %o3,-4,%g0
452 bz .L_bn_sub_words_tail
453 clr %g1
454 ba .L_bn_sub_words_warm_loop
455 addcc %g0,0,%g0 ! clear carry flag
456
457.L_bn_sub_words_loop:
458 ld [%o1],%o4
459.L_bn_sub_words_warm_loop:
460 ld [%o2],%o5
461 ld [%o1+4],%g3
462 ld [%o2+4],%g4
463 dec 4,%o3
464 subxcc %o4,%o5,%o5
465 st %o5,[%o0]
466
467 ld [%o1+8],%o4
468 ld [%o2+8],%o5
469 inc 16,%o1
470 subxcc %g3,%g4,%g4
471 st %g4,[%o0+4]
472
473 ld [%o1-4],%g3
474 ld [%o2+12],%g4
475 inc 16,%o2
476 subxcc %o4,%o5,%o5
477 st %o5,[%o0+8]
478
479 inc 16,%o0
480 subxcc %g3,%g4,%g4
481 st %g4,[%o0-4]
482 addx %g0,0,%g1
483 andcc %o3,-4,%g0
484 bnz,a .L_bn_sub_words_loop
485 addcc %g1,-1,%g0
486
487 tst %o3
488 nop
489 bnz,a .L_bn_sub_words_tail
490 ld [%o1],%o4
491.L_bn_sub_words_return:
492 retl
493 mov %g1,%o0
494
495.L_bn_sub_words_tail:
496 addcc %g1,-1,%g0
497 ld [%o2],%o5
498 subxcc %o4,%o5,%o5
499 addx %g0,0,%g1
500 deccc %o3
501 bz .L_bn_sub_words_return
502 st %o5,[%o0]
503 nop
504
505 ld [%o1+4],%o4
506 addcc %g1,-1,%g0
507 ld [%o2+4],%o5
508 subxcc %o4,%o5,%o5
509 addx %g0,0,%g1
510 deccc %o3
511 bz .L_bn_sub_words_return
512 st %o5,[%o0+4]
513
514 ld [%o1+8],%o4
515 addcc %g1,-1,%g0
516 ld [%o2+8],%o5
517 subxcc %o4,%o5,%o5
518 st %o5,[%o0+8]
519 retl
520 addx %g0,0,%o0
521
522.type bn_sub_words,#function
523.size bn_sub_words,(.-bn_sub_words)
524
525#define FRAME_SIZE -96
526
527/*
528 * Here is register usage map for *all* routines below.
529 */
530#define t_1 %o0
531#define t_2 %o1
532#define c_1 %o2
533#define c_2 %o3
534#define c_3 %o4
535
536#define ap(I) [%i1+4*I]
537#define bp(I) [%i2+4*I]
538#define rp(I) [%i0+4*I]
539
540#define a_0 %l0
541#define a_1 %l1
542#define a_2 %l2
543#define a_3 %l3
544#define a_4 %l4
545#define a_5 %l5
546#define a_6 %l6
547#define a_7 %l7
548
549#define b_0 %i3
550#define b_1 %i4
551#define b_2 %i5
552#define b_3 %o5
553#define b_4 %g1
554#define b_5 %g2
555#define b_6 %g3
556#define b_7 %g4
557
558.align 32
559.global bn_mul_comba8
560/*
561 * void bn_mul_comba8(r,a,b)
562 * BN_ULONG *r,*a,*b;
563 */
564bn_mul_comba8:
565 save %sp,FRAME_SIZE,%sp
566 ld ap(0),a_0
567 ld bp(0),b_0
568 umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3);
569 ld bp(1),b_1
570 rd %y,c_2
571 st c_1,rp(0) !r[0]=c1;
572
573 umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1);
574 ld ap(1),a_1
575 addcc c_2,t_1,c_2
576 rd %y,t_2
577 addxcc %g0,t_2,c_3 !=
578 addx %g0,%g0,c_1
579 ld ap(2),a_2
580 umul a_1,b_0,t_1 !mul_add_c(a[1],b[0],c2,c3,c1);
581 addcc c_2,t_1,c_2 !=
582 rd %y,t_2
583 addxcc c_3,t_2,c_3
584 st c_2,rp(1) !r[1]=c2;
585 addx c_1,%g0,c_1 !=
586
587 umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
588 addcc c_3,t_1,c_3
589 rd %y,t_2
590 addxcc c_1,t_2,c_1 !=
591 addx %g0,%g0,c_2
592 ld bp(2),b_2
593 umul a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
594 addcc c_3,t_1,c_3 !=
595 rd %y,t_2
596 addxcc c_1,t_2,c_1
597 ld bp(3),b_3
598 addx c_2,%g0,c_2 !=
599 umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
600 addcc c_3,t_1,c_3
601 rd %y,t_2
602 addxcc c_1,t_2,c_1 !=
603 addx c_2,%g0,c_2
604 st c_3,rp(2) !r[2]=c3;
605
606 umul a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
607 addcc c_1,t_1,c_1 !=
608 rd %y,t_2
609 addxcc c_2,t_2,c_2
610 addx %g0,%g0,c_3
611 umul a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3);
612 addcc c_1,t_1,c_1
613 rd %y,t_2
614 addxcc c_2,t_2,c_2
615 addx c_3,%g0,c_3 !=
616 ld ap(3),a_3
617 umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
618 addcc c_1,t_1,c_1
619 rd %y,t_2 !=
620 addxcc c_2,t_2,c_2
621 addx c_3,%g0,c_3
622 ld ap(4),a_4
623 umul a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!=
624 addcc c_1,t_1,c_1
625 rd %y,t_2
626 addxcc c_2,t_2,c_2
627 addx c_3,%g0,c_3 !=
628 st c_1,rp(3) !r[3]=c1;
629
630 umul a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1);
631 addcc c_2,t_1,c_2
632 rd %y,t_2 !=
633 addxcc c_3,t_2,c_3
634 addx %g0,%g0,c_1
635 umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
636 addcc c_2,t_1,c_2 !=
637 rd %y,t_2
638 addxcc c_3,t_2,c_3
639 addx c_1,%g0,c_1
640 umul a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1);
641 addcc c_2,t_1,c_2
642 rd %y,t_2
643 addxcc c_3,t_2,c_3
644 addx c_1,%g0,c_1 !=
645 ld bp(4),b_4
646 umul a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
647 addcc c_2,t_1,c_2
648 rd %y,t_2 !=
649 addxcc c_3,t_2,c_3
650 addx c_1,%g0,c_1
651 ld bp(5),b_5
652 umul a_0,b_4,t_1 !=!mul_add_c(a[0],b[4],c2,c3,c1);
653 addcc c_2,t_1,c_2
654 rd %y,t_2
655 addxcc c_3,t_2,c_3
656 addx c_1,%g0,c_1 !=
657 st c_2,rp(4) !r[4]=c2;
658
659 umul a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2);
660 addcc c_3,t_1,c_3
661 rd %y,t_2 !=
662 addxcc c_1,t_2,c_1
663 addx %g0,%g0,c_2
664 umul a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2);
665 addcc c_3,t_1,c_3 !=
666 rd %y,t_2
667 addxcc c_1,t_2,c_1
668 addx c_2,%g0,c_2
669 umul a_2,b_3,t_1 !=!mul_add_c(a[2],b[3],c3,c1,c2);
670 addcc c_3,t_1,c_3
671 rd %y,t_2
672 addxcc c_1,t_2,c_1
673 addx c_2,%g0,c_2 !=
674 umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
675 addcc c_3,t_1,c_3
676 rd %y,t_2
677 addxcc c_1,t_2,c_1 !=
678 addx c_2,%g0,c_2
679 ld ap(5),a_5
680 umul a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2);
681 addcc c_3,t_1,c_3 !=
682 rd %y,t_2
683 addxcc c_1,t_2,c_1
684 ld ap(6),a_6
685 addx c_2,%g0,c_2 !=
686 umul a_5,b_0,t_1 !mul_add_c(a[5],b[0],c3,c1,c2);
687 addcc c_3,t_1,c_3
688 rd %y,t_2
689 addxcc c_1,t_2,c_1 !=
690 addx c_2,%g0,c_2
691 st c_3,rp(5) !r[5]=c3;
692
693 umul a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3);
694 addcc c_1,t_1,c_1 !=
695 rd %y,t_2
696 addxcc c_2,t_2,c_2
697 addx %g0,%g0,c_3
698 umul a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3);
699 addcc c_1,t_1,c_1
700 rd %y,t_2
701 addxcc c_2,t_2,c_2
702 addx c_3,%g0,c_3 !=
703 umul a_4,b_2,t_1 !mul_add_c(a[4],b[2],c1,c2,c3);
704 addcc c_1,t_1,c_1
705 rd %y,t_2
706 addxcc c_2,t_2,c_2 !=
707 addx c_3,%g0,c_3
708 umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
709 addcc c_1,t_1,c_1
710 rd %y,t_2 !=
711 addxcc c_2,t_2,c_2
712 addx c_3,%g0,c_3
713 umul a_2,b_4,t_1 !mul_add_c(a[2],b[4],c1,c2,c3);
714 addcc c_1,t_1,c_1 !=
715 rd %y,t_2
716 addxcc c_2,t_2,c_2
717 ld bp(6),b_6
718 addx c_3,%g0,c_3 !=
719 umul a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3);
720 addcc c_1,t_1,c_1
721 rd %y,t_2
722 addxcc c_2,t_2,c_2 !=
723 addx c_3,%g0,c_3
724 ld bp(7),b_7
725 umul a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3);
726 addcc c_1,t_1,c_1 !=
727 rd %y,t_2
728 addxcc c_2,t_2,c_2
729 st c_1,rp(6) !r[6]=c1;
730 addx c_3,%g0,c_3 !=
731
732 umul a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1);
733 addcc c_2,t_1,c_2
734 rd %y,t_2
735 addxcc c_3,t_2,c_3 !=
736 addx %g0,%g0,c_1
737 umul a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1);
738 addcc c_2,t_1,c_2
739 rd %y,t_2 !=
740 addxcc c_3,t_2,c_3
741 addx c_1,%g0,c_1
742 umul a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1);
743 addcc c_2,t_1,c_2 !=
744 rd %y,t_2
745 addxcc c_3,t_2,c_3
746 addx c_1,%g0,c_1
747 umul a_3,b_4,t_1 !=!mul_add_c(a[3],b[4],c2,c3,c1);
748 addcc c_2,t_1,c_2
749 rd %y,t_2
750 addxcc c_3,t_2,c_3
751 addx c_1,%g0,c_1 !=
752 umul a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1);
753 addcc c_2,t_1,c_2
754 rd %y,t_2
755 addxcc c_3,t_2,c_3 !=
756 addx c_1,%g0,c_1
757 umul a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1);
758 addcc c_2,t_1,c_2
759 rd %y,t_2 !=
760 addxcc c_3,t_2,c_3
761 addx c_1,%g0,c_1
762 ld ap(7),a_7
763 umul a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1);
764 addcc c_2,t_1,c_2
765 rd %y,t_2
766 addxcc c_3,t_2,c_3
767 addx c_1,%g0,c_1 !=
768 umul a_7,b_0,t_1 !mul_add_c(a[7],b[0],c2,c3,c1);
769 addcc c_2,t_1,c_2
770 rd %y,t_2
771 addxcc c_3,t_2,c_3 !=
772 addx c_1,%g0,c_1
773 st c_2,rp(7) !r[7]=c2;
774
775 umul a_7,b_1,t_1 !mul_add_c(a[7],b[1],c3,c1,c2);
776 addcc c_3,t_1,c_3 !=
777 rd %y,t_2
778 addxcc c_1,t_2,c_1
779 addx %g0,%g0,c_2
780 umul a_6,b_2,t_1 !=!mul_add_c(a[6],b[2],c3,c1,c2);
781 addcc c_3,t_1,c_3
782 rd %y,t_2
783 addxcc c_1,t_2,c_1
784 addx c_2,%g0,c_2 !=
785 umul a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2);
786 addcc c_3,t_1,c_3
787 rd %y,t_2
788 addxcc c_1,t_2,c_1 !=
789 addx c_2,%g0,c_2
790 umul a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2);
791 addcc c_3,t_1,c_3
792 rd %y,t_2 !=
793 addxcc c_1,t_2,c_1
794 addx c_2,%g0,c_2
795 umul a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2);
796 addcc c_3,t_1,c_3 !=
797 rd %y,t_2
798 addxcc c_1,t_2,c_1
799 addx c_2,%g0,c_2
800 umul a_2,b_6,t_1 !=!mul_add_c(a[2],b[6],c3,c1,c2);
801 addcc c_3,t_1,c_3
802 rd %y,t_2
803 addxcc c_1,t_2,c_1
804 addx c_2,%g0,c_2 !=
805 umul a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2);
806 addcc c_3,t_1,c_3
807 rd %y,t_2
808 addxcc c_1,t_2,c_1 !
809 addx c_2,%g0,c_2
810 st c_3,rp(8) !r[8]=c3;
811
812 umul a_2,b_7,t_1 !mul_add_c(a[2],b[7],c1,c2,c3);
813 addcc c_1,t_1,c_1 !=
814 rd %y,t_2
815 addxcc c_2,t_2,c_2
816 addx %g0,%g0,c_3
817 umul a_3,b_6,t_1 !=!mul_add_c(a[3],b[6],c1,c2,c3);
818 addcc c_1,t_1,c_1
819 rd %y,t_2
820 addxcc c_2,t_2,c_2
821 addx c_3,%g0,c_3 !=
822 umul a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3);
823 addcc c_1,t_1,c_1
824 rd %y,t_2
825 addxcc c_2,t_2,c_2 !=
826 addx c_3,%g0,c_3
827 umul a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3);
828 addcc c_1,t_1,c_1
829 rd %y,t_2 !=
830 addxcc c_2,t_2,c_2
831 addx c_3,%g0,c_3
832 umul a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3);
833 addcc c_1,t_1,c_1 !=
834 rd %y,t_2
835 addxcc c_2,t_2,c_2
836 addx c_3,%g0,c_3
837 umul a_7,b_2,t_1 !=!mul_add_c(a[7],b[2],c1,c2,c3);
838 addcc c_1,t_1,c_1
839 rd %y,t_2
840 addxcc c_2,t_2,c_2
841 addx c_3,%g0,c_3 !=
842 st c_1,rp(9) !r[9]=c1;
843
844 umul a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1);
845 addcc c_2,t_1,c_2
846 rd %y,t_2 !=
847 addxcc c_3,t_2,c_3
848 addx %g0,%g0,c_1
849 umul a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1);
850 addcc c_2,t_1,c_2 !=
851 rd %y,t_2
852 addxcc c_3,t_2,c_3
853 addx c_1,%g0,c_1
854 umul a_5,b_5,t_1 !=!mul_add_c(a[5],b[5],c2,c3,c1);
855 addcc c_2,t_1,c_2
856 rd %y,t_2
857 addxcc c_3,t_2,c_3
858 addx c_1,%g0,c_1 !=
859 umul a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1);
860 addcc c_2,t_1,c_2
861 rd %y,t_2
862 addxcc c_3,t_2,c_3 !=
863 addx c_1,%g0,c_1
864 umul a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1);
865 addcc c_2,t_1,c_2
866 rd %y,t_2 !=
867 addxcc c_3,t_2,c_3
868 addx c_1,%g0,c_1
869 st c_2,rp(10) !r[10]=c2;
870
871 umul a_4,b_7,t_1 !=!mul_add_c(a[4],b[7],c3,c1,c2);
872 addcc c_3,t_1,c_3
873 rd %y,t_2
874 addxcc c_1,t_2,c_1
875 addx %g0,%g0,c_2 !=
876 umul a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2);
877 addcc c_3,t_1,c_3
878 rd %y,t_2
879 addxcc c_1,t_2,c_1 !=
880 addx c_2,%g0,c_2
881 umul a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2);
882 addcc c_3,t_1,c_3
883 rd %y,t_2 !=
884 addxcc c_1,t_2,c_1
885 addx c_2,%g0,c_2
886 umul a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2);
887 addcc c_3,t_1,c_3 !=
888 rd %y,t_2
889 addxcc c_1,t_2,c_1
890 st c_3,rp(11) !r[11]=c3;
891 addx c_2,%g0,c_2 !=
892
893 umul a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3);
894 addcc c_1,t_1,c_1
895 rd %y,t_2
896 addxcc c_2,t_2,c_2 !=
897 addx %g0,%g0,c_3
898 umul a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3);
899 addcc c_1,t_1,c_1
900 rd %y,t_2 !=
901 addxcc c_2,t_2,c_2
902 addx c_3,%g0,c_3
903 umul a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3);
904 addcc c_1,t_1,c_1 !=
905 rd %y,t_2
906 addxcc c_2,t_2,c_2
907 st c_1,rp(12) !r[12]=c1;
908 addx c_3,%g0,c_3 !=
909
910 umul a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1);
911 addcc c_2,t_1,c_2
912 rd %y,t_2
913 addxcc c_3,t_2,c_3 !=
914 addx %g0,%g0,c_1
915 umul a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1);
916 addcc c_2,t_1,c_2
917 rd %y,t_2 !=
918 addxcc c_3,t_2,c_3
919 addx c_1,%g0,c_1
920 st c_2,rp(13) !r[13]=c2;
921
922 umul a_7,b_7,t_1 !=!mul_add_c(a[7],b[7],c3,c1,c2);
923 addcc c_3,t_1,c_3
924 rd %y,t_2
925 addxcc c_1,t_2,c_1
926 nop !=
927 st c_3,rp(14) !r[14]=c3;
928 st c_1,rp(15) !r[15]=c1;
929
930 ret
931 restore %g0,%g0,%o0
932
933.type bn_mul_comba8,#function
934.size bn_mul_comba8,(.-bn_mul_comba8)
935
936.align 32
937
938.global bn_mul_comba4
939/*
940 * void bn_mul_comba4(r,a,b)
941 * BN_ULONG *r,*a,*b;
942 */
943bn_mul_comba4:
944 save %sp,FRAME_SIZE,%sp
945 ld ap(0),a_0
946 ld bp(0),b_0
947 umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3);
948 ld bp(1),b_1
949 rd %y,c_2
950 st c_1,rp(0) !r[0]=c1;
951
952 umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1);
953 ld ap(1),a_1
954 addcc c_2,t_1,c_2
955 rd %y,t_2 !=
956 addxcc %g0,t_2,c_3
957 addx %g0,%g0,c_1
958 ld ap(2),a_2
959 umul a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
960 addcc c_2,t_1,c_2
961 rd %y,t_2
962 addxcc c_3,t_2,c_3
963 addx c_1,%g0,c_1 !=
964 st c_2,rp(1) !r[1]=c2;
965
966 umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
967 addcc c_3,t_1,c_3
968 rd %y,t_2 !=
969 addxcc c_1,t_2,c_1
970 addx %g0,%g0,c_2
971 ld bp(2),b_2
972 umul a_1,b_1,t_1 !=!mul_add_c(a[1],b[1],c3,c1,c2);
973 addcc c_3,t_1,c_3
974 rd %y,t_2
975 addxcc c_1,t_2,c_1
976 addx c_2,%g0,c_2 !=
977 ld bp(3),b_3
978 umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
979 addcc c_3,t_1,c_3
980 rd %y,t_2 !=
981 addxcc c_1,t_2,c_1
982 addx c_2,%g0,c_2
983 st c_3,rp(2) !r[2]=c3;
984
985 umul a_0,b_3,t_1 !=!mul_add_c(a[0],b[3],c1,c2,c3);
986 addcc c_1,t_1,c_1
987 rd %y,t_2
988 addxcc c_2,t_2,c_2
989 addx %g0,%g0,c_3 !=
990 umul a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3);
991 addcc c_1,t_1,c_1
992 rd %y,t_2
993 addxcc c_2,t_2,c_2 !=
994 addx c_3,%g0,c_3
995 ld ap(3),a_3
996 umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
997 addcc c_1,t_1,c_1 !=
998 rd %y,t_2
999 addxcc c_2,t_2,c_2
1000 addx c_3,%g0,c_3
1001 umul a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);
1002 addcc c_1,t_1,c_1
1003 rd %y,t_2
1004 addxcc c_2,t_2,c_2
1005 addx c_3,%g0,c_3 !=
1006 st c_1,rp(3) !r[3]=c1;
1007
1008 umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
1009 addcc c_2,t_1,c_2
1010 rd %y,t_2 !=
1011 addxcc c_3,t_2,c_3
1012 addx %g0,%g0,c_1
1013 umul a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1);
1014 addcc c_2,t_1,c_2 !=
1015 rd %y,t_2
1016 addxcc c_3,t_2,c_3
1017 addx c_1,%g0,c_1
1018 umul a_1,b_3,t_1 !=!mul_add_c(a[1],b[3],c2,c3,c1);
1019 addcc c_2,t_1,c_2
1020 rd %y,t_2
1021 addxcc c_3,t_2,c_3
1022 addx c_1,%g0,c_1 !=
1023 st c_2,rp(4) !r[4]=c2;
1024
1025 umul a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
1026 addcc c_3,t_1,c_3
1027 rd %y,t_2 !=
1028 addxcc c_1,t_2,c_1
1029 addx %g0,%g0,c_2
1030 umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
1031 addcc c_3,t_1,c_3 !=
1032 rd %y,t_2
1033 addxcc c_1,t_2,c_1
1034 st c_3,rp(5) !r[5]=c3;
1035 addx c_2,%g0,c_2 !=
1036
1037 umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
1038 addcc c_1,t_1,c_1
1039 rd %y,t_2
1040 addxcc c_2,t_2,c_2 !=
1041 st c_1,rp(6) !r[6]=c1;
1042 st c_2,rp(7) !r[7]=c2;
1043
1044 ret
1045 restore %g0,%g0,%o0
1046
1047.type bn_mul_comba4,#function
1048.size bn_mul_comba4,(.-bn_mul_comba4)
1049
1050.align 32
1051
1052.global bn_sqr_comba8
1053bn_sqr_comba8:
1054 save %sp,FRAME_SIZE,%sp
1055 ld ap(0),a_0
1056 ld ap(1),a_1
1057 umul a_0,a_0,c_1 !=!sqr_add_c(a,0,c1,c2,c3);
1058 rd %y,c_2
1059 st c_1,rp(0) !r[0]=c1;
1060
1061 ld ap(2),a_2
1062 umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
1063 addcc c_2,t_1,c_2
1064 rd %y,t_2
1065 addxcc %g0,t_2,c_3
1066 addx %g0,%g0,c_1 !=
1067 addcc c_2,t_1,c_2
1068 addxcc c_3,t_2,c_3
1069 st c_2,rp(1) !r[1]=c2;
1070 addx c_1,%g0,c_1 !=
1071
1072 umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1073 addcc c_3,t_1,c_3
1074 rd %y,t_2
1075 addxcc c_1,t_2,c_1 !=
1076 addx %g0,%g0,c_2
1077 addcc c_3,t_1,c_3
1078 addxcc c_1,t_2,c_1
1079 addx c_2,%g0,c_2 !=
1080 ld ap(3),a_3
1081 umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1082 addcc c_3,t_1,c_3
1083 rd %y,t_2 !=
1084 addxcc c_1,t_2,c_1
1085 addx c_2,%g0,c_2
1086 st c_3,rp(2) !r[2]=c3;
1087
1088 umul a_0,a_3,t_1 !=!sqr_add_c2(a,3,0,c1,c2,c3);
1089 addcc c_1,t_1,c_1
1090 rd %y,t_2
1091 addxcc c_2,t_2,c_2
1092 addx %g0,%g0,c_3 !=
1093 addcc c_1,t_1,c_1
1094 addxcc c_2,t_2,c_2
1095 ld ap(4),a_4
1096 addx c_3,%g0,c_3 !=
1097 umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1098 addcc c_1,t_1,c_1
1099 rd %y,t_2
1100 addxcc c_2,t_2,c_2 !=
1101 addx c_3,%g0,c_3
1102 addcc c_1,t_1,c_1
1103 addxcc c_2,t_2,c_2
1104 addx c_3,%g0,c_3 !=
1105 st c_1,rp(3) !r[3]=c1;
1106
1107 umul a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1);
1108 addcc c_2,t_1,c_2
1109 rd %y,t_2 !=
1110 addxcc c_3,t_2,c_3
1111 addx %g0,%g0,c_1
1112 addcc c_2,t_1,c_2
1113 addxcc c_3,t_2,c_3 !=
1114 addx c_1,%g0,c_1
1115 umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1116 addcc c_2,t_1,c_2
1117 rd %y,t_2 !=
1118 addxcc c_3,t_2,c_3
1119 addx c_1,%g0,c_1
1120 addcc c_2,t_1,c_2
1121 addxcc c_3,t_2,c_3 !=
1122 addx c_1,%g0,c_1
1123 ld ap(5),a_5
1124 umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1125 addcc c_2,t_1,c_2 !=
1126 rd %y,t_2
1127 addxcc c_3,t_2,c_3
1128 st c_2,rp(4) !r[4]=c2;
1129 addx c_1,%g0,c_1 !=
1130
1131 umul a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2);
1132 addcc c_3,t_1,c_3
1133 rd %y,t_2
1134 addxcc c_1,t_2,c_1 !=
1135 addx %g0,%g0,c_2
1136 addcc c_3,t_1,c_3
1137 addxcc c_1,t_2,c_1
1138 addx c_2,%g0,c_2 !=
1139 umul a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2);
1140 addcc c_3,t_1,c_3
1141 rd %y,t_2
1142 addxcc c_1,t_2,c_1 !=
1143 addx c_2,%g0,c_2
1144 addcc c_3,t_1,c_3
1145 addxcc c_1,t_2,c_1
1146 addx c_2,%g0,c_2 !=
1147 ld ap(6),a_6
1148 umul a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
1149 addcc c_3,t_1,c_3
1150 rd %y,t_2 !=
1151 addxcc c_1,t_2,c_1
1152 addx c_2,%g0,c_2
1153 addcc c_3,t_1,c_3
1154 addxcc c_1,t_2,c_1 !=
1155 addx c_2,%g0,c_2
1156 st c_3,rp(5) !r[5]=c3;
1157
1158 umul a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3);
1159 addcc c_1,t_1,c_1 !=
1160 rd %y,t_2
1161 addxcc c_2,t_2,c_2
1162 addx %g0,%g0,c_3
1163 addcc c_1,t_1,c_1 !=
1164 addxcc c_2,t_2,c_2
1165 addx c_3,%g0,c_3
1166 umul a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3);
1167 addcc c_1,t_1,c_1 !=
1168 rd %y,t_2
1169 addxcc c_2,t_2,c_2
1170 addx c_3,%g0,c_3
1171 addcc c_1,t_1,c_1 !=
1172 addxcc c_2,t_2,c_2
1173 addx c_3,%g0,c_3
1174 umul a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3);
1175 addcc c_1,t_1,c_1 !=
1176 rd %y,t_2
1177 addxcc c_2,t_2,c_2
1178 addx c_3,%g0,c_3
1179 addcc c_1,t_1,c_1 !=
1180 addxcc c_2,t_2,c_2
1181 addx c_3,%g0,c_3
1182 ld ap(7),a_7
1183 umul a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3);
1184 addcc c_1,t_1,c_1
1185 rd %y,t_2
1186 addxcc c_2,t_2,c_2
1187 addx c_3,%g0,c_3 !=
1188 st c_1,rp(6) !r[6]=c1;
1189
1190 umul a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1);
1191 addcc c_2,t_1,c_2
1192 rd %y,t_2 !=
1193 addxcc c_3,t_2,c_3
1194 addx %g0,%g0,c_1
1195 addcc c_2,t_1,c_2
1196 addxcc c_3,t_2,c_3 !=
1197 addx c_1,%g0,c_1
1198 umul a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1);
1199 addcc c_2,t_1,c_2
1200 rd %y,t_2 !=
1201 addxcc c_3,t_2,c_3
1202 addx c_1,%g0,c_1
1203 addcc c_2,t_1,c_2
1204 addxcc c_3,t_2,c_3 !=
1205 addx c_1,%g0,c_1
1206 umul a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1);
1207 addcc c_2,t_1,c_2
1208 rd %y,t_2 !=
1209 addxcc c_3,t_2,c_3
1210 addx c_1,%g0,c_1
1211 addcc c_2,t_1,c_2
1212 addxcc c_3,t_2,c_3 !=
1213 addx c_1,%g0,c_1
1214 umul a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1);
1215 addcc c_2,t_1,c_2
1216 rd %y,t_2 !=
1217 addxcc c_3,t_2,c_3
1218 addx c_1,%g0,c_1
1219 addcc c_2,t_1,c_2
1220 addxcc c_3,t_2,c_3 !=
1221 addx c_1,%g0,c_1
1222 st c_2,rp(7) !r[7]=c2;
1223
1224 umul a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2);
1225 addcc c_3,t_1,c_3 !=
1226 rd %y,t_2
1227 addxcc c_1,t_2,c_1
1228 addx %g0,%g0,c_2
1229 addcc c_3,t_1,c_3 !=
1230 addxcc c_1,t_2,c_1
1231 addx c_2,%g0,c_2
1232 umul a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2);
1233 addcc c_3,t_1,c_3 !=
1234 rd %y,t_2
1235 addxcc c_1,t_2,c_1
1236 addx c_2,%g0,c_2
1237 addcc c_3,t_1,c_3 !=
1238 addxcc c_1,t_2,c_1
1239 addx c_2,%g0,c_2
1240 umul a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2);
1241 addcc c_3,t_1,c_3 !=
1242 rd %y,t_2
1243 addxcc c_1,t_2,c_1
1244 addx c_2,%g0,c_2
1245 addcc c_3,t_1,c_3 !=
1246 addxcc c_1,t_2,c_1
1247 addx c_2,%g0,c_2
1248 umul a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2);
1249 addcc c_3,t_1,c_3 !=
1250 rd %y,t_2
1251 addxcc c_1,t_2,c_1
1252 st c_3,rp(8) !r[8]=c3;
1253 addx c_2,%g0,c_2 !=
1254
1255 umul a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3);
1256 addcc c_1,t_1,c_1
1257 rd %y,t_2
1258 addxcc c_2,t_2,c_2 !=
1259 addx %g0,%g0,c_3
1260 addcc c_1,t_1,c_1
1261 addxcc c_2,t_2,c_2
1262 addx c_3,%g0,c_3 !=
1263 umul a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3);
1264 addcc c_1,t_1,c_1
1265 rd %y,t_2
1266 addxcc c_2,t_2,c_2 !=
1267 addx c_3,%g0,c_3
1268 addcc c_1,t_1,c_1
1269 addxcc c_2,t_2,c_2
1270 addx c_3,%g0,c_3 !=
1271 umul a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3);
1272 addcc c_1,t_1,c_1
1273 rd %y,t_2
1274 addxcc c_2,t_2,c_2 !=
1275 addx c_3,%g0,c_3
1276 addcc c_1,t_1,c_1
1277 addxcc c_2,t_2,c_2
1278 addx c_3,%g0,c_3 !=
1279 st c_1,rp(9) !r[9]=c1;
1280
1281 umul a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1);
1282 addcc c_2,t_1,c_2
1283 rd %y,t_2 !=
1284 addxcc c_3,t_2,c_3
1285 addx %g0,%g0,c_1
1286 addcc c_2,t_1,c_2
1287 addxcc c_3,t_2,c_3 !=
1288 addx c_1,%g0,c_1
1289 umul a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1);
1290 addcc c_2,t_1,c_2
1291 rd %y,t_2 !=
1292 addxcc c_3,t_2,c_3
1293 addx c_1,%g0,c_1
1294 addcc c_2,t_1,c_2
1295 addxcc c_3,t_2,c_3 !=
1296 addx c_1,%g0,c_1
1297 umul a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1);
1298 addcc c_2,t_1,c_2
1299 rd %y,t_2 !=
1300 addxcc c_3,t_2,c_3
1301 addx c_1,%g0,c_1
1302 st c_2,rp(10) !r[10]=c2;
1303
1304 umul a_4,a_7,t_1 !=!sqr_add_c2(a,7,4,c3,c1,c2);
1305 addcc c_3,t_1,c_3
1306 rd %y,t_2
1307 addxcc c_1,t_2,c_1
1308 addx %g0,%g0,c_2 !=
1309 addcc c_3,t_1,c_3
1310 addxcc c_1,t_2,c_1
1311 addx c_2,%g0,c_2
1312 umul a_5,a_6,t_1 !=!sqr_add_c2(a,6,5,c3,c1,c2);
1313 addcc c_3,t_1,c_3
1314 rd %y,t_2
1315 addxcc c_1,t_2,c_1
1316 addx c_2,%g0,c_2 !=
1317 addcc c_3,t_1,c_3
1318 addxcc c_1,t_2,c_1
1319 st c_3,rp(11) !r[11]=c3;
1320 addx c_2,%g0,c_2 !=
1321
1322 umul a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3);
1323 addcc c_1,t_1,c_1
1324 rd %y,t_2
1325 addxcc c_2,t_2,c_2 !=
1326 addx %g0,%g0,c_3
1327 addcc c_1,t_1,c_1
1328 addxcc c_2,t_2,c_2
1329 addx c_3,%g0,c_3 !=
1330 umul a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3);
1331 addcc c_1,t_1,c_1
1332 rd %y,t_2
1333 addxcc c_2,t_2,c_2 !=
1334 addx c_3,%g0,c_3
1335 st c_1,rp(12) !r[12]=c1;
1336
1337 umul a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1);
1338 addcc c_2,t_1,c_2 !=
1339 rd %y,t_2
1340 addxcc c_3,t_2,c_3
1341 addx %g0,%g0,c_1
1342 addcc c_2,t_1,c_2 !=
1343 addxcc c_3,t_2,c_3
1344 st c_2,rp(13) !r[13]=c2;
1345 addx c_1,%g0,c_1 !=
1346
1347 umul a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2);
1348 addcc c_3,t_1,c_3
1349 rd %y,t_2
1350 addxcc c_1,t_2,c_1 !=
1351 st c_3,rp(14) !r[14]=c3;
1352 st c_1,rp(15) !r[15]=c1;
1353
1354 ret
1355 restore %g0,%g0,%o0
1356
1357.type bn_sqr_comba8,#function
1358.size bn_sqr_comba8,(.-bn_sqr_comba8)
1359
1360.align 32
1361
1362.global bn_sqr_comba4
1363/*
1364 * void bn_sqr_comba4(r,a)
1365 * BN_ULONG *r,*a;
1366 */
1367bn_sqr_comba4:
1368 save %sp,FRAME_SIZE,%sp
1369 ld ap(0),a_0
1370 umul a_0,a_0,c_1 !sqr_add_c(a,0,c1,c2,c3);
1371 ld ap(1),a_1 !=
1372 rd %y,c_2
1373 st c_1,rp(0) !r[0]=c1;
1374
1375 ld ap(2),a_2
1376 umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
1377 addcc c_2,t_1,c_2
1378 rd %y,t_2
1379 addxcc %g0,t_2,c_3
1380 addx %g0,%g0,c_1 !=
1381 addcc c_2,t_1,c_2
1382 addxcc c_3,t_2,c_3
1383 addx c_1,%g0,c_1 !=
1384 st c_2,rp(1) !r[1]=c2;
1385
1386 umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1387 addcc c_3,t_1,c_3
1388 rd %y,t_2 !=
1389 addxcc c_1,t_2,c_1
1390 addx %g0,%g0,c_2
1391 addcc c_3,t_1,c_3
1392 addxcc c_1,t_2,c_1 !=
1393 addx c_2,%g0,c_2
1394 ld ap(3),a_3
1395 umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1396 addcc c_3,t_1,c_3 !=
1397 rd %y,t_2
1398 addxcc c_1,t_2,c_1
1399 st c_3,rp(2) !r[2]=c3;
1400 addx c_2,%g0,c_2 !=
1401
1402 umul a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
1403 addcc c_1,t_1,c_1
1404 rd %y,t_2
1405 addxcc c_2,t_2,c_2 !=
1406 addx %g0,%g0,c_3
1407 addcc c_1,t_1,c_1
1408 addxcc c_2,t_2,c_2
1409 addx c_3,%g0,c_3 !=
1410 umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1411 addcc c_1,t_1,c_1
1412 rd %y,t_2
1413 addxcc c_2,t_2,c_2 !=
1414 addx c_3,%g0,c_3
1415 addcc c_1,t_1,c_1
1416 addxcc c_2,t_2,c_2
1417 addx c_3,%g0,c_3 !=
1418 st c_1,rp(3) !r[3]=c1;
1419
1420 umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1421 addcc c_2,t_1,c_2
1422 rd %y,t_2 !=
1423 addxcc c_3,t_2,c_3
1424 addx %g0,%g0,c_1
1425 addcc c_2,t_1,c_2
1426 addxcc c_3,t_2,c_3 !=
1427 addx c_1,%g0,c_1
1428 umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1429 addcc c_2,t_1,c_2
1430 rd %y,t_2 !=
1431 addxcc c_3,t_2,c_3
1432 addx c_1,%g0,c_1
1433 st c_2,rp(4) !r[4]=c2;
1434
1435 umul a_2,a_3,t_1 !=!sqr_add_c2(a,3,2,c3,c1,c2);
1436 addcc c_3,t_1,c_3
1437 rd %y,t_2
1438 addxcc c_1,t_2,c_1
1439 addx %g0,%g0,c_2 !=
1440 addcc c_3,t_1,c_3
1441 addxcc c_1,t_2,c_1
1442 st c_3,rp(5) !r[5]=c3;
1443 addx c_2,%g0,c_2 !=
1444
1445 umul a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3);
1446 addcc c_1,t_1,c_1
1447 rd %y,t_2
1448 addxcc c_2,t_2,c_2 !=
1449 st c_1,rp(6) !r[6]=c1;
1450 st c_2,rp(7) !r[7]=c2;
1451
1452 ret
1453 restore %g0,%g0,%o0
1454
1455.type bn_sqr_comba4,#function
1456.size bn_sqr_comba4,(.-bn_sqr_comba4)
1457
1458.align 32
diff --git a/src/lib/libcrypto/bn/asm/sparcv8plus.S b/src/lib/libcrypto/bn/asm/sparcv8plus.S
deleted file mode 100644
index 0074dfdb75..0000000000
--- a/src/lib/libcrypto/bn/asm/sparcv8plus.S
+++ /dev/null
@@ -1,1535 +0,0 @@
1.ident "sparcv8plus.s, Version 1.4"
2.ident "SPARC v9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
3
4/*
5 * ====================================================================
6 * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
7 * project.
8 *
9 * Rights for redistribution and usage in source and binary forms are
10 * granted according to the OpenSSL license. Warranty of any kind is
11 * disclaimed.
12 * ====================================================================
13 */
14
15/*
16 * This is my modest contributon to OpenSSL project (see
17 * http://www.openssl.org/ for more information about it) and is
18 * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c
19 * module. For updates see http://fy.chalmers.se/~appro/hpe/.
20 *
21 * Questions-n-answers.
22 *
23 * Q. How to compile?
24 * A. With SC4.x/SC5.x:
25 *
26 * cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
27 *
28 * and with gcc:
29 *
30 * gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o
31 *
32 * or if above fails (it does if you have gas installed):
33 *
34 * gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o
35 *
36 * Quick-n-dirty way to fuse the module into the library.
37 * Provided that the library is already configured and built
38 * (in 0.9.2 case with no-asm option):
39 *
40 * # cd crypto/bn
41 * # cp /some/place/bn_asm.sparc.v8plus.S .
42 * # cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
43 * # make
44 * # cd ../..
45 * # make; make test
46 *
47 * Quick-n-dirty way to get rid of it:
48 *
49 * # cd crypto/bn
50 * # touch bn_asm.c
51 * # make
52 * # cd ../..
53 * # make; make test
54 *
55 * Q. V8plus achitecture? What kind of beast is that?
56 * A. Well, it's rather a programming model than an architecture...
57 * It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
58 * special conditions, namely when kernel doesn't preserve upper
59 * 32 bits of otherwise 64-bit registers during a context switch.
60 *
61 * Q. Why just UltraSPARC? What about SuperSPARC?
62 * A. Original release did target UltraSPARC only. Now SuperSPARC
63 * version is provided along. Both version share bn_*comba[48]
64 * implementations (see comment later in code for explanation).
65 * But what's so special about this UltraSPARC implementation?
66 * Why didn't I let compiler do the job? Trouble is that most of
67 * available compilers (well, SC5.0 is the only exception) don't
68 * attempt to take advantage of UltraSPARC's 64-bitness under
69 * 32-bit kernels even though it's perfectly possible (see next
70 * question).
71 *
72 * Q. 64-bit registers under 32-bit kernels? Didn't you just say it
73 * doesn't work?
74 * A. You can't adress *all* registers as 64-bit wide:-( The catch is
75 * that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
76 * preserved if you're in a leaf function, i.e. such never calling
77 * any other functions. All functions in this module are leaf and
78 * 10 registers is a handful. And as a matter of fact none-"comba"
79 * routines don't require even that much and I could even afford to
80 * not allocate own stack frame for 'em:-)
81 *
82 * Q. What about 64-bit kernels?
83 * A. What about 'em? Just kidding:-) Pure 64-bit version is currently
84 * under evaluation and development...
85 *
86 * Q. What about shared libraries?
87 * A. What about 'em? Kidding again:-) Code does *not* contain any
88 * code position dependencies and it's safe to include it into
89 * shared library as is.
90 *
91 * Q. How much faster does it go?
92 * A. Do you have a good benchmark? In either case below is what I
93 * experience with crypto/bn/expspeed.c test program:
94 *
95 * v8plus module on U10/300MHz against bn_asm.c compiled with:
96 *
97 * cc-5.0 -xarch=v8plus -xO5 -xdepend +7-12%
98 * cc-4.2 -xarch=v8plus -xO5 -xdepend +25-35%
99 * egcs-1.1.2 -mcpu=ultrasparc -O3 +35-45%
100 *
101 * v8 module on SS10/60MHz against bn_asm.c compiled with:
102 *
103 * cc-5.0 -xarch=v8 -xO5 -xdepend +7-10%
104 * cc-4.2 -xarch=v8 -xO5 -xdepend +10%
105 * egcs-1.1.2 -mv8 -O3 +35-45%
106 *
107 * As you can see it's damn hard to beat the new Sun C compiler
108 * and it's in first place GNU C users who will appreciate this
109 * assembler implementation:-)
110 */
111
112/*
113 * Revision history.
114 *
115 * 1.0 - initial release;
116 * 1.1 - new loop unrolling model(*);
117 * - some more fine tuning;
118 * 1.2 - made gas friendly;
119 * - updates to documentation concerning v9;
120 * - new performance comparison matrix;
121 * 1.3 - fixed problem with /usr/ccs/lib/cpp;
122 * 1.4 - native V9 bn_*_comba[48] implementation (15% more efficient)
123 * resulting in slight overall performance kick;
124 * - some retunes;
125 * - support for GNU as added;
126 *
127 * (*) Originally unrolled loop looked like this:
128 * for (;;) {
129 * op(p+0); if (--n==0) break;
130 * op(p+1); if (--n==0) break;
131 * op(p+2); if (--n==0) break;
132 * op(p+3); if (--n==0) break;
133 * p+=4;
134 * }
135 * I unroll according to following:
136 * while (n&~3) {
137 * op(p+0); op(p+1); op(p+2); op(p+3);
138 * p+=4; n=-4;
139 * }
140 * if (n) {
141 * op(p+0); if (--n==0) return;
142 * op(p+2); if (--n==0) return;
143 * op(p+3); return;
144 * }
145 */
146
147/*
148 * GNU assembler can't stand stuw:-(
149 */
150#define stuw st
151
152.section ".text",#alloc,#execinstr
153.file "bn_asm.sparc.v8plus.S"
154
155.align 32
156
157.global bn_mul_add_words
158/*
159 * BN_ULONG bn_mul_add_words(rp,ap,num,w)
160 * BN_ULONG *rp,*ap;
161 * int num;
162 * BN_ULONG w;
163 */
164bn_mul_add_words:
165 brgz,a %o2,.L_bn_mul_add_words_proceed
166 lduw [%o1],%g2
167 retl
168 clr %o0
169
170.L_bn_mul_add_words_proceed:
171 srl %o3,%g0,%o3 ! clruw %o3
172 andcc %o2,-4,%g0
173 bz,pn %icc,.L_bn_mul_add_words_tail
174 clr %o5
175
176.L_bn_mul_add_words_loop: ! wow! 32 aligned!
177 lduw [%o0],%g1
178 lduw [%o1+4],%g3
179 mulx %o3,%g2,%g2
180 add %g1,%o5,%o4
181 nop
182 add %o4,%g2,%o4
183 stuw %o4,[%o0]
184 srlx %o4,32,%o5
185
186 lduw [%o0+4],%g1
187 lduw [%o1+8],%g2
188 mulx %o3,%g3,%g3
189 add %g1,%o5,%o4
190 dec 4,%o2
191 add %o4,%g3,%o4
192 stuw %o4,[%o0+4]
193 srlx %o4,32,%o5
194
195 lduw [%o0+8],%g1
196 lduw [%o1+12],%g3
197 mulx %o3,%g2,%g2
198 add %g1,%o5,%o4
199 inc 16,%o1
200 add %o4,%g2,%o4
201 stuw %o4,[%o0+8]
202 srlx %o4,32,%o5
203
204 lduw [%o0+12],%g1
205 mulx %o3,%g3,%g3
206 add %g1,%o5,%o4
207 inc 16,%o0
208 add %o4,%g3,%o4
209 andcc %o2,-4,%g0
210 stuw %o4,[%o0-4]
211 srlx %o4,32,%o5
212 bnz,a,pt %icc,.L_bn_mul_add_words_loop
213 lduw [%o1],%g2
214
215 brnz,a,pn %o2,.L_bn_mul_add_words_tail
216 lduw [%o1],%g2
217.L_bn_mul_add_words_return:
218 retl
219 mov %o5,%o0
220
221.L_bn_mul_add_words_tail:
222 lduw [%o0],%g1
223 mulx %o3,%g2,%g2
224 add %g1,%o5,%o4
225 dec %o2
226 add %o4,%g2,%o4
227 srlx %o4,32,%o5
228 brz,pt %o2,.L_bn_mul_add_words_return
229 stuw %o4,[%o0]
230
231 lduw [%o1+4],%g2
232 lduw [%o0+4],%g1
233 mulx %o3,%g2,%g2
234 add %g1,%o5,%o4
235 dec %o2
236 add %o4,%g2,%o4
237 srlx %o4,32,%o5
238 brz,pt %o2,.L_bn_mul_add_words_return
239 stuw %o4,[%o0+4]
240
241 lduw [%o1+8],%g2
242 lduw [%o0+8],%g1
243 mulx %o3,%g2,%g2
244 add %g1,%o5,%o4
245 add %o4,%g2,%o4
246 stuw %o4,[%o0+8]
247 retl
248 srlx %o4,32,%o0
249
250.type bn_mul_add_words,#function
251.size bn_mul_add_words,(.-bn_mul_add_words)
252
253.align 32
254
255.global bn_mul_words
256/*
257 * BN_ULONG bn_mul_words(rp,ap,num,w)
258 * BN_ULONG *rp,*ap;
259 * int num;
260 * BN_ULONG w;
261 */
262bn_mul_words:
263 brgz,a %o2,.L_bn_mul_words_proceeed
264 lduw [%o1],%g2
265 retl
266 clr %o0
267
268.L_bn_mul_words_proceeed:
269 srl %o3,%g0,%o3 ! clruw %o3
270 andcc %o2,-4,%g0
271 bz,pn %icc,.L_bn_mul_words_tail
272 clr %o5
273
274.L_bn_mul_words_loop: ! wow! 32 aligned!
275 lduw [%o1+4],%g3
276 mulx %o3,%g2,%g2
277 add %g2,%o5,%o4
278 nop
279 stuw %o4,[%o0]
280 srlx %o4,32,%o5
281
282 lduw [%o1+8],%g2
283 mulx %o3,%g3,%g3
284 add %g3,%o5,%o4
285 dec 4,%o2
286 stuw %o4,[%o0+4]
287 srlx %o4,32,%o5
288
289 lduw [%o1+12],%g3
290 mulx %o3,%g2,%g2
291 add %g2,%o5,%o4
292 inc 16,%o1
293 stuw %o4,[%o0+8]
294 srlx %o4,32,%o5
295
296 mulx %o3,%g3,%g3
297 add %g3,%o5,%o4
298 inc 16,%o0
299 stuw %o4,[%o0-4]
300 srlx %o4,32,%o5
301 andcc %o2,-4,%g0
302 bnz,a,pt %icc,.L_bn_mul_words_loop
303 lduw [%o1],%g2
304 nop
305 nop
306
307 brnz,a,pn %o2,.L_bn_mul_words_tail
308 lduw [%o1],%g2
309.L_bn_mul_words_return:
310 retl
311 mov %o5,%o0
312
313.L_bn_mul_words_tail:
314 mulx %o3,%g2,%g2
315 add %g2,%o5,%o4
316 dec %o2
317 srlx %o4,32,%o5
318 brz,pt %o2,.L_bn_mul_words_return
319 stuw %o4,[%o0]
320
321 lduw [%o1+4],%g2
322 mulx %o3,%g2,%g2
323 add %g2,%o5,%o4
324 dec %o2
325 srlx %o4,32,%o5
326 brz,pt %o2,.L_bn_mul_words_return
327 stuw %o4,[%o0+4]
328
329 lduw [%o1+8],%g2
330 mulx %o3,%g2,%g2
331 add %g2,%o5,%o4
332 stuw %o4,[%o0+8]
333 retl
334 srlx %o4,32,%o0
335
336.type bn_mul_words,#function
337.size bn_mul_words,(.-bn_mul_words)
338
339.align 32
340.global bn_sqr_words
341/*
342 * void bn_sqr_words(r,a,n)
343 * BN_ULONG *r,*a;
344 * int n;
345 */
346bn_sqr_words:
347 brgz,a %o2,.L_bn_sqr_words_proceeed
348 lduw [%o1],%g2
349 retl
350 clr %o0
351
352.L_bn_sqr_words_proceeed:
353 andcc %o2,-4,%g0
354 nop
355 bz,pn %icc,.L_bn_sqr_words_tail
356 nop
357
358.L_bn_sqr_words_loop: ! wow! 32 aligned!
359 lduw [%o1+4],%g3
360 mulx %g2,%g2,%o4
361 stuw %o4,[%o0]
362 srlx %o4,32,%o5
363 stuw %o5,[%o0+4]
364 nop
365
366 lduw [%o1+8],%g2
367 mulx %g3,%g3,%o4
368 dec 4,%o2
369 stuw %o4,[%o0+8]
370 srlx %o4,32,%o5
371 stuw %o5,[%o0+12]
372
373 lduw [%o1+12],%g3
374 mulx %g2,%g2,%o4
375 srlx %o4,32,%o5
376 stuw %o4,[%o0+16]
377 inc 16,%o1
378 stuw %o5,[%o0+20]
379
380 mulx %g3,%g3,%o4
381 inc 32,%o0
382 stuw %o4,[%o0-8]
383 srlx %o4,32,%o5
384 andcc %o2,-4,%g2
385 stuw %o5,[%o0-4]
386 bnz,a,pt %icc,.L_bn_sqr_words_loop
387 lduw [%o1],%g2
388 nop
389
390 brnz,a,pn %o2,.L_bn_sqr_words_tail
391 lduw [%o1],%g2
392.L_bn_sqr_words_return:
393 retl
394 clr %o0
395
396.L_bn_sqr_words_tail:
397 mulx %g2,%g2,%o4
398 dec %o2
399 stuw %o4,[%o0]
400 srlx %o4,32,%o5
401 brz,pt %o2,.L_bn_sqr_words_return
402 stuw %o5,[%o0+4]
403
404 lduw [%o1+4],%g2
405 mulx %g2,%g2,%o4
406 dec %o2
407 stuw %o4,[%o0+8]
408 srlx %o4,32,%o5
409 brz,pt %o2,.L_bn_sqr_words_return
410 stuw %o5,[%o0+12]
411
412 lduw [%o1+8],%g2
413 mulx %g2,%g2,%o4
414 srlx %o4,32,%o5
415 stuw %o4,[%o0+16]
416 stuw %o5,[%o0+20]
417 retl
418 clr %o0
419
420.type bn_sqr_words,#function
421.size bn_sqr_words,(.-bn_sqr_words)
422
423.align 32
424.global bn_div_words
425/*
426 * BN_ULONG bn_div_words(h,l,d)
427 * BN_ULONG h,l,d;
428 */
429bn_div_words:
430 sllx %o0,32,%o0
431 or %o0,%o1,%o0
432 udivx %o0,%o2,%o0
433 retl
434 srl %o0,%g0,%o0 ! clruw %o0
435
436.type bn_div_words,#function
437.size bn_div_words,(.-bn_div_words)
438
439.align 32
440
441.global bn_add_words
442/*
443 * BN_ULONG bn_add_words(rp,ap,bp,n)
444 * BN_ULONG *rp,*ap,*bp;
445 * int n;
446 */
447bn_add_words:
448 brgz,a %o3,.L_bn_add_words_proceed
449 lduw [%o1],%o4
450 retl
451 clr %o0
452
453.L_bn_add_words_proceed:
454 andcc %o3,-4,%g0
455 bz,pn %icc,.L_bn_add_words_tail
456 addcc %g0,0,%g0 ! clear carry flag
457 nop
458
459.L_bn_add_words_loop: ! wow! 32 aligned!
460 dec 4,%o3
461 lduw [%o2],%o5
462 lduw [%o1+4],%g1
463 lduw [%o2+4],%g2
464 lduw [%o1+8],%g3
465 lduw [%o2+8],%g4
466 addccc %o5,%o4,%o5
467 stuw %o5,[%o0]
468
469 lduw [%o1+12],%o4
470 lduw [%o2+12],%o5
471 inc 16,%o1
472 addccc %g1,%g2,%g1
473 stuw %g1,[%o0+4]
474
475 inc 16,%o2
476 addccc %g3,%g4,%g3
477 stuw %g3,[%o0+8]
478
479 inc 16,%o0
480 addccc %o5,%o4,%o5
481 stuw %o5,[%o0-4]
482 and %o3,-4,%g1
483 brnz,a,pt %g1,.L_bn_add_words_loop
484 lduw [%o1],%o4
485
486 brnz,a,pn %o3,.L_bn_add_words_tail
487 lduw [%o1],%o4
488.L_bn_add_words_return:
489 clr %o0
490 retl
491 movcs %icc,1,%o0
492 nop
493
494.L_bn_add_words_tail:
495 lduw [%o2],%o5
496 dec %o3
497 addccc %o5,%o4,%o5
498 brz,pt %o3,.L_bn_add_words_return
499 stuw %o5,[%o0]
500
501 lduw [%o1+4],%o4
502 lduw [%o2+4],%o5
503 dec %o3
504 addccc %o5,%o4,%o5
505 brz,pt %o3,.L_bn_add_words_return
506 stuw %o5,[%o0+4]
507
508 lduw [%o1+8],%o4
509 lduw [%o2+8],%o5
510 addccc %o5,%o4,%o5
511 stuw %o5,[%o0+8]
512 clr %o0
513 retl
514 movcs %icc,1,%o0
515
516.type bn_add_words,#function
517.size bn_add_words,(.-bn_add_words)
518
519.global bn_sub_words
520/*
521 * BN_ULONG bn_sub_words(rp,ap,bp,n)
522 * BN_ULONG *rp,*ap,*bp;
523 * int n;
524 */
525bn_sub_words:
526 brgz,a %o3,.L_bn_sub_words_proceed
527 lduw [%o1],%o4
528 retl
529 clr %o0
530
531.L_bn_sub_words_proceed:
532 andcc %o3,-4,%g0
533 bz,pn %icc,.L_bn_sub_words_tail
534 addcc %g0,0,%g0 ! clear carry flag
535 nop
536
537.L_bn_sub_words_loop: ! wow! 32 aligned!
538 dec 4,%o3
539 lduw [%o2],%o5
540 lduw [%o1+4],%g1
541 lduw [%o2+4],%g2
542 lduw [%o1+8],%g3
543 lduw [%o2+8],%g4
544 subccc %o4,%o5,%o5
545 stuw %o5,[%o0]
546
547 lduw [%o1+12],%o4
548 lduw [%o2+12],%o5
549 inc 16,%o1
550 subccc %g1,%g2,%g2
551 stuw %g2,[%o0+4]
552
553 inc 16,%o2
554 subccc %g3,%g4,%g4
555 stuw %g4,[%o0+8]
556
557 inc 16,%o0
558 subccc %o4,%o5,%o5
559 stuw %o5,[%o0-4]
560 and %o3,-4,%g1
561 brnz,a,pt %g1,.L_bn_sub_words_loop
562 lduw [%o1],%o4
563
564 brnz,a,pn %o3,.L_bn_sub_words_tail
565 lduw [%o1],%o4
566.L_bn_sub_words_return:
567 clr %o0
568 retl
569 movcs %icc,1,%o0
570 nop
571
572.L_bn_sub_words_tail: ! wow! 32 aligned!
573 lduw [%o2],%o5
574 dec %o3
575 subccc %o4,%o5,%o5
576 brz,pt %o3,.L_bn_sub_words_return
577 stuw %o5,[%o0]
578
579 lduw [%o1+4],%o4
580 lduw [%o2+4],%o5
581 dec %o3
582 subccc %o4,%o5,%o5
583 brz,pt %o3,.L_bn_sub_words_return
584 stuw %o5,[%o0+4]
585
586 lduw [%o1+8],%o4
587 lduw [%o2+8],%o5
588 subccc %o4,%o5,%o5
589 stuw %o5,[%o0+8]
590 clr %o0
591 retl
592 movcs %icc,1,%o0
593
594.type bn_sub_words,#function
595.size bn_sub_words,(.-bn_sub_words)
596
597/*
598 * Code below depends on the fact that upper parts of the %l0-%l7
599 * and %i0-%i7 are zeroed by kernel after context switch. In
600 * previous versions this comment stated that "the trouble is that
601 * it's not feasible to implement the mumbo-jumbo in less V9
602 * instructions:-(" which apparently isn't true thanks to
603 * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement
604 * results not from the shorter code, but from elimination of
605 * multicycle none-pairable 'rd %y,%rd' instructions.
606 *
607 * Andy.
608 */
609
610#define FRAME_SIZE -96
611
612/*
613 * Here is register usage map for *all* routines below.
614 */
615#define t_1 %o0
616#define t_2 %o1
617#define c_12 %o2
618#define c_3 %o3
619
620#define ap(I) [%i1+4*I]
621#define bp(I) [%i2+4*I]
622#define rp(I) [%i0+4*I]
623
624#define a_0 %l0
625#define a_1 %l1
626#define a_2 %l2
627#define a_3 %l3
628#define a_4 %l4
629#define a_5 %l5
630#define a_6 %l6
631#define a_7 %l7
632
633#define b_0 %i3
634#define b_1 %i4
635#define b_2 %i5
636#define b_3 %o4
637#define b_4 %o5
638#define b_5 %o7
639#define b_6 %g1
640#define b_7 %g4
641
642.align 32
643.global bn_mul_comba8
644/*
645 * void bn_mul_comba8(r,a,b)
646 * BN_ULONG *r,*a,*b;
647 */
648bn_mul_comba8:
649 save %sp,FRAME_SIZE,%sp
650 mov 1,t_2
651 lduw ap(0),a_0
652 sllx t_2,32,t_2
653 lduw bp(0),b_0 !=
654 lduw bp(1),b_1
655 mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3);
656 srlx t_1,32,c_12
657 stuw t_1,rp(0) !=!r[0]=c1;
658
659 lduw ap(1),a_1
660 mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1);
661 addcc c_12,t_1,c_12
662 clr c_3 !=
663 bcs,a %xcc,.+8
664 add c_3,t_2,c_3
665 lduw ap(2),a_2
666 mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
667 addcc c_12,t_1,t_1
668 bcs,a %xcc,.+8
669 add c_3,t_2,c_3
670 srlx t_1,32,c_12 !=
671 stuw t_1,rp(1) !r[1]=c2;
672 or c_12,c_3,c_12
673
674 mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
675 addcc c_12,t_1,c_12 !=
676 clr c_3
677 bcs,a %xcc,.+8
678 add c_3,t_2,c_3
679 lduw bp(2),b_2 !=
680 mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
681 addcc c_12,t_1,c_12
682 bcs,a %xcc,.+8
683 add c_3,t_2,c_3 !=
684 lduw bp(3),b_3
685 mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
686 addcc c_12,t_1,t_1
687 bcs,a %xcc,.+8 !=
688 add c_3,t_2,c_3
689 srlx t_1,32,c_12
690 stuw t_1,rp(2) !r[2]=c3;
691 or c_12,c_3,c_12 !=
692
693 mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
694 addcc c_12,t_1,c_12
695 clr c_3
696 bcs,a %xcc,.+8 !=
697 add c_3,t_2,c_3
698 mulx a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3);
699 addcc c_12,t_1,c_12
700 bcs,a %xcc,.+8 !=
701 add c_3,t_2,c_3
702 lduw ap(3),a_3
703 mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
704 addcc c_12,t_1,c_12 !=
705 bcs,a %xcc,.+8
706 add c_3,t_2,c_3
707 lduw ap(4),a_4
708 mulx a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);!=
709 addcc c_12,t_1,t_1
710 bcs,a %xcc,.+8
711 add c_3,t_2,c_3
712 srlx t_1,32,c_12 !=
713 stuw t_1,rp(3) !r[3]=c1;
714 or c_12,c_3,c_12
715
716 mulx a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1);
717 addcc c_12,t_1,c_12 !=
718 clr c_3
719 bcs,a %xcc,.+8
720 add c_3,t_2,c_3
721 mulx a_3,b_1,t_1 !=!mul_add_c(a[3],b[1],c2,c3,c1);
722 addcc c_12,t_1,c_12
723 bcs,a %xcc,.+8
724 add c_3,t_2,c_3
725 mulx a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1);
726 addcc c_12,t_1,c_12
727 bcs,a %xcc,.+8
728 add c_3,t_2,c_3
729 lduw bp(4),b_4 !=
730 mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
731 addcc c_12,t_1,c_12
732 bcs,a %xcc,.+8
733 add c_3,t_2,c_3 !=
734 lduw bp(5),b_5
735 mulx a_0,b_4,t_1 !mul_add_c(a[0],b[4],c2,c3,c1);
736 addcc c_12,t_1,t_1
737 bcs,a %xcc,.+8 !=
738 add c_3,t_2,c_3
739 srlx t_1,32,c_12
740 stuw t_1,rp(4) !r[4]=c2;
741 or c_12,c_3,c_12 !=
742
743 mulx a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2);
744 addcc c_12,t_1,c_12
745 clr c_3
746 bcs,a %xcc,.+8 !=
747 add c_3,t_2,c_3
748 mulx a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2);
749 addcc c_12,t_1,c_12
750 bcs,a %xcc,.+8 !=
751 add c_3,t_2,c_3
752 mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
753 addcc c_12,t_1,c_12
754 bcs,a %xcc,.+8 !=
755 add c_3,t_2,c_3
756 mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
757 addcc c_12,t_1,c_12
758 bcs,a %xcc,.+8 !=
759 add c_3,t_2,c_3
760 lduw ap(5),a_5
761 mulx a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2);
762 addcc c_12,t_1,c_12 !=
763 bcs,a %xcc,.+8
764 add c_3,t_2,c_3
765 lduw ap(6),a_6
766 mulx a_5,b_0,t_1 !=!mul_add_c(a[5],b[0],c3,c1,c2);
767 addcc c_12,t_1,t_1
768 bcs,a %xcc,.+8
769 add c_3,t_2,c_3
770 srlx t_1,32,c_12 !=
771 stuw t_1,rp(5) !r[5]=c3;
772 or c_12,c_3,c_12
773
774 mulx a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3);
775 addcc c_12,t_1,c_12 !=
776 clr c_3
777 bcs,a %xcc,.+8
778 add c_3,t_2,c_3
779 mulx a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3);
780 addcc c_12,t_1,c_12
781 bcs,a %xcc,.+8
782 add c_3,t_2,c_3
783 mulx a_4,b_2,t_1 !=!mul_add_c(a[4],b[2],c1,c2,c3);
784 addcc c_12,t_1,c_12
785 bcs,a %xcc,.+8
786 add c_3,t_2,c_3
787 mulx a_3,b_3,t_1 !=!mul_add_c(a[3],b[3],c1,c2,c3);
788 addcc c_12,t_1,c_12
789 bcs,a %xcc,.+8
790 add c_3,t_2,c_3
791 mulx a_2,b_4,t_1 !=!mul_add_c(a[2],b[4],c1,c2,c3);
792 addcc c_12,t_1,c_12
793 bcs,a %xcc,.+8
794 add c_3,t_2,c_3
795 lduw bp(6),b_6 !=
796 mulx a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3);
797 addcc c_12,t_1,c_12
798 bcs,a %xcc,.+8
799 add c_3,t_2,c_3 !=
800 lduw bp(7),b_7
801 mulx a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3);
802 addcc c_12,t_1,t_1
803 bcs,a %xcc,.+8 !=
804 add c_3,t_2,c_3
805 srlx t_1,32,c_12
806 stuw t_1,rp(6) !r[6]=c1;
807 or c_12,c_3,c_12 !=
808
809 mulx a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1);
810 addcc c_12,t_1,c_12
811 clr c_3
812 bcs,a %xcc,.+8 !=
813 add c_3,t_2,c_3
814 mulx a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1);
815 addcc c_12,t_1,c_12
816 bcs,a %xcc,.+8 !=
817 add c_3,t_2,c_3
818 mulx a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1);
819 addcc c_12,t_1,c_12
820 bcs,a %xcc,.+8 !=
821 add c_3,t_2,c_3
822 mulx a_3,b_4,t_1 !mul_add_c(a[3],b[4],c2,c3,c1);
823 addcc c_12,t_1,c_12
824 bcs,a %xcc,.+8 !=
825 add c_3,t_2,c_3
826 mulx a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1);
827 addcc c_12,t_1,c_12
828 bcs,a %xcc,.+8 !=
829 add c_3,t_2,c_3
830 mulx a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1);
831 addcc c_12,t_1,c_12
832 bcs,a %xcc,.+8 !=
833 add c_3,t_2,c_3
834 lduw ap(7),a_7
835 mulx a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1);
836 addcc c_12,t_1,c_12
837 bcs,a %xcc,.+8
838 add c_3,t_2,c_3
839 mulx a_7,b_0,t_1 !=!mul_add_c(a[7],b[0],c2,c3,c1);
840 addcc c_12,t_1,t_1
841 bcs,a %xcc,.+8
842 add c_3,t_2,c_3
843 srlx t_1,32,c_12 !=
844 stuw t_1,rp(7) !r[7]=c2;
845 or c_12,c_3,c_12
846
847 mulx a_7,b_1,t_1 !=!mul_add_c(a[7],b[1],c3,c1,c2);
848 addcc c_12,t_1,c_12
849 clr c_3
850 bcs,a %xcc,.+8
851 add c_3,t_2,c_3 !=
852 mulx a_6,b_2,t_1 !mul_add_c(a[6],b[2],c3,c1,c2);
853 addcc c_12,t_1,c_12
854 bcs,a %xcc,.+8
855 add c_3,t_2,c_3 !=
856 mulx a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2);
857 addcc c_12,t_1,c_12
858 bcs,a %xcc,.+8
859 add c_3,t_2,c_3 !=
860 mulx a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2);
861 addcc c_12,t_1,c_12
862 bcs,a %xcc,.+8
863 add c_3,t_2,c_3 !=
864 mulx a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2);
865 addcc c_12,t_1,c_12
866 bcs,a %xcc,.+8
867 add c_3,t_2,c_3 !=
868 mulx a_2,b_6,t_1 !mul_add_c(a[2],b[6],c3,c1,c2);
869 addcc c_12,t_1,c_12
870 bcs,a %xcc,.+8
871 add c_3,t_2,c_3 !=
872 mulx a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2);
873 addcc c_12,t_1,t_1
874 bcs,a %xcc,.+8
875 add c_3,t_2,c_3 !=
876 srlx t_1,32,c_12
877 stuw t_1,rp(8) !r[8]=c3;
878 or c_12,c_3,c_12
879
880 mulx a_2,b_7,t_1 !=!mul_add_c(a[2],b[7],c1,c2,c3);
881 addcc c_12,t_1,c_12
882 clr c_3
883 bcs,a %xcc,.+8
884 add c_3,t_2,c_3 !=
885 mulx a_3,b_6,t_1 !mul_add_c(a[3],b[6],c1,c2,c3);
886 addcc c_12,t_1,c_12
887 bcs,a %xcc,.+8 !=
888 add c_3,t_2,c_3
889 mulx a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3);
890 addcc c_12,t_1,c_12
891 bcs,a %xcc,.+8 !=
892 add c_3,t_2,c_3
893 mulx a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3);
894 addcc c_12,t_1,c_12
895 bcs,a %xcc,.+8 !=
896 add c_3,t_2,c_3
897 mulx a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3);
898 addcc c_12,t_1,c_12
899 bcs,a %xcc,.+8 !=
900 add c_3,t_2,c_3
901 mulx a_7,b_2,t_1 !mul_add_c(a[7],b[2],c1,c2,c3);
902 addcc c_12,t_1,t_1
903 bcs,a %xcc,.+8 !=
904 add c_3,t_2,c_3
905 srlx t_1,32,c_12
906 stuw t_1,rp(9) !r[9]=c1;
907 or c_12,c_3,c_12 !=
908
909 mulx a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1);
910 addcc c_12,t_1,c_12
911 clr c_3
912 bcs,a %xcc,.+8 !=
913 add c_3,t_2,c_3
914 mulx a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1);
915 addcc c_12,t_1,c_12
916 bcs,a %xcc,.+8 !=
917 add c_3,t_2,c_3
918 mulx a_5,b_5,t_1 !mul_add_c(a[5],b[5],c2,c3,c1);
919 addcc c_12,t_1,c_12
920 bcs,a %xcc,.+8 !=
921 add c_3,t_2,c_3
922 mulx a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1);
923 addcc c_12,t_1,c_12
924 bcs,a %xcc,.+8 !=
925 add c_3,t_2,c_3
926 mulx a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1);
927 addcc c_12,t_1,t_1
928 bcs,a %xcc,.+8 !=
929 add c_3,t_2,c_3
930 srlx t_1,32,c_12
931 stuw t_1,rp(10) !r[10]=c2;
932 or c_12,c_3,c_12 !=
933
934 mulx a_4,b_7,t_1 !mul_add_c(a[4],b[7],c3,c1,c2);
935 addcc c_12,t_1,c_12
936 clr c_3
937 bcs,a %xcc,.+8 !=
938 add c_3,t_2,c_3
939 mulx a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2);
940 addcc c_12,t_1,c_12
941 bcs,a %xcc,.+8 !=
942 add c_3,t_2,c_3
943 mulx a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2);
944 addcc c_12,t_1,c_12
945 bcs,a %xcc,.+8 !=
946 add c_3,t_2,c_3
947 mulx a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2);
948 addcc c_12,t_1,t_1
949 bcs,a %xcc,.+8 !=
950 add c_3,t_2,c_3
951 srlx t_1,32,c_12
952 stuw t_1,rp(11) !r[11]=c3;
953 or c_12,c_3,c_12 !=
954
955 mulx a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3);
956 addcc c_12,t_1,c_12
957 clr c_3
958 bcs,a %xcc,.+8 !=
959 add c_3,t_2,c_3
960 mulx a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3);
961 addcc c_12,t_1,c_12
962 bcs,a %xcc,.+8 !=
963 add c_3,t_2,c_3
964 mulx a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3);
965 addcc c_12,t_1,t_1
966 bcs,a %xcc,.+8 !=
967 add c_3,t_2,c_3
968 srlx t_1,32,c_12
969 stuw t_1,rp(12) !r[12]=c1;
970 or c_12,c_3,c_12 !=
971
972 mulx a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1);
973 addcc c_12,t_1,c_12
974 clr c_3
975 bcs,a %xcc,.+8 !=
976 add c_3,t_2,c_3
977 mulx a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1);
978 addcc c_12,t_1,t_1
979 bcs,a %xcc,.+8 !=
980 add c_3,t_2,c_3
981 srlx t_1,32,c_12
982 st t_1,rp(13) !r[13]=c2;
983 or c_12,c_3,c_12 !=
984
985 mulx a_7,b_7,t_1 !mul_add_c(a[7],b[7],c3,c1,c2);
986 addcc c_12,t_1,t_1
987 srlx t_1,32,c_12 !=
988 stuw t_1,rp(14) !r[14]=c3;
989 stuw c_12,rp(15) !r[15]=c1;
990
991 ret
992 restore %g0,%g0,%o0 !=
993
994.type bn_mul_comba8,#function
995.size bn_mul_comba8,(.-bn_mul_comba8)
996
997.align 32
998
999.global bn_mul_comba4
1000/*
1001 * void bn_mul_comba4(r,a,b)
1002 * BN_ULONG *r,*a,*b;
1003 */
1004bn_mul_comba4:
1005 save %sp,FRAME_SIZE,%sp
1006 lduw ap(0),a_0
1007 mov 1,t_2
1008 lduw bp(0),b_0
1009 sllx t_2,32,t_2 !=
1010 lduw bp(1),b_1
1011 mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3);
1012 srlx t_1,32,c_12
1013 stuw t_1,rp(0) !=!r[0]=c1;
1014
1015 lduw ap(1),a_1
1016 mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1);
1017 addcc c_12,t_1,c_12
1018 clr c_3 !=
1019 bcs,a %xcc,.+8
1020 add c_3,t_2,c_3
1021 lduw ap(2),a_2
1022 mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
1023 addcc c_12,t_1,t_1
1024 bcs,a %xcc,.+8
1025 add c_3,t_2,c_3
1026 srlx t_1,32,c_12 !=
1027 stuw t_1,rp(1) !r[1]=c2;
1028 or c_12,c_3,c_12
1029
1030 mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
1031 addcc c_12,t_1,c_12 !=
1032 clr c_3
1033 bcs,a %xcc,.+8
1034 add c_3,t_2,c_3
1035 lduw bp(2),b_2 !=
1036 mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
1037 addcc c_12,t_1,c_12
1038 bcs,a %xcc,.+8
1039 add c_3,t_2,c_3 !=
1040 lduw bp(3),b_3
1041 mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
1042 addcc c_12,t_1,t_1
1043 bcs,a %xcc,.+8 !=
1044 add c_3,t_2,c_3
1045 srlx t_1,32,c_12
1046 stuw t_1,rp(2) !r[2]=c3;
1047 or c_12,c_3,c_12 !=
1048
1049 mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
1050 addcc c_12,t_1,c_12
1051 clr c_3
1052 bcs,a %xcc,.+8 !=
1053 add c_3,t_2,c_3
1054 mulx a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3);
1055 addcc c_12,t_1,c_12
1056 bcs,a %xcc,.+8 !=
1057 add c_3,t_2,c_3
1058 lduw ap(3),a_3
1059 mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
1060 addcc c_12,t_1,c_12 !=
1061 bcs,a %xcc,.+8
1062 add c_3,t_2,c_3
1063 mulx a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!=
1064 addcc c_12,t_1,t_1 !=
1065 bcs,a %xcc,.+8
1066 add c_3,t_2,c_3
1067 srlx t_1,32,c_12
1068 stuw t_1,rp(3) !=!r[3]=c1;
1069 or c_12,c_3,c_12
1070
1071 mulx a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
1072 addcc c_12,t_1,c_12
1073 clr c_3 !=
1074 bcs,a %xcc,.+8
1075 add c_3,t_2,c_3
1076 mulx a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1);
1077 addcc c_12,t_1,c_12 !=
1078 bcs,a %xcc,.+8
1079 add c_3,t_2,c_3
1080 mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
1081 addcc c_12,t_1,t_1 !=
1082 bcs,a %xcc,.+8
1083 add c_3,t_2,c_3
1084 srlx t_1,32,c_12
1085 stuw t_1,rp(4) !=!r[4]=c2;
1086 or c_12,c_3,c_12
1087
1088 mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
1089 addcc c_12,t_1,c_12
1090 clr c_3 !=
1091 bcs,a %xcc,.+8
1092 add c_3,t_2,c_3
1093 mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
1094 addcc c_12,t_1,t_1 !=
1095 bcs,a %xcc,.+8
1096 add c_3,t_2,c_3
1097 srlx t_1,32,c_12
1098 stuw t_1,rp(5) !=!r[5]=c3;
1099 or c_12,c_3,c_12
1100
1101 mulx a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
1102 addcc c_12,t_1,t_1
1103 srlx t_1,32,c_12 !=
1104 stuw t_1,rp(6) !r[6]=c1;
1105 stuw c_12,rp(7) !r[7]=c2;
1106
1107 ret
1108 restore %g0,%g0,%o0
1109
1110.type bn_mul_comba4,#function
1111.size bn_mul_comba4,(.-bn_mul_comba4)
1112
1113.align 32
1114
1115.global bn_sqr_comba8
1116bn_sqr_comba8:
1117 save %sp,FRAME_SIZE,%sp
1118 mov 1,t_2
1119 lduw ap(0),a_0
1120 sllx t_2,32,t_2
1121 lduw ap(1),a_1
1122 mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3);
1123 srlx t_1,32,c_12
1124 stuw t_1,rp(0) !r[0]=c1;
1125
1126 lduw ap(2),a_2
1127 mulx a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
1128 addcc c_12,t_1,c_12
1129 clr c_3
1130 bcs,a %xcc,.+8
1131 add c_3,t_2,c_3
1132 addcc c_12,t_1,t_1
1133 bcs,a %xcc,.+8
1134 add c_3,t_2,c_3
1135 srlx t_1,32,c_12
1136 stuw t_1,rp(1) !r[1]=c2;
1137 or c_12,c_3,c_12
1138
1139 mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1140 addcc c_12,t_1,c_12
1141 clr c_3
1142 bcs,a %xcc,.+8
1143 add c_3,t_2,c_3
1144 addcc c_12,t_1,c_12
1145 bcs,a %xcc,.+8
1146 add c_3,t_2,c_3
1147 lduw ap(3),a_3
1148 mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1149 addcc c_12,t_1,t_1
1150 bcs,a %xcc,.+8
1151 add c_3,t_2,c_3
1152 srlx t_1,32,c_12
1153 stuw t_1,rp(2) !r[2]=c3;
1154 or c_12,c_3,c_12
1155
1156 mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
1157 addcc c_12,t_1,c_12
1158 clr c_3
1159 bcs,a %xcc,.+8
1160 add c_3,t_2,c_3
1161 addcc c_12,t_1,c_12
1162 bcs,a %xcc,.+8
1163 add c_3,t_2,c_3
1164 lduw ap(4),a_4
1165 mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1166 addcc c_12,t_1,c_12
1167 bcs,a %xcc,.+8
1168 add c_3,t_2,c_3
1169 addcc c_12,t_1,t_1
1170 bcs,a %xcc,.+8
1171 add c_3,t_2,c_3
1172 srlx t_1,32,c_12
1173 st t_1,rp(3) !r[3]=c1;
1174 or c_12,c_3,c_12
1175
1176 mulx a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1);
1177 addcc c_12,t_1,c_12
1178 clr c_3
1179 bcs,a %xcc,.+8
1180 add c_3,t_2,c_3
1181 addcc c_12,t_1,c_12
1182 bcs,a %xcc,.+8
1183 add c_3,t_2,c_3
1184 mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1185 addcc c_12,t_1,c_12
1186 bcs,a %xcc,.+8
1187 add c_3,t_2,c_3
1188 addcc c_12,t_1,c_12
1189 bcs,a %xcc,.+8
1190 add c_3,t_2,c_3
1191 lduw ap(5),a_5
1192 mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1193 addcc c_12,t_1,t_1
1194 bcs,a %xcc,.+8
1195 add c_3,t_2,c_3
1196 srlx t_1,32,c_12
1197 stuw t_1,rp(4) !r[4]=c2;
1198 or c_12,c_3,c_12
1199
1200 mulx a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2);
1201 addcc c_12,t_1,c_12
1202 clr c_3
1203 bcs,a %xcc,.+8
1204 add c_3,t_2,c_3
1205 addcc c_12,t_1,c_12
1206 bcs,a %xcc,.+8
1207 add c_3,t_2,c_3
1208 mulx a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2);
1209 addcc c_12,t_1,c_12
1210 bcs,a %xcc,.+8
1211 add c_3,t_2,c_3
1212 addcc c_12,t_1,c_12
1213 bcs,a %xcc,.+8
1214 add c_3,t_2,c_3
1215 lduw ap(6),a_6
1216 mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
1217 addcc c_12,t_1,c_12
1218 bcs,a %xcc,.+8
1219 add c_3,t_2,c_3
1220 addcc c_12,t_1,t_1
1221 bcs,a %xcc,.+8
1222 add c_3,t_2,c_3
1223 srlx t_1,32,c_12
1224 stuw t_1,rp(5) !r[5]=c3;
1225 or c_12,c_3,c_12
1226
1227 mulx a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3);
1228 addcc c_12,t_1,c_12
1229 clr c_3
1230 bcs,a %xcc,.+8
1231 add c_3,t_2,c_3
1232 addcc c_12,t_1,c_12
1233 bcs,a %xcc,.+8
1234 add c_3,t_2,c_3
1235 mulx a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3);
1236 addcc c_12,t_1,c_12
1237 bcs,a %xcc,.+8
1238 add c_3,t_2,c_3
1239 addcc c_12,t_1,c_12
1240 bcs,a %xcc,.+8
1241 add c_3,t_2,c_3
1242 mulx a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3);
1243 addcc c_12,t_1,c_12
1244 bcs,a %xcc,.+8
1245 add c_3,t_2,c_3
1246 addcc c_12,t_1,c_12
1247 bcs,a %xcc,.+8
1248 add c_3,t_2,c_3
1249 lduw ap(7),a_7
1250 mulx a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3);
1251 addcc c_12,t_1,t_1
1252 bcs,a %xcc,.+8
1253 add c_3,t_2,c_3
1254 srlx t_1,32,c_12
1255 stuw t_1,rp(6) !r[6]=c1;
1256 or c_12,c_3,c_12
1257
1258 mulx a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1);
1259 addcc c_12,t_1,c_12
1260 clr c_3
1261 bcs,a %xcc,.+8
1262 add c_3,t_2,c_3
1263 addcc c_12,t_1,c_12
1264 bcs,a %xcc,.+8
1265 add c_3,t_2,c_3
1266 mulx a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1);
1267 addcc c_12,t_1,c_12
1268 bcs,a %xcc,.+8
1269 add c_3,t_2,c_3
1270 addcc c_12,t_1,c_12
1271 bcs,a %xcc,.+8
1272 add c_3,t_2,c_3
1273 mulx a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1);
1274 addcc c_12,t_1,c_12
1275 bcs,a %xcc,.+8
1276 add c_3,t_2,c_3
1277 addcc c_12,t_1,c_12
1278 bcs,a %xcc,.+8
1279 add c_3,t_2,c_3
1280 mulx a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1);
1281 addcc c_12,t_1,c_12
1282 bcs,a %xcc,.+8
1283 add c_3,t_2,c_3
1284 addcc c_12,t_1,t_1
1285 bcs,a %xcc,.+8
1286 add c_3,t_2,c_3
1287 srlx t_1,32,c_12
1288 stuw t_1,rp(7) !r[7]=c2;
1289 or c_12,c_3,c_12
1290
1291 mulx a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2);
1292 addcc c_12,t_1,c_12
1293 clr c_3
1294 bcs,a %xcc,.+8
1295 add c_3,t_2,c_3
1296 addcc c_12,t_1,c_12
1297 bcs,a %xcc,.+8
1298 add c_3,t_2,c_3
1299 mulx a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2);
1300 addcc c_12,t_1,c_12
1301 bcs,a %xcc,.+8
1302 add c_3,t_2,c_3
1303 addcc c_12,t_1,c_12
1304 bcs,a %xcc,.+8
1305 add c_3,t_2,c_3
1306 mulx a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2);
1307 addcc c_12,t_1,c_12
1308 bcs,a %xcc,.+8
1309 add c_3,t_2,c_3
1310 addcc c_12,t_1,c_12
1311 bcs,a %xcc,.+8
1312 add c_3,t_2,c_3
1313 mulx a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2);
1314 addcc c_12,t_1,t_1
1315 bcs,a %xcc,.+8
1316 add c_3,t_2,c_3
1317 srlx t_1,32,c_12
1318 stuw t_1,rp(8) !r[8]=c3;
1319 or c_12,c_3,c_12
1320
1321 mulx a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3);
1322 addcc c_12,t_1,c_12
1323 clr c_3
1324 bcs,a %xcc,.+8
1325 add c_3,t_2,c_3
1326 addcc c_12,t_1,c_12
1327 bcs,a %xcc,.+8
1328 add c_3,t_2,c_3
1329 mulx a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3);
1330 addcc c_12,t_1,c_12
1331 bcs,a %xcc,.+8
1332 add c_3,t_2,c_3
1333 addcc c_12,t_1,c_12
1334 bcs,a %xcc,.+8
1335 add c_3,t_2,c_3
1336 mulx a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3);
1337 addcc c_12,t_1,c_12
1338 bcs,a %xcc,.+8
1339 add c_3,t_2,c_3
1340 addcc c_12,t_1,t_1
1341 bcs,a %xcc,.+8
1342 add c_3,t_2,c_3
1343 srlx t_1,32,c_12
1344 stuw t_1,rp(9) !r[9]=c1;
1345 or c_12,c_3,c_12
1346
1347 mulx a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1);
1348 addcc c_12,t_1,c_12
1349 clr c_3
1350 bcs,a %xcc,.+8
1351 add c_3,t_2,c_3
1352 addcc c_12,t_1,c_12
1353 bcs,a %xcc,.+8
1354 add c_3,t_2,c_3
1355 mulx a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1);
1356 addcc c_12,t_1,c_12
1357 bcs,a %xcc,.+8
1358 add c_3,t_2,c_3
1359 addcc c_12,t_1,c_12
1360 bcs,a %xcc,.+8
1361 add c_3,t_2,c_3
1362 mulx a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1);
1363 addcc c_12,t_1,t_1
1364 bcs,a %xcc,.+8
1365 add c_3,t_2,c_3
1366 srlx t_1,32,c_12
1367 stuw t_1,rp(10) !r[10]=c2;
1368 or c_12,c_3,c_12
1369
1370 mulx a_4,a_7,t_1 !sqr_add_c2(a,7,4,c3,c1,c2);
1371 addcc c_12,t_1,c_12
1372 clr c_3
1373 bcs,a %xcc,.+8
1374 add c_3,t_2,c_3
1375 addcc c_12,t_1,c_12
1376 bcs,a %xcc,.+8
1377 add c_3,t_2,c_3
1378 mulx a_5,a_6,t_1 !sqr_add_c2(a,6,5,c3,c1,c2);
1379 addcc c_12,t_1,c_12
1380 bcs,a %xcc,.+8
1381 add c_3,t_2,c_3
1382 addcc c_12,t_1,t_1
1383 bcs,a %xcc,.+8
1384 add c_3,t_2,c_3
1385 srlx t_1,32,c_12
1386 stuw t_1,rp(11) !r[11]=c3;
1387 or c_12,c_3,c_12
1388
1389 mulx a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3);
1390 addcc c_12,t_1,c_12
1391 clr c_3
1392 bcs,a %xcc,.+8
1393 add c_3,t_2,c_3
1394 addcc c_12,t_1,c_12
1395 bcs,a %xcc,.+8
1396 add c_3,t_2,c_3
1397 mulx a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3);
1398 addcc c_12,t_1,t_1
1399 bcs,a %xcc,.+8
1400 add c_3,t_2,c_3
1401 srlx t_1,32,c_12
1402 stuw t_1,rp(12) !r[12]=c1;
1403 or c_12,c_3,c_12
1404
1405 mulx a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1);
1406 addcc c_12,t_1,c_12
1407 clr c_3
1408 bcs,a %xcc,.+8
1409 add c_3,t_2,c_3
1410 addcc c_12,t_1,t_1
1411 bcs,a %xcc,.+8
1412 add c_3,t_2,c_3
1413 srlx t_1,32,c_12
1414 stuw t_1,rp(13) !r[13]=c2;
1415 or c_12,c_3,c_12
1416
1417 mulx a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2);
1418 addcc c_12,t_1,t_1
1419 srlx t_1,32,c_12
1420 stuw t_1,rp(14) !r[14]=c3;
1421 stuw c_12,rp(15) !r[15]=c1;
1422
1423 ret
1424 restore %g0,%g0,%o0
1425
1426.type bn_sqr_comba8,#function
1427.size bn_sqr_comba8,(.-bn_sqr_comba8)
1428
1429.align 32
1430
1431.global bn_sqr_comba4
1432/*
1433 * void bn_sqr_comba4(r,a)
1434 * BN_ULONG *r,*a;
1435 */
1436bn_sqr_comba4:
1437 save %sp,FRAME_SIZE,%sp
1438 mov 1,t_2
1439 lduw ap(0),a_0
1440 sllx t_2,32,t_2
1441 lduw ap(1),a_1
1442 mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3);
1443 srlx t_1,32,c_12
1444 stuw t_1,rp(0) !r[0]=c1;
1445
1446 lduw ap(2),a_2
1447 mulx a_0,a_1,t_1 !sqr_add_c2(a,1,0,c2,c3,c1);
1448 addcc c_12,t_1,c_12
1449 clr c_3
1450 bcs,a %xcc,.+8
1451 add c_3,t_2,c_3
1452 addcc c_12,t_1,t_1
1453 bcs,a %xcc,.+8
1454 add c_3,t_2,c_3
1455 srlx t_1,32,c_12
1456 stuw t_1,rp(1) !r[1]=c2;
1457 or c_12,c_3,c_12
1458
1459 mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1460 addcc c_12,t_1,c_12
1461 clr c_3
1462 bcs,a %xcc,.+8
1463 add c_3,t_2,c_3
1464 addcc c_12,t_1,c_12
1465 bcs,a %xcc,.+8
1466 add c_3,t_2,c_3
1467 lduw ap(3),a_3
1468 mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1469 addcc c_12,t_1,t_1
1470 bcs,a %xcc,.+8
1471 add c_3,t_2,c_3
1472 srlx t_1,32,c_12
1473 stuw t_1,rp(2) !r[2]=c3;
1474 or c_12,c_3,c_12
1475
1476 mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
1477 addcc c_12,t_1,c_12
1478 clr c_3
1479 bcs,a %xcc,.+8
1480 add c_3,t_2,c_3
1481 addcc c_12,t_1,c_12
1482 bcs,a %xcc,.+8
1483 add c_3,t_2,c_3
1484 mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1485 addcc c_12,t_1,c_12
1486 bcs,a %xcc,.+8
1487 add c_3,t_2,c_3
1488 addcc c_12,t_1,t_1
1489 bcs,a %xcc,.+8
1490 add c_3,t_2,c_3
1491 srlx t_1,32,c_12
1492 stuw t_1,rp(3) !r[3]=c1;
1493 or c_12,c_3,c_12
1494
1495 mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1496 addcc c_12,t_1,c_12
1497 clr c_3
1498 bcs,a %xcc,.+8
1499 add c_3,t_2,c_3
1500 addcc c_12,t_1,c_12
1501 bcs,a %xcc,.+8
1502 add c_3,t_2,c_3
1503 mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1504 addcc c_12,t_1,t_1
1505 bcs,a %xcc,.+8
1506 add c_3,t_2,c_3
1507 srlx t_1,32,c_12
1508 stuw t_1,rp(4) !r[4]=c2;
1509 or c_12,c_3,c_12
1510
1511 mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
1512 addcc c_12,t_1,c_12
1513 clr c_3
1514 bcs,a %xcc,.+8
1515 add c_3,t_2,c_3
1516 addcc c_12,t_1,t_1
1517 bcs,a %xcc,.+8
1518 add c_3,t_2,c_3
1519 srlx t_1,32,c_12
1520 stuw t_1,rp(5) !r[5]=c3;
1521 or c_12,c_3,c_12
1522
1523 mulx a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3);
1524 addcc c_12,t_1,t_1
1525 srlx t_1,32,c_12
1526 stuw t_1,rp(6) !r[6]=c1;
1527 stuw c_12,rp(7) !r[7]=c2;
1528
1529 ret
1530 restore %g0,%g0,%o0
1531
1532.type bn_sqr_comba4,#function
1533.size bn_sqr_comba4,(.-bn_sqr_comba4)
1534
1535.align 32
diff --git a/src/lib/libcrypto/bn/asm/x86.pl b/src/lib/libcrypto/bn/asm/x86.pl
deleted file mode 100644
index 1bc4f1bb27..0000000000
--- a/src/lib/libcrypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,28 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5
6require("x86/mul_add.pl");
7require("x86/mul.pl");
8require("x86/sqr.pl");
9require("x86/div.pl");
10require("x86/add.pl");
11require("x86/sub.pl");
12require("x86/comba.pl");
13
14&asm_init($ARGV[0],$0);
15
16&bn_mul_add_words("bn_mul_add_words");
17&bn_mul_words("bn_mul_words");
18&bn_sqr_words("bn_sqr_words");
19&bn_div_words("bn_div_words");
20&bn_add_words("bn_add_words");
21&bn_sub_words("bn_sub_words");
22&bn_mul_comba("bn_mul_comba8",8);
23&bn_mul_comba("bn_mul_comba4",4);
24&bn_sqr_comba("bn_sqr_comba8",8);
25&bn_sqr_comba("bn_sqr_comba4",4);
26
27&asm_finish();
28
diff --git a/src/lib/libcrypto/bn/asm/x86/add.pl b/src/lib/libcrypto/bn/asm/x86/add.pl
deleted file mode 100644
index 0b5cf583e3..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/add.pl
+++ /dev/null
@@ -1,76 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_add_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $a="esi";
12 $b="edi";
13 $c="eax";
14 $r="ebx";
15 $tmp1="ecx";
16 $tmp2="edx";
17 $num="ebp";
18
19 &mov($r,&wparam(0)); # get r
20 &mov($a,&wparam(1)); # get a
21 &mov($b,&wparam(2)); # get b
22 &mov($num,&wparam(3)); # get num
23 &xor($c,$c); # clear carry
24 &and($num,0xfffffff8); # num / 8
25
26 &jz(&label("aw_finish"));
27
28 &set_label("aw_loop",0);
29 for ($i=0; $i<8; $i++)
30 {
31 &comment("Round $i");
32
33 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
34 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
35 &add($tmp1,$c);
36 &mov($c,0);
37 &adc($c,$c);
38 &add($tmp1,$tmp2);
39 &adc($c,0);
40 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
41 }
42
43 &comment("");
44 &add($a,32);
45 &add($b,32);
46 &add($r,32);
47 &sub($num,8);
48 &jnz(&label("aw_loop"));
49
50 &set_label("aw_finish",0);
51 &mov($num,&wparam(3)); # get num
52 &and($num,7);
53 &jz(&label("aw_end"));
54
55 for ($i=0; $i<7; $i++)
56 {
57 &comment("Tail Round $i");
58 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
59 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
60 &add($tmp1,$c);
61 &mov($c,0);
62 &adc($c,$c);
63 &add($tmp1,$tmp2);
64 &adc($c,0);
65 &dec($num) if ($i != 6);
66 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
67 &jz(&label("aw_end")) if ($i != 6);
68 }
69 &set_label("aw_end",0);
70
71# &mov("eax",$c); # $c is "eax"
72
73 &function_end($name);
74 }
75
761;
diff --git a/src/lib/libcrypto/bn/asm/x86/comba.pl b/src/lib/libcrypto/bn/asm/x86/comba.pl
deleted file mode 100644
index 2291253629..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/comba.pl
+++ /dev/null
@@ -1,277 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub mul_add_c
5 {
6 local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
7
8 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
9 # words, and 1 if load return value
10
11 &comment("mul a[$ai]*b[$bi]");
12
13 # "eax" and "edx" will always be pre-loaded.
14 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
15 # &mov("edx",&DWP($bi*4,$b,"",0));
16
17 &mul("edx");
18 &add($c0,"eax");
19 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
20 &mov("eax",&wparam(0)) if $pos > 0; # load r[]
21 ###
22 &adc($c1,"edx");
23 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
24 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
25 ###
26 &adc($c2,0);
27 # is pos > 1, it means it is the last loop
28 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
29 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
30 }
31
32sub sqr_add_c
33 {
34 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
35
36 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
37 # words, and 1 if load return value
38
39 &comment("sqr a[$ai]*a[$bi]");
40
41 # "eax" and "edx" will always be pre-loaded.
42 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
43 # &mov("edx",&DWP($bi*4,$b,"",0));
44
45 if ($ai == $bi)
46 { &mul("eax");}
47 else
48 { &mul("edx");}
49 &add($c0,"eax");
50 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
51 ###
52 &adc($c1,"edx");
53 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
54 ###
55 &adc($c2,0);
56 # is pos > 1, it means it is the last loop
57 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
58 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
59 }
60
61sub sqr_add_c2
62 {
63 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
64
65 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
66 # words, and 1 if load return value
67
68 &comment("sqr a[$ai]*a[$bi]");
69
70 # "eax" and "edx" will always be pre-loaded.
71 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
72 # &mov("edx",&DWP($bi*4,$a,"",0));
73
74 if ($ai == $bi)
75 { &mul("eax");}
76 else
77 { &mul("edx");}
78 &add("eax","eax");
79 ###
80 &adc("edx","edx");
81 ###
82 &adc($c2,0);
83 &add($c0,"eax");
84 &adc($c1,"edx");
85 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
86 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
87 &adc($c2,0);
88 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
89 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
90 ###
91 }
92
93sub bn_mul_comba
94 {
95 local($name,$num)=@_;
96 local($a,$b,$c0,$c1,$c2);
97 local($i,$as,$ae,$bs,$be,$ai,$bi);
98 local($tot,$end);
99
100 &function_begin_B($name,"");
101
102 $c0="ebx";
103 $c1="ecx";
104 $c2="ebp";
105 $a="esi";
106 $b="edi";
107
108 $as=0;
109 $ae=0;
110 $bs=0;
111 $be=0;
112 $tot=$num+$num-1;
113
114 &push("esi");
115 &mov($a,&wparam(1));
116 &push("edi");
117 &mov($b,&wparam(2));
118 &push("ebp");
119 &push("ebx");
120
121 &xor($c0,$c0);
122 &mov("eax",&DWP(0,$a,"",0)); # load the first word
123 &xor($c1,$c1);
124 &mov("edx",&DWP(0,$b,"",0)); # load the first second
125
126 for ($i=0; $i<$tot; $i++)
127 {
128 $ai=$as;
129 $bi=$bs;
130 $end=$be+1;
131
132 &comment("################## Calculate word $i");
133
134 for ($j=$bs; $j<$end; $j++)
135 {
136 &xor($c2,$c2) if ($j == $bs);
137 if (($j+1) == $end)
138 {
139 $v=1;
140 $v=2 if (($i+1) == $tot);
141 }
142 else
143 { $v=0; }
144 if (($j+1) != $end)
145 {
146 $na=($ai-1);
147 $nb=($bi+1);
148 }
149 else
150 {
151 $na=$as+($i < ($num-1));
152 $nb=$bs+($i >= ($num-1));
153 }
154#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
155 &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
156 if ($v)
157 {
158 &comment("saved r[$i]");
159 # &mov("eax",&wparam(0));
160 # &mov(&DWP($i*4,"eax","",0),$c0);
161 ($c0,$c1,$c2)=($c1,$c2,$c0);
162 }
163 $ai--;
164 $bi++;
165 }
166 $as++ if ($i < ($num-1));
167 $ae++ if ($i >= ($num-1));
168
169 $bs++ if ($i >= ($num-1));
170 $be++ if ($i < ($num-1));
171 }
172 &comment("save r[$i]");
173 # &mov("eax",&wparam(0));
174 &mov(&DWP($i*4,"eax","",0),$c0);
175
176 &pop("ebx");
177 &pop("ebp");
178 &pop("edi");
179 &pop("esi");
180 &ret();
181 &function_end_B($name);
182 }
183
184sub bn_sqr_comba
185 {
186 local($name,$num)=@_;
187 local($r,$a,$c0,$c1,$c2)=@_;
188 local($i,$as,$ae,$bs,$be,$ai,$bi);
189 local($b,$tot,$end,$half);
190
191 &function_begin_B($name,"");
192
193 $c0="ebx";
194 $c1="ecx";
195 $c2="ebp";
196 $a="esi";
197 $r="edi";
198
199 &push("esi");
200 &push("edi");
201 &push("ebp");
202 &push("ebx");
203 &mov($r,&wparam(0));
204 &mov($a,&wparam(1));
205 &xor($c0,$c0);
206 &xor($c1,$c1);
207 &mov("eax",&DWP(0,$a,"",0)); # load the first word
208
209 $as=0;
210 $ae=0;
211 $bs=0;
212 $be=0;
213 $tot=$num+$num-1;
214
215 for ($i=0; $i<$tot; $i++)
216 {
217 $ai=$as;
218 $bi=$bs;
219 $end=$be+1;
220
221 &comment("############### Calculate word $i");
222 for ($j=$bs; $j<$end; $j++)
223 {
224 &xor($c2,$c2) if ($j == $bs);
225 if (($ai-1) < ($bi+1))
226 {
227 $v=1;
228 $v=2 if ($i+1) == $tot;
229 }
230 else
231 { $v=0; }
232 if (!$v)
233 {
234 $na=$ai-1;
235 $nb=$bi+1;
236 }
237 else
238 {
239 $na=$as+($i < ($num-1));
240 $nb=$bs+($i >= ($num-1));
241 }
242 if ($ai == $bi)
243 {
244 &sqr_add_c($r,$a,$ai,$bi,
245 $c0,$c1,$c2,$v,$i,$na,$nb);
246 }
247 else
248 {
249 &sqr_add_c2($r,$a,$ai,$bi,
250 $c0,$c1,$c2,$v,$i,$na,$nb);
251 }
252 if ($v)
253 {
254 &comment("saved r[$i]");
255 #&mov(&DWP($i*4,$r,"",0),$c0);
256 ($c0,$c1,$c2)=($c1,$c2,$c0);
257 last;
258 }
259 $ai--;
260 $bi++;
261 }
262 $as++ if ($i < ($num-1));
263 $ae++ if ($i >= ($num-1));
264
265 $bs++ if ($i >= ($num-1));
266 $be++ if ($i < ($num-1));
267 }
268 &mov(&DWP($i*4,$r,"",0),$c0);
269 &pop("ebx");
270 &pop("ebp");
271 &pop("edi");
272 &pop("esi");
273 &ret();
274 &function_end_B($name);
275 }
276
2771;
diff --git a/src/lib/libcrypto/bn/asm/x86/div.pl b/src/lib/libcrypto/bn/asm/x86/div.pl
deleted file mode 100644
index 0e90152caa..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/div.pl
+++ /dev/null
@@ -1,15 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_div_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9 &mov("edx",&wparam(0)); #
10 &mov("eax",&wparam(1)); #
11 &mov("ebx",&wparam(2)); #
12 &div("ebx");
13 &function_end($name);
14 }
151;
diff --git a/src/lib/libcrypto/bn/asm/x86/mul.pl b/src/lib/libcrypto/bn/asm/x86/mul.pl
deleted file mode 100644
index 674cb9b055..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/mul.pl
+++ /dev/null
@@ -1,77 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_mul_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $Low="eax";
12 $High="edx";
13 $a="ebx";
14 $w="ecx";
15 $r="edi";
16 $c="esi";
17 $num="ebp";
18
19 &xor($c,$c); # clear carry
20 &mov($r,&wparam(0)); #
21 &mov($a,&wparam(1)); #
22 &mov($num,&wparam(2)); #
23 &mov($w,&wparam(3)); #
24
25 &and($num,0xfffffff8); # num / 8
26 &jz(&label("mw_finish"));
27
28 &set_label("mw_loop",0);
29 for ($i=0; $i<32; $i+=4)
30 {
31 &comment("Round $i");
32
33 &mov("eax",&DWP($i,$a,"",0)); # *a
34 &mul($w); # *a * w
35 &add("eax",$c); # L(t)+=c
36 # XXX
37
38 &adc("edx",0); # H(t)+=carry
39 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
40
41 &mov($c,"edx"); # c= H(t);
42 }
43
44 &comment("");
45 &add($a,32);
46 &add($r,32);
47 &sub($num,8);
48 &jz(&label("mw_finish"));
49 &jmp(&label("mw_loop"));
50
51 &set_label("mw_finish",0);
52 &mov($num,&wparam(2)); # get num
53 &and($num,7);
54 &jnz(&label("mw_finish2"));
55 &jmp(&label("mw_end"));
56
57 &set_label("mw_finish2",1);
58 for ($i=0; $i<7; $i++)
59 {
60 &comment("Tail Round $i");
61 &mov("eax",&DWP($i*4,$a,"",0));# *a
62 &mul($w); # *a * w
63 &add("eax",$c); # L(t)+=c
64 # XXX
65 &adc("edx",0); # H(t)+=carry
66 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
67 &mov($c,"edx"); # c= H(t);
68 &dec($num) if ($i != 7-1);
69 &jz(&label("mw_end")) if ($i != 7-1);
70 }
71 &set_label("mw_end",0);
72 &mov("eax",$c);
73
74 &function_end($name);
75 }
76
771;
diff --git a/src/lib/libcrypto/bn/asm/x86/mul_add.pl b/src/lib/libcrypto/bn/asm/x86/mul_add.pl
deleted file mode 100644
index 61830d3a90..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/mul_add.pl
+++ /dev/null
@@ -1,87 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_mul_add_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $Low="eax";
12 $High="edx";
13 $a="ebx";
14 $w="ebp";
15 $r="edi";
16 $c="esi";
17
18 &xor($c,$c); # clear carry
19 &mov($r,&wparam(0)); #
20
21 &mov("ecx",&wparam(2)); #
22 &mov($a,&wparam(1)); #
23
24 &and("ecx",0xfffffff8); # num / 8
25 &mov($w,&wparam(3)); #
26
27 &push("ecx"); # Up the stack for a tmp variable
28
29 &jz(&label("maw_finish"));
30
31 &set_label("maw_loop",0);
32
33 &mov(&swtmp(0),"ecx"); #
34
35 for ($i=0; $i<32; $i+=4)
36 {
37 &comment("Round $i");
38
39 &mov("eax",&DWP($i,$a,"",0)); # *a
40 &mul($w); # *a * w
41 &add("eax",$c); # L(t)+= *r
42 &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
43 &adc("edx",0); # H(t)+=carry
44 &add("eax",$c); # L(t)+=c
45 &adc("edx",0); # H(t)+=carry
46 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
47 &mov($c,"edx"); # c= H(t);
48 }
49
50 &comment("");
51 &mov("ecx",&swtmp(0)); #
52 &add($a,32);
53 &add($r,32);
54 &sub("ecx",8);
55 &jnz(&label("maw_loop"));
56
57 &set_label("maw_finish",0);
58 &mov("ecx",&wparam(2)); # get num
59 &and("ecx",7);
60 &jnz(&label("maw_finish2")); # helps branch prediction
61 &jmp(&label("maw_end"));
62
63 &set_label("maw_finish2",1);
64 for ($i=0; $i<7; $i++)
65 {
66 &comment("Tail Round $i");
67 &mov("eax",&DWP($i*4,$a,"",0));# *a
68 &mul($w); # *a * w
69 &add("eax",$c); # L(t)+=c
70 &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
71 &adc("edx",0); # H(t)+=carry
72 &add("eax",$c);
73 &adc("edx",0); # H(t)+=carry
74 &dec("ecx") if ($i != 7-1);
75 &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
76 &mov($c,"edx"); # c= H(t);
77 &jz(&label("maw_end")) if ($i != 7-1);
78 }
79 &set_label("maw_end",0);
80 &mov("eax",$c);
81
82 &pop("ecx"); # clear variable from
83
84 &function_end($name);
85 }
86
871;
diff --git a/src/lib/libcrypto/bn/asm/x86/sqr.pl b/src/lib/libcrypto/bn/asm/x86/sqr.pl
deleted file mode 100644
index 1f90993cf6..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/sqr.pl
+++ /dev/null
@@ -1,60 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_sqr_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $r="esi";
12 $a="edi";
13 $num="ebx";
14
15 &mov($r,&wparam(0)); #
16 &mov($a,&wparam(1)); #
17 &mov($num,&wparam(2)); #
18
19 &and($num,0xfffffff8); # num / 8
20 &jz(&label("sw_finish"));
21
22 &set_label("sw_loop",0);
23 for ($i=0; $i<32; $i+=4)
24 {
25 &comment("Round $i");
26 &mov("eax",&DWP($i,$a,"",0)); # *a
27 # XXX
28 &mul("eax"); # *a * *a
29 &mov(&DWP($i*2,$r,"",0),"eax"); #
30 &mov(&DWP($i*2+4,$r,"",0),"edx");#
31 }
32
33 &comment("");
34 &add($a,32);
35 &add($r,64);
36 &sub($num,8);
37 &jnz(&label("sw_loop"));
38
39 &set_label("sw_finish",0);
40 &mov($num,&wparam(2)); # get num
41 &and($num,7);
42 &jz(&label("sw_end"));
43
44 for ($i=0; $i<7; $i++)
45 {
46 &comment("Tail Round $i");
47 &mov("eax",&DWP($i*4,$a,"",0)); # *a
48 # XXX
49 &mul("eax"); # *a * *a
50 &mov(&DWP($i*8,$r,"",0),"eax"); #
51 &dec($num) if ($i != 7-1);
52 &mov(&DWP($i*8+4,$r,"",0),"edx");
53 &jz(&label("sw_end")) if ($i != 7-1);
54 }
55 &set_label("sw_end",0);
56
57 &function_end($name);
58 }
59
601;
diff --git a/src/lib/libcrypto/bn/asm/x86/sub.pl b/src/lib/libcrypto/bn/asm/x86/sub.pl
deleted file mode 100644
index 837b0e1b07..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/sub.pl
+++ /dev/null
@@ -1,76 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_sub_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $a="esi";
12 $b="edi";
13 $c="eax";
14 $r="ebx";
15 $tmp1="ecx";
16 $tmp2="edx";
17 $num="ebp";
18
19 &mov($r,&wparam(0)); # get r
20 &mov($a,&wparam(1)); # get a
21 &mov($b,&wparam(2)); # get b
22 &mov($num,&wparam(3)); # get num
23 &xor($c,$c); # clear carry
24 &and($num,0xfffffff8); # num / 8
25
26 &jz(&label("aw_finish"));
27
28 &set_label("aw_loop",0);
29 for ($i=0; $i<8; $i++)
30 {
31 &comment("Round $i");
32
33 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
34 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
35 &sub($tmp1,$c);
36 &mov($c,0);
37 &adc($c,$c);
38 &sub($tmp1,$tmp2);
39 &adc($c,0);
40 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
41 }
42
43 &comment("");
44 &add($a,32);
45 &add($b,32);
46 &add($r,32);
47 &sub($num,8);
48 &jnz(&label("aw_loop"));
49
50 &set_label("aw_finish",0);
51 &mov($num,&wparam(3)); # get num
52 &and($num,7);
53 &jz(&label("aw_end"));
54
55 for ($i=0; $i<7; $i++)
56 {
57 &comment("Tail Round $i");
58 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
59 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
60 &sub($tmp1,$c);
61 &mov($c,0);
62 &adc($c,$c);
63 &sub($tmp1,$tmp2);
64 &adc($c,0);
65 &dec($num) if ($i != 6);
66 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
67 &jz(&label("aw_end")) if ($i != 6);
68 }
69 &set_label("aw_end",0);
70
71# &mov("eax",$c); # $c is "eax"
72
73 &function_end($name);
74 }
75
761;
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
deleted file mode 100644
index b232c2ceae..0000000000
--- a/src/lib/libcrypto/bn/bn.h
+++ /dev/null
@@ -1,520 +0,0 @@
1/* crypto/bn/bn.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BN_H
60#define HEADER_BN_H
61
62#ifndef NO_FP_API
63#include <stdio.h> /* FILE */
64#endif
65#include <openssl/opensslconf.h>
66
67#ifdef __cplusplus
68extern "C" {
69#endif
70
71#ifdef VMS
72#undef BN_LLONG /* experimental, so far... */
73#endif
74
75#define BN_MUL_COMBA
76#define BN_SQR_COMBA
77#define BN_RECURSION
78#define RECP_MUL_MOD
79#define MONT_MUL_MOD
80
81/* This next option uses the C libraries (2 word)/(1 word) function.
82 * If it is not defined, I use my C version (which is slower).
83 * The reason for this flag is that when the particular C compiler
84 * library routine is used, and the library is linked with a different
85 * compiler, the library is missing. This mostly happens when the
86 * library is built with gcc and then linked using normal cc. This would
87 * be a common occurrence because gcc normally produces code that is
88 * 2 times faster than system compilers for the big number stuff.
89 * For machines with only one compiler (or shared libraries), this should
90 * be on. Again this in only really a problem on machines
91 * using "long long's", are 32bit, and are not using my assembler code. */
92#if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux)
93#define BN_DIV2W
94#endif
95
96/* assuming long is 64bit - this is the DEC Alpha
97 * unsigned long long is only 64 bits :-(, don't define
98 * BN_LLONG for the DEC Alpha */
99#ifdef SIXTY_FOUR_BIT_LONG
100#define BN_ULLONG unsigned long long
101#define BN_ULONG unsigned long
102#define BN_LONG long
103#define BN_BITS 128
104#define BN_BYTES 8
105#define BN_BITS2 64
106#define BN_BITS4 32
107#define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
108#define BN_MASK2 (0xffffffffffffffffL)
109#define BN_MASK2l (0xffffffffL)
110#define BN_MASK2h (0xffffffff00000000L)
111#define BN_MASK2h1 (0xffffffff80000000L)
112#define BN_TBIT (0x8000000000000000L)
113#define BN_DEC_CONV (10000000000000000000UL)
114#define BN_DEC_FMT1 "%lu"
115#define BN_DEC_FMT2 "%019lu"
116#define BN_DEC_NUM 19
117#endif
118
119/* This is where the long long data type is 64 bits, but long is 32.
120 * For machines where there are 64bit registers, this is the mode to use.
121 * IRIX, on R4000 and above should use this mode, along with the relevant
122 * assembler code :-). Do NOT define BN_LLONG.
123 */
124#ifdef SIXTY_FOUR_BIT
125#undef BN_LLONG
126#undef BN_ULLONG
127#define BN_ULONG unsigned long long
128#define BN_LONG long long
129#define BN_BITS 128
130#define BN_BYTES 8
131#define BN_BITS2 64
132#define BN_BITS4 32
133#define BN_MASK2 (0xffffffffffffffffLL)
134#define BN_MASK2l (0xffffffffL)
135#define BN_MASK2h (0xffffffff00000000LL)
136#define BN_MASK2h1 (0xffffffff80000000LL)
137#define BN_TBIT (0x8000000000000000LL)
138#define BN_DEC_CONV (10000000000000000000LL)
139#define BN_DEC_FMT1 "%llu"
140#define BN_DEC_FMT2 "%019llu"
141#define BN_DEC_NUM 19
142#endif
143
144#ifdef THIRTY_TWO_BIT
145#if defined(WIN32) && !defined(__GNUC__)
146#define BN_ULLONG unsigned _int64
147#else
148#define BN_ULLONG unsigned long long
149#endif
150#define BN_ULONG unsigned long
151#define BN_LONG long
152#define BN_BITS 64
153#define BN_BYTES 4
154#define BN_BITS2 32
155#define BN_BITS4 16
156#ifdef WIN32
157/* VC++ doesn't like the LL suffix */
158#define BN_MASK (0xffffffffffffffffL)
159#else
160#define BN_MASK (0xffffffffffffffffLL)
161#endif
162#define BN_MASK2 (0xffffffffL)
163#define BN_MASK2l (0xffff)
164#define BN_MASK2h1 (0xffff8000L)
165#define BN_MASK2h (0xffff0000L)
166#define BN_TBIT (0x80000000L)
167#define BN_DEC_CONV (1000000000L)
168#define BN_DEC_FMT1 "%lu"
169#define BN_DEC_FMT2 "%09lu"
170#define BN_DEC_NUM 9
171#endif
172
173#ifdef SIXTEEN_BIT
174#ifndef BN_DIV2W
175#define BN_DIV2W
176#endif
177#define BN_ULLONG unsigned long
178#define BN_ULONG unsigned short
179#define BN_LONG short
180#define BN_BITS 32
181#define BN_BYTES 2
182#define BN_BITS2 16
183#define BN_BITS4 8
184#define BN_MASK (0xffffffff)
185#define BN_MASK2 (0xffff)
186#define BN_MASK2l (0xff)
187#define BN_MASK2h1 (0xff80)
188#define BN_MASK2h (0xff00)
189#define BN_TBIT (0x8000)
190#define BN_DEC_CONV (100000)
191#define BN_DEC_FMT1 "%u"
192#define BN_DEC_FMT2 "%05u"
193#define BN_DEC_NUM 5
194#endif
195
196#ifdef EIGHT_BIT
197#ifndef BN_DIV2W
198#define BN_DIV2W
199#endif
200#define BN_ULLONG unsigned short
201#define BN_ULONG unsigned char
202#define BN_LONG char
203#define BN_BITS 16
204#define BN_BYTES 1
205#define BN_BITS2 8
206#define BN_BITS4 4
207#define BN_MASK (0xffff)
208#define BN_MASK2 (0xff)
209#define BN_MASK2l (0xf)
210#define BN_MASK2h1 (0xf8)
211#define BN_MASK2h (0xf0)
212#define BN_TBIT (0x80)
213#define BN_DEC_CONV (100)
214#define BN_DEC_FMT1 "%u"
215#define BN_DEC_FMT2 "%02u"
216#define BN_DEC_NUM 2
217#endif
218
219#define BN_DEFAULT_BITS 1280
220
221#ifdef BIGNUM
222#undef BIGNUM
223#endif
224
225#define BN_FLG_MALLOCED 0x01
226#define BN_FLG_STATIC_DATA 0x02
227#define BN_FLG_FREE 0x8000 /* used for debuging */
228#define BN_set_flags(b,n) ((b)->flags|=(n))
229#define BN_get_flags(b,n) ((b)->flags&(n))
230
231typedef struct bignum_st
232 {
233 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
234 int top; /* Index of last used d +1. */
235 /* The next are internal book keeping for bn_expand. */
236 int dmax; /* Size of the d array. */
237 int neg; /* one if the number is negative */
238 int flags;
239 } BIGNUM;
240
241/* Used for temp variables */
242#define BN_CTX_NUM 16
243#define BN_CTX_NUM_POS 12
244typedef struct bignum_ctx
245 {
246 int tos;
247 BIGNUM bn[BN_CTX_NUM];
248 int flags;
249 int depth;
250 int pos[BN_CTX_NUM_POS];
251 int too_many;
252 } BN_CTX;
253
254typedef struct bn_blinding_st
255 {
256 int init;
257 BIGNUM *A;
258 BIGNUM *Ai;
259 BIGNUM *mod; /* just a reference */
260 } BN_BLINDING;
261
262/* Used for montgomery multiplication */
263typedef struct bn_mont_ctx_st
264 {
265 int ri; /* number of bits in R */
266 BIGNUM RR; /* used to convert to montgomery form */
267 BIGNUM N; /* The modulus */
268 BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
269 * (Ni is only stored for bignum algorithm) */
270 BN_ULONG n0; /* least significant word of Ni */
271 int flags;
272 } BN_MONT_CTX;
273
274/* Used for reciprocal division/mod functions
275 * It cannot be shared between threads
276 */
277typedef struct bn_recp_ctx_st
278 {
279 BIGNUM N; /* the divisor */
280 BIGNUM Nr; /* the reciprocal */
281 int num_bits;
282 int shift;
283 int flags;
284 } BN_RECP_CTX;
285
286#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
287 r,a,&((mont)->RR),(mont),ctx)
288
289#define BN_prime_checks 0 /* default: select number of iterations
290 based on the size of the number */
291
292/* number of Miller-Rabin iterations for an error rate of less than 2^-80
293 * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
294 * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
295 * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
296 * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
297#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
298 (b) >= 850 ? 3 : \
299 (b) >= 650 ? 4 : \
300 (b) >= 550 ? 5 : \
301 (b) >= 450 ? 6 : \
302 (b) >= 400 ? 7 : \
303 (b) >= 350 ? 8 : \
304 (b) >= 300 ? 9 : \
305 (b) >= 250 ? 12 : \
306 (b) >= 200 ? 15 : \
307 (b) >= 150 ? 18 : \
308 /* b >= 100 */ 27)
309
310#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
311#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
312#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0))
313#define BN_is_one(a) (BN_is_word((a),1))
314#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
315#define BN_one(a) (BN_set_word((a),1))
316#define BN_zero(a) (BN_set_word((a),0))
317
318/*#define BN_ascii2bn(a) BN_hex2bn(a) */
319/*#define BN_bn2ascii(a) BN_bn2hex(a) */
320
321BIGNUM *BN_value_one(void);
322char * BN_options(void);
323BN_CTX *BN_CTX_new(void);
324void BN_CTX_init(BN_CTX *c);
325void BN_CTX_free(BN_CTX *c);
326void BN_CTX_start(BN_CTX *ctx);
327BIGNUM *BN_CTX_get(BN_CTX *ctx);
328void BN_CTX_end(BN_CTX *ctx);
329int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
330int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
331int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
332int BN_num_bits(const BIGNUM *a);
333int BN_num_bits_word(BN_ULONG);
334BIGNUM *BN_new(void);
335void BN_init(BIGNUM *);
336void BN_clear_free(BIGNUM *a);
337BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
338BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
339int BN_bn2bin(const BIGNUM *a, unsigned char *to);
340BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret);
341int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
342int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
343int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
344int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
345int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
346int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
347int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
348 BN_CTX *ctx);
349int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
350int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
351BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
352BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
353int BN_mul_word(BIGNUM *a, BN_ULONG w);
354int BN_add_word(BIGNUM *a, BN_ULONG w);
355int BN_sub_word(BIGNUM *a, BN_ULONG w);
356int BN_set_word(BIGNUM *a, BN_ULONG w);
357BN_ULONG BN_get_word(BIGNUM *a);
358int BN_cmp(const BIGNUM *a, const BIGNUM *b);
359void BN_free(BIGNUM *a);
360int BN_is_bit_set(const BIGNUM *a, int n);
361int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
362int BN_lshift1(BIGNUM *r, BIGNUM *a);
363int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx);
364int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
365 const BIGNUM *m,BN_CTX *ctx);
366int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
367 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
368int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
369 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
370int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2,
371 BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx);
372int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
373 BIGNUM *m,BN_CTX *ctx);
374int BN_mask_bits(BIGNUM *a,int n);
375int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
376#ifndef NO_FP_API
377int BN_print_fp(FILE *fp, const BIGNUM *a);
378#endif
379#ifdef HEADER_BIO_H
380int BN_print(BIO *fp, const BIGNUM *a);
381#else
382int BN_print(void *fp, const BIGNUM *a);
383#endif
384int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx);
385int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
386int BN_rshift1(BIGNUM *r, BIGNUM *a);
387void BN_clear(BIGNUM *a);
388BIGNUM *BN_dup(const BIGNUM *a);
389int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
390int BN_set_bit(BIGNUM *a, int n);
391int BN_clear_bit(BIGNUM *a, int n);
392char * BN_bn2hex(const BIGNUM *a);
393char * BN_bn2dec(const BIGNUM *a);
394int BN_hex2bn(BIGNUM **a, const char *str);
395int BN_dec2bn(BIGNUM **a, const char *str);
396int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
397BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
398BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,BIGNUM *add,
399 BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg);
400int BN_is_prime(const BIGNUM *p,int nchecks,
401 void (*callback)(int,int,void *),
402 BN_CTX *ctx,void *cb_arg);
403int BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
404 void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
405 int do_trial_division);
406void ERR_load_BN_strings(void );
407
408BN_MONT_CTX *BN_MONT_CTX_new(void );
409void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
410int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
411 BN_CTX *ctx);
412int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
413void BN_MONT_CTX_free(BN_MONT_CTX *mont);
414int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx);
415BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
416
417BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
418void BN_BLINDING_free(BN_BLINDING *b);
419int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
420int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
421int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
422
423void BN_set_params(int mul,int high,int low,int mont);
424int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
425
426void BN_RECP_CTX_init(BN_RECP_CTX *recp);
427BN_RECP_CTX *BN_RECP_CTX_new(void);
428void BN_RECP_CTX_free(BN_RECP_CTX *recp);
429int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
430int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y,
431 BN_RECP_CTX *recp,BN_CTX *ctx);
432int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
433 const BIGNUM *m, BN_CTX *ctx);
434int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m,
435 BN_RECP_CTX *recp, BN_CTX *ctx);
436
437/* library internal functions */
438
439#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
440 (a):bn_expand2((a),(bits)/BN_BITS2+1))
441#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
442BIGNUM *bn_expand2(BIGNUM *a, int words);
443
444#define bn_fix_top(a) \
445 { \
446 BN_ULONG *ftl; \
447 if ((a)->top > 0) \
448 { \
449 for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
450 if (*(ftl--)) break; \
451 } \
452 }
453
454BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
455BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
456void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
457BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
458BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
459BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
460
461#ifdef BN_DEBUG
462 void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n);
463# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
464 fprintf(stderr,"\n");}
465# define bn_dump(a,n) bn_dump1(stderr,#a,a,n);
466#else
467# define bn_print(a)
468# define bn_dump(a,b)
469#endif
470
471int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
472
473/* BEGIN ERROR CODES */
474/* The following lines are auto generated by the script mkerr.pl. Any changes
475 * made after this point may be overwritten when the script is next run.
476 */
477
478/* Error codes for the BN functions. */
479
480/* Function codes. */
481#define BN_F_BN_BLINDING_CONVERT 100
482#define BN_F_BN_BLINDING_INVERT 101
483#define BN_F_BN_BLINDING_NEW 102
484#define BN_F_BN_BLINDING_UPDATE 103
485#define BN_F_BN_BN2DEC 104
486#define BN_F_BN_BN2HEX 105
487#define BN_F_BN_CTX_GET 116
488#define BN_F_BN_CTX_NEW 106
489#define BN_F_BN_DIV 107
490#define BN_F_BN_EXPAND2 108
491#define BN_F_BN_MOD_EXP2_MONT 118
492#define BN_F_BN_MOD_EXP_MONT 109
493#define BN_F_BN_MOD_EXP_MONT_WORD 117
494#define BN_F_BN_MOD_INVERSE 110
495#define BN_F_BN_MOD_MUL_RECIPROCAL 111
496#define BN_F_BN_MPI2BN 112
497#define BN_F_BN_NEW 113
498#define BN_F_BN_RAND 114
499#define BN_F_BN_RAND_RANGE 122
500#define BN_F_BN_USUB 115
501
502/* Reason codes. */
503#define BN_R_ARG2_LT_ARG3 100
504#define BN_R_BAD_RECIPROCAL 101
505#define BN_R_BIGNUM_TOO_LONG 114
506#define BN_R_CALLED_WITH_EVEN_MODULUS 102
507#define BN_R_DIV_BY_ZERO 103
508#define BN_R_ENCODING_ERROR 104
509#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
510#define BN_R_INVALID_LENGTH 106
511#define BN_R_INVALID_RANGE 115
512#define BN_R_NOT_INITIALIZED 107
513#define BN_R_NO_INVERSE 108
514#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
515
516#ifdef __cplusplus
517}
518#endif
519#endif
520
diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c
deleted file mode 100644
index 5d24691233..0000000000
--- a/src/lib/libcrypto/bn/bn_add.c
+++ /dev/null
@@ -1,307 +0,0 @@
1/* crypto/bn/bn_add.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63/* r can == a or b */
64int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
65 {
66 const BIGNUM *tmp;
67
68 bn_check_top(a);
69 bn_check_top(b);
70
71 /* a + b a+b
72 * a + -b a-b
73 * -a + b b-a
74 * -a + -b -(a+b)
75 */
76 if (a->neg ^ b->neg)
77 {
78 /* only one is negative */
79 if (a->neg)
80 { tmp=a; a=b; b=tmp; }
81
82 /* we are now a - b */
83
84 if (BN_ucmp(a,b) < 0)
85 {
86 if (!BN_usub(r,b,a)) return(0);
87 r->neg=1;
88 }
89 else
90 {
91 if (!BN_usub(r,a,b)) return(0);
92 r->neg=0;
93 }
94 return(1);
95 }
96
97 if (a->neg) /* both are neg */
98 r->neg=1;
99 else
100 r->neg=0;
101
102 if (!BN_uadd(r,a,b)) return(0);
103 return(1);
104 }
105
106/* unsigned add of b to a, r must be large enough */
107int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
108 {
109 register int i;
110 int max,min;
111 BN_ULONG *ap,*bp,*rp,carry,t1;
112 const BIGNUM *tmp;
113
114 bn_check_top(a);
115 bn_check_top(b);
116
117 if (a->top < b->top)
118 { tmp=a; a=b; b=tmp; }
119 max=a->top;
120 min=b->top;
121
122 if (bn_wexpand(r,max+1) == NULL)
123 return(0);
124
125 r->top=max;
126
127
128 ap=a->d;
129 bp=b->d;
130 rp=r->d;
131 carry=0;
132
133 carry=bn_add_words(rp,ap,bp,min);
134 rp+=min;
135 ap+=min;
136 bp+=min;
137 i=min;
138
139 if (carry)
140 {
141 while (i < max)
142 {
143 i++;
144 t1= *(ap++);
145 if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
146 {
147 carry=0;
148 break;
149 }
150 }
151 if ((i >= max) && carry)
152 {
153 *(rp++)=1;
154 r->top++;
155 }
156 }
157 if (rp != ap)
158 {
159 for (; i<max; i++)
160 *(rp++)= *(ap++);
161 }
162 /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
163 return(1);
164 }
165
166/* unsigned subtraction of b from a, a must be larger than b. */
167int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
168 {
169 int max,min;
170 register BN_ULONG t1,t2,*ap,*bp,*rp;
171 int i,carry;
172#if defined(IRIX_CC_BUG) && !defined(LINT)
173 int dummy;
174#endif
175
176 bn_check_top(a);
177 bn_check_top(b);
178
179 if (a->top < b->top) /* hmm... should not be happening */
180 {
181 BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3);
182 return(0);
183 }
184
185 max=a->top;
186 min=b->top;
187 if (bn_wexpand(r,max) == NULL) return(0);
188
189 ap=a->d;
190 bp=b->d;
191 rp=r->d;
192
193#if 1
194 carry=0;
195 for (i=0; i<min; i++)
196 {
197 t1= *(ap++);
198 t2= *(bp++);
199 if (carry)
200 {
201 carry=(t1 <= t2);
202 t1=(t1-t2-1)&BN_MASK2;
203 }
204 else
205 {
206 carry=(t1 < t2);
207 t1=(t1-t2)&BN_MASK2;
208 }
209#if defined(IRIX_CC_BUG) && !defined(LINT)
210 dummy=t1;
211#endif
212 *(rp++)=t1&BN_MASK2;
213 }
214#else
215 carry=bn_sub_words(rp,ap,bp,min);
216 ap+=min;
217 bp+=min;
218 rp+=min;
219 i=min;
220#endif
221 if (carry) /* subtracted */
222 {
223 while (i < max)
224 {
225 i++;
226 t1= *(ap++);
227 t2=(t1-1)&BN_MASK2;
228 *(rp++)=t2;
229 if (t1 > t2) break;
230 }
231 }
232#if 0
233 memcpy(rp,ap,sizeof(*rp)*(max-i));
234#else
235 if (rp != ap)
236 {
237 for (;;)
238 {
239 if (i++ >= max) break;
240 rp[0]=ap[0];
241 if (i++ >= max) break;
242 rp[1]=ap[1];
243 if (i++ >= max) break;
244 rp[2]=ap[2];
245 if (i++ >= max) break;
246 rp[3]=ap[3];
247 rp+=4;
248 ap+=4;
249 }
250 }
251#endif
252
253 r->top=max;
254 bn_fix_top(r);
255 return(1);
256 }
257
258int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
259 {
260 int max;
261 int add=0,neg=0;
262 const BIGNUM *tmp;
263
264 bn_check_top(a);
265 bn_check_top(b);
266
267 /* a - b a-b
268 * a - -b a+b
269 * -a - b -(a+b)
270 * -a - -b b-a
271 */
272 if (a->neg)
273 {
274 if (b->neg)
275 { tmp=a; a=b; b=tmp; }
276 else
277 { add=1; neg=1; }
278 }
279 else
280 {
281 if (b->neg) { add=1; neg=0; }
282 }
283
284 if (add)
285 {
286 if (!BN_uadd(r,a,b)) return(0);
287 r->neg=neg;
288 return(1);
289 }
290
291 /* We are actually doing a - b :-) */
292
293 max=(a->top > b->top)?a->top:b->top;
294 if (bn_wexpand(r,max) == NULL) return(0);
295 if (BN_ucmp(a,b) < 0)
296 {
297 if (!BN_usub(r,b,a)) return(0);
298 r->neg=1;
299 }
300 else
301 {
302 if (!BN_usub(r,a,b)) return(0);
303 r->neg=0;
304 }
305 return(1);
306 }
307
diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c
deleted file mode 100644
index 44e52a40db..0000000000
--- a/src/lib/libcrypto/bn/bn_asm.c
+++ /dev/null
@@ -1,832 +0,0 @@
1/* crypto/bn/bn_asm.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef BN_DEBUG
60# undef NDEBUG /* avoid conflicting definitions */
61# define NDEBUG
62#endif
63
64#include <stdio.h>
65#include <assert.h>
66#include "cryptlib.h"
67#include "bn_lcl.h"
68
69#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
70
71BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
72 {
73 BN_ULONG c1=0;
74
75 assert(num >= 0);
76 if (num <= 0) return(c1);
77
78 while (num&~3)
79 {
80 mul_add(rp[0],ap[0],w,c1);
81 mul_add(rp[1],ap[1],w,c1);
82 mul_add(rp[2],ap[2],w,c1);
83 mul_add(rp[3],ap[3],w,c1);
84 ap+=4; rp+=4; num-=4;
85 }
86 if (num)
87 {
88 mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
89 mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
90 mul_add(rp[2],ap[2],w,c1); return c1;
91 }
92
93 return(c1);
94 }
95
96BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
97 {
98 BN_ULONG c1=0;
99
100 assert(num >= 0);
101 if (num <= 0) return(c1);
102
103 while (num&~3)
104 {
105 mul(rp[0],ap[0],w,c1);
106 mul(rp[1],ap[1],w,c1);
107 mul(rp[2],ap[2],w,c1);
108 mul(rp[3],ap[3],w,c1);
109 ap+=4; rp+=4; num-=4;
110 }
111 if (num)
112 {
113 mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
114 mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
115 mul(rp[2],ap[2],w,c1);
116 }
117 return(c1);
118 }
119
120void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
121 {
122 assert(n >= 0);
123 if (n <= 0) return;
124 while (n&~3)
125 {
126 sqr(r[0],r[1],a[0]);
127 sqr(r[2],r[3],a[1]);
128 sqr(r[4],r[5],a[2]);
129 sqr(r[6],r[7],a[3]);
130 a+=4; r+=8; n-=4;
131 }
132 if (n)
133 {
134 sqr(r[0],r[1],a[0]); if (--n == 0) return;
135 sqr(r[2],r[3],a[1]); if (--n == 0) return;
136 sqr(r[4],r[5],a[2]);
137 }
138 }
139
140#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
141
142BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
143 {
144 BN_ULONG c=0;
145 BN_ULONG bl,bh;
146
147 assert(num >= 0);
148 if (num <= 0) return((BN_ULONG)0);
149
150 bl=LBITS(w);
151 bh=HBITS(w);
152
153 for (;;)
154 {
155 mul_add(rp[0],ap[0],bl,bh,c);
156 if (--num == 0) break;
157 mul_add(rp[1],ap[1],bl,bh,c);
158 if (--num == 0) break;
159 mul_add(rp[2],ap[2],bl,bh,c);
160 if (--num == 0) break;
161 mul_add(rp[3],ap[3],bl,bh,c);
162 if (--num == 0) break;
163 ap+=4;
164 rp+=4;
165 }
166 return(c);
167 }
168
169BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
170 {
171 BN_ULONG carry=0;
172 BN_ULONG bl,bh;
173
174 assert(num >= 0);
175 if (num <= 0) return((BN_ULONG)0);
176
177 bl=LBITS(w);
178 bh=HBITS(w);
179
180 for (;;)
181 {
182 mul(rp[0],ap[0],bl,bh,carry);
183 if (--num == 0) break;
184 mul(rp[1],ap[1],bl,bh,carry);
185 if (--num == 0) break;
186 mul(rp[2],ap[2],bl,bh,carry);
187 if (--num == 0) break;
188 mul(rp[3],ap[3],bl,bh,carry);
189 if (--num == 0) break;
190 ap+=4;
191 rp+=4;
192 }
193 return(carry);
194 }
195
196void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
197 {
198 assert(n >= 0);
199 if (n <= 0) return;
200 for (;;)
201 {
202 sqr64(r[0],r[1],a[0]);
203 if (--n == 0) break;
204
205 sqr64(r[2],r[3],a[1]);
206 if (--n == 0) break;
207
208 sqr64(r[4],r[5],a[2]);
209 if (--n == 0) break;
210
211 sqr64(r[6],r[7],a[3]);
212 if (--n == 0) break;
213
214 a+=4;
215 r+=8;
216 }
217 }
218
219#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
220
221#if defined(BN_LLONG) && defined(BN_DIV2W)
222
223BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
224 {
225 return((BN_ULONG)(((((BN_ULLONG)h)<<BN_BITS2)|l)/(BN_ULLONG)d));
226 }
227
228#else
229
230/* Divide h,l by d and return the result. */
231/* I need to test this some more :-( */
232BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
233 {
234 BN_ULONG dh,dl,q,ret=0,th,tl,t;
235 int i,count=2;
236
237 if (d == 0) return(BN_MASK2);
238
239 i=BN_num_bits_word(d);
240 assert((i == BN_BITS2) || (h > (BN_ULONG)1<<i));
241
242 i=BN_BITS2-i;
243 if (h >= d) h-=d;
244
245 if (i)
246 {
247 d<<=i;
248 h=(h<<i)|(l>>(BN_BITS2-i));
249 l<<=i;
250 }
251 dh=(d&BN_MASK2h)>>BN_BITS4;
252 dl=(d&BN_MASK2l);
253 for (;;)
254 {
255 if ((h>>BN_BITS4) == dh)
256 q=BN_MASK2l;
257 else
258 q=h/dh;
259
260 th=q*dh;
261 tl=dl*q;
262 for (;;)
263 {
264 t=h-th;
265 if ((t&BN_MASK2h) ||
266 ((tl) <= (
267 (t<<BN_BITS4)|
268 ((l&BN_MASK2h)>>BN_BITS4))))
269 break;
270 q--;
271 th-=dh;
272 tl-=dl;
273 }
274 t=(tl>>BN_BITS4);
275 tl=(tl<<BN_BITS4)&BN_MASK2h;
276 th+=t;
277
278 if (l < tl) th++;
279 l-=tl;
280 if (h < th)
281 {
282 h+=d;
283 q--;
284 }
285 h-=th;
286
287 if (--count == 0) break;
288
289 ret=q<<BN_BITS4;
290 h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
291 l=(l&BN_MASK2l)<<BN_BITS4;
292 }
293 ret|=q;
294 return(ret);
295 }
296#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */
297
298#ifdef BN_LLONG
299BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
300 {
301 BN_ULLONG ll=0;
302
303 assert(n >= 0);
304 if (n <= 0) return((BN_ULONG)0);
305
306 for (;;)
307 {
308 ll+=(BN_ULLONG)a[0]+b[0];
309 r[0]=(BN_ULONG)ll&BN_MASK2;
310 ll>>=BN_BITS2;
311 if (--n <= 0) break;
312
313 ll+=(BN_ULLONG)a[1]+b[1];
314 r[1]=(BN_ULONG)ll&BN_MASK2;
315 ll>>=BN_BITS2;
316 if (--n <= 0) break;
317
318 ll+=(BN_ULLONG)a[2]+b[2];
319 r[2]=(BN_ULONG)ll&BN_MASK2;
320 ll>>=BN_BITS2;
321 if (--n <= 0) break;
322
323 ll+=(BN_ULLONG)a[3]+b[3];
324 r[3]=(BN_ULONG)ll&BN_MASK2;
325 ll>>=BN_BITS2;
326 if (--n <= 0) break;
327
328 a+=4;
329 b+=4;
330 r+=4;
331 }
332 return((BN_ULONG)ll);
333 }
334#else /* !BN_LLONG */
335BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
336 {
337 BN_ULONG c,l,t;
338
339 assert(n >= 0);
340 if (n <= 0) return((BN_ULONG)0);
341
342 c=0;
343 for (;;)
344 {
345 t=a[0];
346 t=(t+c)&BN_MASK2;
347 c=(t < c);
348 l=(t+b[0])&BN_MASK2;
349 c+=(l < t);
350 r[0]=l;
351 if (--n <= 0) break;
352
353 t=a[1];
354 t=(t+c)&BN_MASK2;
355 c=(t < c);
356 l=(t+b[1])&BN_MASK2;
357 c+=(l < t);
358 r[1]=l;
359 if (--n <= 0) break;
360
361 t=a[2];
362 t=(t+c)&BN_MASK2;
363 c=(t < c);
364 l=(t+b[2])&BN_MASK2;
365 c+=(l < t);
366 r[2]=l;
367 if (--n <= 0) break;
368
369 t=a[3];
370 t=(t+c)&BN_MASK2;
371 c=(t < c);
372 l=(t+b[3])&BN_MASK2;
373 c+=(l < t);
374 r[3]=l;
375 if (--n <= 0) break;
376
377 a+=4;
378 b+=4;
379 r+=4;
380 }
381 return((BN_ULONG)c);
382 }
383#endif /* !BN_LLONG */
384
385BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
386 {
387 BN_ULONG t1,t2;
388 int c=0;
389
390 assert(n >= 0);
391 if (n <= 0) return((BN_ULONG)0);
392
393 for (;;)
394 {
395 t1=a[0]; t2=b[0];
396 r[0]=(t1-t2-c)&BN_MASK2;
397 if (t1 != t2) c=(t1 < t2);
398 if (--n <= 0) break;
399
400 t1=a[1]; t2=b[1];
401 r[1]=(t1-t2-c)&BN_MASK2;
402 if (t1 != t2) c=(t1 < t2);
403 if (--n <= 0) break;
404
405 t1=a[2]; t2=b[2];
406 r[2]=(t1-t2-c)&BN_MASK2;
407 if (t1 != t2) c=(t1 < t2);
408 if (--n <= 0) break;
409
410 t1=a[3]; t2=b[3];
411 r[3]=(t1-t2-c)&BN_MASK2;
412 if (t1 != t2) c=(t1 < t2);
413 if (--n <= 0) break;
414
415 a+=4;
416 b+=4;
417 r+=4;
418 }
419 return(c);
420 }
421
422#ifdef BN_MUL_COMBA
423
424#undef bn_mul_comba8
425#undef bn_mul_comba4
426#undef bn_sqr_comba8
427#undef bn_sqr_comba4
428
429/* mul_add_c(a,b,c0,c1,c2) -- c+=a*b for three word number c=(c2,c1,c0) */
430/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
431/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
432/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
433
434#ifdef BN_LLONG
435#define mul_add_c(a,b,c0,c1,c2) \
436 t=(BN_ULLONG)a*b; \
437 t1=(BN_ULONG)Lw(t); \
438 t2=(BN_ULONG)Hw(t); \
439 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
440 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
441
442#define mul_add_c2(a,b,c0,c1,c2) \
443 t=(BN_ULLONG)a*b; \
444 tt=(t+t)&BN_MASK; \
445 if (tt < t) c2++; \
446 t1=(BN_ULONG)Lw(tt); \
447 t2=(BN_ULONG)Hw(tt); \
448 c0=(c0+t1)&BN_MASK2; \
449 if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
450 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
451
452#define sqr_add_c(a,i,c0,c1,c2) \
453 t=(BN_ULLONG)a[i]*a[i]; \
454 t1=(BN_ULONG)Lw(t); \
455 t2=(BN_ULONG)Hw(t); \
456 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
457 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
458
459#define sqr_add_c2(a,i,j,c0,c1,c2) \
460 mul_add_c2((a)[i],(a)[j],c0,c1,c2)
461
462#elif defined(BN_UMULT_HIGH)
463
464#define mul_add_c(a,b,c0,c1,c2) { \
465 BN_ULONG ta=(a),tb=(b); \
466 t1 = ta * tb; \
467 t2 = BN_UMULT_HIGH(ta,tb); \
468 c0 += t1; t2 += (c0<t1)?1:0; \
469 c1 += t2; c2 += (c1<t2)?1:0; \
470 }
471
472#define mul_add_c2(a,b,c0,c1,c2) { \
473 BN_ULONG ta=(a),tb=(b),t0; \
474 t1 = BN_UMULT_HIGH(ta,tb); \
475 t0 = ta * tb; \
476 t2 = t1+t1; c2 += (t2<t1)?1:0; \
477 t1 = t0+t0; t2 += (t1<t0)?1:0; \
478 c0 += t1; t2 += (c0<t1)?1:0; \
479 c1 += t2; c2 += (c1<t2)?1:0; \
480 }
481
482#define sqr_add_c(a,i,c0,c1,c2) { \
483 BN_ULONG ta=(a)[i]; \
484 t1 = ta * ta; \
485 t2 = BN_UMULT_HIGH(ta,ta); \
486 c0 += t1; t2 += (c0<t1)?1:0; \
487 c1 += t2; c2 += (c1<t2)?1:0; \
488 }
489
490#define sqr_add_c2(a,i,j,c0,c1,c2) \
491 mul_add_c2((a)[i],(a)[j],c0,c1,c2)
492
493#else /* !BN_LLONG */
494#define mul_add_c(a,b,c0,c1,c2) \
495 t1=LBITS(a); t2=HBITS(a); \
496 bl=LBITS(b); bh=HBITS(b); \
497 mul64(t1,t2,bl,bh); \
498 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
499 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
500
501#define mul_add_c2(a,b,c0,c1,c2) \
502 t1=LBITS(a); t2=HBITS(a); \
503 bl=LBITS(b); bh=HBITS(b); \
504 mul64(t1,t2,bl,bh); \
505 if (t2 & BN_TBIT) c2++; \
506 t2=(t2+t2)&BN_MASK2; \
507 if (t1 & BN_TBIT) t2++; \
508 t1=(t1+t1)&BN_MASK2; \
509 c0=(c0+t1)&BN_MASK2; \
510 if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
511 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
512
513#define sqr_add_c(a,i,c0,c1,c2) \
514 sqr64(t1,t2,(a)[i]); \
515 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
516 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
517
518#define sqr_add_c2(a,i,j,c0,c1,c2) \
519 mul_add_c2((a)[i],(a)[j],c0,c1,c2)
520#endif /* !BN_LLONG */
521
522void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
523 {
524#ifdef BN_LLONG
525 BN_ULLONG t;
526#else
527 BN_ULONG bl,bh;
528#endif
529 BN_ULONG t1,t2;
530 BN_ULONG c1,c2,c3;
531
532 c1=0;
533 c2=0;
534 c3=0;
535 mul_add_c(a[0],b[0],c1,c2,c3);
536 r[0]=c1;
537 c1=0;
538 mul_add_c(a[0],b[1],c2,c3,c1);
539 mul_add_c(a[1],b[0],c2,c3,c1);
540 r[1]=c2;
541 c2=0;
542 mul_add_c(a[2],b[0],c3,c1,c2);
543 mul_add_c(a[1],b[1],c3,c1,c2);
544 mul_add_c(a[0],b[2],c3,c1,c2);
545 r[2]=c3;
546 c3=0;
547 mul_add_c(a[0],b[3],c1,c2,c3);
548 mul_add_c(a[1],b[2],c1,c2,c3);
549 mul_add_c(a[2],b[1],c1,c2,c3);
550 mul_add_c(a[3],b[0],c1,c2,c3);
551 r[3]=c1;
552 c1=0;
553 mul_add_c(a[4],b[0],c2,c3,c1);
554 mul_add_c(a[3],b[1],c2,c3,c1);
555 mul_add_c(a[2],b[2],c2,c3,c1);
556 mul_add_c(a[1],b[3],c2,c3,c1);
557 mul_add_c(a[0],b[4],c2,c3,c1);
558 r[4]=c2;
559 c2=0;
560 mul_add_c(a[0],b[5],c3,c1,c2);
561 mul_add_c(a[1],b[4],c3,c1,c2);
562 mul_add_c(a[2],b[3],c3,c1,c2);
563 mul_add_c(a[3],b[2],c3,c1,c2);
564 mul_add_c(a[4],b[1],c3,c1,c2);
565 mul_add_c(a[5],b[0],c3,c1,c2);
566 r[5]=c3;
567 c3=0;
568 mul_add_c(a[6],b[0],c1,c2,c3);
569 mul_add_c(a[5],b[1],c1,c2,c3);
570 mul_add_c(a[4],b[2],c1,c2,c3);
571 mul_add_c(a[3],b[3],c1,c2,c3);
572 mul_add_c(a[2],b[4],c1,c2,c3);
573 mul_add_c(a[1],b[5],c1,c2,c3);
574 mul_add_c(a[0],b[6],c1,c2,c3);
575 r[6]=c1;
576 c1=0;
577 mul_add_c(a[0],b[7],c2,c3,c1);
578 mul_add_c(a[1],b[6],c2,c3,c1);
579 mul_add_c(a[2],b[5],c2,c3,c1);
580 mul_add_c(a[3],b[4],c2,c3,c1);
581 mul_add_c(a[4],b[3],c2,c3,c1);
582 mul_add_c(a[5],b[2],c2,c3,c1);
583 mul_add_c(a[6],b[1],c2,c3,c1);
584 mul_add_c(a[7],b[0],c2,c3,c1);
585 r[7]=c2;
586 c2=0;
587 mul_add_c(a[7],b[1],c3,c1,c2);
588 mul_add_c(a[6],b[2],c3,c1,c2);
589 mul_add_c(a[5],b[3],c3,c1,c2);
590 mul_add_c(a[4],b[4],c3,c1,c2);
591 mul_add_c(a[3],b[5],c3,c1,c2);
592 mul_add_c(a[2],b[6],c3,c1,c2);
593 mul_add_c(a[1],b[7],c3,c1,c2);
594 r[8]=c3;
595 c3=0;
596 mul_add_c(a[2],b[7],c1,c2,c3);
597 mul_add_c(a[3],b[6],c1,c2,c3);
598 mul_add_c(a[4],b[5],c1,c2,c3);
599 mul_add_c(a[5],b[4],c1,c2,c3);
600 mul_add_c(a[6],b[3],c1,c2,c3);
601 mul_add_c(a[7],b[2],c1,c2,c3);
602 r[9]=c1;
603 c1=0;
604 mul_add_c(a[7],b[3],c2,c3,c1);
605 mul_add_c(a[6],b[4],c2,c3,c1);
606 mul_add_c(a[5],b[5],c2,c3,c1);
607 mul_add_c(a[4],b[6],c2,c3,c1);
608 mul_add_c(a[3],b[7],c2,c3,c1);
609 r[10]=c2;
610 c2=0;
611 mul_add_c(a[4],b[7],c3,c1,c2);
612 mul_add_c(a[5],b[6],c3,c1,c2);
613 mul_add_c(a[6],b[5],c3,c1,c2);
614 mul_add_c(a[7],b[4],c3,c1,c2);
615 r[11]=c3;
616 c3=0;
617 mul_add_c(a[7],b[5],c1,c2,c3);
618 mul_add_c(a[6],b[6],c1,c2,c3);
619 mul_add_c(a[5],b[7],c1,c2,c3);
620 r[12]=c1;
621 c1=0;
622 mul_add_c(a[6],b[7],c2,c3,c1);
623 mul_add_c(a[7],b[6],c2,c3,c1);
624 r[13]=c2;
625 c2=0;
626 mul_add_c(a[7],b[7],c3,c1,c2);
627 r[14]=c3;
628 r[15]=c1;
629 }
630
631void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
632 {
633#ifdef BN_LLONG
634 BN_ULLONG t;
635#else
636 BN_ULONG bl,bh;
637#endif
638 BN_ULONG t1,t2;
639 BN_ULONG c1,c2,c3;
640
641 c1=0;
642 c2=0;
643 c3=0;
644 mul_add_c(a[0],b[0],c1,c2,c3);
645 r[0]=c1;
646 c1=0;
647 mul_add_c(a[0],b[1],c2,c3,c1);
648 mul_add_c(a[1],b[0],c2,c3,c1);
649 r[1]=c2;
650 c2=0;
651 mul_add_c(a[2],b[0],c3,c1,c2);
652 mul_add_c(a[1],b[1],c3,c1,c2);
653 mul_add_c(a[0],b[2],c3,c1,c2);
654 r[2]=c3;
655 c3=0;
656 mul_add_c(a[0],b[3],c1,c2,c3);
657 mul_add_c(a[1],b[2],c1,c2,c3);
658 mul_add_c(a[2],b[1],c1,c2,c3);
659 mul_add_c(a[3],b[0],c1,c2,c3);
660 r[3]=c1;
661 c1=0;
662 mul_add_c(a[3],b[1],c2,c3,c1);
663 mul_add_c(a[2],b[2],c2,c3,c1);
664 mul_add_c(a[1],b[3],c2,c3,c1);
665 r[4]=c2;
666 c2=0;
667 mul_add_c(a[2],b[3],c3,c1,c2);
668 mul_add_c(a[3],b[2],c3,c1,c2);
669 r[5]=c3;
670 c3=0;
671 mul_add_c(a[3],b[3],c1,c2,c3);
672 r[6]=c1;
673 r[7]=c2;
674 }
675
676void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
677 {
678#ifdef BN_LLONG
679 BN_ULLONG t,tt;
680#else
681 BN_ULONG bl,bh;
682#endif
683 BN_ULONG t1,t2;
684 BN_ULONG c1,c2,c3;
685
686 c1=0;
687 c2=0;
688 c3=0;
689 sqr_add_c(a,0,c1,c2,c3);
690 r[0]=c1;
691 c1=0;
692 sqr_add_c2(a,1,0,c2,c3,c1);
693 r[1]=c2;
694 c2=0;
695 sqr_add_c(a,1,c3,c1,c2);
696 sqr_add_c2(a,2,0,c3,c1,c2);
697 r[2]=c3;
698 c3=0;
699 sqr_add_c2(a,3,0,c1,c2,c3);
700 sqr_add_c2(a,2,1,c1,c2,c3);
701 r[3]=c1;
702 c1=0;
703 sqr_add_c(a,2,c2,c3,c1);
704 sqr_add_c2(a,3,1,c2,c3,c1);
705 sqr_add_c2(a,4,0,c2,c3,c1);
706 r[4]=c2;
707 c2=0;
708 sqr_add_c2(a,5,0,c3,c1,c2);
709 sqr_add_c2(a,4,1,c3,c1,c2);
710 sqr_add_c2(a,3,2,c3,c1,c2);
711 r[5]=c3;
712 c3=0;
713 sqr_add_c(a,3,c1,c2,c3);
714 sqr_add_c2(a,4,2,c1,c2,c3);
715 sqr_add_c2(a,5,1,c1,c2,c3);
716 sqr_add_c2(a,6,0,c1,c2,c3);
717 r[6]=c1;
718 c1=0;
719 sqr_add_c2(a,7,0,c2,c3,c1);
720 sqr_add_c2(a,6,1,c2,c3,c1);
721 sqr_add_c2(a,5,2,c2,c3,c1);
722 sqr_add_c2(a,4,3,c2,c3,c1);
723 r[7]=c2;
724 c2=0;
725 sqr_add_c(a,4,c3,c1,c2);
726 sqr_add_c2(a,5,3,c3,c1,c2);
727 sqr_add_c2(a,6,2,c3,c1,c2);
728 sqr_add_c2(a,7,1,c3,c1,c2);
729 r[8]=c3;
730 c3=0;
731 sqr_add_c2(a,7,2,c1,c2,c3);
732 sqr_add_c2(a,6,3,c1,c2,c3);
733 sqr_add_c2(a,5,4,c1,c2,c3);
734 r[9]=c1;
735 c1=0;
736 sqr_add_c(a,5,c2,c3,c1);
737 sqr_add_c2(a,6,4,c2,c3,c1);
738 sqr_add_c2(a,7,3,c2,c3,c1);
739 r[10]=c2;
740 c2=0;
741 sqr_add_c2(a,7,4,c3,c1,c2);
742 sqr_add_c2(a,6,5,c3,c1,c2);
743 r[11]=c3;
744 c3=0;
745 sqr_add_c(a,6,c1,c2,c3);
746 sqr_add_c2(a,7,5,c1,c2,c3);
747 r[12]=c1;
748 c1=0;
749 sqr_add_c2(a,7,6,c2,c3,c1);
750 r[13]=c2;
751 c2=0;
752 sqr_add_c(a,7,c3,c1,c2);
753 r[14]=c3;
754 r[15]=c1;
755 }
756
757void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
758 {
759#ifdef BN_LLONG
760 BN_ULLONG t,tt;
761#else
762 BN_ULONG bl,bh;
763#endif
764 BN_ULONG t1,t2;
765 BN_ULONG c1,c2,c3;
766
767 c1=0;
768 c2=0;
769 c3=0;
770 sqr_add_c(a,0,c1,c2,c3);
771 r[0]=c1;
772 c1=0;
773 sqr_add_c2(a,1,0,c2,c3,c1);
774 r[1]=c2;
775 c2=0;
776 sqr_add_c(a,1,c3,c1,c2);
777 sqr_add_c2(a,2,0,c3,c1,c2);
778 r[2]=c3;
779 c3=0;
780 sqr_add_c2(a,3,0,c1,c2,c3);
781 sqr_add_c2(a,2,1,c1,c2,c3);
782 r[3]=c1;
783 c1=0;
784 sqr_add_c(a,2,c2,c3,c1);
785 sqr_add_c2(a,3,1,c2,c3,c1);
786 r[4]=c2;
787 c2=0;
788 sqr_add_c2(a,3,2,c3,c1,c2);
789 r[5]=c3;
790 c3=0;
791 sqr_add_c(a,3,c1,c2,c3);
792 r[6]=c1;
793 r[7]=c2;
794 }
795#else /* !BN_MUL_COMBA */
796
797/* hmm... is it faster just to do a multiply? */
798#undef bn_sqr_comba4
799void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
800 {
801 BN_ULONG t[8];
802 bn_sqr_normal(r,a,4,t);
803 }
804
805#undef bn_sqr_comba8
806void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
807 {
808 BN_ULONG t[16];
809 bn_sqr_normal(r,a,8,t);
810 }
811
812void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
813 {
814 r[4]=bn_mul_words( &(r[0]),a,4,b[0]);
815 r[5]=bn_mul_add_words(&(r[1]),a,4,b[1]);
816 r[6]=bn_mul_add_words(&(r[2]),a,4,b[2]);
817 r[7]=bn_mul_add_words(&(r[3]),a,4,b[3]);
818 }
819
820void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
821 {
822 r[ 8]=bn_mul_words( &(r[0]),a,8,b[0]);
823 r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
824 r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
825 r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
826 r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
827 r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
828 r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
829 r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
830 }
831
832#endif /* !BN_MUL_COMBA */
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c
deleted file mode 100644
index 2d287e6d1b..0000000000
--- a/src/lib/libcrypto/bn/bn_blind.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* crypto/bn/bn_blind.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
64 {
65 BN_BLINDING *ret=NULL;
66
67 bn_check_top(Ai);
68 bn_check_top(mod);
69
70 if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL)
71 {
72 BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
73 return(NULL);
74 }
75 memset(ret,0,sizeof(BN_BLINDING));
76 if ((ret->A=BN_new()) == NULL) goto err;
77 if ((ret->Ai=BN_new()) == NULL) goto err;
78 if (!BN_copy(ret->A,A)) goto err;
79 if (!BN_copy(ret->Ai,Ai)) goto err;
80 ret->mod=mod;
81 return(ret);
82err:
83 if (ret != NULL) BN_BLINDING_free(ret);
84 return(NULL);
85 }
86
87void BN_BLINDING_free(BN_BLINDING *r)
88 {
89 if(r == NULL)
90 return;
91
92 if (r->A != NULL) BN_free(r->A );
93 if (r->Ai != NULL) BN_free(r->Ai);
94 OPENSSL_free(r);
95 }
96
97int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
98 {
99 int ret=0;
100
101 if ((b->A == NULL) || (b->Ai == NULL))
102 {
103 BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
104 goto err;
105 }
106
107 if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
108 if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
109
110 ret=1;
111err:
112 return(ret);
113 }
114
115int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
116 {
117 bn_check_top(n);
118
119 if ((b->A == NULL) || (b->Ai == NULL))
120 {
121 BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED);
122 return(0);
123 }
124 return(BN_mod_mul(n,n,b->A,b->mod,ctx));
125 }
126
127int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
128 {
129 int ret;
130
131 bn_check_top(n);
132 if ((b->A == NULL) || (b->Ai == NULL))
133 {
134 BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED);
135 return(0);
136 }
137 if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
138 {
139 if (!BN_BLINDING_update(b,ctx))
140 return(0);
141 }
142 return(ret);
143 }
144
diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c
deleted file mode 100644
index b1a8d7571e..0000000000
--- a/src/lib/libcrypto/bn/bn_ctx.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* crypto/bn/bn_ctx.c */
2/* Written by Ulf Moeller for the OpenSSL project. */
3/* ====================================================================
4 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 *
51 * This product includes cryptographic software written by Eric Young
52 * (eay@cryptsoft.com). This product includes software written by Tim
53 * Hudson (tjh@cryptsoft.com).
54 *
55 */
56
57#ifndef BN_CTX_DEBUG
58# undef NDEBUG /* avoid conflicting definitions */
59# define NDEBUG
60#endif
61
62#include <stdio.h>
63#include <assert.h>
64#include "cryptlib.h"
65#include <openssl/bn.h>
66
67
68BN_CTX *BN_CTX_new(void)
69 {
70 BN_CTX *ret;
71
72 ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
73 if (ret == NULL)
74 {
75 BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
76 return(NULL);
77 }
78
79 BN_CTX_init(ret);
80 ret->flags=BN_FLG_MALLOCED;
81 return(ret);
82 }
83
84void BN_CTX_init(BN_CTX *ctx)
85 {
86 int i;
87 ctx->tos = 0;
88 ctx->flags = 0;
89 ctx->depth = 0;
90 ctx->too_many = 0;
91 for (i = 0; i < BN_CTX_NUM; i++)
92 BN_init(&(ctx->bn[i]));
93 }
94
95void BN_CTX_free(BN_CTX *ctx)
96 {
97 int i;
98
99 if (ctx == NULL) return;
100 assert(ctx->depth == 0);
101
102 for (i=0; i < BN_CTX_NUM; i++)
103 BN_clear_free(&(ctx->bn[i]));
104 if (ctx->flags & BN_FLG_MALLOCED)
105 OPENSSL_free(ctx);
106 }
107
108void BN_CTX_start(BN_CTX *ctx)
109 {
110 if (ctx->depth < BN_CTX_NUM_POS)
111 ctx->pos[ctx->depth] = ctx->tos;
112 ctx->depth++;
113 }
114
115BIGNUM *BN_CTX_get(BN_CTX *ctx)
116 {
117 if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
118 {
119 if (!ctx->too_many)
120 {
121 BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
122 /* disable error code until BN_CTX_end is called: */
123 ctx->too_many = 1;
124 }
125 return NULL;
126 }
127 return (&(ctx->bn[ctx->tos++]));
128 }
129
130void BN_CTX_end(BN_CTX *ctx)
131 {
132 if (ctx == NULL) return;
133 assert(ctx->depth > 0);
134 if (ctx->depth == 0)
135 /* should never happen, but we can tolerate it if not in
136 * debug mode (could be a 'goto err' in the calling function
137 * before BN_CTX_start was reached) */
138 BN_CTX_start(ctx);
139
140 ctx->too_many = 0;
141 ctx->depth--;
142 if (ctx->depth < BN_CTX_NUM_POS)
143 ctx->tos = ctx->pos[ctx->depth];
144 }
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c
deleted file mode 100644
index c328b5b411..0000000000
--- a/src/lib/libcrypto/bn/bn_div.c
+++ /dev/null
@@ -1,381 +0,0 @@
1/* crypto/bn/bn_div.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include "cryptlib.h"
62#include "bn_lcl.h"
63
64/* The old slow way */
65#if 0
66int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
67 BN_CTX *ctx)
68 {
69 int i,nm,nd;
70 int ret = 0;
71 BIGNUM *D;
72
73 bn_check_top(m);
74 bn_check_top(d);
75 if (BN_is_zero(d))
76 {
77 BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
78 return(0);
79 }
80
81 if (BN_ucmp(m,d) < 0)
82 {
83 if (rem != NULL)
84 { if (BN_copy(rem,m) == NULL) return(0); }
85 if (dv != NULL) BN_zero(dv);
86 return(1);
87 }
88
89 BN_CTX_start(ctx);
90 D = BN_CTX_get(ctx);
91 if (dv == NULL) dv = BN_CTX_get(ctx);
92 if (rem == NULL) rem = BN_CTX_get(ctx);
93 if (D == NULL || dv == NULL || rem == NULL)
94 goto end;
95
96 nd=BN_num_bits(d);
97 nm=BN_num_bits(m);
98 if (BN_copy(D,d) == NULL) goto end;
99 if (BN_copy(rem,m) == NULL) goto end;
100
101 /* The next 2 are needed so we can do a dv->d[0]|=1 later
102 * since BN_lshift1 will only work once there is a value :-) */
103 BN_zero(dv);
104 bn_wexpand(dv,1);
105 dv->top=1;
106
107 if (!BN_lshift(D,D,nm-nd)) goto end;
108 for (i=nm-nd; i>=0; i--)
109 {
110 if (!BN_lshift1(dv,dv)) goto end;
111 if (BN_ucmp(rem,D) >= 0)
112 {
113 dv->d[0]|=1;
114 if (!BN_usub(rem,rem,D)) goto end;
115 }
116/* CAN IMPROVE (and have now :=) */
117 if (!BN_rshift1(D,D)) goto end;
118 }
119 rem->neg=BN_is_zero(rem)?0:m->neg;
120 dv->neg=m->neg^d->neg;
121 ret = 1;
122 end:
123 BN_CTX_end(ctx);
124 return(ret);
125 }
126
127#else
128
129#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC) && !defined(BN_DIV3W)
130# if defined(__GNUC__) && __GNUC__>=2
131# if defined(__i386)
132 /*
133 * There were two reasons for implementing this template:
134 * - GNU C generates a call to a function (__udivdi3 to be exact)
135 * in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
136 * understand why...);
137 * - divl doesn't only calculate quotient, but also leaves
138 * remainder in %edx which we can definitely use here:-)
139 *
140 * <appro@fy.chalmers.se>
141 */
142# define bn_div_words(n0,n1,d0) \
143 ({ asm volatile ( \
144 "divl %4" \
145 : "=a"(q), "=d"(rem) \
146 : "a"(n1), "d"(n0), "g"(d0) \
147 : "cc"); \
148 q; \
149 })
150# define REMAINDER_IS_ALREADY_CALCULATED
151# endif /* __<cpu> */
152# endif /* __GNUC__ */
153#endif /* NO_ASM */
154
155int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
156 BN_CTX *ctx)
157 {
158 int norm_shift,i,j,loop;
159 BIGNUM *tmp,wnum,*snum,*sdiv,*res;
160 BN_ULONG *resp,*wnump;
161 BN_ULONG d0,d1;
162 int num_n,div_n;
163
164 bn_check_top(num);
165 bn_check_top(divisor);
166
167 if (BN_is_zero(divisor))
168 {
169 BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
170 return(0);
171 }
172
173 if (BN_ucmp(num,divisor) < 0)
174 {
175 if (rm != NULL)
176 { if (BN_copy(rm,num) == NULL) return(0); }
177 if (dv != NULL) BN_zero(dv);
178 return(1);
179 }
180
181 BN_CTX_start(ctx);
182 tmp=BN_CTX_get(ctx);
183 snum=BN_CTX_get(ctx);
184 sdiv=BN_CTX_get(ctx);
185 if (dv == NULL)
186 res=BN_CTX_get(ctx);
187 else res=dv;
188 if (sdiv==NULL || res == NULL) goto err;
189 tmp->neg=0;
190
191 /* First we normalise the numbers */
192 norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
193 BN_lshift(sdiv,divisor,norm_shift);
194 sdiv->neg=0;
195 norm_shift+=BN_BITS2;
196 BN_lshift(snum,num,norm_shift);
197 snum->neg=0;
198 div_n=sdiv->top;
199 num_n=snum->top;
200 loop=num_n-div_n;
201
202 /* Lets setup a 'window' into snum
203 * This is the part that corresponds to the current
204 * 'area' being divided */
205 BN_init(&wnum);
206 wnum.d= &(snum->d[loop]);
207 wnum.top= div_n;
208 wnum.dmax= snum->dmax+1; /* a bit of a lie */
209
210 /* Get the top 2 words of sdiv */
211 /* i=sdiv->top; */
212 d0=sdiv->d[div_n-1];
213 d1=(div_n == 1)?0:sdiv->d[div_n-2];
214
215 /* pointer to the 'top' of snum */
216 wnump= &(snum->d[num_n-1]);
217
218 /* Setup to 'res' */
219 res->neg= (num->neg^divisor->neg);
220 if (!bn_wexpand(res,(loop+1))) goto err;
221 res->top=loop;
222 resp= &(res->d[loop-1]);
223
224 /* space for temp */
225 if (!bn_wexpand(tmp,(div_n+1))) goto err;
226
227 if (BN_ucmp(&wnum,sdiv) >= 0)
228 {
229 if (!BN_usub(&wnum,&wnum,sdiv)) goto err;
230 *resp=1;
231 res->d[res->top-1]=1;
232 }
233 else
234 res->top--;
235 resp--;
236
237 for (i=0; i<loop-1; i++)
238 {
239 BN_ULONG q,l0;
240#if defined(BN_DIV3W) && !defined(NO_ASM)
241 BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
242 q=bn_div_3_words(wnump,d1,d0);
243#else
244 BN_ULONG n0,n1,rem=0;
245
246 n0=wnump[0];
247 n1=wnump[-1];
248 if (n0 == d0)
249 q=BN_MASK2;
250 else /* n0 < d0 */
251 {
252#ifdef BN_LLONG
253 BN_ULLONG t2;
254
255#if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
256 q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
257#else
258 q=bn_div_words(n0,n1,d0);
259#endif
260
261#ifndef REMAINDER_IS_ALREADY_CALCULATED
262 /*
263 * rem doesn't have to be BN_ULLONG. The least we
264 * know it's less that d0, isn't it?
265 */
266 rem=(n1-q*d0)&BN_MASK2;
267#endif
268 t2=(BN_ULLONG)d1*q;
269
270 for (;;)
271 {
272 if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
273 break;
274 q--;
275 rem += d0;
276 if (rem < d0) break; /* don't let rem overflow */
277 t2 -= d1;
278 }
279#else /* !BN_LLONG */
280 BN_ULONG t2l,t2h,ql,qh;
281
282 q=bn_div_words(n0,n1,d0);
283#ifndef REMAINDER_IS_ALREADY_CALCULATED
284 rem=(n1-q*d0)&BN_MASK2;
285#endif
286
287#ifdef BN_UMULT_HIGH
288 t2l = d1 * q;
289 t2h = BN_UMULT_HIGH(d1,q);
290#else
291 t2l=LBITS(d1); t2h=HBITS(d1);
292 ql =LBITS(q); qh =HBITS(q);
293 mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
294#endif
295
296 for (;;)
297 {
298 if ((t2h < rem) ||
299 ((t2h == rem) && (t2l <= wnump[-2])))
300 break;
301 q--;
302 rem += d0;
303 if (rem < d0) break; /* don't let rem overflow */
304 if (t2l < d1) t2h--; t2l -= d1;
305 }
306#endif /* !BN_LLONG */
307 }
308#endif /* !BN_DIV3W */
309
310 l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
311 wnum.d--; wnum.top++;
312 tmp->d[div_n]=l0;
313 for (j=div_n+1; j>0; j--)
314 if (tmp->d[j-1]) break;
315 tmp->top=j;
316
317 j=wnum.top;
318 BN_sub(&wnum,&wnum,tmp);
319
320 snum->top=snum->top+wnum.top-j;
321
322 if (wnum.neg)
323 {
324 q--;
325 j=wnum.top;
326 BN_add(&wnum,&wnum,sdiv);
327 snum->top+=wnum.top-j;
328 }
329 *(resp--)=q;
330 wnump--;
331 }
332 if (rm != NULL)
333 {
334 BN_rshift(rm,snum,norm_shift);
335 rm->neg=num->neg;
336 }
337 BN_CTX_end(ctx);
338 return(1);
339err:
340 BN_CTX_end(ctx);
341 return(0);
342 }
343
344#endif
345
346/* rem != m */
347int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
348 {
349#if 0 /* The old slow way */
350 int i,nm,nd;
351 BIGNUM *dv;
352
353 if (BN_ucmp(m,d) < 0)
354 return((BN_copy(rem,m) == NULL)?0:1);
355
356 BN_CTX_start(ctx);
357 dv=BN_CTX_get(ctx);
358
359 if (!BN_copy(rem,m)) goto err;
360
361 nm=BN_num_bits(rem);
362 nd=BN_num_bits(d);
363 if (!BN_lshift(dv,d,nm-nd)) goto err;
364 for (i=nm-nd; i>=0; i--)
365 {
366 if (BN_cmp(rem,dv) >= 0)
367 {
368 if (!BN_sub(rem,rem,dv)) goto err;
369 }
370 if (!BN_rshift1(dv,dv)) goto err;
371 }
372 BN_CTX_end(ctx);
373 return(1);
374 err:
375 BN_CTX_end(ctx);
376 return(0);
377#else
378 return(BN_div(NULL,rem,m,d,ctx));
379#endif
380 }
381
diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c
deleted file mode 100644
index adc6a214fc..0000000000
--- a/src/lib/libcrypto/bn/bn_err.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* crypto/bn/bn_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/bn.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA BN_str_functs[]=
68 {
69{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"},
70{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"},
71{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"},
72{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"},
73{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"},
74{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"},
75{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"},
76{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},
77{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"},
78{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"},
79{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0), "BN_mod_exp2_mont"},
80{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"},
81{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_mod_exp_mont_word"},
82{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"},
83{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"},
84{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"},
85{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"},
86{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"},
87{ERR_PACK(0,BN_F_BN_RAND_RANGE,0), "BN_rand_range"},
88{ERR_PACK(0,BN_F_BN_USUB,0), "BN_usub"},
89{0,NULL}
90 };
91
92static ERR_STRING_DATA BN_str_reasons[]=
93 {
94{BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"},
95{BN_R_BAD_RECIPROCAL ,"bad reciprocal"},
96{BN_R_BIGNUM_TOO_LONG ,"bignum too long"},
97{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"},
98{BN_R_DIV_BY_ZERO ,"div by zero"},
99{BN_R_ENCODING_ERROR ,"encoding error"},
100{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"},
101{BN_R_INVALID_LENGTH ,"invalid length"},
102{BN_R_INVALID_RANGE ,"invalid range"},
103{BN_R_NOT_INITIALIZED ,"not initialized"},
104{BN_R_NO_INVERSE ,"no inverse"},
105{BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"},
106{0,NULL}
107 };
108
109#endif
110
111void ERR_load_BN_strings(void)
112 {
113 static int init=1;
114
115 if (init)
116 {
117 init=0;
118#ifndef NO_ERR
119 ERR_load_strings(ERR_LIB_BN,BN_str_functs);
120 ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
121#endif
122
123 }
124 }
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
deleted file mode 100644
index d2c91628ac..0000000000
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ /dev/null
@@ -1,696 +0,0 @@
1/* crypto/bn/bn_exp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112
113#include <stdio.h>
114#include "cryptlib.h"
115#include "bn_lcl.h"
116
117#define TABLE_SIZE 32
118
119/* slow but works */
120int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
121 {
122 BIGNUM *t;
123 int r=0;
124
125 bn_check_top(a);
126 bn_check_top(b);
127 bn_check_top(m);
128
129 BN_CTX_start(ctx);
130 if ((t = BN_CTX_get(ctx)) == NULL) goto err;
131 if (a == b)
132 { if (!BN_sqr(t,a,ctx)) goto err; }
133 else
134 { if (!BN_mul(t,a,b,ctx)) goto err; }
135 if (!BN_mod(ret,t,m,ctx)) goto err;
136 r=1;
137err:
138 BN_CTX_end(ctx);
139 return(r);
140 }
141
142
143/* this one works - simple but works */
144int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx)
145 {
146 int i,bits,ret=0;
147 BIGNUM *v,*rr;
148
149 BN_CTX_start(ctx);
150 if ((r == a) || (r == p))
151 rr = BN_CTX_get(ctx);
152 else
153 rr = r;
154 if ((v = BN_CTX_get(ctx)) == NULL) goto err;
155
156 if (BN_copy(v,a) == NULL) goto err;
157 bits=BN_num_bits(p);
158
159 if (BN_is_odd(p))
160 { if (BN_copy(rr,a) == NULL) goto err; }
161 else { if (!BN_one(rr)) goto err; }
162
163 for (i=1; i<bits; i++)
164 {
165 if (!BN_sqr(v,v,ctx)) goto err;
166 if (BN_is_bit_set(p,i))
167 {
168 if (!BN_mul(rr,rr,v,ctx)) goto err;
169 }
170 }
171 ret=1;
172err:
173 if (r != rr) BN_copy(r,rr);
174 BN_CTX_end(ctx);
175 return(ret);
176 }
177
178
179int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
180 BN_CTX *ctx)
181 {
182 int ret;
183
184 bn_check_top(a);
185 bn_check_top(p);
186 bn_check_top(m);
187
188#ifdef MONT_MUL_MOD
189 /* I have finally been able to take out this pre-condition of
190 * the top bit being set. It was caused by an error in BN_div
191 * with negatives. There was also another problem when for a^b%m
192 * a >= m. eay 07-May-97 */
193/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
194
195 if (BN_is_odd(m))
196 {
197 if (a->top == 1)
198 {
199 BN_ULONG A = a->d[0];
200 ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
201 }
202 else
203 ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL);
204 }
205 else
206#endif
207#ifdef RECP_MUL_MOD
208 { ret=BN_mod_exp_recp(r,a,p,m,ctx); }
209#else
210 { ret=BN_mod_exp_simple(r,a,p,m,ctx); }
211#endif
212
213 return(ret);
214 }
215
216
217int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
218 const BIGNUM *m, BN_CTX *ctx)
219 {
220 int i,j,bits,ret=0,wstart,wend,window,wvalue;
221 int start=1,ts=0;
222 BIGNUM *aa;
223 BIGNUM val[TABLE_SIZE];
224 BN_RECP_CTX recp;
225
226 bits=BN_num_bits(p);
227
228 if (bits == 0)
229 {
230 BN_one(r);
231 return(1);
232 }
233
234 BN_CTX_start(ctx);
235 if ((aa = BN_CTX_get(ctx)) == NULL) goto err;
236
237 BN_RECP_CTX_init(&recp);
238 if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err;
239
240 BN_init(&(val[0]));
241 ts=1;
242
243 if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */
244
245 window = BN_window_bits_for_exponent_size(bits);
246 if (window > 1)
247 {
248 if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx))
249 goto err; /* 2 */
250 j=1<<(window-1);
251 for (i=1; i<j; i++)
252 {
253 BN_init(&val[i]);
254 if (!BN_mod_mul_reciprocal(&(val[i]),&(val[i-1]),aa,&recp,ctx))
255 goto err;
256 }
257 ts=i;
258 }
259
260 start=1; /* This is used to avoid multiplication etc
261 * when there is only the value '1' in the
262 * buffer. */
263 wvalue=0; /* The 'value' of the window */
264 wstart=bits-1; /* The top bit of the window */
265 wend=0; /* The bottom bit of the window */
266
267 if (!BN_one(r)) goto err;
268
269 for (;;)
270 {
271 if (BN_is_bit_set(p,wstart) == 0)
272 {
273 if (!start)
274 if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
275 goto err;
276 if (wstart == 0) break;
277 wstart--;
278 continue;
279 }
280 /* We now have wstart on a 'set' bit, we now need to work out
281 * how bit a window to do. To do this we need to scan
282 * forward until the last set bit before the end of the
283 * window */
284 j=wstart;
285 wvalue=1;
286 wend=0;
287 for (i=1; i<window; i++)
288 {
289 if (wstart-i < 0) break;
290 if (BN_is_bit_set(p,wstart-i))
291 {
292 wvalue<<=(i-wend);
293 wvalue|=1;
294 wend=i;
295 }
296 }
297
298 /* wend is the size of the current window */
299 j=wend+1;
300 /* add the 'bytes above' */
301 if (!start)
302 for (i=0; i<j; i++)
303 {
304 if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
305 goto err;
306 }
307
308 /* wvalue will be an odd number < 2^window */
309 if (!BN_mod_mul_reciprocal(r,r,&(val[wvalue>>1]),&recp,ctx))
310 goto err;
311
312 /* move the 'window' down further */
313 wstart-=wend+1;
314 wvalue=0;
315 start=0;
316 if (wstart < 0) break;
317 }
318 ret=1;
319err:
320 BN_CTX_end(ctx);
321 for (i=0; i<ts; i++)
322 BN_clear_free(&(val[i]));
323 BN_RECP_CTX_free(&recp);
324 return(ret);
325 }
326
327
328int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p,
329 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
330 {
331 int i,j,bits,ret=0,wstart,wend,window,wvalue;
332 int start=1,ts=0;
333 BIGNUM *d,*r;
334 BIGNUM *aa;
335 BIGNUM val[TABLE_SIZE];
336 BN_MONT_CTX *mont=NULL;
337
338 bn_check_top(a);
339 bn_check_top(p);
340 bn_check_top(m);
341
342 if (!(m->d[0] & 1))
343 {
344 BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
345 return(0);
346 }
347 bits=BN_num_bits(p);
348 if (bits == 0)
349 {
350 BN_one(rr);
351 return(1);
352 }
353 BN_CTX_start(ctx);
354 d = BN_CTX_get(ctx);
355 r = BN_CTX_get(ctx);
356 if (d == NULL || r == NULL) goto err;
357
358 /* If this is not done, things will break in the montgomery
359 * part */
360
361 if (in_mont != NULL)
362 mont=in_mont;
363 else
364 {
365 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
366 if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
367 }
368
369 BN_init(&val[0]);
370 ts=1;
371 if (BN_ucmp(a,m) >= 0)
372 {
373 if (!BN_mod(&(val[0]),a,m,ctx))
374 goto err;
375 aa= &(val[0]);
376 }
377 else
378 aa=a;
379 if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */
380
381 window = BN_window_bits_for_exponent_size(bits);
382 if (window > 1)
383 {
384 if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */
385 j=1<<(window-1);
386 for (i=1; i<j; i++)
387 {
388 BN_init(&(val[i]));
389 if (!BN_mod_mul_montgomery(&(val[i]),&(val[i-1]),d,mont,ctx))
390 goto err;
391 }
392 ts=i;
393 }
394
395 start=1; /* This is used to avoid multiplication etc
396 * when there is only the value '1' in the
397 * buffer. */
398 wvalue=0; /* The 'value' of the window */
399 wstart=bits-1; /* The top bit of the window */
400 wend=0; /* The bottom bit of the window */
401
402 if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
403 for (;;)
404 {
405 if (BN_is_bit_set(p,wstart) == 0)
406 {
407 if (!start)
408 {
409 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
410 goto err;
411 }
412 if (wstart == 0) break;
413 wstart--;
414 continue;
415 }
416 /* We now have wstart on a 'set' bit, we now need to work out
417 * how bit a window to do. To do this we need to scan
418 * forward until the last set bit before the end of the
419 * window */
420 j=wstart;
421 wvalue=1;
422 wend=0;
423 for (i=1; i<window; i++)
424 {
425 if (wstart-i < 0) break;
426 if (BN_is_bit_set(p,wstart-i))
427 {
428 wvalue<<=(i-wend);
429 wvalue|=1;
430 wend=i;
431 }
432 }
433
434 /* wend is the size of the current window */
435 j=wend+1;
436 /* add the 'bytes above' */
437 if (!start)
438 for (i=0; i<j; i++)
439 {
440 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
441 goto err;
442 }
443
444 /* wvalue will be an odd number < 2^window */
445 if (!BN_mod_mul_montgomery(r,r,&(val[wvalue>>1]),mont,ctx))
446 goto err;
447
448 /* move the 'window' down further */
449 wstart-=wend+1;
450 wvalue=0;
451 start=0;
452 if (wstart < 0) break;
453 }
454 if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
455 ret=1;
456err:
457 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
458 BN_CTX_end(ctx);
459 for (i=0; i<ts; i++)
460 BN_clear_free(&(val[i]));
461 return(ret);
462 }
463
464int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
465 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
466 {
467 BN_MONT_CTX *mont = NULL;
468 int b, bits, ret=0;
469 int r_is_one;
470 BN_ULONG w, next_w;
471 BIGNUM *d, *r, *t;
472 BIGNUM *swap_tmp;
473#define BN_MOD_MUL_WORD(r, w, m) \
474 (BN_mul_word(r, (w)) && \
475 (/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \
476 (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
477 /* BN_MOD_MUL_WORD is only used with 'w' large,
478 * so the BN_ucmp test is probably more overhead
479 * than always using BN_mod (which uses BN_copy if
480 * a similar test returns true). */
481#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
482 (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
483
484 bn_check_top(p);
485 bn_check_top(m);
486
487 if (!(m->d[0] & 1))
488 {
489 BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS);
490 return(0);
491 }
492 bits = BN_num_bits(p);
493 if (bits == 0)
494 {
495 BN_one(rr);
496 return(1);
497 }
498 BN_CTX_start(ctx);
499 d = BN_CTX_get(ctx);
500 r = BN_CTX_get(ctx);
501 t = BN_CTX_get(ctx);
502 if (d == NULL || r == NULL || t == NULL) goto err;
503
504 if (in_mont != NULL)
505 mont=in_mont;
506 else
507 {
508 if ((mont = BN_MONT_CTX_new()) == NULL) goto err;
509 if (!BN_MONT_CTX_set(mont, m, ctx)) goto err;
510 }
511
512 r_is_one = 1; /* except for Montgomery factor */
513
514 /* bits-1 >= 0 */
515
516 /* The result is accumulated in the product r*w. */
517 w = a; /* bit 'bits-1' of 'p' is always set */
518 for (b = bits-2; b >= 0; b--)
519 {
520 /* First, square r*w. */
521 next_w = w*w;
522 if ((next_w/w) != w) /* overflow */
523 {
524 if (r_is_one)
525 {
526 if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
527 r_is_one = 0;
528 }
529 else
530 {
531 if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
532 }
533 next_w = 1;
534 }
535 w = next_w;
536 if (!r_is_one)
537 {
538 if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) goto err;
539 }
540
541 /* Second, multiply r*w by 'a' if exponent bit is set. */
542 if (BN_is_bit_set(p, b))
543 {
544 next_w = w*a;
545 if ((next_w/a) != w) /* overflow */
546 {
547 if (r_is_one)
548 {
549 if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
550 r_is_one = 0;
551 }
552 else
553 {
554 if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
555 }
556 next_w = a;
557 }
558 w = next_w;
559 }
560 }
561
562 /* Finally, set r:=r*w. */
563 if (w != 1)
564 {
565 if (r_is_one)
566 {
567 if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
568 r_is_one = 0;
569 }
570 else
571 {
572 if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
573 }
574 }
575
576 if (r_is_one) /* can happen only if a == 1*/
577 {
578 if (!BN_one(rr)) goto err;
579 }
580 else
581 {
582 if (!BN_from_montgomery(rr, r, mont, ctx)) goto err;
583 }
584 ret = 1;
585err:
586 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
587 BN_CTX_end(ctx);
588 return(ret);
589 }
590
591
592/* The old fallback, simple version :-) */
593int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,
594 BN_CTX *ctx)
595 {
596 int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0;
597 int start=1;
598 BIGNUM *d;
599 BIGNUM val[TABLE_SIZE];
600
601 bits=BN_num_bits(p);
602
603 if (bits == 0)
604 {
605 BN_one(r);
606 return(1);
607 }
608
609 BN_CTX_start(ctx);
610 if ((d = BN_CTX_get(ctx)) == NULL) goto err;
611
612 BN_init(&(val[0]));
613 ts=1;
614 if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */
615
616 window = BN_window_bits_for_exponent_size(bits);
617 if (window > 1)
618 {
619 if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx))
620 goto err; /* 2 */
621 j=1<<(window-1);
622 for (i=1; i<j; i++)
623 {
624 BN_init(&(val[i]));
625 if (!BN_mod_mul(&(val[i]),&(val[i-1]),d,m,ctx))
626 goto err;
627 }
628 ts=i;
629 }
630
631 start=1; /* This is used to avoid multiplication etc
632 * when there is only the value '1' in the
633 * buffer. */
634 wvalue=0; /* The 'value' of the window */
635 wstart=bits-1; /* The top bit of the window */
636 wend=0; /* The bottom bit of the window */
637
638 if (!BN_one(r)) goto err;
639
640 for (;;)
641 {
642 if (BN_is_bit_set(p,wstart) == 0)
643 {
644 if (!start)
645 if (!BN_mod_mul(r,r,r,m,ctx))
646 goto err;
647 if (wstart == 0) break;
648 wstart--;
649 continue;
650 }
651 /* We now have wstart on a 'set' bit, we now need to work out
652 * how bit a window to do. To do this we need to scan
653 * forward until the last set bit before the end of the
654 * window */
655 j=wstart;
656 wvalue=1;
657 wend=0;
658 for (i=1; i<window; i++)
659 {
660 if (wstart-i < 0) break;
661 if (BN_is_bit_set(p,wstart-i))
662 {
663 wvalue<<=(i-wend);
664 wvalue|=1;
665 wend=i;
666 }
667 }
668
669 /* wend is the size of the current window */
670 j=wend+1;
671 /* add the 'bytes above' */
672 if (!start)
673 for (i=0; i<j; i++)
674 {
675 if (!BN_mod_mul(r,r,r,m,ctx))
676 goto err;
677 }
678
679 /* wvalue will be an odd number < 2^window */
680 if (!BN_mod_mul(r,r,&(val[wvalue>>1]),m,ctx))
681 goto err;
682
683 /* move the 'window' down further */
684 wstart-=wend+1;
685 wvalue=0;
686 start=0;
687 if (wstart < 0) break;
688 }
689 ret=1;
690err:
691 BN_CTX_end(ctx);
692 for (i=0; i<ts; i++)
693 BN_clear_free(&(val[i]));
694 return(ret);
695 }
696
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
deleted file mode 100644
index 29029f4c72..0000000000
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ /dev/null
@@ -1,300 +0,0 @@
1/* crypto/bn/bn_exp2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include "cryptlib.h"
114#include "bn_lcl.h"
115
116#define TABLE_SIZE 32
117
118int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2,
119 BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
120 {
121 int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2;
122 int r_is_one=1,ts1=0,ts2=0;
123 BIGNUM *d,*r;
124 BIGNUM *a_mod_m;
125 BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE];
126 BN_MONT_CTX *mont=NULL;
127
128 bn_check_top(a1);
129 bn_check_top(p1);
130 bn_check_top(a2);
131 bn_check_top(p2);
132 bn_check_top(m);
133
134 if (!(m->d[0] & 1))
135 {
136 BNerr(BN_F_BN_MOD_EXP2_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
137 return(0);
138 }
139 bits1=BN_num_bits(p1);
140 bits2=BN_num_bits(p2);
141 if ((bits1 == 0) && (bits2 == 0))
142 {
143 BN_one(rr);
144 return(1);
145 }
146 bits=(bits1 > bits2)?bits1:bits2;
147
148 BN_CTX_start(ctx);
149 d = BN_CTX_get(ctx);
150 r = BN_CTX_get(ctx);
151 if (d == NULL || r == NULL) goto err;
152
153 if (in_mont != NULL)
154 mont=in_mont;
155 else
156 {
157 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
158 if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
159 }
160
161 window1 = BN_window_bits_for_exponent_size(bits1);
162 window2 = BN_window_bits_for_exponent_size(bits2);
163
164 /*
165 * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1)
166 */
167 BN_init(&val1[0]);
168 ts1=1;
169 if (BN_ucmp(a1,m) >= 0)
170 {
171 if (!BN_mod(&(val1[0]),a1,m,ctx))
172 goto err;
173 a_mod_m = &(val1[0]);
174 }
175 else
176 a_mod_m = a1;
177 if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err;
178 if (window1 > 1)
179 {
180 if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err;
181
182 j=1<<(window1-1);
183 for (i=1; i<j; i++)
184 {
185 BN_init(&(val1[i]));
186 if (!BN_mod_mul_montgomery(&(val1[i]),&(val1[i-1]),d,mont,ctx))
187 goto err;
188 }
189 ts1=i;
190 }
191
192
193 /*
194 * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1)
195 */
196 BN_init(&val2[0]);
197 ts2=1;
198 if (BN_ucmp(a2,m) >= 0)
199 {
200 if (!BN_mod(&(val2[0]),a2,m,ctx))
201 goto err;
202 a_mod_m = &(val2[0]);
203 }
204 else
205 a_mod_m = a2;
206 if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err;
207 if (window2 > 1)
208 {
209 if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err;
210
211 j=1<<(window2-1);
212 for (i=1; i<j; i++)
213 {
214 BN_init(&(val2[i]));
215 if (!BN_mod_mul_montgomery(&(val2[i]),&(val2[i-1]),d,mont,ctx))
216 goto err;
217 }
218 ts2=i;
219 }
220
221
222 /* Now compute the power product, using independent windows. */
223 r_is_one=1;
224 wvalue1=0; /* The 'value' of the first window */
225 wvalue2=0; /* The 'value' of the second window */
226 wpos1=0; /* If wvalue1 > 0, the bottom bit of the first window */
227 wpos2=0; /* If wvalue2 > 0, the bottom bit of the second window */
228
229 if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
230 for (b=bits-1; b>=0; b--)
231 {
232 if (!r_is_one)
233 {
234 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
235 goto err;
236 }
237
238 if (!wvalue1)
239 if (BN_is_bit_set(p1, b))
240 {
241 /* consider bits b-window1+1 .. b for this window */
242 i = b-window1+1;
243 while (!BN_is_bit_set(p1, i)) /* works for i<0 */
244 i++;
245 wpos1 = i;
246 wvalue1 = 1;
247 for (i = b-1; i >= wpos1; i--)
248 {
249 wvalue1 <<= 1;
250 if (BN_is_bit_set(p1, i))
251 wvalue1++;
252 }
253 }
254
255 if (!wvalue2)
256 if (BN_is_bit_set(p2, b))
257 {
258 /* consider bits b-window2+1 .. b for this window */
259 i = b-window2+1;
260 while (!BN_is_bit_set(p2, i))
261 i++;
262 wpos2 = i;
263 wvalue2 = 1;
264 for (i = b-1; i >= wpos2; i--)
265 {
266 wvalue2 <<= 1;
267 if (BN_is_bit_set(p2, i))
268 wvalue2++;
269 }
270 }
271
272 if (wvalue1 && b == wpos1)
273 {
274 /* wvalue1 is odd and < 2^window1 */
275 if (!BN_mod_mul_montgomery(r,r,&(val1[wvalue1>>1]),mont,ctx))
276 goto err;
277 wvalue1 = 0;
278 r_is_one = 0;
279 }
280
281 if (wvalue2 && b == wpos2)
282 {
283 /* wvalue2 is odd and < 2^window2 */
284 if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx))
285 goto err;
286 wvalue2 = 0;
287 r_is_one = 0;
288 }
289 }
290 BN_from_montgomery(rr,r,mont,ctx);
291 ret=1;
292err:
293 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
294 BN_CTX_end(ctx);
295 for (i=0; i<ts1; i++)
296 BN_clear_free(&(val1[i]));
297 for (i=0; i<ts2; i++)
298 BN_clear_free(&(val2[i]));
299 return(ret);
300 }
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c
deleted file mode 100644
index 398207196b..0000000000
--- a/src/lib/libcrypto/bn/bn_gcd.c
+++ /dev/null
@@ -1,210 +0,0 @@
1/* crypto/bn/bn_gcd.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
64
65int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx)
66 {
67 BIGNUM *a,*b,*t;
68 int ret=0;
69
70 bn_check_top(in_a);
71 bn_check_top(in_b);
72
73 BN_CTX_start(ctx);
74 a = BN_CTX_get(ctx);
75 b = BN_CTX_get(ctx);
76 if (a == NULL || b == NULL) goto err;
77
78 if (BN_copy(a,in_a) == NULL) goto err;
79 if (BN_copy(b,in_b) == NULL) goto err;
80
81 if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
82 t=euclid(a,b);
83 if (t == NULL) goto err;
84
85 if (BN_copy(r,t) == NULL) goto err;
86 ret=1;
87err:
88 BN_CTX_end(ctx);
89 return(ret);
90 }
91
92static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
93 {
94 BIGNUM *t;
95 int shifts=0;
96
97 bn_check_top(a);
98 bn_check_top(b);
99
100 for (;;)
101 {
102 if (BN_is_zero(b))
103 break;
104
105 if (BN_is_odd(a))
106 {
107 if (BN_is_odd(b))
108 {
109 if (!BN_sub(a,a,b)) goto err;
110 if (!BN_rshift1(a,a)) goto err;
111 if (BN_cmp(a,b) < 0)
112 { t=a; a=b; b=t; }
113 }
114 else /* a odd - b even */
115 {
116 if (!BN_rshift1(b,b)) goto err;
117 if (BN_cmp(a,b) < 0)
118 { t=a; a=b; b=t; }
119 }
120 }
121 else /* a is even */
122 {
123 if (BN_is_odd(b))
124 {
125 if (!BN_rshift1(a,a)) goto err;
126 if (BN_cmp(a,b) < 0)
127 { t=a; a=b; b=t; }
128 }
129 else /* a even - b even */
130 {
131 if (!BN_rshift1(a,a)) goto err;
132 if (!BN_rshift1(b,b)) goto err;
133 shifts++;
134 }
135 }
136 }
137 if (shifts)
138 {
139 if (!BN_lshift(a,a,shifts)) goto err;
140 }
141 return(a);
142err:
143 return(NULL);
144 }
145
146/* solves ax == 1 (mod n) */
147BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
148 {
149 BIGNUM *A,*B,*X,*Y,*M,*D,*R=NULL;
150 BIGNUM *T,*ret=NULL;
151 int sign;
152
153 bn_check_top(a);
154 bn_check_top(n);
155
156 BN_CTX_start(ctx);
157 A = BN_CTX_get(ctx);
158 B = BN_CTX_get(ctx);
159 X = BN_CTX_get(ctx);
160 D = BN_CTX_get(ctx);
161 M = BN_CTX_get(ctx);
162 Y = BN_CTX_get(ctx);
163 if (Y == NULL) goto err;
164
165 if (in == NULL)
166 R=BN_new();
167 else
168 R=in;
169 if (R == NULL) goto err;
170
171 BN_zero(X);
172 BN_one(Y);
173 if (BN_copy(A,a) == NULL) goto err;
174 if (BN_copy(B,n) == NULL) goto err;
175 sign=1;
176
177 while (!BN_is_zero(B))
178 {
179 if (!BN_div(D,M,A,B,ctx)) goto err;
180 T=A;
181 A=B;
182 B=M;
183 /* T has a struct, M does not */
184
185 if (!BN_mul(T,D,X,ctx)) goto err;
186 if (!BN_add(T,T,Y)) goto err;
187 M=Y;
188 Y=X;
189 X=T;
190 sign= -sign;
191 }
192 if (sign < 0)
193 {
194 if (!BN_sub(Y,n,Y)) goto err;
195 }
196
197 if (BN_is_one(A))
198 { if (!BN_mod(R,Y,n,ctx)) goto err; }
199 else
200 {
201 BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
202 goto err;
203 }
204 ret=R;
205err:
206 if ((ret == NULL) && (in == NULL)) BN_free(R);
207 BN_CTX_end(ctx);
208 return(ret);
209 }
210
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h
deleted file mode 100644
index 9c959921b4..0000000000
--- a/src/lib/libcrypto/bn/bn_lcl.h
+++ /dev/null
@@ -1,419 +0,0 @@
1/* crypto/bn/bn_lcl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_BN_LCL_H
113#define HEADER_BN_LCL_H
114
115#include <openssl/bn.h>
116
117#ifdef __cplusplus
118extern "C" {
119#endif
120
121
122/*
123 * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
124 *
125 *
126 * For window size 'w' (w >= 2) and a random 'b' bits exponent,
127 * the number of multiplications is a constant plus on average
128 *
129 * 2^(w-1) + (b-w)/(w+1);
130 *
131 * here 2^(w-1) is for precomputing the table (we actually need
132 * entries only for windows that have the lowest bit set), and
133 * (b-w)/(w+1) is an approximation for the expected number of
134 * w-bit windows, not counting the first one.
135 *
136 * Thus we should use
137 *
138 * w >= 6 if b > 671
139 * w = 5 if 671 > b > 239
140 * w = 4 if 239 > b > 79
141 * w = 3 if 79 > b > 23
142 * w <= 2 if 23 > b
143 *
144 * (with draws in between). Very small exponents are often selected
145 * with low Hamming weight, so we use w = 1 for b <= 23.
146 */
147#if 1
148#define BN_window_bits_for_exponent_size(b) \
149 ((b) > 671 ? 6 : \
150 (b) > 239 ? 5 : \
151 (b) > 79 ? 4 : \
152 (b) > 23 ? 3 : 1)
153#else
154/* Old SSLeay/OpenSSL table.
155 * Maximum window size was 5, so this table differs for b==1024;
156 * but it coincides for other interesting values (b==160, b==512).
157 */
158#define BN_window_bits_for_exponent_size(b) \
159 ((b) > 255 ? 5 : \
160 (b) > 127 ? 4 : \
161 (b) > 17 ? 3 : 1)
162#endif
163
164
165
166/* Pentium pro 16,16,16,32,64 */
167/* Alpha 16,16,16,16.64 */
168#define BN_MULL_SIZE_NORMAL (16) /* 32 */
169#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) /* 32 less than */
170#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) /* 32 */
171#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) /* 32 */
172#define BN_MONT_CTX_SET_SIZE_WORD (64) /* 32 */
173
174#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC)
175/*
176 * BN_UMULT_HIGH section.
177 *
178 * No, I'm not trying to overwhelm you when stating that the
179 * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
180 * you to be impressed when I say that if the compiler doesn't
181 * support 2*N integer type, then you have to replace every N*N
182 * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
183 * and additions which unavoidably results in severe performance
184 * penalties. Of course provided that the hardware is capable of
185 * producing 2*N result... That's when you normally start
186 * considering assembler implementation. However! It should be
187 * pointed out that some CPUs (most notably Alpha, PowerPC and
188 * upcoming IA-64 family:-) provide *separate* instruction
189 * calculating the upper half of the product placing the result
190 * into a general purpose register. Now *if* the compiler supports
191 * inline assembler, then it's not impossible to implement the
192 * "bignum" routines (and have the compiler optimize 'em)
193 * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
194 * macro is about:-)
195 *
196 * <appro@fy.chalmers.se>
197 */
198# if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
199# if defined(__DECC)
200# include <c_asm.h>
201# define BN_UMULT_HIGH(a,b) (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
202# elif defined(__GNUC__)
203# define BN_UMULT_HIGH(a,b) ({ \
204 register BN_ULONG ret; \
205 asm ("umulh %1,%2,%0" \
206 : "=r"(ret) \
207 : "r"(a), "r"(b)); \
208 ret; })
209# endif /* compiler */
210# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
211# if defined(__GNUC__)
212# define BN_UMULT_HIGH(a,b) ({ \
213 register BN_ULONG ret; \
214 asm ("mulhdu %0,%1,%2" \
215 : "=r"(ret) \
216 : "r"(a), "r"(b)); \
217 ret; })
218# endif /* compiler */
219# endif /* cpu */
220#endif /* NO_ASM */
221
222/*************************************************************
223 * Using the long long type
224 */
225#define Lw(t) (((BN_ULONG)(t))&BN_MASK2)
226#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
227
228/* This is used for internal error checking and is not normally used */
229#ifdef BN_DEBUG
230# include <assert.h>
231# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->dmax);
232#else
233# define bn_check_top(a)
234#endif
235
236/* This macro is to add extra stuff for development checking */
237#ifdef BN_DEBUG
238#define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA))
239#else
240#define bn_set_max(r)
241#endif
242
243/* These macros are used to 'take' a section of a bignum for read only use */
244#define bn_set_low(r,a,n) \
245 { \
246 (r)->top=((a)->top > (n))?(n):(a)->top; \
247 (r)->d=(a)->d; \
248 (r)->neg=(a)->neg; \
249 (r)->flags|=BN_FLG_STATIC_DATA; \
250 bn_set_max(r); \
251 }
252
253#define bn_set_high(r,a,n) \
254 { \
255 if ((a)->top > (n)) \
256 { \
257 (r)->top=(a)->top-n; \
258 (r)->d= &((a)->d[n]); \
259 } \
260 else \
261 (r)->top=0; \
262 (r)->neg=(a)->neg; \
263 (r)->flags|=BN_FLG_STATIC_DATA; \
264 bn_set_max(r); \
265 }
266
267#ifdef BN_LLONG
268#define mul_add(r,a,w,c) { \
269 BN_ULLONG t; \
270 t=(BN_ULLONG)w * (a) + (r) + (c); \
271 (r)= Lw(t); \
272 (c)= Hw(t); \
273 }
274
275#define mul(r,a,w,c) { \
276 BN_ULLONG t; \
277 t=(BN_ULLONG)w * (a) + (c); \
278 (r)= Lw(t); \
279 (c)= Hw(t); \
280 }
281
282#define sqr(r0,r1,a) { \
283 BN_ULLONG t; \
284 t=(BN_ULLONG)(a)*(a); \
285 (r0)=Lw(t); \
286 (r1)=Hw(t); \
287 }
288
289#elif defined(BN_UMULT_HIGH)
290#define mul_add(r,a,w,c) { \
291 BN_ULONG high,low,ret,tmp=(a); \
292 ret = (r); \
293 high= BN_UMULT_HIGH(w,tmp); \
294 ret += (c); \
295 low = (w) * tmp; \
296 (c) = (ret<(c))?1:0; \
297 (c) += high; \
298 ret += low; \
299 (c) += (ret<low)?1:0; \
300 (r) = ret; \
301 }
302
303#define mul(r,a,w,c) { \
304 BN_ULONG high,low,ret,ta=(a); \
305 low = (w) * ta; \
306 high= BN_UMULT_HIGH(w,ta); \
307 ret = low + (c); \
308 (c) = high; \
309 (c) += (ret<low)?1:0; \
310 (r) = ret; \
311 }
312
313#define sqr(r0,r1,a) { \
314 BN_ULONG tmp=(a); \
315 (r0) = tmp * tmp; \
316 (r1) = BN_UMULT_HIGH(tmp,tmp); \
317 }
318
319#else
320/*************************************************************
321 * No long long type
322 */
323
324#define LBITS(a) ((a)&BN_MASK2l)
325#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l)
326#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4)
327
328#define LLBITS(a) ((a)&BN_MASKl)
329#define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl)
330#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
331
332#define mul64(l,h,bl,bh) \
333 { \
334 BN_ULONG m,m1,lt,ht; \
335 \
336 lt=l; \
337 ht=h; \
338 m =(bh)*(lt); \
339 lt=(bl)*(lt); \
340 m1=(bl)*(ht); \
341 ht =(bh)*(ht); \
342 m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \
343 ht+=HBITS(m); \
344 m1=L2HBITS(m); \
345 lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
346 (l)=lt; \
347 (h)=ht; \
348 }
349
350#define sqr64(lo,ho,in) \
351 { \
352 BN_ULONG l,h,m; \
353 \
354 h=(in); \
355 l=LBITS(h); \
356 h=HBITS(h); \
357 m =(l)*(h); \
358 l*=l; \
359 h*=h; \
360 h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
361 m =(m&BN_MASK2l)<<(BN_BITS4+1); \
362 l=(l+m)&BN_MASK2; if (l < m) h++; \
363 (lo)=l; \
364 (ho)=h; \
365 }
366
367#define mul_add(r,a,bl,bh,c) { \
368 BN_ULONG l,h; \
369 \
370 h= (a); \
371 l=LBITS(h); \
372 h=HBITS(h); \
373 mul64(l,h,(bl),(bh)); \
374 \
375 /* non-multiply part */ \
376 l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
377 (c)=(r); \
378 l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
379 (c)=h&BN_MASK2; \
380 (r)=l; \
381 }
382
383#define mul(r,a,bl,bh,c) { \
384 BN_ULONG l,h; \
385 \
386 h= (a); \
387 l=LBITS(h); \
388 h=HBITS(h); \
389 mul64(l,h,(bl),(bh)); \
390 \
391 /* non-multiply part */ \
392 l+=(c); if ((l&BN_MASK2) < (c)) h++; \
393 (c)=h&BN_MASK2; \
394 (r)=l&BN_MASK2; \
395 }
396#endif /* !BN_LLONG */
397
398void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
399void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
400void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
401void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp);
402void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a);
403void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a);
404int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n);
405void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t);
406void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
407 int tn, int n,BN_ULONG *t);
408void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t);
409void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
410void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
411 BN_ULONG *t);
412void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
413 BN_ULONG *t);
414
415#ifdef __cplusplus
416}
417#endif
418
419#endif
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
deleted file mode 100644
index 7767d65170..0000000000
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ /dev/null
@@ -1,762 +0,0 @@
1/* crypto/bn/bn_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef BN_DEBUG
60# undef NDEBUG /* avoid conflicting definitions */
61# define NDEBUG
62#endif
63
64#include <assert.h>
65#include <limits.h>
66#include <stdio.h>
67#include "cryptlib.h"
68#include "bn_lcl.h"
69
70const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
71
72/* For a 32 bit machine
73 * 2 - 4 == 128
74 * 3 - 8 == 256
75 * 4 - 16 == 512
76 * 5 - 32 == 1024
77 * 6 - 64 == 2048
78 * 7 - 128 == 4096
79 * 8 - 256 == 8192
80 */
81static int bn_limit_bits=0;
82static int bn_limit_num=8; /* (1<<bn_limit_bits) */
83static int bn_limit_bits_low=0;
84static int bn_limit_num_low=8; /* (1<<bn_limit_bits_low) */
85static int bn_limit_bits_high=0;
86static int bn_limit_num_high=8; /* (1<<bn_limit_bits_high) */
87static int bn_limit_bits_mont=0;
88static int bn_limit_num_mont=8; /* (1<<bn_limit_bits_mont) */
89
90void BN_set_params(int mult, int high, int low, int mont)
91 {
92 if (mult >= 0)
93 {
94 if (mult > (sizeof(int)*8)-1)
95 mult=sizeof(int)*8-1;
96 bn_limit_bits=mult;
97 bn_limit_num=1<<mult;
98 }
99 if (high >= 0)
100 {
101 if (high > (sizeof(int)*8)-1)
102 high=sizeof(int)*8-1;
103 bn_limit_bits_high=high;
104 bn_limit_num_high=1<<high;
105 }
106 if (low >= 0)
107 {
108 if (low > (sizeof(int)*8)-1)
109 low=sizeof(int)*8-1;
110 bn_limit_bits_low=low;
111 bn_limit_num_low=1<<low;
112 }
113 if (mont >= 0)
114 {
115 if (mont > (sizeof(int)*8)-1)
116 mont=sizeof(int)*8-1;
117 bn_limit_bits_mont=mont;
118 bn_limit_num_mont=1<<mont;
119 }
120 }
121
122int BN_get_params(int which)
123 {
124 if (which == 0) return(bn_limit_bits);
125 else if (which == 1) return(bn_limit_bits_high);
126 else if (which == 2) return(bn_limit_bits_low);
127 else if (which == 3) return(bn_limit_bits_mont);
128 else return(0);
129 }
130
131BIGNUM *BN_value_one(void)
132 {
133 static BN_ULONG data_one=1L;
134 static BIGNUM const_one={&data_one,1,1,0};
135
136 return(&const_one);
137 }
138
139char *BN_options(void)
140 {
141 static int init=0;
142 static char data[16];
143
144 if (!init)
145 {
146 init++;
147#ifdef BN_LLONG
148 sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
149 (int)sizeof(BN_ULONG)*8);
150#else
151 sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
152 (int)sizeof(BN_ULONG)*8);
153#endif
154 }
155 return(data);
156 }
157
158int BN_num_bits_word(BN_ULONG l)
159 {
160 static const char bits[256]={
161 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
162 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
163 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
164 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
165 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
166 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
167 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
168 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
169 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
170 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
171 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
172 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
173 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
174 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
175 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
176 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
177 };
178
179#if defined(SIXTY_FOUR_BIT_LONG)
180 if (l & 0xffffffff00000000L)
181 {
182 if (l & 0xffff000000000000L)
183 {
184 if (l & 0xff00000000000000L)
185 {
186 return(bits[(int)(l>>56)]+56);
187 }
188 else return(bits[(int)(l>>48)]+48);
189 }
190 else
191 {
192 if (l & 0x0000ff0000000000L)
193 {
194 return(bits[(int)(l>>40)]+40);
195 }
196 else return(bits[(int)(l>>32)]+32);
197 }
198 }
199 else
200#else
201#ifdef SIXTY_FOUR_BIT
202 if (l & 0xffffffff00000000LL)
203 {
204 if (l & 0xffff000000000000LL)
205 {
206 if (l & 0xff00000000000000LL)
207 {
208 return(bits[(int)(l>>56)]+56);
209 }
210 else return(bits[(int)(l>>48)]+48);
211 }
212 else
213 {
214 if (l & 0x0000ff0000000000LL)
215 {
216 return(bits[(int)(l>>40)]+40);
217 }
218 else return(bits[(int)(l>>32)]+32);
219 }
220 }
221 else
222#endif
223#endif
224 {
225#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
226 if (l & 0xffff0000L)
227 {
228 if (l & 0xff000000L)
229 return(bits[(int)(l>>24L)]+24);
230 else return(bits[(int)(l>>16L)]+16);
231 }
232 else
233#endif
234 {
235#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
236 if (l & 0xff00L)
237 return(bits[(int)(l>>8)]+8);
238 else
239#endif
240 return(bits[(int)(l )] );
241 }
242 }
243 }
244
245int BN_num_bits(const BIGNUM *a)
246 {
247 BN_ULONG l;
248 int i;
249
250 bn_check_top(a);
251
252 if (a->top == 0) return(0);
253 l=a->d[a->top-1];
254 assert(l != 0);
255 i=(a->top-1)*BN_BITS2;
256 return(i+BN_num_bits_word(l));
257 }
258
259void BN_clear_free(BIGNUM *a)
260 {
261 int i;
262
263 if (a == NULL) return;
264 if (a->d != NULL)
265 {
266 memset(a->d,0,a->dmax*sizeof(a->d[0]));
267 if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
268 OPENSSL_free(a->d);
269 }
270 i=BN_get_flags(a,BN_FLG_MALLOCED);
271 memset(a,0,sizeof(BIGNUM));
272 if (i)
273 OPENSSL_free(a);
274 }
275
276void BN_free(BIGNUM *a)
277 {
278 if (a == NULL) return;
279 if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
280 OPENSSL_free(a->d);
281 a->flags|=BN_FLG_FREE; /* REMOVE? */
282 if (a->flags & BN_FLG_MALLOCED)
283 OPENSSL_free(a);
284 }
285
286void BN_init(BIGNUM *a)
287 {
288 memset(a,0,sizeof(BIGNUM));
289 }
290
291BIGNUM *BN_new(void)
292 {
293 BIGNUM *ret;
294
295 if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL)
296 {
297 BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
298 return(NULL);
299 }
300 ret->flags=BN_FLG_MALLOCED;
301 ret->top=0;
302 ret->neg=0;
303 ret->dmax=0;
304 ret->d=NULL;
305 return(ret);
306 }
307
308/* This is an internal function that should not be used in applications.
309 * It ensures that 'b' has enough room for a 'words' word number number.
310 * It is mostly used by the various BIGNUM routines. If there is an error,
311 * NULL is returned. If not, 'b' is returned. */
312
313BIGNUM *bn_expand2(BIGNUM *b, int words)
314 {
315 BN_ULONG *A,*a;
316 const BN_ULONG *B;
317 int i;
318
319 bn_check_top(b);
320
321 if (words > b->dmax)
322 {
323 if (words > (INT_MAX/(4*BN_BITS2)))
324 {
325 BNerr(BN_F_BN_EXPAND2,BN_R_BIGNUM_TOO_LONG);
326 return NULL;
327 }
328
329 bn_check_top(b);
330 if (BN_get_flags(b,BN_FLG_STATIC_DATA))
331 {
332 BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
333 return(NULL);
334 }
335 a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1));
336 if (A == NULL)
337 {
338 BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
339 return(NULL);
340 }
341#if 1
342 B=b->d;
343 /* Check if the previous number needs to be copied */
344 if (B != NULL)
345 {
346#if 0
347 /* This lot is an unrolled loop to copy b->top
348 * BN_ULONGs from B to A
349 */
350/*
351 * I have nothing against unrolling but it's usually done for
352 * several reasons, namely:
353 * - minimize percentage of decision making code, i.e. branches;
354 * - avoid cache trashing;
355 * - make it possible to schedule loads earlier;
356 * Now let's examine the code below. The cornerstone of C is
357 * "programmer is always right" and that's what we love it for:-)
358 * For this very reason C compilers have to be paranoid when it
359 * comes to data aliasing and assume the worst. Yeah, but what
360 * does it mean in real life? This means that loop body below will
361 * be compiled to sequence of loads immediately followed by stores
362 * as compiler assumes the worst, something in A==B+1 style. As a
363 * result CPU pipeline is going to starve for incoming data. Secondly
364 * if A and B happen to share same cache line such code is going to
365 * cause severe cache trashing. Both factors have severe impact on
366 * performance of modern CPUs and this is the reason why this
367 * particular piece of code is #ifdefed away and replaced by more
368 * "friendly" version found in #else section below. This comment
369 * also applies to BN_copy function.
370 *
371 * <appro@fy.chalmers.se>
372 */
373 for (i=b->top&(~7); i>0; i-=8)
374 {
375 A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3];
376 A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7];
377 A+=8;
378 B+=8;
379 }
380 switch (b->top&7)
381 {
382 case 7:
383 A[6]=B[6];
384 case 6:
385 A[5]=B[5];
386 case 5:
387 A[4]=B[4];
388 case 4:
389 A[3]=B[3];
390 case 3:
391 A[2]=B[2];
392 case 2:
393 A[1]=B[1];
394 case 1:
395 A[0]=B[0];
396 case 0:
397 /* I need the 'case 0' entry for utrix cc.
398 * If the optimizer is turned on, it does the
399 * switch table by doing
400 * a=top&7
401 * a--;
402 * goto jump_table[a];
403 * If top is 0, this makes us jump to 0xffffffc
404 * which is rather bad :-(.
405 * eric 23-Apr-1998
406 */
407 ;
408 }
409#else
410 for (i=b->top>>2; i>0; i--,A+=4,B+=4)
411 {
412 /*
413 * The fact that the loop is unrolled
414 * 4-wise is a tribute to Intel. It's
415 * the one that doesn't have enough
416 * registers to accomodate more data.
417 * I'd unroll it 8-wise otherwise:-)
418 *
419 * <appro@fy.chalmers.se>
420 */
421 BN_ULONG a0,a1,a2,a3;
422 a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
423 A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
424 }
425 switch (b->top&3)
426 {
427 case 3: A[2]=B[2];
428 case 2: A[1]=B[1];
429 case 1: A[0]=B[0];
430 case 0: ; /* ultrix cc workaround, see above */
431 }
432#endif
433 OPENSSL_free(b->d);
434 }
435
436 b->d=a;
437 b->dmax=words;
438
439 /* Now need to zero any data between b->top and b->max */
440
441 A= &(b->d[b->top]);
442 for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8)
443 {
444 A[0]=0; A[1]=0; A[2]=0; A[3]=0;
445 A[4]=0; A[5]=0; A[6]=0; A[7]=0;
446 }
447 for (i=(b->dmax - b->top)&7; i>0; i--,A++)
448 A[0]=0;
449#else
450 memset(A,0,sizeof(BN_ULONG)*(words+1));
451 memcpy(A,b->d,sizeof(b->d[0])*b->top);
452 b->d=a;
453 b->max=words;
454#endif
455
456/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */
457/* { int i; for (i=b->max; i<words+1; i++) p[i]=i;} */
458
459 }
460 return(b);
461 }
462
463BIGNUM *BN_dup(const BIGNUM *a)
464 {
465 BIGNUM *r;
466
467 if (a == NULL) return NULL;
468
469 bn_check_top(a);
470
471 r=BN_new();
472 if (r == NULL) return(NULL);
473 return((BIGNUM *)BN_copy(r,a));
474 }
475
476BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
477 {
478 int i;
479 BN_ULONG *A;
480 const BN_ULONG *B;
481
482 bn_check_top(b);
483
484 if (a == b) return(a);
485 if (bn_wexpand(a,b->top) == NULL) return(NULL);
486
487#if 1
488 A=a->d;
489 B=b->d;
490 for (i=b->top>>2; i>0; i--,A+=4,B+=4)
491 {
492 BN_ULONG a0,a1,a2,a3;
493 a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
494 A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
495 }
496 switch (b->top&3)
497 {
498 case 3: A[2]=B[2];
499 case 2: A[1]=B[1];
500 case 1: A[0]=B[0];
501 case 0: ; /* ultrix cc workaround, see comments in bn_expand2 */
502 }
503#else
504 memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
505#endif
506
507/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
508 a->top=b->top;
509 if ((a->top == 0) && (a->d != NULL))
510 a->d[0]=0;
511 a->neg=b->neg;
512 return(a);
513 }
514
515void BN_clear(BIGNUM *a)
516 {
517 if (a->d != NULL)
518 memset(a->d,0,a->dmax*sizeof(a->d[0]));
519 a->top=0;
520 a->neg=0;
521 }
522
523BN_ULONG BN_get_word(BIGNUM *a)
524 {
525 int i,n;
526 BN_ULONG ret=0;
527
528 n=BN_num_bytes(a);
529 if (n > sizeof(BN_ULONG))
530 return(BN_MASK2);
531 for (i=a->top-1; i>=0; i--)
532 {
533#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
534 ret<<=BN_BITS4; /* stops the compiler complaining */
535 ret<<=BN_BITS4;
536#else
537 ret=0;
538#endif
539 ret|=a->d[i];
540 }
541 return(ret);
542 }
543
544int BN_set_word(BIGNUM *a, BN_ULONG w)
545 {
546 int i,n;
547 if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0);
548
549 n=sizeof(BN_ULONG)/BN_BYTES;
550 a->neg=0;
551 a->top=0;
552 a->d[0]=(BN_ULONG)w&BN_MASK2;
553 if (a->d[0] != 0) a->top=1;
554 for (i=1; i<n; i++)
555 {
556 /* the following is done instead of
557 * w>>=BN_BITS2 so compilers don't complain
558 * on builds where sizeof(long) == BN_TYPES */
559#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
560 w>>=BN_BITS4;
561 w>>=BN_BITS4;
562#else
563 w=0;
564#endif
565 a->d[i]=(BN_ULONG)w&BN_MASK2;
566 if (a->d[i] != 0) a->top=i+1;
567 }
568 return(1);
569 }
570
571/* ignore negative */
572BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
573 {
574 unsigned int i,m;
575 unsigned int n;
576 BN_ULONG l;
577
578 if (ret == NULL) ret=BN_new();
579 if (ret == NULL) return(NULL);
580 l=0;
581 n=len;
582 if (n == 0)
583 {
584 ret->top=0;
585 return(ret);
586 }
587 if (bn_expand(ret,(int)(n+2)*8) == NULL)
588 return(NULL);
589 i=((n-1)/BN_BYTES)+1;
590 m=((n-1)%(BN_BYTES));
591 ret->top=i;
592 while (n-- > 0)
593 {
594 l=(l<<8L)| *(s++);
595 if (m-- == 0)
596 {
597 ret->d[--i]=l;
598 l=0;
599 m=BN_BYTES-1;
600 }
601 }
602 /* need to call this due to clear byte at top if avoiding
603 * having the top bit set (-ve number) */
604 bn_fix_top(ret);
605 return(ret);
606 }
607
608/* ignore negative */
609int BN_bn2bin(const BIGNUM *a, unsigned char *to)
610 {
611 int n,i;
612 BN_ULONG l;
613
614 n=i=BN_num_bytes(a);
615 while (i-- > 0)
616 {
617 l=a->d[i/BN_BYTES];
618 *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
619 }
620 return(n);
621 }
622
623int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
624 {
625 int i;
626 BN_ULONG t1,t2,*ap,*bp;
627
628 bn_check_top(a);
629 bn_check_top(b);
630
631 i=a->top-b->top;
632 if (i != 0) return(i);
633 ap=a->d;
634 bp=b->d;
635 for (i=a->top-1; i>=0; i--)
636 {
637 t1= ap[i];
638 t2= bp[i];
639 if (t1 != t2)
640 return(t1 > t2?1:-1);
641 }
642 return(0);
643 }
644
645int BN_cmp(const BIGNUM *a, const BIGNUM *b)
646 {
647 int i;
648 int gt,lt;
649 BN_ULONG t1,t2;
650
651 if ((a == NULL) || (b == NULL))
652 {
653 if (a != NULL)
654 return(-1);
655 else if (b != NULL)
656 return(1);
657 else
658 return(0);
659 }
660
661 bn_check_top(a);
662 bn_check_top(b);
663
664 if (a->neg != b->neg)
665 {
666 if (a->neg)
667 return(-1);
668 else return(1);
669 }
670 if (a->neg == 0)
671 { gt=1; lt= -1; }
672 else { gt= -1; lt=1; }
673
674 if (a->top > b->top) return(gt);
675 if (a->top < b->top) return(lt);
676 for (i=a->top-1; i>=0; i--)
677 {
678 t1=a->d[i];
679 t2=b->d[i];
680 if (t1 > t2) return(gt);
681 if (t1 < t2) return(lt);
682 }
683 return(0);
684 }
685
686int BN_set_bit(BIGNUM *a, int n)
687 {
688 int i,j,k;
689
690 i=n/BN_BITS2;
691 j=n%BN_BITS2;
692 if (a->top <= i)
693 {
694 if (bn_wexpand(a,i+1) == NULL) return(0);
695 for(k=a->top; k<i+1; k++)
696 a->d[k]=0;
697 a->top=i+1;
698 }
699
700 a->d[i]|=(((BN_ULONG)1)<<j);
701 return(1);
702 }
703
704int BN_clear_bit(BIGNUM *a, int n)
705 {
706 int i,j;
707
708 i=n/BN_BITS2;
709 j=n%BN_BITS2;
710 if (a->top <= i) return(0);
711
712 a->d[i]&=(~(((BN_ULONG)1)<<j));
713 bn_fix_top(a);
714 return(1);
715 }
716
717int BN_is_bit_set(const BIGNUM *a, int n)
718 {
719 int i,j;
720
721 if (n < 0) return(0);
722 i=n/BN_BITS2;
723 j=n%BN_BITS2;
724 if (a->top <= i) return(0);
725 return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
726 }
727
728int BN_mask_bits(BIGNUM *a, int n)
729 {
730 int b,w;
731
732 w=n/BN_BITS2;
733 b=n%BN_BITS2;
734 if (w >= a->top) return(0);
735 if (b == 0)
736 a->top=w;
737 else
738 {
739 a->top=w+1;
740 a->d[w]&= ~(BN_MASK2<<b);
741 }
742 bn_fix_top(a);
743 return(1);
744 }
745
746int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n)
747 {
748 int i;
749 BN_ULONG aa,bb;
750
751 aa=a[n-1];
752 bb=b[n-1];
753 if (aa != bb) return((aa > bb)?1:-1);
754 for (i=n-2; i>=0; i--)
755 {
756 aa=a[i];
757 bb=b[i];
758 if (aa != bb) return((aa > bb)?1:-1);
759 }
760 return(0);
761 }
762
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
deleted file mode 100644
index 8cf1febacc..0000000000
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ /dev/null
@@ -1,346 +0,0 @@
1/* crypto/bn/bn_mont.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * Details about Montgomery multiplication algorithms can be found at
61 * http://security.ece.orst.edu/publications.html, e.g.
62 * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
63 * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
64 */
65
66#include <stdio.h>
67#include "cryptlib.h"
68#include "bn_lcl.h"
69
70#define MONT_WORD /* use the faster word-based algorithm */
71
72int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
73 BN_MONT_CTX *mont, BN_CTX *ctx)
74 {
75 BIGNUM *tmp,*tmp2;
76 int ret=0;
77
78 BN_CTX_start(ctx);
79 tmp = BN_CTX_get(ctx);
80 tmp2 = BN_CTX_get(ctx);
81 if (tmp == NULL || tmp2 == NULL) goto err;
82
83 bn_check_top(tmp);
84 bn_check_top(tmp2);
85
86 if (a == b)
87 {
88 if (!BN_sqr(tmp,a,ctx)) goto err;
89 }
90 else
91 {
92 if (!BN_mul(tmp,a,b,ctx)) goto err;
93 }
94 /* reduce from aRR to aR */
95 if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
96 ret=1;
97err:
98 BN_CTX_end(ctx);
99 return(ret);
100 }
101
102int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont,
103 BN_CTX *ctx)
104 {
105 int retn=0;
106
107#ifdef MONT_WORD
108 BIGNUM *n,*r;
109 BN_ULONG *ap,*np,*rp,n0,v,*nrp;
110 int al,nl,max,i,x,ri;
111
112 BN_CTX_start(ctx);
113 if ((r = BN_CTX_get(ctx)) == NULL) goto err;
114
115 if (!BN_copy(r,a)) goto err;
116 n= &(mont->N);
117
118 ap=a->d;
119 /* mont->ri is the size of mont->N in bits (rounded up
120 to the word size) */
121 al=ri=mont->ri/BN_BITS2;
122
123 nl=n->top;
124 if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
125
126 max=(nl+al+1); /* allow for overflow (no?) XXX */
127 if (bn_wexpand(r,max) == NULL) goto err;
128 if (bn_wexpand(ret,max) == NULL) goto err;
129
130 r->neg=a->neg^n->neg;
131 np=n->d;
132 rp=r->d;
133 nrp= &(r->d[nl]);
134
135 /* clear the top words of T */
136#if 1
137 for (i=r->top; i<max; i++) /* memset? XXX */
138 r->d[i]=0;
139#else
140 memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG));
141#endif
142
143 r->top=max;
144 n0=mont->n0;
145
146#ifdef BN_COUNT
147 printf("word BN_from_montgomery %d * %d\n",nl,nl);
148#endif
149 for (i=0; i<nl; i++)
150 {
151#ifdef __TANDEM
152 {
153 long long t1;
154 long long t2;
155 long long t3;
156 t1 = rp[0] * (n0 & 0177777);
157 t2 = 037777600000l;
158 t2 = n0 & t2;
159 t3 = rp[0] & 0177777;
160 t2 = (t3 * t2) & BN_MASK2;
161 t1 = t1 + t2;
162 v=bn_mul_add_words(rp,np,nl,(BN_ULONG) t1);
163 }
164#else
165 v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
166#endif
167 nrp++;
168 rp++;
169 if (((nrp[-1]+=v)&BN_MASK2) >= v)
170 continue;
171 else
172 {
173 if (((++nrp[0])&BN_MASK2) != 0) continue;
174 if (((++nrp[1])&BN_MASK2) != 0) continue;
175 for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ;
176 }
177 }
178 bn_fix_top(r);
179
180 /* mont->ri will be a multiple of the word size */
181#if 0
182 BN_rshift(ret,r,mont->ri);
183#else
184 ret->neg = r->neg;
185 x=ri;
186 rp=ret->d;
187 ap= &(r->d[x]);
188 if (r->top < x)
189 al=0;
190 else
191 al=r->top-x;
192 ret->top=al;
193 al-=4;
194 for (i=0; i<al; i+=4)
195 {
196 BN_ULONG t1,t2,t3,t4;
197
198 t1=ap[i+0];
199 t2=ap[i+1];
200 t3=ap[i+2];
201 t4=ap[i+3];
202 rp[i+0]=t1;
203 rp[i+1]=t2;
204 rp[i+2]=t3;
205 rp[i+3]=t4;
206 }
207 al+=4;
208 for (; i<al; i++)
209 rp[i]=ap[i];
210#endif
211#else /* !MONT_WORD */
212 BIGNUM *t1,*t2;
213
214 BN_CTX_start(ctx);
215 t1 = BN_CTX_get(ctx);
216 t2 = BN_CTX_get(ctx);
217 if (t1 == NULL || t2 == NULL) goto err;
218
219 if (!BN_copy(t1,a)) goto err;
220 BN_mask_bits(t1,mont->ri);
221
222 if (!BN_mul(t2,t1,&mont->Ni,ctx)) goto err;
223 BN_mask_bits(t2,mont->ri);
224
225 if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
226 if (!BN_add(t2,a,t1)) goto err;
227 BN_rshift(ret,t2,mont->ri);
228#endif /* MONT_WORD */
229
230 if (BN_ucmp(ret, &(mont->N)) >= 0)
231 {
232 BN_usub(ret,ret,&(mont->N));
233 }
234 retn=1;
235 err:
236 BN_CTX_end(ctx);
237 return(retn);
238 }
239
240BN_MONT_CTX *BN_MONT_CTX_new(void)
241 {
242 BN_MONT_CTX *ret;
243
244 if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
245 return(NULL);
246
247 BN_MONT_CTX_init(ret);
248 ret->flags=BN_FLG_MALLOCED;
249 return(ret);
250 }
251
252void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
253 {
254 ctx->ri=0;
255 BN_init(&(ctx->RR));
256 BN_init(&(ctx->N));
257 BN_init(&(ctx->Ni));
258 ctx->flags=0;
259 }
260
261void BN_MONT_CTX_free(BN_MONT_CTX *mont)
262 {
263 if(mont == NULL)
264 return;
265
266 BN_free(&(mont->RR));
267 BN_free(&(mont->N));
268 BN_free(&(mont->Ni));
269 if (mont->flags & BN_FLG_MALLOCED)
270 OPENSSL_free(mont);
271 }
272
273int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
274 {
275 BIGNUM Ri,*R;
276
277 BN_init(&Ri);
278 R= &(mont->RR); /* grab RR as a temp */
279 BN_copy(&(mont->N),mod); /* Set N */
280
281#ifdef MONT_WORD
282 {
283 BIGNUM tmod;
284 BN_ULONG buf[2];
285
286 mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
287 BN_zero(R);
288 BN_set_bit(R,BN_BITS2); /* R */
289
290 buf[0]=mod->d[0]; /* tmod = N mod word size */
291 buf[1]=0;
292 tmod.d=buf;
293 tmod.top=1;
294 tmod.dmax=2;
295 tmod.neg=mod->neg;
296 /* Ri = R^-1 mod N*/
297 if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL)
298 goto err;
299 BN_lshift(&Ri,&Ri,BN_BITS2); /* R*Ri */
300 if (!BN_is_zero(&Ri))
301 BN_sub_word(&Ri,1);
302 else /* if N mod word size == 1 */
303 BN_set_word(&Ri,BN_MASK2); /* Ri-- (mod word size) */
304 BN_div(&Ri,NULL,&Ri,&tmod,ctx); /* Ni = (R*Ri-1)/N,
305 * keep only least significant word: */
306 mont->n0=Ri.d[0];
307 BN_free(&Ri);
308 }
309#else /* !MONT_WORD */
310 { /* bignum version */
311 mont->ri=BN_num_bits(mod);
312 BN_zero(R);
313 BN_set_bit(R,mont->ri); /* R = 2^ri */
314 /* Ri = R^-1 mod N*/
315 if ((BN_mod_inverse(&Ri,R,mod,ctx)) == NULL)
316 goto err;
317 BN_lshift(&Ri,&Ri,mont->ri); /* R*Ri */
318 BN_sub_word(&Ri,1);
319 /* Ni = (R*Ri-1) / N */
320 BN_div(&(mont->Ni),NULL,&Ri,mod,ctx);
321 BN_free(&Ri);
322 }
323#endif
324
325 /* setup RR for conversions */
326 BN_zero(&(mont->RR));
327 BN_set_bit(&(mont->RR),mont->ri*2);
328 BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx);
329
330 return(1);
331err:
332 return(0);
333 }
334
335BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
336 {
337 if (to == from) return(to);
338
339 BN_copy(&(to->RR),&(from->RR));
340 BN_copy(&(to->N),&(from->N));
341 BN_copy(&(to->Ni),&(from->Ni));
342 to->ri=from->ri;
343 to->n0=from->n0;
344 return(to);
345 }
346
diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c
deleted file mode 100644
index 80e1dca6b7..0000000000
--- a/src/lib/libcrypto/bn/bn_mpi.c
+++ /dev/null
@@ -1,129 +0,0 @@
1/* crypto/bn/bn_mpi.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
64 {
65 int bits;
66 int num=0;
67 int ext=0;
68 long l;
69
70 bits=BN_num_bits(a);
71 num=(bits+7)/8;
72 if (bits > 0)
73 {
74 ext=((bits & 0x07) == 0);
75 }
76 if (d == NULL)
77 return(num+4+ext);
78
79 l=num+ext;
80 d[0]=(unsigned char)(l>>24)&0xff;
81 d[1]=(unsigned char)(l>>16)&0xff;
82 d[2]=(unsigned char)(l>> 8)&0xff;
83 d[3]=(unsigned char)(l )&0xff;
84 if (ext) d[4]=0;
85 num=BN_bn2bin(a,&(d[4+ext]));
86 if (a->neg)
87 d[4]|=0x80;
88 return(num+4+ext);
89 }
90
91BIGNUM *BN_mpi2bn(unsigned char *d, int n, BIGNUM *a)
92 {
93 long len;
94 int neg=0;
95
96 if (n < 4)
97 {
98 BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH);
99 return(NULL);
100 }
101 len=((long)d[0]<<24)|((long)d[1]<<16)|((int)d[2]<<8)|(int)d[3];
102 if ((len+4) != n)
103 {
104 BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR);
105 return(NULL);
106 }
107
108 if (a == NULL) a=BN_new();
109 if (a == NULL) return(NULL);
110
111 if (len == 0)
112 {
113 a->neg=0;
114 a->top=0;
115 return(a);
116 }
117 d+=4;
118 if ((*d) & 0x80)
119 neg=1;
120 if (BN_bin2bn(d,(int)len,a) == NULL)
121 return(NULL);
122 a->neg=neg;
123 if (neg)
124 {
125 BN_clear_bit(a,BN_num_bits(a)-1);
126 }
127 return(a);
128 }
129
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
deleted file mode 100644
index 3e8d8b9567..0000000000
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ /dev/null
@@ -1,794 +0,0 @@
1/* crypto/bn/bn_mul.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63#ifdef BN_RECURSION
64/* Karatsuba recursive multiplication algorithm
65 * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
66
67/* r is 2*n2 words in size,
68 * a and b are both n2 words in size.
69 * n2 must be a power of 2.
70 * We multiply and return the result.
71 * t must be 2*n2 words in size
72 * We calculate
73 * a[0]*b[0]
74 * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
75 * a[1]*b[1]
76 */
77void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
78 BN_ULONG *t)
79 {
80 int n=n2/2,c1,c2;
81 unsigned int neg,zero;
82 BN_ULONG ln,lo,*p;
83
84# ifdef BN_COUNT
85 printf(" bn_mul_recursive %d * %d\n",n2,n2);
86# endif
87# ifdef BN_MUL_COMBA
88# if 0
89 if (n2 == 4)
90 {
91 bn_mul_comba4(r,a,b);
92 return;
93 }
94# endif
95 if (n2 == 8)
96 {
97 bn_mul_comba8(r,a,b);
98 return;
99 }
100# endif /* BN_MUL_COMBA */
101 if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
102 {
103 /* This should not happen */
104 bn_mul_normal(r,a,n2,b,n2);
105 return;
106 }
107 /* r=(a[0]-a[1])*(b[1]-b[0]) */
108 c1=bn_cmp_words(a,&(a[n]),n);
109 c2=bn_cmp_words(&(b[n]),b,n);
110 zero=neg=0;
111 switch (c1*3+c2)
112 {
113 case -4:
114 bn_sub_words(t, &(a[n]),a, n); /* - */
115 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
116 break;
117 case -3:
118 zero=1;
119 break;
120 case -2:
121 bn_sub_words(t, &(a[n]),a, n); /* - */
122 bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */
123 neg=1;
124 break;
125 case -1:
126 case 0:
127 case 1:
128 zero=1;
129 break;
130 case 2:
131 bn_sub_words(t, a, &(a[n]),n); /* + */
132 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
133 neg=1;
134 break;
135 case 3:
136 zero=1;
137 break;
138 case 4:
139 bn_sub_words(t, a, &(a[n]),n);
140 bn_sub_words(&(t[n]),&(b[n]),b, n);
141 break;
142 }
143
144# ifdef BN_MUL_COMBA
145 if (n == 4)
146 {
147 if (!zero)
148 bn_mul_comba4(&(t[n2]),t,&(t[n]));
149 else
150 memset(&(t[n2]),0,8*sizeof(BN_ULONG));
151
152 bn_mul_comba4(r,a,b);
153 bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n]));
154 }
155 else if (n == 8)
156 {
157 if (!zero)
158 bn_mul_comba8(&(t[n2]),t,&(t[n]));
159 else
160 memset(&(t[n2]),0,16*sizeof(BN_ULONG));
161
162 bn_mul_comba8(r,a,b);
163 bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
164 }
165 else
166# endif /* BN_MUL_COMBA */
167 {
168 p= &(t[n2*2]);
169 if (!zero)
170 bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
171 else
172 memset(&(t[n2]),0,n2*sizeof(BN_ULONG));
173 bn_mul_recursive(r,a,b,n,p);
174 bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p);
175 }
176
177 /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
178 * r[10] holds (a[0]*b[0])
179 * r[32] holds (b[1]*b[1])
180 */
181
182 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
183
184 if (neg) /* if t[32] is negative */
185 {
186 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
187 }
188 else
189 {
190 /* Might have a carry */
191 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
192 }
193
194 /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
195 * r[10] holds (a[0]*b[0])
196 * r[32] holds (b[1]*b[1])
197 * c1 holds the carry bits
198 */
199 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
200 if (c1)
201 {
202 p= &(r[n+n2]);
203 lo= *p;
204 ln=(lo+c1)&BN_MASK2;
205 *p=ln;
206
207 /* The overflow will stop before we over write
208 * words we should not overwrite */
209 if (ln < (BN_ULONG)c1)
210 {
211 do {
212 p++;
213 lo= *p;
214 ln=(lo+1)&BN_MASK2;
215 *p=ln;
216 } while (ln == 0);
217 }
218 }
219 }
220
221/* n+tn is the word length
222 * t needs to be n*4 is size, as does r */
223void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
224 int n, BN_ULONG *t)
225 {
226 int i,j,n2=n*2;
227 unsigned int c1,c2,neg,zero;
228 BN_ULONG ln,lo,*p;
229
230# ifdef BN_COUNT
231 printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
232# endif
233 if (n < 8)
234 {
235 i=tn+n;
236 bn_mul_normal(r,a,i,b,i);
237 return;
238 }
239
240 /* r=(a[0]-a[1])*(b[1]-b[0]) */
241 c1=bn_cmp_words(a,&(a[n]),n);
242 c2=bn_cmp_words(&(b[n]),b,n);
243 zero=neg=0;
244 switch (c1*3+c2)
245 {
246 case -4:
247 bn_sub_words(t, &(a[n]),a, n); /* - */
248 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
249 break;
250 case -3:
251 zero=1;
252 /* break; */
253 case -2:
254 bn_sub_words(t, &(a[n]),a, n); /* - */
255 bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */
256 neg=1;
257 break;
258 case -1:
259 case 0:
260 case 1:
261 zero=1;
262 /* break; */
263 case 2:
264 bn_sub_words(t, a, &(a[n]),n); /* + */
265 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
266 neg=1;
267 break;
268 case 3:
269 zero=1;
270 /* break; */
271 case 4:
272 bn_sub_words(t, a, &(a[n]),n);
273 bn_sub_words(&(t[n]),&(b[n]),b, n);
274 break;
275 }
276 /* The zero case isn't yet implemented here. The speedup
277 would probably be negligible. */
278# if 0
279 if (n == 4)
280 {
281 bn_mul_comba4(&(t[n2]),t,&(t[n]));
282 bn_mul_comba4(r,a,b);
283 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
284 memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
285 }
286 else
287# endif
288 if (n == 8)
289 {
290 bn_mul_comba8(&(t[n2]),t,&(t[n]));
291 bn_mul_comba8(r,a,b);
292 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
293 memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
294 }
295 else
296 {
297 p= &(t[n2*2]);
298 bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
299 bn_mul_recursive(r,a,b,n,p);
300 i=n/2;
301 /* If there is only a bottom half to the number,
302 * just do it */
303 j=tn-i;
304 if (j == 0)
305 {
306 bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p);
307 memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
308 }
309 else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
310 {
311 bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
312 j,i,p);
313 memset(&(r[n2+tn*2]),0,
314 sizeof(BN_ULONG)*(n2-tn*2));
315 }
316 else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
317 {
318 memset(&(r[n2]),0,sizeof(BN_ULONG)*n2);
319 if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL)
320 {
321 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
322 }
323 else
324 {
325 for (;;)
326 {
327 i/=2;
328 if (i < tn)
329 {
330 bn_mul_part_recursive(&(r[n2]),
331 &(a[n]),&(b[n]),
332 tn-i,i,p);
333 break;
334 }
335 else if (i == tn)
336 {
337 bn_mul_recursive(&(r[n2]),
338 &(a[n]),&(b[n]),
339 i,p);
340 break;
341 }
342 }
343 }
344 }
345 }
346
347 /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
348 * r[10] holds (a[0]*b[0])
349 * r[32] holds (b[1]*b[1])
350 */
351
352 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
353
354 if (neg) /* if t[32] is negative */
355 {
356 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
357 }
358 else
359 {
360 /* Might have a carry */
361 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
362 }
363
364 /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
365 * r[10] holds (a[0]*b[0])
366 * r[32] holds (b[1]*b[1])
367 * c1 holds the carry bits
368 */
369 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
370 if (c1)
371 {
372 p= &(r[n+n2]);
373 lo= *p;
374 ln=(lo+c1)&BN_MASK2;
375 *p=ln;
376
377 /* The overflow will stop before we over write
378 * words we should not overwrite */
379 if (ln < c1)
380 {
381 do {
382 p++;
383 lo= *p;
384 ln=(lo+1)&BN_MASK2;
385 *p=ln;
386 } while (ln == 0);
387 }
388 }
389 }
390
391/* a and b must be the same size, which is n2.
392 * r needs to be n2 words and t needs to be n2*2
393 */
394void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
395 BN_ULONG *t)
396 {
397 int n=n2/2;
398
399# ifdef BN_COUNT
400 printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
401# endif
402
403 bn_mul_recursive(r,a,b,n,&(t[0]));
404 if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
405 {
406 bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
407 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
408 bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
409 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
410 }
411 else
412 {
413 bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
414 bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
415 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
416 bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
417 }
418 }
419
420/* a and b must be the same size, which is n2.
421 * r needs to be n2 words and t needs to be n2*2
422 * l is the low words of the output.
423 * t needs to be n2*3
424 */
425void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
426 BN_ULONG *t)
427 {
428 int i,n;
429 int c1,c2;
430 int neg,oneg,zero;
431 BN_ULONG ll,lc,*lp,*mp;
432
433# ifdef BN_COUNT
434 printf(" bn_mul_high %d * %d\n",n2,n2);
435# endif
436 n=n2/2;
437
438 /* Calculate (al-ah)*(bh-bl) */
439 neg=zero=0;
440 c1=bn_cmp_words(&(a[0]),&(a[n]),n);
441 c2=bn_cmp_words(&(b[n]),&(b[0]),n);
442 switch (c1*3+c2)
443 {
444 case -4:
445 bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
446 bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
447 break;
448 case -3:
449 zero=1;
450 break;
451 case -2:
452 bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
453 bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
454 neg=1;
455 break;
456 case -1:
457 case 0:
458 case 1:
459 zero=1;
460 break;
461 case 2:
462 bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
463 bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
464 neg=1;
465 break;
466 case 3:
467 zero=1;
468 break;
469 case 4:
470 bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
471 bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
472 break;
473 }
474
475 oneg=neg;
476 /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
477 /* r[10] = (a[1]*b[1]) */
478# ifdef BN_MUL_COMBA
479 if (n == 8)
480 {
481 bn_mul_comba8(&(t[0]),&(r[0]),&(r[n]));
482 bn_mul_comba8(r,&(a[n]),&(b[n]));
483 }
484 else
485# endif
486 {
487 bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
488 bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
489 }
490
491 /* s0 == low(al*bl)
492 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
493 * We know s0 and s1 so the only unknown is high(al*bl)
494 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
495 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
496 */
497 if (l != NULL)
498 {
499 lp= &(t[n2+n]);
500 c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
501 }
502 else
503 {
504 c1=0;
505 lp= &(r[0]);
506 }
507
508 if (neg)
509 neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
510 else
511 {
512 bn_add_words(&(t[n2]),lp,&(t[0]),n);
513 neg=0;
514 }
515
516 if (l != NULL)
517 {
518 bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
519 }
520 else
521 {
522 lp= &(t[n2+n]);
523 mp= &(t[n2]);
524 for (i=0; i<n; i++)
525 lp[i]=((~mp[i])+1)&BN_MASK2;
526 }
527
528 /* s[0] = low(al*bl)
529 * t[3] = high(al*bl)
530 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
531 * r[10] = (a[1]*b[1])
532 */
533 /* R[10] = al*bl
534 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
535 * R[32] = ah*bh
536 */
537 /* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
538 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
539 * R[3]=r[1]+(carry/borrow)
540 */
541 if (l != NULL)
542 {
543 lp= &(t[n2]);
544 c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
545 }
546 else
547 {
548 lp= &(t[n2+n]);
549 c1=0;
550 }
551 c1+=(int)(bn_add_words(&(t[n2]),lp, &(r[0]),n));
552 if (oneg)
553 c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
554 else
555 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
556
557 c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
558 c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
559 if (oneg)
560 c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
561 else
562 c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
563
564 if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
565 {
566 i=0;
567 if (c1 > 0)
568 {
569 lc=c1;
570 do {
571 ll=(r[i]+lc)&BN_MASK2;
572 r[i++]=ll;
573 lc=(lc > ll);
574 } while (lc);
575 }
576 else
577 {
578 lc= -c1;
579 do {
580 ll=r[i];
581 r[i++]=(ll-lc)&BN_MASK2;
582 lc=(lc > ll);
583 } while (lc);
584 }
585 }
586 if (c2 != 0) /* Add starting at r[1] */
587 {
588 i=n;
589 if (c2 > 0)
590 {
591 lc=c2;
592 do {
593 ll=(r[i]+lc)&BN_MASK2;
594 r[i++]=ll;
595 lc=(lc > ll);
596 } while (lc);
597 }
598 else
599 {
600 lc= -c2;
601 do {
602 ll=r[i];
603 r[i++]=(ll-lc)&BN_MASK2;
604 lc=(lc > ll);
605 } while (lc);
606 }
607 }
608 }
609#endif /* BN_RECURSION */
610
611int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
612 {
613 int top,al,bl;
614 BIGNUM *rr;
615 int ret = 0;
616#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
617 int i;
618#endif
619#ifdef BN_RECURSION
620 BIGNUM *t;
621 int j,k;
622#endif
623
624#ifdef BN_COUNT
625 printf("BN_mul %d * %d\n",a->top,b->top);
626#endif
627
628 bn_check_top(a);
629 bn_check_top(b);
630 bn_check_top(r);
631
632 al=a->top;
633 bl=b->top;
634
635 if ((al == 0) || (bl == 0))
636 {
637 BN_zero(r);
638 return(1);
639 }
640 top=al+bl;
641
642 BN_CTX_start(ctx);
643 if ((r == a) || (r == b))
644 {
645 if ((rr = BN_CTX_get(ctx)) == NULL) goto err;
646 }
647 else
648 rr = r;
649 rr->neg=a->neg^b->neg;
650
651#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
652 i = al-bl;
653#endif
654#ifdef BN_MUL_COMBA
655 if (i == 0)
656 {
657# if 0
658 if (al == 4)
659 {
660 if (bn_wexpand(rr,8) == NULL) goto err;
661 rr->top=8;
662 bn_mul_comba4(rr->d,a->d,b->d);
663 goto end;
664 }
665# endif
666 if (al == 8)
667 {
668 if (bn_wexpand(rr,16) == NULL) goto err;
669 rr->top=16;
670 bn_mul_comba8(rr->d,a->d,b->d);
671 goto end;
672 }
673 }
674#endif /* BN_MUL_COMBA */
675#ifdef BN_RECURSION
676 if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL))
677 {
678 if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
679 {
680 bn_wexpand(b,al);
681 b->d[bl]=0;
682 bl++;
683 i--;
684 }
685 else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
686 {
687 bn_wexpand(a,bl);
688 a->d[al]=0;
689 al++;
690 i++;
691 }
692 if (i == 0)
693 {
694 /* symmetric and > 4 */
695 /* 16 or larger */
696 j=BN_num_bits_word((BN_ULONG)al);
697 j=1<<(j-1);
698 k=j+j;
699 t = BN_CTX_get(ctx);
700 if (al == j) /* exact multiple */
701 {
702 bn_wexpand(t,k*2);
703 bn_wexpand(rr,k*2);
704 bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
705 }
706 else
707 {
708 bn_wexpand(a,k);
709 bn_wexpand(b,k);
710 bn_wexpand(t,k*4);
711 bn_wexpand(rr,k*4);
712 for (i=a->top; i<k; i++)
713 a->d[i]=0;
714 for (i=b->top; i<k; i++)
715 b->d[i]=0;
716 bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
717 }
718 rr->top=top;
719 goto end;
720 }
721 }
722#endif /* BN_RECURSION */
723 if (bn_wexpand(rr,top) == NULL) goto err;
724 rr->top=top;
725 bn_mul_normal(rr->d,a->d,al,b->d,bl);
726
727#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
728end:
729#endif
730 bn_fix_top(rr);
731 if (r != rr) BN_copy(r,rr);
732 ret=1;
733err:
734 BN_CTX_end(ctx);
735 return(ret);
736 }
737
738void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
739 {
740 BN_ULONG *rr;
741
742#ifdef BN_COUNT
743 printf(" bn_mul_normal %d * %d\n",na,nb);
744#endif
745
746 if (na < nb)
747 {
748 int itmp;
749 BN_ULONG *ltmp;
750
751 itmp=na; na=nb; nb=itmp;
752 ltmp=a; a=b; b=ltmp;
753
754 }
755 rr= &(r[na]);
756 rr[0]=bn_mul_words(r,a,na,b[0]);
757
758 for (;;)
759 {
760 if (--nb <= 0) return;
761 rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
762 if (--nb <= 0) return;
763 rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
764 if (--nb <= 0) return;
765 rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
766 if (--nb <= 0) return;
767 rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
768 rr+=4;
769 r+=4;
770 b+=4;
771 }
772 }
773
774void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
775 {
776#ifdef BN_COUNT
777 printf(" bn_mul_low_normal %d * %d\n",n,n);
778#endif
779 bn_mul_words(r,a,n,b[0]);
780
781 for (;;)
782 {
783 if (--n <= 0) return;
784 bn_mul_add_words(&(r[1]),a,n,b[1]);
785 if (--n <= 0) return;
786 bn_mul_add_words(&(r[2]),a,n,b[2]);
787 if (--n <= 0) return;
788 bn_mul_add_words(&(r[3]),a,n,b[3]);
789 if (--n <= 0) return;
790 bn_mul_add_words(&(r[4]),a,n,b[4]);
791 r+=4;
792 b+=4;
793 }
794 }
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
deleted file mode 100644
index a5f01b92eb..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ /dev/null
@@ -1,465 +0,0 @@
1/* crypto/bn/bn_prime.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <time.h>
114#include "cryptlib.h"
115#include "bn_lcl.h"
116#include <openssl/rand.h>
117
118/* The quick sieve algorithm approach to weeding out primes is
119 * Philip Zimmermann's, as implemented in PGP. I have had a read of
120 * his comments and implemented my own version.
121 */
122#include "bn_prime.h"
123
124static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
125 const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont);
126static int probable_prime(BIGNUM *rnd, int bits);
127static int probable_prime_dh(BIGNUM *rnd, int bits,
128 BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
129static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
130 BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
131
132BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add,
133 BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg)
134 {
135 BIGNUM *rnd=NULL;
136 BIGNUM t;
137 int found=0;
138 int i,j,c1=0;
139 BN_CTX *ctx;
140 int checks = BN_prime_checks_for_size(bits);
141
142 ctx=BN_CTX_new();
143 if (ctx == NULL) goto err;
144 if (ret == NULL)
145 {
146 if ((rnd=BN_new()) == NULL) goto err;
147 }
148 else
149 rnd=ret;
150 BN_init(&t);
151loop:
152 /* make a random number and set the top and bottom bits */
153 if (add == NULL)
154 {
155 if (!probable_prime(rnd,bits)) goto err;
156 }
157 else
158 {
159 if (safe)
160 {
161 if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx))
162 goto err;
163 }
164 else
165 {
166 if (!probable_prime_dh(rnd,bits,add,rem,ctx))
167 goto err;
168 }
169 }
170 /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
171 if (callback != NULL) callback(0,c1++,cb_arg);
172
173 if (!safe)
174 {
175 i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0);
176 if (i == -1) goto err;
177 if (i == 0) goto loop;
178 }
179 else
180 {
181 /* for "safe prime" generation,
182 * check that (p-1)/2 is prime.
183 * Since a prime is odd, We just
184 * need to divide by 2 */
185 if (!BN_rshift1(&t,rnd)) goto err;
186
187 for (i=0; i<checks; i++)
188 {
189 j=BN_is_prime_fasttest(rnd,1,callback,ctx,cb_arg,0);
190 if (j == -1) goto err;
191 if (j == 0) goto loop;
192
193 j=BN_is_prime_fasttest(&t,1,callback,ctx,cb_arg,0);
194 if (j == -1) goto err;
195 if (j == 0) goto loop;
196
197 if (callback != NULL) callback(2,c1-1,cb_arg);
198 /* We have a safe prime test pass */
199 }
200 }
201 /* we have a prime :-) */
202 found = 1;
203err:
204 if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd);
205 BN_free(&t);
206 if (ctx != NULL) BN_CTX_free(ctx);
207 return(found ? rnd : NULL);
208 }
209
210int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *),
211 BN_CTX *ctx_passed, void *cb_arg)
212 {
213 return BN_is_prime_fasttest(a, checks, callback, ctx_passed, cb_arg, 0);
214 }
215
216int BN_is_prime_fasttest(const BIGNUM *a, int checks,
217 void (*callback)(int,int,void *),
218 BN_CTX *ctx_passed, void *cb_arg,
219 int do_trial_division)
220 {
221 int i, j, ret = -1;
222 int k;
223 BN_CTX *ctx = NULL;
224 BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
225 BN_MONT_CTX *mont = NULL;
226 const BIGNUM *A = NULL;
227
228 if (checks == BN_prime_checks)
229 checks = BN_prime_checks_for_size(BN_num_bits(a));
230
231 /* first look for small factors */
232 if (!BN_is_odd(a))
233 return(0);
234 if (do_trial_division)
235 {
236 for (i = 1; i < NUMPRIMES; i++)
237 if (BN_mod_word(a, primes[i]) == 0)
238 return 0;
239 if (callback != NULL) callback(1, -1, cb_arg);
240 }
241
242 if (ctx_passed != NULL)
243 ctx = ctx_passed;
244 else
245 if ((ctx=BN_CTX_new()) == NULL)
246 goto err;
247 BN_CTX_start(ctx);
248
249 /* A := abs(a) */
250 if (a->neg)
251 {
252 BIGNUM *t;
253 if ((t = BN_CTX_get(ctx)) == NULL) goto err;
254 BN_copy(t, a);
255 t->neg = 0;
256 A = t;
257 }
258 else
259 A = a;
260 A1 = BN_CTX_get(ctx);
261 A1_odd = BN_CTX_get(ctx);
262 check = BN_CTX_get(ctx);
263 if (check == NULL) goto err;
264
265 /* compute A1 := A - 1 */
266 if (!BN_copy(A1, A))
267 goto err;
268 if (!BN_sub_word(A1, 1))
269 goto err;
270 if (BN_is_zero(A1))
271 {
272 ret = 0;
273 goto err;
274 }
275
276 /* write A1 as A1_odd * 2^k */
277 k = 1;
278 while (!BN_is_bit_set(A1, k))
279 k++;
280 if (!BN_rshift(A1_odd, A1, k))
281 goto err;
282
283 /* Montgomery setup for computations mod A */
284 mont = BN_MONT_CTX_new();
285 if (mont == NULL)
286 goto err;
287 if (!BN_MONT_CTX_set(mont, A, ctx))
288 goto err;
289
290 for (i = 0; i < checks; i++)
291 {
292 if (!BN_pseudo_rand(check, BN_num_bits(A1), 0, 0))
293 goto err;
294 if (BN_cmp(check, A1) >= 0)
295 if (!BN_sub(check, check, A1))
296 goto err;
297 if (!BN_add_word(check, 1))
298 goto err;
299 /* now 1 <= check < A */
300
301 j = witness(check, A, A1, A1_odd, k, ctx, mont);
302 if (j == -1) goto err;
303 if (j)
304 {
305 ret=0;
306 goto err;
307 }
308 if (callback != NULL) callback(1,i,cb_arg);
309 }
310 ret=1;
311err:
312 if (ctx != NULL)
313 {
314 BN_CTX_end(ctx);
315 if (ctx_passed == NULL)
316 BN_CTX_free(ctx);
317 }
318 if (mont != NULL)
319 BN_MONT_CTX_free(mont);
320
321 return(ret);
322 }
323
324static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
325 const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont)
326 {
327 if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */
328 return -1;
329 if (BN_is_one(w))
330 return 0; /* probably prime */
331 if (BN_cmp(w, a1) == 0)
332 return 0; /* w == -1 (mod a), 'a' is probably prime */
333 while (--k)
334 {
335 if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
336 return -1;
337 if (BN_is_one(w))
338 return 1; /* 'a' is composite, otherwise a previous 'w' would
339 * have been == -1 (mod 'a') */
340 if (BN_cmp(w, a1) == 0)
341 return 0; /* w == -1 (mod a), 'a' is probably prime */
342 }
343 /* If we get here, 'w' is the (a-1)/2-th power of the original 'w',
344 * and it is neither -1 nor +1 -- so 'a' cannot be prime */
345 return 1;
346 }
347
348static int probable_prime(BIGNUM *rnd, int bits)
349 {
350 int i;
351 BN_ULONG mods[NUMPRIMES];
352 BN_ULONG delta,d;
353
354again:
355 if (!BN_rand(rnd,bits,1,1)) return(0);
356 /* we now have a random number 'rand' to test. */
357 for (i=1; i<NUMPRIMES; i++)
358 mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
359 delta=0;
360 loop: for (i=1; i<NUMPRIMES; i++)
361 {
362 /* check that rnd is not a prime and also
363 * that gcd(rnd-1,primes) == 1 (except for 2) */
364 if (((mods[i]+delta)%primes[i]) <= 1)
365 {
366 d=delta;
367 delta+=2;
368 /* perhaps need to check for overflow of
369 * delta (but delta can be up to 2^32)
370 * 21-May-98 eay - added overflow check */
371 if (delta < d) goto again;
372 goto loop;
373 }
374 }
375 if (!BN_add_word(rnd,delta)) return(0);
376 return(1);
377 }
378
379static int probable_prime_dh(BIGNUM *rnd, int bits, BIGNUM *add, BIGNUM *rem,
380 BN_CTX *ctx)
381 {
382 int i,ret=0;
383 BIGNUM *t1;
384
385 BN_CTX_start(ctx);
386 if ((t1 = BN_CTX_get(ctx)) == NULL) goto err;
387
388 if (!BN_rand(rnd,bits,0,1)) goto err;
389
390 /* we need ((rnd-rem) % add) == 0 */
391
392 if (!BN_mod(t1,rnd,add,ctx)) goto err;
393 if (!BN_sub(rnd,rnd,t1)) goto err;
394 if (rem == NULL)
395 { if (!BN_add_word(rnd,1)) goto err; }
396 else
397 { if (!BN_add(rnd,rnd,rem)) goto err; }
398
399 /* we now have a random number 'rand' to test. */
400
401 loop: for (i=1; i<NUMPRIMES; i++)
402 {
403 /* check that rnd is a prime */
404 if (BN_mod_word(rnd,(BN_ULONG)primes[i]) <= 1)
405 {
406 if (!BN_add(rnd,rnd,add)) goto err;
407 goto loop;
408 }
409 }
410 ret=1;
411err:
412 BN_CTX_end(ctx);
413 return(ret);
414 }
415
416static int probable_prime_dh_safe(BIGNUM *p, int bits, BIGNUM *padd,
417 BIGNUM *rem, BN_CTX *ctx)
418 {
419 int i,ret=0;
420 BIGNUM *t1,*qadd,*q;
421
422 bits--;
423 BN_CTX_start(ctx);
424 t1 = BN_CTX_get(ctx);
425 q = BN_CTX_get(ctx);
426 qadd = BN_CTX_get(ctx);
427 if (qadd == NULL) goto err;
428
429 if (!BN_rshift1(qadd,padd)) goto err;
430
431 if (!BN_rand(q,bits,0,1)) goto err;
432
433 /* we need ((rnd-rem) % add) == 0 */
434 if (!BN_mod(t1,q,qadd,ctx)) goto err;
435 if (!BN_sub(q,q,t1)) goto err;
436 if (rem == NULL)
437 { if (!BN_add_word(q,1)) goto err; }
438 else
439 {
440 if (!BN_rshift1(t1,rem)) goto err;
441 if (!BN_add(q,q,t1)) goto err;
442 }
443
444 /* we now have a random number 'rand' to test. */
445 if (!BN_lshift1(p,q)) goto err;
446 if (!BN_add_word(p,1)) goto err;
447
448 loop: for (i=1; i<NUMPRIMES; i++)
449 {
450 /* check that p and q are prime */
451 /* check that for p and q
452 * gcd(p-1,primes) == 1 (except for 2) */
453 if ( (BN_mod_word(p,(BN_ULONG)primes[i]) == 0) ||
454 (BN_mod_word(q,(BN_ULONG)primes[i]) == 0))
455 {
456 if (!BN_add(p,p,padd)) goto err;
457 if (!BN_add(q,q,qadd)) goto err;
458 goto loop;
459 }
460 }
461 ret=1;
462err:
463 BN_CTX_end(ctx);
464 return(ret);
465 }
diff --git a/src/lib/libcrypto/bn/bn_prime.h b/src/lib/libcrypto/bn/bn_prime.h
deleted file mode 100644
index b7cf9a9bfe..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.h
+++ /dev/null
@@ -1,325 +0,0 @@
1/* Auto generated by bn_prime.pl */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef EIGHT_BIT
60#define NUMPRIMES 2048
61#else
62#define NUMPRIMES 54
63#endif
64static const unsigned int primes[NUMPRIMES]=
65 {
66 2, 3, 5, 7, 11, 13, 17, 19,
67 23, 29, 31, 37, 41, 43, 47, 53,
68 59, 61, 67, 71, 73, 79, 83, 89,
69 97, 101, 103, 107, 109, 113, 127, 131,
70 137, 139, 149, 151, 157, 163, 167, 173,
71 179, 181, 191, 193, 197, 199, 211, 223,
72 227, 229, 233, 239, 241, 251,
73#ifndef EIGHT_BIT
74 257, 263,
75 269, 271, 277, 281, 283, 293, 307, 311,
76 313, 317, 331, 337, 347, 349, 353, 359,
77 367, 373, 379, 383, 389, 397, 401, 409,
78 419, 421, 431, 433, 439, 443, 449, 457,
79 461, 463, 467, 479, 487, 491, 499, 503,
80 509, 521, 523, 541, 547, 557, 563, 569,
81 571, 577, 587, 593, 599, 601, 607, 613,
82 617, 619, 631, 641, 643, 647, 653, 659,
83 661, 673, 677, 683, 691, 701, 709, 719,
84 727, 733, 739, 743, 751, 757, 761, 769,
85 773, 787, 797, 809, 811, 821, 823, 827,
86 829, 839, 853, 857, 859, 863, 877, 881,
87 883, 887, 907, 911, 919, 929, 937, 941,
88 947, 953, 967, 971, 977, 983, 991, 997,
89 1009,1013,1019,1021,1031,1033,1039,1049,
90 1051,1061,1063,1069,1087,1091,1093,1097,
91 1103,1109,1117,1123,1129,1151,1153,1163,
92 1171,1181,1187,1193,1201,1213,1217,1223,
93 1229,1231,1237,1249,1259,1277,1279,1283,
94 1289,1291,1297,1301,1303,1307,1319,1321,
95 1327,1361,1367,1373,1381,1399,1409,1423,
96 1427,1429,1433,1439,1447,1451,1453,1459,
97 1471,1481,1483,1487,1489,1493,1499,1511,
98 1523,1531,1543,1549,1553,1559,1567,1571,
99 1579,1583,1597,1601,1607,1609,1613,1619,
100 1621,1627,1637,1657,1663,1667,1669,1693,
101 1697,1699,1709,1721,1723,1733,1741,1747,
102 1753,1759,1777,1783,1787,1789,1801,1811,
103 1823,1831,1847,1861,1867,1871,1873,1877,
104 1879,1889,1901,1907,1913,1931,1933,1949,
105 1951,1973,1979,1987,1993,1997,1999,2003,
106 2011,2017,2027,2029,2039,2053,2063,2069,
107 2081,2083,2087,2089,2099,2111,2113,2129,
108 2131,2137,2141,2143,2153,2161,2179,2203,
109 2207,2213,2221,2237,2239,2243,2251,2267,
110 2269,2273,2281,2287,2293,2297,2309,2311,
111 2333,2339,2341,2347,2351,2357,2371,2377,
112 2381,2383,2389,2393,2399,2411,2417,2423,
113 2437,2441,2447,2459,2467,2473,2477,2503,
114 2521,2531,2539,2543,2549,2551,2557,2579,
115 2591,2593,2609,2617,2621,2633,2647,2657,
116 2659,2663,2671,2677,2683,2687,2689,2693,
117 2699,2707,2711,2713,2719,2729,2731,2741,
118 2749,2753,2767,2777,2789,2791,2797,2801,
119 2803,2819,2833,2837,2843,2851,2857,2861,
120 2879,2887,2897,2903,2909,2917,2927,2939,
121 2953,2957,2963,2969,2971,2999,3001,3011,
122 3019,3023,3037,3041,3049,3061,3067,3079,
123 3083,3089,3109,3119,3121,3137,3163,3167,
124 3169,3181,3187,3191,3203,3209,3217,3221,
125 3229,3251,3253,3257,3259,3271,3299,3301,
126 3307,3313,3319,3323,3329,3331,3343,3347,
127 3359,3361,3371,3373,3389,3391,3407,3413,
128 3433,3449,3457,3461,3463,3467,3469,3491,
129 3499,3511,3517,3527,3529,3533,3539,3541,
130 3547,3557,3559,3571,3581,3583,3593,3607,
131 3613,3617,3623,3631,3637,3643,3659,3671,
132 3673,3677,3691,3697,3701,3709,3719,3727,
133 3733,3739,3761,3767,3769,3779,3793,3797,
134 3803,3821,3823,3833,3847,3851,3853,3863,
135 3877,3881,3889,3907,3911,3917,3919,3923,
136 3929,3931,3943,3947,3967,3989,4001,4003,
137 4007,4013,4019,4021,4027,4049,4051,4057,
138 4073,4079,4091,4093,4099,4111,4127,4129,
139 4133,4139,4153,4157,4159,4177,4201,4211,
140 4217,4219,4229,4231,4241,4243,4253,4259,
141 4261,4271,4273,4283,4289,4297,4327,4337,
142 4339,4349,4357,4363,4373,4391,4397,4409,
143 4421,4423,4441,4447,4451,4457,4463,4481,
144 4483,4493,4507,4513,4517,4519,4523,4547,
145 4549,4561,4567,4583,4591,4597,4603,4621,
146 4637,4639,4643,4649,4651,4657,4663,4673,
147 4679,4691,4703,4721,4723,4729,4733,4751,
148 4759,4783,4787,4789,4793,4799,4801,4813,
149 4817,4831,4861,4871,4877,4889,4903,4909,
150 4919,4931,4933,4937,4943,4951,4957,4967,
151 4969,4973,4987,4993,4999,5003,5009,5011,
152 5021,5023,5039,5051,5059,5077,5081,5087,
153 5099,5101,5107,5113,5119,5147,5153,5167,
154 5171,5179,5189,5197,5209,5227,5231,5233,
155 5237,5261,5273,5279,5281,5297,5303,5309,
156 5323,5333,5347,5351,5381,5387,5393,5399,
157 5407,5413,5417,5419,5431,5437,5441,5443,
158 5449,5471,5477,5479,5483,5501,5503,5507,
159 5519,5521,5527,5531,5557,5563,5569,5573,
160 5581,5591,5623,5639,5641,5647,5651,5653,
161 5657,5659,5669,5683,5689,5693,5701,5711,
162 5717,5737,5741,5743,5749,5779,5783,5791,
163 5801,5807,5813,5821,5827,5839,5843,5849,
164 5851,5857,5861,5867,5869,5879,5881,5897,
165 5903,5923,5927,5939,5953,5981,5987,6007,
166 6011,6029,6037,6043,6047,6053,6067,6073,
167 6079,6089,6091,6101,6113,6121,6131,6133,
168 6143,6151,6163,6173,6197,6199,6203,6211,
169 6217,6221,6229,6247,6257,6263,6269,6271,
170 6277,6287,6299,6301,6311,6317,6323,6329,
171 6337,6343,6353,6359,6361,6367,6373,6379,
172 6389,6397,6421,6427,6449,6451,6469,6473,
173 6481,6491,6521,6529,6547,6551,6553,6563,
174 6569,6571,6577,6581,6599,6607,6619,6637,
175 6653,6659,6661,6673,6679,6689,6691,6701,
176 6703,6709,6719,6733,6737,6761,6763,6779,
177 6781,6791,6793,6803,6823,6827,6829,6833,
178 6841,6857,6863,6869,6871,6883,6899,6907,
179 6911,6917,6947,6949,6959,6961,6967,6971,
180 6977,6983,6991,6997,7001,7013,7019,7027,
181 7039,7043,7057,7069,7079,7103,7109,7121,
182 7127,7129,7151,7159,7177,7187,7193,7207,
183 7211,7213,7219,7229,7237,7243,7247,7253,
184 7283,7297,7307,7309,7321,7331,7333,7349,
185 7351,7369,7393,7411,7417,7433,7451,7457,
186 7459,7477,7481,7487,7489,7499,7507,7517,
187 7523,7529,7537,7541,7547,7549,7559,7561,
188 7573,7577,7583,7589,7591,7603,7607,7621,
189 7639,7643,7649,7669,7673,7681,7687,7691,
190 7699,7703,7717,7723,7727,7741,7753,7757,
191 7759,7789,7793,7817,7823,7829,7841,7853,
192 7867,7873,7877,7879,7883,7901,7907,7919,
193 7927,7933,7937,7949,7951,7963,7993,8009,
194 8011,8017,8039,8053,8059,8069,8081,8087,
195 8089,8093,8101,8111,8117,8123,8147,8161,
196 8167,8171,8179,8191,8209,8219,8221,8231,
197 8233,8237,8243,8263,8269,8273,8287,8291,
198 8293,8297,8311,8317,8329,8353,8363,8369,
199 8377,8387,8389,8419,8423,8429,8431,8443,
200 8447,8461,8467,8501,8513,8521,8527,8537,
201 8539,8543,8563,8573,8581,8597,8599,8609,
202 8623,8627,8629,8641,8647,8663,8669,8677,
203 8681,8689,8693,8699,8707,8713,8719,8731,
204 8737,8741,8747,8753,8761,8779,8783,8803,
205 8807,8819,8821,8831,8837,8839,8849,8861,
206 8863,8867,8887,8893,8923,8929,8933,8941,
207 8951,8963,8969,8971,8999,9001,9007,9011,
208 9013,9029,9041,9043,9049,9059,9067,9091,
209 9103,9109,9127,9133,9137,9151,9157,9161,
210 9173,9181,9187,9199,9203,9209,9221,9227,
211 9239,9241,9257,9277,9281,9283,9293,9311,
212 9319,9323,9337,9341,9343,9349,9371,9377,
213 9391,9397,9403,9413,9419,9421,9431,9433,
214 9437,9439,9461,9463,9467,9473,9479,9491,
215 9497,9511,9521,9533,9539,9547,9551,9587,
216 9601,9613,9619,9623,9629,9631,9643,9649,
217 9661,9677,9679,9689,9697,9719,9721,9733,
218 9739,9743,9749,9767,9769,9781,9787,9791,
219 9803,9811,9817,9829,9833,9839,9851,9857,
220 9859,9871,9883,9887,9901,9907,9923,9929,
221 9931,9941,9949,9967,9973,10007,10009,10037,
222 10039,10061,10067,10069,10079,10091,10093,10099,
223 10103,10111,10133,10139,10141,10151,10159,10163,
224 10169,10177,10181,10193,10211,10223,10243,10247,
225 10253,10259,10267,10271,10273,10289,10301,10303,
226 10313,10321,10331,10333,10337,10343,10357,10369,
227 10391,10399,10427,10429,10433,10453,10457,10459,
228 10463,10477,10487,10499,10501,10513,10529,10531,
229 10559,10567,10589,10597,10601,10607,10613,10627,
230 10631,10639,10651,10657,10663,10667,10687,10691,
231 10709,10711,10723,10729,10733,10739,10753,10771,
232 10781,10789,10799,10831,10837,10847,10853,10859,
233 10861,10867,10883,10889,10891,10903,10909,10937,
234 10939,10949,10957,10973,10979,10987,10993,11003,
235 11027,11047,11057,11059,11069,11071,11083,11087,
236 11093,11113,11117,11119,11131,11149,11159,11161,
237 11171,11173,11177,11197,11213,11239,11243,11251,
238 11257,11261,11273,11279,11287,11299,11311,11317,
239 11321,11329,11351,11353,11369,11383,11393,11399,
240 11411,11423,11437,11443,11447,11467,11471,11483,
241 11489,11491,11497,11503,11519,11527,11549,11551,
242 11579,11587,11593,11597,11617,11621,11633,11657,
243 11677,11681,11689,11699,11701,11717,11719,11731,
244 11743,11777,11779,11783,11789,11801,11807,11813,
245 11821,11827,11831,11833,11839,11863,11867,11887,
246 11897,11903,11909,11923,11927,11933,11939,11941,
247 11953,11959,11969,11971,11981,11987,12007,12011,
248 12037,12041,12043,12049,12071,12073,12097,12101,
249 12107,12109,12113,12119,12143,12149,12157,12161,
250 12163,12197,12203,12211,12227,12239,12241,12251,
251 12253,12263,12269,12277,12281,12289,12301,12323,
252 12329,12343,12347,12373,12377,12379,12391,12401,
253 12409,12413,12421,12433,12437,12451,12457,12473,
254 12479,12487,12491,12497,12503,12511,12517,12527,
255 12539,12541,12547,12553,12569,12577,12583,12589,
256 12601,12611,12613,12619,12637,12641,12647,12653,
257 12659,12671,12689,12697,12703,12713,12721,12739,
258 12743,12757,12763,12781,12791,12799,12809,12821,
259 12823,12829,12841,12853,12889,12893,12899,12907,
260 12911,12917,12919,12923,12941,12953,12959,12967,
261 12973,12979,12983,13001,13003,13007,13009,13033,
262 13037,13043,13049,13063,13093,13099,13103,13109,
263 13121,13127,13147,13151,13159,13163,13171,13177,
264 13183,13187,13217,13219,13229,13241,13249,13259,
265 13267,13291,13297,13309,13313,13327,13331,13337,
266 13339,13367,13381,13397,13399,13411,13417,13421,
267 13441,13451,13457,13463,13469,13477,13487,13499,
268 13513,13523,13537,13553,13567,13577,13591,13597,
269 13613,13619,13627,13633,13649,13669,13679,13681,
270 13687,13691,13693,13697,13709,13711,13721,13723,
271 13729,13751,13757,13759,13763,13781,13789,13799,
272 13807,13829,13831,13841,13859,13873,13877,13879,
273 13883,13901,13903,13907,13913,13921,13931,13933,
274 13963,13967,13997,13999,14009,14011,14029,14033,
275 14051,14057,14071,14081,14083,14087,14107,14143,
276 14149,14153,14159,14173,14177,14197,14207,14221,
277 14243,14249,14251,14281,14293,14303,14321,14323,
278 14327,14341,14347,14369,14387,14389,14401,14407,
279 14411,14419,14423,14431,14437,14447,14449,14461,
280 14479,14489,14503,14519,14533,14537,14543,14549,
281 14551,14557,14561,14563,14591,14593,14621,14627,
282 14629,14633,14639,14653,14657,14669,14683,14699,
283 14713,14717,14723,14731,14737,14741,14747,14753,
284 14759,14767,14771,14779,14783,14797,14813,14821,
285 14827,14831,14843,14851,14867,14869,14879,14887,
286 14891,14897,14923,14929,14939,14947,14951,14957,
287 14969,14983,15013,15017,15031,15053,15061,15073,
288 15077,15083,15091,15101,15107,15121,15131,15137,
289 15139,15149,15161,15173,15187,15193,15199,15217,
290 15227,15233,15241,15259,15263,15269,15271,15277,
291 15287,15289,15299,15307,15313,15319,15329,15331,
292 15349,15359,15361,15373,15377,15383,15391,15401,
293 15413,15427,15439,15443,15451,15461,15467,15473,
294 15493,15497,15511,15527,15541,15551,15559,15569,
295 15581,15583,15601,15607,15619,15629,15641,15643,
296 15647,15649,15661,15667,15671,15679,15683,15727,
297 15731,15733,15737,15739,15749,15761,15767,15773,
298 15787,15791,15797,15803,15809,15817,15823,15859,
299 15877,15881,15887,15889,15901,15907,15913,15919,
300 15923,15937,15959,15971,15973,15991,16001,16007,
301 16033,16057,16061,16063,16067,16069,16073,16087,
302 16091,16097,16103,16111,16127,16139,16141,16183,
303 16187,16189,16193,16217,16223,16229,16231,16249,
304 16253,16267,16273,16301,16319,16333,16339,16349,
305 16361,16363,16369,16381,16411,16417,16421,16427,
306 16433,16447,16451,16453,16477,16481,16487,16493,
307 16519,16529,16547,16553,16561,16567,16573,16603,
308 16607,16619,16631,16633,16649,16651,16657,16661,
309 16673,16691,16693,16699,16703,16729,16741,16747,
310 16759,16763,16787,16811,16823,16829,16831,16843,
311 16871,16879,16883,16889,16901,16903,16921,16927,
312 16931,16937,16943,16963,16979,16981,16987,16993,
313 17011,17021,17027,17029,17033,17041,17047,17053,
314 17077,17093,17099,17107,17117,17123,17137,17159,
315 17167,17183,17189,17191,17203,17207,17209,17231,
316 17239,17257,17291,17293,17299,17317,17321,17327,
317 17333,17341,17351,17359,17377,17383,17387,17389,
318 17393,17401,17417,17419,17431,17443,17449,17467,
319 17471,17477,17483,17489,17491,17497,17509,17519,
320 17539,17551,17569,17573,17579,17581,17597,17599,
321 17609,17623,17627,17657,17659,17669,17681,17683,
322 17707,17713,17729,17737,17747,17749,17761,17783,
323 17789,17791,17807,17827,17837,17839,17851,17863,
324#endif
325 };
diff --git a/src/lib/libcrypto/bn/bn_prime.pl b/src/lib/libcrypto/bn/bn_prime.pl
deleted file mode 100644
index 9fc3765486..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.pl
+++ /dev/null
@@ -1,117 +0,0 @@
1#!/usr/local/bin/perl
2# bn_prime.pl
3
4$num=2048;
5$num=$ARGV[0] if ($#ARGV >= 0);
6
7push(@primes,2);
8$p=1;
9loop: while ($#primes < $num-1)
10 {
11 $p+=2;
12 $s=int(sqrt($p));
13
14 for ($i=0; $primes[$i]<=$s; $i++)
15 {
16 next loop if (($p%$primes[$i]) == 0);
17 }
18 push(@primes,$p);
19 }
20
21# print <<"EOF";
22# /* Auto generated by bn_prime.pl */
23# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
24# * All rights reserved.
25# * Copyright remains Eric Young's, and as such any Copyright notices in
26# * the code are not to be removed.
27# * See the COPYRIGHT file in the SSLeay distribution for more details.
28# */
29#
30# EOF
31
32print <<\EOF;
33/* Auto generated by bn_prime.pl */
34/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
35 * All rights reserved.
36 *
37 * This package is an SSL implementation written
38 * by Eric Young (eay@cryptsoft.com).
39 * The implementation was written so as to conform with Netscapes SSL.
40 *
41 * This library is free for commercial and non-commercial use as long as
42 * the following conditions are aheared to. The following conditions
43 * apply to all code found in this distribution, be it the RC4, RSA,
44 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
45 * included with this distribution is covered by the same copyright terms
46 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
47 *
48 * Copyright remains Eric Young's, and as such any Copyright notices in
49 * the code are not to be removed.
50 * If this package is used in a product, Eric Young should be given attribution
51 * as the author of the parts of the library used.
52 * This can be in the form of a textual message at program startup or
53 * in documentation (online or textual) provided with the package.
54 *
55 * Redistribution and use in source and binary forms, with or without
56 * modification, are permitted provided that the following conditions
57 * are met:
58 * 1. Redistributions of source code must retain the copyright
59 * notice, this list of conditions and the following disclaimer.
60 * 2. Redistributions in binary form must reproduce the above copyright
61 * notice, this list of conditions and the following disclaimer in the
62 * documentation and/or other materials provided with the distribution.
63 * 3. All advertising materials mentioning features or use of this software
64 * must display the following acknowledgement:
65 * "This product includes cryptographic software written by
66 * Eric Young (eay@cryptsoft.com)"
67 * The word 'cryptographic' can be left out if the rouines from the library
68 * being used are not cryptographic related :-).
69 * 4. If you include any Windows specific code (or a derivative thereof) from
70 * the apps directory (application code) you must include an acknowledgement:
71 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
72 *
73 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
74 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
75 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
76 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
77 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
78 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
79 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
80 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
81 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
82 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
83 * SUCH DAMAGE.
84 *
85 * The licence and distribution terms for any publically available version or
86 * derivative of this code cannot be changed. i.e. this code cannot simply be
87 * copied and put under another distribution licence
88 * [including the GNU Public Licence.]
89 */
90
91EOF
92
93for ($i=0; $i <= $#primes; $i++)
94 {
95 if ($primes[$i] > 256)
96 {
97 $eight=$i;
98 last;
99 }
100 }
101
102printf "#ifndef EIGHT_BIT\n";
103printf "#define NUMPRIMES %d\n",$num;
104printf "#else\n";
105printf "#define NUMPRIMES %d\n",$eight;
106printf "#endif\n";
107print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
108$init=0;
109for ($i=0; $i <= $#primes; $i++)
110 {
111 printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
112 printf("\n\t") if (($i%8) == 0) && ($i != 0);
113 printf("%4d,",$primes[$i]);
114 }
115print "\n#endif\n\t};\n";
116
117
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c
deleted file mode 100644
index 532e66bcc3..0000000000
--- a/src/lib/libcrypto/bn/bn_print.c
+++ /dev/null
@@ -1,332 +0,0 @@
1/* crypto/bn/bn_print.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include "bn_lcl.h"
64
65static const char *Hex="0123456789ABCDEF";
66
67/* Must 'OPENSSL_free' the returned data */
68char *BN_bn2hex(const BIGNUM *a)
69 {
70 int i,j,v,z=0;
71 char *buf;
72 char *p;
73
74 buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2);
75 if (buf == NULL)
76 {
77 BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
78 goto err;
79 }
80 p=buf;
81 if (a->neg) *(p++)='-';
82 if (a->top == 0) *(p++)='0';
83 for (i=a->top-1; i >=0; i--)
84 {
85 for (j=BN_BITS2-8; j >= 0; j-=8)
86 {
87 /* strip leading zeros */
88 v=((int)(a->d[i]>>(long)j))&0xff;
89 if (z || (v != 0))
90 {
91 *(p++)=Hex[v>>4];
92 *(p++)=Hex[v&0x0f];
93 z=1;
94 }
95 }
96 }
97 *p='\0';
98err:
99 return(buf);
100 }
101
102/* Must 'OPENSSL_free' the returned data */
103char *BN_bn2dec(const BIGNUM *a)
104 {
105 int i=0,num;
106 char *buf=NULL;
107 char *p;
108 BIGNUM *t=NULL;
109 BN_ULONG *bn_data=NULL,*lp;
110
111 i=BN_num_bits(a)*3;
112 num=(i/10+i/1000+3)+1;
113 bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
114 buf=(char *)OPENSSL_malloc(num+3);
115 if ((buf == NULL) || (bn_data == NULL))
116 {
117 BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
118 goto err;
119 }
120 if ((t=BN_dup(a)) == NULL) goto err;
121
122 p=buf;
123 lp=bn_data;
124 if (t->neg) *(p++)='-';
125 if (t->top == 0)
126 {
127 *(p++)='0';
128 *(p++)='\0';
129 }
130 else
131 {
132 i=0;
133 while (!BN_is_zero(t))
134 {
135 *lp=BN_div_word(t,BN_DEC_CONV);
136 lp++;
137 }
138 lp--;
139 /* We now have a series of blocks, BN_DEC_NUM chars
140 * in length, where the last one needs truncation.
141 * The blocks need to be reversed in order. */
142 sprintf(p,BN_DEC_FMT1,*lp);
143 while (*p) p++;
144 while (lp != bn_data)
145 {
146 lp--;
147 sprintf(p,BN_DEC_FMT2,*lp);
148 while (*p) p++;
149 }
150 }
151err:
152 if (bn_data != NULL) OPENSSL_free(bn_data);
153 if (t != NULL) BN_free(t);
154 return(buf);
155 }
156
157int BN_hex2bn(BIGNUM **bn, const char *a)
158 {
159 BIGNUM *ret=NULL;
160 BN_ULONG l=0;
161 int neg=0,h,m,i,j,k,c;
162 int num;
163
164 if ((a == NULL) || (*a == '\0')) return(0);
165
166 if (*a == '-') { neg=1; a++; }
167
168 for (i=0; isxdigit((unsigned char) a[i]); i++)
169 ;
170
171 num=i+neg;
172 if (bn == NULL) return(num);
173
174 /* a is the start of the hex digits, and it is 'i' long */
175 if (*bn == NULL)
176 {
177 if ((ret=BN_new()) == NULL) return(0);
178 }
179 else
180 {
181 ret= *bn;
182 BN_zero(ret);
183 }
184
185 /* i is the number of hex digests; */
186 if (bn_expand(ret,i*4) == NULL) goto err;
187
188 j=i; /* least significant 'hex' */
189 m=0;
190 h=0;
191 while (j > 0)
192 {
193 m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
194 l=0;
195 for (;;)
196 {
197 c=a[j-m];
198 if ((c >= '0') && (c <= '9')) k=c-'0';
199 else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
200 else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
201 else k=0; /* paranoia */
202 l=(l<<4)|k;
203
204 if (--m <= 0)
205 {
206 ret->d[h++]=l;
207 break;
208 }
209 }
210 j-=(BN_BYTES*2);
211 }
212 ret->top=h;
213 bn_fix_top(ret);
214 ret->neg=neg;
215
216 *bn=ret;
217 return(num);
218err:
219 if (*bn == NULL) BN_free(ret);
220 return(0);
221 }
222
223int BN_dec2bn(BIGNUM **bn, const char *a)
224 {
225 BIGNUM *ret=NULL;
226 BN_ULONG l=0;
227 int neg=0,i,j;
228 int num;
229
230 if ((a == NULL) || (*a == '\0')) return(0);
231 if (*a == '-') { neg=1; a++; }
232
233 for (i=0; isdigit((unsigned char) a[i]); i++)
234 ;
235
236 num=i+neg;
237 if (bn == NULL) return(num);
238
239 /* a is the start of the digits, and it is 'i' long.
240 * We chop it into BN_DEC_NUM digits at a time */
241 if (*bn == NULL)
242 {
243 if ((ret=BN_new()) == NULL) return(0);
244 }
245 else
246 {
247 ret= *bn;
248 BN_zero(ret);
249 }
250
251 /* i is the number of digests, a bit of an over expand; */
252 if (bn_expand(ret,i*4) == NULL) goto err;
253
254 j=BN_DEC_NUM-(i%BN_DEC_NUM);
255 if (j == BN_DEC_NUM) j=0;
256 l=0;
257 while (*a)
258 {
259 l*=10;
260 l+= *a-'0';
261 a++;
262 if (++j == BN_DEC_NUM)
263 {
264 BN_mul_word(ret,BN_DEC_CONV);
265 BN_add_word(ret,l);
266 l=0;
267 j=0;
268 }
269 }
270 ret->neg=neg;
271
272 bn_fix_top(ret);
273 *bn=ret;
274 return(num);
275err:
276 if (*bn == NULL) BN_free(ret);
277 return(0);
278 }
279
280#ifndef NO_BIO
281#ifndef NO_FP_API
282int BN_print_fp(FILE *fp, const BIGNUM *a)
283 {
284 BIO *b;
285 int ret;
286
287 if ((b=BIO_new(BIO_s_file())) == NULL)
288 return(0);
289 BIO_set_fp(b,fp,BIO_NOCLOSE);
290 ret=BN_print(b,a);
291 BIO_free(b);
292 return(ret);
293 }
294#endif
295
296int BN_print(BIO *bp, const BIGNUM *a)
297 {
298 int i,j,v,z=0;
299 int ret=0;
300
301 if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
302 if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
303 for (i=a->top-1; i >=0; i--)
304 {
305 for (j=BN_BITS2-4; j >= 0; j-=4)
306 {
307 /* strip leading zeros */
308 v=((int)(a->d[i]>>(long)j))&0x0f;
309 if (z || (v != 0))
310 {
311 if (BIO_write(bp,&(Hex[v]),1) != 1)
312 goto end;
313 z=1;
314 }
315 }
316 }
317 ret=1;
318end:
319 return(ret);
320 }
321#endif
322
323#ifdef BN_DEBUG
324void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n)
325 {
326 int i;
327 fprintf(o, "%s=", a);
328 for (i=n-1;i>=0;i--)
329 fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */
330 fprintf(o, "\n");
331 }
332#endif
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c
deleted file mode 100644
index acd0619921..0000000000
--- a/src/lib/libcrypto/bn/bn_rand.c
+++ /dev/null
@@ -1,223 +0,0 @@
1/* crypto/bn/bn_rand.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include "cryptlib.h"
62#include "bn_lcl.h"
63#include <openssl/rand.h>
64
65static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
66 {
67 unsigned char *buf=NULL;
68 int ret=0,bit,bytes,mask;
69 time_t tim;
70
71 if (bits == 0)
72 {
73 BN_zero(rnd);
74 return 1;
75 }
76
77 bytes=(bits+7)/8;
78 bit=(bits-1)%8;
79 mask=0xff<<(bit+1);
80
81 buf=(unsigned char *)OPENSSL_malloc(bytes);
82 if (buf == NULL)
83 {
84 BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
85 goto err;
86 }
87
88 /* make a random number and set the top and bottom bits */
89 time(&tim);
90 RAND_add(&tim,sizeof(tim),0);
91
92 if (pseudorand)
93 {
94 if (RAND_pseudo_bytes(buf, bytes) == -1)
95 goto err;
96 }
97 else
98 {
99 if (RAND_bytes(buf, bytes) <= 0)
100 goto err;
101 }
102
103#if 1
104 if (pseudorand == 2)
105 {
106 /* generate patterns that are more likely to trigger BN
107 library bugs */
108 int i;
109 unsigned char c;
110
111 for (i = 0; i < bytes; i++)
112 {
113 RAND_pseudo_bytes(&c, 1);
114 if (c >= 128 && i > 0)
115 buf[i] = buf[i-1];
116 else if (c < 42)
117 buf[i] = 0;
118 else if (c < 84)
119 buf[i] = 255;
120 }
121 }
122#endif
123
124 if (top != -1)
125 {
126 if (top)
127 {
128 if (bit == 0)
129 {
130 buf[0]=1;
131 buf[1]|=0x80;
132 }
133 else
134 {
135 buf[0]|=(3<<(bit-1));
136 }
137 }
138 else
139 {
140 buf[0]|=(1<<bit);
141 }
142 }
143 buf[0] &= ~mask;
144 if (bottom) /* set bottom bit if requested */
145 buf[bytes-1]|=1;
146 if (!BN_bin2bn(buf,bytes,rnd)) goto err;
147 ret=1;
148err:
149 if (buf != NULL)
150 {
151 memset(buf,0,bytes);
152 OPENSSL_free(buf);
153 }
154 return(ret);
155 }
156
157int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
158 {
159 return bnrand(0, rnd, bits, top, bottom);
160 }
161
162int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
163 {
164 return bnrand(1, rnd, bits, top, bottom);
165 }
166
167#if 1
168int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
169 {
170 return bnrand(2, rnd, bits, top, bottom);
171 }
172#endif
173
174/* random number r: 0 <= r < range */
175int BN_rand_range(BIGNUM *r, BIGNUM *range)
176 {
177 int n;
178
179 if (range->neg || BN_is_zero(range))
180 {
181 BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
182 return 0;
183 }
184
185 n = BN_num_bits(range); /* n > 0 */
186
187 if (n == 1)
188 {
189 if (!BN_zero(r)) return 0;
190 }
191 else if (BN_is_bit_set(range, n - 2))
192 {
193 do
194 {
195 /* range = 11..._2, so each iteration succeeds with probability >= .75 */
196 if (!BN_rand(r, n, -1, 0)) return 0;
197 }
198 while (BN_cmp(r, range) >= 0);
199 }
200 else
201 {
202 /* range = 10..._2,
203 * so 3*range (= 11..._2) is exactly one bit longer than range */
204 do
205 {
206 if (!BN_rand(r, n + 1, -1, 0)) return 0;
207 /* If r < 3*range, use r := r MOD range
208 * (which is either r, r - range, or r - 2*range).
209 * Otherwise, iterate once more.
210 * Since 3*range = 11..._2, each iteration succeeds with
211 * probability >= .75. */
212 if (BN_cmp(r ,range) >= 0)
213 {
214 if (!BN_sub(r, r, range)) return 0;
215 if (BN_cmp(r, range) >= 0)
216 if (!BN_sub(r, r, range)) return 0;
217 }
218 }
219 while (BN_cmp(r, range) >= 0);
220 }
221
222 return 1;
223 }
diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c
deleted file mode 100644
index d019941d6b..0000000000
--- a/src/lib/libcrypto/bn/bn_recp.c
+++ /dev/null
@@ -1,220 +0,0 @@
1/* crypto/bn/bn_recp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63void BN_RECP_CTX_init(BN_RECP_CTX *recp)
64 {
65 BN_init(&(recp->N));
66 BN_init(&(recp->Nr));
67 recp->num_bits=0;
68 recp->flags=0;
69 }
70
71BN_RECP_CTX *BN_RECP_CTX_new(void)
72 {
73 BN_RECP_CTX *ret;
74
75 if ((ret=(BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
76 return(NULL);
77
78 BN_RECP_CTX_init(ret);
79 ret->flags=BN_FLG_MALLOCED;
80 return(ret);
81 }
82
83void BN_RECP_CTX_free(BN_RECP_CTX *recp)
84 {
85 if(recp == NULL)
86 return;
87
88 BN_free(&(recp->N));
89 BN_free(&(recp->Nr));
90 if (recp->flags & BN_FLG_MALLOCED)
91 OPENSSL_free(recp);
92 }
93
94int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
95 {
96 BN_copy(&(recp->N),d);
97 BN_zero(&(recp->Nr));
98 recp->num_bits=BN_num_bits(d);
99 recp->shift=0;
100 return(1);
101 }
102
103int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp,
104 BN_CTX *ctx)
105 {
106 int ret=0;
107 BIGNUM *a;
108
109 BN_CTX_start(ctx);
110 if ((a = BN_CTX_get(ctx)) == NULL) goto err;
111 if (y != NULL)
112 {
113 if (x == y)
114 { if (!BN_sqr(a,x,ctx)) goto err; }
115 else
116 { if (!BN_mul(a,x,y,ctx)) goto err; }
117 }
118 else
119 a=x; /* Just do the mod */
120
121 BN_div_recp(NULL,r,a,recp,ctx);
122 ret=1;
123err:
124 BN_CTX_end(ctx);
125 return(ret);
126 }
127
128int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp,
129 BN_CTX *ctx)
130 {
131 int i,j,ret=0;
132 BIGNUM *a,*b,*d,*r;
133
134 BN_CTX_start(ctx);
135 a=BN_CTX_get(ctx);
136 b=BN_CTX_get(ctx);
137 if (dv != NULL)
138 d=dv;
139 else
140 d=BN_CTX_get(ctx);
141 if (rem != NULL)
142 r=rem;
143 else
144 r=BN_CTX_get(ctx);
145 if (a == NULL || b == NULL || d == NULL || r == NULL) goto err;
146
147 if (BN_ucmp(m,&(recp->N)) < 0)
148 {
149 BN_zero(d);
150 BN_copy(r,m);
151 BN_CTX_end(ctx);
152 return(1);
153 }
154
155 /* We want the remainder
156 * Given input of ABCDEF / ab
157 * we need multiply ABCDEF by 3 digests of the reciprocal of ab
158 *
159 */
160 i=BN_num_bits(m);
161
162 j=recp->num_bits<<1;
163 if (j>i) i=j;
164 j>>=1;
165
166 if (i != recp->shift)
167 recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N),
168 i,ctx);
169
170 if (!BN_rshift(a,m,j)) goto err;
171 if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err;
172 if (!BN_rshift(d,b,i-j)) goto err;
173 d->neg=0;
174 if (!BN_mul(b,&(recp->N),d,ctx)) goto err;
175 if (!BN_usub(r,m,b)) goto err;
176 r->neg=0;
177
178#if 1
179 j=0;
180 while (BN_ucmp(r,&(recp->N)) >= 0)
181 {
182 if (j++ > 2)
183 {
184 BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
185 goto err;
186 }
187 if (!BN_usub(r,r,&(recp->N))) goto err;
188 if (!BN_add_word(d,1)) goto err;
189 }
190#endif
191
192 r->neg=BN_is_zero(r)?0:m->neg;
193 d->neg=m->neg^recp->N.neg;
194 ret=1;
195err:
196 BN_CTX_end(ctx);
197 return(ret);
198 }
199
200/* len is the expected size of the result
201 * We actually calculate with an extra word of precision, so
202 * we can do faster division if the remainder is not required.
203 */
204int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx)
205 {
206 int ret= -1;
207 BIGNUM t;
208
209 BN_init(&t);
210
211 BN_zero(&t);
212 if (!BN_set_bit(&t,len)) goto err;
213
214 if (!BN_div(r,NULL,&t,m,ctx)) goto err;
215 ret=len;
216err:
217 BN_free(&t);
218 return(ret);
219 }
220
diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c
deleted file mode 100644
index c2608f9f4a..0000000000
--- a/src/lib/libcrypto/bn/bn_shift.c
+++ /dev/null
@@ -1,205 +0,0 @@
1/* crypto/bn/bn_shift.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63int BN_lshift1(BIGNUM *r, BIGNUM *a)
64 {
65 register BN_ULONG *ap,*rp,t,c;
66 int i;
67
68 if (r != a)
69 {
70 r->neg=a->neg;
71 if (bn_wexpand(r,a->top+1) == NULL) return(0);
72 r->top=a->top;
73 }
74 else
75 {
76 if (bn_wexpand(r,a->top+1) == NULL) return(0);
77 }
78 ap=a->d;
79 rp=r->d;
80 c=0;
81 for (i=0; i<a->top; i++)
82 {
83 t= *(ap++);
84 *(rp++)=((t<<1)|c)&BN_MASK2;
85 c=(t & BN_TBIT)?1:0;
86 }
87 if (c)
88 {
89 *rp=1;
90 r->top++;
91 }
92 return(1);
93 }
94
95int BN_rshift1(BIGNUM *r, BIGNUM *a)
96 {
97 BN_ULONG *ap,*rp,t,c;
98 int i;
99
100 if (BN_is_zero(a))
101 {
102 BN_zero(r);
103 return(1);
104 }
105 if (a != r)
106 {
107 if (bn_wexpand(r,a->top) == NULL) return(0);
108 r->top=a->top;
109 r->neg=a->neg;
110 }
111 ap=a->d;
112 rp=r->d;
113 c=0;
114 for (i=a->top-1; i>=0; i--)
115 {
116 t=ap[i];
117 rp[i]=((t>>1)&BN_MASK2)|c;
118 c=(t&1)?BN_TBIT:0;
119 }
120 bn_fix_top(r);
121 return(1);
122 }
123
124int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
125 {
126 int i,nw,lb,rb;
127 BN_ULONG *t,*f;
128 BN_ULONG l;
129
130 r->neg=a->neg;
131 if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0);
132 nw=n/BN_BITS2;
133 lb=n%BN_BITS2;
134 rb=BN_BITS2-lb;
135 f=a->d;
136 t=r->d;
137 t[a->top+nw]=0;
138 if (lb == 0)
139 for (i=a->top-1; i>=0; i--)
140 t[nw+i]=f[i];
141 else
142 for (i=a->top-1; i>=0; i--)
143 {
144 l=f[i];
145 t[nw+i+1]|=(l>>rb)&BN_MASK2;
146 t[nw+i]=(l<<lb)&BN_MASK2;
147 }
148 memset(t,0,nw*sizeof(t[0]));
149/* for (i=0; i<nw; i++)
150 t[i]=0;*/
151 r->top=a->top+nw+1;
152 bn_fix_top(r);
153 return(1);
154 }
155
156int BN_rshift(BIGNUM *r, BIGNUM *a, int n)
157 {
158 int i,j,nw,lb,rb;
159 BN_ULONG *t,*f;
160 BN_ULONG l,tmp;
161
162 nw=n/BN_BITS2;
163 rb=n%BN_BITS2;
164 lb=BN_BITS2-rb;
165 if (nw > a->top || a->top == 0)
166 {
167 BN_zero(r);
168 return(1);
169 }
170 if (r != a)
171 {
172 r->neg=a->neg;
173 if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
174 }
175 else
176 {
177 if (n == 0)
178 return 1; /* or the copying loop will go berserk */
179 }
180
181 f= &(a->d[nw]);
182 t=r->d;
183 j=a->top-nw;
184 r->top=j;
185
186 if (rb == 0)
187 {
188 for (i=j+1; i > 0; i--)
189 *(t++)= *(f++);
190 }
191 else
192 {
193 l= *(f++);
194 for (i=1; i<j; i++)
195 {
196 tmp =(l>>rb)&BN_MASK2;
197 l= *(f++);
198 *(t++) =(tmp|(l<<lb))&BN_MASK2;
199 }
200 *(t++) =(l>>rb)&BN_MASK2;
201 }
202 *t=0;
203 bn_fix_top(r);
204 return(1);
205 }
diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c
deleted file mode 100644
index 75f4f38392..0000000000
--- a/src/lib/libcrypto/bn/bn_sqr.c
+++ /dev/null
@@ -1,288 +0,0 @@
1/* crypto/bn/bn_sqr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63/* r must not be a */
64/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
65int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx)
66 {
67 int max,al;
68 int ret = 0;
69 BIGNUM *tmp,*rr;
70
71#ifdef BN_COUNT
72printf("BN_sqr %d * %d\n",a->top,a->top);
73#endif
74 bn_check_top(a);
75
76 al=a->top;
77 if (al <= 0)
78 {
79 r->top=0;
80 return(1);
81 }
82
83 BN_CTX_start(ctx);
84 rr=(a != r) ? r : BN_CTX_get(ctx);
85 tmp=BN_CTX_get(ctx);
86 if (tmp == NULL) goto err;
87
88 max=(al+al);
89 if (bn_wexpand(rr,max+1) == NULL) goto err;
90
91 r->neg=0;
92 if (al == 4)
93 {
94#ifndef BN_SQR_COMBA
95 BN_ULONG t[8];
96 bn_sqr_normal(rr->d,a->d,4,t);
97#else
98 bn_sqr_comba4(rr->d,a->d);
99#endif
100 }
101 else if (al == 8)
102 {
103#ifndef BN_SQR_COMBA
104 BN_ULONG t[16];
105 bn_sqr_normal(rr->d,a->d,8,t);
106#else
107 bn_sqr_comba8(rr->d,a->d);
108#endif
109 }
110 else
111 {
112#if defined(BN_RECURSION)
113 if (al < BN_SQR_RECURSIVE_SIZE_NORMAL)
114 {
115 BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2];
116 bn_sqr_normal(rr->d,a->d,al,t);
117 }
118 else
119 {
120 int j,k;
121
122 j=BN_num_bits_word((BN_ULONG)al);
123 j=1<<(j-1);
124 k=j+j;
125 if (al == j)
126 {
127 if (bn_wexpand(a,k*2) == NULL) goto err;
128 if (bn_wexpand(tmp,k*2) == NULL) goto err;
129 bn_sqr_recursive(rr->d,a->d,al,tmp->d);
130 }
131 else
132 {
133 if (bn_wexpand(tmp,max) == NULL) goto err;
134 bn_sqr_normal(rr->d,a->d,al,tmp->d);
135 }
136 }
137#else
138 if (bn_wexpand(tmp,max) == NULL) goto err;
139 bn_sqr_normal(rr->d,a->d,al,tmp->d);
140#endif
141 }
142
143 rr->top=max;
144 if ((max > 0) && (rr->d[max-1] == 0)) rr->top--;
145 if (rr != r) BN_copy(r,rr);
146 ret = 1;
147 err:
148 BN_CTX_end(ctx);
149 return(ret);
150 }
151
152/* tmp must have 2*n words */
153void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp)
154 {
155 int i,j,max;
156 BN_ULONG *ap,*rp;
157
158 max=n*2;
159 ap=a;
160 rp=r;
161 rp[0]=rp[max-1]=0;
162 rp++;
163 j=n;
164
165 if (--j > 0)
166 {
167 ap++;
168 rp[j]=bn_mul_words(rp,ap,j,ap[-1]);
169 rp+=2;
170 }
171
172 for (i=n-2; i>0; i--)
173 {
174 j--;
175 ap++;
176 rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]);
177 rp+=2;
178 }
179
180 bn_add_words(r,r,r,max);
181
182 /* There will not be a carry */
183
184 bn_sqr_words(tmp,a,n);
185
186 bn_add_words(r,r,tmp,max);
187 }
188
189#ifdef BN_RECURSION
190/* r is 2*n words in size,
191 * a and b are both n words in size. (There's not actually a 'b' here ...)
192 * n must be a power of 2.
193 * We multiply and return the result.
194 * t must be 2*n words in size
195 * We calculate
196 * a[0]*b[0]
197 * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
198 * a[1]*b[1]
199 */
200void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t)
201 {
202 int n=n2/2;
203 int zero,c1;
204 BN_ULONG ln,lo,*p;
205
206#ifdef BN_COUNT
207printf(" bn_sqr_recursive %d * %d\n",n2,n2);
208#endif
209 if (n2 == 4)
210 {
211#ifndef BN_SQR_COMBA
212 bn_sqr_normal(r,a,4,t);
213#else
214 bn_sqr_comba4(r,a);
215#endif
216 return;
217 }
218 else if (n2 == 8)
219 {
220#ifndef BN_SQR_COMBA
221 bn_sqr_normal(r,a,8,t);
222#else
223 bn_sqr_comba8(r,a);
224#endif
225 return;
226 }
227 if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL)
228 {
229 bn_sqr_normal(r,a,n2,t);
230 return;
231 }
232 /* r=(a[0]-a[1])*(a[1]-a[0]) */
233 c1=bn_cmp_words(a,&(a[n]),n);
234 zero=0;
235 if (c1 > 0)
236 bn_sub_words(t,a,&(a[n]),n);
237 else if (c1 < 0)
238 bn_sub_words(t,&(a[n]),a,n);
239 else
240 zero=1;
241
242 /* The result will always be negative unless it is zero */
243 p= &(t[n2*2]);
244
245 if (!zero)
246 bn_sqr_recursive(&(t[n2]),t,n,p);
247 else
248 memset(&(t[n2]),0,n*sizeof(BN_ULONG));
249 bn_sqr_recursive(r,a,n,p);
250 bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
251
252 /* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
253 * r[10] holds (a[0]*b[0])
254 * r[32] holds (b[1]*b[1])
255 */
256
257 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
258
259 /* t[32] is negative */
260 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
261
262 /* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
263 * r[10] holds (a[0]*a[0])
264 * r[32] holds (a[1]*a[1])
265 * c1 holds the carry bits
266 */
267 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
268 if (c1)
269 {
270 p= &(r[n+n2]);
271 lo= *p;
272 ln=(lo+c1)&BN_MASK2;
273 *p=ln;
274
275 /* The overflow will stop before we over write
276 * words we should not overwrite */
277 if (ln < (BN_ULONG)c1)
278 {
279 do {
280 p++;
281 lo= *p;
282 ln=(lo+1)&BN_MASK2;
283 *p=ln;
284 } while (ln == 0);
285 }
286 }
287 }
288#endif
diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c
deleted file mode 100644
index cd59baa2c4..0000000000
--- a/src/lib/libcrypto/bn/bn_word.c
+++ /dev/null
@@ -1,199 +0,0 @@
1/* crypto/bn/bn_word.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
64 {
65#ifndef BN_LLONG
66 BN_ULONG ret=0;
67#else
68 BN_ULLONG ret=0;
69#endif
70 int i;
71
72 w&=BN_MASK2;
73 for (i=a->top-1; i>=0; i--)
74 {
75#ifndef BN_LLONG
76 ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%w;
77 ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%w;
78#else
79 ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
80 (BN_ULLONG)w);
81#endif
82 }
83 return((BN_ULONG)ret);
84 }
85
86BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
87 {
88 BN_ULONG ret;
89 int i;
90
91 if (a->top == 0) return(0);
92 ret=0;
93 w&=BN_MASK2;
94 for (i=a->top-1; i>=0; i--)
95 {
96 BN_ULONG l,d;
97
98 l=a->d[i];
99 d=bn_div_words(ret,l,w);
100 ret=(l-((d*w)&BN_MASK2))&BN_MASK2;
101 a->d[i]=d;
102 }
103 if ((a->top > 0) && (a->d[a->top-1] == 0))
104 a->top--;
105 return(ret);
106 }
107
108int BN_add_word(BIGNUM *a, BN_ULONG w)
109 {
110 BN_ULONG l;
111 int i;
112
113 if (a->neg)
114 {
115 a->neg=0;
116 i=BN_sub_word(a,w);
117 if (!BN_is_zero(a))
118 a->neg=!(a->neg);
119 return(i);
120 }
121 w&=BN_MASK2;
122 if (bn_wexpand(a,a->top+1) == NULL) return(0);
123 i=0;
124 for (;;)
125 {
126 l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
127 a->d[i]=l;
128 if (w > l)
129 w=1;
130 else
131 break;
132 i++;
133 }
134 if (i >= a->top)
135 a->top++;
136 return(1);
137 }
138
139int BN_sub_word(BIGNUM *a, BN_ULONG w)
140 {
141 int i;
142
143 if (BN_is_zero(a) || a->neg)
144 {
145 a->neg=0;
146 i=BN_add_word(a,w);
147 a->neg=1;
148 return(i);
149 }
150
151 w&=BN_MASK2;
152 if ((a->top == 1) && (a->d[0] < w))
153 {
154 a->d[0]=w-a->d[0];
155 a->neg=1;
156 return(1);
157 }
158 i=0;
159 for (;;)
160 {
161 if (a->d[i] >= w)
162 {
163 a->d[i]-=w;
164 break;
165 }
166 else
167 {
168 a->d[i]=(a->d[i]-w)&BN_MASK2;
169 i++;
170 w=1;
171 }
172 }
173 if ((a->d[i] == 0) && (i == (a->top-1)))
174 a->top--;
175 return(1);
176 }
177
178int BN_mul_word(BIGNUM *a, BN_ULONG w)
179 {
180 BN_ULONG ll;
181
182 w&=BN_MASK2;
183 if (a->top)
184 {
185 if (w == 0)
186 BN_zero(a);
187 else
188 {
189 ll=bn_mul_words(a->d,a->d,a->top,w);
190 if (ll)
191 {
192 if (bn_wexpand(a,a->top+1) == NULL) return(0);
193 a->d[a->top++]=ll;
194 }
195 }
196 }
197 return(1);
198 }
199
diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c
deleted file mode 100644
index 2f971a5f38..0000000000
--- a/src/lib/libcrypto/buffer/buf_err.c
+++ /dev/null
@@ -1,95 +0,0 @@
1/* crypto/buffer/buf_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/buffer.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA BUF_str_functs[]=
68 {
69{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"},
70{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"},
71{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"},
72{0,NULL}
73 };
74
75static ERR_STRING_DATA BUF_str_reasons[]=
76 {
77{0,NULL}
78 };
79
80#endif
81
82void ERR_load_BUF_strings(void)
83 {
84 static int init=1;
85
86 if (init)
87 {
88 init=0;
89#ifndef NO_ERR
90 ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
91 ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons);
92#endif
93
94 }
95 }
diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c
deleted file mode 100644
index b76ff3ad7a..0000000000
--- a/src/lib/libcrypto/buffer/buffer.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* crypto/buffer/buffer.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62
63BUF_MEM *BUF_MEM_new(void)
64 {
65 BUF_MEM *ret;
66
67 ret=OPENSSL_malloc(sizeof(BUF_MEM));
68 if (ret == NULL)
69 {
70 BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE);
71 return(NULL);
72 }
73 ret->length=0;
74 ret->max=0;
75 ret->data=NULL;
76 return(ret);
77 }
78
79void BUF_MEM_free(BUF_MEM *a)
80 {
81 if(a == NULL)
82 return;
83
84 if (a->data != NULL)
85 {
86 memset(a->data,0,(unsigned int)a->max);
87 OPENSSL_free(a->data);
88 }
89 OPENSSL_free(a);
90 }
91
92int BUF_MEM_grow(BUF_MEM *str, int len)
93 {
94 char *ret;
95 unsigned int n;
96
97 if (str->length >= len)
98 {
99 str->length=len;
100 return(len);
101 }
102 if (str->max >= len)
103 {
104 memset(&str->data[str->length],0,len-str->length);
105 str->length=len;
106 return(len);
107 }
108 n=(len+3)/3*4;
109 if (str->data == NULL)
110 ret=OPENSSL_malloc(n);
111 else
112 ret=OPENSSL_realloc(str->data,n);
113 if (ret == NULL)
114 {
115 BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
116 len=0;
117 }
118 else
119 {
120 str->data=ret;
121 str->length=len;
122 str->max=n;
123 }
124 return(len);
125 }
126
127char *BUF_strdup(const char *str)
128 {
129 char *ret;
130 int n;
131
132 if (str == NULL) return(NULL);
133
134 n=strlen(str);
135 ret=OPENSSL_malloc(n+1);
136 if (ret == NULL)
137 {
138 BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE);
139 return(NULL);
140 }
141 memcpy(ret,str,n+1);
142 return(ret);
143 }
144
diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h
deleted file mode 100644
index bff26bf391..0000000000
--- a/src/lib/libcrypto/buffer/buffer.h
+++ /dev/null
@@ -1,98 +0,0 @@
1/* crypto/buffer/buffer.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BUFFER_H
60#define HEADER_BUFFER_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66typedef struct buf_mem_st
67 {
68 int length; /* current number of bytes */
69 char *data;
70 int max; /* size of buffer */
71 } BUF_MEM;
72
73BUF_MEM *BUF_MEM_new(void);
74void BUF_MEM_free(BUF_MEM *a);
75int BUF_MEM_grow(BUF_MEM *str, int len);
76char * BUF_strdup(const char *str);
77
78void ERR_load_BUF_strings(void );
79
80/* BEGIN ERROR CODES */
81/* The following lines are auto generated by the script mkerr.pl. Any changes
82 * made after this point may be overwritten when the script is next run.
83 */
84
85/* Error codes for the BUF functions. */
86
87/* Function codes. */
88#define BUF_F_BUF_MEM_GROW 100
89#define BUF_F_BUF_MEM_NEW 101
90#define BUF_F_BUF_STRDUP 102
91
92/* Reason codes. */
93
94#ifdef __cplusplus
95}
96#endif
97#endif
98
diff --git a/src/lib/libcrypto/cast/asm/cast-586.pl b/src/lib/libcrypto/cast/asm/cast-586.pl
deleted file mode 100644
index 6be0bfe572..0000000000
--- a/src/lib/libcrypto/cast/asm/cast-586.pl
+++ /dev/null
@@ -1,176 +0,0 @@
1#!/usr/local/bin/perl
2
3# define for pentium pro friendly version
4$ppro=1;
5
6push(@INC,"perlasm","../../perlasm");
7require "x86asm.pl";
8require "cbc.pl";
9
10&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386");
11
12$CAST_ROUNDS=16;
13$L="edi";
14$R="esi";
15$K="ebp";
16$tmp1="ecx";
17$tmp2="ebx";
18$tmp3="eax";
19$tmp4="edx";
20$S1="CAST_S_table0";
21$S2="CAST_S_table1";
22$S3="CAST_S_table2";
23$S4="CAST_S_table3";
24
25@F1=("add","xor","sub");
26@F2=("xor","sub","add");
27@F3=("sub","add","xor");
28
29&CAST_encrypt("CAST_encrypt",1);
30&CAST_encrypt("CAST_decrypt",0);
31&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
32
33&asm_finish();
34
35sub CAST_encrypt {
36 local($name,$enc)=@_;
37
38 local($win_ex)=<<"EOF";
39EXTERN _CAST_S_table0:DWORD
40EXTERN _CAST_S_table1:DWORD
41EXTERN _CAST_S_table2:DWORD
42EXTERN _CAST_S_table3:DWORD
43EOF
44 &main::external_label(
45 "CAST_S_table0",
46 "CAST_S_table1",
47 "CAST_S_table2",
48 "CAST_S_table3",
49 );
50
51 &function_begin_B($name,$win_ex);
52
53 &comment("");
54
55 &push("ebp");
56 &push("ebx");
57 &mov($tmp2,&wparam(0));
58 &mov($K,&wparam(1));
59 &push("esi");
60 &push("edi");
61
62 &comment("Load the 2 words");
63 &mov($L,&DWP(0,$tmp2,"",0));
64 &mov($R,&DWP(4,$tmp2,"",0));
65
66 &comment('Get short key flag');
67 &mov($tmp3,&DWP(128,$K,"",0));
68 if($enc) {
69 &push($tmp3);
70 } else {
71 &or($tmp3,$tmp3);
72 &jnz(&label('cast_dec_skip'));
73 }
74
75 &xor($tmp3, $tmp3);
76
77 # encrypting part
78
79 if ($enc) {
80 &E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
81 &E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
82 &E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
83 &E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
84 &E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
85 &E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
86 &E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
87 &E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
88 &E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
89 &E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
90 &E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
91 &E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
92 &comment('test short key flag');
93 &pop($tmp4);
94 &or($tmp4,$tmp4);
95 &jnz(&label('cast_enc_done'));
96 &E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
97 &E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
98 &E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
99 &E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
100 } else {
101 &E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
102 &E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
103 &E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
104 &E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
105 &set_label('cast_dec_skip');
106 &E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
107 &E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
108 &E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
109 &E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
110 &E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
111 &E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
112 &E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
113 &E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
114 &E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
115 &E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
116 &E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
117 &E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
118 }
119
120 &set_label('cast_enc_done') if $enc;
121# Why the nop? - Ben 17/1/99
122 &nop();
123 &mov($tmp3,&wparam(0));
124 &mov(&DWP(4,$tmp3,"",0),$L);
125 &mov(&DWP(0,$tmp3,"",0),$R);
126 &function_end($name);
127}
128
129sub E_CAST {
130 local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_;
131 # Ri needs to have 16 pre added.
132
133 &comment("round $i");
134 &mov( $tmp4, &DWP($i*8,$K,"",1));
135
136 &mov( $tmp1, &DWP($i*8+4,$K,"",1));
137 &$OP1( $tmp4, $R);
138
139 &rotl( $tmp4, &LB($tmp1));
140
141 if ($ppro) {
142 &mov( $tmp2, $tmp4); # B
143 &xor( $tmp1, $tmp1);
144
145 &movb( &LB($tmp1), &HB($tmp4)); # A
146 &and( $tmp2, 0xff);
147
148 &shr( $tmp4, 16); #
149 &xor( $tmp3, $tmp3);
150 } else {
151 &mov( $tmp2, $tmp4); # B
152 &movb( &LB($tmp1), &HB($tmp4)); # A # BAD BAD BAD
153
154 &shr( $tmp4, 16); #
155 &and( $tmp2, 0xff);
156 }
157
158 &movb( &LB($tmp3), &HB($tmp4)); # C # BAD BAD BAD
159 &and( $tmp4, 0xff); # D
160
161 &mov( $tmp1, &DWP($S1,"",$tmp1,4));
162 &mov( $tmp2, &DWP($S2,"",$tmp2,4));
163
164 &$OP2( $tmp1, $tmp2);
165 &mov( $tmp2, &DWP($S3,"",$tmp3,4));
166
167 &$OP3( $tmp1, $tmp2);
168 &mov( $tmp2, &DWP($S4,"",$tmp4,4));
169
170 &$OP1( $tmp1, $tmp2);
171 # XXX
172
173 &xor( $L, $tmp1);
174 # XXX
175}
176
diff --git a/src/lib/libcrypto/cast/c_cfb64.c b/src/lib/libcrypto/cast/c_cfb64.c
deleted file mode 100644
index 514c005c32..0000000000
--- a/src/lib/libcrypto/cast/c_cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
1/* crypto/cast/c_cfb64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/cast.h>
60#include "cast_lcl.h"
61
62/* The input and output encrypted as though 64bit cfb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66
67void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
68 long length, CAST_KEY *schedule, unsigned char *ivec,
69 int *num, int enc)
70 {
71 register CAST_LONG v0,v1,t;
72 register int n= *num;
73 register long l=length;
74 CAST_LONG ti[2];
75 unsigned char *iv,c,cc;
76
77 iv=ivec;
78 if (enc)
79 {
80 while (l--)
81 {
82 if (n == 0)
83 {
84 n2l(iv,v0); ti[0]=v0;
85 n2l(iv,v1); ti[1]=v1;
86 CAST_encrypt((CAST_LONG *)ti,schedule);
87 iv=ivec;
88 t=ti[0]; l2n(t,iv);
89 t=ti[1]; l2n(t,iv);
90 iv=ivec;
91 }
92 c= *(in++)^iv[n];
93 *(out++)=c;
94 iv[n]=c;
95 n=(n+1)&0x07;
96 }
97 }
98 else
99 {
100 while (l--)
101 {
102 if (n == 0)
103 {
104 n2l(iv,v0); ti[0]=v0;
105 n2l(iv,v1); ti[1]=v1;
106 CAST_encrypt((CAST_LONG *)ti,schedule);
107 iv=ivec;
108 t=ti[0]; l2n(t,iv);
109 t=ti[1]; l2n(t,iv);
110 iv=ivec;
111 }
112 cc= *(in++);
113 c=iv[n];
114 iv[n]=cc;
115 *(out++)=c^cc;
116 n=(n+1)&0x07;
117 }
118 }
119 v0=v1=ti[0]=ti[1]=t=c=cc=0;
120 *num=n;
121 }
122
diff --git a/src/lib/libcrypto/cast/c_ecb.c b/src/lib/libcrypto/cast/c_ecb.c
deleted file mode 100644
index 0b3da9ad87..0000000000
--- a/src/lib/libcrypto/cast/c_ecb.c
+++ /dev/null
@@ -1,80 +0,0 @@
1/* crypto/cast/c_ecb.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/cast.h>
60#include "cast_lcl.h"
61#include <openssl/opensslv.h>
62
63const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
64
65void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
66 CAST_KEY *ks, int enc)
67 {
68 CAST_LONG l,d[2];
69
70 n2l(in,l); d[0]=l;
71 n2l(in,l); d[1]=l;
72 if (enc)
73 CAST_encrypt(d,ks);
74 else
75 CAST_decrypt(d,ks);
76 l=d[0]; l2n(l,out);
77 l=d[1]; l2n(l,out);
78 l=d[0]=d[1]=0;
79 }
80
diff --git a/src/lib/libcrypto/cast/c_enc.c b/src/lib/libcrypto/cast/c_enc.c
deleted file mode 100644
index 0fe2cffecc..0000000000
--- a/src/lib/libcrypto/cast/c_enc.c
+++ /dev/null
@@ -1,207 +0,0 @@
1/* crypto/cast/c_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/cast.h>
60#include "cast_lcl.h"
61
62void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
63 {
64 register CAST_LONG l,r,*k,t;
65
66 k= &(key->data[0]);
67 l=data[0];
68 r=data[1];
69
70 E_CAST( 0,k,l,r,+,^,-);
71 E_CAST( 1,k,r,l,^,-,+);
72 E_CAST( 2,k,l,r,-,+,^);
73 E_CAST( 3,k,r,l,+,^,-);
74 E_CAST( 4,k,l,r,^,-,+);
75 E_CAST( 5,k,r,l,-,+,^);
76 E_CAST( 6,k,l,r,+,^,-);
77 E_CAST( 7,k,r,l,^,-,+);
78 E_CAST( 8,k,l,r,-,+,^);
79 E_CAST( 9,k,r,l,+,^,-);
80 E_CAST(10,k,l,r,^,-,+);
81 E_CAST(11,k,r,l,-,+,^);
82 if(!key->short_key)
83 {
84 E_CAST(12,k,l,r,+,^,-);
85 E_CAST(13,k,r,l,^,-,+);
86 E_CAST(14,k,l,r,-,+,^);
87 E_CAST(15,k,r,l,+,^,-);
88 }
89
90 data[1]=l&0xffffffffL;
91 data[0]=r&0xffffffffL;
92 }
93
94void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
95 {
96 register CAST_LONG l,r,*k,t;
97
98 k= &(key->data[0]);
99 l=data[0];
100 r=data[1];
101
102 if(!key->short_key)
103 {
104 E_CAST(15,k,l,r,+,^,-);
105 E_CAST(14,k,r,l,-,+,^);
106 E_CAST(13,k,l,r,^,-,+);
107 E_CAST(12,k,r,l,+,^,-);
108 }
109 E_CAST(11,k,l,r,-,+,^);
110 E_CAST(10,k,r,l,^,-,+);
111 E_CAST( 9,k,l,r,+,^,-);
112 E_CAST( 8,k,r,l,-,+,^);
113 E_CAST( 7,k,l,r,^,-,+);
114 E_CAST( 6,k,r,l,+,^,-);
115 E_CAST( 5,k,l,r,-,+,^);
116 E_CAST( 4,k,r,l,^,-,+);
117 E_CAST( 3,k,l,r,+,^,-);
118 E_CAST( 2,k,r,l,-,+,^);
119 E_CAST( 1,k,l,r,^,-,+);
120 E_CAST( 0,k,r,l,+,^,-);
121
122 data[1]=l&0xffffffffL;
123 data[0]=r&0xffffffffL;
124 }
125
126void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
127 CAST_KEY *ks, unsigned char *iv, int enc)
128 {
129 register CAST_LONG tin0,tin1;
130 register CAST_LONG tout0,tout1,xor0,xor1;
131 register long l=length;
132 CAST_LONG tin[2];
133
134 if (enc)
135 {
136 n2l(iv,tout0);
137 n2l(iv,tout1);
138 iv-=8;
139 for (l-=8; l>=0; l-=8)
140 {
141 n2l(in,tin0);
142 n2l(in,tin1);
143 tin0^=tout0;
144 tin1^=tout1;
145 tin[0]=tin0;
146 tin[1]=tin1;
147 CAST_encrypt(tin,ks);
148 tout0=tin[0];
149 tout1=tin[1];
150 l2n(tout0,out);
151 l2n(tout1,out);
152 }
153 if (l != -8)
154 {
155 n2ln(in,tin0,tin1,l+8);
156 tin0^=tout0;
157 tin1^=tout1;
158 tin[0]=tin0;
159 tin[1]=tin1;
160 CAST_encrypt(tin,ks);
161 tout0=tin[0];
162 tout1=tin[1];
163 l2n(tout0,out);
164 l2n(tout1,out);
165 }
166 l2n(tout0,iv);
167 l2n(tout1,iv);
168 }
169 else
170 {
171 n2l(iv,xor0);
172 n2l(iv,xor1);
173 iv-=8;
174 for (l-=8; l>=0; l-=8)
175 {
176 n2l(in,tin0);
177 n2l(in,tin1);
178 tin[0]=tin0;
179 tin[1]=tin1;
180 CAST_decrypt(tin,ks);
181 tout0=tin[0]^xor0;
182 tout1=tin[1]^xor1;
183 l2n(tout0,out);
184 l2n(tout1,out);
185 xor0=tin0;
186 xor1=tin1;
187 }
188 if (l != -8)
189 {
190 n2l(in,tin0);
191 n2l(in,tin1);
192 tin[0]=tin0;
193 tin[1]=tin1;
194 CAST_decrypt(tin,ks);
195 tout0=tin[0]^xor0;
196 tout1=tin[1]^xor1;
197 l2nn(tout0,tout1,out,l+8);
198 xor0=tin0;
199 xor1=tin1;
200 }
201 l2n(xor0,iv);
202 l2n(xor1,iv);
203 }
204 tin0=tin1=tout0=tout1=xor0=xor1=0;
205 tin[0]=tin[1]=0;
206 }
207
diff --git a/src/lib/libcrypto/cast/c_ofb64.c b/src/lib/libcrypto/cast/c_ofb64.c
deleted file mode 100644
index fd0469a62f..0000000000
--- a/src/lib/libcrypto/cast/c_ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
1/* crypto/cast/c_ofb64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/cast.h>
60#include "cast_lcl.h"
61
62/* The input and output encrypted as though 64bit ofb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
67 long length, CAST_KEY *schedule, unsigned char *ivec,
68 int *num)
69 {
70 register CAST_LONG v0,v1,t;
71 register int n= *num;
72 register long l=length;
73 unsigned char d[8];
74 register char *dp;
75 CAST_LONG ti[2];
76 unsigned char *iv;
77 int save=0;
78
79 iv=ivec;
80 n2l(iv,v0);
81 n2l(iv,v1);
82 ti[0]=v0;
83 ti[1]=v1;
84 dp=(char *)d;
85 l2n(v0,dp);
86 l2n(v1,dp);
87 while (l--)
88 {
89 if (n == 0)
90 {
91 CAST_encrypt((CAST_LONG *)ti,schedule);
92 dp=(char *)d;
93 t=ti[0]; l2n(t,dp);
94 t=ti[1]; l2n(t,dp);
95 save++;
96 }
97 *(out++)= *(in++)^d[n];
98 n=(n+1)&0x07;
99 }
100 if (save)
101 {
102 v0=ti[0];
103 v1=ti[1];
104 iv=ivec;
105 l2n(v0,iv);
106 l2n(v1,iv);
107 }
108 t=v0=v1=ti[0]=ti[1]=0;
109 *num=n;
110 }
111
diff --git a/src/lib/libcrypto/cast/c_skey.c b/src/lib/libcrypto/cast/c_skey.c
deleted file mode 100644
index 76e40005c9..0000000000
--- a/src/lib/libcrypto/cast/c_skey.c
+++ /dev/null
@@ -1,166 +0,0 @@
1/* crypto/cast/c_skey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/cast.h>
60#include "cast_lcl.h"
61#include "cast_s.h"
62
63#define CAST_exp(l,A,a,n) \
64 A[n/4]=l; \
65 a[n+3]=(l )&0xff; \
66 a[n+2]=(l>> 8)&0xff; \
67 a[n+1]=(l>>16)&0xff; \
68 a[n+0]=(l>>24)&0xff;
69
70#define S4 CAST_S_table4
71#define S5 CAST_S_table5
72#define S6 CAST_S_table6
73#define S7 CAST_S_table7
74
75void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
76 {
77 CAST_LONG x[16];
78 CAST_LONG z[16];
79 CAST_LONG k[32];
80 CAST_LONG X[4],Z[4];
81 CAST_LONG l,*K;
82 int i;
83
84 for (i=0; i<16; i++) x[i]=0;
85 if (len > 16) len=16;
86 for (i=0; i<len; i++)
87 x[i]=data[i];
88 if(len <= 10)
89 key->short_key=1;
90 else
91 key->short_key=0;
92
93 K= &k[0];
94 X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
95 X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
96 X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
97 X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
98
99 for (;;)
100 {
101 l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
102 CAST_exp(l,Z,z, 0);
103 l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
104 CAST_exp(l,Z,z, 4);
105 l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
106 CAST_exp(l,Z,z, 8);
107 l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
108 CAST_exp(l,Z,z,12);
109
110 K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
111 K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
112 K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
113 K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
114
115 l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
116 CAST_exp(l,X,x, 0);
117 l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
118 CAST_exp(l,X,x, 4);
119 l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
120 CAST_exp(l,X,x, 8);
121 l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
122 CAST_exp(l,X,x,12);
123
124 K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
125 K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
126 K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
127 K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
128
129 l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
130 CAST_exp(l,Z,z, 0);
131 l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
132 CAST_exp(l,Z,z, 4);
133 l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
134 CAST_exp(l,Z,z, 8);
135 l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
136 CAST_exp(l,Z,z,12);
137
138 K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
139 K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
140 K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
141 K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
142
143 l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
144 CAST_exp(l,X,x, 0);
145 l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
146 CAST_exp(l,X,x, 4);
147 l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
148 CAST_exp(l,X,x, 8);
149 l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
150 CAST_exp(l,X,x,12);
151
152 K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
153 K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
154 K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
155 K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
156 if (K != k) break;
157 K+=16;
158 }
159
160 for (i=0; i<16; i++)
161 {
162 key->data[i*2]=k[i];
163 key->data[i*2+1]=((k[i+16])+16)&0x1f;
164 }
165 }
166
diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h
deleted file mode 100644
index e24e133099..0000000000
--- a/src/lib/libcrypto/cast/cast.h
+++ /dev/null
@@ -1,103 +0,0 @@
1/* crypto/cast/cast.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_CAST_H
60#define HEADER_CAST_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#ifdef NO_CAST
67#error CAST is disabled.
68#endif
69
70#define CAST_ENCRYPT 1
71#define CAST_DECRYPT 0
72
73#define CAST_LONG unsigned long
74
75#define CAST_BLOCK 8
76#define CAST_KEY_LENGTH 16
77
78typedef struct cast_key_st
79 {
80 CAST_LONG data[32];
81 int short_key; /* Use reduced rounds for short key */
82 } CAST_KEY;
83
84
85void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
86void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
87 int enc);
88void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
89void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
90void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
91 CAST_KEY *ks, unsigned char *iv, int enc);
92void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
93 long length, CAST_KEY *schedule, unsigned char *ivec,
94 int *num, int enc);
95void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
96 long length, CAST_KEY *schedule, unsigned char *ivec,
97 int *num);
98
99#ifdef __cplusplus
100}
101#endif
102
103#endif
diff --git a/src/lib/libcrypto/cast/cast_lcl.h b/src/lib/libcrypto/cast/cast_lcl.h
deleted file mode 100644
index 5fab8a43f6..0000000000
--- a/src/lib/libcrypto/cast/cast_lcl.h
+++ /dev/null
@@ -1,226 +0,0 @@
1/* crypto/cast/cast_lcl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifdef WIN32
60#include <stdlib.h>
61#endif
62
63
64#include "openssl/e_os.h" /* OPENSSL_EXTERN */
65
66#undef c2l
67#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
68 l|=((unsigned long)(*((c)++)))<< 8L, \
69 l|=((unsigned long)(*((c)++)))<<16L, \
70 l|=((unsigned long)(*((c)++)))<<24L)
71
72/* NOTE - c is not incremented as per c2l */
73#undef c2ln
74#define c2ln(c,l1,l2,n) { \
75 c+=n; \
76 l1=l2=0; \
77 switch (n) { \
78 case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
79 case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
80 case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
81 case 5: l2|=((unsigned long)(*(--(c)))); \
82 case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
83 case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
84 case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
85 case 1: l1|=((unsigned long)(*(--(c)))); \
86 } \
87 }
88
89#undef l2c
90#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
91 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
92 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
93 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
94
95/* NOTE - c is not incremented as per l2c */
96#undef l2cn
97#define l2cn(l1,l2,c,n) { \
98 c+=n; \
99 switch (n) { \
100 case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
101 case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
102 case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
103 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
104 case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
105 case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
106 case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
107 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
108 } \
109 }
110
111/* NOTE - c is not incremented as per n2l */
112#define n2ln(c,l1,l2,n) { \
113 c+=n; \
114 l1=l2=0; \
115 switch (n) { \
116 case 8: l2 =((unsigned long)(*(--(c)))) ; \
117 case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
118 case 6: l2|=((unsigned long)(*(--(c))))<<16; \
119 case 5: l2|=((unsigned long)(*(--(c))))<<24; \
120 case 4: l1 =((unsigned long)(*(--(c)))) ; \
121 case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
122 case 2: l1|=((unsigned long)(*(--(c))))<<16; \
123 case 1: l1|=((unsigned long)(*(--(c))))<<24; \
124 } \
125 }
126
127/* NOTE - c is not incremented as per l2n */
128#define l2nn(l1,l2,c,n) { \
129 c+=n; \
130 switch (n) { \
131 case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
132 case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
133 case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
134 case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
135 case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
136 case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
137 case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
138 case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
139 } \
140 }
141
142#undef n2l
143#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
144 l|=((unsigned long)(*((c)++)))<<16L, \
145 l|=((unsigned long)(*((c)++)))<< 8L, \
146 l|=((unsigned long)(*((c)++))))
147
148#undef l2n
149#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
150 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
151 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
152 *((c)++)=(unsigned char)(((l) )&0xff))
153
154#if defined(WIN32) && defined(_MSC_VER)
155#define ROTL(a,n) (_lrotl(a,n))
156#else
157#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
158#endif
159
160#define C_M 0x3fc
161#define C_0 22L
162#define C_1 14L
163#define C_2 6L
164#define C_3 2L /* left shift */
165
166/* The rotate has an extra 16 added to it to help the x86 asm */
167#if defined(CAST_PTR)
168#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
169 { \
170 int i; \
171 t=(key[n*2] OP1 R)&0xffffffffL; \
172 i=key[n*2+1]; \
173 t=ROTL(t,i); \
174 L^= (((((*(CAST_LONG *)((unsigned char *) \
175 CAST_S_table0+((t>>C_2)&C_M)) OP2 \
176 *(CAST_LONG *)((unsigned char *) \
177 CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
178 *(CAST_LONG *)((unsigned char *) \
179 CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
180 *(CAST_LONG *)((unsigned char *) \
181 CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
182 }
183#elif defined(CAST_PTR2)
184#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
185 { \
186 int i; \
187 CAST_LONG u,v,w; \
188 w=(key[n*2] OP1 R)&0xffffffffL; \
189 i=key[n*2+1]; \
190 w=ROTL(w,i); \
191 u=w>>C_2; \
192 v=w<<C_3; \
193 u&=C_M; \
194 v&=C_M; \
195 t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
196 u=w>>C_0; \
197 t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
198 v=w>>C_1; \
199 u&=C_M; \
200 v&=C_M; \
201 t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
202 t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
203 L^=(t&0xffffffff); \
204 }
205#else
206#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
207 { \
208 CAST_LONG a,b,c,d; \
209 t=(key[n*2] OP1 R)&0xffffffff; \
210 t=ROTL(t,(key[n*2+1])); \
211 a=CAST_S_table0[(t>> 8)&0xff]; \
212 b=CAST_S_table1[(t )&0xff]; \
213 c=CAST_S_table2[(t>>24)&0xff]; \
214 d=CAST_S_table3[(t>>16)&0xff]; \
215 L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
216 }
217#endif
218
219OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
220OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
221OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
222OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
223OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
224OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
225OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
226OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];
diff --git a/src/lib/libcrypto/cast/cast_s.h b/src/lib/libcrypto/cast/cast_s.h
deleted file mode 100644
index c483fd5e43..0000000000
--- a/src/lib/libcrypto/cast/cast_s.h
+++ /dev/null
@@ -1,585 +0,0 @@
1/* crypto/cast/cast_s.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256]={
59 0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
60 0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
61 0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
62 0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
63 0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
64 0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
65 0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
66 0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
67 0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
68 0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
69 0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
70 0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
71 0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
72 0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
73 0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
74 0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
75 0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
76 0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
77 0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
78 0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
79 0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
80 0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
81 0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
82 0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
83 0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
84 0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
85 0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
86 0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
87 0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
88 0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
89 0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
90 0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
91 0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
92 0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
93 0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
94 0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
95 0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
96 0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
97 0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
98 0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
99 0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
100 0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
101 0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
102 0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
103 0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
104 0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
105 0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
106 0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
107 0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
108 0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
109 0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
110 0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
111 0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
112 0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
113 0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
114 0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
115 0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
116 0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
117 0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
118 0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
119 0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
120 0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
121 0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
122 0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
123 };
124OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256]={
125 0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
126 0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
127 0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
128 0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
129 0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
130 0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
131 0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
132 0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
133 0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
134 0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
135 0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
136 0x62143154,0x0d554b63,0x5d681121,0xc866c359,
137 0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
138 0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
139 0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
140 0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
141 0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
142 0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
143 0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
144 0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
145 0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
146 0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
147 0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
148 0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
149 0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
150 0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
151 0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
152 0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
153 0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
154 0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
155 0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
156 0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
157 0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
158 0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
159 0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
160 0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
161 0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
162 0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
163 0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
164 0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
165 0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
166 0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
167 0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
168 0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
169 0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
170 0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
171 0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
172 0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
173 0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
174 0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
175 0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
176 0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
177 0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
178 0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
179 0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
180 0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
181 0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
182 0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
183 0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
184 0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
185 0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
186 0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
187 0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
188 0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
189 };
190OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256]={
191 0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
192 0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
193 0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
194 0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
195 0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
196 0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
197 0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
198 0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
199 0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
200 0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
201 0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
202 0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
203 0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
204 0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
205 0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
206 0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
207 0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
208 0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
209 0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
210 0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
211 0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
212 0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
213 0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
214 0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
215 0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
216 0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
217 0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
218 0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
219 0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
220 0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
221 0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
222 0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
223 0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
224 0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
225 0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
226 0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
227 0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
228 0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
229 0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
230 0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
231 0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
232 0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
233 0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
234 0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
235 0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
236 0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
237 0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
238 0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
239 0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
240 0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
241 0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
242 0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
243 0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
244 0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
245 0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
246 0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
247 0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
248 0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
249 0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
250 0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
251 0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
252 0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
253 0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
254 0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
255 };
256OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256]={
257 0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
258 0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
259 0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
260 0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
261 0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
262 0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
263 0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
264 0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
265 0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
266 0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
267 0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
268 0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
269 0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
270 0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
271 0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
272 0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
273 0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
274 0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
275 0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
276 0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
277 0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
278 0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
279 0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
280 0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
281 0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
282 0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
283 0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
284 0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
285 0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
286 0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
287 0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
288 0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
289 0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
290 0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
291 0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
292 0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
293 0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
294 0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
295 0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
296 0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
297 0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
298 0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
299 0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
300 0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
301 0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
302 0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
303 0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
304 0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
305 0x109873f6,0x00613096,0xc32d9521,0xada121ff,
306 0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
307 0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
308 0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
309 0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
310 0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
311 0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
312 0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
313 0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
314 0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
315 0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
316 0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
317 0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
318 0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
319 0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
320 0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
321 };
322OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256]={
323 0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
324 0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
325 0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
326 0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
327 0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
328 0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
329 0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
330 0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
331 0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
332 0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
333 0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
334 0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
335 0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
336 0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
337 0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
338 0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
339 0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
340 0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
341 0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
342 0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
343 0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
344 0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
345 0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
346 0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
347 0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
348 0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
349 0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
350 0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
351 0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
352 0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
353 0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
354 0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
355 0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
356 0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
357 0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
358 0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
359 0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
360 0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
361 0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
362 0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
363 0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
364 0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
365 0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
366 0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
367 0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
368 0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
369 0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
370 0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
371 0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
372 0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
373 0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
374 0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
375 0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
376 0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
377 0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
378 0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
379 0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
380 0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
381 0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
382 0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
383 0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
384 0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
385 0xe822fe15,0x88570983,0x750e6249,0xda627e55,
386 0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
387 };
388OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256]={
389 0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
390 0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
391 0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
392 0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
393 0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
394 0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
395 0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
396 0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
397 0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
398 0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
399 0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
400 0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
401 0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
402 0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
403 0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
404 0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
405 0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
406 0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
407 0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
408 0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
409 0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
410 0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
411 0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
412 0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
413 0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
414 0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
415 0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
416 0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
417 0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
418 0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
419 0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
420 0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
421 0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
422 0x20951063,0x4576698d,0xb6fad407,0x592af950,
423 0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
424 0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
425 0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
426 0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
427 0x7dede786,0xc39a3373,0x42410005,0x6a091751,
428 0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
429 0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
430 0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
431 0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
432 0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
433 0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
434 0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
435 0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
436 0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
437 0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
438 0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
439 0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
440 0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
441 0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
442 0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
443 0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
444 0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
445 0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
446 0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
447 0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
448 0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
449 0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
450 0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
451 0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
452 0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
453 };
454OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256]={
455 0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
456 0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
457 0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
458 0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
459 0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
460 0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
461 0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
462 0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
463 0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
464 0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
465 0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
466 0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
467 0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
468 0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
469 0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
470 0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
471 0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
472 0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
473 0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
474 0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
475 0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
476 0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
477 0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
478 0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
479 0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
480 0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
481 0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
482 0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
483 0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
484 0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
485 0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
486 0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
487 0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
488 0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
489 0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
490 0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
491 0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
492 0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
493 0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
494 0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
495 0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
496 0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
497 0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
498 0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
499 0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
500 0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
501 0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
502 0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
503 0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
504 0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
505 0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
506 0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
507 0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
508 0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
509 0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
510 0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
511 0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
512 0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
513 0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
514 0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
515 0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
516 0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
517 0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
518 0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
519 };
520OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256]={
521 0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
522 0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
523 0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
524 0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
525 0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
526 0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
527 0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
528 0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
529 0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
530 0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
531 0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
532 0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
533 0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
534 0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
535 0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
536 0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
537 0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
538 0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
539 0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
540 0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
541 0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
542 0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
543 0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
544 0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
545 0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
546 0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
547 0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
548 0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
549 0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
550 0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
551 0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
552 0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
553 0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
554 0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
555 0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
556 0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
557 0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
558 0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
559 0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
560 0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
561 0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
562 0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
563 0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
564 0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
565 0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
566 0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
567 0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
568 0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
569 0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
570 0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
571 0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
572 0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
573 0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
574 0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
575 0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
576 0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
577 0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
578 0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
579 0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
580 0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
581 0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
582 0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
583 0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
584 0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
585 };
diff --git a/src/lib/libcrypto/comp/c_rle.c b/src/lib/libcrypto/comp/c_rle.c
deleted file mode 100644
index 1a819e3737..0000000000
--- a/src/lib/libcrypto/comp/c_rle.c
+++ /dev/null
@@ -1,61 +0,0 @@
1#include <stdio.h>
2#include <stdlib.h>
3#include <string.h>
4#include <openssl/objects.h>
5#include <openssl/comp.h>
6
7static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
8 unsigned int olen, unsigned char *in, unsigned int ilen);
9static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
10 unsigned int olen, unsigned char *in, unsigned int ilen);
11
12static COMP_METHOD rle_method={
13 NID_rle_compression,
14 LN_rle_compression,
15 NULL,
16 NULL,
17 rle_compress_block,
18 rle_expand_block,
19 NULL,
20 };
21
22COMP_METHOD *COMP_rle(void)
23 {
24 return(&rle_method);
25 }
26
27static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
28 unsigned int olen, unsigned char *in, unsigned int ilen)
29 {
30 /* int i; */
31
32 if (olen < (ilen+1))
33 {
34 /* ZZZZZZZZZZZZZZZZZZZZZZ */
35 return(-1);
36 }
37
38 *(out++)=0;
39 memcpy(out,in,ilen);
40 return(ilen+1);
41 }
42
43static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
44 unsigned int olen, unsigned char *in, unsigned int ilen)
45 {
46 int i;
47
48 if (olen < (ilen-1))
49 {
50 /* ZZZZZZZZZZZZZZZZZZZZZZ */
51 return(-1);
52 }
53
54 i= *(in++);
55 if (i == 0)
56 {
57 memcpy(out,in,ilen-1);
58 }
59 return(ilen-1);
60 }
61
diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c
deleted file mode 100644
index 6684ab4841..0000000000
--- a/src/lib/libcrypto/comp/c_zlib.c
+++ /dev/null
@@ -1,133 +0,0 @@
1#include <stdio.h>
2#include <stdlib.h>
3#include <string.h>
4#include <openssl/objects.h>
5#include <openssl/comp.h>
6
7COMP_METHOD *COMP_zlib(void );
8
9#ifndef ZLIB
10
11static COMP_METHOD zlib_method={
12 NID_undef,
13 "(null)",
14 NULL,
15 NULL,
16 NULL,
17 NULL,
18 NULL,
19 };
20
21#else
22
23#include <zlib.h>
24
25static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
26 unsigned int olen, unsigned char *in, unsigned int ilen);
27static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
28 unsigned int olen, unsigned char *in, unsigned int ilen);
29
30static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source,
31 uLong sourceLen);
32
33static COMP_METHOD zlib_method={
34 NID_zlib_compression,
35 LN_zlib_compression,
36 NULL,
37 NULL,
38 zlib_compress_block,
39 zlib_expand_block,
40 NULL,
41 };
42
43static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
44 unsigned int olen, unsigned char *in, unsigned int ilen)
45 {
46 unsigned long l;
47 int i;
48 int clear=1;
49
50 if (ilen > 128)
51 {
52 out[0]=1;
53 l=olen-1;
54 i=compress(&(out[1]),&l,in,(unsigned long)ilen);
55 if (i != Z_OK)
56 return(-1);
57 if (ilen > l)
58 {
59 clear=0;
60 l++;
61 }
62 }
63 if (clear)
64 {
65 out[0]=0;
66 memcpy(&(out[1]),in,ilen);
67 l=ilen+1;
68 }
69fprintf(stderr,"compress(%4d)->%4d %s\n",ilen,(int)l,(clear)?"clear":"zlib");
70 return((int)l);
71 }
72
73static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
74 unsigned int olen, unsigned char *in, unsigned int ilen)
75 {
76 unsigned long l;
77 int i;
78
79 if (in[0])
80 {
81 l=olen;
82 i=zz_uncompress(out,&l,&(in[1]),(unsigned long)ilen-1);
83 if (i != Z_OK)
84 return(-1);
85 }
86 else
87 {
88 memcpy(out,&(in[1]),ilen-1);
89 l=ilen-1;
90 }
91 fprintf(stderr,"expand (%4d)->%4d %s\n",ilen,(int)l,in[0]?"zlib":"clear");
92 return((int)l);
93 }
94
95static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source,
96 uLong sourceLen)
97{
98 z_stream stream;
99 int err;
100
101 stream.next_in = (Bytef*)source;
102 stream.avail_in = (uInt)sourceLen;
103 /* Check for source > 64K on 16-bit machine: */
104 if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
105
106 stream.next_out = dest;
107 stream.avail_out = (uInt)*destLen;
108 if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
109
110 stream.zalloc = (alloc_func)0;
111 stream.zfree = (free_func)0;
112
113 err = inflateInit(&stream);
114 if (err != Z_OK) return err;
115
116 err = inflate(&stream, Z_FINISH);
117 if (err != Z_STREAM_END) {
118 inflateEnd(&stream);
119 return err;
120 }
121 *destLen = stream.total_out;
122
123 err = inflateEnd(&stream);
124 return err;
125}
126
127#endif
128
129COMP_METHOD *COMP_zlib(void)
130 {
131 return(&zlib_method);
132 }
133
diff --git a/src/lib/libcrypto/comp/comp.h b/src/lib/libcrypto/comp/comp.h
deleted file mode 100644
index 0922609542..0000000000
--- a/src/lib/libcrypto/comp/comp.h
+++ /dev/null
@@ -1,61 +0,0 @@
1
2#ifndef HEADER_COMP_H
3#define HEADER_COMP_H
4
5#include <openssl/crypto.h>
6
7#ifdef __cplusplus
8extern "C" {
9#endif
10
11typedef struct comp_method_st
12 {
13 int type; /* NID for compression library */
14 const char *name; /* A text string to identify the library */
15 int (*init)();
16 void (*finish)();
17 int (*compress)();
18 int (*expand)();
19 long (*ctrl)();
20 long (*callback_ctrl)();
21 } COMP_METHOD;
22
23typedef struct comp_ctx_st
24 {
25 COMP_METHOD *meth;
26 unsigned long compress_in;
27 unsigned long compress_out;
28 unsigned long expand_in;
29 unsigned long expand_out;
30
31 CRYPTO_EX_DATA ex_data;
32 } COMP_CTX;
33
34
35COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
36void COMP_CTX_free(COMP_CTX *ctx);
37int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
38 unsigned char *in, int ilen);
39int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
40 unsigned char *in, int ilen);
41COMP_METHOD *COMP_rle(void );
42#ifdef ZLIB
43COMP_METHOD *COMP_zlib(void );
44#endif
45
46/* BEGIN ERROR CODES */
47/* The following lines are auto generated by the script mkerr.pl. Any changes
48 * made after this point may be overwritten when the script is next run.
49 */
50
51/* Error codes for the COMP functions. */
52
53/* Function codes. */
54
55/* Reason codes. */
56
57#ifdef __cplusplus
58}
59#endif
60#endif
61
diff --git a/src/lib/libcrypto/comp/comp_err.c b/src/lib/libcrypto/comp/comp_err.c
deleted file mode 100644
index c10282a73c..0000000000
--- a/src/lib/libcrypto/comp/comp_err.c
+++ /dev/null
@@ -1,92 +0,0 @@
1/* crypto/comp/comp_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/comp.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA COMP_str_functs[]=
68 {
69{0,NULL}
70 };
71
72static ERR_STRING_DATA COMP_str_reasons[]=
73 {
74{0,NULL}
75 };
76
77#endif
78
79void ERR_load_COMP_strings(void)
80 {
81 static int init=1;
82
83 if (init)
84 {
85 init=0;
86#ifndef NO_ERR
87 ERR_load_strings(ERR_LIB_COMP,COMP_str_functs);
88 ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons);
89#endif
90
91 }
92 }
diff --git a/src/lib/libcrypto/comp/comp_lib.c b/src/lib/libcrypto/comp/comp_lib.c
deleted file mode 100644
index beb98ce8cc..0000000000
--- a/src/lib/libcrypto/comp/comp_lib.c
+++ /dev/null
@@ -1,78 +0,0 @@
1#include <stdio.h>
2#include <stdlib.h>
3#include <string.h>
4#include <openssl/objects.h>
5#include <openssl/comp.h>
6
7COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
8 {
9 COMP_CTX *ret;
10
11 if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL)
12 {
13 /* ZZZZZZZZZZZZZZZZ */
14 return(NULL);
15 }
16 memset(ret,0,sizeof(COMP_CTX));
17 ret->meth=meth;
18 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
19 {
20 OPENSSL_free(ret);
21 ret=NULL;
22 }
23#if 0
24 else
25 CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
26#endif
27 return(ret);
28 }
29
30void COMP_CTX_free(COMP_CTX *ctx)
31 {
32 /* CRYPTO_free_ex_data(rsa_meth,(char *)ctx,&ctx->ex_data); */
33
34 if(ctx == NULL)
35 return;
36
37 if (ctx->meth->finish != NULL)
38 ctx->meth->finish(ctx);
39
40 OPENSSL_free(ctx);
41 }
42
43int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
44 unsigned char *in, int ilen)
45 {
46 int ret;
47 if (ctx->meth->compress == NULL)
48 {
49 /* ZZZZZZZZZZZZZZZZZ */
50 return(-1);
51 }
52 ret=ctx->meth->compress(ctx,out,olen,in,ilen);
53 if (ret > 0)
54 {
55 ctx->compress_in+=ilen;
56 ctx->compress_out+=ret;
57 }
58 return(ret);
59 }
60
61int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
62 unsigned char *in, int ilen)
63 {
64 int ret;
65
66 if (ctx->meth->expand == NULL)
67 {
68 /* ZZZZZZZZZZZZZZZZZ */
69 return(-1);
70 }
71 ret=ctx->meth->expand(ctx,out,olen,in,ilen);
72 if (ret > 0)
73 {
74 ctx->expand_in+=ilen;
75 ctx->expand_out+=ret;
76 }
77 return(ret);
78 }
diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h
deleted file mode 100644
index cd40a0db21..0000000000
--- a/src/lib/libcrypto/conf/conf.h
+++ /dev/null
@@ -1,179 +0,0 @@
1/* crypto/conf/conf.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_CONF_H
60#define HEADER_CONF_H
61
62#include <openssl/bio.h>
63#include <openssl/lhash.h>
64#include <openssl/stack.h>
65#include <openssl/safestack.h>
66#include <openssl/e_os.h>
67
68#ifdef __cplusplus
69extern "C" {
70#endif
71
72typedef struct
73 {
74 char *section;
75 char *name;
76 char *value;
77 } CONF_VALUE;
78
79DECLARE_STACK_OF(CONF_VALUE)
80
81struct conf_st;
82typedef struct conf_st CONF;
83struct conf_method_st;
84typedef struct conf_method_st CONF_METHOD;
85
86struct conf_method_st
87 {
88 const char *name;
89 CONF *(MS_FAR *create)(CONF_METHOD *meth);
90 int (MS_FAR *init)(CONF *conf);
91 int (MS_FAR *destroy)(CONF *conf);
92 int (MS_FAR *destroy_data)(CONF *conf);
93 int (MS_FAR *load)(CONF *conf, BIO *bp, long *eline);
94 int (MS_FAR *dump)(CONF *conf, BIO *bp);
95 int (MS_FAR *is_number)(CONF *conf, char c);
96 int (MS_FAR *to_int)(CONF *conf, char c);
97 };
98
99int CONF_set_default_method(CONF_METHOD *meth);
100LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
101#ifndef NO_FP_API
102LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
103#endif
104LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
105STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section);
106char *CONF_get_string(LHASH *conf,char *group,char *name);
107long CONF_get_number(LHASH *conf,char *group,char *name);
108void CONF_free(LHASH *conf);
109int CONF_dump_fp(LHASH *conf, FILE *out);
110int CONF_dump_bio(LHASH *conf, BIO *out);
111void ERR_load_CONF_strings(void );
112
113/* New conf code. The semantics are different from the functions above.
114 If that wasn't the case, the above functions would have been replaced */
115
116struct conf_st
117 {
118 CONF_METHOD *meth;
119 void *meth_data;
120 LHASH *data;
121 };
122
123CONF *NCONF_new(CONF_METHOD *meth);
124CONF_METHOD *NCONF_default();
125CONF_METHOD *NCONF_WIN32();
126#if 0 /* Just to give you an idea of what I have in mind */
127CONF_METHOD *NCONF_XML();
128#endif
129void NCONF_free(CONF *conf);
130void NCONF_free_data(CONF *conf);
131
132int NCONF_load(CONF *conf,const char *file,long *eline);
133#ifndef NO_FP_API
134int NCONF_load_fp(CONF *conf, FILE *fp,long *eline);
135#endif
136int NCONF_load_bio(CONF *conf, BIO *bp,long *eline);
137STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section);
138char *NCONF_get_string(CONF *conf,char *group,char *name);
139long NCONF_get_number(CONF *conf,char *group,char *name);
140int NCONF_dump_fp(CONF *conf, FILE *out);
141int NCONF_dump_bio(CONF *conf, BIO *out);
142
143
144/* BEGIN ERROR CODES */
145/* The following lines are auto generated by the script mkerr.pl. Any changes
146 * made after this point may be overwritten when the script is next run.
147 */
148
149/* Error codes for the CONF functions. */
150
151/* Function codes. */
152#define CONF_F_CONF_DUMP_FP 104
153#define CONF_F_CONF_LOAD 100
154#define CONF_F_CONF_LOAD_BIO 102
155#define CONF_F_CONF_LOAD_FP 103
156#define CONF_F_NCONF_DUMP_BIO 105
157#define CONF_F_NCONF_DUMP_FP 106
158#define CONF_F_NCONF_GET_NUMBER 107
159#define CONF_F_NCONF_GET_SECTION 108
160#define CONF_F_NCONF_GET_STRING 109
161#define CONF_F_NCONF_LOAD_BIO 110
162#define CONF_F_NCONF_NEW 111
163#define CONF_F_STR_COPY 101
164
165/* Reason codes. */
166#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
167#define CONF_R_MISSING_EQUAL_SIGN 101
168#define CONF_R_NO_CLOSE_BRACE 102
169#define CONF_R_NO_CONF 105
170#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
171#define CONF_R_NO_SECTION 107
172#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
173#define CONF_R_VARIABLE_HAS_NO_VALUE 104
174
175#ifdef __cplusplus
176}
177#endif
178#endif
179
diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c
deleted file mode 100644
index d05a778ff6..0000000000
--- a/src/lib/libcrypto/conf/conf_api.c
+++ /dev/null
@@ -1,289 +0,0 @@
1/* conf_api.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Part of the code in here was originally in conf.c, which is now removed */
60
61#ifndef CONF_DEBUG
62# undef NDEBUG /* avoid conflicting definitions */
63# define NDEBUG
64#endif
65
66#include <assert.h>
67#include <string.h>
68#include <openssl/conf.h>
69#include <openssl/conf_api.h>
70
71static void value_free_hash(CONF_VALUE *a, LHASH *conf);
72static void value_free_stack(CONF_VALUE *a,LHASH *conf);
73static unsigned long hash(CONF_VALUE *v);
74static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b);
75
76/* Up until OpenSSL 0.9.5a, this was get_section */
77CONF_VALUE *_CONF_get_section(CONF *conf, char *section)
78 {
79 CONF_VALUE *v,vv;
80
81 if ((conf == NULL) || (section == NULL)) return(NULL);
82 vv.name=NULL;
83 vv.section=section;
84 v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
85 return(v);
86 }
87
88/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
89STACK_OF(CONF_VALUE) *_CONF_get_section_values(CONF *conf, char *section)
90 {
91 CONF_VALUE *v;
92
93 v=_CONF_get_section(conf,section);
94 if (v != NULL)
95 return((STACK_OF(CONF_VALUE) *)v->value);
96 else
97 return(NULL);
98 }
99
100int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
101 {
102 CONF_VALUE *v = NULL;
103 STACK_OF(CONF_VALUE) *ts;
104
105 ts = (STACK_OF(CONF_VALUE) *)section->value;
106
107 value->section=section->section;
108 if (!sk_CONF_VALUE_push(ts,value))
109 {
110 return 0;
111 }
112
113 v = (CONF_VALUE *)lh_insert(conf->data, value);
114 if (v != NULL)
115 {
116 sk_CONF_VALUE_delete_ptr(ts,v);
117 OPENSSL_free(v->name);
118 OPENSSL_free(v->value);
119 OPENSSL_free(v);
120 }
121 return 1;
122 }
123
124char *_CONF_get_string(CONF *conf, char *section, char *name)
125 {
126 CONF_VALUE *v,vv;
127 char *p;
128
129 if (name == NULL) return(NULL);
130 if (conf != NULL)
131 {
132 if (section != NULL)
133 {
134 vv.name=name;
135 vv.section=section;
136 v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
137 if (v != NULL) return(v->value);
138 if (strcmp(section,"ENV") == 0)
139 {
140 p=Getenv(name);
141 if (p != NULL) return(p);
142 }
143 }
144 vv.section="default";
145 vv.name=name;
146 v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
147 if (v != NULL)
148 return(v->value);
149 else
150 return(NULL);
151 }
152 else
153 return(Getenv(name));
154 }
155
156long _CONF_get_number(CONF *conf, char *section, char *name)
157 {
158 char *str;
159 long ret=0;
160
161 str=_CONF_get_string(conf,section,name);
162 if (str == NULL) return(0);
163 for (;;)
164 {
165 if (conf->meth->is_number(conf, *str))
166 ret=ret*10+conf->meth->to_int(conf, *str);
167 else
168 return(ret);
169 str++;
170 }
171 }
172
173int _CONF_new_data(CONF *conf)
174 {
175 if (conf == NULL)
176 {
177 return 0;
178 }
179 if (conf->data == NULL)
180 if ((conf->data = lh_new(hash,cmp_conf)) == NULL)
181 {
182 return 0;
183 }
184 return 1;
185 }
186
187void _CONF_free_data(CONF *conf)
188 {
189 if (conf == NULL || conf->data == NULL) return;
190
191 conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()'
192 * works as expected */
193 lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data);
194
195 /* We now have only 'section' entries in the hash table.
196 * Due to problems with */
197
198 lh_doall_arg(conf->data,(void (*)())value_free_stack,conf->data);
199 lh_free(conf->data);
200 }
201
202static void value_free_hash(CONF_VALUE *a, LHASH *conf)
203 {
204 if (a->name != NULL)
205 {
206 a=(CONF_VALUE *)lh_delete(conf,a);
207 }
208 }
209
210static void value_free_stack(CONF_VALUE *a, LHASH *conf)
211 {
212 CONF_VALUE *vv;
213 STACK *sk;
214 int i;
215
216 if (a->name != NULL) return;
217
218 sk=(STACK *)a->value;
219 for (i=sk_num(sk)-1; i>=0; i--)
220 {
221 vv=(CONF_VALUE *)sk_value(sk,i);
222 OPENSSL_free(vv->value);
223 OPENSSL_free(vv->name);
224 OPENSSL_free(vv);
225 }
226 if (sk != NULL) sk_free(sk);
227 OPENSSL_free(a->section);
228 OPENSSL_free(a);
229 }
230
231static unsigned long hash(CONF_VALUE *v)
232 {
233 return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
234 }
235
236static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b)
237 {
238 int i;
239
240 if (a->section != b->section)
241 {
242 i=strcmp(a->section,b->section);
243 if (i) return(i);
244 }
245
246 if ((a->name != NULL) && (b->name != NULL))
247 {
248 i=strcmp(a->name,b->name);
249 return(i);
250 }
251 else if (a->name == b->name)
252 return(0);
253 else
254 return((a->name == NULL)?-1:1);
255 }
256
257/* Up until OpenSSL 0.9.5a, this was new_section */
258CONF_VALUE *_CONF_new_section(CONF *conf, char *section)
259 {
260 STACK *sk=NULL;
261 int ok=0,i;
262 CONF_VALUE *v=NULL,*vv;
263
264 if ((sk=sk_new_null()) == NULL)
265 goto err;
266 if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
267 goto err;
268 i=strlen(section)+1;
269 if ((v->section=(char *)OPENSSL_malloc(i)) == NULL)
270 goto err;
271
272 memcpy(v->section,section,i);
273 v->name=NULL;
274 v->value=(char *)sk;
275
276 vv=(CONF_VALUE *)lh_insert(conf->data,v);
277 assert(vv == NULL);
278 ok=1;
279err:
280 if (!ok)
281 {
282 if (sk != NULL) sk_free(sk);
283 if (v != NULL) OPENSSL_free(v);
284 v=NULL;
285 }
286 return(v);
287 }
288
289IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/src/lib/libcrypto/conf/conf_api.h b/src/lib/libcrypto/conf/conf_api.h
deleted file mode 100644
index a5cc17b233..0000000000
--- a/src/lib/libcrypto/conf/conf_api.h
+++ /dev/null
@@ -1,87 +0,0 @@
1/* conf_api.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_CONF_API_H
60#define HEADER_CONF_API_H
61
62#include <openssl/lhash.h>
63#include <openssl/conf.h>
64
65#ifdef __cplusplus
66extern "C" {
67#endif
68
69/* Up until OpenSSL 0.9.5a, this was new_section */
70CONF_VALUE *_CONF_new_section(CONF *conf, char *section);
71/* Up until OpenSSL 0.9.5a, this was get_section */
72CONF_VALUE *_CONF_get_section(CONF *conf, char *section);
73/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
74STACK_OF(CONF_VALUE) *_CONF_get_section_values(CONF *conf, char *section);
75
76int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
77char *_CONF_get_string(CONF *conf, char *section, char *name);
78long _CONF_get_number(CONF *conf, char *section, char *name);
79
80int _CONF_new_data(CONF *conf);
81void _CONF_free_data(CONF *conf);
82
83#ifdef __cplusplus
84}
85#endif
86#endif
87
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c
deleted file mode 100644
index 773df32c68..0000000000
--- a/src/lib/libcrypto/conf/conf_def.c
+++ /dev/null
@@ -1,703 +0,0 @@
1/* crypto/conf/conf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Part of the code in here was originally in conf.c, which is now removed */
60
61#include <stdio.h>
62#include <string.h>
63#include <openssl/stack.h>
64#include <openssl/lhash.h>
65#include <openssl/conf.h>
66#include <openssl/conf_api.h>
67#include "conf_def.h"
68#include <openssl/buffer.h>
69#include <openssl/err.h>
70
71static char *eat_ws(CONF *conf, char *p);
72static char *eat_alpha_numeric(CONF *conf, char *p);
73static void clear_comments(CONF *conf, char *p);
74static int str_copy(CONF *conf,char *section,char **to, char *from);
75static char *scan_quote(CONF *conf, char *p);
76static char *scan_dquote(CONF *conf, char *p);
77#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
78
79static CONF *def_create(CONF_METHOD *meth);
80static int def_init_default(CONF *conf);
81static int def_init_WIN32(CONF *conf);
82static int def_destroy(CONF *conf);
83static int def_destroy_data(CONF *conf);
84static int def_load(CONF *conf, BIO *bp, long *eline);
85static int def_dump(CONF *conf, BIO *bp);
86static int def_is_number(CONF *conf, char c);
87static int def_to_int(CONF *conf, char c);
88
89const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT;
90
91static CONF_METHOD default_method = {
92 "OpenSSL default",
93 def_create,
94 def_init_default,
95 def_destroy,
96 def_destroy_data,
97 def_load,
98 def_dump,
99 def_is_number,
100 def_to_int
101 };
102
103static CONF_METHOD WIN32_method = {
104 "WIN32",
105 def_create,
106 def_init_WIN32,
107 def_destroy,
108 def_destroy_data,
109 def_load,
110 def_dump,
111 def_is_number,
112 def_to_int
113 };
114
115CONF_METHOD *NCONF_default()
116 {
117 return &default_method;
118 }
119CONF_METHOD *NCONF_WIN32()
120 {
121 return &WIN32_method;
122 }
123
124static CONF *def_create(CONF_METHOD *meth)
125 {
126 CONF *ret;
127
128 ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
129 if (ret)
130 if (meth->init(ret) == 0)
131 {
132 OPENSSL_free(ret);
133 ret = NULL;
134 }
135 return ret;
136 }
137
138static int def_init_default(CONF *conf)
139 {
140 if (conf == NULL)
141 return 0;
142
143 conf->meth = &default_method;
144 conf->meth_data = (void *)CONF_type_default;
145 conf->data = NULL;
146
147 return 1;
148 }
149
150static int def_init_WIN32(CONF *conf)
151 {
152 if (conf == NULL)
153 return 0;
154
155 conf->meth = &WIN32_method;
156 conf->meth_data = (void *)CONF_type_win32;
157 conf->data = NULL;
158
159 return 1;
160 }
161
162static int def_destroy(CONF *conf)
163 {
164 if (def_destroy_data(conf))
165 {
166 OPENSSL_free(conf);
167 return 1;
168 }
169 return 0;
170 }
171
172static int def_destroy_data(CONF *conf)
173 {
174 if (conf == NULL)
175 return 0;
176 _CONF_free_data(conf);
177 return 1;
178 }
179
180static int def_load(CONF *conf, BIO *in, long *line)
181 {
182#define BUFSIZE 512
183 char btmp[16];
184 int bufnum=0,i,ii;
185 BUF_MEM *buff=NULL;
186 char *s,*p,*end;
187 int again,n;
188 long eline=0;
189 CONF_VALUE *v=NULL,*tv;
190 CONF_VALUE *sv=NULL;
191 char *section=NULL,*buf;
192 STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
193 char *start,*psection,*pname;
194 void *h = (void *)(conf->data);
195
196 if ((buff=BUF_MEM_new()) == NULL)
197 {
198 CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
199 goto err;
200 }
201
202 section=(char *)OPENSSL_malloc(10);
203 if (section == NULL)
204 {
205 CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
206 goto err;
207 }
208 strcpy(section,"default");
209
210 if (_CONF_new_data(conf) == 0)
211 {
212 CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
213 goto err;
214 }
215
216 sv=_CONF_new_section(conf,section);
217 if (sv == NULL)
218 {
219 CONFerr(CONF_F_CONF_LOAD_BIO,
220 CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
221 goto err;
222 }
223 section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
224
225 bufnum=0;
226 for (;;)
227 {
228 again=0;
229 if (!BUF_MEM_grow(buff,bufnum+BUFSIZE))
230 {
231 CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
232 goto err;
233 }
234 p= &(buff->data[bufnum]);
235 *p='\0';
236 BIO_gets(in, p, BUFSIZE-1);
237 p[BUFSIZE-1]='\0';
238 ii=i=strlen(p);
239 if (i == 0) break;
240 while (i > 0)
241 {
242 if ((p[i-1] != '\r') && (p[i-1] != '\n'))
243 break;
244 else
245 i--;
246 }
247 /* we removed some trailing stuff so there is a new
248 * line on the end. */
249 if (i == ii)
250 again=1; /* long line */
251 else
252 {
253 p[i]='\0';
254 eline++; /* another input line */
255 }
256
257 /* we now have a line with trailing \r\n removed */
258
259 /* i is the number of bytes */
260 bufnum+=i;
261
262 v=NULL;
263 /* check for line continuation */
264 if (bufnum >= 1)
265 {
266 /* If we have bytes and the last char '\\' and
267 * second last char is not '\\' */
268 p= &(buff->data[bufnum-1]);
269 if (IS_ESC(conf,p[0]) &&
270 ((bufnum <= 1) || !IS_ESC(conf,p[-1])))
271 {
272 bufnum--;
273 again=1;
274 }
275 }
276 if (again) continue;
277 bufnum=0;
278 buf=buff->data;
279
280 clear_comments(conf, buf);
281 n=strlen(buf);
282 s=eat_ws(conf, buf);
283 if (IS_EOF(conf,*s)) continue; /* blank line */
284 if (*s == '[')
285 {
286 char *ss;
287
288 s++;
289 start=eat_ws(conf, s);
290 ss=start;
291again:
292 end=eat_alpha_numeric(conf, ss);
293 p=eat_ws(conf, end);
294 if (*p != ']')
295 {
296 if (*p != '\0')
297 {
298 ss=p;
299 goto again;
300 }
301 CONFerr(CONF_F_CONF_LOAD_BIO,
302 CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
303 goto err;
304 }
305 *end='\0';
306 if (!str_copy(conf,NULL,&section,start)) goto err;
307 if ((sv=_CONF_get_section(conf,section)) == NULL)
308 sv=_CONF_new_section(conf,section);
309 if (sv == NULL)
310 {
311 CONFerr(CONF_F_CONF_LOAD_BIO,
312 CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
313 goto err;
314 }
315 section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
316 continue;
317 }
318 else
319 {
320 pname=s;
321 psection=NULL;
322 end=eat_alpha_numeric(conf, s);
323 if ((end[0] == ':') && (end[1] == ':'))
324 {
325 *end='\0';
326 end+=2;
327 psection=pname;
328 pname=end;
329 end=eat_alpha_numeric(conf, end);
330 }
331 p=eat_ws(conf, end);
332 if (*p != '=')
333 {
334 CONFerr(CONF_F_CONF_LOAD_BIO,
335 CONF_R_MISSING_EQUAL_SIGN);
336 goto err;
337 }
338 *end='\0';
339 p++;
340 start=eat_ws(conf, p);
341 while (!IS_EOF(conf,*p))
342 p++;
343 p--;
344 while ((p != start) && (IS_WS(conf,*p)))
345 p--;
346 p++;
347 *p='\0';
348
349 if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
350 {
351 CONFerr(CONF_F_CONF_LOAD_BIO,
352 ERR_R_MALLOC_FAILURE);
353 goto err;
354 }
355 if (psection == NULL) psection=section;
356 v->name=(char *)OPENSSL_malloc(strlen(pname)+1);
357 v->value=NULL;
358 if (v->name == NULL)
359 {
360 CONFerr(CONF_F_CONF_LOAD_BIO,
361 ERR_R_MALLOC_FAILURE);
362 goto err;
363 }
364 strcpy(v->name,pname);
365 if (!str_copy(conf,psection,&(v->value),start)) goto err;
366
367 if (strcmp(psection,section) != 0)
368 {
369 if ((tv=_CONF_get_section(conf,psection))
370 == NULL)
371 tv=_CONF_new_section(conf,psection);
372 if (tv == NULL)
373 {
374 CONFerr(CONF_F_CONF_LOAD_BIO,
375 CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
376 goto err;
377 }
378 ts=(STACK_OF(CONF_VALUE) *)tv->value;
379 }
380 else
381 {
382 tv=sv;
383 ts=section_sk;
384 }
385#if 1
386 if (_CONF_add_string(conf, tv, v) == 0)
387 {
388 CONFerr(CONF_F_CONF_LOAD_BIO,
389 ERR_R_MALLOC_FAILURE);
390 goto err;
391 }
392#else
393 v->section=tv->section;
394 if (!sk_CONF_VALUE_push(ts,v))
395 {
396 CONFerr(CONF_F_CONF_LOAD_BIO,
397 ERR_R_MALLOC_FAILURE);
398 goto err;
399 }
400 vv=(CONF_VALUE *)lh_insert(conf->data,v);
401 if (vv != NULL)
402 {
403 sk_CONF_VALUE_delete_ptr(ts,vv);
404 OPENSSL_free(vv->name);
405 OPENSSL_free(vv->value);
406 OPENSSL_free(vv);
407 }
408#endif
409 v=NULL;
410 }
411 }
412 if (buff != NULL) BUF_MEM_free(buff);
413 if (section != NULL) OPENSSL_free(section);
414 return(1);
415err:
416 if (buff != NULL) BUF_MEM_free(buff);
417 if (section != NULL) OPENSSL_free(section);
418 if (line != NULL) *line=eline;
419 sprintf(btmp,"%ld",eline);
420 ERR_add_error_data(2,"line ",btmp);
421 if ((h != conf->data) && (conf->data != NULL)) CONF_free(conf->data);
422 if (v != NULL)
423 {
424 if (v->name != NULL) OPENSSL_free(v->name);
425 if (v->value != NULL) OPENSSL_free(v->value);
426 if (v != NULL) OPENSSL_free(v);
427 }
428 return(0);
429 }
430
431static void clear_comments(CONF *conf, char *p)
432 {
433 char *to;
434
435 to=p;
436 for (;;)
437 {
438 if (IS_FCOMMENT(conf,*p))
439 {
440 *p='\0';
441 return;
442 }
443 if (!IS_WS(conf,*p))
444 {
445 break;
446 }
447 p++;
448 }
449
450 for (;;)
451 {
452 if (IS_COMMENT(conf,*p))
453 {
454 *p='\0';
455 return;
456 }
457 if (IS_DQUOTE(conf,*p))
458 {
459 p=scan_dquote(conf, p);
460 continue;
461 }
462 if (IS_QUOTE(conf,*p))
463 {
464 p=scan_quote(conf, p);
465 continue;
466 }
467 if (IS_ESC(conf,*p))
468 {
469 p=scan_esc(conf,p);
470 continue;
471 }
472 if (IS_EOF(conf,*p))
473 return;
474 else
475 p++;
476 }
477 }
478
479static int str_copy(CONF *conf, char *section, char **pto, char *from)
480 {
481 int q,r,rr=0,to=0,len=0;
482 char *s,*e,*rp,*p,*rrp,*np,*cp,v;
483 BUF_MEM *buf;
484
485 if ((buf=BUF_MEM_new()) == NULL) return(0);
486
487 len=strlen(from)+1;
488 if (!BUF_MEM_grow(buf,len)) goto err;
489
490 for (;;)
491 {
492 if (IS_QUOTE(conf,*from))
493 {
494 q= *from;
495 from++;
496 while (!IS_EOF(conf,*from) && (*from != q))
497 {
498 if (IS_ESC(conf,*from))
499 {
500 from++;
501 if (IS_EOF(conf,*from)) break;
502 }
503 buf->data[to++]= *(from++);
504 }
505 if (*from == q) from++;
506 }
507 else if (IS_DQUOTE(conf,*from))
508 {
509 q= *from;
510 from++;
511 while (!IS_EOF(conf,*from))
512 {
513 if (*from == q)
514 {
515 if (*(from+1) == q)
516 {
517 from++;
518 }
519 else
520 {
521 break;
522 }
523 }
524 buf->data[to++]= *(from++);
525 }
526 if (*from == q) from++;
527 }
528 else if (IS_ESC(conf,*from))
529 {
530 from++;
531 v= *(from++);
532 if (IS_EOF(conf,v)) break;
533 else if (v == 'r') v='\r';
534 else if (v == 'n') v='\n';
535 else if (v == 'b') v='\b';
536 else if (v == 't') v='\t';
537 buf->data[to++]= v;
538 }
539 else if (IS_EOF(conf,*from))
540 break;
541 else if (*from == '$')
542 {
543 /* try to expand it */
544 rrp=NULL;
545 s= &(from[1]);
546 if (*s == '{')
547 q='}';
548 else if (*s == '(')
549 q=')';
550 else q=0;
551
552 if (q) s++;
553 cp=section;
554 e=np=s;
555 while (IS_ALPHA_NUMERIC(conf,*e))
556 e++;
557 if ((e[0] == ':') && (e[1] == ':'))
558 {
559 cp=np;
560 rrp=e;
561 rr= *e;
562 *rrp='\0';
563 e+=2;
564 np=e;
565 while (IS_ALPHA_NUMERIC(conf,*e))
566 e++;
567 }
568 r= *e;
569 *e='\0';
570 rp=e;
571 if (q)
572 {
573 if (r != q)
574 {
575 CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
576 goto err;
577 }
578 e++;
579 }
580 /* So at this point we have
581 * ns which is the start of the name string which is
582 * '\0' terminated.
583 * cs which is the start of the section string which is
584 * '\0' terminated.
585 * e is the 'next point after'.
586 * r and s are the chars replaced by the '\0'
587 * rp and sp is where 'r' and 's' came from.
588 */
589 p=_CONF_get_string(conf,cp,np);
590 if (rrp != NULL) *rrp=rr;
591 *rp=r;
592 if (p == NULL)
593 {
594 CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
595 goto err;
596 }
597 BUF_MEM_grow(buf,(strlen(p)+len-(e-from)));
598 while (*p)
599 buf->data[to++]= *(p++);
600 from=e;
601 }
602 else
603 buf->data[to++]= *(from++);
604 }
605 buf->data[to]='\0';
606 if (*pto != NULL) OPENSSL_free(*pto);
607 *pto=buf->data;
608 OPENSSL_free(buf);
609 return(1);
610err:
611 if (buf != NULL) BUF_MEM_free(buf);
612 return(0);
613 }
614
615static char *eat_ws(CONF *conf, char *p)
616 {
617 while (IS_WS(conf,*p) && (!IS_EOF(conf,*p)))
618 p++;
619 return(p);
620 }
621
622static char *eat_alpha_numeric(CONF *conf, char *p)
623 {
624 for (;;)
625 {
626 if (IS_ESC(conf,*p))
627 {
628 p=scan_esc(conf,p);
629 continue;
630 }
631 if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p))
632 return(p);
633 p++;
634 }
635 }
636
637static char *scan_quote(CONF *conf, char *p)
638 {
639 int q= *p;
640
641 p++;
642 while (!(IS_EOF(conf,*p)) && (*p != q))
643 {
644 if (IS_ESC(conf,*p))
645 {
646 p++;
647 if (IS_EOF(conf,*p)) return(p);
648 }
649 p++;
650 }
651 if (*p == q) p++;
652 return(p);
653 }
654
655
656static char *scan_dquote(CONF *conf, char *p)
657 {
658 int q= *p;
659
660 p++;
661 while (!(IS_EOF(conf,*p)))
662 {
663 if (*p == q)
664 {
665 if (*(p+1) == q)
666 {
667 p++;
668 }
669 else
670 {
671 break;
672 }
673 }
674 p++;
675 }
676 if (*p == q) p++;
677 return(p);
678 }
679
680static void dump_value(CONF_VALUE *a, BIO *out)
681 {
682 if (a->name)
683 BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
684 else
685 BIO_printf(out, "[[%s]]\n", a->section);
686 }
687
688static int def_dump(CONF *conf, BIO *out)
689 {
690 lh_doall_arg(conf->data, (void (*)())dump_value, out);
691 return 1;
692 }
693
694static int def_is_number(CONF *conf, char c)
695 {
696 return IS_NUMBER(conf,c);
697 }
698
699static int def_to_int(CONF *conf, char c)
700 {
701 return c - '0';
702 }
703
diff --git a/src/lib/libcrypto/conf/conf_def.h b/src/lib/libcrypto/conf/conf_def.h
deleted file mode 100644
index 3244d9a331..0000000000
--- a/src/lib/libcrypto/conf/conf_def.h
+++ /dev/null
@@ -1,145 +0,0 @@
1/* crypto/conf/conf_def.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* THIS FILE WAS AUTOMAGICALLY GENERATED!
60 Please modify and use keysets.pl to regenerate it. */
61
62#define CONF_NUMBER 1
63#define CONF_UPPER 2
64#define CONF_LOWER 4
65#define CONF_UNDER 256
66#define CONF_PUNCTUATION 512
67#define CONF_WS 16
68#define CONF_ESC 32
69#define CONF_QUOTE 64
70#define CONF_DQUOTE 1024
71#define CONF_COMMENT 128
72#define CONF_FCOMMENT 2048
73#define CONF_EOF 8
74#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
75#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
76#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
77 CONF_PUNCTUATION)
78
79#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
80#ifndef CHARSET_EBCDIC
81#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_COMMENT)
82#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_FCOMMENT)
83#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_EOF)
84#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ESC)
85#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_NUMBER)
86#define IS_WS(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_WS)
87#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC)
88#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
89 (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
90#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_QUOTE)
91#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_DQUOTE)
92
93#else /*CHARSET_EBCDIC*/
94
95#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_COMMENT)
96#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_FCOMMENT)
97#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_EOF)
98#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ESC)
99#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_NUMBER)
100#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_WS)
101#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC)
102#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
103 (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
104#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_QUOTE)
105#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_DQUOTE)
106#endif /*CHARSET_EBCDIC*/
107
108static unsigned short CONF_type_default[128]={
109 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
110 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
111 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
112 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
113 0x010,0x200,0x040,0x080,0x000,0x200,0x200,0x040,
114 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
115 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
116 0x001,0x001,0x000,0x200,0x000,0x000,0x000,0x200,
117 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
118 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
119 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
120 0x002,0x002,0x002,0x000,0x020,0x000,0x200,0x100,
121 0x040,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
122 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
123 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
124 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
125 };
126
127static unsigned short CONF_type_win32[128]={
128 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
129 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
130 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
131 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
132 0x010,0x200,0x400,0x000,0x000,0x200,0x200,0x000,
133 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
134 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
135 0x001,0x001,0x000,0xA00,0x000,0x000,0x000,0x200,
136 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
137 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
138 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
139 0x002,0x002,0x002,0x000,0x000,0x000,0x200,0x100,
140 0x000,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
141 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
142 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
143 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
144 };
145
diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c
deleted file mode 100644
index 8c2bc6f1c4..0000000000
--- a/src/lib/libcrypto/conf/conf_err.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/conf/conf_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/conf.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA CONF_str_functs[]=
68 {
69{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0), "CONF_dump_fp"},
70{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"},
71{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0), "CONF_load_bio"},
72{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0), "CONF_load_fp"},
73{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0), "NCONF_dump_bio"},
74{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0), "NCONF_dump_fp"},
75{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0), "NCONF_get_number"},
76{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0), "NCONF_get_section"},
77{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0), "NCONF_get_string"},
78{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0), "NCONF_load_bio"},
79{ERR_PACK(0,CONF_F_NCONF_NEW,0), "NCONF_new"},
80{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"},
81{0,NULL}
82 };
83
84static ERR_STRING_DATA CONF_str_reasons[]=
85 {
86{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"},
87{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"},
88{CONF_R_NO_CLOSE_BRACE ,"no close brace"},
89{CONF_R_NO_CONF ,"no conf"},
90{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE ,"no conf or environment variable"},
91{CONF_R_NO_SECTION ,"no section"},
92{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"},
93{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"},
94{0,NULL}
95 };
96
97#endif
98
99void ERR_load_CONF_strings(void)
100 {
101 static int init=1;
102
103 if (init)
104 {
105 init=0;
106#ifndef NO_ERR
107 ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
108 ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
109#endif
110
111 }
112 }
diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c
deleted file mode 100644
index 11ec639732..0000000000
--- a/src/lib/libcrypto/conf/conf_lib.c
+++ /dev/null
@@ -1,392 +0,0 @@
1/* conf_lib.c */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <openssl/crypto.h>
61#include <openssl/err.h>
62#include <openssl/conf.h>
63#include <openssl/conf_api.h>
64#include <openssl/lhash.h>
65
66const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
67
68static CONF_METHOD *default_CONF_method=NULL;
69
70/* The following section contains the "CONF classic" functions,
71 rewritten in terms of the new CONF interface. */
72
73int CONF_set_default_method(CONF_METHOD *meth)
74 {
75 default_CONF_method = meth;
76 return 1;
77 }
78
79LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
80 {
81 LHASH *ltmp;
82 BIO *in=NULL;
83
84#ifdef VMS
85 in=BIO_new_file(file, "r");
86#else
87 in=BIO_new_file(file, "rb");
88#endif
89 if (in == NULL)
90 {
91 CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
92 return NULL;
93 }
94
95 ltmp = CONF_load_bio(conf, in, eline);
96 BIO_free(in);
97
98 return ltmp;
99 }
100
101#ifndef NO_FP_API
102LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline)
103 {
104 BIO *btmp;
105 LHASH *ltmp;
106 if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
107 CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
108 return NULL;
109 }
110 ltmp = CONF_load_bio(conf, btmp, eline);
111 BIO_free(btmp);
112 return ltmp;
113 }
114#endif
115
116LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
117 {
118 CONF ctmp;
119 int ret;
120
121 if (default_CONF_method == NULL)
122 default_CONF_method = NCONF_default();
123
124 default_CONF_method->init(&ctmp);
125 ctmp.data = conf;
126 ret = NCONF_load_bio(&ctmp, bp, eline);
127 if (ret)
128 return ctmp.data;
129 return NULL;
130 }
131
132STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section)
133 {
134 if (conf == NULL)
135 {
136 return NULL;
137 }
138 else
139 {
140 CONF ctmp;
141
142 if (default_CONF_method == NULL)
143 default_CONF_method = NCONF_default();
144
145 default_CONF_method->init(&ctmp);
146 ctmp.data = conf;
147 return NCONF_get_section(&ctmp, section);
148 }
149 }
150
151char *CONF_get_string(LHASH *conf,char *group,char *name)
152 {
153 if (conf == NULL)
154 {
155 return NCONF_get_string(NULL, group, name);
156 }
157 else
158 {
159 CONF ctmp;
160
161 if (default_CONF_method == NULL)
162 default_CONF_method = NCONF_default();
163
164 default_CONF_method->init(&ctmp);
165 ctmp.data = conf;
166 return NCONF_get_string(&ctmp, group, name);
167 }
168 }
169
170long CONF_get_number(LHASH *conf,char *group,char *name)
171 {
172 if (conf == NULL)
173 {
174 return NCONF_get_number(NULL, group, name);
175 }
176 else
177 {
178 CONF ctmp;
179
180 if (default_CONF_method == NULL)
181 default_CONF_method = NCONF_default();
182
183 default_CONF_method->init(&ctmp);
184 ctmp.data = conf;
185 return NCONF_get_number(&ctmp, group, name);
186 }
187 }
188
189void CONF_free(LHASH *conf)
190 {
191 CONF ctmp;
192
193 if (default_CONF_method == NULL)
194 default_CONF_method = NCONF_default();
195
196 default_CONF_method->init(&ctmp);
197 ctmp.data = conf;
198 NCONF_free_data(&ctmp);
199 }
200
201#ifndef NO_FP_API
202int CONF_dump_fp(LHASH *conf, FILE *out)
203 {
204 BIO *btmp;
205 int ret;
206
207 if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
208 CONFerr(CONF_F_CONF_DUMP_FP,ERR_R_BUF_LIB);
209 return 0;
210 }
211 ret = CONF_dump_bio(conf, btmp);
212 BIO_free(btmp);
213 return ret;
214 }
215#endif
216
217int CONF_dump_bio(LHASH *conf, BIO *out)
218 {
219 CONF ctmp;
220
221 if (default_CONF_method == NULL)
222 default_CONF_method = NCONF_default();
223
224 default_CONF_method->init(&ctmp);
225 ctmp.data = conf;
226 return NCONF_dump_bio(&ctmp, out);
227 }
228
229/* The following section contains the "New CONF" functions. They are
230 completely centralised around a new CONF structure that may contain
231 basically anything, but at least a method pointer and a table of data.
232 These functions are also written in terms of the bridge functions used
233 by the "CONF classic" functions, for consistency. */
234
235CONF *NCONF_new(CONF_METHOD *meth)
236 {
237 CONF *ret;
238
239 if (meth == NULL)
240 meth = NCONF_default();
241
242 ret = meth->create(meth);
243 if (ret == NULL)
244 {
245 CONFerr(CONF_F_NCONF_NEW,ERR_R_MALLOC_FAILURE);
246 return(NULL);
247 }
248
249 return ret;
250 }
251
252void NCONF_free(CONF *conf)
253 {
254 if (conf == NULL)
255 return;
256 conf->meth->destroy(conf);
257 }
258
259void NCONF_free_data(CONF *conf)
260 {
261 if (conf == NULL)
262 return;
263 conf->meth->destroy_data(conf);
264 }
265
266int NCONF_load(CONF *conf, const char *file, long *eline)
267 {
268 int ret;
269 BIO *in=NULL;
270
271#ifdef VMS
272 in=BIO_new_file(file, "r");
273#else
274 in=BIO_new_file(file, "rb");
275#endif
276 if (in == NULL)
277 {
278 CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
279 return 0;
280 }
281
282 ret = NCONF_load_bio(conf, in, eline);
283 BIO_free(in);
284
285 return ret;
286 }
287
288#ifndef NO_FP_API
289int NCONF_load_fp(CONF *conf, FILE *fp,long *eline)
290 {
291 BIO *btmp;
292 int ret;
293 if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE)))
294 {
295 CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
296 return 0;
297 }
298 ret = NCONF_load_bio(conf, btmp, eline);
299 BIO_free(btmp);
300 return ret;
301 }
302#endif
303
304int NCONF_load_bio(CONF *conf, BIO *bp,long *eline)
305 {
306 if (conf == NULL)
307 {
308 CONFerr(CONF_F_NCONF_LOAD_BIO,CONF_R_NO_CONF);
309 return 0;
310 }
311
312 return conf->meth->load(conf, bp, eline);
313 }
314
315STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section)
316 {
317 if (conf == NULL)
318 {
319 CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_CONF);
320 return NULL;
321 }
322
323 if (section == NULL)
324 {
325 CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_SECTION);
326 return NULL;
327 }
328
329 return _CONF_get_section_values(conf, section);
330 }
331
332char *NCONF_get_string(CONF *conf,char *group,char *name)
333 {
334 char *s = _CONF_get_string(conf, group, name);
335
336 /* Since we may get a value from an environment variable even
337 if conf is NULL, let's check the value first */
338 if (s) return s;
339
340 if (conf == NULL)
341 {
342 CONFerr(CONF_F_NCONF_GET_STRING,
343 CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
344 return NULL;
345 }
346 return NULL;
347 }
348
349long NCONF_get_number(CONF *conf,char *group,char *name)
350 {
351#if 0 /* As with _CONF_get_string(), we rely on the possibility of finding
352 an environment variable with a suitable name. Unfortunately, there's
353 no way with the current API to see if we found one or not...
354 The meaning of this is that if a number is not found anywhere, it
355 will always default to 0. */
356 if (conf == NULL)
357 {
358 CONFerr(CONF_F_NCONF_GET_NUMBER,
359 CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
360 return 0;
361 }
362#endif
363
364 return _CONF_get_number(conf, group, name);
365 }
366
367#ifndef NO_FP_API
368int NCONF_dump_fp(CONF *conf, FILE *out)
369 {
370 BIO *btmp;
371 int ret;
372 if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
373 CONFerr(CONF_F_NCONF_DUMP_FP,ERR_R_BUF_LIB);
374 return 0;
375 }
376 ret = NCONF_dump_bio(conf, btmp);
377 BIO_free(btmp);
378 return ret;
379 }
380#endif
381
382int NCONF_dump_bio(CONF *conf, BIO *out)
383 {
384 if (conf == NULL)
385 {
386 CONFerr(CONF_F_NCONF_DUMP_BIO,CONF_R_NO_CONF);
387 return 0;
388 }
389
390 return conf->meth->dump(conf, out);
391 }
392
diff --git a/src/lib/libcrypto/conf/keysets.pl b/src/lib/libcrypto/conf/keysets.pl
deleted file mode 100644
index 56669e76ac..0000000000
--- a/src/lib/libcrypto/conf/keysets.pl
+++ /dev/null
@@ -1,179 +0,0 @@
1#!/usr/local/bin/perl
2
3$NUMBER=0x01;
4$UPPER=0x02;
5$LOWER=0x04;
6$UNDER=0x100;
7$PUNCTUATION=0x200;
8$WS=0x10;
9$ESC=0x20;
10$QUOTE=0x40;
11$DQUOTE=0x400;
12$COMMENT=0x80;
13$FCOMMENT=0x800;
14$EOF=0x08;
15
16foreach (0 .. 127)
17 {
18 $v=0;
19 $c=sprintf("%c",$_);
20 $v|=$NUMBER if ($c =~ /[0-9]/);
21 $v|=$UPPER if ($c =~ /[A-Z]/);
22 $v|=$LOWER if ($c =~ /[a-z]/);
23 $v|=$UNDER if ($c =~ /_/);
24 $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
25 $v|=$WS if ($c =~ /[ \t\r\n]/);
26 $v|=$ESC if ($c =~ /\\/);
27 $v|=$QUOTE if ($c =~ /['`"]/); # for emacs: "`'}/)
28 $v|=$COMMENT if ($c =~ /\#/);
29 $v|=$EOF if ($c =~ /\0/);
30
31 push(@V_def,$v);
32 }
33
34foreach (0 .. 127)
35 {
36 $v=0;
37 $c=sprintf("%c",$_);
38 $v|=$NUMBER if ($c =~ /[0-9]/);
39 $v|=$UPPER if ($c =~ /[A-Z]/);
40 $v|=$LOWER if ($c =~ /[a-z]/);
41 $v|=$UNDER if ($c =~ /_/);
42 $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
43 $v|=$WS if ($c =~ /[ \t\r\n]/);
44 $v|=$DQUOTE if ($c =~ /["]/); # for emacs: "}/)
45 $v|=$FCOMMENT if ($c =~ /;/);
46 $v|=$EOF if ($c =~ /\0/);
47
48 push(@V_w32,$v);
49 }
50
51print <<"EOF";
52/* crypto/conf/conf_def.h */
53/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com)
54 * All rights reserved.
55 *
56 * This package is an SSL implementation written
57 * by Eric Young (eay\@cryptsoft.com).
58 * The implementation was written so as to conform with Netscapes SSL.
59 *
60 * This library is free for commercial and non-commercial use as long as
61 * the following conditions are aheared to. The following conditions
62 * apply to all code found in this distribution, be it the RC4, RSA,
63 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
64 * included with this distribution is covered by the same copyright terms
65 * except that the holder is Tim Hudson (tjh\@cryptsoft.com).
66 *
67 * Copyright remains Eric Young's, and as such any Copyright notices in
68 * the code are not to be removed.
69 * If this package is used in a product, Eric Young should be given attribution
70 * as the author of the parts of the library used.
71 * This can be in the form of a textual message at program startup or
72 * in documentation (online or textual) provided with the package.
73 *
74 * Redistribution and use in source and binary forms, with or without
75 * modification, are permitted provided that the following conditions
76 * are met:
77 * 1. Redistributions of source code must retain the copyright
78 * notice, this list of conditions and the following disclaimer.
79 * 2. Redistributions in binary form must reproduce the above copyright
80 * notice, this list of conditions and the following disclaimer in the
81 * documentation and/or other materials provided with the distribution.
82 * 3. All advertising materials mentioning features or use of this software
83 * must display the following acknowledgement:
84 * "This product includes cryptographic software written by
85 * Eric Young (eay\@cryptsoft.com)"
86 * The word 'cryptographic' can be left out if the rouines from the library
87 * being used are not cryptographic related :-).
88 * 4. If you include any Windows specific code (or a derivative thereof) from
89 * the apps directory (application code) you must include an acknowledgement:
90 * "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
93 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
95 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
96 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
97 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
98 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
100 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
101 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
102 * SUCH DAMAGE.
103 *
104 * The licence and distribution terms for any publically available version or
105 * derivative of this code cannot be changed. i.e. this code cannot simply be
106 * copied and put under another distribution licence
107 * [including the GNU Public Licence.]
108 */
109
110/* THIS FILE WAS AUTOMAGICALLY GENERATED!
111 Please modify and use keysets.pl to regenerate it. */
112
113#define CONF_NUMBER $NUMBER
114#define CONF_UPPER $UPPER
115#define CONF_LOWER $LOWER
116#define CONF_UNDER $UNDER
117#define CONF_PUNCTUATION $PUNCTUATION
118#define CONF_WS $WS
119#define CONF_ESC $ESC
120#define CONF_QUOTE $QUOTE
121#define CONF_DQUOTE $DQUOTE
122#define CONF_COMMENT $COMMENT
123#define CONF_FCOMMENT $FCOMMENT
124#define CONF_EOF $EOF
125#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
126#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
127#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\
128 CONF_PUNCTUATION)
129
130#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
131#ifndef CHARSET_EBCDIC
132#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_COMMENT)
133#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_FCOMMENT)
134#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_EOF)
135#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ESC)
136#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_NUMBER)
137#define IS_WS(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_WS)
138#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC)
139#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
140 (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
141#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_QUOTE)
142#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_DQUOTE)
143
144#else /*CHARSET_EBCDIC*/
145
146#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_COMMENT)
147#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_FCOMMENT)
148#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_EOF)
149#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ESC)
150#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_NUMBER)
151#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_WS)
152#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC)
153#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
154 (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
155#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_QUOTE)
156#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_DQUOTE)
157#endif /*CHARSET_EBCDIC*/
158
159EOF
160
161print "static unsigned short CONF_type_default[128]={";
162
163for ($i=0; $i<128; $i++)
164 {
165 print "\n\t" if ($i % 8) == 0;
166 printf "0x%03X,",$V_def[$i];
167 }
168
169print "\n\t};\n\n";
170
171print "static unsigned short CONF_type_win32[128]={";
172
173for ($i=0; $i<128; $i++)
174 {
175 print "\n\t" if ($i % 8) == 0;
176 printf "0x%03X,",$V_w32[$i];
177 }
178
179print "\n\t};\n\n";
diff --git a/src/lib/libcrypto/conf/ssleay.cnf b/src/lib/libcrypto/conf/ssleay.cnf
deleted file mode 100644
index ed33af601e..0000000000
--- a/src/lib/libcrypto/conf/ssleay.cnf
+++ /dev/null
@@ -1,78 +0,0 @@
1#
2# This is a test configuration file for use in SSLeay etc...
3#
4
5init = 5
6in\#it1 =10
7init2='10'
8init3='10\''
9init4="10'"
10init5='='10\'' again'
11
12SSLeay::version = 0.5.0
13
14[genrsa]
15default_bits = 512
16SSLEAY::version = 0.5.0
17
18[gendh]
19default_bits = 512
20def_generator = 2
21
22[s_client]
23cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
24cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
25cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
26cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
27
28[ default ]
29cert_dir = $ENV::HOME/.ca_certs
30
31HOME = /tmp/eay
32
33tmp_cert_dir = $HOME/.ca_certs
34tmp2_cert_dir = thisis$(HOME)stuff
35
36LOGNAME = Eric Young (home=$HOME)
37
38[ special ]
39
40H=$HOME
41H=$default::HOME
42H=$ENV::HOME
43#
44# SSLeay example configuration file.
45# This is mostly being used for generation of certificate requests.
46#
47
48RANDFILE = $HOME/.rand
49
50[ req ]
51default_bits = 512
52default_keyfile = privkey.pem
53
54Attribute_type_1 = countryName
55Attribute_text_1 = Country Name (2 letter code)
56Attribute_default_1 = AU
57
58Attribute_type_2 = stateOrProvinceName
59Attribute_text_2 = State or Province Name (full name)
60Attribute_default_2 = Queensland
61
62Attribute_type_3 = localityName
63Attribute_text_3 = Locality Name (eg, city)
64
65Attribute_type_4 = organizationName
66Attribute_text_4 = Organization Name (eg, company)
67Attribute_default_4 = Mincom Pty Ltd
68
69Attribute_type_5 = organizationalUnitName
70Attribute_text_5 = Organizational Unit Name (eg, section)
71Attribute_default_5 = TR
72
73Attribute_type_6 = commonName
74Attribute_text_6 = Common Name (eg, YOUR name)
75
76Attribute_type_7 = emailAddress
77Attribute_text_7 = Email Address
78
diff --git a/src/lib/libcrypto/cpt_err.c b/src/lib/libcrypto/cpt_err.c
deleted file mode 100644
index 7018b74ca0..0000000000
--- a/src/lib/libcrypto/cpt_err.c
+++ /dev/null
@@ -1,97 +0,0 @@
1/* crypto/cpt_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/crypto.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA CRYPTO_str_functs[]=
68 {
69{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0), "CRYPTO_get_ex_new_index"},
70{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0), "CRYPTO_get_new_dynlockid"},
71{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0), "CRYPTO_get_new_lockid"},
72{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0), "CRYPTO_set_ex_data"},
73{0,NULL}
74 };
75
76static ERR_STRING_DATA CRYPTO_str_reasons[]=
77 {
78{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK ,"no dynlock create callback"},
79{0,NULL}
80 };
81
82#endif
83
84void ERR_load_CRYPTO_strings(void)
85 {
86 static int init=1;
87
88 if (init)
89 {
90 init=0;
91#ifndef NO_ERR
92 ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
93 ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons);
94#endif
95
96 }
97 }
diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c
deleted file mode 100644
index a7a9262133..0000000000
--- a/src/lib/libcrypto/cryptlib.c
+++ /dev/null
@@ -1,489 +0,0 @@
1/* crypto/cryptlib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include "cryptlib.h"
62#include <openssl/crypto.h>
63#include <openssl/safestack.h>
64
65#if defined(WIN32) || defined(WIN16)
66static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
67#endif
68
69DECLARE_STACK_OF(CRYPTO_dynlock)
70IMPLEMENT_STACK_OF(CRYPTO_dynlock)
71
72/* real #defines in crypto.h, keep these upto date */
73static const char* lock_names[CRYPTO_NUM_LOCKS] =
74 {
75 "<<ERROR>>",
76 "err",
77 "err_hash",
78 "x509",
79 "x509_info",
80 "x509_pkey",
81 "x509_crl",
82 "x509_req",
83 "dsa",
84 "rsa",
85 "evp_pkey",
86 "x509_store",
87 "ssl_ctx",
88 "ssl_cert",
89 "ssl_session",
90 "ssl_sess_cert",
91 "ssl",
92 "rand",
93 "debug_malloc",
94 "BIO",
95 "gethostbyname",
96 "getservbyname",
97 "readdir",
98 "RSA_blinding",
99 "dh",
100 "debug_malloc2",
101 "dso",
102 "dynlock",
103 "engine",
104#if CRYPTO_NUM_LOCKS != 29
105# error "Inconsistency between crypto.h and cryptlib.c"
106#endif
107 };
108
109/* This is for applications to allocate new type names in the non-dynamic
110 array of lock names. These are numbered with positive numbers. */
111static STACK *app_locks=NULL;
112
113/* For applications that want a more dynamic way of handling threads, the
114 following stack is used. These are externally numbered with negative
115 numbers. */
116static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
117
118
119static void (MS_FAR *locking_callback)(int mode,int type,
120 const char *file,int line)=NULL;
121static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
122 int type,const char *file,int line)=NULL;
123static unsigned long (MS_FAR *id_callback)(void)=NULL;
124static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
125 (const char *file,int line)=NULL;
126static void (MS_FAR *dynlock_lock_callback)(int mode,
127 struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
128static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
129 const char *file,int line)=NULL;
130
131int CRYPTO_get_new_lockid(char *name)
132 {
133 char *str;
134 int i;
135
136 /* A hack to make Visual C++ 5.0 work correctly when linking as
137 * a DLL using /MT. Without this, the application cannot use
138 * and floating point printf's.
139 * It also seems to be needed for Visual C 1.5 (win16) */
140#if defined(WIN32) || defined(WIN16)
141 SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
142#endif
143
144 if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
145 {
146 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
147 return(0);
148 }
149 if ((str=BUF_strdup(name)) == NULL)
150 {
151 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
152 return(0);
153 }
154 i=sk_push(app_locks,str);
155 if (!i)
156 OPENSSL_free(str);
157 else
158 i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
159 return(i);
160 }
161
162int CRYPTO_num_locks(void)
163 {
164 return CRYPTO_NUM_LOCKS;
165 }
166
167int CRYPTO_get_new_dynlockid(void)
168 {
169 int i = 0;
170 CRYPTO_dynlock *pointer = NULL;
171
172 if (dynlock_create_callback == NULL)
173 {
174 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
175 return(0);
176 }
177 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
178 if ((dyn_locks == NULL)
179 && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
180 {
181 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
182 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
183 return(0);
184 }
185 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
186
187 pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
188 if (pointer == NULL)
189 {
190 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
191 return(0);
192 }
193 pointer->references = 1;
194 pointer->data = dynlock_create_callback(__FILE__,__LINE__);
195 if (pointer->data == NULL)
196 {
197 OPENSSL_free(pointer);
198 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
199 return(0);
200 }
201
202 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
203 /* First, try to find an existing empty slot */
204 i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
205 /* If there was none, push, thereby creating a new one */
206 if (i == -1)
207 i=sk_CRYPTO_dynlock_push(dyn_locks,pointer);
208 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
209
210 if (!i)
211 {
212 dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
213 OPENSSL_free(pointer);
214 }
215 else
216 i += 1; /* to avoid 0 */
217 return -i;
218 }
219
220void CRYPTO_destroy_dynlockid(int i)
221 {
222 CRYPTO_dynlock *pointer = NULL;
223 if (i)
224 i = -i-1;
225 if (dynlock_destroy_callback == NULL)
226 return;
227
228 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
229
230 if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks))
231 return;
232 pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
233 if (pointer != NULL)
234 {
235 --pointer->references;
236#ifdef REF_CHECK
237 if (pointer->references < 0)
238 {
239 fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n");
240 abort();
241 }
242 else
243#endif
244 if (pointer->references <= 0)
245 {
246 sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
247 }
248 else
249 pointer = NULL;
250 }
251 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
252
253 if (pointer)
254 {
255 dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
256 OPENSSL_free(pointer);
257 }
258 }
259
260struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
261 {
262 CRYPTO_dynlock *pointer = NULL;
263 if (i)
264 i = -i-1;
265
266 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
267
268 if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
269 pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
270 if (pointer)
271 pointer->references++;
272
273 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
274
275 if (pointer)
276 return pointer->data;
277 return NULL;
278 }
279
280struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
281 (const char *file,int line)
282 {
283 return(dynlock_create_callback);
284 }
285
286void (*CRYPTO_get_dynlock_lock_callback(void))(int mode,
287 struct CRYPTO_dynlock_value *l, const char *file,int line)
288 {
289 return(dynlock_lock_callback);
290 }
291
292void (*CRYPTO_get_dynlock_destroy_callback(void))
293 (struct CRYPTO_dynlock_value *l, const char *file,int line)
294 {
295 return(dynlock_destroy_callback);
296 }
297
298void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
299 (const char *file, int line))
300 {
301 dynlock_create_callback=func;
302 }
303
304void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
305 struct CRYPTO_dynlock_value *l, const char *file, int line))
306 {
307 dynlock_lock_callback=func;
308 }
309
310void CRYPTO_set_dynlock_destroy_callback(void (*func)
311 (struct CRYPTO_dynlock_value *l, const char *file, int line))
312 {
313 dynlock_destroy_callback=func;
314 }
315
316
317void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
318 int line)
319 {
320 return(locking_callback);
321 }
322
323int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
324 const char *file,int line)
325 {
326 return(add_lock_callback);
327 }
328
329void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
330 const char *file,int line))
331 {
332 locking_callback=func;
333 }
334
335void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
336 const char *file,int line))
337 {
338 add_lock_callback=func;
339 }
340
341unsigned long (*CRYPTO_get_id_callback(void))(void)
342 {
343 return(id_callback);
344 }
345
346void CRYPTO_set_id_callback(unsigned long (*func)(void))
347 {
348 id_callback=func;
349 }
350
351unsigned long CRYPTO_thread_id(void)
352 {
353 unsigned long ret=0;
354
355 if (id_callback == NULL)
356 {
357#ifdef WIN16
358 ret=(unsigned long)GetCurrentTask();
359#elif defined(WIN32)
360 ret=(unsigned long)GetCurrentThreadId();
361#elif defined(GETPID_IS_MEANINGLESS)
362 ret=1L;
363#else
364 ret=(unsigned long)getpid();
365#endif
366 }
367 else
368 ret=id_callback();
369 return(ret);
370 }
371
372void CRYPTO_lock(int mode, int type, const char *file, int line)
373 {
374#ifdef LOCK_DEBUG
375 {
376 char *rw_text,*operation_text;
377
378 if (mode & CRYPTO_LOCK)
379 operation_text="lock ";
380 else if (mode & CRYPTO_UNLOCK)
381 operation_text="unlock";
382 else
383 operation_text="ERROR ";
384
385 if (mode & CRYPTO_READ)
386 rw_text="r";
387 else if (mode & CRYPTO_WRITE)
388 rw_text="w";
389 else
390 rw_text="ERROR";
391
392 fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
393 CRYPTO_thread_id(), rw_text, operation_text,
394 CRYPTO_get_lock_name(type), file, line);
395 }
396#endif
397 if (type < 0)
398 {
399 struct CRYPTO_dynlock_value *pointer
400 = CRYPTO_get_dynlock_value(type);
401
402 if (pointer && dynlock_lock_callback)
403 {
404 dynlock_lock_callback(mode, pointer, file, line);
405 }
406
407 CRYPTO_destroy_dynlockid(type);
408 }
409 else
410 if (locking_callback != NULL)
411 locking_callback(mode,type,file,line);
412 }
413
414int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
415 int line)
416 {
417 int ret = 0;
418
419 if (add_lock_callback != NULL)
420 {
421#ifdef LOCK_DEBUG
422 int before= *pointer;
423#endif
424
425 ret=add_lock_callback(pointer,amount,type,file,line);
426#ifdef LOCK_DEBUG
427 fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
428 CRYPTO_thread_id(),
429 before,amount,ret,
430 CRYPTO_get_lock_name(type),
431 file,line);
432#endif
433 }
434 else
435 {
436 CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
437
438 ret= *pointer+amount;
439#ifdef LOCK_DEBUG
440 fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
441 CRYPTO_thread_id(),
442 *pointer,amount,ret,
443 CRYPTO_get_lock_name(type),
444 file,line);
445#endif
446 *pointer=ret;
447 CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
448 }
449 return(ret);
450 }
451
452const char *CRYPTO_get_lock_name(int type)
453 {
454 if (type < 0)
455 return("dynamic");
456 else if (type < CRYPTO_NUM_LOCKS)
457 return(lock_names[type]);
458 else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks))
459 return("ERROR");
460 else
461 return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
462 }
463
464#ifdef _DLL
465#ifdef WIN32
466
467/* All we really need to do is remove the 'error' state when a thread
468 * detaches */
469
470BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
471 LPVOID lpvReserved)
472 {
473 switch(fdwReason)
474 {
475 case DLL_PROCESS_ATTACH:
476 break;
477 case DLL_THREAD_ATTACH:
478 break;
479 case DLL_THREAD_DETACH:
480 ERR_remove_state(0);
481 break;
482 case DLL_PROCESS_DETACH:
483 break;
484 }
485 return(TRUE);
486 }
487#endif
488
489#endif
diff --git a/src/lib/libcrypto/cryptlib.h b/src/lib/libcrypto/cryptlib.h
deleted file mode 100644
index 5eff5d3141..0000000000
--- a/src/lib/libcrypto/cryptlib.h
+++ /dev/null
@@ -1,96 +0,0 @@
1/* crypto/cryptlib.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_CRYPTLIB_H
60#define HEADER_CRYPTLIB_H
61
62#include <stdlib.h>
63#include <string.h>
64
65#include "openssl/e_os.h"
66
67#include <openssl/crypto.h>
68#include <openssl/buffer.h>
69#include <openssl/bio.h>
70#include <openssl/err.h>
71#include <openssl/opensslconf.h>
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
77#ifndef VMS
78#define X509_CERT_AREA OPENSSLDIR
79#define X509_CERT_DIR OPENSSLDIR "/certs"
80#define X509_CERT_FILE OPENSSLDIR "/cert.pem"
81#define X509_PRIVATE_DIR OPENSSLDIR "/private"
82#else
83#define X509_CERT_AREA "SSLROOT:[000000]"
84#define X509_CERT_DIR "SSLCERTS:"
85#define X509_CERT_FILE "SSLCERTS:cert.pem"
86#define X509_PRIVATE_DIR "SSLPRIVATE:"
87#endif
88
89#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
90#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
91
92#ifdef __cplusplus
93}
94#endif
95
96#endif
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
deleted file mode 100644
index 9257673279..0000000000
--- a/src/lib/libcrypto/crypto.h
+++ /dev/null
@@ -1,403 +0,0 @@
1/* crypto/crypto.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_CRYPTO_H
60#define HEADER_CRYPTO_H
61
62#include <stdlib.h>
63
64#ifndef NO_FP_API
65#include <stdio.h>
66#endif
67
68#include <openssl/stack.h>
69#include <openssl/safestack.h>
70#include <openssl/opensslv.h>
71
72#ifdef CHARSET_EBCDIC
73#include <openssl/ebcdic.h>
74#endif
75
76/* Resolve problems on some operating systems with symbol names that clash
77 one way or another */
78#include <openssl/symhacks.h>
79
80#ifdef __cplusplus
81extern "C" {
82#endif
83
84/* Backward compatibility to SSLeay */
85/* This is more to be used to check the correct DLL is being used
86 * in the MS world. */
87#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
88#define SSLEAY_VERSION 0
89/* #define SSLEAY_OPTIONS 1 no longer supported */
90#define SSLEAY_CFLAGS 2
91#define SSLEAY_BUILT_ON 3
92#define SSLEAY_PLATFORM 4
93
94/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
95 * names in cryptlib.c
96 */
97
98#define CRYPTO_LOCK_ERR 1
99#define CRYPTO_LOCK_ERR_HASH 2
100#define CRYPTO_LOCK_X509 3
101#define CRYPTO_LOCK_X509_INFO 4
102#define CRYPTO_LOCK_X509_PKEY 5
103#define CRYPTO_LOCK_X509_CRL 6
104#define CRYPTO_LOCK_X509_REQ 7
105#define CRYPTO_LOCK_DSA 8
106#define CRYPTO_LOCK_RSA 9
107#define CRYPTO_LOCK_EVP_PKEY 10
108#define CRYPTO_LOCK_X509_STORE 11
109#define CRYPTO_LOCK_SSL_CTX 12
110#define CRYPTO_LOCK_SSL_CERT 13
111#define CRYPTO_LOCK_SSL_SESSION 14
112#define CRYPTO_LOCK_SSL_SESS_CERT 15
113#define CRYPTO_LOCK_SSL 16
114#define CRYPTO_LOCK_RAND 17
115#define CRYPTO_LOCK_MALLOC 18
116#define CRYPTO_LOCK_BIO 19
117#define CRYPTO_LOCK_GETHOSTBYNAME 20
118#define CRYPTO_LOCK_GETSERVBYNAME 21
119#define CRYPTO_LOCK_READDIR 22
120#define CRYPTO_LOCK_RSA_BLINDING 23
121#define CRYPTO_LOCK_DH 24
122#define CRYPTO_LOCK_MALLOC2 25
123#define CRYPTO_LOCK_DSO 26
124#define CRYPTO_LOCK_DYNLOCK 27
125#define CRYPTO_LOCK_ENGINE 28
126#define CRYPTO_NUM_LOCKS 29
127
128#define CRYPTO_LOCK 1
129#define CRYPTO_UNLOCK 2
130#define CRYPTO_READ 4
131#define CRYPTO_WRITE 8
132
133#ifndef NO_LOCKING
134#ifndef CRYPTO_w_lock
135#define CRYPTO_w_lock(type) \
136 CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
137#define CRYPTO_w_unlock(type) \
138 CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
139#define CRYPTO_r_lock(type) \
140 CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
141#define CRYPTO_r_unlock(type) \
142 CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
143#define CRYPTO_add(addr,amount,type) \
144 CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
145#endif
146#else
147#define CRYPTO_w_lock(a)
148#define CRYPTO_w_unlock(a)
149#define CRYPTO_r_lock(a)
150#define CRYPTO_r_unlock(a)
151#define CRYPTO_add(a,b,c) ((*(a))+=(b))
152#endif
153
154/* Some applications as well as some parts of OpenSSL need to allocate
155 and deallocate locks in a dynamic fashion. The following typedef
156 makes this possible in a type-safe manner. */
157/* struct CRYPTO_dynlock_value has to be defined by the application. */
158typedef struct
159 {
160 int references;
161 struct CRYPTO_dynlock_value *data;
162 } CRYPTO_dynlock;
163
164
165/* The following can be used to detect memory leaks in the SSLeay library.
166 * It used, it turns on malloc checking */
167
168#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */
169#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */
170#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */
171#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */
172
173/* The following are bit values to turn on or off options connected to the
174 * malloc checking functionality */
175
176/* Adds time to the memory checking information */
177#define V_CRYPTO_MDEBUG_TIME 0x1 /* a bit */
178/* Adds thread number to the memory checking information */
179#define V_CRYPTO_MDEBUG_THREAD 0x2 /* a bit */
180
181#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
182
183
184/* predec of the BIO type */
185typedef struct bio_st BIO_dummy;
186
187typedef struct crypto_ex_data_st
188 {
189 STACK *sk;
190 int dummy; /* gcc is screwing up this data structure :-( */
191 } CRYPTO_EX_DATA;
192
193/* Called when a new object is created */
194typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
195 int idx, long argl, void *argp);
196/* Called when an object is free()ed */
197typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
198 int idx, long argl, void *argp);
199/* Called when we need to dup an object */
200typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
201 int idx, long argl, void *argp);
202
203/* This stuff is basically class callback functions
204 * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
205
206typedef struct crypto_ex_data_func_st
207 {
208 long argl; /* Arbitary long */
209 void *argp; /* Arbitary void * */
210 CRYPTO_EX_new *new_func;
211 CRYPTO_EX_free *free_func;
212 CRYPTO_EX_dup *dup_func;
213 } CRYPTO_EX_DATA_FUNCS;
214
215DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
216
217/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
218 * entry.
219 */
220
221#define CRYPTO_EX_INDEX_BIO 0
222#define CRYPTO_EX_INDEX_SSL 1
223#define CRYPTO_EX_INDEX_SSL_CTX 2
224#define CRYPTO_EX_INDEX_SSL_SESSION 3
225#define CRYPTO_EX_INDEX_X509_STORE 4
226#define CRYPTO_EX_INDEX_X509_STORE_CTX 5
227
228
229/* This is the default callbacks, but we can have others as well:
230 * this is needed in Win32 where the application malloc and the
231 * library malloc may not be the same.
232 */
233#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
234 malloc, realloc, free)
235
236#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
237# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
238# define CRYPTO_MDEBUG
239# endif
240#endif
241
242/* Set standard debugging functions (not done by default
243 * unless CRYPTO_MDEBUG is defined) */
244#define CRYPTO_malloc_debug_init() do {\
245 CRYPTO_set_mem_debug_functions(\
246 CRYPTO_dbg_malloc,\
247 CRYPTO_dbg_realloc,\
248 CRYPTO_dbg_free,\
249 CRYPTO_dbg_set_options,\
250 CRYPTO_dbg_get_options);\
251 } while(0)
252
253int CRYPTO_mem_ctrl(int mode);
254int CRYPTO_is_mem_check_on(void);
255
256/* for applications */
257#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
258#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
259
260/* for library-internal use */
261#define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
262#define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
263#define is_MemCheck_on() CRYPTO_is_mem_check_on()
264
265#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
266#define OPENSSL_realloc(addr,num) \
267 CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
268#define OPENSSL_remalloc(addr,num) \
269 CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
270#define OPENSSL_freeFunc CRYPTO_free
271#define OPENSSL_free(addr) CRYPTO_free(addr)
272
273#define OPENSSL_malloc_locked(num) \
274 CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
275#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
276
277
278const char *SSLeay_version(int type);
279unsigned long SSLeay(void);
280
281int OPENSSL_issetugid(void);
282
283int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp,
284 CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
285int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
286void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx);
287int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to,
288 CRYPTO_EX_DATA *from);
289void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad);
290void CRYPTO_new_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad);
291
292int CRYPTO_get_new_lockid(char *name);
293
294int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
295void CRYPTO_lock(int mode, int type,const char *file,int line);
296void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
297 const char *file,int line));
298void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
299 int line);
300void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
301 const char *file, int line));
302int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
303 const char *file,int line);
304void CRYPTO_set_id_callback(unsigned long (*func)(void));
305unsigned long (*CRYPTO_get_id_callback(void))(void);
306unsigned long CRYPTO_thread_id(void);
307const char *CRYPTO_get_lock_name(int type);
308int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
309 int line);
310
311int CRYPTO_get_new_dynlockid(void);
312void CRYPTO_destroy_dynlockid(int i);
313struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
314void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
315void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
316void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
317struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line);
318void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line);
319void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line);
320
321/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
322 * call the latter last if you need different functions */
323int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
324int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
325int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
326 void (*r)(void *,void *,int,const char *,int,int),
327 void (*f)(void *,int),
328 void (*so)(long),
329 long (*go)(void));
330void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
331void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
332void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
333 void (**r)(void *,void *,int,const char *,int,int),
334 void (**f)(void *,int),
335 void (**so)(long),
336 long (**go)(void));
337
338void *CRYPTO_malloc_locked(int num, const char *file, int line);
339void CRYPTO_free_locked(void *);
340void *CRYPTO_malloc(int num, const char *file, int line);
341void CRYPTO_free(void *);
342void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
343void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
344
345void CRYPTO_set_mem_debug_options(long bits);
346long CRYPTO_get_mem_debug_options(void);
347
348#define CRYPTO_push_info(info) \
349 CRYPTO_push_info_(info, __FILE__, __LINE__);
350int CRYPTO_push_info_(const char *info, const char *file, int line);
351int CRYPTO_pop_info(void);
352int CRYPTO_remove_all_info(void);
353
354/* The last argument has the following significance:
355 *
356 * 0: called before the actual memory allocation has taken place
357 * 1: called after the actual memory allocation has taken place
358 */
359void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
360void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
361void CRYPTO_dbg_free(void *addr,int before_p);
362
363/* Tell the debugging code about options. By default, the following values
364 * apply:
365 *
366 * 0: Clear all options.
367 * 1: Set the "Show Time" option.
368 * 2: Set the "Show Thread Number" option.
369 * 3: 1 + 2
370 */
371void CRYPTO_dbg_set_options(long bits);
372long CRYPTO_dbg_get_options(void);
373
374#ifndef NO_FP_API
375void CRYPTO_mem_leaks_fp(FILE *);
376#endif
377void CRYPTO_mem_leaks(struct bio_st *bio);
378/* unsigned long order, char *file, int line, int num_bytes, char *addr */
379void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *));
380
381void ERR_load_CRYPTO_strings(void);
382
383/* BEGIN ERROR CODES */
384/* The following lines are auto generated by the script mkerr.pl. Any changes
385 * made after this point may be overwritten when the script is next run.
386 */
387
388/* Error codes for the CRYPTO functions. */
389
390/* Function codes. */
391#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
392#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
393#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
394#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
395
396/* Reason codes. */
397#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
398
399#ifdef __cplusplus
400}
401#endif
402#endif
403
diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c
deleted file mode 100644
index affdfca98f..0000000000
--- a/src/lib/libcrypto/cversion.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/cversion.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include "cryptlib.h"
62#include <openssl/crypto.h>
63
64#ifndef NO_WINDOWS_BRAINDEATH
65#include "buildinf.h"
66#endif
67
68const char *SSLeay_version(int t)
69 {
70 if (t == SSLEAY_VERSION)
71 return OPENSSL_VERSION_TEXT;
72 if (t == SSLEAY_BUILT_ON)
73 {
74#ifdef DATE
75 static char buf[sizeof(DATE)+11];
76
77 sprintf(buf,"built on: %s",DATE);
78 return(buf);
79#else
80 return("built on: date not available");
81#endif
82 }
83 if (t == SSLEAY_CFLAGS)
84 {
85#ifdef CFLAGS
86 static char buf[sizeof(CFLAGS)+11];
87
88 sprintf(buf,"compiler: %s",CFLAGS);
89 return(buf);
90#else
91 return("compiler: information not available");
92#endif
93 }
94 if (t == SSLEAY_PLATFORM)
95 {
96#ifdef PLATFORM
97 static char buf[sizeof(PLATFORM)+11];
98
99 sprintf(buf,"platform: %s", PLATFORM);
100 return(buf);
101#else
102 return("platform: information not available");
103#endif
104 }
105 return("not available");
106 }
107
108unsigned long SSLeay(void)
109 {
110 return(SSLEAY_VERSION_NUMBER);
111 }
112
diff --git a/src/lib/libcrypto/des/COPYRIGHT b/src/lib/libcrypto/des/COPYRIGHT
deleted file mode 100644
index 5469e1e469..0000000000
--- a/src/lib/libcrypto/des/COPYRIGHT
+++ /dev/null
@@ -1,50 +0,0 @@
1Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
2All rights reserved.
3
4This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
5The implementation was written so as to conform with MIT's libdes.
6
7This library is free for commercial and non-commercial use as long as
8the following conditions are aheared to. The following conditions
9apply to all code found in this distribution.
10
11Copyright remains Eric Young's, and as such any Copyright notices in
12the code are not to be removed.
13If this package is used in a product, Eric Young should be given attribution
14as the author of that the SSL library. This can be in the form of a textual
15message at program startup or in documentation (online or textual) provided
16with the package.
17
18Redistribution and use in source and binary forms, with or without
19modification, are permitted provided that the following conditions
20are met:
211. Redistributions of source code must retain the copyright
22 notice, this list of conditions and the following disclaimer.
232. Redistributions in binary form must reproduce the above copyright
24 notice, this list of conditions and the following disclaimer in the
25 documentation and/or other materials provided with the distribution.
263. All advertising materials mentioning features or use of this software
27 must display the following acknowledgement:
28 This product includes software developed by Eric Young (eay@cryptsoft.com)
29
30THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
31ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
34FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40SUCH DAMAGE.
41
42The license and distribution terms for any publically available version or
43derivative of this code cannot be changed. i.e. this code cannot simply be
44copied and put under another distrubution license
45[including the GNU Public License.]
46
47The reason behind this being stated in this direct manner is past
48experience in code simply being copied and the attribution removed
49from it and then being distributed as part of other packages. This
50implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl
deleted file mode 100644
index 197c413ea6..0000000000
--- a/src/lib/libcrypto/des/asm/crypt586.pl
+++ /dev/null
@@ -1,204 +0,0 @@
1#!/usr/local/bin/perl
2#
3# The inner loop instruction sequence and the IP/FP modifications are from
4# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
5# I've added the stuff needed for crypt() but I've not worried about making
6# things perfect.
7#
8
9push(@INC,"perlasm","../../perlasm");
10require "x86asm.pl";
11
12&asm_init($ARGV[0],"crypt586.pl");
13
14$L="edi";
15$R="esi";
16
17&external_label("des_SPtrans");
18&fcrypt_body("fcrypt_body");
19&asm_finish();
20
21sub fcrypt_body
22 {
23 local($name,$do_ip)=@_;
24
25 &function_begin($name,"EXTRN _des_SPtrans:DWORD");
26
27 &comment("");
28 &comment("Load the 2 words");
29 $ks="ebp";
30
31 &xor( $L, $L);
32 &xor( $R, $R);
33 &mov($ks,&wparam(1));
34
35 &push(&DWC(25)); # add a variable
36
37 &set_label("start");
38 for ($i=0; $i<16; $i+=2)
39 {
40 &comment("");
41 &comment("Round $i");
42 &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
43
44 &comment("");
45 &comment("Round ".sprintf("%d",$i+1));
46 &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
47 }
48 &mov("ebx", &swtmp(0));
49 &mov("eax", $L);
50 &dec("ebx");
51 &mov($L, $R);
52 &mov($R, "eax");
53 &mov(&swtmp(0), "ebx");
54 &jnz(&label("start"));
55
56 &comment("");
57 &comment("FP");
58 &mov("edx",&wparam(0));
59
60 &FP_new($R,$L,"eax",3);
61 &mov(&DWP(0,"edx","",0),"eax");
62 &mov(&DWP(4,"edx","",0),$L);
63
64 &pop("ecx"); # remove variable
65
66 &function_end($name);
67 }
68
69sub D_ENCRYPT
70 {
71 local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
72
73 &mov( $u, &wparam(2)); # 2
74 &mov( $t, $R);
75 &shr( $t, 16); # 1
76 &mov( $tmp2, &wparam(3)); # 2
77 &xor( $t, $R); # 1
78
79 &and( $u, $t); # 2
80 &and( $t, $tmp2); # 2
81
82 &mov( $tmp1, $u);
83 &shl( $tmp1, 16); # 1
84 &mov( $tmp2, $t);
85 &shl( $tmp2, 16); # 1
86 &xor( $u, $tmp1); # 2
87 &xor( $t, $tmp2); # 2
88 &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2
89 &xor( $u, $tmp1);
90 &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2
91 &xor( $u, $R);
92 &xor( $t, $R);
93 &xor( $t, $tmp2);
94
95 &and( $u, "0xfcfcfcfc" ); # 2
96 &xor( $tmp1, $tmp1); # 1
97 &and( $t, "0xcfcfcfcf" ); # 2
98 &xor( $tmp2, $tmp2);
99 &movb( &LB($tmp1), &LB($u) );
100 &movb( &LB($tmp2), &HB($u) );
101 &rotr( $t, 4 );
102 &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
103 &movb( &LB($tmp1), &LB($t) );
104 &xor( $L, $ks);
105 &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
106 &xor( $L, $ks);
107 &movb( &LB($tmp2), &HB($t) );
108 &shr( $u, 16);
109 &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
110 &xor( $L, $ks);
111 &movb( &LB($tmp1), &HB($u) );
112 &shr( $t, 16);
113 &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
114 &xor( $L, $ks);
115 &mov( $ks, &wparam(1));
116 &movb( &LB($tmp2), &HB($t) );
117 &and( $u, "0xff" );
118 &and( $t, "0xff" );
119 &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
120 &xor( $L, $tmp1);
121 &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
122 &xor( $L, $tmp1);
123 &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
124 &xor( $L, $tmp1);
125 &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
126 &xor( $L, $tmp1);
127 }
128
129sub n2a
130 {
131 sprintf("%d",$_[0]);
132 }
133
134# now has a side affect of rotating $a by $shift
135sub R_PERM_OP
136 {
137 local($a,$b,$tt,$shift,$mask,$last)=@_;
138
139 &rotl( $a, $shift ) if ($shift != 0);
140 &mov( $tt, $a );
141 &xor( $a, $b );
142 &and( $a, $mask );
143 if ($notlast eq $b)
144 {
145 &xor( $b, $a );
146 &xor( $tt, $a );
147 }
148 else
149 {
150 &xor( $tt, $a );
151 &xor( $b, $a );
152 }
153 &comment("");
154 }
155
156sub IP_new
157 {
158 local($l,$r,$tt,$lr)=@_;
159
160 &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
161 &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
162 &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
163 &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
164 &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
165
166 if ($lr != 3)
167 {
168 if (($lr-3) < 0)
169 { &rotr($tt, 3-$lr); }
170 else { &rotl($tt, $lr-3); }
171 }
172 if ($lr != 2)
173 {
174 if (($lr-2) < 0)
175 { &rotr($r, 2-$lr); }
176 else { &rotl($r, $lr-2); }
177 }
178 }
179
180sub FP_new
181 {
182 local($l,$r,$tt,$lr)=@_;
183
184 if ($lr != 2)
185 {
186 if (($lr-2) < 0)
187 { &rotl($r, 2-$lr); }
188 else { &rotr($r, $lr-2); }
189 }
190 if ($lr != 3)
191 {
192 if (($lr-3) < 0)
193 { &rotl($l, 3-$lr); }
194 else { &rotr($l, $lr-3); }
195 }
196
197 &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
198 &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
199 &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
200 &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
201 &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
202 &rotr($tt , 4);
203 }
204
diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl
deleted file mode 100644
index c890766bc9..0000000000
--- a/src/lib/libcrypto/des/asm/des-586.pl
+++ /dev/null
@@ -1,253 +0,0 @@
1#!/usr/local/bin/perl
2#
3# The inner loop instruction sequence and the IP/FP modifications are from
4# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
5#
6
7push(@INC,"perlasm","../../perlasm");
8require "x86asm.pl";
9require "cbc.pl";
10require "desboth.pl";
11
12# base code is in microsft
13# op dest, source
14# format.
15#
16
17&asm_init($ARGV[0],"des-586.pl");
18
19$L="edi";
20$R="esi";
21
22&external_label("des_SPtrans");
23&des_encrypt("des_encrypt1",1);
24&des_encrypt("des_encrypt2",0);
25&des_encrypt3("des_encrypt3",1);
26&des_encrypt3("des_decrypt3",0);
27&cbc("des_ncbc_encrypt","des_encrypt1","des_encrypt1",0,4,5,3,5,-1);
28&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
29
30&asm_finish();
31
32sub des_encrypt
33 {
34 local($name,$do_ip)=@_;
35
36 &function_begin_B($name,"EXTRN _des_SPtrans:DWORD");
37
38 &push("esi");
39 &push("edi");
40
41 &comment("");
42 &comment("Load the 2 words");
43 $ks="ebp";
44
45 if ($do_ip)
46 {
47 &mov($R,&wparam(0));
48 &xor( "ecx", "ecx" );
49
50 &push("ebx");
51 &push("ebp");
52
53 &mov("eax",&DWP(0,$R,"",0));
54 &mov("ebx",&wparam(2)); # get encrypt flag
55 &mov($L,&DWP(4,$R,"",0));
56 &comment("");
57 &comment("IP");
58 &IP_new("eax",$L,$R,3);
59 }
60 else
61 {
62 &mov("eax",&wparam(0));
63 &xor( "ecx", "ecx" );
64
65 &push("ebx");
66 &push("ebp");
67
68 &mov($R,&DWP(0,"eax","",0));
69 &mov("ebx",&wparam(2)); # get encrypt flag
70 &rotl($R,3);
71 &mov($L,&DWP(4,"eax","",0));
72 &rotl($L,3);
73 }
74
75 &mov( $ks, &wparam(1) );
76 &cmp("ebx","0");
77 &je(&label("start_decrypt"));
78
79 for ($i=0; $i<16; $i+=2)
80 {
81 &comment("");
82 &comment("Round $i");
83 &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
84
85 &comment("");
86 &comment("Round ".sprintf("%d",$i+1));
87 &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
88 }
89 &jmp(&label("end"));
90
91 &set_label("start_decrypt");
92
93 for ($i=15; $i>0; $i-=2)
94 {
95 &comment("");
96 &comment("Round $i");
97 &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
98 &comment("");
99 &comment("Round ".sprintf("%d",$i-1));
100 &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
101 }
102
103 &set_label("end");
104
105 if ($do_ip)
106 {
107 &comment("");
108 &comment("FP");
109 &mov("edx",&wparam(0));
110 &FP_new($L,$R,"eax",3);
111
112 &mov(&DWP(0,"edx","",0),"eax");
113 &mov(&DWP(4,"edx","",0),$R);
114 }
115 else
116 {
117 &comment("");
118 &comment("Fixup");
119 &rotr($L,3); # r
120 &mov("eax",&wparam(0));
121 &rotr($R,3); # l
122 &mov(&DWP(0,"eax","",0),$L);
123 &mov(&DWP(4,"eax","",0),$R);
124 }
125
126 &pop("ebp");
127 &pop("ebx");
128 &pop("edi");
129 &pop("esi");
130 &ret();
131
132 &function_end_B($name);
133 }
134
135sub D_ENCRYPT
136 {
137 local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
138
139 &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
140 &xor( $tmp1, $tmp1);
141 &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
142 &xor( $u, $R);
143 &xor( $t, $R);
144 &and( $u, "0xfcfcfcfc" );
145 &and( $t, "0xcfcfcfcf" );
146 &movb( &LB($tmp1), &LB($u) );
147 &movb( &LB($tmp2), &HB($u) );
148 &rotr( $t, 4 );
149 &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
150 &movb( &LB($tmp1), &LB($t) );
151 &xor( $L, $ks);
152 &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
153 &xor( $L, $ks); ######
154 &movb( &LB($tmp2), &HB($t) );
155 &shr( $u, 16);
156 &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
157 &xor( $L, $ks); ######
158 &movb( &LB($tmp1), &HB($u) );
159 &shr( $t, 16);
160 &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
161 &xor( $L, $ks);
162 &mov( $ks, &wparam(1) );
163 &movb( &LB($tmp2), &HB($t) );
164 &and( $u, "0xff" );
165 &and( $t, "0xff" );
166 &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
167 &xor( $L, $tmp1);
168 &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
169 &xor( $L, $tmp1);
170 &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
171 &xor( $L, $tmp1);
172 &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
173 &xor( $L, $tmp1);
174 }
175
176sub n2a
177 {
178 sprintf("%d",$_[0]);
179 }
180
181# now has a side affect of rotating $a by $shift
182sub R_PERM_OP
183 {
184 local($a,$b,$tt,$shift,$mask,$last)=@_;
185
186 &rotl( $a, $shift ) if ($shift != 0);
187 &mov( $tt, $a );
188 &xor( $a, $b );
189 &and( $a, $mask );
190 # This can never succeed, and besides it is difficult to see what the
191 # idea was - Ben 13 Feb 99
192 if (!$last eq $b)
193 {
194 &xor( $b, $a );
195 &xor( $tt, $a );
196 }
197 else
198 {
199 &xor( $tt, $a );
200 &xor( $b, $a );
201 }
202 &comment("");
203 }
204
205sub IP_new
206 {
207 local($l,$r,$tt,$lr)=@_;
208
209 &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
210 &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
211 &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
212 &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
213 &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
214
215 if ($lr != 3)
216 {
217 if (($lr-3) < 0)
218 { &rotr($tt, 3-$lr); }
219 else { &rotl($tt, $lr-3); }
220 }
221 if ($lr != 2)
222 {
223 if (($lr-2) < 0)
224 { &rotr($r, 2-$lr); }
225 else { &rotl($r, $lr-2); }
226 }
227 }
228
229sub FP_new
230 {
231 local($l,$r,$tt,$lr)=@_;
232
233 if ($lr != 2)
234 {
235 if (($lr-2) < 0)
236 { &rotl($r, 2-$lr); }
237 else { &rotr($r, $lr-2); }
238 }
239 if ($lr != 3)
240 {
241 if (($lr-3) < 0)
242 { &rotl($l, 3-$lr); }
243 else { &rotr($l, $lr-3); }
244 }
245
246 &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
247 &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
248 &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
249 &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
250 &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
251 &rotr($tt , 4);
252 }
253
diff --git a/src/lib/libcrypto/des/asm/desboth.pl b/src/lib/libcrypto/des/asm/desboth.pl
deleted file mode 100644
index d5106414db..0000000000
--- a/src/lib/libcrypto/des/asm/desboth.pl
+++ /dev/null
@@ -1,79 +0,0 @@
1#!/usr/local/bin/perl
2
3$L="edi";
4$R="esi";
5
6sub des_encrypt3
7 {
8 local($name,$enc)=@_;
9
10 &function_begin_B($name,"");
11 &push("ebx");
12 &mov("ebx",&wparam(0));
13
14 &push("ebp");
15 &push("esi");
16
17 &push("edi");
18
19 &comment("");
20 &comment("Load the data words");
21 &mov($L,&DWP(0,"ebx","",0));
22 &mov($R,&DWP(4,"ebx","",0));
23 &stack_push(3);
24
25 &comment("");
26 &comment("IP");
27 &IP_new($L,$R,"edx",0);
28
29 # put them back
30
31 if ($enc)
32 {
33 &mov(&DWP(4,"ebx","",0),$R);
34 &mov("eax",&wparam(1));
35 &mov(&DWP(0,"ebx","",0),"edx");
36 &mov("edi",&wparam(2));
37 &mov("esi",&wparam(3));
38 }
39 else
40 {
41 &mov(&DWP(4,"ebx","",0),$R);
42 &mov("esi",&wparam(1));
43 &mov(&DWP(0,"ebx","",0),"edx");
44 &mov("edi",&wparam(2));
45 &mov("eax",&wparam(3));
46 }
47 &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
48 &mov(&swtmp(1), "eax");
49 &mov(&swtmp(0), "ebx");
50 &call("des_encrypt2");
51 &mov(&swtmp(2), (DWC(($enc)?"0":"1")));
52 &mov(&swtmp(1), "edi");
53 &mov(&swtmp(0), "ebx");
54 &call("des_encrypt2");
55 &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
56 &mov(&swtmp(1), "esi");
57 &mov(&swtmp(0), "ebx");
58 &call("des_encrypt2");
59
60 &stack_pop(3);
61 &mov($L,&DWP(0,"ebx","",0));
62 &mov($R,&DWP(4,"ebx","",0));
63
64 &comment("");
65 &comment("FP");
66 &FP_new($L,$R,"eax",0);
67
68 &mov(&DWP(0,"ebx","",0),"eax");
69 &mov(&DWP(4,"ebx","",0),$R);
70
71 &pop("edi");
72 &pop("esi");
73 &pop("ebp");
74 &pop("ebx");
75 &ret();
76 &function_end_B($name);
77 }
78
79
diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c
deleted file mode 100644
index b857df0985..0000000000
--- a/src/lib/libcrypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,97 +0,0 @@
1/* crypto/des/cbc_cksm.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61DES_LONG des_cbc_cksum(const unsigned char *in, des_cblock *output,
62 long length,
63 des_key_schedule schedule, const_des_cblock *ivec)
64 {
65 register DES_LONG tout0,tout1,tin0,tin1;
66 register long l=length;
67 DES_LONG tin[2];
68 unsigned char *out = &(*output)[0];
69 const unsigned char *iv = &(*ivec)[0];
70
71 c2l(iv,tout0);
72 c2l(iv,tout1);
73 for (; l>0; l-=8)
74 {
75 if (l >= 8)
76 {
77 c2l(in,tin0);
78 c2l(in,tin1);
79 }
80 else
81 c2ln(in,tin0,tin1,l);
82
83 tin0^=tout0; tin[0]=tin0;
84 tin1^=tout1; tin[1]=tin1;
85 des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
86 /* fix 15/10/91 eay - thanks to keithr@sco.COM */
87 tout0=tin[0];
88 tout1=tin[1];
89 }
90 if (out != NULL)
91 {
92 l2c(tout0,out);
93 l2c(tout1,out);
94 }
95 tout0=tin0=tin1=tin[0]=tin[1]=0;
96 return(tout1);
97 }
diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c
deleted file mode 100644
index 677903ae4e..0000000000
--- a/src/lib/libcrypto/des/cbc_enc.c
+++ /dev/null
@@ -1,61 +0,0 @@
1/* crypto/des/cbc_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#define CBC_ENC_C__DONT_UPDATE_IV
60
61#include "ncbc_enc.c" /* des_cbc_encrypt */
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c
deleted file mode 100644
index 5362a551bf..0000000000
--- a/src/lib/libcrypto/des/cfb64ede.c
+++ /dev/null
@@ -1,141 +0,0 @@
1/* crypto/des/cfb64ede.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* The input and output encrypted as though 64bit cfb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65
66void des_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
67 long length, des_key_schedule ks1, des_key_schedule ks2,
68 des_key_schedule ks3, des_cblock *ivec, int *num, int enc)
69 {
70 register DES_LONG v0,v1;
71 register long l=length;
72 register int n= *num;
73 DES_LONG ti[2];
74 unsigned char *iv,c,cc;
75
76 iv=&(*ivec)[0];
77 if (enc)
78 {
79 while (l--)
80 {
81 if (n == 0)
82 {
83 c2l(iv,v0);
84 c2l(iv,v1);
85
86 ti[0]=v0;
87 ti[1]=v1;
88 des_encrypt3(ti,ks1,ks2,ks3);
89 v0=ti[0];
90 v1=ti[1];
91
92 iv = &(*ivec)[0];
93 l2c(v0,iv);
94 l2c(v1,iv);
95 iv = &(*ivec)[0];
96 }
97 c= *(in++)^iv[n];
98 *(out++)=c;
99 iv[n]=c;
100 n=(n+1)&0x07;
101 }
102 }
103 else
104 {
105 while (l--)
106 {
107 if (n == 0)
108 {
109 c2l(iv,v0);
110 c2l(iv,v1);
111
112 ti[0]=v0;
113 ti[1]=v1;
114 des_encrypt3(ti,ks1,ks2,ks3);
115 v0=ti[0];
116 v1=ti[1];
117
118 iv = &(*ivec)[0];
119 l2c(v0,iv);
120 l2c(v1,iv);
121 iv = &(*ivec)[0];
122 }
123 cc= *(in++);
124 c=iv[n];
125 iv[n]=cc;
126 *(out++)=c^cc;
127 n=(n+1)&0x07;
128 }
129 }
130 v0=v1=ti[0]=ti[1]=c=cc=0;
131 *num=n;
132 }
133
134#ifdef undef /* MACRO */
135void des_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
136 des_key_schedule ks1, des_key_schedule ks2, des_cblock (*ivec),
137 int *num, int enc)
138 {
139 des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
140 }
141#endif
diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c
deleted file mode 100644
index 105530dfa3..0000000000
--- a/src/lib/libcrypto/des/cfb64enc.c
+++ /dev/null
@@ -1,121 +0,0 @@
1/* crypto/des/cfb64enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* The input and output encrypted as though 64bit cfb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65
66void des_cfb64_encrypt(const unsigned char *in, unsigned char *out,
67 long length, des_key_schedule schedule, des_cblock *ivec,
68 int *num, int enc)
69 {
70 register DES_LONG v0,v1;
71 register long l=length;
72 register int n= *num;
73 DES_LONG ti[2];
74 unsigned char *iv,c,cc;
75
76 iv = &(*ivec)[0];
77 if (enc)
78 {
79 while (l--)
80 {
81 if (n == 0)
82 {
83 c2l(iv,v0); ti[0]=v0;
84 c2l(iv,v1); ti[1]=v1;
85 des_encrypt1(ti,schedule,DES_ENCRYPT);
86 iv = &(*ivec)[0];
87 v0=ti[0]; l2c(v0,iv);
88 v0=ti[1]; l2c(v0,iv);
89 iv = &(*ivec)[0];
90 }
91 c= *(in++)^iv[n];
92 *(out++)=c;
93 iv[n]=c;
94 n=(n+1)&0x07;
95 }
96 }
97 else
98 {
99 while (l--)
100 {
101 if (n == 0)
102 {
103 c2l(iv,v0); ti[0]=v0;
104 c2l(iv,v1); ti[1]=v1;
105 des_encrypt1(ti,schedule,DES_ENCRYPT);
106 iv = &(*ivec)[0];
107 v0=ti[0]; l2c(v0,iv);
108 v0=ti[1]; l2c(v0,iv);
109 iv = &(*ivec)[0];
110 }
111 cc= *(in++);
112 c=iv[n];
113 iv[n]=cc;
114 *(out++)=c^cc;
115 n=(n+1)&0x07;
116 }
117 }
118 v0=v1=ti[0]=ti[1]=c=cc=0;
119 *num=n;
120 }
121
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
deleted file mode 100644
index ec4fd4ea67..0000000000
--- a/src/lib/libcrypto/des/cfb_enc.c
+++ /dev/null
@@ -1,165 +0,0 @@
1/* crypto/des/cfb_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* The input and output are loaded in multiples of 8 bits.
62 * What this means is that if you hame numbits=12 and length=2
63 * the first 12 bits will be retrieved from the first byte and half
64 * the second. The second 12 bits will come from the 3rd and half the 4th
65 * byte.
66 */
67void des_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
68 long length, des_key_schedule schedule, des_cblock *ivec, int enc)
69 {
70 register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
71 register DES_LONG mask0,mask1;
72 register unsigned long l=length;
73 register int num=numbits;
74 DES_LONG ti[2];
75 unsigned char *iv;
76
77 if (num > 64) return;
78 if (num > 32)
79 {
80 mask0=0xffffffffL;
81 if (num == 64)
82 mask1=mask0;
83 else mask1=(1L<<(num-32))-1;
84 }
85 else
86 {
87 if (num == 32)
88 mask0=0xffffffffL;
89 else mask0=(1L<<num)-1;
90 mask1=0x00000000L;
91 }
92
93 iv = &(*ivec)[0];
94 c2l(iv,v0);
95 c2l(iv,v1);
96 if (enc)
97 {
98 while (l >= n)
99 {
100 l-=n;
101 ti[0]=v0;
102 ti[1]=v1;
103 des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
104 c2ln(in,d0,d1,n);
105 in+=n;
106 d0=(d0^ti[0])&mask0;
107 d1=(d1^ti[1])&mask1;
108 l2cn(d0,d1,out,n);
109 out+=n;
110 /* 30-08-94 - eay - changed because l>>32 and
111 * l<<32 are bad under gcc :-( */
112 if (num == 32)
113 { v0=v1; v1=d0; }
114 else if (num == 64)
115 { v0=d0; v1=d1; }
116 else if (num > 32) /* && num != 64 */
117 {
118 v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
119 v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
120 }
121 else /* num < 32 */
122 {
123 v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
124 v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
125 }
126 }
127 }
128 else
129 {
130 while (l >= n)
131 {
132 l-=n;
133 ti[0]=v0;
134 ti[1]=v1;
135 des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
136 c2ln(in,d0,d1,n);
137 in+=n;
138 /* 30-08-94 - eay - changed because l>>32 and
139 * l<<32 are bad under gcc :-( */
140 if (num == 32)
141 { v0=v1; v1=d0; }
142 else if (num == 64)
143 { v0=d0; v1=d1; }
144 else if (num > 32) /* && num != 64 */
145 {
146 v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
147 v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
148 }
149 else /* num < 32 */
150 {
151 v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
152 v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
153 }
154 d0=(d0^ti[0])&mask0;
155 d1=(d1^ti[1])&mask1;
156 l2cn(d0,d1,out,n);
157 out+=n;
158 }
159 }
160 iv = &(*ivec)[0];
161 l2c(v0,iv);
162 l2c(v1,iv);
163 v0=v1=d0=d1=ti[0]=ti[1]=0;
164 }
165
diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h
deleted file mode 100644
index 6b8a7ee11b..0000000000
--- a/src/lib/libcrypto/des/des.h
+++ /dev/null
@@ -1,266 +0,0 @@
1/* crypto/des/des.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DES_H
60#define HEADER_DES_H
61
62#ifdef NO_DES
63#error DES is disabled.
64#endif
65
66#ifdef _KERBEROS_DES_H
67#error <openssl/des.h> replaces <kerberos/des.h>.
68#endif
69
70#include <openssl/opensslconf.h> /* DES_LONG */
71#include <openssl/e_os2.h> /* OPENSSL_EXTERN */
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
77typedef unsigned char des_cblock[8];
78typedef /* const */ unsigned char const_des_cblock[8];
79/* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
80 * and const_des_cblock * are incompatible pointer types. */
81
82typedef struct des_ks_struct
83 {
84 union {
85 des_cblock cblock;
86 /* make sure things are correct size on machines with
87 * 8 byte longs */
88 DES_LONG deslong[2];
89 } ks;
90 int weak_key;
91 } des_key_schedule[16];
92
93#define DES_KEY_SZ (sizeof(des_cblock))
94#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
95
96#define DES_ENCRYPT 1
97#define DES_DECRYPT 0
98
99#define DES_CBC_MODE 0
100#define DES_PCBC_MODE 1
101
102#define des_ecb2_encrypt(i,o,k1,k2,e) \
103 des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
104
105#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
106 des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
107
108#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
109 des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
110
111#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
112 des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
113
114OPENSSL_EXTERN int des_check_key; /* defaults to false */
115OPENSSL_EXTERN int des_rw_mode; /* defaults to DES_PCBC_MODE */
116OPENSSL_EXTERN int des_set_weak_key_flag; /* set the weak key flag */
117
118const char *des_options(void);
119void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output,
120 des_key_schedule ks1,des_key_schedule ks2,
121 des_key_schedule ks3, int enc);
122DES_LONG des_cbc_cksum(const unsigned char *input,des_cblock *output,
123 long length,des_key_schedule schedule,
124 const_des_cblock *ivec);
125/* des_cbc_encrypt does not update the IV! Use des_ncbc_encrypt instead. */
126void des_cbc_encrypt(const unsigned char *input,unsigned char *output,
127 long length,des_key_schedule schedule,des_cblock *ivec,
128 int enc);
129void des_ncbc_encrypt(const unsigned char *input,unsigned char *output,
130 long length,des_key_schedule schedule,des_cblock *ivec,
131 int enc);
132void des_xcbc_encrypt(const unsigned char *input,unsigned char *output,
133 long length,des_key_schedule schedule,des_cblock *ivec,
134 const_des_cblock *inw,const_des_cblock *outw,int enc);
135void des_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
136 long length,des_key_schedule schedule,des_cblock *ivec,
137 int enc);
138void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
139 des_key_schedule ks,int enc);
140
141/* This is the DES encryption function that gets called by just about
142 every other DES routine in the library. You should not use this
143 function except to implement 'modes' of DES. I say this because the
144 functions that call this routine do the conversion from 'char *' to
145 long, and this needs to be done to make sure 'non-aligned' memory
146 access do not occur. The characters are loaded 'little endian'.
147 Data is a pointer to 2 unsigned long's and ks is the
148 des_key_schedule to use. enc, is non zero specifies encryption,
149 zero if decryption. */
150void des_encrypt1(DES_LONG *data,des_key_schedule ks, int enc);
151
152/* This functions is the same as des_encrypt1() except that the DES
153 initial permutation (IP) and final permutation (FP) have been left
154 out. As for des_encrypt1(), you should not use this function.
155 It is used by the routines in the library that implement triple DES.
156 IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
157 as des_encrypt1() des_encrypt1() des_encrypt1() except faster :-). */
158void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
159
160void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
161 des_key_schedule ks2, des_key_schedule ks3);
162void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
163 des_key_schedule ks2, des_key_schedule ks3);
164void des_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output,
165 long length,
166 des_key_schedule ks1,des_key_schedule ks2,
167 des_key_schedule ks3,des_cblock *ivec,int enc);
168void des_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
169 long length,
170 des_key_schedule ks1,des_key_schedule ks2,
171 des_key_schedule ks3,
172 des_cblock *ivec1,des_cblock *ivec2,
173 int enc);
174void des_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
175 long length,des_key_schedule ks1,
176 des_key_schedule ks2,des_key_schedule ks3,
177 des_cblock *ivec,int *num,int enc);
178void des_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
179 long length,des_key_schedule ks1,
180 des_key_schedule ks2,des_key_schedule ks3,
181 des_cblock *ivec,int *num);
182
183void des_xwhite_in2out(const_des_cblock *des_key,const_des_cblock *in_white,
184 des_cblock *out_white);
185
186int des_enc_read(int fd,void *buf,int len,des_key_schedule sched,
187 des_cblock *iv);
188int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched,
189 des_cblock *iv);
190char *des_fcrypt(const char *buf,const char *salt, char *ret);
191char *des_crypt(const char *buf,const char *salt);
192#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
193char *crypt(const char *buf,const char *salt);
194#endif
195void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
196 long length,des_key_schedule schedule,des_cblock *ivec);
197void des_pcbc_encrypt(const unsigned char *input,unsigned char *output,
198 long length,des_key_schedule schedule,des_cblock *ivec,
199 int enc);
200DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[],
201 long length,int out_count,des_cblock *seed);
202void des_random_seed(des_cblock *key);
203int des_random_key(des_cblock *ret);
204int des_read_password(des_cblock *key,const char *prompt,int verify);
205int des_read_2passwords(des_cblock *key1,des_cblock *key2,
206 const char *prompt,int verify);
207int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
208void des_set_odd_parity(des_cblock *key);
209int des_check_key_parity(const_des_cblock *key);
210int des_is_weak_key(const_des_cblock *key);
211/* des_set_key (= set_key = des_key_sched = key_sched) calls
212 * des_set_key_checked if global variable des_check_key is set,
213 * des_set_key_unchecked otherwise. */
214int des_set_key(const_des_cblock *key,des_key_schedule schedule);
215int des_key_sched(const_des_cblock *key,des_key_schedule schedule);
216int des_set_key_checked(const_des_cblock *key,des_key_schedule schedule);
217void des_set_key_unchecked(const_des_cblock *key,des_key_schedule schedule);
218void des_string_to_key(const char *str,des_cblock *key);
219void des_string_to_2keys(const char *str,des_cblock *key1,des_cblock *key2);
220void des_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
221 des_key_schedule schedule,des_cblock *ivec,int *num,
222 int enc);
223void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
224 des_key_schedule schedule,des_cblock *ivec,int *num);
225int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
226
227/* The following definitions provide compatibility with the MIT Kerberos
228 * library. The des_key_schedule structure is not binary compatible. */
229
230#define _KERBEROS_DES_H
231
232#define KRBDES_ENCRYPT DES_ENCRYPT
233#define KRBDES_DECRYPT DES_DECRYPT
234
235#ifdef KERBEROS
236# define ENCRYPT DES_ENCRYPT
237# define DECRYPT DES_DECRYPT
238#endif
239
240#ifndef NCOMPAT
241# define C_Block des_cblock
242# define Key_schedule des_key_schedule
243# define KEY_SZ DES_KEY_SZ
244# define string_to_key des_string_to_key
245# define read_pw_string des_read_pw_string
246# define random_key des_random_key
247# define pcbc_encrypt des_pcbc_encrypt
248# define set_key des_set_key
249# define key_sched des_key_sched
250# define ecb_encrypt des_ecb_encrypt
251# define cbc_encrypt des_cbc_encrypt
252# define ncbc_encrypt des_ncbc_encrypt
253# define xcbc_encrypt des_xcbc_encrypt
254# define cbc_cksum des_cbc_cksum
255# define quad_cksum des_quad_cksum
256# define check_parity des_check_key_parity
257#endif
258
259typedef des_key_schedule bit_64;
260#define des_fixup_key_parity des_set_odd_parity
261
262#ifdef __cplusplus
263}
264#endif
265
266#endif
diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c
deleted file mode 100644
index 0bd9fa39bc..0000000000
--- a/src/lib/libcrypto/des/des_enc.c
+++ /dev/null
@@ -1,406 +0,0 @@
1/* crypto/des/des_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61void des_encrypt1(DES_LONG *data, des_key_schedule ks, int enc)
62 {
63 register DES_LONG l,r,t,u;
64#ifdef DES_PTR
65 register const unsigned char *des_SP=(const unsigned char *)des_SPtrans;
66#endif
67#ifndef DES_UNROLL
68 register int i;
69#endif
70 register DES_LONG *s;
71
72 r=data[0];
73 l=data[1];
74
75 IP(r,l);
76 /* Things have been modified so that the initial rotate is
77 * done outside the loop. This required the
78 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
79 * One perl script later and things have a 5% speed up on a sparc2.
80 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
81 * for pointing this out. */
82 /* clear the top bits on machines with 8byte longs */
83 /* shift left by 2 */
84 r=ROTATE(r,29)&0xffffffffL;
85 l=ROTATE(l,29)&0xffffffffL;
86
87 s=ks->ks.deslong;
88 /* I don't know if it is worth the effort of loop unrolling the
89 * inner loop */
90 if (enc)
91 {
92#ifdef DES_UNROLL
93 D_ENCRYPT(l,r, 0); /* 1 */
94 D_ENCRYPT(r,l, 2); /* 2 */
95 D_ENCRYPT(l,r, 4); /* 3 */
96 D_ENCRYPT(r,l, 6); /* 4 */
97 D_ENCRYPT(l,r, 8); /* 5 */
98 D_ENCRYPT(r,l,10); /* 6 */
99 D_ENCRYPT(l,r,12); /* 7 */
100 D_ENCRYPT(r,l,14); /* 8 */
101 D_ENCRYPT(l,r,16); /* 9 */
102 D_ENCRYPT(r,l,18); /* 10 */
103 D_ENCRYPT(l,r,20); /* 11 */
104 D_ENCRYPT(r,l,22); /* 12 */
105 D_ENCRYPT(l,r,24); /* 13 */
106 D_ENCRYPT(r,l,26); /* 14 */
107 D_ENCRYPT(l,r,28); /* 15 */
108 D_ENCRYPT(r,l,30); /* 16 */
109#else
110 for (i=0; i<32; i+=8)
111 {
112 D_ENCRYPT(l,r,i+0); /* 1 */
113 D_ENCRYPT(r,l,i+2); /* 2 */
114 D_ENCRYPT(l,r,i+4); /* 3 */
115 D_ENCRYPT(r,l,i+6); /* 4 */
116 }
117#endif
118 }
119 else
120 {
121#ifdef DES_UNROLL
122 D_ENCRYPT(l,r,30); /* 16 */
123 D_ENCRYPT(r,l,28); /* 15 */
124 D_ENCRYPT(l,r,26); /* 14 */
125 D_ENCRYPT(r,l,24); /* 13 */
126 D_ENCRYPT(l,r,22); /* 12 */
127 D_ENCRYPT(r,l,20); /* 11 */
128 D_ENCRYPT(l,r,18); /* 10 */
129 D_ENCRYPT(r,l,16); /* 9 */
130 D_ENCRYPT(l,r,14); /* 8 */
131 D_ENCRYPT(r,l,12); /* 7 */
132 D_ENCRYPT(l,r,10); /* 6 */
133 D_ENCRYPT(r,l, 8); /* 5 */
134 D_ENCRYPT(l,r, 6); /* 4 */
135 D_ENCRYPT(r,l, 4); /* 3 */
136 D_ENCRYPT(l,r, 2); /* 2 */
137 D_ENCRYPT(r,l, 0); /* 1 */
138#else
139 for (i=30; i>0; i-=8)
140 {
141 D_ENCRYPT(l,r,i-0); /* 16 */
142 D_ENCRYPT(r,l,i-2); /* 15 */
143 D_ENCRYPT(l,r,i-4); /* 14 */
144 D_ENCRYPT(r,l,i-6); /* 13 */
145 }
146#endif
147 }
148
149 /* rotate and clear the top bits on machines with 8byte longs */
150 l=ROTATE(l,3)&0xffffffffL;
151 r=ROTATE(r,3)&0xffffffffL;
152
153 FP(r,l);
154 data[0]=l;
155 data[1]=r;
156 l=r=t=u=0;
157 }
158
159void des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
160 {
161 register DES_LONG l,r,t,u;
162#ifdef DES_PTR
163 register const unsigned char *des_SP=(const unsigned char *)des_SPtrans;
164#endif
165#ifndef DES_UNROLL
166 register int i;
167#endif
168 register DES_LONG *s;
169
170 r=data[0];
171 l=data[1];
172
173 /* Things have been modified so that the initial rotate is
174 * done outside the loop. This required the
175 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
176 * One perl script later and things have a 5% speed up on a sparc2.
177 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
178 * for pointing this out. */
179 /* clear the top bits on machines with 8byte longs */
180 r=ROTATE(r,29)&0xffffffffL;
181 l=ROTATE(l,29)&0xffffffffL;
182
183 s=ks->ks.deslong;
184 /* I don't know if it is worth the effort of loop unrolling the
185 * inner loop */
186 if (enc)
187 {
188#ifdef DES_UNROLL
189 D_ENCRYPT(l,r, 0); /* 1 */
190 D_ENCRYPT(r,l, 2); /* 2 */
191 D_ENCRYPT(l,r, 4); /* 3 */
192 D_ENCRYPT(r,l, 6); /* 4 */
193 D_ENCRYPT(l,r, 8); /* 5 */
194 D_ENCRYPT(r,l,10); /* 6 */
195 D_ENCRYPT(l,r,12); /* 7 */
196 D_ENCRYPT(r,l,14); /* 8 */
197 D_ENCRYPT(l,r,16); /* 9 */
198 D_ENCRYPT(r,l,18); /* 10 */
199 D_ENCRYPT(l,r,20); /* 11 */
200 D_ENCRYPT(r,l,22); /* 12 */
201 D_ENCRYPT(l,r,24); /* 13 */
202 D_ENCRYPT(r,l,26); /* 14 */
203 D_ENCRYPT(l,r,28); /* 15 */
204 D_ENCRYPT(r,l,30); /* 16 */
205#else
206 for (i=0; i<32; i+=8)
207 {
208 D_ENCRYPT(l,r,i+0); /* 1 */
209 D_ENCRYPT(r,l,i+2); /* 2 */
210 D_ENCRYPT(l,r,i+4); /* 3 */
211 D_ENCRYPT(r,l,i+6); /* 4 */
212 }
213#endif
214 }
215 else
216 {
217#ifdef DES_UNROLL
218 D_ENCRYPT(l,r,30); /* 16 */
219 D_ENCRYPT(r,l,28); /* 15 */
220 D_ENCRYPT(l,r,26); /* 14 */
221 D_ENCRYPT(r,l,24); /* 13 */
222 D_ENCRYPT(l,r,22); /* 12 */
223 D_ENCRYPT(r,l,20); /* 11 */
224 D_ENCRYPT(l,r,18); /* 10 */
225 D_ENCRYPT(r,l,16); /* 9 */
226 D_ENCRYPT(l,r,14); /* 8 */
227 D_ENCRYPT(r,l,12); /* 7 */
228 D_ENCRYPT(l,r,10); /* 6 */
229 D_ENCRYPT(r,l, 8); /* 5 */
230 D_ENCRYPT(l,r, 6); /* 4 */
231 D_ENCRYPT(r,l, 4); /* 3 */
232 D_ENCRYPT(l,r, 2); /* 2 */
233 D_ENCRYPT(r,l, 0); /* 1 */
234#else
235 for (i=30; i>0; i-=8)
236 {
237 D_ENCRYPT(l,r,i-0); /* 16 */
238 D_ENCRYPT(r,l,i-2); /* 15 */
239 D_ENCRYPT(l,r,i-4); /* 14 */
240 D_ENCRYPT(r,l,i-6); /* 13 */
241 }
242#endif
243 }
244 /* rotate and clear the top bits on machines with 8byte longs */
245 data[0]=ROTATE(l,3)&0xffffffffL;
246 data[1]=ROTATE(r,3)&0xffffffffL;
247 l=r=t=u=0;
248 }
249
250void des_encrypt3(DES_LONG *data, des_key_schedule ks1, des_key_schedule ks2,
251 des_key_schedule ks3)
252 {
253 register DES_LONG l,r;
254
255 l=data[0];
256 r=data[1];
257 IP(l,r);
258 data[0]=l;
259 data[1]=r;
260 des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
261 des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
262 des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
263 l=data[0];
264 r=data[1];
265 FP(r,l);
266 data[0]=l;
267 data[1]=r;
268 }
269
270void des_decrypt3(DES_LONG *data, des_key_schedule ks1, des_key_schedule ks2,
271 des_key_schedule ks3)
272 {
273 register DES_LONG l,r;
274
275 l=data[0];
276 r=data[1];
277 IP(l,r);
278 data[0]=l;
279 data[1]=r;
280 des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
281 des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
282 des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
283 l=data[0];
284 r=data[1];
285 FP(r,l);
286 data[0]=l;
287 data[1]=r;
288 }
289
290#ifndef DES_DEFAULT_OPTIONS
291
292#undef CBC_ENC_C__DONT_UPDATE_IV
293#include "ncbc_enc.c" /* des_ncbc_encrypt */
294
295void des_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
296 long length, des_key_schedule ks1, des_key_schedule ks2,
297 des_key_schedule ks3, des_cblock *ivec, int enc)
298 {
299 register DES_LONG tin0,tin1;
300 register DES_LONG tout0,tout1,xor0,xor1;
301 register const unsigned char *in;
302 unsigned char *out;
303 register long l=length;
304 DES_LONG tin[2];
305 unsigned char *iv;
306
307 in=input;
308 out=output;
309 iv = &(*ivec)[0];
310
311 if (enc)
312 {
313 c2l(iv,tout0);
314 c2l(iv,tout1);
315 for (l-=8; l>=0; l-=8)
316 {
317 c2l(in,tin0);
318 c2l(in,tin1);
319 tin0^=tout0;
320 tin1^=tout1;
321
322 tin[0]=tin0;
323 tin[1]=tin1;
324 des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
325 tout0=tin[0];
326 tout1=tin[1];
327
328 l2c(tout0,out);
329 l2c(tout1,out);
330 }
331 if (l != -8)
332 {
333 c2ln(in,tin0,tin1,l+8);
334 tin0^=tout0;
335 tin1^=tout1;
336
337 tin[0]=tin0;
338 tin[1]=tin1;
339 des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
340 tout0=tin[0];
341 tout1=tin[1];
342
343 l2c(tout0,out);
344 l2c(tout1,out);
345 }
346 iv = &(*ivec)[0];
347 l2c(tout0,iv);
348 l2c(tout1,iv);
349 }
350 else
351 {
352 register DES_LONG t0,t1;
353
354 c2l(iv,xor0);
355 c2l(iv,xor1);
356 for (l-=8; l>=0; l-=8)
357 {
358 c2l(in,tin0);
359 c2l(in,tin1);
360
361 t0=tin0;
362 t1=tin1;
363
364 tin[0]=tin0;
365 tin[1]=tin1;
366 des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
367 tout0=tin[0];
368 tout1=tin[1];
369
370 tout0^=xor0;
371 tout1^=xor1;
372 l2c(tout0,out);
373 l2c(tout1,out);
374 xor0=t0;
375 xor1=t1;
376 }
377 if (l != -8)
378 {
379 c2l(in,tin0);
380 c2l(in,tin1);
381
382 t0=tin0;
383 t1=tin1;
384
385 tin[0]=tin0;
386 tin[1]=tin1;
387 des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
388 tout0=tin[0];
389 tout1=tin[1];
390
391 tout0^=xor0;
392 tout1^=xor1;
393 l2cn(tout0,tout1,out,l+8);
394 xor0=t0;
395 xor1=t1;
396 }
397
398 iv = &(*ivec)[0];
399 l2c(xor0,iv);
400 l2c(xor1,iv);
401 }
402 tin0=tin1=tout0=tout1=xor0=xor1=0;
403 tin[0]=tin[1]=0;
404 }
405
406#endif /* DES_DEFAULT_OPTIONS */
diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h
deleted file mode 100644
index 1ace8f5930..0000000000
--- a/src/lib/libcrypto/des/des_locl.h
+++ /dev/null
@@ -1,412 +0,0 @@
1/* crypto/des/des_locl.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DES_LOCL_H
60#define HEADER_DES_LOCL_H
61
62#if defined(WIN32) || defined(WIN16)
63#ifndef MSDOS
64#define MSDOS
65#endif
66#endif
67
68#include <stdio.h>
69#include <stdlib.h>
70
71#include <openssl/opensslconf.h>
72
73#ifndef MSDOS
74#if !defined(VMS) || defined(__DECC)
75#ifdef OPENSSL_UNISTD
76# include OPENSSL_UNISTD
77#else
78# include <unistd.h>
79#endif
80#include <math.h>
81#endif
82#endif
83#include <openssl/des.h>
84
85#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
86#include <stdlib.h>
87#include <errno.h>
88#include <time.h>
89#include <io.h>
90#endif
91
92#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
93#include <string.h>
94#endif
95
96#define ITERATIONS 16
97#define HALF_ITERATIONS 8
98
99/* used in des_read and des_write */
100#define MAXWRITE (1024*16)
101#define BSIZE (MAXWRITE+4)
102
103#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
104 l|=((DES_LONG)(*((c)++)))<< 8L, \
105 l|=((DES_LONG)(*((c)++)))<<16L, \
106 l|=((DES_LONG)(*((c)++)))<<24L)
107
108/* NOTE - c is not incremented as per c2l */
109#define c2ln(c,l1,l2,n) { \
110 c+=n; \
111 l1=l2=0; \
112 switch (n) { \
113 case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
114 case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
115 case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
116 case 5: l2|=((DES_LONG)(*(--(c)))); \
117 case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
118 case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
119 case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
120 case 1: l1|=((DES_LONG)(*(--(c)))); \
121 } \
122 }
123
124#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
125 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
126 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
127 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
128
129/* replacements for htonl and ntohl since I have no idea what to do
130 * when faced with machines with 8 byte longs. */
131#define HDRSIZE 4
132
133#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
134 l|=((DES_LONG)(*((c)++)))<<16L, \
135 l|=((DES_LONG)(*((c)++)))<< 8L, \
136 l|=((DES_LONG)(*((c)++))))
137
138#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
139 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
140 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
141 *((c)++)=(unsigned char)(((l) )&0xff))
142
143/* NOTE - c is not incremented as per l2c */
144#define l2cn(l1,l2,c,n) { \
145 c+=n; \
146 switch (n) { \
147 case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
148 case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
149 case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
150 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
151 case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
152 case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
153 case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
154 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
155 } \
156 }
157
158#if defined(WIN32) && defined(_MSC_VER)
159#define ROTATE(a,n) (_lrotr(a,n))
160#else
161#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
162#endif
163
164/* Don't worry about the LOAD_DATA() stuff, that is used by
165 * fcrypt() to add it's little bit to the front */
166
167#ifdef DES_FCRYPT
168
169#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
170 { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
171
172#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
173 t=R^(R>>16L); \
174 u=t&E0; t&=E1; \
175 tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
176 tmp=(t<<16); t^=R^s[S+1]; t^=tmp
177#else
178#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
179#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
180 u=R^s[S ]; \
181 t=R^s[S+1]
182#endif
183
184/* The changes to this macro may help or hinder, depending on the
185 * compiler and the architecture. gcc2 always seems to do well :-).
186 * Inspired by Dana How <how@isl.stanford.edu>
187 * DO NOT use the alternative version on machines with 8 byte longs.
188 * It does not seem to work on the Alpha, even when DES_LONG is 4
189 * bytes, probably an issue of accessing non-word aligned objects :-( */
190#ifdef DES_PTR
191
192/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
193 * is no reason to not xor all the sub items together. This potentially
194 * saves a register since things can be xored directly into L */
195
196#if defined(DES_RISC1) || defined(DES_RISC2)
197#ifdef DES_RISC1
198#define D_ENCRYPT(LL,R,S) { \
199 unsigned int u1,u2,u3; \
200 LOAD_DATA(R,S,u,t,E0,E1,u1); \
201 u2=(int)u>>8L; \
202 u1=(int)u&0xfc; \
203 u2&=0xfc; \
204 t=ROTATE(t,4); \
205 u>>=16L; \
206 LL^= *(const DES_LONG *)(des_SP +u1); \
207 LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
208 u3=(int)(u>>8L); \
209 u1=(int)u&0xfc; \
210 u3&=0xfc; \
211 LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
212 LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
213 u2=(int)t>>8L; \
214 u1=(int)t&0xfc; \
215 u2&=0xfc; \
216 t>>=16L; \
217 LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
218 LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
219 u3=(int)t>>8L; \
220 u1=(int)t&0xfc; \
221 u3&=0xfc; \
222 LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
223 LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
224#endif
225#ifdef DES_RISC2
226#define D_ENCRYPT(LL,R,S) { \
227 unsigned int u1,u2,s1,s2; \
228 LOAD_DATA(R,S,u,t,E0,E1,u1); \
229 u2=(int)u>>8L; \
230 u1=(int)u&0xfc; \
231 u2&=0xfc; \
232 t=ROTATE(t,4); \
233 LL^= *(const DES_LONG *)(des_SP +u1); \
234 LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
235 s1=(int)(u>>16L); \
236 s2=(int)(u>>24L); \
237 s1&=0xfc; \
238 s2&=0xfc; \
239 LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
240 LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
241 u2=(int)t>>8L; \
242 u1=(int)t&0xfc; \
243 u2&=0xfc; \
244 LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
245 LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
246 s1=(int)(t>>16L); \
247 s2=(int)(t>>24L); \
248 s1&=0xfc; \
249 s2&=0xfc; \
250 LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
251 LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
252#endif
253#else
254#define D_ENCRYPT(LL,R,S) { \
255 LOAD_DATA_tmp(R,S,u,t,E0,E1); \
256 t=ROTATE(t,4); \
257 LL^= \
258 *(const DES_LONG *)(des_SP +((u )&0xfc))^ \
259 *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
260 *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
261 *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
262 *(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \
263 *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
264 *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
265 *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
266#endif
267
268#else /* original version */
269
270#if defined(DES_RISC1) || defined(DES_RISC2)
271#ifdef DES_RISC1
272#define D_ENCRYPT(LL,R,S) {\
273 unsigned int u1,u2,u3; \
274 LOAD_DATA(R,S,u,t,E0,E1,u1); \
275 u>>=2L; \
276 t=ROTATE(t,6); \
277 u2=(int)u>>8L; \
278 u1=(int)u&0x3f; \
279 u2&=0x3f; \
280 u>>=16L; \
281 LL^=des_SPtrans[0][u1]; \
282 LL^=des_SPtrans[2][u2]; \
283 u3=(int)u>>8L; \
284 u1=(int)u&0x3f; \
285 u3&=0x3f; \
286 LL^=des_SPtrans[4][u1]; \
287 LL^=des_SPtrans[6][u3]; \
288 u2=(int)t>>8L; \
289 u1=(int)t&0x3f; \
290 u2&=0x3f; \
291 t>>=16L; \
292 LL^=des_SPtrans[1][u1]; \
293 LL^=des_SPtrans[3][u2]; \
294 u3=(int)t>>8L; \
295 u1=(int)t&0x3f; \
296 u3&=0x3f; \
297 LL^=des_SPtrans[5][u1]; \
298 LL^=des_SPtrans[7][u3]; }
299#endif
300#ifdef DES_RISC2
301#define D_ENCRYPT(LL,R,S) {\
302 unsigned int u1,u2,s1,s2; \
303 LOAD_DATA(R,S,u,t,E0,E1,u1); \
304 u>>=2L; \
305 t=ROTATE(t,6); \
306 u2=(int)u>>8L; \
307 u1=(int)u&0x3f; \
308 u2&=0x3f; \
309 LL^=des_SPtrans[0][u1]; \
310 LL^=des_SPtrans[2][u2]; \
311 s1=(int)u>>16L; \
312 s2=(int)u>>24L; \
313 s1&=0x3f; \
314 s2&=0x3f; \
315 LL^=des_SPtrans[4][s1]; \
316 LL^=des_SPtrans[6][s2]; \
317 u2=(int)t>>8L; \
318 u1=(int)t&0x3f; \
319 u2&=0x3f; \
320 LL^=des_SPtrans[1][u1]; \
321 LL^=des_SPtrans[3][u2]; \
322 s1=(int)t>>16; \
323 s2=(int)t>>24L; \
324 s1&=0x3f; \
325 s2&=0x3f; \
326 LL^=des_SPtrans[5][s1]; \
327 LL^=des_SPtrans[7][s2]; }
328#endif
329
330#else
331
332#define D_ENCRYPT(LL,R,S) {\
333 LOAD_DATA_tmp(R,S,u,t,E0,E1); \
334 t=ROTATE(t,4); \
335 LL^=\
336 des_SPtrans[0][(u>> 2L)&0x3f]^ \
337 des_SPtrans[2][(u>>10L)&0x3f]^ \
338 des_SPtrans[4][(u>>18L)&0x3f]^ \
339 des_SPtrans[6][(u>>26L)&0x3f]^ \
340 des_SPtrans[1][(t>> 2L)&0x3f]^ \
341 des_SPtrans[3][(t>>10L)&0x3f]^ \
342 des_SPtrans[5][(t>>18L)&0x3f]^ \
343 des_SPtrans[7][(t>>26L)&0x3f]; }
344#endif
345#endif
346
347 /* IP and FP
348 * The problem is more of a geometric problem that random bit fiddling.
349 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
350 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
351 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
352 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
353
354 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
355 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
356 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
357 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
358
359 The output has been subject to swaps of the form
360 0 1 -> 3 1 but the odd and even bits have been put into
361 2 3 2 0
362 different words. The main trick is to remember that
363 t=((l>>size)^r)&(mask);
364 r^=t;
365 l^=(t<<size);
366 can be used to swap and move bits between words.
367
368 So l = 0 1 2 3 r = 16 17 18 19
369 4 5 6 7 20 21 22 23
370 8 9 10 11 24 25 26 27
371 12 13 14 15 28 29 30 31
372 becomes (for size == 2 and mask == 0x3333)
373 t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
374 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
375 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
376 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
377
378 Thanks for hints from Richard Outerbridge - he told me IP&FP
379 could be done in 15 xor, 10 shifts and 5 ands.
380 When I finally started to think of the problem in 2D
381 I first got ~42 operations without xors. When I remembered
382 how to use xors :-) I got it to its final state.
383 */
384#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
385 (b)^=(t),\
386 (a)^=((t)<<(n)))
387
388#define IP(l,r) \
389 { \
390 register DES_LONG tt; \
391 PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
392 PERM_OP(l,r,tt,16,0x0000ffffL); \
393 PERM_OP(r,l,tt, 2,0x33333333L); \
394 PERM_OP(l,r,tt, 8,0x00ff00ffL); \
395 PERM_OP(r,l,tt, 1,0x55555555L); \
396 }
397
398#define FP(l,r) \
399 { \
400 register DES_LONG tt; \
401 PERM_OP(l,r,tt, 1,0x55555555L); \
402 PERM_OP(r,l,tt, 8,0x00ff00ffL); \
403 PERM_OP(l,r,tt, 2,0x33333333L); \
404 PERM_OP(r,l,tt,16,0x0000ffffL); \
405 PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
406 }
407
408OPENSSL_EXTERN const DES_LONG des_SPtrans[8][64];
409
410void fcrypt_body(DES_LONG *out,des_key_schedule ks,
411 DES_LONG Eswap0, DES_LONG Eswap1);
412#endif
diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c
deleted file mode 100644
index fb28b97e1a..0000000000
--- a/src/lib/libcrypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,82 +0,0 @@
1/* crypto/des/ecb3_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output,
62 des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3,
63 int enc)
64 {
65 register DES_LONG l0,l1;
66 DES_LONG ll[2];
67 const unsigned char *in = &(*input)[0];
68 unsigned char *out = &(*output)[0];
69
70 c2l(in,l0);
71 c2l(in,l1);
72 ll[0]=l0;
73 ll[1]=l1;
74 if (enc)
75 des_encrypt3(ll,ks1,ks2,ks3);
76 else
77 des_decrypt3(ll,ks1,ks2,ks3);
78 l0=ll[0];
79 l1=ll[1];
80 l2c(l0,out);
81 l2c(l1,out);
82 }
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c
deleted file mode 100644
index d481327ef3..0000000000
--- a/src/lib/libcrypto/des/ecb_enc.c
+++ /dev/null
@@ -1,122 +0,0 @@
1/* crypto/des/ecb_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60#include "spr.h"
61#include <openssl/opensslv.h>
62
63OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
64OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
65
66const char *des_options(void)
67 {
68 static int init=1;
69 static char buf[32];
70
71 if (init)
72 {
73 const char *ptr,*unroll,*risc,*size;
74
75#ifdef DES_PTR
76 ptr="ptr";
77#else
78 ptr="idx";
79#endif
80#if defined(DES_RISC1) || defined(DES_RISC2)
81#ifdef DES_RISC1
82 risc="risc1";
83#endif
84#ifdef DES_RISC2
85 risc="risc2";
86#endif
87#else
88 risc="cisc";
89#endif
90#ifdef DES_UNROLL
91 unroll="16";
92#else
93 unroll="4";
94#endif
95 if (sizeof(DES_LONG) != sizeof(long))
96 size="int";
97 else
98 size="long";
99 sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
100 init=0;
101 }
102 return(buf);
103 }
104
105
106void des_ecb_encrypt(const_des_cblock *input, des_cblock *output,
107 des_key_schedule ks,
108 int enc)
109 {
110 register DES_LONG l;
111 DES_LONG ll[2];
112 const unsigned char *in = &(*input)[0];
113 unsigned char *out = &(*output)[0];
114
115 c2l(in,l); ll[0]=l;
116 c2l(in,l); ll[1]=l;
117 des_encrypt1(ll,ks,enc);
118 l=ll[0]; l2c(l,out);
119 l=ll[1]; l2c(l,out);
120 l=ll[0]=ll[1]=0;
121 }
122
diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c
deleted file mode 100644
index b98f7e17af..0000000000
--- a/src/lib/libcrypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,197 +0,0 @@
1/* ede_cbcm_enc.c */
2/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
3 * project 13 Feb 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/*
60
61This is an implementation of Triple DES Cipher Block Chaining with Output
62Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
63
64Note that there is a known attack on this by Biham and Knudsen but it takes
65a lot of work:
66
67http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
68
69*/
70
71#ifndef NO_DESCBCM
72#include "des_locl.h"
73
74void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
75 long length, des_key_schedule ks1, des_key_schedule ks2,
76 des_key_schedule ks3, des_cblock *ivec1, des_cblock *ivec2,
77 int enc)
78 {
79 register DES_LONG tin0,tin1;
80 register DES_LONG tout0,tout1,xor0,xor1,m0,m1;
81 register long l=length;
82 DES_LONG tin[2];
83 unsigned char *iv1,*iv2;
84
85 iv1 = &(*ivec1)[0];
86 iv2 = &(*ivec2)[0];
87
88 if (enc)
89 {
90 c2l(iv1,m0);
91 c2l(iv1,m1);
92 c2l(iv2,tout0);
93 c2l(iv2,tout1);
94 for (l-=8; l>=-7; l-=8)
95 {
96 tin[0]=m0;
97 tin[1]=m1;
98 des_encrypt1(tin,ks3,1);
99 m0=tin[0];
100 m1=tin[1];
101
102 if(l < 0)
103 {
104 c2ln(in,tin0,tin1,l+8);
105 }
106 else
107 {
108 c2l(in,tin0);
109 c2l(in,tin1);
110 }
111 tin0^=tout0;
112 tin1^=tout1;
113
114 tin[0]=tin0;
115 tin[1]=tin1;
116 des_encrypt1(tin,ks1,1);
117 tin[0]^=m0;
118 tin[1]^=m1;
119 des_encrypt1(tin,ks2,0);
120 tin[0]^=m0;
121 tin[1]^=m1;
122 des_encrypt1(tin,ks1,1);
123 tout0=tin[0];
124 tout1=tin[1];
125
126 l2c(tout0,out);
127 l2c(tout1,out);
128 }
129 iv1=&(*ivec1)[0];
130 l2c(m0,iv1);
131 l2c(m1,iv1);
132
133 iv2=&(*ivec2)[0];
134 l2c(tout0,iv2);
135 l2c(tout1,iv2);
136 }
137 else
138 {
139 register DES_LONG t0,t1;
140
141 c2l(iv1,m0);
142 c2l(iv1,m1);
143 c2l(iv2,xor0);
144 c2l(iv2,xor1);
145 for (l-=8; l>=-7; l-=8)
146 {
147 tin[0]=m0;
148 tin[1]=m1;
149 des_encrypt1(tin,ks3,1);
150 m0=tin[0];
151 m1=tin[1];
152
153 c2l(in,tin0);
154 c2l(in,tin1);
155
156 t0=tin0;
157 t1=tin1;
158
159 tin[0]=tin0;
160 tin[1]=tin1;
161 des_encrypt1(tin,ks1,0);
162 tin[0]^=m0;
163 tin[1]^=m1;
164 des_encrypt1(tin,ks2,1);
165 tin[0]^=m0;
166 tin[1]^=m1;
167 des_encrypt1(tin,ks1,0);
168 tout0=tin[0];
169 tout1=tin[1];
170
171 tout0^=xor0;
172 tout1^=xor1;
173 if(l < 0)
174 {
175 l2cn(tout0,tout1,out,l+8);
176 }
177 else
178 {
179 l2c(tout0,out);
180 l2c(tout1,out);
181 }
182 xor0=t0;
183 xor1=t1;
184 }
185
186 iv1=&(*ivec1)[0];
187 l2c(m0,iv1);
188 l2c(m1,iv1);
189
190 iv2=&(*ivec2)[0];
191 l2c(xor0,iv2);
192 l2c(xor1,iv2);
193 }
194 tin0=tin1=tout0=tout1=xor0=xor1=0;
195 tin[0]=tin[1]=0;
196 }
197#endif
diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c
deleted file mode 100644
index af2d9177d2..0000000000
--- a/src/lib/libcrypto/des/enc_read.c
+++ /dev/null
@@ -1,228 +0,0 @@
1/* crypto/des/enc_read.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include "des_locl.h"
63
64/* This has some uglies in it but it works - even over sockets. */
65/*extern int errno;*/
66OPENSSL_GLOBAL int des_rw_mode=DES_PCBC_MODE;
67
68
69/*
70 * WARNINGS:
71 *
72 * - The data format used by des_enc_write() and des_enc_read()
73 * has a cryptographic weakness: When asked to write more
74 * than MAXWRITE bytes, des_enc_write will split the data
75 * into several chunks that are all encrypted
76 * using the same IV. So don't use these functions unless you
77 * are sure you know what you do (in which case you might
78 * not want to use them anyway).
79 *
80 * - This code cannot handle non-blocking sockets.
81 *
82 * - This function uses an internal state and thus cannot be
83 * used on multiple files.
84 */
85
86
87int des_enc_read(int fd, void *buf, int len, des_key_schedule sched,
88 des_cblock *iv)
89 {
90 /* data to be unencrypted */
91 int net_num=0;
92 static unsigned char *net=NULL;
93 /* extra unencrypted data
94 * for when a block of 100 comes in but is des_read one byte at
95 * a time. */
96 static unsigned char *unnet=NULL;
97 static int unnet_start=0;
98 static int unnet_left=0;
99 static unsigned char *tmpbuf=NULL;
100 int i;
101 long num=0,rnum;
102 unsigned char *p;
103
104 if (tmpbuf == NULL)
105 {
106 tmpbuf=OPENSSL_malloc(BSIZE);
107 if (tmpbuf == NULL) return(-1);
108 }
109 if (net == NULL)
110 {
111 net=OPENSSL_malloc(BSIZE);
112 if (net == NULL) return(-1);
113 }
114 if (unnet == NULL)
115 {
116 unnet=OPENSSL_malloc(BSIZE);
117 if (unnet == NULL) return(-1);
118 }
119 /* left over data from last decrypt */
120 if (unnet_left != 0)
121 {
122 if (unnet_left < len)
123 {
124 /* we still still need more data but will return
125 * with the number of bytes we have - should always
126 * check the return value */
127 memcpy(buf,&(unnet[unnet_start]),
128 unnet_left);
129 /* eay 26/08/92 I had the next 2 lines
130 * reversed :-( */
131 i=unnet_left;
132 unnet_start=unnet_left=0;
133 }
134 else
135 {
136 memcpy(buf,&(unnet[unnet_start]),len);
137 unnet_start+=len;
138 unnet_left-=len;
139 i=len;
140 }
141 return(i);
142 }
143
144 /* We need to get more data. */
145 if (len > MAXWRITE) len=MAXWRITE;
146
147 /* first - get the length */
148 while (net_num < HDRSIZE)
149 {
150 i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
151#ifdef EINTR
152 if ((i == -1) && (errno == EINTR)) continue;
153#endif
154 if (i <= 0) return(0);
155 net_num+=i;
156 }
157
158 /* we now have at net_num bytes in net */
159 p=net;
160 /* num=0; */
161 n2l(p,num);
162 /* num should be rounded up to the next group of eight
163 * we make sure that we have read a multiple of 8 bytes from the net.
164 */
165 if ((num > MAXWRITE) || (num < 0)) /* error */
166 return(-1);
167 rnum=(num < 8)?8:((num+7)/8*8);
168
169 net_num=0;
170 while (net_num < rnum)
171 {
172 i=read(fd,(void *)&(net[net_num]),rnum-net_num);
173#ifdef EINTR
174 if ((i == -1) && (errno == EINTR)) continue;
175#endif
176 if (i <= 0) return(0);
177 net_num+=i;
178 }
179
180 /* Check if there will be data left over. */
181 if (len < num)
182 {
183 if (des_rw_mode & DES_PCBC_MODE)
184 des_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
185 else
186 des_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
187 memcpy(buf,unnet,len);
188 unnet_start=len;
189 unnet_left=num-len;
190
191 /* The following line is done because we return num
192 * as the number of bytes read. */
193 num=len;
194 }
195 else
196 {
197 /* >output is a multiple of 8 byes, if len < rnum
198 * >we must be careful. The user must be aware that this
199 * >routine will write more bytes than he asked for.
200 * >The length of the buffer must be correct.
201 * FIXED - Should be ok now 18-9-90 - eay */
202 if (len < rnum)
203 {
204
205 if (des_rw_mode & DES_PCBC_MODE)
206 des_pcbc_encrypt(net,tmpbuf,num,sched,iv,
207 DES_DECRYPT);
208 else
209 des_cbc_encrypt(net,tmpbuf,num,sched,iv,
210 DES_DECRYPT);
211
212 /* eay 26/08/92 fix a bug that returned more
213 * bytes than you asked for (returned len bytes :-( */
214 memcpy(buf,tmpbuf,num);
215 }
216 else
217 {
218 if (des_rw_mode & DES_PCBC_MODE)
219 des_pcbc_encrypt(net,buf,num,sched,iv,
220 DES_DECRYPT);
221 else
222 des_cbc_encrypt(net,buf,num,sched,iv,
223 DES_DECRYPT);
224 }
225 }
226 return num;
227 }
228
diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c
deleted file mode 100644
index cc2b50fb50..0000000000
--- a/src/lib/libcrypto/des/enc_writ.c
+++ /dev/null
@@ -1,171 +0,0 @@
1/* crypto/des/enc_writ.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <errno.h>
60#include <time.h>
61#include <stdio.h>
62#include "cryptlib.h"
63#include "des_locl.h"
64#include <openssl/rand.h>
65
66/*
67 * WARNINGS:
68 *
69 * - The data format used by des_enc_write() and des_enc_read()
70 * has a cryptographic weakness: When asked to write more
71 * than MAXWRITE bytes, des_enc_write will split the data
72 * into several chunks that are all encrypted
73 * using the same IV. So don't use these functions unless you
74 * are sure you know what you do (in which case you might
75 * not want to use them anyway).
76 *
77 * - This code cannot handle non-blocking sockets.
78 */
79
80int des_enc_write(int fd, const void *_buf, int len,
81 des_key_schedule sched, des_cblock *iv)
82 {
83#ifdef _LIBC
84 extern unsigned long time();
85 extern int write();
86#endif
87 const unsigned char *buf=_buf;
88 long rnum;
89 int i,j,k,outnum;
90 static unsigned char *outbuf=NULL;
91 unsigned char shortbuf[8];
92 unsigned char *p;
93 const unsigned char *cp;
94 static int start=1;
95
96 if (outbuf == NULL)
97 {
98 outbuf=OPENSSL_malloc(BSIZE+HDRSIZE);
99 if (outbuf == NULL) return(-1);
100 }
101 /* If we are sending less than 8 bytes, the same char will look
102 * the same if we don't pad it out with random bytes */
103 if (start)
104 {
105 start=0;
106 }
107
108 /* lets recurse if we want to send the data in small chunks */
109 if (len > MAXWRITE)
110 {
111 j=0;
112 for (i=0; i<len; i+=k)
113 {
114 k=des_enc_write(fd,&(buf[i]),
115 ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
116 if (k < 0)
117 return(k);
118 else
119 j+=k;
120 }
121 return(j);
122 }
123
124 /* write length first */
125 p=outbuf;
126 l2n(len,p);
127
128 /* pad short strings */
129 if (len < 8)
130 {
131 cp=shortbuf;
132 memcpy(shortbuf,buf,len);
133 RAND_pseudo_bytes(shortbuf+len, 8-len);
134 rnum=8;
135 }
136 else
137 {
138 cp=buf;
139 rnum=((len+7)/8*8); /* round up to nearest eight */
140 }
141
142 if (des_rw_mode & DES_PCBC_MODE)
143 des_pcbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
144 DES_ENCRYPT);
145 else
146 des_cbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
147 DES_ENCRYPT);
148
149 /* output */
150 outnum=rnum+HDRSIZE;
151
152 for (j=0; j<outnum; j+=i)
153 {
154 /* eay 26/08/92 I was not doing writing from where we
155 * got up to. */
156 i=write(fd,(void *)&(outbuf[j]),outnum-j);
157 if (i == -1)
158 {
159#ifdef EINTR
160 if (errno == EINTR)
161 i=0;
162 else
163#endif
164 /* This is really a bad error - very bad
165 * It will stuff-up both ends. */
166 return(-1);
167 }
168 }
169
170 return(len);
171 }
diff --git a/src/lib/libcrypto/des/fcrypt.c b/src/lib/libcrypto/des/fcrypt.c
deleted file mode 100644
index 9b21f81cc2..0000000000
--- a/src/lib/libcrypto/des/fcrypt.c
+++ /dev/null
@@ -1,152 +0,0 @@
1/* NOCW */
2#include <stdio.h>
3
4/* This version of crypt has been developed from my MIT compatible
5 * DES library.
6 * Eric Young (eay@cryptsoft.com)
7 */
8
9/* Modification by Jens Kupferschmidt (Cu)
10 * I have included directive PARA for shared memory computers.
11 * I have included a directive LONGCRYPT to using this routine to cipher
12 * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
13 * definition is the maximum of length of password and can changed. I have
14 * defined 24.
15 */
16
17#include "des_locl.h"
18
19/* Added more values to handle illegal salt values the way normal
20 * crypt() implementations do. The patch was sent by
21 * Bjorn Gronvall <bg@sics.se>
22 */
23static unsigned const char con_salt[128]={
240xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
250xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
260xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
270xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
280xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
290xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
300x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
310x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
320x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
330x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
340x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
350x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
360x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
370x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
380x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
390x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
40};
41
42static unsigned const char cov_2char[64]={
430x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
440x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
450x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
460x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
470x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
480x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
490x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
500x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
51};
52
53#ifndef NOPROTO
54void fcrypt_body(DES_LONG *out,des_key_schedule ks,
55 DES_LONG Eswap0, DES_LONG Eswap1);
56
57#if defined(PERL5) || defined(FreeBSD) || defined(__OpenBSD__)
58char *des_crypt(const char *buf,const char *salt);
59#else
60char *crypt(const char *buf,const char *salt);
61#endif
62#else
63void fcrypt_body();
64#ifdef PERL5
65char *des_crypt();
66#else
67char *crypt();
68#endif
69#endif
70
71#if defined(PERL5) || defined(FreeBSD) || defined(__OpenBSD__)
72char *des_crypt(buf,salt)
73#else
74char *crypt(buf,salt)
75#endif
76const char *buf;
77const char *salt;
78 {
79 static char buff[14];
80
81 return(des_fcrypt(buf,salt,buff));
82 }
83
84
85char *des_fcrypt(buf,salt,ret)
86const char *buf;
87const char *salt;
88char *ret;
89 {
90 unsigned int i,j,x,y;
91 DES_LONG Eswap0,Eswap1;
92 DES_LONG out[2],ll;
93 des_cblock key;
94 des_key_schedule ks;
95 unsigned char bb[9];
96 unsigned char *b=bb;
97 unsigned char c,u;
98
99 /* eay 25/08/92
100 * If you call crypt("pwd","*") as often happens when you
101 * have * as the pwd field in /etc/passwd, the function
102 * returns *\0XXXXXXXXX
103 * The \0 makes the string look like * so the pwd "*" would
104 * crypt to "*". This was found when replacing the crypt in
105 * our shared libraries. People found that the disabled
106 * accounts effectively had no passwd :-(. */
107 x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
108 Eswap0=con_salt[x]<<2;
109 x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
110 Eswap1=con_salt[x]<<6;
111
112/* EAY
113r=strlen(buf);
114r=(r+7)/8;
115*/
116 for (i=0; i<8; i++)
117 {
118 c= *(buf++);
119 if (!c) break;
120 key[i]=(c<<1);
121 }
122 for (; i<8; i++)
123 key[i]=0;
124
125 des_set_key_unchecked(&key,ks);
126 fcrypt_body(&(out[0]),ks,Eswap0,Eswap1);
127
128 ll=out[0]; l2c(ll,b);
129 ll=out[1]; l2c(ll,b);
130 y=0;
131 u=0x80;
132 bb[8]=0;
133 for (i=2; i<13; i++)
134 {
135 c=0;
136 for (j=0; j<6; j++)
137 {
138 c<<=1;
139 if (bb[y] & u) c|=1;
140 u>>=1;
141 if (!u)
142 {
143 y++;
144 u=0x80;
145 }
146 }
147 ret[i]=cov_2char[c];
148 }
149 ret[13]='\0';
150 return(ret);
151 }
152
diff --git a/src/lib/libcrypto/des/fcrypt_b.c b/src/lib/libcrypto/des/fcrypt_b.c
deleted file mode 100644
index 22c87f5983..0000000000
--- a/src/lib/libcrypto/des/fcrypt_b.c
+++ /dev/null
@@ -1,145 +0,0 @@
1/* crypto/des/fcrypt_b.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61/* This version of crypt has been developed from my MIT compatible
62 * DES library.
63 * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
64 * Eric Young (eay@cryptsoft.com)
65 */
66
67#define DES_FCRYPT
68#include "des_locl.h"
69#undef DES_FCRYPT
70
71#undef PERM_OP
72#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
73 (b)^=(t),\
74 (a)^=((t)<<(n)))
75
76#undef HPERM_OP
77#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
78 (a)=(a)^(t)^(t>>(16-(n))))\
79
80void fcrypt_body(DES_LONG *out, des_key_schedule ks, DES_LONG Eswap0,
81 DES_LONG Eswap1)
82 {
83 register DES_LONG l,r,t,u;
84#ifdef DES_PTR
85 register const unsigned char *des_SP=(const unsigned char *)des_SPtrans;
86#endif
87 register DES_LONG *s;
88 register int j;
89 register DES_LONG E0,E1;
90
91 l=0;
92 r=0;
93
94 s=(DES_LONG *)ks;
95 E0=Eswap0;
96 E1=Eswap1;
97
98 for (j=0; j<25; j++)
99 {
100#ifndef DES_UNROLL
101 register int i;
102
103 for (i=0; i<32; i+=8)
104 {
105 D_ENCRYPT(l,r,i+0); /* 1 */
106 D_ENCRYPT(r,l,i+2); /* 2 */
107 D_ENCRYPT(l,r,i+4); /* 1 */
108 D_ENCRYPT(r,l,i+6); /* 2 */
109 }
110#else
111 D_ENCRYPT(l,r, 0); /* 1 */
112 D_ENCRYPT(r,l, 2); /* 2 */
113 D_ENCRYPT(l,r, 4); /* 3 */
114 D_ENCRYPT(r,l, 6); /* 4 */
115 D_ENCRYPT(l,r, 8); /* 5 */
116 D_ENCRYPT(r,l,10); /* 6 */
117 D_ENCRYPT(l,r,12); /* 7 */
118 D_ENCRYPT(r,l,14); /* 8 */
119 D_ENCRYPT(l,r,16); /* 9 */
120 D_ENCRYPT(r,l,18); /* 10 */
121 D_ENCRYPT(l,r,20); /* 11 */
122 D_ENCRYPT(r,l,22); /* 12 */
123 D_ENCRYPT(l,r,24); /* 13 */
124 D_ENCRYPT(r,l,26); /* 14 */
125 D_ENCRYPT(l,r,28); /* 15 */
126 D_ENCRYPT(r,l,30); /* 16 */
127#endif
128
129 t=l;
130 l=r;
131 r=t;
132 }
133 l=ROTATE(l,3)&0xffffffffL;
134 r=ROTATE(r,3)&0xffffffffL;
135
136 PERM_OP(l,r,t, 1,0x55555555L);
137 PERM_OP(r,l,t, 8,0x00ff00ffL);
138 PERM_OP(l,r,t, 2,0x33333333L);
139 PERM_OP(r,l,t,16,0x0000ffffL);
140 PERM_OP(l,r,t, 4,0x0f0f0f0fL);
141
142 out[0]=r;
143 out[1]=l;
144 }
145
diff --git a/src/lib/libcrypto/des/ncbc_enc.c b/src/lib/libcrypto/des/ncbc_enc.c
deleted file mode 100644
index b8db07b199..0000000000
--- a/src/lib/libcrypto/des/ncbc_enc.c
+++ /dev/null
@@ -1,148 +0,0 @@
1/* crypto/des/ncbc_enc.c */
2/*
3 * #included by:
4 * cbc_enc.c (des_cbc_encrypt)
5 * des_enc.c (des_ncbc_encrypt)
6 */
7/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
8 * All rights reserved.
9 *
10 * This package is an SSL implementation written
11 * by Eric Young (eay@cryptsoft.com).
12 * The implementation was written so as to conform with Netscapes SSL.
13 *
14 * This library is free for commercial and non-commercial use as long as
15 * the following conditions are aheared to. The following conditions
16 * apply to all code found in this distribution, be it the RC4, RSA,
17 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
18 * included with this distribution is covered by the same copyright terms
19 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
20 *
21 * Copyright remains Eric Young's, and as such any Copyright notices in
22 * the code are not to be removed.
23 * If this package is used in a product, Eric Young should be given attribution
24 * as the author of the parts of the library used.
25 * This can be in the form of a textual message at program startup or
26 * in documentation (online or textual) provided with the package.
27 *
28 * Redistribution and use in source and binary forms, with or without
29 * modification, are permitted provided that the following conditions
30 * are met:
31 * 1. Redistributions of source code must retain the copyright
32 * notice, this list of conditions and the following disclaimer.
33 * 2. Redistributions in binary form must reproduce the above copyright
34 * notice, this list of conditions and the following disclaimer in the
35 * documentation and/or other materials provided with the distribution.
36 * 3. All advertising materials mentioning features or use of this software
37 * must display the following acknowledgement:
38 * "This product includes cryptographic software written by
39 * Eric Young (eay@cryptsoft.com)"
40 * The word 'cryptographic' can be left out if the rouines from the library
41 * being used are not cryptographic related :-).
42 * 4. If you include any Windows specific code (or a derivative thereof) from
43 * the apps directory (application code) you must include an acknowledgement:
44 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
45 *
46 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 *
58 * The licence and distribution terms for any publically available version or
59 * derivative of this code cannot be changed. i.e. this code cannot simply be
60 * copied and put under another distribution licence
61 * [including the GNU Public Licence.]
62 */
63
64#include "des_locl.h"
65
66#ifdef CBC_ENC_C__DONT_UPDATE_IV
67void des_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
68 des_key_schedule schedule, des_cblock *ivec, int enc)
69#else
70void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
71 des_key_schedule schedule, des_cblock *ivec, int enc)
72#endif
73 {
74 register DES_LONG tin0,tin1;
75 register DES_LONG tout0,tout1,xor0,xor1;
76 register long l=length;
77 DES_LONG tin[2];
78 unsigned char *iv;
79
80 iv = &(*ivec)[0];
81
82 if (enc)
83 {
84 c2l(iv,tout0);
85 c2l(iv,tout1);
86 for (l-=8; l>=0; l-=8)
87 {
88 c2l(in,tin0);
89 c2l(in,tin1);
90 tin0^=tout0; tin[0]=tin0;
91 tin1^=tout1; tin[1]=tin1;
92 des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
93 tout0=tin[0]; l2c(tout0,out);
94 tout1=tin[1]; l2c(tout1,out);
95 }
96 if (l != -8)
97 {
98 c2ln(in,tin0,tin1,l+8);
99 tin0^=tout0; tin[0]=tin0;
100 tin1^=tout1; tin[1]=tin1;
101 des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
102 tout0=tin[0]; l2c(tout0,out);
103 tout1=tin[1]; l2c(tout1,out);
104 }
105#ifndef CBC_ENC_C__DONT_UPDATE_IV
106 iv = &(*ivec)[0];
107 l2c(tout0,iv);
108 l2c(tout1,iv);
109#endif
110 }
111 else
112 {
113 c2l(iv,xor0);
114 c2l(iv,xor1);
115 for (l-=8; l>=0; l-=8)
116 {
117 c2l(in,tin0); tin[0]=tin0;
118 c2l(in,tin1); tin[1]=tin1;
119 des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
120 tout0=tin[0]^xor0;
121 tout1=tin[1]^xor1;
122 l2c(tout0,out);
123 l2c(tout1,out);
124 xor0=tin0;
125 xor1=tin1;
126 }
127 if (l != -8)
128 {
129 c2l(in,tin0); tin[0]=tin0;
130 c2l(in,tin1); tin[1]=tin1;
131 des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
132 tout0=tin[0]^xor0;
133 tout1=tin[1]^xor1;
134 l2cn(tout0,tout1,out,l+8);
135#ifndef CBC_ENC_C__DONT_UPDATE_IV
136 xor0=tin0;
137 xor1=tin1;
138#endif
139 }
140#ifndef CBC_ENC_C__DONT_UPDATE_IV
141 iv = &(*ivec)[0];
142 l2c(xor0,iv);
143 l2c(xor1,iv);
144#endif
145 }
146 tin0=tin1=tout0=tout1=xor0=xor1=0;
147 tin[0]=tin[1]=0;
148 }
diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c
deleted file mode 100644
index 6eafe908da..0000000000
--- a/src/lib/libcrypto/des/ofb64ede.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* crypto/des/ofb64ede.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* The input and output encrypted as though 64bit ofb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65void des_ede3_ofb64_encrypt(register const unsigned char *in,
66 register unsigned char *out, long length, des_key_schedule k1,
67 des_key_schedule k2, des_key_schedule k3, des_cblock *ivec,
68 int *num)
69 {
70 register DES_LONG v0,v1;
71 register int n= *num;
72 register long l=length;
73 des_cblock d;
74 register char *dp;
75 DES_LONG ti[2];
76 unsigned char *iv;
77 int save=0;
78
79 iv = &(*ivec)[0];
80 c2l(iv,v0);
81 c2l(iv,v1);
82 ti[0]=v0;
83 ti[1]=v1;
84 dp=(char *)d;
85 l2c(v0,dp);
86 l2c(v1,dp);
87 while (l--)
88 {
89 if (n == 0)
90 {
91 /* ti[0]=v0; */
92 /* ti[1]=v1; */
93 des_encrypt3(ti,k1,k2,k3);
94 v0=ti[0];
95 v1=ti[1];
96
97 dp=(char *)d;
98 l2c(v0,dp);
99 l2c(v1,dp);
100 save++;
101 }
102 *(out++)= *(in++)^d[n];
103 n=(n+1)&0x07;
104 }
105 if (save)
106 {
107/* v0=ti[0];
108 v1=ti[1];*/
109 iv = &(*ivec)[0];
110 l2c(v0,iv);
111 l2c(v1,iv);
112 }
113 v0=v1=ti[0]=ti[1]=0;
114 *num=n;
115 }
116
117#ifdef undef /* MACRO */
118void des_ede2_ofb64_encrypt(register unsigned char *in,
119 register unsigned char *out, long length, des_key_schedule k1,
120 des_key_schedule k2, des_cblock (*ivec), int *num)
121 {
122 des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
123 }
124#endif
diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c
deleted file mode 100644
index 1a1d1f1ac4..0000000000
--- a/src/lib/libcrypto/des/ofb64enc.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* crypto/des/ofb64enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* The input and output encrypted as though 64bit ofb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65void des_ofb64_encrypt(register const unsigned char *in,
66 register unsigned char *out, long length, des_key_schedule schedule,
67 des_cblock *ivec, int *num)
68 {
69 register DES_LONG v0,v1,t;
70 register int n= *num;
71 register long l=length;
72 des_cblock d;
73 register unsigned char *dp;
74 DES_LONG ti[2];
75 unsigned char *iv;
76 int save=0;
77
78 iv = &(*ivec)[0];
79 c2l(iv,v0);
80 c2l(iv,v1);
81 ti[0]=v0;
82 ti[1]=v1;
83 dp=d;
84 l2c(v0,dp);
85 l2c(v1,dp);
86 while (l--)
87 {
88 if (n == 0)
89 {
90 des_encrypt1(ti,schedule,DES_ENCRYPT);
91 dp=d;
92 t=ti[0]; l2c(t,dp);
93 t=ti[1]; l2c(t,dp);
94 save++;
95 }
96 *(out++)= *(in++)^d[n];
97 n=(n+1)&0x07;
98 }
99 if (save)
100 {
101 v0=ti[0];
102 v1=ti[1];
103 iv = &(*ivec)[0];
104 l2c(v0,iv);
105 l2c(v1,iv);
106 }
107 t=v0=v1=ti[0]=ti[1]=0;
108 *num=n;
109 }
110
diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c
deleted file mode 100644
index 70493e632c..0000000000
--- a/src/lib/libcrypto/des/ofb_enc.c
+++ /dev/null
@@ -1,134 +0,0 @@
1/* crypto/des/ofb_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* The input and output are loaded in multiples of 8 bits.
62 * What this means is that if you hame numbits=12 and length=2
63 * the first 12 bits will be retrieved from the first byte and half
64 * the second. The second 12 bits will come from the 3rd and half the 4th
65 * byte.
66 */
67void des_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
68 long length, des_key_schedule schedule, des_cblock *ivec)
69 {
70 register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
71 register DES_LONG mask0,mask1;
72 register long l=length;
73 register int num=numbits;
74 DES_LONG ti[2];
75 unsigned char *iv;
76
77 if (num > 64) return;
78 if (num > 32)
79 {
80 mask0=0xffffffffL;
81 if (num >= 64)
82 mask1=mask0;
83 else
84 mask1=(1L<<(num-32))-1;
85 }
86 else
87 {
88 if (num == 32)
89 mask0=0xffffffffL;
90 else
91 mask0=(1L<<num)-1;
92 mask1=0x00000000L;
93 }
94
95 iv = &(*ivec)[0];
96 c2l(iv,v0);
97 c2l(iv,v1);
98 ti[0]=v0;
99 ti[1]=v1;
100 while (l-- > 0)
101 {
102 ti[0]=v0;
103 ti[1]=v1;
104 des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
105 vv0=ti[0];
106 vv1=ti[1];
107 c2ln(in,d0,d1,n);
108 in+=n;
109 d0=(d0^vv0)&mask0;
110 d1=(d1^vv1)&mask1;
111 l2cn(d0,d1,out,n);
112 out+=n;
113
114 if (num == 32)
115 { v0=v1; v1=vv0; }
116 else if (num == 64)
117 { v0=vv0; v1=vv1; }
118 else if (num > 32) /* && num != 64 */
119 {
120 v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
121 v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
122 }
123 else /* num < 32 */
124 {
125 v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
126 v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
127 }
128 }
129 iv = &(*ivec)[0];
130 l2c(v0,iv);
131 l2c(v1,iv);
132 v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
133 }
134
diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c
deleted file mode 100644
index 5b987f074d..0000000000
--- a/src/lib/libcrypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,122 +0,0 @@
1/* crypto/des/pcbc_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61void des_pcbc_encrypt(const unsigned char *input, unsigned char *output,
62 long length, des_key_schedule schedule, des_cblock *ivec, int enc)
63 {
64 register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
65 DES_LONG tin[2];
66 const unsigned char *in;
67 unsigned char *out,*iv;
68
69 in=input;
70 out=output;
71 iv = &(*ivec)[0];
72
73 if (enc)
74 {
75 c2l(iv,xor0);
76 c2l(iv,xor1);
77 for (; length>0; length-=8)
78 {
79 if (length >= 8)
80 {
81 c2l(in,sin0);
82 c2l(in,sin1);
83 }
84 else
85 c2ln(in,sin0,sin1,length);
86 tin[0]=sin0^xor0;
87 tin[1]=sin1^xor1;
88 des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
89 tout0=tin[0];
90 tout1=tin[1];
91 xor0=sin0^tout0;
92 xor1=sin1^tout1;
93 l2c(tout0,out);
94 l2c(tout1,out);
95 }
96 }
97 else
98 {
99 c2l(iv,xor0); c2l(iv,xor1);
100 for (; length>0; length-=8)
101 {
102 c2l(in,sin0);
103 c2l(in,sin1);
104 tin[0]=sin0;
105 tin[1]=sin1;
106 des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
107 tout0=tin[0]^xor0;
108 tout1=tin[1]^xor1;
109 if (length >= 8)
110 {
111 l2c(tout0,out);
112 l2c(tout1,out);
113 }
114 else
115 l2cn(tout0,tout1,out,length);
116 xor0=tout0^sin0;
117 xor1=tout1^sin1;
118 }
119 }
120 tin[0]=tin[1]=0;
121 sin0=sin1=xor0=xor1=tout0=tout1=0;
122 }
diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/qud_cksm.c
deleted file mode 100644
index 9fff989edb..0000000000
--- a/src/lib/libcrypto/des/qud_cksm.c
+++ /dev/null
@@ -1,139 +0,0 @@
1/* crypto/des/qud_cksm.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
60 * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
61 * This module in only based on the code in this paper and is
62 * almost definitely not the same as the MIT implementation.
63 */
64#include "des_locl.h"
65
66/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
67#define Q_B0(a) (((DES_LONG)(a)))
68#define Q_B1(a) (((DES_LONG)(a))<<8)
69#define Q_B2(a) (((DES_LONG)(a))<<16)
70#define Q_B3(a) (((DES_LONG)(a))<<24)
71
72/* used to scramble things a bit */
73/* Got the value MIT uses via brute force :-) 2/10/90 eay */
74#define NOISE ((DES_LONG)83653421L)
75
76DES_LONG des_quad_cksum(const unsigned char *input, des_cblock output[],
77 long length, int out_count, des_cblock *seed)
78 {
79 DES_LONG z0,z1,t0,t1;
80 int i;
81 long l;
82 const unsigned char *cp;
83#ifdef _CRAY
84 struct lp_st { int a:32; int b:32; } *lp;
85#else
86 DES_LONG *lp;
87#endif
88
89 if (out_count < 1) out_count=1;
90#ifdef _CRAY
91 lp = (struct lp_st *) &(output[0])[0];
92#else
93 lp = (DES_LONG *) &(output[0])[0];
94#endif
95
96 z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
97 z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
98
99 for (i=0; ((i<4)&&(i<out_count)); i++)
100 {
101 cp=input;
102 l=length;
103 while (l > 0)
104 {
105 if (l > 1)
106 {
107 t0= (DES_LONG)(*(cp++));
108 t0|=(DES_LONG)Q_B1(*(cp++));
109 l--;
110 }
111 else
112 t0= (DES_LONG)(*(cp++));
113 l--;
114 /* add */
115 t0+=z0;
116 t0&=0xffffffffL;
117 t1=z1;
118 /* square, well sort of square */
119 z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
120 &0xffffffffL)%0x7fffffffL;
121 z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
122 }
123 if (lp != NULL)
124 {
125 /* The MIT library assumes that the checksum is
126 * composed of 2*out_count 32 bit ints */
127#ifdef _CRAY
128 (*lp).a = z0;
129 (*lp).b = z1;
130 lp++;
131#else
132 *lp++ = z0;
133 *lp++ = z1;
134#endif
135 }
136 }
137 return(z0);
138 }
139
diff --git a/src/lib/libcrypto/des/rand_key.c b/src/lib/libcrypto/des/rand_key.c
deleted file mode 100644
index ee1a6c274e..0000000000
--- a/src/lib/libcrypto/des/rand_key.c
+++ /dev/null
@@ -1,73 +0,0 @@
1/* crypto/des/rand_key.c */
2/* ====================================================================
3 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/des.h>
57#include <openssl/rand.h>
58
59void des_random_seed(des_cblock *key)
60 {
61 RAND_seed(key, sizeof(des_cblock));
62 }
63
64int des_random_key(des_cblock *ret)
65 {
66 do
67 {
68 if (RAND_bytes((unsigned char *)ret, sizeof(des_cblock)) != 1)
69 return (0);
70 } while (des_is_weak_key(ret));
71 des_set_odd_parity(ret);
72 return (1);
73 }
diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c
deleted file mode 100644
index 09afd4fc03..0000000000
--- a/src/lib/libcrypto/des/set_key.c
+++ /dev/null
@@ -1,402 +0,0 @@
1/* crypto/des/set_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* set_key.c v 1.4 eay 24/9/91
60 * 1.4 Speed up by 400% :-)
61 * 1.3 added register declarations.
62 * 1.2 unrolled make_key_sched a bit more
63 * 1.1 added norm_expand_bits
64 * 1.0 First working version
65 */
66#include "des_locl.h"
67
68OPENSSL_GLOBAL int des_check_key=0;
69
70static const unsigned char odd_parity[256]={
71 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
72 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
73 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
74 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
75 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
76 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
77 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
78112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
79128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
80145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
81161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
82176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
83193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
84208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
85224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
86241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
87
88void des_set_odd_parity(des_cblock *key)
89 {
90 int i;
91
92 for (i=0; i<DES_KEY_SZ; i++)
93 (*key)[i]=odd_parity[(*key)[i]];
94 }
95
96int des_check_key_parity(const_des_cblock *key)
97 {
98 int i;
99
100 for (i=0; i<DES_KEY_SZ; i++)
101 {
102 if ((*key)[i] != odd_parity[(*key)[i]])
103 return(0);
104 }
105 return(1);
106 }
107
108/* Weak and semi week keys as take from
109 * %A D.W. Davies
110 * %A W.L. Price
111 * %T Security for Computer Networks
112 * %I John Wiley & Sons
113 * %D 1984
114 * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
115 * (and actual cblock values).
116 */
117#define NUM_WEAK_KEY 16
118static des_cblock weak_keys[NUM_WEAK_KEY]={
119 /* weak keys */
120 {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
121 {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
122 {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
123 {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
124 /* semi-weak keys */
125 {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
126 {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
127 {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
128 {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
129 {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
130 {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
131 {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
132 {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
133 {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
134 {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
135 {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
136 {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
137
138int des_is_weak_key(const_des_cblock *key)
139 {
140 int i;
141
142 for (i=0; i<NUM_WEAK_KEY; i++)
143 /* Added == 0 to comparison, I obviously don't run
144 * this section very often :-(, thanks to
145 * engineering@MorningStar.Com for the fix
146 * eay 93/06/29
147 * Another problem, I was comparing only the first 4
148 * bytes, 97/03/18 */
149 if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
150 return(0);
151 }
152
153/* NOW DEFINED IN des_local.h
154 * See ecb_encrypt.c for a pseudo description of these macros.
155 * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
156 * (b)^=(t),\
157 * (a)=((a)^((t)<<(n))))
158 */
159
160#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
161 (a)=(a)^(t)^(t>>(16-(n))))
162
163static const DES_LONG des_skb[8][64]={
164 {
165 /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
166 0x00000000L,0x00000010L,0x20000000L,0x20000010L,
167 0x00010000L,0x00010010L,0x20010000L,0x20010010L,
168 0x00000800L,0x00000810L,0x20000800L,0x20000810L,
169 0x00010800L,0x00010810L,0x20010800L,0x20010810L,
170 0x00000020L,0x00000030L,0x20000020L,0x20000030L,
171 0x00010020L,0x00010030L,0x20010020L,0x20010030L,
172 0x00000820L,0x00000830L,0x20000820L,0x20000830L,
173 0x00010820L,0x00010830L,0x20010820L,0x20010830L,
174 0x00080000L,0x00080010L,0x20080000L,0x20080010L,
175 0x00090000L,0x00090010L,0x20090000L,0x20090010L,
176 0x00080800L,0x00080810L,0x20080800L,0x20080810L,
177 0x00090800L,0x00090810L,0x20090800L,0x20090810L,
178 0x00080020L,0x00080030L,0x20080020L,0x20080030L,
179 0x00090020L,0x00090030L,0x20090020L,0x20090030L,
180 0x00080820L,0x00080830L,0x20080820L,0x20080830L,
181 0x00090820L,0x00090830L,0x20090820L,0x20090830L,
182 },{
183 /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
184 0x00000000L,0x02000000L,0x00002000L,0x02002000L,
185 0x00200000L,0x02200000L,0x00202000L,0x02202000L,
186 0x00000004L,0x02000004L,0x00002004L,0x02002004L,
187 0x00200004L,0x02200004L,0x00202004L,0x02202004L,
188 0x00000400L,0x02000400L,0x00002400L,0x02002400L,
189 0x00200400L,0x02200400L,0x00202400L,0x02202400L,
190 0x00000404L,0x02000404L,0x00002404L,0x02002404L,
191 0x00200404L,0x02200404L,0x00202404L,0x02202404L,
192 0x10000000L,0x12000000L,0x10002000L,0x12002000L,
193 0x10200000L,0x12200000L,0x10202000L,0x12202000L,
194 0x10000004L,0x12000004L,0x10002004L,0x12002004L,
195 0x10200004L,0x12200004L,0x10202004L,0x12202004L,
196 0x10000400L,0x12000400L,0x10002400L,0x12002400L,
197 0x10200400L,0x12200400L,0x10202400L,0x12202400L,
198 0x10000404L,0x12000404L,0x10002404L,0x12002404L,
199 0x10200404L,0x12200404L,0x10202404L,0x12202404L,
200 },{
201 /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
202 0x00000000L,0x00000001L,0x00040000L,0x00040001L,
203 0x01000000L,0x01000001L,0x01040000L,0x01040001L,
204 0x00000002L,0x00000003L,0x00040002L,0x00040003L,
205 0x01000002L,0x01000003L,0x01040002L,0x01040003L,
206 0x00000200L,0x00000201L,0x00040200L,0x00040201L,
207 0x01000200L,0x01000201L,0x01040200L,0x01040201L,
208 0x00000202L,0x00000203L,0x00040202L,0x00040203L,
209 0x01000202L,0x01000203L,0x01040202L,0x01040203L,
210 0x08000000L,0x08000001L,0x08040000L,0x08040001L,
211 0x09000000L,0x09000001L,0x09040000L,0x09040001L,
212 0x08000002L,0x08000003L,0x08040002L,0x08040003L,
213 0x09000002L,0x09000003L,0x09040002L,0x09040003L,
214 0x08000200L,0x08000201L,0x08040200L,0x08040201L,
215 0x09000200L,0x09000201L,0x09040200L,0x09040201L,
216 0x08000202L,0x08000203L,0x08040202L,0x08040203L,
217 0x09000202L,0x09000203L,0x09040202L,0x09040203L,
218 },{
219 /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
220 0x00000000L,0x00100000L,0x00000100L,0x00100100L,
221 0x00000008L,0x00100008L,0x00000108L,0x00100108L,
222 0x00001000L,0x00101000L,0x00001100L,0x00101100L,
223 0x00001008L,0x00101008L,0x00001108L,0x00101108L,
224 0x04000000L,0x04100000L,0x04000100L,0x04100100L,
225 0x04000008L,0x04100008L,0x04000108L,0x04100108L,
226 0x04001000L,0x04101000L,0x04001100L,0x04101100L,
227 0x04001008L,0x04101008L,0x04001108L,0x04101108L,
228 0x00020000L,0x00120000L,0x00020100L,0x00120100L,
229 0x00020008L,0x00120008L,0x00020108L,0x00120108L,
230 0x00021000L,0x00121000L,0x00021100L,0x00121100L,
231 0x00021008L,0x00121008L,0x00021108L,0x00121108L,
232 0x04020000L,0x04120000L,0x04020100L,0x04120100L,
233 0x04020008L,0x04120008L,0x04020108L,0x04120108L,
234 0x04021000L,0x04121000L,0x04021100L,0x04121100L,
235 0x04021008L,0x04121008L,0x04021108L,0x04121108L,
236 },{
237 /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
238 0x00000000L,0x10000000L,0x00010000L,0x10010000L,
239 0x00000004L,0x10000004L,0x00010004L,0x10010004L,
240 0x20000000L,0x30000000L,0x20010000L,0x30010000L,
241 0x20000004L,0x30000004L,0x20010004L,0x30010004L,
242 0x00100000L,0x10100000L,0x00110000L,0x10110000L,
243 0x00100004L,0x10100004L,0x00110004L,0x10110004L,
244 0x20100000L,0x30100000L,0x20110000L,0x30110000L,
245 0x20100004L,0x30100004L,0x20110004L,0x30110004L,
246 0x00001000L,0x10001000L,0x00011000L,0x10011000L,
247 0x00001004L,0x10001004L,0x00011004L,0x10011004L,
248 0x20001000L,0x30001000L,0x20011000L,0x30011000L,
249 0x20001004L,0x30001004L,0x20011004L,0x30011004L,
250 0x00101000L,0x10101000L,0x00111000L,0x10111000L,
251 0x00101004L,0x10101004L,0x00111004L,0x10111004L,
252 0x20101000L,0x30101000L,0x20111000L,0x30111000L,
253 0x20101004L,0x30101004L,0x20111004L,0x30111004L,
254 },{
255 /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
256 0x00000000L,0x08000000L,0x00000008L,0x08000008L,
257 0x00000400L,0x08000400L,0x00000408L,0x08000408L,
258 0x00020000L,0x08020000L,0x00020008L,0x08020008L,
259 0x00020400L,0x08020400L,0x00020408L,0x08020408L,
260 0x00000001L,0x08000001L,0x00000009L,0x08000009L,
261 0x00000401L,0x08000401L,0x00000409L,0x08000409L,
262 0x00020001L,0x08020001L,0x00020009L,0x08020009L,
263 0x00020401L,0x08020401L,0x00020409L,0x08020409L,
264 0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
265 0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
266 0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
267 0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
268 0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
269 0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
270 0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
271 0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
272 },{
273 /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
274 0x00000000L,0x00000100L,0x00080000L,0x00080100L,
275 0x01000000L,0x01000100L,0x01080000L,0x01080100L,
276 0x00000010L,0x00000110L,0x00080010L,0x00080110L,
277 0x01000010L,0x01000110L,0x01080010L,0x01080110L,
278 0x00200000L,0x00200100L,0x00280000L,0x00280100L,
279 0x01200000L,0x01200100L,0x01280000L,0x01280100L,
280 0x00200010L,0x00200110L,0x00280010L,0x00280110L,
281 0x01200010L,0x01200110L,0x01280010L,0x01280110L,
282 0x00000200L,0x00000300L,0x00080200L,0x00080300L,
283 0x01000200L,0x01000300L,0x01080200L,0x01080300L,
284 0x00000210L,0x00000310L,0x00080210L,0x00080310L,
285 0x01000210L,0x01000310L,0x01080210L,0x01080310L,
286 0x00200200L,0x00200300L,0x00280200L,0x00280300L,
287 0x01200200L,0x01200300L,0x01280200L,0x01280300L,
288 0x00200210L,0x00200310L,0x00280210L,0x00280310L,
289 0x01200210L,0x01200310L,0x01280210L,0x01280310L,
290 },{
291 /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
292 0x00000000L,0x04000000L,0x00040000L,0x04040000L,
293 0x00000002L,0x04000002L,0x00040002L,0x04040002L,
294 0x00002000L,0x04002000L,0x00042000L,0x04042000L,
295 0x00002002L,0x04002002L,0x00042002L,0x04042002L,
296 0x00000020L,0x04000020L,0x00040020L,0x04040020L,
297 0x00000022L,0x04000022L,0x00040022L,0x04040022L,
298 0x00002020L,0x04002020L,0x00042020L,0x04042020L,
299 0x00002022L,0x04002022L,0x00042022L,0x04042022L,
300 0x00000800L,0x04000800L,0x00040800L,0x04040800L,
301 0x00000802L,0x04000802L,0x00040802L,0x04040802L,
302 0x00002800L,0x04002800L,0x00042800L,0x04042800L,
303 0x00002802L,0x04002802L,0x00042802L,0x04042802L,
304 0x00000820L,0x04000820L,0x00040820L,0x04040820L,
305 0x00000822L,0x04000822L,0x00040822L,0x04040822L,
306 0x00002820L,0x04002820L,0x00042820L,0x04042820L,
307 0x00002822L,0x04002822L,0x00042822L,0x04042822L,
308 }};
309
310int des_set_key(const_des_cblock *key, des_key_schedule schedule)
311 {
312 if (des_check_key)
313 {
314 return des_set_key_checked(key, schedule);
315 }
316 else
317 {
318 des_set_key_unchecked(key, schedule);
319 return 0;
320 }
321 }
322
323/* return 0 if key parity is odd (correct),
324 * return -1 if key parity error,
325 * return -2 if illegal weak key.
326 */
327int des_set_key_checked(const_des_cblock *key, des_key_schedule schedule)
328 {
329 if (!des_check_key_parity(key))
330 return(-1);
331 if (des_is_weak_key(key))
332 return(-2);
333 des_set_key_unchecked(key, schedule);
334 return 0;
335 }
336
337void des_set_key_unchecked(const_des_cblock *key, des_key_schedule schedule)
338 {
339 static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
340 register DES_LONG c,d,t,s,t2;
341 register const unsigned char *in;
342 register DES_LONG *k;
343 register int i;
344
345 k = &schedule->ks.deslong[0];
346 in = &(*key)[0];
347
348 c2l(in,c);
349 c2l(in,d);
350
351 /* do PC1 in 47 simple operations :-)
352 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
353 * for the inspiration. :-) */
354 PERM_OP (d,c,t,4,0x0f0f0f0fL);
355 HPERM_OP(c,t,-2,0xcccc0000L);
356 HPERM_OP(d,t,-2,0xcccc0000L);
357 PERM_OP (d,c,t,1,0x55555555L);
358 PERM_OP (c,d,t,8,0x00ff00ffL);
359 PERM_OP (d,c,t,1,0x55555555L);
360 d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
361 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
362 c&=0x0fffffffL;
363
364 for (i=0; i<ITERATIONS; i++)
365 {
366 if (shifts2[i])
367 { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
368 else
369 { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
370 c&=0x0fffffffL;
371 d&=0x0fffffffL;
372 /* could be a few less shifts but I am to lazy at this
373 * point in time to investigate */
374 s= des_skb[0][ (c )&0x3f ]|
375 des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
376 des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
377 des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
378 ((c>>22L)&0x38)];
379 t= des_skb[4][ (d )&0x3f ]|
380 des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
381 des_skb[6][ (d>>15L)&0x3f ]|
382 des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
383
384 /* table contained 0213 4657 */
385 t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
386 *(k++)=ROTATE(t2,30)&0xffffffffL;
387
388 t2=((s>>16L)|(t&0xffff0000L));
389 *(k++)=ROTATE(t2,26)&0xffffffffL;
390 }
391 }
392
393int des_key_sched(const_des_cblock *key, des_key_schedule schedule)
394 {
395 return(des_set_key(key,schedule));
396 }
397
398#undef des_fixup_key_parity
399void des_fixup_key_parity(des_cblock *key)
400 {
401 des_set_odd_parity(key);
402 }
diff --git a/src/lib/libcrypto/des/spr.h b/src/lib/libcrypto/des/spr.h
deleted file mode 100644
index b8fbdcf8d3..0000000000
--- a/src/lib/libcrypto/des/spr.h
+++ /dev/null
@@ -1,204 +0,0 @@
1/* crypto/des/spr.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59OPENSSL_GLOBAL const DES_LONG des_SPtrans[8][64]={
60{
61/* nibble 0 */
620x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
630x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
640x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
650x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
660x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
670x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
680x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
690x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
700x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
710x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
720x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
730x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
740x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
750x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
760x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
770x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
78},{
79/* nibble 1 */
800x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
810x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
820x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
830x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
840x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
850x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
860x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
870x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
880x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
890x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
900x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
910x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
920x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
930x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
940x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
950x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
96},{
97/* nibble 2 */
980x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
990x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
1000x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
1010x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
1020x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
1030x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
1040x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
1050x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
1060x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
1070x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
1080x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
1090x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
1100x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
1110x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
1120x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
1130x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
114},{
115/* nibble 3 */
1160x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
1170x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
1180x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
1190x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
1200x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
1210x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
1220x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
1230x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
1240x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
1250x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
1260x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
1270x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
1280x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
1290x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
1300x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
1310x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
132},{
133/* nibble 4 */
1340x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
1350x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
1360x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
1370x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
1380x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
1390x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
1400x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
1410x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
1420x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
1430x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
1440x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
1450x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
1460x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
1470x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
1480x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
1490x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
150},{
151/* nibble 5 */
1520x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
1530x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
1540x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
1550x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
1560x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
1570x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
1580x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
1590x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
1600x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
1610x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
1620x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
1630x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
1640x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
1650x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
1660x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
1670x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
168},{
169/* nibble 6 */
1700x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
1710x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
1720x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
1730x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
1740x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
1750x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
1760x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
1770x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
1780x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
1790x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
1800x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
1810x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
1820x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
1830x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
1840x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
1850x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
186},{
187/* nibble 7 */
1880x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
1890x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
1900x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
1910x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
1920x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
1930x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
1940x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
1950x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
1960x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
1970x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
1980x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
1990x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
2000x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
2010x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
2020x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
2030x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
204}};
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c
deleted file mode 100644
index c6abb87201..0000000000
--- a/src/lib/libcrypto/des/str2key.c
+++ /dev/null
@@ -1,155 +0,0 @@
1/* crypto/des/str2key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61void des_string_to_key(const char *str, des_cblock *key)
62 {
63 des_key_schedule ks;
64 int i,length;
65 register unsigned char j;
66
67 memset(key,0,8);
68 length=strlen(str);
69#ifdef OLD_STR_TO_KEY
70 for (i=0; i<length; i++)
71 (*key)[i%8]^=(str[i]<<1);
72#else /* MIT COMPATIBLE */
73 for (i=0; i<length; i++)
74 {
75 j=str[i];
76 if ((i%16) < 8)
77 (*key)[i%8]^=(j<<1);
78 else
79 {
80 /* Reverse the bit order 05/05/92 eay */
81 j=((j<<4)&0xf0)|((j>>4)&0x0f);
82 j=((j<<2)&0xcc)|((j>>2)&0x33);
83 j=((j<<1)&0xaa)|((j>>1)&0x55);
84 (*key)[7-(i%8)]^=j;
85 }
86 }
87#endif
88 des_set_odd_parity(key);
89 des_set_key_unchecked(key,ks);
90 des_cbc_cksum((const unsigned char*)str,key,length,ks,key);
91 memset(ks,0,sizeof(ks));
92 des_set_odd_parity(key);
93 }
94
95void des_string_to_2keys(const char *str, des_cblock *key1, des_cblock *key2)
96 {
97 des_key_schedule ks;
98 int i,length;
99 register unsigned char j;
100
101 memset(key1,0,8);
102 memset(key2,0,8);
103 length=strlen(str);
104#ifdef OLD_STR_TO_KEY
105 if (length <= 8)
106 {
107 for (i=0; i<length; i++)
108 {
109 (*key2)[i]=(*key1)[i]=(str[i]<<1);
110 }
111 }
112 else
113 {
114 for (i=0; i<length; i++)
115 {
116 if ((i/8)&1)
117 (*key2)[i%8]^=(str[i]<<1);
118 else
119 (*key1)[i%8]^=(str[i]<<1);
120 }
121 }
122#else /* MIT COMPATIBLE */
123 for (i=0; i<length; i++)
124 {
125 j=str[i];
126 if ((i%32) < 16)
127 {
128 if ((i%16) < 8)
129 (*key1)[i%8]^=(j<<1);
130 else
131 (*key2)[i%8]^=(j<<1);
132 }
133 else
134 {
135 j=((j<<4)&0xf0)|((j>>4)&0x0f);
136 j=((j<<2)&0xcc)|((j>>2)&0x33);
137 j=((j<<1)&0xaa)|((j>>1)&0x55);
138 if ((i%16) < 8)
139 (*key1)[7-(i%8)]^=j;
140 else
141 (*key2)[7-(i%8)]^=j;
142 }
143 }
144 if (length <= 8) memcpy(key2,key1,8);
145#endif
146 des_set_odd_parity(key1);
147 des_set_odd_parity(key2);
148 des_set_key_unchecked(key1,ks);
149 des_cbc_cksum((const unsigned char*)str,key1,length,ks,key1);
150 des_set_key_unchecked(key2,ks);
151 des_cbc_cksum((const unsigned char*)str,key2,length,ks,key2);
152 memset(ks,0,sizeof(ks));
153 des_set_odd_parity(key1);
154 des_set_odd_parity(key2);
155 }
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c
deleted file mode 100644
index ccfede13ac..0000000000
--- a/src/lib/libcrypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,194 +0,0 @@
1/* crypto/des/xcbc_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_locl.h"
60
61/* RSA's DESX */
62
63static unsigned char desx_white_in2out[256]={
640xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
650x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
660x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
670x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
680x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
690x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
700xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
710xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
720x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
730xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
740x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
750xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
760x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
770x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
780x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
790xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
80 };
81
82void des_xwhite_in2out(const_des_cblock *des_key, const_des_cblock *in_white,
83 des_cblock *out_white)
84 {
85 int out0,out1;
86 int i;
87 const unsigned char *key = &(*des_key)[0];
88 const unsigned char *in = &(*in_white)[0];
89 unsigned char *out = &(*out_white)[0];
90
91 out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
92 out0=out1=0;
93 for (i=0; i<8; i++)
94 {
95 out[i]=key[i]^desx_white_in2out[out0^out1];
96 out0=out1;
97 out1=(int)out[i&0x07];
98 }
99
100 out0=out[0];
101 out1=out[i];
102 for (i=0; i<8; i++)
103 {
104 out[i]=in[i]^desx_white_in2out[out0^out1];
105 out0=out1;
106 out1=(int)out[i&0x07];
107 }
108 }
109
110void des_xcbc_encrypt(const unsigned char *in, unsigned char *out,
111 long length, des_key_schedule schedule, des_cblock *ivec,
112 const_des_cblock *inw, const_des_cblock *outw, int enc)
113 {
114 register DES_LONG tin0,tin1;
115 register DES_LONG tout0,tout1,xor0,xor1;
116 register DES_LONG inW0,inW1,outW0,outW1;
117 register const unsigned char *in2;
118 register long l=length;
119 DES_LONG tin[2];
120 unsigned char *iv;
121
122 in2 = &(*inw)[0];
123 c2l(in2,inW0);
124 c2l(in2,inW1);
125 in2 = &(*outw)[0];
126 c2l(in2,outW0);
127 c2l(in2,outW1);
128
129 iv = &(*ivec)[0];
130
131 if (enc)
132 {
133 c2l(iv,tout0);
134 c2l(iv,tout1);
135 for (l-=8; l>=0; l-=8)
136 {
137 c2l(in,tin0);
138 c2l(in,tin1);
139 tin0^=tout0^inW0; tin[0]=tin0;
140 tin1^=tout1^inW1; tin[1]=tin1;
141 des_encrypt1(tin,schedule,DES_ENCRYPT);
142 tout0=tin[0]^outW0; l2c(tout0,out);
143 tout1=tin[1]^outW1; l2c(tout1,out);
144 }
145 if (l != -8)
146 {
147 c2ln(in,tin0,tin1,l+8);
148 tin0^=tout0^inW0; tin[0]=tin0;
149 tin1^=tout1^inW1; tin[1]=tin1;
150 des_encrypt1(tin,schedule,DES_ENCRYPT);
151 tout0=tin[0]^outW0; l2c(tout0,out);
152 tout1=tin[1]^outW1; l2c(tout1,out);
153 }
154 iv = &(*ivec)[0];
155 l2c(tout0,iv);
156 l2c(tout1,iv);
157 }
158 else
159 {
160 c2l(iv,xor0);
161 c2l(iv,xor1);
162 for (l-=8; l>0; l-=8)
163 {
164 c2l(in,tin0); tin[0]=tin0^outW0;
165 c2l(in,tin1); tin[1]=tin1^outW1;
166 des_encrypt1(tin,schedule,DES_DECRYPT);
167 tout0=tin[0]^xor0^inW0;
168 tout1=tin[1]^xor1^inW1;
169 l2c(tout0,out);
170 l2c(tout1,out);
171 xor0=tin0;
172 xor1=tin1;
173 }
174 if (l != -8)
175 {
176 c2l(in,tin0); tin[0]=tin0^outW0;
177 c2l(in,tin1); tin[1]=tin1^outW1;
178 des_encrypt1(tin,schedule,DES_DECRYPT);
179 tout0=tin[0]^xor0^inW0;
180 tout1=tin[1]^xor1^inW1;
181 l2cn(tout0,tout1,out,l+8);
182 xor0=tin0;
183 xor1=tin1;
184 }
185
186 iv = &(*ivec)[0];
187 l2c(xor0,iv);
188 l2c(xor1,iv);
189 }
190 tin0=tin1=tout0=tout1=xor0=xor1=0;
191 inW0=inW1=outW0=outW1=0;
192 tin[0]=tin[1]=0;
193 }
194
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
deleted file mode 100644
index 7a8d9f88c2..0000000000
--- a/src/lib/libcrypto/dh/dh.h
+++ /dev/null
@@ -1,213 +0,0 @@
1/* crypto/dh/dh.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DH_H
60#define HEADER_DH_H
61
62#ifdef NO_DH
63#error DH is disabled.
64#endif
65
66#ifndef NO_BIO
67#include <openssl/bio.h>
68#endif
69#include <openssl/bn.h>
70#include <openssl/crypto.h>
71
72#define DH_FLAG_CACHE_MONT_P 0x01
73
74#ifdef __cplusplus
75extern "C" {
76#endif
77
78typedef struct dh_st DH;
79
80typedef struct dh_method {
81 const char *name;
82 /* Methods here */
83 int (*generate_key)(DH *dh);
84 int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh);
85 int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
86 const BIGNUM *m, BN_CTX *ctx,
87 BN_MONT_CTX *m_ctx); /* Can be null */
88
89 int (*init)(DH *dh);
90 int (*finish)(DH *dh);
91 int flags;
92 char *app_data;
93} DH_METHOD;
94
95struct dh_st
96 {
97 /* This first argument is used to pick up errors when
98 * a DH is passed instead of a EVP_PKEY */
99 int pad;
100 int version;
101 BIGNUM *p;
102 BIGNUM *g;
103 int length; /* optional */
104 BIGNUM *pub_key; /* g^x */
105 BIGNUM *priv_key; /* x */
106
107 int flags;
108 char *method_mont_p;
109 /* Place holders if we want to do X9.42 DH */
110 BIGNUM *q;
111 BIGNUM *j;
112 unsigned char *seed;
113 int seedlen;
114 BIGNUM *counter;
115
116 int references;
117 CRYPTO_EX_DATA ex_data;
118#if 0
119 DH_METHOD *meth;
120#else
121 struct engine_st *engine;
122#endif
123 };
124
125#define DH_GENERATOR_2 2
126/* #define DH_GENERATOR_3 3 */
127#define DH_GENERATOR_5 5
128
129/* DH_check error codes */
130#define DH_CHECK_P_NOT_PRIME 0x01
131#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
132#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
133#define DH_NOT_SUITABLE_GENERATOR 0x08
134
135/* primes p where (p-1)/2 is prime too are called "safe"; we define
136 this for backward compatibility: */
137#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
138
139#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
140 (char *(*)())d2i_DHparams,(char *)(x))
141#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
142 (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
143#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
144 (unsigned char *)(x))
145#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
146 (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
147#ifdef __cplusplus
148#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
149 (unsigned char *)(x))
150#else
151#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
152 (unsigned char *)(x))
153#endif
154
155DH_METHOD *DH_OpenSSL(void);
156
157void DH_set_default_openssl_method(DH_METHOD *meth);
158DH_METHOD *DH_get_default_openssl_method(void);
159#if 0
160DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth);
161DH *DH_new_method(DH_METHOD *meth);
162#else
163int DH_set_method(DH *dh, struct engine_st *engine);
164DH *DH_new_method(struct engine_st *engine);
165#endif
166
167DH * DH_new(void);
168void DH_free(DH *dh);
169int DH_size(DH *dh);
170int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
171 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
172int DH_set_ex_data(DH *d, int idx, void *arg);
173void *DH_get_ex_data(DH *d, int idx);
174DH * DH_generate_parameters(int prime_len,int generator,
175 void (*callback)(int,int,void *),void *cb_arg);
176int DH_check(DH *dh,int *codes);
177int DH_generate_key(DH *dh);
178int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh);
179DH * d2i_DHparams(DH **a,unsigned char **pp, long length);
180int i2d_DHparams(DH *a,unsigned char **pp);
181#ifndef NO_FP_API
182int DHparams_print_fp(FILE *fp, DH *x);
183#endif
184#ifndef NO_BIO
185int DHparams_print(BIO *bp, DH *x);
186#else
187int DHparams_print(char *bp, DH *x);
188#endif
189void ERR_load_DH_strings(void );
190
191/* BEGIN ERROR CODES */
192/* The following lines are auto generated by the script mkerr.pl. Any changes
193 * made after this point may be overwritten when the script is next run.
194 */
195
196/* Error codes for the DH functions. */
197
198/* Function codes. */
199#define DH_F_DHPARAMS_PRINT 100
200#define DH_F_DHPARAMS_PRINT_FP 101
201#define DH_F_DH_COMPUTE_KEY 102
202#define DH_F_DH_GENERATE_KEY 103
203#define DH_F_DH_GENERATE_PARAMETERS 104
204#define DH_F_DH_NEW 105
205
206/* Reason codes. */
207#define DH_R_NO_PRIVATE_VALUE 100
208
209#ifdef __cplusplus
210}
211#endif
212#endif
213
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
deleted file mode 100644
index 7e5cfd8bfc..0000000000
--- a/src/lib/libcrypto/dh/dh_check.c
+++ /dev/null
@@ -1,120 +0,0 @@
1/* crypto/dh/dh_check.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* Check that p is a safe prime and
65 * if g is 2, 3 or 5, check that is is a suitable generator
66 * where
67 * for 2, p mod 24 == 11
68 * for 3, p mod 12 == 5
69 * for 5, p mod 10 == 3 or 7
70 * should hold.
71 */
72
73int DH_check(DH *dh, int *ret)
74 {
75 int ok=0;
76 BN_CTX *ctx=NULL;
77 BN_ULONG l;
78 BIGNUM *q=NULL;
79
80 *ret=0;
81 ctx=BN_CTX_new();
82 if (ctx == NULL) goto err;
83 q=BN_new();
84 if (q == NULL) goto err;
85
86 if (BN_is_word(dh->g,DH_GENERATOR_2))
87 {
88 l=BN_mod_word(dh->p,24);
89 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
90 }
91#if 0
92 else if (BN_is_word(dh->g,DH_GENERATOR_3))
93 {
94 l=BN_mod_word(dh->p,12);
95 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
96 }
97#endif
98 else if (BN_is_word(dh->g,DH_GENERATOR_5))
99 {
100 l=BN_mod_word(dh->p,10);
101 if ((l != 3) && (l != 7))
102 *ret|=DH_NOT_SUITABLE_GENERATOR;
103 }
104 else
105 *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
106
107 if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
108 *ret|=DH_CHECK_P_NOT_PRIME;
109 else
110 {
111 if (!BN_rshift1(q,dh->p)) goto err;
112 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
113 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
114 }
115 ok=1;
116err:
117 if (ctx != NULL) BN_CTX_free(ctx);
118 if (q != NULL) BN_free(q);
119 return(ok);
120 }
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
deleted file mode 100644
index ff2d1684c2..0000000000
--- a/src/lib/libcrypto/dh/dh_err.c
+++ /dev/null
@@ -1,99 +0,0 @@
1/* crypto/dh/dh_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dh.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA DH_str_functs[]=
68 {
69{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
70{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
71{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
72{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
73{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
74{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"},
75{0,NULL}
76 };
77
78static ERR_STRING_DATA DH_str_reasons[]=
79 {
80{DH_R_NO_PRIVATE_VALUE ,"no private value"},
81{0,NULL}
82 };
83
84#endif
85
86void ERR_load_DH_strings(void)
87 {
88 static int init=1;
89
90 if (init)
91 {
92 init=0;
93#ifndef NO_ERR
94 ERR_load_strings(ERR_LIB_DH,DH_str_functs);
95 ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
96#endif
97
98 }
99 }
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
deleted file mode 100644
index 7a6a38fbb4..0000000000
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ /dev/null
@@ -1,153 +0,0 @@
1/* crypto/dh/dh_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* We generate DH parameters as follows
65 * find a prime q which is prime_len/2 bits long.
66 * p=(2*q)+1 or (p-1)/2 = q
67 * For this case, g is a generator if
68 * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
69 * Since the factors of p-1 are q and 2, we just need to check
70 * g^2 mod p != 1 and g^q mod p != 1.
71 *
72 * Having said all that,
73 * there is another special case method for the generators 2, 3 and 5.
74 * for 2, p mod 24 == 11
75 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
76 * for 5, p mod 10 == 3 or 7
77 *
78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
79 * special generators and for answering some of my questions.
80 *
81 * I've implemented the second simple method :-).
82 * Since DH should be using a safe prime (both p and q are prime),
83 * this generator function can take a very very long time to run.
84 */
85
86DH *DH_generate_parameters(int prime_len, int generator,
87 void (*callback)(int,int,void *), void *cb_arg)
88 {
89 BIGNUM *p=NULL,*t1,*t2;
90 DH *ret=NULL;
91 int g,ok= -1;
92 BN_CTX *ctx=NULL;
93
94 ret=DH_new();
95 if (ret == NULL) goto err;
96 ctx=BN_CTX_new();
97 if (ctx == NULL) goto err;
98 BN_CTX_start(ctx);
99 t1 = BN_CTX_get(ctx);
100 t2 = BN_CTX_get(ctx);
101 if (t1 == NULL || t2 == NULL) goto err;
102
103 if (generator == DH_GENERATOR_2)
104 {
105 BN_set_word(t1,24);
106 BN_set_word(t2,11);
107 g=2;
108 }
109#ifdef undef /* does not work for safe primes */
110 else if (generator == DH_GENERATOR_3)
111 {
112 BN_set_word(t1,12);
113 BN_set_word(t2,5);
114 g=3;
115 }
116#endif
117 else if (generator == DH_GENERATOR_5)
118 {
119 BN_set_word(t1,10);
120 BN_set_word(t2,3);
121 /* BN_set_word(t3,7); just have to miss
122 * out on these ones :-( */
123 g=5;
124 }
125 else
126 g=generator;
127
128 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
129 if (p == NULL) goto err;
130 if (callback != NULL) callback(3,0,cb_arg);
131 ret->p=p;
132 ret->g=BN_new();
133 if (!BN_set_word(ret->g,g)) goto err;
134 ok=1;
135err:
136 if (ok == -1)
137 {
138 DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
139 ok=0;
140 }
141
142 if (ctx != NULL)
143 {
144 BN_CTX_end(ctx);
145 BN_CTX_free(ctx);
146 }
147 if (!ok && (ret != NULL))
148 {
149 DH_free(ret);
150 ret=NULL;
151 }
152 return(ret);
153 }
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
deleted file mode 100644
index 22b087b778..0000000000
--- a/src/lib/libcrypto/dh/dh_key.c
+++ /dev/null
@@ -1,216 +0,0 @@
1/* crypto/dh/dh_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rand.h>
63#include <openssl/dh.h>
64#include <openssl/engine.h>
65
66static int generate_key(DH *dh);
67static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
68static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
69 const BIGNUM *m, BN_CTX *ctx,
70 BN_MONT_CTX *m_ctx);
71static int dh_init(DH *dh);
72static int dh_finish(DH *dh);
73
74int DH_generate_key(DH *dh)
75 {
76 return ENGINE_get_DH(dh->engine)->generate_key(dh);
77 }
78
79int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
80 {
81 return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh);
82 }
83
84static DH_METHOD dh_ossl = {
85"OpenSSL DH Method",
86generate_key,
87compute_key,
88dh_bn_mod_exp,
89dh_init,
90dh_finish,
910,
92NULL
93};
94
95DH_METHOD *DH_OpenSSL(void)
96{
97 return &dh_ossl;
98}
99
100static int generate_key(DH *dh)
101 {
102 int ok=0;
103 BN_CTX ctx;
104 BN_MONT_CTX *mont;
105 BIGNUM *pub_key=NULL,*priv_key=NULL;
106
107 BN_CTX_init(&ctx);
108
109 if (dh->priv_key == NULL)
110 {
111 priv_key=BN_new();
112 if (priv_key == NULL) goto err;
113 do
114 if (!BN_rand_range(priv_key, dh->p)) goto err;
115 while (BN_is_zero(priv_key));
116 }
117 else
118 priv_key=dh->priv_key;
119
120 if (dh->pub_key == NULL)
121 {
122 pub_key=BN_new();
123 if (pub_key == NULL) goto err;
124 }
125 else
126 pub_key=dh->pub_key;
127
128 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
129 {
130 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
131 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
132 dh->p,&ctx)) goto err;
133 }
134 mont=(BN_MONT_CTX *)dh->method_mont_p;
135
136 if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g,
137 priv_key,dh->p,&ctx,mont))
138 goto err;
139
140 dh->pub_key=pub_key;
141 dh->priv_key=priv_key;
142 ok=1;
143err:
144 if (ok != 1)
145 DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
146
147 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
148 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
149 BN_CTX_free(&ctx);
150 return(ok);
151 }
152
153static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
154 {
155 BN_CTX ctx;
156 BN_MONT_CTX *mont;
157 BIGNUM *tmp;
158 int ret= -1;
159
160 BN_CTX_init(&ctx);
161 BN_CTX_start(&ctx);
162 tmp = BN_CTX_get(&ctx);
163
164 if (dh->priv_key == NULL)
165 {
166 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
167 goto err;
168 }
169 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
170 {
171 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
172 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
173 dh->p,&ctx)) goto err;
174 }
175
176 mont=(BN_MONT_CTX *)dh->method_mont_p;
177 if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key,
178 dh->priv_key,dh->p,&ctx,mont))
179 {
180 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
181 goto err;
182 }
183
184 ret=BN_bn2bin(tmp,key);
185err:
186 BN_CTX_end(&ctx);
187 BN_CTX_free(&ctx);
188 return(ret);
189 }
190
191static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
192 const BIGNUM *m, BN_CTX *ctx,
193 BN_MONT_CTX *m_ctx)
194 {
195 if (a->top == 1)
196 {
197 BN_ULONG A = a->d[0];
198 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
199 }
200 else
201 return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
202 }
203
204
205static int dh_init(DH *dh)
206 {
207 dh->flags |= DH_FLAG_CACHE_MONT_P;
208 return(1);
209 }
210
211static int dh_finish(DH *dh)
212 {
213 if(dh->method_mont_p)
214 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
215 return(1);
216 }
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
deleted file mode 100644
index 96f118c153..0000000000
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ /dev/null
@@ -1,237 +0,0 @@
1/* crypto/dh/dh_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#include <openssl/engine.h>
64
65const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
66
67static DH_METHOD *default_DH_method;
68static int dh_meth_num = 0;
69static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;
70
71void DH_set_default_openssl_method(DH_METHOD *meth)
72{
73 ENGINE *e;
74 /* We'll need to notify the "openssl" ENGINE of this
75 * change too. We won't bother locking things down at
76 * our end as there was never any locking in these
77 * functions! */
78 if(default_DH_method != meth)
79 {
80 default_DH_method = meth;
81 e = ENGINE_by_id("openssl");
82 if(e)
83 {
84 ENGINE_set_DH(e, meth);
85 ENGINE_free(e);
86 }
87 }
88}
89
90DH_METHOD *DH_get_default_openssl_method(void)
91{
92 if(!default_DH_method) default_DH_method = DH_OpenSSL();
93 return default_DH_method;
94}
95
96#if 0
97DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
98{
99 DH_METHOD *mtmp;
100 mtmp = dh->meth;
101 if (mtmp->finish) mtmp->finish(dh);
102 dh->meth = meth;
103 if (meth->init) meth->init(dh);
104 return mtmp;
105}
106#else
107int DH_set_method(DH *dh, ENGINE *engine)
108{
109 ENGINE *mtmp;
110 DH_METHOD *meth;
111 mtmp = dh->engine;
112 meth = ENGINE_get_DH(mtmp);
113 if (!ENGINE_init(engine))
114 return 0;
115 if (meth->finish) meth->finish(dh);
116 dh->engine= engine;
117 meth = ENGINE_get_DH(engine);
118 if (meth->init) meth->init(dh);
119 /* SHOULD ERROR CHECK THIS!!! */
120 ENGINE_finish(mtmp);
121 return 1;
122}
123#endif
124
125DH *DH_new(void)
126{
127 return DH_new_method(NULL);
128}
129
130#if 0
131DH *DH_new_method(DH_METHOD *meth)
132#else
133DH *DH_new_method(ENGINE *engine)
134#endif
135 {
136 DH_METHOD *meth;
137 DH *ret;
138 ret=(DH *)OPENSSL_malloc(sizeof(DH));
139
140 if (ret == NULL)
141 {
142 DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
143 return(NULL);
144 }
145 if(engine)
146 ret->engine = engine;
147 else
148 {
149 if((ret->engine=ENGINE_get_default_DH()) == NULL)
150 {
151 OPENSSL_free(ret);
152 return NULL;
153 }
154 }
155 meth = ENGINE_get_DH(ret->engine);
156 ret->pad=0;
157 ret->version=0;
158 ret->p=NULL;
159 ret->g=NULL;
160 ret->length=0;
161 ret->pub_key=NULL;
162 ret->priv_key=NULL;
163 ret->q=NULL;
164 ret->j=NULL;
165 ret->seed = NULL;
166 ret->seedlen = 0;
167 ret->counter = NULL;
168 ret->method_mont_p=NULL;
169 ret->references = 1;
170 ret->flags=meth->flags;
171 CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
172 if ((meth->init != NULL) && !meth->init(ret))
173 {
174 CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data);
175 OPENSSL_free(ret);
176 ret=NULL;
177 }
178 return(ret);
179 }
180
181void DH_free(DH *r)
182 {
183 DH_METHOD *meth;
184 int i;
185 if(r == NULL) return;
186 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
187#ifdef REF_PRINT
188 REF_PRINT("DH",r);
189#endif
190 if (i > 0) return;
191#ifdef REF_CHECK
192 if (i < 0)
193 {
194 fprintf(stderr,"DH_free, bad reference count\n");
195 abort();
196 }
197#endif
198
199 meth = ENGINE_get_DH(r->engine);
200 if(meth->finish) meth->finish(r);
201 ENGINE_finish(r->engine);
202
203 CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
204
205 if (r->p != NULL) BN_clear_free(r->p);
206 if (r->g != NULL) BN_clear_free(r->g);
207 if (r->q != NULL) BN_clear_free(r->q);
208 if (r->j != NULL) BN_clear_free(r->j);
209 if (r->seed) OPENSSL_free(r->seed);
210 if (r->counter != NULL) BN_clear_free(r->counter);
211 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
212 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
213 OPENSSL_free(r);
214 }
215
216int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
217 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
218 {
219 dh_meth_num++;
220 return(CRYPTO_get_ex_new_index(dh_meth_num-1,
221 &dh_meth,argl,argp,new_func,dup_func,free_func));
222 }
223
224int DH_set_ex_data(DH *d, int idx, void *arg)
225 {
226 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
227 }
228
229void *DH_get_ex_data(DH *d, int idx)
230 {
231 return(CRYPTO_get_ex_data(&d->ex_data,idx));
232 }
233
234int DH_size(DH *dh)
235 {
236 return(BN_num_bytes(dh->p));
237 }
diff --git a/src/lib/libcrypto/doc/DH_generate_key.pod b/src/lib/libcrypto/doc/DH_generate_key.pod
deleted file mode 100644
index 81f09fdf45..0000000000
--- a/src/lib/libcrypto/doc/DH_generate_key.pod
+++ /dev/null
@@ -1,50 +0,0 @@
1=pod
2
3=head1 NAME
4
5DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10
11 int DH_generate_key(DH *dh);
12
13 int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
14
15=head1 DESCRIPTION
16
17DH_generate_key() performs the first step of a Diffie-Hellman key
18exchange by generating private and public DH values. By calling
19DH_compute_key(), these are combined with the other party's public
20value to compute the shared key.
21
22DH_generate_key() expects B<dh> to contain the shared parameters
23B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value
24unless B<dh-E<gt>priv_key> is already set, and computes the
25corresponding public value B<dh-E<gt>pub_key>, which can then be
26published.
27
28DH_compute_key() computes the shared secret from the private DH value
29in B<dh> and the other party's public value in B<pub_key> and stores
30it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory.
31
32=head1 RETURN VALUES
33
34DH_generate_key() returns 1 on success, 0 otherwise.
35
36DH_compute_key() returns the size of the shared secret on success, -1
37on error.
38
39The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
40
41=head1 SEE ALSO
42
43L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
44
45=head1 HISTORY
46
47DH_generate_key() and DH_compute_key() are available in all versions
48of SSLeay and OpenSSL.
49
50=cut
diff --git a/src/lib/libcrypto/doc/DH_generate_parameters.pod b/src/lib/libcrypto/doc/DH_generate_parameters.pod
deleted file mode 100644
index 4a2d653758..0000000000
--- a/src/lib/libcrypto/doc/DH_generate_parameters.pod
+++ /dev/null
@@ -1,72 +0,0 @@
1=pod
2
3=head1 NAME
4
5DH_generate_parameters, DH_check - generate and check Diffie-Hellman parameters
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10
11 DH *DH_generate_parameters(int prime_len, int generator,
12 void (*callback)(int, int, void *), void *cb_arg);
13
14 int DH_check(DH *dh, int *codes);
15
16=head1 DESCRIPTION
17
18DH_generate_parameters() generates Diffie-Hellman parameters that can
19be shared among a group of users, and returns them in a newly
20allocated B<DH> structure. The pseudo-random number generator must be
21seeded prior to calling DH_generate_parameters().
22
23B<prime_len> is the length in bits of the safe prime to be generated.
24B<generator> is a small number E<gt> 1, typically 2 or 5.
25
26A callback function may be used to provide feedback about the progress
27of the key generation. If B<callback> is not B<NULL>, it will be
28called as described in L<BN_generate_prime(3)|BN_generate_prime(3)> while a random prime
29number is generated, and when a prime has been found, B<callback(3,
300, cb_arg)> is called.
31
32DH_check() validates Diffie-Hellman parameters. It checks that B<p> is
33a safe prime, and that B<g> is a suitable generator. In the case of an
34error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or
35DH_NOT_SUITABLE_GENERATOR are set in B<*codes>.
36DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be
37checked, i.e. it does not equal 2 or 5.
38
39=head1 RETURN VALUES
40
41DH_generate_parameters() returns a pointer to the DH structure, or
42NULL if the parameter generation fails. The error codes can be
43obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
44
45DH_check() returns 1 if the check could be performed, 0 otherwise.
46
47=head1 NOTES
48
49DH_generate_parameters() may run for several hours before finding a
50suitable prime.
51
52The parameters generated by DH_generate_parameters() are not to be
53used in signature schemes.
54
55=head1 BUGS
56
57If B<generator> is not 2 or 5, B<dh-E<gt>g>=B<generator> is not
58a usable generator.
59
60=head1 SEE ALSO
61
62L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_free(3)|DH_free(3)>
63
64=head1 HISTORY
65
66DH_check() is available in all versions of SSLeay and OpenSSL.
67The B<cb_arg> argument to DH_generate_parameters() was added in SSLeay 0.9.0.
68
69In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used
70instead of DH_CHECK_P_NOT_SAFE_PRIME.
71
72=cut
diff --git a/src/lib/libcrypto/doc/DH_get_ex_new_index.pod b/src/lib/libcrypto/doc/DH_get_ex_new_index.pod
deleted file mode 100644
index 82e2548bcd..0000000000
--- a/src/lib/libcrypto/doc/DH_get_ex_new_index.pod
+++ /dev/null
@@ -1,36 +0,0 @@
1=pod
2
3=head1 NAME
4
5DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10
11 int DH_get_ex_new_index(long argl, void *argp,
12 CRYPTO_EX_new *new_func,
13 CRYPTO_EX_dup *dup_func,
14 CRYPTO_EX_free *free_func);
15
16 int DH_set_ex_data(DH *d, int idx, void *arg);
17
18 char *DH_get_ex_data(DH *d, int idx);
19
20=head1 DESCRIPTION
21
22These functions handle application specific data in DH
23structures. Their usage is identical to that of
24RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
25as described in L<RSA_get_ex_new_index(3)>.
26
27=head1 SEE ALSO
28
29L<RSA_get_ex_new_index()|RSA_get_ex_new_index()>, L<dh(3)|dh(3)>
30
31=head1 HISTORY
32
33DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
34available since OpenSSL 0.9.5.
35
36=cut
diff --git a/src/lib/libcrypto/doc/DH_new.pod b/src/lib/libcrypto/doc/DH_new.pod
deleted file mode 100644
index 60c930093e..0000000000
--- a/src/lib/libcrypto/doc/DH_new.pod
+++ /dev/null
@@ -1,40 +0,0 @@
1=pod
2
3=head1 NAME
4
5DH_new, DH_free - allocate and free DH objects
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10
11 DH* DH_new(void);
12
13 void DH_free(DH *dh);
14
15=head1 DESCRIPTION
16
17DH_new() allocates and initializes a B<DH> structure.
18
19DH_free() frees the B<DH> structure and its components. The values are
20erased before the memory is returned to the system.
21
22=head1 RETURN VALUES
23
24If the allocation fails, DH_new() returns B<NULL> and sets an error
25code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
26a pointer to the newly allocated structure.
27
28DH_free() returns no value.
29
30=head1 SEE ALSO
31
32L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
33L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
34L<DH_generate_key(3)|DH_generate_key(3)>
35
36=head1 HISTORY
37
38DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL.
39
40=cut
diff --git a/src/lib/libcrypto/doc/DH_set_method.pod b/src/lib/libcrypto/doc/DH_set_method.pod
deleted file mode 100644
index 62088eea1b..0000000000
--- a/src/lib/libcrypto/doc/DH_set_method.pod
+++ /dev/null
@@ -1,111 +0,0 @@
1=pod
2
3=head1 NAME
4
5DH_set_default_openssl_method, DH_get_default_openssl_method,
6DH_set_method, DH_new_method, DH_OpenSSL - select DH method
7
8=head1 SYNOPSIS
9
10 #include <openssl/dh.h>
11 #include <openssl/engine.h>
12
13 void DH_set_default_openssl_method(DH_METHOD *meth);
14
15 DH_METHOD *DH_get_default_openssl_method(void);
16
17 int DH_set_method(DH *dh, ENGINE *engine);
18
19 DH *DH_new_method(ENGINE *engine);
20
21 DH_METHOD *DH_OpenSSL(void);
22
23=head1 DESCRIPTION
24
25A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman
26operations. By modifying the method, alternative implementations
27such as hardware accelerators may be used.
28
29Initially, the default is to use the OpenSSL internal implementation.
30DH_OpenSSL() returns a pointer to that method.
31
32DH_set_default_openssl_method() makes B<meth> the default method for all DH
33structures created later. B<NB:> This is true only whilst the default engine
34for Diffie-Hellman operations remains as "openssl". ENGINEs provide an
35encapsulation for implementations of one or more algorithms, and all the DH
36functions mentioned here operate within the scope of the default
37"openssl" engine.
38
39DH_get_default_openssl_method() returns a pointer to the current default
40method for the "openssl" engine.
41
42DH_set_method() selects B<engine> as the engine that will be responsible for
43all operations using the structure B<dh>. If this function completes successfully,
44then the B<dh> structure will have its own functional reference of B<engine>, so
45the caller should remember to free their own reference to B<engine> when they are
46finished with it. NB: An ENGINE's DH_METHOD can be retrieved (or set) by
47ENGINE_get_DH() or ENGINE_set_DH().
48
49DH_new_method() allocates and initializes a DH structure so that
50B<engine> will be used for the DH operations. If B<engine> is NULL,
51the default engine for Diffie-Hellman opertaions is used.
52
53=head1 THE DH_METHOD STRUCTURE
54
55 typedef struct dh_meth_st
56 {
57 /* name of the implementation */
58 const char *name;
59
60 /* generate private and public DH values for key agreement */
61 int (*generate_key)(DH *dh);
62
63 /* compute shared secret */
64 int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh);
65
66 /* compute r = a ^ p mod m (May be NULL for some implementations) */
67 int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
68 const BIGNUM *m, BN_CTX *ctx,
69 BN_MONT_CTX *m_ctx);
70
71 /* called at DH_new */
72 int (*init)(DH *dh);
73
74 /* called at DH_free */
75 int (*finish)(DH *dh);
76
77 int flags;
78
79 char *app_data; /* ?? */
80
81 } DH_METHOD;
82
83=head1 RETURN VALUES
84
85DH_OpenSSL() and DH_get_default_method() return pointers to the respective
86DH_METHODs.
87
88DH_set_default_openssl_method() returns no value.
89
90DH_set_method() returns non-zero if the ENGINE associated with B<dh>
91was successfully changed to B<engine>.
92
93DH_new_method() returns NULL and sets an error code that can be
94obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails.
95Otherwise it returns a pointer to the newly allocated structure.
96
97=head1 SEE ALSO
98
99L<dh(3)|dh(3)>, L<DH_new(3)|DH_new(3)>
100
101=head1 HISTORY
102
103DH_set_default_method(), DH_get_default_method(), DH_set_method(),
104DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4.
105
106DH_set_default_openssl_method() and DH_get_default_openssl_method()
107replaced DH_set_default_method() and DH_get_default_method() respectively,
108and DH_set_method() and DH_new_method() were altered to use B<ENGINE>s
109rather than B<DH_METHOD>s during development of OpenSSL 0.9.6.
110
111=cut
diff --git a/src/lib/libcrypto/doc/DH_size.pod b/src/lib/libcrypto/doc/DH_size.pod
deleted file mode 100644
index 97f26fda78..0000000000
--- a/src/lib/libcrypto/doc/DH_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
1=pod
2
3=head1 NAME
4
5DH_size - get Diffie-Hellman prime size
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10
11 int DH_size(DH *dh);
12
13=head1 DESCRIPTION
14
15This function returns the Diffie-Hellman size in bytes. It can be used
16to determine how much memory must be allocated for the shared secret
17computed by DH_compute_key().
18
19B<dh-E<gt>p> must not be B<NULL>.
20
21=head1 RETURN VALUE
22
23The size in bytes.
24
25=head1 SEE ALSO
26
27L<dh(3)|dh(3)>, L<DH_generate_key(3)|DH_generate_key(3)>
28
29=head1 HISTORY
30
31DH_size() is available in all versions of SSLeay and OpenSSL.
32
33=cut
diff --git a/src/lib/libcrypto/doc/DSA_SIG_new.pod b/src/lib/libcrypto/doc/DSA_SIG_new.pod
deleted file mode 100644
index 45df4c0661..0000000000
--- a/src/lib/libcrypto/doc/DSA_SIG_new.pod
+++ /dev/null
@@ -1,39 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 DSA_SIG *DSA_SIG_new(void);
12
13 void DSA_SIG_free(DSA_SIG *a);
14
15=head1 DESCRIPTION
16
17DSA_SIG_new() allocates and initializes a B<DSA_SIG> structure.
18
19DSA_SIG_free() frees the B<DSA_SIG> structure and its components. The
20values are erased before the memory is returned to the system.
21
22=head1 RETURN VALUES
23
24If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
25error code that can be obtained by
26L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
27to the newly allocated structure.
28
29DSA_SIG_free() returns no value.
30
31=head1 SEE ALSO
32
33L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)>
34
35=head1 HISTORY
36
37DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3.
38
39=cut
diff --git a/src/lib/libcrypto/doc/DSA_do_sign.pod b/src/lib/libcrypto/doc/DSA_do_sign.pod
deleted file mode 100644
index 5dfc733b20..0000000000
--- a/src/lib/libcrypto/doc/DSA_do_sign.pod
+++ /dev/null
@@ -1,47 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_do_sign, DSA_do_verify - raw DSA signature operations
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
12
13 int DSA_do_verify(const unsigned char *dgst, int dgst_len,
14 DSA_SIG *sig, DSA *dsa);
15
16=head1 DESCRIPTION
17
18DSA_do_sign() computes a digital signature on the B<len> byte message
19digest B<dgst> using the private key B<dsa> and returns it in a
20newly allocated B<DSA_SIG> structure.
21
22L<DSA_sign_setup(3)|DSA_sign_setup(3)> may be used to precompute part
23of the signing operation in case signature generation is
24time-critical.
25
26DSA_do_verify() verifies that the signature B<sig> matches a given
27message digest B<dgst> of size B<len>. B<dsa> is the signer's public
28key.
29
30=head1 RETURN VALUES
31
32DSA_do_sign() returns the signature, NULL on error. DSA_do_verify()
33returns 1 for a valid signature, 0 for an incorrect signature and -1
34on error. The error codes can be obtained by
35L<ERR_get_error(3)|ERR_get_error(3)>.
36
37=head1 SEE ALSO
38
39L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
40L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
41L<DSA_sign(3)|DSA_sign(3)>
42
43=head1 HISTORY
44
45DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3.
46
47=cut
diff --git a/src/lib/libcrypto/doc/DSA_dup_DH.pod b/src/lib/libcrypto/doc/DSA_dup_DH.pod
deleted file mode 100644
index 695f99a13b..0000000000
--- a/src/lib/libcrypto/doc/DSA_dup_DH.pod
+++ /dev/null
@@ -1,36 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_dup_DH - create a DH structure out of DSA structure
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 DH * DSA_dup_DH(DSA *r);
12
13=head1 DESCRIPTION
14
15DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q
16is lost during that conversion, but the resulting DH parameters
17contain its length.
18
19=head1 RETURN VALUE
20
21DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
22error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
23
24=head1 NOTE
25
26Be careful to avoid small subgroup attacks when using this.
27
28=head1 SEE ALSO
29
30L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
31
32=head1 HISTORY
33
34DSA_dup_DH() was added in OpenSSL 0.9.4.
35
36=cut
diff --git a/src/lib/libcrypto/doc/DSA_generate_key.pod b/src/lib/libcrypto/doc/DSA_generate_key.pod
deleted file mode 100644
index 9906a2d7e0..0000000000
--- a/src/lib/libcrypto/doc/DSA_generate_key.pod
+++ /dev/null
@@ -1,33 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_generate_key - generate DSA key pair
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 int DSA_generate_key(DSA *a);
12
13=head1 DESCRIPTION
14
15DSA_generate_key() expects B<a> to contain DSA parameters. It generates
16a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
17
18The PRNG must be seeded prior to calling DSA_generate_key().
19
20=head1 RETURN VALUE
21
22DSA_generate_key() returns 1 on success, 0 otherwise.
23The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
24
25=head1 SEE ALSO
26
27L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
28
29=head1 HISTORY
30
31DSA_generate_key() is available since SSLeay 0.8.
32
33=cut
diff --git a/src/lib/libcrypto/doc/DSA_generate_parameters.pod b/src/lib/libcrypto/doc/DSA_generate_parameters.pod
deleted file mode 100644
index be7c924ff8..0000000000
--- a/src/lib/libcrypto/doc/DSA_generate_parameters.pod
+++ /dev/null
@@ -1,105 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_generate_parameters - generate DSA parameters
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 DSA *DSA_generate_parameters(int bits, unsigned char *seed,
12 int seed_len, int *counter_ret, unsigned long *h_ret,
13 void (*callback)(int, int, void *), void *cb_arg);
14
15=head1 DESCRIPTION
16
17DSA_generate_parameters() generates primes p and q and a generator g
18for use in the DSA.
19
20B<bits> is the length of the prime to be generated; the DSS allows a
21maximum of 1024 bits.
22
23If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
24generated at random. Otherwise, the seed is used to generate
25them. If the given seed does not yield a prime q, a new random
26seed is chosen and placed at B<seed>.
27
28DSA_generate_parameters() places the iteration count in
29*B<counter_ret> and a counter used for finding a generator in
30*B<h_ret>, unless these are B<NULL>.
31
32A callback function may be used to provide feedback about the progress
33of the key generation. If B<callback> is not B<NULL>, it will be
34called as follows:
35
36=over 4
37
38=item *
39
40When a candidate for q is generated, B<callback(0, m++, cb_arg)> is called
41(m is 0 for the first candidate).
42
43=item *
44
45When a candidate for q has passed a test by trial division,
46B<callback(1, -1, cb_arg)> is called.
47While a candidate for q is tested by Miller-Rabin primality tests,
48B<callback(1, i, cb_arg)> is called in the outer loop
49(once for each witness that confirms that the candidate may be prime);
50i is the loop counter (starting at 0).
51
52=item *
53
54When a prime q has been found, B<callback(2, 0, cb_arg)> and
55B<callback(3, 0, cb_arg)> are called.
56
57=item *
58
59Before a candidate for p (other than the first) is generated and tested,
60B<callback(0, counter, cb_arg)> is called.
61
62=item *
63
64When a candidate for p has passed the test by trial division,
65B<callback(1, -1, cb_arg)> is called.
66While it is tested by the Miller-Rabin primality test,
67B<callback(1, i, cb_arg)> is called in the outer loop
68(once for each witness that confirms that the candidate may be prime).
69i is the loop counter (starting at 0).
70
71=item *
72
73When p has been found, B<callback(2, 1, cb_arg)> is called.
74
75=item *
76
77When the generator has been found, B<callback(3, 1, cb_arg)> is called.
78
79=back
80
81=head1 RETURN VALUE
82
83DSA_generate_parameters() returns a pointer to the DSA structure, or
84B<NULL> if the parameter generation fails. The error codes can be
85obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
86
87=head1 BUGS
88
89Seed lengths E<gt> 20 are not supported.
90
91=head1 SEE ALSO
92
93L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
94L<DSA_free(3)|DSA_free(3)>
95
96=head1 HISTORY
97
98DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
99argument was added in SSLeay 0.9.0.
100In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
101in the inner loop of the Miller-Rabin test whenever it reached the
102squaring step (the parameters to B<callback> did not reveal how many
103witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
104is called as in BN_is_prime(3), i.e. once for each witness.
105=cut
diff --git a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod
deleted file mode 100644
index 4612e708ec..0000000000
--- a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,36 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures
6
7=head1 SYNOPSIS
8
9 #include <openssl/DSA.h>
10
11 int DSA_get_ex_new_index(long argl, void *argp,
12 CRYPTO_EX_new *new_func,
13 CRYPTO_EX_dup *dup_func,
14 CRYPTO_EX_free *free_func);
15
16 int DSA_set_ex_data(DSA *d, int idx, void *arg);
17
18 char *DSA_get_ex_data(DSA *d, int idx);
19
20=head1 DESCRIPTION
21
22These functions handle application specific data in DSA
23structures. Their usage is identical to that of
24RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
25as described in L<RSA_get_ex_new_index(3)>.
26
27=head1 SEE ALSO
28
29L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dsa(3)|dsa(3)>
30
31=head1 HISTORY
32
33DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
34available since OpenSSL 0.9.5.
35
36=cut
diff --git a/src/lib/libcrypto/doc/DSA_new.pod b/src/lib/libcrypto/doc/DSA_new.pod
deleted file mode 100644
index 301af912dd..0000000000
--- a/src/lib/libcrypto/doc/DSA_new.pod
+++ /dev/null
@@ -1,41 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_new, DSA_free - allocate and free DSA objects
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 DSA* DSA_new(void);
12
13 void DSA_free(DSA *dsa);
14
15=head1 DESCRIPTION
16
17DSA_new() allocates and initializes a B<DSA> structure.
18
19DSA_free() frees the B<DSA> structure and its components. The values are
20erased before the memory is returned to the system.
21
22=head1 RETURN VALUES
23
24If the allocation fails, DSA_new() returns B<NULL> and sets an error
25code that can be obtained by
26L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
27to the newly allocated structure.
28
29DSA_free() returns no value.
30
31=head1 SEE ALSO
32
33L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
34L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
35L<DSA_generate_key(3)|DSA_generate_key(3)>
36
37=head1 HISTORY
38
39DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL.
40
41=cut
diff --git a/src/lib/libcrypto/doc/DSA_set_method.pod b/src/lib/libcrypto/doc/DSA_set_method.pod
deleted file mode 100644
index c56dfd0f47..0000000000
--- a/src/lib/libcrypto/doc/DSA_set_method.pod
+++ /dev/null
@@ -1,118 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_set_default_openssl_method, DSA_get_default_openssl_method,
6DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method
7
8=head1 SYNOPSIS
9
10 #include <openssl/dsa.h>
11 #include <openssl/engine.h>
12
13 void DSA_set_default_openssl_method(DSA_METHOD *meth);
14
15 DSA_METHOD *DSA_get_default_openssl_method(void);
16
17 int DSA_set_method(DSA *dsa, ENGINE *engine);
18
19 DSA *DSA_new_method(ENGINE *engine);
20
21 DSA_METHOD *DSA_OpenSSL(void);
22
23=head1 DESCRIPTION
24
25A B<DSA_METHOD> specifies the functions that OpenSSL uses for DSA
26operations. By modifying the method, alternative implementations
27such as hardware accelerators may be used.
28
29Initially, the default is to use the OpenSSL internal implementation.
30DSA_OpenSSL() returns a pointer to that method.
31
32DSA_set_default_openssl_method() makes B<meth> the default method for
33all DSA structures created later. B<NB:> This is true only whilst the
34default engine for DSA operations remains as "openssl". ENGINEs
35provide an encapsulation for implementations of one or more algorithms at a
36time, and all the DSA functions mentioned here operate within the scope
37of the default "openssl" engine.
38
39DSA_get_default_openssl_method() returns a pointer to the current default
40method for the "openssl" engine.
41
42DSA_set_method() selects B<engine> for all operations using the structure B<dsa>.
43
44DSA_new_method() allocates and initializes a DSA structure so that
45B<engine> will be used for the DSA operations. If B<engine> is NULL,
46the default engine for DSA operations is used.
47
48=head1 THE DSA_METHOD STRUCTURE
49
50struct
51 {
52 /* name of the implementation */
53 const char *name;
54
55 /* sign */
56 DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
57 DSA *dsa);
58
59 /* pre-compute k^-1 and r */
60 int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
61 BIGNUM **rp);
62
63 /* verify */
64 int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
65 DSA_SIG *sig, DSA *dsa);
66
67 /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
68 implementations) */
69 int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
70 BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
71 BN_CTX *ctx, BN_MONT_CTX *in_mont);
72
73 /* compute r = a ^ p mod m (May be NULL for some implementations) */
74 int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
75 const BIGNUM *p, const BIGNUM *m,
76 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
77
78 /* called at DSA_new */
79 int (*init)(DSA *DSA);
80
81 /* called at DSA_free */
82 int (*finish)(DSA *DSA);
83
84 int flags;
85
86 char *app_data; /* ?? */
87
88 } DSA_METHOD;
89
90=head1 RETURN VALUES
91
92DSA_OpenSSL() and DSA_get_default_openssl_method() return pointers to the
93respective DSA_METHODs.
94
95DSA_set_default_openssl_method() returns no value.
96
97DSA_set_method() returns non-zero if the ENGINE associated with B<dsa>
98was successfully changed to B<engine>.
99
100DSA_new_method() returns NULL and sets an error code that can be
101obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation
102fails. Otherwise it returns a pointer to the newly allocated structure.
103
104=head1 SEE ALSO
105
106L<dsa(3)|dsa(3)>, L<DSA_new(3)|DSA_new(3)>
107
108=head1 HISTORY
109
110DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(),
111DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4.
112
113DSA_set_default_openssl_method() and DSA_get_default_openssl_method()
114replaced DSA_set_default_method() and DSA_get_default_method() respectively,
115and DSA_set_method() and DSA_new_method() were altered to use B<ENGINE>s
116rather than B<DSA_METHOD>s during development of OpenSSL 0.9.6.
117
118=cut
diff --git a/src/lib/libcrypto/doc/DSA_sign.pod b/src/lib/libcrypto/doc/DSA_sign.pod
deleted file mode 100644
index 97389e8ec8..0000000000
--- a/src/lib/libcrypto/doc/DSA_sign.pod
+++ /dev/null
@@ -1,66 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 int DSA_sign(int type, const unsigned char *dgst, int len,
12 unsigned char *sigret, unsigned int *siglen, DSA *dsa);
13
14 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
15 BIGNUM **rp);
16
17 int DSA_verify(int type, const unsigned char *dgst, int len,
18 unsigned char *sigbuf, int siglen, DSA *dsa);
19
20=head1 DESCRIPTION
21
22DSA_sign() computes a digital signature on the B<len> byte message
23digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
24encoding at B<sigret>. The length of the signature is places in
25*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
26
27DSA_sign_setup() may be used to precompute part of the signing
28operation in case signature generation is time-critical. It expects
29B<dsa> to contain DSA parameters. It places the precomputed values
30in newly allocated B<BIGNUM>s at *B<kinvp> and *B<rp>, after freeing
31the old ones unless *B<kinvp> and *B<rp> are NULL. These values may
32be passed to DSA_sign() in B<dsa-E<gt>kinv> and B<dsa-E<gt>r>.
33B<ctx> is a pre-allocated B<BN_CTX> or NULL.
34
35DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
36matches a given message digest B<dgst> of size B<len>.
37B<dsa> is the signer's public key.
38
39The B<type> parameter is ignored.
40
41The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
42is called.
43
44=head1 RETURN VALUES
45
46DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
47DSA_verify() returns 1 for a valid signature, 0 for an incorrect
48signature and -1 on error. The error codes can be obtained by
49L<ERR_get_error(3)|ERR_get_error(3)>.
50
51=head1 CONFORMING TO
52
53US Federal Information Processing Standard FIPS 186 (Digital Signature
54Standard, DSS), ANSI X9.30
55
56=head1 SEE ALSO
57
58L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
59L<DSA_do_sign(3)|DSA_do_sign(3)>
60
61=head1 HISTORY
62
63DSA_sign() and DSA_verify() are available in all versions of SSLeay.
64DSA_sign_setup() was added in SSLeay 0.8.
65
66=cut
diff --git a/src/lib/libcrypto/doc/DSA_size.pod b/src/lib/libcrypto/doc/DSA_size.pod
deleted file mode 100644
index 23b6320a4d..0000000000
--- a/src/lib/libcrypto/doc/DSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
1=pod
2
3=head1 NAME
4
5DSA_size - get DSA signature size
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10
11 int DSA_size(DSA *dsa);
12
13=head1 DESCRIPTION
14
15This function returns the size of an ASN.1 encoded DSA signature in
16bytes. It can be used to determine how much memory must be allocated
17for a DSA signature.
18
19B<dsa-E<gt>q> must not be B<NULL>.
20
21=head1 RETURN VALUE
22
23The size in bytes.
24
25=head1 SEE ALSO
26
27L<dsa(3)|dsa(3)>, L<DSA_sign(3)|DSA_sign(3)>
28
29=head1 HISTORY
30
31DSA_size() is available in all versions of SSLeay and OpenSSL.
32
33=cut
diff --git a/src/lib/libcrypto/doc/ERR_GET_LIB.pod b/src/lib/libcrypto/doc/ERR_GET_LIB.pod
deleted file mode 100644
index 2a129da036..0000000000
--- a/src/lib/libcrypto/doc/ERR_GET_LIB.pod
+++ /dev/null
@@ -1,51 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and
6reason code
7
8=head1 SYNOPSIS
9
10 #include <openssl/err.h>
11
12 int ERR_GET_LIB(unsigned long e);
13
14 int ERR_GET_FUNC(unsigned long e);
15
16 int ERR_GET_REASON(unsigned long e);
17
18=head1 DESCRIPTION
19
20The error code returned by ERR_get_error() consists of a library
21number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC()
22and ERR_GET_REASON() can be used to extract these.
23
24The library number and function code describe where the error
25occurred, the reason code is the information about what went wrong.
26
27Each sub-library of OpenSSL has a unique library number; function and
28reason codes are unique within each sub-library. Note that different
29libraries may use the same value to signal different functions and
30reasons.
31
32B<ERR_R_...> reason codes such as B<ERR_R_MALLOC_FAILURE> are globally
33unique. However, when checking for sub-library specific reason codes,
34be sure to also compare the library number.
35
36ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros.
37
38=head1 RETURN VALUES
39
40The library number, function code and reason code respectively.
41
42=head1 SEE ALSO
43
44L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
45
46=head1 HISTORY
47
48ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
49all versions of SSLeay and OpenSSL.
50
51=cut
diff --git a/src/lib/libcrypto/doc/ERR_clear_error.pod b/src/lib/libcrypto/doc/ERR_clear_error.pod
deleted file mode 100644
index 566e1f4e31..0000000000
--- a/src/lib/libcrypto/doc/ERR_clear_error.pod
+++ /dev/null
@@ -1,29 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_clear_error - clear the error queue
6
7=head1 SYNOPSIS
8
9 #include <openssl/err.h>
10
11 void ERR_clear_error(void);
12
13=head1 DESCRIPTION
14
15ERR_clear_error() empties the current thread's error queue.
16
17=head1 RETURN VALUES
18
19ERR_clear_error() has no return value.
20
21=head1 SEE ALSO
22
23L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
24
25=head1 HISTORY
26
27ERR_clear_error() is available in all versions of SSLeay and OpenSSL.
28
29=cut
diff --git a/src/lib/libcrypto/doc/ERR_error_string.pod b/src/lib/libcrypto/doc/ERR_error_string.pod
deleted file mode 100644
index e01beb817a..0000000000
--- a/src/lib/libcrypto/doc/ERR_error_string.pod
+++ /dev/null
@@ -1,73 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_error_string, ERR_error_string_n, ERR_lib_error_string,
6ERR_func_error_string, ERR_reason_error_string - obtain human-readable
7error message
8
9=head1 SYNOPSIS
10
11 #include <openssl/err.h>
12
13 char *ERR_error_string(unsigned long e, char *buf);
14 char *ERR_error_string_n(unsigned long e, char *buf, size_t len);
15
16 const char *ERR_lib_error_string(unsigned long e);
17 const char *ERR_func_error_string(unsigned long e);
18 const char *ERR_reason_error_string(unsigned long e);
19
20=head1 DESCRIPTION
21
22ERR_error_string() generates a human-readable string representing the
23error code I<e>, and places it at I<buf>. I<buf> must be at least 120
24bytes long. If I<buf> is B<NULL>, the error string is placed in a
25static buffer.
26ERR_error_string_n() is a variant of ERR_error_string() that writes
27at most I<len> characters (including the terminating 0)
28and truncates the string if necessary.
29For ERR_error_string_n(), I<buf> may not be B<NULL>.
30
31The string will have the following format:
32
33 error:[error code]:[library name]:[function name]:[reason string]
34
35I<error code> is an 8 digit hexadecimal number, I<library name>,
36I<function name> and I<reason string> are ASCII text.
37
38ERR_lib_error_string(), ERR_func_error_string() and
39ERR_reason_error_string() return the library name, function
40name and reason string respectively.
41
42The OpenSSL error strings should be loaded by calling
43L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)> or, for SSL
44applications, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
45first.
46If there is no text string registered for the given error code,
47the error string will contain the numeric code.
48
49L<ERR_print_errors(3)|ERR_print_errors(3)> can be used to print
50all error codes currently in the queue.
51
52=head1 RETURN VALUES
53
54ERR_error_string() returns a pointer to a static buffer containing the
55string if I<buf> B<== NULL>, I<buf> otherwise.
56
57ERR_lib_error_string(), ERR_func_error_string() and
58ERR_reason_error_string() return the strings, and B<NULL> if
59none is registered for the error code.
60
61=head1 SEE ALSO
62
63L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
64L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
65L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
66L<ERR_print_errors(3)|ERR_print_errors(3)>
67
68=head1 HISTORY
69
70ERR_error_string() is available in all versions of SSLeay and OpenSSL.
71ERR_error_string_n() was added in OpenSSL 0.9.6.
72
73=cut
diff --git a/src/lib/libcrypto/doc/ERR_get_error.pod b/src/lib/libcrypto/doc/ERR_get_error.pod
deleted file mode 100644
index 3551bacb8d..0000000000
--- a/src/lib/libcrypto/doc/ERR_get_error.pod
+++ /dev/null
@@ -1,63 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_get_error, ERR_peek_error, ERR_get_error_line, ERR_peek_error_line,
6ERR_get_error_line_data, ERR_peek_error_line_data - obtain error code and data
7
8=head1 SYNOPSIS
9
10 #include <openssl/err.h>
11
12 unsigned long ERR_get_error(void);
13 unsigned long ERR_peek_error(void);
14
15 unsigned long ERR_get_error_line(const char **file, int *line);
16 unsigned long ERR_peek_error_line(const char **file, int *line);
17
18 unsigned long ERR_get_error_line_data(const char **file, int *line,
19 const char **data, int *flags);
20 unsigned long ERR_peek_error_line_data(const char **file, int *line,
21 const char **data, int *flags);
22
23=head1 DESCRIPTION
24
25ERR_get_error() returns the last error code from the thread's error
26queue and removes the entry. This function can be called repeatedly
27until there are no more error codes to return.
28
29ERR_peek_error() returns the last error code from the thread's
30error queue without modifying it.
31
32See L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> for obtaining information about
33location and reason of the error, and
34L<ERR_error_string(3)|ERR_error_string(3)> for human-readable error
35messages.
36
37ERR_get_error_line() and ERR_peek_error_line() are the same as the
38above, but they additionally store the file name and line number where
39the error occurred in *B<file> and *B<line>, unless these are B<NULL>.
40
41ERR_get_error_line_data() and ERR_peek_error_line_data() store
42additional data and flags associated with the error code in *B<data>
43and *B<flags>, unless these are B<NULL>. *B<data> contains a string
44if *B<flags>&B<ERR_TXT_STRING>. If it has been allocated by OPENSSL_malloc(),
45*B<flags>&B<ERR_TXT_MALLOCED> is true.
46
47=head1 RETURN VALUES
48
49The error code, or 0 if there is no error in the queue.
50
51=head1 SEE ALSO
52
53L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
54L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
55
56=head1 HISTORY
57
58ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and
59ERR_peek_error_line() are available in all versions of SSLeay and
60OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data()
61were added in SSLeay 0.9.0.
62
63=cut
diff --git a/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod b/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod
deleted file mode 100644
index 9bdec75a46..0000000000
--- a/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod
+++ /dev/null
@@ -1,46 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings -
6load and free error strings
7
8=head1 SYNOPSIS
9
10 #include <openssl/err.h>
11
12 void ERR_load_crypto_strings(void);
13 void ERR_free_strings(void);
14
15 #include <openssl/ssl.h>
16
17 void SSL_load_error_strings(void);
18
19=head1 DESCRIPTION
20
21ERR_load_crypto_strings() registers the error strings for all
22B<libcrypto> functions. SSL_load_error_strings() does the same,
23but also registers the B<libssl> error strings.
24
25One of these functions should be called before generating
26textual error messages. However, this is not required when memory
27usage is an issue.
28
29ERR_free_strings() frees all previously loaded error strings.
30
31=head1 RETURN VALUES
32
33ERR_load_crypto_strings(), SSL_load_error_strings() and
34ERR_free_strings() return no values.
35
36=head1 SEE ALSO
37
38L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
39
40=head1 HISTORY
41
42ERR_load_error_strings(), SSL_load_error_strings() and
43ERR_free_strings() are available in all versions of SSLeay and
44OpenSSL.
45
46=cut
diff --git a/src/lib/libcrypto/doc/ERR_load_strings.pod b/src/lib/libcrypto/doc/ERR_load_strings.pod
deleted file mode 100644
index 5acdd0edbc..0000000000
--- a/src/lib/libcrypto/doc/ERR_load_strings.pod
+++ /dev/null
@@ -1,54 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load
6arbitrary error strings
7
8=head1 SYNOPSIS
9
10 #include <openssl/err.h>
11
12 void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
13
14 int ERR_get_next_error_library(void);
15
16 unsigned long ERR_PACK(int lib, int func, int reason);
17
18=head1 DESCRIPTION
19
20ERR_load_strings() registers error strings for library number B<lib>.
21
22B<str> is an array of error string data:
23
24 typedef struct ERR_string_data_st
25 {
26 unsigned long error;
27 char *string;
28 } ERR_STRING_DATA;
29
30The error code is generated from the library number and a function and
31reason code: B<error> = ERR_PACK(B<lib>, B<func>, B<reason>).
32ERR_PACK() is a macro.
33
34The last entry in the array is {0,0}.
35
36ERR_get_next_error_library() can be used to assign library numbers
37to user libraries at runtime.
38
39=head1 RETURN VALUE
40
41ERR_load_strings() returns no value. ERR_PACK() return the error code.
42ERR_get_next_error_library() returns a new library number.
43
44=head1 SEE ALSO
45
46L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
47
48=head1 HISTORY
49
50ERR_load_error_strings() and ERR_PACK() are available in all versions
51of SSLeay and OpenSSL. ERR_get_next_error_library() was added in
52SSLeay 0.9.0.
53
54=cut
diff --git a/src/lib/libcrypto/doc/ERR_print_errors.pod b/src/lib/libcrypto/doc/ERR_print_errors.pod
deleted file mode 100644
index b100a5fa2b..0000000000
--- a/src/lib/libcrypto/doc/ERR_print_errors.pod
+++ /dev/null
@@ -1,51 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_print_errors, ERR_print_errors_fp - print error messages
6
7=head1 SYNOPSIS
8
9 #include <openssl/err.h>
10
11 void ERR_print_errors(BIO *bp);
12 void ERR_print_errors_fp(FILE *fp);
13
14=head1 DESCRIPTION
15
16ERR_print_errors() is a convenience function that prints the error
17strings for all errors that OpenSSL has recorded to B<bp>, thus
18emptying the error queue.
19
20ERR_print_errors_fp() is the same, except that the output goes to a
21B<FILE>.
22
23
24The error strings will have the following format:
25
26 [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]
27
28I<error code> is an 8 digit hexadecimal number. I<library name>,
29I<function name> and I<reason string> are ASCII text, as is I<optional
30text message> if one was set for the respective error code.
31
32If there is no text string registered for the given error code,
33the error string will contain the numeric code.
34
35=head1 RETURN VALUES
36
37ERR_print_errors() and ERR_print_errors_fp() return no values.
38
39=head1 SEE ALSO
40
41L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
42L<ERR_get_error(3)|ERR_get_error(3)>,
43L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
44L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
45
46=head1 HISTORY
47
48ERR_print_errors() and ERR_print_errors_fp()
49are available in all versions of SSLeay and OpenSSL.
50
51=cut
diff --git a/src/lib/libcrypto/doc/ERR_put_error.pod b/src/lib/libcrypto/doc/ERR_put_error.pod
deleted file mode 100644
index acd241fbe4..0000000000
--- a/src/lib/libcrypto/doc/ERR_put_error.pod
+++ /dev/null
@@ -1,44 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_put_error, ERR_add_error_data - record an error
6
7=head1 SYNOPSIS
8
9 #include <openssl/err.h>
10
11 void ERR_put_error(int lib, int func, int reason, const char *file,
12 int line);
13
14 void ERR_add_error_data(int num, ...);
15
16=head1 DESCRIPTION
17
18ERR_put_error() adds an error code to the thread's error queue. It
19signals that the error of reason code B<reason> occurred in function
20B<func> of library B<lib>, in line number B<line> of B<file>.
21This function is usually called by a macro.
22
23ERR_add_error_data() associates the concatenation of its B<num> string
24arguments with the error code added last.
25
26L<ERR_load_strings(3)|ERR_load_strings(3)> can be used to register
27error strings so that the application can a generate human-readable
28error messages for the error code.
29
30=head1 RETURN VALUES
31
32ERR_put_error() and ERR_add_error_data() return
33no values.
34
35=head1 SEE ALSO
36
37L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
38
39=head1 HISTORY
40
41ERR_put_error() is available in all versions of SSLeay and OpenSSL.
42ERR_add_error_data() was added in SSLeay 0.9.0.
43
44=cut
diff --git a/src/lib/libcrypto/doc/ERR_remove_state.pod b/src/lib/libcrypto/doc/ERR_remove_state.pod
deleted file mode 100644
index 72925fb9f4..0000000000
--- a/src/lib/libcrypto/doc/ERR_remove_state.pod
+++ /dev/null
@@ -1,34 +0,0 @@
1=pod
2
3=head1 NAME
4
5ERR_remove_state - free a thread's error queue
6
7=head1 SYNOPSIS
8
9 #include <openssl/err.h>
10
11 void ERR_remove_state(unsigned long pid);
12
13=head1 DESCRIPTION
14
15ERR_remove_state() frees the error queue associated with thread B<pid>.
16If B<pid> == 0, the current thread will have its error queue removed.
17
18Since error queue data structures are allocated automatically for new
19threads, they must be freed when threads are terminated in order to
20avoid memory leaks.
21
22=head1 RETURN VALUE
23
24ERR_remove_state() returns no value.
25
26=head1 SEE ALSO
27
28L<err(3)|err(3)>
29
30=head1 HISTORY
31
32ERR_remove_state() is available in all versions of SSLeay and OpenSSL.
33
34=cut
diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod
deleted file mode 100644
index fefc858f7e..0000000000
--- a/src/lib/libcrypto/doc/EVP_DigestInit.pod
+++ /dev/null
@@ -1,202 +0,0 @@
1=pod
2
3=head1 NAME
4
5EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal, EVP_MAX_MD_SIZE,
6EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size,
7EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
8EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
9EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
10EVP digest routines
11
12=head1 SYNOPSIS
13
14 #include <openssl/evp.h>
15
16 void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
17 void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
18 void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
19 unsigned int *s);
20
21 #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
22
23 int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
24
25 #define EVP_MD_type(e) ((e)->type)
26 #define EVP_MD_pkey_type(e) ((e)->pkey_type)
27 #define EVP_MD_size(e) ((e)->md_size)
28 #define EVP_MD_block_size(e) ((e)->block_size)
29
30 #define EVP_MD_CTX_md(e) (e)->digest)
31 #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
32 #define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
33 #define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
34
35 EVP_MD *EVP_md_null(void);
36 EVP_MD *EVP_md2(void);
37 EVP_MD *EVP_md5(void);
38 EVP_MD *EVP_sha(void);
39 EVP_MD *EVP_sha1(void);
40 EVP_MD *EVP_dss(void);
41 EVP_MD *EVP_dss1(void);
42 EVP_MD *EVP_mdc2(void);
43 EVP_MD *EVP_ripemd160(void);
44
45 const EVP_MD *EVP_get_digestbyname(const char *name);
46 #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
47 #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
48
49=head1 DESCRIPTION
50
51The EVP digest routines are a high level interface to message digests.
52
53EVP_DigestInit() initializes a digest context B<ctx> to use a digest
54B<type>: this will typically be supplied by a function such as
55EVP_sha1().
56
57EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
58digest context B<ctx>. This function can be called several times on the
59same B<ctx> to hash additional data.
60
61EVP_DigestFinal() retrieves the digest value from B<ctx> and places
62it in B<md>. If the B<s> parameter is not NULL then the number of
63bytes of data written (i.e. the length of the digest) will be written
64to the integer at B<s>, at most B<EVP_MAX_MD_SIZE> bytes will be written.
65After calling EVP_DigestFinal() no additional calls to EVP_DigestUpdate()
66can be made, but EVP_DigestInit() can be called to initialize a new
67digest operation.
68
69EVP_MD_CTX_copy() can be used to copy the message digest state from
70B<in> to B<out>. This is useful if large amounts of data are to be
71hashed which only differ in the last few bytes.
72
73EVP_MD_size() and EVP_MD_CTX_size() return the size of the message digest
74when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure, i.e. the size of the
75hash.
76
77EVP_MD_block_size() and EVP_MD_CTX_block_size() return the block size of the
78message digest when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure.
79
80EVP_MD_type() and EVP_MD_CTX_type() return the NID of the OBJECT IDENTIFIER
81representing the given message digest when passed an B<EVP_MD> structure.
82For example EVP_MD_type(EVP_sha1()) returns B<NID_sha1>. This function is
83normally used when setting ASN1 OIDs.
84
85EVP_MD_CTX_md() returns the B<EVP_MD> structure corresponding to the passed
86B<EVP_MD_CTX>.
87
88EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
89with this digest. For example EVP_sha1() is associated with RSA so this will
90return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
91algorithms may not be retained in future versions of OpenSSL.
92
93EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
94return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
95algorithms respectively. The associated signature algorithm is RSA in each case.
96
97EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
98algorithms but using DSS (DSA) for the signature algorithm.
99
100EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
101returns is of zero length.
102
103EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
104return an B<EVP_MD> structure when passed a digest name, a digest NID or
105an ASN1_OBJECT structure respectively. The digest table must be initialized
106using, for example, OpenSSL_add_all_digests() for these functions to work.
107
108=head1 RETURN VALUES
109
110EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() do not return values.
111
112EVP_MD_CTX_copy() returns 1 if successful or 0 for failure.
113
114EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the
115corresponding OBJECT IDENTIFIER or NID_undef if none exists.
116
117EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(e), EVP_MD_size(),
118EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block
119size in bytes.
120
121EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
122EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
123corresponding EVP_MD structures.
124
125EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
126return either an B<EVP_MD> structure or NULL if an error occurs.
127
128=head1 NOTES
129
130The B<EVP> interface to message digests should almost always be used in
131preference to the low level interfaces. This is because the code then becomes
132transparent to the digest used and much more flexible.
133
134SHA1 is the digest of choice for new applications. The other digest algorithms
135are still in common use.
136
137=head1 EXAMPLE
138
139This example digests the data "Test Message\n" and "Hello World\n", using the
140digest name passed on the command line.
141
142 #include <stdio.h>
143 #include <openssl/evp.h>
144
145 main(int argc, char *argv[])
146 {
147 EVP_MD_CTX mdctx;
148 const EVP_MD *md;
149 char mess1[] = "Test Message\n";
150 char mess2[] = "Hello World\n";
151 unsigned char md_value[EVP_MAX_MD_SIZE];
152 int md_len, i;
153
154 OpenSSL_add_all_digests();
155
156 if(!argv[1]) {
157 printf("Usage: mdtest digestname\n");
158 exit(1);
159 }
160
161 md = EVP_get_digestbyname(argv[1]);
162
163 if(!md) {
164 printf("Unknown message digest %s\n", argv[1]);
165 exit(1);
166 }
167
168 EVP_DigestInit(&mdctx, md);
169 EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
170 EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
171 EVP_DigestFinal(&mdctx, md_value, &md_len);
172
173 printf("Digest is: ");
174 for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
175 printf("\n");
176 }
177
178=head1 BUGS
179
180Several of the functions do not return values: maybe they should. Although the
181internal digest operations will never fail some future hardware based operations
182might.
183
184The link between digests and signing algorithms results in a situation where
185EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS
186even though they are identical digests.
187
188The size of an B<EVP_MD_CTX> structure is determined at compile time: this results
189in code that must be recompiled if the size of B<EVP_MD_CTX> increases.
190
191=head1 SEE ALSO
192
193L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
194L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD160(3)|RIPEMD160(3)>,
195L<SHA1(3)|SHA1(3)>
196
197=head1 HISTORY
198
199EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
200available in all versions of SSLeay and OpenSSL.
201
202=cut
diff --git a/src/lib/libcrypto/doc/EVP_EncryptInit.pod b/src/lib/libcrypto/doc/EVP_EncryptInit.pod
deleted file mode 100644
index 9afe2396e2..0000000000
--- a/src/lib/libcrypto/doc/EVP_EncryptInit.pod
+++ /dev/null
@@ -1,359 +0,0 @@
1=pod
2
3=head1 NAME
4
5EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal, EVP_DecryptInit,
6EVP_DecryptUpdate, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherUpdate,
7EVP_CipherFinal, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl,
8EVP_CIPHER_CTX_cleanup, EVP_get_cipherbyname, EVP_get_cipherbynid,
9EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size,
10EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags,
11EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid,
12EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length,
13EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type,
14EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1,
15EVP_CIPHER_asn1_to_param - EVP cipher routines
16
17=head1 SYNOPSIS
18
19 #include <openssl/evp.h>
20
21 int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
22 unsigned char *key, unsigned char *iv);
23 int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
24 int *outl, unsigned char *in, int inl);
25 int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
26 int *outl);
27
28 int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
29 unsigned char *key, unsigned char *iv);
30 int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
31 int *outl, unsigned char *in, int inl);
32 int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
33 int *outl);
34
35 int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
36 unsigned char *key, unsigned char *iv, int enc);
37 int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
38 int *outl, unsigned char *in, int inl);
39 int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
40 int *outl);
41
42 int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
43 int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
44 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
45
46 const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
47 #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
48 #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
49
50 #define EVP_CIPHER_nid(e) ((e)->nid)
51 #define EVP_CIPHER_block_size(e) ((e)->block_size)
52 #define EVP_CIPHER_key_length(e) ((e)->key_len)
53 #define EVP_CIPHER_iv_length(e) ((e)->iv_len)
54 #define EVP_CIPHER_flags(e) ((e)->flags)
55 #define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
56 int EVP_CIPHER_type(const EVP_CIPHER *ctx);
57
58 #define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
59 #define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
60 #define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
61 #define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
62 #define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
63 #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
64 #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
65 #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
66 #define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
67 #define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
68
69 int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
70 int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
71
72=head1 DESCRIPTION
73
74The EVP cipher routines are a high level interface to certain
75symmetric ciphers.
76
77EVP_EncryptInit() initializes a cipher context B<ctx> for encryption
78with cipher B<type>. B<type> is normally supplied by a function such
79as EVP_des_cbc() . B<key> is the symmetric key to use and B<iv> is the
80IV to use (if necessary), the actual number of bytes used for the
81key and IV depends on the cipher. It is possible to set all parameters
82to NULL except B<type> in an initial call and supply the remaining
83parameters in subsequent calls, all of which have B<type> set to NULL.
84This is done when the default cipher parameters are not appropriate.
85
86EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
87writes the encrypted version to B<out>. This function can be called
88multiple times to encrypt successive blocks of data. The amount
89of data written depends on the block alignment of the encrypted data:
90as a result the amount of data written may be anything from zero bytes
91to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
92room. The actual number of bytes written is placed in B<outl>.
93
94EVP_EncryptFinal() encrypts the "final" data, that is any data that
95remains in a partial block. It uses L<standard block padding|/NOTES> (aka PKCS
96padding). The encrypted final data is written to B<out> which should
97have sufficient space for one cipher block. The number of bytes written
98is placed in B<outl>. After this function is called the encryption operation
99is finished and no further calls to EVP_EncryptUpdate() should be made.
100
101EVP_DecryptInit(), EVP_DecryptUpdate() and EVP_DecryptFinal() are the
102corresponding decryption operations. EVP_DecryptFinal() will return an
103error code if the final block is not correctly formatted. The parameters
104and restrictions are identical to the encryption operations except that
105the decrypted data buffer B<out> passed to EVP_DecryptUpdate() should
106have sufficient room for (B<inl> + cipher_block_size) bytes unless the
107cipher block size is 1 in which case B<inl> bytes is sufficient.
108
109EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal() are functions
110that can be used for decryption or encryption. The operation performed
111depends on the value of the B<enc> parameter. It should be set to 1 for
112encryption, 0 for decryption and -1 to leave the value unchanged (the
113actual value of 'enc' being supplied in a previous call).
114
115EVP_CIPHER_CTX_cleanup() clears all information from a cipher context.
116It should be called after all operations using a cipher are complete
117so sensitive information does not remain in memory.
118
119EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
120return an EVP_CIPHER structure when passed a cipher name, a NID or an
121ASN1_OBJECT structure.
122
123EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when
124passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX> structure. The actual NID
125value is an internal value which may not have a corresponding OBJECT
126IDENTIFIER.
127
128EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
129length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
130structure. The constant B<EVP_MAX_KEY_LENGTH> is the maximum key length
131for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a
132given cipher, the value of EVP_CIPHER_CTX_key_length() may be different
133for variable key length ciphers.
134
135EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx.
136If the cipher is a fixed length cipher then attempting to set the key
137length to any value other than the fixed value is an error.
138
139EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
140length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>.
141It will return zero if the cipher does not use an IV. The constant
142B<EVP_MAX_IV_LENGTH> is the maximum IV length for all ciphers.
143
144EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
145size of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
146structure. The constant B<EVP_MAX_IV_LENGTH> is also the maximum block
147length for all ciphers.
148
149EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
150cipher or context. This "type" is the actual NID of the cipher OBJECT
151IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and
152128 bit RC2 have the same NID. If the cipher does not have an object
153identifier or does not have ASN1 support this function will return
154B<NID_undef>.
155
156EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
157an B<EVP_CIPHER_CTX> structure.
158
159EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode:
160EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or
161EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then
162EVP_CIPH_STREAM_CIPHER is returned.
163
164EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based
165on the passed cipher. This will typically include any parameters and an
166IV. The cipher IV (if any) must be set when this call is made. This call
167should be made before the cipher is actually "used" (before any
168EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function
169may fail if the cipher does not have any ASN1 support.
170
171EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1
172AlgorithmIdentifier "parameter". The precise effect depends on the cipher
173In the case of RC2, for example, it will set the IV and effective key length.
174This function should be called after the base cipher type is set but before
175the key is set. For example EVP_CipherInit() will be called with the IV and
176key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally
177EVP_CipherInit() again with all parameters except the key set to NULL. It is
178possible for this function to fail if the cipher does not have any ASN1 support
179or the parameters cannot be set (for example the RC2 effective key length
180is not supported.
181
182EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined
183and set. Currently only the RC2 effective key length and the number of rounds of
184RC5 can be set.
185
186=head1 RETURN VALUES
187
188EVP_EncryptInit(), EVP_EncryptUpdate() and EVP_EncryptFinal() return 1 for success
189and 0 for failure.
190
191EVP_DecryptInit() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
192EVP_DecryptFinal() returns 0 if the decrypt failed or 1 for success.
193
194EVP_CipherInit() and EVP_CipherUpdate() return 1 for success and 0 for failure.
195EVP_CipherFinal() returns 1 for a decryption failure or 1 for success.
196
197EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure.
198
199EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
200return an B<EVP_CIPHER> structure or NULL on error.
201
202EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.
203
204EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
205size.
206
207EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
208length.
209
210EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
211length or zero if the cipher does not use an IV.
212
213EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
214OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
215
216EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
217
218EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
219success or zero for failure.
220
221=head1 CIPHER LISTING
222
223All algorithms have a fixed key length unless otherwise stated.
224
225=over 4
226
227=item EVP_enc_null()
228
229Null cipher: does nothing.
230
231=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
232
233DES in CBC, ECB, CFB and OFB modes respectively.
234
235=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void)
236
237Two key triple DES in CBC, ECB, CFB and OFB modes respectively.
238
239=item EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void), EVP_des_ede3_cfb(void)
240
241Three key triple DES in CBC, ECB, CFB and OFB modes respectively.
242
243=item EVP_desx_cbc(void)
244
245DESX algorithm in CBC mode.
246
247=item EVP_rc4(void)
248
249RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
250
251=item EVP_rc4_40(void)
252
253RC4 stream cipher with 40 bit key length. This is obsolete and new code should use EVP_rc4()
254and the EVP_CIPHER_CTX_set_key_length() function.
255
256=item EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void)
257
258IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
259
260=item EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)
261
262RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
263length cipher with an additional parameter called "effective key bits" or "effective key length".
264By default both are set to 128 bits.
265
266=item EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)
267
268RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.
269These are obsolete and new code should use EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and
270EVP_CIPHER_CTX_ctrl() to set the key length and effective key length.
271
272=item EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);
273
274Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
275length cipher.
276
277=item EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void)
278
279CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
280length cipher.
281
282=item EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)
283
284RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key length
285cipher with an additional "number of rounds" parameter. By default the key length is set to 128
286bits and 12 rounds.
287
288=back
289
290=head1 NOTES
291
292Where possible the B<EVP> interface to symmetric ciphers should be used in
293preference to the low level interfaces. This is because the code then becomes
294transparent to the cipher used and much more flexible.
295
296PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
297length of the encrypted data a multiple of the block size. Padding is always
298added so if the data is already a multiple of the block size B<n> will equal
299the block size. For example if the block size is 8 and 11 bytes are to be
300encrypted then 5 padding bytes of value 5 will be added.
301
302When decrypting the final block is checked to see if it has the correct form.
303
304Although the decryption operation can produce an error, it is not a strong
305test that the input data or key is correct. A random block has better than
3061 in 256 chance of being of the correct format and problems with the
307input data earlier on will not produce a final decrypt error.
308
309The functions EVP_EncryptInit(), EVP_EncryptUpdate(), EVP_EncryptFinal(),
310EVP_DecryptInit(), EVP_DecryptUpdate(), EVP_CipherInit() and EVP_CipherUpdate()
311and EVP_CIPHER_CTX_cleanup() did not return errors in OpenSSL version 0.9.5a or
312earlier. Software only versions of encryption algorithms will never return
313error codes for these functions, unless there is a programming error (for example
314and attempt to set the key before the cipher is set in EVP_EncryptInit() ).
315
316=head1 BUGS
317
318For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is
319a limitation of the current RC5 code rather than the EVP interface.
320
321It should be possible to disable PKCS padding: currently it isn't.
322
323EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
324default key lengths. If custom ciphers exceed these values the results are
325unpredictable. This is because it has become standard practice to define a
326generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
327
328The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
329for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.
330
331=head1 EXAMPLES
332
333Get the number of rounds used in RC5:
334
335 int nrounds;
336 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &i);
337
338Get the RC2 effective key length:
339
340 int key_bits;
341 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
342
343Set the number of rounds used in RC5:
344
345 int nrounds;
346 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, i, NULL);
347
348Set the number of rounds used in RC2:
349
350 int nrounds;
351 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, i, NULL);
352
353=head1 SEE ALSO
354
355L<evp(3)|evp(3)>
356
357=head1 HISTORY
358
359=cut
diff --git a/src/lib/libcrypto/doc/EVP_OpenInit.pod b/src/lib/libcrypto/doc/EVP_OpenInit.pod
deleted file mode 100644
index 2e710da945..0000000000
--- a/src/lib/libcrypto/doc/EVP_OpenInit.pod
+++ /dev/null
@@ -1,63 +0,0 @@
1=pod
2
3=head1 NAME
4
5EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
6
7=head1 SYNOPSIS
8
9 #include <openssl/evp.h>
10
11 int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
12 int ekl,unsigned char *iv,EVP_PKEY *priv);
13 int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
14 int *outl, unsigned char *in, int inl);
15 int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
16 int *outl);
17
18=head1 DESCRIPTION
19
20The EVP envelope routines are a high level interface to envelope
21decryption. They decrypt a public key encrypted symmetric key and
22then decrypt data using it.
23
24EVP_OpenInit() initializes a cipher context B<ctx> for decryption
25with cipher B<type>. It decrypts the encrypted symmetric key of length
26B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
27The IV is supplied in the B<iv> parameter.
28
29EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
30as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
31documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
32page.
33
34=head1 NOTES
35
36It is possible to call EVP_OpenInit() twice in the same way as
37EVP_DecryptInit(). The first call should have B<priv> set to NULL
38and (after setting any cipher parameters) it should be called again
39with B<type> set to NULL.
40
41If the cipher passed in the B<type> parameter is a variable length
42cipher then the key length will be set to the value of the recovered
43key length. If the cipher is a fixed length cipher then the recovered
44key length must match the fixed cipher length.
45
46=head1 RETURN VALUES
47
48EVP_OpenInit() returns 0 on error or a non zero integer (actually the
49recovered secret key size) if successful.
50
51EVP_OpenUpdate() returns 1 for success or 0 for failure.
52
53EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
54
55=head1 SEE ALSO
56
57L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
58L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
59L<EVP_SealInit(3)|EVP_SealInit(3)>
60
61=head1 HISTORY
62
63=cut
diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod
deleted file mode 100644
index 0451eb648a..0000000000
--- a/src/lib/libcrypto/doc/EVP_SealInit.pod
+++ /dev/null
@@ -1,76 +0,0 @@
1=pod
2
3=head1 NAME
4
5EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
6
7=head1 SYNOPSIS
8
9 #include <openssl/evp.h>
10
11 int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
12 int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
13 int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
14 int *outl, unsigned char *in, int inl);
15 int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
16 int *outl);
17
18=head1 DESCRIPTION
19
20The EVP envelope routines are a high level interface to envelope
21encryption. They generate a random key and then "envelope" it by
22using public key encryption. Data can then be encrypted using this
23key.
24
25EVP_SealInit() initializes a cipher context B<ctx> for encryption
26with cipher B<type> using a random secret key and IV supplied in
27the B<iv> parameter. B<type> is normally supplied by a function such
28as EVP_des_cbc(). The secret key is encrypted using one or more public
29keys, this allows the same encrypted data to be decrypted using any
30of the corresponding private keys. B<ek> is an array of buffers where
31the public key encrypted secret key will be written, each buffer must
32contain enough room for the corresponding encrypted key: that is
33B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual
34size of each encrypted secret key is written to the array B<ekl>. B<pubk> is
35an array of B<npubk> public keys.
36
37EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
38as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
39documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
40page.
41
42=head1 RETURN VALUES
43
44EVP_SealInit() returns 0 on error or B<npubk> if successful.
45
46EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for
47failure.
48
49=head1 NOTES
50
51Because a random secret key is generated the random number generator
52must be seeded before calling EVP_SealInit().
53
54The public key must be RSA because it is the only OpenSSL public key
55algorithm that supports key transport.
56
57Envelope encryption is the usual method of using public key encryption
58on large amounts of data, this is because public key encryption is slow
59but symmetric encryption is fast. So symmetric encryption is used for
60bulk encryption and the small random symmetric key used is transferred
61using public key encryption.
62
63It is possible to call EVP_SealInit() twice in the same way as
64EVP_EncryptInit(). The first call should have B<npubk> set to 0
65and (after setting any cipher parameters) it should be called again
66with B<type> set to NULL.
67
68=head1 SEE ALSO
69
70L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
71L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
72L<EVP_OpenInit(3)|EVP_OpenInit(3)>
73
74=head1 HISTORY
75
76=cut
diff --git a/src/lib/libcrypto/doc/EVP_SignInit.pod b/src/lib/libcrypto/doc/EVP_SignInit.pod
deleted file mode 100644
index d5ce245ecd..0000000000
--- a/src/lib/libcrypto/doc/EVP_SignInit.pod
+++ /dev/null
@@ -1,85 +0,0 @@
1=pod
2
3=head1 NAME
4
5EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions
6
7=head1 SYNOPSIS
8
9 #include <openssl/evp.h>
10
11 void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
12 void EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
13 int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
14
15 int EVP_PKEY_size(EVP_PKEY *pkey);
16
17=head1 DESCRIPTION
18
19The EVP signature routines are a high level interface to digital
20signatures.
21
22EVP_SignInit() initializes a signing context B<ctx> to using digest
23B<type>: this will typically be supplied by a function such as
24EVP_sha1().
25
26EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
27signature context B<ctx>. This function can be called several times on the
28same B<ctx> to include additional data.
29
30EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey>
31and places the signature in B<sig>. If the B<s> parameter is not NULL
32then the number of bytes of data written (i.e. the length of the signature)
33will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
34will be written. After calling EVP_SignFinal() no additional calls to
35EVP_SignUpdate() can be made, but EVP_SignInit() can be called to initialize
36a new signature operation.
37
38EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual
39signature returned by EVP_SignFinal() may be smaller.
40
41=head1 RETURN VALUES
42
43EVP_SignInit() and EVP_SignUpdate() do not return values.
44
45EVP_SignFinal() returns 1 for success and 0 for failure.
46
47EVP_PKEY_size() returns the maximum size of a signature in bytes.
48
49The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
50
51=head1 NOTES
52
53The B<EVP> interface to digital signatures should almost always be used in
54preference to the low level interfaces. This is because the code then becomes
55transparent to the algorithm used and much more flexible.
56
57Due to the link between message digests and public key algorithms the correct
58digest algorithm must be used with the correct public key type. A list of
59algorithms and associated public key algorithms appears in
60L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
61
62When signing with DSA private keys the random number generator must be seeded
63or the operation will fail. The random number generator does not need to be
64seeded for RSA signatures.
65
66=head1 BUGS
67
68Several of the functions do not return values: maybe they should. Although the
69internal digest operations will never fail some future hardware based operations
70might.
71
72=head1 SEE ALSO
73
74L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
75L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
76L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
77L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD(3)|RIPEMD(3)>,
78L<SHA1(3)|SHA1(3)>, L<digest(1)|digest(1)>
79
80=head1 HISTORY
81
82EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
83available in all versions of SSLeay and OpenSSL.
84
85=cut
diff --git a/src/lib/libcrypto/doc/EVP_VerifyInit.pod b/src/lib/libcrypto/doc/EVP_VerifyInit.pod
deleted file mode 100644
index 736a0f4a82..0000000000
--- a/src/lib/libcrypto/doc/EVP_VerifyInit.pod
+++ /dev/null
@@ -1,72 +0,0 @@
1=pod
2
3=head1 NAME
4
5EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions
6
7=head1 SYNOPSIS
8
9 #include <openssl/evp.h>
10
11 void EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
12 void EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
13 int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
14
15=head1 DESCRIPTION
16
17The EVP signature verification routines are a high level interface to digital
18signatures.
19
20EVP_VerifyInit() initializes a verification context B<ctx> to using digest
21B<type>: this will typically be supplied by a function such as EVP_sha1().
22
23EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
24verification context B<ctx>. This function can be called several times on the
25same B<ctx> to include additional data.
26
27EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
28and against the B<siglen> bytes at B<sigbuf>. After calling EVP_VerifyFinal()
29no additional calls to EVP_VerifyUpdate() can be made, but EVP_VerifyInit()
30can be called to initialize a new verification operation.
31
32=head1 RETURN VALUES
33
34EVP_VerifyInit() and EVP_VerifyUpdate() do not return values.
35
36EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
37other error occurred.
38
39The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
40
41=head1 NOTES
42
43The B<EVP> interface to digital signatures should almost always be used in
44preference to the low level interfaces. This is because the code then becomes
45transparent to the algorithm used and much more flexible.
46
47Due to the link between message digests and public key algorithms the correct
48digest algorithm must be used with the correct public key type. A list of
49algorithms and associated public key algorithms appears in
50L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
51
52=head1 BUGS
53
54Several of the functions do not return values: maybe they should. Although the
55internal digest operations will never fail some future hardware based operations
56might.
57
58=head1 SEE ALSO
59
60L<evp(3)|evp(3)>,
61L<EVP_SignInit(3)|EVP_SignInit(3)>,
62L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
63L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
64L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
65L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
66
67=head1 HISTORY
68
69EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are
70available in all versions of SSLeay and OpenSSL.
71
72=cut
diff --git a/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod b/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod
deleted file mode 100644
index 68ea723259..0000000000
--- a/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod
+++ /dev/null
@@ -1,88 +0,0 @@
1=pod
2
3=head1 NAME
4
5OPENSSL_VERSION_NUMBER, SSLeay SSLeay_version - get OpenSSL version number
6
7=head1 SYNOPSIS
8
9 #include <openssl/opensslv.h>
10 #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
11
12 #include <openssl/crypto.h>
13 long SSLeay(void);
14 char *SSLeay_version(int t);
15
16=head1 DESCRIPTION
17
18OPENSSL_VERSION_NUMBER is a numeric release version identifier:
19
20 MMNNFFPPS: major minor fix patch status
21
22The status nibble has one of the values 0 for development, 1 to e for betas
231 to 14, and f for release.
24
25for example
26
27 0x000906000 == 0.9.6 dev
28 0x000906023 == 0.9.6b beta 3
29 0x00090605f == 0.9.6e release
30
31Versions prior to 0.9.3 have identifiers E<lt> 0x0930.
32Versions between 0.9.3 and 0.9.5 had a version identifier with this
33interpretation:
34
35 MMNNFFRBB major minor fix final beta/patch
36
37for example
38
39 0x000904100 == 0.9.4 release
40 0x000905000 == 0.9.5 dev
41
42Version 0.9.5a had an interim interpretation that is like the current one,
43except the patch level got the highest bit set, to keep continuity. The
44number was therefore 0x0090581f.
45
46
47For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
48
49SSLeay() returns this number. The return value can be compared to the
50macro to make sure that the correct version of the library has been
51loaded, especially when using DLLs on Windows systems.
52
53SSLeay_version() returns different strings depending on B<t>:
54
55=over 4
56
57=item SSLEAY_VERSION
58The text variant of the version number and the release date. For example,
59"OpenSSL 0.9.5a 1 Apr 2000".
60
61=item SSLEAY_CFLAGS
62The flags given to the C compiler when compiling OpenSSL are returned in a
63string.
64
65=item SSLEAY_PLATFORM
66The platform name used when OpenSSL was configured is returned.
67
68=back
69
70If the data request isn't available, a text saying that the information is
71not available is returned.
72
73For an unknown B<t>, the text "not available" is returned.
74
75=head1 RETURN VALUE
76
77The version number.
78
79=head1 SEE ALSO
80
81L<crypto(3)|crypto(3)>
82
83=head1 HISTORY
84
85SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and OpenSSL.
86OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL.
87
88=cut
diff --git a/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod b/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod
deleted file mode 100644
index e63411b5bb..0000000000
--- a/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod
+++ /dev/null
@@ -1,66 +0,0 @@
1=pod
2
3=head1 NAME
4
5OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests -
6add algorithms to internal table
7
8=head1 SYNOPSIS
9
10 #include <openssl/evp.h>
11
12 void OpenSSL_add_all_algorithms(void);
13 void OpenSSL_add_all_ciphers(void);
14 void OpenSSL_add_all_digests(void);
15
16 void EVP_cleanup(void);
17
18=head1 DESCRIPTION
19
20OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
21this table to lookup ciphers via functions such as EVP_get_cipher_byname().
22
23OpenSSL_add_all_digests() adds all digest algorithms to the table.
24
25OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
26ciphers).
27
28OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
29password based encryption algorithms.
30
31EVP_cleanup() removes all ciphers and digests from the table.
32
33=head1 RETURN VALUES
34
35None of the functions return a value.
36
37=head1 NOTES
38
39A typical application will call OpenSSL_add_all_algorithms() initially and
40EVP_cleanup() before exiting.
41
42An application does not need to add algorithms to use them explicitly, for example
43by EVP_sha1(). It just needs to add them if it (or any of the functions it calls)
44needs to lookup algorithms.
45
46The cipher and digest lookup functions are used in many parts of the library. If
47the table is not initialized several functions will misbehave and complain they
48cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME libraries.
49This is a common query in the OpenSSL mailing lists.
50
51Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a
52statically linked executable can be quite large. If this is important it is possible
53to just add the required ciphers and digests.
54
55=head1 BUGS
56
57Although the functions do not return error codes it is possible for them to fail.
58This will only happen as a result of a memory allocation failure so this is not
59too much of a problem in practice.
60
61=head1 SEE ALSO
62
63L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
64L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
65
66=cut
diff --git a/src/lib/libcrypto/doc/RAND_add.pod b/src/lib/libcrypto/doc/RAND_add.pod
deleted file mode 100644
index 67c66f3e0c..0000000000
--- a/src/lib/libcrypto/doc/RAND_add.pod
+++ /dev/null
@@ -1,77 +0,0 @@
1=pod
2
3=head1 NAME
4
5RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add
6entropy to the PRNG
7
8=head1 SYNOPSIS
9
10 #include <openssl/rand.h>
11
12 void RAND_seed(const void *buf, int num);
13
14 void RAND_add(const void *buf, int num, double entropy);
15
16 int RAND_status(void);
17
18 int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
19 void RAND_screen(void);
20
21=head1 DESCRIPTION
22
23RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. Thus,
24if the data at B<buf> are unpredictable to an adversary, this
25increases the uncertainty about the state and makes the PRNG output
26less predictable. Suitable input comes from user interaction (random
27key presses, mouse movements) and certain hardware events. The
28B<entropy> argument is (the lower bound of) an estimate of how much
29randomness is contained in B<buf>, measured in bytes. Details about
30sources of randomness and how to estimate their entropy can be found
31in the literature, e.g. RFC 1750.
32
33RAND_add() may be called with sensitive data such as user entered
34passwords. The seed values cannot be recovered from the PRNG output.
35
36OpenSSL makes sure that the PRNG state is unique for each thread. On
37systems that provide C</dev/urandom>, the randomness device is used
38to seed the PRNG transparently. However, on all other systems, the
39application is responsible for seeding the PRNG by calling RAND_add(),
40L<RAND_egd(3)|RAND_egd(3)>
41or L<RAND_load_file(3)|RAND_load_file(3)>.
42
43RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
44
45RAND_event() collects the entropy from Windows events such as mouse
46movements and other user interaction. It should be called with the
47B<iMsg>, B<wParam> and B<lParam> arguments of I<all> messages sent to
48the window procedure. It will estimate the entropy contained in the
49event message (if any), and add it to the PRNG. The program can then
50process the messages as usual.
51
52The RAND_screen() function is available for the convenience of Windows
53programmers. It adds the current contents of the screen to the PRNG.
54For applications that can catch Windows events, seeding the PRNG by
55calling RAND_event() is a significantly better source of
56randomness. It should be noted that both methods cannot be used on
57servers that run without user interaction.
58
59=head1 RETURN VALUES
60
61RAND_status() and RAND_event() return 1 if the PRNG has been seeded
62with enough data, 0 otherwise.
63
64The other functions do not return values.
65
66=head1 SEE ALSO
67
68L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
69L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
70
71=head1 HISTORY
72
73RAND_seed() and RAND_screen() are available in all versions of SSLeay
74and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
750.9.5, RAND_event() in OpenSSL 0.9.5a.
76
77=cut
diff --git a/src/lib/libcrypto/doc/RAND_bytes.pod b/src/lib/libcrypto/doc/RAND_bytes.pod
deleted file mode 100644
index b03748b918..0000000000
--- a/src/lib/libcrypto/doc/RAND_bytes.pod
+++ /dev/null
@@ -1,46 +0,0 @@
1=pod
2
3=head1 NAME
4
5RAND_bytes, RAND_pseudo_bytes - generate random data
6
7=head1 SYNOPSIS
8
9 #include <openssl/rand.h>
10
11 int RAND_bytes(unsigned char *buf, int num);
12
13 int RAND_pseudo_bytes(unsigned char *buf, int num);
14
15=head1 DESCRIPTION
16
17RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
18into B<buf>. An error occurs if the PRNG has not been seeded with
19enough randomness to ensure an unpredictable byte sequence.
20
21RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
22Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
23unique if they are of sufficient length, but are not necessarily
24unpredictable. They can be used for non-cryptographic purposes and for
25certain purposes in cryptographic protocols, but usually not for key
26generation etc.
27
28=head1 RETURN VALUES
29
30RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
31obtained by L<ERR_get_error(3)|ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
32bytes generated are cryptographically strong, 0 otherwise. Both
33functions return -1 if they are not supported by the current RAND
34method.
35
36=head1 SEE ALSO
37
38L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<RAND_add(3)|RAND_add(3)>
39
40=head1 HISTORY
41
42RAND_bytes() is available in all versions of SSLeay and OpenSSL. It
43has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
44in OpenSSL 0.9.5.
45
46=cut
diff --git a/src/lib/libcrypto/doc/RAND_cleanup.pod b/src/lib/libcrypto/doc/RAND_cleanup.pod
deleted file mode 100644
index 3a8f0749a8..0000000000
--- a/src/lib/libcrypto/doc/RAND_cleanup.pod
+++ /dev/null
@@ -1,29 +0,0 @@
1=pod
2
3=head1 NAME
4
5RAND_cleanup - erase the PRNG state
6
7=head1 SYNOPSIS
8
9 #include <openssl/rand.h>
10
11 void RAND_cleanup(void);
12
13=head1 DESCRIPTION
14
15RAND_cleanup() erases the memory used by the PRNG.
16
17=head1 RETURN VALUE
18
19RAND_cleanup() returns no value.
20
21=head1 SEE ALSO
22
23L<rand(3)|rand(3)>
24
25=head1 HISTORY
26
27RAND_cleanup() is available in all versions of SSLeay and OpenSSL.
28
29=cut
diff --git a/src/lib/libcrypto/doc/RAND_load_file.pod b/src/lib/libcrypto/doc/RAND_load_file.pod
deleted file mode 100644
index d8c134e621..0000000000
--- a/src/lib/libcrypto/doc/RAND_load_file.pod
+++ /dev/null
@@ -1,53 +0,0 @@
1=pod
2
3=head1 NAME
4
5RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
6
7=head1 SYNOPSIS
8
9 #include <openssl/rand.h>
10
11 const char *RAND_file_name(char *buf, size_t num);
12
13 int RAND_load_file(const char *filename, long max_bytes);
14
15 int RAND_write_file(const char *filename);
16
17=head1 DESCRIPTION
18
19RAND_file_name() generates a default path for the random seed
20file. B<buf> points to a buffer of size B<num> in which to store the
21filename. The seed file is $RANDFILE if that environment variable is
22set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
23too small for the path name, an error occurs.
24
25RAND_load_file() reads a number of bytes from file B<filename> and
26adds them to the PRNG. If B<max_bytes> is non-negative,
27up to to B<max_bytes> are read; starting with OpenSSL 0.9.5,
28if B<max_bytes> is -1, the complete file is read.
29
30RAND_write_file() writes a number of random bytes (currently 1024) to
31file B<filename> which can be used to initialize the PRNG by calling
32RAND_load_file() in a later session.
33
34=head1 RETURN VALUES
35
36RAND_load_file() returns the number of bytes read.
37
38RAND_write_file() returns the number of bytes written, and -1 if the
39bytes written were generated without appropriate seed.
40
41RAND_file_name() returns a pointer to B<buf> on success, and NULL on
42error.
43
44=head1 SEE ALSO
45
46L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
47
48=head1 HISTORY
49
50RAND_load_file(), RAND_write_file() and RAND_file_name() are available in
51all versions of SSLeay and OpenSSL.
52
53=cut
diff --git a/src/lib/libcrypto/doc/RAND_set_rand_method.pod b/src/lib/libcrypto/doc/RAND_set_rand_method.pod
deleted file mode 100644
index 464eba416d..0000000000
--- a/src/lib/libcrypto/doc/RAND_set_rand_method.pod
+++ /dev/null
@@ -1,59 +0,0 @@
1=pod
2
3=head1 NAME
4
5RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method
6
7=head1 SYNOPSIS
8
9 #include <openssl/rand.h>
10
11 void RAND_set_rand_method(RAND_METHOD *meth);
12
13 RAND_METHOD *RAND_get_rand_method(void);
14
15 RAND_METHOD *RAND_SSLeay(void);
16
17=head1 DESCRIPTION
18
19A B<RAND_METHOD> specifies the functions that OpenSSL uses for random
20number generation. By modifying the method, alternative
21implementations such as hardware RNGs may be used. Initially, the
22default is to use the OpenSSL internal implementation. RAND_SSLeay()
23returns a pointer to that method.
24
25RAND_set_rand_method() sets the RAND method to B<meth>.
26RAND_get_rand_method() returns a pointer to the current method.
27
28=head1 THE RAND_METHOD STRUCTURE
29
30 typedef struct rand_meth_st
31 {
32 void (*seed)(const void *buf, int num);
33 int (*bytes)(unsigned char *buf, int num);
34 void (*cleanup)(void);
35 void (*add)(const void *buf, int num, int entropy);
36 int (*pseudorand)(unsigned char *buf, int num);
37 int (*status)(void);
38 } RAND_METHOD;
39
40The components point to the implementation of RAND_seed(),
41RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand()
42and RAND_status().
43Each component may be NULL if the function is not implemented.
44
45=head1 RETURN VALUES
46
47RAND_set_rand_method() returns no value. RAND_get_rand_method() and
48RAND_SSLeay() return pointers to the respective methods.
49
50=head1 SEE ALSO
51
52L<rand(3)|rand(3)>
53
54=head1 HISTORY
55
56RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
57available in all versions of OpenSSL.
58
59=cut
diff --git a/src/lib/libcrypto/doc/RSA_blinding_on.pod b/src/lib/libcrypto/doc/RSA_blinding_on.pod
deleted file mode 100644
index fd2c69abd8..0000000000
--- a/src/lib/libcrypto/doc/RSA_blinding_on.pod
+++ /dev/null
@@ -1,43 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
12
13 void RSA_blinding_off(RSA *rsa);
14
15=head1 DESCRIPTION
16
17RSA is vulnerable to timing attacks. In a setup where attackers can
18measure the time of RSA decryption or signature operations, blinding
19must be used to protect the RSA operation from that attack.
20
21RSA_blinding_on() turns blinding on for key B<rsa> and generates a
22random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
23initialized B<BN_CTX>. The random number generator must be seeded
24prior to calling RSA_blinding_on().
25
26RSA_blinding_off() turns blinding off and frees the memory used for
27the blinding factor.
28
29=head1 RETURN VALUES
30
31RSA_blinding_on() returns 1 on success, and 0 if an error occurred.
32
33RSA_blinding_off() returns no value.
34
35=head1 SEE ALSO
36
37L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
38
39=head1 HISTORY
40
41RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0.
42
43=cut
diff --git a/src/lib/libcrypto/doc/RSA_check_key.pod b/src/lib/libcrypto/doc/RSA_check_key.pod
deleted file mode 100644
index 1db6d736ab..0000000000
--- a/src/lib/libcrypto/doc/RSA_check_key.pod
+++ /dev/null
@@ -1,39 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_check_key - validate private RSA keys
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_check_key(RSA *rsa);
12
13=head1 DESCRIPTION
14
15This function validates RSA keys. It checks that B<p> and B<q> are
16in fact prime, and that B<n = p*q>.
17
18It also checks that B<d*e = 1 mod (p-1*q-1)>,
19and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
20
21The key's public components may not be B<NULL>.
22
23=head1 RETURN VALUE
24
25RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
26-1 is returned if an error occurs while checking the key.
27
28If the key is invalid or an error occurred, the reason code can be
29obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
30
31=head1 SEE ALSO
32
33L<rsa(3)|rsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
34
35=head1 HISTORY
36
37RSA_check() appeared in OpenSSL 0.9.4.
38
39=cut
diff --git a/src/lib/libcrypto/doc/RSA_generate_key.pod b/src/lib/libcrypto/doc/RSA_generate_key.pod
deleted file mode 100644
index 0e0f0a764c..0000000000
--- a/src/lib/libcrypto/doc/RSA_generate_key.pod
+++ /dev/null
@@ -1,68 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_generate_key - generate RSA key pair
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 RSA *RSA_generate_key(int num, unsigned long e,
12 void (*callback)(int,int,void *), void *cb_arg);
13
14=head1 DESCRIPTION
15
16RSA_generate_key() generates a key pair and returns it in a newly
17allocated B<RSA> structure. The pseudo-random number generator must
18be seeded prior to calling RSA_generate_key().
19
20The modulus size will be B<num> bits, and the public exponent will be
21B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
22The exponent is an odd number, typically 3 or 65535.
23
24A callback function may be used to provide feedback about the
25progress of the key generation. If B<callback> is not B<NULL>, it
26will be called as follows:
27
28=over 4
29
30=item *
31
32While a random prime number is generated, it is called as
33described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
34
35=item *
36
37When the n-th randomly generated prime is rejected as not
38suitable for the key, B<callback(2, n, cb_arg)> is called.
39
40=item *
41
42When a random p has been found with p-1 relatively prime to B<e>,
43it is called as B<callback(3, 0, cb_arg)>.
44
45=back
46
47The process is then repeated for prime q with B<callback(3, 1, cb_arg)>.
48
49=head1 RETURN VALUE
50
51If key generation fails, RSA_generate_key() returns B<NULL>; the
52error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
53
54=head1 BUGS
55
56B<callback(2, x, cb_arg)> is used with two different meanings.
57
58RSA_generate_key() goes into an infinite loop for illegal input values.
59
60=head1 SEE ALSO
61
62L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_free(3)|RSA_free(3)>
63
64=head1 HISTORY
65
66The B<cb_arg> argument was added in SSLeay 0.9.0.
67
68=cut
diff --git a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod
deleted file mode 100644
index 46cc8f5359..0000000000
--- a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,120 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_get_ex_new_index(long argl, void *argp,
12 CRYPTO_EX_new *new_func,
13 CRYPTO_EX_dup *dup_func,
14 CRYPTO_EX_free *free_func);
15
16 int RSA_set_ex_data(RSA *r, int idx, void *arg);
17
18 void *RSA_get_ex_data(RSA *r, int idx);
19
20 typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
21 int idx, long argl, void *argp);
22 typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
23 int idx, long argl, void *argp);
24 typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
25 int idx, long argl, void *argp);
26
27=head1 DESCRIPTION
28
29Several OpenSSL structures can have application specific data attached to them.
30This has several potential uses, it can be used to cache data associated with
31a structure (for example the hash of some part of the structure) or some
32additional data (for example a handle to the data in an external library).
33
34Since the application data can be anything at all it is passed and retrieved
35as a B<void *> type.
36
37The B<RSA_get_ex_new_index()> function is initially called to "register" some
38new application specific data. It takes three optional function pointers which
39are called when the parent structure (in this case an RSA structure) is
40initially created, when it is copied and when it is freed up. If any or all of
41these function pointer arguments are not used they should be set to NULL. The
42precise manner in which these function pointers are called is described in more
43detail below. B<RSA_get_ex_new_index()> also takes additional long and pointer
44parameters which will be passed to the supplied functions but which otherwise
45have no special meaning. It returns an B<index> which should be stored
46(typically in a static variable) and passed used in the B<idx> parameter in
47the remaining functions. Each successful call to B<RSA_get_ex_new_index()>
48will return an index greater than any previously returned, this is important
49because the optional functions are called in order of increasing index value.
50
51B<RSA_set_ex_data()> is used to set application specific data, the data is
52supplied in the B<arg> parameter and its precise meaning is up to the
53application.
54
55B<RSA_get_ex_data()> is used to retrieve application specific data. The data
56is returned to the application, this will be the same value as supplied to
57a previous B<RSA_set_ex_data()> call.
58
59B<new_func()> is called when a structure is initially allocated (for example
60with B<RSA_new()>. The parent structure members will not have any meaningful
61values at this point. This function will typically be used to allocate any
62application specific structure.
63
64B<free_func()> is called when a structure is being freed up. The dynamic parent
65structure members should not be accessed because they will be freed up when
66this function is called.
67
68B<new_func()> and B<free_func()> take the same parameters. B<parent> is a
69pointer to the parent RSA structure. B<ptr> is a the application specific data
70(this wont be of much use in B<new_func()>. B<ad> is a pointer to the
71B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions
72B<CRYPTO_get_ex_data()> and B<CRYPTO_set_ex_data()> can be called to manipulate
73it. The B<idx> parameter is the index: this will be the same value returned by
74B<RSA_get_ex_new_index()> when the functions were initially registered. Finally
75the B<argl> and B<argp> parameters are the values originally passed to the same
76corresponding parameters when B<RSA_get_ex_new_index()> was called.
77
78B<dup_func()> is called when a structure is being copied. Pointers to the
79destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and
80B<from> parameters respectively. The B<from_d> parameter is passed a pointer to
81the source application data when the function is called, when the function returns
82the value is copied to the destination: the application can thus modify the data
83pointed to by B<from_d> and have different values in the source and destination.
84The B<idx>, B<argl> and B<argp> parameters are the same as those in B<new_func()>
85and B<free_func()>.
86
87=head1 RETURN VALUES
88
89B<RSA_get_ex_new_index()> returns a new index or -1 on failure (note 0 is a valid
90index value).
91
92B<RSA_set_ex_data()> returns 1 on success or 0 on failure.
93
94B<RSA_get_ex_data()> returns the application data or 0 on failure. 0 may also
95be valid application data but currently it can only fail if given an invalid B<idx>
96parameter.
97
98B<new_func()> and B<dup_func()> should return 0 for failure and 1 for success.
99
100On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
101
102=head1 BUGS
103
104B<dup_func()> is currently never called.
105
106The return value of B<new_func()> is ignored.
107
108The B<new_func()> function isn't very useful because no meaningful values are
109present in the parent RSA structure when it is called.
110
111=head1 SEE ALSO
112
113L<rsa(3)|rsa(3)>, L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
114
115=head1 HISTORY
116
117RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
118available since SSLeay 0.9.0.
119
120=cut
diff --git a/src/lib/libcrypto/doc/RSA_new.pod b/src/lib/libcrypto/doc/RSA_new.pod
deleted file mode 100644
index 299047f31f..0000000000
--- a/src/lib/libcrypto/doc/RSA_new.pod
+++ /dev/null
@@ -1,39 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_new, RSA_free - allocate and free RSA objects
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 RSA * RSA_new(void);
12
13 void RSA_free(RSA *rsa);
14
15=head1 DESCRIPTION
16
17RSA_new() allocates and initializes an B<RSA> structure.
18
19RSA_free() frees the B<RSA> structure and its components. The key is
20erased before the memory is returned to the system.
21
22=head1 RETURN VALUES
23
24If the allocation fails, RSA_new() returns B<NULL> and sets an error
25code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
26a pointer to the newly allocated structure.
27
28RSA_free() returns no value.
29
30=head1 SEE ALSO
31
32L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
33L<RSA_generate_key(3)|RSA_generate_key(3)>
34
35=head1 HISTORY
36
37RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL.
38
39=cut
diff --git a/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod b/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod
deleted file mode 100644
index b8f678fe72..0000000000
--- a/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod
+++ /dev/null
@@ -1,124 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
6RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
7RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
8RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
9RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption
10padding
11
12=head1 SYNOPSIS
13
14 #include <openssl/rsa.h>
15
16 int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
17 unsigned char *f, int fl);
18
19 int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
20 unsigned char *f, int fl, int rsa_len);
21
22 int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
23 unsigned char *f, int fl);
24
25 int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
26 unsigned char *f, int fl, int rsa_len);
27
28 int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
29 unsigned char *f, int fl, unsigned char *p, int pl);
30
31 int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
32 unsigned char *f, int fl, int rsa_len, unsigned char *p, int pl);
33
34 int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
35 unsigned char *f, int fl);
36
37 int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
38 unsigned char *f, int fl, int rsa_len);
39
40 int RSA_padding_add_none(unsigned char *to, int tlen,
41 unsigned char *f, int fl);
42
43 int RSA_padding_check_none(unsigned char *to, int tlen,
44 unsigned char *f, int fl, int rsa_len);
45
46=head1 DESCRIPTION
47
48The RSA_padding_xxx_xxx() functions are called from the RSA encrypt,
49decrypt, sign and verify functions. Normally they should not be called
50from application programs.
51
52However, they can also be called directly to implement padding for other
53asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and
54RSA_padding_check_PKCS1_OAEP() may be used in an application combined
55with B<RSA_NO_PADDING> in order to implement OAEP with an encoding
56parameter.
57
58RSA_padding_add_xxx() encodes B<fl> bytes from B<f> so as to fit into
59B<tlen> bytes and stores the result at B<to>. An error occurs if B<fl>
60does not meet the size requirements of the encoding method.
61
62The following encoding methods are implemented:
63
64=over 4
65
66=item PKCS1_type_1
67
68PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures
69
70=item PKCS1_type_2
71
72PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)
73
74=item PKCS1_OAEP
75
76PKCS #1 v2.0 EME-OAEP
77
78=item SSLv23
79
80PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification
81
82=item none
83
84simply copy the data
85
86=back
87
88The random number generator must be seeded prior to calling
89RSA_padding_add_xxx().
90
91RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain
92a valid encoding for a B<rsa_len> byte RSA key in the respective
93encoding method and stores the recovered data of at most B<tlen> bytes
94(for B<RSA_NO_PADDING>: of size B<tlen>)
95at B<to>.
96
97For RSA_padding_xxx_OAEP(), B<p> points to the encoding parameter
98of length B<pl>. B<p> may be B<NULL> if B<pl> is 0.
99
100=head1 RETURN VALUES
101
102The RSA_padding_add_xxx() functions return 1 on success, 0 on error.
103The RSA_padding_check_xxx() functions return the length of the
104recovered data, -1 on error. Error codes can be obtained by calling
105L<ERR_get_error(3)|ERR_get_error(3)>.
106
107=head1 SEE ALSO
108
109L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
110L<RSA_private_decrypt(3)|RSA_private_decrypt(3)>,
111L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
112
113=head1 HISTORY
114
115RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(),
116RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(),
117RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(),
118RSA_padding_add_none() and RSA_padding_check_none() appeared in
119SSLeay 0.9.0.
120
121RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were
122added in OpenSSL 0.9.2b.
123
124=cut
diff --git a/src/lib/libcrypto/doc/RSA_print.pod b/src/lib/libcrypto/doc/RSA_print.pod
deleted file mode 100644
index 67876facc5..0000000000
--- a/src/lib/libcrypto/doc/RSA_print.pod
+++ /dev/null
@@ -1,49 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_print, RSA_print_fp, DHparams_print, DHparams_print_fp, DSA_print,
6DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic
7parameters
8
9=head1 SYNOPSIS
10
11 #include <openssl/rsa.h>
12
13 int RSA_print(BIO *bp, RSA *x, int offset);
14 int RSA_print_fp(FILE *fp, RSA *x, int offset);
15
16 #include <openssl/dsa.h>
17
18 int DSAparams_print(BIO *bp, DSA *x);
19 int DSAparams_print_fp(FILE *fp, DSA *x);
20 int DSA_print(BIO *bp, DSA *x, int offset);
21 int DSA_print_fp(FILE *fp, DSA *x, int offset);
22
23 #include <openssl/dh.h>
24
25 int DHparams_print(BIO *bp, DH *x);
26 int DHparams_print_fp(FILE *fp, DH *x);
27
28=head1 DESCRIPTION
29
30A human-readable hexadecimal output of the components of the RSA
31key, DSA parameters or key or DH parameters is printed to B<bp> or B<fp>.
32
33The output lines are indented by B<offset> spaces.
34
35=head1 RETURN VALUES
36
37These functions return 1 on success, 0 on error.
38
39=head1 SEE ALSO
40
41L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
42
43=head1 HISTORY
44
45RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
46DH_print_fp() are available in all versions of SSLeay and OpenSSL.
47DSAparams_print() and DSAparams_print_pf() were added in SSLeay 0.8.
48
49=cut
diff --git a/src/lib/libcrypto/doc/RSA_private_encrypt.pod b/src/lib/libcrypto/doc/RSA_private_encrypt.pod
deleted file mode 100644
index 0d1b2bd541..0000000000
--- a/src/lib/libcrypto/doc/RSA_private_encrypt.pod
+++ /dev/null
@@ -1,70 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_private_encrypt, RSA_public_decrypt - low level signature operations
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_private_encrypt(int flen, unsigned char *from,
12 unsigned char *to, RSA *rsa, int padding);
13
14 int RSA_public_decrypt(int flen, unsigned char *from,
15 unsigned char *to, RSA *rsa, int padding);
16
17=head1 DESCRIPTION
18
19These functions handle RSA signatures at a low level.
20
21RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a
22message digest with an algorithm identifier) using the private key
23B<rsa> and stores the signature in B<to>. B<to> must point to
24B<RSA_size(rsa)> bytes of memory.
25
26B<padding> denotes one of the following modes:
27
28=over 4
29
30=item RSA_PKCS1_PADDING
31
32PKCS #1 v1.5 padding. This function does not handle the
33B<algorithmIdentifier> specified in PKCS #1. When generating or
34verifying PKCS #1 signatures, L<RSA_sign(3)|RSA_sign(3)> and L<RSA_verify(3)|RSA_verify(3)> should be
35used.
36
37=item RSA_NO_PADDING
38
39Raw RSA signature. This mode should I<only> be used to implement
40cryptographically sound padding modes in the application code.
41Signing user data directly with RSA is insecure.
42
43=back
44
45RSA_public_decrypt() recovers the message digest from the B<flen>
46bytes long signature at B<from> using the signer's public key
47B<rsa>. B<to> must point to a memory section large enough to hold the
48message digest (which is smaller than B<RSA_size(rsa) -
4911>). B<padding> is the padding mode that was used to sign the data.
50
51=head1 RETURN VALUES
52
53RSA_private_encrypt() returns the size of the signature (i.e.,
54RSA_size(rsa)). RSA_public_decrypt() returns the size of the
55recovered message digest.
56
57On error, -1 is returned; the error codes can be
58obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
59
60=head1 SEE ALSO
61
62L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
63L<RSA_verify(3)|RSA_verify(3)>
64
65=head1 HISTORY
66
67The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
68available since SSLeay 0.9.0.
69
70=cut
diff --git a/src/lib/libcrypto/doc/RSA_public_encrypt.pod b/src/lib/libcrypto/doc/RSA_public_encrypt.pod
deleted file mode 100644
index 23861c0004..0000000000
--- a/src/lib/libcrypto/doc/RSA_public_encrypt.pod
+++ /dev/null
@@ -1,86 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_public_encrypt(int flen, unsigned char *from,
12 unsigned char *to, RSA *rsa, int padding);
13
14 int RSA_private_decrypt(int flen, unsigned char *from,
15 unsigned char *to, RSA *rsa, int padding);
16
17=head1 DESCRIPTION
18
19RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
20session key) using the public key B<rsa> and stores the ciphertext in
21B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory.
22
23B<padding> denotes one of the following modes:
24
25=over 4
26
27=item RSA_PKCS1_PADDING
28
29PKCS #1 v1.5 padding. This currently is the most widely used mode.
30
31=item RSA_PKCS1_OAEP_PADDING
32
33EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
34encoding parameter. This mode is recommended for all new applications.
35
36=item RSA_SSLV23_PADDING
37
38PKCS #1 v1.5 padding with an SSL-specific modification that denotes
39that the server is SSL3 capable.
40
41=item RSA_NO_PADDING
42
43Raw RSA encryption. This mode should I<only> be used to implement
44cryptographically sound padding modes in the application code.
45Encrypting user data directly with RSA is insecure.
46
47=back
48
49B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5
50based padding modes, and less than RSA_size(B<rsa>) - 41 for
51RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded
52prior to calling RSA_public_encrypt().
53
54RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
55private key B<rsa> and stores the plaintext in B<to>. B<to> must point
56to a memory section large enough to hold the decrypted data (which is
57smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that
58was used to encrypt the data.
59
60=head1 RETURN VALUES
61
62RSA_public_encrypt() returns the size of the encrypted data (i.e.,
63RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
64recovered plaintext.
65
66On error, -1 is returned; the error codes can be
67obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
68
69=head1 CONFORMING TO
70
71SSL, PKCS #1 v2.0
72
73=head1 SEE ALSO
74
75L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)>
76
77=head1 NOTES
78
79The L<RSA_PKCS1_RSAref(3)|RSA_PKCS1_RSAref(3)> method supports only the RSA_PKCS1_PADDING mode.
80
81=head1 HISTORY
82
83The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
84available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
85
86=cut
diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod
deleted file mode 100644
index b672712292..0000000000
--- a/src/lib/libcrypto/doc/RSA_set_method.pod
+++ /dev/null
@@ -1,168 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_set_default_method, RSA_get_default_method, RSA_set_method,
6RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref,
7RSA_null_method, RSA_flags, RSA_new_method - select RSA method
8
9=head1 SYNOPSIS
10
11 #include <openssl/rsa.h>
12 #include <openssl/engine.h>
13
14 void RSA_set_default_openssl_method(RSA_METHOD *meth);
15
16 RSA_METHOD *RSA_get_default_openssl_method(void);
17
18 RSA_METHOD *RSA_set_method(RSA *rsa, ENGINE *engine);
19
20 RSA_METHOD *RSA_get_method(RSA *rsa);
21
22 RSA_METHOD *RSA_PKCS1_SSLeay(void);
23
24 RSA_METHOD *RSA_PKCS1_RSAref(void);
25
26 RSA_METHOD *RSA_null_method(void);
27
28 int RSA_flags(RSA *rsa);
29
30 RSA *RSA_new_method(ENGINE *engine);
31
32=head1 DESCRIPTION
33
34An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA
35operations. By modifying the method, alternative implementations
36such as hardware accelerators may be used.
37
38Initially, the default is to use the OpenSSL internal implementation,
39unless OpenSSL was configured with the C<rsaref> or C<-DRSA_NULL>
40options. RSA_PKCS1_SSLeay() returns a pointer to that method.
41
42RSA_PKCS1_RSAref() returns a pointer to a method that uses the RSAref
43library. This is the default method in the C<rsaref> configuration;
44the function is not available in other configurations.
45RSA_null_method() returns a pointer to a method that does not support
46the RSA transformation. It is the default if OpenSSL is compiled with
47C<-DRSA_NULL>. These methods may be useful in the USA because of a
48patent on the RSA cryptosystem.
49
50RSA_set_default_openssl_method() makes B<meth> the default method for all B<RSA>
51structures created later. B<NB:> This is true only whilst the default engine
52for RSA operations remains as "openssl". ENGINEs provide an
53encapsulation for implementations of one or more algorithms at a time, and all
54the RSA functions mentioned here operate within the scope of the default
55"openssl" engine.
56
57RSA_get_default_openssl_method() returns a pointer to the current default
58method for the "openssl" engine.
59
60RSA_set_method() selects B<engine> for all operations using the key
61B<rsa>.
62
63RSA_get_method() returns a pointer to the RSA_METHOD from the currently
64selected ENGINE for B<rsa>.
65
66RSA_flags() returns the B<flags> that are set for B<rsa>'s current method.
67
68RSA_new_method() allocates and initializes an RSA structure so that
69B<engine> will be used for the RSA operations. If B<engine> is NULL,
70the default engine for RSA operations is used.
71
72=head1 THE RSA_METHOD STRUCTURE
73
74 typedef struct rsa_meth_st
75 {
76 /* name of the implementation */
77 const char *name;
78
79 /* encrypt */
80 int (*rsa_pub_enc)(int flen, unsigned char *from,
81 unsigned char *to, RSA *rsa, int padding);
82
83 /* verify arbitrary data */
84 int (*rsa_pub_dec)(int flen, unsigned char *from,
85 unsigned char *to, RSA *rsa, int padding);
86
87 /* sign arbitrary data */
88 int (*rsa_priv_enc)(int flen, unsigned char *from,
89 unsigned char *to, RSA *rsa, int padding);
90
91 /* decrypt */
92 int (*rsa_priv_dec)(int flen, unsigned char *from,
93 unsigned char *to, RSA *rsa, int padding);
94
95 /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
96 implementations) */
97 int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
98
99 /* compute r = a ^ p mod m (May be NULL for some implementations) */
100 int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
101 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
102
103 /* called at RSA_new */
104 int (*init)(RSA *rsa);
105
106 /* called at RSA_free */
107 int (*finish)(RSA *rsa);
108
109 /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
110 * operations, even if p,q,dmp1,dmq1,iqmp
111 * are NULL
112 * RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
113 * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
114 */
115 int flags;
116
117 char *app_data; /* ?? */
118
119 /* sign. For backward compatibility, this is used only
120 * if (flags & RSA_FLAG_SIGN_VER)
121 */
122 int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
123 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
124
125 /* verify. For backward compatibility, this is used only
126 * if (flags & RSA_FLAG_SIGN_VER)
127 */
128 int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
129 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
130
131 } RSA_METHOD;
132
133=head1 RETURN VALUES
134
135RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(), RSA_PKCS1_null_method(),
136RSA_get_default_openssl_method() and RSA_get_method() return pointers to
137the respective RSA_METHODs.
138
139RSA_set_default_openssl_method() returns no value.
140
141RSA_set_method() selects B<engine> as the engine that will be responsible for
142all operations using the structure B<rsa>. If this function completes successfully,
143then the B<rsa> structure will have its own functional reference of B<engine>, so
144the caller should remember to free their own reference to B<engine> when they are
145finished with it. NB: An ENGINE's RSA_METHOD can be retrieved (or set) by
146ENGINE_get_RSA() or ENGINE_set_RSA().
147
148RSA_new_method() returns NULL and sets an error code that can be
149obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
150it returns a pointer to the newly allocated structure.
151
152=head1 SEE ALSO
153
154L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
155
156=head1 HISTORY
157
158RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
159RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
160well as the rsa_sign and rsa_verify components of RSA_METHOD were
161added in OpenSSL 0.9.4.
162
163RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
164replaced RSA_set_default_method() and RSA_get_default_method() respectively,
165and RSA_set_method() and RSA_new_method() were altered to use B<ENGINE>s
166rather than B<DH_METHOD>s during development of OpenSSL 0.9.6.
167
168=cut
diff --git a/src/lib/libcrypto/doc/RSA_sign.pod b/src/lib/libcrypto/doc/RSA_sign.pod
deleted file mode 100644
index 71688a665e..0000000000
--- a/src/lib/libcrypto/doc/RSA_sign.pod
+++ /dev/null
@@ -1,62 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_sign, RSA_verify - RSA signatures
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_sign(int type, unsigned char *m, unsigned int m_len,
12 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
13
14 int RSA_verify(int type, unsigned char *m, unsigned int m_len,
15 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
16
17=head1 DESCRIPTION
18
19RSA_sign() signs the message digest B<m> of size B<m_len> using the
20private key B<rsa> as specified in PKCS #1 v2.0. It stores the
21signature in B<sigret> and the signature size in B<siglen>. B<sigret>
22must point to RSA_size(B<rsa>) bytes of memory.
23
24B<type> denotes the message digest algorithm that was used to generate
25B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
26see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
27an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
28and no algorithm identifier) is created.
29
30RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
31matches a given message digest B<m> of size B<m_len>. B<type> denotes
32the message digest algorithm that was used to generate the signature.
33B<rsa> is the signer's public key.
34
35=head1 RETURN VALUES
36
37RSA_sign() returns 1 on success, 0 otherwise. RSA_verify() returns 1
38on successful verification, 0 otherwise.
39
40The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
41
42=head1 BUGS
43
44Certain signatures with an improper algorithm identifier are accepted
45for compatibility with SSLeay 0.4.5 :-)
46
47=head1 CONFORMING TO
48
49SSL, PKCS #1 v2.0
50
51=head1 SEE ALSO
52
53L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
54L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
55L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
56
57=head1 HISTORY
58
59RSA_sign() and RSA_verify() are available in all versions of SSLeay
60and OpenSSL.
61
62=cut
diff --git a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod
deleted file mode 100644
index b8c7bbb7e3..0000000000
--- a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod
+++ /dev/null
@@ -1,59 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
12 unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
13 RSA *rsa);
14
15 int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
16 unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
17 RSA *rsa);
18
19=head1 DESCRIPTION
20
21RSA_sign_ASN1_OCTET_STRING() signs the octet string B<m> of size
22B<m_len> using the private key B<rsa> represented in DER using PKCS #1
23padding. It stores the signature in B<sigret> and the signature size
24in B<siglen>. B<sigret> must point to B<RSA_size(rsa)> bytes of
25memory.
26
27B<dummy> is ignored.
28
29The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().
30
31RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf>
32of size B<siglen> is the DER representation of a given octet string
33B<m> of size B<m_len>. B<dummy> is ignored. B<rsa> is the signer's
34public key.
35
36=head1 RETURN VALUES
37
38RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise.
39RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0
40otherwise.
41
42The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
43
44=head1 BUGS
45
46These functions serve no recognizable purpose.
47
48=head1 SEE ALSO
49
50L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, L<rand(3)|rand(3)>,
51L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
52L<RSA_verify(3)|RSA_verify(3)>
53
54=head1 HISTORY
55
56RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were
57added in SSLeay 0.8.
58
59=cut
diff --git a/src/lib/libcrypto/doc/RSA_size.pod b/src/lib/libcrypto/doc/RSA_size.pod
deleted file mode 100644
index b36b4d58d5..0000000000
--- a/src/lib/libcrypto/doc/RSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
1=pod
2
3=head1 NAME
4
5RSA_size - get RSA modulus size
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_size(RSA *rsa);
12
13=head1 DESCRIPTION
14
15This function returns the RSA modulus size in bytes. It can be used to
16determine how much memory must be allocated for an RSA encrypted
17value.
18
19B<rsa-E<gt>n> must not be B<NULL>.
20
21=head1 RETURN VALUE
22
23The size in bytes.
24
25=head1 SEE ALSO
26
27L<rsa(3)|rsa(3)>
28
29=head1 HISTORY
30
31RSA_size() is available in all versions of SSLeay and OpenSSL.
32
33=cut
diff --git a/src/lib/libcrypto/doc/bn.pod b/src/lib/libcrypto/doc/bn.pod
deleted file mode 100644
index d183028d61..0000000000
--- a/src/lib/libcrypto/doc/bn.pod
+++ /dev/null
@@ -1,149 +0,0 @@
1=pod
2
3=head1 NAME
4
5bn - multiprecision integer arithmetics
6
7=head1 SYNOPSIS
8
9 #include <openssl/bn.h>
10
11 BIGNUM *BN_new(void);
12 void BN_free(BIGNUM *a);
13 void BN_init(BIGNUM *);
14 void BN_clear(BIGNUM *a);
15 void BN_clear_free(BIGNUM *a);
16
17 BN_CTX *BN_CTX_new(void);
18 void BN_CTX_init(BN_CTX *c);
19 void BN_CTX_free(BN_CTX *c);
20
21 BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
22 BIGNUM *BN_dup(const BIGNUM *a);
23
24 int BN_num_bytes(const BIGNUM *a);
25 int BN_num_bits(const BIGNUM *a);
26 int BN_num_bits_word(BN_ULONG w);
27
28 int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
29 int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
30 int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
31 int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
32 BN_CTX *ctx);
33 int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
34 int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
35 int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
36 BN_CTX *ctx);
37 int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
38 int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
39 const BIGNUM *m, BN_CTX *ctx);
40 int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
41
42 int BN_add_word(BIGNUM *a, BN_ULONG w);
43 int BN_sub_word(BIGNUM *a, BN_ULONG w);
44 int BN_mul_word(BIGNUM *a, BN_ULONG w);
45 BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
46 BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
47
48 int BN_cmp(BIGNUM *a, BIGNUM *b);
49 int BN_ucmp(BIGNUM *a, BIGNUM *b);
50 int BN_is_zero(BIGNUM *a);
51 int BN_is_one(BIGNUM *a);
52 int BN_is_word(BIGNUM *a, BN_ULONG w);
53 int BN_is_odd(BIGNUM *a);
54
55 int BN_zero(BIGNUM *a);
56 int BN_one(BIGNUM *a);
57 BIGNUM *BN_value_one(void);
58 int BN_set_word(BIGNUM *a, unsigned long w);
59 unsigned long BN_get_word(BIGNUM *a);
60
61 int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
62 int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
63 int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
64
65 BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add,
66 BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
67 int BN_is_prime(const BIGNUM *p, int nchecks,
68 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
69
70 int BN_set_bit(BIGNUM *a, int n);
71 int BN_clear_bit(BIGNUM *a, int n);
72 int BN_is_bit_set(const BIGNUM *a, int n);
73 int BN_mask_bits(BIGNUM *a, int n);
74 int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
75 int BN_lshift1(BIGNUM *r, BIGNUM *a);
76 int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
77 int BN_rshift1(BIGNUM *r, BIGNUM *a);
78
79 int BN_bn2bin(const BIGNUM *a, unsigned char *to);
80 BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
81 char *BN_bn2hex(const BIGNUM *a);
82 char *BN_bn2dec(const BIGNUM *a);
83 int BN_hex2bn(BIGNUM **a, const char *str);
84 int BN_dec2bn(BIGNUM **a, const char *str);
85 int BN_print(BIO *fp, const BIGNUM *a);
86 int BN_print_fp(FILE *fp, const BIGNUM *a);
87 int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
88 BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
89
90 BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
91 BN_CTX *ctx);
92
93 BN_RECP_CTX *BN_RECP_CTX_new(void);
94 void BN_RECP_CTX_init(BN_RECP_CTX *recp);
95 void BN_RECP_CTX_free(BN_RECP_CTX *recp);
96 int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
97 int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
98 BN_RECP_CTX *recp, BN_CTX *ctx);
99
100 BN_MONT_CTX *BN_MONT_CTX_new(void);
101 void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
102 void BN_MONT_CTX_free(BN_MONT_CTX *mont);
103 int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
104 BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
105 int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
106 BN_MONT_CTX *mont, BN_CTX *ctx);
107 int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
108 BN_CTX *ctx);
109 int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
110 BN_CTX *ctx);
111
112
113=head1 DESCRIPTION
114
115This library performs arithmetic operations on integers of arbitrary
116size. It was written for use in public key cryptography, such as RSA
117and Diffie-Hellman.
118
119It uses dynamic memory allocation for storing its data structures.
120That means that there is no limit on the size of the numbers
121manipulated by these functions, but return values must always be
122checked in case a memory allocation error has occurred.
123
124The basic object in this library is a B<BIGNUM>. It is used to hold a
125single large integer. This type should be considered opaque and fields
126should not be modified or accessed directly.
127
128The creation of B<BIGNUM> objects is described in L<BN_new(3)|BN_new(3)>;
129L<BN_add(3)|BN_add(3)> describes most of the arithmetic operations.
130Comparison is described in L<BN_cmp(3)|BN_cmp(3)>; L<BN_zero(3)|BN_zero(3)>
131describes certain assignments, L<BN_rand(3)|BN_rand(3)> the generation of
132random numbers, L<BN_generate_prime(3)|BN_generate_prime(3)> deals with prime
133numbers and L<BN_set_bit(3)|BN_set_bit(3)> with bit operations. The conversion
134of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>.
135
136=head1 SEE ALSO
137
138L<bn_internal(3)|bn_internal(3)>,
139L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
140L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
141L<BN_copy(3)|BN_copy(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
142L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
143L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
144L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
145L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
146L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
147L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>
148
149=cut
diff --git a/src/lib/libcrypto/doc/d2i_DHparams.pod b/src/lib/libcrypto/doc/d2i_DHparams.pod
deleted file mode 100644
index a6d1743d39..0000000000
--- a/src/lib/libcrypto/doc/d2i_DHparams.pod
+++ /dev/null
@@ -1,30 +0,0 @@
1=pod
2
3=head1 NAME
4
5d2i_DHparams, i2d_DHparams - ...
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10
11 DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
12 int i2d_DHparams(DH *a, unsigned char **pp);
13
14=head1 DESCRIPTION
15
16...
17
18=head1 RETURN VALUES
19
20...
21
22=head1 SEE ALSO
23
24...
25
26=head1 HISTORY
27
28...
29
30=cut
diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
deleted file mode 100644
index ff4d0d57db..0000000000
--- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
+++ /dev/null
@@ -1,39 +0,0 @@
1=pod
2
3=head1 NAME
4
5d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ...
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
12
13 int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
14
15 RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
16
17 int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
18
19 int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
20
21 RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
22
23=head1 DESCRIPTION
24
25...
26
27=head1 RETURN VALUES
28
29...
30
31=head1 SEE ALSO
32
33...
34
35=head1 HISTORY
36
37...
38
39=cut
diff --git a/src/lib/libcrypto/doc/dh.pod b/src/lib/libcrypto/doc/dh.pod
deleted file mode 100644
index b4be4be405..0000000000
--- a/src/lib/libcrypto/doc/dh.pod
+++ /dev/null
@@ -1,69 +0,0 @@
1=pod
2
3=head1 NAME
4
5dh - Diffie-Hellman key agreement
6
7=head1 SYNOPSIS
8
9 #include <openssl/dh.h>
10 #include <openssl/engine.h>
11
12 DH * DH_new(void);
13 void DH_free(DH *dh);
14
15 int DH_size(DH *dh);
16
17 DH * DH_generate_parameters(int prime_len, int generator,
18 void (*callback)(int, int, void *), void *cb_arg);
19 int DH_check(DH *dh, int *codes);
20
21 int DH_generate_key(DH *dh);
22 int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
23
24 void DH_set_default_openssl_method(DH_METHOD *meth);
25 DH_METHOD *DH_get_default_openssl_method(void);
26 int DH_set_method(DH *dh, ENGINE *engine);
27 DH *DH_new_method(ENGINE *engine);
28 DH_METHOD *DH_OpenSSL(void);
29
30 int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(),
31 int (*dup_func)(), void (*free_func)());
32 int DH_set_ex_data(DH *d, int idx, char *arg);
33 char *DH_get_ex_data(DH *d, int idx);
34
35 DH * d2i_DHparams(DH **a, unsigned char **pp, long length);
36 int i2d_DHparams(DH *a, unsigned char **pp);
37
38 int DHparams_print_fp(FILE *fp, DH *x);
39 int DHparams_print(BIO *bp, DH *x);
40
41=head1 DESCRIPTION
42
43These functions implement the Diffie-Hellman key agreement protocol.
44The generation of shared DH parameters is described in
45L<DH_generate_parameters(3)|DH_generate_parameters(3)>; L<DH_generate_key(3)|DH_generate_key(3)> describes how
46to perform a key agreement.
47
48The B<DH> structure consists of several BIGNUM components.
49
50 struct
51 {
52 BIGNUM *p; // prime number (shared)
53 BIGNUM *g; // generator of Z_p (shared)
54 BIGNUM *priv_key; // private DH value x
55 BIGNUM *pub_key; // public DH value g^x
56 // ...
57 };
58 DH
59
60=head1 SEE ALSO
61
62L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
63L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<DH_set_method(3)|DH_set_method(3)>,
64L<DH_new(3)|DH_new(3)>, L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
65L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
66L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
67L<RSA_print(3)|RSA_print(3)>
68
69=cut
diff --git a/src/lib/libcrypto/doc/dsa.pod b/src/lib/libcrypto/doc/dsa.pod
deleted file mode 100644
index 573500204b..0000000000
--- a/src/lib/libcrypto/doc/dsa.pod
+++ /dev/null
@@ -1,105 +0,0 @@
1=pod
2
3=head1 NAME
4
5dsa - Digital Signature Algorithm
6
7=head1 SYNOPSIS
8
9 #include <openssl/dsa.h>
10 #include <openssl/engine.h>
11
12 DSA * DSA_new(void);
13 void DSA_free(DSA *dsa);
14
15 int DSA_size(DSA *dsa);
16
17 DSA * DSA_generate_parameters(int bits, unsigned char *seed,
18 int seed_len, int *counter_ret, unsigned long *h_ret,
19 void (*callback)(int, int, void *), void *cb_arg);
20
21 DH * DSA_dup_DH(DSA *r);
22
23 int DSA_generate_key(DSA *dsa);
24
25 int DSA_sign(int dummy, const unsigned char *dgst, int len,
26 unsigned char *sigret, unsigned int *siglen, DSA *dsa);
27 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
28 BIGNUM **rp);
29 int DSA_verify(int dummy, const unsigned char *dgst, int len,
30 unsigned char *sigbuf, int siglen, DSA *dsa);
31
32 void DSA_set_default_openssl_method(DSA_METHOD *meth);
33 DSA_METHOD *DSA_get_default_openssl_method(void);
34 int DSA_set_method(DSA *dsa, ENGINE *engine);
35 DSA *DSA_new_method(ENGINE *engine);
36 DSA_METHOD *DSA_OpenSSL(void);
37
38 int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
39 int (*dup_func)(), void (*free_func)());
40 int DSA_set_ex_data(DSA *d, int idx, char *arg);
41 char *DSA_get_ex_data(DSA *d, int idx);
42
43 DSA_SIG *DSA_SIG_new(void);
44 void DSA_SIG_free(DSA_SIG *a);
45 int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
46 DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
47
48 DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
49 int DSA_do_verify(const unsigned char *dgst, int dgst_len,
50 DSA_SIG *sig, DSA *dsa);
51
52 DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
53 DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
54 DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
55 int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
56 int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
57 int i2d_DSAparams(DSA *a,unsigned char **pp);
58
59 int DSAparams_print(BIO *bp, DSA *x);
60 int DSAparams_print_fp(FILE *fp, DSA *x);
61 int DSA_print(BIO *bp, DSA *x, int off);
62 int DSA_print_fp(FILE *bp, DSA *x, int off);
63
64=head1 DESCRIPTION
65
66These functions implement the Digital Signature Algorithm (DSA). The
67generation of shared DSA parameters is described in
68L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
69L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
70generate a signature key. Signature generation and verification are
71described in L<DSA_sign(3)|DSA_sign(3)>.
72
73The B<DSA> structure consists of several BIGNUM components.
74
75 struct
76 {
77 BIGNUM *p; // prime number (public)
78 BIGNUM *q; // 160-bit subprime, q | p-1 (public)
79 BIGNUM *g; // generator of subgroup (public)
80 BIGNUM *priv_key; // private key x
81 BIGNUM *pub_key; // public key y = g^x
82 // ...
83 }
84 DSA;
85
86In public keys, B<priv_key> is NULL.
87
88=head1 CONFORMING TO
89
90US Federal Information Processing Standard FIPS 186 (Digital Signature
91Standard, DSS), ANSI X9.30
92
93=head1 SEE ALSO
94
95L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
96L<rsa(3)|rsa(3)>, L<SHA1(3)|SHA1(3)>, L<DSA_new(3)|DSA_new(3)>,
97L<DSA_size(3)|DSA_size(3)>,
98L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
99L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
100L<DSA_generate_key(3)|DSA_generate_key(3)>,
101L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
102L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
103L<RSA_print(3)|RSA_print(3)>
104
105=cut
diff --git a/src/lib/libcrypto/doc/evp.pod b/src/lib/libcrypto/doc/evp.pod
deleted file mode 100644
index edf47dbde6..0000000000
--- a/src/lib/libcrypto/doc/evp.pod
+++ /dev/null
@@ -1,37 +0,0 @@
1=pod
2
3=head1 NAME
4
5evp - high-level cryptographic functions
6
7=head1 SYNOPSIS
8
9 #include <openssl/evp.h>
10
11=head1 DESCRIPTION
12
13The EVP library provides a high-level interface to cryptographic
14functions.
15
16B<EVP_Seal>I<...> and B<EVP_Open>I<...> provide public key encryption
17and decryption to implement digital "envelopes".
18
19The B<EVP_Sign>I<...> and B<EVP_Verify>I<...> functions implement
20digital signatures.
21
22Symmetric encryption is available with the B<EVP_Encrypt>I<...>
23functions. The B<EVP_Digest>I<...> functions provide message digests.
24
25Algorithms are loaded with OpenSSL_add_all_algorithms(3).
26
27=head1 SEE ALSO
28
29L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
30L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
31L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
32L<EVP_SealInit(3)|EVP_SealInit(3)>,
33L<EVP_SignInit(3)|EVP_SignInit(3)>,
34L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
35L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
36
37=cut
diff --git a/src/lib/libcrypto/doc/lh_stats.pod b/src/lib/libcrypto/doc/lh_stats.pod
deleted file mode 100644
index 3eeaa72e52..0000000000
--- a/src/lib/libcrypto/doc/lh_stats.pod
+++ /dev/null
@@ -1,60 +0,0 @@
1=pod
2
3=head1 NAME
4
5lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
6lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
7
8=head1 SYNOPSIS
9
10 #include <openssl/lhash.h>
11
12 void lh_stats(LHASH *table, FILE *out);
13 void lh_node_stats(LHASH *table, FILE *out);
14 void lh_node_usage_stats(LHASH *table, FILE *out);
15
16 void lh_stats_bio(LHASH *table, BIO *out);
17 void lh_node_stats_bio(LHASH *table, BIO *out);
18 void lh_node_usage_stats_bio(LHASH *table, BIO *out);
19
20=head1 DESCRIPTION
21
22The B<LHASH> structure records statistics about most aspects of
23accessing the hash table. This is mostly a legacy of Eric Young
24writing this library for the reasons of implementing what looked like
25a nice algorithm rather than for a particular software product.
26
27lh_stats() prints out statistics on the size of the hash table, how
28many entries are in it, and the number and result of calls to the
29routines in this library.
30
31lh_node_stats() prints the number of entries for each 'bucket' in the
32hash table.
33
34lh_node_usage_stats() prints out a short summary of the state of the
35hash table. It prints the 'load' and the 'actual load'. The load is
36the average number of data items per 'bucket' in the hash table. The
37'actual load' is the average number of items per 'bucket', but only
38for buckets which contain entries. So the 'actual load' is the
39average number of searches that will need to find an item in the hash
40table, while the 'load' is the average number that will be done to
41record a miss.
42
43lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
44are the same as the above, except that the output goes to a B<BIO>.
45
46=head1 RETURN VALUES
47
48These functions do not return values.
49
50=head1 SEE ALSO
51
52L<bio(3)|bio(3)>, L<lhash(3)|lhash(3)>
53
54=head1 HISTORY
55
56These functions are available in all versions of SSLeay and OpenSSL.
57
58This manpage is derived from the SSLeay documentation.
59
60=cut
diff --git a/src/lib/libcrypto/doc/rsa.pod b/src/lib/libcrypto/doc/rsa.pod
deleted file mode 100644
index ef0d4df205..0000000000
--- a/src/lib/libcrypto/doc/rsa.pod
+++ /dev/null
@@ -1,117 +0,0 @@
1=pod
2
3=head1 NAME
4
5rsa - RSA public key cryptosystem
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10 #include <openssl/engine.h>
11
12 RSA * RSA_new(void);
13 void RSA_free(RSA *rsa);
14
15 int RSA_public_encrypt(int flen, unsigned char *from,
16 unsigned char *to, RSA *rsa, int padding);
17 int RSA_private_decrypt(int flen, unsigned char *from,
18 unsigned char *to, RSA *rsa, int padding);
19
20 int RSA_sign(int type, unsigned char *m, unsigned int m_len,
21 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
22 int RSA_verify(int type, unsigned char *m, unsigned int m_len,
23 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
24
25 int RSA_size(RSA *rsa);
26
27 RSA *RSA_generate_key(int num, unsigned long e,
28 void (*callback)(int,int,void *), void *cb_arg);
29
30 int RSA_check_key(RSA *rsa);
31
32 int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
33 void RSA_blinding_off(RSA *rsa);
34
35 void RSA_set_default_openssl_method(RSA_METHOD *meth);
36 RSA_METHOD *RSA_get_default_openssl_method(void);
37 int RSA_set_method(RSA *rsa, ENGINE *engine);
38 RSA_METHOD *RSA_get_method(RSA *rsa);
39 RSA_METHOD *RSA_PKCS1_SSLeay(void);
40 RSA_METHOD *RSA_PKCS1_RSAref(void);
41 RSA_METHOD *RSA_null_method(void);
42 int RSA_flags(RSA *rsa);
43 RSA *RSA_new_method(ENGINE *engine);
44
45 int RSA_print(BIO *bp, RSA *x, int offset);
46 int RSA_print_fp(FILE *fp, RSA *x, int offset);
47
48 int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
49 int (*dup_func)(), void (*free_func)());
50 int RSA_set_ex_data(RSA *r,int idx,char *arg);
51 char *RSA_get_ex_data(RSA *r, int idx);
52
53 int RSA_private_encrypt(int flen, unsigned char *from,
54 unsigned char *to, RSA *rsa,int padding);
55 int RSA_public_decrypt(int flen, unsigned char *from,
56 unsigned char *to, RSA *rsa,int padding);
57
58 int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
59 unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
60 RSA *rsa);
61 int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
62 unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
63 RSA *rsa);
64
65=head1 DESCRIPTION
66
67These functions implement RSA public key encryption and signatures
68as defined in PKCS #1 v2.0 [RFC 2437].
69
70The B<RSA> structure consists of several BIGNUM components. It can
71contain public as well as private RSA keys:
72
73 struct
74 {
75 BIGNUM *n; // public modulus
76 BIGNUM *e; // public exponent
77 BIGNUM *d; // private exponent
78 BIGNUM *p; // secret prime factor
79 BIGNUM *q; // secret prime factor
80 BIGNUM *dmp1; // d mod (p-1)
81 BIGNUM *dmq1; // d mod (q-1)
82 BIGNUM *iqmp; // q^-1 mod p
83 // ...
84 };
85 RSA
86
87In public keys, the private exponent and the related secret values are
88B<NULL>.
89
90B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp> may be B<NULL> in private
91keys, but the RSA operations are much faster when these values are
92available.
93
94=head1 CONFORMING TO
95
96SSL, PKCS #1 v2.0
97
98=head1 PATENTS
99
100RSA was covered by a US patent which expired in September 2000.
101
102=head1 SEE ALSO
103
104L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
105L<rand(3)|rand(3)>, L<RSA_new(3)|RSA_new(3)>,
106L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
107L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
108L<RSA_generate_key(3)|RSA_generate_key(3)>,
109L<RSA_check_key(3)|RSA_check_key(3)>,
110L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
111L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
112L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
113L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
114L<RSA_sign_ASN_OCTET_STRING(3)|RSA_sign_ASN_OCTET_STRING(3)>,
115L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
116
117=cut
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
deleted file mode 100644
index 12b60a8faa..0000000000
--- a/src/lib/libcrypto/dsa/dsa.h
+++ /dev/null
@@ -1,257 +0,0 @@
1/* crypto/dsa/dsa.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * The DSS routines are based on patches supplied by
61 * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
62 * work and I have just tweaked them a little to fit into my
63 * stylistic vision for SSLeay :-) */
64
65#ifndef HEADER_DSA_H
66#define HEADER_DSA_H
67
68#ifdef NO_DSA
69#error DSA is disabled.
70#endif
71
72#ifndef NO_BIO
73#include <openssl/bio.h>
74#endif
75#include <openssl/bn.h>
76#include <openssl/crypto.h>
77#ifndef NO_DH
78# include <openssl/dh.h>
79#endif
80
81#define DSA_FLAG_CACHE_MONT_P 0x01
82
83#ifdef __cplusplus
84extern "C" {
85#endif
86
87typedef struct dsa_st DSA;
88
89typedef struct DSA_SIG_st
90 {
91 BIGNUM *r;
92 BIGNUM *s;
93 } DSA_SIG;
94
95typedef struct dsa_method {
96 const char *name;
97 DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
98 int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
99 BIGNUM **rp);
100 int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
101 DSA_SIG *sig, DSA *dsa);
102 int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
103 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
104 BN_MONT_CTX *in_mont);
105 int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
106 const BIGNUM *m, BN_CTX *ctx,
107 BN_MONT_CTX *m_ctx); /* Can be null */
108 int (*init)(DSA *dsa);
109 int (*finish)(DSA *dsa);
110 int flags;
111 char *app_data;
112} DSA_METHOD;
113
114struct dsa_st
115 {
116 /* This first variable is used to pick up errors where
117 * a DSA is passed instead of of a EVP_PKEY */
118 int pad;
119 int version;
120 int write_params;
121 BIGNUM *p;
122 BIGNUM *q; /* == 20 */
123 BIGNUM *g;
124
125 BIGNUM *pub_key; /* y public key */
126 BIGNUM *priv_key; /* x private key */
127
128 BIGNUM *kinv; /* Signing pre-calc */
129 BIGNUM *r; /* Signing pre-calc */
130
131 int flags;
132 /* Normally used to cache montgomery values */
133 char *method_mont_p;
134 int references;
135 CRYPTO_EX_DATA ex_data;
136#if 0
137 DSA_METHOD *meth;
138#else
139 struct engine_st *engine;
140#endif
141 };
142
143#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
144 (char *(*)())d2i_DSAparams,(char *)(x))
145#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
146 (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
147#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
148 (unsigned char *)(x))
149#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
150 (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
151#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
152 (unsigned char *)(x))
153
154
155DSA_SIG * DSA_SIG_new(void);
156void DSA_SIG_free(DSA_SIG *a);
157int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
158DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
159
160DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
161int DSA_do_verify(const unsigned char *dgst,int dgst_len,
162 DSA_SIG *sig,DSA *dsa);
163
164DSA_METHOD *DSA_OpenSSL(void);
165
166void DSA_set_default_openssl_method(DSA_METHOD *);
167DSA_METHOD *DSA_get_default_openssl_method(void);
168#if 0
169DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
170#else
171int DSA_set_method(DSA *dsa, struct engine_st *engine);
172#endif
173
174DSA * DSA_new(void);
175#if 0
176DSA * DSA_new_method(DSA_METHOD *meth);
177#else
178DSA * DSA_new_method(struct engine_st *engine);
179#endif
180int DSA_size(DSA *);
181 /* next 4 return -1 on error */
182int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
183int DSA_sign(int type,const unsigned char *dgst,int dlen,
184 unsigned char *sig, unsigned int *siglen, DSA *dsa);
185int DSA_verify(int type,const unsigned char *dgst,int dgst_len,
186 unsigned char *sigbuf, int siglen, DSA *dsa);
187void DSA_free (DSA *r);
188int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
189 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
190int DSA_set_ex_data(DSA *d, int idx, void *arg);
191void *DSA_get_ex_data(DSA *d, int idx);
192
193void ERR_load_DSA_strings(void );
194
195DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
196DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
197DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
198DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
199 int *counter_ret, unsigned long *h_ret,void
200 (*callback)(int, int, void *),void *cb_arg);
201int DSA_generate_key(DSA *a);
202int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
203int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
204int i2d_DSAparams(DSA *a,unsigned char **pp);
205
206#ifndef NO_BIO
207int DSAparams_print(BIO *bp, DSA *x);
208int DSA_print(BIO *bp, DSA *x, int off);
209#endif
210#ifndef NO_FP_API
211int DSAparams_print_fp(FILE *fp, DSA *x);
212int DSA_print_fp(FILE *bp, DSA *x, int off);
213#endif
214
215#define DSS_prime_checks 50
216/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
217 * 50 rounds of Rabin-Miller */
218#define DSA_is_prime(n, callback, cb_arg) \
219 BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
220
221#ifndef NO_DH
222/* Convert DSA structure (key or just parameters) into DH structure
223 * (be careful to avoid small subgroup attacks when using this!) */
224DH *DSA_dup_DH(DSA *r);
225#endif
226
227/* BEGIN ERROR CODES */
228/* The following lines are auto generated by the script mkerr.pl. Any changes
229 * made after this point may be overwritten when the script is next run.
230 */
231
232/* Error codes for the DSA functions. */
233
234/* Function codes. */
235#define DSA_F_D2I_DSA_SIG 110
236#define DSA_F_DSAPARAMS_PRINT 100
237#define DSA_F_DSAPARAMS_PRINT_FP 101
238#define DSA_F_DSA_DO_SIGN 112
239#define DSA_F_DSA_DO_VERIFY 113
240#define DSA_F_DSA_NEW 103
241#define DSA_F_DSA_PRINT 104
242#define DSA_F_DSA_PRINT_FP 105
243#define DSA_F_DSA_SIGN 106
244#define DSA_F_DSA_SIGN_SETUP 107
245#define DSA_F_DSA_SIG_NEW 109
246#define DSA_F_DSA_VERIFY 108
247#define DSA_F_I2D_DSA_SIG 111
248
249/* Reason codes. */
250#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
251#define DSA_R_MISSING_PARAMETERS 101
252
253#ifdef __cplusplus
254}
255#endif
256#endif
257
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
deleted file mode 100644
index a76c8f7c7e..0000000000
--- a/src/lib/libcrypto/dsa/dsa_asn1.c
+++ /dev/null
@@ -1,96 +0,0 @@
1/* crypto/dsa/dsa_asn1.c */
2
3#include <stdio.h>
4#include "cryptlib.h"
5#include <openssl/dsa.h>
6#include <openssl/asn1.h>
7#include <openssl/asn1_mac.h>
8
9DSA_SIG *DSA_SIG_new(void)
10{
11 DSA_SIG *ret;
12
13 ret = OPENSSL_malloc(sizeof(DSA_SIG));
14 if (ret == NULL)
15 {
16 DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
17 return(NULL);
18 }
19 ret->r = NULL;
20 ret->s = NULL;
21 return(ret);
22}
23
24void DSA_SIG_free(DSA_SIG *r)
25{
26 if (r == NULL) return;
27 if (r->r) BN_clear_free(r->r);
28 if (r->s) BN_clear_free(r->s);
29 OPENSSL_free(r);
30}
31
32int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
33{
34 int t=0,len;
35 ASN1_INTEGER rbs,sbs;
36 unsigned char *p;
37
38 rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1);
39 if (rbs.data == NULL)
40 {
41 DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
42 return(0);
43 }
44 rbs.type=V_ASN1_INTEGER;
45 rbs.length=BN_bn2bin(v->r,rbs.data);
46 sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1);
47 if (sbs.data == NULL)
48 {
49 OPENSSL_free(rbs.data);
50 DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
51 return(0);
52 }
53 sbs.type=V_ASN1_INTEGER;
54 sbs.length=BN_bn2bin(v->s,sbs.data);
55
56 len=i2d_ASN1_INTEGER(&rbs,NULL);
57 len+=i2d_ASN1_INTEGER(&sbs,NULL);
58
59 if (pp)
60 {
61 p=*pp;
62 ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
63 i2d_ASN1_INTEGER(&rbs,&p);
64 i2d_ASN1_INTEGER(&sbs,&p);
65 }
66 t=ASN1_object_size(1,len,V_ASN1_SEQUENCE);
67 OPENSSL_free(rbs.data);
68 OPENSSL_free(sbs.data);
69 return(t);
70}
71
72DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length)
73{
74 int i=ERR_R_NESTED_ASN1_ERROR;
75 ASN1_INTEGER *bs=NULL;
76 M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new);
77
78 M_ASN1_D2I_Init();
79 M_ASN1_D2I_start_sequence();
80 M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
81 if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL)
82 goto err_bn;
83 M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
84 if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL)
85 goto err_bn;
86 M_ASN1_BIT_STRING_free(bs);
87 M_ASN1_D2I_Finish_2(a);
88
89err_bn:
90 i=ERR_R_BN_LIB;
91err:
92 DSAerr(DSA_F_D2I_DSA_SIG,i);
93 if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret);
94 if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
95 return(NULL);
96}
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
deleted file mode 100644
index 736aeef7c4..0000000000
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ /dev/null
@@ -1,107 +0,0 @@
1/* crypto/dsa/dsa_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dsa.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA DSA_str_functs[]=
68 {
69{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"},
70{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
71{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
72{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"},
73{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"},
74{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"},
75{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
76{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
77{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
78{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
79{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"},
80{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
81{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"},
82{0,NULL}
83 };
84
85static ERR_STRING_DATA DSA_str_reasons[]=
86 {
87{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
88{DSA_R_MISSING_PARAMETERS ,"missing parameters"},
89{0,NULL}
90 };
91
92#endif
93
94void ERR_load_DSA_strings(void)
95 {
96 static int init=1;
97
98 if (init)
99 {
100 init=0;
101#ifndef NO_ERR
102 ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
103 ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
104#endif
105
106 }
107 }
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
deleted file mode 100644
index 2294a362d9..0000000000
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ /dev/null
@@ -1,294 +0,0 @@
1/* crypto/dsa/dsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#undef GENUINE_DSA
60
61#ifdef GENUINE_DSA
62/* Parameter generation follows the original release of FIPS PUB 186,
63 * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */
64#define HASH SHA
65#else
66/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
67 * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in
68 * FIPS PUB 180-1) */
69#define HASH SHA1
70#endif
71
72#ifndef NO_SHA
73
74#include <stdio.h>
75#include <time.h>
76#include "cryptlib.h"
77#include <openssl/sha.h>
78#include <openssl/bn.h>
79#include <openssl/dsa.h>
80#include <openssl/rand.h>
81
82DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
83 int *counter_ret, unsigned long *h_ret,
84 void (*callback)(int, int, void *),
85 void *cb_arg)
86 {
87 int ok=0;
88 unsigned char seed[SHA_DIGEST_LENGTH];
89 unsigned char md[SHA_DIGEST_LENGTH];
90 unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
91 BIGNUM *r0,*W,*X,*c,*test;
92 BIGNUM *g=NULL,*q=NULL,*p=NULL;
93 BN_MONT_CTX *mont=NULL;
94 int k,n=0,i,b,m=0;
95 int counter=0;
96 int r=0;
97 BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
98 unsigned int h=2;
99 DSA *ret=NULL;
100
101 if (bits < 512) bits=512;
102 bits=(bits+63)/64*64;
103
104 if (seed_len < 20)
105 seed_in = NULL; /* seed buffer too small -- ignore */
106 if (seed_len > 20)
107 seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
108 * but our internal buffers are restricted to 160 bits*/
109 if ((seed_in != NULL) && (seed_len == 20))
110 memcpy(seed,seed_in,seed_len);
111
112 if ((ctx=BN_CTX_new()) == NULL) goto err;
113 if ((ctx2=BN_CTX_new()) == NULL) goto err;
114 if ((ctx3=BN_CTX_new()) == NULL) goto err;
115 if ((ret=DSA_new()) == NULL) goto err;
116
117 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
118
119 BN_CTX_start(ctx2);
120 r0 = BN_CTX_get(ctx2);
121 g = BN_CTX_get(ctx2);
122 W = BN_CTX_get(ctx2);
123 q = BN_CTX_get(ctx2);
124 X = BN_CTX_get(ctx2);
125 c = BN_CTX_get(ctx2);
126 p = BN_CTX_get(ctx2);
127 test = BN_CTX_get(ctx2);
128
129 BN_lshift(test,BN_value_one(),bits-1);
130
131 for (;;)
132 {
133 for (;;) /* find q */
134 {
135 int seed_is_random;
136
137 /* step 1 */
138 if (callback != NULL) callback(0,m++,cb_arg);
139
140 if (!seed_len)
141 {
142 RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH);
143 seed_is_random = 1;
144 }
145 else
146 {
147 seed_is_random = 0;
148 seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
149 }
150 memcpy(buf,seed,SHA_DIGEST_LENGTH);
151 memcpy(buf2,seed,SHA_DIGEST_LENGTH);
152 /* precompute "SEED + 1" for step 7: */
153 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
154 {
155 buf[i]++;
156 if (buf[i] != 0) break;
157 }
158
159 /* step 2 */
160 HASH(seed,SHA_DIGEST_LENGTH,md);
161 HASH(buf,SHA_DIGEST_LENGTH,buf2);
162 for (i=0; i<SHA_DIGEST_LENGTH; i++)
163 md[i]^=buf2[i];
164
165 /* step 3 */
166 md[0]|=0x80;
167 md[SHA_DIGEST_LENGTH-1]|=0x01;
168 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
169
170 /* step 4 */
171 r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
172 if (r > 0)
173 break;
174 if (r != 0)
175 goto err;
176
177 /* do a callback call */
178 /* step 5 */
179 }
180
181 if (callback != NULL) callback(2,0,cb_arg);
182 if (callback != NULL) callback(3,0,cb_arg);
183
184 /* step 6 */
185 counter=0;
186 /* "offset = 2" */
187
188 n=(bits-1)/160;
189 b=(bits-1)-n*160;
190
191 for (;;)
192 {
193 if (callback != NULL && counter != 0)
194 callback(0,counter,cb_arg);
195
196 /* step 7 */
197 BN_zero(W);
198 /* now 'buf' contains "SEED + offset - 1" */
199 for (k=0; k<=n; k++)
200 {
201 /* obtain "SEED + offset + k" by incrementing: */
202 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
203 {
204 buf[i]++;
205 if (buf[i] != 0) break;
206 }
207
208 HASH(buf,SHA_DIGEST_LENGTH,md);
209
210 /* step 8 */
211 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
212 goto err;
213 BN_lshift(r0,r0,160*k);
214 BN_add(W,W,r0);
215 }
216
217 /* more of step 8 */
218 BN_mask_bits(W,bits-1);
219 BN_copy(X,W); /* this should be ok */
220 BN_add(X,X,test); /* this should be ok */
221
222 /* step 9 */
223 BN_lshift1(r0,q);
224 BN_mod(c,X,r0,ctx);
225 BN_sub(r0,c,BN_value_one());
226 BN_sub(p,X,r0);
227
228 /* step 10 */
229 if (BN_cmp(p,test) >= 0)
230 {
231 /* step 11 */
232 r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
233 if (r > 0)
234 goto end; /* found it */
235 if (r != 0)
236 goto err;
237 }
238
239 /* step 13 */
240 counter++;
241 /* "offset = offset + n + 1" */
242
243 /* step 14 */
244 if (counter >= 4096) break;
245 }
246 }
247end:
248 if (callback != NULL) callback(2,1,cb_arg);
249
250 /* We now need to generate g */
251 /* Set r0=(p-1)/q */
252 BN_sub(test,p,BN_value_one());
253 BN_div(r0,NULL,test,q,ctx);
254
255 BN_set_word(test,h);
256 BN_MONT_CTX_set(mont,p,ctx);
257
258 for (;;)
259 {
260 /* g=test^r0%p */
261 BN_mod_exp_mont(g,test,r0,p,ctx,mont);
262 if (!BN_is_one(g)) break;
263 BN_add(test,test,BN_value_one());
264 h++;
265 }
266
267 if (callback != NULL) callback(3,1,cb_arg);
268
269 ok=1;
270err:
271 if (!ok)
272 {
273 if (ret != NULL) DSA_free(ret);
274 }
275 else
276 {
277 ret->p=BN_dup(p);
278 ret->q=BN_dup(q);
279 ret->g=BN_dup(g);
280 if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
281 if (counter_ret != NULL) *counter_ret=counter;
282 if (h_ret != NULL) *h_ret=h;
283 }
284 if (ctx != NULL) BN_CTX_free(ctx);
285 if (ctx2 != NULL)
286 {
287 BN_CTX_end(ctx2);
288 BN_CTX_free(ctx2);
289 }
290 if (ctx3 != NULL) BN_CTX_free(ctx3);
291 if (mont != NULL) BN_MONT_CTX_free(mont);
292 return(ok?ret:NULL);
293 }
294#endif
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
deleted file mode 100644
index a68d236e05..0000000000
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ /dev/null
@@ -1,108 +0,0 @@
1/* crypto/dsa/dsa_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SHA
60#include <stdio.h>
61#include <time.h>
62#include "cryptlib.h"
63#include <openssl/sha.h>
64#include <openssl/bn.h>
65#include <openssl/dsa.h>
66#include <openssl/rand.h>
67
68extern int __BN_rand_range(BIGNUM *r, BIGNUM *range);
69
70int DSA_generate_key(DSA *dsa)
71 {
72 int ok=0;
73 BN_CTX *ctx=NULL;
74 BIGNUM *pub_key=NULL,*priv_key=NULL;
75
76 if ((ctx=BN_CTX_new()) == NULL) goto err;
77
78 if (dsa->priv_key == NULL)
79 {
80 if ((priv_key=BN_new()) == NULL) goto err;
81 }
82 else
83 priv_key=dsa->priv_key;
84
85 do
86 if (!__BN_rand_range(priv_key,dsa->q)) goto err;
87 while (BN_is_zero(priv_key));
88
89 if (dsa->pub_key == NULL)
90 {
91 if ((pub_key=BN_new()) == NULL) goto err;
92 }
93 else
94 pub_key=dsa->pub_key;
95
96 if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
97
98 dsa->priv_key=priv_key;
99 dsa->pub_key=pub_key;
100 ok=1;
101
102err:
103 if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
104 if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
105 if (ctx != NULL) BN_CTX_free(ctx);
106 return(ok);
107 }
108#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
deleted file mode 100644
index 15f667a203..0000000000
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ /dev/null
@@ -1,296 +0,0 @@
1/* crypto/dsa/dsa_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/asn1.h>
66#include <openssl/engine.h>
67
68const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
69
70static DSA_METHOD *default_DSA_method;
71static int dsa_meth_num = 0;
72static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL;
73
74void DSA_set_default_openssl_method(DSA_METHOD *meth)
75{
76 ENGINE *e;
77 /* We'll need to notify the "openssl" ENGINE of this
78 * change too. We won't bother locking things down at
79 * our end as there was never any locking in these
80 * functions! */
81 if(default_DSA_method != meth)
82 {
83 default_DSA_method = meth;
84 e = ENGINE_by_id("openssl");
85 if(e)
86 {
87 ENGINE_set_DSA(e, meth);
88 ENGINE_free(e);
89 }
90 }
91}
92
93DSA_METHOD *DSA_get_default_openssl_method(void)
94{
95 if(!default_DSA_method) default_DSA_method = DSA_OpenSSL();
96 return default_DSA_method;
97}
98
99DSA *DSA_new(void)
100{
101 return DSA_new_method(NULL);
102}
103
104#if 0
105DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)
106{
107 DSA_METHOD *mtmp;
108 mtmp = dsa->meth;
109 if (mtmp->finish) mtmp->finish(dsa);
110 dsa->meth = meth;
111 if (meth->init) meth->init(dsa);
112 return mtmp;
113}
114#else
115int DSA_set_method(DSA *dsa, ENGINE *engine)
116 {
117 ENGINE *mtmp;
118 DSA_METHOD *meth;
119 mtmp = dsa->engine;
120 meth = ENGINE_get_DSA(mtmp);
121 if (!ENGINE_init(engine))
122 return 0;
123 if (meth->finish) meth->finish(dsa);
124 dsa->engine = engine;
125 meth = ENGINE_get_DSA(engine);
126 if (meth->init) meth->init(dsa);
127 /* SHOULD ERROR CHECK THIS!!! */
128 ENGINE_finish(mtmp);
129 return 1;
130 }
131#endif
132
133
134#if 0
135DSA *DSA_new_method(DSA_METHOD *meth)
136#else
137DSA *DSA_new_method(ENGINE *engine)
138#endif
139 {
140 DSA_METHOD *meth;
141 DSA *ret;
142
143 ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
144 if (ret == NULL)
145 {
146 DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
147 return(NULL);
148 }
149 if(engine)
150 ret->engine = engine;
151 else
152 {
153 if((ret->engine=ENGINE_get_default_DSA()) == NULL)
154 {
155 OPENSSL_free(ret);
156 return NULL;
157 }
158 }
159 meth = ENGINE_get_DSA(ret->engine);
160 ret->pad=0;
161 ret->version=0;
162 ret->write_params=1;
163 ret->p=NULL;
164 ret->q=NULL;
165 ret->g=NULL;
166
167 ret->pub_key=NULL;
168 ret->priv_key=NULL;
169
170 ret->kinv=NULL;
171 ret->r=NULL;
172 ret->method_mont_p=NULL;
173
174 ret->references=1;
175 ret->flags=meth->flags;
176 CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data);
177 if ((meth->init != NULL) && !meth->init(ret))
178 {
179 CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data);
180 OPENSSL_free(ret);
181 ret=NULL;
182 }
183
184 return(ret);
185 }
186
187void DSA_free(DSA *r)
188 {
189 DSA_METHOD *meth;
190 int i;
191
192 if (r == NULL) return;
193
194 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
195#ifdef REF_PRINT
196 REF_PRINT("DSA",r);
197#endif
198 if (i > 0) return;
199#ifdef REF_CHECK
200 if (i < 0)
201 {
202 fprintf(stderr,"DSA_free, bad reference count\n");
203 abort();
204 }
205#endif
206
207 meth = ENGINE_get_DSA(r->engine);
208 if(meth->finish) meth->finish(r);
209 ENGINE_finish(r->engine);
210
211 CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);
212
213 if (r->p != NULL) BN_clear_free(r->p);
214 if (r->q != NULL) BN_clear_free(r->q);
215 if (r->g != NULL) BN_clear_free(r->g);
216 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
217 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
218 if (r->kinv != NULL) BN_clear_free(r->kinv);
219 if (r->r != NULL) BN_clear_free(r->r);
220 OPENSSL_free(r);
221 }
222
223int DSA_size(DSA *r)
224 {
225 int ret,i;
226 ASN1_INTEGER bs;
227 unsigned char buf[4];
228
229 i=BN_num_bits(r->q);
230 bs.length=(i+7)/8;
231 bs.data=buf;
232 bs.type=V_ASN1_INTEGER;
233 /* If the top bit is set the asn1 encoding is 1 larger. */
234 buf[0]=0xff;
235
236 i=i2d_ASN1_INTEGER(&bs,NULL);
237 i+=i; /* r and s */
238 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
239 return(ret);
240 }
241
242int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
243 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
244 {
245 dsa_meth_num++;
246 return(CRYPTO_get_ex_new_index(dsa_meth_num-1,
247 &dsa_meth,argl,argp,new_func,dup_func,free_func));
248 }
249
250int DSA_set_ex_data(DSA *d, int idx, void *arg)
251 {
252 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
253 }
254
255void *DSA_get_ex_data(DSA *d, int idx)
256 {
257 return(CRYPTO_get_ex_data(&d->ex_data,idx));
258 }
259
260#ifndef NO_DH
261DH *DSA_dup_DH(DSA *r)
262 {
263 /* DSA has p, q, g, optional pub_key, optional priv_key.
264 * DH has p, optional length, g, optional pub_key, optional priv_key.
265 */
266
267 DH *ret = NULL;
268
269 if (r == NULL)
270 goto err;
271 ret = DH_new();
272 if (ret == NULL)
273 goto err;
274 if (r->p != NULL)
275 if ((ret->p = BN_dup(r->p)) == NULL)
276 goto err;
277 if (r->q != NULL)
278 ret->length = BN_num_bits(r->q);
279 if (r->g != NULL)
280 if ((ret->g = BN_dup(r->g)) == NULL)
281 goto err;
282 if (r->pub_key != NULL)
283 if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
284 goto err;
285 if (r->priv_key != NULL)
286 if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
287 goto err;
288
289 return ret;
290
291 err:
292 if (ret != NULL)
293 DH_free(ret);
294 return NULL;
295 }
296#endif
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
deleted file mode 100644
index 34c6e9a141..0000000000
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ /dev/null
@@ -1,393 +0,0 @@
1/* crypto/dsa/dsa_ossl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67#include <openssl/engine.h>
68
69int __BN_rand_range(BIGNUM *r, BIGNUM *range);
70
71static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
72static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
73static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
74 DSA *dsa);
75static int dsa_init(DSA *dsa);
76static int dsa_finish(DSA *dsa);
77static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
78 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
79 BN_MONT_CTX *in_mont);
80static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
81 const BIGNUM *m, BN_CTX *ctx,
82 BN_MONT_CTX *m_ctx);
83
84static DSA_METHOD openssl_dsa_meth = {
85"OpenSSL DSA method",
86dsa_do_sign,
87dsa_sign_setup,
88dsa_do_verify,
89dsa_mod_exp,
90dsa_bn_mod_exp,
91dsa_init,
92dsa_finish,
930,
94NULL
95};
96
97DSA_METHOD *DSA_OpenSSL(void)
98{
99 return &openssl_dsa_meth;
100}
101
102static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
103 {
104 BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
105 BIGNUM m;
106 BIGNUM xr;
107 BN_CTX *ctx=NULL;
108 int i,reason=ERR_R_BN_LIB;
109 DSA_SIG *ret=NULL;
110
111 if (!dsa->p || !dsa->q || !dsa->g)
112 {
113 reason=DSA_R_MISSING_PARAMETERS;
114 goto err;
115 }
116 BN_init(&m);
117 BN_init(&xr);
118 s=BN_new();
119 if (s == NULL) goto err;
120
121 i=BN_num_bytes(dsa->q); /* should be 20 */
122 if ((dlen > i) || (dlen > 50))
123 {
124 reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
125 goto err;
126 }
127
128 ctx=BN_CTX_new();
129 if (ctx == NULL) goto err;
130
131 if ((dsa->kinv == NULL) || (dsa->r == NULL))
132 {
133 if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
134 }
135 else
136 {
137 kinv=dsa->kinv;
138 dsa->kinv=NULL;
139 r=dsa->r;
140 dsa->r=NULL;
141 }
142
143 if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
144
145 /* Compute s = inv(k) (m + xr) mod q */
146 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
147 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
148 if (BN_cmp(s,dsa->q) > 0)
149 BN_sub(s,s,dsa->q);
150 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
151
152 ret=DSA_SIG_new();
153 if (ret == NULL) goto err;
154 ret->r = r;
155 ret->s = s;
156
157err:
158 if (!ret)
159 {
160 DSAerr(DSA_F_DSA_DO_SIGN,reason);
161 BN_free(r);
162 BN_free(s);
163 }
164 if (ctx != NULL) BN_CTX_free(ctx);
165 BN_clear_free(&m);
166 BN_clear_free(&xr);
167 if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
168 BN_clear_free(kinv);
169 return(ret);
170 }
171
172static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
173 {
174 BN_CTX *ctx;
175 BIGNUM k,*kinv=NULL,*r=NULL;
176 int ret=0;
177
178 if (!dsa->p || !dsa->q || !dsa->g)
179 {
180 DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
181 return 0;
182 }
183 if (ctx_in == NULL)
184 {
185 if ((ctx=BN_CTX_new()) == NULL) goto err;
186 }
187 else
188 ctx=ctx_in;
189
190 BN_init(&k);
191 if ((r=BN_new()) == NULL) goto err;
192 kinv=NULL;
193
194 /* Get random k */
195 do
196 if (!__BN_rand_range(&k, dsa->q)) goto err;
197 while (BN_is_zero(&k));
198
199 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
200 {
201 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
202 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
203 dsa->p,ctx)) goto err;
204 }
205
206 /* Compute r = (g^k mod p) mod q */
207 if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
208 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
209 if (!BN_mod(r,r,dsa->q,ctx)) goto err;
210
211 /* Compute part of 's = inv(k) (m + xr) mod q' */
212 if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
213
214 if (*kinvp != NULL) BN_clear_free(*kinvp);
215 *kinvp=kinv;
216 kinv=NULL;
217 if (*rp != NULL) BN_clear_free(*rp);
218 *rp=r;
219 ret=1;
220err:
221 if (!ret)
222 {
223 DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
224 if (kinv != NULL) BN_clear_free(kinv);
225 if (r != NULL) BN_clear_free(r);
226 }
227 if (ctx_in == NULL) BN_CTX_free(ctx);
228 if (kinv != NULL) BN_clear_free(kinv);
229 BN_clear_free(&k);
230 return(ret);
231 }
232
233static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
234 DSA *dsa)
235 {
236 BN_CTX *ctx;
237 BIGNUM u1,u2,t1;
238 BN_MONT_CTX *mont=NULL;
239 int ret = -1;
240
241 if ((ctx=BN_CTX_new()) == NULL) goto err;
242 BN_init(&u1);
243 BN_init(&u2);
244 BN_init(&t1);
245
246 if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
247 {
248 ret = 0;
249 goto err;
250 }
251 if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
252 {
253 ret = 0;
254 goto err;
255 }
256
257 /* Calculate W = inv(S) mod Q
258 * save W in u2 */
259 if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
260
261 /* save M in u1 */
262 if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
263
264 /* u1 = M * w mod q */
265 if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
266
267 /* u2 = r * w mod q */
268 if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
269
270 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
271 {
272 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
273 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
274 dsa->p,ctx)) goto err;
275 }
276 mont=(BN_MONT_CTX *)dsa->method_mont_p;
277
278#if 0
279 {
280 BIGNUM t2;
281
282 BN_init(&t2);
283 /* v = ( g^u1 * y^u2 mod p ) mod q */
284 /* let t1 = g ^ u1 mod p */
285 if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
286 /* let t2 = y ^ u2 mod p */
287 if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
288 /* let u1 = t1 * t2 mod p */
289 if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
290 BN_free(&t2);
291 }
292 /* let u1 = u1 mod q */
293 if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
294#else
295 {
296 if (!ENGINE_get_DSA(dsa->engine)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
297 dsa->p,ctx,mont)) goto err;
298 /* BN_copy(&u1,&t1); */
299 /* let u1 = u1 mod q */
300 if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
301 }
302#endif
303 /* V is now in u1. If the signature is correct, it will be
304 * equal to R. */
305 ret=(BN_ucmp(&u1, sig->r) == 0);
306
307 err:
308 if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
309 if (ctx != NULL) BN_CTX_free(ctx);
310 BN_free(&u1);
311 BN_free(&u2);
312 BN_free(&t1);
313 return(ret);
314 }
315
316static int dsa_init(DSA *dsa)
317{
318 dsa->flags|=DSA_FLAG_CACHE_MONT_P;
319 return(1);
320}
321
322static int dsa_finish(DSA *dsa)
323{
324 if(dsa->method_mont_p)
325 BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
326 return(1);
327}
328
329static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
330 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
331 BN_MONT_CTX *in_mont)
332{
333 return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
334}
335
336static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
337 const BIGNUM *m, BN_CTX *ctx,
338 BN_MONT_CTX *m_ctx)
339{
340 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
341}
342
343
344/* random number r: 0 <= r < range */
345int __BN_rand_range(BIGNUM *r, BIGNUM *range)
346 {
347 int n;
348
349 if (range->neg || BN_is_zero(range))
350 {
351 /* BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE); */
352 return 0;
353 }
354
355 n = BN_num_bits(range); /* n > 0 */
356
357 if (n == 1)
358 {
359 if (!BN_zero(r)) return 0;
360 }
361 else if (BN_is_bit_set(range, n - 2))
362 {
363 do
364 {
365 /* range = 11..._2, so each iteration succeeds with probability >= .75 */
366 if (!BN_rand(r, n, -1, 0)) return 0;
367 }
368 while (BN_cmp(r, range) >= 0);
369 }
370 else
371 {
372 /* range = 10..._2,
373 * so 3*range (= 11..._2) is exactly one bit longer than range */
374 do
375 {
376 if (!BN_rand(r, n + 1, -1, 0)) return 0;
377 /* If r < 3*range, use r := r MOD range
378 * (which is either r, r - range, or r - 2*range).
379 * Otherwise, iterate once more.
380 * Since 3*range = 11..._2, each iteration succeeds with
381 * probability >= .75. */
382 if (BN_cmp(r ,range) >= 0)
383 {
384 if (!BN_sub(r, r, range)) return 0;
385 if (BN_cmp(r, range) >= 0)
386 if (!BN_sub(r, r, range)) return 0;
387 }
388 }
389 while (BN_cmp(r, range) >= 0);
390 }
391
392 return 1;
393 }
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
deleted file mode 100644
index dfe27bae47..0000000000
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ /dev/null
@@ -1,93 +0,0 @@
1/* crypto/dsa/dsa_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67#include <openssl/engine.h>
68
69DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
70 {
71 return ENGINE_get_DSA(dsa->engine)->dsa_do_sign(dgst, dlen, dsa);
72 }
73
74int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
75 unsigned int *siglen, DSA *dsa)
76 {
77 DSA_SIG *s;
78 s=DSA_do_sign(dgst,dlen,dsa);
79 if (s == NULL)
80 {
81 *siglen=0;
82 return(0);
83 }
84 *siglen=i2d_DSA_SIG(s,&sig);
85 DSA_SIG_free(s);
86 return(1);
87 }
88
89int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
90 {
91 return ENGINE_get_DSA(dsa->engine)->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
92 }
93
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
deleted file mode 100644
index 2e891ae491..0000000000
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ /dev/null
@@ -1,95 +0,0 @@
1/* crypto/dsa/dsa_vrf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67#include <openssl/asn1_mac.h>
68#include <openssl/engine.h>
69
70int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
71 DSA *dsa)
72 {
73 return ENGINE_get_DSA(dsa->engine)->dsa_do_verify(dgst, dgst_len, sig, dsa);
74 }
75
76/* data has already been hashed (probably with SHA or SHA-1). */
77/* returns
78 * 1: correct signature
79 * 0: incorrect signature
80 * -1: error
81 */
82int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
83 unsigned char *sigbuf, int siglen, DSA *dsa)
84 {
85 DSA_SIG *s;
86 int ret=-1;
87
88 s = DSA_SIG_new();
89 if (s == NULL) return(ret);
90 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
91 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
92err:
93 DSA_SIG_free(s);
94 return(ret);
95 }
diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h
deleted file mode 100644
index bed7c464a6..0000000000
--- a/src/lib/libcrypto/dso/dso.h
+++ /dev/null
@@ -1,250 +0,0 @@
1/* dso.h */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_DSO_H
60#define HEADER_DSO_H
61
62#include <openssl/crypto.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68/* These values are used as commands to DSO_ctrl() */
69#define DSO_CTRL_GET_FLAGS 1
70#define DSO_CTRL_SET_FLAGS 2
71#define DSO_CTRL_OR_FLAGS 3
72
73/* These flags control the translation of file-names from canonical to
74 * native. Eg. in the CryptoSwift support, the "dl" and "dlfcn"
75 * methods will translate "swift" -> "libswift.so" whereas the "win32"
76 * method will translate "swift" -> "swift.dll". NB: Until I can figure
77 * out how to be more "conventional" with this, the methods will only
78 * honour this flag if it looks like it was passed a file without any
79 * path and if the filename is small enough.
80 */
81#define DSO_FLAG_NAME_TRANSLATION 0x01
82
83/* The following flag controls the translation of symbol names to upper
84 * case. This is currently only being implemented for OpenVMS.
85 */
86#define DSO_FLAG_UPCASE_SYMBOL 0x02
87
88
89typedef void (*DSO_FUNC_TYPE)(void);
90
91typedef struct dso_st DSO;
92
93typedef struct dso_meth_st
94 {
95 const char *name;
96 /* Loads a shared library */
97 int (*dso_load)(DSO *dso, const char *filename);
98 /* Unloads a shared library */
99 int (*dso_unload)(DSO *dso);
100 /* Binds a variable */
101 void *(*dso_bind_var)(DSO *dso, const char *symname);
102 /* Binds a function - assumes a return type of DSO_FUNC_TYPE.
103 * This should be cast to the real function prototype by the
104 * caller. Platforms that don't have compatible representations
105 * for different prototypes (this is possible within ANSI C)
106 * are highly unlikely to have shared libraries at all, let
107 * alone a DSO_METHOD implemented for them. */
108 DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
109
110/* I don't think this would actually be used in any circumstances. */
111#if 0
112 /* Unbinds a variable */
113 int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
114 /* Unbinds a function */
115 int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
116#endif
117 /* The generic (yuck) "ctrl()" function. NB: Negative return
118 * values (rather than zero) indicate errors. */
119 long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
120
121 /* [De]Initialisation handlers. */
122 int (*init)(DSO *dso);
123 int (*finish)(DSO *dso);
124 } DSO_METHOD;
125
126/**********************************************************************/
127/* The low-level handle type used to refer to a loaded shared library */
128
129struct dso_st
130 {
131 DSO_METHOD *meth;
132 /* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
133 * doesn't use anything but will need to cache the filename
134 * for use in the dso_bind handler. All in all, let each
135 * method control its own destiny. "Handles" and such go in
136 * a STACK. */
137 STACK *meth_data;
138 int references;
139 int flags;
140 /* For use by applications etc ... use this for your bits'n'pieces,
141 * don't touch meth_data! */
142 CRYPTO_EX_DATA ex_data;
143 };
144
145
146DSO * DSO_new(void);
147DSO * DSO_new_method(DSO_METHOD *method);
148int DSO_free(DSO *dso);
149int DSO_flags(DSO *dso);
150int DSO_up(DSO *dso);
151long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
152
153void DSO_set_default_method(DSO_METHOD *meth);
154DSO_METHOD *DSO_get_default_method(void);
155DSO_METHOD *DSO_get_method(DSO *dso);
156DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
157
158/* The all-singing all-dancing load function, you normally pass NULL
159 * for the first and third parameters. Use DSO_up and DSO_free for
160 * subsequent reference count handling. Any flags passed in will be set
161 * in the constructed DSO after its init() function but before the
162 * load operation. This will be done with;
163 * DSO_ctrl(dso, DSO_CTRL_SET_FLAGS, flags, NULL); */
164DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
165
166/* This function binds to a variable inside a shared library. */
167void *DSO_bind_var(DSO *dso, const char *symname);
168
169/* This function binds to a function inside a shared library. */
170DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
171
172/* This method is the default, but will beg, borrow, or steal whatever
173 * method should be the default on any particular platform (including
174 * DSO_METH_null() if necessary). */
175DSO_METHOD *DSO_METHOD_openssl(void);
176
177/* This method is defined for all platforms - if a platform has no
178 * DSO support then this will be the only method! */
179DSO_METHOD *DSO_METHOD_null(void);
180
181/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
182 * (dlopen, dlclose, dlsym, etc) will be used and incorporated into
183 * this method. If not, this method will return NULL. */
184DSO_METHOD *DSO_METHOD_dlfcn(void);
185
186/* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
187 * shl_unload, shl_findsym, etc) will be used and incorporated into
188 * this method. If not, this method will return NULL. */
189DSO_METHOD *DSO_METHOD_dl(void);
190
191/* If WIN32 is defined, use DLLs. If not, return NULL. */
192DSO_METHOD *DSO_METHOD_win32(void);
193
194/* If VMS is defined, use shared images. If not, return NULL. */
195DSO_METHOD *DSO_METHOD_vms(void);
196
197void ERR_load_DSO_strings(void);
198
199/* BEGIN ERROR CODES */
200/* The following lines are auto generated by the script mkerr.pl. Any changes
201 * made after this point may be overwritten when the script is next run.
202 */
203
204/* Error codes for the DSO functions. */
205
206/* Function codes. */
207#define DSO_F_DLFCN_BIND_FUNC 100
208#define DSO_F_DLFCN_BIND_VAR 101
209#define DSO_F_DLFCN_CTRL 102
210#define DSO_F_DLFCN_LOAD 103
211#define DSO_F_DLFCN_UNLOAD 104
212#define DSO_F_DL_BIND_FUNC 105
213#define DSO_F_DL_BIND_VAR 106
214#define DSO_F_DL_CTRL 107
215#define DSO_F_DL_LOAD 108
216#define DSO_F_DL_UNLOAD 109
217#define DSO_F_DSO_BIND_FUNC 110
218#define DSO_F_DSO_BIND_VAR 111
219#define DSO_F_DSO_CTRL 112
220#define DSO_F_DSO_FREE 113
221#define DSO_F_DSO_LOAD 114
222#define DSO_F_DSO_NEW_METHOD 115
223#define DSO_F_DSO_UP 116
224#define DSO_F_VMS_BIND_VAR 122
225#define DSO_F_VMS_CTRL 123
226#define DSO_F_VMS_LOAD 124
227#define DSO_F_VMS_UNLOAD 125
228#define DSO_F_WIN32_BIND_FUNC 117
229#define DSO_F_WIN32_BIND_VAR 118
230#define DSO_F_WIN32_CTRL 119
231#define DSO_F_WIN32_LOAD 120
232#define DSO_F_WIN32_UNLOAD 121
233
234/* Reason codes. */
235#define DSO_R_CTRL_FAILED 100
236#define DSO_R_FILENAME_TOO_BIG 109
237#define DSO_R_FINISH_FAILED 101
238#define DSO_R_LOAD_FAILED 102
239#define DSO_R_NULL_HANDLE 103
240#define DSO_R_STACK_ERROR 104
241#define DSO_R_SYM_FAILURE 105
242#define DSO_R_UNKNOWN_COMMAND 106
243#define DSO_R_UNLOAD_FAILED 107
244#define DSO_R_UNSUPPORTED 108
245
246#ifdef __cplusplus
247}
248#endif
249#endif
250
diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c
deleted file mode 100644
index e709c721cc..0000000000
--- a/src/lib/libcrypto/dso/dso_dlfcn.c
+++ /dev/null
@@ -1,276 +0,0 @@
1/* dso_dlfcn.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/dso.h>
62
63#ifndef DSO_DLFCN
64DSO_METHOD *DSO_METHOD_dlfcn(void)
65 {
66 return NULL;
67 }
68#else
69
70#ifdef HAVE_DLFCN_H
71#include <dlfcn.h>
72#endif
73
74/* Part of the hack in "dlfcn_load" ... */
75#define DSO_MAX_TRANSLATED_SIZE 256
76
77static int dlfcn_load(DSO *dso, const char *filename);
78static int dlfcn_unload(DSO *dso);
79static void *dlfcn_bind_var(DSO *dso, const char *symname);
80static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
81#if 0
82static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
83static int dlfcn_init(DSO *dso);
84static int dlfcn_finish(DSO *dso);
85#endif
86static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
87
88static DSO_METHOD dso_meth_dlfcn = {
89 "OpenSSL 'dlfcn' shared library method",
90 dlfcn_load,
91 dlfcn_unload,
92 dlfcn_bind_var,
93 dlfcn_bind_func,
94/* For now, "unbind" doesn't exist */
95#if 0
96 NULL, /* unbind_var */
97 NULL, /* unbind_func */
98#endif
99 dlfcn_ctrl,
100 NULL, /* init */
101 NULL /* finish */
102 };
103
104DSO_METHOD *DSO_METHOD_dlfcn(void)
105 {
106 return(&dso_meth_dlfcn);
107 }
108
109/* Prior to using the dlopen() function, we should decide on the flag
110 * we send. There's a few different ways of doing this and it's a
111 * messy venn-diagram to match up which platforms support what. So
112 * as we don't have autoconf yet, I'm implementing a hack that could
113 * be hacked further relatively easily to deal with cases as we find
114 * them. Initially this is to cope with OpenBSD. */
115#ifdef __OpenBSD__
116# ifdef DL_LAZY
117# define DLOPEN_FLAG DL_LAZY
118# else
119# ifdef RTLD_NOW
120# define DLOPEN_FLAG RTLD_NOW
121# else
122# define DLOPEN_FLAG 0
123# endif
124# endif
125#else
126# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
127#endif
128
129/* For this DSO_METHOD, our meth_data STACK will contain;
130 * (i) the handle (void*) returned from dlopen().
131 */
132
133static int dlfcn_load(DSO *dso, const char *filename)
134 {
135 void *ptr;
136 char translated[DSO_MAX_TRANSLATED_SIZE];
137 int len;
138
139 /* NB: This is a hideous hack, but I'm not yet sure what
140 * to replace it with. This attempts to convert any filename,
141 * that looks like it has no path information, into a
142 * translated form, e. "blah" -> "libblah.so" */
143 len = strlen(filename);
144 if((dso->flags & DSO_FLAG_NAME_TRANSLATION) &&
145 (len + 6 < DSO_MAX_TRANSLATED_SIZE) &&
146 (strstr(filename, "/") == NULL))
147 {
148 sprintf(translated, "lib%s.so", filename);
149 ptr = dlopen(translated, DLOPEN_FLAG);
150 }
151 else
152 {
153 ptr = dlopen(filename, DLOPEN_FLAG);
154 }
155 if(ptr == NULL)
156 {
157 DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED);
158 return(0);
159 }
160 if(!sk_push(dso->meth_data, (char *)ptr))
161 {
162 DSOerr(DSO_F_DLFCN_LOAD,DSO_R_STACK_ERROR);
163 dlclose(ptr);
164 return(0);
165 }
166 return(1);
167 }
168
169static int dlfcn_unload(DSO *dso)
170 {
171 void *ptr;
172 if(dso == NULL)
173 {
174 DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
175 return(0);
176 }
177 if(sk_num(dso->meth_data) < 1)
178 return(1);
179 ptr = (void *)sk_pop(dso->meth_data);
180 if(ptr == NULL)
181 {
182 DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE);
183 /* Should push the value back onto the stack in
184 * case of a retry. */
185 sk_push(dso->meth_data, (char *)ptr);
186 return(0);
187 }
188 /* For now I'm not aware of any errors associated with dlclose() */
189 dlclose(ptr);
190 return(1);
191 }
192
193static void *dlfcn_bind_var(DSO *dso, const char *symname)
194 {
195 void *ptr, *sym;
196
197 if((dso == NULL) || (symname == NULL))
198 {
199 DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
200 return(NULL);
201 }
202 if(sk_num(dso->meth_data) < 1)
203 {
204 DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR);
205 return(NULL);
206 }
207 ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
208 if(ptr == NULL)
209 {
210 DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE);
211 return(NULL);
212 }
213 sym = dlsym(ptr, symname);
214 if(sym == NULL)
215 {
216 DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_SYM_FAILURE);
217 return(NULL);
218 }
219 return(sym);
220 }
221
222static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
223 {
224 void *ptr;
225 DSO_FUNC_TYPE sym;
226
227 if((dso == NULL) || (symname == NULL))
228 {
229 DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
230 return(NULL);
231 }
232 if(sk_num(dso->meth_data) < 1)
233 {
234 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR);
235 return(NULL);
236 }
237 ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
238 if(ptr == NULL)
239 {
240 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
241 return(NULL);
242 }
243 sym = (DSO_FUNC_TYPE)dlsym(ptr, symname);
244 if(sym == NULL)
245 {
246 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
247 return(NULL);
248 }
249 return(sym);
250 }
251
252static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg)
253 {
254 if(dso == NULL)
255 {
256 DSOerr(DSO_F_DLFCN_CTRL,ERR_R_PASSED_NULL_PARAMETER);
257 return(-1);
258 }
259 switch(cmd)
260 {
261 case DSO_CTRL_GET_FLAGS:
262 return dso->flags;
263 case DSO_CTRL_SET_FLAGS:
264 dso->flags = (int)larg;
265 return(0);
266 case DSO_CTRL_OR_FLAGS:
267 dso->flags |= (int)larg;
268 return(0);
269 default:
270 break;
271 }
272 DSOerr(DSO_F_DLFCN_CTRL,DSO_R_UNKNOWN_COMMAND);
273 return(-1);
274 }
275
276#endif /* DSO_DLFCN */
diff --git a/src/lib/libcrypto/dso/dso_err.c b/src/lib/libcrypto/dso/dso_err.c
deleted file mode 100644
index a3d7321c9b..0000000000
--- a/src/lib/libcrypto/dso/dso_err.c
+++ /dev/null
@@ -1,128 +0,0 @@
1/* crypto/dso/dso_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dso.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA DSO_str_functs[]=
68 {
69{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0), "DLFCN_BIND_FUNC"},
70{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0), "DLFCN_BIND_VAR"},
71{ERR_PACK(0,DSO_F_DLFCN_CTRL,0), "DLFCN_CTRL"},
72{ERR_PACK(0,DSO_F_DLFCN_LOAD,0), "DLFCN_LOAD"},
73{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0), "DLFCN_UNLOAD"},
74{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0), "DL_BIND_FUNC"},
75{ERR_PACK(0,DSO_F_DL_BIND_VAR,0), "DL_BIND_VAR"},
76{ERR_PACK(0,DSO_F_DL_CTRL,0), "DL_CTRL"},
77{ERR_PACK(0,DSO_F_DL_LOAD,0), "DL_LOAD"},
78{ERR_PACK(0,DSO_F_DL_UNLOAD,0), "DL_UNLOAD"},
79{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0), "DSO_bind_func"},
80{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0), "DSO_bind_var"},
81{ERR_PACK(0,DSO_F_DSO_CTRL,0), "DSO_ctrl"},
82{ERR_PACK(0,DSO_F_DSO_FREE,0), "DSO_free"},
83{ERR_PACK(0,DSO_F_DSO_LOAD,0), "DSO_load"},
84{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0), "DSO_new_method"},
85{ERR_PACK(0,DSO_F_DSO_UP,0), "DSO_up"},
86{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0), "VMS_BIND_VAR"},
87{ERR_PACK(0,DSO_F_VMS_CTRL,0), "VMS_CTRL"},
88{ERR_PACK(0,DSO_F_VMS_LOAD,0), "VMS_LOAD"},
89{ERR_PACK(0,DSO_F_VMS_UNLOAD,0), "VMS_UNLOAD"},
90{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0), "WIN32_BIND_FUNC"},
91{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0), "WIN32_BIND_VAR"},
92{ERR_PACK(0,DSO_F_WIN32_CTRL,0), "WIN32_CTRL"},
93{ERR_PACK(0,DSO_F_WIN32_LOAD,0), "WIN32_LOAD"},
94{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0), "WIN32_UNLOAD"},
95{0,NULL}
96 };
97
98static ERR_STRING_DATA DSO_str_reasons[]=
99 {
100{DSO_R_CTRL_FAILED ,"control command failed"},
101{DSO_R_FILENAME_TOO_BIG ,"filename too big"},
102{DSO_R_FINISH_FAILED ,"cleanup method function failed"},
103{DSO_R_LOAD_FAILED ,"could not load the shared library"},
104{DSO_R_NULL_HANDLE ,"a null shared library handle was used"},
105{DSO_R_STACK_ERROR ,"the meth_data stack is corrupt"},
106{DSO_R_SYM_FAILURE ,"could not bind to the requested symbol name"},
107{DSO_R_UNKNOWN_COMMAND ,"unknown control command"},
108{DSO_R_UNLOAD_FAILED ,"could not unload the shared library"},
109{DSO_R_UNSUPPORTED ,"functionality not supported"},
110{0,NULL}
111 };
112
113#endif
114
115void ERR_load_DSO_strings(void)
116 {
117 static int init=1;
118
119 if (init)
120 {
121 init=0;
122#ifndef NO_ERR
123 ERR_load_strings(ERR_LIB_DSO,DSO_str_functs);
124 ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons);
125#endif
126
127 }
128 }
diff --git a/src/lib/libcrypto/dso/dso_lib.c b/src/lib/libcrypto/dso/dso_lib.c
deleted file mode 100644
index acd166697e..0000000000
--- a/src/lib/libcrypto/dso/dso_lib.c
+++ /dev/null
@@ -1,306 +0,0 @@
1/* dso_lib.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <openssl/crypto.h>
61#include "cryptlib.h"
62#include <openssl/dso.h>
63
64static DSO_METHOD *default_DSO_meth = NULL;
65
66DSO *DSO_new(void)
67 {
68 return(DSO_new_method(NULL));
69 }
70
71void DSO_set_default_method(DSO_METHOD *meth)
72 {
73 default_DSO_meth = meth;
74 }
75
76DSO_METHOD *DSO_get_default_method(void)
77 {
78 return(default_DSO_meth);
79 }
80
81DSO_METHOD *DSO_get_method(DSO *dso)
82 {
83 return(dso->meth);
84 }
85
86DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
87 {
88 DSO_METHOD *mtmp;
89 mtmp = dso->meth;
90 dso->meth = meth;
91 return(mtmp);
92 }
93
94DSO *DSO_new_method(DSO_METHOD *meth)
95 {
96 DSO *ret;
97
98 if(default_DSO_meth == NULL)
99 /* We default to DSO_METH_openssl() which in turn defaults
100 * to stealing the "best available" method. Will fallback
101 * to DSO_METH_null() in the worst case. */
102 default_DSO_meth = DSO_METHOD_openssl();
103 ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
104 if(ret == NULL)
105 {
106 DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE);
107 return(NULL);
108 }
109 memset(ret, 0, sizeof(DSO));
110 ret->meth_data = sk_new_null();
111 if((ret->meth_data = sk_new_null()) == NULL)
112 {
113 /* sk_new doesn't generate any errors so we do */
114 DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE);
115 OPENSSL_free(ret);
116 return(NULL);
117 }
118 if(meth == NULL)
119 ret->meth = default_DSO_meth;
120 else
121 ret->meth = meth;
122 ret->references = 1;
123 if((ret->meth->init != NULL) && !ret->meth->init(ret))
124 {
125 OPENSSL_free(ret);
126 ret=NULL;
127 }
128 return(ret);
129 }
130
131int DSO_free(DSO *dso)
132 {
133 int i;
134
135 if(dso == NULL)
136 {
137 DSOerr(DSO_F_DSO_FREE,ERR_R_PASSED_NULL_PARAMETER);
138 return(0);
139 }
140
141 i=CRYPTO_add(&dso->references,-1,CRYPTO_LOCK_DSO);
142#ifdef REF_PRINT
143 REF_PRINT("DSO",dso);
144#endif
145 if(i > 0) return(1);
146#ifdef REF_CHECK
147 if(i < 0)
148 {
149 fprintf(stderr,"DSO_free, bad reference count\n");
150 abort();
151 }
152#endif
153
154 if((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso))
155 {
156 DSOerr(DSO_F_DSO_FREE,DSO_R_UNLOAD_FAILED);
157 return(0);
158 }
159
160 if((dso->meth->finish != NULL) && !dso->meth->finish(dso))
161 {
162 DSOerr(DSO_F_DSO_FREE,DSO_R_FINISH_FAILED);
163 return(0);
164 }
165
166 sk_free(dso->meth_data);
167
168 OPENSSL_free(dso);
169 return(1);
170 }
171
172int DSO_flags(DSO *dso)
173 {
174 return((dso == NULL) ? 0 : dso->flags);
175 }
176
177
178int DSO_up(DSO *dso)
179 {
180 if (dso == NULL)
181 {
182 DSOerr(DSO_F_DSO_UP,ERR_R_PASSED_NULL_PARAMETER);
183 return(0);
184 }
185
186 CRYPTO_add(&dso->references,1,CRYPTO_LOCK_DSO);
187 return(1);
188 }
189
190DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
191 {
192 DSO *ret;
193 int allocated = 0;
194
195 if(filename == NULL)
196 {
197 DSOerr(DSO_F_DSO_LOAD,ERR_R_PASSED_NULL_PARAMETER);
198 return(NULL);
199 }
200 if(dso == NULL)
201 {
202 ret = DSO_new_method(meth);
203 if(ret == NULL)
204 {
205 DSOerr(DSO_F_DSO_LOAD,ERR_R_MALLOC_FAILURE);
206 return(NULL);
207 }
208 allocated = 1;
209 }
210 else
211 ret = dso;
212 /* Bleurgh ... have to check for negative return values for
213 * errors. <grimace> */
214 if(DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0)
215 {
216 DSOerr(DSO_F_DSO_LOAD,DSO_R_CTRL_FAILED);
217 if(allocated)
218 DSO_free(ret);
219 return(NULL);
220 }
221 if(ret->meth->dso_load == NULL)
222 {
223 DSOerr(DSO_F_DSO_LOAD,DSO_R_UNSUPPORTED);
224 if(allocated)
225 DSO_free(ret);
226 return(NULL);
227 }
228 if(!ret->meth->dso_load(ret, filename))
229 {
230 DSOerr(DSO_F_DSO_LOAD,DSO_R_LOAD_FAILED);
231 if(allocated)
232 DSO_free(ret);
233 return(NULL);
234 }
235 /* Load succeeded */
236 return(ret);
237 }
238
239void *DSO_bind_var(DSO *dso, const char *symname)
240 {
241 void *ret = NULL;
242
243 if((dso == NULL) || (symname == NULL))
244 {
245 DSOerr(DSO_F_DSO_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
246 return(NULL);
247 }
248 if(dso->meth->dso_bind_var == NULL)
249 {
250 DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_UNSUPPORTED);
251 return(NULL);
252 }
253 if((ret = dso->meth->dso_bind_var(dso, symname)) == NULL)
254 {
255 DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_SYM_FAILURE);
256 return(NULL);
257 }
258 /* Success */
259 return(ret);
260 }
261
262DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
263 {
264 DSO_FUNC_TYPE ret = NULL;
265
266 if((dso == NULL) || (symname == NULL))
267 {
268 DSOerr(DSO_F_DSO_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
269 return(NULL);
270 }
271 if(dso->meth->dso_bind_func == NULL)
272 {
273 DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_UNSUPPORTED);
274 return(NULL);
275 }
276 if((ret = dso->meth->dso_bind_func(dso, symname)) == NULL)
277 {
278 DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_SYM_FAILURE);
279 return(NULL);
280 }
281 /* Success */
282 return(ret);
283 }
284
285/* I don't really like these *_ctrl functions very much to be perfectly
286 * honest. For one thing, I think I have to return a negative value for
287 * any error because possible DSO_ctrl() commands may return values
288 * such as "size"s that can legitimately be zero (making the standard
289 * "if(DSO_cmd(...))" form that works almost everywhere else fail at
290 * odd times. I'd prefer "output" values to be passed by reference and
291 * the return value as success/failure like usual ... but we conform
292 * when we must... :-) */
293long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
294 {
295 if(dso == NULL)
296 {
297 DSOerr(DSO_F_DSO_CTRL,ERR_R_PASSED_NULL_PARAMETER);
298 return(-1);
299 }
300 if((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL))
301 {
302 DSOerr(DSO_F_DSO_CTRL,DSO_R_UNSUPPORTED);
303 return(-1);
304 }
305 return(dso->meth->dso_ctrl(dso,cmd,larg,parg));
306 }
diff --git a/src/lib/libcrypto/dso/dso_null.c b/src/lib/libcrypto/dso/dso_null.c
deleted file mode 100644
index fa13a7cb0f..0000000000
--- a/src/lib/libcrypto/dso/dso_null.c
+++ /dev/null
@@ -1,86 +0,0 @@
1/* dso_null.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* This "NULL" method is provided as the fallback for systems that have
60 * no appropriate support for "shared-libraries". */
61
62#include <stdio.h>
63#include "cryptlib.h"
64#include <openssl/dso.h>
65
66static DSO_METHOD dso_meth_null = {
67 "NULL shared library method",
68 NULL, /* load */
69 NULL, /* unload */
70 NULL, /* bind_var */
71 NULL, /* bind_func */
72/* For now, "unbind" doesn't exist */
73#if 0
74 NULL, /* unbind_var */
75 NULL, /* unbind_func */
76#endif
77 NULL, /* ctrl */
78 NULL, /* init */
79 NULL /* finish */
80 };
81
82DSO_METHOD *DSO_METHOD_null(void)
83 {
84 return(&dso_meth_null);
85 }
86
diff --git a/src/lib/libcrypto/dso/dso_openssl.c b/src/lib/libcrypto/dso/dso_openssl.c
deleted file mode 100644
index a4395ebffe..0000000000
--- a/src/lib/libcrypto/dso/dso_openssl.c
+++ /dev/null
@@ -1,81 +0,0 @@
1/* dso_openssl.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/dso.h>
62
63/* We just pinch the method from an appropriate "default" method. */
64
65DSO_METHOD *DSO_METHOD_openssl(void)
66 {
67#ifdef DEF_DSO_METHOD
68 return(DEF_DSO_METHOD());
69#elif defined(DSO_DLFCN)
70 return(DSO_METHOD_dlfcn());
71#elif defined(DSO_DL)
72 return(DSO_METHOD_dl());
73#elif defined(DSO_WIN32)
74 return(DSO_METHOD_win32());
75#elif defined(DSO_VMS)
76 return(DSO_METHOD_vms());
77#else
78 return(DSO_METHOD_null());
79#endif
80 }
81
diff --git a/src/lib/libcrypto/engine/README b/src/lib/libcrypto/engine/README
deleted file mode 100644
index 96595e6f35..0000000000
--- a/src/lib/libcrypto/engine/README
+++ /dev/null
@@ -1,278 +0,0 @@
1NOTES, THOUGHTS, and EVERYTHING
2-------------------------------
3
4(1) Concurrency and locking ... I made a change to the ENGINE_free code
5 because I spotted a potential hold-up in proceedings (doing too
6 much inside a lock including calling a callback), there may be
7 other bits like this. What do the speed/optimisation freaks think
8 of this aspect of the code and design? There's lots of locking for
9 manipulation functions and I need that to keep things nice and
10 solid, but this manipulation is mostly (de)initialisation, I would
11 think that most run-time locking is purely in the ENGINE_init and
12 ENGINE_finish calls that might be made when getting handles for
13 RSA (and friends') structures. These would be mostly reference
14 count operations as the functional references should always be 1
15 or greater at run-time to prevent init/deinit thrashing.
16
17(2) nCipher support, via the HWCryptoHook API, is now in the code.
18 Apparently this hasn't been tested too much yet, but it looks
19 good. :-) Atalla support has been added too, but shares a lot in
20 common with Ben's original hooks in bn_exp.c (although it has been
21 ENGINE-ified, and error handling wrapped around it) and it's also
22 had some low-volume testing, so it should be usable.
23
24(3) Of more concern, we need to work out (a) how to put together usable
25 RAND_METHODs for units that just have one "get n or less random
26 bytes" function, (b) we also need to determine how to hook the code
27 in crypto/rand/ to use the ENGINE defaults in a way similar to what
28 has been done in crypto/rsa/, crypto/dsa/, etc.
29
30(4) ENGINE should really grow to encompass more than 3 public key
31 algorithms and randomness gathering. The structure/data level of
32 the engine code is hidden from code outside the crypto/engine/
33 directory so change shouldn't be too viral. More important though
34 is how things should evolve ... this needs thought and discussion.
35
36
37-----------------------------------==*==-----------------------------------
38
39More notes 2000-08-01
40---------------------
41
42Geoff Thorpe, who designed the engine part, wrote a pretty good description
43of the thoughts he had when he built it, good enough to include verbatim here
44(with his permission) -- Richard Levitte
45
46
47Date: Tue, 1 Aug 2000 16:54:08 +0100 (BST)
48From: Geoff Thorpe
49Subject: Re: The thoughts to merge BRANCH_engine into the main trunk are
50 emerging
51
52Hi there,
53
54I'm going to try and do some justice to this, but I'm a little short on
55time and the there is an endless amount that could be discussed on this
56subject. sigh ... please bear with me :-)
57
58> The changes in BRANCH_engine dig deep into the core of OpenSSL, for example
59> into the RSA and RAND routines, adding a level of indirection which is needed
60> to keep the abstraction, as far as I understand. It would be a good thing if
61> those who do play with those things took a look at the changes that have been
62> done in the branch and say out loud how much (or hopefully little) we've made
63> fools of ourselves.
64
65The point here is that the code that has emerged in the BRANCH_engine
66branch was based on some initial requirements of mine that I went in and
67addressed, and Richard has picked up the ball and run with it too. It
68would be really useful to get some review of the approach we've taken, but
69first I think I need to describe as best I can the reasons behind what has
70been done so far, in particular what issues we have tried to address when
71doing this, and what issues we have intentionally (or necessarily) tried
72to avoid.
73
74methods, engines, and evps
75--------------------------
76
77There has been some dicussion, particularly with Steve, about where this
78ENGINE stuff might fit into the conceptual picture as/when we start to
79abstract algorithms a little bit to make the library more extensible. In
80particular, it would desirable to have algorithms (symmetric, hash, pkc,
81etc) abstracted in some way that allows them to be just objects sitting in
82a list (or database) ... it'll just happen that the "DSA" object doesn't
83support encryption whereas the "RSA" object does. This requires a lot of
84consideration to begin to know how to tackle it; in particular how
85encapsulated should these things be? If the objects also understand their
86own ASN1 encodings and what-not, then it would for example be possible to
87add support for elliptic-curve DSA in as a new algorithm and automatically
88have ECC-DSA certificates supported in SSL applications. Possible, but not
89easy. :-)
90
91Whatever, it seems that the way to go (if I've grok'd Steve's comments on
92this in the past) is to amalgamate these things in EVP as is already done
93(I think) for ciphers or hashes (Steve, please correct/elaborate). I
94certainly think something should be done in this direction because right
95now we have different source directories, types, functions, and methods
96for each algorithm - even when conceptually they are very much different
97feathers of the same bird. (This is certainly all true for the public-key
98stuff, and may be partially true for the other parts.)
99
100ENGINE was *not* conceived as a way of solving this, far from it. Nor was
101it conceived as a way of replacing the various "***_METHOD"s. It was
102conceived as an abstraction of a sort of "virtual crypto device". If we
103lived in a world where "EVP_ALGO"s (or something like them) encapsulated
104particular algorithms like RSA,DSA,MD5,RC4,etc, and "***_METHOD"s
105encapsulated interfaces to algorithms (eg. some algo's might support a
106PKC_METHOD, a HASH_METHOD, or a CIPHER_METHOD, who knows?), then I would
107think that ENGINE would encapsulate an implementation of arbitrarily many
108of those algorithms - perhaps as alternatives to existing algorithms
109and/or perhaps as new previously unimplemented algorithms. An ENGINE could
110be used to contain an alternative software implementation, a wrapper for a
111hardware acceleration and/or key-management unit, a comms-wrapper for
112distributing cryptographic operations to remote machines, or any other
113"devices" your imagination can dream up.
114
115However, what has been done in the ENGINE branch so far is nothing more
116than starting to get our toes wet. I had a couple of self-imposed
117requirements when putting the initial abstraction together, and I may have
118already posed these in one form or another on the list, but briefly;
119
120 (i) only bother with public key algorithms for now, and maybe RAND too
121 (motivated by the need to get hardware support going and the fact
122 this was a comparitively easy subset to address to begin with).
123
124 (ii) don't change (if at all possible) the existing crypto code, ie. the
125 implementations, the way the ***_METHODs work, etc.
126
127 (iii) ensure that if no function from the ENGINE code is ever called then
128 things work the way they always did, and there is no memory
129 allocation (otherwise the failure to cleanup would be a problem -
130 this is part of the reason no STACKs were used, the other part of
131 the reason being I found them inappropriate).
132
133 (iv) ensure that all the built-in crypto was encapsulated by one of
134 these "ENGINE"s and that this engine was automatically selected as
135 the default.
136
137 (v) provide the minimum hooking possible in the existing crypto code
138 so that global functions (eg. RSA_public_encrypt) do not need any
139 extra parameter, yet will use whatever the current default ENGINE
140 for that RSA key is, and that the default can be set "per-key"
141 and globally (new keys will assume the global default, and keys
142 without their own default will be operated on using the global
143 default). NB: Try and make (v) conflict as little as possible with
144 (ii). :-)
145
146 (vi) wrap the ENGINE code up in duct tape so you can't even see the
147 corners. Ie. expose no structures at all, just black-box pointers.
148
149 (v) maintain internally a list of ENGINEs on which a calling
150 application can iterate, interrogate, etc. Allow a calling
151 application to hook in new ENGINEs, remove ENGINEs from the list,
152 and enforce uniqueness within the global list of each ENGINE's
153 "unique id".
154
155 (vi) keep reference counts for everything - eg. this includes storing a
156 reference inside each RSA structure to the ENGINE that it uses.
157 This is freed when the RSA structure is destroyed, or has its
158 ENGINE explicitly changed. The net effect needs to be that at any
159 time, it is deterministic to know whether an ENGINE is in use or
160 can be safely removed (or unloaded in the case of the other type
161 of reference) without invalidating function pointers that may or
162 may not be used indavertently in the future. This was actually
163 one of the biggest problems to overcome in the existing OpenSSL
164 code - implementations had always been assumed to be ever-present,
165 so there was no trivial way to get round this.
166
167 (vii) distinguish between structural references and functional
168 references.
169
170A *little* detail
171-----------------
172
173While my mind is on it; I'll illustrate the bit in item (vii). This idea
174turned out to be very handy - the ENGINEs themselves need to be operated
175on and manipulated simply as objects without necessarily trying to
176"enable" them for use. Eg. most host machines will not have the necessary
177hardware or software to support all the engines one might compile into
178OpenSSL, yet it needs to be possible to iterate across the ENGINEs,
179querying their names, properties, etc - all happening in a thread-safe
180manner that uses reference counts (if you imagine two threads iterating
181through a list and one thread removing the ENGINE the other is currently
182looking at - you can see the gotcha waiting to happen). For all of this,
183*structural references* are used and operate much like the other reference
184counts in OpenSSL.
185
186The other kind of reference count is for *functional* references - these
187indicate a reference on which the caller can actually assume the
188particular ENGINE to be initialised and usable to perform the operations
189it implements. Any increment or decrement of the functional reference
190count automatically invokes a corresponding change in the structural
191reference count, as it is fairly obvious that a functional reference is a
192restricted case of a structural reference. So struct_ref >= funct_ref at
193all times. NB: functional references are usually obtained by a call to
194ENGINE_init(), but can also be created implicitly by calls that require a
195new functional reference to be created, eg. ENGINE_set_default(). Either
196way the only time the underlying ENGINE's "init" function is really called
197is when the (functional) reference count increases to 1, similarly the
198underlying "finish" handler is only called as the count goes down to 0.
199The effect of this, for example, is that if you set the default ENGINE for
200RSA operations to be "cswift", then its functional reference count will
201already be at least 1 so the CryptoSwift shared-library and the card will
202stay loaded and initialised until such time as all RSA keys using the
203cswift ENGINE are changed or destroyed and the default ENGINE for RSA
204operations has been changed. This prevents repeated thrashing of init and
205finish handling if the count keeps getting down as far as zero.
206
207Otherwise, the way the ENGINE code has been put together I think pretty
208much reflects the above points. The reason for the ENGINE structure having
209individual RSA_METHOD, DSA_METHOD, etc pointers is simply that it was the
210easiest way to go about things for now, to hook it all into the raw
211RSA,DSA,etc code, and I was trying to the keep the structure invisible
212anyway so that the way this is internally managed could be easily changed
213later on when we start to work out what's to be done about these other
214abstractions.
215
216Down the line, if some EVP-based technique emerges for adequately
217encapsulating algorithms and all their various bits and pieces, then I can
218imagine that "ENGINE" would turn into a reference-counting database of
219these EVP things, of which the default "openssl" ENGINE would be the
220library's own object database of pre-built software implemented algorithms
221(and such). It would also be cool to see the idea of "METHOD"s detached
222from the algorithms themselves ... so RSA, DSA, ElGamal, etc can all
223expose essentially the same METHOD (aka interface), which would include
224any querying/flagging stuff to identify what the algorithm can/can't do,
225its name, and other stuff like max/min block sizes, key sizes, etc. This
226would result in ENGINE similarly detaching its internal database of
227algorithm implementations from the function definitions that return
228interfaces to them. I think ...
229
230As for DSOs etc. Well the DSO code is pretty handy (but could be made much
231more so) for loading vendor's driver-libraries and talking to them in some
232generic way, but right now there's still big problems associated with
233actually putting OpenSSL code (ie. new ENGINEs, or anything else for that
234matter) in dynamically loadable libraries. These problems won't go away in
235a hurry so I don't think we should expect to have any kind of
236shared-library extensions any time soon - but solving the problems is a
237good thing to aim for, and would as a side-effect probably help make
238OpenSSL more usable as a shared-library itself (looking at the things
239needed to do this will show you why).
240
241One of the problems is that if you look at any of the ENGINE
242implementations, eg. hw_cswift.c or hw_ncipher.c, you'll see how it needs
243a variety of functionality and definitions from various areas of OpenSSL,
244including crypto/bn/, crypto/err/, crypto/ itself (locking for example),
245crypto/dso/, crypto/engine/, crypto/rsa, etc etc etc. So if similar code
246were to be suctioned off into shared libraries, the shared libraries would
247either have to duplicate all the definitions and code and avoid loader
248conflicts, or OpenSSL would have to somehow expose all that functionality
249to the shared-library. If this isn't a big enough problem, the issue of
250binary compatibility will be - anyone writing Apache modules can tell you
251that (Ralf? Ben? :-). However, I don't think OpenSSL would need to be
252quite so forgiving as Apache should be, so OpenSSL could simply tell its
253version to the DSO and leave the DSO with the problem of deciding whether
254to proceed or bail out for fear of binary incompatibilities.
255
256Certainly one thing that would go a long way to addressing this is to
257embark on a bit of an opaqueness mission. I've set the ENGINE code up with
258this in mind - it's so draconian that even to declare your own ENGINE, you
259have to get the engine code to create the underlying ENGINE structure, and
260then feed in the new ENGINE's function/method pointers through various
261"set" functions. The more of the code that takes on such a black-box
262approach, the more of the code that will be (a) easy to expose to shared
263libraries that need it, and (b) easy to expose to applications wanting to
264use OpenSSL itself as a shared-library. From my own explorations in
265OpenSSL, the biggest leviathan I've seen that is a problem in this respect
266is the BIGNUM code. Trying to "expose" the bignum code through any kind of
267organised "METHODs", let alone do all the necessary bignum operations
268solely through functions rather than direct access to the structures and
269macros, will be a massive pain in the "r"s.
270
271Anyway, I'm done for now - hope it was readable. Thoughts?
272
273Cheers,
274Geoff
275
276
277-----------------------------------==*==-----------------------------------
278
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
deleted file mode 100644
index 2983f47034..0000000000
--- a/src/lib/libcrypto/engine/engine.h
+++ /dev/null
@@ -1,398 +0,0 @@
1/* openssl/engine.h */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_ENGINE_H
60#define HEADER_ENGINE_H
61
62#include <openssl/bn.h>
63#include <openssl/rsa.h>
64#include <openssl/dsa.h>
65#include <openssl/dh.h>
66#include <openssl/rand.h>
67#include <openssl/evp.h>
68#include <openssl/symhacks.h>
69
70#ifdef __cplusplus
71extern "C" {
72#endif
73
74/* These flags are used to control combinations of algorithm (methods)
75 * by bitwise "OR"ing. */
76#define ENGINE_METHOD_RSA (unsigned int)0x0001
77#define ENGINE_METHOD_DSA (unsigned int)0x0002
78#define ENGINE_METHOD_DH (unsigned int)0x0004
79#define ENGINE_METHOD_RAND (unsigned int)0x0008
80#define ENGINE_METHOD_BN_MOD_EXP (unsigned int)0x0010
81#define ENGINE_METHOD_BN_MOD_EXP_CRT (unsigned int)0x0020
82/* Obvious all-or-nothing cases. */
83#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
84#define ENGINE_METHOD_NONE (unsigned int)0x0000
85
86/* These flags are used to tell the ctrl function what should be done.
87 * All command numbers are shared between all engines, even if some don't
88 * make sense to some engines. In such a case, they do nothing but return
89 * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
90#define ENGINE_CTRL_SET_LOGSTREAM 1
91#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
92/* Flags specific to the nCipher "chil" engine */
93#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
94 /* Depending on the value of the (long)i argument, this sets or
95 * unsets the SimpleForkCheck flag in the CHIL API to enable or
96 * disable checking and workarounds for applications that fork().
97 */
98#define ENGINE_CTRL_CHIL_NO_LOCKING 101
99 /* This prevents the initialisation function from providing mutex
100 * callbacks to the nCipher library. */
101
102/* As we're missing a BIGNUM_METHOD, we need a couple of locally
103 * defined function types that engines can implement. */
104
105#ifndef HEADER_ENGINE_INT_H
106/* mod_exp operation, calculates; r = a ^ p mod m
107 * NB: ctx can be NULL, but if supplied, the implementation may use
108 * it if it wishes. */
109typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
110 const BIGNUM *m, BN_CTX *ctx);
111
112/* private key operation for RSA, provided seperately in case other
113 * RSA implementations wish to use it. */
114typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
115 const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
116 const BIGNUM *iqmp, BN_CTX *ctx);
117
118/* Generic function pointer */
119typedef void (*ENGINE_GEN_FUNC_PTR)();
120/* Generic function pointer taking no arguments */
121typedef void (*ENGINE_GEN_INT_FUNC_PTR)(void);
122/* Specific control function pointer */
123typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)());
124
125/* The list of "engine" types is a static array of (const ENGINE*)
126 * pointers (not dynamic because static is fine for now and we otherwise
127 * have to hook an appropriate load/unload function in to initialise and
128 * cleanup). */
129typedef struct engine_st ENGINE;
130#endif
131
132/* STRUCTURE functions ... all of these functions deal with pointers to
133 * ENGINE structures where the pointers have a "structural reference".
134 * This means that their reference is to allow access to the structure
135 * but it does not imply that the structure is functional. To simply
136 * increment or decrement the structural reference count, use ENGINE_new
137 * and ENGINE_free. NB: This is not required when iterating using
138 * ENGINE_get_next as it will automatically decrement the structural
139 * reference count of the "current" ENGINE and increment the structural
140 * reference count of the ENGINE it returns (unless it is NULL). */
141
142/* Get the first/last "ENGINE" type available. */
143ENGINE *ENGINE_get_first(void);
144ENGINE *ENGINE_get_last(void);
145/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
146ENGINE *ENGINE_get_next(ENGINE *e);
147ENGINE *ENGINE_get_prev(ENGINE *e);
148/* Add another "ENGINE" type into the array. */
149int ENGINE_add(ENGINE *e);
150/* Remove an existing "ENGINE" type from the array. */
151int ENGINE_remove(ENGINE *e);
152/* Retrieve an engine from the list by its unique "id" value. */
153ENGINE *ENGINE_by_id(const char *id);
154
155/* These functions are useful for manufacturing new ENGINE
156 * structures. They don't address reference counting at all -
157 * one uses them to populate an ENGINE structure with personalised
158 * implementations of things prior to using it directly or adding
159 * it to the builtin ENGINE list in OpenSSL. These are also here
160 * so that the ENGINE structure doesn't have to be exposed and
161 * break binary compatibility!
162 *
163 * NB: I'm changing ENGINE_new to force the ENGINE structure to
164 * be allocated from within OpenSSL. See the comment for
165 * ENGINE_get_struct_size().
166 */
167#if 0
168ENGINE *ENGINE_new(ENGINE *e);
169#else
170ENGINE *ENGINE_new(void);
171#endif
172int ENGINE_free(ENGINE *e);
173int ENGINE_set_id(ENGINE *e, const char *id);
174int ENGINE_set_name(ENGINE *e, const char *name);
175int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth);
176int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth);
177int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth);
178int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth);
179int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp);
180int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt);
181int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
182int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
183int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
184
185/* These return values from within the ENGINE structure. These can
186 * be useful with functional references as well as structural
187 * references - it depends which you obtained. Using the result
188 * for functional purposes if you only obtained a structural
189 * reference may be problematic! */
190const char *ENGINE_get_id(ENGINE *e);
191const char *ENGINE_get_name(ENGINE *e);
192RSA_METHOD *ENGINE_get_RSA(ENGINE *e);
193DSA_METHOD *ENGINE_get_DSA(ENGINE *e);
194DH_METHOD *ENGINE_get_DH(ENGINE *e);
195RAND_METHOD *ENGINE_get_RAND(ENGINE *e);
196BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e);
197BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e);
198ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(ENGINE *e);
199ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(ENGINE *e);
200ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(ENGINE *e);
201
202/* ENGINE_new is normally passed a NULL in the first parameter because
203 * the calling code doesn't have access to the definition of the ENGINE
204 * structure (for good reason). However, if the caller wishes to use
205 * its own memory allocation or use a static array, the following call
206 * should be used to check the amount of memory the ENGINE structure
207 * will occupy. This will make the code more future-proof.
208 *
209 * NB: I'm "#if 0"-ing this out because it's better to force the use of
210 * internally allocated memory. See similar change in ENGINE_new().
211 */
212#if 0
213int ENGINE_get_struct_size(void);
214#endif
215
216/* FUNCTIONAL functions. These functions deal with ENGINE structures
217 * that have (or will) be initialised for use. Broadly speaking, the
218 * structural functions are useful for iterating the list of available
219 * engine types, creating new engine types, and other "list" operations.
220 * These functions actually deal with ENGINEs that are to be used. As
221 * such these functions can fail (if applicable) when particular
222 * engines are unavailable - eg. if a hardware accelerator is not
223 * attached or not functioning correctly. Each ENGINE has 2 reference
224 * counts; structural and functional. Every time a functional reference
225 * is obtained or released, a corresponding structural reference is
226 * automatically obtained or released too. */
227
228/* Initialise a engine type for use (or up its reference count if it's
229 * already in use). This will fail if the engine is not currently
230 * operational and cannot initialise. */
231int ENGINE_init(ENGINE *e);
232/* Free a functional reference to a engine type. This does not require
233 * a corresponding call to ENGINE_free as it also releases a structural
234 * reference. */
235int ENGINE_finish(ENGINE *e);
236/* Send control parametrised commands to the engine. The possibilities
237 * to send down an integer, a pointer to data or a function pointer are
238 * provided. Any of the parameters may or may not be NULL, depending
239 * on the command number */
240/* WARNING: This is currently experimental and may change radically! */
241int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
242
243/* The following functions handle keys that are stored in some secondary
244 * location, handled by the engine. The storage may be on a card or
245 * whatever. */
246EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
247 const char *passphrase);
248EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
249 const char *passphrase);
250
251/* This returns a pointer for the current ENGINE structure that
252 * is (by default) performing any RSA operations. The value returned
253 * is an incremented reference, so it should be free'd (ENGINE_finish)
254 * before it is discarded. */
255ENGINE *ENGINE_get_default_RSA(void);
256/* Same for the other "methods" */
257ENGINE *ENGINE_get_default_DSA(void);
258ENGINE *ENGINE_get_default_DH(void);
259ENGINE *ENGINE_get_default_RAND(void);
260ENGINE *ENGINE_get_default_BN_mod_exp(void);
261ENGINE *ENGINE_get_default_BN_mod_exp_crt(void);
262
263/* This sets a new default ENGINE structure for performing RSA
264 * operations. If the result is non-zero (success) then the ENGINE
265 * structure will have had its reference count up'd so the caller
266 * should still free their own reference 'e'. */
267int ENGINE_set_default_RSA(ENGINE *e);
268/* Same for the other "methods" */
269int ENGINE_set_default_DSA(ENGINE *e);
270int ENGINE_set_default_DH(ENGINE *e);
271int ENGINE_set_default_RAND(ENGINE *e);
272int ENGINE_set_default_BN_mod_exp(ENGINE *e);
273int ENGINE_set_default_BN_mod_exp_crt(ENGINE *e);
274
275/* The combination "set" - the flags are bitwise "OR"d from the
276 * ENGINE_METHOD_*** defines above. */
277int ENGINE_set_default(ENGINE *e, unsigned int flags);
278
279/* Obligatory error function. */
280void ERR_load_ENGINE_strings(void);
281
282/*
283 * Error codes for all engine functions. NB: We use "generic"
284 * function names instead of per-implementation ones because this
285 * levels the playing field for externally implemented bootstrapped
286 * support code. As the filename and line number is included, it's
287 * more important to indicate the type of function, so that
288 * bootstrapped code (that can't easily add its own errors in) can
289 * use the same error codes too.
290 */
291
292/* BEGIN ERROR CODES */
293/* The following lines are auto generated by the script mkerr.pl. Any changes
294 * made after this point may be overwritten when the script is next run.
295 */
296
297/* Error codes for the ENGINE functions. */
298
299/* Function codes. */
300#define ENGINE_F_ATALLA_FINISH 135
301#define ENGINE_F_ATALLA_INIT 136
302#define ENGINE_F_ATALLA_MOD_EXP 137
303#define ENGINE_F_ATALLA_RSA_MOD_EXP 138
304#define ENGINE_F_CSWIFT_DSA_SIGN 133
305#define ENGINE_F_CSWIFT_DSA_VERIFY 134
306#define ENGINE_F_CSWIFT_FINISH 100
307#define ENGINE_F_CSWIFT_INIT 101
308#define ENGINE_F_CSWIFT_MOD_EXP 102
309#define ENGINE_F_CSWIFT_MOD_EXP_CRT 103
310#define ENGINE_F_CSWIFT_RSA_MOD_EXP 104
311#define ENGINE_F_ENGINE_ADD 105
312#define ENGINE_F_ENGINE_BY_ID 106
313#define ENGINE_F_ENGINE_CTRL 142
314#define ENGINE_F_ENGINE_FINISH 107
315#define ENGINE_F_ENGINE_FREE 108
316#define ENGINE_F_ENGINE_GET_BN_MOD_EXP 109
317#define ENGINE_F_ENGINE_GET_BN_MOD_EXP_CRT 110
318#define ENGINE_F_ENGINE_GET_CTRL_FUNCTION 144
319#define ENGINE_F_ENGINE_GET_DH 111
320#define ENGINE_F_ENGINE_GET_DSA 112
321#define ENGINE_F_ENGINE_GET_FINISH_FUNCTION 145
322#define ENGINE_F_ENGINE_GET_ID 113
323#define ENGINE_F_ENGINE_GET_INIT_FUNCTION 146
324#define ENGINE_F_ENGINE_GET_NAME 114
325#define ENGINE_F_ENGINE_GET_NEXT 115
326#define ENGINE_F_ENGINE_GET_PREV 116
327#define ENGINE_F_ENGINE_GET_RAND 117
328#define ENGINE_F_ENGINE_GET_RSA 118
329#define ENGINE_F_ENGINE_INIT 119
330#define ENGINE_F_ENGINE_LIST_ADD 120
331#define ENGINE_F_ENGINE_LIST_REMOVE 121
332#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
333#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
334#define ENGINE_F_ENGINE_NEW 122
335#define ENGINE_F_ENGINE_REMOVE 123
336#define ENGINE_F_ENGINE_SET_BN_MOD_EXP 124
337#define ENGINE_F_ENGINE_SET_BN_MOD_EXP_CRT 125
338#define ENGINE_F_ENGINE_SET_CTRL_FUNCTION 147
339#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
340#define ENGINE_F_ENGINE_SET_DH 127
341#define ENGINE_F_ENGINE_SET_DSA 128
342#define ENGINE_F_ENGINE_SET_FINISH_FUNCTION 148
343#define ENGINE_F_ENGINE_SET_ID 129
344#define ENGINE_F_ENGINE_SET_INIT_FUNCTION 149
345#define ENGINE_F_ENGINE_SET_NAME 130
346#define ENGINE_F_ENGINE_SET_RAND 131
347#define ENGINE_F_ENGINE_SET_RSA 132
348#define ENGINE_F_ENGINE_UNLOAD_KEY 152
349#define ENGINE_F_HWCRHK_CTRL 143
350#define ENGINE_F_HWCRHK_FINISH 135
351#define ENGINE_F_HWCRHK_GET_PASS 155
352#define ENGINE_F_HWCRHK_INIT 136
353#define ENGINE_F_HWCRHK_LOAD_PRIVKEY 153
354#define ENGINE_F_HWCRHK_LOAD_PUBKEY 154
355#define ENGINE_F_HWCRHK_MOD_EXP 137
356#define ENGINE_F_HWCRHK_MOD_EXP_CRT 138
357#define ENGINE_F_HWCRHK_RAND_BYTES 139
358#define ENGINE_F_HWCRHK_RSA_MOD_EXP 140
359#define ENGINE_F_LOG_MESSAGE 141
360
361/* Reason codes. */
362#define ENGINE_R_ALREADY_LOADED 100
363#define ENGINE_R_BIO_WAS_FREED 121
364#define ENGINE_R_BN_CTX_FULL 101
365#define ENGINE_R_BN_EXPAND_FAIL 102
366#define ENGINE_R_CHIL_ERROR 123
367#define ENGINE_R_CONFLICTING_ENGINE_ID 103
368#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
369#define ENGINE_R_DSO_FAILURE 104
370#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
371#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
372#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
373#define ENGINE_R_FINISH_FAILED 106
374#define ENGINE_R_GET_HANDLE_FAILED 107
375#define ENGINE_R_ID_OR_NAME_MISSING 108
376#define ENGINE_R_INIT_FAILED 109
377#define ENGINE_R_INTERNAL_LIST_ERROR 110
378#define ENGINE_R_MISSING_KEY_COMPONENTS 111
379#define ENGINE_R_NOT_INITIALISED 117
380#define ENGINE_R_NOT_LOADED 112
381#define ENGINE_R_NO_CALLBACK 127
382#define ENGINE_R_NO_CONTROL_FUNCTION 120
383#define ENGINE_R_NO_KEY 124
384#define ENGINE_R_NO_LOAD_FUNCTION 125
385#define ENGINE_R_NO_REFERENCE 130
386#define ENGINE_R_NO_SUCH_ENGINE 116
387#define ENGINE_R_NO_UNLOAD_FUNCTION 126
388#define ENGINE_R_PROVIDE_PARAMETERS 113
389#define ENGINE_R_REQUEST_FAILED 114
390#define ENGINE_R_REQUEST_FALLBACK 118
391#define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 122
392#define ENGINE_R_UNIT_FAILURE 115
393
394#ifdef __cplusplus
395}
396#endif
397#endif
398
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c
deleted file mode 100644
index 839f4ab81a..0000000000
--- a/src/lib/libcrypto/err/err.c
+++ /dev/null
@@ -1,801 +0,0 @@
1/* crypto/err/err.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <stdarg.h>
114#include <string.h>
115#include <openssl/lhash.h>
116#include <openssl/crypto.h>
117#include "cryptlib.h"
118#include <openssl/buffer.h>
119#include <openssl/bio.h>
120#include <openssl/err.h>
121
122
123static LHASH *error_hash=NULL;
124static LHASH *thread_hash=NULL;
125
126static unsigned long err_hash(ERR_STRING_DATA *a);
127static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b);
128static unsigned long pid_hash(ERR_STATE *pid);
129static int pid_cmp(ERR_STATE *a,ERR_STATE *pid);
130static unsigned long get_error_values(int inc,const char **file,int *line,
131 const char **data,int *flags);
132static void ERR_STATE_free(ERR_STATE *s);
133#ifndef NO_ERR
134static ERR_STRING_DATA ERR_str_libraries[]=
135 {
136{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"},
137{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"},
138{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"},
139{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"},
140{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"},
141{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"},
142{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"},
143{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"},
144{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
145{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"},
146{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"},
147{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"},
148{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"},
149{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"},
150{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"},
151{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"},
152{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"},
153{ERR_PACK(ERR_LIB_PROXY,0,0) ,"Proxy routines"},
154{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
155{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"},
156{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"},
157{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"},
158{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"},
159{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"},
160{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"},
161{0,NULL},
162 };
163
164static ERR_STRING_DATA ERR_str_functs[]=
165 {
166 {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"},
167 {ERR_PACK(0,SYS_F_CONNECT,0), "connect"},
168 {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"},
169 {ERR_PACK(0,SYS_F_SOCKET,0), "socket"},
170 {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"},
171 {ERR_PACK(0,SYS_F_BIND,0), "bind"},
172 {ERR_PACK(0,SYS_F_LISTEN,0), "listen"},
173 {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"},
174#ifdef WINDOWS
175 {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"},
176#endif
177 {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"},
178 {0,NULL},
179 };
180
181static ERR_STRING_DATA ERR_str_reasons[]=
182 {
183{ERR_R_FATAL ,"fatal"},
184{ERR_R_SYS_LIB ,"system lib"},
185{ERR_R_BN_LIB ,"BN lib"},
186{ERR_R_RSA_LIB ,"RSA lib"},
187{ERR_R_DH_LIB ,"DH lib"},
188{ERR_R_EVP_LIB ,"EVP lib"},
189{ERR_R_BUF_LIB ,"BUF lib"},
190{ERR_R_BIO_LIB ,"BIO lib"},
191{ERR_R_OBJ_LIB ,"OBJ lib"},
192{ERR_R_PEM_LIB ,"PEM lib"},
193{ERR_R_X509_LIB ,"X509 lib"},
194{ERR_R_METH_LIB ,"METH lib"},
195{ERR_R_ASN1_LIB ,"ASN1 lib"},
196{ERR_R_CONF_LIB ,"CONF lib"},
197{ERR_R_SSL_LIB ,"SSL lib"},
198{ERR_R_PROXY_LIB ,"PROXY lib"},
199{ERR_R_BIO_LIB ,"BIO lib"},
200{ERR_R_PKCS7_LIB ,"PKCS7 lib"},
201{ERR_R_PKCS12_LIB ,"PKCS12 lib"},
202{ERR_R_MALLOC_FAILURE ,"Malloc failure"},
203{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"},
204{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"},
205{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"},
206{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"},
207{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"},
208{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"},
209{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"},
210{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"},
211{ERR_R_DSO_LIB ,"DSO lib"},
212{ERR_R_ENGINE_LIB ,"ENGINE lib"},
213
214{0,NULL},
215 };
216
217
218#define NUM_SYS_STR_REASONS 127
219#define LEN_SYS_STR_REASON 32
220
221static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
222/* SYS_str_reasons is filled with copies of strerror() results at
223 * initialization.
224 * 'errno' values up to 127 should cover all usual errors,
225 * others will be displayed numerically by ERR_error_string.
226 * It is crucial that we have something for each reason code
227 * that occurs in ERR_str_reasons, or bogus reason strings
228 * will be returned for SYSerr(), which always gets an errno
229 * value and never one of those 'standard' reason codes. */
230
231static void build_SYS_str_reasons()
232 {
233 /* OPENSSL_malloc cannot be used here, use static storage instead */
234 static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
235 int i;
236
237 CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
238
239 for (i = 1; i <= NUM_SYS_STR_REASONS; i++)
240 {
241 ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
242
243 str->error = (unsigned long)i;
244 if (str->string == NULL)
245 {
246 char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
247 char *src = strerror(i);
248 if (src != NULL)
249 {
250 strncpy(*dest, src, sizeof *dest);
251 (*dest)[sizeof *dest - 1] = '\0';
252 str->string = *dest;
253 }
254 }
255 if (str->string == NULL)
256 str->string = "unknown";
257 }
258
259 /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL},
260 * as required by ERR_load_strings. */
261
262 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
263 }
264#endif
265
266#define err_clear_data(p,i) \
267 if (((p)->err_data[i] != NULL) && \
268 (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
269 { \
270 OPENSSL_free((p)->err_data[i]); \
271 (p)->err_data[i]=NULL; \
272 } \
273 (p)->err_data_flags[i]=0;
274
275static void ERR_STATE_free(ERR_STATE *s)
276 {
277 int i;
278
279 if(s == NULL)
280 return;
281
282 for (i=0; i<ERR_NUM_ERRORS; i++)
283 {
284 err_clear_data(s,i);
285 }
286 OPENSSL_free(s);
287 }
288
289void ERR_load_ERR_strings(void)
290 {
291 static int init=1;
292
293 if (init)
294 {
295 CRYPTO_w_lock(CRYPTO_LOCK_ERR);
296 if (init == 0)
297 {
298 CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
299 return;
300 }
301 CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
302
303#ifndef NO_ERR
304 ERR_load_strings(0,ERR_str_libraries);
305 ERR_load_strings(0,ERR_str_reasons);
306 ERR_load_strings(ERR_LIB_SYS,ERR_str_functs);
307 build_SYS_str_reasons();
308 ERR_load_strings(ERR_LIB_SYS,SYS_str_reasons);
309#endif
310 init=0;
311 }
312 }
313
314void ERR_load_strings(int lib, ERR_STRING_DATA *str)
315 {
316 if (error_hash == NULL)
317 {
318 CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
319 error_hash=lh_new(err_hash,err_cmp);
320 if (error_hash == NULL)
321 {
322 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
323 return;
324 }
325 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
326
327 ERR_load_ERR_strings();
328 }
329
330 CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
331 while (str->error)
332 {
333 str->error|=ERR_PACK(lib,0,0);
334 lh_insert(error_hash,str);
335 str++;
336 }
337 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
338 }
339
340void ERR_free_strings(void)
341 {
342 CRYPTO_w_lock(CRYPTO_LOCK_ERR);
343
344 if (error_hash != NULL)
345 {
346 lh_free(error_hash);
347 error_hash=NULL;
348 }
349
350 CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
351 }
352
353/********************************************************/
354
355void ERR_put_error(int lib, int func, int reason, const char *file,
356 int line)
357 {
358 ERR_STATE *es;
359
360#ifdef _OSD_POSIX
361 /* In the BS2000-OSD POSIX subsystem, the compiler generates
362 * path names in the form "*POSIX(/etc/passwd)".
363 * This dirty hack strips them to something sensible.
364 * @@@ We shouldn't modify a const string, though.
365 */
366 if (strncmp(file,"*POSIX(", sizeof("*POSIX(")-1) == 0) {
367 char *end;
368
369 /* Skip the "*POSIX(" prefix */
370 file += sizeof("*POSIX(")-1;
371 end = &file[strlen(file)-1];
372 if (*end == ')')
373 *end = '\0';
374 /* Optional: use the basename of the path only. */
375 if ((end = strrchr(file, '/')) != NULL)
376 file = &end[1];
377 }
378#endif
379 es=ERR_get_state();
380
381 es->top=(es->top+1)%ERR_NUM_ERRORS;
382 if (es->top == es->bottom)
383 es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
384 es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
385 es->err_file[es->top]=file;
386 es->err_line[es->top]=line;
387 err_clear_data(es,es->top);
388 }
389
390void ERR_clear_error(void)
391 {
392 int i;
393 ERR_STATE *es;
394
395 es=ERR_get_state();
396
397 for (i=0; i<ERR_NUM_ERRORS; i++)
398 {
399 es->err_buffer[i]=0;
400 err_clear_data(es,i);
401 es->err_file[i]=NULL;
402 es->err_line[i]= -1;
403 }
404 es->top=es->bottom=0;
405 }
406
407
408unsigned long ERR_get_error(void)
409 { return(get_error_values(1,NULL,NULL,NULL,NULL)); }
410
411unsigned long ERR_get_error_line(const char **file,
412 int *line)
413 { return(get_error_values(1,file,line,NULL,NULL)); }
414
415unsigned long ERR_get_error_line_data(const char **file, int *line,
416 const char **data, int *flags)
417 { return(get_error_values(1,file,line,
418 data,flags)); }
419
420unsigned long ERR_peek_error(void)
421 { return(get_error_values(0,NULL,NULL,NULL,NULL)); }
422
423unsigned long ERR_peek_error_line(const char **file,
424 int *line)
425 { return(get_error_values(0,file,line,NULL,NULL)); }
426
427unsigned long ERR_peek_error_line_data(const char **file, int *line,
428 const char **data, int *flags)
429 { return(get_error_values(0,file,line,
430 data,flags)); }
431
432static unsigned long get_error_values(int inc, const char **file, int *line,
433 const char **data, int *flags)
434 {
435 int i=0;
436 ERR_STATE *es;
437 unsigned long ret;
438
439 es=ERR_get_state();
440
441 if (es->bottom == es->top) return(0);
442 i=(es->bottom+1)%ERR_NUM_ERRORS;
443
444 ret=es->err_buffer[i];
445 if (inc)
446 {
447 es->bottom=i;
448 es->err_buffer[i]=0;
449 }
450
451 if ((file != NULL) && (line != NULL))
452 {
453 if (es->err_file[i] == NULL)
454 {
455 *file="NA";
456 if (line != NULL) *line=0;
457 }
458 else
459 {
460 *file=es->err_file[i];
461 if (line != NULL) *line=es->err_line[i];
462 }
463 }
464
465 if (data == NULL)
466 {
467 if (inc)
468 {
469 err_clear_data(es, i);
470 }
471 }
472 else
473 {
474 if (es->err_data[i] == NULL)
475 {
476 *data="";
477 if (flags != NULL) *flags=0;
478 }
479 else
480 {
481 *data=es->err_data[i];
482 if (flags != NULL) *flags=es->err_data_flags[i];
483 }
484 }
485 return(ret);
486 }
487
488void ERR_error_string_n(unsigned long e, char *buf, size_t len)
489 {
490 char lsbuf[64], fsbuf[64], rsbuf[64];
491 const char *ls,*fs,*rs;
492 unsigned long l,f,r;
493
494 l=ERR_GET_LIB(e);
495 f=ERR_GET_FUNC(e);
496 r=ERR_GET_REASON(e);
497
498 ls=ERR_lib_error_string(e);
499 fs=ERR_func_error_string(e);
500 rs=ERR_reason_error_string(e);
501
502 if (ls == NULL)
503 BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
504 if (fs == NULL)
505 BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
506 if (rs == NULL)
507 BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
508
509 BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf,
510 fs?fs:fsbuf, rs?rs:rsbuf);
511 if (strlen(buf) == len-1)
512 {
513 /* output may be truncated; make sure we always have 5
514 * colon-separated fields, i.e. 4 colons ... */
515#define NUM_COLONS 4
516 if (len > NUM_COLONS) /* ... if possible */
517 {
518 int i;
519 char *s = buf;
520
521 for (i = 0; i < NUM_COLONS; i++)
522 {
523 char *colon = strchr(s, ':');
524 if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i)
525 {
526 /* set colon no. i at last possible position
527 * (buf[len-1] is the terminating 0)*/
528 colon = &buf[len-1] - NUM_COLONS + i;
529 *colon = ':';
530 }
531 s = colon + 1;
532 }
533 }
534 }
535 }
536
537/* BAD for multi-threading: uses a local buffer if ret == NULL */
538/* ERR_error_string_n should be used instead for ret != NULL
539 * as ERR_error_string cannot know how large the buffer is */
540char *ERR_error_string(unsigned long e, char *ret)
541 {
542 static char buf[256];
543
544 if (ret == NULL) ret=buf;
545 ERR_error_string_n(e, ret, 256);
546
547 return(ret);
548 }
549
550LHASH *ERR_get_string_table(void)
551 {
552 return(error_hash);
553 }
554
555/* not thread-safe */
556LHASH *ERR_get_err_state_table(void)
557 {
558 return(thread_hash);
559 }
560
561const char *ERR_lib_error_string(unsigned long e)
562 {
563 ERR_STRING_DATA d,*p=NULL;
564 unsigned long l;
565
566 l=ERR_GET_LIB(e);
567
568 CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
569
570 if (error_hash != NULL)
571 {
572 d.error=ERR_PACK(l,0,0);
573 p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
574 }
575
576 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
577
578 return((p == NULL)?NULL:p->string);
579 }
580
581const char *ERR_func_error_string(unsigned long e)
582 {
583 ERR_STRING_DATA d,*p=NULL;
584 unsigned long l,f;
585
586 l=ERR_GET_LIB(e);
587 f=ERR_GET_FUNC(e);
588
589 CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
590
591 if (error_hash != NULL)
592 {
593 d.error=ERR_PACK(l,f,0);
594 p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
595 }
596
597 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
598
599 return((p == NULL)?NULL:p->string);
600 }
601
602const char *ERR_reason_error_string(unsigned long e)
603 {
604 ERR_STRING_DATA d,*p=NULL;
605 unsigned long l,r;
606
607 l=ERR_GET_LIB(e);
608 r=ERR_GET_REASON(e);
609
610 CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
611
612 if (error_hash != NULL)
613 {
614 d.error=ERR_PACK(l,0,r);
615 p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
616 if (p == NULL)
617 {
618 d.error=ERR_PACK(0,0,r);
619 p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
620 }
621 }
622
623 CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
624
625 return((p == NULL)?NULL:p->string);
626 }
627
628static unsigned long err_hash(ERR_STRING_DATA *a)
629 {
630 unsigned long ret,l;
631
632 l=a->error;
633 ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
634 return(ret^ret%19*13);
635 }
636
637static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b)
638 {
639 return((int)(a->error-b->error));
640 }
641
642static unsigned long pid_hash(ERR_STATE *a)
643 {
644 return(a->pid*13);
645 }
646
647static int pid_cmp(ERR_STATE *a, ERR_STATE *b)
648 {
649 return((int)((long)a->pid - (long)b->pid));
650 }
651
652void ERR_remove_state(unsigned long pid)
653 {
654 ERR_STATE *p = NULL,tmp;
655
656 if (thread_hash == NULL)
657 return;
658 if (pid == 0)
659 pid=(unsigned long)CRYPTO_thread_id();
660 tmp.pid=pid;
661 CRYPTO_w_lock(CRYPTO_LOCK_ERR);
662 if (thread_hash)
663 {
664 p=(ERR_STATE *)lh_delete(thread_hash,&tmp);
665 if (lh_num_items(thread_hash) == 0)
666 {
667 /* make sure we don't leak memory */
668 lh_free(thread_hash);
669 thread_hash = NULL;
670 }
671 }
672 CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
673
674 if (p != NULL) ERR_STATE_free(p);
675 }
676
677ERR_STATE *ERR_get_state(void)
678 {
679 static ERR_STATE fallback;
680 ERR_STATE *ret=NULL,tmp,*tmpp=NULL;
681 int thread_state_exists;
682 int i;
683 unsigned long pid;
684
685 pid=(unsigned long)CRYPTO_thread_id();
686
687 CRYPTO_w_lock(CRYPTO_LOCK_ERR);
688 if (thread_hash != NULL)
689 {
690 tmp.pid=pid;
691 ret=(ERR_STATE *)lh_retrieve(thread_hash,&tmp);
692 }
693 CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
694
695 /* ret == the error state, if NULL, make a new one */
696 if (ret == NULL)
697 {
698 ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
699 if (ret == NULL) return(&fallback);
700 ret->pid=pid;
701 ret->top=0;
702 ret->bottom=0;
703 for (i=0; i<ERR_NUM_ERRORS; i++)
704 {
705 ret->err_data[i]=NULL;
706 ret->err_data_flags[i]=0;
707 }
708
709 CRYPTO_w_lock(CRYPTO_LOCK_ERR);
710
711 /* no entry yet in thread_hash for current thread -
712 * thus, it may have changed since we last looked at it */
713 if (thread_hash == NULL)
714 thread_hash = lh_new(pid_hash, pid_cmp);
715 if (thread_hash == NULL)
716 thread_state_exists = 0; /* allocation error */
717 else
718 {
719 tmpp=(ERR_STATE *)lh_insert(thread_hash,ret);
720 thread_state_exists = 1;
721 }
722
723 CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
724
725 if (!thread_state_exists)
726 {
727 ERR_STATE_free(ret); /* could not insert it */
728 return(&fallback);
729 }
730
731 if (tmpp != NULL) /* old entry - should not happen */
732 {
733 ERR_STATE_free(tmpp);
734 }
735 }
736 return(ret);
737 }
738
739int ERR_get_next_error_library(void)
740 {
741 static int value=ERR_LIB_USER;
742
743 return(value++);
744 }
745
746void ERR_set_error_data(char *data, int flags)
747 {
748 ERR_STATE *es;
749 int i;
750
751 es=ERR_get_state();
752
753 i=es->top;
754 if (i == 0)
755 i=ERR_NUM_ERRORS-1;
756
757 err_clear_data(es,i);
758 es->err_data[i]=data;
759 es->err_data_flags[i]=flags;
760 }
761
762void ERR_add_error_data(int num, ...)
763 {
764 va_list args;
765 int i,n,s;
766 char *str,*p,*a;
767
768 s=80;
769 str=OPENSSL_malloc(s+1);
770 if (str == NULL) return;
771 str[0]='\0';
772
773 va_start(args, num);
774 n=0;
775 for (i=0; i<num; i++)
776 {
777 a=va_arg(args, char*);
778 /* ignore NULLs, thanks to Bob Beck <beck@obtuse.com> */
779 if (a != NULL)
780 {
781 n+=strlen(a);
782 if (n > s)
783 {
784 s=n+20;
785 p=OPENSSL_realloc(str,s+1);
786 if (p == NULL)
787 {
788 OPENSSL_free(str);
789 return;
790 }
791 else
792 str=p;
793 }
794 strcat(str,a);
795 }
796 }
797 ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
798
799 va_end(args);
800 }
801
diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h
deleted file mode 100644
index 7388a4a937..0000000000
--- a/src/lib/libcrypto/err/err.h
+++ /dev/null
@@ -1,278 +0,0 @@
1/* crypto/err/err.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ERR_H
60#define HEADER_ERR_H
61
62#ifndef NO_FP_API
63#include <stdio.h>
64#include <stdlib.h>
65#endif
66
67#ifndef NO_BIO
68#include <openssl/bio.h>
69#endif
70#ifndef NO_LHASH
71#include <openssl/lhash.h>
72#endif
73
74#ifdef __cplusplus
75extern "C" {
76#endif
77
78/* The following is a bit of a trick to help the object files only contain
79 * the 'name of the file' string once. Since 'err.h' is protected by the
80 * HEADER_ERR_H stuff, this should be included only once per file. */
81
82#define ERR_file_name __FILE__
83
84#ifndef NO_ERR
85#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
86#else
87#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
88#endif
89
90#include <errno.h>
91
92#define ERR_TXT_MALLOCED 0x01
93#define ERR_TXT_STRING 0x02
94
95#define ERR_NUM_ERRORS 16
96typedef struct err_state_st
97 {
98 unsigned long pid;
99 unsigned long err_buffer[ERR_NUM_ERRORS];
100 char *err_data[ERR_NUM_ERRORS];
101 int err_data_flags[ERR_NUM_ERRORS];
102 const char *err_file[ERR_NUM_ERRORS];
103 int err_line[ERR_NUM_ERRORS];
104 int top,bottom;
105 } ERR_STATE;
106
107/* library */
108#define ERR_LIB_NONE 1
109#define ERR_LIB_SYS 2
110#define ERR_LIB_BN 3
111#define ERR_LIB_RSA 4
112#define ERR_LIB_DH 5
113#define ERR_LIB_EVP 6
114#define ERR_LIB_BUF 7
115#define ERR_LIB_OBJ 8
116#define ERR_LIB_PEM 9
117#define ERR_LIB_DSA 10
118#define ERR_LIB_X509 11
119#define ERR_LIB_METH 12
120#define ERR_LIB_ASN1 13
121#define ERR_LIB_CONF 14
122#define ERR_LIB_CRYPTO 15
123#define ERR_LIB_SSL 20
124#define ERR_LIB_SSL23 21
125#define ERR_LIB_SSL2 22
126#define ERR_LIB_SSL3 23
127#define ERR_LIB_RSAREF 30
128#define ERR_LIB_PROXY 31
129#define ERR_LIB_BIO 32
130#define ERR_LIB_PKCS7 33
131#define ERR_LIB_X509V3 34
132#define ERR_LIB_PKCS12 35
133#define ERR_LIB_RAND 36
134#define ERR_LIB_DSO 37
135#define ERR_LIB_ENGINE 38
136
137#define ERR_LIB_USER 128
138
139#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
140#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
141#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
142#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
143#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
144#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
145#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
146#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
147#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
148#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
149#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
150#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
151#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
152#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
153#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),ERR_file_name,__LINE__)
154#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
155#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
156#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
157#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
158#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
159#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
160#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
161#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__)
162#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),ERR_file_name,__LINE__)
163#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__)
164#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),ERR_file_name,__LINE__)
165#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),ERR_file_name,__LINE__)
166
167/* Borland C seems too stupid to be able to shift and do longs in
168 * the pre-processor :-( */
169#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
170 ((((unsigned long)f)&0xfffL)*0x1000)| \
171 ((((unsigned long)r)&0xfffL)))
172#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
173#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
174#define ERR_GET_REASON(l) (int)((l)&0xfffL)
175#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
176
177/* OS functions */
178#define SYS_F_FOPEN 1
179#define SYS_F_CONNECT 2
180#define SYS_F_GETSERVBYNAME 3
181#define SYS_F_SOCKET 4
182#define SYS_F_IOCTLSOCKET 5
183#define SYS_F_BIND 6
184#define SYS_F_LISTEN 7
185#define SYS_F_ACCEPT 8
186#define SYS_F_WSASTARTUP 9 /* Winsock stuff */
187#define SYS_F_OPENDIR 10
188
189#define ERR_R_FATAL 32
190/* reasons */
191#define ERR_R_SYS_LIB ERR_LIB_SYS
192#define ERR_R_BN_LIB ERR_LIB_BN
193#define ERR_R_RSA_LIB ERR_LIB_RSA
194#define ERR_R_DSA_LIB ERR_LIB_DSA
195#define ERR_R_DH_LIB ERR_LIB_DH
196#define ERR_R_EVP_LIB ERR_LIB_EVP
197#define ERR_R_BUF_LIB ERR_LIB_BUF
198#define ERR_R_BIO_LIB ERR_LIB_BIO
199#define ERR_R_OBJ_LIB ERR_LIB_OBJ
200#define ERR_R_PEM_LIB ERR_LIB_PEM
201#define ERR_R_X509_LIB ERR_LIB_X509
202#define ERR_R_METH_LIB ERR_LIB_METH
203#define ERR_R_ASN1_LIB ERR_LIB_ASN1
204#define ERR_R_CONF_LIB ERR_LIB_CONF
205#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO
206#define ERR_R_SSL_LIB ERR_LIB_SSL
207#define ERR_R_SSL23_LIB ERR_LIB_SSL23
208#define ERR_R_SSL2_LIB ERR_LIB_SSL2
209#define ERR_R_SSL3_LIB ERR_LIB_SSL3
210#define ERR_R_PROXY_LIB ERR_LIB_PROXY
211#define ERR_R_BIO_LIB ERR_LIB_BIO
212#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7
213#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12
214#define ERR_R_DSO_LIB ERR_LIB_DSO
215#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE
216
217/* fatal error */
218#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
219#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
220#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
221#define ERR_R_NESTED_ASN1_ERROR (4)
222#define ERR_R_BAD_ASN1_OBJECT_HEADER (5)
223#define ERR_R_BAD_GET_ASN1_OBJECT_CALL (6)
224#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE (7)
225#define ERR_R_ASN1_LENGTH_MISMATCH (8)
226#define ERR_R_MISSING_ASN1_EOS (9)
227
228typedef struct ERR_string_data_st
229 {
230 unsigned long error;
231 const char *string;
232 } ERR_STRING_DATA;
233
234void ERR_put_error(int lib, int func,int reason,const char *file,int line);
235void ERR_set_error_data(char *data,int flags);
236
237unsigned long ERR_get_error(void );
238unsigned long ERR_get_error_line(const char **file,int *line);
239unsigned long ERR_get_error_line_data(const char **file,int *line,
240 const char **data, int *flags);
241unsigned long ERR_peek_error(void );
242unsigned long ERR_peek_error_line(const char **file,int *line);
243unsigned long ERR_peek_error_line_data(const char **file,int *line,
244 const char **data,int *flags);
245void ERR_clear_error(void );
246char *ERR_error_string(unsigned long e,char *buf);
247void ERR_error_string_n(unsigned long e, char *buf, size_t len);
248const char *ERR_lib_error_string(unsigned long e);
249const char *ERR_func_error_string(unsigned long e);
250const char *ERR_reason_error_string(unsigned long e);
251#ifndef NO_FP_API
252void ERR_print_errors_fp(FILE *fp);
253#endif
254#ifndef NO_BIO
255void ERR_print_errors(BIO *bp);
256void ERR_add_error_data(int num, ...);
257#endif
258void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
259void ERR_load_ERR_strings(void);
260void ERR_load_crypto_strings(void);
261void ERR_free_strings(void);
262
263void ERR_remove_state(unsigned long pid); /* if zero we look it up */
264ERR_STATE *ERR_get_state(void);
265
266#ifndef NO_LHASH
267LHASH *ERR_get_string_table(void);
268LHASH *ERR_get_err_state_table(void); /* even less thread-safe than
269 * ERR_get_string_table :-) */
270#endif
271
272int ERR_get_next_error_library(void);
273
274#ifdef __cplusplus
275}
276#endif
277
278#endif
diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c
deleted file mode 100644
index b8315d8272..0000000000
--- a/src/lib/libcrypto/err/err_all.c
+++ /dev/null
@@ -1,126 +0,0 @@
1/* crypto/err/err_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/asn1.h>
61#include <openssl/bn.h>
62#include <openssl/buffer.h>
63#include <openssl/bio.h>
64#ifndef NO_RSA
65#include <openssl/rsa.h>
66#endif
67#ifdef RSAref
68#include <openssl/rsaref.h>
69#endif
70#ifndef NO_DH
71#include <openssl/dh.h>
72#endif
73#ifndef NO_DSA
74#include <openssl/dsa.h>
75#endif
76#include <openssl/evp.h>
77#include <openssl/objects.h>
78#include <openssl/pem2.h>
79#include <openssl/x509.h>
80#include <openssl/x509v3.h>
81#include <openssl/conf.h>
82#include <openssl/pkcs12.h>
83#include <openssl/rand.h>
84#include <openssl/dso.h>
85#include <openssl/engine.h>
86#include <openssl/err.h>
87
88void ERR_load_crypto_strings(void)
89 {
90 static int done=0;
91
92 if (done) return;
93 done=1;
94#ifndef NO_ERR
95 ERR_load_ASN1_strings();
96 ERR_load_BN_strings();
97 ERR_load_BUF_strings();
98 ERR_load_BIO_strings();
99 ERR_load_CONF_strings();
100#ifndef NO_RSA
101#ifdef RSAref
102 ERR_load_RSAREF_strings();
103#else
104 ERR_load_RSA_strings();
105#endif
106#endif
107#ifndef NO_DH
108 ERR_load_DH_strings();
109#endif
110#ifndef NO_DSA
111 ERR_load_DSA_strings();
112#endif
113 ERR_load_ERR_strings();
114 ERR_load_EVP_strings();
115 ERR_load_OBJ_strings();
116 ERR_load_PEM_strings();
117 ERR_load_X509_strings();
118 ERR_load_X509V3_strings();
119 ERR_load_CRYPTO_strings();
120 ERR_load_PKCS7_strings();
121 ERR_load_PKCS12_strings();
122 ERR_load_RAND_strings();
123 ERR_load_DSO_strings();
124 ERR_load_ENGINE_strings();
125#endif
126 }
diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c
deleted file mode 100644
index 6f60b016c3..0000000000
--- a/src/lib/libcrypto/err/err_prn.c
+++ /dev/null
@@ -1,107 +0,0 @@
1/* crypto/err/err_prn.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/lhash.h>
61#include <openssl/crypto.h>
62#include "cryptlib.h"
63#include <openssl/buffer.h>
64#include <openssl/err.h>
65#include <openssl/crypto.h>
66
67#ifndef NO_FP_API
68void ERR_print_errors_fp(FILE *fp)
69 {
70 unsigned long l;
71 char buf[200];
72 const char *file,*data;
73 int line,flags;
74 unsigned long es;
75
76 es=CRYPTO_thread_id();
77 while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
78 {
79 ERR_error_string_n(l, buf, sizeof buf);
80 fprintf(fp,"%lu:%s:%s:%d:%s\n",es,buf,
81 file,line,(flags&ERR_TXT_STRING)?data:"");
82 }
83 }
84#endif
85
86void ERR_print_errors(BIO *bp)
87 {
88 unsigned long l;
89 char buf[256];
90 char buf2[256];
91 const char *file,*data;
92 int line,flags;
93 unsigned long es;
94
95 es=CRYPTO_thread_id();
96 while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
97 {
98 ERR_error_string_n(l, buf, sizeof buf);
99 sprintf(buf2,"%lu:%s:%s:%d:",es,buf,
100 file,line);
101 BIO_write(bp,buf2,strlen(buf2));
102 if (flags & ERR_TXT_STRING)
103 BIO_write(bp,data,strlen(data));
104 BIO_write(bp,"\n",1);
105 }
106 }
107
diff --git a/src/lib/libcrypto/err/openssl.ec b/src/lib/libcrypto/err/openssl.ec
deleted file mode 100644
index 861d680e07..0000000000
--- a/src/lib/libcrypto/err/openssl.ec
+++ /dev/null
@@ -1,74 +0,0 @@
1L ERR NONE NONE
2L CRYPTO crypto/crypto.h crypto/cpt_err.c
3L BN crypto/bn/bn.h crypto/bn/bn_err.c
4L RSA crypto/rsa/rsa.h crypto/rsa/rsa_err.c
5L DSA crypto/dsa/dsa.h crypto/dsa/dsa_err.c
6L DSO crypto/dso/dso.h crypto/dso/dso_err.c
7L DH crypto/dh/dh.h crypto/dh/dh_err.c
8L EVP crypto/evp/evp.h crypto/evp/evp_err.c
9L BUF crypto/buffer/buffer.h crypto/buffer/buf_err.c
10L BIO crypto/bio/bio.h crypto/bio/bio_err.c
11L OBJ crypto/objects/objects.h crypto/objects/obj_err.c
12L PEM crypto/pem/pem.h crypto/pem/pem_err.c
13L X509 crypto/x509/x509.h crypto/x509/x509_err.c
14L NONE crypto/x509/x509_vfy.h NONE
15L X509V3 crypto/x509v3/x509v3.h crypto/x509v3/v3err.c
16#L METH crypto/meth/meth.h crypto/meth/meth_err.c
17L ASN1 crypto/asn1/asn1.h crypto/asn1/asn1_err.c
18L CONF crypto/conf/conf.h crypto/conf/conf_err.c
19#L PROXY crypto/proxy/proxy.h crypto/proxy/proxy_err.c
20L PKCS7 crypto/pkcs7/pkcs7.h crypto/pkcs7/pkcs7err.c
21L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c
22L RSAREF rsaref/rsaref.h rsaref/rsar_err.c
23L SSL ssl/ssl.h ssl/ssl_err.c
24L COMP crypto/comp/comp.h crypto/comp/comp_err.c
25L RAND crypto/rand/rand.h crypto/rand/rand_err.c
26L ENGINE crypto/engine/engine.h crypto/engine/engine_err.c
27
28
29F RSAREF_F_RSA_BN2BIN
30F RSAREF_F_RSA_PRIVATE_DECRYPT
31F RSAREF_F_RSA_PRIVATE_ENCRYPT
32F RSAREF_F_RSA_PUBLIC_DECRYPT
33F RSAREF_F_RSA_PUBLIC_ENCRYPT
34#F SSL_F_CLIENT_CERTIFICATE
35
36R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
37R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
38R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
39R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
40R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
41R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
42R SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
43R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
44R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
45R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
46R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
47R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
48R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
49R SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
50R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
51R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
52R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
53R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
54R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
55R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
56R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
57R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
58R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
59
60R RSAREF_R_CONTENT_ENCODING 0x0400
61R RSAREF_R_DATA 0x0401
62R RSAREF_R_DIGEST_ALGORITHM 0x0402
63R RSAREF_R_ENCODING 0x0403
64R RSAREF_R_KEY 0x0404
65R RSAREF_R_KEY_ENCODING 0x0405
66R RSAREF_R_LEN 0x0406
67R RSAREF_R_MODULUS_LEN 0x0407
68R RSAREF_R_NEED_RANDOM 0x0408
69R RSAREF_R_PRIVATE_KEY 0x0409
70R RSAREF_R_PUBLIC_KEY 0x040a
71R RSAREF_R_SIGNATURE 0x040b
72R RSAREF_R_SIGNATURE_ENCODING 0x040c
73R RSAREF_R_ENCRYPTION_ALGORITHM 0x040d
74
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
deleted file mode 100644
index af6fa2ae8f..0000000000
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ /dev/null
@@ -1,547 +0,0 @@
1/* crypto/evp/bio_b64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65static int b64_write(BIO *h, const char *buf, int num);
66static int b64_read(BIO *h, char *buf, int size);
67/*static int b64_puts(BIO *h, const char *str); */
68/*static int b64_gets(BIO *h, char *str, int size); */
69static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int b64_new(BIO *h);
71static int b64_free(BIO *data);
72static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
73#define B64_BLOCK_SIZE 1024
74#define B64_BLOCK_SIZE2 768
75#define B64_NONE 0
76#define B64_ENCODE 1
77#define B64_DECODE 2
78
79typedef struct b64_struct
80 {
81 /*BIO *bio; moved to the BIO structure */
82 int buf_len;
83 int buf_off;
84 int tmp_len; /* used to find the start when decoding */
85 int tmp_nl; /* If true, scan until '\n' */
86 int encode;
87 int start; /* have we started decoding yet? */
88 int cont; /* <= 0 when finished */
89 EVP_ENCODE_CTX base64;
90 char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
91 char tmp[B64_BLOCK_SIZE];
92 } BIO_B64_CTX;
93
94static BIO_METHOD methods_b64=
95 {
96 BIO_TYPE_BASE64,"base64 encoding",
97 b64_write,
98 b64_read,
99 NULL, /* b64_puts, */
100 NULL, /* b64_gets, */
101 b64_ctrl,
102 b64_new,
103 b64_free,
104 b64_callback_ctrl,
105 };
106
107BIO_METHOD *BIO_f_base64(void)
108 {
109 return(&methods_b64);
110 }
111
112static int b64_new(BIO *bi)
113 {
114 BIO_B64_CTX *ctx;
115
116 ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
117 if (ctx == NULL) return(0);
118
119 ctx->buf_len=0;
120 ctx->tmp_len=0;
121 ctx->tmp_nl=0;
122 ctx->buf_off=0;
123 ctx->cont=1;
124 ctx->start=1;
125 ctx->encode=0;
126
127 bi->init=1;
128 bi->ptr=(char *)ctx;
129 bi->flags=0;
130 return(1);
131 }
132
133static int b64_free(BIO *a)
134 {
135 if (a == NULL) return(0);
136 OPENSSL_free(a->ptr);
137 a->ptr=NULL;
138 a->init=0;
139 a->flags=0;
140 return(1);
141 }
142
143static int b64_read(BIO *b, char *out, int outl)
144 {
145 int ret=0,i,ii,j,k,x,n,num,ret_code=0;
146 BIO_B64_CTX *ctx;
147 unsigned char *p,*q;
148
149 if (out == NULL) return(0);
150 ctx=(BIO_B64_CTX *)b->ptr;
151
152 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
153
154 if (ctx->encode != B64_DECODE)
155 {
156 ctx->encode=B64_DECODE;
157 ctx->buf_len=0;
158 ctx->buf_off=0;
159 ctx->tmp_len=0;
160 EVP_DecodeInit(&(ctx->base64));
161 }
162
163 /* First check if there are bytes decoded/encoded */
164 if (ctx->buf_len > 0)
165 {
166 i=ctx->buf_len-ctx->buf_off;
167 if (i > outl) i=outl;
168 memcpy(out,&(ctx->buf[ctx->buf_off]),i);
169 ret=i;
170 out+=i;
171 outl-=i;
172 ctx->buf_off+=i;
173 if (ctx->buf_len == ctx->buf_off)
174 {
175 ctx->buf_len=0;
176 ctx->buf_off=0;
177 }
178 }
179
180 /* At this point, we have room of outl bytes and an empty
181 * buffer, so we should read in some more. */
182
183 ret_code=0;
184 while (outl > 0)
185 {
186 if (ctx->cont <= 0) break;
187
188 i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
189 B64_BLOCK_SIZE-ctx->tmp_len);
190
191 if (i <= 0)
192 {
193 ret_code=i;
194
195 /* Should be continue next time we are called? */
196 if (!BIO_should_retry(b->next_bio))
197 ctx->cont=i;
198 /* else we should continue when called again */
199 break;
200 }
201 i+=ctx->tmp_len;
202
203 /* We need to scan, a line at a time until we
204 * have a valid line if we are starting. */
205 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
206 {
207 /* ctx->start=1; */
208 ctx->tmp_len=0;
209 }
210 else if (ctx->start)
211 {
212 q=p=(unsigned char *)ctx->tmp;
213 for (j=0; j<i; j++)
214 {
215 if (*(q++) != '\n') continue;
216
217 /* due to a previous very long line,
218 * we need to keep on scanning for a '\n'
219 * before we even start looking for
220 * base64 encoded stuff. */
221 if (ctx->tmp_nl)
222 {
223 p=q;
224 ctx->tmp_nl=0;
225 continue;
226 }
227
228 k=EVP_DecodeUpdate(&(ctx->base64),
229 (unsigned char *)ctx->buf,
230 &num,p,q-p);
231 if ((k <= 0) && (num == 0) && (ctx->start))
232 EVP_DecodeInit(&ctx->base64);
233 else
234 {
235 if (p != (unsigned char *)
236 &(ctx->tmp[0]))
237 {
238 i-=(p- (unsigned char *)
239 &(ctx->tmp[0]));
240 for (x=0; x < i; x++)
241 ctx->tmp[x]=p[x];
242 }
243 EVP_DecodeInit(&ctx->base64);
244 ctx->start=0;
245 break;
246 }
247 p=q;
248 }
249
250 /* we fell off the end without starting */
251 if (j == i)
252 {
253 /* Is this is one long chunk?, if so, keep on
254 * reading until a new line. */
255 if (p == (unsigned char *)&(ctx->tmp[0]))
256 {
257 ctx->tmp_nl=1;
258 ctx->tmp_len=0;
259 }
260 else if (p != q) /* finished on a '\n' */
261 {
262 n=q-p;
263 for (ii=0; ii<n; ii++)
264 ctx->tmp[ii]=p[ii];
265 ctx->tmp_len=n;
266 }
267 /* else finished on a '\n' */
268 continue;
269 }
270 else
271 ctx->tmp_len=0;
272 }
273
274 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
275 {
276 int z,jj;
277
278 jj=(i>>2)<<2;
279 z=EVP_DecodeBlock((unsigned char *)ctx->buf,
280 (unsigned char *)ctx->tmp,jj);
281 if (jj > 2)
282 {
283 if (ctx->tmp[jj-1] == '=')
284 {
285 z--;
286 if (ctx->tmp[jj-2] == '=')
287 z--;
288 }
289 }
290 /* z is now number of output bytes and jj is the
291 * number consumed */
292 if (jj != i)
293 {
294 memcpy((unsigned char *)ctx->tmp,
295 (unsigned char *)&(ctx->tmp[jj]),i-jj);
296 ctx->tmp_len=i-jj;
297 }
298 ctx->buf_len=0;
299 if (z > 0)
300 {
301 ctx->buf_len=z;
302 i=1;
303 }
304 else
305 i=z;
306 }
307 else
308 {
309 i=EVP_DecodeUpdate(&(ctx->base64),
310 (unsigned char *)ctx->buf,&ctx->buf_len,
311 (unsigned char *)ctx->tmp,i);
312 }
313 ctx->cont=i;
314 ctx->buf_off=0;
315 if (i < 0)
316 {
317 ret_code=0;
318 ctx->buf_len=0;
319 break;
320 }
321
322 if (ctx->buf_len <= outl)
323 i=ctx->buf_len;
324 else
325 i=outl;
326
327 memcpy(out,ctx->buf,i);
328 ret+=i;
329 ctx->buf_off=i;
330 if (ctx->buf_off == ctx->buf_len)
331 {
332 ctx->buf_len=0;
333 ctx->buf_off=0;
334 }
335 outl-=i;
336 out+=i;
337 }
338 BIO_clear_retry_flags(b);
339 BIO_copy_next_retry(b);
340 return((ret == 0)?ret_code:ret);
341 }
342
343static int b64_write(BIO *b, const char *in, int inl)
344 {
345 int ret=inl,n,i;
346 BIO_B64_CTX *ctx;
347
348 ctx=(BIO_B64_CTX *)b->ptr;
349 BIO_clear_retry_flags(b);
350
351 if (ctx->encode != B64_ENCODE)
352 {
353 ctx->encode=B64_ENCODE;
354 ctx->buf_len=0;
355 ctx->buf_off=0;
356 ctx->tmp_len=0;
357 EVP_EncodeInit(&(ctx->base64));
358 }
359
360 n=ctx->buf_len-ctx->buf_off;
361 while (n > 0)
362 {
363 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
364 if (i <= 0)
365 {
366 BIO_copy_next_retry(b);
367 return(i);
368 }
369 ctx->buf_off+=i;
370 n-=i;
371 }
372 /* at this point all pending data has been written */
373 ctx->buf_off=0;
374 ctx->buf_len=0;
375
376 if ((in == NULL) || (inl <= 0)) return(0);
377
378 while (inl > 0)
379 {
380 n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
381
382 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
383 {
384 if (ctx->tmp_len > 0)
385 {
386 n=3-ctx->tmp_len;
387 /* There's a teoretical possibility for this */
388 if (n > inl)
389 n=inl;
390 memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
391 ctx->tmp_len+=n;
392 if (ctx->tmp_len < 3)
393 break;
394 ctx->buf_len=EVP_EncodeBlock(
395 (unsigned char *)ctx->buf,
396 (unsigned char *)ctx->tmp,
397 ctx->tmp_len);
398 /* Since we're now done using the temporary
399 buffer, the length should be 0'd */
400 ctx->tmp_len=0;
401 }
402 else
403 {
404 if (n < 3)
405 {
406 memcpy(&(ctx->tmp[0]),in,n);
407 ctx->tmp_len=n;
408 break;
409 }
410 n-=n%3;
411 ctx->buf_len=EVP_EncodeBlock(
412 (unsigned char *)ctx->buf,
413 (unsigned char *)in,n);
414 }
415 }
416 else
417 {
418 EVP_EncodeUpdate(&(ctx->base64),
419 (unsigned char *)ctx->buf,&ctx->buf_len,
420 (unsigned char *)in,n);
421 }
422 inl-=n;
423 in+=n;
424
425 ctx->buf_off=0;
426 n=ctx->buf_len;
427 while (n > 0)
428 {
429 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
430 if (i <= 0)
431 {
432 BIO_copy_next_retry(b);
433 return((ret == 0)?i:ret);
434 }
435 n-=i;
436 ctx->buf_off+=i;
437 }
438 ctx->buf_len=0;
439 ctx->buf_off=0;
440 }
441 return(ret);
442 }
443
444static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
445 {
446 BIO_B64_CTX *ctx;
447 long ret=1;
448 int i;
449
450 ctx=(BIO_B64_CTX *)b->ptr;
451
452 switch (cmd)
453 {
454 case BIO_CTRL_RESET:
455 ctx->cont=1;
456 ctx->start=1;
457 ctx->encode=B64_NONE;
458 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
459 break;
460 case BIO_CTRL_EOF: /* More to read */
461 if (ctx->cont <= 0)
462 ret=1;
463 else
464 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
465 break;
466 case BIO_CTRL_WPENDING: /* More to write in buffer */
467 ret=ctx->buf_len-ctx->buf_off;
468 if ((ret == 0) && (ctx->base64.num != 0))
469 ret=1;
470 else if (ret <= 0)
471 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
472 break;
473 case BIO_CTRL_PENDING: /* More to read in buffer */
474 ret=ctx->buf_len-ctx->buf_off;
475 if (ret <= 0)
476 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
477 break;
478 case BIO_CTRL_FLUSH:
479 /* do a final write */
480again:
481 while (ctx->buf_len != ctx->buf_off)
482 {
483 i=b64_write(b,NULL,0);
484 if (i < 0)
485 {
486 ret=i;
487 break;
488 }
489 }
490 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
491 {
492 if (ctx->tmp_len != 0)
493 {
494 ctx->buf_len=EVP_EncodeBlock(
495 (unsigned char *)ctx->buf,
496 (unsigned char *)ctx->tmp,
497 ctx->tmp_len);
498 ctx->buf_off=0;
499 ctx->tmp_len=0;
500 goto again;
501 }
502 }
503 else if (ctx->base64.num != 0)
504 {
505 ctx->buf_off=0;
506 EVP_EncodeFinal(&(ctx->base64),
507 (unsigned char *)ctx->buf,
508 &(ctx->buf_len));
509 /* push out the bytes */
510 goto again;
511 }
512 /* Finally flush the underlying BIO */
513 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
514 break;
515
516 case BIO_C_DO_STATE_MACHINE:
517 BIO_clear_retry_flags(b);
518 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
519 BIO_copy_next_retry(b);
520 break;
521
522 case BIO_CTRL_DUP:
523 break;
524 case BIO_CTRL_INFO:
525 case BIO_CTRL_GET:
526 case BIO_CTRL_SET:
527 default:
528 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
529 break;
530 }
531 return(ret);
532 }
533
534static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
535 {
536 long ret=1;
537
538 if (b->next_bio == NULL) return(0);
539 switch (cmd)
540 {
541 default:
542 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
543 break;
544 }
545 return(ret);
546 }
547
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
deleted file mode 100644
index 831c71a2b5..0000000000
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ /dev/null
@@ -1,425 +0,0 @@
1/* crypto/evp/bio_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65static int enc_write(BIO *h, const char *buf, int num);
66static int enc_read(BIO *h, char *buf, int size);
67/*static int enc_puts(BIO *h, const char *str); */
68/*static int enc_gets(BIO *h, char *str, int size); */
69static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
70static int enc_new(BIO *h);
71static int enc_free(BIO *data);
72static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
73#define ENC_BLOCK_SIZE (1024*4)
74
75typedef struct enc_struct
76 {
77 int buf_len;
78 int buf_off;
79 int cont; /* <= 0 when finished */
80 int finished;
81 int ok; /* bad decrypt */
82 EVP_CIPHER_CTX cipher;
83 char buf[ENC_BLOCK_SIZE+10];
84 } BIO_ENC_CTX;
85
86static BIO_METHOD methods_enc=
87 {
88 BIO_TYPE_CIPHER,"cipher",
89 enc_write,
90 enc_read,
91 NULL, /* enc_puts, */
92 NULL, /* enc_gets, */
93 enc_ctrl,
94 enc_new,
95 enc_free,
96 enc_callback_ctrl,
97 };
98
99BIO_METHOD *BIO_f_cipher(void)
100 {
101 return(&methods_enc);
102 }
103
104static int enc_new(BIO *bi)
105 {
106 BIO_ENC_CTX *ctx;
107
108 ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
109 EVP_CIPHER_CTX_init(&ctx->cipher);
110 if (ctx == NULL) return(0);
111
112 ctx->buf_len=0;
113 ctx->buf_off=0;
114 ctx->cont=1;
115 ctx->finished=0;
116 ctx->ok=1;
117
118 bi->init=0;
119 bi->ptr=(char *)ctx;
120 bi->flags=0;
121 return(1);
122 }
123
124static int enc_free(BIO *a)
125 {
126 BIO_ENC_CTX *b;
127
128 if (a == NULL) return(0);
129 b=(BIO_ENC_CTX *)a->ptr;
130 EVP_CIPHER_CTX_cleanup(&(b->cipher));
131 memset(a->ptr,0,sizeof(BIO_ENC_CTX));
132 OPENSSL_free(a->ptr);
133 a->ptr=NULL;
134 a->init=0;
135 a->flags=0;
136 return(1);
137 }
138
139static int enc_read(BIO *b, char *out, int outl)
140 {
141 int ret=0,i;
142 BIO_ENC_CTX *ctx;
143
144 if (out == NULL) return(0);
145 ctx=(BIO_ENC_CTX *)b->ptr;
146
147 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
148
149 /* First check if there are bytes decoded/encoded */
150 if (ctx->buf_len > 0)
151 {
152 i=ctx->buf_len-ctx->buf_off;
153 if (i > outl) i=outl;
154 memcpy(out,&(ctx->buf[ctx->buf_off]),i);
155 ret=i;
156 out+=i;
157 outl-=i;
158 ctx->buf_off+=i;
159 if (ctx->buf_len == ctx->buf_off)
160 {
161 ctx->buf_len=0;
162 ctx->buf_off=0;
163 }
164 }
165
166 /* At this point, we have room of outl bytes and an empty
167 * buffer, so we should read in some more. */
168
169 while (outl > 0)
170 {
171 if (ctx->cont <= 0) break;
172
173 /* read in at offset 8, read the EVP_Cipher
174 * documentation about why */
175 i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
176
177 if (i <= 0)
178 {
179 /* Should be continue next time we are called? */
180 if (!BIO_should_retry(b->next_bio))
181 {
182 ctx->cont=i;
183 i=EVP_CipherFinal(&(ctx->cipher),
184 (unsigned char *)ctx->buf,
185 &(ctx->buf_len));
186 ctx->ok=i;
187 ctx->buf_off=0;
188 }
189 else
190 {
191 ret=(ret == 0)?i:ret;
192 break;
193 }
194 }
195 else
196 {
197 EVP_CipherUpdate(&(ctx->cipher),
198 (unsigned char *)ctx->buf,&ctx->buf_len,
199 (unsigned char *)&(ctx->buf[8]),i);
200 ctx->cont=1;
201 /* Note: it is possible for EVP_CipherUpdate to
202 * decrypt zero bytes because this is or looks like
203 * the final block: if this happens we should retry
204 * and either read more data or decrypt the final
205 * block
206 */
207 if(ctx->buf_len == 0) continue;
208 }
209
210 if (ctx->buf_len <= outl)
211 i=ctx->buf_len;
212 else
213 i=outl;
214 if (i <= 0) break;
215 memcpy(out,ctx->buf,i);
216 ret+=i;
217 ctx->buf_off=i;
218 outl-=i;
219 out+=i;
220 }
221
222 BIO_clear_retry_flags(b);
223 BIO_copy_next_retry(b);
224 return((ret == 0)?ctx->cont:ret);
225 }
226
227static int enc_write(BIO *b, const char *in, int inl)
228 {
229 int ret=0,n,i;
230 BIO_ENC_CTX *ctx;
231
232 ctx=(BIO_ENC_CTX *)b->ptr;
233 ret=inl;
234
235 BIO_clear_retry_flags(b);
236 n=ctx->buf_len-ctx->buf_off;
237 while (n > 0)
238 {
239 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
240 if (i <= 0)
241 {
242 BIO_copy_next_retry(b);
243 return(i);
244 }
245 ctx->buf_off+=i;
246 n-=i;
247 }
248 /* at this point all pending data has been written */
249
250 if ((in == NULL) || (inl <= 0)) return(0);
251
252 ctx->buf_off=0;
253 while (inl > 0)
254 {
255 n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
256 EVP_CipherUpdate(&(ctx->cipher),
257 (unsigned char *)ctx->buf,&ctx->buf_len,
258 (unsigned char *)in,n);
259 inl-=n;
260 in+=n;
261
262 ctx->buf_off=0;
263 n=ctx->buf_len;
264 while (n > 0)
265 {
266 i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
267 if (i <= 0)
268 {
269 BIO_copy_next_retry(b);
270 return(i);
271 }
272 n-=i;
273 ctx->buf_off+=i;
274 }
275 ctx->buf_len=0;
276 ctx->buf_off=0;
277 }
278 BIO_copy_next_retry(b);
279 return(ret);
280 }
281
282static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
283 {
284 BIO *dbio;
285 BIO_ENC_CTX *ctx,*dctx;
286 long ret=1;
287 int i;
288 EVP_CIPHER_CTX **c_ctx;
289
290 ctx=(BIO_ENC_CTX *)b->ptr;
291
292 switch (cmd)
293 {
294 case BIO_CTRL_RESET:
295 ctx->ok=1;
296 ctx->finished=0;
297 EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
298 ctx->cipher.encrypt);
299 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
300 break;
301 case BIO_CTRL_EOF: /* More to read */
302 if (ctx->cont <= 0)
303 ret=1;
304 else
305 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
306 break;
307 case BIO_CTRL_WPENDING:
308 ret=ctx->buf_len-ctx->buf_off;
309 if (ret <= 0)
310 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
311 break;
312 case BIO_CTRL_PENDING: /* More to read in buffer */
313 ret=ctx->buf_len-ctx->buf_off;
314 if (ret <= 0)
315 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
316 break;
317 case BIO_CTRL_FLUSH:
318 /* do a final write */
319again:
320 while (ctx->buf_len != ctx->buf_off)
321 {
322 i=enc_write(b,NULL,0);
323 if (i < 0)
324 {
325 ret=i;
326 break;
327 }
328 }
329
330 if (!ctx->finished)
331 {
332 ctx->finished=1;
333 ctx->buf_off=0;
334 ret=EVP_CipherFinal(&(ctx->cipher),
335 (unsigned char *)ctx->buf,
336 &(ctx->buf_len));
337 ctx->ok=(int)ret;
338 if (ret <= 0) break;
339
340 /* push out the bytes */
341 goto again;
342 }
343
344 /* Finally flush the underlying BIO */
345 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
346 break;
347 case BIO_C_GET_CIPHER_STATUS:
348 ret=(long)ctx->ok;
349 break;
350 case BIO_C_DO_STATE_MACHINE:
351 BIO_clear_retry_flags(b);
352 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
353 BIO_copy_next_retry(b);
354 break;
355 case BIO_C_GET_CIPHER_CTX:
356 c_ctx=(EVP_CIPHER_CTX **)ptr;
357 (*c_ctx)= &(ctx->cipher);
358 b->init=1;
359 break;
360 case BIO_CTRL_DUP:
361 dbio=(BIO *)ptr;
362 dctx=(BIO_ENC_CTX *)dbio->ptr;
363 memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
364 dbio->init=1;
365 break;
366 default:
367 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
368 break;
369 }
370 return(ret);
371 }
372
373static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
374 {
375 long ret=1;
376
377 if (b->next_bio == NULL) return(0);
378 switch (cmd)
379 {
380 default:
381 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
382 break;
383 }
384 return(ret);
385 }
386
387/*
388void BIO_set_cipher_ctx(b,c)
389BIO *b;
390EVP_CIPHER_ctx *c;
391 {
392 if (b == NULL) return;
393
394 if ((b->callback != NULL) &&
395 (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
396 return;
397
398 b->init=1;
399 ctx=(BIO_ENC_CTX *)b->ptr;
400 memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
401
402 if (b->callback != NULL)
403 b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
404 }
405*/
406
407void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
408 unsigned char *i, int e)
409 {
410 BIO_ENC_CTX *ctx;
411
412 if (b == NULL) return;
413
414 if ((b->callback != NULL) &&
415 (b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
416 return;
417
418 b->init=1;
419 ctx=(BIO_ENC_CTX *)b->ptr;
420 EVP_CipherInit(&(ctx->cipher),c,k,i,e);
421
422 if (b->callback != NULL)
423 b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
424 }
425
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
deleted file mode 100644
index 2373c247d8..0000000000
--- a/src/lib/libcrypto/evp/bio_md.c
+++ /dev/null
@@ -1,261 +0,0 @@
1/* crypto/evp/bio_md.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/evp.h>
64
65/* BIO_put and BIO_get both add to the digest,
66 * BIO_gets returns the digest */
67
68static int md_write(BIO *h, char const *buf, int num);
69static int md_read(BIO *h, char *buf, int size);
70/*static int md_puts(BIO *h, const char *str); */
71static int md_gets(BIO *h, char *str, int size);
72static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
73static int md_new(BIO *h);
74static int md_free(BIO *data);
75static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
76
77static BIO_METHOD methods_md=
78 {
79 BIO_TYPE_MD,"message digest",
80 md_write,
81 md_read,
82 NULL, /* md_puts, */
83 md_gets,
84 md_ctrl,
85 md_new,
86 md_free,
87 md_callback_ctrl,
88 };
89
90BIO_METHOD *BIO_f_md(void)
91 {
92 return(&methods_md);
93 }
94
95static int md_new(BIO *bi)
96 {
97 EVP_MD_CTX *ctx;
98
99 ctx=(EVP_MD_CTX *)OPENSSL_malloc(sizeof(EVP_MD_CTX));
100 if (ctx == NULL) return(0);
101
102 bi->init=0;
103 bi->ptr=(char *)ctx;
104 bi->flags=0;
105 return(1);
106 }
107
108static int md_free(BIO *a)
109 {
110 if (a == NULL) return(0);
111 OPENSSL_free(a->ptr);
112 a->ptr=NULL;
113 a->init=0;
114 a->flags=0;
115 return(1);
116 }
117
118static int md_read(BIO *b, char *out, int outl)
119 {
120 int ret=0;
121 EVP_MD_CTX *ctx;
122
123 if (out == NULL) return(0);
124 ctx=(EVP_MD_CTX *)b->ptr;
125
126 if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
127
128 ret=BIO_read(b->next_bio,out,outl);
129 if (b->init)
130 {
131 if (ret > 0)
132 {
133 EVP_DigestUpdate(ctx,(unsigned char *)out,
134 (unsigned int)ret);
135 }
136 }
137 BIO_clear_retry_flags(b);
138 BIO_copy_next_retry(b);
139 return(ret);
140 }
141
142static int md_write(BIO *b, const char *in, int inl)
143 {
144 int ret=0;
145 EVP_MD_CTX *ctx;
146
147 if ((in == NULL) || (inl <= 0)) return(0);
148 ctx=(EVP_MD_CTX *)b->ptr;
149
150 if ((ctx != NULL) && (b->next_bio != NULL))
151 ret=BIO_write(b->next_bio,in,inl);
152 if (b->init)
153 {
154 if (ret > 0)
155 {
156 EVP_DigestUpdate(ctx,(unsigned char *)in,
157 (unsigned int)ret);
158 }
159 }
160 BIO_clear_retry_flags(b);
161 BIO_copy_next_retry(b);
162 return(ret);
163 }
164
165static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
166 {
167 EVP_MD_CTX *ctx,*dctx,**pctx;
168 const EVP_MD **ppmd;
169 EVP_MD *md;
170 long ret=1;
171 BIO *dbio;
172
173 ctx=(EVP_MD_CTX *)b->ptr;
174
175 switch (cmd)
176 {
177 case BIO_CTRL_RESET:
178 if (b->init)
179 EVP_DigestInit(ctx,ctx->digest);
180 else
181 ret=0;
182 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
183 break;
184 case BIO_C_GET_MD:
185 if (b->init)
186 {
187 ppmd=(const EVP_MD **)ptr;
188 *ppmd=ctx->digest;
189 }
190 else
191 ret=0;
192 break;
193 case BIO_C_GET_MD_CTX:
194 if (b->init)
195 {
196 pctx=(EVP_MD_CTX **)ptr;
197 *pctx=ctx;
198 }
199 else
200 ret=0;
201 break;
202 case BIO_C_DO_STATE_MACHINE:
203 BIO_clear_retry_flags(b);
204 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
205 BIO_copy_next_retry(b);
206 break;
207
208 case BIO_C_SET_MD:
209 md=(EVP_MD *)ptr;
210 EVP_DigestInit(ctx,md);
211 b->init=1;
212 break;
213 case BIO_CTRL_DUP:
214 dbio=(BIO *)ptr;
215 dctx=(EVP_MD_CTX *)dbio->ptr;
216 memcpy(dctx,ctx,sizeof(ctx));
217 b->init=1;
218 break;
219 default:
220 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
221 break;
222 }
223 return(ret);
224 }
225
226static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
227 {
228 long ret=1;
229
230 if (b->next_bio == NULL) return(0);
231 switch (cmd)
232 {
233 default:
234 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
235 break;
236 }
237 return(ret);
238 }
239
240static int md_gets(BIO *bp, char *buf, int size)
241 {
242 EVP_MD_CTX *ctx;
243 unsigned int ret;
244
245
246 ctx=(EVP_MD_CTX *)bp->ptr;
247 if (size < ctx->digest->md_size)
248 return(0);
249 EVP_DigestFinal(ctx,(unsigned char *)buf,&ret);
250 return((int)ret);
251 }
252
253/*
254static int md_puts(bp,str)
255BIO *bp;
256char *str;
257 {
258 return(-1);
259 }
260*/
261
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
deleted file mode 100644
index 1e185830a3..0000000000
--- a/src/lib/libcrypto/evp/c_all.c
+++ /dev/null
@@ -1,67 +0,0 @@
1/* crypto/evp/c_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62
63void OpenSSL_add_all_algorithms(void)
64{
65 OpenSSL_add_all_ciphers();
66 OpenSSL_add_all_digests();
67}
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
deleted file mode 100644
index c560733568..0000000000
--- a/src/lib/libcrypto/evp/digest.c
+++ /dev/null
@@ -1,92 +0,0 @@
1/* crypto/evp/digest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/objects.h>
62#include <openssl/evp.h>
63
64void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
65 {
66 ctx->digest=type;
67 type->init(&(ctx->md));
68 }
69
70void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
71 unsigned int count)
72 {
73 ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
74 }
75
76void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
77 {
78 ctx->digest->final(md,&(ctx->md.base[0]));
79 if (size != NULL)
80 *size=ctx->digest->md_size;
81 memset(&(ctx->md),0,sizeof(ctx->md));
82 }
83
84int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in)
85{
86 if ((in == NULL) || (in->digest == NULL)) {
87 EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
88 return 0;
89 }
90 memcpy((char *)out,(char *)in,in->digest->ctx_size);
91 return 1;
92}
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
deleted file mode 100644
index 53559b0b65..0000000000
--- a/src/lib/libcrypto/evp/e_bf.c
+++ /dev/null
@@ -1,80 +0,0 @@
1/* crypto/evp/e_bf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_BF
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include "evp_locl.h"
64#include <openssl/objects.h>
65
66static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc);
68
69IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
70 EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
71 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
72
73static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
74 const unsigned char *iv, int enc)
75 {
76 BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
77 return 1;
78 }
79
80#endif
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
deleted file mode 100644
index e5af7fb4ed..0000000000
--- a/src/lib/libcrypto/evp/e_cast.c
+++ /dev/null
@@ -1,82 +0,0 @@
1/* crypto/evp/e_cast.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_CAST
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66
67static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc);
69
70IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks,
71 NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8,
72 EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
73 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
74
75static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
76 const unsigned char *iv, int enc)
77 {
78 CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
79 return 1;
80 }
81
82#endif
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
deleted file mode 100644
index f4e998b81c..0000000000
--- a/src/lib/libcrypto/evp/e_des.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* crypto/evp/e_des.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_DES
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65
66static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv, int enc);
68
69/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
70
71static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
72 const unsigned char *in, unsigned int inl)
73{
74 BLOCK_CIPHER_ecb_loop()
75 des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt);
76 return 1;
77}
78
79static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
80 const unsigned char *in, unsigned int inl)
81{
82 des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num);
83 return 1;
84}
85
86static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
87 const unsigned char *in, unsigned int inl)
88{
89 des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
90 (des_cblock *)ctx->iv, ctx->encrypt);
91 return 1;
92}
93
94static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
95 const unsigned char *in, unsigned int inl)
96{
97 des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks,
98 (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
99 return 1;
100}
101
102BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
103 0, des_init_key, NULL,
104 EVP_CIPHER_set_asn1_iv,
105 EVP_CIPHER_get_asn1_iv,
106 NULL)
107
108
109static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc)
111 {
112 des_cblock *deskey = (des_cblock *)key;
113
114 des_set_key_unchecked(deskey,ctx->c.des_ks);
115 return 1;
116 }
117
118#endif
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
deleted file mode 100644
index a9aba4ae70..0000000000
--- a/src/lib/libcrypto/evp/e_des3.c
+++ /dev/null
@@ -1,165 +0,0 @@
1/* crypto/evp/e_des3.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_DES
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include "evp_locl.h"
65
66static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv,int enc);
68
69static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
70 const unsigned char *iv,int enc);
71
72/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
73
74static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, unsigned int inl)
76{
77 BLOCK_CIPHER_ecb_loop()
78 des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i),
79 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
80 ctx->encrypt);
81 return 1;
82}
83
84static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
85 const unsigned char *in, unsigned int inl)
86{
87 des_ede3_ofb64_encrypt(in, out, (long)inl,
88 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
89 (des_cblock *)ctx->iv, &ctx->num);
90 return 1;
91}
92
93static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
94 const unsigned char *in, unsigned int inl)
95{
96 des_ede3_cbc_encrypt(in, out, (long)inl,
97 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
98 (des_cblock *)ctx->iv, ctx->encrypt);
99 return 1;
100}
101
102static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
103 const unsigned char *in, unsigned int inl)
104{
105 des_ede3_cfb64_encrypt(in, out, (long)inl,
106 ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
107 (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
108 return 1;
109}
110
111#define NID_des_ede_ecb NID_des_ede
112
113BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8,
114 0, des_ede_init_key, NULL,
115 EVP_CIPHER_set_asn1_iv,
116 EVP_CIPHER_get_asn1_iv,
117 NULL)
118
119#define NID_des_ede3_ecb NID_des_ede3
120#define des_ede3_cfb_cipher des_ede_cfb_cipher
121#define des_ede3_ofb_cipher des_ede_ofb_cipher
122#define des_ede3_cbc_cipher des_ede_cbc_cipher
123#define des_ede3_ecb_cipher des_ede_ecb_cipher
124
125BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
126 0, des_ede3_init_key, NULL,
127 EVP_CIPHER_set_asn1_iv,
128 EVP_CIPHER_get_asn1_iv,
129 NULL)
130
131static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
132 const unsigned char *iv, int enc)
133 {
134 des_cblock *deskey = (des_cblock *)key;
135
136 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
137 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
138 memcpy( (char *)ctx->c.des_ede.ks3,
139 (char *)ctx->c.des_ede.ks1,
140 sizeof(ctx->c.des_ede.ks1));
141 return 1;
142 }
143
144static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
145 const unsigned char *iv, int enc)
146 {
147 des_cblock *deskey = (des_cblock *)key;
148
149 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
150 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
151 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
152
153 return 1;
154 }
155
156EVP_CIPHER *EVP_des_ede(void)
157{
158 return &des_ede_ecb;
159}
160
161EVP_CIPHER *EVP_des_ede3(void)
162{
163 return &des_ede3_ecb;
164}
165#endif
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
deleted file mode 100644
index 8d3c88deb7..0000000000
--- a/src/lib/libcrypto/evp/e_idea.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/evp/e_idea.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_IDEA
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66
67static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc);
69
70/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
71 * case
72 */
73
74static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
75 const unsigned char *in, unsigned int inl)
76{
77 BLOCK_CIPHER_ecb_loop()
78 idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks);
79 return 1;
80}
81
82/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
83
84BLOCK_CIPHER_func_cbc(idea, idea, idea_ks)
85BLOCK_CIPHER_func_ofb(idea, idea, idea_ks)
86BLOCK_CIPHER_func_cfb(idea, idea, idea_ks)
87
88BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8,
89 0, idea_init_key, NULL,
90 EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
91
92static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
93 const unsigned char *iv, int enc)
94 {
95 if(!enc) {
96 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
97 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
98 }
99 if (enc) idea_set_encrypt_key(key,&(ctx->c.idea_ks));
100 else
101 {
102 IDEA_KEY_SCHEDULE tmp;
103
104 idea_set_encrypt_key(key,&tmp);
105 idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
106 memset((unsigned char *)&tmp,0,
107 sizeof(IDEA_KEY_SCHEDULE));
108 }
109 return 1;
110 }
111
112#endif
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
deleted file mode 100644
index e0702cf818..0000000000
--- a/src/lib/libcrypto/evp/e_null.c
+++ /dev/null
@@ -1,101 +0,0 @@
1/* crypto/evp/e_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63
64static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
65 const unsigned char *iv,int enc);
66static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
67 const unsigned char *in, unsigned int inl);
68static EVP_CIPHER n_cipher=
69 {
70 NID_undef,
71 1,0,0,
72 0,
73 null_init_key,
74 null_cipher,
75 NULL,
76 0,
77 NULL,
78 NULL,
79 NULL
80 };
81
82EVP_CIPHER *EVP_enc_null(void)
83 {
84 return(&n_cipher);
85 }
86
87static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
88 const unsigned char *iv, int enc)
89 {
90 memset(&(ctx->c),0,sizeof(ctx->c));
91 return 1;
92 }
93
94static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
95 const unsigned char *in, unsigned int inl)
96 {
97 if (in != out)
98 memcpy((char *)out,(char *)in,(int)inl);
99 return 1;
100 }
101
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
deleted file mode 100644
index 3955c3ef84..0000000000
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ /dev/null
@@ -1,222 +0,0 @@
1/* crypto/evp/e_rc2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RC2
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include "evp_locl.h"
66
67static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
68 const unsigned char *iv,int enc);
69static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
70static int rc2_magic_to_meth(int i);
71static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
72static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
73static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
74
75IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2,
76 8,
77 EVP_RC2_KEY_SIZE, 8,
78 EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
79 rc2_init_key, NULL,
80 rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
81 rc2_ctrl)
82
83#define RC2_40_MAGIC 0xa0
84#define RC2_64_MAGIC 0x78
85#define RC2_128_MAGIC 0x3a
86
87static EVP_CIPHER r2_64_cbc_cipher=
88 {
89 NID_rc2_64_cbc,
90 8,8 /* 64 bit */,8,
91 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
92 rc2_init_key,
93 rc2_cbc_cipher,
94 NULL,
95 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
96 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
97 rc2_set_asn1_type_and_iv,
98 rc2_get_asn1_type_and_iv,
99 rc2_ctrl,
100 NULL
101 };
102
103static EVP_CIPHER r2_40_cbc_cipher=
104 {
105 NID_rc2_40_cbc,
106 8,5 /* 40 bit */,8,
107 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
108 rc2_init_key,
109 rc2_cbc_cipher,
110 NULL,
111 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
112 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
113 rc2_set_asn1_type_and_iv,
114 rc2_get_asn1_type_and_iv,
115 rc2_ctrl,
116 NULL
117 };
118
119EVP_CIPHER *EVP_rc2_64_cbc(void)
120 {
121 return(&r2_64_cbc_cipher);
122 }
123
124EVP_CIPHER *EVP_rc2_40_cbc(void)
125 {
126 return(&r2_40_cbc_cipher);
127 }
128
129static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
130 const unsigned char *iv, int enc)
131 {
132 RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx),
133 key,ctx->c.rc2.key_bits);
134 return 1;
135 }
136
137static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
138 {
139 int i;
140
141 EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
142 if (i == 128) return(RC2_128_MAGIC);
143 else if (i == 64) return(RC2_64_MAGIC);
144 else if (i == 40) return(RC2_40_MAGIC);
145 else return(0);
146 }
147
148static int rc2_magic_to_meth(int i)
149 {
150 if (i == RC2_128_MAGIC) return 128;
151 else if (i == RC2_64_MAGIC) return 64;
152 else if (i == RC2_40_MAGIC) return 40;
153 else
154 {
155 EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
156 return(0);
157 }
158 }
159
160static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
161 {
162 long num=0;
163 int i=0,l;
164 int key_bits;
165 unsigned char iv[EVP_MAX_IV_LENGTH];
166
167 if (type != NULL)
168 {
169 l=EVP_CIPHER_CTX_iv_length(c);
170 i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
171 if (i != l)
172 return(-1);
173 key_bits =rc2_magic_to_meth((int)num);
174 if (!key_bits)
175 return(-1);
176 if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1);
177 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
178 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
179 }
180 return(i);
181 }
182
183static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
184 {
185 long num;
186 int i=0,j;
187
188 if (type != NULL)
189 {
190 num=rc2_meth_to_magic(c);
191 j=EVP_CIPHER_CTX_iv_length(c);
192 i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
193 }
194 return(i);
195 }
196
197static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
198 {
199 switch(type) {
200
201 case EVP_CTRL_INIT:
202 c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
203 return 1;
204
205 case EVP_CTRL_GET_RC2_KEY_BITS:
206 *(int *)ptr = c->c.rc2.key_bits;
207 return 1;
208
209
210 case EVP_CTRL_SET_RC2_KEY_BITS:
211 if(arg > 0) {
212 c->c.rc2.key_bits = arg;
213 return 1;
214 }
215 return 0;
216
217 default:
218 return -1;
219 }
220 }
221
222#endif
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
deleted file mode 100644
index 1c1e3b3857..0000000000
--- a/src/lib/libcrypto/evp/e_rc4.c
+++ /dev/null
@@ -1,125 +0,0 @@
1/* crypto/evp/e_rc4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RC4
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65
66static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
67 const unsigned char *iv,int enc);
68static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
69 const unsigned char *in, unsigned int inl);
70static EVP_CIPHER r4_cipher=
71 {
72 NID_rc4,
73 1,EVP_RC4_KEY_SIZE,0,
74 EVP_CIPH_VARIABLE_LENGTH,
75 rc4_init_key,
76 rc4_cipher,
77 NULL,
78 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
79 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
80 NULL,
81 NULL,
82 NULL
83 };
84
85static EVP_CIPHER r4_40_cipher=
86 {
87 NID_rc4_40,
88 1,5 /* 40 bit */,0,
89 EVP_CIPH_VARIABLE_LENGTH,
90 rc4_init_key,
91 rc4_cipher,
92 NULL,
93 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
94 sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
95 NULL,
96 NULL,
97 NULL
98 };
99
100EVP_CIPHER *EVP_rc4(void)
101 {
102 return(&r4_cipher);
103 }
104
105EVP_CIPHER *EVP_rc4_40(void)
106 {
107 return(&r4_40_cipher);
108 }
109
110static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
111 const unsigned char *iv, int enc)
112 {
113 memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
114 RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
115 ctx->c.rc4.key);
116 return 1;
117 }
118
119static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
120 const unsigned char *in, unsigned int inl)
121 {
122 RC4(&(ctx->c.rc4.ks),inl,in,out);
123 return 1;
124 }
125#endif
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
deleted file mode 100644
index e5b15acc7d..0000000000
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,111 +0,0 @@
1/* crypto/evp/e_xcbc_d.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_DES
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64
65static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
66 const unsigned char *iv,int enc);
67static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
68 const unsigned char *in, unsigned int inl);
69static EVP_CIPHER d_xcbc_cipher=
70 {
71 NID_desx_cbc,
72 8,24,8,
73 EVP_CIPH_CBC_MODE,
74 desx_cbc_init_key,
75 desx_cbc_cipher,
76 NULL,
77 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
78 sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
79 EVP_CIPHER_set_asn1_iv,
80 EVP_CIPHER_get_asn1_iv,
81 NULL
82 };
83
84EVP_CIPHER *EVP_desx_cbc(void)
85 {
86 return(&d_xcbc_cipher);
87 }
88
89static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
90 const unsigned char *iv, int enc)
91 {
92 des_cblock *deskey = (des_cblock *)key;
93
94 des_set_key_unchecked(deskey,ctx->c.desx_cbc.ks);
95 memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
96 memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
97
98 return 1;
99 }
100
101static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
102 const unsigned char *in, unsigned int inl)
103 {
104 des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks,
105 (des_cblock *)&(ctx->iv[0]),
106 &ctx->c.desx_cbc.inw,
107 &ctx->c.desx_cbc.outw,
108 ctx->encrypt);
109 return 1;
110 }
111#endif
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
deleted file mode 100644
index 6ff9c1783c..0000000000
--- a/src/lib/libcrypto/evp/encode.c
+++ /dev/null
@@ -1,437 +0,0 @@
1/* crypto/evp/encode.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62
63#ifndef CHARSET_EBCDIC
64#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
65#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
66#else
67/* We assume that PEM encoded files are EBCDIC files
68 * (i.e., printable text files). Convert them here while decoding.
69 * When encoding, output is EBCDIC (text) format again.
70 * (No need for conversion in the conv_bin2ascii macro, as the
71 * underlying textstring data_bin2ascii[] is already EBCDIC)
72 */
73#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
74#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
75#endif
76
77/* 64 char lines
78 * pad input with 0
79 * left over chars are set to =
80 * 1 byte => xx==
81 * 2 bytes => xxx=
82 * 3 bytes => xxxx
83 */
84#define BIN_PER_LINE (64/4*3)
85#define CHUNKS_PER_LINE (64/4)
86#define CHAR_PER_LINE (64+1)
87
88static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
89abcdefghijklmnopqrstuvwxyz0123456789+/";
90
91/* 0xF0 is a EOLN
92 * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
93 * 0xF2 is EOF
94 * 0xE0 is ignore at start of line.
95 * 0xFF is error
96 */
97
98#define B64_EOLN 0xF0
99#define B64_CR 0xF1
100#define B64_EOF 0xF2
101#define B64_WS 0xE0
102#define B64_ERROR 0xFF
103#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
104
105static unsigned char data_ascii2bin[128]={
106 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
107 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
108 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
109 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
110 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
111 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
112 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
113 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
114 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
115 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
116 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
117 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
118 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
119 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
120 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
121 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
122 };
123
124void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
125 {
126 ctx->length=48;
127 ctx->num=0;
128 ctx->line_num=0;
129 }
130
131void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
132 unsigned char *in, int inl)
133 {
134 int i,j;
135 unsigned int total=0;
136
137 *outl=0;
138 if (inl == 0) return;
139 if ((ctx->num+inl) < ctx->length)
140 {
141 memcpy(&(ctx->enc_data[ctx->num]),in,inl);
142 ctx->num+=inl;
143 return;
144 }
145 if (ctx->num != 0)
146 {
147 i=ctx->length-ctx->num;
148 memcpy(&(ctx->enc_data[ctx->num]),in,i);
149 in+=i;
150 inl-=i;
151 j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
152 ctx->num=0;
153 out+=j;
154 *(out++)='\n';
155 *out='\0';
156 total=j+1;
157 }
158 while (inl >= ctx->length)
159 {
160 j=EVP_EncodeBlock(out,in,ctx->length);
161 in+=ctx->length;
162 inl-=ctx->length;
163 out+=j;
164 *(out++)='\n';
165 *out='\0';
166 total+=j+1;
167 }
168 if (inl != 0)
169 memcpy(&(ctx->enc_data[0]),in,inl);
170 ctx->num=inl;
171 *outl=total;
172 }
173
174void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
175 {
176 unsigned int ret=0;
177
178 if (ctx->num != 0)
179 {
180 ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
181 out[ret++]='\n';
182 out[ret]='\0';
183 ctx->num=0;
184 }
185 *outl=ret;
186 }
187
188int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
189 {
190 int i,ret=0;
191 unsigned long l;
192
193 for (i=dlen; i > 0; i-=3)
194 {
195 if (i >= 3)
196 {
197 l= (((unsigned long)f[0])<<16L)|
198 (((unsigned long)f[1])<< 8L)|f[2];
199 *(t++)=conv_bin2ascii(l>>18L);
200 *(t++)=conv_bin2ascii(l>>12L);
201 *(t++)=conv_bin2ascii(l>> 6L);
202 *(t++)=conv_bin2ascii(l );
203 }
204 else
205 {
206 l=((unsigned long)f[0])<<16L;
207 if (i == 2) l|=((unsigned long)f[1]<<8L);
208
209 *(t++)=conv_bin2ascii(l>>18L);
210 *(t++)=conv_bin2ascii(l>>12L);
211 *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
212 *(t++)='=';
213 }
214 ret+=4;
215 f+=3;
216 }
217
218 *t='\0';
219 return(ret);
220 }
221
222void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
223 {
224 ctx->length=30;
225 ctx->num=0;
226 ctx->line_num=0;
227 ctx->expect_nl=0;
228 }
229
230/* -1 for error
231 * 0 for last line
232 * 1 for full line
233 */
234int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
235 unsigned char *in, int inl)
236 {
237 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
238 unsigned char *d;
239
240 n=ctx->num;
241 d=ctx->enc_data;
242 ln=ctx->line_num;
243 exp_nl=ctx->expect_nl;
244
245 /* last line of input. */
246 if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
247 { rv=0; goto end; }
248
249 /* We parse the input data */
250 for (i=0; i<inl; i++)
251 {
252 /* If the current line is > 80 characters, scream alot */
253 if (ln >= 80) { rv= -1; goto end; }
254
255 /* Get char and put it into the buffer */
256 tmp= *(in++);
257 v=conv_ascii2bin(tmp);
258 /* only save the good data :-) */
259 if (!B64_NOT_BASE64(v))
260 {
261 d[n++]=tmp;
262 ln++;
263 }
264 else if (v == B64_ERROR)
265 {
266 rv= -1;
267 goto end;
268 }
269
270 /* have we seen a '=' which is 'definitly' the last
271 * input line. seof will point to the character that
272 * holds it. and eof will hold how many characters to
273 * chop off. */
274 if (tmp == '=')
275 {
276 if (seof == -1) seof=n;
277 eof++;
278 }
279
280 /* eoln */
281 if (v == B64_EOLN)
282 {
283 ln=0;
284 if (exp_nl)
285 {
286 exp_nl=0;
287 continue;
288 }
289 }
290 exp_nl=0;
291
292 /* If we are at the end of input and it looks like a
293 * line, process it. */
294 if (((i+1) == inl) && (((n&3) == 0) || eof))
295 {
296 v=B64_EOF;
297 /* In case things were given us in really small
298 records (so two '=' were given in separate
299 updates), eof may contain the incorrect number
300 of ending bytes to skip, so let's redo the count */
301 eof = 0;
302 if (d[n-1] == '=') eof++;
303 if (d[n-2] == '=') eof++;
304 /* There will never be more than two '=' */
305 }
306
307 if ((v == B64_EOF) || (n >= 64))
308 {
309 /* This is needed to work correctly on 64 byte input
310 * lines. We process the line and then need to
311 * accept the '\n' */
312 if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
313 tmp2=v;
314 if (n > 0)
315 {
316 v=EVP_DecodeBlock(out,d,n);
317 if (v < 0) { rv=0; goto end; }
318 n=0;
319 ret+=(v-eof);
320 }
321 else
322 {
323 eof=1;
324 v=0;
325 }
326
327 /* This is the case where we have had a short
328 * but valid input line */
329 if ((v < ctx->length) && eof)
330 {
331 rv=0;
332 goto end;
333 }
334 else
335 ctx->length=v;
336
337 if (seof >= 0) { rv=0; goto end; }
338 out+=v;
339 }
340 }
341 rv=1;
342end:
343 *outl=ret;
344 ctx->num=n;
345 ctx->line_num=ln;
346 ctx->expect_nl=exp_nl;
347 return(rv);
348 }
349
350int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
351 {
352 int i,ret=0,a,b,c,d;
353 unsigned long l;
354
355 /* trim white space from the start of the line. */
356 while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
357 {
358 f++;
359 n--;
360 }
361
362 /* strip off stuff at the end of the line
363 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
364 while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
365 n--;
366
367 if (n%4 != 0) return(-1);
368
369 for (i=0; i<n; i+=4)
370 {
371 a=conv_ascii2bin(*(f++));
372 b=conv_ascii2bin(*(f++));
373 c=conv_ascii2bin(*(f++));
374 d=conv_ascii2bin(*(f++));
375 if ( (a & 0x80) || (b & 0x80) ||
376 (c & 0x80) || (d & 0x80))
377 return(-1);
378 l=( (((unsigned long)a)<<18L)|
379 (((unsigned long)b)<<12L)|
380 (((unsigned long)c)<< 6L)|
381 (((unsigned long)d) ));
382 *(t++)=(unsigned char)(l>>16L)&0xff;
383 *(t++)=(unsigned char)(l>> 8L)&0xff;
384 *(t++)=(unsigned char)(l )&0xff;
385 ret+=3;
386 }
387 return(ret);
388 }
389
390int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
391 {
392 int i;
393
394 *outl=0;
395 if (ctx->num != 0)
396 {
397 i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
398 if (i < 0) return(-1);
399 ctx->num=0;
400 *outl=i;
401 return(1);
402 }
403 else
404 return(1);
405 }
406
407#ifdef undef
408int EVP_DecodeValid(unsigned char *buf, int len)
409 {
410 int i,num=0,bad=0;
411
412 if (len == 0) return(-1);
413 while (conv_ascii2bin(*buf) == B64_WS)
414 {
415 buf++;
416 len--;
417 if (len == 0) return(-1);
418 }
419
420 for (i=len; i >= 4; i-=4)
421 {
422 if ( (conv_ascii2bin(buf[0]) >= 0x40) ||
423 (conv_ascii2bin(buf[1]) >= 0x40) ||
424 (conv_ascii2bin(buf[2]) >= 0x40) ||
425 (conv_ascii2bin(buf[3]) >= 0x40))
426 return(-1);
427 buf+=4;
428 num+=1+(buf[2] != '=')+(buf[3] != '=');
429 }
430 if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
431 return(num);
432 if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
433 (conv_ascii2bin(buf[0]) == B64_EOLN))
434 return(num);
435 return(1);
436 }
437#endif
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
deleted file mode 100644
index fd43127092..0000000000
--- a/src/lib/libcrypto/evp/evp.h
+++ /dev/null
@@ -1,851 +0,0 @@
1/* crypto/evp/evp.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ENVELOPE_H
60#define HEADER_ENVELOPE_H
61
62#ifdef OPENSSL_ALGORITHM_DEFINES
63# include <openssl/opensslconf.h>
64#else
65# define OPENSSL_ALGORITHM_DEFINES
66# include <openssl/opensslconf.h>
67# undef OPENSSL_ALGORITHM_DEFINES
68#endif
69
70#ifndef NO_BIO
71#include <openssl/bio.h>
72#endif
73#ifndef NO_MD2
74#include <openssl/md2.h>
75#endif
76#ifndef NO_MD4
77#include <openssl/md4.h>
78#endif
79#ifndef NO_MD5
80#include <openssl/md5.h>
81#endif
82#ifndef NO_SHA
83#include <openssl/sha.h>
84#endif
85#ifndef NO_RIPEMD
86#include <openssl/ripemd.h>
87#endif
88#ifndef NO_DES
89#include <openssl/des.h>
90#endif
91#ifndef NO_RC4
92#include <openssl/rc4.h>
93#endif
94#ifndef NO_RC2
95#include <openssl/rc2.h>
96#endif
97#ifndef NO_RC5
98#include <openssl/rc5.h>
99#endif
100#ifndef NO_BF
101#include <openssl/blowfish.h>
102#endif
103#ifndef NO_CAST
104#include <openssl/cast.h>
105#endif
106#ifndef NO_IDEA
107#include <openssl/idea.h>
108#endif
109#ifndef NO_MDC2
110#include <openssl/mdc2.h>
111#endif
112
113#define EVP_RC2_KEY_SIZE 16
114#define EVP_RC4_KEY_SIZE 16
115#define EVP_BLOWFISH_KEY_SIZE 16
116#define EVP_CAST5_KEY_SIZE 16
117#define EVP_RC5_32_12_16_KEY_SIZE 16
118#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
119#define EVP_MAX_KEY_LENGTH 24
120#define EVP_MAX_IV_LENGTH 8
121
122#define PKCS5_SALT_LEN 8
123/* Default PKCS#5 iteration count */
124#define PKCS5_DEFAULT_ITER 2048
125
126#ifndef NO_RSA
127#include <openssl/rsa.h>
128#endif
129
130#ifndef NO_DSA
131#include <openssl/dsa.h>
132#endif
133
134#ifndef NO_DH
135#include <openssl/dh.h>
136#endif
137
138#include <openssl/objects.h>
139
140#define EVP_PK_RSA 0x0001
141#define EVP_PK_DSA 0x0002
142#define EVP_PK_DH 0x0004
143#define EVP_PKT_SIGN 0x0010
144#define EVP_PKT_ENC 0x0020
145#define EVP_PKT_EXCH 0x0040
146#define EVP_PKS_RSA 0x0100
147#define EVP_PKS_DSA 0x0200
148#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
149
150#define EVP_PKEY_NONE NID_undef
151#define EVP_PKEY_RSA NID_rsaEncryption
152#define EVP_PKEY_RSA2 NID_rsa
153#define EVP_PKEY_DSA NID_dsa
154#define EVP_PKEY_DSA1 NID_dsa_2
155#define EVP_PKEY_DSA2 NID_dsaWithSHA
156#define EVP_PKEY_DSA3 NID_dsaWithSHA1
157#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
158#define EVP_PKEY_DH NID_dhKeyAgreement
159
160#ifdef __cplusplus
161extern "C" {
162#endif
163
164/* Type needs to be a bit field
165 * Sub-type needs to be for variations on the method, as in, can it do
166 * arbitrary encryption.... */
167typedef struct evp_pkey_st
168 {
169 int type;
170 int save_type;
171 int references;
172 union {
173 char *ptr;
174#ifndef NO_RSA
175 struct rsa_st *rsa; /* RSA */
176#endif
177#ifndef NO_DSA
178 struct dsa_st *dsa; /* DSA */
179#endif
180#ifndef NO_DH
181 struct dh_st *dh; /* DH */
182#endif
183 } pkey;
184 int save_parameters;
185 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
186 } EVP_PKEY;
187
188#define EVP_PKEY_MO_SIGN 0x0001
189#define EVP_PKEY_MO_VERIFY 0x0002
190#define EVP_PKEY_MO_ENCRYPT 0x0004
191#define EVP_PKEY_MO_DECRYPT 0x0008
192
193#if 0
194/* This structure is required to tie the message digest and signing together.
195 * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
196 * oid, md and pkey.
197 * This is required because for various smart-card perform the digest and
198 * signing/verification on-board. To handle this case, the specific
199 * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
200 * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
201 * This can either be software or a token to provide the required low level
202 * routines.
203 */
204typedef struct evp_pkey_md_st
205 {
206 int oid;
207 EVP_MD *md;
208 EVP_PKEY_METHOD *pkey;
209 } EVP_PKEY_MD;
210
211#define EVP_rsa_md2() \
212 EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
213 EVP_rsa_pkcs1(),EVP_md2())
214#define EVP_rsa_md5() \
215 EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
216 EVP_rsa_pkcs1(),EVP_md5())
217#define EVP_rsa_sha0() \
218 EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
219 EVP_rsa_pkcs1(),EVP_sha())
220#define EVP_rsa_sha1() \
221 EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
222 EVP_rsa_pkcs1(),EVP_sha1())
223#define EVP_rsa_ripemd160() \
224 EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
225 EVP_rsa_pkcs1(),EVP_ripemd160())
226#define EVP_rsa_mdc2() \
227 EVP_PKEY_MD_add(NID_mdc2WithRSA,\
228 EVP_rsa_octet_string(),EVP_mdc2())
229#define EVP_dsa_sha() \
230 EVP_PKEY_MD_add(NID_dsaWithSHA,\
231 EVP_dsa(),EVP_mdc2())
232#define EVP_dsa_sha1() \
233 EVP_PKEY_MD_add(NID_dsaWithSHA1,\
234 EVP_dsa(),EVP_sha1())
235
236typedef struct evp_pkey_method_st
237 {
238 char *name;
239 int flags;
240 int type; /* RSA, DSA, an SSLeay specific constant */
241 int oid; /* For the pub-key type */
242 int encrypt_oid; /* pub/priv key encryption */
243
244 int (*sign)();
245 int (*verify)();
246 struct {
247 int (*set)(); /* get and/or set the underlying type */
248 int (*get)();
249 int (*encrypt)();
250 int (*decrypt)();
251 int (*i2d)();
252 int (*d2i)();
253 int (*dup)();
254 } pub,priv;
255 int (*set_asn1_parameters)();
256 int (*get_asn1_parameters)();
257 } EVP_PKEY_METHOD;
258#endif
259
260#ifndef EVP_MD
261typedef struct env_md_st
262 {
263 int type;
264 int pkey_type;
265 int md_size;
266 void (*init)();
267 void (*update)();
268 void (*final)();
269
270 int (*sign)();
271 int (*verify)();
272 int required_pkey_type[5]; /*EVP_PKEY_xxx */
273 int block_size;
274 int ctx_size; /* how big does the ctx need to be */
275 } EVP_MD;
276
277
278
279#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
280
281#ifndef NO_DSA
282#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
283 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
284 EVP_PKEY_DSA4,0}
285#else
286#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
287#endif
288
289#ifndef NO_RSA
290#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
291 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
292#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
293 RSA_sign_ASN1_OCTET_STRING, \
294 RSA_verify_ASN1_OCTET_STRING, \
295 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
296#else
297#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
298#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
299#endif
300
301#endif /* !EVP_MD */
302
303typedef struct env_md_ctx_st
304 {
305 const EVP_MD *digest;
306 union {
307 unsigned char base[4];
308#ifndef NO_MD2
309 MD2_CTX md2;
310#endif
311#ifndef NO_MD5
312 MD5_CTX md5;
313#endif
314#ifndef NO_MD4
315 MD4_CTX md4;
316#endif
317#ifndef NO_RIPEMD
318 RIPEMD160_CTX ripemd160;
319#endif
320#ifndef NO_SHA
321 SHA_CTX sha;
322#endif
323#ifndef NO_MDC2
324 MDC2_CTX mdc2;
325#endif
326 } md;
327 } EVP_MD_CTX;
328
329typedef struct evp_cipher_st EVP_CIPHER;
330typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
331
332struct evp_cipher_st
333 {
334 int nid;
335 int block_size;
336 int key_len; /* Default value for variable length ciphers */
337 int iv_len;
338 unsigned long flags; /* Various flags */
339 int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
340 const unsigned char *iv, int enc); /* init key */
341 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
342 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
343 int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
344 int ctx_size; /* how big the ctx needs to be */
345 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
346 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
347 int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
348 void *app_data; /* Application data */
349 };
350
351/* Values for cipher flags */
352
353/* Modes for ciphers */
354
355#define EVP_CIPH_STREAM_CIPHER 0x0
356#define EVP_CIPH_ECB_MODE 0x1
357#define EVP_CIPH_CBC_MODE 0x2
358#define EVP_CIPH_CFB_MODE 0x3
359#define EVP_CIPH_OFB_MODE 0x4
360#define EVP_CIPH_MODE 0x7
361/* Set if variable length cipher */
362#define EVP_CIPH_VARIABLE_LENGTH 0x8
363/* Set if the iv handling should be done by the cipher itself */
364#define EVP_CIPH_CUSTOM_IV 0x10
365/* Set if the cipher's init() function should be called if key is NULL */
366#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
367/* Call ctrl() to init cipher parameters */
368#define EVP_CIPH_CTRL_INIT 0x40
369/* Don't use standard key length function */
370#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
371
372/* ctrl() values */
373
374#define EVP_CTRL_INIT 0x0
375#define EVP_CTRL_SET_KEY_LENGTH 0x1
376#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
377#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
378#define EVP_CTRL_GET_RC5_ROUNDS 0x4
379#define EVP_CTRL_SET_RC5_ROUNDS 0x5
380
381typedef struct evp_cipher_info_st
382 {
383 const EVP_CIPHER *cipher;
384 unsigned char iv[EVP_MAX_IV_LENGTH];
385 } EVP_CIPHER_INFO;
386
387struct evp_cipher_ctx_st
388 {
389 const EVP_CIPHER *cipher;
390 int encrypt; /* encrypt or decrypt */
391 int buf_len; /* number we have left */
392
393 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
394 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
395 unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
396 int num; /* used by cfb/ofb mode */
397
398 void *app_data; /* application stuff */
399 int key_len; /* May change for variable length cipher */
400 union {
401#ifndef NO_RC4
402 struct
403 {
404 unsigned char key[EVP_RC4_KEY_SIZE];
405 RC4_KEY ks; /* working key */
406 } rc4;
407#endif
408#ifndef NO_DES
409 des_key_schedule des_ks;/* key schedule */
410 struct
411 {
412 des_key_schedule ks;/* key schedule */
413 des_cblock inw;
414 des_cblock outw;
415 } desx_cbc;
416 struct
417 {
418 des_key_schedule ks1;/* key schedule */
419 des_key_schedule ks2;/* key schedule (for ede) */
420 des_key_schedule ks3;/* key schedule (for ede3) */
421 } des_ede;
422#endif
423#ifndef NO_IDEA
424 IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
425#endif
426#ifndef NO_RC2
427 struct {
428 int key_bits; /* effective key bits */
429 RC2_KEY ks;/* key schedule */
430 } rc2;
431#endif
432#ifndef NO_RC5
433 struct {
434 int rounds; /* number of rounds */
435 RC5_32_KEY ks;/* key schedule */
436 } rc5;
437#endif
438#ifndef NO_BF
439 BF_KEY bf_ks;/* key schedule */
440#endif
441#ifndef NO_CAST
442 CAST_KEY cast_ks;/* key schedule */
443#endif
444 } c;
445 };
446
447typedef struct evp_Encode_Ctx_st
448 {
449 int num; /* number saved in a partial encode/decode */
450 int length; /* The length is either the output line length
451 * (in input bytes) or the shortest input line
452 * length that is ok. Once decoding begins,
453 * the length is adjusted up each time a longer
454 * line is decoded */
455 unsigned char enc_data[80]; /* data to encode */
456 int line_num; /* number read on current line */
457 int expect_nl;
458 } EVP_ENCODE_CTX;
459
460/* Password based encryption function */
461typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
462 ASN1_TYPE *param, EVP_CIPHER *cipher,
463 EVP_MD *md, int en_de);
464
465#ifndef NO_RSA
466#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
467 (char *)(rsa))
468#endif
469
470#ifndef NO_DSA
471#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
472 (char *)(dsa))
473#endif
474
475#ifndef NO_DH
476#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
477 (char *)(dh))
478#endif
479
480/* Add some extra combinations */
481#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
482#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
483#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
484#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
485
486#define EVP_MD_type(e) ((e)->type)
487#define EVP_MD_pkey_type(e) ((e)->pkey_type)
488#define EVP_MD_size(e) ((e)->md_size)
489#define EVP_MD_block_size(e) ((e)->block_size)
490
491#define EVP_MD_CTX_md(e) ((e)->digest)
492#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
493#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
494#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
495
496#define EVP_CIPHER_nid(e) ((e)->nid)
497#define EVP_CIPHER_block_size(e) ((e)->block_size)
498#define EVP_CIPHER_key_length(e) ((e)->key_len)
499#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
500#define EVP_CIPHER_flags(e) ((e)->flags)
501#define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
502
503#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
504#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
505#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
506#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
507#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
508#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
509#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
510#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
511#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
512#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
513
514#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
515#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
516
517#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
518#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
519#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
520#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
521#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
522#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
523
524#ifdef CONST_STRICT
525void BIO_set_md(BIO *,const EVP_MD *md);
526#else
527# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
528#endif
529#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
530#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
531#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
532#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
533
534#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
535
536#define EVP_add_cipher_alias(n,alias) \
537 OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
538#define EVP_add_digest_alias(n,alias) \
539 OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
540#define EVP_delete_cipher_alias(alias) \
541 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
542#define EVP_delete_digest_alias(alias) \
543 OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
544
545
546int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
547void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
548void EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
549 unsigned int cnt);
550void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
551
552int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
553void EVP_set_pw_prompt(char *prompt);
554char * EVP_get_pw_prompt(void);
555
556int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
557 const unsigned char *salt, const unsigned char *data, int datal,
558 int count, unsigned char *key, unsigned char *iv);
559
560int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
561 unsigned char *key, unsigned char *iv);
562int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
563 int *outl, unsigned char *in, int inl);
564int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
565
566int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
567 unsigned char *key, unsigned char *iv);
568int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
569 int *outl, unsigned char *in, int inl);
570int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
571
572int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
573 unsigned char *key,unsigned char *iv,int enc);
574int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
575 int *outl, unsigned char *in, int inl);
576int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
577
578int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
579 EVP_PKEY *pkey);
580
581int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
582 unsigned int siglen,EVP_PKEY *pkey);
583
584int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
585 int ekl,unsigned char *iv,EVP_PKEY *priv);
586int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
587
588int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
589 int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
590void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
591
592void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
593void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
594 int *outl,unsigned char *in,int inl);
595void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
596int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
597
598void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
599int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
600 unsigned char *in, int inl);
601int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
602 char *out, int *outl);
603int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
604
605void ERR_load_EVP_strings(void );
606
607void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
608int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
609int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
610int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
611
612#ifndef NO_BIO
613BIO_METHOD *BIO_f_md(void);
614BIO_METHOD *BIO_f_base64(void);
615BIO_METHOD *BIO_f_cipher(void);
616BIO_METHOD *BIO_f_reliable(void);
617void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
618 unsigned char *i, int enc);
619#endif
620
621EVP_MD *EVP_md_null(void);
622#ifndef NO_MD2
623EVP_MD *EVP_md2(void);
624#endif
625#ifndef NO_MD4
626EVP_MD *EVP_md4(void);
627#endif
628#ifndef NO_MD5
629EVP_MD *EVP_md5(void);
630#endif
631#ifndef NO_SHA
632EVP_MD *EVP_sha(void);
633EVP_MD *EVP_sha1(void);
634EVP_MD *EVP_dss(void);
635EVP_MD *EVP_dss1(void);
636#endif
637#ifndef NO_MDC2
638EVP_MD *EVP_mdc2(void);
639#endif
640#ifndef NO_RIPEMD
641EVP_MD *EVP_ripemd160(void);
642#endif
643EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
644#ifndef NO_DES
645EVP_CIPHER *EVP_des_ecb(void);
646EVP_CIPHER *EVP_des_ede(void);
647EVP_CIPHER *EVP_des_ede3(void);
648EVP_CIPHER *EVP_des_cfb(void);
649EVP_CIPHER *EVP_des_ede_cfb(void);
650EVP_CIPHER *EVP_des_ede3_cfb(void);
651EVP_CIPHER *EVP_des_ofb(void);
652EVP_CIPHER *EVP_des_ede_ofb(void);
653EVP_CIPHER *EVP_des_ede3_ofb(void);
654EVP_CIPHER *EVP_des_cbc(void);
655EVP_CIPHER *EVP_des_ede_cbc(void);
656EVP_CIPHER *EVP_des_ede3_cbc(void);
657EVP_CIPHER *EVP_desx_cbc(void);
658#endif
659#ifndef NO_RC4
660EVP_CIPHER *EVP_rc4(void);
661EVP_CIPHER *EVP_rc4_40(void);
662#endif
663#ifndef NO_IDEA
664EVP_CIPHER *EVP_idea_ecb(void);
665EVP_CIPHER *EVP_idea_cfb(void);
666EVP_CIPHER *EVP_idea_ofb(void);
667EVP_CIPHER *EVP_idea_cbc(void);
668#endif
669#ifndef NO_RC2
670EVP_CIPHER *EVP_rc2_ecb(void);
671EVP_CIPHER *EVP_rc2_cbc(void);
672EVP_CIPHER *EVP_rc2_40_cbc(void);
673EVP_CIPHER *EVP_rc2_64_cbc(void);
674EVP_CIPHER *EVP_rc2_cfb(void);
675EVP_CIPHER *EVP_rc2_ofb(void);
676#endif
677#ifndef NO_BF
678EVP_CIPHER *EVP_bf_ecb(void);
679EVP_CIPHER *EVP_bf_cbc(void);
680EVP_CIPHER *EVP_bf_cfb(void);
681EVP_CIPHER *EVP_bf_ofb(void);
682#endif
683#ifndef NO_CAST
684EVP_CIPHER *EVP_cast5_ecb(void);
685EVP_CIPHER *EVP_cast5_cbc(void);
686EVP_CIPHER *EVP_cast5_cfb(void);
687EVP_CIPHER *EVP_cast5_ofb(void);
688#endif
689#ifndef NO_RC5
690EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
691EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
692EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
693EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
694#endif
695void OpenSSL_add_all_algorithms(void);
696void OpenSSL_add_all_ciphers(void);
697void OpenSSL_add_all_digests(void);
698#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
699#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
700#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
701
702int EVP_add_cipher(EVP_CIPHER *cipher);
703int EVP_add_digest(EVP_MD *digest);
704
705const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
706const EVP_MD *EVP_get_digestbyname(const char *name);
707void EVP_cleanup(void);
708
709int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
710 int enc_key_len,EVP_PKEY *private_key);
711int EVP_PKEY_encrypt(unsigned char *enc_key,
712 unsigned char *key,int key_len,EVP_PKEY *pub_key);
713int EVP_PKEY_type(int type);
714int EVP_PKEY_bits(EVP_PKEY *pkey);
715int EVP_PKEY_size(EVP_PKEY *pkey);
716int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
717#ifndef NO_RSA
718int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
719RSA * EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
720#endif
721#ifndef NO_DSA
722int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
723DSA * EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
724#endif
725#ifndef NO_DH
726int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
727DH * EVP_PKEY_get1_DH(EVP_PKEY *pkey);
728#endif
729EVP_PKEY * EVP_PKEY_new(void);
730void EVP_PKEY_free(EVP_PKEY *pkey);
731EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
732 long length);
733int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
734
735EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
736 long length);
737EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
738 long length);
739int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
740
741int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
742int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
743int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
744int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
745
746int EVP_CIPHER_type(const EVP_CIPHER *ctx);
747
748/* calls methods */
749int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
750int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
751
752/* These are used by EVP_CIPHER methods */
753int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
754int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
755
756/* PKCS5 password based encryption */
757int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
758 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
759 int en_de);
760int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
761 unsigned char *salt, int saltlen, int iter,
762 int keylen, unsigned char *out);
763int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
764 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
765 int en_de);
766
767void PKCS5_PBE_add(void);
768
769int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
770 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
771int EVP_PBE_alg_add(int nid, EVP_CIPHER *cipher, EVP_MD *md,
772 EVP_PBE_KEYGEN *keygen);
773void EVP_PBE_cleanup(void);
774
775/* BEGIN ERROR CODES */
776/* The following lines are auto generated by the script mkerr.pl. Any changes
777 * made after this point may be overwritten when the script is next run.
778 */
779
780/* Error codes for the EVP functions. */
781
782/* Function codes. */
783#define EVP_F_D2I_PKEY 100
784#define EVP_F_EVP_CIPHERINIT 123
785#define EVP_F_EVP_CIPHER_CTX_CTRL 124
786#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
787#define EVP_F_EVP_DECRYPTFINAL 101
788#define EVP_F_EVP_MD_CTX_COPY 110
789#define EVP_F_EVP_OPENINIT 102
790#define EVP_F_EVP_PBE_ALG_ADD 115
791#define EVP_F_EVP_PBE_CIPHERINIT 116
792#define EVP_F_EVP_PKCS82PKEY 111
793#define EVP_F_EVP_PKCS8_SET_BROKEN 112
794#define EVP_F_EVP_PKEY2PKCS8 113
795#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
796#define EVP_F_EVP_PKEY_DECRYPT 104
797#define EVP_F_EVP_PKEY_ENCRYPT 105
798#define EVP_F_EVP_PKEY_GET1_DH 119
799#define EVP_F_EVP_PKEY_GET1_DSA 120
800#define EVP_F_EVP_PKEY_GET1_RSA 121
801#define EVP_F_EVP_PKEY_NEW 106
802#define EVP_F_EVP_SIGNFINAL 107
803#define EVP_F_EVP_VERIFYFINAL 108
804#define EVP_F_PKCS5_PBE_KEYIVGEN 117
805#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
806#define EVP_F_RC2_MAGIC_TO_METH 109
807#define EVP_F_RC5_CTRL 125
808
809/* Reason codes. */
810#define EVP_R_BAD_DECRYPT 100
811#define EVP_R_BN_DECODE_ERROR 112
812#define EVP_R_BN_PUBKEY_ERROR 113
813#define EVP_R_CIPHER_PARAMETER_ERROR 122
814#define EVP_R_CTRL_NOT_IMPLEMENTED 132
815#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
816#define EVP_R_DECODE_ERROR 114
817#define EVP_R_DIFFERENT_KEY_TYPES 101
818#define EVP_R_ENCODE_ERROR 115
819#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
820#define EVP_R_EXPECTING_AN_RSA_KEY 127
821#define EVP_R_EXPECTING_A_DH_KEY 128
822#define EVP_R_EXPECTING_A_DSA_KEY 129
823#define EVP_R_INITIALIZATION_ERROR 134
824#define EVP_R_INPUT_NOT_INITIALIZED 111
825#define EVP_R_INVALID_KEY_LENGTH 130
826#define EVP_R_IV_TOO_LARGE 102
827#define EVP_R_KEYGEN_FAILURE 120
828#define EVP_R_MISSING_PARAMETERS 103
829#define EVP_R_NO_CIPHER_SET 131
830#define EVP_R_NO_DSA_PARAMETERS 116
831#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
832#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
833#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
834#define EVP_R_PUBLIC_KEY_NOT_RSA 106
835#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
836#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
837#define EVP_R_UNSUPPORTED_CIPHER 107
838#define EVP_R_UNSUPPORTED_KEYLENGTH 123
839#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
840#define EVP_R_UNSUPPORTED_KEY_SIZE 108
841#define EVP_R_UNSUPPORTED_PRF 125
842#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
843#define EVP_R_UNSUPPORTED_SALT_TYPE 126
844#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
845#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
846
847#ifdef __cplusplus
848}
849#endif
850#endif
851
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
deleted file mode 100644
index e2687f9879..0000000000
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ /dev/null
@@ -1,341 +0,0 @@
1/* crypto/evp/evp_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/err.h>
63#include "evp_locl.h"
64
65const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
66
67void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
68 {
69 memset(ctx,0,sizeof(EVP_CIPHER_CTX));
70 /* ctx->cipher=NULL; */
71 }
72
73int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
74 unsigned char *key, unsigned char *iv, int enc)
75 {
76 if(enc && (enc != -1)) enc = 1;
77 if (cipher) {
78 ctx->cipher=cipher;
79 ctx->key_len = cipher->key_len;
80 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
81 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
82 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
83 return 0;
84 }
85 }
86 } else if(!ctx->cipher) {
87 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
88 return 0;
89 }
90 if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
91 switch(EVP_CIPHER_CTX_mode(ctx)) {
92
93 case EVP_CIPH_STREAM_CIPHER:
94 case EVP_CIPH_ECB_MODE:
95 break;
96
97 case EVP_CIPH_CFB_MODE:
98 case EVP_CIPH_OFB_MODE:
99
100 ctx->num = 0;
101
102 case EVP_CIPH_CBC_MODE:
103
104 if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
105 memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
106 break;
107
108 default:
109 return 0;
110 break;
111 }
112 }
113
114 if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
115 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
116 }
117 if(enc != -1) ctx->encrypt=enc;
118 ctx->buf_len=0;
119 return 1;
120 }
121
122int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
123 unsigned char *in, int inl)
124 {
125 if (ctx->encrypt)
126 return EVP_EncryptUpdate(ctx,out,outl,in,inl);
127 else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
128 }
129
130int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
131 {
132 if (ctx->encrypt)
133 return EVP_EncryptFinal(ctx,out,outl);
134 else return(EVP_DecryptFinal(ctx,out,outl));
135 }
136
137int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
138 unsigned char *key, unsigned char *iv)
139 {
140 return EVP_CipherInit(ctx, cipher, key, iv, 1);
141 }
142
143int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
144 unsigned char *key, unsigned char *iv)
145 {
146 return EVP_CipherInit(ctx, cipher, key, iv, 0);
147 }
148
149
150int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
151 unsigned char *in, int inl)
152 {
153 int i,j,bl;
154
155 i=ctx->buf_len;
156 bl=ctx->cipher->block_size;
157 *outl=0;
158 if ((inl == 0) && (i != bl)) return 1;
159 if (i != 0)
160 {
161 if (i+inl < bl)
162 {
163 memcpy(&(ctx->buf[i]),in,inl);
164 ctx->buf_len+=inl;
165 return 1;
166 }
167 else
168 {
169 j=bl-i;
170 if (j != 0) memcpy(&(ctx->buf[i]),in,j);
171 if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
172 inl-=j;
173 in+=j;
174 out+=bl;
175 *outl+=bl;
176 }
177 }
178 i=inl%bl; /* how much is left */
179 inl-=i;
180 if (inl > 0)
181 {
182 if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
183 *outl+=inl;
184 }
185
186 if (i != 0)
187 memcpy(ctx->buf,&(in[inl]),i);
188 ctx->buf_len=i;
189 return 1;
190 }
191
192int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
193 {
194 int i,n,b,bl;
195
196 b=ctx->cipher->block_size;
197 if (b == 1)
198 {
199 *outl=0;
200 return 1;
201 }
202 bl=ctx->buf_len;
203 n=b-bl;
204 for (i=bl; i<b; i++)
205 ctx->buf[i]=n;
206 if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,b)) return 0;
207 *outl=b;
208 return 1;
209 }
210
211int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
212 unsigned char *in, int inl)
213 {
214 int b,bl,n;
215 int keep_last=0;
216
217 *outl=0;
218 if (inl == 0) return 1;
219
220 b=ctx->cipher->block_size;
221 if (b > 1)
222 {
223 /* Is the input a multiple of the block size? */
224 bl=ctx->buf_len;
225 n=inl+bl;
226 if (n%b == 0)
227 {
228 if (inl < b) /* must be 'just one' buff */
229 {
230 memcpy(&(ctx->buf[bl]),in,inl);
231 ctx->buf_len=b;
232 *outl=0;
233 return 1;
234 }
235 keep_last=1;
236 inl-=b; /* don't do the last block */
237 }
238 }
239 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) return 0;
240
241 /* if we have 'decrypted' a multiple of block size, make sure
242 * we have a copy of this last block */
243 if (keep_last)
244 {
245 memcpy(&(ctx->buf[0]),&(in[inl]),b);
246#ifdef DEBUG
247 if (ctx->buf_len != 0)
248 {
249 abort();
250 }
251#endif
252 ctx->buf_len=b;
253 }
254 return 1;
255 }
256
257int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
258 {
259 int i,b;
260 int n;
261
262 *outl=0;
263 b=ctx->cipher->block_size;
264 if (b > 1)
265 {
266 if (ctx->buf_len != b)
267 {
268 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
269 return(0);
270 }
271 if(!EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0)) return 0;
272 if (n != b)
273 return(0);
274 n=ctx->buf[b-1];
275 if (n > b)
276 {
277 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
278 return(0);
279 }
280 for (i=0; i<n; i++)
281 {
282 if (ctx->buf[--b] != n)
283 {
284 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
285 return(0);
286 }
287 }
288 n=ctx->cipher->block_size-n;
289 for (i=0; i<n; i++)
290 out[i]=ctx->buf[i];
291 *outl=n;
292 }
293 else
294 *outl=0;
295 return(1);
296 }
297
298int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
299 {
300 if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
301 {
302 if(!c->cipher->cleanup(c)) return 0;
303 }
304 memset(c,0,sizeof(EVP_CIPHER_CTX));
305 return 1;
306 }
307
308int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
309 {
310 if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
311 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
312 if(c->key_len == keylen) return 1;
313 if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
314 {
315 c->key_len = keylen;
316 return 1;
317 }
318 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
319 return 0;
320 }
321
322int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
323{
324 int ret;
325 if(!ctx->cipher) {
326 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
327 return 0;
328 }
329
330 if(!ctx->cipher->ctrl) {
331 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
332 return 0;
333 }
334
335 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
336 if(ret == -1) {
337 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
338 return 0;
339 }
340 return ret;
341}
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
deleted file mode 100644
index a01412a07c..0000000000
--- a/src/lib/libcrypto/evp/evp_err.c
+++ /dev/null
@@ -1,153 +0,0 @@
1/* crypto/evp/evp_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/evp.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA EVP_str_functs[]=
68 {
69{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
70{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"},
71{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"},
72{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"},
73{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"},
74{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"},
75{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"},
76{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0), "EVP_PBE_alg_add"},
77{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0), "EVP_PBE_CipherInit"},
78{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0), "EVP_PKCS82PKEY"},
79{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0), "EVP_PKCS8_SET_BROKEN"},
80{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0), "EVP_PKEY2PKCS8"},
81{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
82{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"},
83{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
84{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"},
85{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
86{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
87{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
88{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
89{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
90{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"},
91{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"},
92{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"},
93{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"},
94{0,NULL}
95 };
96
97static ERR_STRING_DATA EVP_str_reasons[]=
98 {
99{EVP_R_BAD_DECRYPT ,"bad decrypt"},
100{EVP_R_BN_DECODE_ERROR ,"bn decode error"},
101{EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"},
102{EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"},
103{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"},
104{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"},
105{EVP_R_DECODE_ERROR ,"decode error"},
106{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"},
107{EVP_R_ENCODE_ERROR ,"encode error"},
108{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"},
109{EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"},
110{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"},
111{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"},
112{EVP_R_INITIALIZATION_ERROR ,"initialization error"},
113{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
114{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"},
115{EVP_R_IV_TOO_LARGE ,"iv too large"},
116{EVP_R_KEYGEN_FAILURE ,"keygen failure"},
117{EVP_R_MISSING_PARAMETERS ,"missing parameters"},
118{EVP_R_NO_CIPHER_SET ,"no cipher set"},
119{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"},
120{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
121{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
122{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"},
123{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
124{EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"},
125{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"},
126{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
127{EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"},
128{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"},
129{EVP_R_UNSUPPORTED_KEY_SIZE ,"unsupported key size"},
130{EVP_R_UNSUPPORTED_PRF ,"unsupported prf"},
131{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"},
132{EVP_R_UNSUPPORTED_SALT_TYPE ,"unsupported salt type"},
133{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"},
134{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"},
135{0,NULL}
136 };
137
138#endif
139
140void ERR_load_EVP_strings(void)
141 {
142 static int init=1;
143
144 if (init)
145 {
146 init=0;
147#ifndef NO_ERR
148 ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
149 ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
150#endif
151
152 }
153 }
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
deleted file mode 100644
index e7434ef9b2..0000000000
--- a/src/lib/libcrypto/evp/evp_key.c
+++ /dev/null
@@ -1,159 +0,0 @@
1/* crypto/evp/evp_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64
65/* should be init to zeros. */
66static char prompt_string[80];
67
68void EVP_set_pw_prompt(char *prompt)
69 {
70 if (prompt == NULL)
71 prompt_string[0]='\0';
72 else
73 strncpy(prompt_string,prompt,79);
74 }
75
76char *EVP_get_pw_prompt(void)
77 {
78 if (prompt_string[0] == '\0')
79 return(NULL);
80 else
81 return(prompt_string);
82 }
83
84/* For historical reasons, the standard function for reading passwords is
85 * in the DES library -- if someone ever wants to disable DES,
86 * this function will fail */
87int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
88 {
89#ifndef NO_DES
90 if ((prompt == NULL) && (prompt_string[0] != '\0'))
91 prompt=prompt_string;
92 return(des_read_pw_string(buf,len,prompt,verify));
93#else
94 return -1;
95#endif
96 }
97
98int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
99 const unsigned char *salt, const unsigned char *data, int datal,
100 int count, unsigned char *key, unsigned char *iv)
101 {
102 EVP_MD_CTX c;
103 unsigned char md_buf[EVP_MAX_MD_SIZE];
104 int niv,nkey,addmd=0;
105 unsigned int mds=0,i;
106
107 nkey=type->key_len;
108 niv=type->iv_len;
109
110 if (data == NULL) return(nkey);
111
112 for (;;)
113 {
114 EVP_DigestInit(&c,md);
115 if (addmd++)
116 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
117 EVP_DigestUpdate(&c,data,datal);
118 if (salt != NULL)
119 EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
120 EVP_DigestFinal(&c,&(md_buf[0]),&mds);
121
122 for (i=1; i<(unsigned int)count; i++)
123 {
124 EVP_DigestInit(&c,md);
125 EVP_DigestUpdate(&c,&(md_buf[0]),mds);
126 EVP_DigestFinal(&c,&(md_buf[0]),&mds);
127 }
128 i=0;
129 if (nkey)
130 {
131 for (;;)
132 {
133 if (nkey == 0) break;
134 if (i == mds) break;
135 if (key != NULL)
136 *(key++)=md_buf[i];
137 nkey--;
138 i++;
139 }
140 }
141 if (niv && (i != mds))
142 {
143 for (;;)
144 {
145 if (niv == 0) break;
146 if (i == mds) break;
147 if (iv != NULL)
148 *(iv++)=md_buf[i];
149 niv--;
150 i++;
151 }
152 }
153 if ((nkey == 0) && (niv == 0)) break;
154 }
155 memset(&c,0,sizeof(c));
156 memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
157 return(type->key_len);
158 }
159
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
deleted file mode 100644
index a431945ef5..0000000000
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ /dev/null
@@ -1,142 +0,0 @@
1/* crypto/evp/evp_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63
64int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
65 {
66 int ret;
67
68 if (c->cipher->set_asn1_parameters != NULL)
69 ret=c->cipher->set_asn1_parameters(c,type);
70 else
71 ret=1;
72 return(ret);
73 }
74
75int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
76 {
77 int ret;
78
79 if (c->cipher->get_asn1_parameters != NULL)
80 ret=c->cipher->get_asn1_parameters(c,type);
81 else
82 ret=1;
83 return(ret);
84 }
85
86int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
87 {
88 int i=0,l;
89
90 if (type != NULL)
91 {
92 l=EVP_CIPHER_CTX_iv_length(c);
93 i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
94 if (i != l)
95 return(-1);
96 else if (i > 0)
97 memcpy(c->iv,c->oiv,l);
98 }
99 return(i);
100 }
101
102int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
103 {
104 int i=0,j;
105
106 if (type != NULL)
107 {
108 j=EVP_CIPHER_CTX_iv_length(c);
109 i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
110 }
111 return(i);
112 }
113
114/* Convert the various cipher NIDs and dummies to a proper OID NID */
115int EVP_CIPHER_type(const EVP_CIPHER *ctx)
116{
117 int nid;
118 ASN1_OBJECT *otmp;
119 nid = EVP_CIPHER_nid(ctx);
120
121 switch(nid) {
122
123 case NID_rc2_cbc:
124 case NID_rc2_64_cbc:
125 case NID_rc2_40_cbc:
126
127 return NID_rc2_cbc;
128
129 case NID_rc4:
130 case NID_rc4_40:
131
132 return NID_rc4;
133
134 default:
135 /* Check it has an OID and it is valid */
136 otmp = OBJ_nid2obj(nid);
137 if(!otmp || !otmp->data) nid = NID_undef;
138 ASN1_OBJECT_free(otmp);
139 return nid;
140 }
141}
142
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
deleted file mode 100644
index ce49d5b7d8..0000000000
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ /dev/null
@@ -1,168 +0,0 @@
1/* evp_locl.h */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Macros to code block cipher wrappers */
60
61/* Wrapper functions for each cipher mode */
62
63#define BLOCK_CIPHER_ecb_loop() \
64 unsigned int i; \
65 if(inl < 8) return 1;\
66 inl -= 8; \
67 for(i=0; i <= inl; i+=8) \
68
69#define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
70static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
71{\
72 BLOCK_CIPHER_ecb_loop() \
73 cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.kname, ctx->encrypt);\
74 return 1;\
75}
76
77#define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \
78static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
79{\
80 cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num);\
81 return 1;\
82}
83
84#define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
85static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
86{\
87 cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, ctx->encrypt);\
88 return 1;\
89}
90
91#define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
92static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
93{\
94 cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num, ctx->encrypt);\
95 return 1;\
96}
97
98#define BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
99 BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
100 BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
101 BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
102 BLOCK_CIPHER_func_ofb(cname, cprefix, kname)
103
104#define BLOCK_CIPHER_defs(cname, kstruct, \
105 nid, block_size, key_len, iv_len, flags,\
106 init_key, cleanup, set_asn1, get_asn1, ctrl)\
107static EVP_CIPHER cname##_cbc = {\
108 nid##_cbc, block_size, key_len, iv_len, \
109 flags | EVP_CIPH_CBC_MODE,\
110 init_key,\
111 cname##_cbc_cipher,\
112 cleanup,\
113 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
114 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
115 set_asn1, get_asn1,\
116 ctrl, \
117 NULL \
118};\
119EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
120static EVP_CIPHER cname##_cfb = {\
121 nid##_cfb64, 1, key_len, iv_len, \
122 flags | EVP_CIPH_CFB_MODE,\
123 init_key,\
124 cname##_cfb_cipher,\
125 cleanup,\
126 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
127 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
128 set_asn1, get_asn1,\
129 ctrl,\
130 NULL \
131};\
132EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
133static EVP_CIPHER cname##_ofb = {\
134 nid##_ofb64, 1, key_len, iv_len, \
135 flags | EVP_CIPH_OFB_MODE,\
136 init_key,\
137 cname##_ofb_cipher,\
138 cleanup,\
139 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
140 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
141 set_asn1, get_asn1,\
142 ctrl,\
143 NULL \
144};\
145EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
146static EVP_CIPHER cname##_ecb = {\
147 nid##_ecb, block_size, key_len, iv_len, \
148 flags | EVP_CIPH_ECB_MODE,\
149 init_key,\
150 cname##_ecb_cipher,\
151 cleanup,\
152 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
153 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
154 set_asn1, get_asn1,\
155 ctrl,\
156 NULL \
157};\
158EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
159
160
161
162#define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \
163 nid, block_size, key_len, iv_len, flags, \
164 init_key, cleanup, set_asn1, get_asn1, ctrl) \
165 BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
166 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, flags,\
167 init_key, cleanup, set_asn1, get_asn1, ctrl)
168
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
deleted file mode 100644
index 224a422b12..0000000000
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,136 +0,0 @@
1/* evp_pbe.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <openssl/evp.h>
61#include <openssl/x509.h>
62#include "cryptlib.h"
63
64/* Password based encryption (PBE) functions */
65
66static STACK *pbe_algs;
67
68/* Setup a cipher context from a PBE algorithm */
69
70typedef struct {
71int pbe_nid;
72EVP_CIPHER *cipher;
73EVP_MD *md;
74EVP_PBE_KEYGEN *keygen;
75} EVP_PBE_CTL;
76
77int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
78 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
79{
80
81 EVP_PBE_CTL *pbetmp, pbelu;
82 int i;
83 pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
84 if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
85 else i = -1;
86
87 if (i == -1) {
88 char obj_tmp[80];
89 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
90 if (!pbe_obj) strcpy (obj_tmp, "NULL");
91 else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj);
92 ERR_add_error_data(2, "TYPE=", obj_tmp);
93 return 0;
94 }
95 if(!pass) passlen = 0;
96 else if (passlen == -1) passlen = strlen(pass);
97 pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
98 i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
99 pbetmp->md, en_de);
100 if (!i) {
101 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
102 return 0;
103 }
104 return 1;
105}
106
107static int pbe_cmp(const char * const *a, const char * const *b)
108{
109 EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b;
110 return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
111}
112
113/* Add a PBE algorithm */
114
115int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md,
116 EVP_PBE_KEYGEN *keygen)
117{
118 EVP_PBE_CTL *pbe_tmp;
119 if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);
120 if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {
121 EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
122 return 0;
123 }
124 pbe_tmp->pbe_nid = nid;
125 pbe_tmp->cipher = cipher;
126 pbe_tmp->md = md;
127 pbe_tmp->keygen = keygen;
128 sk_push (pbe_algs, (char *)pbe_tmp);
129 return 1;
130}
131
132void EVP_PBE_cleanup(void)
133{
134 sk_pop_free(pbe_algs, OPENSSL_freeFunc);
135 pbe_algs = NULL;
136}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
deleted file mode 100644
index 8df2874f3c..0000000000
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,408 +0,0 @@
1/* evp_pkey.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "cryptlib.h"
62#include <openssl/x509.h>
63#include <openssl/rand.h>
64
65static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
66
67/* Extract a private key from a PKCS8 structure */
68
69EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
70{
71 EVP_PKEY *pkey = NULL;
72#ifndef NO_RSA
73 RSA *rsa = NULL;
74#endif
75#ifndef NO_DSA
76 DSA *dsa = NULL;
77 ASN1_INTEGER *privkey;
78 ASN1_TYPE *t1, *t2, *param = NULL;
79 STACK_OF(ASN1_TYPE) *ndsa = NULL;
80 BN_CTX *ctx = NULL;
81 int plen;
82#endif
83 X509_ALGOR *a;
84 unsigned char *p;
85 int pkeylen;
86 char obj_tmp[80];
87
88 if(p8->pkey->type == V_ASN1_OCTET_STRING) {
89 p8->broken = PKCS8_OK;
90 p = p8->pkey->value.octet_string->data;
91 pkeylen = p8->pkey->value.octet_string->length;
92 } else {
93 p8->broken = PKCS8_NO_OCTET;
94 p = p8->pkey->value.sequence->data;
95 pkeylen = p8->pkey->value.sequence->length;
96 }
97 if (!(pkey = EVP_PKEY_new())) {
98 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
99 return NULL;
100 }
101 a = p8->pkeyalg;
102 switch (OBJ_obj2nid(a->algorithm))
103 {
104#ifndef NO_RSA
105 case NID_rsaEncryption:
106 if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) {
107 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
108 return NULL;
109 }
110 EVP_PKEY_assign_RSA (pkey, rsa);
111 break;
112#endif
113#ifndef NO_DSA
114 case NID_dsa:
115 /* PKCS#8 DSA is weird: you just get a private key integer
116 * and parameters in the AlgorithmIdentifier the pubkey must
117 * be recalculated.
118 */
119
120 /* Check for broken DSA PKCS#8, UGH! */
121 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
122 if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen,
123 d2i_ASN1_TYPE,
124 ASN1_TYPE_free))) {
125 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
126 goto dsaerr;
127 }
128 if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
129 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
130 goto dsaerr;
131 }
132 /* Handle Two broken types:
133 * SEQUENCE {parameters, priv_key}
134 * SEQUENCE {pub_key, priv_key}
135 */
136
137 t1 = sk_ASN1_TYPE_value(ndsa, 0);
138 t2 = sk_ASN1_TYPE_value(ndsa, 1);
139 if(t1->type == V_ASN1_SEQUENCE) {
140 p8->broken = PKCS8_EMBEDDED_PARAM;
141 param = t1;
142 } else if(a->parameter->type == V_ASN1_SEQUENCE) {
143 p8->broken = PKCS8_NS_DB;
144 param = a->parameter;
145 } else {
146 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
147 goto dsaerr;
148 }
149
150 if(t2->type != V_ASN1_INTEGER) {
151 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
152 goto dsaerr;
153 }
154 privkey = t2->value.integer;
155 } else {
156 if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
157 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
158 goto dsaerr;
159 }
160 param = p8->pkeyalg->parameter;
161 }
162 if (!param || (param->type != V_ASN1_SEQUENCE)) {
163 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
164 goto dsaerr;
165 }
166 p = param->value.sequence->data;
167 plen = param->value.sequence->length;
168 if (!(dsa = d2i_DSAparams (NULL, &p, plen))) {
169 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
170 goto dsaerr;
171 }
172 /* We have parameters now set private key */
173 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
174 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
175 goto dsaerr;
176 }
177 /* Calculate public key (ouch!) */
178 if (!(dsa->pub_key = BN_new())) {
179 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
180 goto dsaerr;
181 }
182 if (!(ctx = BN_CTX_new())) {
183 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
184 goto dsaerr;
185 }
186
187 if (!BN_mod_exp(dsa->pub_key, dsa->g,
188 dsa->priv_key, dsa->p, ctx)) {
189
190 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
191 goto dsaerr;
192 }
193
194 EVP_PKEY_assign_DSA(pkey, dsa);
195 BN_CTX_free (ctx);
196 if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
197 else ASN1_INTEGER_free(privkey);
198 break;
199 dsaerr:
200 BN_CTX_free (ctx);
201 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
202 DSA_free(dsa);
203 EVP_PKEY_free(pkey);
204 return NULL;
205 break;
206#endif
207 default:
208 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
209 if (!a->algorithm) strcpy (obj_tmp, "NULL");
210 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
211 ERR_add_error_data(2, "TYPE=", obj_tmp);
212 EVP_PKEY_free (pkey);
213 return NULL;
214 }
215 return pkey;
216}
217
218PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
219{
220 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
221}
222
223/* Turn a private key into a PKCS8 structure */
224
225PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
226{
227 PKCS8_PRIV_KEY_INFO *p8;
228
229 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
230 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
231 return NULL;
232 }
233 p8->broken = broken;
234 ASN1_INTEGER_set (p8->version, 0);
235 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
236 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
237 PKCS8_PRIV_KEY_INFO_free (p8);
238 return NULL;
239 }
240 p8->pkey->type = V_ASN1_OCTET_STRING;
241 switch (EVP_PKEY_type(pkey->type)) {
242#ifndef NO_RSA
243 case EVP_PKEY_RSA:
244
245 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
246
247 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
248 p8->pkeyalg->parameter->type = V_ASN1_NULL;
249 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
250 &p8->pkey->value.octet_string)) {
251 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
252 PKCS8_PRIV_KEY_INFO_free (p8);
253 return NULL;
254 }
255 break;
256#endif
257#ifndef NO_DSA
258 case EVP_PKEY_DSA:
259 if(!dsa_pkey2pkcs8(p8, pkey)) {
260 PKCS8_PRIV_KEY_INFO_free (p8);
261 return NULL;
262 }
263
264 break;
265#endif
266 default:
267 EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
268 PKCS8_PRIV_KEY_INFO_free (p8);
269 return NULL;
270 }
271 RAND_add(p8->pkey->value.octet_string->data,
272 p8->pkey->value.octet_string->length, 0);
273 return p8;
274}
275
276PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
277{
278 switch (broken) {
279
280 case PKCS8_OK:
281 p8->broken = PKCS8_OK;
282 return p8;
283 break;
284
285 case PKCS8_NO_OCTET:
286 p8->broken = PKCS8_NO_OCTET;
287 p8->pkey->type = V_ASN1_SEQUENCE;
288 return p8;
289 break;
290
291 default:
292 EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
293 return NULL;
294 break;
295
296 }
297}
298
299#ifndef NO_DSA
300static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
301{
302 ASN1_STRING *params;
303 ASN1_INTEGER *prkey;
304 ASN1_TYPE *ttmp;
305 STACK_OF(ASN1_TYPE) *ndsa;
306 unsigned char *p, *q;
307 int len;
308
309 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
310 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
311 if (!(p = OPENSSL_malloc(len))) {
312 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
313 PKCS8_PRIV_KEY_INFO_free (p8);
314 return 0;
315 }
316 q = p;
317 i2d_DSAparams (pkey->pkey.dsa, &q);
318 params = ASN1_STRING_new();
319 ASN1_STRING_set(params, p, len);
320 OPENSSL_free(p);
321 /* Get private key into integer */
322 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
323 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
324 return 0;
325 }
326
327 switch(p8->broken) {
328
329 case PKCS8_OK:
330 case PKCS8_NO_OCTET:
331
332 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
333 &p8->pkey->value.octet_string)) {
334 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
335 M_ASN1_INTEGER_free (prkey);
336 return 0;
337 }
338
339 M_ASN1_INTEGER_free (prkey);
340 p8->pkeyalg->parameter->value.sequence = params;
341 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
342
343 break;
344
345 case PKCS8_NS_DB:
346
347 p8->pkeyalg->parameter->value.sequence = params;
348 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
349 ndsa = sk_ASN1_TYPE_new_null();
350 ttmp = ASN1_TYPE_new();
351 if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
352 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
353 PKCS8_PRIV_KEY_INFO_free(p8);
354 return 0;
355 }
356 ttmp->type = V_ASN1_INTEGER;
357 sk_ASN1_TYPE_push(ndsa, ttmp);
358
359 ttmp = ASN1_TYPE_new();
360 ttmp->value.integer = prkey;
361 ttmp->type = V_ASN1_INTEGER;
362 sk_ASN1_TYPE_push(ndsa, ttmp);
363
364 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
365
366 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
367 &p8->pkey->value.octet_string->data,
368 &p8->pkey->value.octet_string->length)) {
369
370 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
371 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
372 M_ASN1_INTEGER_free(prkey);
373 return 0;
374 }
375 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
376 break;
377
378 case PKCS8_EMBEDDED_PARAM:
379
380 p8->pkeyalg->parameter->type = V_ASN1_NULL;
381 ndsa = sk_ASN1_TYPE_new_null();
382 ttmp = ASN1_TYPE_new();
383 ttmp->value.sequence = params;
384 ttmp->type = V_ASN1_SEQUENCE;
385 sk_ASN1_TYPE_push(ndsa, ttmp);
386
387 ttmp = ASN1_TYPE_new();
388 ttmp->value.integer = prkey;
389 ttmp->type = V_ASN1_INTEGER;
390 sk_ASN1_TYPE_push(ndsa, ttmp);
391
392 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
393
394 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
395 &p8->pkey->value.octet_string->data,
396 &p8->pkey->value.octet_string->length)) {
397
398 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
399 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
400 M_ASN1_INTEGER_free (prkey);
401 return 0;
402 }
403 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
404 break;
405 }
406 return 1;
407}
408#endif
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
deleted file mode 100644
index 8ea826868e..0000000000
--- a/src/lib/libcrypto/evp/m_dss.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/evp/m_dss.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65#ifndef NO_SHA
66static EVP_MD dsa_md=
67 {
68 NID_dsaWithSHA,
69 NID_dsaWithSHA,
70 SHA_DIGEST_LENGTH,
71 SHA1_Init,
72 SHA1_Update,
73 SHA1_Final,
74 EVP_PKEY_DSA_method,
75 SHA_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(SHA_CTX),
77 };
78
79EVP_MD *EVP_dss(void)
80 {
81 return(&dsa_md);
82 }
83#endif
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
deleted file mode 100644
index 9d8d1ce23e..0000000000
--- a/src/lib/libcrypto/evp/m_dss1.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/evp/m_dss1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SHA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66static EVP_MD dss1_md=
67 {
68 NID_dsa,
69 NID_dsaWithSHA1,
70 SHA_DIGEST_LENGTH,
71 SHA1_Init,
72 SHA1_Update,
73 SHA1_Final,
74 EVP_PKEY_DSA_method,
75 SHA_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(SHA_CTX),
77 };
78
79EVP_MD *EVP_dss1(void)
80 {
81 return(&dss1_md);
82 }
83#endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
deleted file mode 100644
index 6a24ceb86d..0000000000
--- a/src/lib/libcrypto/evp/m_md4.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/evp/m_md4.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_MD4
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66static EVP_MD md4_md=
67 {
68 NID_md4,
69 0,
70 MD4_DIGEST_LENGTH,
71 MD4_Init,
72 MD4_Update,
73 MD4_Final,
74 EVP_PKEY_RSA_method,
75 MD4_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(MD4_CTX),
77 };
78
79EVP_MD *EVP_md4(void)
80 {
81 return(&md4_md);
82 }
83#endif
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
deleted file mode 100644
index 9fc9530127..0000000000
--- a/src/lib/libcrypto/evp/m_md5.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/evp/m_md5.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_MD5
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66static EVP_MD md5_md=
67 {
68 NID_md5,
69 NID_md5WithRSAEncryption,
70 MD5_DIGEST_LENGTH,
71 MD5_Init,
72 MD5_Update,
73 MD5_Final,
74 EVP_PKEY_RSA_method,
75 MD5_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(MD5_CTX),
77 };
78
79EVP_MD *EVP_md5(void)
80 {
81 return(&md5_md);
82 }
83#endif
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
deleted file mode 100644
index e2dadf3dab..0000000000
--- a/src/lib/libcrypto/evp/m_null.c
+++ /dev/null
@@ -1,88 +0,0 @@
1/* crypto/evp/m_null.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65static void function(void)
66 {
67 }
68
69static EVP_MD null_md=
70 {
71 NID_undef,
72 NID_undef,
73 0,
74 function,
75 function,
76 function,
77
78 EVP_PKEY_NULL_method,
79 0,
80 sizeof(EVP_MD *),
81 };
82
83EVP_MD *EVP_md_null(void)
84 {
85 return(&null_md);
86 }
87
88
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
deleted file mode 100644
index 3d781a4e8d..0000000000
--- a/src/lib/libcrypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,84 +0,0 @@
1/* crypto/evp/m_ripemd.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RIPEMD
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/ripemd.h>
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66
67static EVP_MD ripemd160_md=
68 {
69 NID_ripemd160,
70 NID_ripemd160WithRSA,
71 RIPEMD160_DIGEST_LENGTH,
72 RIPEMD160_Init,
73 RIPEMD160_Update,
74 RIPEMD160_Final,
75 EVP_PKEY_RSA_method,
76 RIPEMD160_CBLOCK,
77 sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
78 };
79
80EVP_MD *EVP_ripemd160(void)
81 {
82 return(&ripemd160_md);
83 }
84#endif
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
deleted file mode 100644
index 57a1ab0cce..0000000000
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/evp/m_sha1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SHA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66static EVP_MD sha1_md=
67 {
68 NID_sha1,
69 NID_sha1WithRSAEncryption,
70 SHA_DIGEST_LENGTH,
71 SHA1_Init,
72 SHA1_Update,
73 SHA1_Final,
74 EVP_PKEY_RSA_method,
75 SHA_CBLOCK,
76 sizeof(EVP_MD *)+sizeof(SHA_CTX),
77 };
78
79EVP_MD *EVP_sha1(void)
80 {
81 return(&sha1_md);
82 }
83#endif
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
deleted file mode 100644
index 620f43feaa..0000000000
--- a/src/lib/libcrypto/evp/names.c
+++ /dev/null
@@ -1,123 +0,0 @@
1/* crypto/evp/names.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int EVP_add_cipher(EVP_CIPHER *c)
66 {
67 int r;
68
69 r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
70 if (r == 0) return(0);
71 r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
72 return(r);
73 }
74
75int EVP_add_digest(EVP_MD *md)
76 {
77 int r;
78 const char *name;
79
80 name=OBJ_nid2sn(md->type);
81 r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md);
82 if (r == 0) return(0);
83 r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md);
84 if (r == 0) return(0);
85
86 if (md->type != md->pkey_type)
87 {
88 r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
89 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
90 if (r == 0) return(0);
91 r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
92 OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
93 }
94 return(r);
95 }
96
97const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
98 {
99 const EVP_CIPHER *cp;
100
101 cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH);
102 return(cp);
103 }
104
105const EVP_MD *EVP_get_digestbyname(const char *name)
106 {
107 const EVP_MD *cp;
108
109 cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH);
110 return(cp);
111 }
112
113void EVP_cleanup(void)
114 {
115 OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
116 OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
117 /* The above calls will only clean out the contents of the name
118 hash table, but not the hash table itself. The following line
119 does that part. -- Richard Levitte */
120 OBJ_NAME_cleanup(-1);
121
122 EVP_PBE_cleanup();
123 }
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
deleted file mode 100644
index 6bfa2c5acb..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,149 +0,0 @@
1/* p5_crpt.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/x509.h>
62#include <openssl/evp.h>
63#include "cryptlib.h"
64
65/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
66 */
67
68void PKCS5_PBE_add(void)
69{
70#ifndef NO_DES
71# ifndef NO_MD5
72EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
73 PKCS5_PBE_keyivgen);
74# endif
75# ifndef NO_MD2
76EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
77 PKCS5_PBE_keyivgen);
78# endif
79# ifndef NO_SHA
80EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
81 PKCS5_PBE_keyivgen);
82# endif
83#endif
84#ifndef NO_RC2
85# ifndef NO_MD5
86EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
87 PKCS5_PBE_keyivgen);
88# endif
89# ifndef NO_MD2
90EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
91 PKCS5_PBE_keyivgen);
92# endif
93# ifndef NO_SHA
94EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
95 PKCS5_PBE_keyivgen);
96# endif
97#endif
98#ifndef NO_HMAC
99EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
100#endif
101}
102
103int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
104 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
105 int en_de)
106{
107 EVP_MD_CTX ctx;
108 unsigned char md_tmp[EVP_MAX_MD_SIZE];
109 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
110 int i;
111 PBEPARAM *pbe;
112 int saltlen, iter;
113 unsigned char *salt, *pbuf;
114
115 /* Extract useful info from parameter */
116 pbuf = param->value.sequence->data;
117 if (!param || (param->type != V_ASN1_SEQUENCE) ||
118 !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
119 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
120 return 0;
121 }
122
123 if (!pbe->iter) iter = 1;
124 else iter = ASN1_INTEGER_get (pbe->iter);
125 salt = pbe->salt->data;
126 saltlen = pbe->salt->length;
127
128 if(!pass) passlen = 0;
129 else if(passlen == -1) passlen = strlen(pass);
130
131 EVP_DigestInit (&ctx, md);
132 EVP_DigestUpdate (&ctx, pass, passlen);
133 EVP_DigestUpdate (&ctx, salt, saltlen);
134 PBEPARAM_free(pbe);
135 EVP_DigestFinal (&ctx, md_tmp, NULL);
136 for (i = 1; i < iter; i++) {
137 EVP_DigestInit(&ctx, md);
138 EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
139 EVP_DigestFinal (&ctx, md_tmp, NULL);
140 }
141 memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
142 memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
143 EVP_CIPHER_iv_length(cipher));
144 EVP_CipherInit(cctx, cipher, key, iv, en_de);
145 memset(md_tmp, 0, EVP_MAX_MD_SIZE);
146 memset(key, 0, EVP_MAX_KEY_LENGTH);
147 memset(iv, 0, EVP_MAX_IV_LENGTH);
148 return 1;
149}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
deleted file mode 100644
index 717fad68ca..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,248 +0,0 @@
1/* p5_crpt2.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#if !defined(NO_HMAC) && !defined(NO_SHA)
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/x509.h>
62#include <openssl/evp.h>
63#include <openssl/hmac.h>
64#include "cryptlib.h"
65
66/* set this to print out info about the keygen algorithm */
67/* #define DEBUG_PKCS5V2 */
68
69#ifdef DEBUG_PKCS5V2
70 static void h__dump (const unsigned char *p, int len);
71#endif
72
73/* This is an implementation of PKCS#5 v2.0 password based encryption key
74 * derivation function PBKDF2 using the only currently defined function HMAC
75 * with SHA1. Verified against test vectors posted by Peter Gutmann
76 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
77 */
78
79int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
80 unsigned char *salt, int saltlen, int iter,
81 int keylen, unsigned char *out)
82{
83 unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
84 int cplen, j, k, tkeylen;
85 unsigned long i = 1;
86 HMAC_CTX hctx;
87 p = out;
88 tkeylen = keylen;
89 if(!pass) passlen = 0;
90 else if(passlen == -1) passlen = strlen(pass);
91 while(tkeylen) {
92 if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH;
93 else cplen = tkeylen;
94 /* We are unlikely to ever use more than 256 blocks (5120 bits!)
95 * but just in case...
96 */
97 itmp[0] = (unsigned char)((i >> 24) & 0xff);
98 itmp[1] = (unsigned char)((i >> 16) & 0xff);
99 itmp[2] = (unsigned char)((i >> 8) & 0xff);
100 itmp[3] = (unsigned char)(i & 0xff);
101 HMAC_Init(&hctx, pass, passlen, EVP_sha1());
102 HMAC_Update(&hctx, salt, saltlen);
103 HMAC_Update(&hctx, itmp, 4);
104 HMAC_Final(&hctx, digtmp, NULL);
105 memcpy(p, digtmp, cplen);
106 for(j = 1; j < iter; j++) {
107 HMAC(EVP_sha1(), pass, passlen,
108 digtmp, SHA_DIGEST_LENGTH, digtmp, NULL);
109 for(k = 0; k < cplen; k++) p[k] ^= digtmp[k];
110 }
111 tkeylen-= cplen;
112 i++;
113 p+= cplen;
114 }
115 HMAC_cleanup(&hctx);
116#ifdef DEBUG_PKCS5V2
117 fprintf(stderr, "Password:\n");
118 h__dump (pass, passlen);
119 fprintf(stderr, "Salt:\n");
120 h__dump (salt, saltlen);
121 fprintf(stderr, "Iteration count %d\n", iter);
122 fprintf(stderr, "Key:\n");
123 h__dump (out, keylen);
124#endif
125 return 1;
126}
127
128#ifdef DO_TEST
129main()
130{
131 unsigned char out[4];
132 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
133 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
134 fprintf(stderr, "Out %02X %02X %02X %02X\n",
135 out[0], out[1], out[2], out[3]);
136}
137
138#endif
139
140/* Now the key derivation function itself. This is a bit evil because
141 * it has to check the ASN1 parameters are valid: and there are quite a
142 * few of them...
143 */
144
145int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
146 ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md,
147 int en_de)
148{
149 unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
150 int saltlen, keylen, iter, plen;
151 PBE2PARAM *pbe2 = NULL;
152 const EVP_CIPHER *cipher;
153 PBKDF2PARAM *kdf = NULL;
154
155 pbuf = param->value.sequence->data;
156 plen = param->value.sequence->length;
157 if(!param || (param->type != V_ASN1_SEQUENCE) ||
158 !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
159 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
160 return 0;
161 }
162
163 /* See if we recognise the key derivation function */
164
165 if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
166 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
167 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
168 goto err;
169 }
170
171 /* lets see if we recognise the encryption algorithm.
172 */
173
174 cipher = EVP_get_cipherbyname(
175 OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm)));
176
177 if(!cipher) {
178 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
179 EVP_R_UNSUPPORTED_CIPHER);
180 goto err;
181 }
182
183 /* Fixup cipher based on AlgorithmIdentifier */
184 EVP_CipherInit(ctx, cipher, NULL, NULL, en_de);
185 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
186 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
187 EVP_R_CIPHER_PARAMETER_ERROR);
188 goto err;
189 }
190 keylen = EVP_CIPHER_CTX_key_length(ctx);
191
192 /* Now decode key derivation function */
193
194 pbuf = pbe2->keyfunc->parameter->value.sequence->data;
195 plen = pbe2->keyfunc->parameter->value.sequence->length;
196 if(!pbe2->keyfunc->parameter ||
197 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
198 !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
199 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
200 goto err;
201 }
202
203 PBE2PARAM_free(pbe2);
204 pbe2 = NULL;
205
206 /* Now check the parameters of the kdf */
207
208 if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){
209 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
210 EVP_R_UNSUPPORTED_KEYLENGTH);
211 goto err;
212 }
213
214 if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) {
215 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
216 goto err;
217 }
218
219 if(kdf->salt->type != V_ASN1_OCTET_STRING) {
220 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
221 EVP_R_UNSUPPORTED_SALT_TYPE);
222 goto err;
223 }
224
225 /* it seems that its all OK */
226 salt = kdf->salt->value.octet_string->data;
227 saltlen = kdf->salt->value.octet_string->length;
228 iter = ASN1_INTEGER_get(kdf->iter);
229 PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
230 EVP_CipherInit(ctx, NULL, key, NULL, en_de);
231 memset(key, 0, keylen);
232 PBKDF2PARAM_free(kdf);
233 return 1;
234
235 err:
236 PBE2PARAM_free(pbe2);
237 PBKDF2PARAM_free(kdf);
238 return 0;
239}
240
241#ifdef DEBUG_PKCS5V2
242static void h__dump (const unsigned char *p, int len)
243{
244 for (; len --; p++) fprintf(stderr, "%02X ", *p);
245 fprintf(stderr, "\n");
246}
247#endif
248#endif
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
deleted file mode 100644
index 57b5daa453..0000000000
--- a/src/lib/libcrypto/evp/p_dec.c
+++ /dev/null
@@ -1,87 +0,0 @@
1/* crypto/evp/p_dec.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl,
70 EVP_PKEY *priv)
71 {
72 int ret= -1;
73
74#ifndef NO_RSA
75 if (priv->type != EVP_PKEY_RSA)
76 {
77#endif
78 EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef NO_RSA
80 goto err;
81 }
82
83 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
84err:
85#endif
86 return(ret);
87 }
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
deleted file mode 100644
index 4cf6acaf5d..0000000000
--- a/src/lib/libcrypto/evp/p_enc.c
+++ /dev/null
@@ -1,86 +0,0 @@
1/* crypto/evp/p_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len,
70 EVP_PKEY *pubk)
71 {
72 int ret=0;
73
74#ifndef NO_RSA
75 if (pubk->type != EVP_PKEY_RSA)
76 {
77#endif
78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef NO_RSA
80 goto err;
81 }
82 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
83err:
84#endif
85 return(ret);
86 }
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
deleted file mode 100644
index 62398ed74d..0000000000
--- a/src/lib/libcrypto/evp/p_lib.c
+++ /dev/null
@@ -1,333 +0,0 @@
1/* crypto/evp/p_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/objects.h>
62#include <openssl/evp.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509.h>
65
66static void EVP_PKEY_free_it(EVP_PKEY *x);
67int EVP_PKEY_bits(EVP_PKEY *pkey)
68 {
69#ifndef NO_RSA
70 if (pkey->type == EVP_PKEY_RSA)
71 return(BN_num_bits(pkey->pkey.rsa->n));
72 else
73#endif
74#ifndef NO_DSA
75 if (pkey->type == EVP_PKEY_DSA)
76 return(BN_num_bits(pkey->pkey.dsa->p));
77#endif
78 return(0);
79 }
80
81int EVP_PKEY_size(EVP_PKEY *pkey)
82 {
83 if (pkey == NULL)
84 return(0);
85#ifndef NO_RSA
86 if (pkey->type == EVP_PKEY_RSA)
87 return(RSA_size(pkey->pkey.rsa));
88 else
89#endif
90#ifndef NO_DSA
91 if (pkey->type == EVP_PKEY_DSA)
92 return(DSA_size(pkey->pkey.dsa));
93#endif
94 return(0);
95 }
96
97int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
98 {
99#ifndef NO_DSA
100 if (pkey->type == EVP_PKEY_DSA)
101 {
102 int ret=pkey->save_parameters=mode;
103
104 if (mode >= 0)
105 pkey->save_parameters=mode;
106 return(ret);
107 }
108#endif
109 return(0);
110 }
111
112int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
113 {
114 if (to->type != from->type)
115 {
116 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
117 goto err;
118 }
119
120 if (EVP_PKEY_missing_parameters(from))
121 {
122 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
123 goto err;
124 }
125#ifndef NO_DSA
126 if (to->type == EVP_PKEY_DSA)
127 {
128 BIGNUM *a;
129
130 if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
131 if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
132 to->pkey.dsa->p=a;
133
134 if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
135 if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
136 to->pkey.dsa->q=a;
137
138 if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
139 if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
140 to->pkey.dsa->g=a;
141 }
142#endif
143 return(1);
144err:
145 return(0);
146 }
147
148int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
149 {
150#ifndef NO_DSA
151 if (pkey->type == EVP_PKEY_DSA)
152 {
153 DSA *dsa;
154
155 dsa=pkey->pkey.dsa;
156 if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
157 return(1);
158 }
159#endif
160 return(0);
161 }
162
163int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
164 {
165#ifndef NO_DSA
166 if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
167 {
168 if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
169 BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
170 BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
171 return(0);
172 else
173 return(1);
174 }
175#endif
176 return(-1);
177 }
178
179EVP_PKEY *EVP_PKEY_new(void)
180 {
181 EVP_PKEY *ret;
182
183 ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
184 if (ret == NULL)
185 {
186 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
187 return(NULL);
188 }
189 ret->type=EVP_PKEY_NONE;
190 ret->references=1;
191 ret->pkey.ptr=NULL;
192 ret->attributes=NULL;
193 ret->save_parameters=1;
194 return(ret);
195 }
196
197int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
198 {
199 if (pkey == NULL) return(0);
200 if (pkey->pkey.ptr != NULL)
201 EVP_PKEY_free_it(pkey);
202 pkey->type=EVP_PKEY_type(type);
203 pkey->save_type=type;
204 pkey->pkey.ptr=key;
205 return(key != NULL);
206 }
207
208#ifndef NO_RSA
209int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
210{
211 int ret = EVP_PKEY_assign_RSA(pkey, key);
212 if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
213 return ret;
214}
215
216RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
217 {
218 if(pkey->type != EVP_PKEY_RSA) {
219 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
220 return NULL;
221 }
222 CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
223 return pkey->pkey.rsa;
224}
225#endif
226
227#ifndef NO_DSA
228int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
229{
230 int ret = EVP_PKEY_assign_DSA(pkey, key);
231 if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
232 return ret;
233}
234
235DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
236 {
237 if(pkey->type != EVP_PKEY_DSA) {
238 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
239 return NULL;
240 }
241 CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA);
242 return pkey->pkey.dsa;
243}
244#endif
245
246#ifndef NO_DH
247
248int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
249{
250 int ret = EVP_PKEY_assign_DH(pkey, key);
251 if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
252 return ret;
253}
254
255DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
256 {
257 if(pkey->type != EVP_PKEY_DH) {
258 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
259 return NULL;
260 }
261 CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);
262 return pkey->pkey.dh;
263}
264#endif
265
266int EVP_PKEY_type(int type)
267 {
268 switch (type)
269 {
270 case EVP_PKEY_RSA:
271 case EVP_PKEY_RSA2:
272 return(EVP_PKEY_RSA);
273 case EVP_PKEY_DSA:
274 case EVP_PKEY_DSA1:
275 case EVP_PKEY_DSA2:
276 case EVP_PKEY_DSA3:
277 case EVP_PKEY_DSA4:
278 return(EVP_PKEY_DSA);
279 case EVP_PKEY_DH:
280 return(EVP_PKEY_DH);
281 default:
282 return(NID_undef);
283 }
284 }
285
286void EVP_PKEY_free(EVP_PKEY *x)
287 {
288 int i;
289
290 if (x == NULL) return;
291
292 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
293#ifdef REF_PRINT
294 REF_PRINT("EVP_PKEY",x);
295#endif
296 if (i > 0) return;
297#ifdef REF_CHECK
298 if (i < 0)
299 {
300 fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
301 abort();
302 }
303#endif
304 EVP_PKEY_free_it(x);
305 OPENSSL_free(x);
306 }
307
308static void EVP_PKEY_free_it(EVP_PKEY *x)
309 {
310 switch (x->type)
311 {
312#ifndef NO_RSA
313 case EVP_PKEY_RSA:
314 case EVP_PKEY_RSA2:
315 RSA_free(x->pkey.rsa);
316 break;
317#endif
318#ifndef NO_DSA
319 case EVP_PKEY_DSA:
320 case EVP_PKEY_DSA2:
321 case EVP_PKEY_DSA3:
322 case EVP_PKEY_DSA4:
323 DSA_free(x->pkey.dsa);
324 break;
325#endif
326#ifndef NO_DH
327 case EVP_PKEY_DH:
328 DH_free(x->pkey.dh);
329 break;
330#endif
331 }
332 }
333
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
deleted file mode 100644
index 2760c00fec..0000000000
--- a/src/lib/libcrypto/evp/p_open.c
+++ /dev/null
@@ -1,123 +0,0 @@
1/* crypto/evp/p_open.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RSA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
67 int ekl, unsigned char *iv, EVP_PKEY *priv)
68 {
69 unsigned char *key=NULL;
70 int i,size=0,ret=0;
71
72 if(type) {
73 EVP_CIPHER_CTX_init(ctx);
74 if(!EVP_DecryptInit(ctx,type,NULL,NULL)) return 0;
75 }
76
77 if(!priv) return 1;
78
79 if (priv->type != EVP_PKEY_RSA)
80 {
81 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
82 goto err;
83 }
84
85 size=RSA_size(priv->pkey.rsa);
86 key=(unsigned char *)OPENSSL_malloc(size+2);
87 if (key == NULL)
88 {
89 /* ERROR */
90 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
91 goto err;
92 }
93
94 i=EVP_PKEY_decrypt(key,ek,ekl,priv);
95 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
96 {
97 /* ERROR */
98 goto err;
99 }
100 if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err;
101
102 ret=1;
103err:
104 if (key != NULL) memset(key,0,size);
105 OPENSSL_free(key);
106 return(ret);
107 }
108
109int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
110 {
111 int i;
112
113 i=EVP_DecryptFinal(ctx,out,outl);
114 EVP_DecryptInit(ctx,NULL,NULL,NULL);
115 return(i);
116 }
117#else /* !NO_RSA */
118
119# ifdef PEDANTIC
120static void *dummy=&dummy;
121# endif
122
123#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
deleted file mode 100644
index 2fd1d7e0c2..0000000000
--- a/src/lib/libcrypto/evp/p_seal.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/evp/p_seal.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#ifndef NO_RSA
63#include <openssl/rsa.h>
64#endif
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68
69int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
70 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
71 {
72 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int i;
74
75 if(type) {
76 EVP_CIPHER_CTX_init(ctx);
77 if(!EVP_EncryptInit(ctx,type,NULL,NULL)) return 0;
78 }
79 if (npubk <= 0) return(0);
80 if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
81 return(0);
82 if (EVP_CIPHER_CTX_iv_length(ctx))
83 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
84
85 if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0;
86
87 for (i=0; i<npubk; i++)
88 {
89 ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
90 pubk[i]);
91 if (ekl[i] <= 0) return(-1);
92 }
93 return(npubk);
94 }
95
96/* MACRO
97void EVP_SealUpdate(ctx,out,outl,in,inl)
98EVP_CIPHER_CTX *ctx;
99unsigned char *out;
100int *outl;
101unsigned char *in;
102int inl;
103 {
104 EVP_EncryptUpdate(ctx,out,outl,in,inl);
105 }
106*/
107
108void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
109 {
110 EVP_EncryptFinal(ctx,out,outl);
111 EVP_EncryptInit(ctx,NULL,NULL,NULL);
112 }
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
deleted file mode 100644
index 1fa32ac17e..0000000000
--- a/src/lib/libcrypto/evp/p_sign.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/evp/p_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65#ifdef undef
66void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
67 {
68 EVP_DigestInit(ctx,type);
69 }
70
71void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
72 unsigned int count)
73 {
74 EVP_DigestUpdate(ctx,data,count);
75 }
76#endif
77
78int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
79 EVP_PKEY *pkey)
80 {
81 unsigned char m[EVP_MAX_MD_SIZE];
82 unsigned int m_len;
83 int i,ok=0,v;
84 MS_STATIC EVP_MD_CTX tmp_ctx;
85
86 *siglen=0;
87 EVP_MD_CTX_copy(&tmp_ctx,ctx);
88 EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
89 for (i=0; i<4; i++)
90 {
91 v=ctx->digest->required_pkey_type[i];
92 if (v == 0) break;
93 if (pkey->type == v)
94 {
95 ok=1;
96 break;
97 }
98 }
99 if (!ok)
100 {
101 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
102 return(0);
103 }
104 if (ctx->digest->sign == NULL)
105 {
106 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
107 return(0);
108 }
109 return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
110 pkey->pkey.ptr));
111 }
112
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
deleted file mode 100644
index dcb54f3abb..0000000000
--- a/src/lib/libcrypto/evp/p_verify.c
+++ /dev/null
@@ -1,99 +0,0 @@
1/* crypto/evp/p_verify.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf,
66 unsigned int siglen, EVP_PKEY *pkey)
67 {
68 unsigned char m[EVP_MAX_MD_SIZE];
69 unsigned int m_len;
70 int i,ok=0,v;
71 MS_STATIC EVP_MD_CTX tmp_ctx;
72
73 for (i=0; i<4; i++)
74 {
75 v=ctx->digest->required_pkey_type[i];
76 if (v == 0) break;
77 if (pkey->type == v)
78 {
79 ok=1;
80 break;
81 }
82 }
83 if (!ok)
84 {
85 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
86 return(-1);
87 }
88 EVP_MD_CTX_copy(&tmp_ctx,ctx);
89 EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
90 if (ctx->digest->verify == NULL)
91 {
92 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
93 return(0);
94 }
95
96 return(ctx->digest->verify(ctx->digest->type,m,m_len,
97 sigbuf,siglen,pkey->pkey.ptr));
98 }
99
diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c
deleted file mode 100644
index 739e543d78..0000000000
--- a/src/lib/libcrypto/ex_data.c
+++ /dev/null
@@ -1,223 +0,0 @@
1/* crypto/ex_data.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/buffer.h>
62#include <openssl/bio.h>
63#include <openssl/lhash.h>
64#include "cryptlib.h"
65
66int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp,
67 CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
68 {
69 int ret= -1;
70 CRYPTO_EX_DATA_FUNCS *a;
71
72 MemCheck_off();
73 if (*skp == NULL)
74 *skp=sk_CRYPTO_EX_DATA_FUNCS_new_null();
75 if (*skp == NULL)
76 {
77 CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
78 goto err;
79 }
80 a=(CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
81 if (a == NULL)
82 {
83 CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
84 goto err;
85 }
86 a->argl=argl;
87 a->argp=argp;
88 a->new_func=new_func;
89 a->dup_func=dup_func;
90 a->free_func=free_func;
91 while (sk_CRYPTO_EX_DATA_FUNCS_num(*skp) <= idx)
92 {
93 if (!sk_CRYPTO_EX_DATA_FUNCS_push(*skp,NULL))
94 {
95 CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
96 OPENSSL_free(a);
97 goto err;
98 }
99 }
100 sk_CRYPTO_EX_DATA_FUNCS_set(*skp,idx, a);
101 ret=idx;
102err:
103 MemCheck_on();
104 return(ret);
105 }
106
107int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
108 {
109 int i;
110
111 if (ad->sk == NULL)
112 {
113 if ((ad->sk=sk_new_null()) == NULL)
114 {
115 CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
116 return(0);
117 }
118 }
119 i=sk_num(ad->sk);
120
121 while (i <= idx)
122 {
123 if (!sk_push(ad->sk,NULL))
124 {
125 CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
126 return(0);
127 }
128 i++;
129 }
130 sk_set(ad->sk,idx,val);
131 return(1);
132 }
133
134void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad, int idx)
135 {
136 if (ad->sk == NULL)
137 return(0);
138 else if (idx >= sk_num(ad->sk))
139 return(0);
140 else
141 return(sk_value(ad->sk,idx));
142 }
143
144/* The callback is called with the 'object', which is the original data object
145 * being duplicated, a pointer to the
146 * 'new' object to be inserted, the index, and the argi/argp
147 */
148int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to,
149 CRYPTO_EX_DATA *from)
150 {
151 int i,j,m,r;
152 CRYPTO_EX_DATA_FUNCS *mm;
153 char *from_d;
154
155 if (meth == NULL) return(1);
156 if (from->sk == NULL) return(1);
157 m=sk_CRYPTO_EX_DATA_FUNCS_num(meth);
158 j=sk_num(from->sk);
159 for (i=0; i<j; i++)
160 {
161 from_d=CRYPTO_get_ex_data(from,i);
162 if (i < m)
163 {
164 mm=sk_CRYPTO_EX_DATA_FUNCS_value(meth,i);
165 if (mm->dup_func != NULL)
166 r=mm->dup_func(to,from,(char **)&from_d,i,
167 mm->argl,mm->argp);
168 }
169 CRYPTO_set_ex_data(to,i,from_d);
170 }
171 return(1);
172 }
173
174/* Call each free callback */
175void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad)
176 {
177 CRYPTO_EX_DATA_FUNCS *m;
178 void *ptr;
179 int i,max;
180
181 if (meth != NULL)
182 {
183 max=sk_CRYPTO_EX_DATA_FUNCS_num(meth);
184 for (i=0; i<max; i++)
185 {
186 m=sk_CRYPTO_EX_DATA_FUNCS_value(meth,i);
187 if ((m != NULL) && (m->free_func != NULL))
188 {
189 ptr=CRYPTO_get_ex_data(ad,i);
190 m->free_func(obj,ptr,ad,i,m->argl,m->argp);
191 }
192 }
193 }
194 if (ad->sk != NULL)
195 {
196 sk_free(ad->sk);
197 ad->sk=NULL;
198 }
199 }
200
201void CRYPTO_new_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad)
202 {
203 CRYPTO_EX_DATA_FUNCS *m;
204 void *ptr;
205 int i,max;
206
207 ad->sk=NULL;
208 if (meth != NULL)
209 {
210 max=sk_CRYPTO_EX_DATA_FUNCS_num(meth);
211 for (i=0; i<max; i++)
212 {
213 m=sk_CRYPTO_EX_DATA_FUNCS_value(meth,i);
214 if ((m != NULL) && (m->new_func != NULL))
215 {
216 ptr=CRYPTO_get_ex_data(ad,i);
217 m->new_func(obj,ptr,ad,i,m->argl,m->argp);
218 }
219 }
220 }
221 }
222
223IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c
deleted file mode 100644
index e1ec79e093..0000000000
--- a/src/lib/libcrypto/hmac/hmac.c
+++ /dev/null
@@ -1,152 +0,0 @@
1/* crypto/hmac/hmac.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#include <stdio.h>
59#include <stdlib.h>
60#include <string.h>
61#include <openssl/hmac.h>
62
63void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
64 const EVP_MD *md)
65 {
66 int i,j,reset=0;
67 unsigned char pad[HMAC_MAX_MD_CBLOCK];
68
69 if (md != NULL)
70 {
71 reset=1;
72 ctx->md=md;
73 }
74 else
75 md=ctx->md;
76
77 if (key != NULL)
78 {
79 reset=1;
80 j=EVP_MD_block_size(md);
81 if (j < len)
82 {
83 EVP_DigestInit(&ctx->md_ctx,md);
84 EVP_DigestUpdate(&ctx->md_ctx,key,len);
85 EVP_DigestFinal(&(ctx->md_ctx),ctx->key,
86 &ctx->key_length);
87 }
88 else
89 {
90 memcpy(ctx->key,key,len);
91 ctx->key_length=len;
92 }
93 if(ctx->key_length != HMAC_MAX_MD_CBLOCK)
94 memset(&ctx->key[ctx->key_length], 0,
95 HMAC_MAX_MD_CBLOCK - ctx->key_length);
96 }
97
98 if (reset)
99 {
100 for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
101 pad[i]=0x36^ctx->key[i];
102 EVP_DigestInit(&ctx->i_ctx,md);
103 EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
104
105 for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
106 pad[i]=0x5c^ctx->key[i];
107 EVP_DigestInit(&ctx->o_ctx,md);
108 EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
109 }
110
111 memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx));
112 }
113
114void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len)
115 {
116 EVP_DigestUpdate(&(ctx->md_ctx),data,len);
117 }
118
119void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
120 {
121 int j;
122 unsigned int i;
123 unsigned char buf[EVP_MAX_MD_SIZE];
124
125 j=EVP_MD_block_size(ctx->md);
126
127 EVP_DigestFinal(&(ctx->md_ctx),buf,&i);
128 memcpy(&(ctx->md_ctx),&(ctx->o_ctx),sizeof(ctx->o_ctx));
129 EVP_DigestUpdate(&(ctx->md_ctx),buf,i);
130 EVP_DigestFinal(&(ctx->md_ctx),md,len);
131 }
132
133void HMAC_cleanup(HMAC_CTX *ctx)
134 {
135 memset(ctx,0,sizeof(HMAC_CTX));
136 }
137
138unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
139 const unsigned char *d, int n, unsigned char *md,
140 unsigned int *md_len)
141 {
142 HMAC_CTX c;
143 static unsigned char m[EVP_MAX_MD_SIZE];
144
145 if (md == NULL) md=m;
146 HMAC_Init(&c,key,key_len,evp_md);
147 HMAC_Update(&c,d,n);
148 HMAC_Final(&c,md,md_len);
149 HMAC_cleanup(&c);
150 return(md);
151 }
152
diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h
deleted file mode 100644
index 328bad2608..0000000000
--- a/src/lib/libcrypto/hmac/hmac.h
+++ /dev/null
@@ -1,100 +0,0 @@
1/* crypto/hmac/hmac.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#ifndef HEADER_HMAC_H
59#define HEADER_HMAC_H
60
61#ifdef NO_HMAC
62#error HMAC is disabled.
63#endif
64
65#include <openssl/evp.h>
66
67#define HMAC_MAX_MD_CBLOCK 64
68
69#ifdef __cplusplus
70extern "C" {
71#endif
72
73typedef struct hmac_ctx_st
74 {
75 const EVP_MD *md;
76 EVP_MD_CTX md_ctx;
77 EVP_MD_CTX i_ctx;
78 EVP_MD_CTX o_ctx;
79 unsigned int key_length;
80 unsigned char key[HMAC_MAX_MD_CBLOCK];
81 } HMAC_CTX;
82
83#define HMAC_size(e) (EVP_MD_size((e)->md))
84
85
86void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
87 const EVP_MD *md);
88void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
89void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
90void HMAC_cleanup(HMAC_CTX *ctx);
91unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
92 const unsigned char *d, int n, unsigned char *md,
93 unsigned int *md_len);
94
95
96#ifdef __cplusplus
97}
98#endif
99
100#endif
diff --git a/src/lib/libcrypto/idea/idea.h b/src/lib/libcrypto/idea/idea.h
deleted file mode 100644
index f14adf8398..0000000000
--- a/src/lib/libcrypto/idea/idea.h
+++ /dev/null
@@ -1,99 +0,0 @@
1/* crypto/idea/idea.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_IDEA_H
60#define HEADER_IDEA_H
61
62#ifdef NO_IDEA
63#error IDEA is disabled.
64#endif
65
66#define IDEA_ENCRYPT 1
67#define IDEA_DECRYPT 0
68
69#include <openssl/opensslconf.h> /* IDEA_INT */
70#define IDEA_BLOCK 8
71#define IDEA_KEY_LENGTH 16
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
77typedef struct idea_key_st
78 {
79 IDEA_INT data[9][6];
80 } IDEA_KEY_SCHEDULE;
81
82const char *idea_options(void);
83void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
84 IDEA_KEY_SCHEDULE *ks);
85void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
86void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
87void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
88 long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
89void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
90 long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
91 int *num,int enc);
92void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
93 long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
94void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
95#ifdef __cplusplus
96}
97#endif
98
99#endif
diff --git a/src/lib/libcrypto/lhash/lh_stats.c b/src/lib/libcrypto/lhash/lh_stats.c
deleted file mode 100644
index ee0600060e..0000000000
--- a/src/lib/libcrypto/lhash/lh_stats.c
+++ /dev/null
@@ -1,274 +0,0 @@
1/* crypto/lhash/lh_stats.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <stdlib.h>
62/* If you wish to build this outside of SSLeay, remove the following lines
63 * and things should work as expected */
64#include "cryptlib.h"
65
66#ifndef NO_BIO
67#include <openssl/bio.h>
68#endif
69#include <openssl/lhash.h>
70
71#ifdef NO_BIO
72
73void lh_stats(LHASH *lh, FILE *out)
74 {
75 fprintf(out,"num_items = %lu\n",lh->num_items);
76 fprintf(out,"num_nodes = %u\n",lh->num_nodes);
77 fprintf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
78 fprintf(out,"num_expands = %lu\n",lh->num_expands);
79 fprintf(out,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
80 fprintf(out,"num_contracts = %lu\n",lh->num_contracts);
81 fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
82 fprintf(out,"num_hash_calls = %lu\n",lh->num_hash_calls);
83 fprintf(out,"num_comp_calls = %lu\n",lh->num_comp_calls);
84 fprintf(out,"num_insert = %lu\n",lh->num_insert);
85 fprintf(out,"num_replace = %lu\n",lh->num_replace);
86 fprintf(out,"num_delete = %lu\n",lh->num_delete);
87 fprintf(out,"num_no_delete = %lu\n",lh->num_no_delete);
88 fprintf(out,"num_retrieve = %lu\n",lh->num_retrieve);
89 fprintf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
90 fprintf(out,"num_hash_comps = %lu\n",lh->num_hash_comps);
91#ifdef DEBUG
92 fprintf(out,"p = %u\n",lh->p);
93 fprintf(out,"pmax = %u\n",lh->pmax);
94 fprintf(out,"up_load = %lu\n",lh->up_load);
95 fprintf(out,"down_load = %lu\n",lh->down_load);
96#endif
97 }
98
99void lh_node_stats(LHASH *lh, FILE *out)
100 {
101 LHASH_NODE *n;
102 unsigned int i,num;
103
104 for (i=0; i<lh->num_nodes; i++)
105 {
106 for (n=lh->b[i],num=0; n != NULL; n=n->next)
107 num++;
108 fprintf(out,"node %6u -> %3u\n",i,num);
109 }
110 }
111
112void lh_node_usage_stats(LHASH *lh, FILE *out)
113 {
114 LHASH_NODE *n;
115 unsigned long num;
116 unsigned int i;
117 unsigned long total=0,n_used=0;
118
119 for (i=0; i<lh->num_nodes; i++)
120 {
121 for (n=lh->b[i],num=0; n != NULL; n=n->next)
122 num++;
123 if (num != 0)
124 {
125 n_used++;
126 total+=num;
127 }
128 }
129 fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
130 fprintf(out,"%lu items\n",total);
131 if (n_used == 0) return;
132 fprintf(out,"load %d.%02d actual load %d.%02d\n",
133 (int)(total/lh->num_nodes),
134 (int)((total%lh->num_nodes)*100/lh->num_nodes),
135 (int)(total/n_used),
136 (int)((total%n_used)*100/n_used));
137 }
138
139#else
140
141#ifndef NO_FP_API
142void lh_stats(LHASH *lh, FILE *fp)
143 {
144 BIO *bp;
145
146 bp=BIO_new(BIO_s_file());
147 if (bp == NULL) goto end;
148 BIO_set_fp(bp,fp,BIO_NOCLOSE);
149 lh_stats_bio(lh,bp);
150 BIO_free(bp);
151end:;
152 }
153
154void lh_node_stats(LHASH *lh, FILE *fp)
155 {
156 BIO *bp;
157
158 bp=BIO_new(BIO_s_file());
159 if (bp == NULL) goto end;
160 BIO_set_fp(bp,fp,BIO_NOCLOSE);
161 lh_node_stats_bio(lh,bp);
162 BIO_free(bp);
163end:;
164 }
165
166void lh_node_usage_stats(LHASH *lh, FILE *fp)
167 {
168 BIO *bp;
169
170 bp=BIO_new(BIO_s_file());
171 if (bp == NULL) goto end;
172 BIO_set_fp(bp,fp,BIO_NOCLOSE);
173 lh_node_usage_stats_bio(lh,bp);
174 BIO_free(bp);
175end:;
176 }
177
178#endif
179
180void lh_stats_bio(LHASH *lh, BIO *out)
181 {
182 char buf[128];
183
184 sprintf(buf,"num_items = %lu\n",lh->num_items);
185 BIO_puts(out,buf);
186 sprintf(buf,"num_nodes = %u\n",lh->num_nodes);
187 BIO_puts(out,buf);
188 sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
189 BIO_puts(out,buf);
190 sprintf(buf,"num_expands = %lu\n",lh->num_expands);
191 BIO_puts(out,buf);
192 sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
193 BIO_puts(out,buf);
194 sprintf(buf,"num_contracts = %lu\n",lh->num_contracts);
195 BIO_puts(out,buf);
196 sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
197 BIO_puts(out,buf);
198 sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls);
199 BIO_puts(out,buf);
200 sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls);
201 BIO_puts(out,buf);
202 sprintf(buf,"num_insert = %lu\n",lh->num_insert);
203 BIO_puts(out,buf);
204 sprintf(buf,"num_replace = %lu\n",lh->num_replace);
205 BIO_puts(out,buf);
206 sprintf(buf,"num_delete = %lu\n",lh->num_delete);
207 BIO_puts(out,buf);
208 sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete);
209 BIO_puts(out,buf);
210 sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve);
211 BIO_puts(out,buf);
212 sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
213 BIO_puts(out,buf);
214 sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps);
215 BIO_puts(out,buf);
216#ifdef DEBUG
217 sprintf(buf,"p = %u\n",lh->p);
218 BIO_puts(out,buf);
219 sprintf(buf,"pmax = %u\n",lh->pmax);
220 BIO_puts(out,buf);
221 sprintf(buf,"up_load = %lu\n",lh->up_load);
222 BIO_puts(out,buf);
223 sprintf(buf,"down_load = %lu\n",lh->down_load);
224 BIO_puts(out,buf);
225#endif
226 }
227
228void lh_node_stats_bio(LHASH *lh, BIO *out)
229 {
230 LHASH_NODE *n;
231 unsigned int i,num;
232 char buf[128];
233
234 for (i=0; i<lh->num_nodes; i++)
235 {
236 for (n=lh->b[i],num=0; n != NULL; n=n->next)
237 num++;
238 sprintf(buf,"node %6u -> %3u\n",i,num);
239 BIO_puts(out,buf);
240 }
241 }
242
243void lh_node_usage_stats_bio(LHASH *lh, BIO *out)
244 {
245 LHASH_NODE *n;
246 unsigned long num;
247 unsigned int i;
248 unsigned long total=0,n_used=0;
249 char buf[128];
250
251 for (i=0; i<lh->num_nodes; i++)
252 {
253 for (n=lh->b[i],num=0; n != NULL; n=n->next)
254 num++;
255 if (num != 0)
256 {
257 n_used++;
258 total+=num;
259 }
260 }
261 sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
262 BIO_puts(out,buf);
263 sprintf(buf,"%lu items\n",total);
264 BIO_puts(out,buf);
265 if (n_used == 0) return;
266 sprintf(buf,"load %d.%02d actual load %d.%02d\n",
267 (int)(total/lh->num_nodes),
268 (int)((total%lh->num_nodes)*100/lh->num_nodes),
269 (int)(total/n_used),
270 (int)((total%n_used)*100/n_used));
271 BIO_puts(out,buf);
272 }
273
274#endif
diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c
deleted file mode 100644
index 7da14620a4..0000000000
--- a/src/lib/libcrypto/lhash/lhash.c
+++ /dev/null
@@ -1,461 +0,0 @@
1/* crypto/lhash/lhash.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Code for dynamic hash table routines
60 * Author - Eric Young v 2.0
61 *
62 * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
63 * present. eay 18-Jun-98
64 *
65 * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
66 *
67 * 2.0 eay - Fixed a bug that occurred when using lh_delete
68 * from inside lh_doall(). As entries were deleted,
69 * the 'table' was 'contract()ed', making some entries
70 * jump from the end of the table to the start, there by
71 * skipping the lh_doall() processing. eay - 4/12/95
72 *
73 * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
74 * were not being free()ed. 21/11/95
75 *
76 * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
77 * 19/09/95
78 *
79 * 1.7 eay - Removed the fputs() for realloc failures - the code
80 * should silently tolerate them. I have also fixed things
81 * lint complained about 04/05/95
82 *
83 * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
84 *
85 * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
86 *
87 * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
88 *
89 * 1.3 eay - Fixed a few lint problems 19/3/1991
90 *
91 * 1.2 eay - Fixed lh_doall problem 13/3/1991
92 *
93 * 1.1 eay - Added lh_doall
94 *
95 * 1.0 eay - First version
96 */
97#include <stdio.h>
98#include <string.h>
99#include <stdlib.h>
100#include <openssl/crypto.h>
101#include <openssl/lhash.h>
102
103const char *lh_version="lhash" OPENSSL_VERSION_PTEXT;
104
105#undef MIN_NODES
106#define MIN_NODES 16
107#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
108#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
109
110static void expand(LHASH *lh);
111static void contract(LHASH *lh);
112static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash);
113
114LHASH *lh_new(unsigned long (*h)(), int (*c)())
115 {
116 LHASH *ret;
117 int i;
118
119 if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL)
120 goto err0;
121 if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
122 goto err1;
123 for (i=0; i<MIN_NODES; i++)
124 ret->b[i]=NULL;
125 ret->comp=((c == NULL)?(int (*)())strcmp:c);
126 ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h);
127 ret->num_nodes=MIN_NODES/2;
128 ret->num_alloc_nodes=MIN_NODES;
129 ret->p=0;
130 ret->pmax=MIN_NODES/2;
131 ret->up_load=UP_LOAD;
132 ret->down_load=DOWN_LOAD;
133 ret->num_items=0;
134
135 ret->num_expands=0;
136 ret->num_expand_reallocs=0;
137 ret->num_contracts=0;
138 ret->num_contract_reallocs=0;
139 ret->num_hash_calls=0;
140 ret->num_comp_calls=0;
141 ret->num_insert=0;
142 ret->num_replace=0;
143 ret->num_delete=0;
144 ret->num_no_delete=0;
145 ret->num_retrieve=0;
146 ret->num_retrieve_miss=0;
147 ret->num_hash_comps=0;
148
149 ret->error=0;
150 return(ret);
151err1:
152 OPENSSL_free(ret);
153err0:
154 return(NULL);
155 }
156
157void lh_free(LHASH *lh)
158 {
159 unsigned int i;
160 LHASH_NODE *n,*nn;
161
162 if (lh == NULL)
163 return;
164
165 for (i=0; i<lh->num_nodes; i++)
166 {
167 n=lh->b[i];
168 while (n != NULL)
169 {
170 nn=n->next;
171 OPENSSL_free(n);
172 n=nn;
173 }
174 }
175 OPENSSL_free(lh->b);
176 OPENSSL_free(lh);
177 }
178
179void *lh_insert(LHASH *lh, void *data)
180 {
181 unsigned long hash;
182 LHASH_NODE *nn,**rn;
183 void *ret;
184
185 lh->error=0;
186 if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
187 expand(lh);
188
189 rn=getrn(lh,data,&hash);
190
191 if (*rn == NULL)
192 {
193 if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL)
194 {
195 lh->error++;
196 return(NULL);
197 }
198 nn->data=data;
199 nn->next=NULL;
200#ifndef NO_HASH_COMP
201 nn->hash=hash;
202#endif
203 *rn=nn;
204 ret=NULL;
205 lh->num_insert++;
206 lh->num_items++;
207 }
208 else /* replace same key */
209 {
210 ret= (*rn)->data;
211 (*rn)->data=data;
212 lh->num_replace++;
213 }
214 return(ret);
215 }
216
217void *lh_delete(LHASH *lh, void *data)
218 {
219 unsigned long hash;
220 LHASH_NODE *nn,**rn;
221 void *ret;
222
223 lh->error=0;
224 rn=getrn(lh,data,&hash);
225
226 if (*rn == NULL)
227 {
228 lh->num_no_delete++;
229 return(NULL);
230 }
231 else
232 {
233 nn= *rn;
234 *rn=nn->next;
235 ret=nn->data;
236 OPENSSL_free(nn);
237 lh->num_delete++;
238 }
239
240 lh->num_items--;
241 if ((lh->num_nodes > MIN_NODES) &&
242 (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
243 contract(lh);
244
245 return(ret);
246 }
247
248void *lh_retrieve(LHASH *lh, void *data)
249 {
250 unsigned long hash;
251 LHASH_NODE **rn;
252 void *ret;
253
254 lh->error=0;
255 rn=getrn(lh,data,&hash);
256
257 if (*rn == NULL)
258 {
259 lh->num_retrieve_miss++;
260 return(NULL);
261 }
262 else
263 {
264 ret= (*rn)->data;
265 lh->num_retrieve++;
266 }
267 return(ret);
268 }
269
270void lh_doall(LHASH *lh, void (*func)())
271 {
272 lh_doall_arg(lh,func,NULL);
273 }
274
275void lh_doall_arg(LHASH *lh, void (*func)(), void *arg)
276 {
277 int i;
278 LHASH_NODE *a,*n;
279
280 /* reverse the order so we search from 'top to bottom'
281 * We were having memory leaks otherwise */
282 for (i=lh->num_nodes-1; i>=0; i--)
283 {
284 a=lh->b[i];
285 while (a != NULL)
286 {
287 /* 28/05/91 - eay - n added so items can be deleted
288 * via lh_doall */
289 n=a->next;
290 func(a->data,arg);
291 a=n;
292 }
293 }
294 }
295
296static void expand(LHASH *lh)
297 {
298 LHASH_NODE **n,**n1,**n2,*np;
299 unsigned int p,i,j;
300 unsigned long hash,nni;
301
302 lh->num_nodes++;
303 lh->num_expands++;
304 p=(int)lh->p++;
305 n1= &(lh->b[p]);
306 n2= &(lh->b[p+(int)lh->pmax]);
307 *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */
308 nni=lh->num_alloc_nodes;
309
310 for (np= *n1; np != NULL; )
311 {
312#ifndef NO_HASH_COMP
313 hash=np->hash;
314#else
315 hash=(*(lh->hash))(np->data);
316 lh->num_hash_calls++;
317#endif
318 if ((hash%nni) != p)
319 { /* move it */
320 *n1= (*n1)->next;
321 np->next= *n2;
322 *n2=np;
323 }
324 else
325 n1= &((*n1)->next);
326 np= *n1;
327 }
328
329 if ((lh->p) >= lh->pmax)
330 {
331 j=(int)lh->num_alloc_nodes*2;
332 n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
333 (unsigned int)sizeof(LHASH_NODE *)*j);
334 if (n == NULL)
335 {
336/* fputs("realloc error in lhash",stderr); */
337 lh->error++;
338 lh->p=0;
339 return;
340 }
341 /* else */
342 for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
343 n[i]=NULL; /* 02/03/92 eay */
344 lh->pmax=lh->num_alloc_nodes;
345 lh->num_alloc_nodes=j;
346 lh->num_expand_reallocs++;
347 lh->p=0;
348 lh->b=n;
349 }
350 }
351
352static void contract(LHASH *lh)
353 {
354 LHASH_NODE **n,*n1,*np;
355
356 np=lh->b[lh->p+lh->pmax-1];
357 lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
358 if (lh->p == 0)
359 {
360 n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
361 (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax));
362 if (n == NULL)
363 {
364/* fputs("realloc error in lhash",stderr); */
365 lh->error++;
366 return;
367 }
368 lh->num_contract_reallocs++;
369 lh->num_alloc_nodes/=2;
370 lh->pmax/=2;
371 lh->p=lh->pmax-1;
372 lh->b=n;
373 }
374 else
375 lh->p--;
376
377 lh->num_nodes--;
378 lh->num_contracts++;
379
380 n1=lh->b[(int)lh->p];
381 if (n1 == NULL)
382 lh->b[(int)lh->p]=np;
383 else
384 {
385 while (n1->next != NULL)
386 n1=n1->next;
387 n1->next=np;
388 }
389 }
390
391static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash)
392 {
393 LHASH_NODE **ret,*n1;
394 unsigned long hash,nn;
395 int (*cf)();
396
397 hash=(*(lh->hash))(data);
398 lh->num_hash_calls++;
399 *rhash=hash;
400
401 nn=hash%lh->pmax;
402 if (nn < lh->p)
403 nn=hash%lh->num_alloc_nodes;
404
405 cf=lh->comp;
406 ret= &(lh->b[(int)nn]);
407 for (n1= *ret; n1 != NULL; n1=n1->next)
408 {
409#ifndef NO_HASH_COMP
410 lh->num_hash_comps++;
411 if (n1->hash != hash)
412 {
413 ret= &(n1->next);
414 continue;
415 }
416#endif
417 lh->num_comp_calls++;
418 if ((*cf)(n1->data,data) == 0)
419 break;
420 ret= &(n1->next);
421 }
422 return(ret);
423 }
424
425/* The following hash seems to work very well on normal text strings
426 * no collisions on /usr/dict/words and it distributes on %2^n quite
427 * well, not as good as MD5, but still good.
428 */
429unsigned long lh_strhash(const char *c)
430 {
431 unsigned long ret=0;
432 long n;
433 unsigned long v;
434 int r;
435
436 if ((c == NULL) || (*c == '\0'))
437 return(ret);
438/*
439 unsigned char b[16];
440 MD5(c,strlen(c),b);
441 return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
442*/
443
444 n=0x100;
445 while (*c)
446 {
447 v=n|(*c);
448 n+=0x100;
449 r= (int)((v>>2)^v)&0x0f;
450 ret=(ret<<r)|(ret>>(32-r));
451 ret&=0xFFFFFFFFL;
452 ret^=v*v;
453 c++;
454 }
455 return((ret>>16)^ret);
456 }
457
458unsigned long lh_num_items(LHASH *lh)
459 {
460 return lh ? lh->num_items : 0;
461 }
diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h
deleted file mode 100644
index b8ff021906..0000000000
--- a/src/lib/libcrypto/lhash/lhash.h
+++ /dev/null
@@ -1,149 +0,0 @@
1/* crypto/lhash/lhash.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Header for dynamic hash table routines
60 * Author - Eric Young
61 */
62
63#ifndef HEADER_LHASH_H
64#define HEADER_LHASH_H
65
66#ifndef NO_FP_API
67#include <stdio.h>
68#endif
69
70#ifndef NO_BIO
71#include <openssl/bio.h>
72#endif
73
74#ifdef __cplusplus
75extern "C" {
76#endif
77
78typedef struct lhash_node_st
79 {
80 void *data;
81 struct lhash_node_st *next;
82#ifndef NO_HASH_COMP
83 unsigned long hash;
84#endif
85 } LHASH_NODE;
86
87typedef struct lhash_st
88 {
89 LHASH_NODE **b;
90 int (*comp)();
91 unsigned long (*hash)();
92 unsigned int num_nodes;
93 unsigned int num_alloc_nodes;
94 unsigned int p;
95 unsigned int pmax;
96 unsigned long up_load; /* load times 256 */
97 unsigned long down_load; /* load times 256 */
98 unsigned long num_items;
99
100 unsigned long num_expands;
101 unsigned long num_expand_reallocs;
102 unsigned long num_contracts;
103 unsigned long num_contract_reallocs;
104 unsigned long num_hash_calls;
105 unsigned long num_comp_calls;
106 unsigned long num_insert;
107 unsigned long num_replace;
108 unsigned long num_delete;
109 unsigned long num_no_delete;
110 unsigned long num_retrieve;
111 unsigned long num_retrieve_miss;
112 unsigned long num_hash_comps;
113
114 int error;
115 } LHASH;
116
117#define LH_LOAD_MULT 256
118
119/* Indicates a malloc() error in the last call, this is only bad
120 * in lh_insert(). */
121#define lh_error(lh) ((lh)->error)
122
123LHASH *lh_new(unsigned long (*h)(/* void *a */), int (*c)(/* void *a,void *b */));
124void lh_free(LHASH *lh);
125void *lh_insert(LHASH *lh, void *data);
126void *lh_delete(LHASH *lh, void *data);
127void *lh_retrieve(LHASH *lh, void *data);
128 void lh_doall(LHASH *lh, void (*func)(/*void *b*/));
129void lh_doall_arg(LHASH *lh, void (*func)(/*void *a,void *b*/),void *arg);
130unsigned long lh_strhash(const char *c);
131unsigned long lh_num_items(LHASH *lh);
132
133#ifndef NO_FP_API
134void lh_stats(LHASH *lh, FILE *out);
135void lh_node_stats(LHASH *lh, FILE *out);
136void lh_node_usage_stats(LHASH *lh, FILE *out);
137#endif
138
139#ifndef NO_BIO
140void lh_stats_bio(LHASH *lh, BIO *out);
141void lh_node_stats_bio(LHASH *lh, BIO *out);
142void lh_node_usage_stats_bio(LHASH *lh, BIO *out);
143#endif
144#ifdef __cplusplus
145}
146#endif
147
148#endif
149
diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h
deleted file mode 100644
index 1a404a458d..0000000000
--- a/src/lib/libcrypto/md32_common.h
+++ /dev/null
@@ -1,607 +0,0 @@
1/* crypto/md32_common.h */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/*
57 * This is a generic 32 bit "collector" for message digest algorithms.
58 * Whenever needed it collects input character stream into chunks of
59 * 32 bit values and invokes a block function that performs actual hash
60 * calculations.
61 *
62 * Porting guide.
63 *
64 * Obligatory macros:
65 *
66 * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
67 * this macro defines byte order of input stream.
68 * HASH_CBLOCK
69 * size of a unit chunk HASH_BLOCK operates on.
70 * HASH_LONG
71 * has to be at lest 32 bit wide, if it's wider, then
72 * HASH_LONG_LOG2 *has to* be defined along
73 * HASH_CTX
74 * context structure that at least contains following
75 * members:
76 * typedef struct {
77 * ...
78 * HASH_LONG Nl,Nh;
79 * HASH_LONG data[HASH_LBLOCK];
80 * int num;
81 * ...
82 * } HASH_CTX;
83 * HASH_UPDATE
84 * name of "Update" function, implemented here.
85 * HASH_TRANSFORM
86 * name of "Transform" function, implemented here.
87 * HASH_FINAL
88 * name of "Final" function, implemented here.
89 * HASH_BLOCK_HOST_ORDER
90 * name of "block" function treating *aligned* input message
91 * in host byte order, implemented externally.
92 * HASH_BLOCK_DATA_ORDER
93 * name of "block" function treating *unaligned* input message
94 * in original (data) byte order, implemented externally (it
95 * actually is optional if data and host are of the same
96 * "endianess").
97 * HASH_MAKE_STRING
98 * macro convering context variables to an ASCII hash string.
99 *
100 * Optional macros:
101 *
102 * B_ENDIAN or L_ENDIAN
103 * defines host byte-order.
104 * HASH_LONG_LOG2
105 * defaults to 2 if not states otherwise.
106 * HASH_LBLOCK
107 * assumed to be HASH_CBLOCK/4 if not stated otherwise.
108 * HASH_BLOCK_DATA_ORDER_ALIGNED
109 * alternative "block" function capable of treating
110 * aligned input message in original (data) order,
111 * implemented externally.
112 *
113 * MD5 example:
114 *
115 * #define DATA_ORDER_IS_LITTLE_ENDIAN
116 *
117 * #define HASH_LONG MD5_LONG
118 * #define HASH_LONG_LOG2 MD5_LONG_LOG2
119 * #define HASH_CTX MD5_CTX
120 * #define HASH_CBLOCK MD5_CBLOCK
121 * #define HASH_LBLOCK MD5_LBLOCK
122 * #define HASH_UPDATE MD5_Update
123 * #define HASH_TRANSFORM MD5_Transform
124 * #define HASH_FINAL MD5_Final
125 * #define HASH_BLOCK_HOST_ORDER md5_block_host_order
126 * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
127 *
128 * <appro@fy.chalmers.se>
129 */
130
131#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
132#error "DATA_ORDER must be defined!"
133#endif
134
135#ifndef HASH_CBLOCK
136#error "HASH_CBLOCK must be defined!"
137#endif
138#ifndef HASH_LONG
139#error "HASH_LONG must be defined!"
140#endif
141#ifndef HASH_CTX
142#error "HASH_CTX must be defined!"
143#endif
144
145#ifndef HASH_UPDATE
146#error "HASH_UPDATE must be defined!"
147#endif
148#ifndef HASH_TRANSFORM
149#error "HASH_TRANSFORM must be defined!"
150#endif
151#ifndef HASH_FINAL
152#error "HASH_FINAL must be defined!"
153#endif
154
155#ifndef HASH_BLOCK_HOST_ORDER
156#error "HASH_BLOCK_HOST_ORDER must be defined!"
157#endif
158
159#if 0
160/*
161 * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
162 * isn't defined.
163 */
164#ifndef HASH_BLOCK_DATA_ORDER
165#error "HASH_BLOCK_DATA_ORDER must be defined!"
166#endif
167#endif
168
169#ifndef HASH_LBLOCK
170#define HASH_LBLOCK (HASH_CBLOCK/4)
171#endif
172
173#ifndef HASH_LONG_LOG2
174#define HASH_LONG_LOG2 2
175#endif
176
177/*
178 * Engage compiler specific rotate intrinsic function if available.
179 */
180#undef ROTATE
181#ifndef PEDANTIC
182# if defined(_MSC_VER)
183# define ROTATE(a,n) _lrotl(a,n)
184# elif defined(__MWERKS__)
185# if defined(__POWERPC__)
186# define ROTATE(a,n) __rlwinm(a,n,0,31)
187# elif defined(__MC68K__)
188 /* Motorola specific tweak. <appro@fy.chalmers.se> */
189# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) )
190# else
191# define ROTATE(a,n) __rol(a,n)
192# endif
193# elif defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM)
194 /*
195 * Some GNU C inline assembler templates. Note that these are
196 * rotates by *constant* number of bits! But that's exactly
197 * what we need here...
198 *
199 * <appro@fy.chalmers.se>
200 */
201# if defined(__i386)
202# define ROTATE(a,n) ({ register unsigned int ret; \
203 asm ( \
204 "roll %1,%0" \
205 : "=r"(ret) \
206 : "I"(n), "0"(a) \
207 : "cc"); \
208 ret; \
209 })
210# elif defined(__powerpc) || defined(__ppc)
211# define ROTATE(a,n) ({ register unsigned int ret; \
212 asm ( \
213 "rlwinm %0,%1,%2,0,31" \
214 : "=r"(ret) \
215 : "r"(a), "I"(n)); \
216 ret; \
217 })
218# endif
219# endif
220
221/*
222 * Engage compiler specific "fetch in reverse byte order"
223 * intrinsic function if available.
224 */
225# if defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM)
226 /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */
227# if defined(__i386) && !defined(I386_ONLY)
228# define BE_FETCH32(a) ({ register unsigned int l=(a);\
229 asm ( \
230 "bswapl %0" \
231 : "=r"(l) : "0"(l)); \
232 l; \
233 })
234# elif defined(__powerpc)
235# define LE_FETCH32(a) ({ register unsigned int l; \
236 asm ( \
237 "lwbrx %0,0,%1" \
238 : "=r"(l) \
239 : "r"(a)); \
240 l; \
241 })
242
243# elif defined(__sparc) && defined(ULTRASPARC)
244# define LE_FETCH32(a) ({ register unsigned int l; \
245 asm ( \
246 "lda [%1]#ASI_PRIMARY_LITTLE,%0"\
247 : "=r"(l) \
248 : "r"(a)); \
249 l; \
250 })
251# endif
252# endif
253#endif /* PEDANTIC */
254
255#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */
256/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
257#ifdef ROTATE
258/* 5 instructions with rotate instruction, else 9 */
259#define REVERSE_FETCH32(a,l) ( \
260 l=*(const HASH_LONG *)(a), \
261 ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \
262 )
263#else
264/* 6 instructions with rotate instruction, else 8 */
265#define REVERSE_FETCH32(a,l) ( \
266 l=*(const HASH_LONG *)(a), \
267 l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \
268 ROTATE(l,16) \
269 )
270/*
271 * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
272 * It's rewritten as above for two reasons:
273 * - RISCs aren't good at long constants and have to explicitely
274 * compose 'em with several (well, usually 2) instructions in a
275 * register before performing the actual operation and (as you
276 * already realized:-) having same constant should inspire the
277 * compiler to permanently allocate the only register for it;
278 * - most modern CPUs have two ALUs, but usually only one has
279 * circuitry for shifts:-( this minor tweak inspires compiler
280 * to schedule shift instructions in a better way...
281 *
282 * <appro@fy.chalmers.se>
283 */
284#endif
285#endif
286
287#ifndef ROTATE
288#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
289#endif
290
291/*
292 * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
293 * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
294 * and host are of the same "endianess". It's possible to mask
295 * this with blank #define HASH_BLOCK_DATA_ORDER though...
296 *
297 * <appro@fy.chalmers.se>
298 */
299#if defined(B_ENDIAN)
300# if defined(DATA_ORDER_IS_BIG_ENDIAN)
301# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
302# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
303# endif
304# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
305# ifndef HOST_FETCH32
306# ifdef LE_FETCH32
307# define HOST_FETCH32(p,l) LE_FETCH32(p)
308# elif defined(REVERSE_FETCH32)
309# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l)
310# endif
311# endif
312# endif
313#elif defined(L_ENDIAN)
314# if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
315# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
316# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
317# endif
318# elif defined(DATA_ORDER_IS_BIG_ENDIAN)
319# ifndef HOST_FETCH32
320# ifdef BE_FETCH32
321# define HOST_FETCH32(p,l) BE_FETCH32(p)
322# elif defined(REVERSE_FETCH32)
323# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l)
324# endif
325# endif
326# endif
327#endif
328
329#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
330#ifndef HASH_BLOCK_DATA_ORDER
331#error "HASH_BLOCK_DATA_ORDER must be defined!"
332#endif
333#endif
334
335#if defined(DATA_ORDER_IS_BIG_ENDIAN)
336
337#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
338 l|=(((unsigned long)(*((c)++)))<<16), \
339 l|=(((unsigned long)(*((c)++)))<< 8), \
340 l|=(((unsigned long)(*((c)++))) ), \
341 l)
342#define HOST_p_c2l(c,l,n) { \
343 switch (n) { \
344 case 0: l =((unsigned long)(*((c)++)))<<24; \
345 case 1: l|=((unsigned long)(*((c)++)))<<16; \
346 case 2: l|=((unsigned long)(*((c)++)))<< 8; \
347 case 3: l|=((unsigned long)(*((c)++))); \
348 } }
349#define HOST_p_c2l_p(c,l,sc,len) { \
350 switch (sc) { \
351 case 0: l =((unsigned long)(*((c)++)))<<24; \
352 if (--len == 0) break; \
353 case 1: l|=((unsigned long)(*((c)++)))<<16; \
354 if (--len == 0) break; \
355 case 2: l|=((unsigned long)(*((c)++)))<< 8; \
356 } }
357/* NOTE the pointer is not incremented at the end of this */
358#define HOST_c2l_p(c,l,n) { \
359 l=0; (c)+=n; \
360 switch (n) { \
361 case 3: l =((unsigned long)(*(--(c))))<< 8; \
362 case 2: l|=((unsigned long)(*(--(c))))<<16; \
363 case 1: l|=((unsigned long)(*(--(c))))<<24; \
364 } }
365#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
366 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
367 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
368 *((c)++)=(unsigned char)(((l) )&0xff), \
369 l)
370
371#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
372
373#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
374 l|=(((unsigned long)(*((c)++)))<< 8), \
375 l|=(((unsigned long)(*((c)++)))<<16), \
376 l|=(((unsigned long)(*((c)++)))<<24), \
377 l)
378#define HOST_p_c2l(c,l,n) { \
379 switch (n) { \
380 case 0: l =((unsigned long)(*((c)++))); \
381 case 1: l|=((unsigned long)(*((c)++)))<< 8; \
382 case 2: l|=((unsigned long)(*((c)++)))<<16; \
383 case 3: l|=((unsigned long)(*((c)++)))<<24; \
384 } }
385#define HOST_p_c2l_p(c,l,sc,len) { \
386 switch (sc) { \
387 case 0: l =((unsigned long)(*((c)++))); \
388 if (--len == 0) break; \
389 case 1: l|=((unsigned long)(*((c)++)))<< 8; \
390 if (--len == 0) break; \
391 case 2: l|=((unsigned long)(*((c)++)))<<16; \
392 } }
393/* NOTE the pointer is not incremented at the end of this */
394#define HOST_c2l_p(c,l,n) { \
395 l=0; (c)+=n; \
396 switch (n) { \
397 case 3: l =((unsigned long)(*(--(c))))<<16; \
398 case 2: l|=((unsigned long)(*(--(c))))<< 8; \
399 case 1: l|=((unsigned long)(*(--(c)))); \
400 } }
401#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
402 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
403 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
404 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
405 l)
406
407#endif
408
409/*
410 * Time for some action:-)
411 */
412
413void HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len)
414 {
415 const unsigned char *data=data_;
416 register HASH_LONG * p;
417 register unsigned long l;
418 int sw,sc,ew,ec;
419
420 if (len==0) return;
421
422 l=(c->Nl+(len<<3))&0xffffffffL;
423 /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
424 * Wei Dai <weidai@eskimo.com> for pointing it out. */
425 if (l < c->Nl) /* overflow */
426 c->Nh++;
427 c->Nh+=(len>>29);
428 c->Nl=l;
429
430 if (c->num != 0)
431 {
432 p=c->data;
433 sw=c->num>>2;
434 sc=c->num&0x03;
435
436 if ((c->num+len) >= HASH_CBLOCK)
437 {
438 l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
439 for (; sw<HASH_LBLOCK; sw++)
440 {
441 HOST_c2l(data,l); p[sw]=l;
442 }
443 HASH_BLOCK_HOST_ORDER (c,p,1);
444 len-=(HASH_CBLOCK-c->num);
445 c->num=0;
446 /* drop through and do the rest */
447 }
448 else
449 {
450 c->num+=len;
451 if ((sc+len) < 4) /* ugly, add char's to a word */
452 {
453 l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
454 }
455 else
456 {
457 ew=(c->num>>2);
458 ec=(c->num&0x03);
459 l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
460 for (; sw < ew; sw++)
461 {
462 HOST_c2l(data,l); p[sw]=l;
463 }
464 if (ec)
465 {
466 HOST_c2l_p(data,l,ec); p[sw]=l;
467 }
468 }
469 return;
470 }
471 }
472
473 sw=len/HASH_CBLOCK;
474 if (sw > 0)
475 {
476#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
477 /*
478 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
479 * only if sizeof(HASH_LONG)==4.
480 */
481 if ((((unsigned long)data)%4) == 0)
482 {
483 /* data is properly aligned so that we can cast it: */
484 HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw);
485 sw*=HASH_CBLOCK;
486 data+=sw;
487 len-=sw;
488 }
489 else
490#if !defined(HASH_BLOCK_DATA_ORDER)
491 while (sw--)
492 {
493 memcpy (p=c->data,data,HASH_CBLOCK);
494 HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
495 data+=HASH_CBLOCK;
496 len-=HASH_CBLOCK;
497 }
498#endif
499#endif
500#if defined(HASH_BLOCK_DATA_ORDER)
501 {
502 HASH_BLOCK_DATA_ORDER(c,data,sw);
503 sw*=HASH_CBLOCK;
504 data+=sw;
505 len-=sw;
506 }
507#endif
508 }
509
510 if (len!=0)
511 {
512 p = c->data;
513 c->num = len;
514 ew=len>>2; /* words to copy */
515 ec=len&0x03;
516 for (; ew; ew--,p++)
517 {
518 HOST_c2l(data,l); *p=l;
519 }
520 HOST_c2l_p(data,l,ec);
521 *p=l;
522 }
523 }
524
525
526void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
527 {
528#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
529 if ((((unsigned long)data)%4) == 0)
530 /* data is properly aligned so that we can cast it: */
531 HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1);
532 else
533#if !defined(HASH_BLOCK_DATA_ORDER)
534 {
535 memcpy (c->data,data,HASH_CBLOCK);
536 HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
537 }
538#endif
539#endif
540#if defined(HASH_BLOCK_DATA_ORDER)
541 HASH_BLOCK_DATA_ORDER (c,data,1);
542#endif
543 }
544
545
546void HASH_FINAL (unsigned char *md, HASH_CTX *c)
547 {
548 register HASH_LONG *p;
549 register unsigned long l;
550 register int i,j;
551 static const unsigned char end[4]={0x80,0x00,0x00,0x00};
552 const unsigned char *cp=end;
553
554 /* c->num should definitly have room for at least one more byte. */
555 p=c->data;
556 i=c->num>>2;
557 j=c->num&0x03;
558
559#if 0
560 /* purify often complains about the following line as an
561 * Uninitialized Memory Read. While this can be true, the
562 * following p_c2l macro will reset l when that case is true.
563 * This is because j&0x03 contains the number of 'valid' bytes
564 * already in p[i]. If and only if j&0x03 == 0, the UMR will
565 * occur but this is also the only time p_c2l will do
566 * l= *(cp++) instead of l|= *(cp++)
567 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
568 * 'potential bug' */
569#ifdef PURIFY
570 if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
571#endif
572 l=p[i];
573#else
574 l = (j==0) ? 0 : p[i];
575#endif
576 HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
577
578 if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
579 {
580 if (i<HASH_LBLOCK) p[i]=0;
581 HASH_BLOCK_HOST_ORDER (c,p,1);
582 i=0;
583 }
584 for (; i<(HASH_LBLOCK-2); i++)
585 p[i]=0;
586
587#if defined(DATA_ORDER_IS_BIG_ENDIAN)
588 p[HASH_LBLOCK-2]=c->Nh;
589 p[HASH_LBLOCK-1]=c->Nl;
590#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
591 p[HASH_LBLOCK-2]=c->Nl;
592 p[HASH_LBLOCK-1]=c->Nh;
593#endif
594 HASH_BLOCK_HOST_ORDER (c,p,1);
595
596#ifndef HASH_MAKE_STRING
597#error "HASH_MAKE_STRING must be defined!"
598#else
599 HASH_MAKE_STRING(c,md);
600#endif
601
602 c->num=0;
603 /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
604 * but I'm not worried :-)
605 memset((void *)c,0,sizeof(HASH_CTX));
606 */
607 }
diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h
deleted file mode 100644
index c794e186db..0000000000
--- a/src/lib/libcrypto/md4/md4.h
+++ /dev/null
@@ -1,114 +0,0 @@
1/* crypto/md4/md4.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_MD4_H
60#define HEADER_MD4_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#ifdef NO_MD4
67#error MD4 is disabled.
68#endif
69
70/*
71 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
72 * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
73 * ! MD4_LONG_LOG2 has to be defined along. !
74 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
75 */
76
77#if defined(WIN16) || defined(__LP32__)
78#define MD4_LONG unsigned long
79#elif defined(_CRAY) || defined(__ILP64__)
80#define MD4_LONG unsigned long
81#define MD4_LONG_LOG2 3
82/*
83 * _CRAY note. I could declare short, but I have no idea what impact
84 * does it have on performance on none-T3E machines. I could declare
85 * int, but at least on C90 sizeof(int) can be chosen at compile time.
86 * So I've chosen long...
87 * <appro@fy.chalmers.se>
88 */
89#else
90#define MD4_LONG unsigned int
91#endif
92
93#define MD4_CBLOCK 64
94#define MD4_LBLOCK (MD4_CBLOCK/4)
95#define MD4_DIGEST_LENGTH 16
96
97typedef struct MD4state_st
98 {
99 MD4_LONG A,B,C,D;
100 MD4_LONG Nl,Nh;
101 MD4_LONG data[MD4_LBLOCK];
102 int num;
103 } MD4_CTX;
104
105void MD4_Init(MD4_CTX *c);
106void MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
107void MD4_Final(unsigned char *md, MD4_CTX *c);
108unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
109void MD4_Transform(MD4_CTX *c, const unsigned char *b);
110#ifdef __cplusplus
111}
112#endif
113
114#endif
diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c
deleted file mode 100644
index 81488ae2e2..0000000000
--- a/src/lib/libcrypto/md4/md4_dgst.c
+++ /dev/null
@@ -1,285 +0,0 @@
1/* crypto/md4/md4_dgst.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "md4_locl.h"
61#include <openssl/opensslv.h>
62
63const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
64
65/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
66 */
67
68#define INIT_DATA_A (unsigned long)0x67452301L
69#define INIT_DATA_B (unsigned long)0xefcdab89L
70#define INIT_DATA_C (unsigned long)0x98badcfeL
71#define INIT_DATA_D (unsigned long)0x10325476L
72
73void MD4_Init(MD4_CTX *c)
74 {
75 c->A=INIT_DATA_A;
76 c->B=INIT_DATA_B;
77 c->C=INIT_DATA_C;
78 c->D=INIT_DATA_D;
79 c->Nl=0;
80 c->Nh=0;
81 c->num=0;
82 }
83
84#ifndef md4_block_host_order
85void md4_block_host_order (MD4_CTX *c, const void *data, int num)
86 {
87 const MD4_LONG *X=data;
88 register unsigned long A,B,C,D;
89 /*
90 * In case you wonder why A-D are declared as long and not
91 * as MD4_LONG. Doing so results in slight performance
92 * boost on LP64 architectures. The catch is we don't
93 * really care if 32 MSBs of a 64-bit register get polluted
94 * with eventual overflows as we *save* only 32 LSBs in
95 * *either* case. Now declaring 'em long excuses the compiler
96 * from keeping 32 MSBs zeroed resulting in 13% performance
97 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
98 * Well, to be honest it should say that this *prevents*
99 * performance degradation.
100 *
101 * <appro@fy.chalmers.se>
102 */
103
104 A=c->A;
105 B=c->B;
106 C=c->C;
107 D=c->D;
108
109 for (;num--;X+=HASH_LBLOCK)
110 {
111 /* Round 0 */
112 R0(A,B,C,D,X[ 0], 3,0);
113 R0(D,A,B,C,X[ 1], 7,0);
114 R0(C,D,A,B,X[ 2],11,0);
115 R0(B,C,D,A,X[ 3],19,0);
116 R0(A,B,C,D,X[ 4], 3,0);
117 R0(D,A,B,C,X[ 5], 7,0);
118 R0(C,D,A,B,X[ 6],11,0);
119 R0(B,C,D,A,X[ 7],19,0);
120 R0(A,B,C,D,X[ 8], 3,0);
121 R0(D,A,B,C,X[ 9], 7,0);
122 R0(C,D,A,B,X[10],11,0);
123 R0(B,C,D,A,X[11],19,0);
124 R0(A,B,C,D,X[12], 3,0);
125 R0(D,A,B,C,X[13], 7,0);
126 R0(C,D,A,B,X[14],11,0);
127 R0(B,C,D,A,X[15],19,0);
128 /* Round 1 */
129 R1(A,B,C,D,X[ 0], 3,0x5A827999L);
130 R1(D,A,B,C,X[ 4], 5,0x5A827999L);
131 R1(C,D,A,B,X[ 8], 9,0x5A827999L);
132 R1(B,C,D,A,X[12],13,0x5A827999L);
133 R1(A,B,C,D,X[ 1], 3,0x5A827999L);
134 R1(D,A,B,C,X[ 5], 5,0x5A827999L);
135 R1(C,D,A,B,X[ 9], 9,0x5A827999L);
136 R1(B,C,D,A,X[13],13,0x5A827999L);
137 R1(A,B,C,D,X[ 2], 3,0x5A827999L);
138 R1(D,A,B,C,X[ 6], 5,0x5A827999L);
139 R1(C,D,A,B,X[10], 9,0x5A827999L);
140 R1(B,C,D,A,X[14],13,0x5A827999L);
141 R1(A,B,C,D,X[ 3], 3,0x5A827999L);
142 R1(D,A,B,C,X[ 7], 5,0x5A827999L);
143 R1(C,D,A,B,X[11], 9,0x5A827999L);
144 R1(B,C,D,A,X[15],13,0x5A827999L);
145 /* Round 2 */
146 R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1);
147 R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1);
148 R2(C,D,A,B,X[ 4],11,0x6ED9EBA1);
149 R2(B,C,D,A,X[12],15,0x6ED9EBA1);
150 R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1);
151 R2(D,A,B,C,X[10], 9,0x6ED9EBA1);
152 R2(C,D,A,B,X[ 6],11,0x6ED9EBA1);
153 R2(B,C,D,A,X[14],15,0x6ED9EBA1);
154 R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1);
155 R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1);
156 R2(C,D,A,B,X[ 5],11,0x6ED9EBA1);
157 R2(B,C,D,A,X[13],15,0x6ED9EBA1);
158 R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1);
159 R2(D,A,B,C,X[11], 9,0x6ED9EBA1);
160 R2(C,D,A,B,X[ 7],11,0x6ED9EBA1);
161 R2(B,C,D,A,X[15],15,0x6ED9EBA1);
162
163 A = c->A += A;
164 B = c->B += B;
165 C = c->C += C;
166 D = c->D += D;
167 }
168 }
169#endif
170
171#ifndef md4_block_data_order
172#ifdef X
173#undef X
174#endif
175void md4_block_data_order (MD4_CTX *c, const void *data_, int num)
176 {
177 const unsigned char *data=data_;
178 register unsigned long A,B,C,D,l;
179 /*
180 * In case you wonder why A-D are declared as long and not
181 * as MD4_LONG. Doing so results in slight performance
182 * boost on LP64 architectures. The catch is we don't
183 * really care if 32 MSBs of a 64-bit register get polluted
184 * with eventual overflows as we *save* only 32 LSBs in
185 * *either* case. Now declaring 'em long excuses the compiler
186 * from keeping 32 MSBs zeroed resulting in 13% performance
187 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
188 * Well, to be honest it should say that this *prevents*
189 * performance degradation.
190 *
191 * <appro@fy.chalmers.se>
192 */
193#ifndef MD32_XARRAY
194 /* See comment in crypto/sha/sha_locl.h for details. */
195 unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
196 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
197# define X(i) XX##i
198#else
199 MD4_LONG XX[MD4_LBLOCK];
200# define X(i) XX[i]
201#endif
202
203 A=c->A;
204 B=c->B;
205 C=c->C;
206 D=c->D;
207
208 for (;num--;)
209 {
210 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
211 /* Round 0 */
212 R0(A,B,C,D,X( 0), 3,0); HOST_c2l(data,l); X( 2)=l;
213 R0(D,A,B,C,X( 1), 7,0); HOST_c2l(data,l); X( 3)=l;
214 R0(C,D,A,B,X( 2),11,0); HOST_c2l(data,l); X( 4)=l;
215 R0(B,C,D,A,X( 3),19,0); HOST_c2l(data,l); X( 5)=l;
216 R0(A,B,C,D,X( 4), 3,0); HOST_c2l(data,l); X( 6)=l;
217 R0(D,A,B,C,X( 5), 7,0); HOST_c2l(data,l); X( 7)=l;
218 R0(C,D,A,B,X( 6),11,0); HOST_c2l(data,l); X( 8)=l;
219 R0(B,C,D,A,X( 7),19,0); HOST_c2l(data,l); X( 9)=l;
220 R0(A,B,C,D,X( 8), 3,0); HOST_c2l(data,l); X(10)=l;
221 R0(D,A,B,C,X( 9), 7,0); HOST_c2l(data,l); X(11)=l;
222 R0(C,D,A,B,X(10),11,0); HOST_c2l(data,l); X(12)=l;
223 R0(B,C,D,A,X(11),19,0); HOST_c2l(data,l); X(13)=l;
224 R0(A,B,C,D,X(12), 3,0); HOST_c2l(data,l); X(14)=l;
225 R0(D,A,B,C,X(13), 7,0); HOST_c2l(data,l); X(15)=l;
226 R0(C,D,A,B,X(14),11,0);
227 R0(B,C,D,A,X(15),19,0);
228 /* Round 1 */
229 R1(A,B,C,D,X( 0), 3,0x5A827999L);
230 R1(D,A,B,C,X( 4), 5,0x5A827999L);
231 R1(C,D,A,B,X( 8), 9,0x5A827999L);
232 R1(B,C,D,A,X(12),13,0x5A827999L);
233 R1(A,B,C,D,X( 1), 3,0x5A827999L);
234 R1(D,A,B,C,X( 5), 5,0x5A827999L);
235 R1(C,D,A,B,X( 9), 9,0x5A827999L);
236 R1(B,C,D,A,X(13),13,0x5A827999L);
237 R1(A,B,C,D,X( 2), 3,0x5A827999L);
238 R1(D,A,B,C,X( 6), 5,0x5A827999L);
239 R1(C,D,A,B,X(10), 9,0x5A827999L);
240 R1(B,C,D,A,X(14),13,0x5A827999L);
241 R1(A,B,C,D,X( 3), 3,0x5A827999L);
242 R1(D,A,B,C,X( 7), 5,0x5A827999L);
243 R1(C,D,A,B,X(11), 9,0x5A827999L);
244 R1(B,C,D,A,X(15),13,0x5A827999L);
245 /* Round 2 */
246 R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
247 R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
248 R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
249 R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
250 R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
251 R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
252 R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
253 R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
254 R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
255 R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
256 R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
257 R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
258 R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
259 R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
260 R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
261 R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
262
263 A = c->A += A;
264 B = c->B += B;
265 C = c->C += C;
266 D = c->D += D;
267 }
268 }
269#endif
270
271#ifdef undef
272int printit(unsigned long *l)
273 {
274 int i,ii;
275
276 for (i=0; i<2; i++)
277 {
278 for (ii=0; ii<8; ii++)
279 {
280 fprintf(stderr,"%08lx ",l[i*8+ii]);
281 }
282 fprintf(stderr,"\n");
283 }
284 }
285#endif
diff --git a/src/lib/libcrypto/md4/md4_locl.h b/src/lib/libcrypto/md4/md4_locl.h
deleted file mode 100644
index 0a2b39018d..0000000000
--- a/src/lib/libcrypto/md4/md4_locl.h
+++ /dev/null
@@ -1,154 +0,0 @@
1/* crypto/md4/md4_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdlib.h>
60#include <string.h>
61#include <openssl/opensslconf.h>
62#include <openssl/md4.h>
63
64#ifndef MD4_LONG_LOG2
65#define MD4_LONG_LOG2 2 /* default to 32 bits */
66#endif
67
68void md4_block_host_order (MD4_CTX *c, const void *p,int num);
69void md4_block_data_order (MD4_CTX *c, const void *p,int num);
70
71#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
72/*
73 * *_block_host_order is expected to handle aligned data while
74 * *_block_data_order - unaligned. As algorithm and host (x86)
75 * are in this case of the same "endianness" these two are
76 * otherwise indistinguishable. But normally you don't want to
77 * call the same function because unaligned access in places
78 * where alignment is expected is usually a "Bad Thing". Indeed,
79 * on RISCs you get punished with BUS ERROR signal or *severe*
80 * performance degradation. Intel CPUs are in turn perfectly
81 * capable of loading unaligned data without such drastic side
82 * effect. Yes, they say it's slower than aligned load, but no
83 * exception is generated and therefore performance degradation
84 * is *incomparable* with RISCs. What we should weight here is
85 * costs of unaligned access against costs of aligning data.
86 * According to my measurements allowing unaligned access results
87 * in ~9% performance improvement on Pentium II operating at
88 * 266MHz. I won't be surprised if the difference will be higher
89 * on faster systems:-)
90 *
91 * <appro@fy.chalmers.se>
92 */
93#define md4_block_data_order md4_block_host_order
94#endif
95
96#define DATA_ORDER_IS_LITTLE_ENDIAN
97
98#define HASH_LONG MD4_LONG
99#define HASH_LONG_LOG2 MD4_LONG_LOG2
100#define HASH_CTX MD4_CTX
101#define HASH_CBLOCK MD4_CBLOCK
102#define HASH_LBLOCK MD4_LBLOCK
103#define HASH_UPDATE MD4_Update
104#define HASH_TRANSFORM MD4_Transform
105#define HASH_FINAL MD4_Final
106#define HASH_MAKE_STRING(c,s) do { \
107 unsigned long ll; \
108 ll=(c)->A; HOST_l2c(ll,(s)); \
109 ll=(c)->B; HOST_l2c(ll,(s)); \
110 ll=(c)->C; HOST_l2c(ll,(s)); \
111 ll=(c)->D; HOST_l2c(ll,(s)); \
112 } while (0)
113#define HASH_BLOCK_HOST_ORDER md4_block_host_order
114#if !defined(L_ENDIAN) || defined(md4_block_data_order)
115#define HASH_BLOCK_DATA_ORDER md4_block_data_order
116/*
117 * Little-endians (Intel and Alpha) feel better without this.
118 * It looks like memcpy does better job than generic
119 * md4_block_data_order on copying-n-aligning input data.
120 * But frankly speaking I didn't expect such result on Alpha.
121 * On the other hand I've got this with egcs-1.0.2 and if
122 * program is compiled with another (better?) compiler it
123 * might turn out other way around.
124 *
125 * <appro@fy.chalmers.se>
126 */
127#endif
128
129#include "md32_common.h"
130
131/*
132#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
133#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z))))
134*/
135
136/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
137 * simplified to the code below. Wei attributes these optimizations
138 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
139 */
140#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
141#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
142#define H(b,c,d) ((b) ^ (c) ^ (d))
143
144#define R0(a,b,c,d,k,s,t) { \
145 a+=((k)+(t)+F((b),(c),(d))); \
146 a=ROTATE(a,s); };
147
148#define R1(a,b,c,d,k,s,t) { \
149 a+=((k)+(t)+G((b),(c),(d))); \
150 a=ROTATE(a,s); };\
151
152#define R2(a,b,c,d,k,s,t) { \
153 a+=((k)+(t)+H((b),(c),(d))); \
154 a=ROTATE(a,s); };
diff --git a/src/lib/libcrypto/md4/md4_one.c b/src/lib/libcrypto/md4/md4_one.c
deleted file mode 100644
index 87a995d38d..0000000000
--- a/src/lib/libcrypto/md4/md4_one.c
+++ /dev/null
@@ -1,95 +0,0 @@
1/* crypto/md4/md4_one.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/md4.h>
62
63#ifdef CHARSET_EBCDIC
64#include <openssl/ebcdic.h>
65#endif
66
67unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
68 {
69 MD4_CTX c;
70 static unsigned char m[MD4_DIGEST_LENGTH];
71
72 if (md == NULL) md=m;
73 MD4_Init(&c);
74#ifndef CHARSET_EBCDIC
75 MD4_Update(&c,d,n);
76#else
77 {
78 char temp[1024];
79 unsigned long chunk;
80
81 while (n > 0)
82 {
83 chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
84 ebcdic2ascii(temp, d, chunk);
85 MD4_Update(&c,temp,chunk);
86 n -= chunk;
87 d += chunk;
88 }
89 }
90#endif
91 MD4_Final(md,&c);
92 memset(&c,0,sizeof(c)); /* security consideration */
93 return(md);
94 }
95
diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl
deleted file mode 100644
index 5fc6a205ce..0000000000
--- a/src/lib/libcrypto/md5/asm/md5-586.pl
+++ /dev/null
@@ -1,306 +0,0 @@
1#!/usr/local/bin/perl
2
3# Normal is the
4# md5_block_x86(MD5_CTX *c, ULONG *X);
5# version, non-normal is the
6# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
7
8$normal=0;
9
10push(@INC,"perlasm","../../perlasm");
11require "x86asm.pl";
12
13&asm_init($ARGV[0],$0);
14
15$A="eax";
16$B="ebx";
17$C="ecx";
18$D="edx";
19$tmp1="edi";
20$tmp2="ebp";
21$X="esi";
22
23# What we need to load into $tmp for the next round
24%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
25@xo=(
26 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0
27 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1
28 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2
29 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3
30 );
31
32&md5_block("md5_block_asm_host_order");
33&asm_finish();
34
35sub Np
36 {
37 local($p)=@_;
38 local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
39 return($n{$p});
40 }
41
42sub R0
43 {
44 local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
45
46 &mov($tmp1,$C) if $pos < 0;
47 &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one
48
49 # body proper
50
51 &comment("R0 $ki");
52 &xor($tmp1,$d); # F function - part 2
53
54 &and($tmp1,$b); # F function - part 3
55 &lea($a,&DWP($t,$a,$tmp2,1));
56
57 &xor($tmp1,$d); # F function - part 4
58
59 &add($a,$tmp1);
60 &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0
61 &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1
62
63 &rotl($a,$s);
64
65 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
66
67 &add($a,$b);
68 }
69
70sub R1
71 {
72 local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
73
74 &comment("R1 $ki");
75
76 &lea($a,&DWP($t,$a,$tmp2,1));
77
78 &xor($tmp1,$b); # G function - part 2
79 &and($tmp1,$d); # G function - part 3
80
81 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
82 &xor($tmp1,$c); # G function - part 4
83
84 &add($a,$tmp1);
85 &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1
86 &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1
87
88 &rotl($a,$s);
89
90 &add($a,$b);
91 }
92
93sub R2
94 {
95 local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
96 # This one is different, only 3 logical operations
97
98if (($n & 1) == 0)
99 {
100 &comment("R2 $ki");
101 # make sure to do 'D' first, not 'B', else we clash with
102 # the last add from the previous round.
103
104 &xor($tmp1,$d); # H function - part 2
105
106 &xor($tmp1,$b); # H function - part 3
107 &lea($a,&DWP($t,$a,$tmp2,1));
108
109 &add($a,$tmp1);
110
111 &rotl($a,$s);
112
113 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
114 &mov($tmp1,&Np($c));
115 }
116else
117 {
118 &comment("R2 $ki");
119 # make sure to do 'D' first, not 'B', else we clash with
120 # the last add from the previous round.
121
122 &lea($a,&DWP($t,$a,$tmp2,1));
123
124 &add($b,$c); # MOVED FORWARD
125 &xor($tmp1,$d); # H function - part 2
126
127 &xor($tmp1,$b); # H function - part 3
128 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
129
130 &add($a,$tmp1);
131 &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1
132 &mov($tmp1,-1) if $pos == 1; # I function - part 1
133
134 &rotl($a,$s);
135
136 &add($a,$b);
137 }
138 }
139
140sub R3
141 {
142 local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
143
144 &comment("R3 $ki");
145
146 # &not($tmp1)
147 &xor($tmp1,$d) if $pos < 0; # I function - part 2
148
149 &or($tmp1,$b); # I function - part 3
150 &lea($a,&DWP($t,$a,$tmp2,1));
151
152 &xor($tmp1,$c); # I function - part 4
153 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value
154 &mov($tmp2,&wparam(0)) if $pos == 2;
155
156 &add($a,$tmp1);
157 &mov($tmp1,-1) if $pos < 1; # H function - part 1
158 &add($K,64) if $pos >=1 && !$normal;
159
160 &rotl($a,$s);
161
162 &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time
163 &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
164 &add($a,$b);
165 }
166
167
168sub md5_block
169 {
170 local($name)=@_;
171
172 &function_begin_B($name,"",3);
173
174 # parameter 1 is the MD5_CTX structure.
175 # A 0
176 # B 4
177 # C 8
178 # D 12
179
180 &push("esi");
181 &push("edi");
182 &mov($tmp1, &wparam(0)); # edi
183 &mov($X, &wparam(1)); # esi
184 &mov($C, &wparam(2));
185 &push("ebp");
186 &shl($C, 6);
187 &push("ebx");
188 &add($C, $X); # offset we end at
189 &sub($C, 64);
190 &mov($A, &DWP( 0,$tmp1,"",0));
191 &push($C); # Put on the TOS
192 &mov($B, &DWP( 4,$tmp1,"",0));
193 &mov($C, &DWP( 8,$tmp1,"",0));
194 &mov($D, &DWP(12,$tmp1,"",0));
195
196 &set_label("start") unless $normal;
197 &comment("");
198 &comment("R0 section");
199
200 &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
201 &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
202 &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
203 &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
204 &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
205 &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
206 &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
207 &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
208 &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
209 &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
210 &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
211 &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
212 &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
213 &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
214 &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
215 &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
216
217 &comment("");
218 &comment("R1 section");
219 &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
220 &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
221 &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
222 &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
223 &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
224 &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
225 &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
226 &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
227 &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
228 &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
229 &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
230 &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
231 &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
232 &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
233 &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
234 &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
235
236 &comment("");
237 &comment("R2 section");
238 &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
239 &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
240 &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
241 &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
242 &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
243 &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
244 &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
245 &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
246 &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
247 &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
248 &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
249 &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
250 &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
251 &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
252 &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
253 &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
254
255 &comment("");
256 &comment("R3 section");
257 &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
258 &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
259 &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
260 &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
261 &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
262 &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
263 &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
264 &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
265 &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
266 &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
267 &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
268 &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
269 &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
270 &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
271 &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
272 &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
273
274 # &mov($tmp2,&wparam(0)); # done in the last R3
275 # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3
276
277 &add($A,$tmp1);
278 &mov($tmp1, &DWP( 4,$tmp2,"",0));
279
280 &add($B,$tmp1);
281 &mov($tmp1, &DWP( 8,$tmp2,"",0));
282
283 &add($C,$tmp1);
284 &mov($tmp1, &DWP(12,$tmp2,"",0));
285
286 &add($D,$tmp1);
287 &mov(&DWP( 0,$tmp2,"",0),$A);
288
289 &mov(&DWP( 4,$tmp2,"",0),$B);
290 &mov($tmp1,&swtmp(0)) unless $normal;
291
292 &mov(&DWP( 8,$tmp2,"",0),$C);
293 &mov(&DWP(12,$tmp2,"",0),$D);
294
295 &cmp($tmp1,$X) unless $normal; # check count
296 &jge(&label("start")) unless $normal;
297
298 &pop("eax"); # pop the temp variable off the stack
299 &pop("ebx");
300 &pop("ebp");
301 &pop("edi");
302 &pop("esi");
303 &ret();
304 &function_end_B($name);
305 }
306
diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h
deleted file mode 100644
index d10bc8397f..0000000000
--- a/src/lib/libcrypto/md5/md5.h
+++ /dev/null
@@ -1,114 +0,0 @@
1/* crypto/md5/md5.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_MD5_H
60#define HEADER_MD5_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#ifdef NO_MD5
67#error MD5 is disabled.
68#endif
69
70/*
71 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
72 * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
73 * ! MD5_LONG_LOG2 has to be defined along. !
74 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
75 */
76
77#if defined(WIN16) || defined(__LP32__)
78#define MD5_LONG unsigned long
79#elif defined(_CRAY) || defined(__ILP64__)
80#define MD5_LONG unsigned long
81#define MD5_LONG_LOG2 3
82/*
83 * _CRAY note. I could declare short, but I have no idea what impact
84 * does it have on performance on none-T3E machines. I could declare
85 * int, but at least on C90 sizeof(int) can be chosen at compile time.
86 * So I've chosen long...
87 * <appro@fy.chalmers.se>
88 */
89#else
90#define MD5_LONG unsigned int
91#endif
92
93#define MD5_CBLOCK 64
94#define MD5_LBLOCK (MD5_CBLOCK/4)
95#define MD5_DIGEST_LENGTH 16
96
97typedef struct MD5state_st
98 {
99 MD5_LONG A,B,C,D;
100 MD5_LONG Nl,Nh;
101 MD5_LONG data[MD5_LBLOCK];
102 int num;
103 } MD5_CTX;
104
105void MD5_Init(MD5_CTX *c);
106void MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
107void MD5_Final(unsigned char *md, MD5_CTX *c);
108unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
109void MD5_Transform(MD5_CTX *c, const unsigned char *b);
110#ifdef __cplusplus
111}
112#endif
113
114#endif
diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c
deleted file mode 100644
index 23d196b8d4..0000000000
--- a/src/lib/libcrypto/md5/md5_dgst.c
+++ /dev/null
@@ -1,319 +0,0 @@
1/* crypto/md5/md5_dgst.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "md5_locl.h"
61#include <openssl/opensslv.h>
62
63const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
64
65/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
66 */
67
68#define INIT_DATA_A (unsigned long)0x67452301L
69#define INIT_DATA_B (unsigned long)0xefcdab89L
70#define INIT_DATA_C (unsigned long)0x98badcfeL
71#define INIT_DATA_D (unsigned long)0x10325476L
72
73void MD5_Init(MD5_CTX *c)
74 {
75 c->A=INIT_DATA_A;
76 c->B=INIT_DATA_B;
77 c->C=INIT_DATA_C;
78 c->D=INIT_DATA_D;
79 c->Nl=0;
80 c->Nh=0;
81 c->num=0;
82 }
83
84#ifndef md5_block_host_order
85void md5_block_host_order (MD5_CTX *c, const void *data, int num)
86 {
87 const MD5_LONG *X=data;
88 register unsigned long A,B,C,D;
89 /*
90 * In case you wonder why A-D are declared as long and not
91 * as MD5_LONG. Doing so results in slight performance
92 * boost on LP64 architectures. The catch is we don't
93 * really care if 32 MSBs of a 64-bit register get polluted
94 * with eventual overflows as we *save* only 32 LSBs in
95 * *either* case. Now declaring 'em long excuses the compiler
96 * from keeping 32 MSBs zeroed resulting in 13% performance
97 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
98 * Well, to be honest it should say that this *prevents*
99 * performance degradation.
100 *
101 * <appro@fy.chalmers.se>
102 */
103
104 A=c->A;
105 B=c->B;
106 C=c->C;
107 D=c->D;
108
109 for (;num--;X+=HASH_LBLOCK)
110 {
111 /* Round 0 */
112 R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
113 R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
114 R0(C,D,A,B,X[ 2],17,0x242070dbL);
115 R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
116 R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
117 R0(D,A,B,C,X[ 5],12,0x4787c62aL);
118 R0(C,D,A,B,X[ 6],17,0xa8304613L);
119 R0(B,C,D,A,X[ 7],22,0xfd469501L);
120 R0(A,B,C,D,X[ 8], 7,0x698098d8L);
121 R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
122 R0(C,D,A,B,X[10],17,0xffff5bb1L);
123 R0(B,C,D,A,X[11],22,0x895cd7beL);
124 R0(A,B,C,D,X[12], 7,0x6b901122L);
125 R0(D,A,B,C,X[13],12,0xfd987193L);
126 R0(C,D,A,B,X[14],17,0xa679438eL);
127 R0(B,C,D,A,X[15],22,0x49b40821L);
128 /* Round 1 */
129 R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
130 R1(D,A,B,C,X[ 6], 9,0xc040b340L);
131 R1(C,D,A,B,X[11],14,0x265e5a51L);
132 R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
133 R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
134 R1(D,A,B,C,X[10], 9,0x02441453L);
135 R1(C,D,A,B,X[15],14,0xd8a1e681L);
136 R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
137 R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
138 R1(D,A,B,C,X[14], 9,0xc33707d6L);
139 R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
140 R1(B,C,D,A,X[ 8],20,0x455a14edL);
141 R1(A,B,C,D,X[13], 5,0xa9e3e905L);
142 R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
143 R1(C,D,A,B,X[ 7],14,0x676f02d9L);
144 R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
145 /* Round 2 */
146 R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
147 R2(D,A,B,C,X[ 8],11,0x8771f681L);
148 R2(C,D,A,B,X[11],16,0x6d9d6122L);
149 R2(B,C,D,A,X[14],23,0xfde5380cL);
150 R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
151 R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
152 R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
153 R2(B,C,D,A,X[10],23,0xbebfbc70L);
154 R2(A,B,C,D,X[13], 4,0x289b7ec6L);
155 R2(D,A,B,C,X[ 0],11,0xeaa127faL);
156 R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
157 R2(B,C,D,A,X[ 6],23,0x04881d05L);
158 R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
159 R2(D,A,B,C,X[12],11,0xe6db99e5L);
160 R2(C,D,A,B,X[15],16,0x1fa27cf8L);
161 R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
162 /* Round 3 */
163 R3(A,B,C,D,X[ 0], 6,0xf4292244L);
164 R3(D,A,B,C,X[ 7],10,0x432aff97L);
165 R3(C,D,A,B,X[14],15,0xab9423a7L);
166 R3(B,C,D,A,X[ 5],21,0xfc93a039L);
167 R3(A,B,C,D,X[12], 6,0x655b59c3L);
168 R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
169 R3(C,D,A,B,X[10],15,0xffeff47dL);
170 R3(B,C,D,A,X[ 1],21,0x85845dd1L);
171 R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
172 R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
173 R3(C,D,A,B,X[ 6],15,0xa3014314L);
174 R3(B,C,D,A,X[13],21,0x4e0811a1L);
175 R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
176 R3(D,A,B,C,X[11],10,0xbd3af235L);
177 R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
178 R3(B,C,D,A,X[ 9],21,0xeb86d391L);
179
180 A = c->A += A;
181 B = c->B += B;
182 C = c->C += C;
183 D = c->D += D;
184 }
185 }
186#endif
187
188#ifndef md5_block_data_order
189#ifdef X
190#undef X
191#endif
192void md5_block_data_order (MD5_CTX *c, const void *data_, int num)
193 {
194 const unsigned char *data=data_;
195 register unsigned long A,B,C,D,l;
196 /*
197 * In case you wonder why A-D are declared as long and not
198 * as MD5_LONG. Doing so results in slight performance
199 * boost on LP64 architectures. The catch is we don't
200 * really care if 32 MSBs of a 64-bit register get polluted
201 * with eventual overflows as we *save* only 32 LSBs in
202 * *either* case. Now declaring 'em long excuses the compiler
203 * from keeping 32 MSBs zeroed resulting in 13% performance
204 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
205 * Well, to be honest it should say that this *prevents*
206 * performance degradation.
207 *
208 * <appro@fy.chalmers.se>
209 */
210#ifndef MD32_XARRAY
211 /* See comment in crypto/sha/sha_locl.h for details. */
212 unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
213 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
214# define X(i) XX##i
215#else
216 MD5_LONG XX[MD5_LBLOCK];
217# define X(i) XX[i]
218#endif
219
220 A=c->A;
221 B=c->B;
222 C=c->C;
223 D=c->D;
224
225 for (;num--;)
226 {
227 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
228 /* Round 0 */
229 R0(A,B,C,D,X( 0), 7,0xd76aa478L); HOST_c2l(data,l); X( 2)=l;
230 R0(D,A,B,C,X( 1),12,0xe8c7b756L); HOST_c2l(data,l); X( 3)=l;
231 R0(C,D,A,B,X( 2),17,0x242070dbL); HOST_c2l(data,l); X( 4)=l;
232 R0(B,C,D,A,X( 3),22,0xc1bdceeeL); HOST_c2l(data,l); X( 5)=l;
233 R0(A,B,C,D,X( 4), 7,0xf57c0fafL); HOST_c2l(data,l); X( 6)=l;
234 R0(D,A,B,C,X( 5),12,0x4787c62aL); HOST_c2l(data,l); X( 7)=l;
235 R0(C,D,A,B,X( 6),17,0xa8304613L); HOST_c2l(data,l); X( 8)=l;
236 R0(B,C,D,A,X( 7),22,0xfd469501L); HOST_c2l(data,l); X( 9)=l;
237 R0(A,B,C,D,X( 8), 7,0x698098d8L); HOST_c2l(data,l); X(10)=l;
238 R0(D,A,B,C,X( 9),12,0x8b44f7afL); HOST_c2l(data,l); X(11)=l;
239 R0(C,D,A,B,X(10),17,0xffff5bb1L); HOST_c2l(data,l); X(12)=l;
240 R0(B,C,D,A,X(11),22,0x895cd7beL); HOST_c2l(data,l); X(13)=l;
241 R0(A,B,C,D,X(12), 7,0x6b901122L); HOST_c2l(data,l); X(14)=l;
242 R0(D,A,B,C,X(13),12,0xfd987193L); HOST_c2l(data,l); X(15)=l;
243 R0(C,D,A,B,X(14),17,0xa679438eL);
244 R0(B,C,D,A,X(15),22,0x49b40821L);
245 /* Round 1 */
246 R1(A,B,C,D,X( 1), 5,0xf61e2562L);
247 R1(D,A,B,C,X( 6), 9,0xc040b340L);
248 R1(C,D,A,B,X(11),14,0x265e5a51L);
249 R1(B,C,D,A,X( 0),20,0xe9b6c7aaL);
250 R1(A,B,C,D,X( 5), 5,0xd62f105dL);
251 R1(D,A,B,C,X(10), 9,0x02441453L);
252 R1(C,D,A,B,X(15),14,0xd8a1e681L);
253 R1(B,C,D,A,X( 4),20,0xe7d3fbc8L);
254 R1(A,B,C,D,X( 9), 5,0x21e1cde6L);
255 R1(D,A,B,C,X(14), 9,0xc33707d6L);
256 R1(C,D,A,B,X( 3),14,0xf4d50d87L);
257 R1(B,C,D,A,X( 8),20,0x455a14edL);
258 R1(A,B,C,D,X(13), 5,0xa9e3e905L);
259 R1(D,A,B,C,X( 2), 9,0xfcefa3f8L);
260 R1(C,D,A,B,X( 7),14,0x676f02d9L);
261 R1(B,C,D,A,X(12),20,0x8d2a4c8aL);
262 /* Round 2 */
263 R2(A,B,C,D,X( 5), 4,0xfffa3942L);
264 R2(D,A,B,C,X( 8),11,0x8771f681L);
265 R2(C,D,A,B,X(11),16,0x6d9d6122L);
266 R2(B,C,D,A,X(14),23,0xfde5380cL);
267 R2(A,B,C,D,X( 1), 4,0xa4beea44L);
268 R2(D,A,B,C,X( 4),11,0x4bdecfa9L);
269 R2(C,D,A,B,X( 7),16,0xf6bb4b60L);
270 R2(B,C,D,A,X(10),23,0xbebfbc70L);
271 R2(A,B,C,D,X(13), 4,0x289b7ec6L);
272 R2(D,A,B,C,X( 0),11,0xeaa127faL);
273 R2(C,D,A,B,X( 3),16,0xd4ef3085L);
274 R2(B,C,D,A,X( 6),23,0x04881d05L);
275 R2(A,B,C,D,X( 9), 4,0xd9d4d039L);
276 R2(D,A,B,C,X(12),11,0xe6db99e5L);
277 R2(C,D,A,B,X(15),16,0x1fa27cf8L);
278 R2(B,C,D,A,X( 2),23,0xc4ac5665L);
279 /* Round 3 */
280 R3(A,B,C,D,X( 0), 6,0xf4292244L);
281 R3(D,A,B,C,X( 7),10,0x432aff97L);
282 R3(C,D,A,B,X(14),15,0xab9423a7L);
283 R3(B,C,D,A,X( 5),21,0xfc93a039L);
284 R3(A,B,C,D,X(12), 6,0x655b59c3L);
285 R3(D,A,B,C,X( 3),10,0x8f0ccc92L);
286 R3(C,D,A,B,X(10),15,0xffeff47dL);
287 R3(B,C,D,A,X( 1),21,0x85845dd1L);
288 R3(A,B,C,D,X( 8), 6,0x6fa87e4fL);
289 R3(D,A,B,C,X(15),10,0xfe2ce6e0L);
290 R3(C,D,A,B,X( 6),15,0xa3014314L);
291 R3(B,C,D,A,X(13),21,0x4e0811a1L);
292 R3(A,B,C,D,X( 4), 6,0xf7537e82L);
293 R3(D,A,B,C,X(11),10,0xbd3af235L);
294 R3(C,D,A,B,X( 2),15,0x2ad7d2bbL);
295 R3(B,C,D,A,X( 9),21,0xeb86d391L);
296
297 A = c->A += A;
298 B = c->B += B;
299 C = c->C += C;
300 D = c->D += D;
301 }
302 }
303#endif
304
305#ifdef undef
306int printit(unsigned long *l)
307 {
308 int i,ii;
309
310 for (i=0; i<2; i++)
311 {
312 for (ii=0; ii<8; ii++)
313 {
314 fprintf(stderr,"%08lx ",l[i*8+ii]);
315 }
316 fprintf(stderr,"\n");
317 }
318 }
319#endif
diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h
deleted file mode 100644
index c912484122..0000000000
--- a/src/lib/libcrypto/md5/md5_locl.h
+++ /dev/null
@@ -1,172 +0,0 @@
1/* crypto/md5/md5_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdlib.h>
60#include <string.h>
61#include <openssl/opensslconf.h>
62#include <openssl/md5.h>
63
64#ifndef MD5_LONG_LOG2
65#define MD5_LONG_LOG2 2 /* default to 32 bits */
66#endif
67
68#ifdef MD5_ASM
69# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
70# define md5_block_host_order md5_block_asm_host_order
71# elif defined(__sparc) && defined(ULTRASPARC)
72 void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num);
73# define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned
74# endif
75#endif
76
77void md5_block_host_order (MD5_CTX *c, const void *p,int num);
78void md5_block_data_order (MD5_CTX *c, const void *p,int num);
79
80#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
81/*
82 * *_block_host_order is expected to handle aligned data while
83 * *_block_data_order - unaligned. As algorithm and host (x86)
84 * are in this case of the same "endianness" these two are
85 * otherwise indistinguishable. But normally you don't want to
86 * call the same function because unaligned access in places
87 * where alignment is expected is usually a "Bad Thing". Indeed,
88 * on RISCs you get punished with BUS ERROR signal or *severe*
89 * performance degradation. Intel CPUs are in turn perfectly
90 * capable of loading unaligned data without such drastic side
91 * effect. Yes, they say it's slower than aligned load, but no
92 * exception is generated and therefore performance degradation
93 * is *incomparable* with RISCs. What we should weight here is
94 * costs of unaligned access against costs of aligning data.
95 * According to my measurements allowing unaligned access results
96 * in ~9% performance improvement on Pentium II operating at
97 * 266MHz. I won't be surprised if the difference will be higher
98 * on faster systems:-)
99 *
100 * <appro@fy.chalmers.se>
101 */
102#define md5_block_data_order md5_block_host_order
103#endif
104
105#define DATA_ORDER_IS_LITTLE_ENDIAN
106
107#define HASH_LONG MD5_LONG
108#define HASH_LONG_LOG2 MD5_LONG_LOG2
109#define HASH_CTX MD5_CTX
110#define HASH_CBLOCK MD5_CBLOCK
111#define HASH_LBLOCK MD5_LBLOCK
112#define HASH_UPDATE MD5_Update
113#define HASH_TRANSFORM MD5_Transform
114#define HASH_FINAL MD5_Final
115#define HASH_MAKE_STRING(c,s) do { \
116 unsigned long ll; \
117 ll=(c)->A; HOST_l2c(ll,(s)); \
118 ll=(c)->B; HOST_l2c(ll,(s)); \
119 ll=(c)->C; HOST_l2c(ll,(s)); \
120 ll=(c)->D; HOST_l2c(ll,(s)); \
121 } while (0)
122#define HASH_BLOCK_HOST_ORDER md5_block_host_order
123#if !defined(L_ENDIAN) || defined(md5_block_data_order)
124#define HASH_BLOCK_DATA_ORDER md5_block_data_order
125/*
126 * Little-endians (Intel and Alpha) feel better without this.
127 * It looks like memcpy does better job than generic
128 * md5_block_data_order on copying-n-aligning input data.
129 * But frankly speaking I didn't expect such result on Alpha.
130 * On the other hand I've got this with egcs-1.0.2 and if
131 * program is compiled with another (better?) compiler it
132 * might turn out other way around.
133 *
134 * <appro@fy.chalmers.se>
135 */
136#endif
137
138#include "md32_common.h"
139
140/*
141#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
142#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
143*/
144
145/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
146 * simplified to the code below. Wei attributes these optimizations
147 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
148 */
149#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
150#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c))
151#define H(b,c,d) ((b) ^ (c) ^ (d))
152#define I(b,c,d) (((~(d)) | (b)) ^ (c))
153
154#define R0(a,b,c,d,k,s,t) { \
155 a+=((k)+(t)+F((b),(c),(d))); \
156 a=ROTATE(a,s); \
157 a+=b; };\
158
159#define R1(a,b,c,d,k,s,t) { \
160 a+=((k)+(t)+G((b),(c),(d))); \
161 a=ROTATE(a,s); \
162 a+=b; };
163
164#define R2(a,b,c,d,k,s,t) { \
165 a+=((k)+(t)+H((b),(c),(d))); \
166 a=ROTATE(a,s); \
167 a+=b; };
168
169#define R3(a,b,c,d,k,s,t) { \
170 a+=((k)+(t)+I((b),(c),(d))); \
171 a=ROTATE(a,s); \
172 a+=b; };
diff --git a/src/lib/libcrypto/md5/md5_one.c b/src/lib/libcrypto/md5/md5_one.c
deleted file mode 100644
index b89dec850d..0000000000
--- a/src/lib/libcrypto/md5/md5_one.c
+++ /dev/null
@@ -1,95 +0,0 @@
1/* crypto/md5/md5_one.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/md5.h>
62
63#ifdef CHARSET_EBCDIC
64#include <openssl/ebcdic.h>
65#endif
66
67unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
68 {
69 MD5_CTX c;
70 static unsigned char m[MD5_DIGEST_LENGTH];
71
72 if (md == NULL) md=m;
73 MD5_Init(&c);
74#ifndef CHARSET_EBCDIC
75 MD5_Update(&c,d,n);
76#else
77 {
78 char temp[1024];
79 unsigned long chunk;
80
81 while (n > 0)
82 {
83 chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
84 ebcdic2ascii(temp, d, chunk);
85 MD5_Update(&c,temp,chunk);
86 n -= chunk;
87 d += chunk;
88 }
89 }
90#endif
91 MD5_Final(md,&c);
92 memset(&c,0,sizeof(c)); /* security consideration */
93 return(md);
94 }
95
diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c
deleted file mode 100644
index ef19d8f844..0000000000
--- a/src/lib/libcrypto/mem_dbg.c
+++ /dev/null
@@ -1,756 +0,0 @@
1/* crypto/mem_dbg.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <time.h>
62#include <openssl/crypto.h>
63#include <openssl/buffer.h>
64#include <openssl/bio.h>
65#include <openssl/lhash.h>
66#include "cryptlib.h"
67
68static int mh_mode=CRYPTO_MEM_CHECK_OFF;
69/* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE
70 * when the application asks for it (usually after library initialisation
71 * for which no book-keeping is desired).
72 *
73 * State CRYPTO_MEM_CHECK_ON exists only temporarily when the library
74 * thinks that certain allocations should not be checked (e.g. the data
75 * structures used for memory checking). It is not suitable as an initial
76 * state: the library will unexpectedly enable memory checking when it
77 * executes one of those sections that want to disable checking
78 * temporarily.
79 *
80 * State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes no sense whatsoever.
81 */
82
83static unsigned long order = 0; /* number of memory requests */
84static LHASH *mh=NULL; /* hash-table of memory requests (address as key);
85 * access requires MALLOC2 lock */
86
87
88typedef struct app_mem_info_st
89/* For application-defined information (static C-string `info')
90 * to be displayed in memory leak list.
91 * Each thread has its own stack. For applications, there is
92 * CRYPTO_push_info("...") to push an entry,
93 * CRYPTO_pop_info() to pop an entry,
94 * CRYPTO_remove_all_info() to pop all entries.
95 */
96 {
97 unsigned long thread;
98 const char *file;
99 int line;
100 const char *info;
101 struct app_mem_info_st *next; /* tail of thread's stack */
102 int references;
103 } APP_INFO;
104
105static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's
106 * that are at the top of their thread's stack
107 * (with `thread' as key);
108 * access requires MALLOC2 lock */
109
110typedef struct mem_st
111/* memory-block description */
112 {
113 void *addr;
114 int num;
115 const char *file;
116 int line;
117 unsigned long thread;
118 unsigned long order;
119 time_t time;
120 APP_INFO *app_info;
121 } MEM;
122
123static long options = /* extra information to be recorded */
124#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL)
125 V_CRYPTO_MDEBUG_TIME |
126#endif
127#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL)
128 V_CRYPTO_MDEBUG_THREAD |
129#endif
130 0;
131
132
133static unsigned int num_disable = 0; /* num_disable > 0
134 * iff
135 * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE)
136 */
137static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0.
138 * CRYPTO_LOCK_MALLOC2 is locked
139 * exactly in this case (by the
140 * thread named in disabling_thread).
141 */
142
143int CRYPTO_mem_ctrl(int mode)
144 {
145 int ret=mh_mode;
146
147 CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
148 switch (mode)
149 {
150 /* for applications (not to be called while multiple threads
151 * use the library): */
152 case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */
153 mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE;
154 num_disable = 0;
155 break;
156 case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */
157 mh_mode = 0;
158 num_disable = 0; /* should be true *before* MemCheck_stop is used,
159 or there'll be a lot of confusion */
160 break;
161
162 /* switch off temporarily (for library-internal use): */
163 case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
164 if (mh_mode & CRYPTO_MEM_CHECK_ON)
165 {
166 if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */
167 {
168 /* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while
169 * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if
170 * somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot release
171 * it because we block entry to this function).
172 * Give them a chance, first, and then claim the locks in
173 * appropriate order (long-time lock first).
174 */
175 CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
176 /* Note that after we have waited for CRYPTO_LOCK_MALLOC2
177 * and CRYPTO_LOCK_MALLOC, we'll still be in the right
178 * "case" and "if" branch because MemCheck_start and
179 * MemCheck_stop may never be used while there are multiple
180 * OpenSSL threads. */
181 CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
182 CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
183 mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
184 disabling_thread=CRYPTO_thread_id();
185 }
186 num_disable++;
187 }
188 break;
189 case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */
190 if (mh_mode & CRYPTO_MEM_CHECK_ON)
191 {
192 if (num_disable) /* always true, or something is going wrong */
193 {
194 num_disable--;
195 if (num_disable == 0)
196 {
197 mh_mode|=CRYPTO_MEM_CHECK_ENABLE;
198 CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
199 }
200 }
201 }
202 break;
203
204 default:
205 break;
206 }
207 CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
208 return(ret);
209 }
210
211int CRYPTO_is_mem_check_on(void)
212 {
213 int ret = 0;
214
215 if (mh_mode & CRYPTO_MEM_CHECK_ON)
216 {
217 CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
218
219 ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
220 || (disabling_thread != CRYPTO_thread_id());
221
222 CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
223 }
224 return(ret);
225 }
226
227
228void CRYPTO_dbg_set_options(long bits)
229 {
230 options = bits;
231 }
232
233long CRYPTO_dbg_get_options(void)
234 {
235 return options;
236 }
237
238static int mem_cmp(MEM *a, MEM *b)
239 {
240 return((char *)a->addr - (char *)b->addr);
241 }
242
243static unsigned long mem_hash(MEM *a)
244 {
245 unsigned long ret;
246
247 ret=(unsigned long)a->addr;
248
249 ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
250 return(ret);
251 }
252
253static int app_info_cmp(APP_INFO *a, APP_INFO *b)
254 {
255 return(a->thread != b->thread);
256 }
257
258static unsigned long app_info_hash(APP_INFO *a)
259 {
260 unsigned long ret;
261
262 ret=(unsigned long)a->thread;
263
264 ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
265 return(ret);
266 }
267
268static APP_INFO *pop_info()
269 {
270 APP_INFO tmp;
271 APP_INFO *ret = NULL;
272
273 if (amih != NULL)
274 {
275 tmp.thread=CRYPTO_thread_id();
276 if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL)
277 {
278 APP_INFO *next=ret->next;
279
280 if (next != NULL)
281 {
282 next->references++;
283 lh_insert(amih,(char *)next);
284 }
285#ifdef LEVITTE_DEBUG
286 if (ret->thread != tmp.thread)
287 {
288 fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
289 ret->thread, tmp.thread);
290 abort();
291 }
292#endif
293 if (--(ret->references) <= 0)
294 {
295 ret->next = NULL;
296 if (next != NULL)
297 next->references--;
298 OPENSSL_free(ret);
299 }
300 }
301 }
302 return(ret);
303 }
304
305int CRYPTO_push_info_(const char *info, const char *file, int line)
306 {
307 APP_INFO *ami, *amim;
308 int ret=0;
309
310 if (is_MemCheck_on())
311 {
312 MemCheck_off(); /* obtain MALLOC2 lock */
313
314 if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL)
315 {
316 ret=0;
317 goto err;
318 }
319 if (amih == NULL)
320 {
321 if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL)
322 {
323 OPENSSL_free(ami);
324 ret=0;
325 goto err;
326 }
327 }
328
329 ami->thread=CRYPTO_thread_id();
330 ami->file=file;
331 ami->line=line;
332 ami->info=info;
333 ami->references=1;
334 ami->next=NULL;
335
336 if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL)
337 {
338#ifdef LEVITTE_DEBUG
339 if (ami->thread != amim->thread)
340 {
341 fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
342 amim->thread, ami->thread);
343 abort();
344 }
345#endif
346 ami->next=amim;
347 }
348 err:
349 MemCheck_on(); /* release MALLOC2 lock */
350 }
351
352 return(ret);
353 }
354
355int CRYPTO_pop_info(void)
356 {
357 int ret=0;
358
359 if (is_MemCheck_on()) /* _must_ be true, or something went severely wrong */
360 {
361 MemCheck_off(); /* obtain MALLOC2 lock */
362
363 ret=(pop_info() != NULL);
364
365 MemCheck_on(); /* release MALLOC2 lock */
366 }
367 return(ret);
368 }
369
370int CRYPTO_remove_all_info(void)
371 {
372 int ret=0;
373
374 if (is_MemCheck_on()) /* _must_ be true */
375 {
376 MemCheck_off(); /* obtain MALLOC2 lock */
377
378 while(pop_info() != NULL)
379 ret++;
380
381 MemCheck_on(); /* release MALLOC2 lock */
382 }
383 return(ret);
384 }
385
386
387static unsigned long break_order_num=0;
388void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
389 int before_p)
390 {
391 MEM *m,*mm;
392 APP_INFO tmp,*amim;
393
394 switch(before_p & 127)
395 {
396 case 0:
397 break;
398 case 1:
399 if (addr == NULL)
400 break;
401
402 if (is_MemCheck_on())
403 {
404 MemCheck_off(); /* make sure we hold MALLOC2 lock */
405 if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL)
406 {
407 OPENSSL_free(addr);
408 MemCheck_on(); /* release MALLOC2 lock
409 * if num_disabled drops to 0 */
410 return;
411 }
412 if (mh == NULL)
413 {
414 if ((mh=lh_new(mem_hash,mem_cmp)) == NULL)
415 {
416 OPENSSL_free(addr);
417 OPENSSL_free(m);
418 addr=NULL;
419 goto err;
420 }
421 }
422
423 m->addr=addr;
424 m->file=file;
425 m->line=line;
426 m->num=num;
427 if (options & V_CRYPTO_MDEBUG_THREAD)
428 m->thread=CRYPTO_thread_id();
429 else
430 m->thread=0;
431
432 if (order == break_order_num)
433 {
434 /* BREAK HERE */
435 m->order=order;
436 }
437 m->order=order++;
438#ifdef LEVITTE_DEBUG
439 fprintf(stderr, "LEVITTE_DEBUG: [%5d] %c 0x%p (%d)\n",
440 m->order,
441 (before_p & 128) ? '*' : '+',
442 m->addr, m->num);
443#endif
444 if (options & V_CRYPTO_MDEBUG_TIME)
445 m->time=time(NULL);
446 else
447 m->time=0;
448
449 tmp.thread=CRYPTO_thread_id();
450 m->app_info=NULL;
451 if (amih != NULL
452 && (amim=(APP_INFO *)lh_retrieve(amih,(char *)&tmp)) != NULL)
453 {
454 m->app_info = amim;
455 amim->references++;
456 }
457
458 if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
459 {
460 /* Not good, but don't sweat it */
461 if (mm->app_info != NULL)
462 {
463 mm->app_info->references--;
464 }
465 OPENSSL_free(mm);
466 }
467 err:
468 MemCheck_on(); /* release MALLOC2 lock
469 * if num_disabled drops to 0 */
470 }
471 break;
472 }
473 return;
474 }
475
476void CRYPTO_dbg_free(void *addr, int before_p)
477 {
478 MEM m,*mp;
479
480 switch(before_p)
481 {
482 case 0:
483 if (addr == NULL)
484 break;
485
486 if (is_MemCheck_on() && (mh != NULL))
487 {
488 MemCheck_off(); /* make sure we hold MALLOC2 lock */
489
490 m.addr=addr;
491 mp=(MEM *)lh_delete(mh,(char *)&m);
492 if (mp != NULL)
493 {
494#ifdef LEVITTE_DEBUG
495 fprintf(stderr, "LEVITTE_DEBUG: [%5d] - 0x%p (%d)\n",
496 mp->order, mp->addr, mp->num);
497#endif
498 if (mp->app_info != NULL)
499 {
500 mp->app_info->references--;
501 }
502 OPENSSL_free(mp);
503 }
504
505 MemCheck_on(); /* release MALLOC2 lock
506 * if num_disabled drops to 0 */
507 }
508 break;
509 case 1:
510 break;
511 }
512 }
513
514void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
515 const char *file, int line, int before_p)
516 {
517 MEM m,*mp;
518
519#ifdef LEVITTE_DEBUG
520 fprintf(stderr, "LEVITTE_DEBUG: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n",
521 addr1, addr2, num, file, line, before_p);
522#endif
523
524 switch(before_p)
525 {
526 case 0:
527 break;
528 case 1:
529 if (addr2 == NULL)
530 break;
531
532 if (addr1 == NULL)
533 {
534 CRYPTO_dbg_malloc(addr2, num, file, line, 128 | before_p);
535 break;
536 }
537
538 if (is_MemCheck_on())
539 {
540 MemCheck_off(); /* make sure we hold MALLOC2 lock */
541
542 m.addr=addr1;
543 mp=(MEM *)lh_delete(mh,(char *)&m);
544 if (mp != NULL)
545 {
546#ifdef LEVITTE_DEBUG
547 fprintf(stderr, "LEVITTE_DEBUG: [%5d] * 0x%p (%d) -> 0x%p (%d)\n",
548 mp->order,
549 mp->addr, mp->num,
550 addr2, num);
551#endif
552 mp->addr=addr2;
553 mp->num=num;
554 lh_insert(mh,(char *)mp);
555 }
556
557 MemCheck_on(); /* release MALLOC2 lock
558 * if num_disabled drops to 0 */
559 }
560 break;
561 }
562 return;
563 }
564
565
566typedef struct mem_leak_st
567 {
568 BIO *bio;
569 int chunks;
570 long bytes;
571 } MEM_LEAK;
572
573static void print_leak(MEM *m, MEM_LEAK *l)
574 {
575 char buf[1024];
576 char *bufp = buf;
577 APP_INFO *amip;
578 int ami_cnt;
579 struct tm *lcl = NULL;
580 unsigned long ti;
581
582 if(m->addr == (char *)l->bio)
583 return;
584
585 if (options & V_CRYPTO_MDEBUG_TIME)
586 {
587 lcl = localtime(&m->time);
588
589 sprintf(bufp, "[%02d:%02d:%02d] ",
590 lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
591 bufp += strlen(bufp);
592 }
593
594 sprintf(bufp, "%5lu file=%s, line=%d, ",
595 m->order,m->file,m->line);
596 bufp += strlen(bufp);
597
598 if (options & V_CRYPTO_MDEBUG_THREAD)
599 {
600 sprintf(bufp, "thread=%lu, ", m->thread);
601 bufp += strlen(bufp);
602 }
603
604 sprintf(bufp, "number=%d, address=%08lX\n",
605 m->num,(unsigned long)m->addr);
606 bufp += strlen(bufp);
607
608 BIO_puts(l->bio,buf);
609
610 l->chunks++;
611 l->bytes+=m->num;
612
613 amip=m->app_info;
614 ami_cnt=0;
615 if (!amip)
616 return;
617 ti=amip->thread;
618
619 do
620 {
621 int buf_len;
622 int info_len;
623
624 ami_cnt++;
625 memset(buf,'>',ami_cnt);
626 sprintf(buf + ami_cnt,
627 " thread=%lu, file=%s, line=%d, info=\"",
628 amip->thread, amip->file, amip->line);
629 buf_len=strlen(buf);
630 info_len=strlen(amip->info);
631 if (128 - buf_len - 3 < info_len)
632 {
633 memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
634 buf_len = 128 - 3;
635 }
636 else
637 {
638 strcpy(buf + buf_len, amip->info);
639 buf_len = strlen(buf);
640 }
641 sprintf(buf + buf_len, "\"\n");
642
643 BIO_puts(l->bio,buf);
644
645 amip = amip->next;
646 }
647 while(amip && amip->thread == ti);
648
649#ifdef LEVITTE_DEBUG
650 if (amip)
651 {
652 fprintf(stderr, "Thread switch detected in backtrace!!!!\n");
653 abort();
654 }
655#endif
656 }
657
658void CRYPTO_mem_leaks(BIO *b)
659 {
660 MEM_LEAK ml;
661 char buf[80];
662
663 if (mh == NULL && amih == NULL)
664 return;
665
666 MemCheck_off(); /* obtain MALLOC2 lock */
667
668 ml.bio=b;
669 ml.bytes=0;
670 ml.chunks=0;
671 if (mh != NULL)
672 lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml);
673 if (ml.chunks != 0)
674 {
675 sprintf(buf,"%ld bytes leaked in %d chunks\n",
676 ml.bytes,ml.chunks);
677 BIO_puts(b,buf);
678 }
679 else
680 {
681 /* Make sure that, if we found no leaks, memory-leak debugging itself
682 * does not introduce memory leaks (which might irritate
683 * external debugging tools).
684 * (When someone enables leak checking, but does not call
685 * this function, we declare it to be their fault.)
686 *
687 * XXX This should be in CRYPTO_mem_leaks_cb,
688 * and CRYPTO_mem_leaks should be implemented by
689 * using CRYPTO_mem_leaks_cb.
690 * (Also their should be a variant of lh_doall_arg
691 * that takes a function pointer instead of a void *;
692 * this would obviate the ugly and illegal
693 * void_fn_to_char kludge in CRYPTO_mem_leaks_cb.
694 * Otherwise the code police will come and get us.)
695 */
696 int old_mh_mode;
697
698 CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
699
700 /* avoid deadlock when lh_free() uses CRYPTO_dbg_free(),
701 * which uses CRYPTO_is_mem_check_on */
702 old_mh_mode = mh_mode;
703 mh_mode = CRYPTO_MEM_CHECK_OFF;
704
705 if (mh != NULL)
706 {
707 lh_free(mh);
708 mh = NULL;
709 }
710 if (amih != NULL)
711 {
712 if (lh_num_items(amih) == 0)
713 {
714 lh_free(amih);
715 amih = NULL;
716 }
717 }
718
719 mh_mode = old_mh_mode;
720 CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
721 }
722 MemCheck_on(); /* release MALLOC2 lock */
723 }
724
725#ifndef NO_FP_API
726void CRYPTO_mem_leaks_fp(FILE *fp)
727 {
728 BIO *b;
729
730 if (mh == NULL) return;
731 if ((b=BIO_new(BIO_s_file())) == NULL)
732 return;
733 BIO_set_fp(b,fp,BIO_NOCLOSE);
734 CRYPTO_mem_leaks(b);
735 BIO_free(b);
736 }
737#endif
738
739
740
741/* FIXME: We really don't allow much to the callback. For example, it has
742 no chance of reaching the info stack for the item it processes. Should
743 it really be this way? -- Richard Levitte */
744static void cb_leak(MEM *m,
745 void (**cb)(unsigned long, const char *, int, int, void *))
746 {
747 (**cb)(m->order,m->file,m->line,m->num,m->addr);
748 }
749
750void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *))
751 {
752 if (mh == NULL) return;
753 CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
754 lh_doall_arg(mh,(void (*)())cb_leak,(void *)&cb);
755 CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
756 }
diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c
deleted file mode 100644
index dca988230e..0000000000
--- a/src/lib/libcrypto/objects/o_names.c
+++ /dev/null
@@ -1,266 +0,0 @@
1#include <stdio.h>
2#include <stdlib.h>
3#include <string.h>
4
5#include <openssl/lhash.h>
6#include <openssl/objects.h>
7#include <openssl/safestack.h>
8
9/* I use the ex_data stuff to manage the identifiers for the obj_name_types
10 * that applications may define. I only really use the free function field.
11 */
12static LHASH *names_lh=NULL;
13static int names_type_num=OBJ_NAME_TYPE_NUM;
14
15typedef struct name_funcs_st
16 {
17 unsigned long (*hash_func)();
18 int (*cmp_func)();
19 void (*free_func)();
20 } NAME_FUNCS;
21
22DECLARE_STACK_OF(NAME_FUNCS)
23IMPLEMENT_STACK_OF(NAME_FUNCS)
24
25static STACK_OF(NAME_FUNCS) *name_funcs_stack;
26
27static unsigned long obj_name_hash(OBJ_NAME *a);
28static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b);
29
30int OBJ_NAME_init(void)
31 {
32 if (names_lh != NULL) return(1);
33 MemCheck_off();
34 names_lh=lh_new(obj_name_hash,obj_name_cmp);
35 MemCheck_on();
36 return(names_lh != NULL);
37 }
38
39int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
40 int (*cmp_func)(const void *, const void *),
41 void (*free_func)(const char *, int, const char *))
42 {
43 int ret;
44 int i;
45 NAME_FUNCS *name_funcs;
46
47 if (name_funcs_stack == NULL)
48 {
49 MemCheck_off();
50 name_funcs_stack=sk_NAME_FUNCS_new_null();
51 MemCheck_on();
52 }
53 if ((name_funcs_stack == NULL))
54 {
55 /* ERROR */
56 return(0);
57 }
58 ret=names_type_num;
59 names_type_num++;
60 for (i=sk_NAME_FUNCS_num(name_funcs_stack); i<names_type_num; i++)
61 {
62 MemCheck_off();
63 name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
64 name_funcs->hash_func = lh_strhash;
65 name_funcs->cmp_func = (int (*)())strcmp;
66 name_funcs->free_func = 0; /* NULL is often declared to
67 * ((void *)0), which according
68 * to Compaq C is not really
69 * compatible with a function
70 * pointer. -- Richard Levitte*/
71 sk_NAME_FUNCS_push(name_funcs_stack,name_funcs);
72 MemCheck_on();
73 }
74 name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
75 if (hash_func != NULL)
76 name_funcs->hash_func = hash_func;
77 if (cmp_func != NULL)
78 name_funcs->cmp_func = cmp_func;
79 if (free_func != NULL)
80 name_funcs->free_func = free_func;
81 return(ret);
82 }
83
84static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b)
85 {
86 int ret;
87
88 ret=a->type-b->type;
89 if (ret == 0)
90 {
91 if ((name_funcs_stack != NULL)
92 && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
93 {
94 ret=sk_NAME_FUNCS_value(name_funcs_stack,a->type)
95 ->cmp_func(a->name,b->name);
96 }
97 else
98 ret=strcmp(a->name,b->name);
99 }
100 return(ret);
101 }
102
103static unsigned long obj_name_hash(OBJ_NAME *a)
104 {
105 unsigned long ret;
106
107 if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
108 {
109 ret=sk_NAME_FUNCS_value(name_funcs_stack,a->type)
110 ->hash_func(a->name);
111 }
112 else
113 {
114 ret=lh_strhash(a->name);
115 }
116 ret^=a->type;
117 return(ret);
118 }
119
120const char *OBJ_NAME_get(const char *name, int type)
121 {
122 OBJ_NAME on,*ret;
123 int num=0,alias;
124
125 if (name == NULL) return(NULL);
126 if ((names_lh == NULL) && !OBJ_NAME_init()) return(NULL);
127
128 alias=type&OBJ_NAME_ALIAS;
129 type&= ~OBJ_NAME_ALIAS;
130
131 on.name=name;
132 on.type=type;
133
134 for (;;)
135 {
136 ret=(OBJ_NAME *)lh_retrieve(names_lh,&on);
137 if (ret == NULL) return(NULL);
138 if ((ret->alias) && !alias)
139 {
140 if (++num > 10) return(NULL);
141 on.name=ret->data;
142 }
143 else
144 {
145 return(ret->data);
146 }
147 }
148 }
149
150int OBJ_NAME_add(const char *name, int type, const char *data)
151 {
152 OBJ_NAME *onp,*ret;
153 int alias;
154
155 if ((names_lh == NULL) && !OBJ_NAME_init()) return(0);
156
157 alias=type&OBJ_NAME_ALIAS;
158 type&= ~OBJ_NAME_ALIAS;
159
160 onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME));
161 if (onp == NULL)
162 {
163 /* ERROR */
164 return(0);
165 }
166
167 onp->name=name;
168 onp->alias=alias;
169 onp->type=type;
170 onp->data=data;
171
172 ret=(OBJ_NAME *)lh_insert(names_lh,onp);
173 if (ret != NULL)
174 {
175 /* free things */
176 if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type))
177 {
178 /* XXX: I'm not sure I understand why the free
179 * function should get three arguments...
180 * -- Richard Levitte
181 */
182 sk_NAME_FUNCS_value(name_funcs_stack,ret->type)
183 ->free_func(ret->name,ret->type,ret->data);
184 }
185 OPENSSL_free(ret);
186 }
187 else
188 {
189 if (lh_error(names_lh))
190 {
191 /* ERROR */
192 return(0);
193 }
194 }
195 return(1);
196 }
197
198int OBJ_NAME_remove(const char *name, int type)
199 {
200 OBJ_NAME on,*ret;
201
202 if (names_lh == NULL) return(0);
203
204 type&= ~OBJ_NAME_ALIAS;
205 on.name=name;
206 on.type=type;
207 ret=(OBJ_NAME *)lh_delete(names_lh,&on);
208 if (ret != NULL)
209 {
210 /* free things */
211 if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type))
212 {
213 /* XXX: I'm not sure I understand why the free
214 * function should get three arguments...
215 * -- Richard Levitte
216 */
217 sk_NAME_FUNCS_value(name_funcs_stack,ret->type)
218 ->free_func(ret->name,ret->type,ret->data);
219 }
220 OPENSSL_free(ret);
221 return(1);
222 }
223 else
224 return(0);
225 }
226
227static int free_type;
228
229static void names_lh_free(OBJ_NAME *onp, int type)
230{
231 if(onp == NULL)
232 return;
233
234 if ((free_type < 0) || (free_type == onp->type))
235 {
236 OBJ_NAME_remove(onp->name,onp->type);
237 }
238 }
239
240static void name_funcs_free(NAME_FUNCS *ptr)
241 {
242 OPENSSL_free(ptr);
243 }
244
245void OBJ_NAME_cleanup(int type)
246 {
247 unsigned long down_load;
248
249 if (names_lh == NULL) return;
250
251 free_type=type;
252 down_load=names_lh->down_load;
253 names_lh->down_load=0;
254
255 lh_doall(names_lh,names_lh_free);
256 if (type < 0)
257 {
258 lh_free(names_lh);
259 sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free);
260 names_lh=NULL;
261 name_funcs_stack = NULL;
262 }
263 else
264 names_lh->down_load=down_load;
265 }
266
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
deleted file mode 100644
index 4b1bb9583a..0000000000
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ /dev/null
@@ -1,657 +0,0 @@
1/* crypto/objects/obj_dat.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "cryptlib.h"
62#include <openssl/lhash.h>
63#include <openssl/asn1.h>
64#include <openssl/objects.h>
65
66/* obj_dat.h is generated from objects.h by obj_dat.pl */
67#ifndef NO_OBJECT
68#include "obj_dat.h"
69#else
70/* You will have to load all the objects needed manually in the application */
71#define NUM_NID 0
72#define NUM_SN 0
73#define NUM_LN 0
74#define NUM_OBJ 0
75static unsigned char lvalues[1];
76static ASN1_OBJECT nid_objs[1];
77static ASN1_OBJECT *sn_objs[1];
78static ASN1_OBJECT *ln_objs[1];
79static ASN1_OBJECT *obj_objs[1];
80#endif
81
82static int sn_cmp(const void *a, const void *b);
83static int ln_cmp(const void *a, const void *b);
84static int obj_cmp(const void *a, const void *b);
85#define ADDED_DATA 0
86#define ADDED_SNAME 1
87#define ADDED_LNAME 2
88#define ADDED_NID 3
89
90typedef struct added_obj_st
91 {
92 int type;
93 ASN1_OBJECT *obj;
94 } ADDED_OBJ;
95
96static int new_nid=NUM_NID;
97static LHASH *added=NULL;
98
99static int sn_cmp(const void *a, const void *b)
100 {
101 const ASN1_OBJECT * const *ap = a, * const *bp = b;
102 return(strcmp((*ap)->sn,(*bp)->sn));
103 }
104
105static int ln_cmp(const void *a, const void *b)
106 {
107 const ASN1_OBJECT * const *ap = a, * const *bp = b;
108 return(strcmp((*ap)->ln,(*bp)->ln));
109 }
110
111static unsigned long add_hash(ADDED_OBJ *ca)
112 {
113 ASN1_OBJECT *a;
114 int i;
115 unsigned long ret=0;
116 unsigned char *p;
117
118 a=ca->obj;
119 switch (ca->type)
120 {
121 case ADDED_DATA:
122 ret=a->length<<20L;
123 p=(unsigned char *)a->data;
124 for (i=0; i<a->length; i++)
125 ret^=p[i]<<((i*3)%24);
126 break;
127 case ADDED_SNAME:
128 ret=lh_strhash(a->sn);
129 break;
130 case ADDED_LNAME:
131 ret=lh_strhash(a->ln);
132 break;
133 case ADDED_NID:
134 ret=a->nid;
135 break;
136 default:
137 /* abort(); */
138 return 0;
139 }
140 ret&=0x3fffffffL;
141 ret|=ca->type<<30L;
142 return(ret);
143 }
144
145static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb)
146 {
147 ASN1_OBJECT *a,*b;
148 int i;
149
150 i=ca->type-cb->type;
151 if (i) return(i);
152 a=ca->obj;
153 b=cb->obj;
154 switch (ca->type)
155 {
156 case ADDED_DATA:
157 i=(a->length - b->length);
158 if (i) return(i);
159 return(memcmp(a->data,b->data,a->length));
160 case ADDED_SNAME:
161 if (a->sn == NULL) return(-1);
162 else if (b->sn == NULL) return(1);
163 else return(strcmp(a->sn,b->sn));
164 case ADDED_LNAME:
165 if (a->ln == NULL) return(-1);
166 else if (b->ln == NULL) return(1);
167 else return(strcmp(a->ln,b->ln));
168 case ADDED_NID:
169 return(a->nid-b->nid);
170 default:
171 /* abort(); */
172 return 0;
173 }
174 return(1); /* should not get here */
175 }
176
177static int init_added(void)
178 {
179 if (added != NULL) return(1);
180 added=lh_new(add_hash,add_cmp);
181 return(added != NULL);
182 }
183
184static void cleanup1(ADDED_OBJ *a)
185 {
186 a->obj->nid=0;
187 a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
188 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
189 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
190 }
191
192static void cleanup2(ADDED_OBJ *a)
193 { a->obj->nid++; }
194
195static void cleanup3(ADDED_OBJ *a)
196 {
197 if (--a->obj->nid == 0)
198 ASN1_OBJECT_free(a->obj);
199 OPENSSL_free(a);
200 }
201
202void OBJ_cleanup(void)
203 {
204 if (added == NULL) return;
205 added->down_load=0;
206 lh_doall(added,cleanup1); /* zero counters */
207 lh_doall(added,cleanup2); /* set counters */
208 lh_doall(added,cleanup3); /* free objects */
209 lh_free(added);
210 added=NULL;
211 }
212
213int OBJ_new_nid(int num)
214 {
215 int i;
216
217 i=new_nid;
218 new_nid+=num;
219 return(i);
220 }
221
222int OBJ_add_object(ASN1_OBJECT *obj)
223 {
224 ASN1_OBJECT *o;
225 ADDED_OBJ *ao[4]={NULL,NULL,NULL,NULL},*aop;
226 int i;
227
228 if (added == NULL)
229 if (!init_added()) return(0);
230 if ((o=OBJ_dup(obj)) == NULL) goto err;
231 ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
232 if ((o->length != 0) && (obj->data != NULL))
233 ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
234 if (o->sn != NULL)
235 ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
236 if (o->ln != NULL)
237 ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
238
239 for (i=ADDED_DATA; i<=ADDED_NID; i++)
240 {
241 if (ao[i] != NULL)
242 {
243 ao[i]->type=i;
244 ao[i]->obj=o;
245 aop=(ADDED_OBJ *)lh_insert(added,ao[i]);
246 /* memory leak, buit should not normally matter */
247 if (aop != NULL)
248 OPENSSL_free(aop);
249 }
250 }
251 o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
252 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
253
254 return(o->nid);
255err:
256 for (i=ADDED_DATA; i<=ADDED_NID; i++)
257 if (ao[i] != NULL) OPENSSL_free(ao[i]);
258 if (o != NULL) OPENSSL_free(o);
259 return(NID_undef);
260 }
261
262ASN1_OBJECT *OBJ_nid2obj(int n)
263 {
264 ADDED_OBJ ad,*adp;
265 ASN1_OBJECT ob;
266
267 if ((n >= 0) && (n < NUM_NID))
268 {
269 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
270 {
271 OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
272 return(NULL);
273 }
274 return((ASN1_OBJECT *)&(nid_objs[n]));
275 }
276 else if (added == NULL)
277 return(NULL);
278 else
279 {
280 ad.type=ADDED_NID;
281 ad.obj= &ob;
282 ob.nid=n;
283 adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
284 if (adp != NULL)
285 return(adp->obj);
286 else
287 {
288 OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
289 return(NULL);
290 }
291 }
292 }
293
294const char *OBJ_nid2sn(int n)
295 {
296 ADDED_OBJ ad,*adp;
297 ASN1_OBJECT ob;
298
299 if ((n >= 0) && (n < NUM_NID))
300 {
301 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
302 {
303 OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
304 return(NULL);
305 }
306 return(nid_objs[n].sn);
307 }
308 else if (added == NULL)
309 return(NULL);
310 else
311 {
312 ad.type=ADDED_NID;
313 ad.obj= &ob;
314 ob.nid=n;
315 adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
316 if (adp != NULL)
317 return(adp->obj->sn);
318 else
319 {
320 OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
321 return(NULL);
322 }
323 }
324 }
325
326const char *OBJ_nid2ln(int n)
327 {
328 ADDED_OBJ ad,*adp;
329 ASN1_OBJECT ob;
330
331 if ((n >= 0) && (n < NUM_NID))
332 {
333 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
334 {
335 OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
336 return(NULL);
337 }
338 return(nid_objs[n].ln);
339 }
340 else if (added == NULL)
341 return(NULL);
342 else
343 {
344 ad.type=ADDED_NID;
345 ad.obj= &ob;
346 ob.nid=n;
347 adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
348 if (adp != NULL)
349 return(adp->obj->ln);
350 else
351 {
352 OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
353 return(NULL);
354 }
355 }
356 }
357
358int OBJ_obj2nid(ASN1_OBJECT *a)
359 {
360 ASN1_OBJECT **op;
361 ADDED_OBJ ad,*adp;
362
363 if (a == NULL)
364 return(NID_undef);
365 if (a->nid != 0)
366 return(a->nid);
367
368 if (added != NULL)
369 {
370 ad.type=ADDED_DATA;
371 ad.obj=a;
372 adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
373 if (adp != NULL) return (adp->obj->nid);
374 }
375 op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
376 sizeof(ASN1_OBJECT *),obj_cmp);
377 if (op == NULL)
378 return(NID_undef);
379 return((*op)->nid);
380 }
381
382/* Convert an object name into an ASN1_OBJECT
383 * if "noname" is not set then search for short and long names first.
384 * This will convert the "dotted" form into an object: unlike OBJ_txt2nid
385 * it can be used with any objects, not just registered ones.
386 */
387
388ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
389 {
390 int nid = NID_undef;
391 ASN1_OBJECT *op=NULL;
392 unsigned char *buf,*p;
393 int i, j;
394
395 if(!no_name) {
396 if( ((nid = OBJ_sn2nid(s)) != NID_undef) ||
397 ((nid = OBJ_ln2nid(s)) != NID_undef) )
398 return OBJ_nid2obj(nid);
399 }
400
401 /* Work out size of content octets */
402 i=a2d_ASN1_OBJECT(NULL,0,s,-1);
403 if (i <= 0) {
404 /* Clear the error */
405 ERR_get_error();
406 return NULL;
407 }
408 /* Work out total size */
409 j = ASN1_object_size(0,i,V_ASN1_OBJECT);
410
411 if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL;
412
413 p = buf;
414 /* Write out tag+length */
415 ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
416 /* Write out contents */
417 a2d_ASN1_OBJECT(p,i,s,-1);
418
419 p=buf;
420 op=d2i_ASN1_OBJECT(NULL,&p,i);
421 OPENSSL_free(buf);
422 return op;
423 }
424
425int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name)
426{
427 int i,idx=0,n=0,len,nid;
428 unsigned long l;
429 unsigned char *p;
430 const char *s;
431 char tbuf[32];
432
433 if (buf_len <= 0) return(0);
434
435 if ((a == NULL) || (a->data == NULL)) {
436 buf[0]='\0';
437 return(0);
438 }
439
440 nid=OBJ_obj2nid(a);
441 if ((nid == NID_undef) || no_name) {
442 len=a->length;
443 p=a->data;
444
445 idx=0;
446 l=0;
447 while (idx < a->length) {
448 l|=(p[idx]&0x7f);
449 if (!(p[idx] & 0x80)) break;
450 l<<=7L;
451 idx++;
452 }
453 idx++;
454 i=(int)(l/40);
455 if (i > 2) i=2;
456 l-=(long)(i*40);
457
458 sprintf(tbuf,"%d.%lu",i,l);
459 i=strlen(tbuf);
460 strncpy(buf,tbuf,buf_len);
461 buf_len-=i;
462 buf+=i;
463 n+=i;
464
465 l=0;
466 for (; idx<len; idx++) {
467 l|=p[idx]&0x7f;
468 if (!(p[idx] & 0x80)) {
469 sprintf(tbuf,".%lu",l);
470 i=strlen(tbuf);
471 if (buf_len > 0)
472 strncpy(buf,tbuf,buf_len);
473 buf_len-=i;
474 buf+=i;
475 n+=i;
476 l=0;
477 }
478 l<<=7L;
479 }
480 } else {
481 s=OBJ_nid2ln(nid);
482 if (s == NULL)
483 s=OBJ_nid2sn(nid);
484 strncpy(buf,s,buf_len);
485 n=strlen(s);
486 }
487 buf[buf_len-1]='\0';
488 return(n);
489}
490
491int OBJ_txt2nid(char *s)
492{
493 ASN1_OBJECT *obj;
494 int nid;
495 obj = OBJ_txt2obj(s, 0);
496 nid = OBJ_obj2nid(obj);
497 ASN1_OBJECT_free(obj);
498 return nid;
499}
500
501int OBJ_ln2nid(const char *s)
502 {
503 ASN1_OBJECT o,*oo= &o,**op;
504 ADDED_OBJ ad,*adp;
505
506 o.ln=s;
507 if (added != NULL)
508 {
509 ad.type=ADDED_LNAME;
510 ad.obj= &o;
511 adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
512 if (adp != NULL) return (adp->obj->nid);
513 }
514 op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
515 sizeof(ASN1_OBJECT *),ln_cmp);
516 if (op == NULL) return(NID_undef);
517 return((*op)->nid);
518 }
519
520int OBJ_sn2nid(const char *s)
521 {
522 ASN1_OBJECT o,*oo= &o,**op;
523 ADDED_OBJ ad,*adp;
524
525 o.sn=s;
526 if (added != NULL)
527 {
528 ad.type=ADDED_SNAME;
529 ad.obj= &o;
530 adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
531 if (adp != NULL) return (adp->obj->nid);
532 }
533 op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
534 sizeof(ASN1_OBJECT *),sn_cmp);
535 if (op == NULL) return(NID_undef);
536 return((*op)->nid);
537 }
538
539static int obj_cmp(const void *ap, const void *bp)
540 {
541 int j;
542 ASN1_OBJECT *a= *(ASN1_OBJECT **)ap;
543 ASN1_OBJECT *b= *(ASN1_OBJECT **)bp;
544
545 j=(a->length - b->length);
546 if (j) return(j);
547 return(memcmp(a->data,b->data,a->length));
548 }
549
550char *OBJ_bsearch(char *key, char *base, int num, int size, int (*cmp)(const void *, const void *))
551 {
552 int l,h,i,c;
553 char *p;
554
555 if (num == 0) return(NULL);
556 l=0;
557 h=num;
558 while (l < h)
559 {
560 i=(l+h)/2;
561 p= &(base[i*size]);
562 c=(*cmp)(key,p);
563 if (c < 0)
564 h=i;
565 else if (c > 0)
566 l=i+1;
567 else
568 return(p);
569 }
570#ifdef CHARSET_EBCDIC
571/* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and
572 * I don't have perl (yet), we revert to a *LINEAR* search
573 * when the object wasn't found in the binary search.
574 */
575 for (i=0; i<num; ++i) {
576 p= &(base[i*size]);
577 if ((*cmp)(key,p) == 0)
578 return p;
579 }
580#endif
581 return(NULL);
582 }
583
584int OBJ_create_objects(BIO *in)
585 {
586 MS_STATIC char buf[512];
587 int i,num=0;
588 char *o,*s,*l=NULL;
589
590 for (;;)
591 {
592 s=o=NULL;
593 i=BIO_gets(in,buf,512);
594 if (i <= 0) return(num);
595 buf[i-1]='\0';
596 if (!isalnum((unsigned char)buf[0])) return(num);
597 o=s=buf;
598 while (isdigit((unsigned char)*s) || (*s == '.'))
599 s++;
600 if (*s != '\0')
601 {
602 *(s++)='\0';
603 while (isspace((unsigned char)*s))
604 s++;
605 if (*s == '\0')
606 s=NULL;
607 else
608 {
609 l=s;
610 while ((*l != '\0') && !isspace((unsigned char)*l))
611 l++;
612 if (*l != '\0')
613 {
614 *(l++)='\0';
615 while (isspace((unsigned char)*l))
616 l++;
617 if (*l == '\0') l=NULL;
618 }
619 else
620 l=NULL;
621 }
622 }
623 else
624 s=NULL;
625 if ((o == NULL) || (*o == '\0')) return(num);
626 if (!OBJ_create(o,s,l)) return(num);
627 num++;
628 }
629 /* return(num); */
630 }
631
632int OBJ_create(char *oid, char *sn, char *ln)
633 {
634 int ok=0;
635 ASN1_OBJECT *op=NULL;
636 unsigned char *buf;
637 int i;
638
639 i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
640 if (i <= 0) return(0);
641
642 if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL)
643 {
644 OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
645 return(0);
646 }
647 i=a2d_ASN1_OBJECT(buf,i,oid,-1);
648 op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
649 if (op == NULL)
650 goto err;
651 ok=OBJ_add_object(op);
652err:
653 ASN1_OBJECT_free(op);
654 OPENSSL_free(buf);
655 return(ok);
656 }
657
diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl
deleted file mode 100644
index 11066df680..0000000000
--- a/src/lib/libcrypto/objects/obj_dat.pl
+++ /dev/null
@@ -1,302 +0,0 @@
1#!/usr/local/bin/perl
2
3sub obj_cmp
4 {
5 local(@a,@b,$_,$r);
6
7 $A=$obj_len{$obj{$nid{$a}}};
8 $B=$obj_len{$obj{$nid{$b}}};
9
10 $r=($A-$B);
11 return($r) if $r != 0;
12
13 $A=$obj_der{$obj{$nid{$a}}};
14 $B=$obj_der{$obj{$nid{$b}}};
15
16 return($A cmp $B);
17 }
18
19sub expand_obj
20 {
21 local(*v)=@_;
22 local($k,$d);
23 local($i);
24
25 do {
26 $i=0;
27 foreach $k (keys %v)
28 {
29 if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
30 { $i++; }
31 }
32 } while($i);
33 foreach $k (keys %v)
34 {
35 @a=split(/,/,$v{$k});
36 $objn{$k}=$#a+1;
37 }
38 return(%objn);
39 }
40
41open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
42open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
43
44while (<IN>)
45 {
46 next unless /^\#define\s+(\S+)\s+(.*)$/;
47 $v=$1;
48 $d=$2;
49 $d =~ s/^\"//;
50 $d =~ s/\"$//;
51 if ($v =~ /^SN_(.*)$/)
52 {
53 if(defined $snames{$d})
54 {
55 print "WARNING: Duplicate short name \"$d\"\n";
56 }
57 else
58 { $snames{$d} = "X"; }
59 $sn{$1}=$d;
60 }
61 elsif ($v =~ /^LN_(.*)$/)
62 {
63 if(defined $lnames{$d})
64 {
65 print "WARNING: Duplicate long name \"$d\"\n";
66 }
67 else
68 { $lnames{$d} = "X"; }
69 $ln{$1}=$d;
70 }
71 elsif ($v =~ /^NID_(.*)$/)
72 { $nid{$d}=$1; }
73 elsif ($v =~ /^OBJ_(.*)$/)
74 {
75 $obj{$1}=$v;
76 $objd{$v}=$d;
77 }
78 }
79close IN;
80
81%ob=&expand_obj(*objd);
82
83@a=sort { $a <=> $b } keys %nid;
84$n=$a[$#a]+1;
85
86@lvalues=();
87$lvalues=0;
88
89for ($i=0; $i<$n; $i++)
90 {
91 if (!defined($nid{$i}))
92 {
93 push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
94 }
95 else
96 {
97 $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
98 $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
99
100 if ($sn eq "NULL") {
101 $sn=$ln;
102 $sn{$nid{$i}} = $ln;
103 }
104
105 if ($ln eq "NULL") {
106 $ln=$sn;
107 $ln{$nid{$i}} = $sn;
108 }
109
110 $out ="{";
111 $out.="\"$sn\"";
112 $out.=","."\"$ln\"";
113 $out.=",NID_$nid{$i},";
114 if (defined($obj{$nid{$i}}))
115 {
116 $v=$objd{$obj{$nid{$i}}};
117 $v =~ s/L//g;
118 $v =~ s/,/ /g;
119 $r=&der_it($v);
120 $z="";
121 $length=0;
122 foreach (unpack("C*",$r))
123 {
124 $z.=sprintf("0x%02X,",$_);
125 $length++;
126 }
127 $obj_der{$obj{$nid{$i}}}=$z;
128 $obj_len{$obj{$nid{$i}}}=$length;
129
130 push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
131 $z,$lvalues,$obj{$nid{$i}}));
132 $out.="$length,&(lvalues[$lvalues]),0";
133 $lvalues+=$length;
134 }
135 else
136 {
137 $out.="0,NULL";
138 }
139 $out.="},\n";
140 push(@out,$out);
141 }
142 }
143
144@a=grep(defined($sn{$nid{$_}}),0 .. $n);
145foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
146 {
147 push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_));
148 }
149
150@a=grep(defined($ln{$nid{$_}}),0 .. $n);
151foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
152 {
153 push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_));
154 }
155
156@a=grep(defined($obj{$nid{$_}}),0 .. $n);
157foreach (sort obj_cmp @a)
158 {
159 $m=$obj{$nid{$_}};
160 $v=$objd{$m};
161 $v =~ s/L//g;
162 $v =~ s/,/ /g;
163 push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
164 }
165
166print OUT <<'EOF';
167/* lib/obj/obj_dat.h */
168/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
169 * All rights reserved.
170 *
171 * This package is an SSL implementation written
172 * by Eric Young (eay@cryptsoft.com).
173 * The implementation was written so as to conform with Netscapes SSL.
174 *
175 * This library is free for commercial and non-commercial use as long as
176 * the following conditions are aheared to. The following conditions
177 * apply to all code found in this distribution, be it the RC4, RSA,
178 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
179 * included with this distribution is covered by the same copyright terms
180 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
181 *
182 * Copyright remains Eric Young's, and as such any Copyright notices in
183 * the code are not to be removed.
184 * If this package is used in a product, Eric Young should be given attribution
185 * as the author of the parts of the library used.
186 * This can be in the form of a textual message at program startup or
187 * in documentation (online or textual) provided with the package.
188 *
189 * Redistribution and use in source and binary forms, with or without
190 * modification, are permitted provided that the following conditions
191 * are met:
192 * 1. Redistributions of source code must retain the copyright
193 * notice, this list of conditions and the following disclaimer.
194 * 2. Redistributions in binary form must reproduce the above copyright
195 * notice, this list of conditions and the following disclaimer in the
196 * documentation and/or other materials provided with the distribution.
197 * 3. All advertising materials mentioning features or use of this software
198 * must display the following acknowledgement:
199 * "This product includes cryptographic software written by
200 * Eric Young (eay@cryptsoft.com)"
201 * The word 'cryptographic' can be left out if the rouines from the library
202 * being used are not cryptographic related :-).
203 * 4. If you include any Windows specific code (or a derivative thereof) from
204 * the apps directory (application code) you must include an acknowledgement:
205 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
206 *
207 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
208 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
209 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
210 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
211 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
212 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
213 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
214 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
215 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
216 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
217 * SUCH DAMAGE.
218 *
219 * The licence and distribution terms for any publically available version or
220 * derivative of this code cannot be changed. i.e. this code cannot simply be
221 * copied and put under another distribution licence
222 * [including the GNU Public Licence.]
223 */
224
225/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
226 * following command:
227 * perl obj_dat.pl objects.h obj_dat.h
228 */
229
230EOF
231
232printf OUT "#define NUM_NID %d\n",$n;
233printf OUT "#define NUM_SN %d\n",$#sn+1;
234printf OUT "#define NUM_LN %d\n",$#ln+1;
235printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
236
237printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1;
238print OUT @lvalues;
239print OUT "};\n\n";
240
241printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
242foreach (@out)
243 {
244 if (length($_) > 75)
245 {
246 $out="";
247 foreach (split(/,/))
248 {
249 $t=$out.$_.",";
250 if (length($t) > 70)
251 {
252 print OUT "$out\n";
253 $t="\t$_,";
254 }
255 $out=$t;
256 }
257 chop $out;
258 print OUT "$out";
259 }
260 else
261 { print OUT $_; }
262 }
263print OUT "};\n\n";
264
265printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
266print OUT @sn;
267print OUT "};\n\n";
268
269printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
270print OUT @ln;
271print OUT "};\n\n";
272
273printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
274print OUT @ob;
275print OUT "};\n\n";
276
277close OUT;
278
279sub der_it
280 {
281 local($v)=@_;
282 local(@a,$i,$ret,@r);
283
284 @a=split(/\s+/,$v);
285 $ret.=pack("C*",$a[0]*40+$a[1]);
286 shift @a;
287 shift @a;
288 foreach (@a)
289 {
290 @r=();
291 $t=0;
292 while ($_ >= 128)
293 {
294 $x=$_%128;
295 $_/=128;
296 push(@r,((($t++)?0x80:0)|$x));
297 }
298 push(@r,((($t++)?0x80:0)|$_));
299 $ret.=pack("C*",reverse(@r));
300 }
301 return($ret);
302 }
diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c
deleted file mode 100644
index 7aec0ed47a..0000000000
--- a/src/lib/libcrypto/objects/obj_err.c
+++ /dev/null
@@ -1,99 +0,0 @@
1/* crypto/objects/obj_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/objects.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA OBJ_str_functs[]=
68 {
69{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"},
70{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"},
71{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"},
72{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"},
73{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"},
74{0,NULL}
75 };
76
77static ERR_STRING_DATA OBJ_str_reasons[]=
78 {
79{OBJ_R_MALLOC_FAILURE ,"malloc failure"},
80{OBJ_R_UNKNOWN_NID ,"unknown nid"},
81{0,NULL}
82 };
83
84#endif
85
86void ERR_load_OBJ_strings(void)
87 {
88 static int init=1;
89
90 if (init)
91 {
92 init=0;
93#ifndef NO_ERR
94 ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
95 ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
96#endif
97
98 }
99 }
diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c
deleted file mode 100644
index 0c71639eba..0000000000
--- a/src/lib/libcrypto/objects/obj_lib.c
+++ /dev/null
@@ -1,126 +0,0 @@
1/* crypto/objects/obj_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/lhash.h>
62#include <openssl/objects.h>
63#include <openssl/buffer.h>
64
65ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o)
66 {
67 ASN1_OBJECT *r;
68 int i;
69 char *ln=NULL;
70
71 if (o == NULL) return(NULL);
72 if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
73 return(o);
74
75 r=ASN1_OBJECT_new();
76 if (r == NULL)
77 {
78 OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
79 return(NULL);
80 }
81 r->data=OPENSSL_malloc(o->length);
82 if (r->data == NULL)
83 goto err;
84 memcpy(r->data,o->data,o->length);
85 r->length=o->length;
86 r->nid=o->nid;
87 r->ln=r->sn=NULL;
88 if (o->ln != NULL)
89 {
90 i=strlen(o->ln)+1;
91 r->ln=ln=OPENSSL_malloc(i);
92 if (r->ln == NULL) goto err;
93 memcpy(ln,o->ln,i);
94 }
95
96 if (o->sn != NULL)
97 {
98 char *s;
99
100 i=strlen(o->sn)+1;
101 r->sn=s=OPENSSL_malloc(i);
102 if (r->sn == NULL) goto err;
103 memcpy(s,o->sn,i);
104 }
105 r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
106 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA);
107 return(r);
108err:
109 OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
110 if (r != NULL)
111 {
112 if (ln != NULL) OPENSSL_free(ln);
113 if (r->data != NULL) OPENSSL_free(r->data);
114 OPENSSL_free(r);
115 }
116 return(NULL);
117 }
118
119int OBJ_cmp(ASN1_OBJECT *a, ASN1_OBJECT *b)
120 {
121 int ret;
122
123 ret=(a->length-b->length);
124 if (ret) return(ret);
125 return(memcmp(a->data,b->data,a->length));
126 }
diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num
deleted file mode 100644
index d73a51370f..0000000000
--- a/src/lib/libcrypto/objects/obj_mac.num
+++ /dev/null
@@ -1,392 +0,0 @@
1undef 0
2rsadsi 1
3pkcs 2
4md2 3
5md5 4
6rc4 5
7rsaEncryption 6
8md2WithRSAEncryption 7
9md5WithRSAEncryption 8
10pbeWithMD2AndDES_CBC 9
11pbeWithMD5AndDES_CBC 10
12X500 11
13X509 12
14commonName 13
15countryName 14
16localityName 15
17stateOrProvinceName 16
18organizationName 17
19organizationalUnitName 18
20rsa 19
21pkcs7 20
22pkcs7_data 21
23pkcs7_signed 22
24pkcs7_enveloped 23
25pkcs7_signedAndEnveloped 24
26pkcs7_digest 25
27pkcs7_encrypted 26
28pkcs3 27
29dhKeyAgreement 28
30des_ecb 29
31des_cfb64 30
32des_cbc 31
33des_ede 32
34des_ede3 33
35idea_cbc 34
36idea_cfb64 35
37idea_ecb 36
38rc2_cbc 37
39rc2_ecb 38
40rc2_cfb64 39
41rc2_ofb64 40
42sha 41
43shaWithRSAEncryption 42
44des_ede_cbc 43
45des_ede3_cbc 44
46des_ofb64 45
47idea_ofb64 46
48pkcs9 47
49pkcs9_emailAddress 48
50pkcs9_unstructuredName 49
51pkcs9_contentType 50
52pkcs9_messageDigest 51
53pkcs9_signingTime 52
54pkcs9_countersignature 53
55pkcs9_challengePassword 54
56pkcs9_unstructuredAddress 55
57pkcs9_extCertAttributes 56
58netscape 57
59netscape_cert_extension 58
60netscape_data_type 59
61des_ede_cfb64 60
62des_ede3_cfb64 61
63des_ede_ofb64 62
64des_ede3_ofb64 63
65sha1 64
66sha1WithRSAEncryption 65
67dsaWithSHA 66
68dsa_2 67
69pbeWithSHA1AndRC2_CBC 68
70id_pbkdf2 69
71dsaWithSHA1_2 70
72netscape_cert_type 71
73netscape_base_url 72
74netscape_revocation_url 73
75netscape_ca_revocation_url 74
76netscape_renewal_url 75
77netscape_ca_policy_url 76
78netscape_ssl_server_name 77
79netscape_comment 78
80netscape_cert_sequence 79
81desx_cbc 80
82id_ce 81
83subject_key_identifier 82
84key_usage 83
85private_key_usage_period 84
86subject_alt_name 85
87issuer_alt_name 86
88basic_constraints 87
89crl_number 88
90certificate_policies 89
91authority_key_identifier 90
92bf_cbc 91
93bf_ecb 92
94bf_cfb64 93
95bf_ofb64 94
96mdc2 95
97mdc2WithRSA 96
98rc4_40 97
99rc2_40_cbc 98
100givenName 99
101surname 100
102initials 101
103uniqueIdentifier 102
104crl_distribution_points 103
105md5WithRSA 104
106serialNumber 105
107title 106
108description 107
109cast5_cbc 108
110cast5_ecb 109
111cast5_cfb64 110
112cast5_ofb64 111
113pbeWithMD5AndCast5_CBC 112
114dsaWithSHA1 113
115md5_sha1 114
116sha1WithRSA 115
117dsa 116
118ripemd160 117
119ripemd160WithRSA 119
120rc5_cbc 120
121rc5_ecb 121
122rc5_cfb64 122
123rc5_ofb64 123
124rle_compression 124
125zlib_compression 125
126ext_key_usage 126
127id_pkix 127
128id_kp 128
129server_auth 129
130client_auth 130
131code_sign 131
132email_protect 132
133time_stamp 133
134ms_code_ind 134
135ms_code_com 135
136ms_ctl_sign 136
137ms_sgc 137
138ms_efs 138
139ns_sgc 139
140delta_crl 140
141crl_reason 141
142invalidity_date 142
143sxnet 143
144pbe_WithSHA1And128BitRC4 144
145pbe_WithSHA1And40BitRC4 145
146pbe_WithSHA1And3_Key_TripleDES_CBC 146
147pbe_WithSHA1And2_Key_TripleDES_CBC 147
148pbe_WithSHA1And128BitRC2_CBC 148
149pbe_WithSHA1And40BitRC2_CBC 149
150keyBag 150
151pkcs8ShroudedKeyBag 151
152certBag 152
153crlBag 153
154secretBag 154
155safeContentsBag 155
156friendlyName 156
157localKeyID 157
158x509Certificate 158
159sdsiCertificate 159
160x509Crl 160
161pbes2 161
162pbmac1 162
163hmacWithSHA1 163
164id_qt_cps 164
165id_qt_unotice 165
166rc2_64_cbc 166
167SMIMECapabilities 167
168pbeWithMD2AndRC2_CBC 168
169pbeWithMD5AndRC2_CBC 169
170pbeWithSHA1AndDES_CBC 170
171ms_ext_req 171
172ext_req 172
173name 173
174dnQualifier 174
175id_pe 175
176id_ad 176
177info_access 177
178ad_OCSP 178
179ad_ca_issuers 179
180OCSP_sign 180
181iso 181
182member_body 182
183ISO_US 183
184X9_57 184
185X9cm 185
186pkcs1 186
187pkcs5 187
188SMIME 188
189id_smime_mod 189
190id_smime_ct 190
191id_smime_aa 191
192id_smime_alg 192
193id_smime_cd 193
194id_smime_spq 194
195id_smime_cti 195
196id_smime_mod_cms 196
197id_smime_mod_ess 197
198id_smime_mod_oid 198
199id_smime_mod_msg_v3 199
200id_smime_mod_ets_eSignature_88 200
201id_smime_mod_ets_eSignature_97 201
202id_smime_mod_ets_eSigPolicy_88 202
203id_smime_mod_ets_eSigPolicy_97 203
204id_smime_ct_receipt 204
205id_smime_ct_authData 205
206id_smime_ct_publishCert 206
207id_smime_ct_TSTInfo 207
208id_smime_ct_TDTInfo 208
209id_smime_ct_contentInfo 209
210id_smime_ct_DVCSRequestData 210
211id_smime_ct_DVCSResponseData 211
212id_smime_aa_receiptRequest 212
213id_smime_aa_securityLabel 213
214id_smime_aa_mlExpandHistory 214
215id_smime_aa_contentHint 215
216id_smime_aa_msgSigDigest 216
217id_smime_aa_encapContentType 217
218id_smime_aa_contentIdentifier 218
219id_smime_aa_macValue 219
220id_smime_aa_equivalentLabels 220
221id_smime_aa_contentReference 221
222id_smime_aa_encrypKeyPref 222
223id_smime_aa_signingCertificate 223
224id_smime_aa_smimeEncryptCerts 224
225id_smime_aa_timeStampToken 225
226id_smime_aa_ets_sigPolicyId 226
227id_smime_aa_ets_commitmentType 227
228id_smime_aa_ets_signerLocation 228
229id_smime_aa_ets_signerAttr 229
230id_smime_aa_ets_otherSigCert 230
231id_smime_aa_ets_contentTimestamp 231
232id_smime_aa_ets_CertificateRefs 232
233id_smime_aa_ets_RevocationRefs 233
234id_smime_aa_ets_certValues 234
235id_smime_aa_ets_revocationValues 235
236id_smime_aa_ets_escTimeStamp 236
237id_smime_aa_ets_certCRLTimestamp 237
238id_smime_aa_ets_archiveTimeStamp 238
239id_smime_aa_signatureType 239
240id_smime_aa_dvcs_dvc 240
241id_smime_alg_ESDHwith3DES 241
242id_smime_alg_ESDHwithRC2 242
243id_smime_alg_3DESwrap 243
244id_smime_alg_RC2wrap 244
245id_smime_alg_ESDH 245
246id_smime_alg_CMS3DESwrap 246
247id_smime_alg_CMSRC2wrap 247
248id_smime_cd_ldap 248
249id_smime_spq_ets_sqt_uri 249
250id_smime_spq_ets_sqt_unotice 250
251id_smime_cti_ets_proofOfOrigin 251
252id_smime_cti_ets_proofOfReceipt 252
253id_smime_cti_ets_proofOfDelivery 253
254id_smime_cti_ets_proofOfSender 254
255id_smime_cti_ets_proofOfApproval 255
256id_smime_cti_ets_proofOfCreation 256
257md4 257
258id_pkix_mod 258
259id_qt 259
260id_it 260
261id_pkip 261
262id_alg 262
263id_cmc 263
264id_on 264
265id_pda 265
266id_aca 266
267id_qcs 267
268id_cct 268
269id_pkix1_explicit_88 269
270id_pkix1_implicit_88 270
271id_pkix1_explicit_93 271
272id_pkix1_implicit_93 272
273id_mod_crmf 273
274id_mod_cmc 274
275id_mod_kea_profile_88 275
276id_mod_kea_profile_93 276
277id_mod_cmp 277
278id_mod_qualified_cert_88 278
279id_mod_qualified_cert_93 279
280id_mod_attribute_cert 280
281id_mod_timestamp_protocol 281
282id_mod_ocsp 282
283id_mod_dvcs 283
284id_mod_cmp2000 284
285biometricInfo 285
286qcStatements 286
287ac_auditEntity 287
288ac_targeting 288
289aaControls 289
290sbqp_ipAddrBlock 290
291sbqp_autonomousSysNum 291
292sbqp_routerIdentifier 292
293textNotice 293
294ipsecEndSystem 294
295ipsecTunnel 295
296ipsecUser 296
297dvcs 297
298id_it_caProtEncCert 298
299id_it_signKeyPairTypes 299
300id_it_encKeyPairTypes 300
301id_it_preferredSymmAlg 301
302id_it_caKeyUpdateInfo 302
303id_it_currentCRL 303
304id_it_unsupportedOIDs 304
305id_it_subscriptionRequest 305
306id_it_subscriptionResponse 306
307id_it_keyPairParamReq 307
308id_it_keyPairParamRep 308
309id_it_revPassphrase 309
310id_it_implicitConfirm 310
311id_it_confirmWaitTime 311
312id_it_origPKIMessage 312
313id_regCtrl 313
314id_regInfo 314
315id_regCtrl_regToken 315
316id_regCtrl_authenticator 316
317id_regCtrl_pkiPublicationInfo 317
318id_regCtrl_pkiArchiveOptions 318
319id_regCtrl_oldCertID 319
320id_regCtrl_protocolEncrKey 320
321id_regInfo_utf8Pairs 321
322id_regInfo_certReq 322
323id_alg_des40 323
324id_alg_noSignature 324
325id_alg_dh_sig_hmac_sha1 325
326id_alg_dh_pop 326
327id_cmc_statusInfo 327
328id_cmc_identification 328
329id_cmc_identityProof 329
330id_cmc_dataReturn 330
331id_cmc_transactionId 331
332id_cmc_senderNonce 332
333id_cmc_recipientNonce 333
334id_cmc_addExtensions 334
335id_cmc_encryptedPOP 335
336id_cmc_decryptedPOP 336
337id_cmc_lraPOPWitness 337
338id_cmc_getCert 338
339id_cmc_getCRL 339
340id_cmc_revokeRequest 340
341id_cmc_regInfo 341
342id_cmc_responseInfo 342
343id_cmc_queryPending 343
344id_cmc_popLinkRandom 344
345id_cmc_popLinkWitness 345
346id_cmc_confirmCertAcceptance 346
347id_on_personalData 347
348id_pda_dateOfBirth 348
349id_pda_placeOfBirth 349
350id_pda_pseudonym 350
351id_pda_gender 351
352id_pda_countryOfCitizenship 352
353id_pda_countryOfResidence 353
354id_aca_authenticationInfo 354
355id_aca_accessIdentity 355
356id_aca_chargingIdentity 356
357id_aca_group 357
358id_aca_role 358
359id_qcs_pkixQCSyntax_v1 359
360id_cct_crs 360
361id_cct_PKIData 361
362id_cct_PKIResponse 362
363ad_timeStamping 363
364ad_dvcs 364
365id_pkix_OCSP_basic 365
366id_pkix_OCSP_Nonce 366
367id_pkix_OCSP_CrlID 367
368id_pkix_OCSP_acceptableResponses 368
369id_pkix_OCSP_noCheck 369
370id_pkix_OCSP_archiveCutoff 370
371id_pkix_OCSP_serviceLocator 371
372id_pkix_OCSP_extendedStatus 372
373id_pkix_OCSP_valid 373
374id_pkix_OCSP_path 374
375id_pkix_OCSP_trustRoot 375
376algorithm 376
377rsaSignature 377
378X500algorithms 378
379org 379
380dod 380
381iana 381
382Directory 382
383Management 383
384Experimental 384
385Private 385
386Security 386
387SNMPv2 387
388Mail 388
389Enterprises 389
390dcObject 390
391domainComponent 391
392Domain 392
diff --git a/src/lib/libcrypto/objects/objects.README b/src/lib/libcrypto/objects/objects.README
deleted file mode 100644
index 4d745508d8..0000000000
--- a/src/lib/libcrypto/objects/objects.README
+++ /dev/null
@@ -1,44 +0,0 @@
1objects.txt syntax
2------------------
3
4To cover all the naming hacks that were previously in objects.h needed some
5kind of hacks in objects.txt.
6
7The basic syntax for adding an object is as follows:
8
9 1 2 3 4 : shortName : Long Name
10
11 If the long name doesn't contain spaces, or no short name
12 exists, the long name is used as basis for the base name
13 in C. Otherwise, the short name is used.
14
15 The base name (let's call it 'base') will then be used to
16 create the C macros SN_base, LN_base, NID_base and OBJ_base.
17
18 Note that if the base name contains spaces, dashes or periods,
19 those will be converte to underscore.
20
21Then there are some extra commands:
22
23 !Alias foo 1 2 3 4
24
25 This juts makes a name foo for an OID. The C macro
26 OBJ_foo will be created as a result.
27
28 !Cname foo
29
30 This makes sure that the name foo will be used as base name
31 in C.
32
33 !module foo
34 1 2 3 4 : shortName : Long Name
35 !global
36
37 The !module command was meant to define a kind of modularity.
38 What it does is to make sure the module name is prepended
39 to the base name. !global turns this off. This construction
40 is not recursive.
41
42Lines starting with # are treated as comments, as well as any line starting
43with ! and not matching the commands above.
44
diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h
deleted file mode 100644
index c099e2e84e..0000000000
--- a/src/lib/libcrypto/objects/objects.h
+++ /dev/null
@@ -1,1038 +0,0 @@
1/* crypto/objects/objects.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_OBJECTS_H
60#define HEADER_OBJECTS_H
61
62#define USE_OBJ_MAC
63
64#ifdef USE_OBJ_MAC
65#include <openssl/obj_mac.h>
66#else
67#define SN_undef "UNDEF"
68#define LN_undef "undefined"
69#define NID_undef 0
70#define OBJ_undef 0L
71
72#define SN_Algorithm "Algorithm"
73#define LN_algorithm "algorithm"
74#define NID_algorithm 38
75#define OBJ_algorithm 1L,3L,14L,3L,2L
76
77#define LN_rsadsi "rsadsi"
78#define NID_rsadsi 1
79#define OBJ_rsadsi 1L,2L,840L,113549L
80
81#define LN_pkcs "pkcs"
82#define NID_pkcs 2
83#define OBJ_pkcs OBJ_rsadsi,1L
84
85#define SN_md2 "MD2"
86#define LN_md2 "md2"
87#define NID_md2 3
88#define OBJ_md2 OBJ_rsadsi,2L,2L
89
90#define SN_md5 "MD5"
91#define LN_md5 "md5"
92#define NID_md5 4
93#define OBJ_md5 OBJ_rsadsi,2L,5L
94
95#define SN_rc4 "RC4"
96#define LN_rc4 "rc4"
97#define NID_rc4 5
98#define OBJ_rc4 OBJ_rsadsi,3L,4L
99
100#define LN_rsaEncryption "rsaEncryption"
101#define NID_rsaEncryption 6
102#define OBJ_rsaEncryption OBJ_pkcs,1L,1L
103
104#define SN_md2WithRSAEncryption "RSA-MD2"
105#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
106#define NID_md2WithRSAEncryption 7
107#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L
108
109#define SN_md5WithRSAEncryption "RSA-MD5"
110#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
111#define NID_md5WithRSAEncryption 8
112#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L
113
114#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
115#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
116#define NID_pbeWithMD2AndDES_CBC 9
117#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L
118
119#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
120#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
121#define NID_pbeWithMD5AndDES_CBC 10
122#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L
123
124#define LN_X500 "X500"
125#define NID_X500 11
126#define OBJ_X500 2L,5L
127
128#define LN_X509 "X509"
129#define NID_X509 12
130#define OBJ_X509 OBJ_X500,4L
131
132#define SN_commonName "CN"
133#define LN_commonName "commonName"
134#define NID_commonName 13
135#define OBJ_commonName OBJ_X509,3L
136
137#define SN_countryName "C"
138#define LN_countryName "countryName"
139#define NID_countryName 14
140#define OBJ_countryName OBJ_X509,6L
141
142#define SN_localityName "L"
143#define LN_localityName "localityName"
144#define NID_localityName 15
145#define OBJ_localityName OBJ_X509,7L
146
147/* Postal Address? PA */
148
149/* should be "ST" (rfc1327) but MS uses 'S' */
150#define SN_stateOrProvinceName "ST"
151#define LN_stateOrProvinceName "stateOrProvinceName"
152#define NID_stateOrProvinceName 16
153#define OBJ_stateOrProvinceName OBJ_X509,8L
154
155#define SN_organizationName "O"
156#define LN_organizationName "organizationName"
157#define NID_organizationName 17
158#define OBJ_organizationName OBJ_X509,10L
159
160#define SN_organizationalUnitName "OU"
161#define LN_organizationalUnitName "organizationalUnitName"
162#define NID_organizationalUnitName 18
163#define OBJ_organizationalUnitName OBJ_X509,11L
164
165#define SN_rsa "RSA"
166#define LN_rsa "rsa"
167#define NID_rsa 19
168#define OBJ_rsa OBJ_X500,8L,1L,1L
169
170#define LN_pkcs7 "pkcs7"
171#define NID_pkcs7 20
172#define OBJ_pkcs7 OBJ_pkcs,7L
173
174#define LN_pkcs7_data "pkcs7-data"
175#define NID_pkcs7_data 21
176#define OBJ_pkcs7_data OBJ_pkcs7,1L
177
178#define LN_pkcs7_signed "pkcs7-signedData"
179#define NID_pkcs7_signed 22
180#define OBJ_pkcs7_signed OBJ_pkcs7,2L
181
182#define LN_pkcs7_enveloped "pkcs7-envelopedData"
183#define NID_pkcs7_enveloped 23
184#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
185
186#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
187#define NID_pkcs7_signedAndEnveloped 24
188#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
189
190#define LN_pkcs7_digest "pkcs7-digestData"
191#define NID_pkcs7_digest 25
192#define OBJ_pkcs7_digest OBJ_pkcs7,5L
193
194#define LN_pkcs7_encrypted "pkcs7-encryptedData"
195#define NID_pkcs7_encrypted 26
196#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
197
198#define LN_pkcs3 "pkcs3"
199#define NID_pkcs3 27
200#define OBJ_pkcs3 OBJ_pkcs,3L
201
202#define LN_dhKeyAgreement "dhKeyAgreement"
203#define NID_dhKeyAgreement 28
204#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
205
206#define SN_des_ecb "DES-ECB"
207#define LN_des_ecb "des-ecb"
208#define NID_des_ecb 29
209#define OBJ_des_ecb OBJ_algorithm,6L
210
211#define SN_des_cfb64 "DES-CFB"
212#define LN_des_cfb64 "des-cfb"
213#define NID_des_cfb64 30
214/* IV + num */
215#define OBJ_des_cfb64 OBJ_algorithm,9L
216
217#define SN_des_cbc "DES-CBC"
218#define LN_des_cbc "des-cbc"
219#define NID_des_cbc 31
220/* IV */
221#define OBJ_des_cbc OBJ_algorithm,7L
222
223#define SN_des_ede "DES-EDE"
224#define LN_des_ede "des-ede"
225#define NID_des_ede 32
226/* ?? */
227#define OBJ_des_ede OBJ_algorithm,17L
228
229#define SN_des_ede3 "DES-EDE3"
230#define LN_des_ede3 "des-ede3"
231#define NID_des_ede3 33
232
233#define SN_idea_cbc "IDEA-CBC"
234#define LN_idea_cbc "idea-cbc"
235#define NID_idea_cbc 34
236#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
237
238#define SN_idea_cfb64 "IDEA-CFB"
239#define LN_idea_cfb64 "idea-cfb"
240#define NID_idea_cfb64 35
241
242#define SN_idea_ecb "IDEA-ECB"
243#define LN_idea_ecb "idea-ecb"
244#define NID_idea_ecb 36
245
246#define SN_rc2_cbc "RC2-CBC"
247#define LN_rc2_cbc "rc2-cbc"
248#define NID_rc2_cbc 37
249#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
250
251#define SN_rc2_ecb "RC2-ECB"
252#define LN_rc2_ecb "rc2-ecb"
253#define NID_rc2_ecb 38
254
255#define SN_rc2_cfb64 "RC2-CFB"
256#define LN_rc2_cfb64 "rc2-cfb"
257#define NID_rc2_cfb64 39
258
259#define SN_rc2_ofb64 "RC2-OFB"
260#define LN_rc2_ofb64 "rc2-ofb"
261#define NID_rc2_ofb64 40
262
263#define SN_sha "SHA"
264#define LN_sha "sha"
265#define NID_sha 41
266#define OBJ_sha OBJ_algorithm,18L
267
268#define SN_shaWithRSAEncryption "RSA-SHA"
269#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
270#define NID_shaWithRSAEncryption 42
271#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
272
273#define SN_des_ede_cbc "DES-EDE-CBC"
274#define LN_des_ede_cbc "des-ede-cbc"
275#define NID_des_ede_cbc 43
276
277#define SN_des_ede3_cbc "DES-EDE3-CBC"
278#define LN_des_ede3_cbc "des-ede3-cbc"
279#define NID_des_ede3_cbc 44
280#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
281
282#define SN_des_ofb64 "DES-OFB"
283#define LN_des_ofb64 "des-ofb"
284#define NID_des_ofb64 45
285#define OBJ_des_ofb64 OBJ_algorithm,8L
286
287#define SN_idea_ofb64 "IDEA-OFB"
288#define LN_idea_ofb64 "idea-ofb"
289#define NID_idea_ofb64 46
290
291#define LN_pkcs9 "pkcs9"
292#define NID_pkcs9 47
293#define OBJ_pkcs9 OBJ_pkcs,9L
294
295#define SN_pkcs9_emailAddress "Email"
296#define LN_pkcs9_emailAddress "emailAddress"
297#define NID_pkcs9_emailAddress 48
298#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
299
300#define LN_pkcs9_unstructuredName "unstructuredName"
301#define NID_pkcs9_unstructuredName 49
302#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
303
304#define LN_pkcs9_contentType "contentType"
305#define NID_pkcs9_contentType 50
306#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
307
308#define LN_pkcs9_messageDigest "messageDigest"
309#define NID_pkcs9_messageDigest 51
310#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
311
312#define LN_pkcs9_signingTime "signingTime"
313#define NID_pkcs9_signingTime 52
314#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
315
316#define LN_pkcs9_countersignature "countersignature"
317#define NID_pkcs9_countersignature 53
318#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
319
320#define LN_pkcs9_challengePassword "challengePassword"
321#define NID_pkcs9_challengePassword 54
322#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
323
324#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
325#define NID_pkcs9_unstructuredAddress 55
326#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
327
328#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
329#define NID_pkcs9_extCertAttributes 56
330#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
331
332#define SN_netscape "Netscape"
333#define LN_netscape "Netscape Communications Corp."
334#define NID_netscape 57
335#define OBJ_netscape 2L,16L,840L,1L,113730L
336
337#define SN_netscape_cert_extension "nsCertExt"
338#define LN_netscape_cert_extension "Netscape Certificate Extension"
339#define NID_netscape_cert_extension 58
340#define OBJ_netscape_cert_extension OBJ_netscape,1L
341
342#define SN_netscape_data_type "nsDataType"
343#define LN_netscape_data_type "Netscape Data Type"
344#define NID_netscape_data_type 59
345#define OBJ_netscape_data_type OBJ_netscape,2L
346
347#define SN_des_ede_cfb64 "DES-EDE-CFB"
348#define LN_des_ede_cfb64 "des-ede-cfb"
349#define NID_des_ede_cfb64 60
350
351#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
352#define LN_des_ede3_cfb64 "des-ede3-cfb"
353#define NID_des_ede3_cfb64 61
354
355#define SN_des_ede_ofb64 "DES-EDE-OFB"
356#define LN_des_ede_ofb64 "des-ede-ofb"
357#define NID_des_ede_ofb64 62
358
359#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
360#define LN_des_ede3_ofb64 "des-ede3-ofb"
361#define NID_des_ede3_ofb64 63
362
363/* I'm not sure about the object ID */
364#define SN_sha1 "SHA1"
365#define LN_sha1 "sha1"
366#define NID_sha1 64
367#define OBJ_sha1 OBJ_algorithm,26L
368/* 28 Jun 1996 - eay */
369/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */
370
371#define SN_sha1WithRSAEncryption "RSA-SHA1"
372#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
373#define NID_sha1WithRSAEncryption 65
374#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L
375
376#define SN_dsaWithSHA "DSA-SHA"
377#define LN_dsaWithSHA "dsaWithSHA"
378#define NID_dsaWithSHA 66
379#define OBJ_dsaWithSHA OBJ_algorithm,13L
380
381#define SN_dsa_2 "DSA-old"
382#define LN_dsa_2 "dsaEncryption-old"
383#define NID_dsa_2 67
384#define OBJ_dsa_2 OBJ_algorithm,12L
385
386/* proposed by microsoft to RSA */
387#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
388#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
389#define NID_pbeWithSHA1AndRC2_CBC 68
390#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
391
392/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now
393 * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something
394 * completely different.
395 */
396#define LN_id_pbkdf2 "PBKDF2"
397#define NID_id_pbkdf2 69
398#define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L
399
400#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
401#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
402#define NID_dsaWithSHA1_2 70
403/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
404#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
405
406#define SN_netscape_cert_type "nsCertType"
407#define LN_netscape_cert_type "Netscape Cert Type"
408#define NID_netscape_cert_type 71
409#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
410
411#define SN_netscape_base_url "nsBaseUrl"
412#define LN_netscape_base_url "Netscape Base Url"
413#define NID_netscape_base_url 72
414#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
415
416#define SN_netscape_revocation_url "nsRevocationUrl"
417#define LN_netscape_revocation_url "Netscape Revocation Url"
418#define NID_netscape_revocation_url 73
419#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
420
421#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
422#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
423#define NID_netscape_ca_revocation_url 74
424#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
425
426#define SN_netscape_renewal_url "nsRenewalUrl"
427#define LN_netscape_renewal_url "Netscape Renewal Url"
428#define NID_netscape_renewal_url 75
429#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
430
431#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
432#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
433#define NID_netscape_ca_policy_url 76
434#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
435
436#define SN_netscape_ssl_server_name "nsSslServerName"
437#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
438#define NID_netscape_ssl_server_name 77
439#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
440
441#define SN_netscape_comment "nsComment"
442#define LN_netscape_comment "Netscape Comment"
443#define NID_netscape_comment 78
444#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
445
446#define SN_netscape_cert_sequence "nsCertSequence"
447#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
448#define NID_netscape_cert_sequence 79
449#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
450
451#define SN_desx_cbc "DESX-CBC"
452#define LN_desx_cbc "desx-cbc"
453#define NID_desx_cbc 80
454
455#define SN_ld_ce "ld-ce"
456#define NID_ld_ce 81
457#define OBJ_ld_ce 2L,5L,29L
458
459#define SN_subject_key_identifier "subjectKeyIdentifier"
460#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
461#define NID_subject_key_identifier 82
462#define OBJ_subject_key_identifier OBJ_ld_ce,14L
463
464#define SN_key_usage "keyUsage"
465#define LN_key_usage "X509v3 Key Usage"
466#define NID_key_usage 83
467#define OBJ_key_usage OBJ_ld_ce,15L
468
469#define SN_private_key_usage_period "privateKeyUsagePeriod"
470#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
471#define NID_private_key_usage_period 84
472#define OBJ_private_key_usage_period OBJ_ld_ce,16L
473
474#define SN_subject_alt_name "subjectAltName"
475#define LN_subject_alt_name "X509v3 Subject Alternative Name"
476#define NID_subject_alt_name 85
477#define OBJ_subject_alt_name OBJ_ld_ce,17L
478
479#define SN_issuer_alt_name "issuerAltName"
480#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
481#define NID_issuer_alt_name 86
482#define OBJ_issuer_alt_name OBJ_ld_ce,18L
483
484#define SN_basic_constraints "basicConstraints"
485#define LN_basic_constraints "X509v3 Basic Constraints"
486#define NID_basic_constraints 87
487#define OBJ_basic_constraints OBJ_ld_ce,19L
488
489#define SN_crl_number "crlNumber"
490#define LN_crl_number "X509v3 CRL Number"
491#define NID_crl_number 88
492#define OBJ_crl_number OBJ_ld_ce,20L
493
494#define SN_certificate_policies "certificatePolicies"
495#define LN_certificate_policies "X509v3 Certificate Policies"
496#define NID_certificate_policies 89
497#define OBJ_certificate_policies OBJ_ld_ce,32L
498
499#define SN_authority_key_identifier "authorityKeyIdentifier"
500#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
501#define NID_authority_key_identifier 90
502#define OBJ_authority_key_identifier OBJ_ld_ce,35L
503
504#define SN_bf_cbc "BF-CBC"
505#define LN_bf_cbc "bf-cbc"
506#define NID_bf_cbc 91
507#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
508
509#define SN_bf_ecb "BF-ECB"
510#define LN_bf_ecb "bf-ecb"
511#define NID_bf_ecb 92
512
513#define SN_bf_cfb64 "BF-CFB"
514#define LN_bf_cfb64 "bf-cfb"
515#define NID_bf_cfb64 93
516
517#define SN_bf_ofb64 "BF-OFB"
518#define LN_bf_ofb64 "bf-ofb"
519#define NID_bf_ofb64 94
520
521#define SN_mdc2 "MDC2"
522#define LN_mdc2 "mdc2"
523#define NID_mdc2 95
524#define OBJ_mdc2 2L,5L,8L,3L,101L
525/* An alternative? 1L,3L,14L,3L,2L,19L */
526
527#define SN_mdc2WithRSA "RSA-MDC2"
528#define LN_mdc2WithRSA "mdc2withRSA"
529#define NID_mdc2WithRSA 96
530#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L
531
532#define SN_rc4_40 "RC4-40"
533#define LN_rc4_40 "rc4-40"
534#define NID_rc4_40 97
535
536#define SN_rc2_40_cbc "RC2-40-CBC"
537#define LN_rc2_40_cbc "rc2-40-cbc"
538#define NID_rc2_40_cbc 98
539
540#define SN_givenName "G"
541#define LN_givenName "givenName"
542#define NID_givenName 99
543#define OBJ_givenName OBJ_X509,42L
544
545#define SN_surname "S"
546#define LN_surname "surname"
547#define NID_surname 100
548#define OBJ_surname OBJ_X509,4L
549
550#define SN_initials "I"
551#define LN_initials "initials"
552#define NID_initials 101
553#define OBJ_initials OBJ_X509,43L
554
555#define SN_uniqueIdentifier "UID"
556#define LN_uniqueIdentifier "uniqueIdentifier"
557#define NID_uniqueIdentifier 102
558#define OBJ_uniqueIdentifier OBJ_X509,45L
559
560#define SN_crl_distribution_points "crlDistributionPoints"
561#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
562#define NID_crl_distribution_points 103
563#define OBJ_crl_distribution_points OBJ_ld_ce,31L
564
565#define SN_md5WithRSA "RSA-NP-MD5"
566#define LN_md5WithRSA "md5WithRSA"
567#define NID_md5WithRSA 104
568#define OBJ_md5WithRSA OBJ_algorithm,3L
569
570#define SN_serialNumber "SN"
571#define LN_serialNumber "serialNumber"
572#define NID_serialNumber 105
573#define OBJ_serialNumber OBJ_X509,5L
574
575#define SN_title "T"
576#define LN_title "title"
577#define NID_title 106
578#define OBJ_title OBJ_X509,12L
579
580#define SN_description "D"
581#define LN_description "description"
582#define NID_description 107
583#define OBJ_description OBJ_X509,13L
584
585/* CAST5 is CAST-128, I'm just sticking with the documentation */
586#define SN_cast5_cbc "CAST5-CBC"
587#define LN_cast5_cbc "cast5-cbc"
588#define NID_cast5_cbc 108
589#define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L
590
591#define SN_cast5_ecb "CAST5-ECB"
592#define LN_cast5_ecb "cast5-ecb"
593#define NID_cast5_ecb 109
594
595#define SN_cast5_cfb64 "CAST5-CFB"
596#define LN_cast5_cfb64 "cast5-cfb"
597#define NID_cast5_cfb64 110
598
599#define SN_cast5_ofb64 "CAST5-OFB"
600#define LN_cast5_ofb64 "cast5-ofb"
601#define NID_cast5_ofb64 111
602
603#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
604#define NID_pbeWithMD5AndCast5_CBC 112
605#define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L
606
607/* This is one sun will soon be using :-(
608 * id-dsa-with-sha1 ID ::= {
609 * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
610 */
611#define SN_dsaWithSHA1 "DSA-SHA1"
612#define LN_dsaWithSHA1 "dsaWithSHA1"
613#define NID_dsaWithSHA1 113
614#define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L
615
616#define NID_md5_sha1 114
617#define SN_md5_sha1 "MD5-SHA1"
618#define LN_md5_sha1 "md5-sha1"
619
620#define SN_sha1WithRSA "RSA-SHA1-2"
621#define LN_sha1WithRSA "sha1WithRSA"
622#define NID_sha1WithRSA 115
623#define OBJ_sha1WithRSA OBJ_algorithm,29L
624
625#define SN_dsa "DSA"
626#define LN_dsa "dsaEncryption"
627#define NID_dsa 116
628#define OBJ_dsa 1L,2L,840L,10040L,4L,1L
629
630#define SN_ripemd160 "RIPEMD160"
631#define LN_ripemd160 "ripemd160"
632#define NID_ripemd160 117
633#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
634
635/* The name should actually be rsaSignatureWithripemd160, but I'm going
636 * to continue using the convention I'm using with the other ciphers */
637#define SN_ripemd160WithRSA "RSA-RIPEMD160"
638#define LN_ripemd160WithRSA "ripemd160WithRSA"
639#define NID_ripemd160WithRSA 119
640#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
641
642/* Taken from rfc2040
643 * RC5_CBC_Parameters ::= SEQUENCE {
644 * version INTEGER (v1_0(16)),
645 * rounds INTEGER (8..127),
646 * blockSizeInBits INTEGER (64, 128),
647 * iv OCTET STRING OPTIONAL
648 * }
649 */
650#define SN_rc5_cbc "RC5-CBC"
651#define LN_rc5_cbc "rc5-cbc"
652#define NID_rc5_cbc 120
653#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
654
655#define SN_rc5_ecb "RC5-ECB"
656#define LN_rc5_ecb "rc5-ecb"
657#define NID_rc5_ecb 121
658
659#define SN_rc5_cfb64 "RC5-CFB"
660#define LN_rc5_cfb64 "rc5-cfb"
661#define NID_rc5_cfb64 122
662
663#define SN_rc5_ofb64 "RC5-OFB"
664#define LN_rc5_ofb64 "rc5-ofb"
665#define NID_rc5_ofb64 123
666
667#define SN_rle_compression "RLE"
668#define LN_rle_compression "run length compression"
669#define NID_rle_compression 124
670#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
671
672#define SN_zlib_compression "ZLIB"
673#define LN_zlib_compression "zlib compression"
674#define NID_zlib_compression 125
675#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L
676
677#define SN_ext_key_usage "extendedKeyUsage"
678#define LN_ext_key_usage "X509v3 Extended Key Usage"
679#define NID_ext_key_usage 126
680#define OBJ_ext_key_usage OBJ_ld_ce,37
681
682#define SN_id_pkix "PKIX"
683#define NID_id_pkix 127
684#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
685
686#define SN_id_kp "id-kp"
687#define NID_id_kp 128
688#define OBJ_id_kp OBJ_id_pkix,3L
689
690/* PKIX extended key usage OIDs */
691
692#define SN_server_auth "serverAuth"
693#define LN_server_auth "TLS Web Server Authentication"
694#define NID_server_auth 129
695#define OBJ_server_auth OBJ_id_kp,1L
696
697#define SN_client_auth "clientAuth"
698#define LN_client_auth "TLS Web Client Authentication"
699#define NID_client_auth 130
700#define OBJ_client_auth OBJ_id_kp,2L
701
702#define SN_code_sign "codeSigning"
703#define LN_code_sign "Code Signing"
704#define NID_code_sign 131
705#define OBJ_code_sign OBJ_id_kp,3L
706
707#define SN_email_protect "emailProtection"
708#define LN_email_protect "E-mail Protection"
709#define NID_email_protect 132
710#define OBJ_email_protect OBJ_id_kp,4L
711
712#define SN_time_stamp "timeStamping"
713#define LN_time_stamp "Time Stamping"
714#define NID_time_stamp 133
715#define OBJ_time_stamp OBJ_id_kp,8L
716
717/* Additional extended key usage OIDs: Microsoft */
718
719#define SN_ms_code_ind "msCodeInd"
720#define LN_ms_code_ind "Microsoft Individual Code Signing"
721#define NID_ms_code_ind 134
722#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
723
724#define SN_ms_code_com "msCodeCom"
725#define LN_ms_code_com "Microsoft Commercial Code Signing"
726#define NID_ms_code_com 135
727#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
728
729#define SN_ms_ctl_sign "msCTLSign"
730#define LN_ms_ctl_sign "Microsoft Trust List Signing"
731#define NID_ms_ctl_sign 136
732#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
733
734#define SN_ms_sgc "msSGC"
735#define LN_ms_sgc "Microsoft Server Gated Crypto"
736#define NID_ms_sgc 137
737#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
738
739#define SN_ms_efs "msEFS"
740#define LN_ms_efs "Microsoft Encrypted File System"
741#define NID_ms_efs 138
742#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
743
744/* Additional usage: Netscape */
745
746#define SN_ns_sgc "nsSGC"
747#define LN_ns_sgc "Netscape Server Gated Crypto"
748#define NID_ns_sgc 139
749#define OBJ_ns_sgc OBJ_netscape,4L,1L
750
751#define SN_delta_crl "deltaCRL"
752#define LN_delta_crl "X509v3 Delta CRL Indicator"
753#define NID_delta_crl 140
754#define OBJ_delta_crl OBJ_ld_ce,27L
755
756#define SN_crl_reason "CRLReason"
757#define LN_crl_reason "CRL Reason Code"
758#define NID_crl_reason 141
759#define OBJ_crl_reason OBJ_ld_ce,21L
760
761#define SN_invalidity_date "invalidityDate"
762#define LN_invalidity_date "Invalidity Date"
763#define NID_invalidity_date 142
764#define OBJ_invalidity_date OBJ_ld_ce,24L
765
766#define SN_sxnet "SXNetID"
767#define LN_sxnet "Strong Extranet ID"
768#define NID_sxnet 143
769#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
770
771/* PKCS12 and related OBJECT IDENTIFIERS */
772
773#define OBJ_pkcs12 OBJ_pkcs,12L
774#define OBJ_pkcs12_pbeids OBJ_pkcs12, 1
775
776#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
777#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
778#define NID_pbe_WithSHA1And128BitRC4 144
779#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L
780
781#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
782#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
783#define NID_pbe_WithSHA1And40BitRC4 145
784#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L
785
786#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
787#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
788#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
789#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L
790
791#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
792#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
793#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
794#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L
795
796#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
797#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
798#define NID_pbe_WithSHA1And128BitRC2_CBC 148
799#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L
800
801#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
802#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
803#define NID_pbe_WithSHA1And40BitRC2_CBC 149
804#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L
805
806#define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L
807
808#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L
809
810#define LN_keyBag "keyBag"
811#define NID_keyBag 150
812#define OBJ_keyBag OBJ_pkcs12_BagIds, 1L
813
814#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
815#define NID_pkcs8ShroudedKeyBag 151
816#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L
817
818#define LN_certBag "certBag"
819#define NID_certBag 152
820#define OBJ_certBag OBJ_pkcs12_BagIds, 3L
821
822#define LN_crlBag "crlBag"
823#define NID_crlBag 153
824#define OBJ_crlBag OBJ_pkcs12_BagIds, 4L
825
826#define LN_secretBag "secretBag"
827#define NID_secretBag 154
828#define OBJ_secretBag OBJ_pkcs12_BagIds, 5L
829
830#define LN_safeContentsBag "safeContentsBag"
831#define NID_safeContentsBag 155
832#define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L
833
834#define LN_friendlyName "friendlyName"
835#define NID_friendlyName 156
836#define OBJ_friendlyName OBJ_pkcs9, 20L
837
838#define LN_localKeyID "localKeyID"
839#define NID_localKeyID 157
840#define OBJ_localKeyID OBJ_pkcs9, 21L
841
842#define OBJ_certTypes OBJ_pkcs9, 22L
843
844#define LN_x509Certificate "x509Certificate"
845#define NID_x509Certificate 158
846#define OBJ_x509Certificate OBJ_certTypes, 1L
847
848#define LN_sdsiCertificate "sdsiCertificate"
849#define NID_sdsiCertificate 159
850#define OBJ_sdsiCertificate OBJ_certTypes, 2L
851
852#define OBJ_crlTypes OBJ_pkcs9, 23L
853
854#define LN_x509Crl "x509Crl"
855#define NID_x509Crl 160
856#define OBJ_x509Crl OBJ_crlTypes, 1L
857
858/* PKCS#5 v2 OIDs */
859
860#define LN_pbes2 "PBES2"
861#define NID_pbes2 161
862#define OBJ_pbes2 OBJ_pkcs,5L,13L
863
864#define LN_pbmac1 "PBMAC1"
865#define NID_pbmac1 162
866#define OBJ_pbmac1 OBJ_pkcs,5L,14L
867
868#define LN_hmacWithSHA1 "hmacWithSHA1"
869#define NID_hmacWithSHA1 163
870#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
871
872/* Policy Qualifier Ids */
873
874#define LN_id_qt_cps "Policy Qualifier CPS"
875#define SN_id_qt_cps "id-qt-cps"
876#define NID_id_qt_cps 164
877#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L
878
879#define LN_id_qt_unotice "Policy Qualifier User Notice"
880#define SN_id_qt_unotice "id-qt-unotice"
881#define NID_id_qt_unotice 165
882#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L
883
884#define SN_rc2_64_cbc "RC2-64-CBC"
885#define LN_rc2_64_cbc "rc2-64-cbc"
886#define NID_rc2_64_cbc 166
887
888#define SN_SMIMECapabilities "SMIME-CAPS"
889#define LN_SMIMECapabilities "S/MIME Capabilities"
890#define NID_SMIMECapabilities 167
891#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
892
893#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
894#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
895#define NID_pbeWithMD2AndRC2_CBC 168
896#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L
897
898#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
899#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
900#define NID_pbeWithMD5AndRC2_CBC 169
901#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L
902
903#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
904#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
905#define NID_pbeWithSHA1AndDES_CBC 170
906#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L
907
908/* Extension request OIDs */
909
910#define LN_ms_ext_req "Microsoft Extension Request"
911#define SN_ms_ext_req "msExtReq"
912#define NID_ms_ext_req 171
913#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
914
915#define LN_ext_req "Extension Request"
916#define SN_ext_req "extReq"
917#define NID_ext_req 172
918#define OBJ_ext_req OBJ_pkcs9,14L
919
920#define SN_name "name"
921#define LN_name "name"
922#define NID_name 173
923#define OBJ_name OBJ_X509,41L
924
925#define SN_dnQualifier "dnQualifier"
926#define LN_dnQualifier "dnQualifier"
927#define NID_dnQualifier 174
928#define OBJ_dnQualifier OBJ_X509,46L
929
930#define SN_id_pe "id-pe"
931#define NID_id_pe 175
932#define OBJ_id_pe OBJ_id_pkix,1L
933
934#define SN_id_ad "id-ad"
935#define NID_id_ad 176
936#define OBJ_id_ad OBJ_id_pkix,48L
937
938#define SN_info_access "authorityInfoAccess"
939#define LN_info_access "Authority Information Access"
940#define NID_info_access 177
941#define OBJ_info_access OBJ_id_pe,1L
942
943#define SN_ad_OCSP "OCSP"
944#define LN_ad_OCSP "OCSP"
945#define NID_ad_OCSP 178
946#define OBJ_ad_OCSP OBJ_id_ad,1L
947
948#define SN_ad_ca_issuers "caIssuers"
949#define LN_ad_ca_issuers "CA Issuers"
950#define NID_ad_ca_issuers 179
951#define OBJ_ad_ca_issuers OBJ_id_ad,2L
952
953#define SN_OCSP_sign "OCSPSigning"
954#define LN_OCSP_sign "OCSP Signing"
955#define NID_OCSP_sign 180
956#define OBJ_OCSP_sign OBJ_id_kp,9L
957#endif /* USE_OBJ_MAC */
958
959#include <openssl/bio.h>
960#include <openssl/asn1.h>
961
962#define OBJ_NAME_TYPE_UNDEF 0x00
963#define OBJ_NAME_TYPE_MD_METH 0x01
964#define OBJ_NAME_TYPE_CIPHER_METH 0x02
965#define OBJ_NAME_TYPE_PKEY_METH 0x03
966#define OBJ_NAME_TYPE_COMP_METH 0x04
967#define OBJ_NAME_TYPE_NUM 0x05
968
969#define OBJ_NAME_ALIAS 0x8000
970
971
972#ifdef __cplusplus
973extern "C" {
974#endif
975
976typedef struct obj_name_st
977 {
978 int type;
979 int alias;
980 const char *name;
981 const char *data;
982 } OBJ_NAME;
983
984#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
985
986
987int OBJ_NAME_init(void);
988int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),int (*cmp_func)(const void *, const void *),
989 void (*free_func)(const char *, int, const char *));
990const char *OBJ_NAME_get(const char *name,int type);
991int OBJ_NAME_add(const char *name,int type,const char *data);
992int OBJ_NAME_remove(const char *name,int type);
993void OBJ_NAME_cleanup(int type); /* -1 for everything */
994
995ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o);
996ASN1_OBJECT * OBJ_nid2obj(int n);
997const char * OBJ_nid2ln(int n);
998const char * OBJ_nid2sn(int n);
999int OBJ_obj2nid(ASN1_OBJECT *o);
1000ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
1001int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name);
1002int OBJ_txt2nid(char *s);
1003int OBJ_ln2nid(const char *s);
1004int OBJ_sn2nid(const char *s);
1005int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b);
1006char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)(const void *, const void *));
1007
1008void ERR_load_OBJ_strings(void );
1009
1010int OBJ_new_nid(int num);
1011int OBJ_add_object(ASN1_OBJECT *obj);
1012int OBJ_create(char *oid,char *sn,char *ln);
1013void OBJ_cleanup(void );
1014int OBJ_create_objects(BIO *in);
1015
1016/* BEGIN ERROR CODES */
1017/* The following lines are auto generated by the script mkerr.pl. Any changes
1018 * made after this point may be overwritten when the script is next run.
1019 */
1020
1021/* Error codes for the OBJ functions. */
1022
1023/* Function codes. */
1024#define OBJ_F_OBJ_CREATE 100
1025#define OBJ_F_OBJ_DUP 101
1026#define OBJ_F_OBJ_NID2LN 102
1027#define OBJ_F_OBJ_NID2OBJ 103
1028#define OBJ_F_OBJ_NID2SN 104
1029
1030/* Reason codes. */
1031#define OBJ_R_MALLOC_FAILURE 100
1032#define OBJ_R_UNKNOWN_NID 101
1033
1034#ifdef __cplusplus
1035}
1036#endif
1037#endif
1038
diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl
deleted file mode 100644
index c956bbb841..0000000000
--- a/src/lib/libcrypto/objects/objects.pl
+++ /dev/null
@@ -1,224 +0,0 @@
1#!/usr/local/bin/perl
2
3open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
4$max_nid=0;
5$o=0;
6while(<NUMIN>)
7 {
8 chop;
9 $o++;
10 s/#.*$//;
11 next if /^\s*$/;
12 ($Cname,$mynum) = split;
13 if (defined($nidn{$mynum}))
14 { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
15 $nid{$Cname} = $mynum;
16 $nidn{$mynum} = $Cname;
17 $order{$mynum} = $o;
18 $max_nid = $mynum if $mynum > $max_nid;
19 }
20close NUMIN;
21
22open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
23$Cname="";
24$o=0;
25while (<IN>)
26 {
27 chop;
28 $o++;
29 if (/^!module\s+(.*)$/)
30 {
31 $module = $1."-";
32 $module =~ s/\./_/g;
33 $module =~ s/-/_/g;
34 }
35 if (/^!global$/)
36 { $module = ""; }
37 if (/^!Cname\s+(.*)$/)
38 { $Cname = $1; }
39 if (/^!Alias\s+(.+?)\s+(.*)$/)
40 {
41 $Cname = $module.$1;
42 $myoid = $2;
43 $myoid = &process_oid($myoid);
44 $Cname =~ s/-/_/g;
45 $ordern{$o} = $Cname;
46 $order{$Cname} = $o;
47 $obj{$Cname} = $myoid;
48 $_ = "";
49 $Cname = "";
50 }
51 s/!.*$//;
52 s/#.*$//;
53 next if /^\s*$/;
54 ($myoid,$mysn,$myln) = split ':';
55 $mysn =~ s/^\s*//;
56 $mysn =~ s/\s*$//;
57 $myln =~ s/^\s*//;
58 $myln =~ s/\s*$//;
59 $myoid =~ s/^\s*//;
60 $myoid =~ s/\s*$//;
61 if ($myoid ne "")
62 {
63 $myoid = &process_oid($myoid);
64 }
65
66 if ($Cname eq "" && !($myln =~ / /))
67 {
68 $Cname = $myln;
69 $Cname =~ s/\./_/g;
70 $Cname =~ s/-/_/g;
71 if ($Cname ne "" && defined($ln{$module.$Cname}))
72 { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
73 }
74 if ($Cname eq "")
75 {
76 $Cname = $mysn;
77 $Cname =~ s/-/_/g;
78 if ($Cname ne "" && defined($sn{$module.$Cname}))
79 { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
80 }
81 if ($Cname eq "")
82 {
83 $Cname = $myln;
84 $Cname =~ s/-/_/g;
85 $Cname =~ s/\./_/g;
86 $Cname =~ s/ /_/g;
87 if ($Cname ne "" && defined($ln{$module.$Cname}))
88 { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
89 }
90 $Cname =~ s/\./_/g;
91 $Cname =~ s/-/_/g;
92 $Cname = $module.$Cname;
93 $ordern{$o} = $Cname;
94 $order{$Cname} = $o;
95 $sn{$Cname} = $mysn;
96 $ln{$Cname} = $myln;
97 $obj{$Cname} = $myoid;
98 if (!defined($nid{$Cname}))
99 {
100 $max_nid++;
101 $nid{$Cname} = $max_nid;
102 $nidn{$max_nid} = $Cname;
103 }
104 $Cname="";
105 }
106close IN;
107
108open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
109foreach (sort { $a <=> $b } keys %nidn)
110 {
111 print NUMOUT $nidn{$_},"\t\t",$_,"\n";
112 }
113close NUMOUT;
114
115open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
116print OUT <<'EOF';
117/* lib/obj/obj_mac.h */
118/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
119 * All rights reserved.
120 *
121 * This package is an SSL implementation written
122 * by Eric Young (eay@cryptsoft.com).
123 * The implementation was written so as to conform with Netscapes SSL.
124 *
125 * This library is free for commercial and non-commercial use as long as
126 * the following conditions are aheared to. The following conditions
127 * apply to all code found in this distribution, be it the RC4, RSA,
128 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
129 * included with this distribution is covered by the same copyright terms
130 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
131 *
132 * Copyright remains Eric Young's, and as such any Copyright notices in
133 * the code are not to be removed.
134 * If this package is used in a product, Eric Young should be given attribution
135 * as the author of the parts of the library used.
136 * This can be in the form of a textual message at program startup or
137 * in documentation (online or textual) provided with the package.
138 *
139 * Redistribution and use in source and binary forms, with or without
140 * modification, are permitted provided that the following conditions
141 * are met:
142 * 1. Redistributions of source code must retain the copyright
143 * notice, this list of conditions and the following disclaimer.
144 * 2. Redistributions in binary form must reproduce the above copyright
145 * notice, this list of conditions and the following disclaimer in the
146 * documentation and/or other materials provided with the distribution.
147 * 3. All advertising materials mentioning features or use of this software
148 * must display the following acknowledgement:
149 * "This product includes cryptographic software written by
150 * Eric Young (eay@cryptsoft.com)"
151 * The word 'cryptographic' can be left out if the rouines from the library
152 * being used are not cryptographic related :-).
153 * 4. If you include any Windows specific code (or a derivative thereof) from
154 * the apps directory (application code) you must include an acknowledgement:
155 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
156 *
157 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
158 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
159 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
160 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
161 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
162 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
163 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
164 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
165 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
166 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
167 * SUCH DAMAGE.
168 *
169 * The licence and distribution terms for any publically available version or
170 * derivative of this code cannot be changed. i.e. this code cannot simply be
171 * copied and put under another distribution licence
172 * [including the GNU Public Licence.]
173 */
174
175/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
176 * following command:
177 * perl objects.pl objects.txt obj_mac.num obj_mac.h
178 */
179
180#define SN_undef "UNDEF"
181#define LN_undef "undefined"
182#define NID_undef 0
183#define OBJ_undef 0L
184
185EOF
186
187foreach (sort { $a <=> $b } keys %ordern)
188 {
189 $Cname=$ordern{$_};
190 print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
191 print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
192 print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
193 print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
194 print OUT "\n";
195 }
196
197close OUT;
198
199sub process_oid
200 {
201 local($oid)=@_;
202 local(@a,$oid_pref);
203
204 @a = split(/\s+/,$myoid);
205 $pref_oid = "";
206 $pref_sep = "";
207 if (!($a[0] =~ /^[0-9]+$/))
208 {
209 $a[0] =~ s/-/_/g;
210 $pref_oid = "OBJ_" . $a[0];
211 $pref_sep = ",";
212 shift @a;
213 }
214 $oids = join('L,',@a) . "L";
215 if ($oids ne "L")
216 {
217 $oids = $pref_oid . $pref_sep . $oids;
218 }
219 else
220 {
221 $oids = $pref_oid;
222 }
223 return($oids);
224 }
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt
deleted file mode 100644
index 3d443cf884..0000000000
--- a/src/lib/libcrypto/objects/objects.txt
+++ /dev/null
@@ -1,593 +0,0 @@
11 : ISO : iso
2
3iso 2 : member-body : ISO Member Body
4
5member-body 840 : ISO-US : ISO US Member Body
6ISO-US 10040 : X9-57 : X9.57
7X9-57 4 : X9cm : X9.57 CM ?
8
9!Cname dsa
10X9cm 1 : DSA : dsaEncryption
11X9cm 3 : DSA-SHA1 : dsaWithSHA1
12
13ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc
14 : CAST5-ECB : cast5-ecb
15!Cname cast5-cfb64
16 : CAST5-CFB : cast5-cfb
17!Cname cast5-ofb64
18 : CAST5-OFB : cast5-ofb
19!Cname pbeWithMD5AndCast5-CBC
20ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC
21
22ISO-US 113549 : rsadsi : RSA Data Security, Inc.
23
24rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS
25
26pkcs 1 : pkcs1
27pkcs1 1 : : rsaEncryption
28pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
29pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
30pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
31
32pkcs 3 : pkcs3
33pkcs3 1 : : dhKeyAgreement
34
35pkcs 5 : pkcs5
36pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC
37pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC
38pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC
39pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC
40pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC
41pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC
42!Cname id_pbkdf2
43pkcs5 12 : : PBKDF2
44!Cname pbes2
45pkcs5 13 : : PBES2
46!Cname pbmac1
47pkcs5 14 : : PBMAC1
48
49pkcs 7 : pkcs7
50pkcs7 1 : : pkcs7-data
51!Cname pkcs7-signed
52pkcs7 2 : : pkcs7-signedData
53!Cname pkcs7-enveloped
54pkcs7 3 : : pkcs7-envelopedData
55!Cname pkcs7-signedAndEnveloped
56pkcs7 4 : : pkcs7-signedAndEnvelopedData
57!Cname pkcs7-digest
58pkcs7 5 : : pkcs7-digestData
59!Cname pkcs7-encrypted
60pkcs7 6 : : pkcs7-encryptedData
61
62pkcs 9 : pkcs9
63!module pkcs9
64pkcs9 1 : Email : emailAddress
65pkcs9 2 : : unstructuredName
66pkcs9 3 : : contentType
67pkcs9 4 : : messageDigest
68pkcs9 5 : : signingTime
69pkcs9 6 : : countersignature
70pkcs9 7 : : challengePassword
71pkcs9 8 : : unstructuredAddress
72!Cname extCertAttributes
73pkcs9 9 : : extendedCertificateAttributes
74!global
75
76!Cname ext-req
77pkcs9 14 : extReq : Extension Request
78
79!Cname SMIMECapabilities
80pkcs9 15 : SMIME-CAPS : S/MIME Capabilities
81
82# S/MIME
83!Cname SMIME
84pkcs9 16 : SMIME : S/MIME
85SMIME 0 : id-smime-mod
86SMIME 1 : id-smime-ct
87SMIME 2 : id-smime-aa
88SMIME 3 : id-smime-alg
89SMIME 4 : id-smime-cd
90SMIME 5 : id-smime-spq
91SMIME 6 : id-smime-cti
92
93# S/MIME Modules
94id-smime-mod 1 : id-smime-mod-cms
95id-smime-mod 2 : id-smime-mod-ess
96id-smime-mod 3 : id-smime-mod-oid
97id-smime-mod 4 : id-smime-mod-msg-v3
98id-smime-mod 5 : id-smime-mod-ets-eSignature-88
99id-smime-mod 6 : id-smime-mod-ets-eSignature-97
100id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88
101id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97
102
103# S/MIME Content Types
104id-smime-ct 1 : id-smime-ct-receipt
105id-smime-ct 2 : id-smime-ct-authData
106id-smime-ct 3 : id-smime-ct-publishCert
107id-smime-ct 4 : id-smime-ct-TSTInfo
108id-smime-ct 5 : id-smime-ct-TDTInfo
109id-smime-ct 6 : id-smime-ct-contentInfo
110id-smime-ct 7 : id-smime-ct-DVCSRequestData
111id-smime-ct 8 : id-smime-ct-DVCSResponseData
112
113# S/MIME Attributes
114id-smime-aa 1 : id-smime-aa-receiptRequest
115id-smime-aa 2 : id-smime-aa-securityLabel
116id-smime-aa 3 : id-smime-aa-mlExpandHistory
117id-smime-aa 4 : id-smime-aa-contentHint
118id-smime-aa 5 : id-smime-aa-msgSigDigest
119# obsolete
120id-smime-aa 6 : id-smime-aa-encapContentType
121id-smime-aa 7 : id-smime-aa-contentIdentifier
122# obsolete
123id-smime-aa 8 : id-smime-aa-macValue
124id-smime-aa 9 : id-smime-aa-equivalentLabels
125id-smime-aa 10 : id-smime-aa-contentReference
126id-smime-aa 11 : id-smime-aa-encrypKeyPref
127id-smime-aa 12 : id-smime-aa-signingCertificate
128id-smime-aa 13 : id-smime-aa-smimeEncryptCerts
129id-smime-aa 14 : id-smime-aa-timeStampToken
130id-smime-aa 15 : id-smime-aa-ets-sigPolicyId
131id-smime-aa 16 : id-smime-aa-ets-commitmentType
132id-smime-aa 17 : id-smime-aa-ets-signerLocation
133id-smime-aa 18 : id-smime-aa-ets-signerAttr
134id-smime-aa 19 : id-smime-aa-ets-otherSigCert
135id-smime-aa 20 : id-smime-aa-ets-contentTimestamp
136id-smime-aa 21 : id-smime-aa-ets-CertificateRefs
137id-smime-aa 22 : id-smime-aa-ets-RevocationRefs
138id-smime-aa 23 : id-smime-aa-ets-certValues
139id-smime-aa 24 : id-smime-aa-ets-revocationValues
140id-smime-aa 25 : id-smime-aa-ets-escTimeStamp
141id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp
142id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp
143id-smime-aa 28 : id-smime-aa-signatureType
144id-smime-aa 29 : id-smime-aa-dvcs-dvc
145
146# S/MIME Algorithm Identifiers
147# obsolete
148id-smime-alg 1 : id-smime-alg-ESDHwith3DES
149# obsolete
150id-smime-alg 2 : id-smime-alg-ESDHwithRC2
151# obsolete
152id-smime-alg 3 : id-smime-alg-3DESwrap
153# obsolete
154id-smime-alg 4 : id-smime-alg-RC2wrap
155id-smime-alg 5 : id-smime-alg-ESDH
156id-smime-alg 6 : id-smime-alg-CMS3DESwrap
157id-smime-alg 7 : id-smime-alg-CMSRC2wrap
158
159# S/MIME Certificate Distribution
160id-smime-cd 1 : id-smime-cd-ldap
161
162# S/MIME Signature Policy Qualifier
163id-smime-spq 1 : id-smime-spq-ets-sqt-uri
164id-smime-spq 2 : id-smime-spq-ets-sqt-unotice
165
166# S/MIME Commitment Type Identifier
167id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin
168id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt
169id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery
170id-smime-cti 4 : id-smime-cti-ets-proofOfSender
171id-smime-cti 5 : id-smime-cti-ets-proofOfApproval
172id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
173
174pkcs9 20 : : friendlyName
175pkcs9 21 : : localKeyID
176!Alias certTypes pkcs9 22
177certTypes 1 : : x509Certificate
178certTypes 2 : : sdsiCertificate
179!Alias crlTypes pkcs9 23
180crlTypes 1 : : x509Crl
181
182!Alias pkcs12 pkcs 12
183!Alias pkcs12-pbeids pkcs12 1
184
185!Cname pbe-WithSHA1And128BitRC4
186pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4
187!Cname pbe-WithSHA1And40BitRC4
188pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4
189!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
190pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC
191!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
192pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC
193!Cname pbe-WithSHA1And128BitRC2-CBC
194pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC
195!Cname pbe-WithSHA1And40BitRC2-CBC
196pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC
197
198!Alias pkcs12-Version1 pkcs12 10
199!Alias pkcs12-BagIds pkcs12-Version1 1
200pkcs12-BagIds 1 : : keyBag
201pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag
202pkcs12-BagIds 3 : : certBag
203pkcs12-BagIds 4 : : crlBag
204pkcs12-BagIds 5 : : secretBag
205pkcs12-BagIds 6 : : safeContentsBag
206
207rsadsi 2 2 : MD2 : md2
208rsadsi 2 4 : MD4 : md4
209rsadsi 2 5 : MD5 : md5
210 : MD5-SHA1 : md5-sha1
211rsadsi 2 7 : : hmacWithSHA1
212rsadsi 3 2 : RC2-CBC : rc2-cbc
213 : RC2-ECB : rc2-ecb
214!Cname rc2-cfb64
215 : RC2-CFB : rc2-cfb
216!Cname rc2-ofb64
217 : RC2-OFB : rc2-ofb
218 : RC2-40-CBC : rc2-40-cbc
219 : RC2-64-CBC : rc2-64-cbc
220rsadsi 3 4 : RC4 : rc4
221 : RC4-40 : rc4-40
222rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc
223rsadsi 3 8 : RC5-CBC : rc5-cbc
224 : RC5-ECB : rc5-ecb
225!Cname rc5-cfb64
226 : RC5-CFB : rc5-cfb
227!Cname rc5-ofb64
228 : RC5-OFB : rc5-ofb
229
230!Cname ms-ext-req
2311 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request
232!Cname ms-code-ind
2331 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing
234!Cname ms-code-com
2351 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing
236!Cname ms-ctl-sign
2371 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing
238!Cname ms-sgc
2391 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
240!Cname ms-efs
2411 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
242
2431 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
244 : IDEA-ECB : idea-ecb
245!Cname idea-cfb64
246 : IDEA-CFB : idea-cfb
247!Cname idea-ofb64
248 : IDEA-OFB : idea-ofb
249
2501 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc
251 : BF-ECB : bf-ecb
252!Cname bf-cfb64
253 : BF-CFB : bf-cfb
254!Cname bf-ofb64
255 : BF-OFB : bf-ofb
256
257!Cname id-pkix
2581 3 6 1 5 5 7 : PKIX
259
260# PKIX Arcs
261id-pkix 0 : id-pkix-mod
262id-pkix 1 : id-pe
263id-pkix 2 : id-qt
264id-pkix 3 : id-kp
265id-pkix 4 : id-it
266id-pkix 5 : id-pkip
267id-pkix 6 : id-alg
268id-pkix 7 : id-cmc
269id-pkix 8 : id-on
270id-pkix 9 : id-pda
271id-pkix 10 : id-aca
272id-pkix 11 : id-qcs
273id-pkix 12 : id-cct
274id-pkix 48 : id-ad
275
276# PKIX Modules
277id-pkix-mod 1 : id-pkix1-explicit-88
278id-pkix-mod 2 : id-pkix1-implicit-88
279id-pkix-mod 3 : id-pkix1-explicit-93
280id-pkix-mod 4 : id-pkix1-implicit-93
281id-pkix-mod 5 : id-mod-crmf
282id-pkix-mod 6 : id-mod-cmc
283id-pkix-mod 7 : id-mod-kea-profile-88
284id-pkix-mod 8 : id-mod-kea-profile-93
285id-pkix-mod 9 : id-mod-cmp
286id-pkix-mod 10 : id-mod-qualified-cert-88
287id-pkix-mod 11 : id-mod-qualified-cert-93
288id-pkix-mod 12 : id-mod-attribute-cert
289id-pkix-mod 13 : id-mod-timestamp-protocol
290id-pkix-mod 14 : id-mod-ocsp
291id-pkix-mod 15 : id-mod-dvcs
292id-pkix-mod 16 : id-mod-cmp2000
293
294# PKIX Private Extensions
295!Cname info-access
296id-pe 1 : authorityInfoAccess : Authority Information Access
297id-pe 2 : biometricInfo : Biometric Info
298id-pe 3 : qcStatements
299id-pe 4 : ac-auditEntity
300id-pe 5 : ac-targeting
301id-pe 6 : aaControls
302id-pe 7 : sbqp-ipAddrBlock
303id-pe 8 : sbqp-autonomousSysNum
304id-pe 9 : sbqp-routerIdentifier
305
306# PKIX policyQualifiers for Internet policy qualifiers
307id-qt 1 : id-qt-cps : Policy Qualifier CPS
308id-qt 2 : id-qt-unotice : Policy Qualifier User Notice
309id-qt 3 : textNotice
310
311# PKIX key purpose identifiers
312!Cname server-auth
313id-kp 1 : serverAuth : TLS Web Server Authentication
314!Cname client-auth
315id-kp 2 : clientAuth : TLS Web Client Authentication
316!Cname code-sign
317id-kp 3 : codeSigning : Code Signing
318!Cname email-protect
319id-kp 4 : emailProtection : E-mail Protection
320id-kp 5 : ipsecEndSystem : IPSec End System
321id-kp 6 : ipsecTunnel : IPSec Tunnel
322id-kp 7 : ipsecUser : IPSec User
323!Cname time-stamp
324id-kp 8 : timeStamping : Time Stamping
325# From OCSP spec RFC2560
326!Cname OCSP-sign
327id-kp 9 : OCSPSigning : OCSP Signing
328id-kp 10 : DVCS : dvcs
329
330# CMP information types
331id-it 1 : id-it-caProtEncCert
332id-it 2 : id-it-signKeyPairTypes
333id-it 3 : id-it-encKeyPairTypes
334id-it 4 : id-it-preferredSymmAlg
335id-it 5 : id-it-caKeyUpdateInfo
336id-it 6 : id-it-currentCRL
337id-it 7 : id-it-unsupportedOIDs
338# obsolete
339id-it 8 : id-it-subscriptionRequest
340# obsolete
341id-it 9 : id-it-subscriptionResponse
342id-it 10 : id-it-keyPairParamReq
343id-it 11 : id-it-keyPairParamRep
344id-it 12 : id-it-revPassphrase
345id-it 13 : id-it-implicitConfirm
346id-it 14 : id-it-confirmWaitTime
347id-it 15 : id-it-origPKIMessage
348
349# CRMF registration
350id-pkip 1 : id-regCtrl
351id-pkip 2 : id-regInfo
352
353# CRMF registration controls
354id-regCtrl 1 : id-regCtrl-regToken
355id-regCtrl 2 : id-regCtrl-authenticator
356id-regCtrl 3 : id-regCtrl-pkiPublicationInfo
357id-regCtrl 4 : id-regCtrl-pkiArchiveOptions
358id-regCtrl 5 : id-regCtrl-oldCertID
359id-regCtrl 6 : id-regCtrl-protocolEncrKey
360
361# CRMF registration information
362id-regInfo 1 : id-regInfo-utf8Pairs
363id-regInfo 2 : id-regInfo-certReq
364
365# algorithms
366id-alg 1 : id-alg-des40
367id-alg 2 : id-alg-noSignature
368id-alg 3 : id-alg-dh-sig-hmac-sha1
369id-alg 4 : id-alg-dh-pop
370
371# CMC controls
372id-cmc 1 : id-cmc-statusInfo
373id-cmc 2 : id-cmc-identification
374id-cmc 3 : id-cmc-identityProof
375id-cmc 4 : id-cmc-dataReturn
376id-cmc 5 : id-cmc-transactionId
377id-cmc 6 : id-cmc-senderNonce
378id-cmc 7 : id-cmc-recipientNonce
379id-cmc 8 : id-cmc-addExtensions
380id-cmc 9 : id-cmc-encryptedPOP
381id-cmc 10 : id-cmc-decryptedPOP
382id-cmc 11 : id-cmc-lraPOPWitness
383id-cmc 15 : id-cmc-getCert
384id-cmc 16 : id-cmc-getCRL
385id-cmc 17 : id-cmc-revokeRequest
386id-cmc 18 : id-cmc-regInfo
387id-cmc 19 : id-cmc-responseInfo
388id-cmc 21 : id-cmc-queryPending
389id-cmc 22 : id-cmc-popLinkRandom
390id-cmc 23 : id-cmc-popLinkWitness
391id-cmc 24 : id-cmc-confirmCertAcceptance
392
393# other names
394id-on 1 : id-on-personalData
395
396# personal data attributes
397id-pda 1 : id-pda-dateOfBirth
398id-pda 2 : id-pda-placeOfBirth
399id-pda 3 : id-pda-pseudonym
400id-pda 4 : id-pda-gender
401id-pda 5 : id-pda-countryOfCitizenship
402id-pda 6 : id-pda-countryOfResidence
403
404# attribute certificate attributes
405id-aca 1 : id-aca-authenticationInfo
406id-aca 2 : id-aca-accessIdentity
407id-aca 3 : id-aca-chargingIdentity
408id-aca 4 : id-aca-group
409id-aca 5 : id-aca-role
410
411# qualified certificate statements
412id-qcs 1 : id-qcs-pkixQCSyntax-v1
413
414# CMC content types
415id-cct 1 : id-cct-crs
416id-cct 2 : id-cct-PKIData
417id-cct 3 : id-cct-PKIResponse
418
419# access descriptors for authority info access extension
420!Cname ad-OCSP
421id-ad 1 : OCSP : OCSP
422!Cname ad-ca-issuers
423id-ad 2 : caIssuers : CA Issuers
424!Cname ad-timeStamping
425id-ad 3 : ad_timestamping : AD Time Stamping
426!Cname ad-dvcs
427id-ad 4 : AD_DVCS : ad dvcs
428
429
430!Alias id-pkix-OCSP ad-OCSP
431!module id-pkix-OCSP
432!Cname basic
433id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response
434id-pkix-OCSP 2 : Nonce : OCSP Nonce
435id-pkix-OCSP 3 : CrlID : OCSP CRL ID
436id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses
437id-pkix-OCSP 5 : noCheck
438id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff
439id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator
440id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status
441id-pkix-OCSP 9 : valid
442id-pkix-OCSP 10 : path
443id-pkix-OCSP 11 : trustRoot : Trust Root
444!global
445
4461 3 14 3 2 : algorithm : algorithm
447algorithm 3 : RSA-NP-MD5 : md5WithRSA
448algorithm 6 : DES-ECB : des-ecb
449algorithm 7 : DES-CBC : des-cbc
450!Cname des-ofb64
451algorithm 8 : DES-OFB : des-ofb
452!Cname des-cfb64
453algorithm 9 : DES-CFB : des-cfb
454algorithm 11 : rsaSignature
455!Cname dsa-2
456algorithm 12 : DSA-old : dsaEncryption-old
457algorithm 13 : DSA-SHA : dsaWithSHA
458algorithm 15 : RSA-SHA : shaWithRSAEncryption
459algorithm 17 : DES-EDE : des-ede
460 : DES-EDE3 : des-ede3
461 : DES-EDE-CBC : des-ede-cbc
462!Cname des-ede-cfb64
463 : DES-EDE-CFB : des-ede-cfb
464!Cname des-ede3-cfb64
465 : DES-EDE3-CFB : des-ede3-cfb
466!Cname des-ede-ofb64
467 : DES-EDE-OFB : des-ede-ofb
468!Cname des-ede3-ofb64
469 : DES-EDE3-OFB : des-ede3-ofb
470 : DESX-CBC : desx-cbc
471algorithm 18 : SHA : sha
472algorithm 26 : SHA1 : sha1
473!Cname dsaWithSHA1-2
474algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old
475algorithm 29 : RSA-SHA1-2 : sha1WithRSA
476
4771 3 36 3 2 1 : RIPEMD160 : ripemd160
4781 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
479
480!Cname sxnet
4811 3 101 1 4 1 : SXNetID : Strong Extranet ID
482
4832 5 : X500 : directory services (X.500)
484
485X500 4 : X509
486X509 3 : CN : commonName
487X509 4 : S : surname
488X509 5 : SN : serialNumber
489X509 6 : C : countryName
490X509 7 : L : localityName
491X509 8 : ST : stateOrProvinceName
492X509 10 : O : organizationName
493X509 11 : OU : organizationalUnitName
494X509 12 : T : title
495X509 13 : D : description
496X509 41 : name : name
497X509 42 : G : givenName
498X509 43 : I : initials
499X509 45 : UID : uniqueIdentifier
500X509 46 : dnQualifier : dnQualifier
501
502X500 8 : X500algorithms : directory services - algorithms
503X500algorithms 1 1 : RSA : rsa
504X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
505X500algorithms 3 101 : MDC2 : mdc2
506
507X500 29 : id-ce
508!Cname subject-key-identifier
509id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
510!Cname key-usage
511id-ce 15 : keyUsage : X509v3 Key Usage
512!Cname private-key-usage-period
513id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period
514!Cname subject-alt-name
515id-ce 17 : subjectAltName : X509v3 Subject Alternative Name
516!Cname issuer-alt-name
517id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name
518!Cname basic-constraints
519id-ce 19 : basicConstraints : X509v3 Basic Constraints
520!Cname crl-number
521id-ce 20 : crlNumber : X509v3 CRL Number
522!Cname crl-reason
523id-ce 21 : CRLReason : X509v3 CRL Reason Code
524!Cname invalidity-date
525id-ce 24 : invalidityDate : Invalidity Date
526!Cname delta-crl
527id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
528!Cname crl-distribution-points
529id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
530!Cname certificate-policies
531id-ce 32 : certificatePolicies : X509v3 Certificate Policies
532!Cname authority-key-identifier
533id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
534!Cname ext-key-usage
535id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
536
537!Cname netscape
5382 16 840 1 113730 : Netscape : Netscape Communications Corp.
539!Cname netscape-cert-extension
540netscape 1 : nsCertExt : Netscape Certificate Extension
541!Cname netscape-data-type
542netscape 2 : nsDataType : Netscape Data Type
543!Cname netscape-cert-type
544netscape-cert-extension 1 : nsCertType : Netscape Cert Type
545!Cname netscape-base-url
546netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url
547!Cname netscape-revocation-url
548netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url
549!Cname netscape-ca-revocation-url
550netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url
551!Cname netscape-renewal-url
552netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url
553!Cname netscape-ca-policy-url
554netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url
555!Cname netscape-ssl-server-name
556netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name
557!Cname netscape-comment
558netscape-cert-extension 13 : nsComment : Netscape Comment
559!Cname netscape-cert-sequence
560netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence
561!Cname ns-sgc
562netscape 4 1 : nsSGC : Netscape Server Gated Crypto
563
564# iso(1)
565iso 3 : ORG : org
566org 6 : DOD : dod
567dod 1 : IANA : iana
568!Alias internet iana
569
570internet 1 : directory : Directory
571internet 2 : mgmt : Management
572internet 3 : experimental : Experimental
573internet 4 : private : Private
574internet 5 : security : Security
575internet 6 : snmpv2 : SNMPv2
576internet 7 : mail : Mail
577
578private 1 : enterprises : Enterprises
579
580# RFC 2247
581enterprises 1466 344 : dcobject : dcObject
582
583# Stray OIDs we don't know the full name of each step for
584# RFC 2247
5850 9 2342 19200300 100 1 25 : DC : domainComponent
5860 9 2342 19200300 100 4 13 : domain : Domain
587
588# What the hell are these OIDs, really?
589!Cname rle-compression
5901 1 1 1 666 1 : RLE : run length compression
591!Cname zlib-compression
5921 1 1 1 666 2 : ZLIB : zlib compression
593
diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h
deleted file mode 100644
index 4b25018e49..0000000000
--- a/src/lib/libcrypto/opensslv.h
+++ /dev/null
@@ -1,85 +0,0 @@
1#ifndef HEADER_OPENSSLV_H
2#define HEADER_OPENSSLV_H
3
4/* Numeric release version identifier:
5 * MNNFFPPS: major minor fix patch status
6 * The status nibble has one of the values 0 for development, 1 to e for betas
7 * 1 to 14, and f for release. The patch level is exactly that.
8 * For example:
9 * 0.9.3-dev 0x00903000
10 * 0.9.3-beta1 0x00903001
11 * 0.9.3-beta2-dev 0x00903002
12 * 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
13 * 0.9.3 0x0090300f
14 * 0.9.3a 0x0090301f
15 * 0.9.4 0x0090400f
16 * 1.2.3z 0x102031af
17 *
18 * For continuity reasons (because 0.9.5 is already out, and is coded
19 * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
20 * part is slightly different, by setting the highest bit. This means
21 * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
22 * with 0x0090600S...
23 *
24 * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
26 * major minor fix final patch/beta)
27 */
28#define OPENSSL_VERSION_NUMBER 0x0090602fL
29#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6b [engine] 9 Jul 2001"
30#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
31
32
33/* The macros below are to be used for shared library (.so, .dll, ...)
34 * versioning. That kind of versioning works a bit differently between
35 * operating systems. The most usual scheme is to set a major and a minor
36 * number, and have the runtime loader check that the major number is equal
37 * to what it was at application link time, while the minor number has to
38 * be greater or equal to what it was at application link time. With this
39 * scheme, the version number is usually part of the file name, like this:
40 *
41 * libcrypto.so.0.9
42 *
43 * Some unixen also make a softlink with the major verson number only:
44 *
45 * libcrypto.so.0
46 *
47 * On True64 it works a little bit differently. There, the shared library
48 * version is stored in the file, and is actually a series of versions,
49 * separated by colons. The rightmost version present in the library when
50 * linking an application is stored in the application to be matched at
51 * run time. When the application is run, a check is done to see if the
52 * library version stored in the application matches any of the versions
53 * in the version string of the library itself.
54 * This version string can be constructed in any way, depending on what
55 * kind of matching is desired. However, to implement the same scheme as
56 * the one used in the other unixen, all compatible versions, from lowest
57 * to highest, should be part of the string. Consecutive builds would
58 * give the following versions strings:
59 *
60 * 3.0
61 * 3.0:3.1
62 * 3.0:3.1:3.2
63 * 4.0
64 * 4.0:4.1
65 *
66 * Notice how version 4 is completely incompatible with version, and
67 * therefore give the breach you can see.
68 *
69 * There may be other schemes as well that I haven't yet discovered.
70 *
71 * So, here's the way it works here: first of all, the library version
72 * number doesn't need at all to match the overall OpenSSL version.
73 * However, it's nice and more understandable if it actually does.
74 * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
75 * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
76 * For the sake of True64 and any other OS that behaves in similar ways,
77 * we need to keep a history of version numbers, which is done in the
78 * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
79 * should only keep the versions that are binary compatible with the current.
80 */
81#define SHLIB_VERSION_HISTORY ""
82#define SHLIB_VERSION_NUMBER "0.9.6"
83
84
85#endif /* HEADER_OPENSSLV_H */
diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message
deleted file mode 100644
index e8bf9d7592..0000000000
--- a/src/lib/libcrypto/pem/message
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN PRIVACY-ENHANCED MESSAGE-----
2Proc-Type: 4,ENCRYPTED
3Proc-Type: 4,MIC-ONLY
4Proc-Type: 4,MIC-CLEAR
5Content-Domain: RFC822
6DEK-Info: DES-CBC,0123456789abcdef
7Originator-Certificate
8 xxxx
9Issuer-Certificate
10 xxxx
11MIC-Info: RSA-MD5,RSA,
12 xxxx
13
14
15-----END PRIVACY-ENHANCED MESSAGE-----
16
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h
deleted file mode 100644
index 6d3c446577..0000000000
--- a/src/lib/libcrypto/pem/pem.h
+++ /dev/null
@@ -1,667 +0,0 @@
1/* crypto/pem/pem.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_PEM_H
60#define HEADER_PEM_H
61
62#ifndef NO_BIO
63#include <openssl/bio.h>
64#endif
65#ifndef NO_STACK
66#include <openssl/stack.h>
67#endif
68#include <openssl/evp.h>
69#include <openssl/x509.h>
70#include <openssl/pem2.h>
71
72#ifdef __cplusplus
73extern "C" {
74#endif
75
76#define PEM_BUFSIZE 1024
77
78#define PEM_OBJ_UNDEF 0
79#define PEM_OBJ_X509 1
80#define PEM_OBJ_X509_REQ 2
81#define PEM_OBJ_CRL 3
82#define PEM_OBJ_SSL_SESSION 4
83#define PEM_OBJ_PRIV_KEY 10
84#define PEM_OBJ_PRIV_RSA 11
85#define PEM_OBJ_PRIV_DSA 12
86#define PEM_OBJ_PRIV_DH 13
87#define PEM_OBJ_PUB_RSA 14
88#define PEM_OBJ_PUB_DSA 15
89#define PEM_OBJ_PUB_DH 16
90#define PEM_OBJ_DHPARAMS 17
91#define PEM_OBJ_DSAPARAMS 18
92#define PEM_OBJ_PRIV_RSA_PUBLIC 19
93
94#define PEM_ERROR 30
95#define PEM_DEK_DES_CBC 40
96#define PEM_DEK_IDEA_CBC 45
97#define PEM_DEK_DES_EDE 50
98#define PEM_DEK_DES_ECB 60
99#define PEM_DEK_RSA 70
100#define PEM_DEK_RSA_MD2 80
101#define PEM_DEK_RSA_MD5 90
102
103#define PEM_MD_MD2 NID_md2
104#define PEM_MD_MD5 NID_md5
105#define PEM_MD_SHA NID_sha
106#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
107#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
108#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
109
110#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
111#define PEM_STRING_X509 "CERTIFICATE"
112#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
113#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
114#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
115#define PEM_STRING_X509_CRL "X509 CRL"
116#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
117#define PEM_STRING_PUBLIC "PUBLIC KEY"
118#define PEM_STRING_RSA "RSA PRIVATE KEY"
119#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
120#define PEM_STRING_DSA "DSA PRIVATE KEY"
121#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
122#define PEM_STRING_PKCS7 "PKCS7"
123#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
124#define PEM_STRING_PKCS8INF "PRIVATE KEY"
125#define PEM_STRING_DHPARAMS "DH PARAMETERS"
126#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
127#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
128
129
130typedef struct PEM_Encode_Seal_st
131 {
132 EVP_ENCODE_CTX encode;
133 EVP_MD_CTX md;
134 EVP_CIPHER_CTX cipher;
135 } PEM_ENCODE_SEAL_CTX;
136
137/* enc_type is one off */
138#define PEM_TYPE_ENCRYPTED 10
139#define PEM_TYPE_MIC_ONLY 20
140#define PEM_TYPE_MIC_CLEAR 30
141#define PEM_TYPE_CLEAR 40
142
143typedef struct pem_recip_st
144 {
145 char *name;
146 X509_NAME *dn;
147
148 int cipher;
149 int key_enc;
150 char iv[8];
151 } PEM_USER;
152
153typedef struct pem_ctx_st
154 {
155 int type; /* what type of object */
156
157 struct {
158 int version;
159 int mode;
160 } proc_type;
161
162 char *domain;
163
164 struct {
165 int cipher;
166 unsigned char iv[8];
167 } DEK_info;
168
169 PEM_USER *originator;
170
171 int num_recipient;
172 PEM_USER **recipient;
173
174#ifndef NO_STACK
175 STACK *x509_chain; /* certificate chain */
176#else
177 char *x509_chain; /* certificate chain */
178#endif
179 EVP_MD *md; /* signature type */
180
181 int md_enc; /* is the md encrypted or not? */
182 int md_len; /* length of md_data */
183 char *md_data; /* message digest, could be pkey encrypted */
184
185 EVP_CIPHER *dec; /* date encryption cipher */
186 int key_len; /* key length */
187 unsigned char *key; /* key */
188 unsigned char iv[8]; /* the iv */
189
190
191 int data_enc; /* is the data encrypted */
192 int data_len;
193 unsigned char *data;
194 } PEM_CTX;
195
196/* These macros make the PEM_read/PEM_write functions easier to maintain and
197 * write. Now they are all implemented with either:
198 * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
199 */
200
201#ifdef NO_FP_API
202
203#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
204#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
205#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
206
207#else
208
209#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
210type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
211{ \
212return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\
213 cb,u)); \
214} \
215
216#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
217int PEM_write_##name(FILE *fp, type *x) \
218{ \
219return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
220 NULL,NULL,0,NULL,NULL)); \
221}
222
223#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
224int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
225 unsigned char *kstr, int klen, pem_password_cb *cb, \
226 void *u) \
227 { \
228 return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
229 (char *)x,enc,kstr,klen,cb,u)); \
230 }
231
232#endif
233
234#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
235type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
236{ \
237return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
238 (char **)x,cb,u)); \
239}
240
241#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
242int PEM_write_bio_##name(BIO *bp, type *x) \
243{ \
244return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
245 NULL,NULL,0,NULL,NULL)); \
246}
247
248#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
249int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
250 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
251 { \
252 return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
253 (char *)x,enc,kstr,klen,cb,u)); \
254 }
255
256#define IMPLEMENT_PEM_write(name, type, str, asn1) \
257 IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
258 IMPLEMENT_PEM_write_fp(name, type, str, asn1)
259
260#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
261 IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
262 IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
263
264#define IMPLEMENT_PEM_read(name, type, str, asn1) \
265 IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
266 IMPLEMENT_PEM_read_fp(name, type, str, asn1)
267
268#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
269 IMPLEMENT_PEM_read(name, type, str, asn1) \
270 IMPLEMENT_PEM_write(name, type, str, asn1)
271
272#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
273 IMPLEMENT_PEM_read(name, type, str, asn1) \
274 IMPLEMENT_PEM_write_cb(name, type, str, asn1)
275
276/* These are the same except they are for the declarations */
277
278#if defined(WIN16) || defined(NO_FP_API)
279
280#define DECLARE_PEM_read_fp(name, type) /**/
281#define DECLARE_PEM_write_fp(name, type) /**/
282#define DECLARE_PEM_write_cb_fp(name, type) /**/
283
284#else
285
286#define DECLARE_PEM_read_fp(name, type) \
287 type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
288
289#define DECLARE_PEM_write_fp(name, type) \
290 int PEM_write_##name(FILE *fp, type *x);
291
292#define DECLARE_PEM_write_cb_fp(name, type) \
293 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
294 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
295
296#endif
297
298#ifndef NO_BIO
299#define DECLARE_PEM_read_bio(name, type) \
300 type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
301
302#define DECLARE_PEM_write_bio(name, type) \
303 int PEM_write_bio_##name(BIO *bp, type *x);
304
305#define DECLARE_PEM_write_cb_bio(name, type) \
306 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
307 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
308
309#else
310
311#define DECLARE_PEM_read_bio(name, type) /**/
312#define DECLARE_PEM_write_bio(name, type) /**/
313#define DECLARE_PEM_write_cb_bio(name, type) /**/
314
315#endif
316
317#define DECLARE_PEM_write(name, type) \
318 DECLARE_PEM_write_bio(name, type) \
319 DECLARE_PEM_write_fp(name, type)
320
321#define DECLARE_PEM_write_cb(name, type) \
322 DECLARE_PEM_write_cb_bio(name, type) \
323 DECLARE_PEM_write_cb_fp(name, type)
324
325#define DECLARE_PEM_read(name, type) \
326 DECLARE_PEM_read_bio(name, type) \
327 DECLARE_PEM_read_fp(name, type)
328
329#define DECLARE_PEM_rw(name, type) \
330 DECLARE_PEM_read(name, type) \
331 DECLARE_PEM_write(name, type)
332
333#define DECLARE_PEM_rw_cb(name, type) \
334 DECLARE_PEM_read(name, type) \
335 DECLARE_PEM_write_cb(name, type)
336
337#ifdef SSLEAY_MACROS
338
339#define PEM_write_SSL_SESSION(fp,x) \
340 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
341 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
342#define PEM_write_X509(fp,x) \
343 PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
344 (char *)x, NULL,NULL,0,NULL,NULL)
345#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
346 (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
347 NULL,NULL,0,NULL,NULL)
348#define PEM_write_X509_CRL(fp,x) \
349 PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
350 fp,(char *)x, NULL,NULL,0,NULL,NULL)
351#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
352 PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
353 (char *)x,enc,kstr,klen,cb,u)
354#define PEM_write_RSAPublicKey(fp,x) \
355 PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
356 PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
357#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
358 PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
359 (char *)x,enc,kstr,klen,cb,u)
360#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
361 PEM_ASN1_write((int (*)())i2d_PrivateKey,\
362 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
363 bp,(char *)x,enc,kstr,klen,cb,u)
364#define PEM_write_PKCS7(fp,x) \
365 PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
366 (char *)x, NULL,NULL,0,NULL,NULL)
367#define PEM_write_DHparams(fp,x) \
368 PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
369 (char *)x,NULL,NULL,0,NULL,NULL)
370
371#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
372 PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
373 PEM_STRING_X509,fp, \
374 (char *)x, NULL,NULL,0,NULL,NULL)
375
376#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
377 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
378#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
379 (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
380#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
381 (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
382#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
383 (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
384#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
385 (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
386#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
387 (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
388#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
389 (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
390#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
391 (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
392#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
393 (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
394#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
395 (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
396
397#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
398 (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
399 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
400 (char **)x,cb,u)
401
402#define PEM_write_bio_SSL_SESSION(bp,x) \
403 PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
404 PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
405#define PEM_write_bio_X509(bp,x) \
406 PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
407 (char *)x, NULL,NULL,0,NULL,NULL)
408#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
409 (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
410 NULL,NULL,0,NULL,NULL)
411#define PEM_write_bio_X509_CRL(bp,x) \
412 PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
413 bp,(char *)x, NULL,NULL,0,NULL,NULL)
414#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
415 PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
416 bp,(char *)x,enc,kstr,klen,cb,u)
417#define PEM_write_bio_RSAPublicKey(bp,x) \
418 PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
419 PEM_STRING_RSA_PUBLIC,\
420 bp,(char *)x,NULL,NULL,0,NULL,NULL)
421#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
422 PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
423 bp,(char *)x,enc,kstr,klen,cb,u)
424#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
425 PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
426 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
427 bp,(char *)x,enc,kstr,klen,cb,u)
428#define PEM_write_bio_PKCS7(bp,x) \
429 PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
430 (char *)x, NULL,NULL,0,NULL,NULL)
431#define PEM_write_bio_DHparams(bp,x) \
432 PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
433 bp,(char *)x,NULL,NULL,0,NULL,NULL)
434#define PEM_write_bio_DSAparams(bp,x) \
435 PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
436 PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
437
438#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
439 PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
440 PEM_STRING_X509,bp, \
441 (char *)x, NULL,NULL,0,NULL,NULL)
442
443#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
444 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
445#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
446 (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
447#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
448 (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
449#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
450 (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
451#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
452 (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
453#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
454 (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
455#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
456 (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
457#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
458 (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
459
460#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
461 (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
462#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
463 (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
464#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
465 (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
466
467#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
468 (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
469 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
470 (char **)x,cb,u)
471
472#endif
473
474#if 1
475/* "userdata": new with OpenSSL 0.9.4 */
476typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
477#else
478/* OpenSSL 0.9.3, 0.9.3a */
479typedef int pem_password_cb(char *buf, int size, int rwflag);
480#endif
481
482int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
483int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
484 pem_password_cb *callback,void *u);
485
486#ifndef NO_BIO
487int PEM_read_bio(BIO *bp, char **name, char **header,
488 unsigned char **data,long *len);
489int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
490 long len);
491char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x,
492 pem_password_cb *cb, void *u);
493int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x,
494 const EVP_CIPHER *enc,unsigned char *kstr,int klen,
495 pem_password_cb *cb, void *u);
496STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
497int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
498 unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
499#endif
500
501#ifndef WIN16
502int PEM_read(FILE *fp, char **name, char **header,
503 unsigned char **data,long *len);
504int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
505char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x,
506 pem_password_cb *cb, void *u);
507int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x,
508 const EVP_CIPHER *enc,unsigned char *kstr,int klen,
509 pem_password_cb *callback, void *u);
510STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
511 pem_password_cb *cb, void *u);
512#endif
513
514int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
515 EVP_MD *md_type, unsigned char **ek, int *ekl,
516 unsigned char *iv, EVP_PKEY **pubk, int npubk);
517void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
518 unsigned char *in, int inl);
519int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
520 unsigned char *out, int *outl, EVP_PKEY *priv);
521
522void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
523void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
524int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
525 unsigned int *siglen, EVP_PKEY *pkey);
526
527void ERR_load_PEM_strings(void);
528
529void PEM_proc_type(char *buf, int type);
530void PEM_dek_info(char *buf, const char *type, int len, char *str);
531
532#ifndef SSLEAY_MACROS
533
534#include <openssl/symhacks.h>
535
536DECLARE_PEM_rw(X509, X509)
537
538DECLARE_PEM_rw(X509_AUX, X509)
539
540DECLARE_PEM_rw(X509_REQ, X509_REQ)
541DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
542
543DECLARE_PEM_rw(X509_CRL, X509_CRL)
544
545DECLARE_PEM_rw(PKCS7, PKCS7)
546
547DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
548
549DECLARE_PEM_rw(PKCS8, X509_SIG)
550
551DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
552
553#ifndef NO_RSA
554
555DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
556
557DECLARE_PEM_rw(RSAPublicKey, RSA)
558DECLARE_PEM_rw(RSA_PUBKEY, RSA)
559
560#endif
561
562#ifndef NO_DSA
563
564DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
565
566DECLARE_PEM_rw(DSA_PUBKEY, DSA)
567
568DECLARE_PEM_rw(DSAparams, DSA)
569
570#endif
571
572#ifndef NO_DH
573
574DECLARE_PEM_rw(DHparams, DH)
575
576#endif
577
578DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
579
580DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
581
582int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
583 char *kstr, int klen,
584 pem_password_cb *cb, void *u);
585int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
586 char *, int, pem_password_cb *, void *);
587int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
588 char *kstr, int klen,
589 pem_password_cb *cb, void *u);
590int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
591 char *kstr, int klen,
592 pem_password_cb *cb, void *u);
593EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
594
595int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
596 char *kstr, int klen,
597 pem_password_cb *cb, void *u);
598int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
599 char *kstr, int klen,
600 pem_password_cb *cb, void *u);
601int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
602 char *kstr, int klen,
603 pem_password_cb *cb, void *u);
604
605EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
606
607int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
608 char *kstr,int klen, pem_password_cb *cd, void *u);
609
610#endif /* SSLEAY_MACROS */
611
612
613/* BEGIN ERROR CODES */
614/* The following lines are auto generated by the script mkerr.pl. Any changes
615 * made after this point may be overwritten when the script is next run.
616 */
617
618/* Error codes for the PEM functions. */
619
620/* Function codes. */
621#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
622#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
623#define PEM_F_DEF_CALLBACK 100
624#define PEM_F_LOAD_IV 101
625#define PEM_F_PEM_ASN1_READ 102
626#define PEM_F_PEM_ASN1_READ_BIO 103
627#define PEM_F_PEM_ASN1_WRITE 104
628#define PEM_F_PEM_ASN1_WRITE_BIO 105
629#define PEM_F_PEM_DO_HEADER 106
630#define PEM_F_PEM_F_DO_PK8KEY_FP 122
631#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
632#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
633#define PEM_F_PEM_READ 108
634#define PEM_F_PEM_READ_BIO 109
635#define PEM_F_PEM_SEALFINAL 110
636#define PEM_F_PEM_SEALINIT 111
637#define PEM_F_PEM_SIGNFINAL 112
638#define PEM_F_PEM_WRITE 113
639#define PEM_F_PEM_WRITE_BIO 114
640#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119
641#define PEM_F_PEM_X509_INFO_READ 115
642#define PEM_F_PEM_X509_INFO_READ_BIO 116
643#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
644
645/* Reason codes. */
646#define PEM_R_BAD_BASE64_DECODE 100
647#define PEM_R_BAD_DECRYPT 101
648#define PEM_R_BAD_END_LINE 102
649#define PEM_R_BAD_IV_CHARS 103
650#define PEM_R_BAD_PASSWORD_READ 104
651#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
652#define PEM_R_NOT_DEK_INFO 105
653#define PEM_R_NOT_ENCRYPTED 106
654#define PEM_R_NOT_PROC_TYPE 107
655#define PEM_R_NO_START_LINE 108
656#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
657#define PEM_R_PUBLIC_KEY_NO_RSA 110
658#define PEM_R_READ_KEY 111
659#define PEM_R_SHORT_HEADER 112
660#define PEM_R_UNSUPPORTED_CIPHER 113
661#define PEM_R_UNSUPPORTED_ENCRYPTION 114
662
663#ifdef __cplusplus
664}
665#endif
666#endif
667
diff --git a/src/lib/libcrypto/pem/pem2.h b/src/lib/libcrypto/pem/pem2.h
deleted file mode 100644
index 4e484bcd82..0000000000
--- a/src/lib/libcrypto/pem/pem2.h
+++ /dev/null
@@ -1,68 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55/*
56 * This header only exists to break a circular dependency between pem and err
57 * Ben 30 Jan 1999.
58 */
59
60#ifdef __cplusplus
61extern "C" {
62#endif
63
64void ERR_load_PEM_strings(void);
65
66#ifdef __cplusplus
67}
68#endif
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
deleted file mode 100644
index dc9c35b4b4..0000000000
--- a/src/lib/libcrypto/pem/pem_all.c
+++ /dev/null
@@ -1,203 +0,0 @@
1/* crypto/pem/pem_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#undef SSLEAY_MACROS
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pkcs7.h>
66#include <openssl/pem.h>
67
68#ifndef NO_RSA
69static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
70#endif
71#ifndef NO_DSA
72static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
73#endif
74
75IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
76
77IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
78
79IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
80
81IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
82
83IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
84
85IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
86
87IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
88 PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
89
90IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
91IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
92 PKCS8_PRIV_KEY_INFO)
93
94#ifndef NO_RSA
95
96/* We treat RSA or DSA private keys as a special case.
97 *
98 * For private keys we read in an EVP_PKEY structure with
99 * PEM_read_bio_PrivateKey() and extract the relevant private
100 * key: this means can handle "traditional" and PKCS#8 formats
101 * transparently.
102 */
103
104static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
105{
106 RSA *rtmp;
107 if(!key) return NULL;
108 rtmp = EVP_PKEY_get1_RSA(key);
109 EVP_PKEY_free(key);
110 if(!rtmp) return NULL;
111 if(rsa) {
112 RSA_free(*rsa);
113 *rsa = rtmp;
114 }
115 return rtmp;
116}
117
118RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
119 void *u)
120{
121 EVP_PKEY *pktmp;
122 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
123 return pkey_get_rsa(pktmp, rsa);
124}
125
126#ifndef NO_FP_API
127
128RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
129 void *u)
130{
131 EVP_PKEY *pktmp;
132 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
133 return pkey_get_rsa(pktmp, rsa);
134}
135
136#endif
137
138IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
139IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
140IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
141
142#endif
143
144#ifndef NO_DSA
145
146static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
147{
148 DSA *dtmp;
149 if(!key) return NULL;
150 dtmp = EVP_PKEY_get1_DSA(key);
151 EVP_PKEY_free(key);
152 if(!dtmp) return NULL;
153 if(dsa) {
154 DSA_free(*dsa);
155 *dsa = dtmp;
156 }
157 return dtmp;
158}
159
160DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
161 void *u)
162{
163 EVP_PKEY *pktmp;
164 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
165 return pkey_get_dsa(pktmp, dsa);
166}
167
168IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
169IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
170
171#ifndef NO_FP_API
172
173DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
174 void *u)
175{
176 EVP_PKEY *pktmp;
177 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
178 return pkey_get_dsa(pktmp, dsa);
179}
180
181#endif
182
183IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
184
185#endif
186
187#ifndef NO_DH
188
189IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
190
191#endif
192
193
194/* The PrivateKey case is not that straightforward.
195 * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
196 * does not work, RSA and DSA keys have specific strings.
197 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
198 * appropriate.)
199 */
200IMPLEMENT_PEM_read(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
201IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
202
203IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c
deleted file mode 100644
index 8b1789b11c..0000000000
--- a/src/lib/libcrypto/pem/pem_err.c
+++ /dev/null
@@ -1,131 +0,0 @@
1/* crypto/pem/pem_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/pem.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA PEM_str_functs[]=
68 {
69{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0), "d2i_PKCS8PrivateKey_bio"},
70{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0), "d2i_PKCS8PrivateKey_fp"},
71{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"},
72{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"},
73{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"},
74{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"},
75{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"},
76{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"},
77{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"},
78{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0), "PEM_F_DO_PK8KEY_FP"},
79{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
80{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"},
81{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"},
82{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"},
83{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"},
84{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"},
85{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"},
86{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"},
87{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"},
88{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0), "PEM_write_bio_PKCS8PrivateKey"},
89{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"},
90{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"},
91{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"},
92{0,NULL}
93 };
94
95static ERR_STRING_DATA PEM_str_reasons[]=
96 {
97{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"},
98{PEM_R_BAD_DECRYPT ,"bad decrypt"},
99{PEM_R_BAD_END_LINE ,"bad end line"},
100{PEM_R_BAD_IV_CHARS ,"bad iv chars"},
101{PEM_R_BAD_PASSWORD_READ ,"bad password read"},
102{PEM_R_ERROR_CONVERTING_PRIVATE_KEY ,"error converting private key"},
103{PEM_R_NOT_DEK_INFO ,"not dek info"},
104{PEM_R_NOT_ENCRYPTED ,"not encrypted"},
105{PEM_R_NOT_PROC_TYPE ,"not proc type"},
106{PEM_R_NO_START_LINE ,"no start line"},
107{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"},
108{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"},
109{PEM_R_READ_KEY ,"read key"},
110{PEM_R_SHORT_HEADER ,"short header"},
111{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
112{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"},
113{0,NULL}
114 };
115
116#endif
117
118void ERR_load_PEM_strings(void)
119 {
120 static int init=1;
121
122 if (init)
123 {
124 init=0;
125#ifndef NO_ERR
126 ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
127 ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
128#endif
129
130 }
131 }
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
deleted file mode 100644
index f1694f1125..0000000000
--- a/src/lib/libcrypto/pem/pem_info.c
+++ /dev/null
@@ -1,364 +0,0 @@
1/* crypto/pem/pem_info.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66
67#ifndef NO_FP_API
68STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
69 {
70 BIO *b;
71 STACK_OF(X509_INFO) *ret;
72
73 if ((b=BIO_new(BIO_s_file())) == NULL)
74 {
75 PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
76 return(0);
77 }
78 BIO_set_fp(b,fp,BIO_NOCLOSE);
79 ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
80 BIO_free(b);
81 return(ret);
82 }
83#endif
84
85STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
86 {
87 X509_INFO *xi=NULL;
88 char *name=NULL,*header=NULL,**pp;
89 unsigned char *data=NULL,*p;
90 long len,error=0;
91 int ok=0;
92 STACK_OF(X509_INFO) *ret=NULL;
93 unsigned int i,raw;
94 char *(*d2i)();
95
96 if (sk == NULL)
97 {
98 if ((ret=sk_X509_INFO_new_null()) == NULL)
99 {
100 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
101 goto err;
102 }
103 }
104 else
105 ret=sk;
106
107 if ((xi=X509_INFO_new()) == NULL) goto err;
108 for (;;)
109 {
110 raw=0;
111 i=PEM_read_bio(bp,&name,&header,&data,&len);
112 if (i == 0)
113 {
114 error=ERR_GET_REASON(ERR_peek_error());
115 if (error == PEM_R_NO_START_LINE)
116 {
117 ERR_clear_error();
118 break;
119 }
120 goto err;
121 }
122start:
123 if ( (strcmp(name,PEM_STRING_X509) == 0) ||
124 (strcmp(name,PEM_STRING_X509_OLD) == 0))
125 {
126 d2i=(char *(*)())d2i_X509;
127 if (xi->x509 != NULL)
128 {
129 if (!sk_X509_INFO_push(ret,xi)) goto err;
130 if ((xi=X509_INFO_new()) == NULL) goto err;
131 goto start;
132 }
133 pp=(char **)&(xi->x509);
134 }
135 else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
136 {
137 d2i=(char *(*)())d2i_X509_AUX;
138 if (xi->x509 != NULL)
139 {
140 if (!sk_X509_INFO_push(ret,xi)) goto err;
141 if ((xi=X509_INFO_new()) == NULL) goto err;
142 goto start;
143 }
144 pp=(char **)&(xi->x509);
145 }
146 else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
147 {
148 d2i=(char *(*)())d2i_X509_CRL;
149 if (xi->crl != NULL)
150 {
151 if (!sk_X509_INFO_push(ret,xi)) goto err;
152 if ((xi=X509_INFO_new()) == NULL) goto err;
153 goto start;
154 }
155 pp=(char **)&(xi->crl);
156 }
157 else
158#ifndef NO_RSA
159 if (strcmp(name,PEM_STRING_RSA) == 0)
160 {
161 d2i=(char *(*)())d2i_RSAPrivateKey;
162 if (xi->x_pkey != NULL)
163 {
164 if (!sk_X509_INFO_push(ret,xi)) goto err;
165 if ((xi=X509_INFO_new()) == NULL) goto err;
166 goto start;
167 }
168
169 xi->enc_data=NULL;
170 xi->enc_len=0;
171
172 xi->x_pkey=X509_PKEY_new();
173 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
174 goto err;
175 xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
176 pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
177 if ((int)strlen(header) > 10) /* assume encrypted */
178 raw=1;
179 }
180 else
181#endif
182#ifndef NO_DSA
183 if (strcmp(name,PEM_STRING_DSA) == 0)
184 {
185 d2i=(char *(*)())d2i_DSAPrivateKey;
186 if (xi->x_pkey != NULL)
187 {
188 if (!sk_X509_INFO_push(ret,xi)) goto err;
189 if ((xi=X509_INFO_new()) == NULL) goto err;
190 goto start;
191 }
192
193 xi->enc_data=NULL;
194 xi->enc_len=0;
195
196 xi->x_pkey=X509_PKEY_new();
197 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
198 goto err;
199 xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
200 pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
201 if ((int)strlen(header) > 10) /* assume encrypted */
202 raw=1;
203 }
204 else
205#endif
206 {
207 d2i=NULL;
208 pp=NULL;
209 }
210
211 if (d2i != NULL)
212 {
213 if (!raw)
214 {
215 EVP_CIPHER_INFO cipher;
216
217 if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
218 goto err;
219 if (!PEM_do_header(&cipher,data,&len,cb,u))
220 goto err;
221 p=data;
222 if (d2i(pp,&p,len) == NULL)
223 {
224 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
225 goto err;
226 }
227 }
228 else
229 { /* encrypted RSA data */
230 if (!PEM_get_EVP_CIPHER_INFO(header,
231 &xi->enc_cipher)) goto err;
232 xi->enc_data=(char *)data;
233 xi->enc_len=(int)len;
234 data=NULL;
235 }
236 }
237 else {
238 /* unknown */
239 }
240 if (name != NULL) OPENSSL_free(name);
241 if (header != NULL) OPENSSL_free(header);
242 if (data != NULL) OPENSSL_free(data);
243 name=NULL;
244 header=NULL;
245 data=NULL;
246 }
247
248 /* if the last one hasn't been pushed yet and there is anything
249 * in it then add it to the stack ...
250 */
251 if ((xi->x509 != NULL) || (xi->crl != NULL) ||
252 (xi->x_pkey != NULL) || (xi->enc_data != NULL))
253 {
254 if (!sk_X509_INFO_push(ret,xi)) goto err;
255 xi=NULL;
256 }
257 ok=1;
258err:
259 if (xi != NULL) X509_INFO_free(xi);
260 if (!ok)
261 {
262 for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
263 {
264 xi=sk_X509_INFO_value(ret,i);
265 X509_INFO_free(xi);
266 }
267 if (ret != sk) sk_X509_INFO_free(ret);
268 ret=NULL;
269 }
270
271 if (name != NULL) OPENSSL_free(name);
272 if (header != NULL) OPENSSL_free(header);
273 if (data != NULL) OPENSSL_free(data);
274 return(ret);
275 }
276
277
278/* A TJH addition */
279int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
280 unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
281 {
282 EVP_CIPHER_CTX ctx;
283 int i,ret=0;
284 unsigned char *data=NULL;
285 const char *objstr=NULL;
286 char buf[PEM_BUFSIZE];
287 unsigned char *iv=NULL;
288
289 if (enc != NULL)
290 {
291 objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
292 if (objstr == NULL)
293 {
294 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
295 goto err;
296 }
297 }
298
299 /* now for the fun part ... if we have a private key then
300 * we have to be able to handle a not-yet-decrypted key
301 * being written out correctly ... if it is decrypted or
302 * it is non-encrypted then we use the base code
303 */
304 if (xi->x_pkey!=NULL)
305 {
306 if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
307 {
308 /* copy from weirdo names into more normal things */
309 iv=xi->enc_cipher.iv;
310 data=(unsigned char *)xi->enc_data;
311 i=xi->enc_len;
312
313 /* we take the encryption data from the
314 * internal stuff rather than what the
315 * user has passed us ... as we have to
316 * match exactly for some strange reason
317 */
318 objstr=OBJ_nid2sn(
319 EVP_CIPHER_nid(xi->enc_cipher.cipher));
320 if (objstr == NULL)
321 {
322 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
323 goto err;
324 }
325
326 /* create the right magic header stuff */
327 buf[0]='\0';
328 PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
329 PEM_dek_info(buf,objstr,8,(char *)iv);
330
331 /* use the normal code to write things out */
332 i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
333 if (i <= 0) goto err;
334 }
335 else
336 {
337 /* Add DSA/DH */
338#ifndef NO_RSA
339 /* normal optionally encrypted stuff */
340 if (PEM_write_bio_RSAPrivateKey(bp,
341 xi->x_pkey->dec_pkey->pkey.rsa,
342 enc,kstr,klen,cb,u)<=0)
343 goto err;
344#endif
345 }
346 }
347
348 /* if we have a certificate then write it out now */
349 if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
350 goto err;
351
352 /* we are ignoring anything else that is loaded into the X509_INFO
353 * structure for the moment ... as I don't need it so I'm not
354 * coding it here and Eric can do it when this makes it into the
355 * base library --tjh
356 */
357
358 ret=1;
359
360err:
361 memset((char *)&ctx,0,sizeof(ctx));
362 memset(buf,0,PEM_BUFSIZE);
363 return(ret);
364 }
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
deleted file mode 100644
index a17c3ed57f..0000000000
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ /dev/null
@@ -1,963 +0,0 @@
1/* crypto/pem/pem_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/x509.h>
66#include <openssl/pem.h>
67#include <openssl/pkcs12.h>
68#ifndef NO_DES
69#include <openssl/des.h>
70#endif
71
72const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
73
74#define MIN_LENGTH 4
75
76static int def_callback(char *buf, int num, int w, void *userdata);
77static int load_iv(unsigned char **fromp,unsigned char *to, int num);
78static int check_pem(const char *nm, const char *name);
79static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
80 int nid, const EVP_CIPHER *enc,
81 char *kstr, int klen,
82 pem_password_cb *cb, void *u);
83static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
84 int nid, const EVP_CIPHER *enc,
85 char *kstr, int klen,
86 pem_password_cb *cb, void *u);
87
88static int def_callback(char *buf, int num, int w, void *key)
89 {
90#ifdef NO_FP_API
91 /* We should not ever call the default callback routine from
92 * windows. */
93 PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
94 return(-1);
95#else
96 int i,j;
97 const char *prompt;
98 if(key) {
99 i=strlen(key);
100 i=(i > num)?num:i;
101 memcpy(buf,key,i);
102 return(i);
103 }
104
105 prompt=EVP_get_pw_prompt();
106 if (prompt == NULL)
107 prompt="Enter PEM pass phrase:";
108
109 for (;;)
110 {
111 i=EVP_read_pw_string(buf,num,prompt,w);
112 if (i != 0)
113 {
114 PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
115 memset(buf,0,(unsigned int)num);
116 return(-1);
117 }
118 j=strlen(buf);
119 if (j < MIN_LENGTH)
120 {
121 fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
122 }
123 else
124 break;
125 }
126 return(j);
127#endif
128 }
129
130void PEM_proc_type(char *buf, int type)
131 {
132 const char *str;
133
134 if (type == PEM_TYPE_ENCRYPTED)
135 str="ENCRYPTED";
136 else if (type == PEM_TYPE_MIC_CLEAR)
137 str="MIC-CLEAR";
138 else if (type == PEM_TYPE_MIC_ONLY)
139 str="MIC-ONLY";
140 else
141 str="BAD-TYPE";
142
143 strcat(buf,"Proc-Type: 4,");
144 strcat(buf,str);
145 strcat(buf,"\n");
146 }
147
148void PEM_dek_info(char *buf, const char *type, int len, char *str)
149 {
150 static unsigned char map[17]="0123456789ABCDEF";
151 long i;
152 int j;
153
154 strcat(buf,"DEK-Info: ");
155 strcat(buf,type);
156 strcat(buf,",");
157 j=strlen(buf);
158 for (i=0; i<len; i++)
159 {
160 buf[j+i*2] =map[(str[i]>>4)&0x0f];
161 buf[j+i*2+1]=map[(str[i] )&0x0f];
162 }
163 buf[j+i*2]='\n';
164 buf[j+i*2+1]='\0';
165 }
166
167#ifndef NO_FP_API
168char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
169 pem_password_cb *cb, void *u)
170 {
171 BIO *b;
172 char *ret;
173
174 if ((b=BIO_new(BIO_s_file())) == NULL)
175 {
176 PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
177 return(0);
178 }
179 BIO_set_fp(b,fp,BIO_NOCLOSE);
180 ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
181 BIO_free(b);
182 return(ret);
183 }
184#endif
185
186static int check_pem(const char *nm, const char *name)
187{
188 /* Normal matching nm and name */
189 if (!strcmp(nm,name)) return 1;
190
191 /* Make PEM_STRING_EVP_PKEY match any private key */
192
193 if(!strcmp(nm,PEM_STRING_PKCS8) &&
194 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
195
196 if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
197 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
198
199 if(!strcmp(nm,PEM_STRING_RSA) &&
200 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
201
202 if(!strcmp(nm,PEM_STRING_DSA) &&
203 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
204
205 /* Permit older strings */
206
207 if(!strcmp(nm,PEM_STRING_X509_OLD) &&
208 !strcmp(name,PEM_STRING_X509)) return 1;
209
210 if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
211 !strcmp(name,PEM_STRING_X509_REQ)) return 1;
212
213 /* Allow normal certs to be read as trusted certs */
214 if(!strcmp(nm,PEM_STRING_X509) &&
215 !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
216
217 if(!strcmp(nm,PEM_STRING_X509_OLD) &&
218 !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
219
220 /* Some CAs use PKCS#7 with CERTIFICATE headers */
221 if(!strcmp(nm, PEM_STRING_X509) &&
222 !strcmp(name, PEM_STRING_PKCS7)) return 1;
223
224 return 0;
225}
226
227char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
228 pem_password_cb *cb, void *u)
229 {
230 EVP_CIPHER_INFO cipher;
231 char *nm=NULL,*header=NULL;
232 unsigned char *p=NULL,*data=NULL;
233 long len;
234 char *ret=NULL;
235
236 for (;;)
237 {
238 if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
239 if(ERR_GET_REASON(ERR_peek_error()) ==
240 PEM_R_NO_START_LINE)
241 ERR_add_error_data(2, "Expecting: ", name);
242 return(NULL);
243 }
244 if(check_pem(nm, name)) break;
245 OPENSSL_free(nm);
246 OPENSSL_free(header);
247 OPENSSL_free(data);
248 }
249 if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
250 if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
251 p=data;
252 if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) {
253 if (strcmp(nm,PEM_STRING_RSA) == 0)
254 ret=d2i(EVP_PKEY_RSA,x,&p,len);
255 else if (strcmp(nm,PEM_STRING_DSA) == 0)
256 ret=d2i(EVP_PKEY_DSA,x,&p,len);
257 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
258 PKCS8_PRIV_KEY_INFO *p8inf;
259 p8inf=d2i_PKCS8_PRIV_KEY_INFO(
260 (PKCS8_PRIV_KEY_INFO **) x, &p, len);
261 ret = (char *)EVP_PKCS82PKEY(p8inf);
262 PKCS8_PRIV_KEY_INFO_free(p8inf);
263 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
264 PKCS8_PRIV_KEY_INFO *p8inf;
265 X509_SIG *p8;
266 int klen;
267 char psbuf[PEM_BUFSIZE];
268 p8 = d2i_X509_SIG(NULL, &p, len);
269 if(!p8) goto p8err;
270 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
271 else klen=def_callback(psbuf,PEM_BUFSIZE,0,u);
272 if (klen <= 0) {
273 PEMerr(PEM_F_PEM_ASN1_READ_BIO,
274 PEM_R_BAD_PASSWORD_READ);
275 goto err;
276 }
277 p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
278 X509_SIG_free(p8);
279 if(!p8inf) goto p8err;
280 ret = (char *)EVP_PKCS82PKEY(p8inf);
281 if(x) {
282 if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
283 *x = ret;
284 }
285 PKCS8_PRIV_KEY_INFO_free(p8inf);
286 }
287 } else ret=d2i(x,&p,len);
288p8err:
289 if (ret == NULL)
290 PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
291err:
292 OPENSSL_free(nm);
293 OPENSSL_free(header);
294 OPENSSL_free(data);
295 return(ret);
296 }
297
298#ifndef NO_FP_API
299int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
300 const EVP_CIPHER *enc, unsigned char *kstr, int klen,
301 pem_password_cb *callback, void *u)
302 {
303 BIO *b;
304 int ret;
305
306 if ((b=BIO_new(BIO_s_file())) == NULL)
307 {
308 PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
309 return(0);
310 }
311 BIO_set_fp(b,fp,BIO_NOCLOSE);
312 ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
313 BIO_free(b);
314 return(ret);
315 }
316#endif
317
318int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
319 const EVP_CIPHER *enc, unsigned char *kstr, int klen,
320 pem_password_cb *callback, void *u)
321 {
322 EVP_CIPHER_CTX ctx;
323 int dsize=0,i,j,ret=0;
324 unsigned char *p,*data=NULL;
325 const char *objstr=NULL;
326 char buf[PEM_BUFSIZE];
327 unsigned char key[EVP_MAX_KEY_LENGTH];
328 unsigned char iv[EVP_MAX_IV_LENGTH];
329
330 if (enc != NULL)
331 {
332 objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
333 if (objstr == NULL)
334 {
335 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
336 goto err;
337 }
338 }
339
340 if ((dsize=i2d(x,NULL)) < 0)
341 {
342 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
343 dsize=0;
344 goto err;
345 }
346 /* dzise + 8 bytes are needed */
347 data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
348 if (data == NULL)
349 {
350 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
351 goto err;
352 }
353 p=data;
354 i=i2d(x,&p);
355
356 if (enc != NULL)
357 {
358 if (kstr == NULL)
359 {
360 if (callback == NULL)
361 klen=def_callback(buf,PEM_BUFSIZE,1,u);
362 else
363 klen=(*callback)(buf,PEM_BUFSIZE,1,u);
364 if (klen <= 0)
365 {
366 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
367 goto err;
368 }
369#ifdef CHARSET_EBCDIC
370 /* Convert the pass phrase from EBCDIC */
371 ebcdic2ascii(buf, buf, klen);
372#endif
373 kstr=(unsigned char *)buf;
374 }
375 RAND_add(data,i,0);/* put in the RSA key. */
376 if (RAND_pseudo_bytes(iv,8) < 0) /* Generate a salt */
377 goto err;
378 /* The 'iv' is used as the iv and as a salt. It is
379 * NOT taken from the BytesToKey function */
380 EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
381
382 if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
383
384 buf[0]='\0';
385 PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
386 PEM_dek_info(buf,objstr,8,(char *)iv);
387 /* k=strlen(buf); */
388
389 EVP_EncryptInit(&ctx,enc,key,iv);
390 EVP_EncryptUpdate(&ctx,data,&j,data,i);
391 EVP_EncryptFinal(&ctx,&(data[j]),&i);
392 i+=j;
393 ret=1;
394 }
395 else
396 {
397 ret=1;
398 buf[0]='\0';
399 }
400 i=PEM_write_bio(bp,name,buf,data,i);
401 if (i <= 0) ret=0;
402err:
403 memset(key,0,sizeof(key));
404 memset(iv,0,sizeof(iv));
405 memset((char *)&ctx,0,sizeof(ctx));
406 memset(buf,0,PEM_BUFSIZE);
407 memset(data,0,(unsigned int)dsize);
408 OPENSSL_free(data);
409 return(ret);
410 }
411
412int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
413 pem_password_cb *callback,void *u)
414 {
415 int i,j,o,klen;
416 long len;
417 EVP_CIPHER_CTX ctx;
418 unsigned char key[EVP_MAX_KEY_LENGTH];
419 char buf[PEM_BUFSIZE];
420
421 len= *plen;
422
423 if (cipher->cipher == NULL) return(1);
424 if (callback == NULL)
425 klen=def_callback(buf,PEM_BUFSIZE,0,u);
426 else
427 klen=callback(buf,PEM_BUFSIZE,0,u);
428 if (klen <= 0)
429 {
430 PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
431 return(0);
432 }
433#ifdef CHARSET_EBCDIC
434 /* Convert the pass phrase from EBCDIC */
435 ebcdic2ascii(buf, buf, klen);
436#endif
437
438 EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
439 (unsigned char *)buf,klen,1,key,NULL);
440
441 j=(int)len;
442 EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
443 EVP_DecryptUpdate(&ctx,data,&i,data,j);
444 o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
445 EVP_CIPHER_CTX_cleanup(&ctx);
446 memset((char *)buf,0,sizeof(buf));
447 memset((char *)key,0,sizeof(key));
448 j+=i;
449 if (!o)
450 {
451 PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
452 return(0);
453 }
454 *plen=j;
455 return(1);
456 }
457
458int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
459 {
460 int o;
461 const EVP_CIPHER *enc=NULL;
462 char *p,c;
463
464 cipher->cipher=NULL;
465 if ((header == NULL) || (*header == '\0') || (*header == '\n'))
466 return(1);
467 if (strncmp(header,"Proc-Type: ",11) != 0)
468 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
469 header+=11;
470 if (*header != '4') return(0); header++;
471 if (*header != ',') return(0); header++;
472 if (strncmp(header,"ENCRYPTED",9) != 0)
473 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
474 for (; (*header != '\n') && (*header != '\0'); header++)
475 ;
476 if (*header == '\0')
477 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
478 header++;
479 if (strncmp(header,"DEK-Info: ",10) != 0)
480 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
481 header+=10;
482
483 p=header;
484 for (;;)
485 {
486 c= *header;
487#ifndef CHARSET_EBCDIC
488 if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
489 ((c >= '0') && (c <= '9'))))
490 break;
491#else
492 if (!( isupper(c) || (c == '-') ||
493 isdigit(c)))
494 break;
495#endif
496 header++;
497 }
498 *header='\0';
499 o=OBJ_sn2nid(p);
500 cipher->cipher=enc=EVP_get_cipherbyname(p);
501 *header=c;
502 header++;
503
504 if (enc == NULL)
505 {
506 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
507 return(0);
508 }
509 if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
510
511 return(1);
512 }
513
514static int load_iv(unsigned char **fromp, unsigned char *to, int num)
515 {
516 int v,i;
517 unsigned char *from;
518
519 from= *fromp;
520 for (i=0; i<num; i++) to[i]=0;
521 num*=2;
522 for (i=0; i<num; i++)
523 {
524 if ((*from >= '0') && (*from <= '9'))
525 v= *from-'0';
526 else if ((*from >= 'A') && (*from <= 'F'))
527 v= *from-'A'+10;
528 else if ((*from >= 'a') && (*from <= 'f'))
529 v= *from-'a'+10;
530 else
531 {
532 PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
533 return(0);
534 }
535 from++;
536 to[i/2]|=v<<(long)((!(i&1))*4);
537 }
538
539 *fromp=from;
540 return(1);
541 }
542
543#ifndef NO_FP_API
544int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
545 long len)
546 {
547 BIO *b;
548 int ret;
549
550 if ((b=BIO_new(BIO_s_file())) == NULL)
551 {
552 PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
553 return(0);
554 }
555 BIO_set_fp(b,fp,BIO_NOCLOSE);
556 ret=PEM_write_bio(b, name, header, data,len);
557 BIO_free(b);
558 return(ret);
559 }
560#endif
561
562int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
563 long len)
564 {
565 int nlen,n,i,j,outl;
566 unsigned char *buf;
567 EVP_ENCODE_CTX ctx;
568 int reason=ERR_R_BUF_LIB;
569
570 EVP_EncodeInit(&ctx);
571 nlen=strlen(name);
572
573 if ( (BIO_write(bp,"-----BEGIN ",11) != 11) ||
574 (BIO_write(bp,name,nlen) != nlen) ||
575 (BIO_write(bp,"-----\n",6) != 6))
576 goto err;
577
578 i=strlen(header);
579 if (i > 0)
580 {
581 if ( (BIO_write(bp,header,i) != i) ||
582 (BIO_write(bp,"\n",1) != 1))
583 goto err;
584 }
585
586 buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8);
587 if (buf == NULL)
588 {
589 reason=ERR_R_MALLOC_FAILURE;
590 goto err;
591 }
592
593 i=j=0;
594 while (len > 0)
595 {
596 n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
597 EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
598 if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
599 goto err;
600 i+=outl;
601 len-=n;
602 j+=n;
603 }
604 EVP_EncodeFinal(&ctx,buf,&outl);
605 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
606 OPENSSL_free(buf);
607 if ( (BIO_write(bp,"-----END ",9) != 9) ||
608 (BIO_write(bp,name,nlen) != nlen) ||
609 (BIO_write(bp,"-----\n",6) != 6))
610 goto err;
611 return(i+outl);
612err:
613 PEMerr(PEM_F_PEM_WRITE_BIO,reason);
614 return(0);
615 }
616
617#ifndef NO_FP_API
618int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
619 long *len)
620 {
621 BIO *b;
622 int ret;
623
624 if ((b=BIO_new(BIO_s_file())) == NULL)
625 {
626 PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
627 return(0);
628 }
629 BIO_set_fp(b,fp,BIO_NOCLOSE);
630 ret=PEM_read_bio(b, name, header, data,len);
631 BIO_free(b);
632 return(ret);
633 }
634#endif
635
636int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
637 long *len)
638 {
639 EVP_ENCODE_CTX ctx;
640 int end=0,i,k,bl=0,hl=0,nohead=0;
641 char buf[256];
642 BUF_MEM *nameB;
643 BUF_MEM *headerB;
644 BUF_MEM *dataB,*tmpB;
645
646 nameB=BUF_MEM_new();
647 headerB=BUF_MEM_new();
648 dataB=BUF_MEM_new();
649 if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
650 {
651 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
652 return(0);
653 }
654
655 buf[254]='\0';
656 for (;;)
657 {
658 i=BIO_gets(bp,buf,254);
659
660 if (i <= 0)
661 {
662 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
663 goto err;
664 }
665
666 while ((i >= 0) && (buf[i] <= ' ')) i--;
667 buf[++i]='\n'; buf[++i]='\0';
668
669 if (strncmp(buf,"-----BEGIN ",11) == 0)
670 {
671 i=strlen(&(buf[11]));
672
673 if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
674 continue;
675 if (!BUF_MEM_grow(nameB,i+9))
676 {
677 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
678 goto err;
679 }
680 memcpy(nameB->data,&(buf[11]),i-6);
681 nameB->data[i-6]='\0';
682 break;
683 }
684 }
685 hl=0;
686 if (!BUF_MEM_grow(headerB,256))
687 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
688 headerB->data[0]='\0';
689 for (;;)
690 {
691 i=BIO_gets(bp,buf,254);
692 if (i <= 0) break;
693
694 while ((i >= 0) && (buf[i] <= ' ')) i--;
695 buf[++i]='\n'; buf[++i]='\0';
696
697 if (buf[0] == '\n') break;
698 if (!BUF_MEM_grow(headerB,hl+i+9))
699 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
700 if (strncmp(buf,"-----END ",9) == 0)
701 {
702 nohead=1;
703 break;
704 }
705 memcpy(&(headerB->data[hl]),buf,i);
706 headerB->data[hl+i]='\0';
707 hl+=i;
708 }
709
710 bl=0;
711 if (!BUF_MEM_grow(dataB,1024))
712 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
713 dataB->data[0]='\0';
714 if (!nohead)
715 {
716 for (;;)
717 {
718 i=BIO_gets(bp,buf,254);
719 if (i <= 0) break;
720
721 while ((i >= 0) && (buf[i] <= ' ')) i--;
722 buf[++i]='\n'; buf[++i]='\0';
723
724 if (i != 65) end=1;
725 if (strncmp(buf,"-----END ",9) == 0)
726 break;
727 if (i > 65) break;
728 if (!BUF_MEM_grow(dataB,i+bl+9))
729 {
730 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
731 goto err;
732 }
733 memcpy(&(dataB->data[bl]),buf,i);
734 dataB->data[bl+i]='\0';
735 bl+=i;
736 if (end)
737 {
738 buf[0]='\0';
739 i=BIO_gets(bp,buf,254);
740 if (i <= 0) break;
741
742 while ((i >= 0) && (buf[i] <= ' ')) i--;
743 buf[++i]='\n'; buf[++i]='\0';
744
745 break;
746 }
747 }
748 }
749 else
750 {
751 tmpB=headerB;
752 headerB=dataB;
753 dataB=tmpB;
754 bl=hl;
755 }
756 i=strlen(nameB->data);
757 if ( (strncmp(buf,"-----END ",9) != 0) ||
758 (strncmp(nameB->data,&(buf[9]),i) != 0) ||
759 (strncmp(&(buf[9+i]),"-----\n",6) != 0))
760 {
761 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
762 goto err;
763 }
764
765 EVP_DecodeInit(&ctx);
766 i=EVP_DecodeUpdate(&ctx,
767 (unsigned char *)dataB->data,&bl,
768 (unsigned char *)dataB->data,bl);
769 if (i < 0)
770 {
771 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
772 goto err;
773 }
774 i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
775 if (i < 0)
776 {
777 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
778 goto err;
779 }
780 bl+=k;
781
782 if (bl == 0) goto err;
783 *name=nameB->data;
784 *header=headerB->data;
785 *data=(unsigned char *)dataB->data;
786 *len=bl;
787 OPENSSL_free(nameB);
788 OPENSSL_free(headerB);
789 OPENSSL_free(dataB);
790 return(1);
791err:
792 BUF_MEM_free(nameB);
793 BUF_MEM_free(headerB);
794 BUF_MEM_free(dataB);
795 return(0);
796 }
797
798/* These functions write a private key in PKCS#8 format: it is a "drop in"
799 * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
800 * is NULL then it uses the unencrypted private key form. The 'nid' versions
801 * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
802 */
803
804int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
805 char *kstr, int klen,
806 pem_password_cb *cb, void *u)
807{
808 return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
809}
810
811int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
812 char *kstr, int klen,
813 pem_password_cb *cb, void *u)
814{
815 return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
816}
817
818int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
819 char *kstr, int klen,
820 pem_password_cb *cb, void *u)
821{
822 return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
823}
824
825int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
826 char *kstr, int klen,
827 pem_password_cb *cb, void *u)
828{
829 return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
830}
831
832static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
833 char *kstr, int klen,
834 pem_password_cb *cb, void *u)
835{
836 X509_SIG *p8;
837 PKCS8_PRIV_KEY_INFO *p8inf;
838 char buf[PEM_BUFSIZE];
839 int ret;
840 if(!(p8inf = EVP_PKEY2PKCS8(x))) {
841 PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
842 PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
843 return 0;
844 }
845 if(enc || (nid != -1)) {
846 if(!kstr) {
847 if(!cb) klen = def_callback(buf, PEM_BUFSIZE, 1, u);
848 else klen = cb(buf, PEM_BUFSIZE, 1, u);
849 if(klen <= 0) {
850 PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
851 PEM_R_READ_KEY);
852 PKCS8_PRIV_KEY_INFO_free(p8inf);
853 return 0;
854 }
855
856 kstr = buf;
857 }
858 p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
859 if(kstr == buf) memset(buf, 0, klen);
860 PKCS8_PRIV_KEY_INFO_free(p8inf);
861 if(isder) ret = i2d_PKCS8_bio(bp, p8);
862 else ret = PEM_write_bio_PKCS8(bp, p8);
863 X509_SIG_free(p8);
864 return ret;
865 } else {
866 if(isder) ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
867 else ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
868 PKCS8_PRIV_KEY_INFO_free(p8inf);
869 return ret;
870 }
871}
872
873/* Finally the DER version to read PKCS#8 encrypted private keys. It has to be
874 * here to access the default callback.
875 */
876
877EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
878{
879 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
880 X509_SIG *p8 = NULL;
881 int klen;
882 EVP_PKEY *ret;
883 char psbuf[PEM_BUFSIZE];
884 p8 = d2i_PKCS8_bio(bp, NULL);
885 if(!p8) return NULL;
886 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
887 else klen=def_callback(psbuf,PEM_BUFSIZE,0,u);
888 if (klen <= 0) {
889 PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
890 X509_SIG_free(p8);
891 return NULL;
892 }
893 p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
894 X509_SIG_free(p8);
895 if(!p8inf) return NULL;
896 ret = EVP_PKCS82PKEY(p8inf);
897 PKCS8_PRIV_KEY_INFO_free(p8inf);
898 if(!ret) return NULL;
899 if(x) {
900 if(*x) EVP_PKEY_free(*x);
901 *x = ret;
902 }
903 return ret;
904}
905
906#ifndef NO_FP_API
907
908int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
909 char *kstr, int klen,
910 pem_password_cb *cb, void *u)
911{
912 return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
913}
914
915int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
916 char *kstr, int klen,
917 pem_password_cb *cb, void *u)
918{
919 return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
920}
921
922int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
923 char *kstr, int klen,
924 pem_password_cb *cb, void *u)
925{
926 return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
927}
928
929int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
930 char *kstr, int klen, pem_password_cb *cb, void *u)
931{
932 return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
933}
934
935static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
936 char *kstr, int klen,
937 pem_password_cb *cb, void *u)
938{
939 BIO *bp;
940 int ret;
941 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
942 PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB);
943 return(0);
944 }
945 ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
946 BIO_free(bp);
947 return ret;
948}
949
950EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
951{
952 BIO *bp;
953 EVP_PKEY *ret;
954 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
955 PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP,ERR_R_BUF_LIB);
956 return NULL;
957 }
958 ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
959 BIO_free(bp);
960 return ret;
961}
962
963#endif
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
deleted file mode 100644
index 2a6c513348..0000000000
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ /dev/null
@@ -1,184 +0,0 @@
1/* crypto/pem/pem_seal.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RSA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/rand.h>
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66#include <openssl/pem.h>
67
68int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
69 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
70 int npubk)
71 {
72 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int ret= -1;
74 int i,j,max=0;
75 char *s=NULL;
76
77 for (i=0; i<npubk; i++)
78 {
79 if (pubk[i]->type != EVP_PKEY_RSA)
80 {
81 PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
82 goto err;
83 }
84 j=RSA_size(pubk[i]->pkey.rsa);
85 if (j > max) max=j;
86 }
87 s=(char *)OPENSSL_malloc(max*2);
88 if (s == NULL)
89 {
90 PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
91 goto err;
92 }
93
94 EVP_EncodeInit(&(ctx->encode));
95 EVP_SignInit(&(ctx->md),md_type);
96
97 ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
98 if (!ret) goto err;
99
100 /* base64 encode the keys */
101 for (i=0; i<npubk; i++)
102 {
103 j=EVP_EncodeBlock((unsigned char *)s,ek[i],
104 RSA_size(pubk[i]->pkey.rsa));
105 ekl[i]=j;
106 memcpy(ek[i],s,j+1);
107 }
108
109 ret=npubk;
110err:
111 if (s != NULL) OPENSSL_free(s);
112 memset(key,0,EVP_MAX_KEY_LENGTH);
113 return(ret);
114 }
115
116void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
117 unsigned char *in, int inl)
118 {
119 unsigned char buffer[1600];
120 int i,j;
121
122 *outl=0;
123 EVP_SignUpdate(&(ctx->md),in,inl);
124 for (;;)
125 {
126 if (inl <= 0) break;
127 if (inl > 1200)
128 i=1200;
129 else
130 i=inl;
131 EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
132 EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
133 *outl+=j;
134 out+=j;
135 in+=i;
136 inl-=i;
137 }
138 }
139
140int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
141 unsigned char *out, int *outl, EVP_PKEY *priv)
142 {
143 unsigned char *s=NULL;
144 int ret=0,j;
145 unsigned int i;
146
147 if (priv->type != EVP_PKEY_RSA)
148 {
149 PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
150 goto err;
151 }
152 i=RSA_size(priv->pkey.rsa);
153 if (i < 100) i=100;
154 s=(unsigned char *)OPENSSL_malloc(i*2);
155 if (s == NULL)
156 {
157 PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
158 goto err;
159 }
160
161 EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
162 EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
163 *outl=j;
164 out+=j;
165 EVP_EncodeFinal(&(ctx->encode),out,&j);
166 *outl+=j;
167
168 if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
169 *sigl=EVP_EncodeBlock(sig,s,i);
170
171 ret=1;
172err:
173 memset((char *)&(ctx->md),0,sizeof(ctx->md));
174 memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
175 if (s != NULL) OPENSSL_free(s);
176 return(ret);
177 }
178#else /* !NO_RSA */
179
180# if PEDANTIC
181static void *dummy=&dummy;
182# endif
183
184#endif
diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c
deleted file mode 100644
index 42d598dd78..0000000000
--- a/src/lib/libcrypto/pem/pem_sign.c
+++ /dev/null
@@ -1,102 +0,0 @@
1/* crypto/pem/pem_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66
67void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
68 {
69 EVP_DigestInit(ctx,type);
70 }
71
72void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
73 unsigned int count)
74 {
75 EVP_DigestUpdate(ctx,data,count);
76 }
77
78int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
79 EVP_PKEY *pkey)
80 {
81 unsigned char *m;
82 int i,ret=0;
83 unsigned int m_len;
84
85 m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2);
86 if (m == NULL)
87 {
88 PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
89 goto err;
90 }
91
92 if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
93
94 i=EVP_EncodeBlock(sigret,m,m_len);
95 *siglen=i;
96 ret=1;
97err:
98 /* ctx has been zeroed by EVP_SignFinal() */
99 if (m != NULL) OPENSSL_free(m);
100 return(ret);
101 }
102
diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis
deleted file mode 100644
index be90c5d87f..0000000000
--- a/src/lib/libcrypto/pem/pkcs7.lis
+++ /dev/null
@@ -1,22 +0,0 @@
121 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE
2 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
3 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag
4 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE
5 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version
6 20 20:d=0 hl=2 l= 0 cons: univ: SET
7 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE
8 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
9 00 35:d=0 hl=2 l= 0 prim: univ: EOC
10 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag
11 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE
12 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE
13 00 1116:d=0 hl=2 l= 0 prim: univ: EOC
14 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag
15 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE
16 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE
17 00 2066:d=0 hl=2 l= 0 prim: univ: EOC
18 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers
19 00 2070:d=0 hl=2 l= 0 prim: univ: EOC
20 00 2072:d=0 hl=2 l= 0 prim: univ: EOC
21 00 2074:d=0 hl=2 l= 0 prim: univ: EOC
2200 2076:d=0 hl=2 l= 0 prim: univ: EOC
diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl
deleted file mode 100644
index 0145c4f0cc..0000000000
--- a/src/lib/libcrypto/perlasm/cbc.pl
+++ /dev/null
@@ -1,342 +0,0 @@
1#!/usr/local/bin/perl
2
3# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
4# des_cblock (*input);
5# des_cblock (*output);
6# long length;
7# des_key_schedule schedule;
8# des_cblock (*ivec);
9# int enc;
10#
11# calls
12# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
13#
14
15#&cbc("des_ncbc_encrypt","des_encrypt",0);
16#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
17# 1,4,5,3,5,-1);
18#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
19# 0,4,5,3,5,-1);
20#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
21# 0,6,7,3,4,5);
22#
23# When doing a cipher that needs bigendian order,
24# for encrypt, the iv is kept in bigendian form,
25# while for decrypt, it is kept in little endian.
26sub cbc
27 {
28 local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
29 # name is the function name
30 # enc_func and dec_func and the functions to call for encrypt/decrypt
31 # swap is true if byte order needs to be reversed
32 # iv_off is parameter number for the iv
33 # enc_off is parameter number for the encrypt/decrypt flag
34 # p1,p2,p3 are the offsets for parameters to be passed to the
35 # underlying calls.
36
37 &function_begin_B($name,"");
38 &comment("");
39
40 $in="esi";
41 $out="edi";
42 $count="ebp";
43
44 &push("ebp");
45 &push("ebx");
46 &push("esi");
47 &push("edi");
48
49 $data_off=4;
50 $data_off+=4 if ($p1 > 0);
51 $data_off+=4 if ($p2 > 0);
52 $data_off+=4 if ($p3 > 0);
53
54 &mov($count, &wparam(2)); # length
55
56 &comment("getting iv ptr from parameter $iv_off");
57 &mov("ebx", &wparam($iv_off)); # Get iv ptr
58
59 &mov($in, &DWP(0,"ebx","",0));# iv[0]
60 &mov($out, &DWP(4,"ebx","",0));# iv[1]
61
62 &push($out);
63 &push($in);
64 &push($out); # used in decrypt for iv[1]
65 &push($in); # used in decrypt for iv[0]
66
67 &mov("ebx", "esp"); # This is the address of tin[2]
68
69 &mov($in, &wparam(0)); # in
70 &mov($out, &wparam(1)); # out
71
72 # We have loaded them all, how lets push things
73 &comment("getting encrypt flag from parameter $enc_off");
74 &mov("ecx", &wparam($enc_off)); # Get enc flag
75 if ($p3 > 0)
76 {
77 &comment("get and push parameter $p3");
78 if ($enc_off != $p3)
79 { &mov("eax", &wparam($p3)); &push("eax"); }
80 else { &push("ecx"); }
81 }
82 if ($p2 > 0)
83 {
84 &comment("get and push parameter $p2");
85 if ($enc_off != $p2)
86 { &mov("eax", &wparam($p2)); &push("eax"); }
87 else { &push("ecx"); }
88 }
89 if ($p1 > 0)
90 {
91 &comment("get and push parameter $p1");
92 if ($enc_off != $p1)
93 { &mov("eax", &wparam($p1)); &push("eax"); }
94 else { &push("ecx"); }
95 }
96 &push("ebx"); # push data/iv
97
98 &cmp("ecx",0);
99 &jz(&label("decrypt"));
100
101 &and($count,0xfffffff8);
102 &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0]
103 &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1]
104
105 &jz(&label("encrypt_finish"));
106
107 #############################################################
108
109 &set_label("encrypt_loop");
110 # encrypt start
111 # "eax" and "ebx" hold iv (or the last cipher text)
112
113 &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes
114 &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes
115
116 &xor("eax", "ecx");
117 &xor("ebx", "edx");
118
119 &bswap("eax") if $swap;
120 &bswap("ebx") if $swap;
121
122 &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
123 &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
124
125 &call($enc_func);
126
127 &mov("eax", &DWP($data_off,"esp","",0));
128 &mov("ebx", &DWP($data_off+4,"esp","",0));
129
130 &bswap("eax") if $swap;
131 &bswap("ebx") if $swap;
132
133 &mov(&DWP(0,$out,"",0),"eax");
134 &mov(&DWP(4,$out,"",0),"ebx");
135
136 # eax and ebx are the next iv.
137
138 &add($in, 8);
139 &add($out, 8);
140
141 &sub($count, 8);
142 &jnz(&label("encrypt_loop"));
143
144###################################################################3
145 &set_label("encrypt_finish");
146 &mov($count, &wparam(2)); # length
147 &and($count, 7);
148 &jz(&label("finish"));
149 &xor("ecx","ecx");
150 &xor("edx","edx");
151 &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
152 &jmp_ptr($count);
153
154&set_label("ej7");
155 &xor("edx", "edx") if $ppro; # ppro friendly
156 &movb(&HB("edx"), &BP(6,$in,"",0));
157 &shl("edx",8);
158&set_label("ej6");
159 &movb(&HB("edx"), &BP(5,$in,"",0));
160&set_label("ej5");
161 &movb(&LB("edx"), &BP(4,$in,"",0));
162&set_label("ej4");
163 &mov("ecx", &DWP(0,$in,"",0));
164 &jmp(&label("ejend"));
165&set_label("ej3");
166 &movb(&HB("ecx"), &BP(2,$in,"",0));
167 &xor("ecx", "ecx") if $ppro; # ppro friendly
168 &shl("ecx",8);
169&set_label("ej2");
170 &movb(&HB("ecx"), &BP(1,$in,"",0));
171&set_label("ej1");
172 &movb(&LB("ecx"), &BP(0,$in,"",0));
173&set_label("ejend");
174
175 &xor("eax", "ecx");
176 &xor("ebx", "edx");
177
178 &bswap("eax") if $swap;
179 &bswap("ebx") if $swap;
180
181 &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
182 &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
183
184 &call($enc_func);
185
186 &mov("eax", &DWP($data_off,"esp","",0));
187 &mov("ebx", &DWP($data_off+4,"esp","",0));
188
189 &bswap("eax") if $swap;
190 &bswap("ebx") if $swap;
191
192 &mov(&DWP(0,$out,"",0),"eax");
193 &mov(&DWP(4,$out,"",0),"ebx");
194
195 &jmp(&label("finish"));
196
197 #############################################################
198 #############################################################
199 &set_label("decrypt",1);
200 # decrypt start
201 &and($count,0xfffffff8);
202 # The next 2 instructions are only for if the jz is taken
203 &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0]
204 &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1]
205 &jz(&label("decrypt_finish"));
206
207 &set_label("decrypt_loop");
208 &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes
209 &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes
210
211 &bswap("eax") if $swap;
212 &bswap("ebx") if $swap;
213
214 &mov(&DWP($data_off,"esp","",0), "eax"); # put back
215 &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
216
217 &call($dec_func);
218
219 &mov("eax", &DWP($data_off,"esp","",0)); # get return
220 &mov("ebx", &DWP($data_off+4,"esp","",0)); #
221
222 &bswap("eax") if $swap;
223 &bswap("ebx") if $swap;
224
225 &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0]
226 &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1]
227
228 &xor("ecx", "eax");
229 &xor("edx", "ebx");
230
231 &mov("eax", &DWP(0,$in,"",0)); # get old cipher text,
232 &mov("ebx", &DWP(4,$in,"",0)); # next iv actually
233
234 &mov(&DWP(0,$out,"",0),"ecx");
235 &mov(&DWP(4,$out,"",0),"edx");
236
237 &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv
238 &mov(&DWP($data_off+12,"esp","",0), "ebx"); #
239
240 &add($in, 8);
241 &add($out, 8);
242
243 &sub($count, 8);
244 &jnz(&label("decrypt_loop"));
245############################ ENDIT #######################3
246 &set_label("decrypt_finish");
247 &mov($count, &wparam(2)); # length
248 &and($count, 7);
249 &jz(&label("finish"));
250
251 &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes
252 &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes
253
254 &bswap("eax") if $swap;
255 &bswap("ebx") if $swap;
256
257 &mov(&DWP($data_off,"esp","",0), "eax"); # put back
258 &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
259
260 &call($dec_func);
261
262 &mov("eax", &DWP($data_off,"esp","",0)); # get return
263 &mov("ebx", &DWP($data_off+4,"esp","",0)); #
264
265 &bswap("eax") if $swap;
266 &bswap("ebx") if $swap;
267
268 &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0]
269 &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1]
270
271 &xor("ecx", "eax");
272 &xor("edx", "ebx");
273
274 # this is for when we exit
275 &mov("eax", &DWP(0,$in,"",0)); # get old cipher text,
276 &mov("ebx", &DWP(4,$in,"",0)); # next iv actually
277
278&set_label("dj7");
279 &rotr("edx", 16);
280 &movb(&BP(6,$out,"",0), &LB("edx"));
281 &shr("edx",16);
282&set_label("dj6");
283 &movb(&BP(5,$out,"",0), &HB("edx"));
284&set_label("dj5");
285 &movb(&BP(4,$out,"",0), &LB("edx"));
286&set_label("dj4");
287 &mov(&DWP(0,$out,"",0), "ecx");
288 &jmp(&label("djend"));
289&set_label("dj3");
290 &rotr("ecx", 16);
291 &movb(&BP(2,$out,"",0), &LB("ecx"));
292 &shl("ecx",16);
293&set_label("dj2");
294 &movb(&BP(1,$in,"",0), &HB("ecx"));
295&set_label("dj1");
296 &movb(&BP(0,$in,"",0), &LB("ecx"));
297&set_label("djend");
298
299 # final iv is still in eax:ebx
300 &jmp(&label("finish"));
301
302
303############################ FINISH #######################3
304 &set_label("finish",1);
305 &mov("ecx", &wparam($iv_off)); # Get iv ptr
306
307 #################################################
308 $total=16+4;
309 $total+=4 if ($p1 > 0);
310 $total+=4 if ($p2 > 0);
311 $total+=4 if ($p3 > 0);
312 &add("esp",$total);
313
314 &mov(&DWP(0,"ecx","",0), "eax"); # save iv
315 &mov(&DWP(4,"ecx","",0), "ebx"); # save iv
316
317 &function_end_A($name);
318
319 &set_label("cbc_enc_jmp_table",1);
320 &data_word("0");
321 &data_word(&label("ej1"));
322 &data_word(&label("ej2"));
323 &data_word(&label("ej3"));
324 &data_word(&label("ej4"));
325 &data_word(&label("ej5"));
326 &data_word(&label("ej6"));
327 &data_word(&label("ej7"));
328 &set_label("cbc_dec_jmp_table",1);
329 &data_word("0");
330 &data_word(&label("dj1"));
331 &data_word(&label("dj2"));
332 &data_word(&label("dj3"));
333 &data_word(&label("dj4"));
334 &data_word(&label("dj5"));
335 &data_word(&label("dj6"));
336 &data_word(&label("dj7"));
337
338 &function_end_B($name);
339
340 }
341
3421;
diff --git a/src/lib/libcrypto/perlasm/readme b/src/lib/libcrypto/perlasm/readme
deleted file mode 100644
index f02bbee75a..0000000000
--- a/src/lib/libcrypto/perlasm/readme
+++ /dev/null
@@ -1,124 +0,0 @@
1The perl scripts in this directory are my 'hack' to generate
2multiple different assembler formats via the one origional script.
3
4The way to use this library is to start with adding the path to this directory
5and then include it.
6
7push(@INC,"perlasm","../../perlasm");
8require "x86asm.pl";
9
10The first thing we do is setup the file and type of assember
11
12&asm_init($ARGV[0],$0);
13
14The first argument is the 'type'. Currently
15'cpp', 'sol', 'a.out', 'elf' or 'win32'.
16Argument 2 is the file name.
17
18The reciprocal function is
19&asm_finish() which should be called at the end.
20
21There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
22and x86unix.pl which is the unix (gas) version.
23
24Functions of interest are:
25&external_label("des_SPtrans"); declare and external variable
26&LB(reg); Low byte for a register
27&HB(reg); High byte for a register
28&BP(off,base,index,scale) Byte pointer addressing
29&DWP(off,base,index,scale) Word pointer addressing
30&stack_push(num) Basically a 'sub esp, num*4' with extra
31&stack_pop(num) inverse of stack_push
32&function_begin(name,extra) Start a function with pushing of
33 edi, esi, ebx and ebp. extra is extra win32
34 external info that may be required.
35&function_begin_B(name,extra) Same as norma function_begin but no pushing.
36&function_end(name) Call at end of function.
37&function_end_A(name) Standard pop and ret, for use inside functions
38&function_end_B(name) Call at end but with poping or 'ret'.
39&swtmp(num) Address on stack temp word.
40&wparam(num) Parameter number num, that was push
41 in C convention. This all works over pushes
42 and pops.
43&comment("hello there") Put in a comment.
44&label("loop") Refer to a label, normally a jmp target.
45&set_label("loop") Set a label at this point.
46&data_word(word) Put in a word of data.
47
48So how does this all hold together? Given
49
50int calc(int len, int *data)
51 {
52 int i,j=0;
53
54 for (i=0; i<len; i++)
55 {
56 j+=other(data[i]);
57 }
58 }
59
60So a very simple version of this function could be coded as
61
62 push(@INC,"perlasm","../../perlasm");
63 require "x86asm.pl";
64
65 &asm_init($ARGV[0],"cacl.pl");
66
67 &external_label("other");
68
69 $tmp1= "eax";
70 $j= "edi";
71 $data= "esi";
72 $i= "ebp";
73
74 &comment("a simple function");
75 &function_begin("calc");
76 &mov( $data, &wparam(1)); # data
77 &xor( $j, $j);
78 &xor( $i, $i);
79
80 &set_label("loop");
81 &cmp( $i, &wparam(0));
82 &jge( &label("end"));
83
84 &mov( $tmp1, &DWP(0,$data,$i,4));
85 &push( $tmp1);
86 &call( "other");
87 &add( $j, "eax");
88 &pop( $tmp1);
89 &inc( $i);
90 &jmp( &label("loop"));
91
92 &set_label("end");
93 &mov( "eax", $j);
94
95 &function_end("calc");
96
97 &asm_finish();
98
99The above example is very very unoptimised but gives an idea of how
100things work.
101
102There is also a cbc mode function generator in cbc.pl
103
104&cbc( $name,
105 $encrypt_function_name,
106 $decrypt_function_name,
107 $true_if_byte_swap_needed,
108 $parameter_number_for_iv,
109 $parameter_number_for_encrypt_flag,
110 $first_parameter_to_pass,
111 $second_parameter_to_pass,
112 $third_parameter_to_pass);
113
114So for example, given
115void BF_encrypt(BF_LONG *data,BF_KEY *key);
116void BF_decrypt(BF_LONG *data,BF_KEY *key);
117void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
118 BF_KEY *ks, unsigned char *iv, int enc);
119
120&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
121
122&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
123&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
124
diff --git a/src/lib/libcrypto/perlasm/x86asm.pl b/src/lib/libcrypto/perlasm/x86asm.pl
deleted file mode 100644
index 81c6e64e87..0000000000
--- a/src/lib/libcrypto/perlasm/x86asm.pl
+++ /dev/null
@@ -1,118 +0,0 @@
1#!/usr/local/bin/perl
2
3# require 'x86asm.pl';
4# &asm_init("cpp","des-586.pl");
5# XXX
6# XXX
7# main'asm_finish
8
9sub main'asm_finish
10 {
11 &file_end();
12 &asm_finish_cpp() if $cpp;
13 print &asm_get_output();
14 }
15
16sub main'asm_init
17 {
18 ($type,$fn,$i386)=@_;
19 $filename=$fn;
20
21 $cpp=$sol=$aout=$win32=$gaswin=0;
22 if ( ($type eq "elf"))
23 { require "x86unix.pl"; }
24 elsif ( ($type eq "a.out"))
25 { $aout=1; require "x86unix.pl"; }
26 elsif ( ($type eq "gaswin"))
27 { $gaswin=1; $aout=1; require "x86unix.pl"; }
28 elsif ( ($type eq "sol"))
29 { $sol=1; require "x86unix.pl"; }
30 elsif ( ($type eq "cpp"))
31 { $cpp=1; require "x86unix.pl"; }
32 elsif ( ($type eq "win32"))
33 { $win32=1; require "x86ms.pl"; }
34 elsif ( ($type eq "win32n"))
35 { $win32=1; require "x86nasm.pl"; }
36 else
37 {
38 print STDERR <<"EOF";
39Pick one target type from
40 elf - linux, FreeBSD etc
41 a.out - old linux
42 sol - x86 solaris
43 cpp - format so x86unix.cpp can be used
44 win32 - Windows 95/Windows NT
45 win32n - Windows 95/Windows NT NASM format
46EOF
47 exit(1);
48 }
49
50 &asm_init_output();
51
52&comment("Don't even think of reading this code");
53&comment("It was automatically generated by $filename");
54&comment("Which is a perl program used to generate the x86 assember for");
55&comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris");
56&comment("eric <eay\@cryptsoft.com>");
57&comment("");
58
59 $filename =~ s/\.pl$//;
60 &file($filename);
61 }
62
63sub asm_finish_cpp
64 {
65 return unless $cpp;
66
67 local($tmp,$i);
68 foreach $i (&get_labels())
69 {
70 $tmp.="#define $i _$i\n";
71 }
72 print <<"EOF";
73/* Run the C pre-processor over this file with one of the following defined
74 * ELF - elf object files,
75 * OUT - a.out object files,
76 * BSDI - BSDI style a.out object files
77 * SOL - Solaris style elf
78 */
79
80#define TYPE(a,b) .type a,b
81#define SIZE(a,b) .size a,b
82
83#if defined(OUT) || (defined(BSDI) && !defined(ELF))
84$tmp
85#endif
86
87#ifdef OUT
88#define OK 1
89#define ALIGN 4
90#endif
91
92#if defined(BSDI) && !defined(ELF)
93#define OK 1
94#define ALIGN 4
95#undef SIZE
96#undef TYPE
97#define SIZE(a,b)
98#define TYPE(a,b)
99#endif
100
101#if defined(ELF) || defined(SOL)
102#define OK 1
103#define ALIGN 16
104#endif
105
106#ifndef OK
107You need to define one of
108ELF - elf systems - linux-elf, NetBSD and DG-UX
109OUT - a.out systems - linux-a.out and FreeBSD
110SOL - solaris systems, which are elf with strange comment lines
111BSDI - a.out with a very primative version of as.
112#endif
113
114/* Let the Assembler begin :-) */
115EOF
116 }
117
1181;
diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c
deleted file mode 100644
index b563656895..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_add.c
+++ /dev/null
@@ -1,218 +0,0 @@
1/* p12_add.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* Pack an object into an OCTET STRING and turn into a safebag */
64
65PKCS12_SAFEBAG *PKCS12_pack_safebag (char *obj, int (*i2d)(), int nid1,
66 int nid2)
67{
68 PKCS12_BAGS *bag;
69 PKCS12_SAFEBAG *safebag;
70 if (!(bag = PKCS12_BAGS_new ())) {
71 PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
72 return NULL;
73 }
74 bag->type = OBJ_nid2obj(nid1);
75 if (!ASN1_pack_string(obj, i2d, &bag->value.octet)) {
76 PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
77 return NULL;
78 }
79 if (!(safebag = PKCS12_SAFEBAG_new ())) {
80 PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
81 return NULL;
82 }
83 safebag->value.bag = bag;
84 safebag->type = OBJ_nid2obj(nid2);
85 return safebag;
86}
87
88/* Turn PKCS8 object into a keybag */
89
90PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG (PKCS8_PRIV_KEY_INFO *p8)
91{
92 PKCS12_SAFEBAG *bag;
93 if (!(bag = PKCS12_SAFEBAG_new())) {
94 PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE);
95 return NULL;
96 }
97 bag->type = OBJ_nid2obj(NID_keyBag);
98 bag->value.keybag = p8;
99 return bag;
100}
101
102/* Turn PKCS8 object into a shrouded keybag */
103
104PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG (int pbe_nid, const char *pass,
105 int passlen, unsigned char *salt, int saltlen, int iter,
106 PKCS8_PRIV_KEY_INFO *p8)
107{
108 PKCS12_SAFEBAG *bag;
109
110 /* Set up the safe bag */
111 if (!(bag = PKCS12_SAFEBAG_new ())) {
112 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
113 return NULL;
114 }
115
116 bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
117 if (!(bag->value.shkeybag =
118 PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter,
119 p8))) {
120 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
121 return NULL;
122 }
123
124 return bag;
125}
126
127/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
128PKCS7 *PKCS12_pack_p7data (STACK_OF(PKCS12_SAFEBAG) *sk)
129{
130 PKCS7 *p7;
131 if (!(p7 = PKCS7_new())) {
132 PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
133 return NULL;
134 }
135 p7->type = OBJ_nid2obj(NID_pkcs7_data);
136 if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
137 PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
138 return NULL;
139 }
140
141 if (!ASN1_seq_pack_PKCS12_SAFEBAG(sk, i2d_PKCS12_SAFEBAG,
142 &p7->d.data->data,
143 &p7->d.data->length)) {
144 PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
145 return NULL;
146 }
147 return p7;
148}
149
150/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
151
152PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen,
153 unsigned char *salt, int saltlen, int iter,
154 STACK_OF(PKCS12_SAFEBAG) *bags)
155{
156 PKCS7 *p7;
157 X509_ALGOR *pbe;
158 if (!(p7 = PKCS7_new())) {
159 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
160 return NULL;
161 }
162 if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
163 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
164 PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
165 return NULL;
166 }
167 if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
168 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
169 return NULL;
170 }
171 X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
172 p7->d.encrypted->enc_data->algorithm = pbe;
173 M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
174 if (!(p7->d.encrypted->enc_data->enc_data =
175 PKCS12_i2d_encrypt (pbe, i2d_PKCS12_SAFEBAG, pass, passlen,
176 (char *)bags, 1))) {
177 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
178 return NULL;
179 }
180
181 return p7;
182}
183
184X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
185 const char *pass, int passlen,
186 unsigned char *salt, int saltlen, int iter,
187 PKCS8_PRIV_KEY_INFO *p8inf)
188{
189 X509_SIG *p8;
190 X509_ALGOR *pbe;
191
192 if (!(p8 = X509_SIG_new())) {
193 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
194 goto err;
195 }
196
197 if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
198 else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
199 if(!pbe) {
200 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
201 goto err;
202 }
203 X509_ALGOR_free(p8->algor);
204 p8->algor = pbe;
205 M_ASN1_OCTET_STRING_free(p8->digest);
206 if (!(p8->digest =
207 PKCS12_i2d_encrypt (pbe, i2d_PKCS8_PRIV_KEY_INFO, pass, passlen,
208 (char *)p8inf, 0))) {
209 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
210 goto err;
211 }
212
213 return p8;
214
215 err:
216 X509_SIG_free(p8);
217 return NULL;
218}
diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c
deleted file mode 100644
index a16a97d03d..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_attr.c
+++ /dev/null
@@ -1,238 +0,0 @@
1/* p12_attr.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* Add a local keyid to a safebag */
64
65int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name,
66 int namelen)
67{
68 X509_ATTRIBUTE *attrib;
69 ASN1_BMPSTRING *oct;
70 ASN1_TYPE *keyid;
71 if (!(keyid = ASN1_TYPE_new ())) {
72 PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
73 return 0;
74 }
75 keyid->type = V_ASN1_OCTET_STRING;
76 if (!(oct = M_ASN1_OCTET_STRING_new())) {
77 PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
78 return 0;
79 }
80 if (!M_ASN1_OCTET_STRING_set(oct, name, namelen)) {
81 PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
82 return 0;
83 }
84 keyid->value.octet_string = oct;
85 if (!(attrib = X509_ATTRIBUTE_new ())) {
86 PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
87 return 0;
88 }
89 attrib->object = OBJ_nid2obj(NID_localKeyID);
90 if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
91 PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
92 return 0;
93 }
94 sk_ASN1_TYPE_push (attrib->value.set,keyid);
95 attrib->set = 1;
96 if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
97 PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
98 return 0;
99 }
100 sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
101 return 1;
102}
103
104/* Add key usage to PKCS#8 structure */
105
106int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage)
107{
108 X509_ATTRIBUTE *attrib;
109 ASN1_BIT_STRING *bstr;
110 ASN1_TYPE *keyid;
111 unsigned char us_val;
112 us_val = (unsigned char) usage;
113 if (!(keyid = ASN1_TYPE_new ())) {
114 PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
115 return 0;
116 }
117 keyid->type = V_ASN1_BIT_STRING;
118 if (!(bstr = M_ASN1_BIT_STRING_new())) {
119 PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
120 return 0;
121 }
122 if (!M_ASN1_BIT_STRING_set(bstr, &us_val, 1)) {
123 PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
124 return 0;
125 }
126 keyid->value.bit_string = bstr;
127 if (!(attrib = X509_ATTRIBUTE_new ())) {
128 PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
129 return 0;
130 }
131 attrib->object = OBJ_nid2obj(NID_key_usage);
132 if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
133 PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
134 return 0;
135 }
136 sk_ASN1_TYPE_push (attrib->value.set,keyid);
137 attrib->set = 1;
138 if (!p8->attributes
139 && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) {
140 PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
141 return 0;
142 }
143 sk_X509_ATTRIBUTE_push (p8->attributes, attrib);
144 return 1;
145}
146
147/* Add a friendlyname to a safebag */
148
149int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
150 int namelen)
151{
152 unsigned char *uniname;
153 int ret, unilen;
154 if (!asc2uni(name, namelen, &uniname, &unilen)) {
155 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
156 ERR_R_MALLOC_FAILURE);
157 return 0;
158 }
159 ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen);
160 OPENSSL_free(uniname);
161 return ret;
162}
163
164
165int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag,
166 const unsigned char *name, int namelen)
167{
168 X509_ATTRIBUTE *attrib;
169 ASN1_BMPSTRING *bmp;
170 ASN1_TYPE *fname;
171 /* Zap ending double null if included */
172 if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2;
173 if (!(fname = ASN1_TYPE_new ())) {
174 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
175 ERR_R_MALLOC_FAILURE);
176 return 0;
177 }
178 fname->type = V_ASN1_BMPSTRING;
179 if (!(bmp = M_ASN1_BMPSTRING_new())) {
180 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
181 ERR_R_MALLOC_FAILURE);
182 return 0;
183 }
184 if (!(bmp->data = OPENSSL_malloc (namelen))) {
185 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
186 ERR_R_MALLOC_FAILURE);
187 return 0;
188 }
189 memcpy (bmp->data, name, namelen);
190 bmp->length = namelen;
191 fname->value.bmpstring = bmp;
192 if (!(attrib = X509_ATTRIBUTE_new ())) {
193 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
194 ERR_R_MALLOC_FAILURE);
195 return 0;
196 }
197 attrib->object = OBJ_nid2obj(NID_friendlyName);
198 if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
199 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME,
200 ERR_R_MALLOC_FAILURE);
201 return 0;
202 }
203 sk_ASN1_TYPE_push (attrib->value.set,fname);
204 attrib->set = 1;
205 if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
206 PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
207 ERR_R_MALLOC_FAILURE);
208 return 0;
209 }
210 sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
211 return PKCS12_OK;
212}
213
214ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
215{
216 X509_ATTRIBUTE *attrib;
217 int i;
218 if (!attrs) return NULL;
219 for (i = 0; i < sk_X509_ATTRIBUTE_num (attrs); i++) {
220 attrib = sk_X509_ATTRIBUTE_value (attrs, i);
221 if (OBJ_obj2nid (attrib->object) == attr_nid) {
222 if (sk_ASN1_TYPE_num (attrib->value.set))
223 return sk_ASN1_TYPE_value(attrib->value.set, 0);
224 else return NULL;
225 }
226 }
227 return NULL;
228}
229
230char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
231{
232 ASN1_TYPE *atype;
233 if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL;
234 if (atype->type != V_ASN1_BMPSTRING) return NULL;
235 return uni2asc(atype->value.bmpstring->data,
236 atype->value.bmpstring->length);
237}
238
diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c
deleted file mode 100644
index 7b96584f07..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_crpt.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* p12_crpt.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* PKCS#12 specific PBE functions */
64
65void PKCS12_PBE_add(void)
66{
67#ifndef NO_RC4
68EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(),
69 PKCS12_PBE_keyivgen);
70EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(),
71 PKCS12_PBE_keyivgen);
72#endif
73#ifndef NO_DES
74EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
75 EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
76EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
77 EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
78#endif
79#ifndef NO_RC2
80EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(),
81 EVP_sha1(), PKCS12_PBE_keyivgen);
82EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
83 EVP_sha1(), PKCS12_PBE_keyivgen);
84#endif
85}
86
87int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
88 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, int en_de)
89{
90 PBEPARAM *pbe;
91 int saltlen, iter;
92 unsigned char *salt, *pbuf;
93 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
94
95 /* Extract useful info from parameter */
96 pbuf = param->value.sequence->data;
97 if (!param || (param->type != V_ASN1_SEQUENCE) ||
98 !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
99 EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
100 return 0;
101 }
102
103 if (!pbe->iter) iter = 1;
104 else iter = ASN1_INTEGER_get (pbe->iter);
105 salt = pbe->salt->data;
106 saltlen = pbe->salt->length;
107 if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,
108 iter, EVP_CIPHER_key_length(cipher), key, md)) {
109 PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR);
110 PBEPARAM_free(pbe);
111 return 0;
112 }
113 if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID,
114 iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
115 PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR);
116 PBEPARAM_free(pbe);
117 return 0;
118 }
119 PBEPARAM_free(pbe);
120 EVP_CipherInit(ctx, cipher, key, iv, en_de);
121 memset(key, 0, EVP_MAX_KEY_LENGTH);
122 memset(iv, 0, EVP_MAX_IV_LENGTH);
123 return 1;
124}
diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c
deleted file mode 100644
index a8f7b48882..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_crt.c
+++ /dev/null
@@ -1,164 +0,0 @@
1/* p12_crt.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
64 STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
65 int keytype)
66{
67 PKCS12 *p12;
68 STACK_OF(PKCS12_SAFEBAG) *bags;
69 STACK_OF(PKCS7) *safes;
70 PKCS12_SAFEBAG *bag;
71 PKCS8_PRIV_KEY_INFO *p8;
72 PKCS7 *authsafe;
73 X509 *tcert;
74 int i;
75 unsigned char keyid[EVP_MAX_MD_SIZE];
76 unsigned int keyidlen;
77
78 /* Set defaults */
79 if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
80 if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
81 if(!iter) iter = PKCS12_DEFAULT_ITER;
82 if(!mac_iter) mac_iter = 1;
83
84 if(!pkey || !cert) {
85 PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT);
86 return NULL;
87 }
88
89 if(!X509_check_private_key(cert, pkey)) return NULL;
90
91 if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) {
92 PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
93 return NULL;
94 }
95
96 /* Add user certificate */
97 if(!(bag = M_PKCS12_x5092certbag(cert))) return NULL;
98 if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL;
99 X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
100 if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL;
101
102 if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
103 PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
104 return NULL;
105 }
106
107 /* Add all other certificates */
108 if(ca) {
109 for(i = 0; i < sk_X509_num(ca); i++) {
110 tcert = sk_X509_value(ca, i);
111 if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL;
112 if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
113 PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
114 return NULL;
115 }
116 }
117 }
118
119 /* Turn certbags into encrypted authsafe */
120 authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0,
121 iter, bags);
122 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
123
124 if (!authsafe) return NULL;
125
126 if(!(safes = sk_PKCS7_new_null ())
127 || !sk_PKCS7_push(safes, authsafe)) {
128 PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
129 return NULL;
130 }
131
132 /* Make a shrouded key bag */
133 if(!(p8 = EVP_PKEY2PKCS8 (pkey))) return NULL;
134 if(keytype && !PKCS8_add_keyusage(p8, keytype)) return NULL;
135 bag = PKCS12_MAKE_SHKEYBAG (nid_key, pass, -1, NULL, 0, iter, p8);
136 if(!bag) return NULL;
137 PKCS8_PRIV_KEY_INFO_free(p8);
138 if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL;
139 if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL;
140 if(!(bags = sk_PKCS12_SAFEBAG_new_null())
141 || !sk_PKCS12_SAFEBAG_push (bags, bag)) {
142 PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
143 return NULL;
144 }
145 /* Turn it into unencrypted safe bag */
146 if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL;
147 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
148 if(!sk_PKCS7_push(safes, authsafe)) {
149 PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
150 return NULL;
151 }
152
153 if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL;
154
155 if(!M_PKCS12_pack_authsafes (p12, safes)) return NULL;
156
157 sk_PKCS7_pop_free(safes, PKCS7_free);
158
159 if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL))
160 return NULL;
161
162 return p12;
163
164}
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c
deleted file mode 100644
index 8cd7e2f414..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_decr.c
+++ /dev/null
@@ -1,187 +0,0 @@
1/* p12_decr.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* Define this to dump decrypted output to files called DERnnn */
64/*#define DEBUG_DECRYPT*/
65
66
67/* Encrypt/Decrypt a buffer based on password and algor, result in a
68 * OPENSSL_malloc'ed buffer
69 */
70
71unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass,
72 int passlen, unsigned char *in, int inlen, unsigned char **data,
73 int *datalen, int en_de)
74{
75 unsigned char *out;
76 int outlen, i;
77 EVP_CIPHER_CTX ctx;
78
79 /* Decrypt data */
80 if (!EVP_PBE_CipherInit (algor->algorithm, pass, passlen,
81 algor->parameter, &ctx, en_de)) {
82 PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
83 return NULL;
84 }
85
86 if(!(out = OPENSSL_malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
87 PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE);
88 return NULL;
89 }
90
91 EVP_CipherUpdate (&ctx, out, &i, in, inlen);
92 outlen = i;
93 if(!EVP_CipherFinal (&ctx, out + i, &i)) {
94 OPENSSL_free (out);
95 PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
96 return NULL;
97 }
98 outlen += i;
99 if (datalen) *datalen = outlen;
100 if (data) *data = out;
101 return out;
102
103}
104
105/* Decrypt an OCTET STRING and decode ASN1 structure
106 * if seq & 1 'obj' is a stack of structures to be encoded
107 * if seq & 2 zero buffer after use
108 * as a sequence.
109 */
110
111char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(),
112 void (*free_func)(void *), const char *pass, int passlen,
113 ASN1_OCTET_STRING *oct, int seq)
114{
115 unsigned char *out, *p;
116 char *ret;
117 int outlen;
118
119 if (!PKCS12_pbe_crypt (algor, pass, passlen, oct->data, oct->length,
120 &out, &outlen, 0)) {
121 PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
122 return NULL;
123 }
124 p = out;
125#ifdef DEBUG_DECRYPT
126 {
127 FILE *op;
128
129 char fname[30];
130 static int fnm = 1;
131 sprintf(fname, "DER%d", fnm++);
132 op = fopen(fname, "wb");
133 fwrite (p, 1, outlen, op);
134 fclose(op);
135 }
136#endif
137 if (seq & 1) ret = (char *) d2i_ASN1_SET(NULL, &p, outlen, d2i,
138 free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
139 else ret = d2i(NULL, &p, outlen);
140 if (seq & 2) memset(out, 0, outlen);
141 if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR);
142 OPENSSL_free (out);
143 return ret;
144}
145
146/* Encode ASN1 structure and encrypt, return OCTET STRING
147 * if 'seq' is non-zero 'obj' is a stack of structures to be encoded
148 * as a sequence
149 */
150
151ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(),
152 const char *pass, int passlen,
153 char *obj, int seq)
154{
155 ASN1_OCTET_STRING *oct;
156 unsigned char *in, *p;
157 int inlen;
158 if (!(oct = M_ASN1_OCTET_STRING_new ())) {
159 PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
160 return NULL;
161 }
162 if (seq) inlen = i2d_ASN1_SET((STACK *)obj, NULL, i2d, V_ASN1_SEQUENCE,
163 V_ASN1_UNIVERSAL, IS_SEQUENCE);
164 else inlen = i2d (obj, NULL);
165 if (!inlen) {
166 PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR);
167 return NULL;
168 }
169 if (!(in = OPENSSL_malloc (inlen))) {
170 PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
171 return NULL;
172 }
173 p = in;
174 if (seq) i2d_ASN1_SET((STACK *)obj, &p, i2d, V_ASN1_SEQUENCE,
175 V_ASN1_UNIVERSAL, IS_SEQUENCE);
176 else i2d (obj, &p);
177 if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data,
178 &oct->length, 1)) {
179 PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR);
180 OPENSSL_free(in);
181 return NULL;
182 }
183 OPENSSL_free (in);
184 return oct;
185}
186
187IMPLEMENT_PKCS12_STACK_OF(PKCS7)
diff --git a/src/lib/libcrypto/pkcs12/p12_init.c b/src/lib/libcrypto/pkcs12/p12_init.c
deleted file mode 100644
index d5d4884c82..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_init.c
+++ /dev/null
@@ -1,98 +0,0 @@
1/* p12_init.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* Initialise a PKCS12 structure to take data */
64
65PKCS12 *PKCS12_init (int mode)
66{
67 PKCS12 *pkcs12;
68 if (!(pkcs12 = PKCS12_new())) {
69 PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
70 return NULL;
71 }
72 if (!(pkcs12->version = M_ASN1_INTEGER_new ())) {
73 PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
74 return NULL;
75 }
76 ASN1_INTEGER_set(pkcs12->version, 3);
77 if (!(pkcs12->authsafes = PKCS7_new())) {
78 PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
79 return NULL;
80 }
81 pkcs12->authsafes->type = OBJ_nid2obj(mode);
82 switch (mode) {
83 case NID_pkcs7_data:
84 if (!(pkcs12->authsafes->d.data =
85 M_ASN1_OCTET_STRING_new())) {
86 PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
87 return NULL;
88 }
89 break;
90 default:
91 PKCS12err(PKCS12_F_PKCS12_INIT,PKCS12_R_UNSUPPORTED_PKCS12_MODE);
92 PKCS12_free(pkcs12);
93 return NULL;
94 break;
95 }
96
97 return pkcs12;
98}
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c
deleted file mode 100644
index a4fd5b98ec..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_key.c
+++ /dev/null
@@ -1,204 +0,0 @@
1/* p12_key.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63
64/* Uncomment out this line to get debugging info about key generation */
65/*#define DEBUG_KEYGEN*/
66#ifdef DEBUG_KEYGEN
67#include <openssl/bio.h>
68extern BIO *bio_err;
69void h__dump (unsigned char *p, int len);
70#endif
71
72/* PKCS12 compatible key/IV generation */
73#ifndef min
74#define min(a,b) ((a) < (b) ? (a) : (b))
75#endif
76
77int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
78 int saltlen, int id, int iter, int n, unsigned char *out,
79 const EVP_MD *md_type)
80{
81 int ret;
82 unsigned char *unipass;
83 int uniplen;
84 if(!pass) {
85 unipass = NULL;
86 uniplen = 0;
87 } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
88 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
89 return 0;
90 }
91 ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
92 id, iter, n, out, md_type);
93 if(unipass) {
94 memset(unipass, 0, uniplen); /* Clear password from memory */
95 OPENSSL_free(unipass);
96 }
97 return ret;
98}
99
100int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
101 int saltlen, int id, int iter, int n, unsigned char *out,
102 const EVP_MD *md_type)
103{
104 unsigned char *B, *D, *I, *p, *Ai;
105 int Slen, Plen, Ilen, Ijlen;
106 int i, j, u, v;
107 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
108 EVP_MD_CTX ctx;
109#ifdef DEBUG_KEYGEN
110 unsigned char *tmpout = out;
111 int tmpn = n;
112#endif
113
114#if 0
115 if (!pass) {
116 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER);
117 return 0;
118 }
119#endif
120
121#ifdef DEBUG_KEYGEN
122 fprintf(stderr, "KEYGEN DEBUG\n");
123 fprintf(stderr, "ID %d, ITER %d\n", id, iter);
124 fprintf(stderr, "Password (length %d):\n", passlen);
125 h__dump(pass, passlen);
126 fprintf(stderr, "Salt (length %d):\n", saltlen);
127 h__dump(salt, saltlen);
128#endif
129 v = EVP_MD_block_size (md_type);
130 u = EVP_MD_size (md_type);
131 D = OPENSSL_malloc (v);
132 Ai = OPENSSL_malloc (u);
133 B = OPENSSL_malloc (v + 1);
134 Slen = v * ((saltlen+v-1)/v);
135 if(passlen) Plen = v * ((passlen+v-1)/v);
136 else Plen = 0;
137 Ilen = Slen + Plen;
138 I = OPENSSL_malloc (Ilen);
139 Ij = BN_new();
140 Bpl1 = BN_new();
141 if (!D || !Ai || !B || !I || !Ij || !Bpl1) {
142 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);
143 return 0;
144 }
145 for (i = 0; i < v; i++) D[i] = id;
146 p = I;
147 for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
148 for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
149 for (;;) {
150 EVP_DigestInit (&ctx, md_type);
151 EVP_DigestUpdate (&ctx, D, v);
152 EVP_DigestUpdate (&ctx, I, Ilen);
153 EVP_DigestFinal (&ctx, Ai, NULL);
154 for (j = 1; j < iter; j++) {
155 EVP_DigestInit (&ctx, md_type);
156 EVP_DigestUpdate (&ctx, Ai, u);
157 EVP_DigestFinal (&ctx, Ai, NULL);
158 }
159 memcpy (out, Ai, min (n, u));
160 if (u >= n) {
161 OPENSSL_free (Ai);
162 OPENSSL_free (B);
163 OPENSSL_free (D);
164 OPENSSL_free (I);
165 BN_free (Ij);
166 BN_free (Bpl1);
167#ifdef DEBUG_KEYGEN
168 fprintf(stderr, "Output KEY (length %d)\n", tmpn);
169 h__dump(tmpout, tmpn);
170#endif
171 return 1;
172 }
173 n -= u;
174 out += u;
175 for (j = 0; j < v; j++) B[j] = Ai[j % u];
176 /* Work out B + 1 first then can use B as tmp space */
177 BN_bin2bn (B, v, Bpl1);
178 BN_add_word (Bpl1, 1);
179 for (j = 0; j < Ilen ; j+=v) {
180 BN_bin2bn (I + j, v, Ij);
181 BN_add (Ij, Ij, Bpl1);
182 BN_bn2bin (Ij, B);
183 Ijlen = BN_num_bytes (Ij);
184 /* If more than 2^(v*8) - 1 cut off MSB */
185 if (Ijlen > v) {
186 BN_bn2bin (Ij, B);
187 memcpy (I + j, B + 1, v);
188#ifndef PKCS12_BROKEN_KEYGEN
189 /* If less than v bytes pad with zeroes */
190 } else if (Ijlen < v) {
191 memset(I + j, 0, v - Ijlen);
192 BN_bn2bin(Ij, I + j + v - Ijlen);
193#endif
194 } else BN_bn2bin (Ij, I + j);
195 }
196 }
197}
198#ifdef DEBUG_KEYGEN
199void h__dump (unsigned char *p, int len)
200{
201 for (; len --; p++) fprintf(stderr, "%02X", *p);
202 fprintf(stderr, "\n");
203}
204#endif
diff --git a/src/lib/libcrypto/pkcs12/p12_kiss.c b/src/lib/libcrypto/pkcs12/p12_kiss.c
deleted file mode 100644
index 5d67f19b45..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_kiss.c
+++ /dev/null
@@ -1,285 +0,0 @@
1/* p12_kiss.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* Simplified PKCS#12 routines */
64
65static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
66 EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
67
68static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
69 int passlen, EVP_PKEY **pkey, X509 **cert,
70 STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
71 char *keymatch);
72
73static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
74 EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
75 ASN1_OCTET_STRING **keyid, char *keymatch);
76
77/* Parse and decrypt a PKCS#12 structure returning user key, user cert
78 * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
79 * or it should point to a valid STACK structure. pkey and cert can be
80 * passed unitialised.
81 */
82
83int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
84 STACK_OF(X509) **ca)
85{
86
87 /* Check for NULL PKCS12 structure */
88
89 if(!p12) {
90 PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
91 return 0;
92 }
93
94 /* Allocate stack for ca certificates if needed */
95 if ((ca != NULL) && (*ca == NULL)) {
96 if (!(*ca = sk_X509_new_null())) {
97 PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
98 return 0;
99 }
100 }
101
102 if(pkey) *pkey = NULL;
103 if(cert) *cert = NULL;
104
105 /* Check the mac */
106
107 /* If password is zero length or NULL then try verifying both cases
108 * to determine which password is correct. The reason for this is that
109 * under PKCS#12 password based encryption no password and a zero length
110 * password are two different things...
111 */
112
113 if(!pass || !*pass) {
114 if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL;
115 else if(PKCS12_verify_mac(p12, "", 0)) pass = "";
116 else {
117 PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
118 goto err;
119 }
120 } else if (!PKCS12_verify_mac(p12, pass, -1)) {
121 PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
122 goto err;
123 }
124
125 if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
126 {
127 PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR);
128 goto err;
129 }
130
131 return 1;
132
133 err:
134
135 if (pkey && *pkey) EVP_PKEY_free(*pkey);
136 if (cert && *cert) X509_free(*cert);
137 if (ca) sk_X509_pop_free(*ca, X509_free);
138 return 0;
139
140}
141
142/* Parse the outer PKCS#12 structure */
143
144static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
145 EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
146{
147 STACK_OF(PKCS7) *asafes;
148 STACK_OF(PKCS12_SAFEBAG) *bags;
149 int i, bagnid;
150 PKCS7 *p7;
151 ASN1_OCTET_STRING *keyid = NULL;
152
153 char keymatch = 0;
154 if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0;
155 for (i = 0; i < sk_PKCS7_num (asafes); i++) {
156 p7 = sk_PKCS7_value (asafes, i);
157 bagnid = OBJ_obj2nid (p7->type);
158 if (bagnid == NID_pkcs7_data) {
159 bags = M_PKCS12_unpack_p7data(p7);
160 } else if (bagnid == NID_pkcs7_encrypted) {
161 bags = M_PKCS12_unpack_p7encdata(p7, pass, passlen);
162 } else continue;
163 if (!bags) {
164 sk_PKCS7_pop_free(asafes, PKCS7_free);
165 return 0;
166 }
167 if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
168 &keyid, &keymatch)) {
169 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
170 sk_PKCS7_pop_free(asafes, PKCS7_free);
171 return 0;
172 }
173 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
174 }
175 sk_PKCS7_pop_free(asafes, PKCS7_free);
176 if (keyid) M_ASN1_OCTET_STRING_free(keyid);
177 return 1;
178}
179
180
181static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
182 int passlen, EVP_PKEY **pkey, X509 **cert,
183 STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
184 char *keymatch)
185{
186 int i;
187 for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
188 if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
189 pass, passlen, pkey, cert, ca, keyid,
190 keymatch)) return 0;
191 }
192 return 1;
193}
194
195#define MATCH_KEY 0x1
196#define MATCH_CERT 0x2
197#define MATCH_ALL 0x3
198
199static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
200 EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
201 ASN1_OCTET_STRING **keyid,
202 char *keymatch)
203{
204 PKCS8_PRIV_KEY_INFO *p8;
205 X509 *x509;
206 ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
207 ASN1_TYPE *attrib;
208 ASN1_BMPSTRING *fname = NULL;
209
210 if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
211 fname = attrib->value.bmpstring;
212
213 if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
214 lkey = attrib->value.octet_string;
215 ckid = lkey;
216 }
217
218 /* Check for any local key id matching (if needed) */
219 if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
220 if (*keyid) {
221 if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
222 } else {
223 if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
224 PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE);
225 return 0;
226 }
227 }
228 }
229
230 switch (M_PKCS12_bag_type(bag))
231 {
232 case NID_keyBag:
233 if (!lkey || !pkey) return 1;
234 if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0;
235 *keymatch |= MATCH_KEY;
236 break;
237
238 case NID_pkcs8ShroudedKeyBag:
239 if (!lkey || !pkey) return 1;
240 if (!(p8 = M_PKCS12_decrypt_skey(bag, pass, passlen)))
241 return 0;
242 *pkey = EVP_PKCS82PKEY(p8);
243 PKCS8_PRIV_KEY_INFO_free(p8);
244 if (!(*pkey)) return 0;
245 *keymatch |= MATCH_KEY;
246 break;
247
248 case NID_certBag:
249 if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
250 return 1;
251 if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0;
252 if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length);
253 if(fname) {
254 int len;
255 unsigned char *data;
256 len = ASN1_STRING_to_UTF8(&data, fname);
257 if(len > 0) {
258 X509_alias_set1(x509, data, len);
259 OPENSSL_free(data);
260 }
261 }
262
263
264 if (lkey) {
265 *keymatch |= MATCH_CERT;
266 if (cert) *cert = x509;
267 else X509_free(x509);
268 } else {
269 if(ca) sk_X509_push (*ca, x509);
270 else X509_free(x509);
271 }
272 break;
273
274 case NID_safeContentsBag:
275 return parse_bags(bag->value.safes, pass, passlen,
276 pkey, cert, ca, keyid, keymatch);
277 break;
278
279 default:
280 return 1;
281 break;
282 }
283 return 1;
284}
285
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c
deleted file mode 100644
index 13d866da51..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_mutl.c
+++ /dev/null
@@ -1,170 +0,0 @@
1/* p12_mutl.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef NO_HMAC
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/hmac.h>
63#include <openssl/rand.h>
64#include <openssl/pkcs12.h>
65
66/* Generate a MAC */
67int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
68 unsigned char *mac, unsigned int *maclen)
69{
70 const EVP_MD *md_type;
71 HMAC_CTX hmac;
72 unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
73 int saltlen, iter;
74 salt = p12->mac->salt->data;
75 saltlen = p12->mac->salt->length;
76 if (!p12->mac->iter) iter = 1;
77 else iter = ASN1_INTEGER_get (p12->mac->iter);
78 if(!(md_type =
79 EVP_get_digestbyobj (p12->mac->dinfo->algor->algorithm))) {
80 PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
81 return 0;
82 }
83 if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
84 PKCS12_MAC_KEY_LENGTH, key, md_type)) {
85 PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);
86 return 0;
87 }
88 HMAC_Init (&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type);
89 HMAC_Update (&hmac, p12->authsafes->d.data->data,
90 p12->authsafes->d.data->length);
91 HMAC_Final (&hmac, mac, maclen);
92 return 1;
93}
94
95/* Verify the mac */
96int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen)
97{
98 unsigned char mac[EVP_MAX_MD_SIZE];
99 unsigned int maclen;
100 if(p12->mac == NULL) {
101 PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT);
102 return 0;
103 }
104 if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
105 PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR);
106 return 0;
107 }
108 if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
109 || memcmp (mac, p12->mac->dinfo->digest->data, maclen)) return 0;
110 return 1;
111}
112
113/* Set a mac */
114
115int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen,
116 unsigned char *salt, int saltlen, int iter, EVP_MD *md_type)
117{
118 unsigned char mac[EVP_MAX_MD_SIZE];
119 unsigned int maclen;
120
121 if (!md_type) md_type = EVP_sha1();
122 if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) ==
123 PKCS12_ERROR) {
124 PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_SETUP_ERROR);
125 return 0;
126 }
127 if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
128 PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_GENERATION_ERROR);
129 return 0;
130 }
131 if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) {
132 PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_STRING_SET_ERROR);
133 return 0;
134 }
135 return 1;
136}
137
138/* Set up a mac structure */
139int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
140 EVP_MD *md_type)
141{
142 if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR;
143 if (iter > 1) {
144 if(!(p12->mac->iter = M_ASN1_INTEGER_new())) {
145 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
146 return 0;
147 }
148 ASN1_INTEGER_set(p12->mac->iter, iter);
149 }
150 if (!saltlen) saltlen = PKCS12_SALT_LEN;
151 p12->mac->salt->length = saltlen;
152 if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) {
153 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
154 return 0;
155 }
156 if (!salt) {
157 if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0)
158 return 0;
159 }
160 else memcpy (p12->mac->salt->data, salt, saltlen);
161 p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
162 if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
163 PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
164 return 0;
165 }
166 p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
167
168 return 1;
169}
170#endif
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c
deleted file mode 100644
index 84e31a7f21..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_npas.c
+++ /dev/null
@@ -1,217 +0,0 @@
1/* p12_npas.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <openssl/pem.h>
63#include <openssl/err.h>
64#include <openssl/pkcs12.h>
65
66/* PKCS#12 password change routine */
67
68static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
69static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
70 char *newpass);
71static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
72static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
73
74/*
75 * Change the password on a PKCS#12 structure.
76 */
77
78int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
79{
80
81/* Check for NULL PKCS12 structure */
82
83if(!p12) {
84 PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
85 return 0;
86}
87
88/* Check the mac */
89
90if (!PKCS12_verify_mac(p12, oldpass, -1)) {
91 PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE);
92 return 0;
93}
94
95if (!newpass_p12(p12, oldpass, newpass)) {
96 PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR);
97 return 0;
98}
99
100return 1;
101
102}
103
104/* Parse the outer PKCS#12 structure */
105
106static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
107{
108 STACK_OF(PKCS7) *asafes, *newsafes;
109 STACK_OF(PKCS12_SAFEBAG) *bags;
110 int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen;
111 PKCS7 *p7, *p7new;
112 ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
113 unsigned char mac[EVP_MAX_MD_SIZE];
114 unsigned int maclen;
115
116 if (!(asafes = M_PKCS12_unpack_authsafes(p12))) return 0;
117 if(!(newsafes = sk_PKCS7_new_null())) return 0;
118 for (i = 0; i < sk_PKCS7_num (asafes); i++) {
119 p7 = sk_PKCS7_value(asafes, i);
120 bagnid = OBJ_obj2nid(p7->type);
121 if (bagnid == NID_pkcs7_data) {
122 bags = M_PKCS12_unpack_p7data(p7);
123 } else if (bagnid == NID_pkcs7_encrypted) {
124 bags = M_PKCS12_unpack_p7encdata(p7, oldpass, -1);
125 alg_get(p7->d.encrypted->enc_data->algorithm,
126 &pbe_nid, &pbe_iter, &pbe_saltlen);
127 } else continue;
128 if (!bags) {
129 sk_PKCS7_pop_free(asafes, PKCS7_free);
130 return 0;
131 }
132 if (!newpass_bags(bags, oldpass, newpass)) {
133 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
134 sk_PKCS7_pop_free(asafes, PKCS7_free);
135 return 0;
136 }
137 /* Repack bag in same form with new password */
138 if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags);
139 else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
140 pbe_saltlen, pbe_iter, bags);
141 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
142 if(!p7new) {
143 sk_PKCS7_pop_free(asafes, PKCS7_free);
144 return 0;
145 }
146 sk_PKCS7_push(newsafes, p7new);
147 }
148 sk_PKCS7_pop_free(asafes, PKCS7_free);
149
150 /* Repack safe: save old safe in case of error */
151
152 p12_data_tmp = p12->authsafes->d.data;
153 if(!(p12->authsafes->d.data = ASN1_OCTET_STRING_new())) goto saferr;
154 if(!M_PKCS12_pack_authsafes(p12, newsafes)) goto saferr;
155
156 if(!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen)) goto saferr;
157 if(!(macnew = ASN1_OCTET_STRING_new())) goto saferr;
158 if(!ASN1_OCTET_STRING_set(macnew, mac, maclen)) goto saferr;
159 ASN1_OCTET_STRING_free(p12->mac->dinfo->digest);
160 p12->mac->dinfo->digest = macnew;
161 ASN1_OCTET_STRING_free(p12_data_tmp);
162
163 return 1;
164
165 saferr:
166 /* Restore old safe */
167 ASN1_OCTET_STRING_free(p12->authsafes->d.data);
168 ASN1_OCTET_STRING_free(macnew);
169 p12->authsafes->d.data = p12_data_tmp;
170 return 0;
171
172}
173
174
175static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
176 char *newpass)
177{
178 int i;
179 for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
180 if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i),
181 oldpass, newpass))
182 return 0;
183 }
184 return 1;
185}
186
187/* Change password of safebag: only needs handle shrouded keybags */
188
189static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
190{
191 PKCS8_PRIV_KEY_INFO *p8;
192 X509_SIG *p8new;
193 int p8_nid, p8_saltlen, p8_iter;
194
195 if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1;
196
197 if (!(p8 = M_PKCS12_decrypt_skey(bag, oldpass, -1))) return 0;
198 alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen);
199 if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
200 p8_iter, p8))) return 0;
201 X509_SIG_free(bag->value.shkeybag);
202 bag->value.shkeybag = p8new;
203 return 1;
204}
205
206static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
207{
208 PBEPARAM *pbe;
209 unsigned char *p;
210 p = alg->parameter->value.sequence->data;
211 pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
212 *pnid = OBJ_obj2nid(alg->algorithm);
213 *piter = ASN1_INTEGER_get(pbe->iter);
214 *psaltlen = pbe->salt->length;
215 PBEPARAM_free(pbe);
216 return 0;
217}
diff --git a/src/lib/libcrypto/pkcs12/p12_utl.c b/src/lib/libcrypto/pkcs12/p12_utl.c
deleted file mode 100644
index 2f1d1e534f..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_utl.c
+++ /dev/null
@@ -1,122 +0,0 @@
1/* p12_utl.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/pkcs12.h>
62
63/* Cheap and nasty Unicode stuff */
64
65unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
66{
67 int ulen, i;
68 unsigned char *unitmp;
69 if (asclen == -1) asclen = strlen(asc);
70 ulen = asclen*2 + 2;
71 if (!(unitmp = OPENSSL_malloc(ulen))) return NULL;
72 for (i = 0; i < ulen - 2; i+=2) {
73 unitmp[i] = 0;
74 unitmp[i + 1] = asc[i>>1];
75 }
76 /* Make result double null terminated */
77 unitmp[ulen - 2] = 0;
78 unitmp[ulen - 1] = 0;
79 if (unilen) *unilen = ulen;
80 if (uni) *uni = unitmp;
81 return unitmp;
82}
83
84char *uni2asc(unsigned char *uni, int unilen)
85{
86 int asclen, i;
87 char *asctmp;
88 asclen = unilen / 2;
89 /* If no terminating zero allow for one */
90 if (!unilen || uni[unilen - 1]) asclen++;
91 uni++;
92 if (!(asctmp = OPENSSL_malloc(asclen))) return NULL;
93 for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i];
94 asctmp[asclen - 1] = 0;
95 return asctmp;
96}
97
98int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
99{
100 return ASN1_i2d_bio((int(*)())i2d_PKCS12, bp, (unsigned char *)p12);
101}
102
103#ifndef NO_FP_API
104int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
105{
106 return ASN1_i2d_fp((int(*)())i2d_PKCS12, fp, (unsigned char *)p12);
107}
108#endif
109
110PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
111{
112 return (PKCS12 *)ASN1_d2i_bio((char *(*)())PKCS12_new,
113 (char *(*)())d2i_PKCS12, bp, (unsigned char **)p12);
114}
115#ifndef NO_FP_API
116PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
117{
118 return (PKCS12 *)ASN1_d2i_fp((char *(*)())PKCS12_new,
119 (char *(*)())d2i_PKCS12, fp, (unsigned char **)(p12));
120}
121#endif
122
diff --git a/src/lib/libcrypto/pkcs12/pk12err.c b/src/lib/libcrypto/pkcs12/pk12err.c
deleted file mode 100644
index 12db54f49e..0000000000
--- a/src/lib/libcrypto/pkcs12/pk12err.c
+++ /dev/null
@@ -1,139 +0,0 @@
1/* crypto/pkcs12/pk12err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/pkcs12.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA PKCS12_str_functs[]=
68 {
69{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0), "PARSE_BAGS"},
70{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0), "PKCS12_ADD_FRIENDLYNAME"},
71{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0), "PKCS12_add_friendlyname_asc"},
72{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0), "PKCS12_add_friendlyname_uni"},
73{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0), "PKCS12_add_localkeyid"},
74{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0), "PKCS12_create"},
75{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0), "PKCS12_decrypt_d2i"},
76{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0), "PKCS12_gen_mac"},
77{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0), "PKCS12_i2d_encrypt"},
78{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0), "PKCS12_init"},
79{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0), "PKCS12_key_gen_asc"},
80{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0), "PKCS12_key_gen_uni"},
81{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0), "PKCS12_MAKE_KEYBAG"},
82{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0), "PKCS12_MAKE_SHKEYBAG"},
83{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0), "PKCS12_newpass"},
84{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0), "PKCS12_pack_p7data"},
85{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0), "PKCS12_pack_p7encdata"},
86{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0), "PKCS12_pack_safebag"},
87{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0), "PKCS12_parse"},
88{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0), "PKCS12_pbe_crypt"},
89{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0), "PKCS12_PBE_keyivgen"},
90{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0), "PKCS12_setup_mac"},
91{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0), "PKCS12_set_mac"},
92{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0), "PKCS8_add_keyusage"},
93{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0), "PKCS8_encrypt"},
94{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0), "VERIFY_MAC"},
95{0,NULL}
96 };
97
98static ERR_STRING_DATA PKCS12_str_reasons[]=
99 {
100{PKCS12_R_CANT_PACK_STRUCTURE ,"cant pack structure"},
101{PKCS12_R_DECODE_ERROR ,"decode error"},
102{PKCS12_R_ENCODE_ERROR ,"encode error"},
103{PKCS12_R_ENCRYPT_ERROR ,"encrypt error"},
104{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
105{PKCS12_R_INVALID_NULL_ARGUMENT ,"invalid null argument"},
106{PKCS12_R_INVALID_NULL_PKCS12_POINTER ,"invalid null pkcs12 pointer"},
107{PKCS12_R_IV_GEN_ERROR ,"iv gen error"},
108{PKCS12_R_KEY_GEN_ERROR ,"key gen error"},
109{PKCS12_R_MAC_ABSENT ,"mac absent"},
110{PKCS12_R_MAC_GENERATION_ERROR ,"mac generation error"},
111{PKCS12_R_MAC_SETUP_ERROR ,"mac setup error"},
112{PKCS12_R_MAC_STRING_SET_ERROR ,"mac string set error"},
113{PKCS12_R_MAC_VERIFY_ERROR ,"mac verify error"},
114{PKCS12_R_MAC_VERIFY_FAILURE ,"mac verify failure"},
115{PKCS12_R_PARSE_ERROR ,"parse error"},
116{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR ,"pkcs12 algor cipherinit error"},
117{PKCS12_R_PKCS12_CIPHERFINAL_ERROR ,"pkcs12 cipherfinal error"},
118{PKCS12_R_PKCS12_PBE_CRYPT_ERROR ,"pkcs12 pbe crypt error"},
119{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM ,"unknown digest algorithm"},
120{PKCS12_R_UNSUPPORTED_PKCS12_MODE ,"unsupported pkcs12 mode"},
121{0,NULL}
122 };
123
124#endif
125
126void ERR_load_PKCS12_strings(void)
127 {
128 static int init=1;
129
130 if (init)
131 {
132 init=0;
133#ifndef NO_ERR
134 ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs);
135 ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons);
136#endif
137
138 }
139 }
diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h
deleted file mode 100644
index e529154f26..0000000000
--- a/src/lib/libcrypto/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,345 +0,0 @@
1/* pkcs12.h */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_PKCS12_H
60#define HEADER_PKCS12_H
61
62#include <openssl/bio.h>
63#include <openssl/x509.h>
64
65#ifdef __cplusplus
66extern "C" {
67#endif
68
69#define PKCS12_KEY_ID 1
70#define PKCS12_IV_ID 2
71#define PKCS12_MAC_ID 3
72
73/* Default iteration count */
74#ifndef PKCS12_DEFAULT_ITER
75#define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
76#endif
77
78#define PKCS12_MAC_KEY_LENGTH 20
79
80#define PKCS12_SALT_LEN 8
81
82/* Uncomment out next line for unicode password and names, otherwise ASCII */
83
84/*#define PBE_UNICODE*/
85
86#ifdef PBE_UNICODE
87#define PKCS12_key_gen PKCS12_key_gen_uni
88#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
89#else
90#define PKCS12_key_gen PKCS12_key_gen_asc
91#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
92#endif
93
94/* MS key usage constants */
95
96#define KEY_EX 0x10
97#define KEY_SIG 0x80
98
99typedef struct {
100X509_SIG *dinfo;
101ASN1_OCTET_STRING *salt;
102ASN1_INTEGER *iter; /* defaults to 1 */
103} PKCS12_MAC_DATA;
104
105typedef struct {
106ASN1_INTEGER *version;
107PKCS12_MAC_DATA *mac;
108PKCS7 *authsafes;
109} PKCS12;
110
111PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
112
113typedef struct {
114ASN1_OBJECT *type;
115union {
116 struct pkcs12_bag_st *bag; /* secret, crl and certbag */
117 struct pkcs8_priv_key_info_st *keybag; /* keybag */
118 X509_SIG *shkeybag; /* shrouded key bag */
119 STACK_OF(PKCS12_SAFEBAG) *safes;
120 ASN1_TYPE *other;
121}value;
122STACK_OF(X509_ATTRIBUTE) *attrib;
123ASN1_TYPE *rest;
124} PKCS12_SAFEBAG;
125
126DECLARE_STACK_OF(PKCS12_SAFEBAG)
127DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
128DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
129
130typedef struct pkcs12_bag_st {
131ASN1_OBJECT *type;
132union {
133 ASN1_OCTET_STRING *x509cert;
134 ASN1_OCTET_STRING *x509crl;
135 ASN1_OCTET_STRING *octet;
136 ASN1_IA5STRING *sdsicert;
137 ASN1_TYPE *other; /* Secret or other bag */
138}value;
139} PKCS12_BAGS;
140
141#define PKCS12_ERROR 0
142#define PKCS12_OK 1
143
144#define M_PKCS12_bag_type(bag) OBJ_obj2nid(bag->type)
145#define M_PKCS12_cert_bag_type(bag) OBJ_obj2nid(bag->value.bag->type)
146#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
147
148#define M_PKCS12_x5092certbag(x509) \
149PKCS12_pack_safebag((char *)(x509), i2d_X509, NID_x509Certificate, NID_certBag)
150
151#define M_PKCS12_x509crl2certbag(crl) \
152PKCS12_pack_safebag((char *)(crl), i2d_X509CRL, NID_x509Crl, NID_crlBag)
153
154#define M_PKCS12_certbag2x509(bg) \
155(X509 *) ASN1_unpack_string((bg)->value.bag->value.octet, \
156(char *(*)())d2i_X509)
157
158#define M_PKCS12_certbag2x509crl(bg) \
159(X509CRL *) ASN1_unpack_string((bg)->value.bag->value.octet, \
160(char *(*)())d2i_X509CRL)
161
162/*#define M_PKCS12_pkcs82rsa(p8) \
163(RSA *) ASN1_unpack_string((p8)->pkey, (char *(*)())d2i_RSAPrivateKey)*/
164
165#define M_PKCS12_unpack_p7data(p7) \
166ASN1_seq_unpack_PKCS12_SAFEBAG((p7)->d.data->data, p7->d.data->length, \
167 d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free)
168
169#define M_PKCS12_pack_authsafes(p12, safes) \
170ASN1_seq_pack_PKCS7((safes), i2d_PKCS7,\
171 &(p12)->authsafes->d.data->data, &(p12)->authsafes->d.data->length)
172
173#define M_PKCS12_unpack_authsafes(p12) \
174ASN1_seq_unpack_PKCS7((p12)->authsafes->d.data->data, \
175 (p12)->authsafes->d.data->length, d2i_PKCS7, PKCS7_free)
176
177#define M_PKCS12_unpack_p7encdata(p7, pass, passlen) \
178PKCS12_decrypt_d2i_PKCS12_SAFEBAG((p7)->d.encrypted->enc_data->algorithm,\
179 d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, \
180 (pass), (passlen), \
181 (p7)->d.encrypted->enc_data->enc_data, 3)
182
183#define M_PKCS12_decrypt_skey(bag, pass, passlen) \
184(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((bag)->value.shkeybag->algor, \
185(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free, \
186 (pass), (passlen), \
187 (bag)->value.shkeybag->digest, 2)
188
189#define M_PKCS8_decrypt(p8, pass, passlen) \
190(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((p8)->algor, \
191(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free,\
192 (pass), (passlen), (p8)->digest, 2)
193
194#define PKCS12_get_attr(bag, attr_nid) \
195 PKCS12_get_attr_gen(bag->attrib, attr_nid)
196
197#define PKCS8_get_attr(p8, attr_nid) \
198 PKCS12_get_attr_gen(p8->attributes, attr_nid)
199
200#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
201
202
203PKCS12_SAFEBAG *PKCS12_pack_safebag(char *obj, int (*i2d)(), int nid1, int nid2);
204PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
205X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
206 const char *pass, int passlen,
207 unsigned char *salt, int saltlen, int iter,
208 PKCS8_PRIV_KEY_INFO *p8);
209PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
210 int passlen, unsigned char *salt,
211 int saltlen, int iter,
212 PKCS8_PRIV_KEY_INFO *p8);
213PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
214PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
215 unsigned char *salt, int saltlen, int iter,
216 STACK_OF(PKCS12_SAFEBAG) *bags);
217int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
218int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
219 int namelen);
220int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
221 int namelen);
222int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
223ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
224char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
225unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
226 int passlen, unsigned char *in, int inlen,
227 unsigned char **data, int *datalen, int en_de);
228char *PKCS12_decrypt_d2i(X509_ALGOR *algor, char *(*d2i)(),
229 void (*free_func)(void *), const char *pass, int passlen,
230 ASN1_STRING *oct, int seq);
231ASN1_STRING *PKCS12_i2d_encrypt(X509_ALGOR *algor, int (*i2d)(),
232 const char *pass, int passlen, char *obj,
233 int seq);
234PKCS12 *PKCS12_init(int mode);
235int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
236 int saltlen, int id, int iter, int n,
237 unsigned char *out, const EVP_MD *md_type);
238int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type);
239int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
240 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md_type,
241 int en_de);
242int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
243 unsigned char *mac, unsigned int *maclen);
244int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
245int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
246 unsigned char *salt, int saltlen, int iter,
247 EVP_MD *md_type);
248int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
249 int saltlen, EVP_MD *md_type);
250unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
251char *uni2asc(unsigned char *uni, int unilen);
252int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp);
253PKCS12_BAGS *PKCS12_BAGS_new(void);
254PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp, long length);
255void PKCS12_BAGS_free(PKCS12_BAGS *a);
256int i2d_PKCS12(PKCS12 *a, unsigned char **pp);
257PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length);
258PKCS12 *PKCS12_new(void);
259void PKCS12_free(PKCS12 *a);
260int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp);
261PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void);
262PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp,
263 long length);
264void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a);
265int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp);
266PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void);
267PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp,
268 long length);
269void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a);
270void ERR_load_PKCS12_strings(void);
271void PKCS12_PBE_add(void);
272int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
273 STACK_OF(X509) **ca);
274PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
275 STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
276 int mac_iter, int keytype);
277int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
278int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
279PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
280PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
281int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
282
283/* BEGIN ERROR CODES */
284/* The following lines are auto generated by the script mkerr.pl. Any changes
285 * made after this point may be overwritten when the script is next run.
286 */
287
288/* Error codes for the PKCS12 functions. */
289
290/* Function codes. */
291#define PKCS12_F_PARSE_BAGS 103
292#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
293#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
294#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
295#define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
296#define PKCS12_F_PKCS12_CREATE 105
297#define PKCS12_F_PKCS12_DECRYPT_D2I 106
298#define PKCS12_F_PKCS12_GEN_MAC 107
299#define PKCS12_F_PKCS12_I2D_ENCRYPT 108
300#define PKCS12_F_PKCS12_INIT 109
301#define PKCS12_F_PKCS12_KEY_GEN_ASC 110
302#define PKCS12_F_PKCS12_KEY_GEN_UNI 111
303#define PKCS12_F_PKCS12_MAKE_KEYBAG 112
304#define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
305#define PKCS12_F_PKCS12_NEWPASS 128
306#define PKCS12_F_PKCS12_PACK_P7DATA 114
307#define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
308#define PKCS12_F_PKCS12_PACK_SAFEBAG 117
309#define PKCS12_F_PKCS12_PARSE 118
310#define PKCS12_F_PKCS12_PBE_CRYPT 119
311#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
312#define PKCS12_F_PKCS12_SETUP_MAC 122
313#define PKCS12_F_PKCS12_SET_MAC 123
314#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
315#define PKCS12_F_PKCS8_ENCRYPT 125
316#define PKCS12_F_VERIFY_MAC 126
317
318/* Reason codes. */
319#define PKCS12_R_CANT_PACK_STRUCTURE 100
320#define PKCS12_R_DECODE_ERROR 101
321#define PKCS12_R_ENCODE_ERROR 102
322#define PKCS12_R_ENCRYPT_ERROR 103
323#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
324#define PKCS12_R_INVALID_NULL_ARGUMENT 104
325#define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
326#define PKCS12_R_IV_GEN_ERROR 106
327#define PKCS12_R_KEY_GEN_ERROR 107
328#define PKCS12_R_MAC_ABSENT 108
329#define PKCS12_R_MAC_GENERATION_ERROR 109
330#define PKCS12_R_MAC_SETUP_ERROR 110
331#define PKCS12_R_MAC_STRING_SET_ERROR 111
332#define PKCS12_R_MAC_VERIFY_ERROR 112
333#define PKCS12_R_MAC_VERIFY_FAILURE 113
334#define PKCS12_R_PARSE_ERROR 114
335#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
336#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
337#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
338#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
339#define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
340
341#ifdef __cplusplus
342}
343#endif
344#endif
345
diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c
deleted file mode 100644
index 6ae264cbf9..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_attr.c
+++ /dev/null
@@ -1,89 +0,0 @@
1/* pk7_attr.c */
2/* S/MIME code.
3 * Copyright (C) 1997-8 Dr S N Henson (shenson@bigfoot.com)
4 * All Rights Reserved.
5 * Redistribution of this code without the authors permission is expressly
6 * prohibited.
7 */
8
9#include <stdio.h>
10#include <stdlib.h>
11#include <openssl/bio.h>
12#include <openssl/asn1.h>
13#include <openssl/pem.h>
14#include <openssl/pkcs7.h>
15#include <openssl/x509.h>
16#include <openssl/err.h>
17
18int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
19{
20 ASN1_STRING *seq;
21 unsigned char *p, *pp;
22 int len;
23 len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR,
24 V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL,
25 IS_SEQUENCE);
26 if(!(pp=(unsigned char *)OPENSSL_malloc(len))) {
27 PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
28 return 0;
29 }
30 p=pp;
31 i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE,
32 V_ASN1_UNIVERSAL, IS_SEQUENCE);
33 if(!(seq = ASN1_STRING_new())) {
34 PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
35 return 0;
36 }
37 if(!ASN1_STRING_set (seq, pp, len)) {
38 PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
39 return 0;
40 }
41 OPENSSL_free (pp);
42 return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
43 V_ASN1_SEQUENCE, seq);
44}
45
46STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
47{
48 ASN1_TYPE *cap;
49 unsigned char *p;
50 cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
51 if (!cap) return NULL;
52 p = cap->value.sequence->data;
53 return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
54 cap->value.sequence->length,
55 d2i_X509_ALGOR, X509_ALGOR_free,
56 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
57}
58
59/* Basic smime-capabilities OID and optional integer arg */
60int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
61{
62 X509_ALGOR *alg;
63
64 if(!(alg = X509_ALGOR_new())) {
65 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
66 return 0;
67 }
68 ASN1_OBJECT_free(alg->algorithm);
69 alg->algorithm = OBJ_nid2obj (nid);
70 if (arg > 0) {
71 ASN1_INTEGER *nbit;
72 if(!(alg->parameter = ASN1_TYPE_new())) {
73 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
74 return 0;
75 }
76 if(!(nbit = ASN1_INTEGER_new())) {
77 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
78 return 0;
79 }
80 if(!ASN1_INTEGER_set (nbit, arg)) {
81 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
82 return 0;
83 }
84 alg->parameter->value.integer = nbit;
85 alg->parameter->type = V_ASN1_INTEGER;
86 }
87 sk_X509_ALGOR_push (sk, alg);
88 return 1;
89}
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
deleted file mode 100644
index bf43d030ad..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ /dev/null
@@ -1,946 +0,0 @@
1/* crypto/pkcs7/pk7_doit.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include <openssl/x509v3.h>
65
66static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
67 void *value);
68static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
69
70BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
71 {
72 int i,j;
73 BIO *out=NULL,*btmp=NULL;
74 X509_ALGOR *xa;
75 const EVP_MD *evp_md;
76 const EVP_CIPHER *evp_cipher=NULL;
77 STACK_OF(X509_ALGOR) *md_sk=NULL;
78 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
79 X509_ALGOR *xalg=NULL;
80 PKCS7_RECIP_INFO *ri=NULL;
81 EVP_PKEY *pkey;
82
83 i=OBJ_obj2nid(p7->type);
84 p7->state=PKCS7_S_HEADER;
85
86 switch (i)
87 {
88 case NID_pkcs7_signed:
89 md_sk=p7->d.sign->md_algs;
90 break;
91 case NID_pkcs7_signedAndEnveloped:
92 rsk=p7->d.signed_and_enveloped->recipientinfo;
93 md_sk=p7->d.signed_and_enveloped->md_algs;
94 xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
95 evp_cipher=p7->d.signed_and_enveloped->enc_data->cipher;
96 if (evp_cipher == NULL)
97 {
98 PKCS7err(PKCS7_F_PKCS7_DATAINIT,
99 PKCS7_R_CIPHER_NOT_INITIALIZED);
100 goto err;
101 }
102 break;
103 case NID_pkcs7_enveloped:
104 rsk=p7->d.enveloped->recipientinfo;
105 xalg=p7->d.enveloped->enc_data->algorithm;
106 evp_cipher=p7->d.enveloped->enc_data->cipher;
107 if (evp_cipher == NULL)
108 {
109 PKCS7err(PKCS7_F_PKCS7_DATAINIT,
110 PKCS7_R_CIPHER_NOT_INITIALIZED);
111 goto err;
112 }
113 break;
114 default:
115 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
116 goto err;
117 }
118
119 if (md_sk != NULL)
120 {
121 for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
122 {
123 xa=sk_X509_ALGOR_value(md_sk,i);
124 if ((btmp=BIO_new(BIO_f_md())) == NULL)
125 {
126 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB);
127 goto err;
128 }
129
130 j=OBJ_obj2nid(xa->algorithm);
131 evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
132 if (evp_md == NULL)
133 {
134 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
135 goto err;
136 }
137
138 BIO_set_md(btmp,evp_md);
139 if (out == NULL)
140 out=btmp;
141 else
142 BIO_push(out,btmp);
143 btmp=NULL;
144 }
145 }
146
147 if (evp_cipher != NULL)
148 {
149 unsigned char key[EVP_MAX_KEY_LENGTH];
150 unsigned char iv[EVP_MAX_IV_LENGTH];
151 int keylen,ivlen;
152 int jj,max;
153 unsigned char *tmp;
154 EVP_CIPHER_CTX *ctx;
155
156 if ((btmp=BIO_new(BIO_f_cipher())) == NULL)
157 {
158 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB);
159 goto err;
160 }
161 BIO_get_cipher_ctx(btmp, &ctx);
162 keylen=EVP_CIPHER_key_length(evp_cipher);
163 ivlen=EVP_CIPHER_iv_length(evp_cipher);
164 if (RAND_bytes(key,keylen) <= 0)
165 goto err;
166 xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
167 if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
168 EVP_CipherInit(ctx, evp_cipher, key, iv, 1);
169
170 if (ivlen > 0) {
171 if (xalg->parameter == NULL)
172 xalg->parameter=ASN1_TYPE_new();
173 if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
174 goto err;
175 }
176
177 /* Lets do the pub key stuff :-) */
178 max=0;
179 for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
180 {
181 ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
182 if (ri->cert == NULL)
183 {
184 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO);
185 goto err;
186 }
187 pkey=X509_get_pubkey(ri->cert);
188 jj=EVP_PKEY_size(pkey);
189 EVP_PKEY_free(pkey);
190 if (max < jj) max=jj;
191 }
192 if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL)
193 {
194 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE);
195 goto err;
196 }
197 for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
198 {
199 ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
200 pkey=X509_get_pubkey(ri->cert);
201 jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
202 EVP_PKEY_free(pkey);
203 if (jj <= 0)
204 {
205 PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB);
206 OPENSSL_free(tmp);
207 goto err;
208 }
209 M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
210 }
211 OPENSSL_free(tmp);
212 memset(key, 0, keylen);
213
214 if (out == NULL)
215 out=btmp;
216 else
217 BIO_push(out,btmp);
218 btmp=NULL;
219 }
220
221 if (bio == NULL) {
222 if (p7->detached)
223 bio=BIO_new(BIO_s_null());
224 else {
225 if (PKCS7_type_is_signed(p7) &&
226 PKCS7_type_is_data(p7->d.sign->contents)) {
227 ASN1_OCTET_STRING *os;
228 os=p7->d.sign->contents->d.data;
229 if (os->length > 0) bio =
230 BIO_new_mem_buf(os->data, os->length);
231 }
232 if(bio == NULL) {
233 bio=BIO_new(BIO_s_mem());
234 BIO_set_mem_eof_return(bio,0);
235 }
236 }
237 }
238 BIO_push(out,bio);
239 bio=NULL;
240 if (0)
241 {
242err:
243 if (out != NULL)
244 BIO_free_all(out);
245 if (btmp != NULL)
246 BIO_free_all(btmp);
247 out=NULL;
248 }
249 return(out);
250 }
251
252/* int */
253BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
254 {
255 int i,j;
256 BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL;
257 unsigned char *tmp=NULL;
258 X509_ALGOR *xa;
259 ASN1_OCTET_STRING *data_body=NULL;
260 const EVP_MD *evp_md;
261 const EVP_CIPHER *evp_cipher=NULL;
262 EVP_CIPHER_CTX *evp_ctx=NULL;
263 X509_ALGOR *enc_alg=NULL;
264 STACK_OF(X509_ALGOR) *md_sk=NULL;
265 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
266 X509_ALGOR *xalg=NULL;
267 PKCS7_RECIP_INFO *ri=NULL;
268
269 i=OBJ_obj2nid(p7->type);
270 p7->state=PKCS7_S_HEADER;
271
272 switch (i)
273 {
274 case NID_pkcs7_signed:
275 data_body=p7->d.sign->contents->d.data;
276 md_sk=p7->d.sign->md_algs;
277 break;
278 case NID_pkcs7_signedAndEnveloped:
279 rsk=p7->d.signed_and_enveloped->recipientinfo;
280 md_sk=p7->d.signed_and_enveloped->md_algs;
281 data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
282 enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
283 evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
284 if (evp_cipher == NULL)
285 {
286 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
287 goto err;
288 }
289 xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
290 break;
291 case NID_pkcs7_enveloped:
292 rsk=p7->d.enveloped->recipientinfo;
293 enc_alg=p7->d.enveloped->enc_data->algorithm;
294 data_body=p7->d.enveloped->enc_data->enc_data;
295 evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
296 if (evp_cipher == NULL)
297 {
298 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
299 goto err;
300 }
301 xalg=p7->d.enveloped->enc_data->algorithm;
302 break;
303 default:
304 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
305 goto err;
306 }
307
308 /* We will be checking the signature */
309 if (md_sk != NULL)
310 {
311 for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
312 {
313 xa=sk_X509_ALGOR_value(md_sk,i);
314 if ((btmp=BIO_new(BIO_f_md())) == NULL)
315 {
316 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB);
317 goto err;
318 }
319
320 j=OBJ_obj2nid(xa->algorithm);
321 evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
322 if (evp_md == NULL)
323 {
324 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
325 goto err;
326 }
327
328 BIO_set_md(btmp,evp_md);
329 if (out == NULL)
330 out=btmp;
331 else
332 BIO_push(out,btmp);
333 btmp=NULL;
334 }
335 }
336
337 if (evp_cipher != NULL)
338 {
339#if 0
340 unsigned char key[EVP_MAX_KEY_LENGTH];
341 unsigned char iv[EVP_MAX_IV_LENGTH];
342 unsigned char *p;
343 int keylen,ivlen;
344 int max;
345 X509_OBJECT ret;
346#endif
347 int jj;
348
349 if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
350 {
351 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB);
352 goto err;
353 }
354
355 /* It was encrypted, we need to decrypt the secret key
356 * with the private key */
357
358 /* Find the recipientInfo which matches the passed certificate
359 * (if any)
360 */
361
362 for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) {
363 ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
364 if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,
365 pcert->cert_info->issuer) &&
366 !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
367 ri->issuer_and_serial->serial)) break;
368 ri=NULL;
369 }
370 if (ri == NULL) {
371 PKCS7err(PKCS7_F_PKCS7_DATADECODE,
372 PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
373 goto err;
374 }
375
376 jj=EVP_PKEY_size(pkey);
377 tmp=(unsigned char *)OPENSSL_malloc(jj+10);
378 if (tmp == NULL)
379 {
380 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE);
381 goto err;
382 }
383
384 jj=EVP_PKEY_decrypt(tmp, M_ASN1_STRING_data(ri->enc_key),
385 M_ASN1_STRING_length(ri->enc_key), pkey);
386 if (jj <= 0)
387 {
388 PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB);
389 goto err;
390 }
391
392 evp_ctx=NULL;
393 BIO_get_cipher_ctx(etmp,&evp_ctx);
394 EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0);
395 if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
396 goto err;
397
398 if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
399 /* Some S/MIME clients don't use the same key
400 * and effective key length. The key length is
401 * determined by the size of the decrypted RSA key.
402 */
403 if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj))
404 {
405 PKCS7err(PKCS7_F_PKCS7_DATADECODE,
406 PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
407 goto err;
408 }
409 }
410 EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
411
412 memset(tmp,0,jj);
413
414 if (out == NULL)
415 out=etmp;
416 else
417 BIO_push(out,etmp);
418 etmp=NULL;
419 }
420
421#if 1
422 if (p7->detached || (in_bio != NULL))
423 {
424 bio=in_bio;
425 }
426 else
427 {
428#if 0
429 bio=BIO_new(BIO_s_mem());
430 /* We need to set this so that when we have read all
431 * the data, the encrypt BIO, if present, will read
432 * EOF and encode the last few bytes */
433 BIO_set_mem_eof_return(bio,0);
434
435 if (data_body->length > 0)
436 BIO_write(bio,(char *)data_body->data,data_body->length);
437#else
438 if (data_body->length > 0)
439 bio = BIO_new_mem_buf(data_body->data,data_body->length);
440 else {
441 bio=BIO_new(BIO_s_mem());
442 BIO_set_mem_eof_return(bio,0);
443 }
444#endif
445 }
446 BIO_push(out,bio);
447 bio=NULL;
448#endif
449 if (0)
450 {
451err:
452 if (out != NULL) BIO_free_all(out);
453 if (btmp != NULL) BIO_free_all(btmp);
454 if (etmp != NULL) BIO_free_all(etmp);
455 if (bio != NULL) BIO_free_all(bio);
456 out=NULL;
457 }
458 if (tmp != NULL)
459 OPENSSL_free(tmp);
460 return(out);
461 }
462
463int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
464 {
465 int ret=0;
466 int i,j;
467 BIO *btmp;
468 BUF_MEM *buf_mem=NULL;
469 BUF_MEM *buf=NULL;
470 PKCS7_SIGNER_INFO *si;
471 EVP_MD_CTX *mdc,ctx_tmp;
472 STACK_OF(X509_ATTRIBUTE) *sk;
473 STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL;
474 unsigned char *p,*pp=NULL;
475 int x;
476 ASN1_OCTET_STRING *os=NULL;
477
478 i=OBJ_obj2nid(p7->type);
479 p7->state=PKCS7_S_HEADER;
480
481 switch (i)
482 {
483 case NID_pkcs7_signedAndEnveloped:
484 /* XXXXXXXXXXXXXXXX */
485 si_sk=p7->d.signed_and_enveloped->signer_info;
486 os=M_ASN1_OCTET_STRING_new();
487 p7->d.signed_and_enveloped->enc_data->enc_data=os;
488 break;
489 case NID_pkcs7_enveloped:
490 /* XXXXXXXXXXXXXXXX */
491 os=M_ASN1_OCTET_STRING_new();
492 p7->d.enveloped->enc_data->enc_data=os;
493 break;
494 case NID_pkcs7_signed:
495 si_sk=p7->d.sign->signer_info;
496 os=p7->d.sign->contents->d.data;
497 /* If detached data then the content is excluded */
498 if(p7->detached) {
499 M_ASN1_OCTET_STRING_free(os);
500 p7->d.sign->contents->d.data = NULL;
501 }
502 break;
503 }
504
505 if (si_sk != NULL)
506 {
507 if ((buf=BUF_MEM_new()) == NULL)
508 {
509 PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
510 goto err;
511 }
512 for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++)
513 {
514 si=sk_PKCS7_SIGNER_INFO_value(si_sk,i);
515 if (si->pkey == NULL) continue;
516
517 j=OBJ_obj2nid(si->digest_alg->algorithm);
518
519 btmp=bio;
520 for (;;)
521 {
522 if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD))
523 == NULL)
524 {
525 PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
526 goto err;
527 }
528 BIO_get_md_ctx(btmp,&mdc);
529 if (mdc == NULL)
530 {
531 PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
532 goto err;
533 }
534 if (EVP_MD_CTX_type(mdc) == j)
535 break;
536 else
537 btmp=BIO_next(btmp);
538 }
539
540 /* We now have the EVP_MD_CTX, lets do the
541 * signing. */
542 memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
543 if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
544 {
545 PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
546 goto err;
547 }
548
549 sk=si->auth_attr;
550
551 /* If there are attributes, we add the digest
552 * attribute and only sign the attributes */
553 if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
554 {
555 unsigned char md_data[EVP_MAX_MD_SIZE];
556 unsigned int md_len;
557 ASN1_OCTET_STRING *digest;
558 ASN1_UTCTIME *sign_time;
559 const EVP_MD *md_tmp;
560
561 /* Add signing time */
562 sign_time=X509_gmtime_adj(NULL,0);
563 PKCS7_add_signed_attribute(si,
564 NID_pkcs9_signingTime,
565 V_ASN1_UTCTIME,sign_time);
566
567 /* Add digest */
568 md_tmp=EVP_MD_CTX_md(&ctx_tmp);
569 EVP_DigestFinal(&ctx_tmp,md_data,&md_len);
570 digest=M_ASN1_OCTET_STRING_new();
571 M_ASN1_OCTET_STRING_set(digest,md_data,md_len);
572 PKCS7_add_signed_attribute(si,
573 NID_pkcs9_messageDigest,
574 V_ASN1_OCTET_STRING,digest);
575
576 /* Now sign the mess */
577 EVP_SignInit(&ctx_tmp,md_tmp);
578 x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,
579 i2d_X509_ATTRIBUTE,
580 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
581 pp=(unsigned char *)OPENSSL_malloc(x);
582 p=pp;
583 i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,
584 i2d_X509_ATTRIBUTE,
585 V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
586 EVP_SignUpdate(&ctx_tmp,pp,x);
587 OPENSSL_free(pp);
588 pp=NULL;
589 }
590
591#ifndef NO_DSA
592 if (si->pkey->type == EVP_PKEY_DSA)
593 ctx_tmp.digest=EVP_dss1();
594#endif
595
596 if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
597 (unsigned int *)&buf->length,si->pkey))
598 {
599 PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB);
600 goto err;
601 }
602 if (!ASN1_STRING_set(si->enc_digest,
603 (unsigned char *)buf->data,buf->length))
604 {
605 PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB);
606 goto err;
607 }
608 }
609 }
610
611 if (!p7->detached)
612 {
613 btmp=BIO_find_type(bio,BIO_TYPE_MEM);
614 if (btmp == NULL)
615 {
616 PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
617 goto err;
618 }
619 BIO_get_mem_ptr(btmp,&buf_mem);
620 /* Mark the BIO read only then we can use its copy of the data
621 * instead of making an extra copy.
622 */
623 BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
624 BIO_set_mem_eof_return(btmp, 0);
625 os->data = (unsigned char *)buf_mem->data;
626 os->length = buf_mem->length;
627#if 0
628 M_ASN1_OCTET_STRING_set(os,
629 (unsigned char *)buf_mem->data,buf_mem->length);
630#endif
631 }
632 if (pp != NULL) OPENSSL_free(pp);
633 pp=NULL;
634
635 ret=1;
636err:
637 if (buf != NULL) BUF_MEM_free(buf);
638 return(ret);
639 }
640
641int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
642 PKCS7 *p7, PKCS7_SIGNER_INFO *si)
643 {
644 PKCS7_ISSUER_AND_SERIAL *ias;
645 int ret=0,i;
646 STACK_OF(X509) *cert;
647 X509 *x509;
648
649 if (PKCS7_type_is_signed(p7))
650 {
651 cert=p7->d.sign->cert;
652 }
653 else if (PKCS7_type_is_signedAndEnveloped(p7))
654 {
655 cert=p7->d.signed_and_enveloped->cert;
656 }
657 else
658 {
659 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_WRONG_PKCS7_TYPE);
660 goto err;
661 }
662 /* XXXXXXXXXXXXXXXXXXXXXXX */
663 ias=si->issuer_and_serial;
664
665 x509=X509_find_by_issuer_and_serial(cert,ias->issuer,ias->serial);
666
667 /* were we able to find the cert in passed to us */
668 if (x509 == NULL)
669 {
670 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
671 goto err;
672 }
673
674 /* Lets verify */
675 X509_STORE_CTX_init(ctx,cert_store,x509,cert);
676 X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
677 i=X509_verify_cert(ctx);
678 if (i <= 0)
679 {
680 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
681 X509_STORE_CTX_cleanup(ctx);
682 goto err;
683 }
684 X509_STORE_CTX_cleanup(ctx);
685
686 return PKCS7_signatureVerify(bio, p7, si, x509);
687 err:
688 return ret;
689 }
690
691int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
692 X509 *x509)
693 {
694 ASN1_OCTET_STRING *os;
695 EVP_MD_CTX mdc_tmp,*mdc;
696 unsigned char *pp,*p;
697 int ret=0,i;
698 int md_type;
699 STACK_OF(X509_ATTRIBUTE) *sk;
700 BIO *btmp;
701 EVP_PKEY *pkey;
702
703 if (!PKCS7_type_is_signed(p7) &&
704 !PKCS7_type_is_signedAndEnveloped(p7)) {
705 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
706 PKCS7_R_WRONG_PKCS7_TYPE);
707 goto err;
708 }
709
710 md_type=OBJ_obj2nid(si->digest_alg->algorithm);
711
712 btmp=bio;
713 for (;;)
714 {
715 if ((btmp == NULL) ||
716 ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
717 {
718 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
719 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
720 goto err;
721 }
722 BIO_get_md_ctx(btmp,&mdc);
723 if (mdc == NULL)
724 {
725 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
726 PKCS7_R_INTERNAL_ERROR);
727 goto err;
728 }
729 if (EVP_MD_CTX_type(mdc) == md_type)
730 break;
731 btmp=BIO_next(btmp);
732 }
733
734 /* mdc is the digest ctx that we want, unless there are attributes,
735 * in which case the digest is the signed attributes */
736 memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
737
738 sk=si->auth_attr;
739 if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
740 {
741 unsigned char md_dat[EVP_MAX_MD_SIZE];
742 unsigned int md_len;
743 ASN1_OCTET_STRING *message_digest;
744
745 EVP_DigestFinal(&mdc_tmp,md_dat,&md_len);
746 message_digest=PKCS7_digest_from_attributes(sk);
747 if (!message_digest)
748 {
749 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
750 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
751 goto err;
752 }
753 if ((message_digest->length != (int)md_len) ||
754 (memcmp(message_digest->data,md_dat,md_len)))
755 {
756#if 0
757{
758int ii;
759for (ii=0; ii<message_digest->length; ii++)
760 printf("%02X",message_digest->data[ii]); printf(" sent\n");
761for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
762}
763#endif
764 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
765 PKCS7_R_DIGEST_FAILURE);
766 ret= -1;
767 goto err;
768 }
769
770 EVP_VerifyInit(&mdc_tmp,EVP_get_digestbynid(md_type));
771 /* Note: when forming the encoding of the attributes we
772 * shouldn't reorder them or this will break the signature.
773 * This is done by using the IS_SEQUENCE flag.
774 */
775 i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE,
776 V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
777 pp=OPENSSL_malloc(i);
778 p=pp;
779 i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE,
780 V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
781 EVP_VerifyUpdate(&mdc_tmp,pp,i);
782
783 OPENSSL_free(pp);
784 }
785
786 os=si->enc_digest;
787 pkey = X509_get_pubkey(x509);
788 if (!pkey)
789 {
790 ret = -1;
791 goto err;
792 }
793#ifndef NO_DSA
794 if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
795#endif
796
797 i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
798 EVP_PKEY_free(pkey);
799 if (i <= 0)
800 {
801 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
802 PKCS7_R_SIGNATURE_FAILURE);
803 ret= -1;
804 goto err;
805 }
806 else
807 ret=1;
808err:
809 return(ret);
810 }
811
812PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
813 {
814 STACK_OF(PKCS7_RECIP_INFO) *rsk;
815 PKCS7_RECIP_INFO *ri;
816 int i;
817
818 i=OBJ_obj2nid(p7->type);
819 if (i != NID_pkcs7_signedAndEnveloped) return(NULL);
820 rsk=p7->d.signed_and_enveloped->recipientinfo;
821 ri=sk_PKCS7_RECIP_INFO_value(rsk,0);
822 if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL);
823 ri=sk_PKCS7_RECIP_INFO_value(rsk,idx);
824 return(ri->issuer_and_serial);
825 }
826
827ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
828 {
829 return(get_attribute(si->auth_attr,nid));
830 }
831
832ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
833 {
834 return(get_attribute(si->unauth_attr,nid));
835 }
836
837static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
838 {
839 int i;
840 X509_ATTRIBUTE *xa;
841 ASN1_OBJECT *o;
842
843 o=OBJ_nid2obj(nid);
844 if (!o || !sk) return(NULL);
845 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
846 {
847 xa=sk_X509_ATTRIBUTE_value(sk,i);
848 if (OBJ_cmp(xa->object,o) == 0)
849 {
850 if (xa->set && sk_ASN1_TYPE_num(xa->value.set))
851 return(sk_ASN1_TYPE_value(xa->value.set,0));
852 else
853 return(NULL);
854 }
855 }
856 return(NULL);
857 }
858
859ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
860{
861 ASN1_TYPE *astype;
862 if(!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) return NULL;
863 return astype->value.octet_string;
864}
865
866int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
867 STACK_OF(X509_ATTRIBUTE) *sk)
868 {
869 int i;
870
871 if (p7si->auth_attr != NULL)
872 sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free);
873 p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk);
874 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
875 {
876 if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i,
877 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i))))
878 == NULL)
879 return(0);
880 }
881 return(1);
882 }
883
884int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
885 {
886 int i;
887
888 if (p7si->unauth_attr != NULL)
889 sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
890 X509_ATTRIBUTE_free);
891 p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk);
892 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
893 {
894 if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i,
895 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i))))
896 == NULL)
897 return(0);
898 }
899 return(1);
900 }
901
902int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
903 void *value)
904 {
905 return(add_attribute(&(p7si->auth_attr),nid,atrtype,value));
906 }
907
908int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
909 void *value)
910 {
911 return(add_attribute(&(p7si->unauth_attr),nid,atrtype,value));
912 }
913
914static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
915 void *value)
916 {
917 X509_ATTRIBUTE *attr=NULL;
918
919 if (*sk == NULL)
920 {
921 *sk = sk_X509_ATTRIBUTE_new_null();
922new_attrib:
923 attr=X509_ATTRIBUTE_create(nid,atrtype,value);
924 sk_X509_ATTRIBUTE_push(*sk,attr);
925 }
926 else
927 {
928 int i;
929
930 for (i=0; i<sk_X509_ATTRIBUTE_num(*sk); i++)
931 {
932 attr=sk_X509_ATTRIBUTE_value(*sk,i);
933 if (OBJ_obj2nid(attr->object) == nid)
934 {
935 X509_ATTRIBUTE_free(attr);
936 attr=X509_ATTRIBUTE_create(nid,atrtype,value);
937 sk_X509_ATTRIBUTE_set(*sk,i,attr);
938 goto end;
939 }
940 }
941 goto new_attrib;
942 }
943end:
944 return(1);
945 }
946
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
deleted file mode 100644
index 45973fe850..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_lib.c
+++ /dev/null
@@ -1,469 +0,0 @@
1/* crypto/pkcs7/pk7_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/objects.h>
62#include <openssl/x509.h>
63
64long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
65 {
66 int nid;
67 long ret;
68
69 nid=OBJ_obj2nid(p7->type);
70
71 switch (cmd)
72 {
73 case PKCS7_OP_SET_DETACHED_SIGNATURE:
74 if (nid == NID_pkcs7_signed)
75 {
76 ret=p7->detached=(int)larg;
77 }
78 else
79 {
80 PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
81 ret=0;
82 }
83 break;
84 case PKCS7_OP_GET_DETACHED_SIGNATURE:
85 if (nid == NID_pkcs7_signed)
86 {
87 ret=p7->detached;
88 }
89 else
90 {
91 PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
92 ret=0;
93 }
94
95 break;
96 default:
97 PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION);
98 ret=0;
99 }
100 return(ret);
101 }
102
103int PKCS7_content_new(PKCS7 *p7, int type)
104 {
105 PKCS7 *ret=NULL;
106
107 if ((ret=PKCS7_new()) == NULL) goto err;
108 if (!PKCS7_set_type(ret,type)) goto err;
109 if (!PKCS7_set_content(p7,ret)) goto err;
110
111 return(1);
112err:
113 if (ret != NULL) PKCS7_free(ret);
114 return(0);
115 }
116
117int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
118 {
119 int i;
120
121 i=OBJ_obj2nid(p7->type);
122 switch (i)
123 {
124 case NID_pkcs7_signed:
125 if (p7->d.sign->contents != NULL)
126 PKCS7_free(p7->d.sign->contents);
127 p7->d.sign->contents=p7_data;
128 break;
129 case NID_pkcs7_digest:
130 case NID_pkcs7_data:
131 case NID_pkcs7_enveloped:
132 case NID_pkcs7_signedAndEnveloped:
133 case NID_pkcs7_encrypted:
134 default:
135 PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
136 goto err;
137 }
138 return(1);
139err:
140 return(0);
141 }
142
143int PKCS7_set_type(PKCS7 *p7, int type)
144 {
145 ASN1_OBJECT *obj;
146
147 PKCS7_content_free(p7);
148 obj=OBJ_nid2obj(type); /* will not fail */
149
150 switch (type)
151 {
152 case NID_pkcs7_signed:
153 p7->type=obj;
154 if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
155 goto err;
156 ASN1_INTEGER_set(p7->d.sign->version,1);
157 break;
158 case NID_pkcs7_data:
159 p7->type=obj;
160 if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL)
161 goto err;
162 break;
163 case NID_pkcs7_signedAndEnveloped:
164 p7->type=obj;
165 if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
166 == NULL) goto err;
167 ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
168 break;
169 case NID_pkcs7_enveloped:
170 p7->type=obj;
171 if ((p7->d.enveloped=PKCS7_ENVELOPE_new())
172 == NULL) goto err;
173 ASN1_INTEGER_set(p7->d.enveloped->version,0);
174 break;
175 case NID_pkcs7_encrypted:
176 p7->type=obj;
177 if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
178 == NULL) goto err;
179 ASN1_INTEGER_set(p7->d.encrypted->version,0);
180 break;
181
182 case NID_pkcs7_digest:
183 default:
184 PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
185 goto err;
186 }
187 return(1);
188err:
189 return(0);
190 }
191
192int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
193 {
194 int i,j,nid;
195 X509_ALGOR *alg;
196 STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
197 STACK_OF(X509_ALGOR) *md_sk;
198
199 i=OBJ_obj2nid(p7->type);
200 switch (i)
201 {
202 case NID_pkcs7_signed:
203 signer_sk= p7->d.sign->signer_info;
204 md_sk= p7->d.sign->md_algs;
205 break;
206 case NID_pkcs7_signedAndEnveloped:
207 signer_sk= p7->d.signed_and_enveloped->signer_info;
208 md_sk= p7->d.signed_and_enveloped->md_algs;
209 break;
210 default:
211 PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
212 return(0);
213 }
214
215 nid=OBJ_obj2nid(psi->digest_alg->algorithm);
216
217 /* If the digest is not currently listed, add it */
218 j=0;
219 for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
220 {
221 alg=sk_X509_ALGOR_value(md_sk,i);
222 if (OBJ_obj2nid(alg->algorithm) == nid)
223 {
224 j=1;
225 break;
226 }
227 }
228 if (!j) /* we need to add another algorithm */
229 {
230 if(!(alg=X509_ALGOR_new())
231 || !(alg->parameter = ASN1_TYPE_new())) {
232 PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE);
233 return(0);
234 }
235 alg->algorithm=OBJ_nid2obj(nid);
236 alg->parameter->type = V_ASN1_NULL;
237 sk_X509_ALGOR_push(md_sk,alg);
238 }
239
240 sk_PKCS7_SIGNER_INFO_push(signer_sk,psi);
241 return(1);
242 }
243
244int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
245 {
246 int i;
247 STACK_OF(X509) **sk;
248
249 i=OBJ_obj2nid(p7->type);
250 switch (i)
251 {
252 case NID_pkcs7_signed:
253 sk= &(p7->d.sign->cert);
254 break;
255 case NID_pkcs7_signedAndEnveloped:
256 sk= &(p7->d.signed_and_enveloped->cert);
257 break;
258 default:
259 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE);
260 return(0);
261 }
262
263 if (*sk == NULL)
264 *sk=sk_X509_new_null();
265 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
266 sk_X509_push(*sk,x509);
267 return(1);
268 }
269
270int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
271 {
272 int i;
273 STACK_OF(X509_CRL) **sk;
274
275 i=OBJ_obj2nid(p7->type);
276 switch (i)
277 {
278 case NID_pkcs7_signed:
279 sk= &(p7->d.sign->crl);
280 break;
281 case NID_pkcs7_signedAndEnveloped:
282 sk= &(p7->d.signed_and_enveloped->crl);
283 break;
284 default:
285 PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE);
286 return(0);
287 }
288
289 if (*sk == NULL)
290 *sk=sk_X509_CRL_new_null();
291
292 CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
293 sk_X509_CRL_push(*sk,crl);
294 return(1);
295 }
296
297int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
298 EVP_MD *dgst)
299 {
300 char is_dsa;
301 if (pkey->type == EVP_PKEY_DSA) is_dsa = 1;
302 else is_dsa = 0;
303 /* We now need to add another PKCS7_SIGNER_INFO entry */
304 ASN1_INTEGER_set(p7i->version,1);
305 X509_NAME_set(&p7i->issuer_and_serial->issuer,
306 X509_get_issuer_name(x509));
307
308 /* because ASN1_INTEGER_set is used to set a 'long' we will do
309 * things the ugly way. */
310 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
311 p7i->issuer_and_serial->serial=
312 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
313
314 /* lets keep the pkey around for a while */
315 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
316 p7i->pkey=pkey;
317
318 /* Set the algorithms */
319 if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
320 else
321 p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
322
323 if (p7i->digest_alg->parameter != NULL)
324 ASN1_TYPE_free(p7i->digest_alg->parameter);
325 if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL)
326 goto err;
327 p7i->digest_alg->parameter->type=V_ASN1_NULL;
328
329 p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type));
330
331 if (p7i->digest_enc_alg->parameter != NULL)
332 ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
333 if(is_dsa) p7i->digest_enc_alg->parameter = NULL;
334 else {
335 if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
336 goto err;
337 p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
338 }
339
340 return(1);
341err:
342 return(0);
343 }
344
345PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
346 EVP_MD *dgst)
347 {
348 PKCS7_SIGNER_INFO *si;
349
350 if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
351 if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
352 if (!PKCS7_add_signer(p7,si)) goto err;
353 return(si);
354err:
355 return(NULL);
356 }
357
358STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
359 {
360 if (PKCS7_type_is_signed(p7))
361 {
362 return(p7->d.sign->signer_info);
363 }
364 else if (PKCS7_type_is_signedAndEnveloped(p7))
365 {
366 return(p7->d.signed_and_enveloped->signer_info);
367 }
368 else
369 return(NULL);
370 }
371
372PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
373 {
374 PKCS7_RECIP_INFO *ri;
375
376 if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
377 if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
378 if (!PKCS7_add_recipient_info(p7,ri)) goto err;
379 return(ri);
380err:
381 return(NULL);
382 }
383
384int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
385 {
386 int i;
387 STACK_OF(PKCS7_RECIP_INFO) *sk;
388
389 i=OBJ_obj2nid(p7->type);
390 switch (i)
391 {
392 case NID_pkcs7_signedAndEnveloped:
393 sk= p7->d.signed_and_enveloped->recipientinfo;
394 break;
395 case NID_pkcs7_enveloped:
396 sk= p7->d.enveloped->recipientinfo;
397 break;
398 default:
399 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE);
400 return(0);
401 }
402
403 sk_PKCS7_RECIP_INFO_push(sk,ri);
404 return(1);
405 }
406
407int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
408 {
409 ASN1_INTEGER_set(p7i->version,0);
410 X509_NAME_set(&p7i->issuer_and_serial->issuer,
411 X509_get_issuer_name(x509));
412
413 M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
414 p7i->issuer_and_serial->serial=
415 M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
416
417 X509_ALGOR_free(p7i->key_enc_algor);
418 p7i->key_enc_algor=(X509_ALGOR *)ASN1_dup(i2d_X509_ALGOR,
419 (char *(*)())d2i_X509_ALGOR,
420 (char *)x509->cert_info->key->algor);
421
422 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
423 p7i->cert=x509;
424
425 return(1);
426 }
427
428X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
429 {
430 if (PKCS7_type_is_signed(p7))
431 return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
432 si->issuer_and_serial->issuer,
433 si->issuer_and_serial->serial));
434 else
435 return(NULL);
436 }
437
438int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
439 {
440 int i;
441 ASN1_OBJECT *objtmp;
442 PKCS7_ENC_CONTENT *ec;
443
444 i=OBJ_obj2nid(p7->type);
445 switch (i)
446 {
447 case NID_pkcs7_signedAndEnveloped:
448 ec=p7->d.signed_and_enveloped->enc_data;
449 break;
450 case NID_pkcs7_enveloped:
451 ec=p7->d.enveloped->enc_data;
452 break;
453 default:
454 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE);
455 return(0);
456 }
457
458 /* Check cipher OID exists and has data in it*/
459 i = EVP_CIPHER_type(cipher);
460 if(i == NID_undef) {
461 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
462 return(0);
463 }
464 objtmp = OBJ_nid2obj(i);
465
466 ec->cipher = cipher;
467 return 1;
468 }
469
diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c
deleted file mode 100644
index 086d394270..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_mime.c
+++ /dev/null
@@ -1,685 +0,0 @@
1/* pk7_mime.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "cryptlib.h"
62#include <openssl/rand.h>
63#include <openssl/x509.h>
64
65/* MIME and related routines */
66
67/* MIME format structures
68 * Note that all are translated to lower case apart from
69 * parameter values. Quotes are stripped off
70 */
71
72typedef struct {
73char *param_name; /* Param name e.g. "micalg" */
74char *param_value; /* Param value e.g. "sha1" */
75} MIME_PARAM;
76
77DECLARE_STACK_OF(MIME_PARAM)
78IMPLEMENT_STACK_OF(MIME_PARAM)
79
80typedef struct {
81char *name; /* Name of line e.g. "content-type" */
82char *value; /* Value of line e.g. "text/plain" */
83STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
84} MIME_HEADER;
85
86DECLARE_STACK_OF(MIME_HEADER)
87IMPLEMENT_STACK_OF(MIME_HEADER)
88
89static int B64_write_PKCS7(BIO *bio, PKCS7 *p7);
90static PKCS7 *B64_read_PKCS7(BIO *bio);
91static char * strip_ends(char *name);
92static char * strip_start(char *name);
93static char * strip_end(char *name);
94static MIME_HEADER *mime_hdr_new(char *name, char *value);
95static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
96static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
97static int mime_hdr_cmp(const MIME_HEADER * const *a,
98 const MIME_HEADER * const *b);
99static int mime_param_cmp(const MIME_PARAM * const *a,
100 const MIME_PARAM * const *b);
101static void mime_param_free(MIME_PARAM *param);
102static int mime_bound_check(char *line, int linelen, char *bound, int blen);
103static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
104static int iscrlf(char c);
105static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
106static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
107static void mime_hdr_free(MIME_HEADER *hdr);
108
109#define MAX_SMLEN 1024
110#define mime_debug(x) /* x */
111
112
113typedef void (*stkfree)();
114
115/* Base 64 read and write of PKCS#7 structure */
116
117static int B64_write_PKCS7(BIO *bio, PKCS7 *p7)
118{
119 BIO *b64;
120 if(!(b64 = BIO_new(BIO_f_base64()))) {
121 PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE);
122 return 0;
123 }
124 bio = BIO_push(b64, bio);
125 i2d_PKCS7_bio(bio, p7);
126 BIO_flush(bio);
127 bio = BIO_pop(bio);
128 BIO_free(b64);
129 return 1;
130}
131
132static PKCS7 *B64_read_PKCS7(BIO *bio)
133{
134 BIO *b64;
135 PKCS7 *p7;
136 if(!(b64 = BIO_new(BIO_f_base64()))) {
137 PKCS7err(PKCS7_F_B64_READ_PKCS7,ERR_R_MALLOC_FAILURE);
138 return 0;
139 }
140 bio = BIO_push(b64, bio);
141 if(!(p7 = d2i_PKCS7_bio(bio, NULL)))
142 PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR);
143 BIO_flush(bio);
144 bio = BIO_pop(bio);
145 BIO_free(b64);
146 return p7;
147}
148
149/* SMIME sender */
150
151int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
152{
153 char linebuf[MAX_SMLEN];
154 char bound[33], c;
155 int i;
156 if((flags & PKCS7_DETACHED) && data) {
157 /* We want multipart/signed */
158 /* Generate a random boundary */
159 RAND_pseudo_bytes((unsigned char *)bound, 32);
160 for(i = 0; i < 32; i++) {
161 c = bound[i] & 0xf;
162 if(c < 10) c += '0';
163 else c += 'A' - 10;
164 bound[i] = c;
165 }
166 bound[32] = 0;
167 BIO_printf(bio, "MIME-Version: 1.0\n");
168 BIO_printf(bio, "Content-Type: multipart/signed;");
169 BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";");
170 BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound);
171 BIO_printf(bio, "This is an S/MIME signed message\n\n");
172 /* Now write out the first part */
173 BIO_printf(bio, "------%s\n", bound);
174 if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n");
175 while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0)
176 BIO_write(bio, linebuf, i);
177 BIO_printf(bio, "\n------%s\n", bound);
178
179 /* Headers for signature */
180
181 BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n");
182 BIO_printf(bio, "Content-Transfer-Encoding: base64\n");
183 BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n");
184 B64_write_PKCS7(bio, p7);
185 BIO_printf(bio,"\n------%s--\n\n", bound);
186 return 1;
187 }
188 /* MIME headers */
189 BIO_printf(bio, "MIME-Version: 1.0\n");
190 BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n");
191 BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n");
192 BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n");
193 B64_write_PKCS7(bio, p7);
194 BIO_printf(bio, "\n");
195 return 1;
196}
197
198/* SMIME reader: handle multipart/signed and opaque signing.
199 * in multipart case the content is placed in a memory BIO
200 * pointed to by "bcont". In opaque this is set to NULL
201 */
202
203PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
204{
205 BIO *p7in;
206 STACK_OF(MIME_HEADER) *headers = NULL;
207 STACK_OF(BIO) *parts = NULL;
208 MIME_HEADER *hdr;
209 MIME_PARAM *prm;
210 PKCS7 *p7;
211 int ret;
212
213 if(bcont) *bcont = NULL;
214
215 if (!(headers = mime_parse_hdr(bio))) {
216 PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_PARSE_ERROR);
217 return NULL;
218 }
219
220 if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
221 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
222 PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_CONTENT_TYPE);
223 return NULL;
224 }
225
226 /* Handle multipart/signed */
227
228 if(!strcmp(hdr->value, "multipart/signed")) {
229 /* Split into two parts */
230 prm = mime_param_find(hdr, "boundary");
231 if(!prm || !prm->param_value) {
232 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
233 PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BOUNDARY);
234 return NULL;
235 }
236 ret = multi_split(bio, prm->param_value, &parts);
237 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
238 if(!ret || (sk_BIO_num(parts) != 2) ) {
239 PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BODY_FAILURE);
240 sk_BIO_pop_free(parts, BIO_vfree);
241 return NULL;
242 }
243
244 /* Parse the signature piece */
245 p7in = sk_BIO_value(parts, 1);
246
247 if (!(headers = mime_parse_hdr(p7in))) {
248 PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_SIG_PARSE_ERROR);
249 sk_BIO_pop_free(parts, BIO_vfree);
250 return NULL;
251 }
252
253 /* Get content type */
254
255 if(!(hdr = mime_hdr_find(headers, "content-type")) ||
256 !hdr->value) {
257 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
258 PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_SIG_CONTENT_TYPE);
259 return NULL;
260 }
261
262 if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
263 strcmp(hdr->value, "application/pkcs7-signature")) {
264 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
265 PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
266 ERR_add_error_data(2, "type: ", hdr->value);
267 sk_BIO_pop_free(parts, BIO_vfree);
268 return NULL;
269 }
270 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
271 /* Read in PKCS#7 */
272 if(!(p7 = B64_read_PKCS7(p7in))) {
273 PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_PKCS7_SIG_PARSE_ERROR);
274 sk_BIO_pop_free(parts, BIO_vfree);
275 return NULL;
276 }
277
278 if(bcont) {
279 *bcont = sk_BIO_value(parts, 0);
280 BIO_free(p7in);
281 sk_BIO_free(parts);
282 } else sk_BIO_pop_free(parts, BIO_vfree);
283 return p7;
284 }
285
286 /* OK, if not multipart/signed try opaque signature */
287
288 if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
289 strcmp (hdr->value, "application/pkcs7-mime")) {
290 PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_INVALID_MIME_TYPE);
291 ERR_add_error_data(2, "type: ", hdr->value);
292 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
293 return NULL;
294 }
295
296 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
297
298 if(!(p7 = B64_read_PKCS7(bio))) {
299 PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_PKCS7_PARSE_ERROR);
300 return NULL;
301 }
302 return p7;
303
304}
305
306/* Copy text from one BIO to another making the output CRLF at EOL */
307int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
308{
309 char eol;
310 int len;
311 char linebuf[MAX_SMLEN];
312 if(flags & PKCS7_BINARY) {
313 while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
314 BIO_write(out, linebuf, len);
315 return 1;
316 }
317 if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
318 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
319 eol = 0;
320 while(iscrlf(linebuf[len - 1])) {
321 len--;
322 eol = 1;
323 }
324 BIO_write(out, linebuf, len);
325 if(eol) BIO_write(out, "\r\n", 2);
326 }
327 return 1;
328}
329
330/* Strip off headers if they are text/plain */
331int SMIME_text(BIO *in, BIO *out)
332{
333 char iobuf[4096];
334 int len;
335 STACK_OF(MIME_HEADER) *headers;
336 MIME_HEADER *hdr;
337
338 if (!(headers = mime_parse_hdr(in))) {
339 PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR);
340 return 0;
341 }
342 if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
343 PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE);
344 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
345 return 0;
346 }
347 if (strcmp (hdr->value, "text/plain")) {
348 PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE);
349 ERR_add_error_data(2, "type: ", hdr->value);
350 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
351 return 0;
352 }
353 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
354 while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
355 BIO_write(out, iobuf, len);
356 return 1;
357}
358
359/* Split a multipart/XXX message body into component parts: result is
360 * canonical parts in a STACK of bios
361 */
362
363static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
364{
365 char linebuf[MAX_SMLEN];
366 int len, blen;
367 BIO *bpart = NULL;
368 STACK_OF(BIO) *parts;
369 char state, part, first;
370
371 blen = strlen(bound);
372 part = 0;
373 state = 0;
374 first = 1;
375 parts = sk_BIO_new_null();
376 *ret = parts;
377 while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
378 state = mime_bound_check(linebuf, len, bound, blen);
379 if(state == 1) {
380 first = 1;
381 part++;
382 } else if(state == 2) {
383 sk_BIO_push(parts, bpart);
384 return 1;
385 } else if(part) {
386 if(first) {
387 first = 0;
388 if(bpart) sk_BIO_push(parts, bpart);
389 bpart = BIO_new(BIO_s_mem());
390
391 } else BIO_write(bpart, "\r\n", 2);
392 /* Strip CR+LF from linebuf */
393 while(iscrlf(linebuf[len - 1])) len--;
394 BIO_write(bpart, linebuf, len);
395 }
396 }
397 return 0;
398}
399
400static int iscrlf(char c)
401{
402 if(c == '\r' || c == '\n') return 1;
403 return 0;
404}
405
406/* This is the big one: parse MIME header lines up to message body */
407
408#define MIME_INVALID 0
409#define MIME_START 1
410#define MIME_TYPE 2
411#define MIME_NAME 3
412#define MIME_VALUE 4
413#define MIME_QUOTE 5
414#define MIME_COMMENT 6
415
416
417static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
418{
419 char *p, *q, c;
420 char *ntmp;
421 char linebuf[MAX_SMLEN];
422 MIME_HEADER *mhdr = NULL;
423 STACK_OF(MIME_HEADER) *headers;
424 int len, state, save_state = 0;
425
426 headers = sk_MIME_HEADER_new(mime_hdr_cmp);
427 while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
428 /* If whitespace at line start then continuation line */
429 if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
430 else state = MIME_START;
431 ntmp = NULL;
432 /* Go through all characters */
433 for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
434
435 /* State machine to handle MIME headers
436 * if this looks horrible that's because it *is*
437 */
438
439 switch(state) {
440 case MIME_START:
441 if(c == ':') {
442 state = MIME_TYPE;
443 *p = 0;
444 ntmp = strip_ends(q);
445 q = p + 1;
446 }
447 break;
448
449 case MIME_TYPE:
450 if(c == ';') {
451 mime_debug("Found End Value\n");
452 *p = 0;
453 mhdr = mime_hdr_new(ntmp, strip_ends(q));
454 sk_MIME_HEADER_push(headers, mhdr);
455 ntmp = NULL;
456 q = p + 1;
457 state = MIME_NAME;
458 } else if(c == '(') {
459 save_state = state;
460 state = MIME_COMMENT;
461 }
462 break;
463
464 case MIME_COMMENT:
465 if(c == ')') {
466 state = save_state;
467 }
468 break;
469
470 case MIME_NAME:
471 if(c == '=') {
472 state = MIME_VALUE;
473 *p = 0;
474 ntmp = strip_ends(q);
475 q = p + 1;
476 }
477 break ;
478
479 case MIME_VALUE:
480 if(c == ';') {
481 state = MIME_NAME;
482 *p = 0;
483 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
484 ntmp = NULL;
485 q = p + 1;
486 } else if (c == '"') {
487 mime_debug("Found Quote\n");
488 state = MIME_QUOTE;
489 } else if(c == '(') {
490 save_state = state;
491 state = MIME_COMMENT;
492 }
493 break;
494
495 case MIME_QUOTE:
496 if(c == '"') {
497 mime_debug("Found Match Quote\n");
498 state = MIME_VALUE;
499 }
500 break;
501 }
502 }
503
504 if(state == MIME_TYPE) {
505 mhdr = mime_hdr_new(ntmp, strip_ends(q));
506 sk_MIME_HEADER_push(headers, mhdr);
507 } else if(state == MIME_VALUE)
508 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
509 if(p == linebuf) break; /* Blank line means end of headers */
510}
511
512return headers;
513
514}
515
516static char *strip_ends(char *name)
517{
518 return strip_end(strip_start(name));
519}
520
521/* Strip a parameter of whitespace from start of param */
522static char *strip_start(char *name)
523{
524 char *p, c;
525 /* Look for first non white space or quote */
526 for(p = name; (c = *p) ;p++) {
527 if(c == '"') {
528 /* Next char is start of string if non null */
529 if(p[1]) return p + 1;
530 /* Else null string */
531 return NULL;
532 }
533 if(!isspace((unsigned char)c)) return p;
534 }
535 return NULL;
536}
537
538/* As above but strip from end of string : maybe should handle brackets? */
539static char *strip_end(char *name)
540{
541 char *p, c;
542 if(!name) return NULL;
543 /* Look for first non white space or quote */
544 for(p = name + strlen(name) - 1; p >= name ;p--) {
545 c = *p;
546 if(c == '"') {
547 if(p - 1 == name) return NULL;
548 *p = 0;
549 return name;
550 }
551 if(isspace((unsigned char)c)) *p = 0;
552 else return name;
553 }
554 return NULL;
555}
556
557static MIME_HEADER *mime_hdr_new(char *name, char *value)
558{
559 MIME_HEADER *mhdr;
560 char *tmpname, *tmpval, *p;
561 int c;
562 if(name) {
563 if(!(tmpname = BUF_strdup(name))) return NULL;
564 for(p = tmpname ; *p; p++) {
565 c = *p;
566 if(isupper(c)) {
567 c = tolower(c);
568 *p = c;
569 }
570 }
571 } else tmpname = NULL;
572 if(value) {
573 if(!(tmpval = BUF_strdup(value))) return NULL;
574 for(p = tmpval ; *p; p++) {
575 c = *p;
576 if(isupper(c)) {
577 c = tolower(c);
578 *p = c;
579 }
580 }
581 } else tmpval = NULL;
582 mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER));
583 if(!mhdr) return NULL;
584 mhdr->name = tmpname;
585 mhdr->value = tmpval;
586 if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL;
587 return mhdr;
588}
589
590static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
591{
592 char *tmpname, *tmpval, *p;
593 int c;
594 MIME_PARAM *mparam;
595 if(name) {
596 tmpname = BUF_strdup(name);
597 if(!tmpname) return 0;
598 for(p = tmpname ; *p; p++) {
599 c = *p;
600 if(isupper(c)) {
601 c = tolower(c);
602 *p = c;
603 }
604 }
605 } else tmpname = NULL;
606 if(value) {
607 tmpval = BUF_strdup(value);
608 if(!tmpval) return 0;
609 } else tmpval = NULL;
610 /* Parameter values are case sensitive so leave as is */
611 mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM));
612 if(!mparam) return 0;
613 mparam->param_name = tmpname;
614 mparam->param_value = tmpval;
615 sk_MIME_PARAM_push(mhdr->params, mparam);
616 return 1;
617}
618
619static int mime_hdr_cmp(const MIME_HEADER * const *a,
620 const MIME_HEADER * const *b)
621{
622 return(strcmp((*a)->name, (*b)->name));
623}
624
625static int mime_param_cmp(const MIME_PARAM * const *a,
626 const MIME_PARAM * const *b)
627{
628 return(strcmp((*a)->param_name, (*b)->param_name));
629}
630
631/* Find a header with a given name (if possible) */
632
633static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
634{
635 MIME_HEADER htmp;
636 int idx;
637 htmp.name = name;
638 idx = sk_MIME_HEADER_find(hdrs, &htmp);
639 if(idx < 0) return NULL;
640 return sk_MIME_HEADER_value(hdrs, idx);
641}
642
643static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
644{
645 MIME_PARAM param;
646 int idx;
647 param.param_name = name;
648 idx = sk_MIME_PARAM_find(hdr->params, &param);
649 if(idx < 0) return NULL;
650 return sk_MIME_PARAM_value(hdr->params, idx);
651}
652
653static void mime_hdr_free(MIME_HEADER *hdr)
654{
655 if(hdr->name) OPENSSL_free(hdr->name);
656 if(hdr->value) OPENSSL_free(hdr->value);
657 if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
658 OPENSSL_free(hdr);
659}
660
661static void mime_param_free(MIME_PARAM *param)
662{
663 if(param->param_name) OPENSSL_free(param->param_name);
664 if(param->param_value) OPENSSL_free(param->param_value);
665 OPENSSL_free(param);
666}
667
668/* Check for a multipart boundary. Returns:
669 * 0 : no boundary
670 * 1 : part boundary
671 * 2 : final boundary
672 */
673static int mime_bound_check(char *line, int linelen, char *bound, int blen)
674{
675 if(linelen == -1) linelen = strlen(line);
676 if(blen == -1) blen = strlen(bound);
677 /* Quickly eliminate if line length too short */
678 if(blen + 2 > linelen) return 0;
679 /* Check for part boundary */
680 if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
681 if(!strncmp(line + blen + 2, "--", 2)) return 2;
682 else return 1;
683 }
684 return 0;
685}
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c
deleted file mode 100644
index 3d3214f5ee..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_smime.c
+++ /dev/null
@@ -1,432 +0,0 @@
1/* pk7_smime.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Simple PKCS#7 processing functions */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/x509.h>
64#include <openssl/x509v3.h>
65
66PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
67 BIO *data, int flags)
68{
69 PKCS7 *p7;
70 PKCS7_SIGNER_INFO *si;
71 BIO *p7bio;
72 STACK_OF(X509_ALGOR) *smcap;
73 int i;
74
75 if(!X509_check_private_key(signcert, pkey)) {
76 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
77 return NULL;
78 }
79
80 if(!(p7 = PKCS7_new())) {
81 PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
82 return NULL;
83 }
84
85 PKCS7_set_type(p7, NID_pkcs7_signed);
86
87 PKCS7_content_new(p7, NID_pkcs7_data);
88
89 if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
90 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
91 return NULL;
92 }
93
94 if(!(flags & PKCS7_NOCERTS)) {
95 PKCS7_add_certificate(p7, signcert);
96 if(certs) for(i = 0; i < sk_X509_num(certs); i++)
97 PKCS7_add_certificate(p7, sk_X509_value(certs, i));
98 }
99
100 if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
101 PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
102 return NULL;
103 }
104
105
106 SMIME_crlf_copy(data, p7bio, flags);
107
108 if(!(flags & PKCS7_NOATTR)) {
109 PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
110 V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));
111 /* Add SMIMECapabilities */
112 if(!(flags & PKCS7_NOSMIMECAP))
113 {
114 if(!(smcap = sk_X509_ALGOR_new_null())) {
115 PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
116 return NULL;
117 }
118#ifndef NO_DES
119 PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
120#endif
121#ifndef NO_RC2
122 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
123 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
124#endif
125#ifndef NO_DES
126 PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
127#endif
128#ifndef NO_RC2
129 PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
130#endif
131 PKCS7_add_attrib_smimecap (si, smcap);
132 sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
133 }
134 }
135
136 if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
137
138 if (!PKCS7_dataFinal(p7,p7bio)) {
139 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);
140 return NULL;
141 }
142
143 BIO_free_all(p7bio);
144 return p7;
145}
146
147int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
148 BIO *indata, BIO *out, int flags)
149{
150 STACK_OF(X509) *signers;
151 X509 *signer;
152 STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
153 PKCS7_SIGNER_INFO *si;
154 X509_STORE_CTX cert_ctx;
155 char buf[4096];
156 int i, j=0, k, ret = 0;
157 BIO *p7bio;
158 BIO *tmpout;
159
160 if(!p7) {
161 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
162 return 0;
163 }
164
165 if(!PKCS7_type_is_signed(p7)) {
166 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_WRONG_CONTENT_TYPE);
167 return 0;
168 }
169
170 /* Check for no data and no content: no data to verify signature */
171 if(PKCS7_get_detached(p7) && !indata) {
172 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_CONTENT);
173 return 0;
174 }
175#if 0
176 /* NB: this test commented out because some versions of Netscape
177 * illegally include zero length content when signing data.
178 */
179
180 /* Check for data and content: two sets of data */
181 if(!PKCS7_get_detached(p7) && indata) {
182 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CONTENT_AND_DATA_PRESENT);
183 return 0;
184 }
185#endif
186
187 sinfos = PKCS7_get_signer_info(p7);
188
189 if(!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
190 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_SIGNATURES_ON_DATA);
191 return 0;
192 }
193
194
195 signers = PKCS7_get0_signers(p7, certs, flags);
196
197 if(!signers) return 0;
198
199 /* Now verify the certificates */
200
201 if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
202 signer = sk_X509_value (signers, k);
203 if (!(flags & PKCS7_NOCHAIN)) {
204 X509_STORE_CTX_init(&cert_ctx, store, signer,
205 p7->d.sign->cert);
206 X509_STORE_CTX_set_purpose(&cert_ctx,
207 X509_PURPOSE_SMIME_SIGN);
208 } else X509_STORE_CTX_init (&cert_ctx, store, signer, NULL);
209 i = X509_verify_cert(&cert_ctx);
210 if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
211 X509_STORE_CTX_cleanup(&cert_ctx);
212 if (i <= 0) {
213 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR);
214 ERR_add_error_data(2, "Verify error:",
215 X509_verify_cert_error_string(j));
216 sk_X509_free(signers);
217 return 0;
218 }
219 /* Check for revocation status here */
220 }
221
222 p7bio=PKCS7_dataInit(p7,indata);
223
224 if(flags & PKCS7_TEXT) {
225 if(!(tmpout = BIO_new(BIO_s_mem()))) {
226 PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
227 goto err;
228 }
229 } else tmpout = out;
230
231 /* We now have to 'read' from p7bio to calculate digests etc. */
232 for (;;)
233 {
234 i=BIO_read(p7bio,buf,sizeof(buf));
235 if (i <= 0) break;
236 if (tmpout) BIO_write(tmpout, buf, i);
237 }
238
239 if(flags & PKCS7_TEXT) {
240 if(!SMIME_text(tmpout, out)) {
241 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SMIME_TEXT_ERROR);
242 BIO_free(tmpout);
243 goto err;
244 }
245 BIO_free(tmpout);
246 }
247
248 /* Now Verify All Signatures */
249 if (!(flags & PKCS7_NOSIGS))
250 for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
251 {
252 si=sk_PKCS7_SIGNER_INFO_value(sinfos,i);
253 signer = sk_X509_value (signers, i);
254 j=PKCS7_signatureVerify(p7bio,p7,si, signer);
255 if (j <= 0) {
256 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SIGNATURE_FAILURE);
257 goto err;
258 }
259 }
260
261 ret = 1;
262
263 err:
264
265 if(indata) BIO_pop(p7bio);
266 BIO_free_all(p7bio);
267 sk_X509_free(signers);
268
269 return ret;
270}
271
272STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
273{
274 STACK_OF(X509) *signers;
275 STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
276 PKCS7_SIGNER_INFO *si;
277 PKCS7_ISSUER_AND_SERIAL *ias;
278 X509 *signer;
279 int i;
280
281 if(!p7) {
282 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_INVALID_NULL_POINTER);
283 return NULL;
284 }
285
286 if(!PKCS7_type_is_signed(p7)) {
287 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
288 return NULL;
289 }
290 if(!(signers = sk_X509_new_null())) {
291 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
292 return NULL;
293 }
294
295 /* Collect all the signers together */
296
297 sinfos = PKCS7_get_signer_info(p7);
298
299 if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
300 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS);
301 return 0;
302 }
303
304 for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
305 {
306 si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
307 ias = si->issuer_and_serial;
308 signer = NULL;
309 /* If any certificates passed they take priority */
310 if (certs) signer = X509_find_by_issuer_and_serial (certs,
311 ias->issuer, ias->serial);
312 if (!signer && !(flags & PKCS7_NOINTERN)
313 && p7->d.sign->cert) signer =
314 X509_find_by_issuer_and_serial (p7->d.sign->cert,
315 ias->issuer, ias->serial);
316 if (!signer) {
317 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
318 sk_X509_free(signers);
319 return 0;
320 }
321
322 sk_X509_push(signers, signer);
323 }
324 return signers;
325}
326
327
328/* Build a complete PKCS#7 enveloped data */
329
330PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
331 int flags)
332{
333 PKCS7 *p7;
334 BIO *p7bio = NULL;
335 int i;
336 X509 *x509;
337 if(!(p7 = PKCS7_new())) {
338 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
339 return NULL;
340 }
341
342 PKCS7_set_type(p7, NID_pkcs7_enveloped);
343 if(!PKCS7_set_cipher(p7, cipher)) {
344 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER);
345 goto err;
346 }
347
348 for(i = 0; i < sk_X509_num(certs); i++) {
349 x509 = sk_X509_value(certs, i);
350 if(!PKCS7_add_recipient(p7, x509)) {
351 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
352 PKCS7_R_ERROR_ADDING_RECIPIENT);
353 goto err;
354 }
355 }
356
357 if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
358 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
359 goto err;
360 }
361
362 SMIME_crlf_copy(in, p7bio, flags);
363
364 BIO_flush(p7bio);
365
366 if (!PKCS7_dataFinal(p7,p7bio)) {
367 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR);
368 goto err;
369 }
370 BIO_free_all(p7bio);
371
372 return p7;
373
374 err:
375
376 BIO_free(p7bio);
377 PKCS7_free(p7);
378 return NULL;
379
380}
381
382int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
383{
384 BIO *tmpmem;
385 int ret, i;
386 char buf[4096];
387
388 if(!p7) {
389 PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_INVALID_NULL_POINTER);
390 return 0;
391 }
392
393 if(!PKCS7_type_is_enveloped(p7)) {
394 PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_WRONG_CONTENT_TYPE);
395 return 0;
396 }
397
398 if(!X509_check_private_key(cert, pkey)) {
399 PKCS7err(PKCS7_F_PKCS7_DECRYPT,
400 PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
401 return 0;
402 }
403
404 if(!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
405 PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
406 return 0;
407 }
408
409 if (flags & PKCS7_TEXT) {
410 BIO *tmpbuf, *bread;
411 /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
412 if(!(tmpbuf = BIO_new(BIO_f_buffer()))) {
413 PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
414 return 0;
415 }
416 if(!(bread = BIO_push(tmpbuf, tmpmem))) {
417 PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
418 return 0;
419 }
420 ret = SMIME_text(bread, data);
421 BIO_free_all(bread);
422 return ret;
423 } else {
424 for(;;) {
425 i = BIO_read(tmpmem, buf, sizeof(buf));
426 if(i <= 0) break;
427 BIO_write(data, buf, i);
428 }
429 BIO_free_all(tmpmem);
430 return 1;
431 }
432}
diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h
deleted file mode 100644
index 1b817e605d..0000000000
--- a/src/lib/libcrypto/pkcs7/pkcs7.h
+++ /dev/null
@@ -1,505 +0,0 @@
1/* crypto/pkcs7/pkcs7.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_PKCS7_H
60#define HEADER_PKCS7_H
61
62#include <openssl/bio.h>
63#include <openssl/x509.h>
64
65#include <openssl/symhacks.h>
66
67#ifdef __cplusplus
68extern "C" {
69#endif
70
71#ifdef WIN32
72/* Under Win32 thes are defined in wincrypt.h */
73#undef PKCS7_ISSUER_AND_SERIAL
74#undef PKCS7_SIGNER_INFO
75#endif
76
77/*
78Encryption_ID DES-CBC
79Digest_ID MD5
80Digest_Encryption_ID rsaEncryption
81Key_Encryption_ID rsaEncryption
82*/
83
84typedef struct pkcs7_issuer_and_serial_st
85 {
86 X509_NAME *issuer;
87 ASN1_INTEGER *serial;
88 } PKCS7_ISSUER_AND_SERIAL;
89
90typedef struct pkcs7_signer_info_st
91 {
92 ASN1_INTEGER *version; /* version 1 */
93 PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
94 X509_ALGOR *digest_alg;
95 STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
96 X509_ALGOR *digest_enc_alg;
97 ASN1_OCTET_STRING *enc_digest;
98 STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
99
100 /* The private key to sign with */
101 EVP_PKEY *pkey;
102 } PKCS7_SIGNER_INFO;
103
104DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
105DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
106
107typedef struct pkcs7_recip_info_st
108 {
109 ASN1_INTEGER *version; /* version 0 */
110 PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
111 X509_ALGOR *key_enc_algor;
112 ASN1_OCTET_STRING *enc_key;
113 X509 *cert; /* get the pub-key from this */
114 } PKCS7_RECIP_INFO;
115
116DECLARE_STACK_OF(PKCS7_RECIP_INFO)
117DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
118
119typedef struct pkcs7_signed_st
120 {
121 ASN1_INTEGER *version; /* version 1 */
122 STACK_OF(X509_ALGOR) *md_algs; /* md used */
123 STACK_OF(X509) *cert; /* [ 0 ] */
124 STACK_OF(X509_CRL) *crl; /* [ 1 ] */
125 STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
126
127 struct pkcs7_st *contents;
128 } PKCS7_SIGNED;
129/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
130 * How about merging the two */
131
132typedef struct pkcs7_enc_content_st
133 {
134 ASN1_OBJECT *content_type;
135 X509_ALGOR *algorithm;
136 ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
137 const EVP_CIPHER *cipher;
138 } PKCS7_ENC_CONTENT;
139
140typedef struct pkcs7_enveloped_st
141 {
142 ASN1_INTEGER *version; /* version 0 */
143 STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
144 PKCS7_ENC_CONTENT *enc_data;
145 } PKCS7_ENVELOPE;
146
147typedef struct pkcs7_signedandenveloped_st
148 {
149 ASN1_INTEGER *version; /* version 1 */
150 STACK_OF(X509_ALGOR) *md_algs; /* md used */
151 STACK_OF(X509) *cert; /* [ 0 ] */
152 STACK_OF(X509_CRL) *crl; /* [ 1 ] */
153 STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
154
155 PKCS7_ENC_CONTENT *enc_data;
156 STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
157 } PKCS7_SIGN_ENVELOPE;
158
159typedef struct pkcs7_digest_st
160 {
161 ASN1_INTEGER *version; /* version 0 */
162 X509_ALGOR *md; /* md used */
163 struct pkcs7_st *contents;
164 ASN1_OCTET_STRING *digest;
165 } PKCS7_DIGEST;
166
167typedef struct pkcs7_encrypted_st
168 {
169 ASN1_INTEGER *version; /* version 0 */
170 PKCS7_ENC_CONTENT *enc_data;
171 } PKCS7_ENCRYPT;
172
173typedef struct pkcs7_st
174 {
175 /* The following is non NULL if it contains ASN1 encoding of
176 * this structure */
177 unsigned char *asn1;
178 long length;
179
180#define PKCS7_S_HEADER 0
181#define PKCS7_S_BODY 1
182#define PKCS7_S_TAIL 2
183 int state; /* used during processing */
184
185 int detached;
186
187 ASN1_OBJECT *type;
188 /* content as defined by the type */
189 /* all encryption/message digests are applied to the 'contents',
190 * leaving out the 'type' field. */
191 union {
192 char *ptr;
193
194 /* NID_pkcs7_data */
195 ASN1_OCTET_STRING *data;
196
197 /* NID_pkcs7_signed */
198 PKCS7_SIGNED *sign;
199
200 /* NID_pkcs7_enveloped */
201 PKCS7_ENVELOPE *enveloped;
202
203 /* NID_pkcs7_signedAndEnveloped */
204 PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
205
206 /* NID_pkcs7_digest */
207 PKCS7_DIGEST *digest;
208
209 /* NID_pkcs7_encrypted */
210 PKCS7_ENCRYPT *encrypted;
211
212 /* Anything else */
213 ASN1_TYPE *other;
214 } d;
215 } PKCS7;
216
217DECLARE_STACK_OF(PKCS7)
218DECLARE_ASN1_SET_OF(PKCS7)
219DECLARE_PKCS12_STACK_OF(PKCS7)
220
221#define PKCS7_OP_SET_DETACHED_SIGNATURE 1
222#define PKCS7_OP_GET_DETACHED_SIGNATURE 2
223
224#define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
225#define PKCS7_get_attributes(si) ((si)->unauth_attr)
226
227#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
228#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
229#define PKCS7_type_is_signedAndEnveloped(a) \
230 (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
231#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
232
233#define PKCS7_set_detached(p,v) \
234 PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
235#define PKCS7_get_detached(p) \
236 PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
237
238#ifdef SSLEAY_MACROS
239#ifndef PKCS7_ISSUER_AND_SERIAL_digest
240#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
241 ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
242 (char *)data,md,len)
243#endif
244#endif
245
246/* S/MIME related flags */
247
248#define PKCS7_TEXT 0x1
249#define PKCS7_NOCERTS 0x2
250#define PKCS7_NOSIGS 0x4
251#define PKCS7_NOCHAIN 0x8
252#define PKCS7_NOINTERN 0x10
253#define PKCS7_NOVERIFY 0x20
254#define PKCS7_DETACHED 0x40
255#define PKCS7_BINARY 0x80
256#define PKCS7_NOATTR 0x100
257#define PKCS7_NOSMIMECAP 0x200
258
259/* Flags: for compatibility with older code */
260
261#define SMIME_TEXT PKCS7_TEXT
262#define SMIME_NOCERTS PKCS7_NOCERTS
263#define SMIME_NOSIGS PKCS7_NOSIGS
264#define SMIME_NOCHAIN PKCS7_NOCHAIN
265#define SMIME_NOINTERN PKCS7_NOINTERN
266#define SMIME_NOVERIFY PKCS7_NOVERIFY
267#define SMIME_DETACHED PKCS7_DETACHED
268#define SMIME_BINARY PKCS7_BINARY
269#define SMIME_NOATTR PKCS7_NOATTR
270
271PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
272void PKCS7_ISSUER_AND_SERIAL_free(
273 PKCS7_ISSUER_AND_SERIAL *a);
274int i2d_PKCS7_ISSUER_AND_SERIAL(
275 PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
276PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
277 PKCS7_ISSUER_AND_SERIAL **a,
278 unsigned char **pp, long length);
279
280#ifndef SSLEAY_MACROS
281int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
282 unsigned char *md,unsigned int *len);
283#ifndef NO_FP_API
284PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
285int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
286#endif
287PKCS7 *PKCS7_dup(PKCS7 *p7);
288PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
289int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
290#endif
291
292PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void);
293void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
294int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
295 unsigned char **pp);
296PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
297 unsigned char **pp,long length);
298
299PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void);
300void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
301int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
302 unsigned char **pp);
303PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
304 unsigned char **pp,long length);
305
306PKCS7_SIGNED *PKCS7_SIGNED_new(void);
307void PKCS7_SIGNED_free(PKCS7_SIGNED *a);
308int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
309 unsigned char **pp);
310PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
311 unsigned char **pp,long length);
312
313PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void);
314void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
315int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
316 unsigned char **pp);
317PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
318 unsigned char **pp,long length);
319
320PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void);
321void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
322int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
323 unsigned char **pp);
324PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
325 unsigned char **pp,long length);
326
327PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void);
328void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
329int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
330 unsigned char **pp);
331PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
332 unsigned char **pp,long length);
333
334PKCS7_DIGEST *PKCS7_DIGEST_new(void);
335void PKCS7_DIGEST_free(PKCS7_DIGEST *a);
336int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
337 unsigned char **pp);
338PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
339 unsigned char **pp,long length);
340
341PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void);
342void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
343int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
344 unsigned char **pp);
345PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
346 unsigned char **pp,long length);
347
348PKCS7 *PKCS7_new(void);
349void PKCS7_free(PKCS7 *a);
350void PKCS7_content_free(PKCS7 *a);
351int i2d_PKCS7(PKCS7 *a,
352 unsigned char **pp);
353PKCS7 *d2i_PKCS7(PKCS7 **a,
354 unsigned char **pp,long length);
355
356void ERR_load_PKCS7_strings(void);
357
358
359long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
360
361int PKCS7_set_type(PKCS7 *p7, int type);
362int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
363int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
364 EVP_MD *dgst);
365int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
366int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
367int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
368int PKCS7_content_new(PKCS7 *p7, int nid);
369int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
370 BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
371int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
372 X509 *x509);
373
374BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
375int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
376BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
377
378
379PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
380 EVP_PKEY *pkey, EVP_MD *dgst);
381X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
382STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
383
384PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
385int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
386int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
387int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
388
389PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
390ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
391int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si,int nid,int type,
392 void *data);
393int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
394 void *value);
395ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
396ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
397int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
398 STACK_OF(X509_ATTRIBUTE) *sk);
399int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
400
401
402PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
403 BIO *data, int flags);
404int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
405 BIO *indata, BIO *out, int flags);
406STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
407PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
408 int flags);
409int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
410
411int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
412 STACK_OF(X509_ALGOR) *cap);
413STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
414int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
415
416int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
417PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
418int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
419int SMIME_text(BIO *in, BIO *out);
420
421/* BEGIN ERROR CODES */
422/* The following lines are auto generated by the script mkerr.pl. Any changes
423 * made after this point may be overwritten when the script is next run.
424 */
425
426/* Error codes for the PKCS7 functions. */
427
428/* Function codes. */
429#define PKCS7_F_B64_READ_PKCS7 120
430#define PKCS7_F_B64_WRITE_PKCS7 121
431#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
432#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
433#define PKCS7_F_PKCS7_ADD_CRL 101
434#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
435#define PKCS7_F_PKCS7_ADD_SIGNER 103
436#define PKCS7_F_PKCS7_CTRL 104
437#define PKCS7_F_PKCS7_DATADECODE 112
438#define PKCS7_F_PKCS7_DATAINIT 105
439#define PKCS7_F_PKCS7_DATASIGN 106
440#define PKCS7_F_PKCS7_DATAVERIFY 107
441#define PKCS7_F_PKCS7_DECRYPT 114
442#define PKCS7_F_PKCS7_ENCRYPT 115
443#define PKCS7_F_PKCS7_GET0_SIGNERS 124
444#define PKCS7_F_PKCS7_SET_CIPHER 108
445#define PKCS7_F_PKCS7_SET_CONTENT 109
446#define PKCS7_F_PKCS7_SET_TYPE 110
447#define PKCS7_F_PKCS7_SIGN 116
448#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
449#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
450#define PKCS7_F_PKCS7_VERIFY 117
451#define PKCS7_F_SMIME_READ_PKCS7 122
452#define PKCS7_F_SMIME_TEXT 123
453
454/* Reason codes. */
455#define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
456#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
457#define PKCS7_R_CIPHER_NOT_INITIALIZED 116
458#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
459#define PKCS7_R_DECODE_ERROR 130
460#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
461#define PKCS7_R_DECRYPT_ERROR 119
462#define PKCS7_R_DIGEST_FAILURE 101
463#define PKCS7_R_ERROR_ADDING_RECIPIENT 120
464#define PKCS7_R_ERROR_SETTING_CIPHER 121
465#define PKCS7_R_INTERNAL_ERROR 102
466#define PKCS7_R_INVALID_MIME_TYPE 131
467#define PKCS7_R_INVALID_NULL_POINTER 143
468#define PKCS7_R_MIME_NO_CONTENT_TYPE 132
469#define PKCS7_R_MIME_PARSE_ERROR 133
470#define PKCS7_R_MIME_SIG_PARSE_ERROR 134
471#define PKCS7_R_MISSING_CERIPEND_INFO 103
472#define PKCS7_R_NO_CONTENT 122
473#define PKCS7_R_NO_CONTENT_TYPE 135
474#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
475#define PKCS7_R_NO_MULTIPART_BOUNDARY 137
476#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
477#define PKCS7_R_NO_SIGNATURES_ON_DATA 123
478#define PKCS7_R_NO_SIGNERS 142
479#define PKCS7_R_NO_SIG_CONTENT_TYPE 138
480#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
481#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
482#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
483#define PKCS7_R_PKCS7_DATASIGN 126
484#define PKCS7_R_PKCS7_PARSE_ERROR 139
485#define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
486#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
487#define PKCS7_R_SIGNATURE_FAILURE 105
488#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
489#define PKCS7_R_SIG_INVALID_MIME_TYPE 141
490#define PKCS7_R_SMIME_TEXT_ERROR 129
491#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
492#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
493#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
494#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
495#define PKCS7_R_UNKNOWN_OPERATION 110
496#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
497#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
498#define PKCS7_R_WRONG_CONTENT_TYPE 113
499#define PKCS7_R_WRONG_PKCS7_TYPE 114
500
501#ifdef __cplusplus
502}
503#endif
504#endif
505
diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c
deleted file mode 100644
index 8ded8913db..0000000000
--- a/src/lib/libcrypto/pkcs7/pkcs7err.c
+++ /dev/null
@@ -1,161 +0,0 @@
1/* crypto/pkcs7/pkcs7err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/pkcs7.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA PKCS7_str_functs[]=
68 {
69{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0), "B64_READ_PKCS7"},
70{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0), "B64_WRITE_PKCS7"},
71{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0), "PKCS7_add_attrib_smimecap"},
72{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"},
73{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"},
74{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"},
75{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"},
76{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"},
77{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0), "PKCS7_dataDecode"},
78{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"},
79{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_DATASIGN"},
80{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"},
81{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0), "PKCS7_decrypt"},
82{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0), "PKCS7_encrypt"},
83{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0), "PKCS7_get0_signers"},
84{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"},
85{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"},
86{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"},
87{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0), "PKCS7_sign"},
88{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0), "PKCS7_signatureVerify"},
89{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0), "PKCS7_simple_smimecap"},
90{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0), "PKCS7_verify"},
91{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0), "SMIME_read_PKCS7"},
92{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0), "SMIME_text"},
93{0,NULL}
94 };
95
96static ERR_STRING_DATA PKCS7_str_reasons[]=
97 {
98{PKCS7_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"},
99{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
100{PKCS7_R_CIPHER_NOT_INITIALIZED ,"cipher not initialized"},
101{PKCS7_R_CONTENT_AND_DATA_PRESENT ,"content and data present"},
102{PKCS7_R_DECODE_ERROR ,"decode error"},
103{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH ,"decrypted key is wrong length"},
104{PKCS7_R_DECRYPT_ERROR ,"decrypt error"},
105{PKCS7_R_DIGEST_FAILURE ,"digest failure"},
106{PKCS7_R_ERROR_ADDING_RECIPIENT ,"error adding recipient"},
107{PKCS7_R_ERROR_SETTING_CIPHER ,"error setting cipher"},
108{PKCS7_R_INTERNAL_ERROR ,"internal error"},
109{PKCS7_R_INVALID_MIME_TYPE ,"invalid mime type"},
110{PKCS7_R_INVALID_NULL_POINTER ,"invalid null pointer"},
111{PKCS7_R_MIME_NO_CONTENT_TYPE ,"mime no content type"},
112{PKCS7_R_MIME_PARSE_ERROR ,"mime parse error"},
113{PKCS7_R_MIME_SIG_PARSE_ERROR ,"mime sig parse error"},
114{PKCS7_R_MISSING_CERIPEND_INFO ,"missing ceripend info"},
115{PKCS7_R_NO_CONTENT ,"no content"},
116{PKCS7_R_NO_CONTENT_TYPE ,"no content type"},
117{PKCS7_R_NO_MULTIPART_BODY_FAILURE ,"no multipart body failure"},
118{PKCS7_R_NO_MULTIPART_BOUNDARY ,"no multipart boundary"},
119{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"},
120{PKCS7_R_NO_SIGNATURES_ON_DATA ,"no signatures on data"},
121{PKCS7_R_NO_SIGNERS ,"no signers"},
122{PKCS7_R_NO_SIG_CONTENT_TYPE ,"no sig content type"},
123{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
124{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ,"pkcs7 add signature error"},
125{PKCS7_R_PKCS7_DATAFINAL_ERROR ,"pkcs7 datafinal error"},
126{PKCS7_R_PKCS7_DATASIGN ,"pkcs7 datasign"},
127{PKCS7_R_PKCS7_PARSE_ERROR ,"pkcs7 parse error"},
128{PKCS7_R_PKCS7_SIG_PARSE_ERROR ,"pkcs7 sig parse error"},
129{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
130{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"},
131{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ,"signer certificate not found"},
132{PKCS7_R_SIG_INVALID_MIME_TYPE ,"sig invalid mime type"},
133{PKCS7_R_SMIME_TEXT_ERROR ,"smime text error"},
134{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"},
135{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"},
136{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"},
137{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"},
138{PKCS7_R_UNKNOWN_OPERATION ,"unknown operation"},
139{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"},
140{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"},
141{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"},
142{PKCS7_R_WRONG_PKCS7_TYPE ,"wrong pkcs7 type"},
143{0,NULL}
144 };
145
146#endif
147
148void ERR_load_PKCS7_strings(void)
149 {
150 static int init=1;
151
152 if (init)
153 {
154 init=0;
155#ifndef NO_ERR
156 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
157 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
158#endif
159
160 }
161 }
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
deleted file mode 100644
index 9c6052733e..0000000000
--- a/src/lib/libcrypto/rand/rand.h
+++ /dev/null
@@ -1,134 +0,0 @@
1/* crypto/rand/rand.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RAND_H
60#define HEADER_RAND_H
61
62#include <stdlib.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68typedef struct rand_meth_st
69 {
70 void (*seed)(const void *buf, int num);
71 int (*bytes)(unsigned char *buf, int num);
72 void (*cleanup)(void);
73 void (*add)(const void *buf, int num, double entropy);
74 int (*pseudorand)(unsigned char *buf, int num);
75 int (*status)(void);
76 } RAND_METHOD;
77
78#ifdef BN_DEBUG
79extern int rand_predictable;
80#endif
81
82struct engine_st;
83
84int RAND_set_rand_method(struct engine_st *meth);
85RAND_METHOD *RAND_get_rand_method(void );
86RAND_METHOD *RAND_SSLeay(void);
87void RAND_cleanup(void );
88int RAND_bytes(unsigned char *buf,int num);
89int RAND_pseudo_bytes(unsigned char *buf,int num);
90void RAND_seed(const void *buf,int num);
91void RAND_add(const void *buf,int num,double entropy);
92int RAND_load_file(const char *file,long max_bytes);
93int RAND_write_file(const char *file);
94const char *RAND_file_name(char *file,size_t num);
95int RAND_status(void);
96int RAND_egd(const char *path);
97int RAND_egd_bytes(const char *path,int bytes);
98void ERR_load_RAND_strings(void);
99int RAND_poll(void);
100
101#ifdef __cplusplus
102}
103#endif
104
105#if defined(WINDOWS) || defined(WIN32)
106#include <windows.h>
107
108#ifdef __cplusplus
109extern "C" {
110#endif
111
112void RAND_screen(void);
113int RAND_event(UINT, WPARAM, LPARAM);
114
115#ifdef __cplusplus
116}
117#endif
118#endif
119
120/* BEGIN ERROR CODES */
121/* The following lines are auto generated by the script mkerr.pl. Any changes
122 * made after this point may be overwritten when the script is next run.
123 */
124
125/* Error codes for the RAND functions. */
126
127/* Function codes. */
128#define RAND_F_SSLEAY_RAND_BYTES 100
129
130/* Reason codes. */
131#define RAND_R_PRNG_NOT_SEEDED 100
132
133#endif
134
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c
deleted file mode 100644
index 1af0aa0b8a..0000000000
--- a/src/lib/libcrypto/rand/rand_err.c
+++ /dev/null
@@ -1,94 +0,0 @@
1/* crypto/rand/rand_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/rand.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA RAND_str_functs[]=
68 {
69{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"},
70{0,NULL}
71 };
72
73static ERR_STRING_DATA RAND_str_reasons[]=
74 {
75{RAND_R_PRNG_NOT_SEEDED ,"PRNG not seeded"},
76{0,NULL}
77 };
78
79#endif
80
81void ERR_load_RAND_strings(void)
82 {
83 static int init=1;
84
85 if (init)
86 {
87 init=0;
88#ifndef NO_ERR
89 ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
90 ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
91#endif
92
93 }
94 }
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
deleted file mode 100644
index 57eff0f132..0000000000
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ /dev/null
@@ -1,136 +0,0 @@
1/* crypto/rand/rand_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include <openssl/rand.h>
62#include <openssl/engine.h>
63
64static ENGINE *rand_engine=NULL;
65
66#if 0
67void RAND_set_rand_method(RAND_METHOD *meth)
68 {
69 rand_meth=meth;
70 }
71#else
72int RAND_set_rand_method(ENGINE *engine)
73 {
74 ENGINE *mtmp;
75 mtmp = rand_engine;
76 if (!ENGINE_init(engine))
77 return 0;
78 rand_engine = engine;
79 /* SHOULD ERROR CHECK THIS!!! */
80 ENGINE_finish(mtmp);
81 return 1;
82 }
83#endif
84
85RAND_METHOD *RAND_get_rand_method(void)
86 {
87 if (rand_engine == NULL
88 && (rand_engine = ENGINE_get_default_RAND()) == NULL)
89 return NULL;
90 return ENGINE_get_RAND(rand_engine);
91 }
92
93void RAND_cleanup(void)
94 {
95 RAND_METHOD *meth = RAND_get_rand_method();
96 if (meth && meth->cleanup)
97 meth->cleanup();
98 }
99
100void RAND_seed(const void *buf, int num)
101 {
102 RAND_METHOD *meth = RAND_get_rand_method();
103 if (meth && meth->seed)
104 meth->seed(buf,num);
105 }
106
107void RAND_add(const void *buf, int num, double entropy)
108 {
109 RAND_METHOD *meth = RAND_get_rand_method();
110 if (meth && meth->add)
111 meth->add(buf,num,entropy);
112 }
113
114int RAND_bytes(unsigned char *buf, int num)
115 {
116 RAND_METHOD *meth = RAND_get_rand_method();
117 if (meth && meth->bytes)
118 return meth->bytes(buf,num);
119 return(-1);
120 }
121
122int RAND_pseudo_bytes(unsigned char *buf, int num)
123 {
124 RAND_METHOD *meth = RAND_get_rand_method();
125 if (meth && meth->pseudorand)
126 return meth->pseudorand(buf,num);
127 return(-1);
128 }
129
130int RAND_status(void)
131 {
132 RAND_METHOD *meth = RAND_get_rand_method();
133 if (meth && meth->status)
134 return meth->status();
135 return 0;
136 }
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
deleted file mode 100644
index 2ffb84c89e..0000000000
--- a/src/lib/libcrypto/rand/randfile.c
+++ /dev/null
@@ -1,271 +0,0 @@
1/* crypto/rand/randfile.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <errno.h>
60#include <stdio.h>
61#include <stdlib.h>
62#include <string.h>
63
64#ifdef VMS
65#include <unixio.h>
66#endif
67#ifndef NO_SYS_TYPES_H
68# include <sys/types.h>
69#endif
70#ifdef MAC_OS_pre_X
71# include <stat.h>
72#else
73# include <sys/stat.h>
74#endif
75
76#include "openssl/e_os.h"
77#include <openssl/crypto.h>
78#include <openssl/rand.h>
79
80#undef BUFSIZE
81#define BUFSIZE 1024
82#define RAND_DATA 1024
83
84/* #define RFILE ".rnd" - defined in ../../e_os.h */
85
86/* Note that these functions are intended for seed files only.
87 * Entropy devices and EGD sockets are handled in rand_unix.c */
88
89int RAND_load_file(const char *file, long bytes)
90 {
91 /* If bytes >= 0, read up to 'bytes' bytes.
92 * if bytes == -1, read complete file. */
93
94 MS_STATIC unsigned char buf[BUFSIZE];
95 struct stat sb;
96 int i,ret=0,n;
97 FILE *in;
98
99 if (file == NULL) return(0);
100
101 i=stat(file,&sb);
102 if (i < 0) {
103 /* If the state fails, put some crap in anyway */
104 RAND_add(&sb,sizeof(sb),0);
105 return(0);
106 }
107 if (bytes == 0) return(ret);
108 in=fopen(file,"rb");
109 if (in == NULL) goto err;
110 if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
111 /* this file is a device. we don't want read an infinite number
112 * of bytes from a random device, nor do we want to use buffered
113 * I/O because we will waste system entropy.
114 */
115 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
116 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
117 }
118 for (;;)
119 {
120 if (bytes > 0)
121 n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
122 else
123 n = BUFSIZE;
124 i=fread(buf,1,n,in);
125 if (i <= 0) break;
126 /* even if n != i, use the full array */
127 RAND_add(buf,n,i);
128 ret+=i;
129 if (bytes > 0)
130 {
131 bytes-=n;
132 if (bytes <= 0) break;
133 }
134 }
135 fclose(in);
136 memset(buf,0,BUFSIZE);
137err:
138 return(ret);
139 }
140
141int RAND_write_file(const char *file)
142 {
143 unsigned char buf[BUFSIZE];
144 int i,ret=0,rand_err=0;
145 FILE *out = NULL;
146 int n;
147 struct stat sb;
148
149 i=stat(file,&sb);
150 if (i != -1) {
151 if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
152 /* this file is a device. we don't write back to it.
153 * we "succeed" on the assumption this is some sort
154 * of random device. Otherwise attempting to write to
155 * and chmod the device causes problems.
156 */
157 return(1);
158 }
159 }
160
161#if defined(O_CREAT) && !defined(WIN32)
162 /* For some reason Win32 can't write to files created this way */
163
164 /* chmod(..., 0600) is too late to protect the file,
165 * permissions should be restrictive from the start */
166 int fd = open(file, O_CREAT, 0600);
167 if (fd != -1)
168 out = fdopen(fd, "wb");
169#endif
170 if (out == NULL)
171 out = fopen(file,"wb");
172 if (out == NULL) goto err;
173
174#ifndef NO_CHMOD
175 chmod(file,0600);
176#endif
177 n=RAND_DATA;
178 for (;;)
179 {
180 i=(n > BUFSIZE)?BUFSIZE:n;
181 n-=BUFSIZE;
182 if (RAND_bytes(buf,i) <= 0)
183 rand_err=1;
184 i=fwrite(buf,1,i,out);
185 if (i <= 0)
186 {
187 ret=0;
188 break;
189 }
190 ret+=i;
191 if (n <= 0) break;
192 }
193#ifdef VMS
194 /* Try to delete older versions of the file, until there aren't
195 any */
196 {
197 char *tmpf;
198
199 tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */
200 if (tmpf)
201 {
202 strcpy(tmpf, file);
203 strcat(tmpf, ";-1");
204 while(delete(tmpf) == 0)
205 ;
206 rename(file,";1"); /* Make sure it's version 1, or we
207 will reach the limit (32767) at
208 some point... */
209 }
210 }
211#endif /* VMS */
212
213 fclose(out);
214 memset(buf,0,BUFSIZE);
215err:
216 return (rand_err ? -1 : ret);
217 }
218
219const char *RAND_file_name(char *buf, size_t size)
220 {
221 char *s = NULL;
222 char *ret=NULL;
223 struct stat sb;
224
225 if (issetugid() == 0)
226 s = getenv("RANDFILE");
227 if (s != NULL && *s && strlen(s) + 1 < size)
228 {
229 strlcpy(buf,s,size);
230 ret=buf;
231 }
232 else
233 {
234 if (issetugid() == 0)
235 s=getenv("HOME");
236#ifdef DEFAULT_HOME
237 if (s == NULL)
238 {
239 s = DEFAULT_HOME;
240 }
241#endif
242 if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
243 {
244 strlcpy(buf,s,size);
245#ifndef VMS
246 strcat(buf,"/");
247#endif
248 strlcat(buf,RFILE,size);
249 ret=buf;
250 }
251 else
252 buf[0] = '\0'; /* no file name */
253 }
254
255#ifdef DEVRANDOM
256 /* given that all random loads just fail if the file can't be
257 * seen on a stat, we stat the file we're returning, if it
258 * fails, use DEVRANDOM instead. the allows the user to
259 * use their own source for good random data, but defaults
260 * to something hopefully decent if that isn't available.
261 */
262
263 if (ret == NULL)
264 ret = DEVRANDOM;
265
266 if (stat(ret,&sb) == -1)
267 ret = DEVRANDOM;
268#endif
269 return(ret);
270 }
271
diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h
deleted file mode 100644
index 076c0a067c..0000000000
--- a/src/lib/libcrypto/rc2/rc2.h
+++ /dev/null
@@ -1,101 +0,0 @@
1/* crypto/rc2/rc2.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RC2_H
60#define HEADER_RC2_H
61
62#ifdef NO_RC2
63#error RC2 is disabled.
64#endif
65
66#define RC2_ENCRYPT 1
67#define RC2_DECRYPT 0
68
69#include <openssl/opensslconf.h> /* RC2_INT */
70#define RC2_BLOCK 8
71#define RC2_KEY_LENGTH 16
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
77typedef struct rc2_key_st
78 {
79 RC2_INT data[64];
80 } RC2_KEY;
81
82
83void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
84void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
85 int enc);
86void RC2_encrypt(unsigned long *data,RC2_KEY *key);
87void RC2_decrypt(unsigned long *data,RC2_KEY *key);
88void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
89 RC2_KEY *ks, unsigned char *iv, int enc);
90void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
91 long length, RC2_KEY *schedule, unsigned char *ivec,
92 int *num, int enc);
93void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
94 long length, RC2_KEY *schedule, unsigned char *ivec,
95 int *num);
96
97#ifdef __cplusplus
98}
99#endif
100
101#endif
diff --git a/src/lib/libcrypto/rc2/rc2_cbc.c b/src/lib/libcrypto/rc2/rc2_cbc.c
deleted file mode 100644
index 74f48d3d87..0000000000
--- a/src/lib/libcrypto/rc2/rc2_cbc.c
+++ /dev/null
@@ -1,226 +0,0 @@
1/* crypto/rc2/rc2_cbc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_locl.h"
61
62void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
63 RC2_KEY *ks, unsigned char *iv, int encrypt)
64 {
65 register unsigned long tin0,tin1;
66 register unsigned long tout0,tout1,xor0,xor1;
67 register long l=length;
68 unsigned long tin[2];
69
70 if (encrypt)
71 {
72 c2l(iv,tout0);
73 c2l(iv,tout1);
74 iv-=8;
75 for (l-=8; l>=0; l-=8)
76 {
77 c2l(in,tin0);
78 c2l(in,tin1);
79 tin0^=tout0;
80 tin1^=tout1;
81 tin[0]=tin0;
82 tin[1]=tin1;
83 RC2_encrypt(tin,ks);
84 tout0=tin[0]; l2c(tout0,out);
85 tout1=tin[1]; l2c(tout1,out);
86 }
87 if (l != -8)
88 {
89 c2ln(in,tin0,tin1,l+8);
90 tin0^=tout0;
91 tin1^=tout1;
92 tin[0]=tin0;
93 tin[1]=tin1;
94 RC2_encrypt(tin,ks);
95 tout0=tin[0]; l2c(tout0,out);
96 tout1=tin[1]; l2c(tout1,out);
97 }
98 l2c(tout0,iv);
99 l2c(tout1,iv);
100 }
101 else
102 {
103 c2l(iv,xor0);
104 c2l(iv,xor1);
105 iv-=8;
106 for (l-=8; l>=0; l-=8)
107 {
108 c2l(in,tin0); tin[0]=tin0;
109 c2l(in,tin1); tin[1]=tin1;
110 RC2_decrypt(tin,ks);
111 tout0=tin[0]^xor0;
112 tout1=tin[1]^xor1;
113 l2c(tout0,out);
114 l2c(tout1,out);
115 xor0=tin0;
116 xor1=tin1;
117 }
118 if (l != -8)
119 {
120 c2l(in,tin0); tin[0]=tin0;
121 c2l(in,tin1); tin[1]=tin1;
122 RC2_decrypt(tin,ks);
123 tout0=tin[0]^xor0;
124 tout1=tin[1]^xor1;
125 l2cn(tout0,tout1,out,l+8);
126 xor0=tin0;
127 xor1=tin1;
128 }
129 l2c(xor0,iv);
130 l2c(xor1,iv);
131 }
132 tin0=tin1=tout0=tout1=xor0=xor1=0;
133 tin[0]=tin[1]=0;
134 }
135
136void RC2_encrypt(unsigned long *d, RC2_KEY *key)
137 {
138 int i,n;
139 register RC2_INT *p0,*p1;
140 register RC2_INT x0,x1,x2,x3,t;
141 unsigned long l;
142
143 l=d[0];
144 x0=(RC2_INT)l&0xffff;
145 x1=(RC2_INT)(l>>16L);
146 l=d[1];
147 x2=(RC2_INT)l&0xffff;
148 x3=(RC2_INT)(l>>16L);
149
150 n=3;
151 i=5;
152
153 p0=p1= &(key->data[0]);
154 for (;;)
155 {
156 t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
157 x0=(t<<1)|(t>>15);
158 t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
159 x1=(t<<2)|(t>>14);
160 t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
161 x2=(t<<3)|(t>>13);
162 t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
163 x3=(t<<5)|(t>>11);
164
165 if (--i == 0)
166 {
167 if (--n == 0) break;
168 i=(n == 2)?6:5;
169
170 x0+=p1[x3&0x3f];
171 x1+=p1[x0&0x3f];
172 x2+=p1[x1&0x3f];
173 x3+=p1[x2&0x3f];
174 }
175 }
176
177 d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
178 d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
179 }
180
181void RC2_decrypt(unsigned long *d, RC2_KEY *key)
182 {
183 int i,n;
184 register RC2_INT *p0,*p1;
185 register RC2_INT x0,x1,x2,x3,t;
186 unsigned long l;
187
188 l=d[0];
189 x0=(RC2_INT)l&0xffff;
190 x1=(RC2_INT)(l>>16L);
191 l=d[1];
192 x2=(RC2_INT)l&0xffff;
193 x3=(RC2_INT)(l>>16L);
194
195 n=3;
196 i=5;
197
198 p0= &(key->data[63]);
199 p1= &(key->data[0]);
200 for (;;)
201 {
202 t=((x3<<11)|(x3>>5))&0xffff;
203 x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
204 t=((x2<<13)|(x2>>3))&0xffff;
205 x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
206 t=((x1<<14)|(x1>>2))&0xffff;
207 x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
208 t=((x0<<15)|(x0>>1))&0xffff;
209 x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
210
211 if (--i == 0)
212 {
213 if (--n == 0) break;
214 i=(n == 2)?6:5;
215
216 x3=(x3-p1[x2&0x3f])&0xffff;
217 x2=(x2-p1[x1&0x3f])&0xffff;
218 x1=(x1-p1[x0&0x3f])&0xffff;
219 x0=(x0-p1[x3&0x3f])&0xffff;
220 }
221 }
222
223 d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
224 d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
225 }
226
diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c
deleted file mode 100644
index d3e8c2718a..0000000000
--- a/src/lib/libcrypto/rc2/rc2_ecb.c
+++ /dev/null
@@ -1,88 +0,0 @@
1/* crypto/rc2/rc2_ecb.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_locl.h"
61#include <openssl/opensslv.h>
62
63const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT;
64
65/* RC2 as implemented frm a posting from
66 * Newsgroups: sci.crypt
67 * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
68 * Subject: Specification for Ron Rivests Cipher No.2
69 * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
70 * Date: 11 Feb 1996 06:45:03 GMT
71 */
72
73void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
74 int encrypt)
75 {
76 unsigned long l,d[2];
77
78 c2l(in,l); d[0]=l;
79 c2l(in,l); d[1]=l;
80 if (encrypt)
81 RC2_encrypt(d,ks);
82 else
83 RC2_decrypt(d,ks);
84 l=d[0]; l2c(l,out);
85 l=d[1]; l2c(l,out);
86 l=d[0]=d[1]=0;
87 }
88
diff --git a/src/lib/libcrypto/rc2/rc2_locl.h b/src/lib/libcrypto/rc2/rc2_locl.h
deleted file mode 100644
index 565cd17619..0000000000
--- a/src/lib/libcrypto/rc2/rc2_locl.h
+++ /dev/null
@@ -1,156 +0,0 @@
1/* crypto/rc2/rc2_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#undef c2l
60#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
61 l|=((unsigned long)(*((c)++)))<< 8L, \
62 l|=((unsigned long)(*((c)++)))<<16L, \
63 l|=((unsigned long)(*((c)++)))<<24L)
64
65/* NOTE - c is not incremented as per c2l */
66#undef c2ln
67#define c2ln(c,l1,l2,n) { \
68 c+=n; \
69 l1=l2=0; \
70 switch (n) { \
71 case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
72 case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
73 case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
74 case 5: l2|=((unsigned long)(*(--(c)))); \
75 case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
76 case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
77 case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
78 case 1: l1|=((unsigned long)(*(--(c)))); \
79 } \
80 }
81
82#undef l2c
83#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
84 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
85 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
86 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
87
88/* NOTE - c is not incremented as per l2c */
89#undef l2cn
90#define l2cn(l1,l2,c,n) { \
91 c+=n; \
92 switch (n) { \
93 case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
94 case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
95 case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
96 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
97 case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
98 case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
99 case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
100 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
101 } \
102 }
103
104/* NOTE - c is not incremented as per n2l */
105#define n2ln(c,l1,l2,n) { \
106 c+=n; \
107 l1=l2=0; \
108 switch (n) { \
109 case 8: l2 =((unsigned long)(*(--(c)))) ; \
110 case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
111 case 6: l2|=((unsigned long)(*(--(c))))<<16; \
112 case 5: l2|=((unsigned long)(*(--(c))))<<24; \
113 case 4: l1 =((unsigned long)(*(--(c)))) ; \
114 case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
115 case 2: l1|=((unsigned long)(*(--(c))))<<16; \
116 case 1: l1|=((unsigned long)(*(--(c))))<<24; \
117 } \
118 }
119
120/* NOTE - c is not incremented as per l2n */
121#define l2nn(l1,l2,c,n) { \
122 c+=n; \
123 switch (n) { \
124 case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
125 case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
126 case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
127 case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
128 case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
129 case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
130 case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
131 case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
132 } \
133 }
134
135#undef n2l
136#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
137 l|=((unsigned long)(*((c)++)))<<16L, \
138 l|=((unsigned long)(*((c)++)))<< 8L, \
139 l|=((unsigned long)(*((c)++))))
140
141#undef l2n
142#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
143 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
144 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
145 *((c)++)=(unsigned char)(((l) )&0xff))
146
147#define C_RC2(n) \
148 t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
149 x0=(t<<1)|(t>>15); \
150 t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
151 x1=(t<<2)|(t>>14); \
152 t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
153 x2=(t<<3)|(t>>13); \
154 t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
155 x3=(t<<5)|(t>>11);
156
diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c
deleted file mode 100644
index cab3080c73..0000000000
--- a/src/lib/libcrypto/rc2/rc2_skey.c
+++ /dev/null
@@ -1,138 +0,0 @@
1/* crypto/rc2/rc2_skey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_locl.h"
61
62static unsigned char key_table[256]={
63 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
64 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
65 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
66 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
67 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
68 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
69 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
70 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
71 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
72 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
73 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
74 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
75 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
76 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
77 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
78 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
79 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
80 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
81 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
82 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
83 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
84 0xfe,0x7f,0xc1,0xad,
85 };
86
87/* It has come to my attention that there are 2 versions of the RC2
88 * key schedule. One which is normal, and anther which has a hook to
89 * use a reduced key length.
90 * BSAFE uses the 'retarded' version. What I previously shipped is
91 * the same as specifying 1024 for the 'bits' parameter. Bsafe uses
92 * a version where the bits parameter is the same as len*8 */
93void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
94 {
95 int i,j;
96 unsigned char *k;
97 RC2_INT *ki;
98 unsigned int c,d;
99
100 k= (unsigned char *)&(key->data[0]);
101 *k=0; /* for if there is a zero length key */
102
103 if (len > 128) len=128;
104 if (bits <= 0) bits=1024;
105 if (bits > 1024) bits=1024;
106
107 for (i=0; i<len; i++)
108 k[i]=data[i];
109
110 /* expand table */
111 d=k[len-1];
112 j=0;
113 for (i=len; i < 128; i++,j++)
114 {
115 d=key_table[(k[j]+d)&0xff];
116 k[i]=d;
117 }
118
119 /* hmm.... key reduction to 'bits' bits */
120
121 j=(bits+7)>>3;
122 i=128-j;
123 c= (0xff>>(-bits & 0x07));
124
125 d=key_table[k[i]&c];
126 k[i]=d;
127 while (i--)
128 {
129 d=key_table[k[i+j]^d];
130 k[i]=d;
131 }
132
133 /* copy from bytes into RC2_INT's */
134 ki= &(key->data[63]);
135 for (i=127; i>=0; i-=2)
136 *(ki--)=((k[i]<<8)|k[i-1])&0xffff;
137 }
138
diff --git a/src/lib/libcrypto/rc2/rc2cfb64.c b/src/lib/libcrypto/rc2/rc2cfb64.c
deleted file mode 100644
index b3a0158a6e..0000000000
--- a/src/lib/libcrypto/rc2/rc2cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
1/* crypto/rc2/rc2cfb64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_locl.h"
61
62/* The input and output encrypted as though 64bit cfb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66
67void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
68 long length, RC2_KEY *schedule, unsigned char *ivec,
69 int *num, int encrypt)
70 {
71 register unsigned long v0,v1,t;
72 register int n= *num;
73 register long l=length;
74 unsigned long ti[2];
75 unsigned char *iv,c,cc;
76
77 iv=(unsigned char *)ivec;
78 if (encrypt)
79 {
80 while (l--)
81 {
82 if (n == 0)
83 {
84 c2l(iv,v0); ti[0]=v0;
85 c2l(iv,v1); ti[1]=v1;
86 RC2_encrypt((unsigned long *)ti,schedule);
87 iv=(unsigned char *)ivec;
88 t=ti[0]; l2c(t,iv);
89 t=ti[1]; l2c(t,iv);
90 iv=(unsigned char *)ivec;
91 }
92 c= *(in++)^iv[n];
93 *(out++)=c;
94 iv[n]=c;
95 n=(n+1)&0x07;
96 }
97 }
98 else
99 {
100 while (l--)
101 {
102 if (n == 0)
103 {
104 c2l(iv,v0); ti[0]=v0;
105 c2l(iv,v1); ti[1]=v1;
106 RC2_encrypt((unsigned long *)ti,schedule);
107 iv=(unsigned char *)ivec;
108 t=ti[0]; l2c(t,iv);
109 t=ti[1]; l2c(t,iv);
110 iv=(unsigned char *)ivec;
111 }
112 cc= *(in++);
113 c=iv[n];
114 iv[n]=cc;
115 *(out++)=c^cc;
116 n=(n+1)&0x07;
117 }
118 }
119 v0=v1=ti[0]=ti[1]=t=c=cc=0;
120 *num=n;
121 }
122
diff --git a/src/lib/libcrypto/rc2/rc2ofb64.c b/src/lib/libcrypto/rc2/rc2ofb64.c
deleted file mode 100644
index 9e297867ed..0000000000
--- a/src/lib/libcrypto/rc2/rc2ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
1/* crypto/rc2/rc2ofb64.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_locl.h"
61
62/* The input and output encrypted as though 64bit ofb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
67 long length, RC2_KEY *schedule, unsigned char *ivec,
68 int *num)
69 {
70 register unsigned long v0,v1,t;
71 register int n= *num;
72 register long l=length;
73 unsigned char d[8];
74 register char *dp;
75 unsigned long ti[2];
76 unsigned char *iv;
77 int save=0;
78
79 iv=(unsigned char *)ivec;
80 c2l(iv,v0);
81 c2l(iv,v1);
82 ti[0]=v0;
83 ti[1]=v1;
84 dp=(char *)d;
85 l2c(v0,dp);
86 l2c(v1,dp);
87 while (l--)
88 {
89 if (n == 0)
90 {
91 RC2_encrypt((unsigned long *)ti,schedule);
92 dp=(char *)d;
93 t=ti[0]; l2c(t,dp);
94 t=ti[1]; l2c(t,dp);
95 save++;
96 }
97 *(out++)= *(in++)^d[n];
98 n=(n+1)&0x07;
99 }
100 if (save)
101 {
102 v0=ti[0];
103 v1=ti[1];
104 iv=(unsigned char *)ivec;
105 l2c(v0,iv);
106 l2c(v1,iv);
107 }
108 t=v0=v1=ti[0]=ti[1]=0;
109 *num=n;
110 }
111
diff --git a/src/lib/libcrypto/rc2/rrc2.doc b/src/lib/libcrypto/rc2/rrc2.doc
deleted file mode 100644
index f93ee003d2..0000000000
--- a/src/lib/libcrypto/rc2/rrc2.doc
+++ /dev/null
@@ -1,219 +0,0 @@
1>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
2Article 23601 of sci.crypt:
3Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
4>From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
5Newsgroups: sci.crypt
6Subject: Specification for Ron Rivests Cipher No.2
7Date: 11 Feb 1996 06:45:03 GMT
8Organization: University of Auckland
9Lines: 203
10Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
11Message-ID: <4fk39f$f70@net.auckland.ac.nz>
12NNTP-Posting-Host: cs26.cs.auckland.ac.nz
13X-Newsreader: NN version 6.5.0 #3 (NOV)
14
15
16
17
18 Ron Rivest's Cipher No.2
19 ------------------------
20
21Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
22refer to it by other names) is word oriented, operating on a block of 64 bits
23divided into four 16-bit words, with a key table of 64 words. All data units
24are little-endian. This functional description of the algorithm is based in
25the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
26the same general layout, terminology, and pseudocode style.
27
28
29Notation and RRC.2 Primitive Operations
30
31RRC.2 uses the following primitive operations:
32
331. Two's-complement addition of words, denoted by "+". The inverse operation,
34 subtraction, is denoted by "-".
352. Bitwise exclusive OR, denoted by "^".
363. Bitwise AND, denoted by "&".
374. Bitwise NOT, denoted by "~".
385. A left-rotation of words; the rotation of word x left by y is denoted
39 x <<< y. The inverse operation, right-rotation, is denoted x >>> y.
40
41These operations are directly and efficiently supported by most processors.
42
43
44The RRC.2 Algorithm
45
46RRC.2 consists of three components, a *key expansion* algorithm, an
47*encryption* algorithm, and a *decryption* algorithm.
48
49
50Key Expansion
51
52The purpose of the key-expansion routine is to expand the user's key K to fill
53the expanded key array S, so S resembles an array of random binary words
54determined by the user's secret key K.
55
56Initialising the S-box
57
58RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
59Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern
60cryptography by enough time that there should be no concerns about trapdoors
61hidden in the data. They have been published widely, and the S-box can be
62easily recreated from the one-time pad values and the Beale Cipher data taken
63from a standard source. To initialise the S-box:
64
65 for i = 0 to 255 do
66 sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
67
68The contents of Beale Cipher No.1 and the necessary one-time pad are given as
69an appendix at the end of this document. For efficiency, implementors may wish
70to skip the Beale Cipher expansion and store the sBox table directly.
71
72Expanding the Secret Key to 128 Bytes
73
74The secret key is first expanded to fill 128 bytes (64 words). The expansion
75consists of taking the sum of the first and last bytes in the user key, looking
76up the sum (modulo 256) in the S-box, and appending the result to the key. The
77operation is repeated with the second byte and new last byte of the key until
78all 128 bytes have been generated. Note that the following pseudocode treats
79the S array as an array of 128 bytes rather than 64 words.
80
81 for j = 0 to length-1 do
82 S[ j ] = K[ j ]
83 for j = length to 127 do
84 s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
85
86At this point it is possible to perform a truncation of the effective key
87length to ease the creation of espionage-enabled software products. However
88since the author cannot conceive why anyone would want to do this, it will not
89be considered further.
90
91The final phase of the key expansion involves replacing the first byte of S
92with the entry selected from the S-box:
93
94 S[ 0 ] = sBox[ S[ 0 ] ]
95
96
97Encryption
98
99The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full
100rounds perform an additional transformation on the data. Note that the
101following pseudocode treats the S array as an array of 64 words rather than 128
102bytes.
103
104 for i = 0 to 15 do
105 j = i * 4;
106 word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
107 word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
108 word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
109 word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
110
111In addition the fifth and eleventh rounds add the contents of the S-box indexed
112by one of the data words to another of the data words following the four
113subrounds as follows:
114
115 word0 = word0 + S[ word3 & 63 ];
116 word1 = word1 + S[ word0 & 63 ];
117 word2 = word2 + S[ word1 & 63 ];
118 word3 = word3 + S[ word2 & 63 ];
119
120
121Decryption
122
123The decryption operation is simply the inverse of the encryption operation.
124Note that the following pseudocode treats the S array as an array of 64 words
125rather than 128 bytes.
126
127 for i = 15 downto 0 do
128 j = i * 4;
129 word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
130 word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
131 word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
132 word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
133
134In addition the fifth and eleventh rounds subtract the contents of the S-box
135indexed by one of the data words from another one of the data words following
136the four subrounds as follows:
137
138 word3 = word3 - S[ word2 & 63 ]
139 word2 = word2 - S[ word1 & 63 ]
140 word1 = word1 - S[ word0 & 63 ]
141 word0 = word0 - S[ word3 & 63 ]
142
143
144Test Vectors
145
146The following test vectors may be used to test the correctness of an RRC.2
147implementation:
148
149 Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
150 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
151 Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
152 Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
153
154 Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
155 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
156 Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
157 Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
158
159 Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
160 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
161 Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
162 Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
163
164 Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
165 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
166 Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
167 Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
168
169
170Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
171 Creating the S-Box
172
173Beale Cipher No.1.
174
175 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95,
176 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3,
177 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
178 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193,
179 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176,
180 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416,
181 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283,
182 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131,
183 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12,
184 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346,
185 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21,
186 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37,
187 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680,
188 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818,
189 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81,
190 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206
191
192One-time Pad.
193
194 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194,
195 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161,
196 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213,
197 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67,
198 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108,
199 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134,
200 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24,
201 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84,
202 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38,
203 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182,
204 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44,
205 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20,
206 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97,
207 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155,
208 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127,
209 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99
210
211
212Implementation
213
214A non-US based programmer who has never seen any encryption code before will
215shortly be implementing RRC.2 based solely on this specification and not on
216knowledge of any other encryption algorithms. Stand by.
217
218
219
diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version
deleted file mode 100644
index 6f89d595f1..0000000000
--- a/src/lib/libcrypto/rc2/version
+++ /dev/null
@@ -1,22 +0,0 @@
11.1 23/08/96 - eay
2 Changed RC2_set_key() so it now takes another argument. Many
3 thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
4 clarification and origional specification of RC2. BSAFE uses
5 this last parameter, 'bits'. It the key is 128 bits, BSAFE
6 also sets this parameter to 128. The old behaviour can be
7 duplicated by setting this parameter to 1024.
8
91.0 08/04/96 - eay
10 First version of SSLeay with rc2. This has been written from the spec
11 posted sci.crypt. It is in this directory under rrc2.doc
12 I have no test values for any mode other than ecb, my wrappers for the
13 other modes should be ok since they are basically the same as
14 the ones taken from idea and des :-). I have implemented them as
15 little-endian operators.
16 While rc2 is included because it is used with SSL, I don't know how
17 far I trust it. It is about the same speed as IDEA and DES.
18 So if you are paranoid, used Tripple DES, else IDEA. If RC2
19 does get used more, perhaps more people will look for weaknesses in
20 it.
21
22
diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl
deleted file mode 100644
index 7ef889e5a1..0000000000
--- a/src/lib/libcrypto/rc4/asm/rc4-586.pl
+++ /dev/null
@@ -1,173 +0,0 @@
1#!/usr/local/bin/perl
2
3# define for pentium pro friendly version
4
5push(@INC,"perlasm","../../perlasm");
6require "x86asm.pl";
7
8&asm_init($ARGV[0],"rc4-586.pl");
9
10$tx="eax";
11$ty="ebx";
12$x="ecx";
13$y="edx";
14$in="esi";
15$out="edi";
16$d="ebp";
17
18&RC4("RC4");
19
20&asm_finish();
21
22sub RC4_loop
23 {
24 local($n,$p,$char)=@_;
25
26 &comment("Round $n");
27
28 if ($char)
29 {
30 if ($p >= 0)
31 {
32 &mov($ty, &swtmp(2));
33 &cmp($ty, $in);
34 &jle(&label("finished"));
35 &inc($in);
36 }
37 else
38 {
39 &add($ty, 8);
40 &inc($in);
41 &cmp($ty, $in);
42 &jl(&label("finished"));
43 &mov(&swtmp(2), $ty);
44 }
45 }
46 # Moved out
47 # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0;
48
49 &add( $y, $tx);
50 &and( $y, 0xff);
51 &inc( $x); # NEXT ROUND
52 &mov( $ty, &DWP(0,$d,$y,4));
53 # XXX
54 &mov( &DWP(-4,$d,$x,4),$ty); # AGI
55 &add( $ty, $tx);
56 &and( $x, 0xff); # NEXT ROUND
57 &and( $ty, 0xff);
58 &mov( &DWP(0,$d,$y,4),$tx);
59 &nop();
60 &mov( $ty, &DWP(0,$d,$ty,4));
61 &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
62 # XXX
63
64 if (!$char)
65 {
66 #moved up into last round
67 if ($p >= 1)
68 {
69 &add( $out, 8)
70 }
71 &movb( &BP($n,"esp","",0), &LB($ty));
72 }
73 else
74 {
75 # Note in+=8 has occured
76 &movb( &HB($ty), &BP(-1,$in,"",0));
77 # XXX
78 &xorb(&LB($ty), &HB($ty));
79 # XXX
80 &movb(&BP($n,$out,"",0),&LB($ty));
81 }
82 }
83
84
85sub RC4
86 {
87 local($name)=@_;
88
89 &function_begin_B($name,"");
90
91 &comment("");
92
93 &push("ebp");
94 &push("ebx");
95 &mov( $d, &wparam(0)); # key
96 &mov( $ty, &wparam(1)); # num
97 &push("esi");
98 &push("edi");
99
100 &mov( $x, &DWP(0,$d,"",1));
101 &mov( $y, &DWP(4,$d,"",1));
102
103 &mov( $in, &wparam(2));
104 &inc( $x);
105
106 &stack_push(3); # 3 temp variables
107 &add( $d, 8);
108 &and( $x, 0xff);
109
110 &lea( $ty, &DWP(-8,$ty,$in));
111
112 # check for 0 length input
113
114 &mov( $out, &wparam(3));
115 &mov( &swtmp(2), $ty); # this is now address to exit at
116 &mov( $tx, &DWP(0,$d,$x,4));
117
118 &cmp( $ty, $in);
119 &jl( &label("end")); # less than 8 bytes
120
121 &set_label("start");
122
123 # filling DELAY SLOT
124 &add( $in, 8);
125
126 &RC4_loop(0,-1,0);
127 &RC4_loop(1,0,0);
128 &RC4_loop(2,0,0);
129 &RC4_loop(3,0,0);
130 &RC4_loop(4,0,0);
131 &RC4_loop(5,0,0);
132 &RC4_loop(6,0,0);
133 &RC4_loop(7,1,0);
134
135 &comment("apply the cipher text");
136 # xor the cipher data with input
137
138 #&add( $out, 8); #moved up into last round
139
140 &mov( $tx, &swtmp(0));
141 &mov( $ty, &DWP(-8,$in,"",0));
142 &xor( $tx, $ty);
143 &mov( $ty, &DWP(-4,$in,"",0));
144 &mov( &DWP(-8,$out,"",0), $tx);
145 &mov( $tx, &swtmp(1));
146 &xor( $tx, $ty);
147 &mov( $ty, &swtmp(2)); # load end ptr;
148 &mov( &DWP(-4,$out,"",0), $tx);
149 &mov( $tx, &DWP(0,$d,$x,4));
150 &cmp($in, $ty);
151 &jle(&label("start"));
152
153 &set_label("end");
154
155 # There is quite a bit of extra crap in RC4_loop() for this
156 # first round
157 &RC4_loop(0,-1,1);
158 &RC4_loop(1,0,1);
159 &RC4_loop(2,0,1);
160 &RC4_loop(3,0,1);
161 &RC4_loop(4,0,1);
162 &RC4_loop(5,0,1);
163 &RC4_loop(6,1,1);
164
165 &set_label("finished");
166 &dec( $x);
167 &stack_pop(3);
168 &mov( &DWP(-4,$d,"",0),$y);
169 &movb( &BP(-8,$d,"",0),&LB($x));
170
171 &function_end($name);
172 }
173
diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h
deleted file mode 100644
index 40251024a4..0000000000
--- a/src/lib/libcrypto/rc4/rc4.h
+++ /dev/null
@@ -1,88 +0,0 @@
1/* crypto/rc4/rc4.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RC4_H
60#define HEADER_RC4_H
61
62#ifdef NO_RC4
63#error RC4 is disabled.
64#endif
65
66#include <openssl/opensslconf.h> /* RC4_INT */
67
68#ifdef __cplusplus
69extern "C" {
70#endif
71
72typedef struct rc4_key_st
73 {
74 RC4_INT x,y;
75 RC4_INT data[256];
76 } RC4_KEY;
77
78
79const char *RC4_options(void);
80void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
81void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
82 unsigned char *outdata);
83
84#ifdef __cplusplus
85}
86#endif
87
88#endif
diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c
deleted file mode 100644
index d5f18a3a70..0000000000
--- a/src/lib/libcrypto/rc4/rc4_enc.c
+++ /dev/null
@@ -1,315 +0,0 @@
1/* crypto/rc4/rc4_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc4.h>
60#include "rc4_locl.h"
61
62/* RC4 as implemented from a posting from
63 * Newsgroups: sci.crypt
64 * From: sterndark@netcom.com (David Sterndark)
65 * Subject: RC4 Algorithm revealed.
66 * Message-ID: <sternCvKL4B.Hyy@netcom.com>
67 * Date: Wed, 14 Sep 1994 06:35:31 GMT
68 */
69
70void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
71 unsigned char *outdata)
72 {
73 register RC4_INT *d;
74 register RC4_INT x,y,tx,ty;
75 int i;
76
77 x=key->x;
78 y=key->y;
79 d=key->data;
80
81#if defined(RC4_CHUNK)
82 /*
83 * The original reason for implementing this(*) was the fact that
84 * pre-21164a Alpha CPUs don't have byte load/store instructions
85 * and e.g. a byte store has to be done with 64-bit load, shift,
86 * and, or and finally 64-bit store. Peaking data and operating
87 * at natural word size made it possible to reduce amount of
88 * instructions as well as to perform early read-ahead without
89 * suffering from RAW (read-after-write) hazard. This resulted
90 * in ~40%(**) performance improvement on 21064 box with gcc.
91 * But it's not only Alpha users who win here:-) Thanks to the
92 * early-n-wide read-ahead this implementation also exhibits
93 * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
94 * on sizeof(RC4_INT)).
95 *
96 * (*) "this" means code which recognizes the case when input
97 * and output pointers appear to be aligned at natural CPU
98 * word boundary
99 * (**) i.e. according to 'apps/openssl speed rc4' benchmark,
100 * crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
101 *
102 * Cavets.
103 *
104 * - RC4_CHUNK="unsigned long long" should be a #1 choice for
105 * UltraSPARC. Unfortunately gcc generates very slow code
106 * (2.5-3 times slower than one generated by Sun's WorkShop
107 * C) and therefore gcc (at least 2.95 and earlier) should
108 * always be told that RC4_CHUNK="unsigned long".
109 *
110 * <appro@fy.chalmers.se>
111 */
112
113# define RC4_STEP ( \
114 x=(x+1) &0xff, \
115 tx=d[x], \
116 y=(tx+y)&0xff, \
117 ty=d[y], \
118 d[y]=tx, \
119 d[x]=ty, \
120 (RC4_CHUNK)d[(tx+ty)&0xff]\
121 )
122
123 if ( ( ((unsigned long)indata & (sizeof(RC4_CHUNK)-1)) |
124 ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
125 {
126 RC4_CHUNK ichunk,otp;
127 const union { long one; char little; } is_endian = {1};
128
129 /*
130 * I reckon we can afford to implement both endian
131 * cases and to decide which way to take at run-time
132 * because the machine code appears to be very compact
133 * and redundant 1-2KB is perfectly tolerable (i.e.
134 * in case the compiler fails to eliminate it:-). By
135 * suggestion from Terrel Larson <terr@terralogic.net>
136 * who also stands for the is_endian union:-)
137 *
138 * Special notes.
139 *
140 * - is_endian is declared automatic as doing otherwise
141 * (declaring static) prevents gcc from eliminating
142 * the redundant code;
143 * - compilers (those I've tried) don't seem to have
144 * problems eliminating either the operators guarded
145 * by "if (sizeof(RC4_CHUNK)==8)" or the condition
146 * expressions themselves so I've got 'em to replace
147 * corresponding #ifdefs from the previous version;
148 * - I chose to let the redundant switch cases when
149 * sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
150 * before);
151 * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
152 * [LB]ESHFT guards against "shift is out of range"
153 * warnings when sizeof(RC4_CHUNK)!=8
154 *
155 * <appro@fy.chalmers.se>
156 */
157 if (!is_endian.little)
158 { /* BIG-ENDIAN CASE */
159# define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
160 for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
161 {
162 ichunk = *(RC4_CHUNK *)indata;
163 otp = RC4_STEP<<BESHFT(0);
164 otp |= RC4_STEP<<BESHFT(1);
165 otp |= RC4_STEP<<BESHFT(2);
166 otp |= RC4_STEP<<BESHFT(3);
167 if (sizeof(RC4_CHUNK)==8)
168 {
169 otp |= RC4_STEP<<BESHFT(4);
170 otp |= RC4_STEP<<BESHFT(5);
171 otp |= RC4_STEP<<BESHFT(6);
172 otp |= RC4_STEP<<BESHFT(7);
173 }
174 *(RC4_CHUNK *)outdata = otp^ichunk;
175 indata += sizeof(RC4_CHUNK);
176 outdata += sizeof(RC4_CHUNK);
177 }
178 if (len)
179 {
180 RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
181
182 ichunk = *(RC4_CHUNK *)indata;
183 ochunk = *(RC4_CHUNK *)outdata;
184 otp = 0;
185 i = BESHFT(0);
186 mask <<= (sizeof(RC4_CHUNK)-len)<<3;
187 switch (len&(sizeof(RC4_CHUNK)-1))
188 {
189 case 7: otp = RC4_STEP<<i, i-=8;
190 case 6: otp |= RC4_STEP<<i, i-=8;
191 case 5: otp |= RC4_STEP<<i, i-=8;
192 case 4: otp |= RC4_STEP<<i, i-=8;
193 case 3: otp |= RC4_STEP<<i, i-=8;
194 case 2: otp |= RC4_STEP<<i, i-=8;
195 case 1: otp |= RC4_STEP<<i, i-=8;
196 case 0: ; /*
197 * it's never the case,
198 * but it has to be here
199 * for ultrix?
200 */
201 }
202 ochunk &= ~mask;
203 ochunk |= (otp^ichunk) & mask;
204 *(RC4_CHUNK *)outdata = ochunk;
205 }
206 key->x=x;
207 key->y=y;
208 return;
209 }
210 else
211 { /* LITTLE-ENDIAN CASE */
212# define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1))
213 for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
214 {
215 ichunk = *(RC4_CHUNK *)indata;
216 otp = RC4_STEP;
217 otp |= RC4_STEP<<8;
218 otp |= RC4_STEP<<16;
219 otp |= RC4_STEP<<24;
220 if (sizeof(RC4_CHUNK)==8)
221 {
222 otp |= RC4_STEP<<LESHFT(4);
223 otp |= RC4_STEP<<LESHFT(5);
224 otp |= RC4_STEP<<LESHFT(6);
225 otp |= RC4_STEP<<LESHFT(7);
226 }
227 *(RC4_CHUNK *)outdata = otp^ichunk;
228 indata += sizeof(RC4_CHUNK);
229 outdata += sizeof(RC4_CHUNK);
230 }
231 if (len)
232 {
233 RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
234
235 ichunk = *(RC4_CHUNK *)indata;
236 ochunk = *(RC4_CHUNK *)outdata;
237 otp = 0;
238 i = 0;
239 mask >>= (sizeof(RC4_CHUNK)-len)<<3;
240 switch (len&(sizeof(RC4_CHUNK)-1))
241 {
242 case 7: otp = RC4_STEP, i+=8;
243 case 6: otp |= RC4_STEP<<i, i+=8;
244 case 5: otp |= RC4_STEP<<i, i+=8;
245 case 4: otp |= RC4_STEP<<i, i+=8;
246 case 3: otp |= RC4_STEP<<i, i+=8;
247 case 2: otp |= RC4_STEP<<i, i+=8;
248 case 1: otp |= RC4_STEP<<i, i+=8;
249 case 0: ; /*
250 * it's never the case,
251 * but it has to be here
252 * for ultrix?
253 */
254 }
255 ochunk &= ~mask;
256 ochunk |= (otp^ichunk) & mask;
257 *(RC4_CHUNK *)outdata = ochunk;
258 }
259 key->x=x;
260 key->y=y;
261 return;
262 }
263 }
264#endif
265#define LOOP(in,out) \
266 x=((x+1)&0xff); \
267 tx=d[x]; \
268 y=(tx+y)&0xff; \
269 d[x]=ty=d[y]; \
270 d[y]=tx; \
271 (out) = d[(tx+ty)&0xff]^ (in);
272
273#ifndef RC4_INDEX
274#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
275#else
276#define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
277#endif
278
279 i=(int)(len>>3L);
280 if (i)
281 {
282 for (;;)
283 {
284 RC4_LOOP(indata,outdata,0);
285 RC4_LOOP(indata,outdata,1);
286 RC4_LOOP(indata,outdata,2);
287 RC4_LOOP(indata,outdata,3);
288 RC4_LOOP(indata,outdata,4);
289 RC4_LOOP(indata,outdata,5);
290 RC4_LOOP(indata,outdata,6);
291 RC4_LOOP(indata,outdata,7);
292#ifdef RC4_INDEX
293 indata+=8;
294 outdata+=8;
295#endif
296 if (--i == 0) break;
297 }
298 }
299 i=(int)len&0x07;
300 if (i)
301 {
302 for (;;)
303 {
304 RC4_LOOP(indata,outdata,0); if (--i == 0) break;
305 RC4_LOOP(indata,outdata,1); if (--i == 0) break;
306 RC4_LOOP(indata,outdata,2); if (--i == 0) break;
307 RC4_LOOP(indata,outdata,3); if (--i == 0) break;
308 RC4_LOOP(indata,outdata,4); if (--i == 0) break;
309 RC4_LOOP(indata,outdata,5); if (--i == 0) break;
310 RC4_LOOP(indata,outdata,6); if (--i == 0) break;
311 }
312 }
313 key->x=x;
314 key->y=y;
315 }
diff --git a/src/lib/libcrypto/rc4/rc4_locl.h b/src/lib/libcrypto/rc4/rc4_locl.h
deleted file mode 100644
index 3bb80b6ce9..0000000000
--- a/src/lib/libcrypto/rc4/rc4_locl.h
+++ /dev/null
@@ -1,4 +0,0 @@
1#ifndef HEADER_RC4_LOCL_H
2#define HEADER_RC4_LOCL_H
3#include <openssl/opensslconf.h>
4#endif
diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c
deleted file mode 100644
index bb10c1ebe2..0000000000
--- a/src/lib/libcrypto/rc4/rc4_skey.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* crypto/rc4/rc4_skey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc4.h>
60#include "rc4_locl.h"
61#include <openssl/opensslv.h>
62
63const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT;
64
65const char *RC4_options(void)
66 {
67#ifdef RC4_INDEX
68 if (sizeof(RC4_INT) == 1)
69 return("rc4(idx,char)");
70 else
71 return("rc4(idx,int)");
72#else
73 if (sizeof(RC4_INT) == 1)
74 return("rc4(ptr,char)");
75 else
76 return("rc4(ptr,int)");
77#endif
78 }
79
80/* RC4 as implemented from a posting from
81 * Newsgroups: sci.crypt
82 * From: sterndark@netcom.com (David Sterndark)
83 * Subject: RC4 Algorithm revealed.
84 * Message-ID: <sternCvKL4B.Hyy@netcom.com>
85 * Date: Wed, 14 Sep 1994 06:35:31 GMT
86 */
87
88void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
89 {
90 register RC4_INT tmp;
91 register int id1,id2;
92 register RC4_INT *d;
93 unsigned int i;
94
95 d= &(key->data[0]);
96 for (i=0; i<256; i++)
97 d[i]=i;
98 key->x = 0;
99 key->y = 0;
100 id1=id2=0;
101
102#define SK_LOOP(n) { \
103 tmp=d[(n)]; \
104 id2 = (data[id1] + tmp + id2) & 0xff; \
105 if (++id1 == len) id1=0; \
106 d[(n)]=d[id2]; \
107 d[id2]=tmp; }
108
109 for (i=0; i < 256; i+=4)
110 {
111 SK_LOOP(i+0);
112 SK_LOOP(i+1);
113 SK_LOOP(i+2);
114 SK_LOOP(i+3);
115 }
116 }
117
diff --git a/src/lib/libcrypto/ripemd/README b/src/lib/libcrypto/ripemd/README
deleted file mode 100644
index 7097707264..0000000000
--- a/src/lib/libcrypto/ripemd/README
+++ /dev/null
@@ -1,15 +0,0 @@
1RIPEMD-160
2http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
3
4This is my implementation of RIPEMD-160. The pentium assember is a little
5off the pace since I only get 1050 cycles, while the best is 1013.
6I have a few ideas for how to get another 20 or so cycles, but at
7this point I will not bother right now. I belive the trick will be
8to remove my 'copy X array onto stack' until inside the RIP1() finctions the
9first time round. To do this I need another register and will only have one
10temporary one. A bit tricky.... I can also cleanup the saving of the 5 words
11after the first half of the calculation. I should read the origional
12value, add then write. Currently I just save the new and read the origioal.
13I then read both at the end. Bad.
14
15eric (20-Jan-1998)
diff --git a/src/lib/libcrypto/ripemd/asm/rmd-586.pl b/src/lib/libcrypto/ripemd/asm/rmd-586.pl
deleted file mode 100644
index 0ab6f76bff..0000000000
--- a/src/lib/libcrypto/ripemd/asm/rmd-586.pl
+++ /dev/null
@@ -1,590 +0,0 @@
1#!/usr/local/bin/perl
2
3# Normal is the
4# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
5
6$normal=0;
7
8push(@INC,"perlasm","../../perlasm");
9require "x86asm.pl";
10
11&asm_init($ARGV[0],$0);
12
13$A="ecx";
14$B="esi";
15$C="edi";
16$D="ebx";
17$E="ebp";
18$tmp1="eax";
19$tmp2="edx";
20
21$KL1=0x5A827999;
22$KL2=0x6ED9EBA1;
23$KL3=0x8F1BBCDC;
24$KL4=0xA953FD4E;
25$KR0=0x50A28BE6;
26$KR1=0x5C4DD124;
27$KR2=0x6D703EF3;
28$KR3=0x7A6D76E9;
29
30
31@wl=( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
32 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
33 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
34 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
35 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
36 );
37
38@wr=( 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
39 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
40 15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
41 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
42 12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
43 );
44
45@sl=( 11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
46 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
47 11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
48 11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
49 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
50 );
51
52@sr=( 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
53 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
54 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
55 15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
56 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
57 );
58
59&ripemd160_block("ripemd160_block_asm_host_order");
60&asm_finish();
61
62sub Xv
63 {
64 local($n)=@_;
65 return(&swtmp($n));
66 # tmp on stack
67 }
68
69sub Np
70 {
71 local($p)=@_;
72 local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
73 return($n{$p});
74 }
75
76sub RIP1
77 {
78 local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
79
80 &comment($p++);
81 if ($p & 1)
82 {
83 #&mov($tmp1, $c) if $o == -1;
84 &xor($tmp1, $d) if $o == -1;
85 &mov($tmp2, &Xv($pos));
86 &xor($tmp1, $b);
87 &add($a, $tmp2);
88 &rotl($c, 10);
89 &add($a, $tmp1);
90 &mov($tmp1, &Np($c)); # NEXT
91 # XXX
92 &rotl($a, $s);
93 &add($a, $e);
94 }
95 else
96 {
97 &xor($tmp1, $d);
98 &mov($tmp2, &Xv($pos));
99 &xor($tmp1, $b);
100 &add($a, $tmp1);
101 &mov($tmp1, &Np($c)) if $o <= 0;
102 &mov($tmp1, -1) if $o == 1;
103 # XXX if $o == 2;
104 &rotl($c, 10);
105 &add($a, $tmp2);
106 &xor($tmp1, &Np($d)) if $o <= 0;
107 &mov($tmp2, &Xv($pos2)) if $o == 1;
108 &mov($tmp2, &wparam(0)) if $o == 2;
109 &rotl($a, $s);
110 &add($a, $e);
111 }
112 }
113
114sub RIP2
115 {
116 local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
117
118# XXXXXX
119 &comment($p++);
120 if ($p & 1)
121 {
122# &mov($tmp2, &Xv($pos)) if $o < -1;
123# &mov($tmp1, -1) if $o < -1;
124
125 &add($a, $tmp2);
126 &mov($tmp2, $c);
127 &sub($tmp1, $b);
128 &and($tmp2, $b);
129 &and($tmp1, $d);
130 &or($tmp2, $tmp1);
131 &mov($tmp1, &Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
132 # XXX
133 &rotl($c, 10);
134 &lea($a, &DWP($K,$a,$tmp2,1));
135 &mov($tmp2, -1) if $o <= 0;
136 # XXX
137 &rotl($a, $s);
138 &add($a, $e);
139 }
140 else
141 {
142 # XXX
143 &add($a, $tmp1);
144 &mov($tmp1, $c);
145 &sub($tmp2, $b);
146 &and($tmp1, $b);
147 &and($tmp2, $d);
148 if ($o != 2)
149 {
150 &or($tmp1, $tmp2);
151 &mov($tmp2, &Xv($pos2)) if $o <= 0;
152 &mov($tmp2, -1) if $o == 1;
153 &rotl($c, 10);
154 &lea($a, &DWP($K,$a,$tmp1,1));
155 &mov($tmp1, -1) if $o <= 0;
156 &sub($tmp2, &Np($c)) if $o == 1;
157 } else {
158 &or($tmp2, $tmp1);
159 &mov($tmp1, &Np($c));
160 &rotl($c, 10);
161 &lea($a, &DWP($K,$a,$tmp2,1));
162 &xor($tmp1, &Np($d));
163 }
164 &rotl($a, $s);
165 &add($a, $e);
166 }
167 }
168
169sub RIP3
170 {
171 local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
172
173 &comment($p++);
174 if ($p & 1)
175 {
176# &mov($tmp2, -1) if $o < -1;
177# &sub($tmp2, $c) if $o < -1;
178 &mov($tmp1, &Xv($pos));
179 &or($tmp2, $b);
180 &add($a, $tmp1);
181 &xor($tmp2, $d);
182 &mov($tmp1, -1) if $o <= 0; # NEXT
183 # XXX
184 &rotl($c, 10);
185 &lea($a, &DWP($K,$a,$tmp2,1));
186 &sub($tmp1, &Np($c)) if $o <= 0; # NEXT
187 # XXX
188 &rotl($a, $s);
189 &add($a, $e);
190 }
191 else
192 {
193 &mov($tmp2, &Xv($pos));
194 &or($tmp1, $b);
195 &add($a, $tmp2);
196 &xor($tmp1, $d);
197 &mov($tmp2, -1) if $o <= 0; # NEXT
198 &mov($tmp2, -1) if $o == 1;
199 &mov($tmp2, &Xv($pos2)) if $o == 2;
200 &rotl($c, 10);
201 &lea($a, &DWP($K,$a,$tmp1,1));
202 &sub($tmp2, &Np($c)) if $o <= 0; # NEXT
203 &mov($tmp1, &Np($d)) if $o == 1;
204 &mov($tmp1, -1) if $o == 2;
205 &rotl($a, $s);
206 &add($a, $e);
207 }
208 }
209
210sub RIP4
211 {
212 local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
213
214 &comment($p++);
215 if ($p & 1)
216 {
217# &mov($tmp2, -1) if $o == -2;
218# &mov($tmp1, $d) if $o == -2;
219 &sub($tmp2, $d);
220 &and($tmp1, $b);
221 &and($tmp2, $c);
222 &or($tmp2, $tmp1);
223 &mov($tmp1, &Xv($pos));
224 &rotl($c, 10);
225 &lea($a, &DWP($K,$a,$tmp2));
226 &mov($tmp2, -1) unless $o > 0; # NEXT
227 # XXX
228 &add($a, $tmp1);
229 &mov($tmp1, &Np($d)) unless $o > 0; # NEXT
230 # XXX
231 &rotl($a, $s);
232 &add($a, $e);
233 }
234 else
235 {
236 &sub($tmp2, $d);
237 &and($tmp1, $b);
238 &and($tmp2, $c);
239 &or($tmp2, $tmp1);
240 &mov($tmp1, &Xv($pos));
241 &rotl($c, 10);
242 &lea($a, &DWP($K,$a,$tmp2));
243 &mov($tmp2, -1) if $o == 0; # NEXT
244 &mov($tmp2, -1) if $o == 1;
245 &mov($tmp2, -1) if $o == 2;
246 # XXX
247 &add($a, $tmp1);
248 &mov($tmp1, &Np($d)) if $o == 0; # NEXT
249 &sub($tmp2, &Np($d)) if $o == 1;
250 &sub($tmp2, &Np($c)) if $o == 2;
251 # XXX
252 &rotl($a, $s);
253 &add($a, $e);
254 }
255 }
256
257sub RIP5
258 {
259 local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
260
261 &comment($p++);
262 if ($p & 1)
263 {
264 &mov($tmp2, -1) if $o == -2;
265 &sub($tmp2, $d) if $o == -2;
266 &mov($tmp1, &Xv($pos));
267 &or($tmp2, $c);
268 &add($a, $tmp1);
269 &xor($tmp2, $b);
270 &mov($tmp1, -1) if $o <= 0;
271 # XXX
272 &rotl($c, 10);
273 &lea($a, &DWP($K,$a,$tmp2,1));
274 &sub($tmp1, &Np($d)) if $o <= 0;
275 # XXX
276 &rotl($a, $s);
277 &add($a, $e);
278 }
279 else
280 {
281 &mov($tmp2, &Xv($pos));
282 &or($tmp1, $c);
283 &add($a, $tmp2);
284 &xor($tmp1, $b);
285 &mov($tmp2, -1) if $o <= 0;
286 &mov($tmp2, &wparam(0)) if $o == 1; # Middle code
287 &mov($tmp2, -1) if $o == 2;
288 &rotl($c, 10);
289 &lea($a, &DWP($K,$a,$tmp1,1));
290 &sub($tmp2, &Np($d)) if $o <= 0;
291 &mov(&swtmp(16), $A) if $o == 1;
292 &mov($tmp1, &Np($d)) if $o == 2;
293 &rotl($a, $s);
294 &add($a, $e);
295 }
296 }
297
298sub ripemd160_block
299 {
300 local($name)=@_;
301
302 &function_begin_B($name,"",3);
303
304 # parameter 1 is the RIPEMD160_CTX structure.
305 # A 0
306 # B 4
307 # C 8
308 # D 12
309 # E 16
310
311 &mov($tmp2, &wparam(0));
312 &mov($tmp1, &wparam(1));
313 &push("esi");
314 &mov($A, &DWP( 0,$tmp2,"",0));
315 &push("edi");
316 &mov($B, &DWP( 4,$tmp2,"",0));
317 &push("ebp");
318 &mov($C, &DWP( 8,$tmp2,"",0));
319 &push("ebx");
320 &stack_push(16+5+6);
321 # Special comment about the figure of 6.
322 # Idea is to pad the current frame so
323 # that the top of the stack gets fairly
324 # aligned. Well, as you realize it would
325 # always depend on how the frame below is
326 # aligned. The good news are that gcc-2.95
327 # and later does keep first argument at
328 # least double-wise aligned.
329 # <appro@fy.chalmers.se>
330
331 &set_label("start") unless $normal;
332 &comment("");
333
334 # &mov($tmp1, &wparam(1)); # Done at end of loop
335 # &mov($tmp2, &wparam(0)); # Done at end of loop
336
337 for ($z=0; $z<16; $z+=2)
338 {
339 &mov($D, &DWP( $z*4,$tmp1,"",0));
340 &mov($E, &DWP( ($z+1)*4,$tmp1,"",0));
341 &mov(&swtmp($z), $D);
342 &mov(&swtmp($z+1), $E);
343 }
344 &mov($tmp1, $C);
345 &mov($D, &DWP(12,$tmp2,"",0));
346 &mov($E, &DWP(16,$tmp2,"",0));
347
348 &RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
349 &RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
350 &RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
351 &RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
352 &RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
353 &RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
354 &RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
355 &RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
356 &RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
357 &RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
358 &RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
359 &RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
360 &RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
361 &RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
362 &RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
363 &RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
364
365 &RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
366 &RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
367 &RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
368 &RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
369 &RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
370 &RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
371 &RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
372 &RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
373 &RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
374 &RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
375 &RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
376 &RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
377 &RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
378 &RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
379 &RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
380 &RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
381
382 &RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
383 &RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
384 &RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
385 &RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
386 &RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
387 &RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
388 &RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
389 &RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
390 &RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
391 &RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
392 &RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
393 &RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
394 &RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
395 &RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
396 &RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
397 &RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
398
399 &RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
400 &RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
401 &RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
402 &RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
403 &RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
404 &RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
405 &RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
406 &RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
407 &RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
408 &RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
409 &RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
410 &RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
411 &RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
412 &RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
413 &RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
414 &RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
415
416 &RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
417 &RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
418 &RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
419 &RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
420 &RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
421 &RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
422 &RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
423 &RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
424 &RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
425 &RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
426 &RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
427 &RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
428 &RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
429 &RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
430 &RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
431 &RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
432
433 # &mov($tmp2, &wparam(0)); # moved into last RIP5
434 # &mov(&swtmp(16), $A);
435 &mov($A, &DWP( 0,$tmp2,"",0));
436 &mov(&swtmp(16+1), $B);
437 &mov(&swtmp(16+2), $C);
438 &mov($B, &DWP( 4,$tmp2,"",0));
439 &mov(&swtmp(16+3), $D);
440 &mov($C, &DWP( 8,$tmp2,"",0));
441 &mov(&swtmp(16+4), $E);
442 &mov($D, &DWP(12,$tmp2,"",0));
443 &mov($E, &DWP(16,$tmp2,"",0));
444
445 &RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
446 &RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
447 &RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
448 &RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
449 &RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
450 &RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
451 &RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
452 &RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
453 &RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
454 &RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
455 &RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
456 &RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
457 &RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
458 &RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
459 &RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
460 &RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
461
462 &RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
463 &RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
464 &RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
465 &RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
466 &RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
467 &RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
468 &RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
469 &RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
470 &RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
471 &RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
472 &RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
473 &RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
474 &RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
475 &RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
476 &RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
477 &RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
478
479 &RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
480 &RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
481 &RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
482 &RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
483 &RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
484 &RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
485 &RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
486 &RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
487 &RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
488 &RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
489 &RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
490 &RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
491 &RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
492 &RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
493 &RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
494 &RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
495
496 &RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
497 &RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
498 &RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
499 &RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
500 &RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
501 &RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
502 &RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
503 &RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
504 &RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
505 &RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
506 &RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
507 &RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
508 &RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
509 &RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
510 &RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
511 &RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
512
513 &RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
514 &RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
515 &RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
516 &RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
517 &RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
518 &RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
519 &RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
520 &RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
521 &RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
522 &RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
523 &RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
524 &RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
525 &RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
526 &RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
527 &RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
528 &RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
529
530 # &mov($tmp2, &wparam(0)); # Moved into last round
531
532 &mov($tmp1, &DWP( 4,$tmp2,"",0)); # ctx->B
533 &add($D, $tmp1);
534 &mov($tmp1, &swtmp(16+2)); # $c
535 &add($D, $tmp1);
536
537 &mov($tmp1, &DWP( 8,$tmp2,"",0)); # ctx->C
538 &add($E, $tmp1);
539 &mov($tmp1, &swtmp(16+3)); # $d
540 &add($E, $tmp1);
541
542 &mov($tmp1, &DWP(12,$tmp2,"",0)); # ctx->D
543 &add($A, $tmp1);
544 &mov($tmp1, &swtmp(16+4)); # $e
545 &add($A, $tmp1);
546
547
548 &mov($tmp1, &DWP(16,$tmp2,"",0)); # ctx->E
549 &add($B, $tmp1);
550 &mov($tmp1, &swtmp(16+0)); # $a
551 &add($B, $tmp1);
552
553 &mov($tmp1, &DWP( 0,$tmp2,"",0)); # ctx->A
554 &add($C, $tmp1);
555 &mov($tmp1, &swtmp(16+1)); # $b
556 &add($C, $tmp1);
557
558 &mov($tmp1, &wparam(2));
559
560 &mov(&DWP( 0,$tmp2,"",0), $D);
561 &mov(&DWP( 4,$tmp2,"",0), $E);
562 &mov(&DWP( 8,$tmp2,"",0), $A);
563 &sub($tmp1,1);
564 &mov(&DWP(12,$tmp2,"",0), $B);
565 &mov(&DWP(16,$tmp2,"",0), $C);
566
567 &jle(&label("get_out"));
568
569 &mov(&wparam(2),$tmp1);
570 &mov($C, $A);
571 &mov($tmp1, &wparam(1));
572 &mov($A, $D);
573 &add($tmp1, 64);
574 &mov($B, $E);
575 &mov(&wparam(1),$tmp1);
576
577 &jmp(&label("start"));
578
579 &set_label("get_out");
580
581 &stack_pop(16+5+6);
582
583 &pop("ebx");
584 &pop("ebp");
585 &pop("edi");
586 &pop("esi");
587 &ret();
588 &function_end_B($name);
589 }
590
diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h
deleted file mode 100644
index dd1627cf40..0000000000
--- a/src/lib/libcrypto/ripemd/ripemd.h
+++ /dev/null
@@ -1,101 +0,0 @@
1/* crypto/ripemd/ripemd.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RIPEMD_H
60#define HEADER_RIPEMD_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#ifdef NO_RIPEMD
67#error RIPEMD is disabled.
68#endif
69
70#if defined(WIN16) || defined(__LP32__)
71#define RIPEMD160_LONG unsigned long
72#elif defined(_CRAY) || defined(__ILP64__)
73#define RIPEMD160_LONG unsigned long
74#define RIPEMD160_LONG_LOG2 3
75#else
76#define RIPEMD160_LONG unsigned int
77#endif
78
79#define RIPEMD160_CBLOCK 64
80#define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
81#define RIPEMD160_DIGEST_LENGTH 20
82
83typedef struct RIPEMD160state_st
84 {
85 RIPEMD160_LONG A,B,C,D,E;
86 RIPEMD160_LONG Nl,Nh;
87 RIPEMD160_LONG data[RIPEMD160_LBLOCK];
88 int num;
89 } RIPEMD160_CTX;
90
91void RIPEMD160_Init(RIPEMD160_CTX *c);
92void RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
93void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
94unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
95 unsigned char *md);
96void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
97#ifdef __cplusplus
98}
99#endif
100
101#endif
diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c
deleted file mode 100644
index bdfae270b6..0000000000
--- a/src/lib/libcrypto/ripemd/rmd_dgst.c
+++ /dev/null
@@ -1,493 +0,0 @@
1/* crypto/ripemd/rmd_dgst.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "rmd_locl.h"
61#include <openssl/opensslv.h>
62
63const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
64
65# ifdef RMD160_ASM
66 void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num);
67# define ripemd160_block ripemd160_block_x86
68# else
69 void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num);
70# endif
71
72void RIPEMD160_Init(RIPEMD160_CTX *c)
73 {
74 c->A=RIPEMD160_A;
75 c->B=RIPEMD160_B;
76 c->C=RIPEMD160_C;
77 c->D=RIPEMD160_D;
78 c->E=RIPEMD160_E;
79 c->Nl=0;
80 c->Nh=0;
81 c->num=0;
82 }
83
84#ifndef ripemd160_block_host_order
85#ifdef X
86#undef X
87#endif
88#define X(i) XX[i]
89void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num)
90 {
91 const RIPEMD160_LONG *XX=p;
92 register unsigned long A,B,C,D,E;
93 register unsigned long a,b,c,d,e;
94
95 for (;num--;XX+=HASH_LBLOCK)
96 {
97
98 A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
99
100 RIP1(A,B,C,D,E,WL00,SL00);
101 RIP1(E,A,B,C,D,WL01,SL01);
102 RIP1(D,E,A,B,C,WL02,SL02);
103 RIP1(C,D,E,A,B,WL03,SL03);
104 RIP1(B,C,D,E,A,WL04,SL04);
105 RIP1(A,B,C,D,E,WL05,SL05);
106 RIP1(E,A,B,C,D,WL06,SL06);
107 RIP1(D,E,A,B,C,WL07,SL07);
108 RIP1(C,D,E,A,B,WL08,SL08);
109 RIP1(B,C,D,E,A,WL09,SL09);
110 RIP1(A,B,C,D,E,WL10,SL10);
111 RIP1(E,A,B,C,D,WL11,SL11);
112 RIP1(D,E,A,B,C,WL12,SL12);
113 RIP1(C,D,E,A,B,WL13,SL13);
114 RIP1(B,C,D,E,A,WL14,SL14);
115 RIP1(A,B,C,D,E,WL15,SL15);
116
117 RIP2(E,A,B,C,D,WL16,SL16,KL1);
118 RIP2(D,E,A,B,C,WL17,SL17,KL1);
119 RIP2(C,D,E,A,B,WL18,SL18,KL1);
120 RIP2(B,C,D,E,A,WL19,SL19,KL1);
121 RIP2(A,B,C,D,E,WL20,SL20,KL1);
122 RIP2(E,A,B,C,D,WL21,SL21,KL1);
123 RIP2(D,E,A,B,C,WL22,SL22,KL1);
124 RIP2(C,D,E,A,B,WL23,SL23,KL1);
125 RIP2(B,C,D,E,A,WL24,SL24,KL1);
126 RIP2(A,B,C,D,E,WL25,SL25,KL1);
127 RIP2(E,A,B,C,D,WL26,SL26,KL1);
128 RIP2(D,E,A,B,C,WL27,SL27,KL1);
129 RIP2(C,D,E,A,B,WL28,SL28,KL1);
130 RIP2(B,C,D,E,A,WL29,SL29,KL1);
131 RIP2(A,B,C,D,E,WL30,SL30,KL1);
132 RIP2(E,A,B,C,D,WL31,SL31,KL1);
133
134 RIP3(D,E,A,B,C,WL32,SL32,KL2);
135 RIP3(C,D,E,A,B,WL33,SL33,KL2);
136 RIP3(B,C,D,E,A,WL34,SL34,KL2);
137 RIP3(A,B,C,D,E,WL35,SL35,KL2);
138 RIP3(E,A,B,C,D,WL36,SL36,KL2);
139 RIP3(D,E,A,B,C,WL37,SL37,KL2);
140 RIP3(C,D,E,A,B,WL38,SL38,KL2);
141 RIP3(B,C,D,E,A,WL39,SL39,KL2);
142 RIP3(A,B,C,D,E,WL40,SL40,KL2);
143 RIP3(E,A,B,C,D,WL41,SL41,KL2);
144 RIP3(D,E,A,B,C,WL42,SL42,KL2);
145 RIP3(C,D,E,A,B,WL43,SL43,KL2);
146 RIP3(B,C,D,E,A,WL44,SL44,KL2);
147 RIP3(A,B,C,D,E,WL45,SL45,KL2);
148 RIP3(E,A,B,C,D,WL46,SL46,KL2);
149 RIP3(D,E,A,B,C,WL47,SL47,KL2);
150
151 RIP4(C,D,E,A,B,WL48,SL48,KL3);
152 RIP4(B,C,D,E,A,WL49,SL49,KL3);
153 RIP4(A,B,C,D,E,WL50,SL50,KL3);
154 RIP4(E,A,B,C,D,WL51,SL51,KL3);
155 RIP4(D,E,A,B,C,WL52,SL52,KL3);
156 RIP4(C,D,E,A,B,WL53,SL53,KL3);
157 RIP4(B,C,D,E,A,WL54,SL54,KL3);
158 RIP4(A,B,C,D,E,WL55,SL55,KL3);
159 RIP4(E,A,B,C,D,WL56,SL56,KL3);
160 RIP4(D,E,A,B,C,WL57,SL57,KL3);
161 RIP4(C,D,E,A,B,WL58,SL58,KL3);
162 RIP4(B,C,D,E,A,WL59,SL59,KL3);
163 RIP4(A,B,C,D,E,WL60,SL60,KL3);
164 RIP4(E,A,B,C,D,WL61,SL61,KL3);
165 RIP4(D,E,A,B,C,WL62,SL62,KL3);
166 RIP4(C,D,E,A,B,WL63,SL63,KL3);
167
168 RIP5(B,C,D,E,A,WL64,SL64,KL4);
169 RIP5(A,B,C,D,E,WL65,SL65,KL4);
170 RIP5(E,A,B,C,D,WL66,SL66,KL4);
171 RIP5(D,E,A,B,C,WL67,SL67,KL4);
172 RIP5(C,D,E,A,B,WL68,SL68,KL4);
173 RIP5(B,C,D,E,A,WL69,SL69,KL4);
174 RIP5(A,B,C,D,E,WL70,SL70,KL4);
175 RIP5(E,A,B,C,D,WL71,SL71,KL4);
176 RIP5(D,E,A,B,C,WL72,SL72,KL4);
177 RIP5(C,D,E,A,B,WL73,SL73,KL4);
178 RIP5(B,C,D,E,A,WL74,SL74,KL4);
179 RIP5(A,B,C,D,E,WL75,SL75,KL4);
180 RIP5(E,A,B,C,D,WL76,SL76,KL4);
181 RIP5(D,E,A,B,C,WL77,SL77,KL4);
182 RIP5(C,D,E,A,B,WL78,SL78,KL4);
183 RIP5(B,C,D,E,A,WL79,SL79,KL4);
184
185 a=A; b=B; c=C; d=D; e=E;
186 /* Do other half */
187 A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
188
189 RIP5(A,B,C,D,E,WR00,SR00,KR0);
190 RIP5(E,A,B,C,D,WR01,SR01,KR0);
191 RIP5(D,E,A,B,C,WR02,SR02,KR0);
192 RIP5(C,D,E,A,B,WR03,SR03,KR0);
193 RIP5(B,C,D,E,A,WR04,SR04,KR0);
194 RIP5(A,B,C,D,E,WR05,SR05,KR0);
195 RIP5(E,A,B,C,D,WR06,SR06,KR0);
196 RIP5(D,E,A,B,C,WR07,SR07,KR0);
197 RIP5(C,D,E,A,B,WR08,SR08,KR0);
198 RIP5(B,C,D,E,A,WR09,SR09,KR0);
199 RIP5(A,B,C,D,E,WR10,SR10,KR0);
200 RIP5(E,A,B,C,D,WR11,SR11,KR0);
201 RIP5(D,E,A,B,C,WR12,SR12,KR0);
202 RIP5(C,D,E,A,B,WR13,SR13,KR0);
203 RIP5(B,C,D,E,A,WR14,SR14,KR0);
204 RIP5(A,B,C,D,E,WR15,SR15,KR0);
205
206 RIP4(E,A,B,C,D,WR16,SR16,KR1);
207 RIP4(D,E,A,B,C,WR17,SR17,KR1);
208 RIP4(C,D,E,A,B,WR18,SR18,KR1);
209 RIP4(B,C,D,E,A,WR19,SR19,KR1);
210 RIP4(A,B,C,D,E,WR20,SR20,KR1);
211 RIP4(E,A,B,C,D,WR21,SR21,KR1);
212 RIP4(D,E,A,B,C,WR22,SR22,KR1);
213 RIP4(C,D,E,A,B,WR23,SR23,KR1);
214 RIP4(B,C,D,E,A,WR24,SR24,KR1);
215 RIP4(A,B,C,D,E,WR25,SR25,KR1);
216 RIP4(E,A,B,C,D,WR26,SR26,KR1);
217 RIP4(D,E,A,B,C,WR27,SR27,KR1);
218 RIP4(C,D,E,A,B,WR28,SR28,KR1);
219 RIP4(B,C,D,E,A,WR29,SR29,KR1);
220 RIP4(A,B,C,D,E,WR30,SR30,KR1);
221 RIP4(E,A,B,C,D,WR31,SR31,KR1);
222
223 RIP3(D,E,A,B,C,WR32,SR32,KR2);
224 RIP3(C,D,E,A,B,WR33,SR33,KR2);
225 RIP3(B,C,D,E,A,WR34,SR34,KR2);
226 RIP3(A,B,C,D,E,WR35,SR35,KR2);
227 RIP3(E,A,B,C,D,WR36,SR36,KR2);
228 RIP3(D,E,A,B,C,WR37,SR37,KR2);
229 RIP3(C,D,E,A,B,WR38,SR38,KR2);
230 RIP3(B,C,D,E,A,WR39,SR39,KR2);
231 RIP3(A,B,C,D,E,WR40,SR40,KR2);
232 RIP3(E,A,B,C,D,WR41,SR41,KR2);
233 RIP3(D,E,A,B,C,WR42,SR42,KR2);
234 RIP3(C,D,E,A,B,WR43,SR43,KR2);
235 RIP3(B,C,D,E,A,WR44,SR44,KR2);
236 RIP3(A,B,C,D,E,WR45,SR45,KR2);
237 RIP3(E,A,B,C,D,WR46,SR46,KR2);
238 RIP3(D,E,A,B,C,WR47,SR47,KR2);
239
240 RIP2(C,D,E,A,B,WR48,SR48,KR3);
241 RIP2(B,C,D,E,A,WR49,SR49,KR3);
242 RIP2(A,B,C,D,E,WR50,SR50,KR3);
243 RIP2(E,A,B,C,D,WR51,SR51,KR3);
244 RIP2(D,E,A,B,C,WR52,SR52,KR3);
245 RIP2(C,D,E,A,B,WR53,SR53,KR3);
246 RIP2(B,C,D,E,A,WR54,SR54,KR3);
247 RIP2(A,B,C,D,E,WR55,SR55,KR3);
248 RIP2(E,A,B,C,D,WR56,SR56,KR3);
249 RIP2(D,E,A,B,C,WR57,SR57,KR3);
250 RIP2(C,D,E,A,B,WR58,SR58,KR3);
251 RIP2(B,C,D,E,A,WR59,SR59,KR3);
252 RIP2(A,B,C,D,E,WR60,SR60,KR3);
253 RIP2(E,A,B,C,D,WR61,SR61,KR3);
254 RIP2(D,E,A,B,C,WR62,SR62,KR3);
255 RIP2(C,D,E,A,B,WR63,SR63,KR3);
256
257 RIP1(B,C,D,E,A,WR64,SR64);
258 RIP1(A,B,C,D,E,WR65,SR65);
259 RIP1(E,A,B,C,D,WR66,SR66);
260 RIP1(D,E,A,B,C,WR67,SR67);
261 RIP1(C,D,E,A,B,WR68,SR68);
262 RIP1(B,C,D,E,A,WR69,SR69);
263 RIP1(A,B,C,D,E,WR70,SR70);
264 RIP1(E,A,B,C,D,WR71,SR71);
265 RIP1(D,E,A,B,C,WR72,SR72);
266 RIP1(C,D,E,A,B,WR73,SR73);
267 RIP1(B,C,D,E,A,WR74,SR74);
268 RIP1(A,B,C,D,E,WR75,SR75);
269 RIP1(E,A,B,C,D,WR76,SR76);
270 RIP1(D,E,A,B,C,WR77,SR77);
271 RIP1(C,D,E,A,B,WR78,SR78);
272 RIP1(B,C,D,E,A,WR79,SR79);
273
274 D =ctx->B+c+D;
275 ctx->B=ctx->C+d+E;
276 ctx->C=ctx->D+e+A;
277 ctx->D=ctx->E+a+B;
278 ctx->E=ctx->A+b+C;
279 ctx->A=D;
280
281 }
282 }
283#endif
284
285#ifndef ripemd160_block_data_order
286#ifdef X
287#undef X
288#endif
289void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num)
290 {
291 const unsigned char *data=p;
292 register unsigned long A,B,C,D,E;
293 unsigned long a,b,c,d,e,l;
294#ifndef MD32_XARRAY
295 /* See comment in crypto/sha/sha_locl.h for details. */
296 unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
297 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
298# define X(i) XX##i
299#else
300 RIPEMD160_LONG XX[16];
301# define X(i) XX[i]
302#endif
303
304 for (;num--;)
305 {
306
307 A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
308
309 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
310 RIP1(A,B,C,D,E,WL00,SL00); HOST_c2l(data,l); X( 2)=l;
311 RIP1(E,A,B,C,D,WL01,SL01); HOST_c2l(data,l); X( 3)=l;
312 RIP1(D,E,A,B,C,WL02,SL02); HOST_c2l(data,l); X( 4)=l;
313 RIP1(C,D,E,A,B,WL03,SL03); HOST_c2l(data,l); X( 5)=l;
314 RIP1(B,C,D,E,A,WL04,SL04); HOST_c2l(data,l); X( 6)=l;
315 RIP1(A,B,C,D,E,WL05,SL05); HOST_c2l(data,l); X( 7)=l;
316 RIP1(E,A,B,C,D,WL06,SL06); HOST_c2l(data,l); X( 8)=l;
317 RIP1(D,E,A,B,C,WL07,SL07); HOST_c2l(data,l); X( 9)=l;
318 RIP1(C,D,E,A,B,WL08,SL08); HOST_c2l(data,l); X(10)=l;
319 RIP1(B,C,D,E,A,WL09,SL09); HOST_c2l(data,l); X(11)=l;
320 RIP1(A,B,C,D,E,WL10,SL10); HOST_c2l(data,l); X(12)=l;
321 RIP1(E,A,B,C,D,WL11,SL11); HOST_c2l(data,l); X(13)=l;
322 RIP1(D,E,A,B,C,WL12,SL12); HOST_c2l(data,l); X(14)=l;
323 RIP1(C,D,E,A,B,WL13,SL13); HOST_c2l(data,l); X(15)=l;
324 RIP1(B,C,D,E,A,WL14,SL14);
325 RIP1(A,B,C,D,E,WL15,SL15);
326
327 RIP2(E,A,B,C,D,WL16,SL16,KL1);
328 RIP2(D,E,A,B,C,WL17,SL17,KL1);
329 RIP2(C,D,E,A,B,WL18,SL18,KL1);
330 RIP2(B,C,D,E,A,WL19,SL19,KL1);
331 RIP2(A,B,C,D,E,WL20,SL20,KL1);
332 RIP2(E,A,B,C,D,WL21,SL21,KL1);
333 RIP2(D,E,A,B,C,WL22,SL22,KL1);
334 RIP2(C,D,E,A,B,WL23,SL23,KL1);
335 RIP2(B,C,D,E,A,WL24,SL24,KL1);
336 RIP2(A,B,C,D,E,WL25,SL25,KL1);
337 RIP2(E,A,B,C,D,WL26,SL26,KL1);
338 RIP2(D,E,A,B,C,WL27,SL27,KL1);
339 RIP2(C,D,E,A,B,WL28,SL28,KL1);
340 RIP2(B,C,D,E,A,WL29,SL29,KL1);
341 RIP2(A,B,C,D,E,WL30,SL30,KL1);
342 RIP2(E,A,B,C,D,WL31,SL31,KL1);
343
344 RIP3(D,E,A,B,C,WL32,SL32,KL2);
345 RIP3(C,D,E,A,B,WL33,SL33,KL2);
346 RIP3(B,C,D,E,A,WL34,SL34,KL2);
347 RIP3(A,B,C,D,E,WL35,SL35,KL2);
348 RIP3(E,A,B,C,D,WL36,SL36,KL2);
349 RIP3(D,E,A,B,C,WL37,SL37,KL2);
350 RIP3(C,D,E,A,B,WL38,SL38,KL2);
351 RIP3(B,C,D,E,A,WL39,SL39,KL2);
352 RIP3(A,B,C,D,E,WL40,SL40,KL2);
353 RIP3(E,A,B,C,D,WL41,SL41,KL2);
354 RIP3(D,E,A,B,C,WL42,SL42,KL2);
355 RIP3(C,D,E,A,B,WL43,SL43,KL2);
356 RIP3(B,C,D,E,A,WL44,SL44,KL2);
357 RIP3(A,B,C,D,E,WL45,SL45,KL2);
358 RIP3(E,A,B,C,D,WL46,SL46,KL2);
359 RIP3(D,E,A,B,C,WL47,SL47,KL2);
360
361 RIP4(C,D,E,A,B,WL48,SL48,KL3);
362 RIP4(B,C,D,E,A,WL49,SL49,KL3);
363 RIP4(A,B,C,D,E,WL50,SL50,KL3);
364 RIP4(E,A,B,C,D,WL51,SL51,KL3);
365 RIP4(D,E,A,B,C,WL52,SL52,KL3);
366 RIP4(C,D,E,A,B,WL53,SL53,KL3);
367 RIP4(B,C,D,E,A,WL54,SL54,KL3);
368 RIP4(A,B,C,D,E,WL55,SL55,KL3);
369 RIP4(E,A,B,C,D,WL56,SL56,KL3);
370 RIP4(D,E,A,B,C,WL57,SL57,KL3);
371 RIP4(C,D,E,A,B,WL58,SL58,KL3);
372 RIP4(B,C,D,E,A,WL59,SL59,KL3);
373 RIP4(A,B,C,D,E,WL60,SL60,KL3);
374 RIP4(E,A,B,C,D,WL61,SL61,KL3);
375 RIP4(D,E,A,B,C,WL62,SL62,KL3);
376 RIP4(C,D,E,A,B,WL63,SL63,KL3);
377
378 RIP5(B,C,D,E,A,WL64,SL64,KL4);
379 RIP5(A,B,C,D,E,WL65,SL65,KL4);
380 RIP5(E,A,B,C,D,WL66,SL66,KL4);
381 RIP5(D,E,A,B,C,WL67,SL67,KL4);
382 RIP5(C,D,E,A,B,WL68,SL68,KL4);
383 RIP5(B,C,D,E,A,WL69,SL69,KL4);
384 RIP5(A,B,C,D,E,WL70,SL70,KL4);
385 RIP5(E,A,B,C,D,WL71,SL71,KL4);
386 RIP5(D,E,A,B,C,WL72,SL72,KL4);
387 RIP5(C,D,E,A,B,WL73,SL73,KL4);
388 RIP5(B,C,D,E,A,WL74,SL74,KL4);
389 RIP5(A,B,C,D,E,WL75,SL75,KL4);
390 RIP5(E,A,B,C,D,WL76,SL76,KL4);
391 RIP5(D,E,A,B,C,WL77,SL77,KL4);
392 RIP5(C,D,E,A,B,WL78,SL78,KL4);
393 RIP5(B,C,D,E,A,WL79,SL79,KL4);
394
395 a=A; b=B; c=C; d=D; e=E;
396 /* Do other half */
397 A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
398
399 RIP5(A,B,C,D,E,WR00,SR00,KR0);
400 RIP5(E,A,B,C,D,WR01,SR01,KR0);
401 RIP5(D,E,A,B,C,WR02,SR02,KR0);
402 RIP5(C,D,E,A,B,WR03,SR03,KR0);
403 RIP5(B,C,D,E,A,WR04,SR04,KR0);
404 RIP5(A,B,C,D,E,WR05,SR05,KR0);
405 RIP5(E,A,B,C,D,WR06,SR06,KR0);
406 RIP5(D,E,A,B,C,WR07,SR07,KR0);
407 RIP5(C,D,E,A,B,WR08,SR08,KR0);
408 RIP5(B,C,D,E,A,WR09,SR09,KR0);
409 RIP5(A,B,C,D,E,WR10,SR10,KR0);
410 RIP5(E,A,B,C,D,WR11,SR11,KR0);
411 RIP5(D,E,A,B,C,WR12,SR12,KR0);
412 RIP5(C,D,E,A,B,WR13,SR13,KR0);
413 RIP5(B,C,D,E,A,WR14,SR14,KR0);
414 RIP5(A,B,C,D,E,WR15,SR15,KR0);
415
416 RIP4(E,A,B,C,D,WR16,SR16,KR1);
417 RIP4(D,E,A,B,C,WR17,SR17,KR1);
418 RIP4(C,D,E,A,B,WR18,SR18,KR1);
419 RIP4(B,C,D,E,A,WR19,SR19,KR1);
420 RIP4(A,B,C,D,E,WR20,SR20,KR1);
421 RIP4(E,A,B,C,D,WR21,SR21,KR1);
422 RIP4(D,E,A,B,C,WR22,SR22,KR1);
423 RIP4(C,D,E,A,B,WR23,SR23,KR1);
424 RIP4(B,C,D,E,A,WR24,SR24,KR1);
425 RIP4(A,B,C,D,E,WR25,SR25,KR1);
426 RIP4(E,A,B,C,D,WR26,SR26,KR1);
427 RIP4(D,E,A,B,C,WR27,SR27,KR1);
428 RIP4(C,D,E,A,B,WR28,SR28,KR1);
429 RIP4(B,C,D,E,A,WR29,SR29,KR1);
430 RIP4(A,B,C,D,E,WR30,SR30,KR1);
431 RIP4(E,A,B,C,D,WR31,SR31,KR1);
432
433 RIP3(D,E,A,B,C,WR32,SR32,KR2);
434 RIP3(C,D,E,A,B,WR33,SR33,KR2);
435 RIP3(B,C,D,E,A,WR34,SR34,KR2);
436 RIP3(A,B,C,D,E,WR35,SR35,KR2);
437 RIP3(E,A,B,C,D,WR36,SR36,KR2);
438 RIP3(D,E,A,B,C,WR37,SR37,KR2);
439 RIP3(C,D,E,A,B,WR38,SR38,KR2);
440 RIP3(B,C,D,E,A,WR39,SR39,KR2);
441 RIP3(A,B,C,D,E,WR40,SR40,KR2);
442 RIP3(E,A,B,C,D,WR41,SR41,KR2);
443 RIP3(D,E,A,B,C,WR42,SR42,KR2);
444 RIP3(C,D,E,A,B,WR43,SR43,KR2);
445 RIP3(B,C,D,E,A,WR44,SR44,KR2);
446 RIP3(A,B,C,D,E,WR45,SR45,KR2);
447 RIP3(E,A,B,C,D,WR46,SR46,KR2);
448 RIP3(D,E,A,B,C,WR47,SR47,KR2);
449
450 RIP2(C,D,E,A,B,WR48,SR48,KR3);
451 RIP2(B,C,D,E,A,WR49,SR49,KR3);
452 RIP2(A,B,C,D,E,WR50,SR50,KR3);
453 RIP2(E,A,B,C,D,WR51,SR51,KR3);
454 RIP2(D,E,A,B,C,WR52,SR52,KR3);
455 RIP2(C,D,E,A,B,WR53,SR53,KR3);
456 RIP2(B,C,D,E,A,WR54,SR54,KR3);
457 RIP2(A,B,C,D,E,WR55,SR55,KR3);
458 RIP2(E,A,B,C,D,WR56,SR56,KR3);
459 RIP2(D,E,A,B,C,WR57,SR57,KR3);
460 RIP2(C,D,E,A,B,WR58,SR58,KR3);
461 RIP2(B,C,D,E,A,WR59,SR59,KR3);
462 RIP2(A,B,C,D,E,WR60,SR60,KR3);
463 RIP2(E,A,B,C,D,WR61,SR61,KR3);
464 RIP2(D,E,A,B,C,WR62,SR62,KR3);
465 RIP2(C,D,E,A,B,WR63,SR63,KR3);
466
467 RIP1(B,C,D,E,A,WR64,SR64);
468 RIP1(A,B,C,D,E,WR65,SR65);
469 RIP1(E,A,B,C,D,WR66,SR66);
470 RIP1(D,E,A,B,C,WR67,SR67);
471 RIP1(C,D,E,A,B,WR68,SR68);
472 RIP1(B,C,D,E,A,WR69,SR69);
473 RIP1(A,B,C,D,E,WR70,SR70);
474 RIP1(E,A,B,C,D,WR71,SR71);
475 RIP1(D,E,A,B,C,WR72,SR72);
476 RIP1(C,D,E,A,B,WR73,SR73);
477 RIP1(B,C,D,E,A,WR74,SR74);
478 RIP1(A,B,C,D,E,WR75,SR75);
479 RIP1(E,A,B,C,D,WR76,SR76);
480 RIP1(D,E,A,B,C,WR77,SR77);
481 RIP1(C,D,E,A,B,WR78,SR78);
482 RIP1(B,C,D,E,A,WR79,SR79);
483
484 D =ctx->B+c+D;
485 ctx->B=ctx->C+d+E;
486 ctx->C=ctx->D+e+A;
487 ctx->D=ctx->E+a+B;
488 ctx->E=ctx->A+b+C;
489 ctx->A=D;
490
491 }
492 }
493#endif
diff --git a/src/lib/libcrypto/ripemd/rmd_locl.h b/src/lib/libcrypto/ripemd/rmd_locl.h
deleted file mode 100644
index f537b88867..0000000000
--- a/src/lib/libcrypto/ripemd/rmd_locl.h
+++ /dev/null
@@ -1,160 +0,0 @@
1/* crypto/ripemd/rmd_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdlib.h>
60#include <string.h>
61#include <openssl/opensslconf.h>
62#include <openssl/ripemd.h>
63
64#ifndef RIPEMD160_LONG_LOG2
65#define RIPEMD160_LONG_LOG2 2 /* default to 32 bits */
66#endif
67
68/*
69 * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
70 * FOR EXPLANATIONS ON FOLLOWING "CODE."
71 * <appro@fy.chalmers.se>
72 */
73#ifdef RMD160_ASM
74# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
75# define ripemd160_block_host_order ripemd160_block_asm_host_order
76# endif
77#endif
78
79void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,int num);
80void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num);
81
82#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
83#define ripemd160_block_data_order ripemd160_block_host_order
84#endif
85
86#define DATA_ORDER_IS_LITTLE_ENDIAN
87
88#define HASH_LONG RIPEMD160_LONG
89#define HASH_LONG_LOG2 RIPEMD160_LONG_LOG2
90#define HASH_CTX RIPEMD160_CTX
91#define HASH_CBLOCK RIPEMD160_CBLOCK
92#define HASH_LBLOCK RIPEMD160_LBLOCK
93#define HASH_UPDATE RIPEMD160_Update
94#define HASH_TRANSFORM RIPEMD160_Transform
95#define HASH_FINAL RIPEMD160_Final
96#define HASH_BLOCK_HOST_ORDER ripemd160_block_host_order
97#define HASH_MAKE_STRING(c,s) do { \
98 unsigned long ll; \
99 ll=(c)->A; HOST_l2c(ll,(s)); \
100 ll=(c)->B; HOST_l2c(ll,(s)); \
101 ll=(c)->C; HOST_l2c(ll,(s)); \
102 ll=(c)->D; HOST_l2c(ll,(s)); \
103 ll=(c)->E; HOST_l2c(ll,(s)); \
104 } while (0)
105#if !defined(L_ENDIAN) || defined(ripemd160_block_data_order)
106#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
107#endif
108
109#include "md32_common.h"
110
111#if 0
112#define F1(x,y,z) ((x)^(y)^(z))
113#define F2(x,y,z) (((x)&(y))|((~x)&z))
114#define F3(x,y,z) (((x)|(~y))^(z))
115#define F4(x,y,z) (((x)&(z))|((y)&(~(z))))
116#define F5(x,y,z) ((x)^((y)|(~(z))))
117#else
118/*
119 * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
120 */
121#define F1(x,y,z) ((x) ^ (y) ^ (z))
122#define F2(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
123#define F3(x,y,z) (((~(y)) | (x)) ^ (z))
124#define F4(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
125#define F5(x,y,z) (((~(z)) | (y)) ^ (x))
126#endif
127
128#define RIPEMD160_A 0x67452301L
129#define RIPEMD160_B 0xEFCDAB89L
130#define RIPEMD160_C 0x98BADCFEL
131#define RIPEMD160_D 0x10325476L
132#define RIPEMD160_E 0xC3D2E1F0L
133
134#include "rmdconst.h"
135
136#define RIP1(a,b,c,d,e,w,s) { \
137 a+=F1(b,c,d)+X(w); \
138 a=ROTATE(a,s)+e; \
139 c=ROTATE(c,10); }
140
141#define RIP2(a,b,c,d,e,w,s,K) { \
142 a+=F2(b,c,d)+X(w)+K; \
143 a=ROTATE(a,s)+e; \
144 c=ROTATE(c,10); }
145
146#define RIP3(a,b,c,d,e,w,s,K) { \
147 a+=F3(b,c,d)+X(w)+K; \
148 a=ROTATE(a,s)+e; \
149 c=ROTATE(c,10); }
150
151#define RIP4(a,b,c,d,e,w,s,K) { \
152 a+=F4(b,c,d)+X(w)+K; \
153 a=ROTATE(a,s)+e; \
154 c=ROTATE(c,10); }
155
156#define RIP5(a,b,c,d,e,w,s,K) { \
157 a+=F5(b,c,d)+X(w)+K; \
158 a=ROTATE(a,s)+e; \
159 c=ROTATE(c,10); }
160
diff --git a/src/lib/libcrypto/ripemd/rmd_one.c b/src/lib/libcrypto/ripemd/rmd_one.c
deleted file mode 100644
index efdf2dd6ef..0000000000
--- a/src/lib/libcrypto/ripemd/rmd_one.c
+++ /dev/null
@@ -1,76 +0,0 @@
1/* crypto/ripemd/rmd_one.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/ripemd.h>
62
63unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
64 unsigned char *md)
65 {
66 RIPEMD160_CTX c;
67 static unsigned char m[RIPEMD160_DIGEST_LENGTH];
68
69 if (md == NULL) md=m;
70 RIPEMD160_Init(&c);
71 RIPEMD160_Update(&c,d,n);
72 RIPEMD160_Final(md,&c);
73 memset(&c,0,sizeof(c)); /* security consideration */
74 return(md);
75 }
76
diff --git a/src/lib/libcrypto/ripemd/rmdconst.h b/src/lib/libcrypto/ripemd/rmdconst.h
deleted file mode 100644
index 59c48dead1..0000000000
--- a/src/lib/libcrypto/ripemd/rmdconst.h
+++ /dev/null
@@ -1,399 +0,0 @@
1/* crypto/ripemd/rmdconst.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#define KL0 0x00000000L
59#define KL1 0x5A827999L
60#define KL2 0x6ED9EBA1L
61#define KL3 0x8F1BBCDCL
62#define KL4 0xA953FD4EL
63
64#define KR0 0x50A28BE6L
65#define KR1 0x5C4DD124L
66#define KR2 0x6D703EF3L
67#define KR3 0x7A6D76E9L
68#define KR4 0x00000000L
69
70#define WL00 0
71#define SL00 11
72#define WL01 1
73#define SL01 14
74#define WL02 2
75#define SL02 15
76#define WL03 3
77#define SL03 12
78#define WL04 4
79#define SL04 5
80#define WL05 5
81#define SL05 8
82#define WL06 6
83#define SL06 7
84#define WL07 7
85#define SL07 9
86#define WL08 8
87#define SL08 11
88#define WL09 9
89#define SL09 13
90#define WL10 10
91#define SL10 14
92#define WL11 11
93#define SL11 15
94#define WL12 12
95#define SL12 6
96#define WL13 13
97#define SL13 7
98#define WL14 14
99#define SL14 9
100#define WL15 15
101#define SL15 8
102
103#define WL16 7
104#define SL16 7
105#define WL17 4
106#define SL17 6
107#define WL18 13
108#define SL18 8
109#define WL19 1
110#define SL19 13
111#define WL20 10
112#define SL20 11
113#define WL21 6
114#define SL21 9
115#define WL22 15
116#define SL22 7
117#define WL23 3
118#define SL23 15
119#define WL24 12
120#define SL24 7
121#define WL25 0
122#define SL25 12
123#define WL26 9
124#define SL26 15
125#define WL27 5
126#define SL27 9
127#define WL28 2
128#define SL28 11
129#define WL29 14
130#define SL29 7
131#define WL30 11
132#define SL30 13
133#define WL31 8
134#define SL31 12
135
136#define WL32 3
137#define SL32 11
138#define WL33 10
139#define SL33 13
140#define WL34 14
141#define SL34 6
142#define WL35 4
143#define SL35 7
144#define WL36 9
145#define SL36 14
146#define WL37 15
147#define SL37 9
148#define WL38 8
149#define SL38 13
150#define WL39 1
151#define SL39 15
152#define WL40 2
153#define SL40 14
154#define WL41 7
155#define SL41 8
156#define WL42 0
157#define SL42 13
158#define WL43 6
159#define SL43 6
160#define WL44 13
161#define SL44 5
162#define WL45 11
163#define SL45 12
164#define WL46 5
165#define SL46 7
166#define WL47 12
167#define SL47 5
168
169#define WL48 1
170#define SL48 11
171#define WL49 9
172#define SL49 12
173#define WL50 11
174#define SL50 14
175#define WL51 10
176#define SL51 15
177#define WL52 0
178#define SL52 14
179#define WL53 8
180#define SL53 15
181#define WL54 12
182#define SL54 9
183#define WL55 4
184#define SL55 8
185#define WL56 13
186#define SL56 9
187#define WL57 3
188#define SL57 14
189#define WL58 7
190#define SL58 5
191#define WL59 15
192#define SL59 6
193#define WL60 14
194#define SL60 8
195#define WL61 5
196#define SL61 6
197#define WL62 6
198#define SL62 5
199#define WL63 2
200#define SL63 12
201
202#define WL64 4
203#define SL64 9
204#define WL65 0
205#define SL65 15
206#define WL66 5
207#define SL66 5
208#define WL67 9
209#define SL67 11
210#define WL68 7
211#define SL68 6
212#define WL69 12
213#define SL69 8
214#define WL70 2
215#define SL70 13
216#define WL71 10
217#define SL71 12
218#define WL72 14
219#define SL72 5
220#define WL73 1
221#define SL73 12
222#define WL74 3
223#define SL74 13
224#define WL75 8
225#define SL75 14
226#define WL76 11
227#define SL76 11
228#define WL77 6
229#define SL77 8
230#define WL78 15
231#define SL78 5
232#define WL79 13
233#define SL79 6
234
235#define WR00 5
236#define SR00 8
237#define WR01 14
238#define SR01 9
239#define WR02 7
240#define SR02 9
241#define WR03 0
242#define SR03 11
243#define WR04 9
244#define SR04 13
245#define WR05 2
246#define SR05 15
247#define WR06 11
248#define SR06 15
249#define WR07 4
250#define SR07 5
251#define WR08 13
252#define SR08 7
253#define WR09 6
254#define SR09 7
255#define WR10 15
256#define SR10 8
257#define WR11 8
258#define SR11 11
259#define WR12 1
260#define SR12 14
261#define WR13 10
262#define SR13 14
263#define WR14 3
264#define SR14 12
265#define WR15 12
266#define SR15 6
267
268#define WR16 6
269#define SR16 9
270#define WR17 11
271#define SR17 13
272#define WR18 3
273#define SR18 15
274#define WR19 7
275#define SR19 7
276#define WR20 0
277#define SR20 12
278#define WR21 13
279#define SR21 8
280#define WR22 5
281#define SR22 9
282#define WR23 10
283#define SR23 11
284#define WR24 14
285#define SR24 7
286#define WR25 15
287#define SR25 7
288#define WR26 8
289#define SR26 12
290#define WR27 12
291#define SR27 7
292#define WR28 4
293#define SR28 6
294#define WR29 9
295#define SR29 15
296#define WR30 1
297#define SR30 13
298#define WR31 2
299#define SR31 11
300
301#define WR32 15
302#define SR32 9
303#define WR33 5
304#define SR33 7
305#define WR34 1
306#define SR34 15
307#define WR35 3
308#define SR35 11
309#define WR36 7
310#define SR36 8
311#define WR37 14
312#define SR37 6
313#define WR38 6
314#define SR38 6
315#define WR39 9
316#define SR39 14
317#define WR40 11
318#define SR40 12
319#define WR41 8
320#define SR41 13
321#define WR42 12
322#define SR42 5
323#define WR43 2
324#define SR43 14
325#define WR44 10
326#define SR44 13
327#define WR45 0
328#define SR45 13
329#define WR46 4
330#define SR46 7
331#define WR47 13
332#define SR47 5
333
334#define WR48 8
335#define SR48 15
336#define WR49 6
337#define SR49 5
338#define WR50 4
339#define SR50 8
340#define WR51 1
341#define SR51 11
342#define WR52 3
343#define SR52 14
344#define WR53 11
345#define SR53 14
346#define WR54 15
347#define SR54 6
348#define WR55 0
349#define SR55 14
350#define WR56 5
351#define SR56 6
352#define WR57 12
353#define SR57 9
354#define WR58 2
355#define SR58 12
356#define WR59 13
357#define SR59 9
358#define WR60 9
359#define SR60 12
360#define WR61 7
361#define SR61 5
362#define WR62 10
363#define SR62 15
364#define WR63 14
365#define SR63 8
366
367#define WR64 12
368#define SR64 8
369#define WR65 15
370#define SR65 5
371#define WR66 10
372#define SR66 12
373#define WR67 4
374#define SR67 9
375#define WR68 1
376#define SR68 12
377#define WR69 5
378#define SR69 5
379#define WR70 8
380#define SR70 14
381#define WR71 7
382#define SR71 6
383#define WR72 6
384#define SR72 8
385#define WR73 2
386#define SR73 13
387#define WR74 13
388#define SR74 6
389#define WR75 14
390#define SR75 5
391#define WR76 0
392#define SR76 15
393#define WR77 3
394#define SR77 13
395#define WR78 9
396#define SR78 11
397#define WR79 11
398#define SR79 11
399
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
deleted file mode 100644
index bda636a365..0000000000
--- a/src/lib/libcrypto/rsa/rsa.h
+++ /dev/null
@@ -1,357 +0,0 @@
1/* crypto/rsa/rsa.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RSA_H
60#define HEADER_RSA_H
61
62#ifndef NO_BIO
63#include <openssl/bio.h>
64#endif
65#include <openssl/bn.h>
66#include <openssl/crypto.h>
67
68#ifdef NO_RSA
69#error RSA is disabled.
70#endif
71
72#ifdef __cplusplus
73extern "C" {
74#endif
75
76typedef struct rsa_st RSA;
77
78typedef struct rsa_meth_st
79 {
80 const char *name;
81 int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to,
82 RSA *rsa,int padding);
83 int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to,
84 RSA *rsa,int padding);
85 int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to,
86 RSA *rsa,int padding);
87 int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to,
88 RSA *rsa,int padding);
89 int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */
90 int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
91 const BIGNUM *m, BN_CTX *ctx,
92 BN_MONT_CTX *m_ctx); /* Can be null */
93 int (*init)(RSA *rsa); /* called at new */
94 int (*finish)(RSA *rsa); /* called at free */
95 int flags; /* RSA_METHOD_FLAG_* things */
96 char *app_data; /* may be needed! */
97/* New sign and verify functions: some libraries don't allow arbitrary data
98 * to be signed/verified: this allows them to be used. Note: for this to work
99 * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
100 * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
101 * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
102 * option is set in 'flags'.
103 */
104 int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
105 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
106 int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len,
107 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
108
109 } RSA_METHOD;
110
111struct rsa_st
112 {
113 /* The first parameter is used to pickup errors where
114 * this is passed instead of aEVP_PKEY, it is set to 0 */
115 int pad;
116 int version;
117#if 0
118 RSA_METHOD *meth;
119#else
120 struct engine_st *engine;
121#endif
122 BIGNUM *n;
123 BIGNUM *e;
124 BIGNUM *d;
125 BIGNUM *p;
126 BIGNUM *q;
127 BIGNUM *dmp1;
128 BIGNUM *dmq1;
129 BIGNUM *iqmp;
130 /* be careful using this if the RSA structure is shared */
131 CRYPTO_EX_DATA ex_data;
132 int references;
133 int flags;
134
135 /* Used to cache montgomery values */
136 BN_MONT_CTX *_method_mod_n;
137 BN_MONT_CTX *_method_mod_p;
138 BN_MONT_CTX *_method_mod_q;
139
140 /* all BIGNUM values are actually in the following data, if it is not
141 * NULL */
142 char *bignum_data;
143 BN_BLINDING *blinding;
144 };
145
146#define RSA_3 0x3L
147#define RSA_F4 0x10001L
148
149#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */
150
151#define RSA_FLAG_CACHE_PUBLIC 0x02
152#define RSA_FLAG_CACHE_PRIVATE 0x04
153#define RSA_FLAG_BLINDING 0x08
154#define RSA_FLAG_THREAD_SAFE 0x10
155/* This flag means the private key operations will be handled by rsa_mod_exp
156 * and that they do not depend on the private key components being present:
157 * for example a key stored in external hardware. Without this flag bn_mod_exp
158 * gets called when private key components are absent.
159 */
160#define RSA_FLAG_EXT_PKEY 0x20
161
162/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
163 */
164#define RSA_FLAG_SIGN_VER 0x40
165
166#define RSA_PKCS1_PADDING 1
167#define RSA_SSLV23_PADDING 2
168#define RSA_NO_PADDING 3
169#define RSA_PKCS1_OAEP_PADDING 4
170
171#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
172#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
173
174RSA * RSA_new(void);
175#if 0
176RSA * RSA_new_method(RSA_METHOD *method);
177#else
178RSA * RSA_new_method(struct engine_st *engine);
179#endif
180int RSA_size(RSA *);
181RSA * RSA_generate_key(int bits, unsigned long e,void
182 (*callback)(int,int,void *),void *cb_arg);
183int RSA_check_key(RSA *);
184 /* next 4 return -1 on error */
185int RSA_public_encrypt(int flen, unsigned char *from,
186 unsigned char *to, RSA *rsa,int padding);
187int RSA_private_encrypt(int flen, unsigned char *from,
188 unsigned char *to, RSA *rsa,int padding);
189int RSA_public_decrypt(int flen, unsigned char *from,
190 unsigned char *to, RSA *rsa,int padding);
191int RSA_private_decrypt(int flen, unsigned char *from,
192 unsigned char *to, RSA *rsa,int padding);
193void RSA_free (RSA *r);
194
195int RSA_flags(RSA *r);
196
197void RSA_set_default_openssl_method(RSA_METHOD *meth);
198RSA_METHOD *RSA_get_default_openssl_method(void);
199RSA_METHOD *RSA_get_method(RSA *rsa);
200#if 0
201RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
202#else
203int RSA_set_method(RSA *rsa, struct engine_st *engine);
204#endif
205
206/* This function needs the memory locking malloc callbacks to be installed */
207int RSA_memory_lock(RSA *r);
208
209/* If you have RSAref compiled in. */
210RSA_METHOD *RSA_PKCS1_RSAref(void);
211
212/* these are the actual SSLeay RSA functions */
213RSA_METHOD *RSA_PKCS1_SSLeay(void);
214
215RSA_METHOD *RSA_null_method(void);
216
217void ERR_load_RSA_strings(void );
218
219RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
220int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
221RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
222int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
223#ifndef NO_FP_API
224int RSA_print_fp(FILE *fp, RSA *r,int offset);
225#endif
226
227#ifndef NO_BIO
228int RSA_print(BIO *bp, RSA *r,int offset);
229#endif
230
231int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
232RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
233RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
234
235int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
236RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
237/* Naughty internal function required elsewhere, to handle a MS structure
238 * that is the same as the netscape one :-) */
239RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
240
241/* The following 2 functions sign and verify a X509_SIG ASN1 object
242 * inside PKCS#1 padded RSA encryption */
243int RSA_sign(int type, unsigned char *m, unsigned int m_len,
244 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
245int RSA_verify(int type, unsigned char *m, unsigned int m_len,
246 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
247
248/* The following 2 function sign and verify a ASN1_OCTET_STRING
249 * object inside PKCS#1 padded RSA encryption */
250int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
251 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
252int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
253 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
254
255int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
256void RSA_blinding_off(RSA *rsa);
257
258int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
259 unsigned char *f,int fl);
260int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
261 unsigned char *f,int fl,int rsa_len);
262int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
263 unsigned char *f,int fl);
264int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
265 unsigned char *f,int fl,int rsa_len);
266int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
267 unsigned char *f,int fl,unsigned char *p,
268 int pl);
269int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,
270 unsigned char *f,int fl,int rsa_len,
271 unsigned char *p,int pl);
272int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
273 unsigned char *f,int fl);
274int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
275 unsigned char *f,int fl,int rsa_len);
276int RSA_padding_add_none(unsigned char *to,int tlen,
277 unsigned char *f,int fl);
278int RSA_padding_check_none(unsigned char *to,int tlen,
279 unsigned char *f,int fl,int rsa_len);
280
281int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
282 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
283int RSA_set_ex_data(RSA *r,int idx,void *arg);
284void *RSA_get_ex_data(RSA *r, int idx);
285
286/* BEGIN ERROR CODES */
287/* The following lines are auto generated by the script mkerr.pl. Any changes
288 * made after this point may be overwritten when the script is next run.
289 */
290
291/* Error codes for the RSA functions. */
292
293/* Function codes. */
294#define RSA_F_MEMORY_LOCK 100
295#define RSA_F_RSA_CHECK_KEY 123
296#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
297#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
298#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
299#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
300#define RSA_F_RSA_GENERATE_KEY 105
301#define RSA_F_RSA_NEW_METHOD 106
302#define RSA_F_RSA_NULL 124
303#define RSA_F_RSA_PADDING_ADD_NONE 107
304#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
305#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
306#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
307#define RSA_F_RSA_PADDING_ADD_SSLV23 110
308#define RSA_F_RSA_PADDING_CHECK_NONE 111
309#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
310#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
311#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
312#define RSA_F_RSA_PADDING_CHECK_SSLV23 114
313#define RSA_F_RSA_PRINT 115
314#define RSA_F_RSA_PRINT_FP 116
315#define RSA_F_RSA_SIGN 117
316#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
317#define RSA_F_RSA_VERIFY 119
318#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
319
320/* Reason codes. */
321#define RSA_R_ALGORITHM_MISMATCH 100
322#define RSA_R_BAD_E_VALUE 101
323#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
324#define RSA_R_BAD_PAD_BYTE_COUNT 103
325#define RSA_R_BAD_SIGNATURE 104
326#define RSA_R_BLOCK_TYPE_IS_NOT_01 106
327#define RSA_R_BLOCK_TYPE_IS_NOT_02 107
328#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
329#define RSA_R_DATA_TOO_LARGE 109
330#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
331#define RSA_R_DATA_TOO_SMALL 111
332#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
333#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
334#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
335#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
336#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
337#define RSA_R_INVALID_MESSAGE_LENGTH 131
338#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
339#define RSA_R_KEY_SIZE_TOO_SMALL 120
340#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
341#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
342#define RSA_R_OAEP_DECODING_ERROR 121
343#define RSA_R_PADDING_CHECK_FAILED 114
344#define RSA_R_P_NOT_PRIME 128
345#define RSA_R_Q_NOT_PRIME 129
346#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
347#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
348#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
349#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
350#define RSA_R_UNKNOWN_PADDING_TYPE 118
351#define RSA_R_WRONG_SIGNATURE_LENGTH 119
352
353#ifdef __cplusplus
354}
355#endif
356#endif
357
diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c
deleted file mode 100644
index 91b9115798..0000000000
--- a/src/lib/libcrypto/rsa/rsa_chk.c
+++ /dev/null
@@ -1,184 +0,0 @@
1/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 */
50
51#include <openssl/bn.h>
52#include <openssl/err.h>
53#include <openssl/rsa.h>
54
55
56int RSA_check_key(RSA *key)
57 {
58 BIGNUM *i, *j, *k, *l, *m;
59 BN_CTX *ctx;
60 int r;
61 int ret=1;
62
63 i = BN_new();
64 j = BN_new();
65 k = BN_new();
66 l = BN_new();
67 m = BN_new();
68 ctx = BN_CTX_new();
69 if (i == NULL || j == NULL || k == NULL || l == NULL ||
70 m == NULL || ctx == NULL)
71 {
72 ret = -1;
73 RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
74 goto err;
75 }
76
77 /* p prime? */
78 r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL);
79 if (r != 1)
80 {
81 ret = r;
82 if (r != 0)
83 goto err;
84 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
85 }
86
87 /* q prime? */
88 r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL);
89 if (r != 1)
90 {
91 ret = r;
92 if (r != 0)
93 goto err;
94 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
95 }
96
97 /* n = p*q? */
98 r = BN_mul(i, key->p, key->q, ctx);
99 if (!r) { ret = -1; goto err; }
100
101 if (BN_cmp(i, key->n) != 0)
102 {
103 ret = 0;
104 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
105 }
106
107 /* d*e = 1 mod lcm(p-1,q-1)? */
108
109 r = BN_sub(i, key->p, BN_value_one());
110 if (!r) { ret = -1; goto err; }
111 r = BN_sub(j, key->q, BN_value_one());
112 if (!r) { ret = -1; goto err; }
113
114 /* now compute k = lcm(i,j) */
115 r = BN_mul(l, i, j, ctx);
116 if (!r) { ret = -1; goto err; }
117 r = BN_gcd(m, i, j, ctx);
118 if (!r) { ret = -1; goto err; }
119 r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
120 if (!r) { ret = -1; goto err; }
121
122 r = BN_mod_mul(i, key->d, key->e, k, ctx);
123 if (!r) { ret = -1; goto err; }
124
125 if (!BN_is_one(i))
126 {
127 ret = 0;
128 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
129 }
130
131 if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL)
132 {
133 /* dmp1 = d mod (p-1)? */
134 r = BN_sub(i, key->p, BN_value_one());
135 if (!r) { ret = -1; goto err; }
136
137 r = BN_mod(j, key->d, i, ctx);
138 if (!r) { ret = -1; goto err; }
139
140 if (BN_cmp(j, key->dmp1) != 0)
141 {
142 ret = 0;
143 RSAerr(RSA_F_RSA_CHECK_KEY,
144 RSA_R_DMP1_NOT_CONGRUENT_TO_D);
145 }
146
147 /* dmq1 = d mod (q-1)? */
148 r = BN_sub(i, key->q, BN_value_one());
149 if (!r) { ret = -1; goto err; }
150
151 r = BN_mod(j, key->d, i, ctx);
152 if (!r) { ret = -1; goto err; }
153
154 if (BN_cmp(j, key->dmq1) != 0)
155 {
156 ret = 0;
157 RSAerr(RSA_F_RSA_CHECK_KEY,
158 RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
159 }
160
161 /* iqmp = q^-1 mod p? */
162 if(!BN_mod_inverse(i, key->q, key->p, ctx))
163 {
164 ret = -1;
165 goto err;
166 }
167
168 if (BN_cmp(i, key->iqmp) != 0)
169 {
170 ret = 0;
171 RSAerr(RSA_F_RSA_CHECK_KEY,
172 RSA_R_IQMP_NOT_INVERSE_OF_Q);
173 }
174 }
175
176 err:
177 if (i != NULL) BN_free(i);
178 if (j != NULL) BN_free(j);
179 if (k != NULL) BN_free(k);
180 if (l != NULL) BN_free(l);
181 if (m != NULL) BN_free(m);
182 if (ctx != NULL) BN_CTX_free(ctx);
183 return (ret);
184 }
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
deleted file mode 100644
index cde5ca27d5..0000000000
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ /dev/null
@@ -1,579 +0,0 @@
1/* crypto/rsa/rsa_eay.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/rand.h>
64#include <openssl/engine.h>
65
66#ifndef RSA_NULL
67
68static int RSA_eay_public_encrypt(int flen, unsigned char *from,
69 unsigned char *to, RSA *rsa,int padding);
70static int RSA_eay_private_encrypt(int flen, unsigned char *from,
71 unsigned char *to, RSA *rsa,int padding);
72static int RSA_eay_public_decrypt(int flen, unsigned char *from,
73 unsigned char *to, RSA *rsa,int padding);
74static int RSA_eay_private_decrypt(int flen, unsigned char *from,
75 unsigned char *to, RSA *rsa,int padding);
76static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
77static int RSA_eay_init(RSA *rsa);
78static int RSA_eay_finish(RSA *rsa);
79static RSA_METHOD rsa_pkcs1_eay_meth={
80 "Eric Young's PKCS#1 RSA",
81 RSA_eay_public_encrypt,
82 RSA_eay_public_decrypt,
83 RSA_eay_private_encrypt,
84 RSA_eay_private_decrypt,
85 RSA_eay_mod_exp,
86 BN_mod_exp_mont,
87 RSA_eay_init,
88 RSA_eay_finish,
89 0,
90 NULL,
91 };
92
93RSA_METHOD *RSA_PKCS1_SSLeay(void)
94 {
95 return(&rsa_pkcs1_eay_meth);
96 }
97
98static int RSA_eay_public_encrypt(int flen, unsigned char *from,
99 unsigned char *to, RSA *rsa, int padding)
100 {
101 const RSA_METHOD *meth;
102 BIGNUM f,ret;
103 int i,j,k,num=0,r= -1;
104 unsigned char *buf=NULL;
105 BN_CTX *ctx=NULL;
106
107 meth = ENGINE_get_RSA(rsa->engine);
108 BN_init(&f);
109 BN_init(&ret);
110 if ((ctx=BN_CTX_new()) == NULL) goto err;
111 num=BN_num_bytes(rsa->n);
112 if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
113 {
114 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
115 goto err;
116 }
117
118 switch (padding)
119 {
120 case RSA_PKCS1_PADDING:
121 i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
122 break;
123#ifndef NO_SHA
124 case RSA_PKCS1_OAEP_PADDING:
125 i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
126 break;
127#endif
128 case RSA_SSLV23_PADDING:
129 i=RSA_padding_add_SSLv23(buf,num,from,flen);
130 break;
131 case RSA_NO_PADDING:
132 i=RSA_padding_add_none(buf,num,from,flen);
133 break;
134 default:
135 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
136 goto err;
137 }
138 if (i <= 0) goto err;
139
140 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
141
142 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
143 {
144 BN_MONT_CTX* bn_mont_ctx;
145 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
146 goto err;
147 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
148 {
149 BN_MONT_CTX_free(bn_mont_ctx);
150 goto err;
151 }
152 if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
153 {
154 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
155 if (rsa->_method_mod_n == NULL)
156 {
157 rsa->_method_mod_n = bn_mont_ctx;
158 bn_mont_ctx = NULL;
159 }
160 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
161 }
162 if (bn_mont_ctx)
163 BN_MONT_CTX_free(bn_mont_ctx);
164 }
165
166 if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
167 rsa->_method_mod_n)) goto err;
168
169 /* put in leading 0 bytes if the number is less than the
170 * length of the modulus */
171 j=BN_num_bytes(&ret);
172 i=BN_bn2bin(&ret,&(to[num-j]));
173 for (k=0; k<(num-i); k++)
174 to[k]=0;
175
176 r=num;
177err:
178 if (ctx != NULL) BN_CTX_free(ctx);
179 BN_clear_free(&f);
180 BN_clear_free(&ret);
181 if (buf != NULL)
182 {
183 memset(buf,0,num);
184 OPENSSL_free(buf);
185 }
186 return(r);
187 }
188
189static int RSA_eay_private_encrypt(int flen, unsigned char *from,
190 unsigned char *to, RSA *rsa, int padding)
191 {
192 const RSA_METHOD *meth;
193 BIGNUM f,ret;
194 int i,j,k,num=0,r= -1;
195 unsigned char *buf=NULL;
196 BN_CTX *ctx=NULL;
197
198 meth = ENGINE_get_RSA(rsa->engine);
199 BN_init(&f);
200 BN_init(&ret);
201
202 if ((ctx=BN_CTX_new()) == NULL) goto err;
203 num=BN_num_bytes(rsa->n);
204 if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
205 {
206 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
207 goto err;
208 }
209
210 switch (padding)
211 {
212 case RSA_PKCS1_PADDING:
213 i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
214 break;
215 case RSA_NO_PADDING:
216 i=RSA_padding_add_none(buf,num,from,flen);
217 break;
218 case RSA_SSLV23_PADDING:
219 default:
220 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
221 goto err;
222 }
223 if (i <= 0) goto err;
224
225 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
226
227 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
228 RSA_blinding_on(rsa,ctx);
229 if (rsa->flags & RSA_FLAG_BLINDING)
230 if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
231
232 if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
233 ((rsa->p != NULL) &&
234 (rsa->q != NULL) &&
235 (rsa->dmp1 != NULL) &&
236 (rsa->dmq1 != NULL) &&
237 (rsa->iqmp != NULL)) )
238 { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
239 else
240 {
241 if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
242 }
243
244 if (rsa->flags & RSA_FLAG_BLINDING)
245 if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
246
247 /* put in leading 0 bytes if the number is less than the
248 * length of the modulus */
249 j=BN_num_bytes(&ret);
250 i=BN_bn2bin(&ret,&(to[num-j]));
251 for (k=0; k<(num-i); k++)
252 to[k]=0;
253
254 r=num;
255err:
256 if (ctx != NULL) BN_CTX_free(ctx);
257 BN_clear_free(&ret);
258 BN_clear_free(&f);
259 if (buf != NULL)
260 {
261 memset(buf,0,num);
262 OPENSSL_free(buf);
263 }
264 return(r);
265 }
266
267static int RSA_eay_private_decrypt(int flen, unsigned char *from,
268 unsigned char *to, RSA *rsa, int padding)
269 {
270 const RSA_METHOD *meth;
271 BIGNUM f,ret;
272 int j,num=0,r= -1;
273 unsigned char *p;
274 unsigned char *buf=NULL;
275 BN_CTX *ctx=NULL;
276
277 meth = ENGINE_get_RSA(rsa->engine);
278 BN_init(&f);
279 BN_init(&ret);
280 ctx=BN_CTX_new();
281 if (ctx == NULL) goto err;
282
283 num=BN_num_bytes(rsa->n);
284
285 if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
286 {
287 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
288 goto err;
289 }
290
291 /* This check was for equality but PGP does evil things
292 * and chops off the top '0' bytes */
293 if (flen > num)
294 {
295 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
296 goto err;
297 }
298
299 /* make data into a big number */
300 if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
301
302 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
303 RSA_blinding_on(rsa,ctx);
304 if (rsa->flags & RSA_FLAG_BLINDING)
305 if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
306
307 /* do the decrypt */
308 if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
309 ((rsa->p != NULL) &&
310 (rsa->q != NULL) &&
311 (rsa->dmp1 != NULL) &&
312 (rsa->dmq1 != NULL) &&
313 (rsa->iqmp != NULL)) )
314 { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
315 else
316 {
317 if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
318 goto err;
319 }
320
321 if (rsa->flags & RSA_FLAG_BLINDING)
322 if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
323
324 p=buf;
325 j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
326
327 switch (padding)
328 {
329 case RSA_PKCS1_PADDING:
330 r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
331 break;
332#ifndef NO_SHA
333 case RSA_PKCS1_OAEP_PADDING:
334 r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
335 break;
336#endif
337 case RSA_SSLV23_PADDING:
338 r=RSA_padding_check_SSLv23(to,num,buf,j,num);
339 break;
340 case RSA_NO_PADDING:
341 r=RSA_padding_check_none(to,num,buf,j,num);
342 break;
343 default:
344 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
345 goto err;
346 }
347 if (r < 0)
348 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
349
350err:
351 if (ctx != NULL) BN_CTX_free(ctx);
352 BN_clear_free(&f);
353 BN_clear_free(&ret);
354 if (buf != NULL)
355 {
356 memset(buf,0,num);
357 OPENSSL_free(buf);
358 }
359 return(r);
360 }
361
362static int RSA_eay_public_decrypt(int flen, unsigned char *from,
363 unsigned char *to, RSA *rsa, int padding)
364 {
365 const RSA_METHOD *meth;
366 BIGNUM f,ret;
367 int i,num=0,r= -1;
368 unsigned char *p;
369 unsigned char *buf=NULL;
370 BN_CTX *ctx=NULL;
371
372 meth = ENGINE_get_RSA(rsa->engine);
373 BN_init(&f);
374 BN_init(&ret);
375 ctx=BN_CTX_new();
376 if (ctx == NULL) goto err;
377
378 num=BN_num_bytes(rsa->n);
379 buf=(unsigned char *)OPENSSL_malloc(num);
380 if (buf == NULL)
381 {
382 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
383 goto err;
384 }
385
386 /* This check was for equality but PGP does evil things
387 * and chops off the top '0' bytes */
388 if (flen > num)
389 {
390 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
391 goto err;
392 }
393
394 if (BN_bin2bn(from,flen,&f) == NULL) goto err;
395 /* do the decrypt */
396 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
397 {
398 BN_MONT_CTX* bn_mont_ctx;
399 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
400 goto err;
401 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
402 {
403 BN_MONT_CTX_free(bn_mont_ctx);
404 goto err;
405 }
406 if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
407 {
408 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
409 if (rsa->_method_mod_n == NULL)
410 {
411 rsa->_method_mod_n = bn_mont_ctx;
412 bn_mont_ctx = NULL;
413 }
414 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
415 }
416 if (bn_mont_ctx)
417 BN_MONT_CTX_free(bn_mont_ctx);
418 }
419
420 if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
421 rsa->_method_mod_n)) goto err;
422
423 p=buf;
424 i=BN_bn2bin(&ret,p);
425
426 switch (padding)
427 {
428 case RSA_PKCS1_PADDING:
429 r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
430 break;
431 case RSA_NO_PADDING:
432 r=RSA_padding_check_none(to,num,buf,i,num);
433 break;
434 default:
435 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
436 goto err;
437 }
438 if (r < 0)
439 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
440
441err:
442 if (ctx != NULL) BN_CTX_free(ctx);
443 BN_clear_free(&f);
444 BN_clear_free(&ret);
445 if (buf != NULL)
446 {
447 memset(buf,0,num);
448 OPENSSL_free(buf);
449 }
450 return(r);
451 }
452
453static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
454 {
455 const RSA_METHOD *meth;
456 BIGNUM r1,m1,vrfy;
457 int ret=0;
458 BN_CTX *ctx;
459
460 meth = ENGINE_get_RSA(rsa->engine);
461 if ((ctx=BN_CTX_new()) == NULL) goto err;
462 BN_init(&m1);
463 BN_init(&r1);
464 BN_init(&vrfy);
465
466 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
467 {
468 if (rsa->_method_mod_p == NULL)
469 {
470 BN_MONT_CTX* bn_mont_ctx;
471 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
472 goto err;
473 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx))
474 {
475 BN_MONT_CTX_free(bn_mont_ctx);
476 goto err;
477 }
478 if (rsa->_method_mod_p == NULL) /* other thread may have finished first */
479 {
480 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
481 if (rsa->_method_mod_p == NULL)
482 {
483 rsa->_method_mod_p = bn_mont_ctx;
484 bn_mont_ctx = NULL;
485 }
486 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
487 }
488 if (bn_mont_ctx)
489 BN_MONT_CTX_free(bn_mont_ctx);
490 }
491
492 if (rsa->_method_mod_q == NULL)
493 {
494 BN_MONT_CTX* bn_mont_ctx;
495 if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
496 goto err;
497 if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
498 {
499 BN_MONT_CTX_free(bn_mont_ctx);
500 goto err;
501 }
502 if (rsa->_method_mod_q == NULL) /* other thread may have finished first */
503 {
504 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
505 if (rsa->_method_mod_q == NULL)
506 {
507 rsa->_method_mod_q = bn_mont_ctx;
508 bn_mont_ctx = NULL;
509 }
510 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
511 }
512 if (bn_mont_ctx)
513 BN_MONT_CTX_free(bn_mont_ctx);
514 }
515 }
516
517 if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
518 if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
519 rsa->_method_mod_q)) goto err;
520
521 if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
522 if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
523 rsa->_method_mod_p)) goto err;
524
525 if (!BN_sub(r0,r0,&m1)) goto err;
526 /* This will help stop the size of r0 increasing, which does
527 * affect the multiply if it optimised for a power of 2 size */
528 if (r0->neg)
529 if (!BN_add(r0,r0,rsa->p)) goto err;
530
531 if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err;
532 if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err;
533 /* If p < q it is occasionally possible for the correction of
534 * adding 'p' if r0 is negative above to leave the result still
535 * negative. This can break the private key operations: the following
536 * second correction should *always* correct this rare occurrence.
537 * This will *never* happen with OpenSSL generated keys because
538 * they ensure p > q [steve]
539 */
540 if (r0->neg)
541 if (!BN_add(r0,r0,rsa->p)) goto err;
542 if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
543 if (!BN_add(r0,&r1,&m1)) goto err;
544
545 if (rsa->e && rsa->n)
546 {
547 if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
548 if (BN_cmp(I, &vrfy) != 0)
549 {
550 if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
551 }
552 }
553 ret=1;
554err:
555 BN_clear_free(&m1);
556 BN_clear_free(&r1);
557 BN_clear_free(&vrfy);
558 BN_CTX_free(ctx);
559 return(ret);
560 }
561
562static int RSA_eay_init(RSA *rsa)
563 {
564 rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
565 return(1);
566 }
567
568static int RSA_eay_finish(RSA *rsa)
569 {
570 if (rsa->_method_mod_n != NULL)
571 BN_MONT_CTX_free(rsa->_method_mod_n);
572 if (rsa->_method_mod_p != NULL)
573 BN_MONT_CTX_free(rsa->_method_mod_p);
574 if (rsa->_method_mod_q != NULL)
575 BN_MONT_CTX_free(rsa->_method_mod_q);
576 return(1);
577 }
578
579#endif
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c
deleted file mode 100644
index 1cde7c0da4..0000000000
--- a/src/lib/libcrypto/rsa/rsa_err.c
+++ /dev/null
@@ -1,148 +0,0 @@
1/* crypto/rsa/rsa_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/rsa.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA RSA_str_functs[]=
68 {
69{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"},
70{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"},
71{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
72{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
73{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
74{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
75{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
76{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
77{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"},
78{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"},
79{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"},
80{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"},
81{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"},
82{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"},
83{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"},
84{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0), "RSA_padding_check_PKCS1_OAEP"},
85{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"},
86{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"},
87{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"},
88{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
89{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"},
90{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"},
91{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"},
92{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"},
93{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"},
94{0,NULL}
95 };
96
97static ERR_STRING_DATA RSA_str_reasons[]=
98 {
99{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"},
100{RSA_R_BAD_E_VALUE ,"bad e value"},
101{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"},
102{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"},
103{RSA_R_BAD_SIGNATURE ,"bad signature"},
104{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"},
105{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"},
106{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
107{RSA_R_DATA_TOO_LARGE ,"data too large"},
108{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
109{RSA_R_DATA_TOO_SMALL ,"data too small"},
110{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
111{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
112{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"},
113{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"},
114{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"},
115{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"},
116{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"},
117{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"},
118{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
119{RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"},
120{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"},
121{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
122{RSA_R_P_NOT_PRIME ,"p not prime"},
123{RSA_R_Q_NOT_PRIME ,"q not prime"},
124{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"},
125{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
126{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
127{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
128{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"},
129{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
130{0,NULL}
131 };
132
133#endif
134
135void ERR_load_RSA_strings(void)
136 {
137 static int init=1;
138
139 if (init)
140 {
141 init=0;
142#ifndef NO_ERR
143 ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
144 ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
145#endif
146
147 }
148 }
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
deleted file mode 100644
index 00c25adbc5..0000000000
--- a/src/lib/libcrypto/rsa/rsa_gen.c
+++ /dev/null
@@ -1,197 +0,0 @@
1/* crypto/rsa/rsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include "cryptlib.h"
62#include <openssl/bn.h>
63#include <openssl/rsa.h>
64
65RSA *RSA_generate_key(int bits, unsigned long e_value,
66 void (*callback)(int,int,void *), void *cb_arg)
67 {
68 RSA *rsa=NULL;
69 BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
70 int bitsp,bitsq,ok= -1,n=0,i;
71 BN_CTX *ctx=NULL,*ctx2=NULL;
72
73 ctx=BN_CTX_new();
74 if (ctx == NULL) goto err;
75 ctx2=BN_CTX_new();
76 if (ctx2 == NULL) goto err;
77 BN_CTX_start(ctx);
78 r0 = BN_CTX_get(ctx);
79 r1 = BN_CTX_get(ctx);
80 r2 = BN_CTX_get(ctx);
81 r3 = BN_CTX_get(ctx);
82 if (r3 == NULL) goto err;
83
84 bitsp=(bits+1)/2;
85 bitsq=bits-bitsp;
86 rsa=RSA_new();
87 if (rsa == NULL) goto err;
88
89 /* set e */
90 rsa->e=BN_new();
91 if (rsa->e == NULL) goto err;
92
93#if 1
94 /* The problem is when building with 8, 16, or 32 BN_ULONG,
95 * unsigned long can be larger */
96 for (i=0; i<sizeof(unsigned long)*8; i++)
97 {
98 if (e_value & (1UL<<i))
99 BN_set_bit(rsa->e,i);
100 }
101#else
102 if (!BN_set_word(rsa->e,e_value)) goto err;
103#endif
104
105 /* generate p and q */
106 for (;;)
107 {
108 rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
109 if (rsa->p == NULL) goto err;
110 if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
111 if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
112 if (BN_is_one(r1)) break;
113 if (callback != NULL) callback(2,n++,cb_arg);
114 BN_free(rsa->p);
115 }
116 if (callback != NULL) callback(3,0,cb_arg);
117 for (;;)
118 {
119 rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg);
120 if (rsa->q == NULL) goto err;
121 if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
122 if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
123 if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
124 break;
125 if (callback != NULL) callback(2,n++,cb_arg);
126 BN_free(rsa->q);
127 }
128 if (callback != NULL) callback(3,1,cb_arg);
129 if (BN_cmp(rsa->p,rsa->q) < 0)
130 {
131 tmp=rsa->p;
132 rsa->p=rsa->q;
133 rsa->q=tmp;
134 }
135
136 /* calculate n */
137 rsa->n=BN_new();
138 if (rsa->n == NULL) goto err;
139 if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err;
140
141 /* calculate d */
142 if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */
143 if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */
144 if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
145
146/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
147/* for (;;)
148 {
149 if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
150 if (BN_is_one(r3)) break;
151
152 if (1)
153 {
154 if (!BN_add_word(rsa->e,2L)) goto err;
155 continue;
156 }
157 RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
158 goto err;
159 }
160*/
161 rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */
162 if (rsa->d == NULL) goto err;
163
164 /* calculate d mod (p-1) */
165 rsa->dmp1=BN_new();
166 if (rsa->dmp1 == NULL) goto err;
167 if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
168
169 /* calculate d mod (q-1) */
170 rsa->dmq1=BN_new();
171 if (rsa->dmq1 == NULL) goto err;
172 if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
173
174 /* calculate inverse of q mod p */
175 rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
176 if (rsa->iqmp == NULL) goto err;
177
178 ok=1;
179err:
180 if (ok == -1)
181 {
182 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
183 ok=0;
184 }
185 BN_CTX_end(ctx);
186 BN_CTX_free(ctx);
187 BN_CTX_free(ctx2);
188
189 if (!ok)
190 {
191 if (rsa != NULL) RSA_free(rsa);
192 return(NULL);
193 }
194 else
195 return(rsa);
196 }
197
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
deleted file mode 100644
index 94395cc22c..0000000000
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ /dev/null
@@ -1,388 +0,0 @@
1/* crypto/rsa/rsa_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/crypto.h>
61#include "cryptlib.h"
62#include <openssl/lhash.h>
63#include <openssl/bn.h>
64#include <openssl/rsa.h>
65#include <openssl/engine.h>
66
67const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
68
69static RSA_METHOD *default_RSA_meth=NULL;
70static int rsa_meth_num=0;
71static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
72
73RSA *RSA_new(void)
74 {
75 return(RSA_new_method(NULL));
76 }
77
78void RSA_set_default_openssl_method(RSA_METHOD *meth)
79 {
80 ENGINE *e;
81 /* We'll need to notify the "openssl" ENGINE of this
82 * change too. We won't bother locking things down at
83 * our end as there was never any locking in these
84 * functions! */
85 if(default_RSA_meth != meth)
86 {
87 default_RSA_meth = meth;
88 e = ENGINE_by_id("openssl");
89 if(e)
90 {
91 ENGINE_set_RSA(e, meth);
92 ENGINE_free(e);
93 }
94 }
95 }
96
97RSA_METHOD *RSA_get_default_openssl_method(void)
98{
99 if (default_RSA_meth == NULL)
100 {
101#ifdef RSA_NULL
102 default_RSA_meth=RSA_null_method();
103#else
104#ifdef RSAref
105 default_RSA_meth=RSA_PKCS1_RSAref();
106#else
107 default_RSA_meth=RSA_PKCS1_SSLeay();
108#endif
109#endif
110 }
111
112 return default_RSA_meth;
113}
114
115RSA_METHOD *RSA_get_method(RSA *rsa)
116{
117 return ENGINE_get_RSA(rsa->engine);
118}
119
120#if 0
121RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth)
122{
123 RSA_METHOD *mtmp;
124 mtmp = rsa->meth;
125 if (mtmp->finish) mtmp->finish(rsa);
126 rsa->meth = meth;
127 if (meth->init) meth->init(rsa);
128 return mtmp;
129}
130#else
131int RSA_set_method(RSA *rsa, ENGINE *engine)
132{
133 ENGINE *mtmp;
134 RSA_METHOD *meth;
135 mtmp = rsa->engine;
136 meth = ENGINE_get_RSA(mtmp);
137 if (!ENGINE_init(engine))
138 return 0;
139 if (meth->finish) meth->finish(rsa);
140 rsa->engine = engine;
141 meth = ENGINE_get_RSA(engine);
142 if (meth->init) meth->init(rsa);
143 /* SHOULD ERROR CHECK THIS!!! */
144 ENGINE_finish(mtmp);
145 return 1;
146}
147#endif
148
149#if 0
150RSA *RSA_new_method(RSA_METHOD *meth)
151#else
152RSA *RSA_new_method(ENGINE *engine)
153#endif
154 {
155 RSA_METHOD *meth;
156 RSA *ret;
157
158 ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
159 if (ret == NULL)
160 {
161 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
162 return(NULL);
163 }
164
165 if (engine == NULL)
166 {
167 if((ret->engine=ENGINE_get_default_RSA()) == NULL)
168 {
169 OPENSSL_free(ret);
170 return NULL;
171 }
172 }
173 else
174 ret->engine=engine;
175 meth = ENGINE_get_RSA(ret->engine);
176
177 ret->pad=0;
178 ret->version=0;
179 ret->n=NULL;
180 ret->e=NULL;
181 ret->d=NULL;
182 ret->p=NULL;
183 ret->q=NULL;
184 ret->dmp1=NULL;
185 ret->dmq1=NULL;
186 ret->iqmp=NULL;
187 ret->references=1;
188 ret->_method_mod_n=NULL;
189 ret->_method_mod_p=NULL;
190 ret->_method_mod_q=NULL;
191 ret->blinding=NULL;
192 ret->bignum_data=NULL;
193 ret->flags=meth->flags;
194 CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
195 if ((meth->init != NULL) && !meth->init(ret))
196 {
197 CRYPTO_free_ex_data(rsa_meth,ret,&ret->ex_data);
198 OPENSSL_free(ret);
199 ret=NULL;
200 }
201 return(ret);
202 }
203
204void RSA_free(RSA *r)
205 {
206 RSA_METHOD *meth;
207 int i;
208
209 if (r == NULL) return;
210
211 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
212#ifdef REF_PRINT
213 REF_PRINT("RSA",r);
214#endif
215 if (i > 0) return;
216#ifdef REF_CHECK
217 if (i < 0)
218 {
219 fprintf(stderr,"RSA_free, bad reference count\n");
220 abort();
221 }
222#endif
223
224 meth = ENGINE_get_RSA(r->engine);
225 if (meth->finish != NULL)
226 meth->finish(r);
227 ENGINE_finish(r->engine);
228
229 CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
230
231 if (r->n != NULL) BN_clear_free(r->n);
232 if (r->e != NULL) BN_clear_free(r->e);
233 if (r->d != NULL) BN_clear_free(r->d);
234 if (r->p != NULL) BN_clear_free(r->p);
235 if (r->q != NULL) BN_clear_free(r->q);
236 if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
237 if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
238 if (r->iqmp != NULL) BN_clear_free(r->iqmp);
239 if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
240 if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
241 OPENSSL_free(r);
242 }
243
244int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
245 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
246 {
247 rsa_meth_num++;
248 return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
249 &rsa_meth,argl,argp,new_func,dup_func,free_func));
250 }
251
252int RSA_set_ex_data(RSA *r, int idx, void *arg)
253 {
254 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
255 }
256
257void *RSA_get_ex_data(RSA *r, int idx)
258 {
259 return(CRYPTO_get_ex_data(&r->ex_data,idx));
260 }
261
262int RSA_size(RSA *r)
263 {
264 return(BN_num_bytes(r->n));
265 }
266
267int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to,
268 RSA *rsa, int padding)
269 {
270 return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen,
271 from, to, rsa, padding));
272 }
273
274int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to,
275 RSA *rsa, int padding)
276 {
277 return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen,
278 from, to, rsa, padding));
279 }
280
281int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to,
282 RSA *rsa, int padding)
283 {
284 return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen,
285 from, to, rsa, padding));
286 }
287
288int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to,
289 RSA *rsa, int padding)
290 {
291 return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen,
292 from, to, rsa, padding));
293 }
294
295int RSA_flags(RSA *r)
296 {
297 return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags);
298 }
299
300void RSA_blinding_off(RSA *rsa)
301 {
302 if (rsa->blinding != NULL)
303 {
304 BN_BLINDING_free(rsa->blinding);
305 rsa->blinding=NULL;
306 }
307 rsa->flags&= ~RSA_FLAG_BLINDING;
308 }
309
310int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
311 {
312 BIGNUM *A,*Ai;
313 BN_CTX *ctx;
314 int ret=0;
315
316 if (p_ctx == NULL)
317 {
318 if ((ctx=BN_CTX_new()) == NULL) goto err;
319 }
320 else
321 ctx=p_ctx;
322
323 if (rsa->blinding != NULL)
324 BN_BLINDING_free(rsa->blinding);
325
326 BN_CTX_start(ctx);
327 A = BN_CTX_get(ctx);
328 if (!BN_rand_range(A,rsa->n)) goto err;
329 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
330
331 if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A,
332 rsa->e,rsa->n,ctx,rsa->_method_mod_n))
333 goto err;
334 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
335 rsa->flags|=RSA_FLAG_BLINDING;
336 BN_free(Ai);
337 ret=1;
338err:
339 BN_CTX_end(ctx);
340 if (ctx != p_ctx) BN_CTX_free(ctx);
341 return(ret);
342 }
343
344int RSA_memory_lock(RSA *r)
345 {
346 int i,j,k,off;
347 char *p;
348 BIGNUM *bn,**t[6],*b;
349 BN_ULONG *ul;
350
351 if (r->d == NULL) return(1);
352 t[0]= &r->d;
353 t[1]= &r->p;
354 t[2]= &r->q;
355 t[3]= &r->dmp1;
356 t[4]= &r->dmq1;
357 t[5]= &r->iqmp;
358 k=sizeof(BIGNUM)*6;
359 off=k/sizeof(BN_ULONG)+1;
360 j=1;
361 for (i=0; i<6; i++)
362 j+= (*t[i])->top;
363 if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
364 {
365 RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
366 return(0);
367 }
368 bn=(BIGNUM *)p;
369 ul=(BN_ULONG *)&(p[off]);
370 for (i=0; i<6; i++)
371 {
372 b= *(t[i]);
373 *(t[i])= &(bn[i]);
374 memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
375 bn[i].flags=BN_FLG_STATIC_DATA;
376 bn[i].d=ul;
377 memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
378 ul+=b->top;
379 BN_clear_free(b);
380 }
381
382 /* I should fix this so it can still be done */
383 r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
384
385 r->bignum_data=p;
386 return(1);
387 }
388
diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c
deleted file mode 100644
index f22fce5016..0000000000
--- a/src/lib/libcrypto/rsa/rsa_none.c
+++ /dev/null
@@ -1,98 +0,0 @@
1/* crypto/rsa/rsa_none.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/rand.h>
64
65int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from,
66 int flen)
67 {
68 if (flen > tlen)
69 {
70 RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
71 return(0);
72 }
73
74 if (flen < tlen)
75 {
76 RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
77 return(0);
78 }
79
80 memcpy(to,from,(unsigned int)flen);
81 return(1);
82 }
83
84int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from,
85 int flen, int num)
86 {
87
88 if (flen > tlen)
89 {
90 RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
91 return(-1);
92 }
93
94 memset(to,0,tlen-flen);
95 memcpy(to+tlen-flen,from,flen);
96 return(tlen);
97 }
98
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
deleted file mode 100644
index 1849e55cd5..0000000000
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ /dev/null
@@ -1,168 +0,0 @@
1/* crypto/rsa/rsa_oaep.c */
2/* Written by Ulf Moeller. This software is distributed on an "AS IS"
3 basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
4
5/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
6
7#if !defined(NO_SHA) && !defined(NO_SHA1)
8#include <stdio.h>
9#include "cryptlib.h"
10#include <openssl/bn.h>
11#include <openssl/rsa.h>
12#include <openssl/sha.h>
13#include <openssl/rand.h>
14
15int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen);
16
17int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
18 unsigned char *from, int flen, unsigned char *param, int plen)
19 {
20 int i, emlen = tlen - 1;
21 unsigned char *db, *seed;
22 unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
23
24 if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1)
25 {
26 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
27 RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
28 return (0);
29 }
30
31 if (emlen < 2 * SHA_DIGEST_LENGTH + 1)
32 {
33 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL);
34 return (0);
35 }
36
37 dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
38 if (dbmask == NULL)
39 {
40 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
41 return (0);
42 }
43
44 to[0] = 0;
45 seed = to + 1;
46 db = to + SHA_DIGEST_LENGTH + 1;
47
48 SHA1(param, plen, db);
49 memset(db + SHA_DIGEST_LENGTH, 0,
50 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
51 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
52 memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
53 if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
54 return (0);
55#ifdef PKCS_TESTVECT
56 memcpy(seed,
57 "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
58 20);
59#endif
60
61 MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
62 for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
63 db[i] ^= dbmask[i];
64
65 MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
66 for (i = 0; i < SHA_DIGEST_LENGTH; i++)
67 seed[i] ^= seedmask[i];
68
69 OPENSSL_free(dbmask);
70 return (1);
71 }
72
73int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
74 unsigned char *from, int flen, int num, unsigned char *param,
75 int plen)
76 {
77 int i, dblen, mlen = -1;
78 unsigned char *maskeddb;
79 int lzero;
80 unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
81
82 if (--num < 2 * SHA_DIGEST_LENGTH + 1)
83 goto decoding_err;
84
85 lzero = num - flen;
86 if (lzero < 0)
87 goto decoding_err;
88 maskeddb = from - lzero + SHA_DIGEST_LENGTH;
89
90 dblen = num - SHA_DIGEST_LENGTH;
91 db = OPENSSL_malloc(dblen);
92 if (db == NULL)
93 {
94 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
95 return (-1);
96 }
97
98 MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
99 for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
100 seed[i] ^= from[i - lzero];
101
102 MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
103 for (i = 0; i < dblen; i++)
104 db[i] ^= maskeddb[i];
105
106 SHA1(param, plen, phash);
107
108 if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0)
109 goto decoding_err;
110 else
111 {
112 for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
113 if (db[i] != 0x00)
114 break;
115 if (db[i] != 0x01 || i++ >= dblen)
116 goto decoding_err;
117 else
118 {
119 mlen = dblen - i;
120 if (tlen < mlen)
121 {
122 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE);
123 mlen = -1;
124 }
125 else
126 memcpy(to, db + i, mlen);
127 }
128 }
129 OPENSSL_free(db);
130 return (mlen);
131
132decoding_err:
133 /* to avoid chosen ciphertext attacks, the error message should not reveal
134 * which kind of decoding error happened */
135 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
136 if (db != NULL) OPENSSL_free(db);
137 return -1;
138 }
139
140int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen)
141 {
142 long i, outlen = 0;
143 unsigned char cnt[4];
144 SHA_CTX c;
145 unsigned char md[SHA_DIGEST_LENGTH];
146
147 for (i = 0; outlen < len; i++)
148 {
149 cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255,
150 cnt[2] = (i >> 8) & 255, cnt[3] = i & 255;
151 SHA1_Init(&c);
152 SHA1_Update(&c, seed, seedlen);
153 SHA1_Update(&c, cnt, 4);
154 if (outlen + SHA_DIGEST_LENGTH <= len)
155 {
156 SHA1_Final(mask + outlen, &c);
157 outlen += SHA_DIGEST_LENGTH;
158 }
159 else
160 {
161 SHA1_Final(md, &c);
162 memcpy(mask + outlen, md, len - outlen);
163 outlen = len;
164 }
165 }
166 return (0);
167 }
168#endif
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c
deleted file mode 100644
index 48a32bc264..0000000000
--- a/src/lib/libcrypto/rsa/rsa_pk1.c
+++ /dev/null
@@ -1,224 +0,0 @@
1/* crypto/rsa/rsa_pk1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/rand.h>
64
65int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
66 unsigned char *from, int flen)
67 {
68 int j;
69 unsigned char *p;
70
71 if (flen > (tlen-11))
72 {
73 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
74 return(0);
75 }
76
77 p=(unsigned char *)to;
78
79 *(p++)=0;
80 *(p++)=1; /* Private Key BT (Block Type) */
81
82 /* pad out with 0xff data */
83 j=tlen-3-flen;
84 memset(p,0xff,j);
85 p+=j;
86 *(p++)='\0';
87 memcpy(p,from,(unsigned int)flen);
88 return(1);
89 }
90
91int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
92 unsigned char *from, int flen, int num)
93 {
94 int i,j;
95 unsigned char *p;
96
97 p=from;
98 if ((num != (flen+1)) || (*(p++) != 01))
99 {
100 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
101 return(-1);
102 }
103
104 /* scan over padding data */
105 j=flen-1; /* one for type. */
106 for (i=0; i<j; i++)
107 {
108 if (*p != 0xff) /* should decrypt to 0xff */
109 {
110 if (*p == 0)
111 { p++; break; }
112 else {
113 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
114 return(-1);
115 }
116 }
117 p++;
118 }
119
120 if (i == j)
121 {
122 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
123 return(-1);
124 }
125
126 if (i < 8)
127 {
128 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
129 return(-1);
130 }
131 i++; /* Skip over the '\0' */
132 j-=i;
133 if (j > tlen)
134 {
135 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
136 return(-1);
137 }
138 memcpy(to,p,(unsigned int)j);
139
140 return(j);
141 }
142
143int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
144 unsigned char *from, int flen)
145 {
146 int i,j;
147 unsigned char *p;
148
149 if (flen > (tlen-11))
150 {
151 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
152 return(0);
153 }
154
155 p=(unsigned char *)to;
156
157 *(p++)=0;
158 *(p++)=2; /* Public Key BT (Block Type) */
159
160 /* pad out with non-zero random data */
161 j=tlen-3-flen;
162
163 if (RAND_bytes(p,j) <= 0)
164 return(0);
165 for (i=0; i<j; i++)
166 {
167 if (*p == '\0')
168 do {
169 if (RAND_bytes(p,1) <= 0)
170 return(0);
171 } while (*p == '\0');
172 p++;
173 }
174
175 *(p++)='\0';
176
177 memcpy(p,from,(unsigned int)flen);
178 return(1);
179 }
180
181int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
182 unsigned char *from, int flen, int num)
183 {
184 int i,j;
185 unsigned char *p;
186
187 p=from;
188 if ((num != (flen+1)) || (*(p++) != 02))
189 {
190 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
191 return(-1);
192 }
193#ifdef PKCS1_CHECK
194 return(num-11);
195#endif
196
197 /* scan over padding data */
198 j=flen-1; /* one for type. */
199 for (i=0; i<j; i++)
200 if (*(p++) == 0) break;
201
202 if (i == j)
203 {
204 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
205 return(-1);
206 }
207
208 if (i < 8)
209 {
210 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
211 return(-1);
212 }
213 i++; /* Skip over the '\0' */
214 j-=i;
215 if (j > tlen)
216 {
217 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
218 return(-1);
219 }
220 memcpy(to,p,(unsigned int)j);
221
222 return(j);
223 }
224
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
deleted file mode 100644
index c77f4381ff..0000000000
--- a/src/lib/libcrypto/rsa/rsa_saos.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* crypto/rsa/rsa_saos.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
67 unsigned char *sigret, unsigned int *siglen, RSA *rsa)
68 {
69 ASN1_OCTET_STRING sig;
70 int i,j,ret=1;
71 unsigned char *p,*s;
72
73 sig.type=V_ASN1_OCTET_STRING;
74 sig.length=m_len;
75 sig.data=m;
76
77 i=i2d_ASN1_OCTET_STRING(&sig,NULL);
78 j=RSA_size(rsa);
79 if ((i-RSA_PKCS1_PADDING) > j)
80 {
81 RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
82 return(0);
83 }
84 s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
85 if (s == NULL)
86 {
87 RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
88 return(0);
89 }
90 p=s;
91 i2d_ASN1_OCTET_STRING(&sig,&p);
92 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
93 if (i <= 0)
94 ret=0;
95 else
96 *siglen=i;
97
98 memset(s,0,(unsigned int)j+1);
99 OPENSSL_free(s);
100 return(ret);
101 }
102
103int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m,
104 unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
105 RSA *rsa)
106 {
107 int i,ret=0;
108 unsigned char *p,*s;
109 ASN1_OCTET_STRING *sig=NULL;
110
111 if (siglen != (unsigned int)RSA_size(rsa))
112 {
113 RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
114 return(0);
115 }
116
117 s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
118 if (s == NULL)
119 {
120 RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
121 goto err;
122 }
123 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
124
125 if (i <= 0) goto err;
126
127 p=s;
128 sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
129 if (sig == NULL) goto err;
130
131 if ( ((unsigned int)sig->length != m_len) ||
132 (memcmp(m,sig->data,m_len) != 0))
133 {
134 RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
135 }
136 else
137 ret=1;
138err:
139 if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
140 memset(s,0,(unsigned int)siglen);
141 OPENSSL_free(s);
142 return(ret);
143 }
144
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
deleted file mode 100644
index cf00876292..0000000000
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ /dev/null
@@ -1,224 +0,0 @@
1/* crypto/rsa/rsa_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65#include <openssl/engine.h>
66
67/* Size of an SSL signature: MD5+SHA1 */
68#define SSL_SIG_LENGTH 36
69
70int RSA_sign(int type, unsigned char *m, unsigned int m_len,
71 unsigned char *sigret, unsigned int *siglen, RSA *rsa)
72 {
73 X509_SIG sig;
74 ASN1_TYPE parameter;
75 int i,j,ret=1;
76 unsigned char *p,*s = NULL;
77 X509_ALGOR algor;
78 ASN1_OCTET_STRING digest;
79 if(rsa->flags & RSA_FLAG_SIGN_VER)
80 return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
81 m, m_len, sigret, siglen, rsa);
82 /* Special case: SSL signature, just check the length */
83 if(type == NID_md5_sha1) {
84 if(m_len != SSL_SIG_LENGTH) {
85 RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
86 return(0);
87 }
88 i = SSL_SIG_LENGTH;
89 s = m;
90 } else {
91 sig.algor= &algor;
92 sig.algor->algorithm=OBJ_nid2obj(type);
93 if (sig.algor->algorithm == NULL)
94 {
95 RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
96 return(0);
97 }
98 if (sig.algor->algorithm->length == 0)
99 {
100 RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
101 return(0);
102 }
103 parameter.type=V_ASN1_NULL;
104 parameter.value.ptr=NULL;
105 sig.algor->parameter= &parameter;
106
107 sig.digest= &digest;
108 sig.digest->data=m;
109 sig.digest->length=m_len;
110
111 i=i2d_X509_SIG(&sig,NULL);
112 }
113 j=RSA_size(rsa);
114 if ((i-RSA_PKCS1_PADDING) > j)
115 {
116 RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
117 return(0);
118 }
119 if(type != NID_md5_sha1) {
120 s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
121 if (s == NULL)
122 {
123 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
124 return(0);
125 }
126 p=s;
127 i2d_X509_SIG(&sig,&p);
128 }
129 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
130 if (i <= 0)
131 ret=0;
132 else
133 *siglen=i;
134
135 if(type != NID_md5_sha1) {
136 memset(s,0,(unsigned int)j+1);
137 OPENSSL_free(s);
138 }
139 return(ret);
140 }
141
142int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
143 unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
144 {
145 int i,ret=0,sigtype;
146 unsigned char *p,*s;
147 X509_SIG *sig=NULL;
148
149 if (siglen != (unsigned int)RSA_size(rsa))
150 {
151 RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
152 return(0);
153 }
154
155 if(rsa->flags & RSA_FLAG_SIGN_VER)
156 return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
157 m, m_len, sigbuf, siglen, rsa);
158
159 s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
160 if (s == NULL)
161 {
162 RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
163 goto err;
164 }
165 if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
166 RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
167 return(0);
168 }
169 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
170
171 if (i <= 0) goto err;
172
173 /* Special case: SSL signature */
174 if(dtype == NID_md5_sha1) {
175 if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
176 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
177 else ret = 1;
178 } else {
179 p=s;
180 sig=d2i_X509_SIG(NULL,&p,(long)i);
181
182 if (sig == NULL) goto err;
183 sigtype=OBJ_obj2nid(sig->algor->algorithm);
184
185
186 #ifdef RSA_DEBUG
187 /* put a backward compatibility flag in EAY */
188 fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
189 OBJ_nid2ln(dtype));
190 #endif
191 if (sigtype != dtype)
192 {
193 if (((dtype == NID_md5) &&
194 (sigtype == NID_md5WithRSAEncryption)) ||
195 ((dtype == NID_md2) &&
196 (sigtype == NID_md2WithRSAEncryption)))
197 {
198 /* ok, we will let it through */
199 #if !defined(NO_STDIO) && !defined(WIN16)
200 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
201 #endif
202 }
203 else
204 {
205 RSAerr(RSA_F_RSA_VERIFY,
206 RSA_R_ALGORITHM_MISMATCH);
207 goto err;
208 }
209 }
210 if ( ((unsigned int)sig->digest->length != m_len) ||
211 (memcmp(m,sig->digest->data,m_len) != 0))
212 {
213 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
214 }
215 else
216 ret=1;
217 }
218err:
219 if (sig != NULL) X509_SIG_free(sig);
220 memset(s,0,(unsigned int)siglen);
221 OPENSSL_free(s);
222 return(ret);
223 }
224
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c
deleted file mode 100644
index 482f4a8273..0000000000
--- a/src/lib/libcrypto/rsa/rsa_ssl.c
+++ /dev/null
@@ -1,154 +0,0 @@
1/* crypto/rsa/rsa_ssl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/rand.h>
64
65int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
66 int flen)
67 {
68 int i,j;
69 unsigned char *p;
70
71 if (flen > (tlen-11))
72 {
73 RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
74 return(0);
75 }
76
77 p=(unsigned char *)to;
78
79 *(p++)=0;
80 *(p++)=2; /* Public Key BT (Block Type) */
81
82 /* pad out with non-zero random data */
83 j=tlen-3-8-flen;
84
85 if (RAND_bytes(p,j) <= 0)
86 return(0);
87 for (i=0; i<j; i++)
88 {
89 if (*p == '\0')
90 do {
91 if (RAND_bytes(p,1) <= 0)
92 return(0);
93 } while (*p == '\0');
94 p++;
95 }
96
97 memset(p,3,8);
98 p+=8;
99 *(p++)='\0';
100
101 memcpy(p,from,(unsigned int)flen);
102 return(1);
103 }
104
105int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
106 int flen, int num)
107 {
108 int i,j,k;
109 unsigned char *p;
110
111 p=from;
112 if (flen < 10)
113 {
114 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
115 return(-1);
116 }
117 if ((num != (flen+1)) || (*(p++) != 02))
118 {
119 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
120 return(-1);
121 }
122
123 /* scan over padding data */
124 j=flen-1; /* one for type */
125 for (i=0; i<j; i++)
126 if (*(p++) == 0) break;
127
128 if ((i == j) || (i < 8))
129 {
130 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
131 return(-1);
132 }
133 for (k= -8; k<0; k++)
134 {
135 if (p[k] != 0x03) break;
136 }
137 if (k == -1)
138 {
139 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
140 return(-1);
141 }
142
143 i++; /* Skip over the '\0' */
144 j-=i;
145 if (j > tlen)
146 {
147 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
148 return(-1);
149 }
150 memcpy(to,p,(unsigned int)j);
151
152 return(j);
153 }
154
diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl
deleted file mode 100644
index fe51fd0794..0000000000
--- a/src/lib/libcrypto/sha/asm/sha1-586.pl
+++ /dev/null
@@ -1,540 +0,0 @@
1#!/usr/local/bin/perl
2
3$normal=0;
4
5push(@INC,"perlasm","../../perlasm");
6require "x86asm.pl";
7
8&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
9
10$A="eax";
11$B="ecx";
12$C="ebx";
13$D="edx";
14$E="edi";
15$T="esi";
16$tmp1="ebp";
17
18$off=9*4;
19
20@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
21
22&sha1_block_data("sha1_block_asm_data_order");
23
24&asm_finish();
25
26sub Nn
27 {
28 local($p)=@_;
29 local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
30 return($n{$p});
31 }
32
33sub Np
34 {
35 local($p)=@_;
36 local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
37 local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
38 return($n{$p});
39 }
40
41sub Na
42 {
43 local($n)=@_;
44 return( (($n )&0x0f),
45 (($n+ 2)&0x0f),
46 (($n+ 8)&0x0f),
47 (($n+13)&0x0f),
48 (($n+ 1)&0x0f));
49 }
50
51sub X_expand
52 {
53 local($in)=@_;
54
55 &comment("First, load the words onto the stack in network byte order");
56 for ($i=0; $i<16; $i+=2)
57 {
58 &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0;
59 &mov($B,&DWP(($i+1)*4,$in,"",0));
60 &bswap($A);
61 &bswap($B);
62 &mov(&swtmp($i+0),$A);
63 &mov(&swtmp($i+1),$B);
64 }
65
66 &comment("We now have the X array on the stack");
67 &comment("starting at sp-4");
68 }
69
70# Rules of engagement
71# F is always trashable at the start, the running total.
72# E becomes the next F so it can be trashed after it has been 'accumulated'
73# F becomes A in the next round. We don't need to access it much.
74# During the X update part, the result ends up in $X[$n0].
75
76sub BODY_00_15
77 {
78 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
79
80return if $n & 1;
81 &comment("00_15 $n");
82
83 &mov($f,$c);
84
85 &mov($tmp1,$a);
86 &xor($f,$d); # F2
87
88 &rotl($tmp1,5); # A2
89
90 &and($f,$b); # F3
91 &add($tmp1,$e);
92
93 &rotr($b,1); # B1 <- F
94 &mov($e,&swtmp($n)); # G1
95
96 &rotr($b,1); # B1 <- F
97 &xor($f,$d); # F4
98
99 &lea($tmp1,&DWP($K,$tmp1,$e,1));
100
101############################
102# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
103# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
104$n++;
105 local($n0,$n1,$n2,$n3,$np)=&Na($n);
106 ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
107
108 &mov($f,$c);
109
110 &add($a,$tmp1); # MOVED DOWN
111 &xor($f,$d); # F2
112
113 &mov($tmp1,$a);
114 &and($f,$b); # F3
115
116 &rotl($tmp1,5); # A2
117
118 &add($tmp1,$e);
119 &mov($e,&swtmp($n)); # G1
120
121 &rotr($b,1); # B1 <- F
122 &xor($f,$d); # F4
123
124 &rotr($b,1); # B1 <- F
125 &lea($tmp1,&DWP($K,$tmp1,$e,1));
126
127 &add($f,$tmp1);
128 }
129
130sub BODY_16_19
131 {
132 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
133 local($n0,$n1,$n2,$n3,$np)=&Na($n);
134
135return if $n & 1;
136 &comment("16_19 $n");
137
138 &nop() if ($pos < 0);
139&mov($tmp1,&swtmp($n0)); # X1
140 &mov($f,&swtmp($n1)); # X2
141&xor($f,$tmp1); # X3
142 &mov($tmp1,&swtmp($n2)); # X4
143&xor($f,$tmp1); # X5
144 &mov($tmp1,&swtmp($n3)); # X6
145&xor($f,$tmp1); # X7 - slot
146 &mov($tmp1,$c); # F1
147&rotl($f,1); # X8 - slot
148 &xor($tmp1,$d); # F2
149&mov(&swtmp($n0),$f); # X9 - anytime
150 &and($tmp1,$b); # F3
151&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
152 &xor($tmp1,$d); # F4
153&mov($e,$a); # A1
154 &add($f,$tmp1); # tot+=F();
155
156&rotl($e,5); # A2
157
158&rotr($b,1); # B1 <- F
159 &add($f,$e); # tot+=a
160
161############################
162# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
163# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
164$n++;
165 local($n0,$n1,$n2,$n3,$np)=&Na($n);
166 ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
167
168
169&mov($f,&swtmp($n0)); # X1
170 &mov($tmp1,&swtmp($n1)); # X2
171&xor($f,$tmp1); # X3
172 &mov($tmp1,&swtmp($n2)); # X4
173&xor($f,$tmp1); # X5
174 &mov($tmp1,&swtmp($n3)); # X6
175&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN
176 &xor($f,$tmp1); # X7 - slot
177&rotl($f,1); # X8 - slot
178 &mov($tmp1,$c); # F1
179&xor($tmp1,$d); # F2
180 &mov(&swtmp($n0),$f); # X9 - anytime
181&and($tmp1,$b); # F3
182 &lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
183
184&xor($tmp1,$d); # F4
185 &mov($e,$a); # A1
186
187&rotl($e,5); # A2
188
189&rotr($b,1); # B1 <- F
190 &add($f,$e); # tot+=a
191
192&rotr($b,1); # B1 <- F
193 &add($f,$tmp1); # tot+=F();
194
195 }
196
197sub BODY_20_39
198 {
199 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
200
201 &comment("20_39 $n");
202 local($n0,$n1,$n2,$n3,$np)=&Na($n);
203
204&mov($f,&swtmp($n0)); # X1
205 &mov($tmp1,&swtmp($n1)); # X2
206&xor($f,$tmp1); # X3
207 &mov($tmp1,&swtmp($n2)); # X4
208&xor($f,$tmp1); # X5
209 &mov($tmp1,&swtmp($n3)); # X6
210&xor($f,$tmp1); # X7 - slot
211 &mov($tmp1,$b); # F1
212&rotl($f,1); # X8 - slot
213 &xor($tmp1,$c); # F2
214&mov(&swtmp($n0),$f); # X9 - anytime
215 &xor($tmp1,$d); # F3
216
217&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
218 &mov($e,$a); # A1
219
220&rotl($e,5); # A2
221
222if ($n != 79) # last loop
223 {
224 &rotr($b,1); # B1 <- F
225 &add($e,$tmp1); # tmp1=F()+a
226
227 &rotr($b,1); # B2 <- F
228 &add($f,$e); # tot+=tmp1;
229 }
230else
231 {
232 &add($e,$tmp1); # tmp1=F()+a
233 &mov($tmp1,&wparam(0));
234
235 &rotr($b,1); # B1 <- F
236 &add($f,$e); # tot+=tmp1;
237
238 &rotr($b,1); # B2 <- F
239 }
240 }
241
242sub BODY_40_59
243 {
244 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
245
246 &comment("40_59 $n");
247 return if $n & 1;
248 local($n0,$n1,$n2,$n3,$np)=&Na($n);
249
250&mov($f,&swtmp($n0)); # X1
251 &mov($tmp1,&swtmp($n1)); # X2
252&xor($f,$tmp1); # X3
253 &mov($tmp1,&swtmp($n2)); # X4
254&xor($f,$tmp1); # X5
255 &mov($tmp1,&swtmp($n3)); # X6
256&xor($f,$tmp1); # X7 - slot
257 &mov($tmp1,$b); # F1
258&rotl($f,1); # X8 - slot
259 &or($tmp1,$c); # F2
260&mov(&swtmp($n0),$f); # X9 - anytime
261 &and($tmp1,$d); # F3
262
263&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
264 &mov($e,$b); # F4
265
266&rotr($b,1); # B1 <- F
267 &and($e,$c); # F5
268
269&or($tmp1,$e); # F6
270 &mov($e,$a); # A1
271
272&rotl($e,5); # A2
273
274&add($tmp1,$e); # tmp1=F()+a
275
276############################
277# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
278# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
279$n++;
280 local($n0,$n1,$n2,$n3,$np)=&Na($n);
281 ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
282
283 &mov($f,&swtmp($n0)); # X1
284&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1
285 &mov($tmp1,&swtmp($n1)); # X2
286&xor($f,$tmp1); # X3
287 &mov($tmp1,&swtmp($n2)); # X4
288&xor($f,$tmp1); # X5
289 &mov($tmp1,&swtmp($n3)); # X6
290&rotr($c,1); # B2 <- F # moved was rotr b,1
291 &xor($f,$tmp1); # X7 - slot
292&rotl($f,1); # X8 - slot
293 &mov($tmp1,$b); # F1
294&mov(&swtmp($n0),$f); # X9 - anytime
295 &or($tmp1,$c); # F2
296&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
297 &mov($e,$b); # F4
298&and($tmp1,$d); # F3
299 &and($e,$c); # F5
300
301&or($tmp1,$e); # F6
302 &mov($e,$a); # A1
303
304&rotl($e,5); # A2
305
306&rotr($b,1); # B1 <- F
307 &add($tmp1,$e); # tmp1=F()+a
308
309&rotr($b,1); # B2 <- F
310 &add($f,$tmp1); # tot+=tmp1;
311 }
312
313sub BODY_60_79
314 {
315 &BODY_20_39(@_);
316 }
317
318sub sha1_block_host
319 {
320 local($name, $sclabel)=@_;
321
322 &function_begin_B($name,"");
323
324 # parameter 1 is the MD5_CTX structure.
325 # A 0
326 # B 4
327 # C 8
328 # D 12
329 # E 16
330
331 &mov("ecx", &wparam(2));
332 &push("esi");
333 &shl("ecx",6);
334 &mov("esi", &wparam(1));
335 &push("ebp");
336 &add("ecx","esi"); # offset to leave on
337 &push("ebx");
338 &mov("ebp", &wparam(0));
339 &push("edi");
340 &mov($D, &DWP(12,"ebp","",0));
341 &stack_push(18+9);
342 &mov($E, &DWP(16,"ebp","",0));
343 &mov($C, &DWP( 8,"ebp","",0));
344 &mov(&swtmp(17),"ecx");
345
346 &comment("First we need to setup the X array");
347
348 for ($i=0; $i<16; $i+=2)
349 {
350 &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0;
351 &mov($B,&DWP(($i+1)*4,"esi","",0));
352 &mov(&swtmp($i+0),$A);
353 &mov(&swtmp($i+1),$B);
354 }
355 &jmp($sclabel);
356 &function_end_B($name);
357 }
358
359
360sub sha1_block_data
361 {
362 local($name)=@_;
363
364 &function_begin_B($name,"");
365
366 # parameter 1 is the MD5_CTX structure.
367 # A 0
368 # B 4
369 # C 8
370 # D 12
371 # E 16
372
373 &mov("ecx", &wparam(2));
374 &push("esi");
375 &shl("ecx",6);
376 &mov("esi", &wparam(1));
377 &push("ebp");
378 &add("ecx","esi"); # offset to leave on
379 &push("ebx");
380 &mov("ebp", &wparam(0));
381 &push("edi");
382 &mov($D, &DWP(12,"ebp","",0));
383 &stack_push(18+9);
384 &mov($E, &DWP(16,"ebp","",0));
385 &mov($C, &DWP( 8,"ebp","",0));
386 &mov(&swtmp(17),"ecx");
387
388 &comment("First we need to setup the X array");
389
390 &set_label("start") unless $normal;
391
392 &X_expand("esi");
393 &mov(&wparam(1),"esi");
394
395 &set_label("shortcut", 0, 1);
396 &comment("");
397 &comment("Start processing");
398
399 # odd start
400 &mov($A, &DWP( 0,"ebp","",0));
401 &mov($B, &DWP( 4,"ebp","",0));
402 $X="esp";
403 &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
404 &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
405 &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
406 &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
407 &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
408 &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
409 &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
410 &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
411 &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
412 &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
413 &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
414 &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
415 &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
416 &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
417 &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
418 &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
419 &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
420 &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
421 &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
422 &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
423
424 &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
425 &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
426 &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
427 &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
428 &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
429 &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
430 &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
431 &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
432 &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
433 &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
434 &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
435 &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
436 &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
437 &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
438 &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
439 &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
440 &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
441 &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
442 &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
443 &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
444
445 &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
446 &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
447 &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
448 &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
449 &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
450 &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
451 &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
452 &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
453 &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
454 &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
455 &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
456 &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
457 &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
458 &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
459 &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
460 &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
461 &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
462 &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
463 &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
464 &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
465
466 &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
467 &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
468 &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
469 &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
470 &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
471 &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
472 &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
473 &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
474 &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
475 &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
476 &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
477 &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
478 &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
479 &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
480 &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
481 &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
482 &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
483 &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
484 &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
485 &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
486
487 &comment("End processing");
488 &comment("");
489 # D is the tmp value
490
491 # E -> A
492 # T -> B
493 # A -> C
494 # B -> D
495 # C -> E
496 # D -> T
497
498 # The last 2 have been moved into the last loop
499 # &mov($tmp1,&wparam(0));
500
501 &mov($D, &DWP(12,$tmp1,"",0));
502 &add($D,$B);
503 &mov($B, &DWP( 4,$tmp1,"",0));
504 &add($B,$T);
505 &mov($T, $A);
506 &mov($A, &DWP( 0,$tmp1,"",0));
507 &mov(&DWP(12,$tmp1,"",0),$D);
508
509 &add($A,$E);
510 &mov($E, &DWP(16,$tmp1,"",0));
511 &add($E,$C);
512 &mov($C, &DWP( 8,$tmp1,"",0));
513 &add($C,$T);
514
515 &mov(&DWP( 0,$tmp1,"",0),$A);
516 &mov("esi",&wparam(1));
517 &mov(&DWP( 8,$tmp1,"",0),$C);
518 &add("esi",64);
519 &mov("eax",&swtmp(17));
520 &mov(&DWP(16,$tmp1,"",0),$E);
521 &cmp("esi","eax");
522 &mov(&DWP( 4,$tmp1,"",0),$B);
523 &jl(&label("start"));
524
525 &stack_pop(18+9);
526 &pop("edi");
527 &pop("ebx");
528 &pop("ebp");
529 &pop("esi");
530 &ret();
531
532 # keep a note of shortcut label so it can be used outside
533 # block.
534 my $sclabel = &label("shortcut");
535
536 &function_end_B($name);
537 # Putting this here avoids problems with MASM in debugging mode
538 &sha1_block_host("sha1_block_asm_host_order", $sclabel);
539 }
540
diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h
deleted file mode 100644
index 77f6d9695e..0000000000
--- a/src/lib/libcrypto/sha/sha.h
+++ /dev/null
@@ -1,119 +0,0 @@
1/* crypto/sha/sha.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SHA_H
60#define HEADER_SHA_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#if defined(NO_SHA) || (defined(NO_SHA0) && defined(NO_SHA1))
67#error SHA is disabled.
68#endif
69
70/*
71 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
72 * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
73 * ! SHA_LONG_LOG2 has to be defined along. !
74 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
75 */
76
77#if defined(WIN16) || defined(__LP32__)
78#define SHA_LONG unsigned long
79#elif defined(_CRAY) || defined(__ILP64__)
80#define SHA_LONG unsigned long
81#define SHA_LONG_LOG2 3
82#else
83#define SHA_LONG unsigned int
84#endif
85
86#define SHA_LBLOCK 16
87#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a
88 * contiguous array of 32 bit
89 * wide big-endian values. */
90#define SHA_LAST_BLOCK (SHA_CBLOCK-8)
91#define SHA_DIGEST_LENGTH 20
92
93typedef struct SHAstate_st
94 {
95 SHA_LONG h0,h1,h2,h3,h4;
96 SHA_LONG Nl,Nh;
97 SHA_LONG data[SHA_LBLOCK];
98 int num;
99 } SHA_CTX;
100
101#ifndef NO_SHA0
102void SHA_Init(SHA_CTX *c);
103void SHA_Update(SHA_CTX *c, const void *data, unsigned long len);
104void SHA_Final(unsigned char *md, SHA_CTX *c);
105unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md);
106void SHA_Transform(SHA_CTX *c, const unsigned char *data);
107#endif
108#ifndef NO_SHA1
109void SHA1_Init(SHA_CTX *c);
110void SHA1_Update(SHA_CTX *c, const void *data, unsigned long len);
111void SHA1_Final(unsigned char *md, SHA_CTX *c);
112unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md);
113void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
114#endif
115#ifdef __cplusplus
116}
117#endif
118
119#endif
diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c
deleted file mode 100644
index 861752eaa7..0000000000
--- a/src/lib/libcrypto/sha/sha1_one.c
+++ /dev/null
@@ -1,76 +0,0 @@
1/* crypto/sha/sha1_one.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/sha.h>
62
63#ifndef NO_SHA1
64unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md)
65 {
66 SHA_CTX c;
67 static unsigned char m[SHA_DIGEST_LENGTH];
68
69 if (md == NULL) md=m;
70 SHA1_Init(&c);
71 SHA1_Update(&c,d,n);
72 SHA1_Final(md,&c);
73 memset(&c,0,sizeof(c));
74 return(md);
75 }
76#endif
diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c
deleted file mode 100644
index c09edb4cd7..0000000000
--- a/src/lib/libcrypto/sha/sha1dgst.c
+++ /dev/null
@@ -1,73 +0,0 @@
1/* crypto/sha/sha1dgst.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#if !defined(NO_SHA1) && !defined(NO_SHA)
60
61#undef SHA_0
62#define SHA_1
63
64#include <openssl/opensslv.h>
65
66const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;
67
68/* The implementation is in ../md32_common.h */
69
70#include "sha_locl.h"
71
72#endif
73
diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h
deleted file mode 100644
index 2f8aef83f3..0000000000
--- a/src/lib/libcrypto/sha/sha_locl.h
+++ /dev/null
@@ -1,471 +0,0 @@
1/* crypto/sha/sha_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdlib.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63#include <openssl/sha.h>
64
65#ifndef SHA_LONG_LOG2
66#define SHA_LONG_LOG2 2 /* default to 32 bits */
67#endif
68
69#define DATA_ORDER_IS_BIG_ENDIAN
70
71#define HASH_LONG SHA_LONG
72#define HASH_LONG_LOG2 SHA_LONG_LOG2
73#define HASH_CTX SHA_CTX
74#define HASH_CBLOCK SHA_CBLOCK
75#define HASH_LBLOCK SHA_LBLOCK
76#define HASH_MAKE_STRING(c,s) do { \
77 unsigned long ll; \
78 ll=(c)->h0; HOST_l2c(ll,(s)); \
79 ll=(c)->h1; HOST_l2c(ll,(s)); \
80 ll=(c)->h2; HOST_l2c(ll,(s)); \
81 ll=(c)->h3; HOST_l2c(ll,(s)); \
82 ll=(c)->h4; HOST_l2c(ll,(s)); \
83 } while (0)
84
85#if defined(SHA_0)
86
87# define HASH_UPDATE SHA_Update
88# define HASH_TRANSFORM SHA_Transform
89# define HASH_FINAL SHA_Final
90# define HASH_INIT SHA_Init
91# define HASH_BLOCK_HOST_ORDER sha_block_host_order
92# define HASH_BLOCK_DATA_ORDER sha_block_data_order
93# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id))
94
95 void sha_block_host_order (SHA_CTX *c, const void *p,int num);
96 void sha_block_data_order (SHA_CTX *c, const void *p,int num);
97
98#elif defined(SHA_1)
99
100# define HASH_UPDATE SHA1_Update
101# define HASH_TRANSFORM SHA1_Transform
102# define HASH_FINAL SHA1_Final
103# define HASH_INIT SHA1_Init
104# define HASH_BLOCK_HOST_ORDER sha1_block_host_order
105# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
106# if defined(__MWERKS__) && defined(__MC68K__)
107 /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
108# define Xupdate(a,ix,ia,ib,ic,id) do { (a)=(ia^ib^ic^id); \
109 ix=(a)=ROTATE((a),1); \
110 } while (0)
111# else
112# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
113 ix=(a)=ROTATE((a),1) \
114 )
115# endif
116
117# ifdef SHA1_ASM
118# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
119# define sha1_block_host_order sha1_block_asm_host_order
120# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
121# define sha1_block_data_order sha1_block_asm_data_order
122# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
123# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order
124# endif
125# endif
126 void sha1_block_host_order (SHA_CTX *c, const void *p,int num);
127 void sha1_block_data_order (SHA_CTX *c, const void *p,int num);
128
129#else
130# error "Either SHA_0 or SHA_1 must be defined."
131#endif
132
133#include "md32_common.h"
134
135#define INIT_DATA_h0 0x67452301UL
136#define INIT_DATA_h1 0xefcdab89UL
137#define INIT_DATA_h2 0x98badcfeUL
138#define INIT_DATA_h3 0x10325476UL
139#define INIT_DATA_h4 0xc3d2e1f0UL
140
141void HASH_INIT (SHA_CTX *c)
142 {
143 c->h0=INIT_DATA_h0;
144 c->h1=INIT_DATA_h1;
145 c->h2=INIT_DATA_h2;
146 c->h3=INIT_DATA_h3;
147 c->h4=INIT_DATA_h4;
148 c->Nl=0;
149 c->Nh=0;
150 c->num=0;
151 }
152
153#define K_00_19 0x5a827999UL
154#define K_20_39 0x6ed9eba1UL
155#define K_40_59 0x8f1bbcdcUL
156#define K_60_79 0xca62c1d6UL
157
158/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
159 * simplified to the code in F_00_19. Wei attributes these optimisations
160 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
161 * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
162 * I've just become aware of another tweak to be made, again from Wei Dai,
163 * in F_40_59, (x&a)|(y&a) -> (x|y)&a
164 */
165#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
166#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
167#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
168#define F_60_79(b,c,d) F_20_39(b,c,d)
169
170#define BODY_00_15(i,a,b,c,d,e,f,xi) \
171 (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
172 (b)=ROTATE((b),30);
173
174#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
175 Xupdate(f,xi,xa,xb,xc,xd); \
176 (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
177 (b)=ROTATE((b),30);
178
179#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
180 Xupdate(f,xi,xa,xb,xc,xd); \
181 (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
182 (b)=ROTATE((b),30);
183
184#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
185 Xupdate(f,xa,xa,xb,xc,xd); \
186 (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
187 (b)=ROTATE((b),30);
188
189#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
190 Xupdate(f,xa,xa,xb,xc,xd); \
191 (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
192 (b)=ROTATE((b),30);
193
194#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
195 Xupdate(f,xa,xa,xb,xc,xd); \
196 (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
197 (b)=ROTATE((b),30);
198
199#ifdef X
200#undef X
201#endif
202#ifndef MD32_XARRAY
203 /*
204 * Originally X was an array. As it's automatic it's natural
205 * to expect RISC compiler to accomodate at least part of it in
206 * the register bank, isn't it? Unfortunately not all compilers
207 * "find" this expectation reasonable:-( On order to make such
208 * compilers generate better code I replace X[] with a bunch of
209 * X0, X1, etc. See the function body below...
210 * <appro@fy.chalmers.se>
211 */
212# define X(i) XX##i
213#else
214 /*
215 * However! Some compilers (most notably HP C) get overwhelmed by
216 * that many local variables so that we have to have the way to
217 * fall down to the original behavior.
218 */
219# define X(i) XX[i]
220#endif
221
222#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
223void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num)
224 {
225 const SHA_LONG *W=d;
226 register unsigned long A,B,C,D,E,T;
227#ifndef MD32_XARRAY
228 unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
229 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
230#else
231 SHA_LONG XX[16];
232#endif
233
234 A=c->h0;
235 B=c->h1;
236 C=c->h2;
237 D=c->h3;
238 E=c->h4;
239
240 for (;;)
241 {
242 BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
243 BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
244 BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
245 BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
246 BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
247 BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
248 BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
249 BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
250 BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
251 BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
252 BODY_00_15(10,C,D,E,T,A,B,W[10]);
253 BODY_00_15(11,B,C,D,E,T,A,W[11]);
254 BODY_00_15(12,A,B,C,D,E,T,W[12]);
255 BODY_00_15(13,T,A,B,C,D,E,W[13]);
256 BODY_00_15(14,E,T,A,B,C,D,W[14]);
257 BODY_00_15(15,D,E,T,A,B,C,W[15]);
258
259 BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
260 BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
261 BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
262 BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
263
264 BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
265 BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
266 BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
267 BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
268 BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
269 BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
270 BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
271 BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
272 BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
273 BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
274 BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
275 BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
276
277 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
278 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
279 BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
280 BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
281 BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
282 BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
283 BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
284 BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
285
286 BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
287 BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
288 BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
289 BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
290 BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
291 BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
292 BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
293 BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
294 BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
295 BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
296 BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
297 BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
298 BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
299 BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
300 BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
301 BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
302 BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
303 BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
304 BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
305 BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
306
307 BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
308 BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
309 BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
310 BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
311 BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
312 BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
313 BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
314 BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
315 BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
316 BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
317 BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
318 BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
319 BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
320 BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
321 BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
322 BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
323 BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
324 BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
325 BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
326 BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
327
328 c->h0=(c->h0+E)&0xffffffffL;
329 c->h1=(c->h1+T)&0xffffffffL;
330 c->h2=(c->h2+A)&0xffffffffL;
331 c->h3=(c->h3+B)&0xffffffffL;
332 c->h4=(c->h4+C)&0xffffffffL;
333
334 if (--num <= 0) break;
335
336 A=c->h0;
337 B=c->h1;
338 C=c->h2;
339 D=c->h3;
340 E=c->h4;
341
342 W+=SHA_LBLOCK;
343 }
344 }
345#endif
346
347#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
348void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num)
349 {
350 const unsigned char *data=p;
351 register unsigned long A,B,C,D,E,T,l;
352#ifndef MD32_XARRAY
353 unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
354 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
355#else
356 SHA_LONG XX[16];
357#endif
358
359 A=c->h0;
360 B=c->h1;
361 C=c->h2;
362 D=c->h3;
363 E=c->h4;
364
365 for (;;)
366 {
367
368 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
369 BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
370 BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
371 BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
372 BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
373 BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
374 BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
375 BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
376 BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
377 BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
378 BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
379 BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
380 BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
381 BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
382 BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
383 BODY_00_15(14,E,T,A,B,C,D,X(14));
384 BODY_00_15(15,D,E,T,A,B,C,X(15));
385
386 BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
387 BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
388 BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
389 BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
390
391 BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
392 BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
393 BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
394 BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
395 BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
396 BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
397 BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
398 BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
399 BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
400 BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
401 BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
402 BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
403
404 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
405 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
406 BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
407 BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
408 BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
409 BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
410 BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
411 BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
412
413 BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
414 BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
415 BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
416 BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
417 BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
418 BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
419 BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
420 BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
421 BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
422 BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
423 BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
424 BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
425 BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
426 BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
427 BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
428 BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
429 BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
430 BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
431 BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
432 BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
433
434 BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
435 BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
436 BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
437 BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
438 BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
439 BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
440 BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
441 BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
442 BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
443 BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
444 BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
445 BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
446 BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
447 BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
448 BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
449 BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
450 BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
451 BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
452 BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
453 BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
454
455 c->h0=(c->h0+E)&0xffffffffL;
456 c->h1=(c->h1+T)&0xffffffffL;
457 c->h2=(c->h2+A)&0xffffffffL;
458 c->h3=(c->h3+B)&0xffffffffL;
459 c->h4=(c->h4+C)&0xffffffffL;
460
461 if (--num <= 0) break;
462
463 A=c->h0;
464 B=c->h1;
465 C=c->h2;
466 D=c->h3;
467 E=c->h4;
468
469 }
470 }
471#endif
diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h
deleted file mode 100644
index 9fa63e1be5..0000000000
--- a/src/lib/libcrypto/stack/safestack.h
+++ /dev/null
@@ -1,1134 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#ifndef HEADER_SAFESTACK_H
56#define HEADER_SAFESTACK_H
57
58#include <openssl/stack.h>
59
60#ifdef DEBUG_SAFESTACK
61
62#define STACK_OF(type) struct stack_st_##type
63#define PREDECLARE_STACK_OF(type) STACK_OF(type);
64
65#define DECLARE_STACK_OF(type) \
66STACK_OF(type) \
67 { \
68 STACK stack; \
69 };
70
71#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
72
73/* SKM_sk_... stack macros are internal to safestack.h:
74 * never use them directly, use sk_<type>_... instead */
75#define SKM_sk_new(type, cmp) \
76 ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp)
77#define SKM_sk_new_null(type) \
78 ((STACK_OF(type) * (*)(void))sk_new_null)()
79#define SKM_sk_free(type, st) \
80 ((void (*)(STACK_OF(type) *))sk_free)(st)
81#define SKM_sk_num(type, st) \
82 ((int (*)(const STACK_OF(type) *))sk_num)(st)
83#define SKM_sk_value(type, st,i) \
84 ((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i)
85#define SKM_sk_set(type, st,i,val) \
86 ((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val)
87#define SKM_sk_zero(type, st) \
88 ((void (*)(STACK_OF(type) *))sk_zero)(st)
89#define SKM_sk_push(type, st,val) \
90 ((int (*)(STACK_OF(type) *, type *))sk_push)(st, val)
91#define SKM_sk_unshift(type, st,val) \
92 ((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val)
93#define SKM_sk_find(type, st,val) \
94 ((int (*)(STACK_OF(type) *, type *))sk_find)(st, val)
95#define SKM_sk_delete(type, st,i) \
96 ((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i)
97#define SKM_sk_delete_ptr(type, st,ptr) \
98 ((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr)
99#define SKM_sk_insert(type, st,val,i) \
100 ((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i)
101#define SKM_sk_set_cmp_func(type, st,cmp) \
102 ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
103 (const type * const *, const type * const *))sk_set_cmp_func)\
104 (st, cmp)
105#define SKM_sk_dup(type, st) \
106 ((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st)
107#define SKM_sk_pop_free(type, st,free_func) \
108 ((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\
109 (st, free_func)
110#define SKM_sk_shift(type, st) \
111 ((type * (*)(STACK_OF(type) *))sk_shift)(st)
112#define SKM_sk_pop(type, st) \
113 ((type * (*)(STACK_OF(type) *))sk_pop)(st)
114#define SKM_sk_sort(type, st) \
115 ((void (*)(STACK_OF(type) *))sk_sort)(st)
116
117#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
118 ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \
119 type *(*)(type **, unsigned char **,long), \
120 void (*)(type *), int ,int )) d2i_ASN1_SET) \
121 (st,pp,length, d2i_func, free_func, ex_tag,ex_class)
122#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
123 ((int (*)(STACK_OF(type) *,unsigned char **, \
124 int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \
125 (st,pp,i2d_func,ex_tag,ex_class,is_set)
126
127#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
128 ((unsigned char *(*)(STACK_OF(type) *, \
129 int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \
130 (st, i2d_func, buf, len)
131#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
132 ((STACK_OF(type) * (*)(unsigned char *,int, \
133 type *(*)(type **,unsigned char **, long), \
134 void (*)(type *)))ASN1_seq_unpack) \
135 (buf,len,d2i_func, free_func)
136
137#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
138 ((STACK_OF(type) * (*)(X509_ALGOR *, \
139 type *(*)(type **, unsigned char **, long), void (*)(type *), \
140 const char *, int, \
141 ASN1_STRING *, int))PKCS12_decrypt_d2i) \
142 (algor,d2i_func,free_func,pass,passlen,oct,seq)
143
144#else
145
146#define STACK_OF(type) STACK
147#define PREDECLARE_STACK_OF(type) /* nada */
148#define DECLARE_STACK_OF(type) /* nada */
149#define IMPLEMENT_STACK_OF(type) /* nada */
150
151#define SKM_sk_new(type, cmp) \
152 sk_new((int (*)(const char * const *, const char * const *))(cmp))
153#define SKM_sk_new_null(type) \
154 sk_new_null()
155#define SKM_sk_free(type, st) \
156 sk_free(st)
157#define SKM_sk_num(type, st) \
158 sk_num(st)
159#define SKM_sk_value(type, st,i) \
160 ((type *)sk_value(st, i))
161#define SKM_sk_set(type, st,i,val) \
162 ((type *)sk_set(st, i,(char *)val))
163#define SKM_sk_zero(type, st) \
164 sk_zero(st)
165#define SKM_sk_push(type, st,val) \
166 sk_push(st, (char *)val)
167#define SKM_sk_unshift(type, st,val) \
168 sk_unshift(st, val)
169#define SKM_sk_find(type, st,val) \
170 sk_find(st, (char *)val)
171#define SKM_sk_delete(type, st,i) \
172 ((type *)sk_delete(st, i))
173#define SKM_sk_delete_ptr(type, st,ptr) \
174 ((type *)sk_delete_ptr(st,(char *)ptr))
175#define SKM_sk_insert(type, st,val,i) \
176 sk_insert(st, (char *)val, i)
177#define SKM_sk_set_cmp_func(type, st,cmp) \
178 ((int (*)(const type * const *,const type * const *)) \
179 sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp)))
180#define SKM_sk_dup(type, st) \
181 sk_dup(st)
182#define SKM_sk_pop_free(type, st,free_func) \
183 sk_pop_free(st, (void (*)(void *))free_func)
184#define SKM_sk_shift(type, st) \
185 ((type *)sk_shift(st))
186#define SKM_sk_pop(type, st) \
187 ((type *)sk_pop(st))
188#define SKM_sk_sort(type, st) \
189 sk_sort(st)
190
191#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
192 d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class)
193#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
194 i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set)
195
196#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
197 ASN1_seq_pack(st, i2d_func, buf, len)
198#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
199 ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func)
200
201#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
202 ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq))
203
204#endif
205
206/* This block of defines is updated by util/mkstack.pl, please do not touch! */
207#define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st))
208#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
209#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
210#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
211#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
212#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
213#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
214#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
215#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
216#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
217#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
218#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
219#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
220#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
221#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
222#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
223#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
224#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
225#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
226
227#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
228#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
229#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
230#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
231#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
232#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
233#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
234#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
235#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
236#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
237#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
238#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
239#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
240#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
241#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
242#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
243#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
244#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
245#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
246
247#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st))
248#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
249#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
250#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
251#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
252#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
253#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
254#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
255#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
256#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
257#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
258#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
259#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
260#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
261#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
262#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
263#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
264#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
265#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
266
267#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st))
268#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
269#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
270#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
271#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
272#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
273#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
274#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
275#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
276#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
277#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
278#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
279#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
280#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
281#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
282#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
283#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
284#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
285#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
286
287#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st))
288#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
289#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
290#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
291#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
292#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
293#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
294#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
295#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
296#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
297#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
298#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
299#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
300#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
301#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
302#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
303#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
304#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
305#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
306
307#define sk_BIO_new(st) SKM_sk_new(BIO, (st))
308#define sk_BIO_new_null() SKM_sk_new_null(BIO)
309#define sk_BIO_free(st) SKM_sk_free(BIO, (st))
310#define sk_BIO_num(st) SKM_sk_num(BIO, (st))
311#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
312#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
313#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
314#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
315#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
316#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
317#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
318#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
319#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
320#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
321#define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
322#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
323#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
324#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
325#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
326
327#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st))
328#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
329#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
330#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
331#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
332#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
333#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
334#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
335#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
336#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
337#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
338#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
339#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
340#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
341#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
342#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
343#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
344#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
345#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
346
347#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st))
348#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
349#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
350#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
351#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
352#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
353#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
354#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
355#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
356#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
357#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
358#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
359#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
360#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
361#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
362#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
363#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
364#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
365#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
366
367#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
368#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
369#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
370#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
371#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
372#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
373#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
374#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
375#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
376#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
377#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
378#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
379#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
380#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
381#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
382#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
383#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
384#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
385#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
386
387#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
388#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
389#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
390#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
391#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
392#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
393#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
394#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
395#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
396#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
397#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
398#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
399#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
400#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
401#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
402#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
403#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
404#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
405#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
406
407#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st))
408#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
409#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
410#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
411#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
412#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
413#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
414#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
415#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
416#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
417#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
418#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
419#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
420#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
421#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
422#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
423#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
424#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
425#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
426
427#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st))
428#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
429#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
430#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
431#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
432#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
433#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
434#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
435#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
436#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
437#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
438#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
439#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
440#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
441#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
442#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
443#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
444#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
445#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
446
447#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st))
448#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
449#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
450#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
451#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
452#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
453#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
454#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
455#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
456#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
457#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
458#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
459#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
460#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
461#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
462#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
463#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
464#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
465#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
466
467#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st))
468#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
469#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
470#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
471#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
472#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
473#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
474#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
475#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
476#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
477#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
478#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
479#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
480#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
481#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
482#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
483#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
484#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
485#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
486
487#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st))
488#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
489#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
490#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
491#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
492#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
493#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
494#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
495#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
496#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
497#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
498#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
499#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
500#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
501#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
502#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
503#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
504#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
505#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
506
507#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st))
508#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
509#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
510#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
511#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
512#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
513#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
514#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
515#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
516#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
517#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
518#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
519#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
520#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
521#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
522#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
523#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
524#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
525#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
526
527#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st))
528#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
529#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
530#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
531#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
532#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
533#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
534#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
535#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
536#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
537#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
538#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
539#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
540#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
541#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
542#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
543#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
544#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
545#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
546
547#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st))
548#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
549#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
550#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
551#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
552#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
553#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
554#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
555#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
556#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
557#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
558#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
559#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
560#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
561#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
562#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
563#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
564#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
565#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
566
567#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st))
568#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
569#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
570#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
571#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
572#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
573#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
574#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
575#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
576#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
577#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
578#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
579#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
580#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
581#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
582#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
583#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
584#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
585#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
586
587#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st))
588#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
589#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
590#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
591#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
592#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
593#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
594#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
595#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
596#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
597#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
598#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
599#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
600#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
601#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
602#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
603#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
604#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
605#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
606
607#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st))
608#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
609#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
610#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
611#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
612#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
613#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
614#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
615#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
616#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
617#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
618#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
619#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
620#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
621#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
622#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
623#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
624#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
625#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
626
627#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st))
628#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
629#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
630#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
631#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
632#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
633#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
634#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
635#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
636#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
637#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
638#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
639#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
640#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
641#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
642#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
643#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
644#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
645#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
646
647#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st))
648#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
649#define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
650#define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
651#define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
652#define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
653#define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
654#define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
655#define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
656#define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
657#define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
658#define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
659#define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
660#define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
661#define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
662#define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
663#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
664#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
665#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
666
667#define sk_X509_new(st) SKM_sk_new(X509, (st))
668#define sk_X509_new_null() SKM_sk_new_null(X509)
669#define sk_X509_free(st) SKM_sk_free(X509, (st))
670#define sk_X509_num(st) SKM_sk_num(X509, (st))
671#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
672#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
673#define sk_X509_zero(st) SKM_sk_zero(X509, (st))
674#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
675#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
676#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
677#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
678#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
679#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
680#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
681#define sk_X509_dup(st) SKM_sk_dup(X509, st)
682#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
683#define sk_X509_shift(st) SKM_sk_shift(X509, (st))
684#define sk_X509_pop(st) SKM_sk_pop(X509, (st))
685#define sk_X509_sort(st) SKM_sk_sort(X509, (st))
686
687#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st))
688#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
689#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
690#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
691#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
692#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
693#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
694#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
695#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
696#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
697#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
698#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
699#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
700#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
701#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
702#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
703#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
704#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
705#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
706
707#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st))
708#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
709#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
710#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
711#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
712#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
713#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
714#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
715#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
716#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
717#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
718#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
719#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
720#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
721#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
722#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
723#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
724#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
725#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
726
727#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st))
728#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
729#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
730#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
731#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
732#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
733#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
734#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
735#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
736#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
737#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
738#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
739#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
740#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
741#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
742#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
743#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
744#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
745#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
746
747#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st))
748#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
749#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
750#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
751#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
752#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
753#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
754#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
755#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
756#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
757#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
758#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
759#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
760#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
761#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
762#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
763#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
764#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
765#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
766
767#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st))
768#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
769#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
770#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
771#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
772#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
773#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
774#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
775#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
776#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
777#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
778#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
779#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
780#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
781#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
782#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
783#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
784#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
785#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
786
787#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st))
788#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
789#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
790#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
791#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
792#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
793#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
794#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
795#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
796#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
797#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
798#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
799#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
800#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
801#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
802#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
803#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
804#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
805#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
806
807#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st))
808#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
809#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
810#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
811#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
812#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
813#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
814#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
815#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
816#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
817#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
818#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
819#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
820#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
821#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
822#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
823#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
824#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
825#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
826
827#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st))
828#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
829#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
830#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
831#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
832#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
833#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
834#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
835#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
836#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
837#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
838#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
839#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
840#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
841#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
842#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
843#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
844#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
845#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
846
847#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st))
848#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
849#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
850#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
851#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
852#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
853#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
854#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
855#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
856#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
857#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
858#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
859#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
860#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
861#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
862#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
863#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
864#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
865#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
866
867#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st))
868#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
869#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
870#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
871#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
872#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
873#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
874#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
875#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
876#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
877#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
878#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
879#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
880#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
881#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
882#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
883#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
884#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
885#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
886
887#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st))
888#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
889#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
890#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
891#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
892#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
893#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
894#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
895#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
896#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
897#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
898#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
899#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
900#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
901#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
902#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
903#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
904#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
905#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
906
907#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st))
908#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
909#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
910#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
911#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
912#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
913#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
914#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
915#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
916#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
917#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
918#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
919#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
920#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
921#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
922#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
923#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
924#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
925#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
926
927#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st))
928#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
929#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
930#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
931#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
932#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
933#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
934#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
935#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
936#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
937#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
938#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
939#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
940#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
941#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
942#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
943#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
944#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
945#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
946
947#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
948 SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
949#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
950 SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
951#define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \
952 SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
953#define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
954 SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
955
956#define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
957 SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
958#define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
959 SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
960#define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \
961 SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
962#define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
963 SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
964
965#define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
966 SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
967#define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
968 SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
969#define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \
970 SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
971#define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
972 SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
973
974#define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
975 SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
976#define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
977 SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
978#define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \
979 SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
980#define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
981 SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
982
983#define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
984 SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
985#define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
986 SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
987#define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \
988 SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
989#define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
990 SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
991
992#define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
993 SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
994#define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
995 SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
996#define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \
997 SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
998#define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
999 SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
1000
1001#define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1002 SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1003#define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1004 SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1005#define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \
1006 SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
1007#define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
1008 SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
1009
1010#define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1011 SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1012#define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1013 SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1014#define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \
1015 SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
1016#define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
1017 SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
1018
1019#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1020 SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1021#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1022 SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1023#define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \
1024 SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
1025#define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
1026 SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
1027
1028#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1029 SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1030#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1031 SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1032#define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \
1033 SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
1034#define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
1035 SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
1036
1037#define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1038 SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1039#define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1040 SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1041#define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \
1042 SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
1043#define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
1044 SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
1045
1046#define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1047 SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1048#define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1049 SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1050#define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \
1051 SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
1052#define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
1053 SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
1054
1055#define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1056 SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1057#define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1058 SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1059#define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \
1060 SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
1061#define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
1062 SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
1063
1064#define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1065 SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1066#define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1067 SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1068#define ASN1_seq_pack_X509(st, i2d_func, buf, len) \
1069 SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
1070#define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
1071 SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
1072
1073#define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1074 SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1075#define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1076 SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1077#define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \
1078 SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
1079#define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
1080 SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
1081
1082#define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1083 SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1084#define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1085 SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1086#define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \
1087 SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
1088#define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
1089 SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
1090
1091#define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1092 SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1093#define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1094 SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1095#define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \
1096 SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
1097#define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
1098 SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
1099
1100#define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1101 SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1102#define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1103 SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1104#define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \
1105 SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
1106#define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
1107 SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
1108
1109#define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1110 SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1111#define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1112 SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1113#define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \
1114 SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
1115#define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
1116 SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
1117
1118#define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
1119 SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
1120#define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
1121 SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
1122#define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \
1123 SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
1124#define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
1125 SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
1126
1127#define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
1128 SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
1129
1130#define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
1131 SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
1132/* End of util/mkstack.pl block, you may now edit :-) */
1133
1134#endif /* !defined HEADER_SAFESTACK_H */
diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c
deleted file mode 100644
index 02857f0446..0000000000
--- a/src/lib/libcrypto/stack/stack.c
+++ /dev/null
@@ -1,332 +0,0 @@
1/* crypto/stack/stack.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Code for stacks
60 * Author - Eric Young v 1.0
61 * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
62 * lowest index for the searched item.
63 *
64 * 1.1 eay - Take from netdb and added to SSLeay
65 *
66 * 1.0 eay - First version 29/07/92
67 */
68#include <stdio.h>
69#include "cryptlib.h"
70#include <openssl/stack.h>
71
72#undef MIN_NODES
73#define MIN_NODES 4
74
75const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT;
76
77#include <errno.h>
78
79int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *)))
80 (const char * const *, const char * const *)
81 {
82 int (*old)(const char * const *,const char * const *)=sk->comp;
83
84 if (sk->comp != c)
85 sk->sorted=0;
86 sk->comp=c;
87
88 return old;
89 }
90
91STACK *sk_dup(STACK *sk)
92 {
93 STACK *ret;
94 char **s;
95
96 if ((ret=sk_new(sk->comp)) == NULL) goto err;
97 s=(char **)OPENSSL_realloc((char *)ret->data,
98 (unsigned int)sizeof(char *)*sk->num_alloc);
99 if (s == NULL) goto err;
100 ret->data=s;
101
102 ret->num=sk->num;
103 memcpy(ret->data,sk->data,sizeof(char *)*sk->num);
104 ret->sorted=sk->sorted;
105 ret->num_alloc=sk->num_alloc;
106 ret->comp=sk->comp;
107 return(ret);
108err:
109 return(NULL);
110 }
111
112STACK *sk_new_null(void)
113 {
114 return sk_new((int (*)(const char * const *, const char * const *))0);
115 }
116
117STACK *sk_new(int (*c)(const char * const *, const char * const *))
118 {
119 STACK *ret;
120 int i;
121
122 if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL)
123 goto err0;
124 if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL)
125 goto err1;
126 for (i=0; i<MIN_NODES; i++)
127 ret->data[i]=NULL;
128 ret->comp=c;
129 ret->num_alloc=MIN_NODES;
130 ret->num=0;
131 ret->sorted=0;
132 return(ret);
133err1:
134 OPENSSL_free(ret);
135err0:
136 return(NULL);
137 }
138
139int sk_insert(STACK *st, char *data, int loc)
140 {
141 char **s;
142
143 if(st == NULL) return 0;
144 if (st->num_alloc <= st->num+1)
145 {
146 s=(char **)OPENSSL_realloc((char *)st->data,
147 (unsigned int)sizeof(char *)*st->num_alloc*2);
148 if (s == NULL)
149 return(0);
150 st->data=s;
151 st->num_alloc*=2;
152 }
153 if ((loc >= (int)st->num) || (loc < 0))
154 st->data[st->num]=data;
155 else
156 {
157 int i;
158 char **f,**t;
159
160 f=(char **)st->data;
161 t=(char **)&(st->data[1]);
162 for (i=st->num; i>=loc; i--)
163 t[i]=f[i];
164
165#ifdef undef /* no memmove on sunos :-( */
166 memmove( (char *)&(st->data[loc+1]),
167 (char *)&(st->data[loc]),
168 sizeof(char *)*(st->num-loc));
169#endif
170 st->data[loc]=data;
171 }
172 st->num++;
173 st->sorted=0;
174 return(st->num);
175 }
176
177char *sk_delete_ptr(STACK *st, char *p)
178 {
179 int i;
180
181 for (i=0; i<st->num; i++)
182 if (st->data[i] == p)
183 return(sk_delete(st,i));
184 return(NULL);
185 }
186
187char *sk_delete(STACK *st, int loc)
188 {
189 char *ret;
190 int i,j;
191
192 if ((st == NULL) || (st->num == 0) || (loc < 0)
193 || (loc >= st->num)) return(NULL);
194
195 ret=st->data[loc];
196 if (loc != st->num-1)
197 {
198 j=st->num-1;
199 for (i=loc; i<j; i++)
200 st->data[i]=st->data[i+1];
201 /* In theory memcpy is not safe for this
202 * memcpy( &(st->data[loc]),
203 * &(st->data[loc+1]),
204 * sizeof(char *)*(st->num-loc-1));
205 */
206 }
207 st->num--;
208 return(ret);
209 }
210
211int sk_find(STACK *st, char *data)
212 {
213 char **r;
214 int i;
215 int (*comp_func)(const void *,const void *);
216 if(st == NULL) return -1;
217
218 if (st->comp == NULL)
219 {
220 for (i=0; i<st->num; i++)
221 if (st->data[i] == data)
222 return(i);
223 return(-1);
224 }
225 sk_sort(st);
226 if (data == NULL) return(-1);
227 /* This (and the "qsort" below) are the two places in OpenSSL
228 * where we need to convert from our standard (type **,type **)
229 * compare callback type to the (void *,void *) type required by
230 * bsearch. However, the "data" it is being called(back) with are
231 * not (type *) pointers, but the *pointers* to (type *) pointers,
232 * so we get our extra level of pointer dereferencing that way. */
233 comp_func=(int (*)(const void *,const void *))(st->comp);
234 r=(char **)bsearch(&data,(char *)st->data,
235 st->num,sizeof(char *), comp_func);
236 if (r == NULL) return(-1);
237 i=(int)(r-st->data);
238 for ( ; i>0; i--)
239 /* This needs a cast because the type being pointed to from
240 * the "&" expressions are (char *) rather than (const char *).
241 * For an explanation, read:
242 * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */
243 if ((*st->comp)((const char * const *)&(st->data[i-1]),
244 (const char * const *)&data) < 0)
245 break;
246 return(i);
247 }
248
249int sk_push(STACK *st, char *data)
250 {
251 return(sk_insert(st,data,st->num));
252 }
253
254int sk_unshift(STACK *st, char *data)
255 {
256 return(sk_insert(st,data,0));
257 }
258
259char *sk_shift(STACK *st)
260 {
261 if (st == NULL) return(NULL);
262 if (st->num <= 0) return(NULL);
263 return(sk_delete(st,0));
264 }
265
266char *sk_pop(STACK *st)
267 {
268 if (st == NULL) return(NULL);
269 if (st->num <= 0) return(NULL);
270 return(sk_delete(st,st->num-1));
271 }
272
273void sk_zero(STACK *st)
274 {
275 if (st == NULL) return;
276 if (st->num <= 0) return;
277 memset((char *)st->data,0,sizeof(st->data)*st->num);
278 st->num=0;
279 }
280
281void sk_pop_free(STACK *st, void (*func)(void *))
282 {
283 int i;
284
285 if (st == NULL) return;
286 for (i=0; i<st->num; i++)
287 if (st->data[i] != NULL)
288 func(st->data[i]);
289 sk_free(st);
290 }
291
292void sk_free(STACK *st)
293 {
294 if (st == NULL) return;
295 if (st->data != NULL) OPENSSL_free(st->data);
296 OPENSSL_free(st);
297 }
298
299int sk_num(const STACK *st)
300{
301 if(st == NULL) return -1;
302 return st->num;
303}
304
305char *sk_value(const STACK *st, int i)
306{
307 if(st == NULL) return NULL;
308 return st->data[i];
309}
310
311char *sk_set(STACK *st, int i, char *value)
312{
313 if(st == NULL) return NULL;
314 return (st->data[i] = value);
315}
316
317void sk_sort(STACK *st)
318 {
319 if (!st->sorted)
320 {
321 int (*comp_func)(const void *,const void *);
322
323 /* same comment as in sk_find ... previously st->comp was declared
324 * as a (void*,void*) callback type, but this made the population
325 * of the callback pointer illogical - our callbacks compare
326 * type** with type**, so we leave the casting until absolutely
327 * necessary (ie. "now"). */
328 comp_func=(int (*)(const void *,const void *))(st->comp);
329 qsort(st->data,st->num,sizeof(char *), comp_func);
330 st->sorted=1;
331 }
332 }
diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h
deleted file mode 100644
index 8b436ca4b9..0000000000
--- a/src/lib/libcrypto/stack/stack.h
+++ /dev/null
@@ -1,107 +0,0 @@
1/* crypto/stack/stack.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_STACK_H
60#define HEADER_STACK_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66typedef struct stack_st
67 {
68 int num;
69 char **data;
70 int sorted;
71
72 int num_alloc;
73 int (*comp)(const char * const *, const char * const *);
74 } STACK;
75
76#define M_sk_num(sk) ((sk) ? (sk)->num:-1)
77#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
78
79int sk_num(const STACK *);
80char *sk_value(const STACK *, int);
81
82char *sk_set(STACK *, int, char *);
83
84STACK *sk_new(int (*cmp)(const char * const *, const char * const *));
85STACK *sk_new_null(void);
86void sk_free(STACK *);
87void sk_pop_free(STACK *st, void (*func)(void *));
88int sk_insert(STACK *sk,char *data,int where);
89char *sk_delete(STACK *st,int loc);
90char *sk_delete_ptr(STACK *st, char *p);
91int sk_find(STACK *st,char *data);
92int sk_push(STACK *st,char *data);
93int sk_unshift(STACK *st,char *data);
94char *sk_shift(STACK *st);
95char *sk_pop(STACK *st);
96void sk_zero(STACK *st);
97int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
98 const char * const *)))
99 (const char * const *, const char * const *);
100STACK *sk_dup(STACK *st);
101void sk_sort(STACK *st);
102
103#ifdef __cplusplus
104}
105#endif
106
107#endif
diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c
deleted file mode 100644
index 3b04fe280c..0000000000
--- a/src/lib/libcrypto/txt_db/txt_db.c
+++ /dev/null
@@ -1,383 +0,0 @@
1/* crypto/txt_db/txt_db.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include "cryptlib.h"
63#include <openssl/buffer.h>
64#include <openssl/txt_db.h>
65
66#undef BUFSIZE
67#define BUFSIZE 512
68
69const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT;
70
71TXT_DB *TXT_DB_read(BIO *in, int num)
72 {
73 TXT_DB *ret=NULL;
74 int er=1;
75 int esc=0;
76 long ln=0;
77 int i,add,n;
78 int size=BUFSIZE;
79 int offset=0;
80 char *p,**pp,*f;
81 BUF_MEM *buf=NULL;
82
83 if ((buf=BUF_MEM_new()) == NULL) goto err;
84 if (!BUF_MEM_grow(buf,size)) goto err;
85
86 if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
87 goto err;
88 ret->num_fields=num;
89 ret->index=NULL;
90 ret->qual=NULL;
91 if ((ret->data=sk_new_null()) == NULL)
92 goto err;
93 if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL)
94 goto err;
95 if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL)
96 goto err;
97 for (i=0; i<num; i++)
98 {
99 ret->index[i]=NULL;
100 ret->qual[i]=NULL;
101 }
102
103 add=(num+1)*sizeof(char *);
104 buf->data[size-1]='\0';
105 offset=0;
106 for (;;)
107 {
108 if (offset != 0)
109 {
110 size+=BUFSIZE;
111 if (!BUF_MEM_grow(buf,size)) goto err;
112 }
113 buf->data[offset]='\0';
114 BIO_gets(in,&(buf->data[offset]),size-offset);
115 ln++;
116 if (buf->data[offset] == '\0') break;
117 if ((offset == 0) && (buf->data[0] == '#')) continue;
118 i=strlen(&(buf->data[offset]));
119 offset+=i;
120 if (buf->data[offset-1] != '\n')
121 continue;
122 else
123 {
124 buf->data[offset-1]='\0'; /* blat the '\n' */
125 p=(char *)OPENSSL_malloc(add+offset);
126 offset=0;
127 }
128 pp=(char **)p;
129 p+=add;
130 n=0;
131 pp[n++]=p;
132 i=0;
133 f=buf->data;
134
135 esc=0;
136 for (;;)
137 {
138 if (*f == '\0') break;
139 if (*f == '\t')
140 {
141 if (esc)
142 p--;
143 else
144 {
145 *(p++)='\0';
146 f++;
147 if (n >= num) break;
148 pp[n++]=p;
149 continue;
150 }
151 }
152 esc=(*f == '\\');
153 *(p++)= *(f++);
154 }
155 *(p++)='\0';
156 if ((n != num) || (*f != '\0'))
157 {
158#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */
159 fprintf(stderr,"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f);
160#endif
161 er=2;
162 goto err;
163 }
164 pp[n]=p;
165 if (!sk_push(ret->data,(char *)pp))
166 {
167#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */
168 fprintf(stderr,"failure in sk_push\n");
169#endif
170 er=2;
171 goto err;
172 }
173 }
174 er=0;
175err:
176 BUF_MEM_free(buf);
177 if (er)
178 {
179#if !defined(NO_STDIO) && !defined(WIN16)
180 if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n");
181#endif
182 if (ret->data != NULL) sk_free(ret->data);
183 if (ret->index != NULL) OPENSSL_free(ret->index);
184 if (ret->qual != NULL) OPENSSL_free(ret->qual);
185 if (ret != NULL) OPENSSL_free(ret);
186 return(NULL);
187 }
188 else
189 return(ret);
190 }
191
192char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value)
193 {
194 char **ret;
195 LHASH *lh;
196
197 if (idx >= db->num_fields)
198 {
199 db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
200 return(NULL);
201 }
202 lh=db->index[idx];
203 if (lh == NULL)
204 {
205 db->error=DB_ERROR_NO_INDEX;
206 return(NULL);
207 }
208 ret=(char **)lh_retrieve(lh,value);
209 db->error=DB_ERROR_OK;
210 return(ret);
211 }
212
213int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(),
214 unsigned long (*hash)(), int (*cmp)())
215 {
216 LHASH *idx;
217 char *r;
218 int i,n;
219
220 if (field >= db->num_fields)
221 {
222 db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
223 return(0);
224 }
225 if ((idx=lh_new(hash,cmp)) == NULL)
226 {
227 db->error=DB_ERROR_MALLOC;
228 return(0);
229 }
230 n=sk_num(db->data);
231 for (i=0; i<n; i++)
232 {
233 r=(char *)sk_value(db->data,i);
234 if ((qual != NULL) && (qual(r) == 0)) continue;
235 if ((r=lh_insert(idx,r)) != NULL)
236 {
237 db->error=DB_ERROR_INDEX_CLASH;
238 db->arg1=sk_find(db->data,r);
239 db->arg2=i;
240 lh_free(idx);
241 return(0);
242 }
243 }
244 if (db->index[field] != NULL) lh_free(db->index[field]);
245 db->index[field]=idx;
246 db->qual[field]=qual;
247 return(1);
248 }
249
250long TXT_DB_write(BIO *out, TXT_DB *db)
251 {
252 long i,j,n,nn,l,tot=0;
253 char *p,**pp,*f;
254 BUF_MEM *buf=NULL;
255 long ret= -1;
256
257 if ((buf=BUF_MEM_new()) == NULL)
258 goto err;
259 n=sk_num(db->data);
260 nn=db->num_fields;
261 for (i=0; i<n; i++)
262 {
263 pp=(char **)sk_value(db->data,i);
264
265 l=0;
266 for (j=0; j<nn; j++)
267 {
268 if (pp[j] != NULL)
269 l+=strlen(pp[j]);
270 }
271 if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err;
272
273 p=buf->data;
274 for (j=0; j<nn; j++)
275 {
276 f=pp[j];
277 if (f != NULL)
278 for (;;)
279 {
280 if (*f == '\0') break;
281 if (*f == '\t') *(p++)='\\';
282 *(p++)= *(f++);
283 }
284 *(p++)='\t';
285 }
286 p[-1]='\n';
287 j=p-buf->data;
288 if (BIO_write(out,buf->data,(int)j) != j)
289 goto err;
290 tot+=j;
291 }
292 ret=tot;
293err:
294 if (buf != NULL) BUF_MEM_free(buf);
295 return(ret);
296 }
297
298int TXT_DB_insert(TXT_DB *db, char **row)
299 {
300 int i;
301 char **r;
302
303 for (i=0; i<db->num_fields; i++)
304 {
305 if (db->index[i] != NULL)
306 {
307 if ((db->qual[i] != NULL) &&
308 (db->qual[i](row) == 0)) continue;
309 r=(char **)lh_retrieve(db->index[i],row);
310 if (r != NULL)
311 {
312 db->error=DB_ERROR_INDEX_CLASH;
313 db->arg1=i;
314 db->arg_row=r;
315 goto err;
316 }
317 }
318 }
319 /* We have passed the index checks, now just append and insert */
320 if (!sk_push(db->data,(char *)row))
321 {
322 db->error=DB_ERROR_MALLOC;
323 goto err;
324 }
325
326 for (i=0; i<db->num_fields; i++)
327 {
328 if (db->index[i] != NULL)
329 {
330 if ((db->qual[i] != NULL) &&
331 (db->qual[i](row) == 0)) continue;
332 lh_insert(db->index[i],row);
333 }
334 }
335 return(1);
336err:
337 return(0);
338 }
339
340void TXT_DB_free(TXT_DB *db)
341 {
342 int i,n;
343 char **p,*max;
344
345 if(db == NULL)
346 return;
347
348 if (db->index != NULL)
349 {
350 for (i=db->num_fields-1; i>=0; i--)
351 if (db->index[i] != NULL) lh_free(db->index[i]);
352 OPENSSL_free(db->index);
353 }
354 if (db->qual != NULL)
355 OPENSSL_free(db->qual);
356 if (db->data != NULL)
357 {
358 for (i=sk_num(db->data)-1; i>=0; i--)
359 {
360 /* check if any 'fields' have been allocated
361 * from outside of the initial block */
362 p=(char **)sk_value(db->data,i);
363 max=p[db->num_fields]; /* last address */
364 if (max == NULL) /* new row */
365 {
366 for (n=0; n<db->num_fields; n++)
367 if (p[n] != NULL) OPENSSL_free(p[n]);
368 }
369 else
370 {
371 for (n=0; n<db->num_fields; n++)
372 {
373 if (((p[n] < (char *)p) || (p[n] > max))
374 && (p[n] != NULL))
375 OPENSSL_free(p[n]);
376 }
377 }
378 OPENSSL_free(sk_value(db->data,i));
379 }
380 sk_free(db->data);
381 }
382 OPENSSL_free(db);
383 }
diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h
deleted file mode 100644
index 342533d40d..0000000000
--- a/src/lib/libcrypto/txt_db/txt_db.h
+++ /dev/null
@@ -1,108 +0,0 @@
1/* crypto/txt_db/txt_db.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_TXT_DB_H
60#define HEADER_TXT_DB_H
61
62#ifndef NO_BIO
63#include <openssl/bio.h>
64#endif
65#include <openssl/stack.h>
66#include <openssl/lhash.h>
67
68#define DB_ERROR_OK 0
69#define DB_ERROR_MALLOC 1
70#define DB_ERROR_INDEX_CLASH 2
71#define DB_ERROR_INDEX_OUT_OF_RANGE 3
72#define DB_ERROR_NO_INDEX 4
73#define DB_ERROR_INSERT_INDEX_CLASH 5
74
75#ifdef __cplusplus
76extern "C" {
77#endif
78
79typedef struct txt_db_st
80 {
81 int num_fields;
82 STACK /* char ** */ *data;
83 LHASH **index;
84 int (**qual)();
85 long error;
86 long arg1;
87 long arg2;
88 char **arg_row;
89 } TXT_DB;
90
91#ifndef NO_BIO
92TXT_DB *TXT_DB_read(BIO *in, int num);
93long TXT_DB_write(BIO *out, TXT_DB *db);
94#else
95TXT_DB *TXT_DB_read(char *in, int num);
96long TXT_DB_write(char *out, TXT_DB *db);
97#endif
98int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
99 unsigned long (*hash)(),int (*cmp)());
100void TXT_DB_free(TXT_DB *db);
101char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
102int TXT_DB_insert(TXT_DB *db,char **value);
103
104#ifdef __cplusplus
105}
106#endif
107
108#endif
diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl
deleted file mode 100644
index 7d98b5234d..0000000000
--- a/src/lib/libcrypto/util/mkerr.pl
+++ /dev/null
@@ -1,529 +0,0 @@
1#!/usr/local/bin/perl -w
2
3my $config = "crypto/err/openssl.ec";
4my $debug = 0;
5my $rebuild = 0;
6my $static = 1;
7my $recurse = 0;
8my $reindex = 0;
9my $dowrite = 0;
10
11
12while (@ARGV) {
13 my $arg = $ARGV[0];
14 if($arg eq "-conf") {
15 shift @ARGV;
16 $config = shift @ARGV;
17 } elsif($arg eq "-debug") {
18 $debug = 1;
19 shift @ARGV;
20 } elsif($arg eq "-rebuild") {
21 $rebuild = 1;
22 shift @ARGV;
23 } elsif($arg eq "-recurse") {
24 $recurse = 1;
25 shift @ARGV;
26 } elsif($arg eq "-reindex") {
27 $reindex = 1;
28 shift @ARGV;
29 } elsif($arg eq "-nostatic") {
30 $static = 0;
31 shift @ARGV;
32 } elsif($arg eq "-write") {
33 $dowrite = 1;
34 shift @ARGV;
35 } else {
36 last;
37 }
38}
39
40if($recurse) {
41 @source = (<crypto/*.c>, <crypto/*/*.c>, <rsaref/*.c>, <ssl/*.c>);
42} else {
43 @source = @ARGV;
44}
45
46# Read in the config file
47
48open(IN, "<$config") || die "Can't open config file $config";
49
50# Parse config file
51
52while(<IN>)
53{
54 if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) {
55 $hinc{$1} = $2;
56 $cskip{$3} = $1;
57 if($3 ne "NONE") {
58 $csrc{$1} = $3;
59 $fmax{$1} = 99;
60 $rmax{$1} = 99;
61 $fnew{$1} = 0;
62 $rnew{$1} = 0;
63 }
64 } elsif (/^F\s+(\S+)/) {
65 # Add extra function with $1
66 } elsif (/^R\s+(\S+)\s+(\S+)/) {
67 $rextra{$1} = $2;
68 $rcodes{$1} = $2;
69 }
70}
71
72close IN;
73
74# Scan each header file in turn and make a list of error codes
75# and function names
76
77while (($lib, $hdr) = each %hinc)
78{
79 next if($hdr eq "NONE");
80 print STDERR "Scanning header file $hdr\n" if $debug;
81 open(IN, "<$hdr") || die "Can't open Header file $hdr\n";
82 my $line = "", $def= "", $linenr = 0;
83 while(<IN>) {
84 $linenr++;
85 print STDERR "line: $linenr\r" if $debug;
86
87 last if(/BEGIN\s+ERROR\s+CODES/);
88 if ($line ne '') {
89 $_ = $line . $_;
90 $line = '';
91 }
92
93 if (/\\$/) {
94 $line = $_;
95 next;
96 }
97
98 $cpp = 1 if /^#.*ifdef.*cplusplus/; # skip "C" declaration
99 if ($cpp) {
100 $cpp = 0 if /^#.*endif/;
101 next;
102 }
103
104 next if (/^#/); # skip preprocessor directives
105
106 s/\/\*.*?\*\///gs; # ignore comments
107 s/{[^{}]*}//gs; # ignore {} blocks
108
109 if (/{|\/\*/) { # Add a } so editor works...
110 $line = $_;
111 } else {
112 $def .= $_;
113 }
114 }
115
116 print STDERR " \r" if $debug;
117 $defnr = 0;
118 foreach (split /;/, $def) {
119 $defnr++;
120 print STDERR "def: $defnr\r" if $debug;
121
122 s/^[\n\s]*//g;
123 s/[\n\s]*$//g;
124 next if(/typedef\W/);
125 if (/\(\*(\w*)\([^\)]+/) {
126 my $name = $1;
127 $name =~ tr/[a-z]/[A-Z]/;
128 $ftrans{$name} = $1;
129 } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s){
130 # K&R C
131 next ;
132 } elsif (/\w+\W+\w+\W*\(.*\)$/s) {
133 while (not /\(\)$/s) {
134 s/[^\(\)]*\)$/\)/s;
135 s/\([^\(\)]*\)\)$/\)/s;
136 }
137 s/\(void\)//;
138 /(\w+)\W*\(\)/s;
139 my $name = $1;
140 $name =~ tr/[a-z]/[A-Z]/;
141 $ftrans{$name} = $1;
142 } elsif (/\(/ and not (/=/ or /DECLARE_STACK/)) {
143 print STDERR "Header $hdr: cannot parse: $_;\n";
144 }
145 }
146
147 print STDERR " \r" if $debug;
148
149 next if $reindex;
150
151 # Scan function and reason codes and store them: keep a note of the
152 # maximum code used.
153
154 while(<IN>) {
155 if(/^#define\s+(\S+)\s+(\S+)/) {
156 $name = $1;
157 $code = $2;
158 unless($name =~ /^${lib}_([RF])_(\w+)$/) {
159 print STDERR "Invalid error code $name\n";
160 next;
161 }
162 if($1 eq "R") {
163 $rcodes{$name} = $code;
164 if(!(exists $rextra{$name}) &&
165 ($code > $rmax{$lib}) ) {
166 $rmax{$lib} = $code;
167 }
168 } else {
169 if($code > $fmax{$lib}) {
170 $fmax{$lib} = $code;
171 }
172 $fcodes{$name} = $code;
173 }
174 }
175 }
176 close IN;
177}
178
179# Scan each C source file and look for function and reason codes
180# This is done by looking for strings that "look like" function or
181# reason codes: basically anything consisting of all upper case and
182# numerics which has _F_ or _R_ in it and which has the name of an
183# error library at the start. This seems to work fine except for the
184# oddly named structure BIO_F_CTX which needs to be ignored.
185# If a code doesn't exist in list compiled from headers then mark it
186# with the value "X" as a place holder to give it a value later.
187# Store all function and reason codes found in %ufcodes and %urcodes
188# so all those unreferenced can be printed out.
189
190
191foreach $file (@source) {
192 # Don't parse the error source file.
193 next if exists $cskip{$file};
194 open(IN, "<$file") || die "Can't open source file $file\n";
195 while(<IN>) {
196 if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
197 next unless exists $csrc{$2};
198 next if($1 eq "BIO_F_BUFFER_CTX");
199 $ufcodes{$1} = 1;
200 if(!exists $fcodes{$1}) {
201 $fcodes{$1} = "X";
202 $fnew{$2}++;
203 }
204 $notrans{$1} = 1 unless exists $ftrans{$3};
205 }
206 if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
207 next unless exists $csrc{$2};
208 $urcodes{$1} = 1;
209 if(!exists $rcodes{$1}) {
210 $rcodes{$1} = "X";
211 $rnew{$2}++;
212 }
213 }
214 }
215 close IN;
216}
217
218# Now process each library in turn.
219
220foreach $lib (keys %csrc)
221{
222 my $hfile = $hinc{$lib};
223 my $cfile = $csrc{$lib};
224 if(!$fnew{$lib} && !$rnew{$lib}) {
225 print STDERR "$lib:\t\tNo new error codes\n";
226 next unless $rebuild;
227 } else {
228 print STDERR "$lib:\t\t$fnew{$lib} New Functions,";
229 print STDERR " $rnew{$lib} New Reasons.\n";
230 next unless $dowrite;
231 }
232
233 # If we get here then we have some new error codes so we
234 # need to rebuild the header file and C file.
235
236 # Make a sorted list of error and reason codes for later use.
237
238 my @function = sort grep(/^${lib}_/,keys %fcodes);
239 my @reasons = sort grep(/^${lib}_/,keys %rcodes);
240
241 # Rewrite the header file
242
243 open(IN, "<$hfile") || die "Can't Open Header File $hfile\n";
244
245 # Copy across the old file
246 while(<IN>) {
247 push @out, $_;
248 last if (/BEGIN ERROR CODES/);
249 }
250 close IN;
251
252 open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
253
254 print OUT @out;
255 undef @out;
256 print OUT <<"EOF";
257/* The following lines are auto generated by the script mkerr.pl. Any changes
258 * made after this point may be overwritten when the script is next run.
259 */
260
261/* Error codes for the $lib functions. */
262
263/* Function codes. */
264EOF
265
266 foreach $i (@function) {
267 $z=6-int(length($i)/8);
268 if($fcodes{$i} eq "X") {
269 $fcodes{$i} = ++$fmax{$lib};
270 print STDERR "New Function code $i\n" if $debug;
271 }
272 printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z;
273 }
274
275 print OUT "\n/* Reason codes. */\n";
276
277 foreach $i (@reasons) {
278 $z=6-int(length($i)/8);
279 if($rcodes{$i} eq "X") {
280 $rcodes{$i} = ++$rmax{$lib};
281 print STDERR "New Reason code $i\n" if $debug;
282 }
283 printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z;
284 }
285 print OUT <<"EOF";
286
287#ifdef __cplusplus
288}
289#endif
290#endif
291
292EOF
293 close OUT;
294
295 # Rewrite the C source file containing the error details.
296
297 # First, read any existing reason string definitions:
298 my %err_reason_strings;
299 if (open(IN,"<$cfile")) {
300 while (<IN>) {
301 if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
302 $err_reason_strings{$1} = $2;
303 }
304 }
305 close(IN);
306 }
307
308 my $hincf;
309 if($static) {
310 $hfile =~ /([^\/]+)$/;
311 $hincf = "<openssl/$1>";
312 } else {
313 $hincf = "\"$hfile\"";
314 }
315
316
317 open (OUT,">$cfile") || die "Can't open $cfile for writing";
318
319 print OUT <<"EOF";
320/* $cfile */
321/* ====================================================================
322 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
323 *
324 * Redistribution and use in source and binary forms, with or without
325 * modification, are permitted provided that the following conditions
326 * are met:
327 *
328 * 1. Redistributions of source code must retain the above copyright
329 * notice, this list of conditions and the following disclaimer.
330 *
331 * 2. Redistributions in binary form must reproduce the above copyright
332 * notice, this list of conditions and the following disclaimer in
333 * the documentation and/or other materials provided with the
334 * distribution.
335 *
336 * 3. All advertising materials mentioning features or use of this
337 * software must display the following acknowledgment:
338 * "This product includes software developed by the OpenSSL Project
339 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
340 *
341 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
342 * endorse or promote products derived from this software without
343 * prior written permission. For written permission, please contact
344 * openssl-core\@OpenSSL.org.
345 *
346 * 5. Products derived from this software may not be called "OpenSSL"
347 * nor may "OpenSSL" appear in their names without prior written
348 * permission of the OpenSSL Project.
349 *
350 * 6. Redistributions of any form whatsoever must retain the following
351 * acknowledgment:
352 * "This product includes software developed by the OpenSSL Project
353 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
354 *
355 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
356 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
357 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
358 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
359 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
360 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
361 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
362 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
363 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
364 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
365 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
366 * OF THE POSSIBILITY OF SUCH DAMAGE.
367 * ====================================================================
368 *
369 * This product includes cryptographic software written by Eric Young
370 * (eay\@cryptsoft.com). This product includes software written by Tim
371 * Hudson (tjh\@cryptsoft.com).
372 *
373 */
374
375/* NOTE: this file was auto generated by the mkerr.pl script: any changes
376 * made to it will be overwritten when the script next updates this file,
377 * only reason strings will be preserved.
378 */
379
380#include <stdio.h>
381#include <openssl/err.h>
382#include $hincf
383
384/* BEGIN ERROR CODES */
385#ifndef NO_ERR
386static ERR_STRING_DATA ${lib}_str_functs[]=
387 {
388EOF
389 # Add each function code: if a function name is found then use it.
390 foreach $i (@function) {
391 my $fn;
392 $i =~ /^${lib}_F_(\S+)$/;
393 $fn = $1;
394 if(exists $ftrans{$fn}) {
395 $fn = $ftrans{$fn};
396 }
397 print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n";
398 }
399 print OUT <<"EOF";
400{0,NULL}
401 };
402
403static ERR_STRING_DATA ${lib}_str_reasons[]=
404 {
405EOF
406 # Add each reason code.
407 foreach $i (@reasons) {
408 my $rn;
409 my $nspc = 0;
410 if (exists $err_reason_strings{$i}) {
411 $rn = $err_reason_strings{$i};
412 } else {
413 $i =~ /^${lib}_R_(\S+)$/;
414 $rn = $1;
415 $rn =~ tr/_[A-Z]/ [a-z]/;
416 }
417 $nspc = 40 - length($i) unless length($i) > 40;
418 $nspc = " " x $nspc;
419 print OUT "{${i}${nspc},\"$rn\"},\n";
420 }
421if($static) {
422 print OUT <<"EOF";
423{0,NULL}
424 };
425
426#endif
427
428void ERR_load_${lib}_strings(void)
429 {
430 static int init=1;
431
432 if (init)
433 {
434 init=0;
435#ifndef NO_ERR
436 ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs);
437 ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons);
438#endif
439
440 }
441 }
442EOF
443} else {
444 print OUT <<"EOF";
445{0,NULL}
446 };
447
448#endif
449
450#ifdef ${lib}_LIB_NAME
451static ERR_STRING_DATA ${lib}_lib_name[]=
452 {
453{0 ,${lib}_LIB_NAME},
454{0,NULL}
455 };
456#endif
457
458
459int ${lib}_lib_error_code=0;
460
461void ERR_load_${lib}_strings(void)
462 {
463 static int init=1;
464
465 if (${lib}_lib_error_code == 0)
466 ${lib}_lib_error_code=ERR_get_next_error_library();
467
468 if (init)
469 {
470 init=0;
471#ifndef NO_ERR
472 ERR_load_strings(${lib}_lib_error_code,${lib}_str_functs);
473 ERR_load_strings(${lib}_lib_error_code,${lib}_str_reasons);
474#endif
475
476#ifdef ${lib}_LIB_NAME
477 ${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code,0,0);
478 ERR_load_strings(0,${lib}_lib_name);
479#endif
480 }
481 }
482
483void ERR_${lib}_error(int function, int reason, char *file, int line)
484 {
485 if (${lib}_lib_error_code == 0)
486 ${lib}_lib_error_code=ERR_get_next_error_library();
487 ERR_PUT_error(${lib}_lib_error_code,function,reason,file,line);
488 }
489EOF
490
491}
492
493 close OUT;
494 undef %err_reason_strings;
495}
496
497if($debug && defined(%notrans)) {
498 print STDERR "The following function codes were not translated:\n";
499 foreach(sort keys %notrans)
500 {
501 print STDERR "$_\n";
502 }
503}
504
505# Make a list of unreferenced function and reason codes
506
507foreach (keys %fcodes) {
508 push (@funref, $_) unless exists $ufcodes{$_};
509}
510
511foreach (keys %rcodes) {
512 push (@runref, $_) unless exists $urcodes{$_};
513}
514
515if($debug && defined(@funref) ) {
516 print STDERR "The following function codes were not referenced:\n";
517 foreach(sort @funref)
518 {
519 print STDERR "$_\n";
520 }
521}
522
523if($debug && defined(@runref) ) {
524 print STDERR "The following reason codes were not referenced:\n";
525 foreach(sort @runref)
526 {
527 print STDERR "$_\n";
528 }
529}
diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl
deleted file mode 100644
index 3ee13fe7c9..0000000000
--- a/src/lib/libcrypto/util/mkstack.pl
+++ /dev/null
@@ -1,124 +0,0 @@
1#!/usr/local/bin/perl -w
2
3# This is a utility that searches out "DECLARE_STACK_OF()"
4# declarations in .h and .c files, and updates/creates/replaces
5# the corresponding macro declarations in crypto/stack/safestack.h.
6# As it's not generally possible to have macros that generate macros,
7# we need to control this from the "outside", here in this script.
8#
9# Geoff Thorpe, June, 2000 (with massive Perl-hacking
10# help from Steve Robb)
11
12my $safestack = "crypto/stack/safestack";
13
14my $do_write;
15while (@ARGV) {
16 my $arg = $ARGV[0];
17 if($arg eq "-write") {
18 $do_write = 1;
19 }
20 shift @ARGV;
21}
22
23
24@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <rsaref/*.[ch]>, <ssl/*.[ch]>);
25foreach $file (@source) {
26 next if -l $file;
27
28 # Open the .c/.h file for reading
29 open(IN, "< $file") || die "Can't open $file for reading: $!";
30
31 while(<IN>) {
32 if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
33 push @stacklst, $1;
34 } if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
35 push @asn1setlst, $1;
36 } if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
37 push @p12stklst, $1;
38 }
39 }
40 close(IN);
41}
42
43
44
45my $old_stackfile = "";
46my $new_stackfile = "";
47my $inside_block = 0;
48my $type_thing;
49
50open(IN, "< $safestack.h") || die "Can't open input file: $!";
51while(<IN>) {
52 $old_stackfile .= $_;
53
54 if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) {
55 $inside_block = 1;
56 }
57 if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) {
58 $inside_block = 0;
59 } elsif ($inside_block == 0) {
60 $new_stackfile .= $_;
61 }
62 next if($inside_block != 1);
63 $new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */";
64
65 foreach $type_thing (sort @stacklst) {
66 $new_stackfile .= <<EOF;
67
68#define sk_${type_thing}_new(st) SKM_sk_new($type_thing, (st))
69#define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
70#define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
71#define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
72#define sk_${type_thing}_value(st, i) SKM_sk_value($type_thing, (st), (i))
73#define sk_${type_thing}_set(st, i, val) SKM_sk_set($type_thing, (st), (i), (val))
74#define sk_${type_thing}_zero(st) SKM_sk_zero($type_thing, (st))
75#define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val))
76#define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val))
77#define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val))
78#define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i))
79#define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr))
80#define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i))
81#define sk_${type_thing}_set_cmp_func(st, cmp) SKM_sk_set_cmp_func($type_thing, (st), (cmp))
82#define sk_${type_thing}_dup(st) SKM_sk_dup($type_thing, st)
83#define sk_${type_thing}_pop_free(st, free_func) SKM_sk_pop_free($type_thing, (st), (free_func))
84#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
85#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
86#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
87EOF
88 }
89 foreach $type_thing (sort @asn1setlst) {
90 $new_stackfile .= <<EOF;
91
92#define d2i_ASN1_SET_OF_${type_thing}(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \\
93 SKM_ASN1_SET_OF_d2i($type_thing, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
94#define i2d_ASN1_SET_OF_${type_thing}(st, pp, i2d_func, ex_tag, ex_class, is_set) \\
95 SKM_ASN1_SET_OF_i2d($type_thing, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
96#define ASN1_seq_pack_${type_thing}(st, i2d_func, buf, len) \\
97 SKM_ASN1_seq_pack($type_thing, (st), (i2d_func), (buf), (len))
98#define ASN1_seq_unpack_${type_thing}(buf, len, d2i_func, free_func) \\
99 SKM_ASN1_seq_unpack($type_thing, (buf), (len), (d2i_func), (free_func))
100EOF
101 }
102 foreach $type_thing (sort @p12stklst) {
103 $new_stackfile .= <<EOF;
104
105#define PKCS12_decrypt_d2i_${type_thing}(algor, d2i_func, free_func, pass, passlen, oct, seq) \\
106 SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
107EOF
108 }
109 $new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
110 $inside_block = 2;
111}
112
113
114if ($new_stackfile eq $old_stackfile) {
115 print "No changes to $safestack.h.\n";
116 exit 0; # avoid unnecessary rebuild
117}
118
119if ($do_write) {
120 print "Writing new $safestack.h.\n";
121 open OUT, ">$safestack.h" || die "Can't open output file";
122 print OUT $new_stackfile;
123 close OUT;
124}
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
deleted file mode 100644
index 448bd7e69c..0000000000
--- a/src/lib/libcrypto/x509/by_dir.c
+++ /dev/null
@@ -1,351 +0,0 @@
1/* crypto/x509/by_dir.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include <errno.h>
62
63#include "cryptlib.h"
64
65#ifndef NO_SYS_TYPES_H
66# include <sys/types.h>
67#endif
68#ifdef MAC_OS_pre_X
69# include <stat.h>
70#else
71# include <sys/stat.h>
72#endif
73
74#include <openssl/lhash.h>
75#include <openssl/x509.h>
76
77typedef struct lookup_dir_st
78 {
79 BUF_MEM *buffer;
80 int num_dirs;
81 char **dirs;
82 int *dirs_type;
83 int num_dirs_alloced;
84 } BY_DIR;
85
86static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
87 char **ret);
88static int new_dir(X509_LOOKUP *lu);
89static void free_dir(X509_LOOKUP *lu);
90static int add_cert_dir(BY_DIR *ctx,const char *dir,int type);
91static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
92 X509_OBJECT *ret);
93X509_LOOKUP_METHOD x509_dir_lookup=
94 {
95 "Load certs from files in a directory",
96 new_dir, /* new */
97 free_dir, /* free */
98 NULL, /* init */
99 NULL, /* shutdown */
100 dir_ctrl, /* ctrl */
101 get_cert_by_subject, /* get_by_subject */
102 NULL, /* get_by_issuer_serial */
103 NULL, /* get_by_fingerprint */
104 NULL, /* get_by_alias */
105 };
106
107X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
108 {
109 return(&x509_dir_lookup);
110 }
111
112static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
113 char **retp)
114 {
115 int ret=0;
116 BY_DIR *ld;
117 char *dir;
118
119 ld=(BY_DIR *)ctx->method_data;
120
121 switch (cmd)
122 {
123 case X509_L_ADD_DIR:
124 if (argl == X509_FILETYPE_DEFAULT)
125 {
126 ret=add_cert_dir(ld,X509_get_default_cert_dir(),
127 X509_FILETYPE_PEM);
128 if (!ret)
129 {
130 X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
131 }
132 else
133 {
134 dir=(char *)Getenv(X509_get_default_cert_dir_env());
135 ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
136 }
137 }
138 else
139 ret=add_cert_dir(ld,argp,(int)argl);
140 break;
141 }
142 return(ret);
143 }
144
145static int new_dir(X509_LOOKUP *lu)
146 {
147 BY_DIR *a;
148
149 if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
150 return(0);
151 if ((a->buffer=BUF_MEM_new()) == NULL)
152 {
153 OPENSSL_free(a);
154 return(0);
155 }
156 a->num_dirs=0;
157 a->dirs=NULL;
158 a->dirs_type=NULL;
159 a->num_dirs_alloced=0;
160 lu->method_data=(char *)a;
161 return(1);
162 }
163
164static void free_dir(X509_LOOKUP *lu)
165 {
166 BY_DIR *a;
167 int i;
168
169 a=(BY_DIR *)lu->method_data;
170 for (i=0; i<a->num_dirs; i++)
171 if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]);
172 if (a->dirs != NULL) OPENSSL_free(a->dirs);
173 if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type);
174 if (a->buffer != NULL) BUF_MEM_free(a->buffer);
175 OPENSSL_free(a);
176 }
177
178static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
179 {
180 int j,len;
181 int *ip;
182 const char *s,*ss,*p;
183 char **pp;
184
185 if (dir == NULL || !*dir)
186 {
187 X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY);
188 return 0;
189 }
190
191 s=dir;
192 p=s;
193 for (;;)
194 {
195 if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
196 {
197 ss=s;
198 s=p+1;
199 len=(int)(p-ss);
200 if (len == 0) continue;
201 for (j=0; j<ctx->num_dirs; j++)
202 if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
203 continue;
204 if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
205 {
206 ctx->num_dirs_alloced+=10;
207 pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced*
208 sizeof(char *));
209 ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced*
210 sizeof(int));
211 if ((pp == NULL) || (ip == NULL))
212 {
213 X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
214 return(0);
215 }
216 memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
217 sizeof(char *));
218 memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
219 sizeof(int));
220 if (ctx->dirs != NULL)
221 OPENSSL_free(ctx->dirs);
222 if (ctx->dirs_type != NULL)
223 OPENSSL_free(ctx->dirs_type);
224 ctx->dirs=pp;
225 ctx->dirs_type=ip;
226 }
227 ctx->dirs_type[ctx->num_dirs]=type;
228 ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1);
229 if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
230 strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
231 ctx->dirs[ctx->num_dirs][len]='\0';
232 ctx->num_dirs++;
233 }
234 if (*p == '\0') break;
235 p++;
236 }
237 return(1);
238 }
239
240static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
241 X509_OBJECT *ret)
242 {
243 BY_DIR *ctx;
244 union {
245 struct {
246 X509 st_x509;
247 X509_CINF st_x509_cinf;
248 } x509;
249 struct {
250 X509_CRL st_crl;
251 X509_CRL_INFO st_crl_info;
252 } crl;
253 } data;
254 int ok=0;
255 int i,j,k;
256 unsigned long h;
257 BUF_MEM *b=NULL;
258 struct stat st;
259 X509_OBJECT stmp,*tmp;
260 const char *postfix="";
261
262 if (name == NULL) return(0);
263
264 stmp.type=type;
265 if (type == X509_LU_X509)
266 {
267 data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
268 data.x509.st_x509_cinf.subject=name;
269 stmp.data.x509= &data.x509.st_x509;
270 postfix="";
271 }
272 else if (type == X509_LU_CRL)
273 {
274 data.crl.st_crl.crl= &data.crl.st_crl_info;
275 data.crl.st_crl_info.issuer=name;
276 stmp.data.crl= &data.crl.st_crl;
277 postfix="r";
278 }
279 else
280 {
281 X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
282 goto finish;
283 }
284
285 if ((b=BUF_MEM_new()) == NULL)
286 {
287 X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
288 goto finish;
289 }
290
291 ctx=(BY_DIR *)xl->method_data;
292
293 h=X509_NAME_hash(name);
294 for (i=0; i<ctx->num_dirs; i++)
295 {
296 j=strlen(ctx->dirs[i])+1+8+6+1+1;
297 if (!BUF_MEM_grow(b,j))
298 {
299 X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
300 goto finish;
301 }
302 k=0;
303 for (;;)
304 {
305 sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
306 postfix,k);
307 k++;
308 if (stat(b->data,&st) < 0)
309 break;
310 /* found one. */
311 if (type == X509_LU_X509)
312 {
313 if ((X509_load_cert_file(xl,b->data,
314 ctx->dirs_type[i])) == 0)
315 break;
316 }
317 else if (type == X509_LU_CRL)
318 {
319 if ((X509_load_crl_file(xl,b->data,
320 ctx->dirs_type[i])) == 0)
321 break;
322 }
323 /* else case will caught higher up */
324 }
325
326 /* we have added it to the cache so now pull
327 * it out again */
328 CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
329 j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp);
330 if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j);
331 else tmp = NULL;
332 CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
333
334 if (tmp != NULL)
335 {
336 ok=1;
337 ret->type=tmp->type;
338 memcpy(&ret->data,&tmp->data,sizeof(ret->data));
339 /* If we were going to up the reference count,
340 * we would need to do it on a perl 'type'
341 * basis */
342 /* CRYPTO_add(&tmp->data.x509->references,1,
343 CRYPTO_LOCK_X509);*/
344 goto finish;
345 }
346 }
347finish:
348 if (b != NULL) BUF_MEM_free(b);
349 return(ok);
350 }
351
diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c
deleted file mode 100644
index 78e9240a8d..0000000000
--- a/src/lib/libcrypto/x509/by_file.c
+++ /dev/null
@@ -1,298 +0,0 @@
1/* crypto/x509/by_file.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include <errno.h>
62
63#include "cryptlib.h"
64#include <openssl/lhash.h>
65#include <openssl/buffer.h>
66#include <openssl/x509.h>
67#include <openssl/pem.h>
68
69#ifndef NO_STDIO
70
71static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
72 long argl, char **ret);
73X509_LOOKUP_METHOD x509_file_lookup=
74 {
75 "Load file into cache",
76 NULL, /* new */
77 NULL, /* free */
78 NULL, /* init */
79 NULL, /* shutdown */
80 by_file_ctrl, /* ctrl */
81 NULL, /* get_by_subject */
82 NULL, /* get_by_issuer_serial */
83 NULL, /* get_by_fingerprint */
84 NULL, /* get_by_alias */
85 };
86
87X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
88 {
89 return(&x509_file_lookup);
90 }
91
92static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
93 char **ret)
94 {
95 int ok=0;
96 char *file;
97
98 switch (cmd)
99 {
100 case X509_L_FILE_LOAD:
101 if (argl == X509_FILETYPE_DEFAULT)
102 {
103 ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(),
104 X509_FILETYPE_PEM) != 0);
105 if (!ok)
106 {
107 X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
108 }
109 else
110 {
111 file=(char *)Getenv(X509_get_default_cert_file_env());
112 ok = (X509_load_cert_crl_file(ctx,file,
113 X509_FILETYPE_PEM) != 0);
114 }
115 }
116 else
117 {
118 if(argl == X509_FILETYPE_PEM)
119 ok = (X509_load_cert_crl_file(ctx,argp,
120 X509_FILETYPE_PEM) != 0);
121 else
122 ok = (X509_load_cert_file(ctx,argp,(int)argl) != 0);
123 }
124 break;
125 }
126 return(ok);
127 }
128
129int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
130 {
131 int ret=0;
132 BIO *in=NULL;
133 int i,count=0;
134 X509 *x=NULL;
135
136 if (file == NULL) return(1);
137 in=BIO_new(BIO_s_file_internal());
138
139 if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
140 {
141 X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
142 goto err;
143 }
144
145 if (type == X509_FILETYPE_PEM)
146 {
147 for (;;)
148 {
149 x=PEM_read_bio_X509_AUX(in,NULL,NULL,NULL);
150 if (x == NULL)
151 {
152 if ((ERR_GET_REASON(ERR_peek_error()) ==
153 PEM_R_NO_START_LINE) && (count > 0))
154 {
155 ERR_clear_error();
156 break;
157 }
158 else
159 {
160 X509err(X509_F_X509_LOAD_CERT_FILE,
161 ERR_R_PEM_LIB);
162 goto err;
163 }
164 }
165 i=X509_STORE_add_cert(ctx->store_ctx,x);
166 if (!i) goto err;
167 count++;
168 X509_free(x);
169 x=NULL;
170 }
171 ret=count;
172 }
173 else if (type == X509_FILETYPE_ASN1)
174 {
175 x=d2i_X509_bio(in,NULL);
176 if (x == NULL)
177 {
178 X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
179 goto err;
180 }
181 i=X509_STORE_add_cert(ctx->store_ctx,x);
182 if (!i) goto err;
183 ret=i;
184 }
185 else
186 {
187 X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
188 goto err;
189 }
190err:
191 if (x != NULL) X509_free(x);
192 if (in != NULL) BIO_free(in);
193 return(ret);
194 }
195
196int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
197 {
198 int ret=0;
199 BIO *in=NULL;
200 int i,count=0;
201 X509_CRL *x=NULL;
202
203 if (file == NULL) return(1);
204 in=BIO_new(BIO_s_file_internal());
205
206 if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
207 {
208 X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB);
209 goto err;
210 }
211
212 if (type == X509_FILETYPE_PEM)
213 {
214 for (;;)
215 {
216 x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
217 if (x == NULL)
218 {
219 if ((ERR_GET_REASON(ERR_peek_error()) ==
220 PEM_R_NO_START_LINE) && (count > 0))
221 {
222 ERR_clear_error();
223 break;
224 }
225 else
226 {
227 X509err(X509_F_X509_LOAD_CRL_FILE,
228 ERR_R_PEM_LIB);
229 goto err;
230 }
231 }
232 i=X509_STORE_add_crl(ctx->store_ctx,x);
233 if (!i) goto err;
234 count++;
235 X509_CRL_free(x);
236 x=NULL;
237 }
238 ret=count;
239 }
240 else if (type == X509_FILETYPE_ASN1)
241 {
242 x=d2i_X509_CRL_bio(in,NULL);
243 if (x == NULL)
244 {
245 X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB);
246 goto err;
247 }
248 i=X509_STORE_add_crl(ctx->store_ctx,x);
249 if (!i) goto err;
250 ret=i;
251 }
252 else
253 {
254 X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE);
255 goto err;
256 }
257err:
258 if (x != NULL) X509_CRL_free(x);
259 if (in != NULL) BIO_free(in);
260 return(ret);
261 }
262
263int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
264{
265 STACK_OF(X509_INFO) *inf;
266 X509_INFO *itmp;
267 BIO *in;
268 int i, count = 0;
269 if(type != X509_FILETYPE_PEM)
270 return X509_load_cert_file(ctx, file, type);
271 in = BIO_new_file(file, "r");
272 if(!in) {
273 X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_SYS_LIB);
274 return 0;
275 }
276 inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
277 BIO_free(in);
278 if(!inf) {
279 X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB);
280 return 0;
281 }
282 for(i = 0; i < sk_X509_INFO_num(inf); i++) {
283 itmp = sk_X509_INFO_value(inf, i);
284 if(itmp->x509) {
285 X509_STORE_add_cert(ctx->store_ctx, itmp->x509);
286 count++;
287 } else if(itmp->crl) {
288 X509_STORE_add_crl(ctx->store_ctx, itmp->crl);
289 count++;
290 }
291 }
292 sk_X509_INFO_pop_free(inf, X509_INFO_free);
293 return count;
294}
295
296
297#endif /* NO_STDIO */
298
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
deleted file mode 100644
index 813c8adffd..0000000000
--- a/src/lib/libcrypto/x509/x509.h
+++ /dev/null
@@ -1,1294 +0,0 @@
1/* crypto/x509/x509.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_X509_H
60#define HEADER_X509_H
61
62#include <openssl/symhacks.h>
63#ifndef NO_BUFFER
64#include <openssl/buffer.h>
65#endif
66#ifndef NO_EVP
67#include <openssl/evp.h>
68#endif
69#ifndef NO_BIO
70#include <openssl/bio.h>
71#endif
72#include <openssl/stack.h>
73#include <openssl/asn1.h>
74#include <openssl/safestack.h>
75
76#ifndef NO_RSA
77#include <openssl/rsa.h>
78#endif
79
80#ifndef NO_DSA
81#include <openssl/dsa.h>
82#endif
83
84#ifndef NO_DH
85#include <openssl/dh.h>
86#endif
87
88#include <openssl/evp.h>
89
90
91#ifdef __cplusplus
92extern "C" {
93#endif
94
95#ifdef WIN32
96/* Under Win32 this is defined in wincrypt.h */
97#undef X509_NAME
98#endif
99
100 /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
101#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
102#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
103
104#define X509_FILETYPE_PEM 1
105#define X509_FILETYPE_ASN1 2
106#define X509_FILETYPE_DEFAULT 3
107
108#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
109#define X509v3_KU_NON_REPUDIATION 0x0040
110#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
111#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
112#define X509v3_KU_KEY_AGREEMENT 0x0008
113#define X509v3_KU_KEY_CERT_SIGN 0x0004
114#define X509v3_KU_CRL_SIGN 0x0002
115#define X509v3_KU_ENCIPHER_ONLY 0x0001
116#define X509v3_KU_DECIPHER_ONLY 0x8000
117#define X509v3_KU_UNDEF 0xffff
118
119typedef struct X509_objects_st
120 {
121 int nid;
122 int (*a2i)();
123 int (*i2a)();
124 } X509_OBJECTS;
125
126typedef struct X509_algor_st
127 {
128 ASN1_OBJECT *algorithm;
129 ASN1_TYPE *parameter;
130 } X509_ALGOR;
131
132DECLARE_STACK_OF(X509_ALGOR)
133DECLARE_ASN1_SET_OF(X509_ALGOR)
134
135typedef struct X509_val_st
136 {
137 ASN1_TIME *notBefore;
138 ASN1_TIME *notAfter;
139 } X509_VAL;
140
141typedef struct X509_pubkey_st
142 {
143 X509_ALGOR *algor;
144 ASN1_BIT_STRING *public_key;
145 EVP_PKEY *pkey;
146 } X509_PUBKEY;
147
148typedef struct X509_sig_st
149 {
150 X509_ALGOR *algor;
151 ASN1_OCTET_STRING *digest;
152 } X509_SIG;
153
154typedef struct X509_name_entry_st
155 {
156 ASN1_OBJECT *object;
157 ASN1_STRING *value;
158 int set;
159 int size; /* temp variable */
160 } X509_NAME_ENTRY;
161
162DECLARE_STACK_OF(X509_NAME_ENTRY)
163DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
164
165/* we always keep X509_NAMEs in 2 forms. */
166typedef struct X509_name_st
167 {
168 STACK_OF(X509_NAME_ENTRY) *entries;
169 int modified; /* true if 'bytes' needs to be built */
170#ifndef NO_BUFFER
171 BUF_MEM *bytes;
172#else
173 char *bytes;
174#endif
175 unsigned long hash; /* Keep the hash around for lookups */
176 } X509_NAME;
177
178DECLARE_STACK_OF(X509_NAME)
179
180#define X509_EX_V_NETSCAPE_HACK 0x8000
181#define X509_EX_V_INIT 0x0001
182typedef struct X509_extension_st
183 {
184 ASN1_OBJECT *object;
185 short critical;
186 short netscape_hack;
187 ASN1_OCTET_STRING *value;
188 struct v3_ext_method *method; /* V3 method to use */
189 void *ext_val; /* extension value */
190 } X509_EXTENSION;
191
192DECLARE_STACK_OF(X509_EXTENSION)
193DECLARE_ASN1_SET_OF(X509_EXTENSION)
194
195/* a sequence of these are used */
196typedef struct x509_attributes_st
197 {
198 ASN1_OBJECT *object;
199 int set; /* 1 for a set, 0 for a single item (which is wrong) */
200 union {
201 char *ptr;
202/* 1 */ STACK_OF(ASN1_TYPE) *set;
203/* 0 */ ASN1_TYPE *single;
204 } value;
205 } X509_ATTRIBUTE;
206
207DECLARE_STACK_OF(X509_ATTRIBUTE)
208DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
209
210typedef struct X509_req_info_st
211 {
212 unsigned char *asn1;
213 int length;
214 ASN1_INTEGER *version;
215 X509_NAME *subject;
216 X509_PUBKEY *pubkey;
217 /* d=2 hl=2 l= 0 cons: cont: 00 */
218 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
219 int req_kludge;
220 } X509_REQ_INFO;
221
222typedef struct X509_req_st
223 {
224 X509_REQ_INFO *req_info;
225 X509_ALGOR *sig_alg;
226 ASN1_BIT_STRING *signature;
227 int references;
228 } X509_REQ;
229
230typedef struct x509_cinf_st
231 {
232 ASN1_INTEGER *version; /* [ 0 ] default of v1 */
233 ASN1_INTEGER *serialNumber;
234 X509_ALGOR *signature;
235 X509_NAME *issuer;
236 X509_VAL *validity;
237 X509_NAME *subject;
238 X509_PUBKEY *key;
239 ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
240 ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
241 STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
242 } X509_CINF;
243
244/* This stuff is certificate "auxiliary info"
245 * it contains details which are useful in certificate
246 * stores and databases. When used this is tagged onto
247 * the end of the certificate itself
248 */
249
250typedef struct x509_cert_aux_st
251 {
252 STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
253 STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
254 ASN1_UTF8STRING *alias; /* "friendly name" */
255 ASN1_OCTET_STRING *keyid; /* key id of private key */
256 STACK_OF(X509_ALGOR) *other; /* other unspecified info */
257 } X509_CERT_AUX;
258
259typedef struct x509_st
260 {
261 X509_CINF *cert_info;
262 X509_ALGOR *sig_alg;
263 ASN1_BIT_STRING *signature;
264 int valid;
265 int references;
266 char *name;
267 CRYPTO_EX_DATA ex_data;
268 /* These contain copies of various extension values */
269 long ex_pathlen;
270 unsigned long ex_flags;
271 unsigned long ex_kusage;
272 unsigned long ex_xkusage;
273 unsigned long ex_nscert;
274 ASN1_OCTET_STRING *skid;
275 struct AUTHORITY_KEYID_st *akid;
276#ifndef NO_SHA
277 unsigned char sha1_hash[SHA_DIGEST_LENGTH];
278#endif
279 X509_CERT_AUX *aux;
280 } X509;
281
282DECLARE_STACK_OF(X509)
283DECLARE_ASN1_SET_OF(X509)
284
285/* This is used for a table of trust checking functions */
286
287typedef struct x509_trust_st {
288 int trust;
289 int flags;
290 int (*check_trust)(struct x509_trust_st *, X509 *, int);
291 char *name;
292 int arg1;
293 void *arg2;
294} X509_TRUST;
295
296DECLARE_STACK_OF(X509_TRUST)
297
298/* standard trust ids */
299
300#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */
301
302#define X509_TRUST_COMPAT 1
303#define X509_TRUST_SSL_CLIENT 2
304#define X509_TRUST_SSL_SERVER 3
305#define X509_TRUST_EMAIL 4
306#define X509_TRUST_OBJECT_SIGN 5
307
308/* Keep these up to date! */
309#define X509_TRUST_MIN 1
310#define X509_TRUST_MAX 5
311
312
313/* trust_flags values */
314#define X509_TRUST_DYNAMIC 1
315#define X509_TRUST_DYNAMIC_NAME 2
316
317/* check_trust return codes */
318
319#define X509_TRUST_TRUSTED 1
320#define X509_TRUST_REJECTED 2
321#define X509_TRUST_UNTRUSTED 3
322
323/* Flags specific to X509_NAME_print_ex() */
324
325/* The field separator information */
326
327#define XN_FLAG_SEP_MASK (0xf << 16)
328
329#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */
330#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */
331#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */
332#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */
333#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */
334
335#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */
336
337/* How the field name is shown */
338
339#define XN_FLAG_FN_MASK (0x3 << 21)
340
341#define XN_FLAG_FN_SN 0 /* Object short name */
342#define XN_FLAG_FN_LN (1 << 21) /* Object long name */
343#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */
344#define XN_FLAG_FN_NONE (3 << 21) /* No field names */
345
346#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */
347
348/* This determines if we dump fields we don't recognise:
349 * RFC2253 requires this.
350 */
351
352#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
353
354/* Complete set of RFC2253 flags */
355
356#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
357 XN_FLAG_SEP_COMMA_PLUS | \
358 XN_FLAG_DN_REV | \
359 XN_FLAG_FN_SN | \
360 XN_FLAG_DUMP_UNKNOWN_FIELDS)
361
362/* readable oneline form */
363
364#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
365 ASN1_STRFLGS_ESC_QUOTE | \
366 XN_FLAG_SEP_CPLUS_SPC | \
367 XN_FLAG_SPC_EQ | \
368 XN_FLAG_FN_SN)
369
370/* readable multiline form */
371
372#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
373 ASN1_STRFLGS_ESC_MSB | \
374 XN_FLAG_SEP_MULTILINE | \
375 XN_FLAG_SPC_EQ | \
376 XN_FLAG_FN_LN)
377
378typedef struct X509_revoked_st
379 {
380 ASN1_INTEGER *serialNumber;
381 ASN1_TIME *revocationDate;
382 STACK_OF(X509_EXTENSION) /* optional */ *extensions;
383 int sequence; /* load sequence */
384 } X509_REVOKED;
385
386DECLARE_STACK_OF(X509_REVOKED)
387DECLARE_ASN1_SET_OF(X509_REVOKED)
388
389typedef struct X509_crl_info_st
390 {
391 ASN1_INTEGER *version;
392 X509_ALGOR *sig_alg;
393 X509_NAME *issuer;
394 ASN1_TIME *lastUpdate;
395 ASN1_TIME *nextUpdate;
396 STACK_OF(X509_REVOKED) *revoked;
397 STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
398 } X509_CRL_INFO;
399
400typedef struct X509_crl_st
401 {
402 /* actual signature */
403 X509_CRL_INFO *crl;
404 X509_ALGOR *sig_alg;
405 ASN1_BIT_STRING *signature;
406 int references;
407 } X509_CRL;
408
409DECLARE_STACK_OF(X509_CRL)
410DECLARE_ASN1_SET_OF(X509_CRL)
411
412typedef struct private_key_st
413 {
414 int version;
415 /* The PKCS#8 data types */
416 X509_ALGOR *enc_algor;
417 ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
418
419 /* When decrypted, the following will not be NULL */
420 EVP_PKEY *dec_pkey;
421
422 /* used to encrypt and decrypt */
423 int key_length;
424 char *key_data;
425 int key_free; /* true if we should auto free key_data */
426
427 /* expanded version of 'enc_algor' */
428 EVP_CIPHER_INFO cipher;
429
430 int references;
431 } X509_PKEY;
432
433#ifndef NO_EVP
434typedef struct X509_info_st
435 {
436 X509 *x509;
437 X509_CRL *crl;
438 X509_PKEY *x_pkey;
439
440 EVP_CIPHER_INFO enc_cipher;
441 int enc_len;
442 char *enc_data;
443
444 int references;
445 } X509_INFO;
446
447DECLARE_STACK_OF(X509_INFO)
448#endif
449
450/* The next 2 structures and their 8 routines were sent to me by
451 * Pat Richard <patr@x509.com> and are used to manipulate
452 * Netscapes spki structures - useful if you are writing a CA web page
453 */
454typedef struct Netscape_spkac_st
455 {
456 X509_PUBKEY *pubkey;
457 ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
458 } NETSCAPE_SPKAC;
459
460typedef struct Netscape_spki_st
461 {
462 NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
463 X509_ALGOR *sig_algor;
464 ASN1_BIT_STRING *signature;
465 } NETSCAPE_SPKI;
466
467/* Netscape certificate sequence structure */
468typedef struct Netscape_certificate_sequence
469 {
470 ASN1_OBJECT *type;
471 STACK_OF(X509) *certs;
472 } NETSCAPE_CERT_SEQUENCE;
473
474typedef struct CBCParameter_st
475 {
476 unsigned char iv[8];
477 } CBC_PARAM;
478
479/* Password based encryption structure */
480
481typedef struct PBEPARAM_st {
482ASN1_OCTET_STRING *salt;
483ASN1_INTEGER *iter;
484} PBEPARAM;
485
486/* Password based encryption V2 structures */
487
488typedef struct PBE2PARAM_st {
489X509_ALGOR *keyfunc;
490X509_ALGOR *encryption;
491} PBE2PARAM;
492
493typedef struct PBKDF2PARAM_st {
494ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
495ASN1_INTEGER *iter;
496ASN1_INTEGER *keylength;
497X509_ALGOR *prf;
498} PBKDF2PARAM;
499
500
501/* PKCS#8 private key info structure */
502
503typedef struct pkcs8_priv_key_info_st
504 {
505 int broken; /* Flag for various broken formats */
506#define PKCS8_OK 0
507#define PKCS8_NO_OCTET 1
508#define PKCS8_EMBEDDED_PARAM 2
509#define PKCS8_NS_DB 3
510 ASN1_INTEGER *version;
511 X509_ALGOR *pkeyalg;
512 ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
513 STACK_OF(X509_ATTRIBUTE) *attributes;
514 } PKCS8_PRIV_KEY_INFO;
515
516#ifdef __cplusplus
517}
518#endif
519
520#include <openssl/x509_vfy.h>
521#include <openssl/pkcs7.h>
522
523#ifdef __cplusplus
524extern "C" {
525#endif
526
527#ifdef SSLEAY_MACROS
528#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
529 a->signature,(char *)a->cert_info,r)
530#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
531 a->sig_alg,a->signature,(char *)a->req_info,r)
532#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
533 a->sig_alg, a->signature,(char *)a->crl,r)
534
535#define X509_sign(x,pkey,md) \
536 ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
537 x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
538#define X509_REQ_sign(x,pkey,md) \
539 ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
540 x->signature, (char *)x->req_info,pkey,md)
541#define X509_CRL_sign(x,pkey,md) \
542 ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
543 x->signature, (char *)x->crl,pkey,md)
544#define NETSCAPE_SPKI_sign(x,pkey,md) \
545 ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
546 x->signature, (char *)x->spkac,pkey,md)
547
548#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
549 (char *(*)())d2i_X509,(char *)x509)
550#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
551 (int (*)())i2d_X509_ATTRIBUTE, \
552 (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
553#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
554 (int (*)())i2d_X509_EXTENSION, \
555 (char *(*)())d2i_X509_EXTENSION,(char *)ex)
556#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
557 (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
558#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
559#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
560 (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
561#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
562
563#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
564 (char *(*)())d2i_X509_CRL,(char *)crl)
565#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
566 X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
567 (unsigned char **)(crl))
568#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
569 (unsigned char *)crl)
570#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
571 X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
572 (unsigned char **)(crl))
573#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
574 (unsigned char *)crl)
575
576#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
577 (char *(*)())d2i_PKCS7,(char *)p7)
578#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
579 PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
580 (unsigned char **)(p7))
581#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
582 (unsigned char *)p7)
583#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
584 PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
585 (unsigned char **)(p7))
586#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
587 (unsigned char *)p7)
588
589#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
590 (char *(*)())d2i_X509_REQ,(char *)req)
591#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
592 X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
593 (unsigned char **)(req))
594#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
595 (unsigned char *)req)
596#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
597 X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
598 (unsigned char **)(req))
599#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
600 (unsigned char *)req)
601
602#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
603 (char *(*)())d2i_RSAPublicKey,(char *)rsa)
604#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
605 (char *(*)())d2i_RSAPrivateKey,(char *)rsa)
606
607#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
608 RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
609 (unsigned char **)(rsa))
610#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
611 (unsigned char *)rsa)
612#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
613 RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
614 (unsigned char **)(rsa))
615#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
616 (unsigned char *)rsa)
617
618#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
619 RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
620 (unsigned char **)(rsa))
621#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
622 (unsigned char *)rsa)
623#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
624 RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
625 (unsigned char **)(rsa))
626#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
627 (unsigned char *)rsa)
628
629#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
630 DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
631 (unsigned char **)(dsa))
632#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
633 (unsigned char *)dsa)
634#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
635 DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
636 (unsigned char **)(dsa))
637#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
638 (unsigned char *)dsa)
639
640#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
641 (char *(*)())d2i_X509_ALGOR,(char *)xn)
642
643#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
644 (char *(*)())d2i_X509_NAME,(char *)xn)
645#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
646 (int (*)())i2d_X509_NAME_ENTRY, \
647 (char *(*)())d2i_X509_NAME_ENTRY,\
648 (char *)ne)
649
650#define X509_digest(data,type,md,len) \
651 ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
652#define X509_NAME_digest(data,type,md,len) \
653 ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
654#ifndef PKCS7_ISSUER_AND_SERIAL_digest
655#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
656 ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
657 (char *)data,md,len)
658#endif
659#endif
660
661#define X509_EXT_PACK_UNKNOWN 1
662#define X509_EXT_PACK_STRING 2
663
664#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
665/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
666#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
667#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
668#define X509_extract_key(x) X509_get_pubkey(x) /*****/
669#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
670#define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
671#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
672#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
673#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
674
675#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
676#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
677#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
678#define X509_CRL_get_issuer(x) ((x)->crl->issuer)
679#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
680
681/* This one is only used so that a binary form can output, as in
682 * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
683#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
684
685
686const char *X509_verify_cert_error_string(long n);
687
688#ifndef SSLEAY_MACROS
689#ifndef NO_EVP
690int X509_verify(X509 *a, EVP_PKEY *r);
691
692int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
693int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
694int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
695
696NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len);
697char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
698EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
699int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
700
701int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
702
703int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
704int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
705int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
706int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
707
708int X509_digest(const X509 *data,const EVP_MD *type,
709 unsigned char *md, unsigned int *len);
710int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type,
711 unsigned char *md, unsigned int *len);
712int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type,
713 unsigned char *md, unsigned int *len);
714int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type,
715 unsigned char *md, unsigned int *len);
716#endif
717
718#ifndef NO_FP_API
719X509 *d2i_X509_fp(FILE *fp, X509 **x509);
720int i2d_X509_fp(FILE *fp,X509 *x509);
721X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
722int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
723X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
724int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
725#ifndef NO_RSA
726RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
727int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
728RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
729int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
730RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa);
731int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa);
732#endif
733#ifndef NO_DSA
734DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
735int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
736DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
737int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
738#endif
739X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
740int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
741PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
742 PKCS8_PRIV_KEY_INFO **p8inf);
743int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf);
744int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
745int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
746EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
747int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
748EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
749#endif
750
751#ifndef NO_BIO
752X509 *d2i_X509_bio(BIO *bp,X509 **x509);
753int i2d_X509_bio(BIO *bp,X509 *x509);
754X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
755int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
756X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
757int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
758#ifndef NO_RSA
759RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
760int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
761RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
762int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
763RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa);
764int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa);
765#endif
766#ifndef NO_DSA
767DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
768int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
769DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
770int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
771#endif
772X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
773int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
774PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
775 PKCS8_PRIV_KEY_INFO **p8inf);
776int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf);
777int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
778int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
779EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
780int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
781EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
782#endif
783
784X509 *X509_dup(X509 *x509);
785X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
786X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
787X509_CRL *X509_CRL_dup(X509_CRL *crl);
788X509_REQ *X509_REQ_dup(X509_REQ *req);
789X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
790X509_NAME *X509_NAME_dup(X509_NAME *xn);
791X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
792#ifndef NO_RSA
793RSA *RSAPublicKey_dup(RSA *rsa);
794RSA *RSAPrivateKey_dup(RSA *rsa);
795#endif
796
797#endif /* !SSLEAY_MACROS */
798
799int X509_cmp_time(ASN1_TIME *s, time_t *t);
800int X509_cmp_current_time(ASN1_TIME *s);
801ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
802ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj);
803
804const char * X509_get_default_cert_area(void );
805const char * X509_get_default_cert_dir(void );
806const char * X509_get_default_cert_file(void );
807const char * X509_get_default_cert_dir_env(void );
808const char * X509_get_default_cert_file_env(void );
809const char * X509_get_default_private_dir(void );
810
811X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
812X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
813void ERR_load_X509_strings(void );
814
815X509_ALGOR * X509_ALGOR_new(void );
816void X509_ALGOR_free(X509_ALGOR *a);
817int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
818X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
819 long length);
820
821X509_VAL * X509_VAL_new(void );
822void X509_VAL_free(X509_VAL *a);
823int i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
824X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
825 long length);
826
827X509_PUBKEY * X509_PUBKEY_new(void );
828void X509_PUBKEY_free(X509_PUBKEY *a);
829int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
830X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
831 long length);
832int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
833EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
834int X509_get_pubkey_parameters(EVP_PKEY *pkey,
835 STACK_OF(X509) *chain);
836int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp);
837EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp,
838 long length);
839#ifndef NO_RSA
840int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp);
841RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp,
842 long length);
843#endif
844#ifndef NO_DSA
845int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp);
846DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp,
847 long length);
848#endif
849
850X509_SIG * X509_SIG_new(void );
851void X509_SIG_free(X509_SIG *a);
852int i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
853X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
854
855X509_REQ_INFO *X509_REQ_INFO_new(void);
856void X509_REQ_INFO_free(X509_REQ_INFO *a);
857int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
858X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
859 long length);
860
861X509_REQ * X509_REQ_new(void);
862void X509_REQ_free(X509_REQ *a);
863int i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
864X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
865
866X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
867void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
868int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
869X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
870 long length);
871X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
872
873
874X509_EXTENSION *X509_EXTENSION_new(void );
875void X509_EXTENSION_free(X509_EXTENSION *a);
876int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
877X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
878 long length);
879
880X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
881void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
882int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
883X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
884 long length);
885
886X509_NAME * X509_NAME_new(void);
887void X509_NAME_free(X509_NAME *a);
888int i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
889X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
890int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
891
892
893X509_CINF * X509_CINF_new(void);
894void X509_CINF_free(X509_CINF *a);
895int i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
896X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
897
898X509 * X509_new(void);
899void X509_free(X509 *a);
900int i2d_X509(X509 *a,unsigned char **pp);
901X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
902int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
903 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
904int X509_set_ex_data(X509 *r, int idx, void *arg);
905void *X509_get_ex_data(X509 *r, int idx);
906int i2d_X509_AUX(X509 *a,unsigned char **pp);
907X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length);
908
909X509_CERT_AUX * X509_CERT_AUX_new(void);
910void X509_CERT_AUX_free(X509_CERT_AUX *a);
911int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
912X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
913 long length);
914int X509_alias_set1(X509 *x, unsigned char *name, int len);
915int X509_keyid_set1(X509 *x, unsigned char *id, int len);
916unsigned char * X509_alias_get0(X509 *x, int *len);
917int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
918int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
919int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
920void X509_trust_clear(X509 *x);
921void X509_reject_clear(X509 *x);
922
923X509_REVOKED * X509_REVOKED_new(void);
924void X509_REVOKED_free(X509_REVOKED *a);
925int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
926X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
927
928X509_CRL_INFO *X509_CRL_INFO_new(void);
929void X509_CRL_INFO_free(X509_CRL_INFO *a);
930int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
931X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
932 long length);
933
934X509_CRL * X509_CRL_new(void);
935void X509_CRL_free(X509_CRL *a);
936int i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
937X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
938
939X509_PKEY * X509_PKEY_new(void );
940void X509_PKEY_free(X509_PKEY *a);
941int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
942X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
943
944NETSCAPE_SPKI * NETSCAPE_SPKI_new(void );
945void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
946int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
947NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
948 long length);
949
950NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
951void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
952int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
953NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
954 long length);
955
956
957int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp);
958NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
959NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
960void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
961
962#ifndef NO_EVP
963X509_INFO * X509_INFO_new(void);
964void X509_INFO_free(X509_INFO *a);
965char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
966
967int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
968 ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
969
970int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data,
971 unsigned char *md,unsigned int *len);
972
973int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
974 ASN1_BIT_STRING *signature,
975 char *data,EVP_PKEY *pkey, const EVP_MD *type);
976#endif
977
978int X509_set_version(X509 *x,long version);
979int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
980ASN1_INTEGER * X509_get_serialNumber(X509 *x);
981int X509_set_issuer_name(X509 *x, X509_NAME *name);
982X509_NAME * X509_get_issuer_name(X509 *a);
983int X509_set_subject_name(X509 *x, X509_NAME *name);
984X509_NAME * X509_get_subject_name(X509 *a);
985int X509_set_notBefore(X509 *x, ASN1_TIME *tm);
986int X509_set_notAfter(X509 *x, ASN1_TIME *tm);
987int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
988EVP_PKEY * X509_get_pubkey(X509 *x);
989int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
990
991int X509_REQ_set_version(X509_REQ *x,long version);
992int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
993int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
994EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
995int X509_REQ_extension_nid(int nid);
996int * X509_REQ_get_extension_nids(void);
997void X509_REQ_set_extension_nids(int *nids);
998STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
999int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
1000 int nid);
1001int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
1002int X509_REQ_get_attr_count(const X509_REQ *req);
1003int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
1004 int lastpos);
1005int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
1006 int lastpos);
1007X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
1008X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
1009int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
1010int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
1011 ASN1_OBJECT *obj, int type,
1012 unsigned char *bytes, int len);
1013int X509_REQ_add1_attr_by_NID(X509_REQ *req,
1014 int nid, int type,
1015 unsigned char *bytes, int len);
1016int X509_REQ_add1_attr_by_txt(X509_REQ *req,
1017 char *attrname, int type,
1018 unsigned char *bytes, int len);
1019
1020int X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
1021
1022int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
1023unsigned long X509_issuer_and_serial_hash(X509 *a);
1024
1025int X509_issuer_name_cmp(const X509 *a, const X509 *b);
1026unsigned long X509_issuer_name_hash(X509 *a);
1027
1028int X509_subject_name_cmp(const X509 *a, const X509 *b);
1029unsigned long X509_subject_name_hash(X509 *x);
1030
1031int X509_cmp(const X509 *a, const X509 *b);
1032int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
1033unsigned long X509_NAME_hash(X509_NAME *x);
1034
1035int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
1036#ifndef NO_FP_API
1037int X509_print_fp(FILE *bp,X509 *x);
1038int X509_CRL_print_fp(FILE *bp,X509_CRL *x);
1039int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
1040int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
1041#endif
1042
1043#ifndef NO_BIO
1044int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
1045int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
1046int X509_print(BIO *bp,X509 *x);
1047int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
1048int X509_CRL_print(BIO *bp,X509_CRL *x);
1049int X509_REQ_print(BIO *bp,X509_REQ *req);
1050#endif
1051
1052int X509_NAME_entry_count(X509_NAME *name);
1053int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
1054 char *buf,int len);
1055int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
1056 char *buf,int len);
1057
1058/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
1059 * lastpos, search after that position on. */
1060int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
1061int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
1062 int lastpos);
1063X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
1064X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
1065int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
1066 int loc, int set);
1067int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
1068 unsigned char *bytes, int len, int loc, int set);
1069int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
1070 unsigned char *bytes, int len, int loc, int set);
1071X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
1072 char *field, int type, unsigned char *bytes, int len);
1073X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
1074 int type,unsigned char *bytes, int len);
1075int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
1076 unsigned char *bytes, int len, int loc, int set);
1077X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
1078 ASN1_OBJECT *obj, int type,unsigned char *bytes,
1079 int len);
1080int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
1081 ASN1_OBJECT *obj);
1082int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
1083 unsigned char *bytes, int len);
1084ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
1085ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
1086
1087int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
1088int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
1089 int nid, int lastpos);
1090int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
1091 ASN1_OBJECT *obj,int lastpos);
1092int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
1093 int crit, int lastpos);
1094X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
1095X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
1096STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
1097 X509_EXTENSION *ex, int loc);
1098
1099int X509_get_ext_count(X509 *x);
1100int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
1101int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
1102int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
1103X509_EXTENSION *X509_get_ext(X509 *x, int loc);
1104X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
1105int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
1106void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
1107
1108int X509_CRL_get_ext_count(X509_CRL *x);
1109int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
1110int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
1111int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
1112X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
1113X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
1114int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
1115void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
1116
1117int X509_REVOKED_get_ext_count(X509_REVOKED *x);
1118int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
1119int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
1120int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
1121X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
1122X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
1123int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
1124void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
1125
1126X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
1127 int nid, int crit, ASN1_OCTET_STRING *data);
1128X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
1129 ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
1130int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
1131int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
1132int X509_EXTENSION_set_data(X509_EXTENSION *ex,
1133 ASN1_OCTET_STRING *data);
1134ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex);
1135ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
1136int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
1137
1138int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
1139int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
1140 int lastpos);
1141int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
1142 int lastpos);
1143X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
1144X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
1145STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
1146 X509_ATTRIBUTE *attr);
1147STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
1148 ASN1_OBJECT *obj, int type,
1149 unsigned char *bytes, int len);
1150STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
1151 int nid, int type,
1152 unsigned char *bytes, int len);
1153STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
1154 char *attrname, int type,
1155 unsigned char *bytes, int len);
1156X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
1157 int atrtype, void *data, int len);
1158X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
1159 ASN1_OBJECT *obj, int atrtype, void *data, int len);
1160X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
1161 char *atrname, int type, unsigned char *bytes, int len);
1162int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
1163int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
1164void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
1165 int atrtype, void *data);
1166int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
1167ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
1168ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
1169
1170int X509_verify_cert(X509_STORE_CTX *ctx);
1171
1172/* lookup a cert from a X509 STACK */
1173X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
1174 ASN1_INTEGER *serial);
1175X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
1176
1177int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp);
1178PBEPARAM *PBEPARAM_new(void);
1179PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length);
1180void PBEPARAM_free(PBEPARAM *a);
1181X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
1182X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
1183 unsigned char *salt, int saltlen);
1184
1185int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp);
1186PBKDF2PARAM *PBKDF2PARAM_new(void);
1187PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length);
1188void PBKDF2PARAM_free(PBKDF2PARAM *a);
1189
1190int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp);
1191PBE2PARAM *PBE2PARAM_new(void);
1192PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length);
1193void PBE2PARAM_free(PBE2PARAM *a);
1194
1195/* PKCS#8 utilities */
1196
1197int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp);
1198PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void);
1199PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
1200 unsigned char **pp, long length);
1201void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a);
1202
1203EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
1204PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
1205PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
1206PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
1207
1208int X509_check_trust(X509 *x, int id, int flags);
1209int X509_TRUST_get_count(void);
1210X509_TRUST * X509_TRUST_get0(int idx);
1211int X509_TRUST_get_by_id(int id);
1212int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
1213 char *name, int arg1, void *arg2);
1214void X509_TRUST_cleanup(void);
1215int X509_TRUST_get_flags(X509_TRUST *xp);
1216char *X509_TRUST_get0_name(X509_TRUST *xp);
1217int X509_TRUST_get_trust(X509_TRUST *xp);
1218
1219/* BEGIN ERROR CODES */
1220/* The following lines are auto generated by the script mkerr.pl. Any changes
1221 * made after this point may be overwritten when the script is next run.
1222 */
1223
1224/* Error codes for the X509 functions. */
1225
1226/* Function codes. */
1227#define X509_F_ADD_CERT_DIR 100
1228#define X509_F_BY_FILE_CTRL 101
1229#define X509_F_DIR_CTRL 102
1230#define X509_F_GET_CERT_BY_SUBJECT 103
1231#define X509_F_NETSCAPE_SPKI_B64_DECODE 129
1232#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
1233#define X509_F_X509V3_ADD_EXT 104
1234#define X509_F_X509_ADD_ATTR 135
1235#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
1236#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
1237#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
1238#define X509_F_X509_ATTRIBUTE_GET0_DATA 139
1239#define X509_F_X509_ATTRIBUTE_SET1_DATA 138
1240#define X509_F_X509_CHECK_PRIVATE_KEY 128
1241#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
1242#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
1243#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
1244#define X509_F_X509_LOAD_CERT_CRL_FILE 132
1245#define X509_F_X509_LOAD_CERT_FILE 111
1246#define X509_F_X509_LOAD_CRL_FILE 112
1247#define X509_F_X509_NAME_ADD_ENTRY 113
1248#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
1249#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
1250#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
1251#define X509_F_X509_NAME_ONELINE 116
1252#define X509_F_X509_NAME_PRINT 117
1253#define X509_F_X509_PRINT_FP 118
1254#define X509_F_X509_PUBKEY_GET 119
1255#define X509_F_X509_PUBKEY_SET 120
1256#define X509_F_X509_REQ_PRINT 121
1257#define X509_F_X509_REQ_PRINT_FP 122
1258#define X509_F_X509_REQ_TO_X509 123
1259#define X509_F_X509_STORE_ADD_CERT 124
1260#define X509_F_X509_STORE_ADD_CRL 125
1261#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
1262#define X509_F_X509_TO_X509_REQ 126
1263#define X509_F_X509_TRUST_ADD 133
1264#define X509_F_X509_VERIFY_CERT 127
1265
1266/* Reason codes. */
1267#define X509_R_BAD_X509_FILETYPE 100
1268#define X509_R_BASE64_DECODE_ERROR 118
1269#define X509_R_CANT_CHECK_DH_KEY 114
1270#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
1271#define X509_R_ERR_ASN1_LIB 102
1272#define X509_R_INVALID_DIRECTORY 113
1273#define X509_R_INVALID_FIELD_NAME 119
1274#define X509_R_KEY_TYPE_MISMATCH 115
1275#define X509_R_KEY_VALUES_MISMATCH 116
1276#define X509_R_LOADING_CERT_DIR 103
1277#define X509_R_LOADING_DEFAULTS 104
1278#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
1279#define X509_R_SHOULD_RETRY 106
1280#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
1281#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
1282#define X509_R_UNKNOWN_KEY_TYPE 117
1283#define X509_R_UNKNOWN_NID 109
1284#define X509_R_UNKNOWN_PURPOSE_ID 121
1285#define X509_R_UNKNOWN_TRUST_ID 120
1286#define X509_R_UNSUPPORTED_ALGORITHM 111
1287#define X509_R_WRONG_LOOKUP_TYPE 112
1288#define X509_R_WRONG_TYPE 122
1289
1290#ifdef __cplusplus
1291}
1292#endif
1293#endif
1294
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c
deleted file mode 100644
index caafde658f..0000000000
--- a/src/lib/libcrypto/x509/x509_att.c
+++ /dev/null
@@ -1,326 +0,0 @@
1/* crypto/x509/x509_att.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/stack.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66#include <openssl/x509v3.h>
67
68int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
69{
70 if (!x) return 0;
71 return(sk_X509_ATTRIBUTE_num(x));
72}
73
74int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
75 int lastpos)
76{
77 ASN1_OBJECT *obj;
78
79 obj=OBJ_nid2obj(nid);
80 if (obj == NULL) return(-2);
81 return(X509at_get_attr_by_OBJ(x,obj,lastpos));
82}
83
84int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
85 int lastpos)
86{
87 int n;
88 X509_ATTRIBUTE *ex;
89
90 if (sk == NULL) return(-1);
91 lastpos++;
92 if (lastpos < 0)
93 lastpos=0;
94 n=sk_X509_ATTRIBUTE_num(sk);
95 for ( ; lastpos < n; lastpos++)
96 {
97 ex=sk_X509_ATTRIBUTE_value(sk,lastpos);
98 if (OBJ_cmp(ex->object,obj) == 0)
99 return(lastpos);
100 }
101 return(-1);
102}
103
104X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
105{
106 if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
107 return NULL;
108 else
109 return sk_X509_ATTRIBUTE_value(x,loc);
110}
111
112X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
113{
114 X509_ATTRIBUTE *ret;
115
116 if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
117 return(NULL);
118 ret=sk_X509_ATTRIBUTE_delete(x,loc);
119 return(ret);
120}
121
122STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
123 X509_ATTRIBUTE *attr)
124{
125 X509_ATTRIBUTE *new_attr=NULL;
126 STACK_OF(X509_ATTRIBUTE) *sk=NULL;
127
128 if ((x != NULL) && (*x == NULL))
129 {
130 if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL)
131 goto err;
132 }
133 else
134 sk= *x;
135
136 if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL)
137 goto err2;
138 if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
139 goto err;
140 if ((x != NULL) && (*x == NULL))
141 *x=sk;
142 return(sk);
143err:
144 X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE);
145err2:
146 if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr);
147 if (sk != NULL) sk_X509_ATTRIBUTE_free(sk);
148 return(NULL);
149}
150
151STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
152 ASN1_OBJECT *obj, int type,
153 unsigned char *bytes, int len)
154{
155 X509_ATTRIBUTE *attr;
156 STACK_OF(X509_ATTRIBUTE) *ret;
157 attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
158 if(!attr) return 0;
159 ret = X509at_add1_attr(x, attr);
160 X509_ATTRIBUTE_free(attr);
161 return ret;
162}
163
164STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
165 int nid, int type,
166 unsigned char *bytes, int len)
167{
168 X509_ATTRIBUTE *attr;
169 STACK_OF(X509_ATTRIBUTE) *ret;
170 attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
171 if(!attr) return 0;
172 ret = X509at_add1_attr(x, attr);
173 X509_ATTRIBUTE_free(attr);
174 return ret;
175}
176
177STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
178 char *attrname, int type,
179 unsigned char *bytes, int len)
180{
181 X509_ATTRIBUTE *attr;
182 STACK_OF(X509_ATTRIBUTE) *ret;
183 attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
184 if(!attr) return 0;
185 ret = X509at_add1_attr(x, attr);
186 X509_ATTRIBUTE_free(attr);
187 return ret;
188}
189
190X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
191 int atrtype, void *data, int len)
192{
193 ASN1_OBJECT *obj;
194 X509_ATTRIBUTE *ret;
195
196 obj=OBJ_nid2obj(nid);
197 if (obj == NULL)
198 {
199 X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID);
200 return(NULL);
201 }
202 ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len);
203 if (ret == NULL) ASN1_OBJECT_free(obj);
204 return(ret);
205}
206
207X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
208 ASN1_OBJECT *obj, int atrtype, void *data, int len)
209{
210 X509_ATTRIBUTE *ret;
211
212 if ((attr == NULL) || (*attr == NULL))
213 {
214 if ((ret=X509_ATTRIBUTE_new()) == NULL)
215 {
216 X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
217 return(NULL);
218 }
219 }
220 else
221 ret= *attr;
222
223 if (!X509_ATTRIBUTE_set1_object(ret,obj))
224 goto err;
225 if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len))
226 goto err;
227
228 if ((attr != NULL) && (*attr == NULL)) *attr=ret;
229 return(ret);
230err:
231 if ((attr == NULL) || (ret != *attr))
232 X509_ATTRIBUTE_free(ret);
233 return(NULL);
234}
235
236X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
237 char *atrname, int type, unsigned char *bytes, int len)
238 {
239 ASN1_OBJECT *obj;
240 X509_ATTRIBUTE *nattr;
241
242 obj=OBJ_txt2obj(atrname, 0);
243 if (obj == NULL)
244 {
245 X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
246 X509_R_INVALID_FIELD_NAME);
247 ERR_add_error_data(2, "name=", atrname);
248 return(NULL);
249 }
250 nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len);
251 ASN1_OBJECT_free(obj);
252 return nattr;
253 }
254
255int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
256{
257 if ((attr == NULL) || (obj == NULL))
258 return(0);
259 ASN1_OBJECT_free(attr->object);
260 attr->object=OBJ_dup(obj);
261 return(1);
262}
263
264int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
265{
266 ASN1_TYPE *ttmp;
267 ASN1_STRING *stmp;
268 int atype;
269 if (!attr) return 0;
270 if(attrtype & MBSTRING_FLAG) {
271 stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
272 OBJ_obj2nid(attr->object));
273 if(!stmp) {
274 X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
275 return 0;
276 }
277 atype = stmp->type;
278 } else {
279 if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
280 if(!ASN1_STRING_set(stmp, data, len)) goto err;
281 atype = attrtype;
282 }
283 if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
284 if(!(ttmp = ASN1_TYPE_new())) goto err;
285 if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
286 attr->set = 1;
287 ASN1_TYPE_set(ttmp, atype, stmp);
288 return 1;
289 err:
290 X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
291 return 0;
292}
293
294int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
295{
296 if(attr->set) return sk_ASN1_TYPE_num(attr->value.set);
297 if(attr->value.single) return 1;
298 return 0;
299}
300
301ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
302{
303 if (attr == NULL) return(NULL);
304 return(attr->object);
305}
306
307void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
308 int atrtype, void *data)
309{
310 ASN1_TYPE *ttmp;
311 ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
312 if(!ttmp) return NULL;
313 if(atrtype != ASN1_TYPE_get(ttmp)){
314 X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
315 return NULL;
316 }
317 return ttmp->value.ptr;
318}
319
320ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
321{
322 if (attr == NULL) return(NULL);
323 if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
324 if(attr->set) return sk_ASN1_TYPE_value(attr->value.set, idx);
325 else return attr->value.single;
326}
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
deleted file mode 100644
index 3f9f9b3d47..0000000000
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ /dev/null
@@ -1,308 +0,0 @@
1/* crypto/x509/x509_cmp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include <openssl/x509v3.h>
65
66int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
67 {
68 int i;
69 X509_CINF *ai,*bi;
70
71 ai=a->cert_info;
72 bi=b->cert_info;
73 i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
74 if (i) return(i);
75 return(X509_NAME_cmp(ai->issuer,bi->issuer));
76 }
77
78#ifndef NO_MD5
79unsigned long X509_issuer_and_serial_hash(X509 *a)
80 {
81 unsigned long ret=0;
82 MD5_CTX ctx;
83 unsigned char md[16];
84 char str[256];
85
86 X509_NAME_oneline(a->cert_info->issuer,str,256);
87 ret=strlen(str);
88 MD5_Init(&ctx);
89 MD5_Update(&ctx,(unsigned char *)str,ret);
90 MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
91 (unsigned long)a->cert_info->serialNumber->length);
92 MD5_Final(&(md[0]),&ctx);
93 ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
94 ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
95 )&0xffffffffL;
96 return(ret);
97 }
98#endif
99
100int X509_issuer_name_cmp(const X509 *a, const X509 *b)
101 {
102 return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
103 }
104
105int X509_subject_name_cmp(const X509 *a, const X509 *b)
106 {
107 return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
108 }
109
110int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
111 {
112 return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
113 }
114
115X509_NAME *X509_get_issuer_name(X509 *a)
116 {
117 return(a->cert_info->issuer);
118 }
119
120unsigned long X509_issuer_name_hash(X509 *x)
121 {
122 return(X509_NAME_hash(x->cert_info->issuer));
123 }
124
125X509_NAME *X509_get_subject_name(X509 *a)
126 {
127 return(a->cert_info->subject);
128 }
129
130ASN1_INTEGER *X509_get_serialNumber(X509 *a)
131 {
132 return(a->cert_info->serialNumber);
133 }
134
135unsigned long X509_subject_name_hash(X509 *x)
136 {
137 return(X509_NAME_hash(x->cert_info->subject));
138 }
139
140#ifndef NO_SHA
141/* Compare two certificates: they must be identical for
142 * this to work. NB: Although "cmp" operations are generally
143 * prototyped to take "const" arguments (eg. for use in
144 * STACKs), the way X509 handling is - these operations may
145 * involve ensuring the hashes are up-to-date and ensuring
146 * certain cert information is cached. So this is the point
147 * where the "depth-first" constification tree has to halt
148 * with an evil cast.
149 */
150int X509_cmp(const X509 *a, const X509 *b)
151{
152 /* ensure hash is valid */
153 X509_check_purpose((X509 *)a, -1, 0);
154 X509_check_purpose((X509 *)b, -1, 0);
155
156 return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
157}
158#endif
159
160int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
161 {
162 int i,j;
163 X509_NAME_ENTRY *na,*nb;
164
165 if (sk_X509_NAME_ENTRY_num(a->entries)
166 != sk_X509_NAME_ENTRY_num(b->entries))
167 return sk_X509_NAME_ENTRY_num(a->entries)
168 -sk_X509_NAME_ENTRY_num(b->entries);
169 for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
170 {
171 na=sk_X509_NAME_ENTRY_value(a->entries,i);
172 nb=sk_X509_NAME_ENTRY_value(b->entries,i);
173 j=na->value->length-nb->value->length;
174 if (j) return(j);
175 j=memcmp(na->value->data,nb->value->data,
176 na->value->length);
177 if (j) return(j);
178 j=na->set-nb->set;
179 if (j) return(j);
180 }
181
182 /* We will check the object types after checking the values
183 * since the values will more often be different than the object
184 * types. */
185 for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
186 {
187 na=sk_X509_NAME_ENTRY_value(a->entries,i);
188 nb=sk_X509_NAME_ENTRY_value(b->entries,i);
189 j=OBJ_cmp(na->object,nb->object);
190 if (j) return(j);
191 }
192 return(0);
193 }
194
195#ifndef NO_MD5
196/* I now DER encode the name and hash it. Since I cache the DER encoding,
197 * this is reasonably efficient. */
198unsigned long X509_NAME_hash(X509_NAME *x)
199 {
200 unsigned long ret=0;
201 unsigned char md[16];
202
203 /* Ensure cached version is up to date */
204 i2d_X509_NAME(x,NULL);
205 /* Use cached encoding directly rather than copying: this should
206 * keep libsafe happy.
207 */
208 MD5((unsigned char *)x->bytes->data,x->bytes->length,&(md[0]));
209
210 ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
211 ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
212 )&0xffffffffL;
213 return(ret);
214 }
215#endif
216
217/* Search a stack of X509 for a match */
218X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
219 ASN1_INTEGER *serial)
220 {
221 int i;
222 X509_CINF cinf;
223 X509 x,*x509=NULL;
224
225 if(!sk) return NULL;
226
227 x.cert_info= &cinf;
228 cinf.serialNumber=serial;
229 cinf.issuer=name;
230
231 for (i=0; i<sk_X509_num(sk); i++)
232 {
233 x509=sk_X509_value(sk,i);
234 if (X509_issuer_and_serial_cmp(x509,&x) == 0)
235 return(x509);
236 }
237 return(NULL);
238 }
239
240X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
241 {
242 X509 *x509;
243 int i;
244
245 for (i=0; i<sk_X509_num(sk); i++)
246 {
247 x509=sk_X509_value(sk,i);
248 if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
249 return(x509);
250 }
251 return(NULL);
252 }
253
254EVP_PKEY *X509_get_pubkey(X509 *x)
255 {
256 if ((x == NULL) || (x->cert_info == NULL))
257 return(NULL);
258 return(X509_PUBKEY_get(x->cert_info->key));
259 }
260
261int X509_check_private_key(X509 *x, EVP_PKEY *k)
262 {
263 EVP_PKEY *xk=NULL;
264 int ok=0;
265
266 xk=X509_get_pubkey(x);
267 if (xk->type != k->type)
268 {
269 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
270 goto err;
271 }
272 switch (k->type)
273 {
274#ifndef NO_RSA
275 case EVP_PKEY_RSA:
276 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
277 || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0)
278 {
279 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
280 goto err;
281 }
282 break;
283#endif
284#ifndef NO_DSA
285 case EVP_PKEY_DSA:
286 if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
287 {
288 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
289 goto err;
290 }
291 break;
292#endif
293#ifndef NO_DH
294 case EVP_PKEY_DH:
295 /* No idea */
296 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
297 goto err;
298#endif
299 default:
300 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
301 goto err;
302 }
303
304 ok=1;
305err:
306 EVP_PKEY_free(xk);
307 return(ok);
308 }
diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c
deleted file mode 100644
index 753d53eb43..0000000000
--- a/src/lib/libcrypto/x509/x509_d2.c
+++ /dev/null
@@ -1,107 +0,0 @@
1/* crypto/x509/x509_d2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/crypto.h>
62#include <openssl/x509.h>
63
64#ifndef NO_STDIO
65int X509_STORE_set_default_paths(X509_STORE *ctx)
66 {
67 X509_LOOKUP *lookup;
68
69 lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
70 if (lookup == NULL) return(0);
71 X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
72
73 lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
74 if (lookup == NULL) return(0);
75 X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
76
77 /* clear any errors */
78 ERR_clear_error();
79
80 return(1);
81 }
82
83int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
84 const char *path)
85 {
86 X509_LOOKUP *lookup;
87
88 if (file != NULL)
89 {
90 lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
91 if (lookup == NULL) return(0);
92 if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1)
93 return(0);
94 }
95 if (path != NULL)
96 {
97 lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
98 if (lookup == NULL) return(0);
99 if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1)
100 return(0);
101 }
102 if ((path == NULL) && (file == NULL))
103 return(0);
104 return(1);
105 }
106
107#endif
diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c
deleted file mode 100644
index e0ac151a76..0000000000
--- a/src/lib/libcrypto/x509/x509_def.c
+++ /dev/null
@@ -1,81 +0,0 @@
1/* crypto/x509/x509_def.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/crypto.h>
62#include <openssl/x509.h>
63
64const char *X509_get_default_private_dir(void)
65 { return(X509_PRIVATE_DIR); }
66
67const char *X509_get_default_cert_area(void)
68 { return(X509_CERT_AREA); }
69
70const char *X509_get_default_cert_dir(void)
71 { return(X509_CERT_DIR); }
72
73const char *X509_get_default_cert_file(void)
74 { return(X509_CERT_FILE); }
75
76const char *X509_get_default_cert_dir_env(void)
77 { return(X509_CERT_DIR_EVP); }
78
79const char *X509_get_default_cert_file_env(void)
80 { return(X509_CERT_FILE_EVP); }
81
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c
deleted file mode 100644
index 848add56e9..0000000000
--- a/src/lib/libcrypto/x509/x509_err.c
+++ /dev/null
@@ -1,152 +0,0 @@
1/* crypto/x509/x509_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/x509.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA X509_str_functs[]=
68 {
69{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"},
70{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"},
71{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
72{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"},
73{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0), "NETSCAPE_SPKI_b64_decode"},
74{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0), "NETSCAPE_SPKI_b64_encode"},
75{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"},
76{ERR_PACK(0,X509_F_X509_ADD_ATTR,0), "X509_ADD_ATTR"},
77{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0), "X509_ATTRIBUTE_create_by_NID"},
78{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0), "X509_ATTRIBUTE_create_by_OBJ"},
79{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0), "X509_ATTRIBUTE_create_by_txt"},
80{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0), "X509_ATTRIBUTE_get0_data"},
81{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0), "X509_ATTRIBUTE_set1_data"},
82{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"},
83{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
84{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
85{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"},
86{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0), "X509_load_cert_crl_file"},
87{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"},
88{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"},
89{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"},
90{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"},
91{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0), "X509_NAME_ENTRY_create_by_txt"},
92{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"},
93{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"},
94{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"},
95{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"},
96{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"},
97{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"},
98{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"},
99{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"},
100{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"},
101{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"},
102{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"},
103{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0), "X509_STORE_CTX_purpose_inherit"},
104{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"},
105{ERR_PACK(0,X509_F_X509_TRUST_ADD,0), "X509_TRUST_add"},
106{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"},
107{0,NULL}
108 };
109
110static ERR_STRING_DATA X509_str_reasons[]=
111 {
112{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"},
113{X509_R_BASE64_DECODE_ERROR ,"base64 decode error"},
114{X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"},
115{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"},
116{X509_R_ERR_ASN1_LIB ,"err asn1 lib"},
117{X509_R_INVALID_DIRECTORY ,"invalid directory"},
118{X509_R_INVALID_FIELD_NAME ,"invalid field name"},
119{X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"},
120{X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"},
121{X509_R_LOADING_CERT_DIR ,"loading cert dir"},
122{X509_R_LOADING_DEFAULTS ,"loading defaults"},
123{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"},
124{X509_R_SHOULD_RETRY ,"should retry"},
125{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
126{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"},
127{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"},
128{X509_R_UNKNOWN_NID ,"unknown nid"},
129{X509_R_UNKNOWN_PURPOSE_ID ,"unknown purpose id"},
130{X509_R_UNKNOWN_TRUST_ID ,"unknown trust id"},
131{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"},
132{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"},
133{X509_R_WRONG_TYPE ,"wrong type"},
134{0,NULL}
135 };
136
137#endif
138
139void ERR_load_X509_strings(void)
140 {
141 static int init=1;
142
143 if (init)
144 {
145 init=0;
146#ifndef NO_ERR
147 ERR_load_strings(ERR_LIB_X509,X509_str_functs);
148 ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
149#endif
150
151 }
152 }
diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c
deleted file mode 100644
index 2955989807..0000000000
--- a/src/lib/libcrypto/x509/x509_ext.c
+++ /dev/null
@@ -1,191 +0,0 @@
1/* crypto/x509/x509_ext.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/stack.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66#include <openssl/x509v3.h>
67
68
69int X509_CRL_get_ext_count(X509_CRL *x)
70 {
71 return(X509v3_get_ext_count(x->crl->extensions));
72 }
73
74int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
75 {
76 return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos));
77 }
78
79int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
80 {
81 return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos));
82 }
83
84int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
85 {
86 return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos));
87 }
88
89X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc)
90 {
91 return(X509v3_get_ext(x->crl->extensions,loc));
92 }
93
94X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
95 {
96 return(X509v3_delete_ext(x->crl->extensions,loc));
97 }
98
99void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx)
100{
101 return X509V3_get_d2i(x->crl->extensions, nid, crit, idx);
102}
103
104int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
105 {
106 return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
107 }
108
109int X509_get_ext_count(X509 *x)
110 {
111 return(X509v3_get_ext_count(x->cert_info->extensions));
112 }
113
114int X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
115 {
116 return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos));
117 }
118
119int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
120 {
121 return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos));
122 }
123
124int X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
125 {
126 return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos));
127 }
128
129X509_EXTENSION *X509_get_ext(X509 *x, int loc)
130 {
131 return(X509v3_get_ext(x->cert_info->extensions,loc));
132 }
133
134X509_EXTENSION *X509_delete_ext(X509 *x, int loc)
135 {
136 return(X509v3_delete_ext(x->cert_info->extensions,loc));
137 }
138
139int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
140 {
141 return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
142 }
143
144void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
145{
146 return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx);
147}
148
149int X509_REVOKED_get_ext_count(X509_REVOKED *x)
150 {
151 return(X509v3_get_ext_count(x->extensions));
152 }
153
154int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
155 {
156 return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos));
157 }
158
159int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
160 int lastpos)
161 {
162 return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos));
163 }
164
165int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
166 {
167 return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos));
168 }
169
170X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
171 {
172 return(X509v3_get_ext(x->extensions,loc));
173 }
174
175X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
176 {
177 return(X509v3_delete_ext(x->extensions,loc));
178 }
179
180int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
181 {
182 return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
183 }
184
185void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx)
186{
187 return X509V3_get_d2i(x->extensions, nid, crit, idx);
188}
189
190IMPLEMENT_STACK_OF(X509_EXTENSION)
191IMPLEMENT_ASN1_SET_OF(X509_EXTENSION)
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
deleted file mode 100644
index 863c738cad..0000000000
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ /dev/null
@@ -1,529 +0,0 @@
1/* crypto/x509/x509_lu.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/lhash.h>
62#include <openssl/x509.h>
63
64static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL;
65
66X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
67 {
68 X509_LOOKUP *ret;
69
70 ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
71 if (ret == NULL) return NULL;
72
73 ret->init=0;
74 ret->skip=0;
75 ret->method=method;
76 ret->method_data=NULL;
77 ret->store_ctx=NULL;
78 if ((method->new_item != NULL) && !method->new_item(ret))
79 {
80 OPENSSL_free(ret);
81 return NULL;
82 }
83 return ret;
84 }
85
86void X509_LOOKUP_free(X509_LOOKUP *ctx)
87 {
88 if (ctx == NULL) return;
89 if ( (ctx->method != NULL) &&
90 (ctx->method->free != NULL))
91 ctx->method->free(ctx);
92 OPENSSL_free(ctx);
93 }
94
95int X509_LOOKUP_init(X509_LOOKUP *ctx)
96 {
97 if (ctx->method == NULL) return 0;
98 if (ctx->method->init != NULL)
99 return ctx->method->init(ctx);
100 else
101 return 1;
102 }
103
104int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
105 {
106 if (ctx->method == NULL) return 0;
107 if (ctx->method->shutdown != NULL)
108 return ctx->method->shutdown(ctx);
109 else
110 return 1;
111 }
112
113int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
114 char **ret)
115 {
116 if (ctx->method == NULL) return -1;
117 if (ctx->method->ctrl != NULL)
118 return ctx->method->ctrl(ctx,cmd,argc,argl,ret);
119 else
120 return 1;
121 }
122
123int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
124 X509_OBJECT *ret)
125 {
126 if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
127 return X509_LU_FAIL;
128 if (ctx->skip) return 0;
129 return ctx->method->get_by_subject(ctx,type,name,ret);
130 }
131
132int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
133 ASN1_INTEGER *serial, X509_OBJECT *ret)
134 {
135 if ((ctx->method == NULL) ||
136 (ctx->method->get_by_issuer_serial == NULL))
137 return X509_LU_FAIL;
138 return ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret);
139 }
140
141int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
142 unsigned char *bytes, int len, X509_OBJECT *ret)
143 {
144 if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
145 return X509_LU_FAIL;
146 return ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret);
147 }
148
149int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
150 X509_OBJECT *ret)
151 {
152 if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
153 return X509_LU_FAIL;
154 return ctx->method->get_by_alias(ctx,type,str,len,ret);
155 }
156
157
158static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b)
159 {
160 int ret;
161
162 ret=((*a)->type - (*b)->type);
163 if (ret) return ret;
164 switch ((*a)->type)
165 {
166 case X509_LU_X509:
167 ret=X509_subject_name_cmp((*a)->data.x509,(*b)->data.x509);
168 break;
169 case X509_LU_CRL:
170 ret=X509_CRL_cmp((*a)->data.crl,(*b)->data.crl);
171 break;
172 default:
173 /* abort(); */
174 return 0;
175 }
176 return ret;
177 }
178
179X509_STORE *X509_STORE_new(void)
180 {
181 X509_STORE *ret;
182
183 if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
184 return NULL;
185 ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
186 ret->cache=1;
187 ret->get_cert_methods=sk_X509_LOOKUP_new_null();
188 ret->verify=NULL;
189 ret->verify_cb=NULL;
190 memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
191 ret->references=1;
192 ret->depth=0;
193 return ret;
194 }
195
196static void cleanup(X509_OBJECT *a)
197 {
198 if (a->type == X509_LU_X509)
199 {
200 X509_free(a->data.x509);
201 }
202 else if (a->type == X509_LU_CRL)
203 {
204 X509_CRL_free(a->data.crl);
205 }
206 else
207 {
208 /* abort(); */
209 }
210
211 OPENSSL_free(a);
212 }
213
214void X509_STORE_free(X509_STORE *vfy)
215 {
216 int i;
217 STACK_OF(X509_LOOKUP) *sk;
218 X509_LOOKUP *lu;
219
220 if (vfy == NULL)
221 return;
222
223 sk=vfy->get_cert_methods;
224 for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
225 {
226 lu=sk_X509_LOOKUP_value(sk,i);
227 X509_LOOKUP_shutdown(lu);
228 X509_LOOKUP_free(lu);
229 }
230 sk_X509_LOOKUP_free(sk);
231 sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
232
233 CRYPTO_free_ex_data(x509_store_meth,vfy,&vfy->ex_data);
234 OPENSSL_free(vfy);
235 }
236
237X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
238 {
239 int i;
240 STACK_OF(X509_LOOKUP) *sk;
241 X509_LOOKUP *lu;
242
243 sk=v->get_cert_methods;
244 for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
245 {
246 lu=sk_X509_LOOKUP_value(sk,i);
247 if (m == lu->method)
248 {
249 return lu;
250 }
251 }
252 /* a new one */
253 lu=X509_LOOKUP_new(m);
254 if (lu == NULL)
255 return NULL;
256 else
257 {
258 lu->store_ctx=v;
259 if (sk_X509_LOOKUP_push(v->get_cert_methods,lu))
260 return lu;
261 else
262 {
263 X509_LOOKUP_free(lu);
264 return NULL;
265 }
266 }
267 }
268
269int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
270 X509_OBJECT *ret)
271 {
272 X509_STORE *ctx=vs->ctx;
273 X509_LOOKUP *lu;
274 X509_OBJECT stmp,*tmp;
275 int i,j;
276
277 tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name);
278
279 if (tmp == NULL)
280 {
281 for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++)
282 {
283 lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i);
284 j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
285 if (j < 0)
286 {
287 vs->current_method=j;
288 return j;
289 }
290 else if (j)
291 {
292 tmp= &stmp;
293 break;
294 }
295 }
296 vs->current_method=0;
297 if (tmp == NULL)
298 return 0;
299 }
300
301/* if (ret->data.ptr != NULL)
302 X509_OBJECT_free_contents(ret); */
303
304 ret->type=tmp->type;
305 ret->data.ptr=tmp->data.ptr;
306
307 X509_OBJECT_up_ref_count(ret);
308
309 return 1;
310 }
311
312int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
313 {
314 X509_OBJECT *obj;
315 int ret=1;
316
317 if (x == NULL) return 0;
318 obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
319 if (obj == NULL)
320 {
321 X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
322 return 0;
323 }
324 obj->type=X509_LU_X509;
325 obj->data.x509=x;
326
327 CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
328
329 X509_OBJECT_up_ref_count(obj);
330
331
332 if (X509_OBJECT_retrieve_match(ctx->objs, obj))
333 {
334 X509_OBJECT_free_contents(obj);
335 OPENSSL_free(obj);
336 X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE);
337 ret=0;
338 }
339 else sk_X509_OBJECT_push(ctx->objs, obj);
340
341 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
342
343 return ret;
344 }
345
346int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
347 {
348 X509_OBJECT *obj;
349 int ret=1;
350
351 if (x == NULL) return 0;
352 obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
353 if (obj == NULL)
354 {
355 X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE);
356 return 0;
357 }
358 obj->type=X509_LU_CRL;
359 obj->data.crl=x;
360
361 CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
362
363 X509_OBJECT_up_ref_count(obj);
364
365 if (X509_OBJECT_retrieve_match(ctx->objs, obj))
366 {
367 X509_OBJECT_free_contents(obj);
368 OPENSSL_free(obj);
369 X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE);
370 ret=0;
371 }
372 else sk_X509_OBJECT_push(ctx->objs, obj);
373
374 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
375
376 return ret;
377 }
378
379void X509_OBJECT_up_ref_count(X509_OBJECT *a)
380 {
381 switch (a->type)
382 {
383 case X509_LU_X509:
384 CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509);
385 break;
386 case X509_LU_CRL:
387 CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
388 break;
389 }
390 }
391
392void X509_OBJECT_free_contents(X509_OBJECT *a)
393 {
394 switch (a->type)
395 {
396 case X509_LU_X509:
397 X509_free(a->data.x509);
398 break;
399 case X509_LU_CRL:
400 X509_CRL_free(a->data.crl);
401 break;
402 }
403 }
404
405int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
406 X509_NAME *name)
407 {
408 X509_OBJECT stmp;
409 X509 x509_s;
410 X509_CINF cinf_s;
411 X509_CRL crl_s;
412 X509_CRL_INFO crl_info_s;
413
414 stmp.type=type;
415 switch (type)
416 {
417 case X509_LU_X509:
418 stmp.data.x509= &x509_s;
419 x509_s.cert_info= &cinf_s;
420 cinf_s.subject=name;
421 break;
422 case X509_LU_CRL:
423 stmp.data.crl= &crl_s;
424 crl_s.crl= &crl_info_s;
425 crl_info_s.issuer=name;
426 break;
427 default:
428 /* abort(); */
429 return -1;
430 }
431
432 return sk_X509_OBJECT_find(h,&stmp);
433 }
434
435X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
436 X509_NAME *name)
437{
438 int idx;
439 idx = X509_OBJECT_idx_by_subject(h, type, name);
440 if (idx==-1) return NULL;
441 return sk_X509_OBJECT_value(h, idx);
442}
443
444X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x)
445{
446 int idx, i;
447 X509_OBJECT *obj;
448 idx = sk_X509_OBJECT_find(h, x);
449 if (idx == -1) return NULL;
450 if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx);
451 for (i = idx; i < sk_X509_OBJECT_num(h); i++)
452 {
453 obj = sk_X509_OBJECT_value(h, i);
454 if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
455 return NULL;
456 if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509))
457 return obj;
458 }
459 return NULL;
460}
461
462
463/* Try to get issuer certificate from store. Due to limitations
464 * of the API this can only retrieve a single certificate matching
465 * a given subject name. However it will fill the cache with all
466 * matching certificates, so we can examine the cache for all
467 * matches.
468 *
469 * Return values are:
470 * 1 lookup successful.
471 * 0 certificate not found.
472 * -1 some other error.
473 */
474
475
476int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
477{
478 X509_NAME *xn;
479 X509_OBJECT obj, *pobj;
480 int i, ok, idx;
481 xn=X509_get_issuer_name(x);
482 ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj);
483 if (ok != X509_LU_X509)
484 {
485 if (ok == X509_LU_RETRY)
486 {
487 X509_OBJECT_free_contents(&obj);
488 X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
489 return -1;
490 }
491 else if (ok != X509_LU_FAIL)
492 {
493 X509_OBJECT_free_contents(&obj);
494 /* not good :-(, break anyway */
495 return -1;
496 }
497 return 0;
498 }
499 /* If certificate matches all OK */
500 if (ctx->check_issued(ctx, x, obj.data.x509))
501 {
502 *issuer = obj.data.x509;
503 return 1;
504 }
505 X509_OBJECT_free_contents(&obj);
506 /* Else find index of first matching cert */
507 idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
508 /* This shouldn't normally happen since we already have one match */
509 if (idx == -1) return 0;
510
511 /* Look through all matching certificates for a suitable issuer */
512 for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++)
513 {
514 pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
515 /* See if we've ran out of matches */
516 if (pobj->type != X509_LU_X509) return 0;
517 if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0;
518 if (ctx->check_issued(ctx, x, pobj->data.x509))
519 {
520 *issuer = pobj->data.x509;
521 X509_OBJECT_up_ref_count(pobj);
522 return 1;
523 }
524 }
525 return 0;
526}
527
528IMPLEMENT_STACK_OF(X509_LOOKUP)
529IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c
deleted file mode 100644
index f0271fdfa1..0000000000
--- a/src/lib/libcrypto/x509/x509_obj.c
+++ /dev/null
@@ -1,225 +0,0 @@
1/* crypto/x509/x509_obj.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/lhash.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include <openssl/buffer.h>
65
66char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
67 {
68 X509_NAME_ENTRY *ne;
69int i;
70 int n,lold,l,l1,l2,num,j,type;
71 const char *s;
72 char *p;
73 unsigned char *q;
74 BUF_MEM *b=NULL;
75 static char hex[17]="0123456789ABCDEF";
76 int gs_doit[4];
77 char tmp_buf[80];
78#ifdef CHARSET_EBCDIC
79 char ebcdic_buf[1024];
80#endif
81
82 if (buf == NULL)
83 {
84 if ((b=BUF_MEM_new()) == NULL) goto err;
85 if (!BUF_MEM_grow(b,200)) goto err;
86 b->data[0]='\0';
87 len=200;
88 }
89 if (a == NULL)
90 {
91 if(b)
92 {
93 buf=b->data;
94 OPENSSL_free(b);
95 }
96 strncpy(buf,"NO X509_NAME",len);
97 return buf;
98 }
99
100 len--; /* space for '\0' */
101 l=0;
102 for (i=0; i<sk_X509_NAME_ENTRY_num(a->entries); i++)
103 {
104 ne=sk_X509_NAME_ENTRY_value(a->entries,i);
105 n=OBJ_obj2nid(ne->object);
106 if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL))
107 {
108 i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object);
109 s=tmp_buf;
110 }
111 l1=strlen(s);
112
113 type=ne->value->type;
114 num=ne->value->length;
115 q=ne->value->data;
116#ifdef CHARSET_EBCDIC
117 if (type == V_ASN1_GENERALSTRING ||
118 type == V_ASN1_VISIBLESTRING ||
119 type == V_ASN1_PRINTABLESTRING ||
120 type == V_ASN1_TELETEXSTRING ||
121 type == V_ASN1_VISIBLESTRING ||
122 type == V_ASN1_IA5STRING) {
123 ascii2ebcdic(ebcdic_buf, q,
124 (num > sizeof ebcdic_buf)
125 ? sizeof ebcdic_buf : num);
126 q=ebcdic_buf;
127 }
128#endif
129
130 if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
131 {
132 gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0;
133 for (j=0; j<num; j++)
134 if (q[j] != 0) gs_doit[j&3]=1;
135
136 if (gs_doit[0]|gs_doit[1]|gs_doit[2])
137 gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
138 else
139 {
140 gs_doit[0]=gs_doit[1]=gs_doit[2]=0;
141 gs_doit[3]=1;
142 }
143 }
144 else
145 gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
146
147 for (l2=j=0; j<num; j++)
148 {
149 if (!gs_doit[j&3]) continue;
150 l2++;
151#ifndef CHARSET_EBCDIC
152 if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
153#else
154 if ((os_toascii[q[j]] < os_toascii[' ']) ||
155 (os_toascii[q[j]] > os_toascii['~'])) l2+=3;
156#endif
157 }
158
159 lold=l;
160 l+=1+l1+1+l2;
161 if (b != NULL)
162 {
163 if (!BUF_MEM_grow(b,l+1)) goto err;
164 p= &(b->data[lold]);
165 }
166 else if (l > len)
167 {
168 break;
169 }
170 else
171 p= &(buf[lold]);
172 *(p++)='/';
173 memcpy(p,s,(unsigned int)l1); p+=l1;
174 *(p++)='=';
175
176#ifndef CHARSET_EBCDIC /* q was assigned above already. */
177 q=ne->value->data;
178#endif
179
180 for (j=0; j<num; j++)
181 {
182 if (!gs_doit[j&3]) continue;
183#ifndef CHARSET_EBCDIC
184 n=q[j];
185 if ((n < ' ') || (n > '~'))
186 {
187 *(p++)='\\';
188 *(p++)='x';
189 *(p++)=hex[(n>>4)&0x0f];
190 *(p++)=hex[n&0x0f];
191 }
192 else
193 *(p++)=n;
194#else
195 n=os_toascii[q[j]];
196 if ((n < os_toascii[' ']) ||
197 (n > os_toascii['~']))
198 {
199 *(p++)='\\';
200 *(p++)='x';
201 *(p++)=hex[(n>>4)&0x0f];
202 *(p++)=hex[n&0x0f];
203 }
204 else
205 *(p++)=q[j];
206#endif
207 }
208 *p='\0';
209 }
210 if (b != NULL)
211 {
212 p=b->data;
213 OPENSSL_free(b);
214 }
215 else
216 p=buf;
217 if (i == 0)
218 *p = '\0';
219 return(p);
220err:
221 X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE);
222 if (b != NULL) BUF_MEM_free(b);
223 return(NULL);
224 }
225
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c
deleted file mode 100644
index db051033d9..0000000000
--- a/src/lib/libcrypto/x509/x509_r2x.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* crypto/x509/x509_r2x.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/evp.h>
63#include <openssl/asn1.h>
64#include <openssl/x509.h>
65#include <openssl/objects.h>
66#include <openssl/buffer.h>
67
68X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
69 {
70 X509 *ret=NULL;
71 X509_CINF *xi=NULL;
72 X509_NAME *xn;
73
74 if ((ret=X509_new()) == NULL)
75 {
76 X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE);
77 goto err;
78 }
79
80 /* duplicate the request */
81 xi=ret->cert_info;
82
83 if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0)
84 {
85 if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err;
86 if (!ASN1_INTEGER_set(xi->version,2)) goto err;
87/* xi->extensions=ri->attributes; <- bad, should not ever be done
88 ri->attributes=NULL; */
89 }
90
91 xn=X509_REQ_get_subject_name(r);
92 X509_set_subject_name(ret,X509_NAME_dup(xn));
93 X509_set_issuer_name(ret,X509_NAME_dup(xn));
94
95 X509_gmtime_adj(xi->validity->notBefore,0);
96 X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
97
98 X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
99
100 if (!X509_sign(ret,pkey,EVP_md5()))
101 goto err;
102 if (0)
103 {
104err:
105 X509_free(ret);
106 ret=NULL;
107 }
108 return(ret);
109 }
110
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
deleted file mode 100644
index 7eca1bd57a..0000000000
--- a/src/lib/libcrypto/x509/x509_req.c
+++ /dev/null
@@ -1,278 +0,0 @@
1/* crypto/x509/x509_req.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/evp.h>
63#include <openssl/asn1.h>
64#include <openssl/x509.h>
65#include <openssl/objects.h>
66#include <openssl/buffer.h>
67#include <openssl/pem.h>
68
69X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
70 {
71 X509_REQ *ret;
72 X509_REQ_INFO *ri;
73 int i;
74 EVP_PKEY *pktmp;
75
76 ret=X509_REQ_new();
77 if (ret == NULL)
78 {
79 X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE);
80 goto err;
81 }
82
83 ri=ret->req_info;
84
85 ri->version->length=1;
86 ri->version->data=(unsigned char *)OPENSSL_malloc(1);
87 if (ri->version->data == NULL) goto err;
88 ri->version->data[0]=0; /* version == 0 */
89
90 if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
91 goto err;
92
93 pktmp = X509_get_pubkey(x);
94 i=X509_REQ_set_pubkey(ret,pktmp);
95 EVP_PKEY_free(pktmp);
96 if (!i) goto err;
97
98 if (pkey != NULL)
99 {
100 if (!X509_REQ_sign(ret,pkey,md))
101 goto err;
102 }
103 return(ret);
104err:
105 X509_REQ_free(ret);
106 return(NULL);
107 }
108
109EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
110 {
111 if ((req == NULL) || (req->req_info == NULL))
112 return(NULL);
113 return(X509_PUBKEY_get(req->req_info->pubkey));
114 }
115
116/* It seems several organisations had the same idea of including a list of
117 * extensions in a certificate request. There are at least two OIDs that are
118 * used and there may be more: so the list is configurable.
119 */
120
121static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
122
123static int *ext_nids = ext_nid_list;
124
125int X509_REQ_extension_nid(int req_nid)
126{
127 int i, nid;
128 for(i = 0; ; i++) {
129 nid = ext_nids[i];
130 if(nid == NID_undef) return 0;
131 else if (req_nid == nid) return 1;
132 }
133}
134
135int *X509_REQ_get_extension_nids(void)
136{
137 return ext_nids;
138}
139
140void X509_REQ_set_extension_nids(int *nids)
141{
142 ext_nids = nids;
143}
144
145STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
146{
147 X509_ATTRIBUTE *attr;
148 STACK_OF(X509_ATTRIBUTE) *sk;
149 ASN1_TYPE *ext = NULL;
150 int i;
151 unsigned char *p;
152 if ((req == NULL) || (req->req_info == NULL))
153 return(NULL);
154 sk=req->req_info->attributes;
155 if (!sk) return NULL;
156 for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
157 attr = sk_X509_ATTRIBUTE_value(sk, i);
158 if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
159 if(attr->set && sk_ASN1_TYPE_num(attr->value.set))
160 ext = sk_ASN1_TYPE_value(attr->value.set, 0);
161 else ext = attr->value.single;
162 break;
163 }
164 }
165 if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL;
166 p = ext->value.sequence->data;
167 return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
168 ext->value.sequence->length,
169 d2i_X509_EXTENSION, X509_EXTENSION_free,
170 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
171}
172
173/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
174 * in case we want to create a non standard one.
175 */
176
177int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
178 int nid)
179{
180 unsigned char *p = NULL, *q;
181 long len;
182 ASN1_TYPE *at = NULL;
183 X509_ATTRIBUTE *attr = NULL;
184 if(!(at = ASN1_TYPE_new()) ||
185 !(at->value.sequence = ASN1_STRING_new())) goto err;
186
187 at->type = V_ASN1_SEQUENCE;
188 /* Generate encoding of extensions */
189 len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION,
190 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
191 if(!(p = OPENSSL_malloc(len))) goto err;
192 q = p;
193 i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION,
194 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
195 at->value.sequence->data = p;
196 p = NULL;
197 at->value.sequence->length = len;
198 if(!(attr = X509_ATTRIBUTE_new())) goto err;
199 if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
200 if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err;
201 at = NULL;
202 attr->set = 1;
203 attr->object = OBJ_nid2obj(nid);
204 if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
205 return 1;
206 err:
207 if(p) OPENSSL_free(p);
208 X509_ATTRIBUTE_free(attr);
209 ASN1_TYPE_free(at);
210 return 0;
211}
212/* This is the normal usage: use the "official" OID */
213int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
214{
215 return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
216}
217
218/* Request attribute functions */
219
220int X509_REQ_get_attr_count(const X509_REQ *req)
221{
222 return X509at_get_attr_count(req->req_info->attributes);
223}
224
225int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
226 int lastpos)
227{
228 return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
229}
230
231int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
232 int lastpos)
233{
234 return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
235}
236
237X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
238{
239 return X509at_get_attr(req->req_info->attributes, loc);
240}
241
242X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
243{
244 return X509at_delete_attr(req->req_info->attributes, loc);
245}
246
247int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
248{
249 if(X509at_add1_attr(&req->req_info->attributes, attr)) return 1;
250 return 0;
251}
252
253int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
254 ASN1_OBJECT *obj, int type,
255 unsigned char *bytes, int len)
256{
257 if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
258 type, bytes, len)) return 1;
259 return 0;
260}
261
262int X509_REQ_add1_attr_by_NID(X509_REQ *req,
263 int nid, int type,
264 unsigned char *bytes, int len)
265{
266 if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
267 type, bytes, len)) return 1;
268 return 0;
269}
270
271int X509_REQ_add1_attr_by_txt(X509_REQ *req,
272 char *attrname, int type,
273 unsigned char *bytes, int len)
274{
275 if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
276 type, bytes, len)) return 1;
277 return 0;
278}
diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c
deleted file mode 100644
index aaf61ca062..0000000000
--- a/src/lib/libcrypto/x509/x509_set.c
+++ /dev/null
@@ -1,150 +0,0 @@
1/* crypto/x509/x509_set.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65
66int X509_set_version(X509 *x, long version)
67 {
68 if (x == NULL) return(0);
69 if (x->cert_info->version == NULL)
70 {
71 if ((x->cert_info->version=M_ASN1_INTEGER_new()) == NULL)
72 return(0);
73 }
74 return(ASN1_INTEGER_set(x->cert_info->version,version));
75 }
76
77int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
78 {
79 ASN1_INTEGER *in;
80
81 if (x == NULL) return(0);
82 in=x->cert_info->serialNumber;
83 if (in != serial)
84 {
85 in=M_ASN1_INTEGER_dup(serial);
86 if (in != NULL)
87 {
88 M_ASN1_INTEGER_free(x->cert_info->serialNumber);
89 x->cert_info->serialNumber=in;
90 }
91 }
92 return(in != NULL);
93 }
94
95int X509_set_issuer_name(X509 *x, X509_NAME *name)
96 {
97 if ((x == NULL) || (x->cert_info == NULL)) return(0);
98 return(X509_NAME_set(&x->cert_info->issuer,name));
99 }
100
101int X509_set_subject_name(X509 *x, X509_NAME *name)
102 {
103 if ((x == NULL) || (x->cert_info == NULL)) return(0);
104 return(X509_NAME_set(&x->cert_info->subject,name));
105 }
106
107int X509_set_notBefore(X509 *x, ASN1_TIME *tm)
108 {
109 ASN1_TIME *in;
110
111 if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
112 in=x->cert_info->validity->notBefore;
113 if (in != tm)
114 {
115 in=M_ASN1_TIME_dup(tm);
116 if (in != NULL)
117 {
118 M_ASN1_TIME_free(x->cert_info->validity->notBefore);
119 x->cert_info->validity->notBefore=in;
120 }
121 }
122 return(in != NULL);
123 }
124
125int X509_set_notAfter(X509 *x, ASN1_TIME *tm)
126 {
127 ASN1_TIME *in;
128
129 if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
130 in=x->cert_info->validity->notAfter;
131 if (in != tm)
132 {
133 in=M_ASN1_TIME_dup(tm);
134 if (in != NULL)
135 {
136 M_ASN1_TIME_free(x->cert_info->validity->notAfter);
137 x->cert_info->validity->notAfter=in;
138 }
139 }
140 return(in != NULL);
141 }
142
143int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
144 {
145 if ((x == NULL) || (x->cert_info == NULL)) return(0);
146 return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
147 }
148
149
150
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
deleted file mode 100644
index 86b3b79dcc..0000000000
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ /dev/null
@@ -1,267 +0,0 @@
1/* x509_trs.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509v3.h>
62
63
64static int tr_cmp(const X509_TRUST * const *a,
65 const X509_TRUST * const *b);
66static void trtable_free(X509_TRUST *p);
67
68static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
69static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
70
71static int obj_trust(int id, X509 *x, int flags);
72static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
73
74/* WARNING: the following table should be kept in order of trust
75 * and without any gaps so we can just subtract the minimum trust
76 * value to get an index into the table
77 */
78
79static X509_TRUST trstandard[] = {
80{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
81{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
82{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL},
83{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
84};
85
86#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST))
87
88IMPLEMENT_STACK_OF(X509_TRUST)
89
90static STACK_OF(X509_TRUST) *trtable = NULL;
91
92static int tr_cmp(const X509_TRUST * const *a,
93 const X509_TRUST * const *b)
94{
95 return (*a)->trust - (*b)->trust;
96}
97
98int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
99{
100int (*oldtrust)(int , X509 *, int);
101oldtrust = default_trust;
102default_trust = trust;
103return oldtrust;
104}
105
106
107int X509_check_trust(X509 *x, int id, int flags)
108{
109 X509_TRUST *pt;
110 int idx;
111 if(id == -1) return 1;
112 idx = X509_TRUST_get_by_id(id);
113 if(idx == -1) return default_trust(id, x, flags);
114 pt = X509_TRUST_get0(idx);
115 return pt->check_trust(pt, x, flags);
116}
117
118int X509_TRUST_get_count(void)
119{
120 if(!trtable) return X509_TRUST_COUNT;
121 return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
122}
123
124X509_TRUST * X509_TRUST_get0(int idx)
125{
126 if(idx < 0) return NULL;
127 if(idx < X509_TRUST_COUNT) return trstandard + idx;
128 return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
129}
130
131int X509_TRUST_get_by_id(int id)
132{
133 X509_TRUST tmp;
134 int idx;
135 if((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
136 return id - X509_TRUST_MIN;
137 tmp.trust = id;
138 if(!trtable) return -1;
139 idx = sk_X509_TRUST_find(trtable, &tmp);
140 if(idx == -1) return -1;
141 return idx + X509_TRUST_COUNT;
142}
143
144int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
145 char *name, int arg1, void *arg2)
146{
147 int idx;
148 X509_TRUST *trtmp;
149 /* This is set according to what we change: application can't set it */
150 flags &= ~X509_TRUST_DYNAMIC;
151 /* This will always be set for application modified trust entries */
152 flags |= X509_TRUST_DYNAMIC_NAME;
153 /* Get existing entry if any */
154 idx = X509_TRUST_get_by_id(id);
155 /* Need a new entry */
156 if(idx == -1) {
157 if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) {
158 X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
159 return 0;
160 }
161 trtmp->flags = X509_TRUST_DYNAMIC;
162 } else trtmp = X509_TRUST_get0(idx);
163
164 /* OPENSSL_free existing name if dynamic */
165 if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name);
166 /* dup supplied name */
167 if(!(trtmp->name = BUF_strdup(name))) {
168 X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
169 return 0;
170 }
171 /* Keep the dynamic flag of existing entry */
172 trtmp->flags &= X509_TRUST_DYNAMIC;
173 /* Set all other flags */
174 trtmp->flags |= flags;
175
176 trtmp->trust = id;
177 trtmp->check_trust = ck;
178 trtmp->arg1 = arg1;
179 trtmp->arg2 = arg2;
180
181 /* If its a new entry manage the dynamic table */
182 if(idx == -1) {
183 if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
184 X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
185 return 0;
186 }
187 if (!sk_X509_TRUST_push(trtable, trtmp)) {
188 X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
189 return 0;
190 }
191 }
192 return 1;
193}
194
195static void trtable_free(X509_TRUST *p)
196 {
197 if(!p) return;
198 if (p->flags & X509_TRUST_DYNAMIC)
199 {
200 if (p->flags & X509_TRUST_DYNAMIC_NAME)
201 OPENSSL_free(p->name);
202 OPENSSL_free(p);
203 }
204 }
205
206void X509_TRUST_cleanup(void)
207{
208 int i;
209 for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i);
210 sk_X509_TRUST_pop_free(trtable, trtable_free);
211 trtable = NULL;
212}
213
214int X509_TRUST_get_flags(X509_TRUST *xp)
215{
216 return xp->flags;
217}
218
219char *X509_TRUST_get0_name(X509_TRUST *xp)
220{
221 return xp->name;
222}
223
224int X509_TRUST_get_trust(X509_TRUST *xp)
225{
226 return xp->trust;
227}
228
229static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
230{
231 if(x->aux && (x->aux->trust || x->aux->reject))
232 return obj_trust(trust->arg1, x, flags);
233 /* we don't have any trust settings: for compatibility
234 * we return trusted if it is self signed
235 */
236 return trust_compat(trust, x, flags);
237}
238
239static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
240{
241 X509_check_purpose(x, -1, 0);
242 if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED;
243 else return X509_TRUST_UNTRUSTED;
244}
245
246static int obj_trust(int id, X509 *x, int flags)
247{
248 ASN1_OBJECT *obj;
249 int i;
250 X509_CERT_AUX *ax;
251 ax = x->aux;
252 if(!ax) return X509_TRUST_UNTRUSTED;
253 if(ax->reject) {
254 for(i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
255 obj = sk_ASN1_OBJECT_value(ax->reject, i);
256 if(OBJ_obj2nid(obj) == id) return X509_TRUST_REJECTED;
257 }
258 }
259 if(ax->trust) {
260 for(i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
261 obj = sk_ASN1_OBJECT_value(ax->trust, i);
262 if(OBJ_obj2nid(obj) == id) return X509_TRUST_TRUSTED;
263 }
264 }
265 return X509_TRUST_UNTRUSTED;
266}
267
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
deleted file mode 100644
index cfb478d4bc..0000000000
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ /dev/null
@@ -1,150 +0,0 @@
1/* crypto/x509/x509_txt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include <errno.h>
62
63#include "cryptlib.h"
64#include <openssl/lhash.h>
65#include <openssl/buffer.h>
66#include <openssl/evp.h>
67#include <openssl/asn1.h>
68#include <openssl/x509.h>
69#include <openssl/objects.h>
70
71const char *X509_verify_cert_error_string(long n)
72 {
73 static char buf[100];
74
75 switch ((int)n)
76 {
77 case X509_V_OK:
78 return("ok");
79 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
80 return("unable to get issuer certificate");
81 case X509_V_ERR_UNABLE_TO_GET_CRL:
82 return("unable to get certificate CRL");
83 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
84 return("unable to decrypt certificate's signature");
85 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
86 return("unable to decrypt CRL's's signature");
87 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
88 return("unable to decode issuer public key");
89 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
90 return("certificate signature failure");
91 case X509_V_ERR_CRL_SIGNATURE_FAILURE:
92 return("CRL signature failure");
93 case X509_V_ERR_CERT_NOT_YET_VALID:
94 return("certificate is not yet valid");
95 case X509_V_ERR_CRL_NOT_YET_VALID:
96 return("CRL is not yet valid");
97 case X509_V_ERR_CERT_HAS_EXPIRED:
98 return("Certificate has expired");
99 case X509_V_ERR_CRL_HAS_EXPIRED:
100 return("CRL has expired");
101 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
102 return("format error in certificate's notBefore field");
103 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
104 return("format error in certificate's notAfter field");
105 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
106 return("format error in CRL's lastUpdate field");
107 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
108 return("format error in CRL's nextUpdate field");
109 case X509_V_ERR_OUT_OF_MEM:
110 return("out of memory");
111 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
112 return("self signed certificate");
113 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
114 return("self signed certificate in certificate chain");
115 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
116 return("unable to get local issuer certificate");
117 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
118 return("unable to verify the first certificate");
119 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
120 return("certificate chain too long");
121 case X509_V_ERR_CERT_REVOKED:
122 return("certificate revoked");
123 case X509_V_ERR_INVALID_CA:
124 return ("invalid CA certificate");
125 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
126 return ("path length constraint exceeded");
127 case X509_V_ERR_INVALID_PURPOSE:
128 return ("unsupported certificate purpose");
129 case X509_V_ERR_CERT_UNTRUSTED:
130 return ("certificate not trusted");
131 case X509_V_ERR_CERT_REJECTED:
132 return ("certificate rejected");
133 case X509_V_ERR_APPLICATION_VERIFICATION:
134 return("application verification failure");
135 case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
136 return("subject issuer mismatch");
137 case X509_V_ERR_AKID_SKID_MISMATCH:
138 return("authority and subject key identifier mismatch");
139 case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
140 return("authority and issuer serial number mismatch");
141 case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
142 return("key usage does not include certificate signing");
143
144 default:
145 sprintf(buf,"error number %ld",n);
146 return(buf);
147 }
148 }
149
150
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c
deleted file mode 100644
index 52887986fe..0000000000
--- a/src/lib/libcrypto/x509/x509_v3.c
+++ /dev/null
@@ -1,267 +0,0 @@
1/* crypto/x509/x509_v3.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/stack.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66#include <openssl/x509v3.h>
67
68int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
69 {
70 if (x == NULL) return(0);
71 return(sk_X509_EXTENSION_num(x));
72 }
73
74int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
75 int lastpos)
76 {
77 ASN1_OBJECT *obj;
78
79 obj=OBJ_nid2obj(nid);
80 if (obj == NULL) return(-2);
81 return(X509v3_get_ext_by_OBJ(x,obj,lastpos));
82 }
83
84int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj,
85 int lastpos)
86 {
87 int n;
88 X509_EXTENSION *ex;
89
90 if (sk == NULL) return(-1);
91 lastpos++;
92 if (lastpos < 0)
93 lastpos=0;
94 n=sk_X509_EXTENSION_num(sk);
95 for ( ; lastpos < n; lastpos++)
96 {
97 ex=sk_X509_EXTENSION_value(sk,lastpos);
98 if (OBJ_cmp(ex->object,obj) == 0)
99 return(lastpos);
100 }
101 return(-1);
102 }
103
104int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
105 int lastpos)
106 {
107 int n;
108 X509_EXTENSION *ex;
109
110 if (sk == NULL) return(-1);
111 lastpos++;
112 if (lastpos < 0)
113 lastpos=0;
114 n=sk_X509_EXTENSION_num(sk);
115 for ( ; lastpos < n; lastpos++)
116 {
117 ex=sk_X509_EXTENSION_value(sk,lastpos);
118 if ( (ex->critical && crit) ||
119 (!ex->critical && !crit))
120 return(lastpos);
121 }
122 return(-1);
123 }
124
125X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
126 {
127 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
128 return NULL;
129 else
130 return sk_X509_EXTENSION_value(x,loc);
131 }
132
133X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
134 {
135 X509_EXTENSION *ret;
136
137 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
138 return(NULL);
139 ret=sk_X509_EXTENSION_delete(x,loc);
140 return(ret);
141 }
142
143STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
144 X509_EXTENSION *ex, int loc)
145 {
146 X509_EXTENSION *new_ex=NULL;
147 int n;
148 STACK_OF(X509_EXTENSION) *sk=NULL;
149
150 if ((x != NULL) && (*x == NULL))
151 {
152 if ((sk=sk_X509_EXTENSION_new_null()) == NULL)
153 goto err;
154 }
155 else
156 sk= *x;
157
158 n=sk_X509_EXTENSION_num(sk);
159 if (loc > n) loc=n;
160 else if (loc < 0) loc=n;
161
162 if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
163 goto err2;
164 if (!sk_X509_EXTENSION_insert(sk,new_ex,loc))
165 goto err;
166 if ((x != NULL) && (*x == NULL))
167 *x=sk;
168 return(sk);
169err:
170 X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
171err2:
172 if (new_ex != NULL) X509_EXTENSION_free(new_ex);
173 if (sk != NULL) sk_X509_EXTENSION_free(sk);
174 return(NULL);
175 }
176
177X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
178 int crit, ASN1_OCTET_STRING *data)
179 {
180 ASN1_OBJECT *obj;
181 X509_EXTENSION *ret;
182
183 obj=OBJ_nid2obj(nid);
184 if (obj == NULL)
185 {
186 X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID);
187 return(NULL);
188 }
189 ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data);
190 if (ret == NULL) ASN1_OBJECT_free(obj);
191 return(ret);
192 }
193
194X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
195 ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data)
196 {
197 X509_EXTENSION *ret;
198
199 if ((ex == NULL) || (*ex == NULL))
200 {
201 if ((ret=X509_EXTENSION_new()) == NULL)
202 {
203 X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
204 return(NULL);
205 }
206 }
207 else
208 ret= *ex;
209
210 if (!X509_EXTENSION_set_object(ret,obj))
211 goto err;
212 if (!X509_EXTENSION_set_critical(ret,crit))
213 goto err;
214 if (!X509_EXTENSION_set_data(ret,data))
215 goto err;
216
217 if ((ex != NULL) && (*ex == NULL)) *ex=ret;
218 return(ret);
219err:
220 if ((ex == NULL) || (ret != *ex))
221 X509_EXTENSION_free(ret);
222 return(NULL);
223 }
224
225int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
226 {
227 if ((ex == NULL) || (obj == NULL))
228 return(0);
229 ASN1_OBJECT_free(ex->object);
230 ex->object=OBJ_dup(obj);
231 return(1);
232 }
233
234int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
235 {
236 if (ex == NULL) return(0);
237 ex->critical=(crit)?0xFF:0;
238 return(1);
239 }
240
241int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
242 {
243 int i;
244
245 if (ex == NULL) return(0);
246 i=M_ASN1_OCTET_STRING_set(ex->value,data->data,data->length);
247 if (!i) return(0);
248 return(1);
249 }
250
251ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
252 {
253 if (ex == NULL) return(NULL);
254 return(ex->object);
255 }
256
257ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
258 {
259 if (ex == NULL) return(NULL);
260 return(ex->value);
261 }
262
263int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
264 {
265 if (ex == NULL) return(0);
266 return(ex->critical);
267 }
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
deleted file mode 100644
index 0f4110cc64..0000000000
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ /dev/null
@@ -1,920 +0,0 @@
1/* crypto/x509/x509_vfy.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include <errno.h>
62
63#include "cryptlib.h"
64#include <openssl/crypto.h>
65#include <openssl/lhash.h>
66#include <openssl/buffer.h>
67#include <openssl/evp.h>
68#include <openssl/asn1.h>
69#include <openssl/x509.h>
70#include <openssl/x509v3.h>
71#include <openssl/objects.h>
72
73static int null_callback(int ok,X509_STORE_CTX *e);
74static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
75static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
76static int check_chain_purpose(X509_STORE_CTX *ctx);
77static int check_trust(X509_STORE_CTX *ctx);
78static int internal_verify(X509_STORE_CTX *ctx);
79const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
80
81static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_ctx_method=NULL;
82static int x509_store_ctx_num=0;
83#if 0
84static int x509_store_num=1;
85static STACK *x509_store_method=NULL;
86#endif
87
88static int null_callback(int ok, X509_STORE_CTX *e)
89 {
90 return ok;
91 }
92
93#if 0
94static int x509_subject_cmp(X509 **a, X509 **b)
95 {
96 return X509_subject_name_cmp(*a,*b);
97 }
98#endif
99
100int X509_verify_cert(X509_STORE_CTX *ctx)
101 {
102 X509 *x,*xtmp,*chain_ss=NULL;
103 X509_NAME *xn;
104 int depth,i,ok=0;
105 int num;
106 int (*cb)();
107 STACK_OF(X509) *sktmp=NULL;
108
109 if (ctx->cert == NULL)
110 {
111 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
112 return -1;
113 }
114
115 cb=ctx->verify_cb;
116 if (cb == NULL) cb=null_callback;
117
118 /* first we make sure the chain we are going to build is
119 * present and that the first entry is in place */
120 if (ctx->chain == NULL)
121 {
122 if ( ((ctx->chain=sk_X509_new_null()) == NULL) ||
123 (!sk_X509_push(ctx->chain,ctx->cert)))
124 {
125 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
126 goto end;
127 }
128 CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
129 ctx->last_untrusted=1;
130 }
131
132 /* We use a temporary STACK so we can chop and hack at it */
133 if (ctx->untrusted != NULL
134 && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
135 {
136 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
137 goto end;
138 }
139
140 num=sk_X509_num(ctx->chain);
141 x=sk_X509_value(ctx->chain,num-1);
142 depth=ctx->depth;
143
144
145 for (;;)
146 {
147 /* If we have enough, we break */
148 if (depth < num) break; /* FIXME: If this happens, we should take
149 * note of it and, if appropriate, use the
150 * X509_V_ERR_CERT_CHAIN_TOO_LONG error
151 * code later.
152 */
153
154 /* If we are self signed, we break */
155 xn=X509_get_issuer_name(x);
156 if (ctx->check_issued(ctx, x,x)) break;
157
158 /* If we were passed a cert chain, use it first */
159 if (ctx->untrusted != NULL)
160 {
161 xtmp=find_issuer(ctx, sktmp,x);
162 if (xtmp != NULL)
163 {
164 if (!sk_X509_push(ctx->chain,xtmp))
165 {
166 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
167 goto end;
168 }
169 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
170 sk_X509_delete_ptr(sktmp,xtmp);
171 ctx->last_untrusted++;
172 x=xtmp;
173 num++;
174 /* reparse the full chain for
175 * the next one */
176 continue;
177 }
178 }
179 break;
180 }
181
182 /* at this point, chain should contain a list of untrusted
183 * certificates. We now need to add at least one trusted one,
184 * if possible, otherwise we complain. */
185
186 /* Examine last certificate in chain and see if it
187 * is self signed.
188 */
189
190 i=sk_X509_num(ctx->chain);
191 x=sk_X509_value(ctx->chain,i-1);
192 xn = X509_get_subject_name(x);
193 if (ctx->check_issued(ctx, x, x))
194 {
195 /* we have a self signed certificate */
196 if (sk_X509_num(ctx->chain) == 1)
197 {
198 /* We have a single self signed certificate: see if
199 * we can find it in the store. We must have an exact
200 * match to avoid possible impersonation.
201 */
202 ok = ctx->get_issuer(&xtmp, ctx, x);
203 if ((ok <= 0) || X509_cmp(x, xtmp))
204 {
205 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
206 ctx->current_cert=x;
207 ctx->error_depth=i-1;
208 if (ok == 1) X509_free(xtmp);
209 ok=cb(0,ctx);
210 if (!ok) goto end;
211 }
212 else
213 {
214 /* We have a match: replace certificate with store version
215 * so we get any trust settings.
216 */
217 X509_free(x);
218 x = xtmp;
219 sk_X509_set(ctx->chain, i - 1, x);
220 ctx->last_untrusted=0;
221 }
222 }
223 else
224 {
225 /* extract and save self signed certificate for later use */
226 chain_ss=sk_X509_pop(ctx->chain);
227 ctx->last_untrusted--;
228 num--;
229 x=sk_X509_value(ctx->chain,num-1);
230 }
231 }
232
233 /* We now lookup certs from the certificate store */
234 for (;;)
235 {
236 /* If we have enough, we break */
237 if (depth < num) break;
238
239 /* If we are self signed, we break */
240 xn=X509_get_issuer_name(x);
241 if (ctx->check_issued(ctx,x,x)) break;
242
243 ok = ctx->get_issuer(&xtmp, ctx, x);
244
245 if (ok < 0) return ok;
246 if (ok == 0) break;
247
248 x = xtmp;
249 if (!sk_X509_push(ctx->chain,x))
250 {
251 X509_free(xtmp);
252 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
253 return 0;
254 }
255 num++;
256 }
257
258 /* we now have our chain, lets check it... */
259 xn=X509_get_issuer_name(x);
260
261 /* Is last certificate looked up self signed? */
262 if (!ctx->check_issued(ctx,x,x))
263 {
264 if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss))
265 {
266 if (ctx->last_untrusted >= num)
267 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
268 else
269 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
270 ctx->current_cert=x;
271 }
272 else
273 {
274
275 sk_X509_push(ctx->chain,chain_ss);
276 num++;
277 ctx->last_untrusted=num;
278 ctx->current_cert=chain_ss;
279 ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
280 chain_ss=NULL;
281 }
282
283 ctx->error_depth=num-1;
284 ok=cb(0,ctx);
285 if (!ok) goto end;
286 }
287
288 /* We have the chain complete: now we need to check its purpose */
289 if (ctx->purpose > 0) ok = check_chain_purpose(ctx);
290
291 if (!ok) goto end;
292
293 /* The chain extensions are OK: check trust */
294
295 if (ctx->trust > 0) ok = check_trust(ctx);
296
297 if (!ok) goto end;
298
299 /* We may as well copy down any DSA parameters that are required */
300 X509_get_pubkey_parameters(NULL,ctx->chain);
301
302 /* At this point, we have a chain and just need to verify it */
303 if (ctx->verify != NULL)
304 ok=ctx->verify(ctx);
305 else
306 ok=internal_verify(ctx);
307 if (0)
308 {
309end:
310 X509_get_pubkey_parameters(NULL,ctx->chain);
311 }
312 if (sktmp != NULL) sk_X509_free(sktmp);
313 if (chain_ss != NULL) X509_free(chain_ss);
314 return ok;
315 }
316
317
318/* Given a STACK_OF(X509) find the issuer of cert (if any)
319 */
320
321static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
322{
323 int i;
324 X509 *issuer;
325 for (i = 0; i < sk_X509_num(sk); i++)
326 {
327 issuer = sk_X509_value(sk, i);
328 if (ctx->check_issued(ctx, x, issuer))
329 return issuer;
330 }
331 return NULL;
332}
333
334/* Given a possible certificate and issuer check them */
335
336static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
337{
338 int ret;
339 ret = X509_check_issued(issuer, x);
340 if (ret == X509_V_OK)
341 return 1;
342 /* If we haven't asked for issuer errors don't set ctx */
343 if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
344 return 0;
345
346 ctx->error = ret;
347 ctx->current_cert = x;
348 ctx->current_issuer = issuer;
349 if (ctx->verify_cb)
350 return ctx->verify_cb(0, ctx);
351 return 0;
352}
353
354/* Alternative lookup method: look from a STACK stored in other_ctx */
355
356static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
357{
358 *issuer = find_issuer(ctx, ctx->other_ctx, x);
359 if (*issuer)
360 {
361 CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);
362 return 1;
363 }
364 else
365 return 0;
366}
367
368
369/* Check a certificate chains extensions for consistency
370 * with the supplied purpose
371 */
372
373static int check_chain_purpose(X509_STORE_CTX *ctx)
374{
375#ifdef NO_CHAIN_VERIFY
376 return 1;
377#else
378 int i, ok=0;
379 X509 *x;
380 int (*cb)();
381 cb=ctx->verify_cb;
382 if (cb == NULL) cb=null_callback;
383 /* Check all untrusted certificates */
384 for (i = 0; i < ctx->last_untrusted; i++)
385 {
386 x = sk_X509_value(ctx->chain, i);
387 if (!X509_check_purpose(x, ctx->purpose, i))
388 {
389 if (i)
390 ctx->error = X509_V_ERR_INVALID_CA;
391 else
392 ctx->error = X509_V_ERR_INVALID_PURPOSE;
393 ctx->error_depth = i;
394 ctx->current_cert = x;
395 ok=cb(0,ctx);
396 if (!ok) goto end;
397 }
398 /* Check pathlen */
399 if ((i > 1) && (x->ex_pathlen != -1)
400 && (i > (x->ex_pathlen + 1)))
401 {
402 ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
403 ctx->error_depth = i;
404 ctx->current_cert = x;
405 ok=cb(0,ctx);
406 if (!ok) goto end;
407 }
408 }
409 ok = 1;
410 end:
411 return ok;
412#endif
413}
414
415static int check_trust(X509_STORE_CTX *ctx)
416{
417#ifdef NO_CHAIN_VERIFY
418 return 1;
419#else
420 int i, ok;
421 X509 *x;
422 int (*cb)();
423 cb=ctx->verify_cb;
424 if (cb == NULL) cb=null_callback;
425/* For now just check the last certificate in the chain */
426 i = sk_X509_num(ctx->chain) - 1;
427 x = sk_X509_value(ctx->chain, i);
428 ok = X509_check_trust(x, ctx->trust, 0);
429 if (ok == X509_TRUST_TRUSTED)
430 return 1;
431 ctx->error_depth = sk_X509_num(ctx->chain) - 1;
432 ctx->current_cert = x;
433 if (ok == X509_TRUST_REJECTED)
434 ctx->error = X509_V_ERR_CERT_REJECTED;
435 else
436 ctx->error = X509_V_ERR_CERT_UNTRUSTED;
437 ok = cb(0, ctx);
438 return ok;
439#endif
440}
441
442static int internal_verify(X509_STORE_CTX *ctx)
443 {
444 int i,ok=0,n;
445 X509 *xs,*xi;
446 EVP_PKEY *pkey=NULL;
447 time_t *ptime;
448 int (*cb)();
449
450 cb=ctx->verify_cb;
451 if (cb == NULL) cb=null_callback;
452
453 n=sk_X509_num(ctx->chain);
454 ctx->error_depth=n-1;
455 n--;
456 xi=sk_X509_value(ctx->chain,n);
457 if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
458 ptime = &ctx->check_time;
459 else
460 ptime = NULL;
461 if (ctx->check_issued(ctx, xi, xi))
462 xs=xi;
463 else
464 {
465 if (n <= 0)
466 {
467 ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
468 ctx->current_cert=xi;
469 ok=cb(0,ctx);
470 goto end;
471 }
472 else
473 {
474 n--;
475 ctx->error_depth=n;
476 xs=sk_X509_value(ctx->chain,n);
477 }
478 }
479
480/* ctx->error=0; not needed */
481 while (n >= 0)
482 {
483 ctx->error_depth=n;
484 if (!xs->valid)
485 {
486 if ((pkey=X509_get_pubkey(xi)) == NULL)
487 {
488 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
489 ctx->current_cert=xi;
490 ok=(*cb)(0,ctx);
491 if (!ok) goto end;
492 }
493 if (X509_verify(xs,pkey) <= 0)
494 {
495 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
496 ctx->current_cert=xs;
497 ok=(*cb)(0,ctx);
498 if (!ok)
499 {
500 EVP_PKEY_free(pkey);
501 goto end;
502 }
503 }
504 EVP_PKEY_free(pkey);
505 pkey=NULL;
506
507 i=X509_cmp_time(X509_get_notBefore(xs), ptime);
508 if (i == 0)
509 {
510 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
511 ctx->current_cert=xs;
512 ok=(*cb)(0,ctx);
513 if (!ok) goto end;
514 }
515 if (i > 0)
516 {
517 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
518 ctx->current_cert=xs;
519 ok=(*cb)(0,ctx);
520 if (!ok) goto end;
521 }
522 xs->valid=1;
523 }
524
525 i=X509_cmp_time(X509_get_notAfter(xs), ptime);
526 if (i == 0)
527 {
528 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
529 ctx->current_cert=xs;
530 ok=(*cb)(0,ctx);
531 if (!ok) goto end;
532 }
533
534 if (i < 0)
535 {
536 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
537 ctx->current_cert=xs;
538 ok=(*cb)(0,ctx);
539 if (!ok) goto end;
540 }
541
542 /* CRL CHECK */
543
544 /* The last error (if any) is still in the error value */
545 ctx->current_cert=xs;
546 ok=(*cb)(1,ctx);
547 if (!ok) goto end;
548
549 n--;
550 if (n >= 0)
551 {
552 xi=xs;
553 xs=sk_X509_value(ctx->chain,n);
554 }
555 }
556 ok=1;
557end:
558 return ok;
559 }
560
561int X509_cmp_current_time(ASN1_TIME *ctm)
562{
563 return X509_cmp_time(ctm, NULL);
564}
565
566int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
567 {
568 char *str;
569 ASN1_TIME atm;
570 time_t offset;
571 char buff1[24],buff2[24],*p;
572 int i,j;
573
574 p=buff1;
575 i=ctm->length;
576 str=(char *)ctm->data;
577 if (ctm->type == V_ASN1_UTCTIME)
578 {
579 if ((i < 11) || (i > 17)) return 0;
580 memcpy(p,str,10);
581 p+=10;
582 str+=10;
583 }
584 else
585 {
586 if (i < 13) return 0;
587 memcpy(p,str,12);
588 p+=12;
589 str+=12;
590 }
591
592 if ((*str == 'Z') || (*str == '-') || (*str == '+'))
593 { *(p++)='0'; *(p++)='0'; }
594 else
595 {
596 *(p++)= *(str++);
597 *(p++)= *(str++);
598 /* Skip any fractional seconds... */
599 if (*str == '.')
600 {
601 str++;
602 while ((*str >= '0') && (*str <= '9')) str++;
603 }
604
605 }
606 *(p++)='Z';
607 *(p++)='\0';
608
609 if (*str == 'Z')
610 offset=0;
611 else
612 {
613 if ((*str != '+') && (str[5] != '-'))
614 return 0;
615 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
616 offset+=(str[3]-'0')*10+(str[4]-'0');
617 if (*str == '-')
618 offset= -offset;
619 }
620 atm.type=ctm->type;
621 atm.length=sizeof(buff2);
622 atm.data=(unsigned char *)buff2;
623
624 X509_time_adj(&atm,-offset*60, cmp_time);
625
626 if (ctm->type == V_ASN1_UTCTIME)
627 {
628 i=(buff1[0]-'0')*10+(buff1[1]-'0');
629 if (i < 50) i+=100; /* cf. RFC 2459 */
630 j=(buff2[0]-'0')*10+(buff2[1]-'0');
631 if (j < 50) j+=100;
632
633 if (i < j) return -1;
634 if (i > j) return 1;
635 }
636 i=strcmp(buff1,buff2);
637 if (i == 0) /* wait a second then return younger :-) */
638 return -1;
639 else
640 return i;
641 }
642
643ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
644{
645 return X509_time_adj(s, adj, NULL);
646}
647
648ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
649 {
650 time_t t;
651
652 if (in_tm) t = *in_tm;
653 else time(&t);
654
655 t+=adj;
656 if (!s) return ASN1_TIME_set(s, t);
657 if (s->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
658 return ASN1_GENERALIZEDTIME_set(s, t);
659 }
660
661int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
662 {
663 EVP_PKEY *ktmp=NULL,*ktmp2;
664 int i,j;
665
666 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
667
668 for (i=0; i<sk_X509_num(chain); i++)
669 {
670 ktmp=X509_get_pubkey(sk_X509_value(chain,i));
671 if (ktmp == NULL)
672 {
673 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
674 return 0;
675 }
676 if (!EVP_PKEY_missing_parameters(ktmp))
677 break;
678 else
679 {
680 EVP_PKEY_free(ktmp);
681 ktmp=NULL;
682 }
683 }
684 if (ktmp == NULL)
685 {
686 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
687 return 0;
688 }
689
690 /* first, populate the other certs */
691 for (j=i-1; j >= 0; j--)
692 {
693 ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
694 EVP_PKEY_copy_parameters(ktmp2,ktmp);
695 EVP_PKEY_free(ktmp2);
696 }
697
698 if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
699 EVP_PKEY_free(ktmp);
700 return 1;
701 }
702
703int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
704 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
705 {
706 x509_store_ctx_num++;
707 return CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
708 &x509_store_ctx_method,
709 argl,argp,new_func,dup_func,free_func);
710 }
711
712int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
713 {
714 return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
715 }
716
717void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
718 {
719 return CRYPTO_get_ex_data(&ctx->ex_data,idx);
720 }
721
722int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
723 {
724 return ctx->error;
725 }
726
727void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
728 {
729 ctx->error=err;
730 }
731
732int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
733 {
734 return ctx->error_depth;
735 }
736
737X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
738 {
739 return ctx->current_cert;
740 }
741
742STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
743 {
744 return ctx->chain;
745 }
746
747STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
748 {
749 int i;
750 X509 *x;
751 STACK_OF(X509) *chain;
752 if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
753 for (i = 0; i < sk_X509_num(chain); i++)
754 {
755 x = sk_X509_value(chain, i);
756 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
757 }
758 return chain;
759 }
760
761void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
762 {
763 ctx->cert=x;
764 }
765
766void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
767 {
768 ctx->untrusted=sk;
769 }
770
771int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
772 {
773 return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
774 }
775
776int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
777 {
778 return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
779 }
780
781/* This function is used to set the X509_STORE_CTX purpose and trust
782 * values. This is intended to be used when another structure has its
783 * own trust and purpose values which (if set) will be inherited by
784 * the ctx. If they aren't set then we will usually have a default
785 * purpose in mind which should then be used to set the trust value.
786 * An example of this is SSL use: an SSL structure will have its own
787 * purpose and trust settings which the application can set: if they
788 * aren't set then we use the default of SSL client/server.
789 */
790
791int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
792 int purpose, int trust)
793{
794 int idx;
795 /* If purpose not set use default */
796 if (!purpose) purpose = def_purpose;
797 /* If we have a purpose then check it is valid */
798 if (purpose)
799 {
800 X509_PURPOSE *ptmp;
801 idx = X509_PURPOSE_get_by_id(purpose);
802 if (idx == -1)
803 {
804 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
805 X509_R_UNKNOWN_PURPOSE_ID);
806 return 0;
807 }
808 ptmp = X509_PURPOSE_get0(idx);
809 if (ptmp->trust == X509_TRUST_DEFAULT)
810 {
811 idx = X509_PURPOSE_get_by_id(def_purpose);
812 if (idx == -1)
813 {
814 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
815 X509_R_UNKNOWN_PURPOSE_ID);
816 return 0;
817 }
818 ptmp = X509_PURPOSE_get0(idx);
819 }
820 /* If trust not set then get from purpose default */
821 if (!trust) trust = ptmp->trust;
822 }
823 if (trust)
824 {
825 idx = X509_TRUST_get_by_id(trust);
826 if (idx == -1)
827 {
828 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
829 X509_R_UNKNOWN_TRUST_ID);
830 return 0;
831 }
832 }
833
834 if (purpose) ctx->purpose = purpose;
835 if (trust) ctx->trust = trust;
836 return 1;
837}
838
839X509_STORE_CTX *X509_STORE_CTX_new(void)
840{
841 X509_STORE_CTX *ctx;
842 ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
843 if (ctx) memset(ctx, 0, sizeof(X509_STORE_CTX));
844 return ctx;
845}
846
847void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
848{
849 X509_STORE_CTX_cleanup(ctx);
850 OPENSSL_free(ctx);
851}
852
853void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
854 STACK_OF(X509) *chain)
855 {
856 ctx->ctx=store;
857 ctx->current_method=0;
858 ctx->cert=x509;
859 ctx->untrusted=chain;
860 ctx->last_untrusted=0;
861 ctx->purpose=0;
862 ctx->trust=0;
863 ctx->check_time=0;
864 ctx->flags=0;
865 ctx->other_ctx=NULL;
866 ctx->valid=0;
867 ctx->chain=NULL;
868 ctx->depth=9;
869 ctx->error=0;
870 ctx->error_depth=0;
871 ctx->current_cert=NULL;
872 ctx->current_issuer=NULL;
873 ctx->check_issued = check_issued;
874 ctx->get_issuer = X509_STORE_CTX_get1_issuer;
875 ctx->verify_cb = store->verify_cb;
876 ctx->verify = store->verify;
877 ctx->cleanup = 0;
878 memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA));
879 }
880
881/* Set alternative lookup method: just a STACK of trusted certificates.
882 * This avoids X509_STORE nastiness where it isn't needed.
883 */
884
885void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
886{
887 ctx->other_ctx = sk;
888 ctx->get_issuer = get_issuer_sk;
889}
890
891void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
892 {
893 if (ctx->cleanup) ctx->cleanup(ctx);
894 if (ctx->chain != NULL)
895 {
896 sk_X509_pop_free(ctx->chain,X509_free);
897 ctx->chain=NULL;
898 }
899 CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data));
900 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
901 }
902
903void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
904 {
905 ctx->flags |= flags;
906 }
907
908void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t)
909 {
910 ctx->check_time = t;
911 ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
912 }
913
914IMPLEMENT_STACK_OF(X509)
915IMPLEMENT_ASN1_SET_OF(X509)
916
917IMPLEMENT_STACK_OF(X509_NAME)
918
919IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
920IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
deleted file mode 100644
index e289d5309a..0000000000
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ /dev/null
@@ -1,390 +0,0 @@
1/* crypto/x509/x509_vfy.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_X509_H
60#include <openssl/x509.h>
61/* openssl/x509.h ends up #include-ing this file at about the only
62 * appropriate moment. */
63#endif
64
65#ifndef HEADER_X509_VFY_H
66#define HEADER_X509_VFY_H
67
68#ifndef NO_LHASH
69#include <openssl/lhash.h>
70#endif
71#include <openssl/bio.h>
72#include <openssl/crypto.h>
73
74#ifdef __cplusplus
75extern "C" {
76#endif
77
78/* Outer object */
79typedef struct x509_hash_dir_st
80 {
81 int num_dirs;
82 char **dirs;
83 int *dirs_type;
84 int num_dirs_alloced;
85 } X509_HASH_DIR_CTX;
86
87typedef struct x509_file_st
88 {
89 int num_paths; /* number of paths to files or directories */
90 int num_alloced;
91 char **paths; /* the list of paths or directories */
92 int *path_type;
93 } X509_CERT_FILE_CTX;
94
95/*******************************/
96/*
97SSL_CTX -> X509_STORE
98 -> X509_LOOKUP
99 ->X509_LOOKUP_METHOD
100 -> X509_LOOKUP
101 ->X509_LOOKUP_METHOD
102
103SSL -> X509_STORE_CTX
104 ->X509_STORE
105
106The X509_STORE holds the tables etc for verification stuff.
107A X509_STORE_CTX is used while validating a single certificate.
108The X509_STORE has X509_LOOKUPs for looking up certs.
109The X509_STORE then calls a function to actually verify the
110certificate chain.
111*/
112
113#define X509_LU_RETRY -1
114#define X509_LU_FAIL 0
115#define X509_LU_X509 1
116#define X509_LU_CRL 2
117#define X509_LU_PKEY 3
118
119typedef struct x509_object_st
120 {
121 /* one of the above types */
122 int type;
123 union {
124 char *ptr;
125 X509 *x509;
126 X509_CRL *crl;
127 EVP_PKEY *pkey;
128 } data;
129 } X509_OBJECT;
130
131typedef struct x509_lookup_st X509_LOOKUP;
132
133DECLARE_STACK_OF(X509_LOOKUP)
134DECLARE_STACK_OF(X509_OBJECT)
135
136/* This is a static that defines the function interface */
137typedef struct x509_lookup_method_st
138 {
139 const char *name;
140 int (*new_item)(X509_LOOKUP *ctx);
141 void (*free)(X509_LOOKUP *ctx);
142 int (*init)(X509_LOOKUP *ctx);
143 int (*shutdown)(X509_LOOKUP *ctx);
144 int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,
145 char **ret);
146 int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,
147 X509_OBJECT *ret);
148 int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,
149 ASN1_INTEGER *serial,X509_OBJECT *ret);
150 int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,
151 unsigned char *bytes,int len,
152 X509_OBJECT *ret);
153 int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,
154 X509_OBJECT *ret);
155 } X509_LOOKUP_METHOD;
156
157typedef struct x509_store_ctx_st X509_STORE_CTX;
158
159/* This is used to hold everything. It is used for all certificate
160 * validation. Once we have a certificate chain, the 'verify'
161 * function is then called to actually check the cert chain. */
162typedef struct x509_store_st
163 {
164 /* The following is a cache of trusted certs */
165 int cache; /* if true, stash any hits */
166 STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
167
168 /* These are external lookup methods */
169 STACK_OF(X509_LOOKUP) *get_cert_methods;
170 int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
171 int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
172
173 CRYPTO_EX_DATA ex_data;
174 int references;
175 int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
176 } X509_STORE;
177
178#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d))
179
180#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
181#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
182
183/* This is the functions plus an instance of the local variables. */
184struct x509_lookup_st
185 {
186 int init; /* have we been started */
187 int skip; /* don't use us. */
188 X509_LOOKUP_METHOD *method; /* the functions */
189 char *method_data; /* method data */
190
191 X509_STORE *store_ctx; /* who owns us */
192 };
193
194/* This is a used when verifying cert chains. Since the
195 * gathering of the cert chain can take some time (and have to be
196 * 'retried', this needs to be kept and passed around. */
197struct x509_store_ctx_st /* X509_STORE_CTX */
198 {
199 X509_STORE *ctx;
200 int current_method; /* used when looking up certs */
201
202 /* The following are set by the caller */
203 X509 *cert; /* The cert to check */
204 STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
205 int purpose; /* purpose to check untrusted certificates */
206 int trust; /* trust setting to check */
207 time_t check_time; /* time to make verify at */
208 unsigned long flags; /* Various verify flags */
209 void *other_ctx; /* Other info for use with get_issuer() */
210
211 /* Callbacks for various operations */
212 int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
213 int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
214 int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
215 int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
216 int (*cleanup)(X509_STORE_CTX *ctx);
217
218 /* The following is built up */
219 int depth; /* how far to go looking up certs */
220 int valid; /* if 0, rebuild chain */
221 int last_untrusted; /* index of last untrusted cert */
222 STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
223
224 /* When something goes wrong, this is why */
225 int error_depth;
226 int error;
227 X509 *current_cert;
228 X509 *current_issuer; /* cert currently being tested as valid issuer */
229
230 CRYPTO_EX_DATA ex_data;
231 };
232
233#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d))
234
235#define X509_STORE_CTX_set_app_data(ctx,data) \
236 X509_STORE_CTX_set_ex_data(ctx,0,data)
237#define X509_STORE_CTX_get_app_data(ctx) \
238 X509_STORE_CTX_get_ex_data(ctx,0)
239
240#define X509_L_FILE_LOAD 1
241#define X509_L_ADD_DIR 2
242
243#define X509_LOOKUP_load_file(x,name,type) \
244 X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
245
246#define X509_LOOKUP_add_dir(x,name,type) \
247 X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
248
249#define X509_V_OK 0
250/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
251
252#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
253#define X509_V_ERR_UNABLE_TO_GET_CRL 3
254#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
255#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
256#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
257#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
258#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
259#define X509_V_ERR_CERT_NOT_YET_VALID 9
260#define X509_V_ERR_CERT_HAS_EXPIRED 10
261#define X509_V_ERR_CRL_NOT_YET_VALID 11
262#define X509_V_ERR_CRL_HAS_EXPIRED 12
263#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
264#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
265#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
266#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
267#define X509_V_ERR_OUT_OF_MEM 17
268#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
269#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
270#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
271#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
272#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
273#define X509_V_ERR_CERT_REVOKED 23
274#define X509_V_ERR_INVALID_CA 24
275#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
276#define X509_V_ERR_INVALID_PURPOSE 26
277#define X509_V_ERR_CERT_UNTRUSTED 27
278#define X509_V_ERR_CERT_REJECTED 28
279/* These are 'informational' when looking for issuer cert */
280#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
281#define X509_V_ERR_AKID_SKID_MISMATCH 30
282#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
283#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
284
285/* The application is not happy */
286#define X509_V_ERR_APPLICATION_VERIFICATION 50
287
288/* Certificate verify flags */
289
290#define X509_V_FLAG_CB_ISSUER_CHECK 0x1 /* Send issuer+subject checks to verify_cb */
291#define X509_V_FLAG_USE_CHECK_TIME 0x2 /* Use check time instead of current time */
292
293 /* These functions are being redefined in another directory,
294 and clash when the linker is case-insensitive, so let's
295 hide them a little, by giving them an extra 'o' at the
296 beginning of the name... */
297#ifdef VMS
298#undef X509v3_cleanup_extensions
299#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
300#undef X509v3_add_extension
301#define X509v3_add_extension oX509v3_add_extension
302#undef X509v3_add_netscape_extensions
303#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
304#undef X509v3_add_standard_extensions
305#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
306#endif
307
308int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
309 X509_NAME *name);
310X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name);
311X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x);
312void X509_OBJECT_up_ref_count(X509_OBJECT *a);
313void X509_OBJECT_free_contents(X509_OBJECT *a);
314X509_STORE *X509_STORE_new(void );
315void X509_STORE_free(X509_STORE *v);
316
317X509_STORE_CTX *X509_STORE_CTX_new(void);
318
319int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
320
321void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
322void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
323 X509 *x509, STACK_OF(X509) *chain);
324void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
325void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
326
327X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
328
329X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
330X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
331
332int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
333int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
334
335int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
336 X509_OBJECT *ret);
337
338int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
339 long argl, char **ret);
340
341#ifndef NO_STDIO
342int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
343int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
344int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
345#endif
346
347
348X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
349void X509_LOOKUP_free(X509_LOOKUP *ctx);
350int X509_LOOKUP_init(X509_LOOKUP *ctx);
351int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
352 X509_OBJECT *ret);
353int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
354 ASN1_INTEGER *serial, X509_OBJECT *ret);
355int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
356 unsigned char *bytes, int len, X509_OBJECT *ret);
357int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
358 int len, X509_OBJECT *ret);
359int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
360
361#ifndef NO_STDIO
362int X509_STORE_load_locations (X509_STORE *ctx,
363 const char *file, const char *dir);
364int X509_STORE_set_default_paths(X509_STORE *ctx);
365#endif
366
367int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
368 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
369int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data);
370void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
371int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
372void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
373int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
374X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
375STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
376STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
377void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
378void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
379int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
380int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
381int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
382 int purpose, int trust);
383void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags);
384void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t);
385
386#ifdef __cplusplus
387}
388#endif
389#endif
390
diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c
deleted file mode 100644
index 4c20e03ece..0000000000
--- a/src/lib/libcrypto/x509/x509name.c
+++ /dev/null
@@ -1,383 +0,0 @@
1/* crypto/x509/x509name.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/stack.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66
67int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
68 {
69 ASN1_OBJECT *obj;
70
71 obj=OBJ_nid2obj(nid);
72 if (obj == NULL) return(-1);
73 return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
74 }
75
76int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
77 int len)
78 {
79 int i;
80 ASN1_STRING *data;
81
82 i=X509_NAME_get_index_by_OBJ(name,obj,-1);
83 if (i < 0) return(-1);
84 data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
85 i=(data->length > (len-1))?(len-1):data->length;
86 if (buf == NULL) return(data->length);
87 memcpy(buf,data->data,i);
88 buf[i]='\0';
89 return(i);
90 }
91
92int X509_NAME_entry_count(X509_NAME *name)
93 {
94 if (name == NULL) return(0);
95 return(sk_X509_NAME_ENTRY_num(name->entries));
96 }
97
98int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
99 {
100 ASN1_OBJECT *obj;
101
102 obj=OBJ_nid2obj(nid);
103 if (obj == NULL) return(-2);
104 return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));
105 }
106
107/* NOTE: you should be passsing -1, not 0 as lastpos */
108int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
109 int lastpos)
110 {
111 int n;
112 X509_NAME_ENTRY *ne;
113 STACK_OF(X509_NAME_ENTRY) *sk;
114
115 if (name == NULL) return(-1);
116 if (lastpos < 0)
117 lastpos= -1;
118 sk=name->entries;
119 n=sk_X509_NAME_ENTRY_num(sk);
120 for (lastpos++; lastpos < n; lastpos++)
121 {
122 ne=sk_X509_NAME_ENTRY_value(sk,lastpos);
123 if (OBJ_cmp(ne->object,obj) == 0)
124 return(lastpos);
125 }
126 return(-1);
127 }
128
129X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
130 {
131 if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
132 || loc < 0)
133 return(NULL);
134 else
135 return(sk_X509_NAME_ENTRY_value(name->entries,loc));
136 }
137
138X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
139 {
140 X509_NAME_ENTRY *ret;
141 int i,n,set_prev,set_next;
142 STACK_OF(X509_NAME_ENTRY) *sk;
143
144 if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
145 || loc < 0)
146 return(NULL);
147 sk=name->entries;
148 ret=sk_X509_NAME_ENTRY_delete(sk,loc);
149 n=sk_X509_NAME_ENTRY_num(sk);
150 name->modified=1;
151 if (loc == n) return(ret);
152
153 /* else we need to fixup the set field */
154 if (loc != 0)
155 set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set;
156 else
157 set_prev=ret->set-1;
158 set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set;
159
160 /* set_prev is the previous set
161 * set is the current set
162 * set_next is the following
163 * prev 1 1 1 1 1 1 1 1
164 * set 1 1 2 2
165 * next 1 1 2 2 2 2 3 2
166 * so basically only if prev and next differ by 2, then
167 * re-number down by 1 */
168 if (set_prev+1 < set_next)
169 for (i=loc; i<n; i++)
170 sk_X509_NAME_ENTRY_value(sk,i)->set--;
171 return(ret);
172 }
173
174int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
175 unsigned char *bytes, int len, int loc, int set)
176{
177 X509_NAME_ENTRY *ne;
178 int ret;
179 ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
180 if(!ne) return 0;
181 ret = X509_NAME_add_entry(name, ne, loc, set);
182 X509_NAME_ENTRY_free(ne);
183 return ret;
184}
185
186int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
187 unsigned char *bytes, int len, int loc, int set)
188{
189 X509_NAME_ENTRY *ne;
190 int ret;
191 ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
192 if(!ne) return 0;
193 ret = X509_NAME_add_entry(name, ne, loc, set);
194 X509_NAME_ENTRY_free(ne);
195 return ret;
196}
197
198int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
199 unsigned char *bytes, int len, int loc, int set)
200{
201 X509_NAME_ENTRY *ne;
202 int ret;
203 ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
204 if(!ne) return 0;
205 ret = X509_NAME_add_entry(name, ne, loc, set);
206 X509_NAME_ENTRY_free(ne);
207 return ret;
208}
209
210/* if set is -1, append to previous set, 0 'a new one', and 1,
211 * prepend to the guy we are about to stomp on. */
212int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
213 int set)
214 {
215 X509_NAME_ENTRY *new_name=NULL;
216 int n,i,inc;
217 STACK_OF(X509_NAME_ENTRY) *sk;
218
219 if (name == NULL) return(0);
220 sk=name->entries;
221 n=sk_X509_NAME_ENTRY_num(sk);
222 if (loc > n) loc=n;
223 else if (loc < 0) loc=n;
224
225 name->modified=1;
226
227 if (set == -1)
228 {
229 if (loc == 0)
230 {
231 set=0;
232 inc=1;
233 }
234 else
235 {
236 set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set;
237 inc=0;
238 }
239 }
240 else /* if (set >= 0) */
241 {
242 if (loc >= n)
243 {
244 if (loc != 0)
245 set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1;
246 else
247 set=0;
248 }
249 else
250 set=sk_X509_NAME_ENTRY_value(sk,loc)->set;
251 inc=(set == 0)?1:0;
252 }
253
254 if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
255 goto err;
256 new_name->set=set;
257 if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc))
258 {
259 X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
260 goto err;
261 }
262 if (inc)
263 {
264 n=sk_X509_NAME_ENTRY_num(sk);
265 for (i=loc+1; i<n; i++)
266 sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1;
267 }
268 return(1);
269err:
270 if (new_name != NULL)
271 X509_NAME_ENTRY_free(new_name);
272 return(0);
273 }
274
275X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
276 char *field, int type, unsigned char *bytes, int len)
277 {
278 ASN1_OBJECT *obj;
279 X509_NAME_ENTRY *nentry;
280
281 obj=OBJ_txt2obj(field, 0);
282 if (obj == NULL)
283 {
284 X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
285 X509_R_INVALID_FIELD_NAME);
286 ERR_add_error_data(2, "name=", field);
287 return(NULL);
288 }
289 nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
290 ASN1_OBJECT_free(obj);
291 return nentry;
292 }
293
294X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
295 int type, unsigned char *bytes, int len)
296 {
297 ASN1_OBJECT *obj;
298 X509_NAME_ENTRY *nentry;
299
300 obj=OBJ_nid2obj(nid);
301 if (obj == NULL)
302 {
303 X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
304 return(NULL);
305 }
306 nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
307 ASN1_OBJECT_free(obj);
308 return nentry;
309 }
310
311X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
312 ASN1_OBJECT *obj, int type, unsigned char *bytes, int len)
313 {
314 X509_NAME_ENTRY *ret;
315
316 if ((ne == NULL) || (*ne == NULL))
317 {
318 if ((ret=X509_NAME_ENTRY_new()) == NULL)
319 return(NULL);
320 }
321 else
322 ret= *ne;
323
324 if (!X509_NAME_ENTRY_set_object(ret,obj))
325 goto err;
326 if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
327 goto err;
328
329 if ((ne != NULL) && (*ne == NULL)) *ne=ret;
330 return(ret);
331err:
332 if ((ne == NULL) || (ret != *ne))
333 X509_NAME_ENTRY_free(ret);
334 return(NULL);
335 }
336
337int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
338 {
339 if ((ne == NULL) || (obj == NULL))
340 {
341 X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
342 return(0);
343 }
344 ASN1_OBJECT_free(ne->object);
345 ne->object=OBJ_dup(obj);
346 return((ne->object == NULL)?0:1);
347 }
348
349int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
350 unsigned char *bytes, int len)
351 {
352 int i;
353
354 if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
355 if((type > 0) && (type & MBSTRING_FLAG))
356 return ASN1_STRING_set_by_NID(&ne->value, bytes,
357 len, type,
358 OBJ_obj2nid(ne->object)) ? 1 : 0;
359 if (len < 0) len=strlen((char *)bytes);
360 i=ASN1_STRING_set(ne->value,bytes,len);
361 if (!i) return(0);
362 if (type != V_ASN1_UNDEF)
363 {
364 if (type == V_ASN1_APP_CHOOSE)
365 ne->value->type=ASN1_PRINTABLE_type(bytes,len);
366 else
367 ne->value->type=type;
368 }
369 return(1);
370 }
371
372ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
373 {
374 if (ne == NULL) return(NULL);
375 return(ne->object);
376 }
377
378ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
379 {
380 if (ne == NULL) return(NULL);
381 return(ne->value);
382 }
383
diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c
deleted file mode 100644
index d9f6b57372..0000000000
--- a/src/lib/libcrypto/x509/x509rset.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/x509/x509rset.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65
66int X509_REQ_set_version(X509_REQ *x, long version)
67 {
68 if (x == NULL) return(0);
69 return(ASN1_INTEGER_set(x->req_info->version,version));
70 }
71
72int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
73 {
74 if ((x == NULL) || (x->req_info == NULL)) return(0);
75 return(X509_NAME_set(&x->req_info->subject,name));
76 }
77
78int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
79 {
80 if ((x == NULL) || (x->req_info == NULL)) return(0);
81 return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
82 }
83
diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c
deleted file mode 100644
index fd0a534d88..0000000000
--- a/src/lib/libcrypto/x509/x509spki.c
+++ /dev/null
@@ -1,121 +0,0 @@
1/* x509spki.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509.h>
62#include <openssl/asn1_mac.h>
63
64int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
65{
66 if ((x == NULL) || (x->spkac == NULL)) return(0);
67 return(X509_PUBKEY_set(&(x->spkac->pubkey),pkey));
68}
69
70EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
71{
72 if ((x == NULL) || (x->spkac == NULL))
73 return(NULL);
74 return(X509_PUBKEY_get(x->spkac->pubkey));
75}
76
77/* Load a Netscape SPKI from a base64 encoded string */
78
79NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len)
80{
81 unsigned char *spki_der, *p;
82 int spki_len;
83 NETSCAPE_SPKI *spki;
84 if(len <= 0) len = strlen(str);
85 if (!(spki_der = OPENSSL_malloc(len + 1))) {
86 X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
87 return NULL;
88 }
89 spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
90 if(spki_len < 0) {
91 X509err(X509_F_NETSCAPE_SPKI_B64_DECODE,
92 X509_R_BASE64_DECODE_ERROR);
93 OPENSSL_free(spki_der);
94 return NULL;
95 }
96 p = spki_der;
97 spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len);
98 OPENSSL_free(spki_der);
99 return spki;
100}
101
102/* Generate a base64 encoded string from an SPKI */
103
104char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
105{
106 unsigned char *der_spki, *p;
107 char *b64_str;
108 int der_len;
109 der_len = i2d_NETSCAPE_SPKI(spki, NULL);
110 der_spki = OPENSSL_malloc(der_len);
111 b64_str = OPENSSL_malloc(der_len * 2);
112 if(!der_spki || !b64_str) {
113 X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
114 return NULL;
115 }
116 p = der_spki;
117 i2d_NETSCAPE_SPKI(spki, &p);
118 EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len);
119 OPENSSL_free(der_spki);
120 return b64_str;
121}
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c
deleted file mode 100644
index 8e78b34458..0000000000
--- a/src/lib/libcrypto/x509/x509type.c
+++ /dev/null
@@ -1,114 +0,0 @@
1/* crypto/x509/x509type.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
66 {
67 EVP_PKEY *pk;
68 int ret=0,i;
69
70 if (x == NULL) return(0);
71
72 if (pkey == NULL)
73 pk=X509_get_pubkey(x);
74 else
75 pk=pkey;
76
77 if (pk == NULL) return(0);
78
79 switch (pk->type)
80 {
81 case EVP_PKEY_RSA:
82 ret=EVP_PK_RSA|EVP_PKT_SIGN;
83/* if (!sign only extension) */
84 ret|=EVP_PKT_ENC;
85 break;
86 case EVP_PKEY_DSA:
87 ret=EVP_PK_DSA|EVP_PKT_SIGN;
88 break;
89 case EVP_PKEY_DH:
90 ret=EVP_PK_DH|EVP_PKT_EXCH;
91 break;
92 default:
93 break;
94 }
95
96 i=X509_get_signature_type(x);
97 switch (i)
98 {
99 case EVP_PKEY_RSA:
100 ret|=EVP_PKS_RSA;
101 break;
102 case EVP_PKS_DSA:
103 ret|=EVP_PKS_DSA;
104 break;
105 default:
106 break;
107 }
108
109 if (EVP_PKEY_size(pk) <= 512)
110 ret|=EVP_PKT_EXP;
111 if(pkey==NULL) EVP_PKEY_free(pk);
112 return(ret);
113 }
114
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c
deleted file mode 100644
index 9bd6e2a39b..0000000000
--- a/src/lib/libcrypto/x509/x_all.c
+++ /dev/null
@@ -1,565 +0,0 @@
1/* crypto/x509/x_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#undef SSLEAY_MACROS
61#include <openssl/stack.h>
62#include "cryptlib.h"
63#include <openssl/buffer.h>
64#include <openssl/asn1.h>
65#include <openssl/evp.h>
66#include <openssl/x509.h>
67
68int X509_verify(X509 *a, EVP_PKEY *r)
69 {
70 return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
71 a->signature,(char *)a->cert_info,r));
72 }
73
74int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
75 {
76 return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
77 a->sig_alg,a->signature,(char *)a->req_info,r));
78 }
79
80int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
81 {
82 return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
83 a->sig_alg, a->signature,(char *)a->crl,r));
84 }
85
86int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
87 {
88 return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
89 a->sig_algor,a->signature, (char *)a->spkac,r));
90 }
91
92int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
93 {
94 return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
95 x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
96 }
97
98int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
99 {
100 return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
101 x->signature, (char *)x->req_info,pkey,md));
102 }
103
104int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
105 {
106 return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
107 x->sig_alg, x->signature, (char *)x->crl,pkey,md));
108 }
109
110int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
111 {
112 return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
113 x->signature, (char *)x->spkac,pkey,md));
114 }
115
116X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa)
117 {
118 return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE,
119 (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa));
120 }
121
122X509 *X509_dup(X509 *x509)
123 {
124 return((X509 *)ASN1_dup((int (*)())i2d_X509,
125 (char *(*)())d2i_X509,(char *)x509));
126 }
127
128X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex)
129 {
130 return((X509_EXTENSION *)ASN1_dup(
131 (int (*)())i2d_X509_EXTENSION,
132 (char *(*)())d2i_X509_EXTENSION,(char *)ex));
133 }
134
135#ifndef NO_FP_API
136X509 *d2i_X509_fp(FILE *fp, X509 **x509)
137 {
138 return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
139 (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
140 }
141
142int i2d_X509_fp(FILE *fp, X509 *x509)
143 {
144 return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509));
145 }
146#endif
147
148X509 *d2i_X509_bio(BIO *bp, X509 **x509)
149 {
150 return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
151 (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
152 }
153
154int i2d_X509_bio(BIO *bp, X509 *x509)
155 {
156 return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509));
157 }
158
159X509_CRL *X509_CRL_dup(X509_CRL *crl)
160 {
161 return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL,
162 (char *(*)())d2i_X509_CRL,(char *)crl));
163 }
164
165#ifndef NO_FP_API
166X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
167 {
168 return((X509_CRL *)ASN1_d2i_fp((char *(*)())
169 X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
170 (unsigned char **)(crl)));
171 }
172
173int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
174 {
175 return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl));
176 }
177#endif
178
179X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
180 {
181 return((X509_CRL *)ASN1_d2i_bio((char *(*)())
182 X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
183 (unsigned char **)(crl)));
184 }
185
186int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
187 {
188 return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl));
189 }
190
191PKCS7 *PKCS7_dup(PKCS7 *p7)
192 {
193 return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7,
194 (char *(*)())d2i_PKCS7,(char *)p7));
195 }
196
197#ifndef NO_FP_API
198PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
199 {
200 return((PKCS7 *)ASN1_d2i_fp((char *(*)())
201 PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
202 (unsigned char **)(p7)));
203 }
204
205int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
206 {
207 return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7));
208 }
209#endif
210
211PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
212 {
213 return((PKCS7 *)ASN1_d2i_bio((char *(*)())
214 PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
215 (unsigned char **)(p7)));
216 }
217
218int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
219 {
220 return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7));
221 }
222
223X509_REQ *X509_REQ_dup(X509_REQ *req)
224 {
225 return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ,
226 (char *(*)())d2i_X509_REQ,(char *)req));
227 }
228
229#ifndef NO_FP_API
230X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
231 {
232 return((X509_REQ *)ASN1_d2i_fp((char *(*)())
233 X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
234 (unsigned char **)(req)));
235 }
236
237int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
238 {
239 return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req));
240 }
241#endif
242
243X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
244 {
245 return((X509_REQ *)ASN1_d2i_bio((char *(*)())
246 X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
247 (unsigned char **)(req)));
248 }
249
250int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
251 {
252 return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req));
253 }
254
255#ifndef NO_RSA
256RSA *RSAPublicKey_dup(RSA *rsa)
257 {
258 return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey,
259 (char *(*)())d2i_RSAPublicKey,(char *)rsa));
260 }
261
262RSA *RSAPrivateKey_dup(RSA *rsa)
263 {
264 return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey,
265 (char *(*)())d2i_RSAPrivateKey,(char *)rsa));
266 }
267
268#ifndef NO_FP_API
269RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
270 {
271 return((RSA *)ASN1_d2i_fp((char *(*)())
272 RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
273 (unsigned char **)(rsa)));
274 }
275
276int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
277 {
278 return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
279 }
280
281RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
282 {
283 return((RSA *)ASN1_d2i_fp((char *(*)())
284 RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
285 (unsigned char **)(rsa)));
286 }
287
288RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
289 {
290 return((RSA *)ASN1_d2i_fp((char *(*)())
291 RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp),
292 (unsigned char **)(rsa)));
293 }
294
295int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
296 {
297 return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa));
298 }
299
300int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
301 {
302 return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa));
303 }
304#endif
305
306RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
307 {
308 return((RSA *)ASN1_d2i_bio((char *(*)())
309 RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
310 (unsigned char **)(rsa)));
311 }
312
313int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
314 {
315 return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
316 }
317
318RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
319 {
320 return((RSA *)ASN1_d2i_bio((char *(*)())
321 RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
322 (unsigned char **)(rsa)));
323 }
324
325RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
326 {
327 return((RSA *)ASN1_d2i_bio((char *(*)())
328 RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp),
329 (unsigned char **)(rsa)));
330 }
331
332int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
333 {
334 return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa));
335 }
336
337int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
338 {
339 return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa));
340 }
341#endif
342
343#ifndef NO_DSA
344#ifndef NO_FP_API
345DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
346 {
347 return((DSA *)ASN1_d2i_fp((char *(*)())
348 DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
349 (unsigned char **)(dsa)));
350 }
351
352int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
353 {
354 return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
355 }
356
357DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
358 {
359 return((DSA *)ASN1_d2i_fp((char *(*)())
360 DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp),
361 (unsigned char **)(dsa)));
362 }
363
364int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
365 {
366 return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa));
367 }
368#endif
369
370DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
371 {
372 return((DSA *)ASN1_d2i_bio((char *(*)())
373 DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
374 (unsigned char **)(dsa)));
375 }
376
377int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
378 {
379 return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
380 }
381
382DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
383 {
384 return((DSA *)ASN1_d2i_bio((char *(*)())
385 DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp),
386 (unsigned char **)(dsa)));
387 }
388
389int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
390 {
391 return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa));
392 }
393
394#endif
395
396X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn)
397 {
398 return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,
399 (char *(*)())d2i_X509_ALGOR,(char *)xn));
400 }
401
402X509_NAME *X509_NAME_dup(X509_NAME *xn)
403 {
404 return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME,
405 (char *(*)())d2i_X509_NAME,(char *)xn));
406 }
407
408X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne)
409 {
410 return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY,
411 (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne));
412 }
413
414int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
415 unsigned int *len)
416 {
417 return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
418 }
419
420int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
421 unsigned int *len)
422 {
423 return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len));
424 }
425
426int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
427 unsigned int *len)
428 {
429 return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len));
430 }
431
432int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
433 unsigned int *len)
434 {
435 return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
436 }
437
438int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
439 unsigned char *md, unsigned int *len)
440 {
441 return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
442 (char *)data,md,len));
443 }
444
445
446#ifndef NO_FP_API
447X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
448 {
449 return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new,
450 (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8)));
451 }
452
453int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
454 {
455 return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8));
456 }
457#endif
458
459X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
460 {
461 return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new,
462 (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8)));
463 }
464
465int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
466 {
467 return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8));
468 }
469
470#ifndef NO_FP_API
471PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
472 PKCS8_PRIV_KEY_INFO **p8inf)
473 {
474 return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp(
475 (char *(*)())PKCS8_PRIV_KEY_INFO_new,
476 (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp),
477 (unsigned char **)(p8inf)));
478 }
479
480int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
481 {
482 return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf));
483 }
484
485int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
486 {
487 PKCS8_PRIV_KEY_INFO *p8inf;
488 int ret;
489 p8inf = EVP_PKEY2PKCS8(key);
490 if(!p8inf) return 0;
491 ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
492 PKCS8_PRIV_KEY_INFO_free(p8inf);
493 return ret;
494 }
495
496int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
497 {
498 return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey));
499 }
500
501EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
502{
503 return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
504 (char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a)));
505}
506
507int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
508 {
509 return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey));
510 }
511
512EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
513{
514 return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
515 (char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a)));
516}
517
518#endif
519
520PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
521 PKCS8_PRIV_KEY_INFO **p8inf)
522 {
523 return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio(
524 (char *(*)())PKCS8_PRIV_KEY_INFO_new,
525 (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp),
526 (unsigned char **)(p8inf)));
527 }
528
529int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
530 {
531 return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf));
532 }
533
534int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
535 {
536 PKCS8_PRIV_KEY_INFO *p8inf;
537 int ret;
538 p8inf = EVP_PKEY2PKCS8(key);
539 if(!p8inf) return 0;
540 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
541 PKCS8_PRIV_KEY_INFO_free(p8inf);
542 return ret;
543 }
544
545int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
546 {
547 return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey));
548 }
549
550EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
551 {
552 return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
553 (char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a)));
554 }
555
556int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
557 {
558 return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey));
559 }
560
561EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
562 {
563 return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
564 (char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a)));
565 }
diff --git a/src/lib/libcrypto/x509v3/ext_dat.h b/src/lib/libcrypto/x509v3/ext_dat.h
deleted file mode 100644
index 801a585a52..0000000000
--- a/src/lib/libcrypto/x509v3/ext_dat.h
+++ /dev/null
@@ -1,97 +0,0 @@
1/* ext_dat.h */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* This file contains a table of "standard" extensions */
59
60extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
61extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info;
62extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
63extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld;
64
65/* This table will be searched using OBJ_bsearch so it *must* kept in
66 * order of the ext_nid values.
67 */
68
69static X509V3_EXT_METHOD *standard_exts[] = {
70&v3_nscert,
71&v3_ns_ia5_list[0],
72&v3_ns_ia5_list[1],
73&v3_ns_ia5_list[2],
74&v3_ns_ia5_list[3],
75&v3_ns_ia5_list[4],
76&v3_ns_ia5_list[5],
77&v3_ns_ia5_list[6],
78&v3_skey_id,
79&v3_key_usage,
80&v3_pkey_usage_period,
81&v3_alt[0],
82&v3_alt[1],
83&v3_bcons,
84&v3_crl_num,
85&v3_cpols,
86&v3_akey_id,
87&v3_crld,
88&v3_ext_ku,
89&v3_crl_reason,
90&v3_sxnet,
91&v3_info,
92};
93
94/* Number of standard extensions */
95
96#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
97
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c
deleted file mode 100644
index 0889a18993..0000000000
--- a/src/lib/libcrypto/x509v3/v3_akey.c
+++ /dev/null
@@ -1,249 +0,0 @@
1/* v3_akey.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509v3.h>
65
66static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
67 AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist);
68static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
69 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
70
71X509V3_EXT_METHOD v3_akey_id = {
72NID_authority_key_identifier, X509V3_EXT_MULTILINE,
73(X509V3_EXT_NEW)AUTHORITY_KEYID_new,
74(X509V3_EXT_FREE)AUTHORITY_KEYID_free,
75(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
76(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID,
77NULL, NULL,
78(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
79(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
80NULL,NULL,
81NULL
82};
83
84
85int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp)
86{
87 M_ASN1_I2D_vars(a);
88
89 M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING);
90 M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES);
91 M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER);
92
93 M_ASN1_I2D_seq_total();
94
95 M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0);
96 M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1);
97 M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2);
98
99 M_ASN1_I2D_finish();
100}
101
102AUTHORITY_KEYID *AUTHORITY_KEYID_new(void)
103{
104 AUTHORITY_KEYID *ret=NULL;
105 ASN1_CTX c;
106 M_ASN1_New_Malloc(ret, AUTHORITY_KEYID);
107 ret->keyid = NULL;
108 ret->issuer = NULL;
109 ret->serial = NULL;
110 return (ret);
111 M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW);
112}
113
114AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp,
115 long length)
116{
117 M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new);
118 M_ASN1_D2I_Init();
119 M_ASN1_D2I_start_sequence();
120 M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0,
121 V_ASN1_OCTET_STRING);
122 M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1,
123 V_ASN1_SEQUENCE);
124 M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2,
125 V_ASN1_INTEGER);
126 M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID);
127}
128
129void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
130{
131 if (a == NULL) return;
132 M_ASN1_OCTET_STRING_free(a->keyid);
133 sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free);
134 M_ASN1_INTEGER_free (a->serial);
135 OPENSSL_free (a);
136}
137
138static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
139 AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
140{
141 char *tmp;
142 if(akeyid->keyid) {
143 tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
144 X509V3_add_value("keyid", tmp, &extlist);
145 OPENSSL_free(tmp);
146 }
147 if(akeyid->issuer)
148 extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
149 if(akeyid->serial) {
150 tmp = hex_to_string(akeyid->serial->data,
151 akeyid->serial->length);
152 X509V3_add_value("serial", tmp, &extlist);
153 OPENSSL_free(tmp);
154 }
155 return extlist;
156}
157
158/* Currently two options:
159 * keyid: use the issuers subject keyid, the value 'always' means its is
160 * an error if the issuer certificate doesn't have a key id.
161 * issuer: use the issuers cert issuer and serial number. The default is
162 * to only use this if keyid is not present. With the option 'always'
163 * this is always included.
164 */
165
166static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
167 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
168{
169char keyid=0, issuer=0;
170int i;
171CONF_VALUE *cnf;
172ASN1_OCTET_STRING *ikeyid = NULL;
173X509_NAME *isname = NULL;
174STACK_OF(GENERAL_NAME) * gens = NULL;
175GENERAL_NAME *gen = NULL;
176ASN1_INTEGER *serial = NULL;
177X509_EXTENSION *ext;
178X509 *cert;
179AUTHORITY_KEYID *akeyid;
180for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
181 cnf = sk_CONF_VALUE_value(values, i);
182 if(!strcmp(cnf->name, "keyid")) {
183 keyid = 1;
184 if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2;
185 } else if(!strcmp(cnf->name, "issuer")) {
186 issuer = 1;
187 if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2;
188 } else {
189 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
190 ERR_add_error_data(2, "name=", cnf->name);
191 return NULL;
192 }
193}
194
195
196
197if(!ctx || !ctx->issuer_cert) {
198 if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
199 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
200 return NULL;
201}
202
203cert = ctx->issuer_cert;
204
205if(keyid) {
206 i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
207 if((i >= 0) && (ext = X509_get_ext(cert, i)))
208 ikeyid = X509V3_EXT_d2i(ext);
209 if(keyid==2 && !ikeyid) {
210 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
211 return NULL;
212 }
213}
214
215if((issuer && !ikeyid) || (issuer == 2)) {
216 isname = X509_NAME_dup(X509_get_issuer_name(cert));
217 serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
218 if(!isname || !serial) {
219 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
220 goto err;
221 }
222}
223
224if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
225
226if(isname) {
227 if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new())
228 || !sk_GENERAL_NAME_push(gens, gen)) {
229 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
230 goto err;
231 }
232 gen->type = GEN_DIRNAME;
233 gen->d.dirn = isname;
234}
235
236akeyid->issuer = gens;
237akeyid->serial = serial;
238akeyid->keyid = ikeyid;
239
240return akeyid;
241
242err:
243X509_NAME_free(isname);
244M_ASN1_INTEGER_free(serial);
245M_ASN1_OCTET_STRING_free(ikeyid);
246return NULL;
247
248}
249
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
deleted file mode 100644
index 94bebcd448..0000000000
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ /dev/null
@@ -1,401 +0,0 @@
1/* v3_alt.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/x509v3.h>
63
64static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
65static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
66static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
67static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
68X509V3_EXT_METHOD v3_alt[] = {
69{ NID_subject_alt_name, 0,
70(X509V3_EXT_NEW)GENERAL_NAMES_new,
71(X509V3_EXT_FREE)GENERAL_NAMES_free,
72(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
73(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
74NULL, NULL,
75(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
76(X509V3_EXT_V2I)v2i_subject_alt,
77NULL, NULL, NULL},
78{ NID_issuer_alt_name, 0,
79(X509V3_EXT_NEW)GENERAL_NAMES_new,
80(X509V3_EXT_FREE)GENERAL_NAMES_free,
81(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
82(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
83NULL, NULL,
84(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
85(X509V3_EXT_V2I)v2i_issuer_alt,
86NULL, NULL, NULL},
87};
88
89STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
90 STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret)
91{
92 int i;
93 GENERAL_NAME *gen;
94 for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
95 gen = sk_GENERAL_NAME_value(gens, i);
96 ret = i2v_GENERAL_NAME(method, gen, ret);
97 }
98 if(!ret) return sk_CONF_VALUE_new_null();
99 return ret;
100}
101
102STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
103 GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
104{
105 char oline[256];
106 unsigned char *p;
107 switch (gen->type)
108 {
109 case GEN_OTHERNAME:
110 X509V3_add_value("othername","<unsupported>", &ret);
111 break;
112
113 case GEN_X400:
114 X509V3_add_value("X400Name","<unsupported>", &ret);
115 break;
116
117 case GEN_EDIPARTY:
118 X509V3_add_value("EdiPartyName","<unsupported>", &ret);
119 break;
120
121 case GEN_EMAIL:
122 X509V3_add_value_uchar("email",gen->d.ia5->data, &ret);
123 break;
124
125 case GEN_DNS:
126 X509V3_add_value_uchar("DNS",gen->d.ia5->data, &ret);
127 break;
128
129 case GEN_URI:
130 X509V3_add_value_uchar("URI",gen->d.ia5->data, &ret);
131 break;
132
133 case GEN_DIRNAME:
134 X509_NAME_oneline(gen->d.dirn, oline, 256);
135 X509V3_add_value("DirName",oline, &ret);
136 break;
137
138 case GEN_IPADD:
139 p = gen->d.ip->data;
140 /* BUG: doesn't support IPV6 */
141 if(gen->d.ip->length != 4) {
142 X509V3_add_value("IP Address","<invalid>", &ret);
143 break;
144 }
145 sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
146 X509V3_add_value("IP Address",oline, &ret);
147 break;
148
149 case GEN_RID:
150 i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
151 X509V3_add_value("Registered ID",oline, &ret);
152 break;
153 }
154 return ret;
155}
156
157static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
158 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
159{
160 STACK_OF(GENERAL_NAME) *gens = NULL;
161 CONF_VALUE *cnf;
162 int i;
163 if(!(gens = sk_GENERAL_NAME_new_null())) {
164 X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
165 return NULL;
166 }
167 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
168 cnf = sk_CONF_VALUE_value(nval, i);
169 if(!name_cmp(cnf->name, "issuer") && cnf->value &&
170 !strcmp(cnf->value, "copy")) {
171 if(!copy_issuer(ctx, gens)) goto err;
172 } else {
173 GENERAL_NAME *gen;
174 if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
175 goto err;
176 sk_GENERAL_NAME_push(gens, gen);
177 }
178 }
179 return gens;
180 err:
181 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
182 return NULL;
183}
184
185/* Append subject altname of issuer to issuer alt name of subject */
186
187static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
188{
189 STACK_OF(GENERAL_NAME) *ialt;
190 GENERAL_NAME *gen;
191 X509_EXTENSION *ext;
192 int i;
193 if(ctx && (ctx->flags == CTX_TEST)) return 1;
194 if(!ctx || !ctx->issuer_cert) {
195 X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_NO_ISSUER_DETAILS);
196 goto err;
197 }
198 i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
199 if(i < 0) return 1;
200 if(!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
201 !(ialt = X509V3_EXT_d2i(ext)) ) {
202 X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_ISSUER_DECODE_ERROR);
203 goto err;
204 }
205
206 for(i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
207 gen = sk_GENERAL_NAME_value(ialt, i);
208 if(!sk_GENERAL_NAME_push(gens, gen)) {
209 X509V3err(X509V3_F_COPY_ISSUER,ERR_R_MALLOC_FAILURE);
210 goto err;
211 }
212 }
213 sk_GENERAL_NAME_free(ialt);
214
215 return 1;
216
217 err:
218 return 0;
219
220}
221
222static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
223 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
224{
225 STACK_OF(GENERAL_NAME) *gens = NULL;
226 CONF_VALUE *cnf;
227 int i;
228 if(!(gens = sk_GENERAL_NAME_new_null())) {
229 X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
230 return NULL;
231 }
232 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
233 cnf = sk_CONF_VALUE_value(nval, i);
234 if(!name_cmp(cnf->name, "email") && cnf->value &&
235 !strcmp(cnf->value, "copy")) {
236 if(!copy_email(ctx, gens)) goto err;
237 } else {
238 GENERAL_NAME *gen;
239 if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
240 goto err;
241 sk_GENERAL_NAME_push(gens, gen);
242 }
243 }
244 return gens;
245 err:
246 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
247 return NULL;
248}
249
250/* Copy any email addresses in a certificate or request to
251 * GENERAL_NAMES
252 */
253
254static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
255{
256 X509_NAME *nm;
257 ASN1_IA5STRING *email = NULL;
258 X509_NAME_ENTRY *ne;
259 GENERAL_NAME *gen = NULL;
260 int i;
261 if(ctx->flags == CTX_TEST) return 1;
262 if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
263 X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS);
264 goto err;
265 }
266 /* Find the subject name */
267 if(ctx->subject_cert) nm = X509_get_subject_name(ctx->subject_cert);
268 else nm = X509_REQ_get_subject_name(ctx->subject_req);
269
270 /* Now add any email address(es) to STACK */
271 i = -1;
272 while((i = X509_NAME_get_index_by_NID(nm,
273 NID_pkcs9_emailAddress, i)) >= 0) {
274 ne = X509_NAME_get_entry(nm, i);
275 email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
276 if(!email || !(gen = GENERAL_NAME_new())) {
277 X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
278 goto err;
279 }
280 gen->d.ia5 = email;
281 email = NULL;
282 gen->type = GEN_EMAIL;
283 if(!sk_GENERAL_NAME_push(gens, gen)) {
284 X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
285 goto err;
286 }
287 gen = NULL;
288 }
289
290
291 return 1;
292
293 err:
294 GENERAL_NAME_free(gen);
295 M_ASN1_IA5STRING_free(email);
296 return 0;
297
298}
299
300STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
301 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
302{
303 GENERAL_NAME *gen;
304 STACK_OF(GENERAL_NAME) *gens = NULL;
305 CONF_VALUE *cnf;
306 int i;
307 if(!(gens = sk_GENERAL_NAME_new_null())) {
308 X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
309 return NULL;
310 }
311 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
312 cnf = sk_CONF_VALUE_value(nval, i);
313 if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err;
314 sk_GENERAL_NAME_push(gens, gen);
315 }
316 return gens;
317 err:
318 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
319 return NULL;
320}
321
322GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
323 CONF_VALUE *cnf)
324{
325char is_string = 0;
326int type;
327GENERAL_NAME *gen = NULL;
328
329char *name, *value;
330
331name = cnf->name;
332value = cnf->value;
333
334if(!value) {
335 X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
336 return NULL;
337}
338
339if(!(gen = GENERAL_NAME_new())) {
340 X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
341 return NULL;
342}
343
344if(!name_cmp(name, "email")) {
345 is_string = 1;
346 type = GEN_EMAIL;
347} else if(!name_cmp(name, "URI")) {
348 is_string = 1;
349 type = GEN_URI;
350} else if(!name_cmp(name, "DNS")) {
351 is_string = 1;
352 type = GEN_DNS;
353} else if(!name_cmp(name, "RID")) {
354 ASN1_OBJECT *obj;
355 if(!(obj = OBJ_txt2obj(value,0))) {
356 X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
357 ERR_add_error_data(2, "value=", value);
358 goto err;
359 }
360 gen->d.rid = obj;
361 type = GEN_RID;
362} else if(!name_cmp(name, "IP")) {
363 int i1,i2,i3,i4;
364 unsigned char ip[4];
365 if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) ||
366 (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) ||
367 (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) {
368 X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
369 ERR_add_error_data(2, "value=", value);
370 goto err;
371 }
372 ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;
373 if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) ||
374 !ASN1_STRING_set(gen->d.ip, ip, 4)) {
375 X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
376 goto err;
377 }
378 type = GEN_IPADD;
379} else {
380 X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION);
381 ERR_add_error_data(2, "name=", name);
382 goto err;
383}
384
385if(is_string) {
386 if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
387 !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
388 strlen(value))) {
389 X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
390 goto err;
391 }
392}
393
394gen->type = type;
395
396return gen;
397
398err:
399GENERAL_NAME_free(gen);
400return NULL;
401}
diff --git a/src/lib/libcrypto/x509v3/v3_bcons.c b/src/lib/libcrypto/x509v3/v3_bcons.c
deleted file mode 100644
index c576b8e955..0000000000
--- a/src/lib/libcrypto/x509v3/v3_bcons.c
+++ /dev/null
@@ -1,164 +0,0 @@
1/* v3_bcons.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/conf.h>
65#include <openssl/x509v3.h>
66
67static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist);
68static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
69
70X509V3_EXT_METHOD v3_bcons = {
71NID_basic_constraints, 0,
72(X509V3_EXT_NEW)BASIC_CONSTRAINTS_new,
73(X509V3_EXT_FREE)BASIC_CONSTRAINTS_free,
74(X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS,
75(X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS,
76NULL, NULL,
77(X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
78(X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
79NULL,NULL,
80NULL
81};
82
83
84int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp)
85{
86 M_ASN1_I2D_vars(a);
87 if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN);
88 M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER);
89
90 M_ASN1_I2D_seq_total();
91
92 if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN);
93 M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER);
94 M_ASN1_I2D_finish();
95}
96
97BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void)
98{
99 BASIC_CONSTRAINTS *ret=NULL;
100 ASN1_CTX c;
101 M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS);
102 ret->ca = 0;
103 ret->pathlen = NULL;
104 return (ret);
105 M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW);
106}
107
108BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a,
109 unsigned char **pp, long length)
110{
111 M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new);
112 M_ASN1_D2I_Init();
113 M_ASN1_D2I_start_sequence();
114 if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) ==
115 (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) {
116 M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN);
117 }
118 M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
119 M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS);
120}
121
122void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
123{
124 if (a == NULL) return;
125 M_ASN1_INTEGER_free (a->pathlen);
126 OPENSSL_free (a);
127}
128
129static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
130 BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist)
131{
132 X509V3_add_value_bool("CA", bcons->ca, &extlist);
133 X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
134 return extlist;
135}
136
137static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
138 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
139{
140 BASIC_CONSTRAINTS *bcons=NULL;
141 CONF_VALUE *val;
142 int i;
143 if(!(bcons = BASIC_CONSTRAINTS_new())) {
144 X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
145 return NULL;
146 }
147 for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
148 val = sk_CONF_VALUE_value(values, i);
149 if(!strcmp(val->name, "CA")) {
150 if(!X509V3_get_value_bool(val, &bcons->ca)) goto err;
151 } else if(!strcmp(val->name, "pathlen")) {
152 if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err;
153 } else {
154 X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME);
155 X509V3_conf_err(val);
156 goto err;
157 }
158 }
159 return bcons;
160 err:
161 BASIC_CONSTRAINTS_free(bcons);
162 return NULL;
163}
164
diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c
deleted file mode 100644
index 0e1167d05c..0000000000
--- a/src/lib/libcrypto/x509v3/v3_bitst.c
+++ /dev/null
@@ -1,141 +0,0 @@
1/* v3_bitst.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/x509v3.h>
63
64static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
65 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
66static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
67 ASN1_BIT_STRING *bits,
68 STACK_OF(CONF_VALUE) *extlist);
69static BIT_STRING_BITNAME ns_cert_type_table[] = {
70{0, "SSL Client", "client"},
71{1, "SSL Server", "server"},
72{2, "S/MIME", "email"},
73{3, "Object Signing", "objsign"},
74{4, "Unused", "reserved"},
75{5, "SSL CA", "sslCA"},
76{6, "S/MIME CA", "emailCA"},
77{7, "Object Signing CA", "objCA"},
78{-1, NULL, NULL}
79};
80
81static BIT_STRING_BITNAME key_usage_type_table[] = {
82{0, "Digital Signature", "digitalSignature"},
83{1, "Non Repudiation", "nonRepudiation"},
84{2, "Key Encipherment", "keyEncipherment"},
85{3, "Data Encipherment", "dataEncipherment"},
86{4, "Key Agreement", "keyAgreement"},
87{5, "Certificate Sign", "keyCertSign"},
88{6, "CRL Sign", "cRLSign"},
89{7, "Encipher Only", "encipherOnly"},
90{8, "Decipher Only", "decipherOnly"},
91{-1, NULL, NULL}
92};
93
94
95
96X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
97X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);
98
99static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
100 ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
101{
102 BIT_STRING_BITNAME *bnam;
103 for(bnam =method->usr_data; bnam->lname; bnam++) {
104 if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
105 X509V3_add_value(bnam->lname, NULL, &ret);
106 }
107 return ret;
108}
109
110static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
111 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
112{
113 CONF_VALUE *val;
114 ASN1_BIT_STRING *bs;
115 int i;
116 BIT_STRING_BITNAME *bnam;
117 if(!(bs = M_ASN1_BIT_STRING_new())) {
118 X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE);
119 return NULL;
120 }
121 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
122 val = sk_CONF_VALUE_value(nval, i);
123 for(bnam = method->usr_data; bnam->lname; bnam++) {
124 if(!strcmp(bnam->sname, val->name) ||
125 !strcmp(bnam->lname, val->name) ) {
126 ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1);
127 break;
128 }
129 }
130 if(!bnam->lname) {
131 X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
132 X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
133 X509V3_conf_err(val);
134 M_ASN1_BIT_STRING_free(bs);
135 return NULL;
136 }
137 }
138 return bs;
139}
140
141
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
deleted file mode 100644
index bdc9c1cbc1..0000000000
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ /dev/null
@@ -1,390 +0,0 @@
1/* v3_conf.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* extension creation utilities */
59
60
61
62#include <stdio.h>
63#include <ctype.h>
64#include "cryptlib.h"
65#include <openssl/conf.h>
66#include <openssl/x509.h>
67#include <openssl/x509v3.h>
68
69static int v3_check_critical(char **value);
70static int v3_check_generic(char **value);
71static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value);
72static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type);
73static char *conf_lhash_get_string(void *db, char *section, char *value);
74static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
75static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
76 int crit, void *ext_struc);
77/* LHASH *conf: Config file */
78/* char *name: Name */
79/* char *value: Value */
80X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
81 char *value)
82{
83 int crit;
84 int ext_type;
85 X509_EXTENSION *ret;
86 crit = v3_check_critical(&value);
87 if((ext_type = v3_check_generic(&value)))
88 return v3_generic_extension(name, value, crit, ext_type);
89 ret = do_ext_conf(conf, ctx, OBJ_sn2nid(name), crit, value);
90 if(!ret) {
91 X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION);
92 ERR_add_error_data(4,"name=", name, ", value=", value);
93 }
94 return ret;
95}
96
97/* LHASH *conf: Config file */
98/* char *value: Value */
99X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
100 char *value)
101{
102 int crit;
103 int ext_type;
104 crit = v3_check_critical(&value);
105 if((ext_type = v3_check_generic(&value)))
106 return v3_generic_extension(OBJ_nid2sn(ext_nid),
107 value, crit, ext_type);
108 return do_ext_conf(conf, ctx, ext_nid, crit, value);
109}
110
111/* LHASH *conf: Config file */
112/* char *value: Value */
113static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
114 int crit, char *value)
115{
116 X509V3_EXT_METHOD *method;
117 X509_EXTENSION *ext;
118 STACK_OF(CONF_VALUE) *nval;
119 void *ext_struc;
120 if(ext_nid == NID_undef) {
121 X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
122 return NULL;
123 }
124 if(!(method = X509V3_EXT_get_nid(ext_nid))) {
125 X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION);
126 return NULL;
127 }
128 /* Now get internal extension representation based on type */
129 if(method->v2i) {
130 if(*value == '@') nval = CONF_get_section(conf, value + 1);
131 else nval = X509V3_parse_list(value);
132 if(!nval) {
133 X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING);
134 ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value);
135 return NULL;
136 }
137 ext_struc = method->v2i(method, ctx, nval);
138 if(*value != '@') sk_CONF_VALUE_pop_free(nval,
139 X509V3_conf_free);
140 if(!ext_struc) return NULL;
141 } else if(method->s2i) {
142 if(!(ext_struc = method->s2i(method, ctx, value))) return NULL;
143 } else if(method->r2i) {
144 if(!ctx->db) {
145 X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
146 return NULL;
147 }
148 if(!(ext_struc = method->r2i(method, ctx, value))) return NULL;
149 } else {
150 X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
151 ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
152 return NULL;
153 }
154
155 ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
156 method->ext_free(ext_struc);
157 return ext;
158
159}
160
161static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
162 int crit, void *ext_struc)
163{
164 unsigned char *ext_der, *p;
165 int ext_len;
166 ASN1_OCTET_STRING *ext_oct;
167 X509_EXTENSION *ext;
168 /* Convert internal representation to DER */
169 ext_len = method->i2d(ext_struc, NULL);
170 if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr;
171 p = ext_der;
172 method->i2d(ext_struc, &p);
173 if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
174 ext_oct->data = ext_der;
175 ext_oct->length = ext_len;
176
177 ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
178 if(!ext) goto merr;
179 M_ASN1_OCTET_STRING_free(ext_oct);
180
181 return ext;
182
183 merr:
184 X509V3err(X509V3_F_DO_EXT_I2D,ERR_R_MALLOC_FAILURE);
185 return NULL;
186
187}
188
189/* Given an internal structure, nid and critical flag create an extension */
190
191X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
192{
193 X509V3_EXT_METHOD *method;
194 if(!(method = X509V3_EXT_get_nid(ext_nid))) {
195 X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION);
196 return NULL;
197 }
198 return do_ext_i2d(method, ext_nid, crit, ext_struc);
199}
200
201/* Check the extension string for critical flag */
202static int v3_check_critical(char **value)
203{
204 char *p = *value;
205 if((strlen(p) < 9) || strncmp(p, "critical,", 9)) return 0;
206 p+=9;
207 while(isspace((unsigned char)*p)) p++;
208 *value = p;
209 return 1;
210}
211
212/* Check extension string for generic extension and return the type */
213static int v3_check_generic(char **value)
214{
215 char *p = *value;
216 if((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0;
217 p+=4;
218 while(isspace((unsigned char)*p)) p++;
219 *value = p;
220 return 1;
221}
222
223/* Create a generic extension: for now just handle DER type */
224static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
225 int crit, int type)
226{
227unsigned char *ext_der=NULL;
228long ext_len;
229ASN1_OBJECT *obj=NULL;
230ASN1_OCTET_STRING *oct=NULL;
231X509_EXTENSION *extension=NULL;
232if(!(obj = OBJ_txt2obj(ext, 0))) {
233 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_NAME_ERROR);
234 ERR_add_error_data(2, "name=", ext);
235 goto err;
236}
237
238if(!(ext_der = string_to_hex(value, &ext_len))) {
239 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR);
240 ERR_add_error_data(2, "value=", value);
241 goto err;
242}
243
244if(!(oct = M_ASN1_OCTET_STRING_new())) {
245 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE);
246 goto err;
247}
248
249oct->data = ext_der;
250oct->length = ext_len;
251ext_der = NULL;
252
253extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
254
255err:
256ASN1_OBJECT_free(obj);
257M_ASN1_OCTET_STRING_free(oct);
258if(ext_der) OPENSSL_free(ext_der);
259return extension;
260}
261
262
263/* This is the main function: add a bunch of extensions based on a config file
264 * section
265 */
266
267int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
268 X509 *cert)
269{
270 X509_EXTENSION *ext;
271 STACK_OF(CONF_VALUE) *nval;
272 CONF_VALUE *val;
273 int i;
274 if(!(nval = CONF_get_section(conf, section))) return 0;
275 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
276 val = sk_CONF_VALUE_value(nval, i);
277 if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
278 return 0;
279 if(cert) X509_add_ext(cert, ext, -1);
280 X509_EXTENSION_free(ext);
281 }
282 return 1;
283}
284
285/* Same as above but for a CRL */
286
287int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
288 X509_CRL *crl)
289{
290 X509_EXTENSION *ext;
291 STACK_OF(CONF_VALUE) *nval;
292 CONF_VALUE *val;
293 int i;
294 if(!(nval = CONF_get_section(conf, section))) return 0;
295 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
296 val = sk_CONF_VALUE_value(nval, i);
297 if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
298 return 0;
299 if(crl) X509_CRL_add_ext(crl, ext, -1);
300 X509_EXTENSION_free(ext);
301 }
302 return 1;
303}
304
305/* Add extensions to certificate request */
306
307int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
308 X509_REQ *req)
309{
310 X509_EXTENSION *ext;
311 STACK_OF(X509_EXTENSION) *extlist = NULL;
312 STACK_OF(CONF_VALUE) *nval;
313 CONF_VALUE *val;
314 int i;
315 if(!(nval = CONF_get_section(conf, section))) return 0;
316 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
317 val = sk_CONF_VALUE_value(nval, i);
318 if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
319 return 0;
320 if(!extlist) extlist = sk_X509_EXTENSION_new_null();
321 sk_X509_EXTENSION_push(extlist, ext);
322 }
323 if(req) i = X509_REQ_add_extensions(req, extlist);
324 else i = 1;
325 sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
326 return i;
327}
328
329/* Config database functions */
330
331char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
332{
333 if(ctx->db_meth->get_string)
334 return ctx->db_meth->get_string(ctx->db, name, section);
335 return NULL;
336}
337
338STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section)
339{
340 if(ctx->db_meth->get_section)
341 return ctx->db_meth->get_section(ctx->db, section);
342 return NULL;
343}
344
345void X509V3_string_free(X509V3_CTX *ctx, char *str)
346{
347 if(!str) return;
348 if(ctx->db_meth->free_string)
349 ctx->db_meth->free_string(ctx->db, str);
350}
351
352void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
353{
354 if(!section) return;
355 if(ctx->db_meth->free_section)
356 ctx->db_meth->free_section(ctx->db, section);
357}
358
359static char *conf_lhash_get_string(void *db, char *section, char *value)
360{
361 return CONF_get_string(db, section, value);
362}
363
364static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section)
365{
366 return CONF_get_section(db, section);
367}
368
369static X509V3_CONF_METHOD conf_lhash_method = {
370conf_lhash_get_string,
371conf_lhash_get_section,
372NULL,
373NULL
374};
375
376void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash)
377{
378 ctx->db_meth = &conf_lhash_method;
379 ctx->db = lhash;
380}
381
382void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
383 X509_CRL *crl, int flags)
384{
385 ctx->issuer_cert = issuer;
386 ctx->subject_cert = subj;
387 ctx->crl = crl;
388 ctx->subject_req = req;
389 ctx->flags = flags;
390}
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c
deleted file mode 100644
index 8203ed7571..0000000000
--- a/src/lib/libcrypto/x509v3/v3_cpols.c
+++ /dev/null
@@ -1,660 +0,0 @@
1/* v3_cpols.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509v3.h>
65
66/* Certificate policies extension support: this one is a bit complex... */
67
68static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent);
69static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value);
70static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent);
71static void print_notice(BIO *out, USERNOTICE *notice, int indent);
72static POLICYINFO *policy_section(X509V3_CTX *ctx,
73 STACK_OF(CONF_VALUE) *polstrs, int ia5org);
74static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
75 STACK_OF(CONF_VALUE) *unot, int ia5org);
76static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos);
77
78X509V3_EXT_METHOD v3_cpols = {
79NID_certificate_policies, 0,
80(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
81(X509V3_EXT_FREE)CERTIFICATEPOLICIES_free,
82(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
83(X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES,
84NULL, NULL,
85NULL, NULL,
86(X509V3_EXT_I2R)i2r_certpol,
87(X509V3_EXT_R2I)r2i_certpol,
88NULL
89};
90
91
92static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
93 X509V3_CTX *ctx, char *value)
94{
95 STACK_OF(POLICYINFO) *pols = NULL;
96 char *pstr;
97 POLICYINFO *pol;
98 ASN1_OBJECT *pobj;
99 STACK_OF(CONF_VALUE) *vals;
100 CONF_VALUE *cnf;
101 int i, ia5org;
102 pols = sk_POLICYINFO_new_null();
103 vals = X509V3_parse_list(value);
104 ia5org = 0;
105 for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
106 cnf = sk_CONF_VALUE_value(vals, i);
107 if(cnf->value || !cnf->name ) {
108 X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER);
109 X509V3_conf_err(cnf);
110 goto err;
111 }
112 pstr = cnf->name;
113 if(!strcmp(pstr,"ia5org")) {
114 ia5org = 1;
115 continue;
116 } else if(*pstr == '@') {
117 STACK_OF(CONF_VALUE) *polsect;
118 polsect = X509V3_get_section(ctx, pstr + 1);
119 if(!polsect) {
120 X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION);
121
122 X509V3_conf_err(cnf);
123 goto err;
124 }
125 pol = policy_section(ctx, polsect, ia5org);
126 X509V3_section_free(ctx, polsect);
127 if(!pol) goto err;
128 } else {
129 if(!(pobj = OBJ_txt2obj(cnf->name, 0))) {
130 X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER);
131 X509V3_conf_err(cnf);
132 goto err;
133 }
134 pol = POLICYINFO_new();
135 pol->policyid = pobj;
136 }
137 sk_POLICYINFO_push(pols, pol);
138 }
139 sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
140 return pols;
141 err:
142 sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
143 return NULL;
144}
145
146static POLICYINFO *policy_section(X509V3_CTX *ctx,
147 STACK_OF(CONF_VALUE) *polstrs, int ia5org)
148{
149 int i;
150 CONF_VALUE *cnf;
151 POLICYINFO *pol;
152 POLICYQUALINFO *qual;
153 if(!(pol = POLICYINFO_new())) goto merr;
154 for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
155 cnf = sk_CONF_VALUE_value(polstrs, i);
156 if(!strcmp(cnf->name, "policyIdentifier")) {
157 ASN1_OBJECT *pobj;
158 if(!(pobj = OBJ_txt2obj(cnf->value, 0))) {
159 X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OBJECT_IDENTIFIER);
160 X509V3_conf_err(cnf);
161 goto err;
162 }
163 pol->policyid = pobj;
164
165 } else if(!name_cmp(cnf->name, "CPS")) {
166 if(!pol->qualifiers) pol->qualifiers =
167 sk_POLICYQUALINFO_new_null();
168 if(!(qual = POLICYQUALINFO_new())) goto merr;
169 if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
170 goto merr;
171 qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
172 qual->d.cpsuri = M_ASN1_IA5STRING_new();
173 if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
174 strlen(cnf->value))) goto merr;
175 } else if(!name_cmp(cnf->name, "userNotice")) {
176 STACK_OF(CONF_VALUE) *unot;
177 if(*cnf->value != '@') {
178 X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME);
179 X509V3_conf_err(cnf);
180 goto err;
181 }
182 unot = X509V3_get_section(ctx, cnf->value + 1);
183 if(!unot) {
184 X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_SECTION);
185
186 X509V3_conf_err(cnf);
187 goto err;
188 }
189 qual = notice_section(ctx, unot, ia5org);
190 X509V3_section_free(ctx, unot);
191 if(!qual) goto err;
192 if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
193 goto merr;
194 } else {
195 X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OPTION);
196
197 X509V3_conf_err(cnf);
198 goto err;
199 }
200 }
201 if(!pol->policyid) {
202 X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_NO_POLICY_IDENTIFIER);
203 goto err;
204 }
205
206 return pol;
207
208 merr:
209 X509V3err(X509V3_F_POLICY_SECTION,ERR_R_MALLOC_FAILURE);
210
211 err:
212 POLICYINFO_free(pol);
213 return NULL;
214
215
216}
217
218static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
219 STACK_OF(CONF_VALUE) *unot, int ia5org)
220{
221 int i;
222 CONF_VALUE *cnf;
223 USERNOTICE *not;
224 POLICYQUALINFO *qual;
225 if(!(qual = POLICYQUALINFO_new())) goto merr;
226 qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
227 if(!(not = USERNOTICE_new())) goto merr;
228 qual->d.usernotice = not;
229 for(i = 0; i < sk_CONF_VALUE_num(unot); i++) {
230 cnf = sk_CONF_VALUE_value(unot, i);
231 if(!strcmp(cnf->name, "explicitText")) {
232 not->exptext = M_ASN1_VISIBLESTRING_new();
233 if(!ASN1_STRING_set(not->exptext, cnf->value,
234 strlen(cnf->value))) goto merr;
235 } else if(!strcmp(cnf->name, "organization")) {
236 NOTICEREF *nref;
237 if(!not->noticeref) {
238 if(!(nref = NOTICEREF_new())) goto merr;
239 not->noticeref = nref;
240 } else nref = not->noticeref;
241 if(ia5org) nref->organization = M_ASN1_IA5STRING_new();
242 else nref->organization = M_ASN1_VISIBLESTRING_new();
243 if(!ASN1_STRING_set(nref->organization, cnf->value,
244 strlen(cnf->value))) goto merr;
245 } else if(!strcmp(cnf->name, "noticeNumbers")) {
246 NOTICEREF *nref;
247 STACK_OF(CONF_VALUE) *nos;
248 if(!not->noticeref) {
249 if(!(nref = NOTICEREF_new())) goto merr;
250 not->noticeref = nref;
251 } else nref = not->noticeref;
252 nos = X509V3_parse_list(cnf->value);
253 if(!nos || !sk_CONF_VALUE_num(nos)) {
254 X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS);
255 X509V3_conf_err(cnf);
256 goto err;
257 }
258 nref->noticenos = nref_nos(nos);
259 sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
260 if(!nref->noticenos) goto err;
261 } else {
262 X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
263
264 X509V3_conf_err(cnf);
265 goto err;
266 }
267 }
268
269 if(not->noticeref &&
270 (!not->noticeref->noticenos || !not->noticeref->organization)) {
271 X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
272 goto err;
273 }
274
275 return qual;
276
277 merr:
278 X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
279
280 err:
281 POLICYQUALINFO_free(qual);
282 return NULL;
283}
284
285static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
286{
287 STACK_OF(ASN1_INTEGER) *nnums;
288 CONF_VALUE *cnf;
289 ASN1_INTEGER *aint;
290
291 int i;
292
293 if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr;
294 for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
295 cnf = sk_CONF_VALUE_value(nos, i);
296 if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
297 X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER);
298 goto err;
299 }
300 if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr;
301 }
302 return nnums;
303
304 merr:
305 X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
306
307 err:
308 sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
309 return NULL;
310}
311
312
313static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
314 BIO *out, int indent)
315{
316 int i;
317 POLICYINFO *pinfo;
318 /* First print out the policy OIDs */
319 for(i = 0; i < sk_POLICYINFO_num(pol); i++) {
320 pinfo = sk_POLICYINFO_value(pol, i);
321 BIO_printf(out, "%*sPolicy: ", indent, "");
322 i2a_ASN1_OBJECT(out, pinfo->policyid);
323 BIO_puts(out, "\n");
324 if(pinfo->qualifiers)
325 print_qualifiers(out, pinfo->qualifiers, indent + 2);
326 }
327 return 1;
328}
329
330
331int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp)
332{
333
334return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE,
335 V_ASN1_UNIVERSAL, IS_SEQUENCE);}
336
337STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void)
338{
339 return sk_POLICYINFO_new_null();
340}
341
342void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a)
343{
344 sk_POLICYINFO_pop_free(a, POLICYINFO_free);
345}
346
347STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a,
348 unsigned char **pp,long length)
349{
350return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO,
351 POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
352
353}
354
355IMPLEMENT_STACK_OF(POLICYINFO)
356IMPLEMENT_ASN1_SET_OF(POLICYINFO)
357
358int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp)
359{
360 M_ASN1_I2D_vars(a);
361
362 M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT);
363 M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
364 i2d_POLICYQUALINFO);
365
366 M_ASN1_I2D_seq_total();
367
368 M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT);
369 M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
370 i2d_POLICYQUALINFO);
371
372 M_ASN1_I2D_finish();
373}
374
375POLICYINFO *POLICYINFO_new(void)
376{
377 POLICYINFO *ret=NULL;
378 ASN1_CTX c;
379 M_ASN1_New_Malloc(ret, POLICYINFO);
380 ret->policyid = NULL;
381 ret->qualifiers = NULL;
382 return (ret);
383 M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW);
384}
385
386POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length)
387{
388 M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new);
389 M_ASN1_D2I_Init();
390 M_ASN1_D2I_start_sequence();
391 M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT);
392 if(!M_ASN1_D2I_end_sequence()) {
393 M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers,
394 d2i_POLICYQUALINFO, POLICYQUALINFO_free);
395 }
396 M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO);
397}
398
399void POLICYINFO_free(POLICYINFO *a)
400{
401 if (a == NULL) return;
402 ASN1_OBJECT_free(a->policyid);
403 sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free);
404 OPENSSL_free (a);
405}
406
407static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
408 int indent)
409{
410 POLICYQUALINFO *qualinfo;
411 int i;
412 for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
413 qualinfo = sk_POLICYQUALINFO_value(quals, i);
414 switch(OBJ_obj2nid(qualinfo->pqualid))
415 {
416 case NID_id_qt_cps:
417 BIO_printf(out, "%*sCPS: %s\n", indent, "",
418 qualinfo->d.cpsuri->data);
419 break;
420
421 case NID_id_qt_unotice:
422 BIO_printf(out, "%*sUser Notice:\n", indent, "");
423 print_notice(out, qualinfo->d.usernotice, indent + 2);
424 break;
425
426 default:
427 BIO_printf(out, "%*sUnknown Qualifier: ",
428 indent + 2, "");
429
430 i2a_ASN1_OBJECT(out, qualinfo->pqualid);
431 BIO_puts(out, "\n");
432 break;
433 }
434 }
435}
436
437static void print_notice(BIO *out, USERNOTICE *notice, int indent)
438{
439 int i;
440 if(notice->noticeref) {
441 NOTICEREF *ref;
442 ref = notice->noticeref;
443 BIO_printf(out, "%*sOrganization: %s\n", indent, "",
444 ref->organization->data);
445 BIO_printf(out, "%*sNumber%s: ", indent, "",
446 sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
447 for(i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {
448 ASN1_INTEGER *num;
449 char *tmp;
450 num = sk_ASN1_INTEGER_value(ref->noticenos, i);
451 if(i) BIO_puts(out, ", ");
452 tmp = i2s_ASN1_INTEGER(NULL, num);
453 BIO_puts(out, tmp);
454 OPENSSL_free(tmp);
455 }
456 BIO_puts(out, "\n");
457 }
458 if(notice->exptext)
459 BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
460 notice->exptext->data);
461}
462
463
464
465int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp)
466{
467 M_ASN1_I2D_vars(a);
468
469 M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT);
470 switch(OBJ_obj2nid(a->pqualid)) {
471 case NID_id_qt_cps:
472 M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING);
473 break;
474
475 case NID_id_qt_unotice:
476 M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE);
477 break;
478
479 default:
480 M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE);
481 break;
482 }
483
484 M_ASN1_I2D_seq_total();
485
486 M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT);
487 switch(OBJ_obj2nid(a->pqualid)) {
488 case NID_id_qt_cps:
489 M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING);
490 break;
491
492 case NID_id_qt_unotice:
493 M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE);
494 break;
495
496 default:
497 M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE);
498 break;
499 }
500
501 M_ASN1_I2D_finish();
502}
503
504POLICYQUALINFO *POLICYQUALINFO_new(void)
505{
506 POLICYQUALINFO *ret=NULL;
507 ASN1_CTX c;
508 M_ASN1_New_Malloc(ret, POLICYQUALINFO);
509 ret->pqualid = NULL;
510 ret->d.other = NULL;
511 return (ret);
512 M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW);
513}
514
515POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
516 long length)
517{
518 M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new);
519 M_ASN1_D2I_Init();
520 M_ASN1_D2I_start_sequence();
521 M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT);
522 switch(OBJ_obj2nid(ret->pqualid)) {
523 case NID_id_qt_cps:
524 M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING);
525 break;
526
527 case NID_id_qt_unotice:
528 M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE);
529 break;
530
531 default:
532 M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE);
533 break;
534 }
535 M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO);
536}
537
538void POLICYQUALINFO_free(POLICYQUALINFO *a)
539{
540 if (a == NULL) return;
541 switch(OBJ_obj2nid(a->pqualid)) {
542 case NID_id_qt_cps:
543 M_ASN1_IA5STRING_free(a->d.cpsuri);
544 break;
545
546 case NID_id_qt_unotice:
547 USERNOTICE_free(a->d.usernotice);
548 break;
549
550 default:
551 ASN1_TYPE_free(a->d.other);
552 break;
553 }
554
555 ASN1_OBJECT_free(a->pqualid);
556 OPENSSL_free (a);
557}
558
559int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp)
560{
561 M_ASN1_I2D_vars(a);
562
563 M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF);
564 M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT);
565
566 M_ASN1_I2D_seq_total();
567
568 M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF);
569 M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT);
570
571 M_ASN1_I2D_finish();
572}
573
574USERNOTICE *USERNOTICE_new(void)
575{
576 USERNOTICE *ret=NULL;
577 ASN1_CTX c;
578 M_ASN1_New_Malloc(ret, USERNOTICE);
579 ret->noticeref = NULL;
580 ret->exptext = NULL;
581 return (ret);
582 M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW);
583}
584
585USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length)
586{
587 M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new);
588 M_ASN1_D2I_Init();
589 M_ASN1_D2I_start_sequence();
590 M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE);
591 if (!M_ASN1_D2I_end_sequence()) {
592 M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT);
593 }
594 M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE);
595}
596
597void USERNOTICE_free(USERNOTICE *a)
598{
599 if (a == NULL) return;
600 NOTICEREF_free(a->noticeref);
601 M_DISPLAYTEXT_free(a->exptext);
602 OPENSSL_free (a);
603}
604
605int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp)
606{
607 M_ASN1_I2D_vars(a);
608
609 M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT);
610 M_ASN1_I2D_len_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
611 i2d_ASN1_INTEGER);
612
613 M_ASN1_I2D_seq_total();
614
615 M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT);
616 M_ASN1_I2D_put_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
617 i2d_ASN1_INTEGER);
618
619 M_ASN1_I2D_finish();
620}
621
622NOTICEREF *NOTICEREF_new(void)
623{
624 NOTICEREF *ret=NULL;
625 ASN1_CTX c;
626 M_ASN1_New_Malloc(ret, NOTICEREF);
627 ret->organization = NULL;
628 ret->noticenos = NULL;
629 return (ret);
630 M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW);
631}
632
633NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length)
634{
635 M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new);
636 M_ASN1_D2I_Init();
637 M_ASN1_D2I_start_sequence();
638 /* This is to cope with some broken encodings that use IA5STRING for
639 * the organization field
640 */
641 M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING,
642 V_ASN1_IA5STRING);
643 if(!ret->organization) {
644 M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT);
645 }
646 M_ASN1_D2I_get_seq_type(ASN1_INTEGER, ret->noticenos, d2i_ASN1_INTEGER,
647 ASN1_STRING_free);
648 M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF);
649}
650
651void NOTICEREF_free(NOTICEREF *a)
652{
653 if (a == NULL) return;
654 M_DISPLAYTEXT_free(a->organization);
655 sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free);
656 OPENSSL_free (a);
657}
658
659IMPLEMENT_STACK_OF(POLICYQUALINFO)
660IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO)
diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c
deleted file mode 100644
index 67feea4017..0000000000
--- a/src/lib/libcrypto/x509v3/v3_crld.c
+++ /dev/null
@@ -1,285 +0,0 @@
1/* v3_crld.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509v3.h>
65
66static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
67 STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist);
68static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
69 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
70
71X509V3_EXT_METHOD v3_crld = {
72NID_crl_distribution_points, X509V3_EXT_MULTILINE,
73(X509V3_EXT_NEW)CRL_DIST_POINTS_new,
74(X509V3_EXT_FREE)CRL_DIST_POINTS_free,
75(X509V3_EXT_D2I)d2i_CRL_DIST_POINTS,
76(X509V3_EXT_I2D)i2d_CRL_DIST_POINTS,
77NULL, NULL,
78(X509V3_EXT_I2V)i2v_crld,
79(X509V3_EXT_V2I)v2i_crld,
80NULL, NULL, NULL
81};
82
83static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
84 STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts)
85{
86 DIST_POINT *point;
87 int i;
88 for(i = 0; i < sk_DIST_POINT_num(crld); i++) {
89 point = sk_DIST_POINT_value(crld, i);
90 if(point->distpoint && point->distpoint->fullname) {
91 exts = i2v_GENERAL_NAMES(NULL,
92 point->distpoint->fullname, exts);
93 }
94 if(point->reasons)
95 X509V3_add_value("reasons","<UNSUPPORTED>", &exts);
96 if(point->CRLissuer)
97 X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts);
98 if(point->distpoint && point->distpoint->relativename)
99 X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
100 }
101 return exts;
102}
103
104static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
105 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
106{
107 STACK_OF(DIST_POINT) *crld = NULL;
108 STACK_OF(GENERAL_NAME) *gens = NULL;
109 GENERAL_NAME *gen = NULL;
110 CONF_VALUE *cnf;
111 int i;
112 if(!(crld = sk_DIST_POINT_new_null())) goto merr;
113 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
114 DIST_POINT *point;
115 cnf = sk_CONF_VALUE_value(nval, i);
116 if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err;
117 if(!(gens = GENERAL_NAMES_new())) goto merr;
118 if(!sk_GENERAL_NAME_push(gens, gen)) goto merr;
119 gen = NULL;
120 if(!(point = DIST_POINT_new())) goto merr;
121 if(!sk_DIST_POINT_push(crld, point)) {
122 DIST_POINT_free(point);
123 goto merr;
124 }
125 if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr;
126 point->distpoint->fullname = gens;
127 gens = NULL;
128 }
129 return crld;
130
131 merr:
132 X509V3err(X509V3_F_V2I_CRLD,ERR_R_MALLOC_FAILURE);
133 err:
134 GENERAL_NAME_free(gen);
135 GENERAL_NAMES_free(gens);
136 sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
137 return NULL;
138}
139
140int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp)
141{
142
143return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE,
144 V_ASN1_UNIVERSAL, IS_SEQUENCE);}
145
146STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void)
147{
148 return sk_DIST_POINT_new_null();
149}
150
151void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a)
152{
153 sk_DIST_POINT_pop_free(a, DIST_POINT_free);
154}
155
156STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
157 unsigned char **pp,long length)
158{
159return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT,
160 DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
161
162}
163
164IMPLEMENT_STACK_OF(DIST_POINT)
165IMPLEMENT_ASN1_SET_OF(DIST_POINT)
166
167int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp)
168{
169 int v = 0;
170 M_ASN1_I2D_vars(a);
171 /* NB: underlying type is a CHOICE so need EXPLICIT tagging */
172 M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
173 M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING);
174 M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES);
175
176 M_ASN1_I2D_seq_total();
177
178 M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
179 M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1);
180 M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2);
181
182 M_ASN1_I2D_finish();
183}
184
185DIST_POINT *DIST_POINT_new(void)
186{
187 DIST_POINT *ret=NULL;
188 ASN1_CTX c;
189 M_ASN1_New_Malloc(ret, DIST_POINT);
190 ret->distpoint = NULL;
191 ret->reasons = NULL;
192 ret->CRLissuer = NULL;
193 return (ret);
194 M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW);
195}
196
197DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length)
198{
199 M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new);
200 M_ASN1_D2I_Init();
201 M_ASN1_D2I_start_sequence();
202 M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0);
203 M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1,
204 V_ASN1_BIT_STRING);
205 M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2,
206 V_ASN1_SEQUENCE);
207 M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT);
208}
209
210void DIST_POINT_free(DIST_POINT *a)
211{
212 if (a == NULL) return;
213 DIST_POINT_NAME_free(a->distpoint);
214 M_ASN1_BIT_STRING_free(a->reasons);
215 sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free);
216 OPENSSL_free (a);
217}
218
219int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp)
220{
221 M_ASN1_I2D_vars(a);
222
223 if(a->fullname) {
224 M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES);
225 } else {
226 M_ASN1_I2D_len_IMP_SET_opt_type(X509_NAME_ENTRY,
227 a->relativename, i2d_X509_NAME_ENTRY, 1);
228 }
229
230 /* Don't want a SEQUENCE so... */
231 if(pp == NULL) return ret;
232 p = *pp;
233
234 if(a->fullname) {
235 M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0);
236 } else {
237 M_ASN1_I2D_put_IMP_SET_opt_type(X509_NAME_ENTRY,
238 a->relativename, i2d_X509_NAME_ENTRY, 1);
239 }
240 M_ASN1_I2D_finish();
241}
242
243DIST_POINT_NAME *DIST_POINT_NAME_new(void)
244{
245 DIST_POINT_NAME *ret=NULL;
246 ASN1_CTX c;
247 M_ASN1_New_Malloc(ret, DIST_POINT_NAME);
248 ret->fullname = NULL;
249 ret->relativename = NULL;
250 return (ret);
251 M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW);
252}
253
254void DIST_POINT_NAME_free(DIST_POINT_NAME *a)
255{
256 if (a == NULL) return;
257 sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free);
258 sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free);
259 OPENSSL_free (a);
260}
261
262DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
263 long length)
264{
265 unsigned char _tmp, tag;
266 M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new);
267 M_ASN1_D2I_Init();
268 c.slen = length;
269
270 _tmp = M_ASN1_next;
271 tag = _tmp & ~V_ASN1_CONSTRUCTED;
272
273 if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) {
274 M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES,
275 V_ASN1_SEQUENCE);
276 } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) {
277 M_ASN1_D2I_get_IMP_set_opt_type (X509_NAME_ENTRY,
278 ret->relativename, d2i_X509_NAME_ENTRY, X509_NAME_ENTRY_free, 1);
279 } else {
280 c.error = ASN1_R_BAD_TAG;
281 goto err;
282 }
283
284 M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME);
285}
diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c
deleted file mode 100644
index aecfdc87f8..0000000000
--- a/src/lib/libcrypto/x509v3/v3_enum.c
+++ /dev/null
@@ -1,96 +0,0 @@
1/* v3_enum.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509v3.h>
62
63static ENUMERATED_NAMES crl_reasons[] = {
64{0, "Unspecified", "unspecified"},
65{1, "Key Compromise", "keyCompromise"},
66{2, "CA Compromise", "CACompromise"},
67{3, "Affiliation Changed", "affiliationChanged"},
68{4, "Superseded", "superseded"},
69{5, "Cessation Of Operation", "cessationOfOperation"},
70{6, "Certificate Hold", "certificateHold"},
71{8, "Remove From CRL", "removeFromCRL"},
72{-1, NULL, NULL}
73};
74
75X509V3_EXT_METHOD v3_crl_reason = {
76NID_crl_reason, 0,
77(X509V3_EXT_NEW)ASN1_ENUMERATED_new,
78(X509V3_EXT_FREE)ASN1_ENUMERATED_free,
79(X509V3_EXT_D2I)d2i_ASN1_ENUMERATED,
80(X509V3_EXT_I2D)i2d_ASN1_ENUMERATED,
81(X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
82(X509V3_EXT_S2I)0,
83NULL, NULL, NULL, NULL, crl_reasons};
84
85
86char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method,
87 ASN1_ENUMERATED *e)
88{
89 ENUMERATED_NAMES *enam;
90 long strval;
91 strval = ASN1_ENUMERATED_get(e);
92 for(enam = method->usr_data; enam->lname; enam++) {
93 if(strval == enam->bitnum) return BUF_strdup(enam->lname);
94 }
95 return i2s_ASN1_ENUMERATED(method, e);
96}
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c
deleted file mode 100644
index 53ec40a027..0000000000
--- a/src/lib/libcrypto/x509v3/v3_extku.c
+++ /dev/null
@@ -1,150 +0,0 @@
1/* v3_extku.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/conf.h>
64#include <openssl/x509v3.h>
65
66static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
67 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
68static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
69 STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
70X509V3_EXT_METHOD v3_ext_ku = {
71NID_ext_key_usage, 0,
72(X509V3_EXT_NEW)ext_ku_new,
73(X509V3_EXT_FREE)ext_ku_free,
74(X509V3_EXT_D2I)d2i_ext_ku,
75(X509V3_EXT_I2D)i2d_ext_ku,
76NULL, NULL,
77(X509V3_EXT_I2V)i2v_ext_ku,
78(X509V3_EXT_V2I)v2i_ext_ku,
79NULL,NULL,
80NULL
81};
82
83STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
84{
85 return sk_ASN1_OBJECT_new_null();
86}
87
88void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
89{
90 sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
91 return;
92}
93
94int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
95{
96 return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
97 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
98}
99
100STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
101 unsigned char **pp, long length)
102{
103 return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
104 ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
105}
106
107
108
109static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
110 STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
111{
112int i;
113ASN1_OBJECT *obj;
114char obj_tmp[80];
115for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
116 obj = sk_ASN1_OBJECT_value(eku, i);
117 i2t_ASN1_OBJECT(obj_tmp, 80, obj);
118 X509V3_add_value(NULL, obj_tmp, &ext_list);
119}
120return ext_list;
121}
122
123static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
124 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
125{
126STACK_OF(ASN1_OBJECT) *extku;
127char *extval;
128ASN1_OBJECT *objtmp;
129CONF_VALUE *val;
130int i;
131
132if(!(extku = sk_ASN1_OBJECT_new_null())) {
133 X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
134 return NULL;
135}
136
137for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
138 val = sk_CONF_VALUE_value(nval, i);
139 if(val->value) extval = val->value;
140 else extval = val->name;
141 if(!(objtmp = OBJ_txt2obj(extval, 0))) {
142 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
143 X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
144 X509V3_conf_err(val);
145 return NULL;
146 }
147 sk_ASN1_OBJECT_push(extku, objtmp);
148}
149return extku;
150}
diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c
deleted file mode 100644
index d44751458e..0000000000
--- a/src/lib/libcrypto/x509v3/v3_genn.c
+++ /dev/null
@@ -1,291 +0,0 @@
1/* v3_genn.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/conf.h>
65#include <openssl/x509v3.h>
66
67int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
68{
69 unsigned char *p;
70 int ret;
71
72 ret = 0;
73
74 /* Save the location of initial TAG */
75 if(pp) p = *pp;
76 else p = NULL;
77
78 /* GEN_DNAME needs special treatment because of EXPLICIT tag */
79
80 if(a->type == GEN_DIRNAME) {
81 int v = 0;
82 M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
83 if(!p) return ret;
84 M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
85 *pp = p;
86 return ret;
87 }
88
89 switch(a->type) {
90
91 case GEN_X400:
92 case GEN_EDIPARTY:
93 ret = i2d_ASN1_TYPE(a->d.other, pp);
94 break;
95
96 case GEN_OTHERNAME:
97 ret = i2d_OTHERNAME(a->d.otherName, pp);
98 break;
99
100 case GEN_EMAIL:
101 case GEN_DNS:
102 case GEN_URI:
103 ret = i2d_ASN1_IA5STRING(a->d.ia5, pp);
104 break;
105
106 case GEN_IPADD:
107 ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp);
108 break;
109
110 case GEN_RID:
111 ret = i2d_ASN1_OBJECT(a->d.rid, pp);
112 break;
113 }
114 /* Replace TAG with IMPLICIT value */
115 if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type;
116 return ret;
117}
118
119GENERAL_NAME *GENERAL_NAME_new()
120{
121 GENERAL_NAME *ret=NULL;
122 ASN1_CTX c;
123 M_ASN1_New_Malloc(ret, GENERAL_NAME);
124 ret->type = -1;
125 ret->d.ptr = NULL;
126 return (ret);
127 M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW);
128}
129
130GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
131 long length)
132{
133 unsigned char _tmp;
134 M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
135 M_ASN1_D2I_Init();
136 c.slen = length;
137
138 _tmp = M_ASN1_next;
139 ret->type = _tmp & ~V_ASN1_CONSTRUCTED;
140
141 switch(ret->type) {
142 /* Just put these in a "blob" for now */
143 case GEN_X400:
144 case GEN_EDIPARTY:
145 M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
146 break;
147
148 case GEN_OTHERNAME:
149 M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
150 break;
151
152 case GEN_EMAIL:
153 case GEN_DNS:
154 case GEN_URI:
155 M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING,
156 V_ASN1_IA5STRING);
157 break;
158
159 case GEN_DIRNAME:
160 M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4);
161 break;
162
163 case GEN_IPADD:
164 M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING,
165 V_ASN1_OCTET_STRING);
166 break;
167
168 case GEN_RID:
169 M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT);
170 break;
171
172 default:
173 c.error = ASN1_R_BAD_TAG;
174 goto err;
175 }
176
177 c.slen = 0;
178 M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME);
179}
180
181void GENERAL_NAME_free(GENERAL_NAME *a)
182{
183 if (a == NULL) return;
184 switch(a->type) {
185 case GEN_X400:
186 case GEN_EDIPARTY:
187 ASN1_TYPE_free(a->d.other);
188 break;
189
190 case GEN_OTHERNAME:
191 OTHERNAME_free(a->d.otherName);
192 break;
193
194 case GEN_EMAIL:
195 case GEN_DNS:
196 case GEN_URI:
197
198 M_ASN1_IA5STRING_free(a->d.ia5);
199 break;
200
201 case GEN_DIRNAME:
202 X509_NAME_free(a->d.dirn);
203 break;
204
205 case GEN_IPADD:
206 M_ASN1_OCTET_STRING_free(a->d.ip);
207 break;
208
209 case GEN_RID:
210 ASN1_OBJECT_free(a->d.rid);
211 break;
212
213 }
214 OPENSSL_free (a);
215}
216
217/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
218 * explicit functions.
219 */
220
221STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
222{
223 return sk_GENERAL_NAME_new_null();
224}
225
226void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
227{
228 sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
229}
230
231STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a,
232 unsigned char **pp, long length)
233{
234return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
235 GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
236}
237
238int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp)
239{
240return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
241 V_ASN1_UNIVERSAL, IS_SEQUENCE);
242}
243
244IMPLEMENT_STACK_OF(GENERAL_NAME)
245IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
246
247int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp)
248{
249 int v = 0;
250 M_ASN1_I2D_vars(a);
251
252 M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
253 M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
254
255 M_ASN1_I2D_seq_total();
256
257 M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
258 M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
259
260 M_ASN1_I2D_finish();
261}
262
263OTHERNAME *OTHERNAME_new(void)
264{
265 OTHERNAME *ret=NULL;
266 ASN1_CTX c;
267 M_ASN1_New_Malloc(ret, OTHERNAME);
268 ret->type_id = OBJ_nid2obj(NID_undef);
269 M_ASN1_New(ret->value, ASN1_TYPE_new);
270 return (ret);
271 M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
272}
273
274OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length)
275{
276 M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
277 M_ASN1_D2I_Init();
278 M_ASN1_D2I_start_sequence();
279 M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
280 M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
281 M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
282}
283
284void OTHERNAME_free(OTHERNAME *a)
285{
286 if (a == NULL) return;
287 ASN1_OBJECT_free(a->type_id);
288 ASN1_TYPE_free(a->value);
289 OPENSSL_free (a);
290}
291
diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c
deleted file mode 100644
index f3bba38269..0000000000
--- a/src/lib/libcrypto/x509v3/v3_ia5.c
+++ /dev/null
@@ -1,113 +0,0 @@
1/* v3_ia5.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/asn1.h>
63#include <openssl/conf.h>
64#include <openssl/x509v3.h>
65
66static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
67static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
68X509V3_EXT_METHOD v3_ns_ia5_list[] = {
69EXT_IA5STRING(NID_netscape_base_url),
70EXT_IA5STRING(NID_netscape_revocation_url),
71EXT_IA5STRING(NID_netscape_ca_revocation_url),
72EXT_IA5STRING(NID_netscape_renewal_url),
73EXT_IA5STRING(NID_netscape_ca_policy_url),
74EXT_IA5STRING(NID_netscape_ssl_server_name),
75EXT_IA5STRING(NID_netscape_comment),
76EXT_END
77};
78
79
80static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
81 ASN1_IA5STRING *ia5)
82{
83 char *tmp;
84 if(!ia5 || !ia5->length) return NULL;
85 tmp = OPENSSL_malloc(ia5->length + 1);
86 memcpy(tmp, ia5->data, ia5->length);
87 tmp[ia5->length] = 0;
88 return tmp;
89}
90
91static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
92 X509V3_CTX *ctx, char *str)
93{
94 ASN1_IA5STRING *ia5;
95 if(!str) {
96 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT);
97 return NULL;
98 }
99 if(!(ia5 = M_ASN1_IA5STRING_new())) goto err;
100 if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
101 strlen(str))) {
102 M_ASN1_IA5STRING_free(ia5);
103 goto err;
104 }
105#ifdef CHARSET_EBCDIC
106 ebcdic2ascii(ia5->data, ia5->data, ia5->length);
107#endif /*CHARSET_EBCDIC*/
108 return ia5;
109 err:
110 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
111 return NULL;
112}
113
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
deleted file mode 100644
index a045a629ee..0000000000
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ /dev/null
@@ -1,236 +0,0 @@
1/* v3_info.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509v3.h>
65
66static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
67 STACK_OF(ACCESS_DESCRIPTION) *ainfo,
68 STACK_OF(CONF_VALUE) *ret);
69static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
70 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
71
72X509V3_EXT_METHOD v3_info =
73{ NID_info_access, X509V3_EXT_MULTILINE,
74(X509V3_EXT_NEW)AUTHORITY_INFO_ACCESS_new,
75(X509V3_EXT_FREE)AUTHORITY_INFO_ACCESS_free,
76(X509V3_EXT_D2I)d2i_AUTHORITY_INFO_ACCESS,
77(X509V3_EXT_I2D)i2d_AUTHORITY_INFO_ACCESS,
78NULL, NULL,
79(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
80(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
81NULL, NULL, NULL};
82
83static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
84 STACK_OF(ACCESS_DESCRIPTION) *ainfo,
85 STACK_OF(CONF_VALUE) *ret)
86{
87 ACCESS_DESCRIPTION *desc;
88 int i;
89 char objtmp[80], *ntmp;
90 CONF_VALUE *vtmp;
91 for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
92 desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
93 ret = i2v_GENERAL_NAME(method, desc->location, ret);
94 if(!ret) break;
95 vtmp = sk_CONF_VALUE_value(ret, i);
96 i2t_ASN1_OBJECT(objtmp, 80, desc->method);
97 ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
98 if(!ntmp) {
99 X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
100 ERR_R_MALLOC_FAILURE);
101 return NULL;
102 }
103 strcpy(ntmp, objtmp);
104 strcat(ntmp, " - ");
105 strcat(ntmp, vtmp->name);
106 OPENSSL_free(vtmp->name);
107 vtmp->name = ntmp;
108
109 }
110 if(!ret) return sk_CONF_VALUE_new_null();
111 return ret;
112}
113
114static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
115 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
116{
117 STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL;
118 CONF_VALUE *cnf, ctmp;
119 ACCESS_DESCRIPTION *acc;
120 int i, objlen;
121 char *objtmp, *ptmp;
122 if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
123 X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
124 return NULL;
125 }
126 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
127 cnf = sk_CONF_VALUE_value(nval, i);
128 if(!(acc = ACCESS_DESCRIPTION_new())
129 || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
130 X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
131 goto err;
132 }
133 ptmp = strchr(cnf->name, ';');
134 if(!ptmp) {
135 X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX);
136 goto err;
137 }
138 objlen = ptmp - cnf->name;
139 ctmp.name = ptmp + 1;
140 ctmp.value = cnf->value;
141 if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp)))
142 goto err;
143 if(!(objtmp = OPENSSL_malloc(objlen + 1))) {
144 X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
145 goto err;
146 }
147 strncpy(objtmp, cnf->name, objlen);
148 objtmp[objlen] = 0;
149 acc->method = OBJ_txt2obj(objtmp, 0);
150 if(!acc->method) {
151 X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT);
152 ERR_add_error_data(2, "value=", objtmp);
153 OPENSSL_free(objtmp);
154 goto err;
155 }
156 OPENSSL_free(objtmp);
157
158 }
159 return ainfo;
160 err:
161 sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
162 return NULL;
163}
164
165int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp)
166{
167 M_ASN1_I2D_vars(a);
168
169 M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT);
170 M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME);
171
172 M_ASN1_I2D_seq_total();
173
174 M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT);
175 M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME);
176
177 M_ASN1_I2D_finish();
178}
179
180ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void)
181{
182 ACCESS_DESCRIPTION *ret=NULL;
183 ASN1_CTX c;
184 M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION);
185 ret->method = OBJ_nid2obj(NID_undef);
186 ret->location = NULL;
187 return (ret);
188 M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW);
189}
190
191ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
192 long length)
193{
194 M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new);
195 M_ASN1_D2I_Init();
196 M_ASN1_D2I_start_sequence();
197 M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT);
198 M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME);
199 M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION);
200}
201
202void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a)
203{
204 if (a == NULL) return;
205 ASN1_OBJECT_free(a->method);
206 GENERAL_NAME_free(a->location);
207 OPENSSL_free (a);
208}
209
210STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void)
211{
212 return sk_ACCESS_DESCRIPTION_new_null();
213}
214
215void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a)
216{
217 sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free);
218}
219
220STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
221 unsigned char **pp, long length)
222{
223return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION,
224 ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
225}
226
227int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp)
228{
229return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE,
230 V_ASN1_UNIVERSAL, IS_SEQUENCE);
231}
232
233IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION)
234IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION)
235
236
diff --git a/src/lib/libcrypto/x509v3/v3_int.c b/src/lib/libcrypto/x509v3/v3_int.c
deleted file mode 100644
index 63c201e5f4..0000000000
--- a/src/lib/libcrypto/x509v3/v3_int.c
+++ /dev/null
@@ -1,72 +0,0 @@
1/* v3_int.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509v3.h>
62
63X509V3_EXT_METHOD v3_crl_num = {
64NID_crl_number, 0,
65(X509V3_EXT_NEW)ASN1_INTEGER_new,
66(X509V3_EXT_FREE)ASN1_INTEGER_free,
67(X509V3_EXT_D2I)d2i_ASN1_INTEGER,
68(X509V3_EXT_I2D)i2d_ASN1_INTEGER,
69(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
70(X509V3_EXT_S2I)0,
71NULL, NULL, NULL, NULL, NULL};
72
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c
deleted file mode 100644
index ea86b9ebb9..0000000000
--- a/src/lib/libcrypto/x509v3/v3_lib.c
+++ /dev/null
@@ -1,225 +0,0 @@
1/* v3_lib.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* X509 v3 extension utilities */
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/conf.h>
63#include <openssl/x509v3.h>
64
65#include "ext_dat.h"
66
67static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
68
69static int ext_cmp(const X509V3_EXT_METHOD * const *a,
70 const X509V3_EXT_METHOD * const *b);
71static void ext_list_free(X509V3_EXT_METHOD *ext);
72
73int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
74{
75 if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
76 X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
77 return 0;
78 }
79 if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
80 X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
81 return 0;
82 }
83 return 1;
84}
85
86static int ext_cmp(const X509V3_EXT_METHOD * const *a,
87 const X509V3_EXT_METHOD * const *b)
88{
89 return ((*a)->ext_nid - (*b)->ext_nid);
90}
91
92X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
93{
94 X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
95 int idx;
96 if(nid < 0) return NULL;
97 tmp.ext_nid = nid;
98 ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t,
99 (char *)standard_exts, STANDARD_EXTENSION_COUNT,
100 sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp);
101 if(ret) return *ret;
102 if(!ext_list) return NULL;
103 idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
104 if(idx == -1) return NULL;
105 return sk_X509V3_EXT_METHOD_value(ext_list, idx);
106}
107
108X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
109{
110 int nid;
111 if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL;
112 return X509V3_EXT_get_nid(nid);
113}
114
115
116int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
117{
118 for(;extlist->ext_nid!=-1;extlist++)
119 if(!X509V3_EXT_add(extlist)) return 0;
120 return 1;
121}
122
123int X509V3_EXT_add_alias(int nid_to, int nid_from)
124{
125 X509V3_EXT_METHOD *ext, *tmpext;
126 if(!(ext = X509V3_EXT_get_nid(nid_from))) {
127 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND);
128 return 0;
129 }
130 if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) {
131 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE);
132 return 0;
133 }
134 *tmpext = *ext;
135 tmpext->ext_nid = nid_to;
136 tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
137 return X509V3_EXT_add(tmpext);
138}
139
140void X509V3_EXT_cleanup(void)
141{
142 sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
143 ext_list = NULL;
144}
145
146static void ext_list_free(X509V3_EXT_METHOD *ext)
147{
148 if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext);
149}
150
151/* Legacy function: we don't need to add standard extensions
152 * any more because they are now kept in ext_dat.h.
153 */
154
155int X509V3_add_standard_extensions(void)
156{
157 return 1;
158}
159
160/* Return an extension internal structure */
161
162void *X509V3_EXT_d2i(X509_EXTENSION *ext)
163{
164 X509V3_EXT_METHOD *method;
165 unsigned char *p;
166 if(!(method = X509V3_EXT_get(ext)) || !method->d2i) return NULL;
167 p = ext->value->data;
168 return method->d2i(NULL, &p, ext->value->length);
169}
170
171/* Get critical flag and decoded version of extension from a NID.
172 * The "idx" variable returns the last found extension and can
173 * be used to retrieve multiple extensions of the same NID.
174 * However multiple extensions with the same NID is usually
175 * due to a badly encoded certificate so if idx is NULL we
176 * choke if multiple extensions exist.
177 * The "crit" variable is set to the critical value.
178 * The return value is the decoded extension or NULL on
179 * error. The actual error can have several different causes,
180 * the value of *crit reflects the cause:
181 * >= 0, extension found but not decoded (reflects critical value).
182 * -1 extension not found.
183 * -2 extension occurs more than once.
184 */
185
186void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
187{
188 int lastpos, i;
189 X509_EXTENSION *ex, *found_ex = NULL;
190 if(!x) {
191 if(idx) *idx = -1;
192 if(crit) *crit = -1;
193 return NULL;
194 }
195 if(idx) lastpos = *idx + 1;
196 else lastpos = 0;
197 if(lastpos < 0) lastpos = 0;
198 for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++)
199 {
200 ex = sk_X509_EXTENSION_value(x, i);
201 if(OBJ_obj2nid(ex->object) == nid) {
202 if(idx) {
203 *idx = i;
204 break;
205 } else if(found_ex) {
206 /* Found more than one */
207 if(crit) *crit = -2;
208 return NULL;
209 }
210 found_ex = ex;
211 }
212 }
213 if(found_ex) {
214 /* Found it */
215 if(crit) *crit = found_ex->critical;
216 return X509V3_EXT_d2i(found_ex);
217 }
218
219 /* Extension not found */
220 if(idx) *idx = -1;
221 if(crit) *crit = -1;
222 return NULL;
223}
224
225IMPLEMENT_STACK_OF(X509V3_EXT_METHOD)
diff --git a/src/lib/libcrypto/x509v3/v3_pku.c b/src/lib/libcrypto/x509v3/v3_pku.c
deleted file mode 100644
index 47f9e8f123..0000000000
--- a/src/lib/libcrypto/x509v3/v3_pku.c
+++ /dev/null
@@ -1,151 +0,0 @@
1/* v3_pku.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/asn1_mac.h>
63#include <openssl/x509v3.h>
64
65static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
66/*
67static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
68*/
69X509V3_EXT_METHOD v3_pkey_usage_period = {
70NID_private_key_usage_period, 0,
71(X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new,
72(X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free,
73(X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD,
74(X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD,
75NULL, NULL, NULL, NULL,
76(X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
77NULL
78};
79
80int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp)
81{
82 M_ASN1_I2D_vars(a);
83
84 M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME);
85 M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME);
86
87 M_ASN1_I2D_seq_total();
88
89 M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0);
90 M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1);
91
92 M_ASN1_I2D_finish();
93}
94
95PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void)
96{
97 PKEY_USAGE_PERIOD *ret=NULL;
98 ASN1_CTX c;
99 M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD);
100 ret->notBefore = NULL;
101 ret->notAfter = NULL;
102 return (ret);
103 M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW);
104}
105
106PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a,
107 unsigned char **pp, long length)
108{
109 M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new);
110 M_ASN1_D2I_Init();
111 M_ASN1_D2I_start_sequence();
112 M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0,
113 V_ASN1_GENERALIZEDTIME);
114 M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1,
115 V_ASN1_GENERALIZEDTIME);
116 M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD);
117}
118
119void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a)
120{
121 if (a == NULL) return;
122 M_ASN1_GENERALIZEDTIME_free(a->notBefore);
123 M_ASN1_GENERALIZEDTIME_free(a->notAfter);
124 OPENSSL_free (a);
125}
126
127static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
128 PKEY_USAGE_PERIOD *usage, BIO *out, int indent)
129{
130 BIO_printf(out, "%*s", indent, "");
131 if(usage->notBefore) {
132 BIO_write(out, "Not Before: ", 12);
133 ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
134 if(usage->notAfter) BIO_write(out, ", ", 2);
135 }
136 if(usage->notAfter) {
137 BIO_write(out, "Not After: ", 11);
138 ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
139 }
140 return 1;
141}
142
143/*
144static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
145X509V3_EXT_METHOD *method;
146X509V3_CTX *ctx;
147STACK_OF(CONF_VALUE) *values;
148{
149return NULL;
150}
151*/
diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c
deleted file mode 100644
index 14b804c4ad..0000000000
--- a/src/lib/libcrypto/x509v3/v3_prn.c
+++ /dev/null
@@ -1,165 +0,0 @@
1/* v3_prn.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* X509 v3 extension utilities */
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/conf.h>
63#include <openssl/x509v3.h>
64
65/* Extension printing routines */
66
67/* Print out a name+value stack */
68
69void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
70{
71 int i;
72 CONF_VALUE *nval;
73 if(!val) return;
74 if(!ml || !sk_CONF_VALUE_num(val)) {
75 BIO_printf(out, "%*s", indent, "");
76 if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "<EMPTY>\n");
77 }
78 for(i = 0; i < sk_CONF_VALUE_num(val); i++) {
79 if(ml) BIO_printf(out, "%*s", indent, "");
80 else if(i > 0) BIO_printf(out, ", ");
81 nval = sk_CONF_VALUE_value(val, i);
82 if(!nval->name) BIO_puts(out, nval->value);
83 else if(!nval->value) BIO_puts(out, nval->name);
84#ifndef CHARSET_EBCDIC
85 else BIO_printf(out, "%s:%s", nval->name, nval->value);
86#else
87 else {
88 int len;
89 char *tmp;
90 len = strlen(nval->value)+1;
91 tmp = OPENSSL_malloc(len);
92 if (tmp)
93 {
94 ascii2ebcdic(tmp, nval->value, len);
95 BIO_printf(out, "%s:%s", nval->name, tmp);
96 OPENSSL_free(tmp);
97 }
98 }
99#endif
100 if(ml) BIO_puts(out, "\n");
101 }
102}
103
104/* Main routine: print out a general extension */
105
106int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent)
107{
108 char *ext_str = NULL, *value = NULL;
109 unsigned char *p;
110 X509V3_EXT_METHOD *method;
111 STACK_OF(CONF_VALUE) *nval = NULL;
112 int ok = 1;
113 if(!(method = X509V3_EXT_get(ext))) return 0;
114 p = ext->value->data;
115 if(!(ext_str = method->d2i(NULL, &p, ext->value->length))) return 0;
116 if(method->i2s) {
117 if(!(value = method->i2s(method, ext_str))) {
118 ok = 0;
119 goto err;
120 }
121#ifndef CHARSET_EBCDIC
122 BIO_printf(out, "%*s%s", indent, "", value);
123#else
124 {
125 int len;
126 char *tmp;
127 len = strlen(value)+1;
128 tmp = OPENSSL_malloc(len);
129 if (tmp)
130 {
131 ascii2ebcdic(tmp, value, len);
132 BIO_printf(out, "%*s%s", indent, "", tmp);
133 OPENSSL_free(tmp);
134 }
135 }
136#endif
137 } else if(method->i2v) {
138 if(!(nval = method->i2v(method, ext_str, NULL))) {
139 ok = 0;
140 goto err;
141 }
142 X509V3_EXT_val_prn(out, nval, indent,
143 method->ext_flags & X509V3_EXT_MULTILINE);
144 } else if(method->i2r) {
145 if(!method->i2r(method, ext_str, out, indent)) ok = 0;
146 } else ok = 0;
147
148 err:
149 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
150 if(value) OPENSSL_free(value);
151 method->ext_free(ext_str);
152 return ok;
153}
154
155#ifndef NO_FP_API
156int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
157{
158 BIO *bio_tmp;
159 int ret;
160 if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0;
161 ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
162 BIO_free(bio_tmp);
163 return ret;
164}
165#endif
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c
deleted file mode 100644
index 8aecd00e63..0000000000
--- a/src/lib/libcrypto/x509v3/v3_purp.c
+++ /dev/null
@@ -1,535 +0,0 @@
1/* v3_purp.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/x509v3.h>
62#include <openssl/x509_vfy.h>
63
64
65static void x509v3_cache_extensions(X509 *x);
66
67static int ca_check(const X509 *x);
68static int check_ssl_ca(const X509 *x);
69static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca);
70static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
71static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
72static int purpose_smime(const X509 *x, int ca);
73static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
74static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca);
75static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
76static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
77
78static int xp_cmp(const X509_PURPOSE * const *a,
79 const X509_PURPOSE * const *b);
80static void xptable_free(X509_PURPOSE *p);
81
82static X509_PURPOSE xstandard[] = {
83 {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL},
84 {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL},
85 {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
86 {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL},
87 {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
88 {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
89 {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
90};
91
92#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
93
94IMPLEMENT_STACK_OF(X509_PURPOSE)
95
96static STACK_OF(X509_PURPOSE) *xptable = NULL;
97
98static int xp_cmp(const X509_PURPOSE * const *a,
99 const X509_PURPOSE * const *b)
100{
101 return (*a)->purpose - (*b)->purpose;
102}
103
104/* As much as I'd like to make X509_check_purpose use a "const" X509*
105 * I really can't because it does recalculate hashes and do other non-const
106 * things. */
107int X509_check_purpose(X509 *x, int id, int ca)
108{
109 int idx;
110 const X509_PURPOSE *pt;
111 if(!(x->ex_flags & EXFLAG_SET)) {
112 CRYPTO_w_lock(CRYPTO_LOCK_X509);
113 x509v3_cache_extensions(x);
114 CRYPTO_w_unlock(CRYPTO_LOCK_X509);
115 }
116 if(id == -1) return 1;
117 idx = X509_PURPOSE_get_by_id(id);
118 if(idx == -1) return -1;
119 pt = X509_PURPOSE_get0(idx);
120 return pt->check_purpose(pt, x, ca);
121}
122
123int X509_PURPOSE_get_count(void)
124{
125 if(!xptable) return X509_PURPOSE_COUNT;
126 return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
127}
128
129X509_PURPOSE * X509_PURPOSE_get0(int idx)
130{
131 if(idx < 0) return NULL;
132 if(idx < X509_PURPOSE_COUNT) return xstandard + idx;
133 return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
134}
135
136int X509_PURPOSE_get_by_sname(char *sname)
137{
138 int i;
139 X509_PURPOSE *xptmp;
140 for(i = 0; i < X509_PURPOSE_get_count(); i++) {
141 xptmp = X509_PURPOSE_get0(i);
142 if(!strcmp(xptmp->sname, sname)) return i;
143 }
144 return -1;
145}
146
147
148int X509_PURPOSE_get_by_id(int purpose)
149{
150 X509_PURPOSE tmp;
151 int idx;
152 if((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))
153 return purpose - X509_PURPOSE_MIN;
154 tmp.purpose = purpose;
155 if(!xptable) return -1;
156 idx = sk_X509_PURPOSE_find(xptable, &tmp);
157 if(idx == -1) return -1;
158 return idx + X509_PURPOSE_COUNT;
159}
160
161int X509_PURPOSE_add(int id, int trust, int flags,
162 int (*ck)(const X509_PURPOSE *, const X509 *, int),
163 char *name, char *sname, void *arg)
164{
165 int idx;
166 X509_PURPOSE *ptmp;
167 /* This is set according to what we change: application can't set it */
168 flags &= ~X509_PURPOSE_DYNAMIC;
169 /* This will always be set for application modified trust entries */
170 flags |= X509_PURPOSE_DYNAMIC_NAME;
171 /* Get existing entry if any */
172 idx = X509_PURPOSE_get_by_id(id);
173 /* Need a new entry */
174 if(idx == -1) {
175 if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
176 X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
177 return 0;
178 }
179 ptmp->flags = X509_PURPOSE_DYNAMIC;
180 } else ptmp = X509_PURPOSE_get0(idx);
181
182 /* OPENSSL_free existing name if dynamic */
183 if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
184 OPENSSL_free(ptmp->name);
185 OPENSSL_free(ptmp->sname);
186 }
187 /* dup supplied name */
188 ptmp->name = BUF_strdup(name);
189 ptmp->sname = BUF_strdup(sname);
190 if(!ptmp->name || !ptmp->sname) {
191 X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
192 return 0;
193 }
194 /* Keep the dynamic flag of existing entry */
195 ptmp->flags &= X509_PURPOSE_DYNAMIC;
196 /* Set all other flags */
197 ptmp->flags |= flags;
198
199 ptmp->purpose = id;
200 ptmp->trust = trust;
201 ptmp->check_purpose = ck;
202 ptmp->usr_data = arg;
203
204 /* If its a new entry manage the dynamic table */
205 if(idx == -1) {
206 if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {
207 X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
208 return 0;
209 }
210 if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
211 X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
212 return 0;
213 }
214 }
215 return 1;
216}
217
218static void xptable_free(X509_PURPOSE *p)
219 {
220 if(!p) return;
221 if (p->flags & X509_PURPOSE_DYNAMIC)
222 {
223 if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {
224 OPENSSL_free(p->name);
225 OPENSSL_free(p->sname);
226 }
227 OPENSSL_free(p);
228 }
229 }
230
231void X509_PURPOSE_cleanup(void)
232{
233 int i;
234 sk_X509_PURPOSE_pop_free(xptable, xptable_free);
235 for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i);
236 xptable = NULL;
237}
238
239int X509_PURPOSE_get_id(X509_PURPOSE *xp)
240{
241 return xp->purpose;
242}
243
244char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)
245{
246 return xp->name;
247}
248
249char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
250{
251 return xp->sname;
252}
253
254int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
255{
256 return xp->trust;
257}
258
259static void x509v3_cache_extensions(X509 *x)
260{
261 BASIC_CONSTRAINTS *bs;
262 ASN1_BIT_STRING *usage;
263 ASN1_BIT_STRING *ns;
264 STACK_OF(ASN1_OBJECT) *extusage;
265
266 int i;
267 if(x->ex_flags & EXFLAG_SET) return;
268#ifndef NO_SHA
269 X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
270#endif
271 /* Does subject name match issuer ? */
272 if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)))
273 x->ex_flags |= EXFLAG_SS;
274 /* V1 should mean no extensions ... */
275 if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1;
276 /* Handle basic constraints */
277 if((bs=X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
278 if(bs->ca) x->ex_flags |= EXFLAG_CA;
279 if(bs->pathlen) {
280 if((bs->pathlen->type == V_ASN1_NEG_INTEGER)
281 || !bs->ca) {
282 x->ex_flags |= EXFLAG_INVALID;
283 x->ex_pathlen = 0;
284 } else x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
285 } else x->ex_pathlen = -1;
286 BASIC_CONSTRAINTS_free(bs);
287 x->ex_flags |= EXFLAG_BCONS;
288 }
289 /* Handle key usage */
290 if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
291 if(usage->length > 0) {
292 x->ex_kusage = usage->data[0];
293 if(usage->length > 1)
294 x->ex_kusage |= usage->data[1] << 8;
295 } else x->ex_kusage = 0;
296 x->ex_flags |= EXFLAG_KUSAGE;
297 ASN1_BIT_STRING_free(usage);
298 }
299 x->ex_xkusage = 0;
300 if((extusage=X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
301 x->ex_flags |= EXFLAG_XKUSAGE;
302 for(i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
303 switch(OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage,i))) {
304 case NID_server_auth:
305 x->ex_xkusage |= XKU_SSL_SERVER;
306 break;
307
308 case NID_client_auth:
309 x->ex_xkusage |= XKU_SSL_CLIENT;
310 break;
311
312 case NID_email_protect:
313 x->ex_xkusage |= XKU_SMIME;
314 break;
315
316 case NID_code_sign:
317 x->ex_xkusage |= XKU_CODE_SIGN;
318 break;
319
320 case NID_ms_sgc:
321 case NID_ns_sgc:
322 x->ex_xkusage |= XKU_SGC;
323 }
324 }
325 sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
326 }
327
328 if((ns=X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
329 if(ns->length > 0) x->ex_nscert = ns->data[0];
330 else x->ex_nscert = 0;
331 x->ex_flags |= EXFLAG_NSCERT;
332 ASN1_BIT_STRING_free(ns);
333 }
334 x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
335 x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
336 x->ex_flags |= EXFLAG_SET;
337}
338
339/* CA checks common to all purposes
340 * return codes:
341 * 0 not a CA
342 * 1 is a CA
343 * 2 basicConstraints absent so "maybe" a CA
344 * 3 basicConstraints absent but self signed V1.
345 */
346
347#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
348#define ku_reject(x, usage) \
349 (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
350#define xku_reject(x, usage) \
351 (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))
352#define ns_reject(x, usage) \
353 (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
354
355static int ca_check(const X509 *x)
356{
357 /* keyUsage if present should allow cert signing */
358 if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0;
359 if(x->ex_flags & EXFLAG_BCONS) {
360 if(x->ex_flags & EXFLAG_CA) return 1;
361 /* If basicConstraints says not a CA then say so */
362 else return 0;
363 } else {
364 if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3;
365 /* If key usage present it must have certSign so tolerate it */
366 else if (x->ex_flags & EXFLAG_KUSAGE) return 3;
367 else return 2;
368 }
369}
370
371/* Check SSL CA: common checks for SSL client and server */
372static int check_ssl_ca(const X509 *x)
373{
374 int ca_ret;
375 ca_ret = ca_check(x);
376 if(!ca_ret) return 0;
377 /* check nsCertType if present */
378 if(x->ex_flags & EXFLAG_NSCERT) {
379 if(x->ex_nscert & NS_SSL_CA) return ca_ret;
380 return 0;
381 }
382 if(ca_ret != 2) return ca_ret;
383 else return 0;
384}
385
386
387static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca)
388{
389 if(xku_reject(x,XKU_SSL_CLIENT)) return 0;
390 if(ca) return check_ssl_ca(x);
391 /* We need to do digital signatures with it */
392 if(ku_reject(x,KU_DIGITAL_SIGNATURE)) return 0;
393 /* nsCertType if present should allow SSL client use */
394 if(ns_reject(x, NS_SSL_CLIENT)) return 0;
395 return 1;
396}
397
398static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
399{
400 if(xku_reject(x,XKU_SSL_SERVER|XKU_SGC)) return 0;
401 if(ca) return check_ssl_ca(x);
402
403 if(ns_reject(x, NS_SSL_SERVER)) return 0;
404 /* Now as for keyUsage: we'll at least need to sign OR encipher */
405 if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT)) return 0;
406
407 return 1;
408
409}
410
411static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
412{
413 int ret;
414 ret = check_purpose_ssl_server(xp, x, ca);
415 if(!ret || ca) return ret;
416 /* We need to encipher or Netscape complains */
417 if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0;
418 return ret;
419}
420
421/* common S/MIME checks */
422static int purpose_smime(const X509 *x, int ca)
423{
424 if(xku_reject(x,XKU_SMIME)) return 0;
425 if(ca) {
426 int ca_ret;
427 ca_ret = ca_check(x);
428 if(!ca_ret) return 0;
429 /* check nsCertType if present */
430 if(x->ex_flags & EXFLAG_NSCERT) {
431 if(x->ex_nscert & NS_SMIME_CA) return ca_ret;
432 return 0;
433 }
434 if(ca_ret != 2) return ca_ret;
435 else return 0;
436 }
437 if(x->ex_flags & EXFLAG_NSCERT) {
438 if(x->ex_nscert & NS_SMIME) return 1;
439 /* Workaround for some buggy certificates */
440 if(x->ex_nscert & NS_SSL_CLIENT) return 2;
441 return 0;
442 }
443 return 1;
444}
445
446static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
447{
448 int ret;
449 ret = purpose_smime(x, ca);
450 if(!ret || ca) return ret;
451 if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_NON_REPUDIATION)) return 0;
452 return ret;
453}
454
455static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca)
456{
457 int ret;
458 ret = purpose_smime(x, ca);
459 if(!ret || ca) return ret;
460 if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0;
461 return ret;
462}
463
464static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
465{
466 if(ca) {
467 int ca_ret;
468 if((ca_ret = ca_check(x)) != 2) return ca_ret;
469 else return 0;
470 }
471 if(ku_reject(x, KU_CRL_SIGN)) return 0;
472 return 1;
473}
474
475static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
476{
477 return 1;
478}
479
480/* Various checks to see if one certificate issued the second.
481 * This can be used to prune a set of possible issuer certificates
482 * which have been looked up using some simple method such as by
483 * subject name.
484 * These are:
485 * 1. Check issuer_name(subject) == subject_name(issuer)
486 * 2. If akid(subject) exists check it matches issuer
487 * 3. If key_usage(issuer) exists check it supports certificate signing
488 * returns 0 for OK, positive for reason for mismatch, reasons match
489 * codes for X509_verify_cert()
490 */
491
492int X509_check_issued(X509 *issuer, X509 *subject)
493{
494 if(X509_NAME_cmp(X509_get_subject_name(issuer),
495 X509_get_issuer_name(subject)))
496 return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
497 x509v3_cache_extensions(issuer);
498 x509v3_cache_extensions(subject);
499 if(subject->akid) {
500 /* Check key ids (if present) */
501 if(subject->akid->keyid && issuer->skid &&
502 ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid) )
503 return X509_V_ERR_AKID_SKID_MISMATCH;
504 /* Check serial number */
505 if(subject->akid->serial &&
506 ASN1_INTEGER_cmp(X509_get_serialNumber(issuer),
507 subject->akid->serial))
508 return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
509 /* Check issuer name */
510 if(subject->akid->issuer) {
511 /* Ugh, for some peculiar reason AKID includes
512 * SEQUENCE OF GeneralName. So look for a DirName.
513 * There may be more than one but we only take any
514 * notice of the first.
515 */
516 STACK_OF(GENERAL_NAME) *gens;
517 GENERAL_NAME *gen;
518 X509_NAME *nm = NULL;
519 int i;
520 gens = subject->akid->issuer;
521 for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
522 gen = sk_GENERAL_NAME_value(gens, i);
523 if(gen->type == GEN_DIRNAME) {
524 nm = gen->d.dirn;
525 break;
526 }
527 }
528 if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
529 return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
530 }
531 }
532 if(ku_reject(issuer, KU_KEY_CERT_SIGN)) return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
533 return X509_V_OK;
534}
535
diff --git a/src/lib/libcrypto/x509v3/v3_skey.c b/src/lib/libcrypto/x509v3/v3_skey.c
deleted file mode 100644
index 939845fa8f..0000000000
--- a/src/lib/libcrypto/x509v3/v3_skey.c
+++ /dev/null
@@ -1,149 +0,0 @@
1/* v3_skey.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/x509v3.h>
63
64static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
65X509V3_EXT_METHOD v3_skey_id = {
66NID_subject_key_identifier, 0,
67(X509V3_EXT_NEW)ASN1_OCTET_STRING_new,
68(X509V3_EXT_FREE)ASN1_OCTET_STRING_free,
69(X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING,
70(X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING,
71(X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
72(X509V3_EXT_S2I)s2i_skey_id,
73NULL, NULL, NULL, NULL, NULL};
74
75char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
76 ASN1_OCTET_STRING *oct)
77{
78 return hex_to_string(oct->data, oct->length);
79}
80
81ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
82 X509V3_CTX *ctx, char *str)
83{
84 ASN1_OCTET_STRING *oct;
85 long length;
86
87 if(!(oct = M_ASN1_OCTET_STRING_new())) {
88 X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
89 return NULL;
90 }
91
92 if(!(oct->data = string_to_hex(str, &length))) {
93 M_ASN1_OCTET_STRING_free(oct);
94 return NULL;
95 }
96
97 oct->length = length;
98
99 return oct;
100
101}
102
103static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
104 X509V3_CTX *ctx, char *str)
105{
106 ASN1_OCTET_STRING *oct;
107 ASN1_BIT_STRING *pk;
108 unsigned char pkey_dig[EVP_MAX_MD_SIZE];
109 EVP_MD_CTX md;
110 unsigned int diglen;
111
112 if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str);
113
114 if(!(oct = M_ASN1_OCTET_STRING_new())) {
115 X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
116 return NULL;
117 }
118
119 if(ctx && (ctx->flags == CTX_TEST)) return oct;
120
121 if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
122 X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
123 goto err;
124 }
125
126 if(ctx->subject_req)
127 pk = ctx->subject_req->req_info->pubkey->public_key;
128 else pk = ctx->subject_cert->cert_info->key->public_key;
129
130 if(!pk) {
131 X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
132 goto err;
133 }
134
135 EVP_DigestInit(&md, EVP_sha1());
136 EVP_DigestUpdate(&md, pk->data, pk->length);
137 EVP_DigestFinal(&md, pkey_dig, &diglen);
138
139 if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
140 X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
141 goto err;
142 }
143
144 return oct;
145
146 err:
147 M_ASN1_OCTET_STRING_free(oct);
148 return NULL;
149}
diff --git a/src/lib/libcrypto/x509v3/v3_sxnet.c b/src/lib/libcrypto/x509v3/v3_sxnet.c
deleted file mode 100644
index bfecacd336..0000000000
--- a/src/lib/libcrypto/x509v3/v3_sxnet.c
+++ /dev/null
@@ -1,340 +0,0 @@
1/* v3_sxnet.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/conf.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/x509v3.h>
65
66/* Support for Thawte strong extranet extension */
67
68#define SXNET_TEST
69
70static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
71#ifdef SXNET_TEST
72static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
73 STACK_OF(CONF_VALUE) *nval);
74#endif
75X509V3_EXT_METHOD v3_sxnet = {
76NID_sxnet, X509V3_EXT_MULTILINE,
77(X509V3_EXT_NEW)SXNET_new,
78(X509V3_EXT_FREE)SXNET_free,
79(X509V3_EXT_D2I)d2i_SXNET,
80(X509V3_EXT_I2D)i2d_SXNET,
81NULL, NULL,
82NULL,
83#ifdef SXNET_TEST
84(X509V3_EXT_V2I)sxnet_v2i,
85#else
86NULL,
87#endif
88(X509V3_EXT_I2R)sxnet_i2r,
89NULL,
90NULL
91};
92
93
94int i2d_SXNET(SXNET *a, unsigned char **pp)
95{
96 M_ASN1_I2D_vars(a);
97
98 M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
99 M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
100
101 M_ASN1_I2D_seq_total();
102
103 M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
104 M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
105
106 M_ASN1_I2D_finish();
107}
108
109SXNET *SXNET_new(void)
110{
111 SXNET *ret=NULL;
112 ASN1_CTX c;
113 M_ASN1_New_Malloc(ret, SXNET);
114 M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
115 M_ASN1_New(ret->ids,sk_SXNETID_new_null);
116 return (ret);
117 M_ASN1_New_Error(ASN1_F_SXNET_NEW);
118}
119
120SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length)
121{
122 M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
123 M_ASN1_D2I_Init();
124 M_ASN1_D2I_start_sequence();
125 M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
126 M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
127 M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
128}
129
130void SXNET_free(SXNET *a)
131{
132 if (a == NULL) return;
133 M_ASN1_INTEGER_free(a->version);
134 sk_SXNETID_pop_free(a->ids, SXNETID_free);
135 OPENSSL_free (a);
136}
137
138int i2d_SXNETID(SXNETID *a, unsigned char **pp)
139{
140 M_ASN1_I2D_vars(a);
141
142 M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
143 M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
144
145 M_ASN1_I2D_seq_total();
146
147 M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
148 M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
149
150 M_ASN1_I2D_finish();
151}
152
153SXNETID *SXNETID_new(void)
154{
155 SXNETID *ret=NULL;
156 ASN1_CTX c;
157 M_ASN1_New_Malloc(ret, SXNETID);
158 ret->zone = NULL;
159 M_ASN1_New(ret->user,M_ASN1_OCTET_STRING_new);
160 return (ret);
161 M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
162}
163
164SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length)
165{
166 M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
167 M_ASN1_D2I_Init();
168 M_ASN1_D2I_start_sequence();
169 M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
170 M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
171 M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
172}
173
174void SXNETID_free(SXNETID *a)
175{
176 if (a == NULL) return;
177 M_ASN1_INTEGER_free(a->zone);
178 M_ASN1_OCTET_STRING_free(a->user);
179 OPENSSL_free (a);
180}
181
182static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
183 int indent)
184{
185 long v;
186 char *tmp;
187 SXNETID *id;
188 int i;
189 v = ASN1_INTEGER_get(sx->version);
190 BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v);
191 for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
192 id = sk_SXNETID_value(sx->ids, i);
193 tmp = i2s_ASN1_INTEGER(NULL, id->zone);
194 BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
195 OPENSSL_free(tmp);
196 M_ASN1_OCTET_STRING_print(out, id->user);
197 }
198 return 1;
199}
200
201#ifdef SXNET_TEST
202
203/* NBB: this is used for testing only. It should *not* be used for anything
204 * else because it will just take static IDs from the configuration file and
205 * they should really be separate values for each user.
206 */
207
208
209static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
210 STACK_OF(CONF_VALUE) *nval)
211{
212 CONF_VALUE *cnf;
213 SXNET *sx = NULL;
214 int i;
215 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
216 cnf = sk_CONF_VALUE_value(nval, i);
217 if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
218 return NULL;
219 }
220 return sx;
221}
222
223
224#endif
225
226/* Strong Extranet utility functions */
227
228/* Add an id given the zone as an ASCII number */
229
230int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
231 int userlen)
232{
233 ASN1_INTEGER *izone = NULL;
234 if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
235 X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
236 return 0;
237 }
238 return SXNET_add_id_INTEGER(psx, izone, user, userlen);
239}
240
241/* Add an id given the zone as an unsigned long */
242
243int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
244 int userlen)
245{
246 ASN1_INTEGER *izone = NULL;
247 if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
248 X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
249 M_ASN1_INTEGER_free(izone);
250 return 0;
251 }
252 return SXNET_add_id_INTEGER(psx, izone, user, userlen);
253
254}
255
256/* Add an id given the zone as an ASN1_INTEGER.
257 * Note this version uses the passed integer and doesn't make a copy so don't
258 * free it up afterwards.
259 */
260
261int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
262 int userlen)
263{
264 SXNET *sx = NULL;
265 SXNETID *id = NULL;
266 if(!psx || !zone || !user) {
267 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
268 return 0;
269 }
270 if(userlen == -1) userlen = strlen(user);
271 if(userlen > 64) {
272 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
273 return 0;
274 }
275 if(!*psx) {
276 if(!(sx = SXNET_new())) goto err;
277 if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
278 *psx = sx;
279 } else sx = *psx;
280 if(SXNET_get_id_INTEGER(sx, zone)) {
281 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
282 return 0;
283 }
284
285 if(!(id = SXNETID_new())) goto err;
286 if(userlen == -1) userlen = strlen(user);
287
288 if(!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
289 if(!sk_SXNETID_push(sx->ids, id)) goto err;
290 id->zone = zone;
291 return 1;
292
293 err:
294 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
295 SXNETID_free(id);
296 SXNET_free(sx);
297 *psx = NULL;
298 return 0;
299}
300
301ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
302{
303 ASN1_INTEGER *izone = NULL;
304 ASN1_OCTET_STRING *oct;
305 if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
306 X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
307 return NULL;
308 }
309 oct = SXNET_get_id_INTEGER(sx, izone);
310 M_ASN1_INTEGER_free(izone);
311 return oct;
312}
313
314ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
315{
316 ASN1_INTEGER *izone = NULL;
317 ASN1_OCTET_STRING *oct;
318 if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
319 X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
320 M_ASN1_INTEGER_free(izone);
321 return NULL;
322 }
323 oct = SXNET_get_id_INTEGER(sx, izone);
324 M_ASN1_INTEGER_free(izone);
325 return oct;
326}
327
328ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
329{
330 SXNETID *id;
331 int i;
332 for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
333 id = sk_SXNETID_value(sx->ids, i);
334 if(!M_ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
335 }
336 return NULL;
337}
338
339IMPLEMENT_STACK_OF(SXNETID)
340IMPLEMENT_ASN1_SET_OF(SXNETID)
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c
deleted file mode 100644
index 619f161b58..0000000000
--- a/src/lib/libcrypto/x509v3/v3_utl.c
+++ /dev/null
@@ -1,516 +0,0 @@
1/* v3_utl.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* X509 v3 extension utilities */
59
60
61#include <stdio.h>
62#include <ctype.h>
63#include "cryptlib.h"
64#include <openssl/conf.h>
65#include <openssl/x509v3.h>
66
67static char *strip_spaces(char *name);
68static int sk_strcmp(const char * const *a, const char * const *b);
69static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens);
70static void str_free(void *str);
71static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
72
73/* Add a CONF_VALUE name value pair to stack */
74
75int X509V3_add_value(const char *name, const char *value,
76 STACK_OF(CONF_VALUE) **extlist)
77{
78 CONF_VALUE *vtmp = NULL;
79 char *tname = NULL, *tvalue = NULL;
80 if(name && !(tname = BUF_strdup(name))) goto err;
81 if(value && !(tvalue = BUF_strdup(value))) goto err;;
82 if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err;
83 if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
84 vtmp->section = NULL;
85 vtmp->name = tname;
86 vtmp->value = tvalue;
87 if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err;
88 return 1;
89 err:
90 X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE);
91 if(vtmp) OPENSSL_free(vtmp);
92 if(tname) OPENSSL_free(tname);
93 if(tvalue) OPENSSL_free(tvalue);
94 return 0;
95}
96
97int X509V3_add_value_uchar(const char *name, const unsigned char *value,
98 STACK_OF(CONF_VALUE) **extlist)
99 {
100 return X509V3_add_value(name,(const char *)value,extlist);
101 }
102
103/* Free function for STACK_OF(CONF_VALUE) */
104
105void X509V3_conf_free(CONF_VALUE *conf)
106{
107 if(!conf) return;
108 if(conf->name) OPENSSL_free(conf->name);
109 if(conf->value) OPENSSL_free(conf->value);
110 if(conf->section) OPENSSL_free(conf->section);
111 OPENSSL_free(conf);
112}
113
114int X509V3_add_value_bool(const char *name, int asn1_bool,
115 STACK_OF(CONF_VALUE) **extlist)
116{
117 if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
118 return X509V3_add_value(name, "FALSE", extlist);
119}
120
121int X509V3_add_value_bool_nf(char *name, int asn1_bool,
122 STACK_OF(CONF_VALUE) **extlist)
123{
124 if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
125 return 1;
126}
127
128
129char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
130{
131 BIGNUM *bntmp = NULL;
132 char *strtmp = NULL;
133 if(!a) return NULL;
134 if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
135 !(strtmp = BN_bn2dec(bntmp)) )
136 X509V3err(X509V3_F_I2S_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
137 BN_free(bntmp);
138 return strtmp;
139}
140
141char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
142{
143 BIGNUM *bntmp = NULL;
144 char *strtmp = NULL;
145 if(!a) return NULL;
146 if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
147 !(strtmp = BN_bn2dec(bntmp)) )
148 X509V3err(X509V3_F_I2S_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
149 BN_free(bntmp);
150 return strtmp;
151}
152
153ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
154{
155 BIGNUM *bn = NULL;
156 ASN1_INTEGER *aint;
157 bn = BN_new();
158 if(!value) {
159 X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE);
160 return 0;
161 }
162 if(!BN_dec2bn(&bn, value)) {
163 X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR);
164 return 0;
165 }
166
167 if(!(aint = BN_to_ASN1_INTEGER(bn, NULL))) {
168 X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
169 return 0;
170 }
171 BN_free(bn);
172 return aint;
173}
174
175int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
176 STACK_OF(CONF_VALUE) **extlist)
177{
178 char *strtmp;
179 int ret;
180 if(!aint) return 1;
181 if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0;
182 ret = X509V3_add_value(name, strtmp, extlist);
183 OPENSSL_free(strtmp);
184 return ret;
185}
186
187int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
188{
189 char *btmp;
190 if(!(btmp = value->value)) goto err;
191 if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
192 || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
193 || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
194 *asn1_bool = 0xff;
195 return 1;
196 } else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
197 || !strcmp(btmp, "N") || !strcmp(btmp, "n")
198 || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
199 *asn1_bool = 0;
200 return 1;
201 }
202 err:
203 X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,X509V3_R_INVALID_BOOLEAN_STRING);
204 X509V3_conf_err(value);
205 return 0;
206}
207
208int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
209{
210 ASN1_INTEGER *itmp;
211 if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
212 X509V3_conf_err(value);
213 return 0;
214 }
215 *aint = itmp;
216 return 1;
217}
218
219#define HDR_NAME 1
220#define HDR_VALUE 2
221
222/*#define DEBUG*/
223
224STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line)
225{
226 char *p, *q, c;
227 char *ntmp, *vtmp;
228 STACK_OF(CONF_VALUE) *values = NULL;
229 char *linebuf;
230 int state;
231 /* We are going to modify the line so copy it first */
232 linebuf = BUF_strdup(line);
233 state = HDR_NAME;
234 ntmp = NULL;
235 /* Go through all characters */
236 for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
237
238 switch(state) {
239 case HDR_NAME:
240 if(c == ':') {
241 state = HDR_VALUE;
242 *p = 0;
243 ntmp = strip_spaces(q);
244 if(!ntmp) {
245 X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
246 goto err;
247 }
248 q = p + 1;
249 } else if(c == ',') {
250 *p = 0;
251 ntmp = strip_spaces(q);
252 q = p + 1;
253#ifdef DEBUG
254 printf("%s\n", ntmp);
255#endif
256 if(!ntmp) {
257 X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
258 goto err;
259 }
260 X509V3_add_value(ntmp, NULL, &values);
261 }
262 break ;
263
264 case HDR_VALUE:
265 if(c == ',') {
266 state = HDR_NAME;
267 *p = 0;
268 vtmp = strip_spaces(q);
269#ifdef DEBUG
270 printf("%s\n", ntmp);
271#endif
272 if(!vtmp) {
273 X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
274 goto err;
275 }
276 X509V3_add_value(ntmp, vtmp, &values);
277 ntmp = NULL;
278 q = p + 1;
279 }
280
281 }
282 }
283
284 if(state == HDR_VALUE) {
285 vtmp = strip_spaces(q);
286#ifdef DEBUG
287 printf("%s=%s\n", ntmp, vtmp);
288#endif
289 if(!vtmp) {
290 X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
291 goto err;
292 }
293 X509V3_add_value(ntmp, vtmp, &values);
294 } else {
295 ntmp = strip_spaces(q);
296#ifdef DEBUG
297 printf("%s\n", ntmp);
298#endif
299 if(!ntmp) {
300 X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
301 goto err;
302 }
303 X509V3_add_value(ntmp, NULL, &values);
304 }
305OPENSSL_free(linebuf);
306return values;
307
308err:
309OPENSSL_free(linebuf);
310sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
311return NULL;
312
313}
314
315/* Delete leading and trailing spaces from a string */
316static char *strip_spaces(char *name)
317{
318 char *p, *q;
319 /* Skip over leading spaces */
320 p = name;
321 while(*p && isspace((unsigned char)*p)) p++;
322 if(!*p) return NULL;
323 q = p + strlen(p) - 1;
324 while((q != p) && isspace((unsigned char)*q)) q--;
325 if(p != q) q[1] = 0;
326 if(!*p) return NULL;
327 return p;
328}
329
330/* hex string utilities */
331
332/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
333 * hex representation
334 * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
335 */
336
337char *hex_to_string(unsigned char *buffer, long len)
338{
339 char *tmp, *q;
340 unsigned char *p;
341 int i;
342 static char hexdig[] = "0123456789ABCDEF";
343 if(!buffer || !len) return NULL;
344 if(!(tmp = OPENSSL_malloc(len * 3 + 1))) {
345 X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE);
346 return NULL;
347 }
348 q = tmp;
349 for(i = 0, p = buffer; i < len; i++,p++) {
350 *q++ = hexdig[(*p >> 4) & 0xf];
351 *q++ = hexdig[*p & 0xf];
352 *q++ = ':';
353 }
354 q[-1] = 0;
355#ifdef CHARSET_EBCDIC
356 ebcdic2ascii(tmp, tmp, q - tmp - 1);
357#endif
358
359 return tmp;
360}
361
362/* Give a string of hex digits convert to
363 * a buffer
364 */
365
366unsigned char *string_to_hex(char *str, long *len)
367{
368 unsigned char *hexbuf, *q;
369 unsigned char ch, cl, *p;
370 if(!str) {
371 X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT);
372 return NULL;
373 }
374 if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err;
375 for(p = (unsigned char *)str, q = hexbuf; *p;) {
376 ch = *p++;
377#ifdef CHARSET_EBCDIC
378 ch = os_toebcdic[ch];
379#endif
380 if(ch == ':') continue;
381 cl = *p++;
382#ifdef CHARSET_EBCDIC
383 cl = os_toebcdic[cl];
384#endif
385 if(!cl) {
386 X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS);
387 OPENSSL_free(hexbuf);
388 return NULL;
389 }
390 if(isupper(ch)) ch = tolower(ch);
391 if(isupper(cl)) cl = tolower(cl);
392
393 if((ch >= '0') && (ch <= '9')) ch -= '0';
394 else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10;
395 else goto badhex;
396
397 if((cl >= '0') && (cl <= '9')) cl -= '0';
398 else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10;
399 else goto badhex;
400
401 *q++ = (ch << 4) | cl;
402 }
403
404 if(len) *len = q - hexbuf;
405
406 return hexbuf;
407
408 err:
409 if(hexbuf) OPENSSL_free(hexbuf);
410 X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE);
411 return NULL;
412
413 badhex:
414 OPENSSL_free(hexbuf);
415 X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT);
416 return NULL;
417
418}
419
420/* V2I name comparison function: returns zero if 'name' matches
421 * cmp or cmp.*
422 */
423
424int name_cmp(const char *name, const char *cmp)
425{
426 int len, ret;
427 char c;
428 len = strlen(cmp);
429 if((ret = strncmp(name, cmp, len))) return ret;
430 c = name[len];
431 if(!c || (c=='.')) return 0;
432 return 1;
433}
434
435static int sk_strcmp(const char * const *a, const char * const *b)
436{
437 return strcmp(*a, *b);
438}
439
440STACK *X509_get1_email(X509 *x)
441{
442 STACK_OF(GENERAL_NAME) *gens;
443 STACK *ret;
444 gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
445 ret = get_email(X509_get_subject_name(x), gens);
446 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
447 return ret;
448}
449
450STACK *X509_REQ_get1_email(X509_REQ *x)
451{
452 STACK_OF(GENERAL_NAME) *gens;
453 STACK_OF(X509_EXTENSION) *exts;
454 STACK *ret;
455 exts = X509_REQ_get_extensions(x);
456 gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
457 ret = get_email(X509_REQ_get_subject_name(x), gens);
458 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
459 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
460 return ret;
461}
462
463
464static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens)
465{
466 STACK *ret = NULL;
467 X509_NAME_ENTRY *ne;
468 ASN1_IA5STRING *email;
469 GENERAL_NAME *gen;
470 int i;
471 /* Now add any email address(es) to STACK */
472 i = -1;
473 /* First supplied X509_NAME */
474 while((i = X509_NAME_get_index_by_NID(name,
475 NID_pkcs9_emailAddress, i)) > 0) {
476 ne = X509_NAME_get_entry(name, i);
477 email = X509_NAME_ENTRY_get_data(ne);
478 if(!append_ia5(&ret, email)) return NULL;
479 }
480 for(i = 0; i < sk_GENERAL_NAME_num(gens); i++)
481 {
482 gen = sk_GENERAL_NAME_value(gens, i);
483 if(gen->type != GEN_EMAIL) continue;
484 if(!append_ia5(&ret, gen->d.ia5)) return NULL;
485 }
486 return ret;
487}
488
489static void str_free(void *str)
490{
491 OPENSSL_free(str);
492}
493
494static int append_ia5(STACK **sk, ASN1_IA5STRING *email)
495{
496 char *emtmp;
497 /* First some sanity checks */
498 if(email->type != V_ASN1_IA5STRING) return 1;
499 if(!email->data || !email->length) return 1;
500 if(!*sk) *sk = sk_new(sk_strcmp);
501 if(!*sk) return 0;
502 /* Don't add duplicates */
503 if(sk_find(*sk, (char *)email->data) != -1) return 1;
504 emtmp = BUF_strdup((char *)email->data);
505 if(!emtmp || !sk_push(*sk, emtmp)) {
506 X509_email_free(*sk);
507 *sk = NULL;
508 return 0;
509 }
510 return 1;
511}
512
513void X509_email_free(STACK *sk)
514{
515 sk_pop_free(sk, str_free);
516}
diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c
deleted file mode 100644
index aa4a605dc4..0000000000
--- a/src/lib/libcrypto/x509v3/v3err.c
+++ /dev/null
@@ -1,176 +0,0 @@
1/* crypto/x509v3/v3err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/x509v3.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA X509V3_str_functs[]=
68 {
69{ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"},
70{ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"},
71{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"},
72{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"},
73{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
74{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"},
75{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"},
76{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"},
77{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"},
78{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"},
79{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"},
80{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"},
81{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"},
82{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"},
83{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"},
84{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0), "S2I_ASN1_SKEY_ID"},
85{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0), "S2I_S2I_SKEY_ID"},
86{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0), "string_to_hex"},
87{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0), "SXNET_ADD_ASC"},
88{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0), "SXNET_add_id_INTEGER"},
89{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0), "SXNET_add_id_ulong"},
90{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"},
91{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"},
92{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"},
93{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"},
94{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"},
95{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"},
96{ERR_PACK(0,X509V3_F_V2I_CRLD,0), "V2I_CRLD"},
97{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0), "V2I_EXT_KU"},
98{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"},
99{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"},
100{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"},
101{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"},
102{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
103{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"},
104{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"},
105{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"},
106{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"},
107{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
108{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"},
109{0,NULL}
110 };
111
112static ERR_STRING_DATA X509V3_str_reasons[]=
113 {
114{X509V3_R_BAD_IP_ADDRESS ,"bad ip address"},
115{X509V3_R_BAD_OBJECT ,"bad object"},
116{X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"},
117{X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"},
118{X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"},
119{X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"},
120{X509V3_R_ERROR_IN_EXTENSION ,"error in extension"},
121{X509V3_R_EXPECTED_A_SECTION_NAME ,"expected a section name"},
122{X509V3_R_EXTENSION_NAME_ERROR ,"extension name error"},
123{X509V3_R_EXTENSION_NOT_FOUND ,"extension not found"},
124{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"},
125{X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"},
126{X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"},
127{X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"},
128{X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"},
129{X509V3_R_INVALID_NAME ,"invalid name"},
130{X509V3_R_INVALID_NULL_ARGUMENT ,"invalid null argument"},
131{X509V3_R_INVALID_NULL_NAME ,"invalid null name"},
132{X509V3_R_INVALID_NULL_VALUE ,"invalid null value"},
133{X509V3_R_INVALID_NUMBER ,"invalid number"},
134{X509V3_R_INVALID_NUMBERS ,"invalid numbers"},
135{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"},
136{X509V3_R_INVALID_OPTION ,"invalid option"},
137{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
138{X509V3_R_INVALID_SECTION ,"invalid section"},
139{X509V3_R_INVALID_SYNTAX ,"invalid syntax"},
140{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"},
141{X509V3_R_MISSING_VALUE ,"missing value"},
142{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ,"need organization and numbers"},
143{X509V3_R_NO_CONFIG_DATABASE ,"no config database"},
144{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"},
145{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"},
146{X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"},
147{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
148{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"},
149{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"},
150{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"},
151{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"},
152{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"},
153{X509V3_R_UNKNOWN_EXTENSION ,"unknown extension"},
154{X509V3_R_UNKNOWN_EXTENSION_NAME ,"unknown extension name"},
155{X509V3_R_UNKNOWN_OPTION ,"unknown option"},
156{X509V3_R_UNSUPPORTED_OPTION ,"unsupported option"},
157{X509V3_R_USER_TOO_LONG ,"user too long"},
158{0,NULL}
159 };
160
161#endif
162
163void ERR_load_X509V3_strings(void)
164 {
165 static int init=1;
166
167 if (init)
168 {
169 init=0;
170#ifndef NO_ERR
171 ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs);
172 ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons);
173#endif
174
175 }
176 }
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h
deleted file mode 100644
index 0453b12d63..0000000000
--- a/src/lib/libcrypto/x509v3/x509v3.h
+++ /dev/null
@@ -1,653 +0,0 @@
1/* x509v3.h */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#ifndef HEADER_X509V3_H
59#define HEADER_X509V3_H
60
61#include <openssl/bio.h>
62#include <openssl/x509.h>
63#include <openssl/conf.h>
64
65#ifdef __cplusplus
66extern "C" {
67#endif
68
69/* Forward reference */
70struct v3_ext_method;
71struct v3_ext_ctx;
72
73/* Useful typedefs */
74
75typedef void * (*X509V3_EXT_NEW)(void);
76typedef void (*X509V3_EXT_FREE)(void *);
77typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long);
78typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
79typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
80typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
81typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
82typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
83typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
84typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
85
86/* V3 extension structure */
87
88struct v3_ext_method {
89int ext_nid;
90int ext_flags;
91X509V3_EXT_NEW ext_new;
92X509V3_EXT_FREE ext_free;
93X509V3_EXT_D2I d2i;
94X509V3_EXT_I2D i2d;
95
96/* The following pair is used for string extensions */
97X509V3_EXT_I2S i2s;
98X509V3_EXT_S2I s2i;
99
100/* The following pair is used for multi-valued extensions */
101X509V3_EXT_I2V i2v;
102X509V3_EXT_V2I v2i;
103
104/* The following are used for raw extensions */
105X509V3_EXT_I2R i2r;
106X509V3_EXT_R2I r2i;
107
108void *usr_data; /* Any extension specific data */
109};
110
111typedef struct X509V3_CONF_METHOD_st {
112char * (*get_string)(void *db, char *section, char *value);
113STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
114void (*free_string)(void *db, char * string);
115void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
116} X509V3_CONF_METHOD;
117
118/* Context specific info */
119struct v3_ext_ctx {
120#define CTX_TEST 0x1
121int flags;
122X509 *issuer_cert;
123X509 *subject_cert;
124X509_REQ *subject_req;
125X509_CRL *crl;
126X509V3_CONF_METHOD *db_meth;
127void *db;
128/* Maybe more here */
129};
130
131typedef struct v3_ext_method X509V3_EXT_METHOD;
132typedef struct v3_ext_ctx X509V3_CTX;
133
134DECLARE_STACK_OF(X509V3_EXT_METHOD)
135
136/* ext_flags values */
137#define X509V3_EXT_DYNAMIC 0x1
138#define X509V3_EXT_CTX_DEP 0x2
139#define X509V3_EXT_MULTILINE 0x4
140
141typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
142
143typedef struct BASIC_CONSTRAINTS_st {
144int ca;
145ASN1_INTEGER *pathlen;
146} BASIC_CONSTRAINTS;
147
148
149typedef struct PKEY_USAGE_PERIOD_st {
150ASN1_GENERALIZEDTIME *notBefore;
151ASN1_GENERALIZEDTIME *notAfter;
152} PKEY_USAGE_PERIOD;
153
154typedef struct otherName_st {
155ASN1_OBJECT *type_id;
156ASN1_TYPE *value;
157} OTHERNAME;
158
159typedef struct GENERAL_NAME_st {
160
161#define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC)
162#define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC)
163#define GEN_DNS (2|V_ASN1_CONTEXT_SPECIFIC)
164#define GEN_X400 (3|V_ASN1_CONTEXT_SPECIFIC)
165#define GEN_DIRNAME (4|V_ASN1_CONTEXT_SPECIFIC)
166#define GEN_EDIPARTY (5|V_ASN1_CONTEXT_SPECIFIC)
167#define GEN_URI (6|V_ASN1_CONTEXT_SPECIFIC)
168#define GEN_IPADD (7|V_ASN1_CONTEXT_SPECIFIC)
169#define GEN_RID (8|V_ASN1_CONTEXT_SPECIFIC)
170
171int type;
172union {
173 char *ptr;
174 ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
175 ASN1_OCTET_STRING *ip; /* iPAddress */
176 X509_NAME *dirn; /* dirn */
177 ASN1_OBJECT *rid; /* registeredID */
178 OTHERNAME *otherName; /* otherName */
179 ASN1_TYPE *other; /* ediPartyName, x400Address */
180} d;
181} GENERAL_NAME;
182
183typedef struct ACCESS_DESCRIPTION_st {
184 ASN1_OBJECT *method;
185 GENERAL_NAME *location;
186} ACCESS_DESCRIPTION;
187
188DECLARE_STACK_OF(GENERAL_NAME)
189DECLARE_ASN1_SET_OF(GENERAL_NAME)
190
191DECLARE_STACK_OF(ACCESS_DESCRIPTION)
192DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
193
194typedef struct DIST_POINT_NAME_st {
195/* NB: this is a CHOICE type and only one of these should be set */
196STACK_OF(GENERAL_NAME) *fullname;
197STACK_OF(X509_NAME_ENTRY) *relativename;
198} DIST_POINT_NAME;
199
200typedef struct DIST_POINT_st {
201DIST_POINT_NAME *distpoint;
202ASN1_BIT_STRING *reasons;
203STACK_OF(GENERAL_NAME) *CRLissuer;
204} DIST_POINT;
205
206DECLARE_STACK_OF(DIST_POINT)
207DECLARE_ASN1_SET_OF(DIST_POINT)
208
209typedef struct AUTHORITY_KEYID_st {
210ASN1_OCTET_STRING *keyid;
211STACK_OF(GENERAL_NAME) *issuer;
212ASN1_INTEGER *serial;
213} AUTHORITY_KEYID;
214
215/* Strong extranet structures */
216
217typedef struct SXNET_ID_st {
218 ASN1_INTEGER *zone;
219 ASN1_OCTET_STRING *user;
220} SXNETID;
221
222DECLARE_STACK_OF(SXNETID)
223DECLARE_ASN1_SET_OF(SXNETID)
224
225typedef struct SXNET_st {
226 ASN1_INTEGER *version;
227 STACK_OF(SXNETID) *ids;
228} SXNET;
229
230typedef struct NOTICEREF_st {
231 ASN1_STRING *organization;
232 STACK_OF(ASN1_INTEGER) *noticenos;
233} NOTICEREF;
234
235typedef struct USERNOTICE_st {
236 NOTICEREF *noticeref;
237 ASN1_STRING *exptext;
238} USERNOTICE;
239
240typedef struct POLICYQUALINFO_st {
241 ASN1_OBJECT *pqualid;
242 union {
243 ASN1_IA5STRING *cpsuri;
244 USERNOTICE *usernotice;
245 ASN1_TYPE *other;
246 } d;
247} POLICYQUALINFO;
248
249DECLARE_STACK_OF(POLICYQUALINFO)
250DECLARE_ASN1_SET_OF(POLICYQUALINFO)
251
252typedef struct POLICYINFO_st {
253 ASN1_OBJECT *policyid;
254 STACK_OF(POLICYQUALINFO) *qualifiers;
255} POLICYINFO;
256
257DECLARE_STACK_OF(POLICYINFO)
258DECLARE_ASN1_SET_OF(POLICYINFO)
259
260#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
261",name:", val->name, ",value:", val->value);
262
263#define X509V3_set_ctx_test(ctx) \
264 X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
265#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
266
267#define EXT_BITSTRING(nid, table) { nid, 0, \
268 (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
269 (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
270 (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
271 (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
272 NULL, NULL, \
273 (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
274 (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
275 NULL, NULL, \
276 (char *)table}
277
278#define EXT_IA5STRING(nid) { nid, 0, \
279 (X509V3_EXT_NEW)ASN1_IA5STRING_new, \
280 (X509V3_EXT_FREE)ASN1_IA5STRING_free, \
281 (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
282 (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
283 (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
284 (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
285 NULL, NULL, NULL, NULL, \
286 NULL}
287
288#define EXT_END { -1, 0, NULL, NULL, NULL, NULL, NULL, NULL, \
289 NULL, NULL, NULL, NULL, \
290 NULL}
291
292
293/* X509_PURPOSE stuff */
294
295#define EXFLAG_BCONS 0x1
296#define EXFLAG_KUSAGE 0x2
297#define EXFLAG_XKUSAGE 0x4
298#define EXFLAG_NSCERT 0x8
299
300#define EXFLAG_CA 0x10
301#define EXFLAG_SS 0x20
302#define EXFLAG_V1 0x40
303#define EXFLAG_INVALID 0x80
304#define EXFLAG_SET 0x100
305
306#define KU_DIGITAL_SIGNATURE 0x0080
307#define KU_NON_REPUDIATION 0x0040
308#define KU_KEY_ENCIPHERMENT 0x0020
309#define KU_DATA_ENCIPHERMENT 0x0010
310#define KU_KEY_AGREEMENT 0x0008
311#define KU_KEY_CERT_SIGN 0x0004
312#define KU_CRL_SIGN 0x0002
313#define KU_ENCIPHER_ONLY 0x0001
314#define KU_DECIPHER_ONLY 0x8000
315
316#define NS_SSL_CLIENT 0x80
317#define NS_SSL_SERVER 0x40
318#define NS_SMIME 0x20
319#define NS_OBJSIGN 0x10
320#define NS_SSL_CA 0x04
321#define NS_SMIME_CA 0x02
322#define NS_OBJSIGN_CA 0x01
323
324#define XKU_SSL_SERVER 0x1
325#define XKU_SSL_CLIENT 0x2
326#define XKU_SMIME 0x4
327#define XKU_CODE_SIGN 0x8
328#define XKU_SGC 0x10
329
330#define X509_PURPOSE_DYNAMIC 0x1
331#define X509_PURPOSE_DYNAMIC_NAME 0x2
332
333typedef struct x509_purpose_st {
334 int purpose;
335 int trust; /* Default trust ID */
336 int flags;
337 int (*check_purpose)(const struct x509_purpose_st *,
338 const X509 *, int);
339 char *name;
340 char *sname;
341 void *usr_data;
342} X509_PURPOSE;
343
344#define X509_PURPOSE_SSL_CLIENT 1
345#define X509_PURPOSE_SSL_SERVER 2
346#define X509_PURPOSE_NS_SSL_SERVER 3
347#define X509_PURPOSE_SMIME_SIGN 4
348#define X509_PURPOSE_SMIME_ENCRYPT 5
349#define X509_PURPOSE_CRL_SIGN 6
350#define X509_PURPOSE_ANY 7
351
352#define X509_PURPOSE_MIN 1
353#define X509_PURPOSE_MAX 7
354
355DECLARE_STACK_OF(X509_PURPOSE)
356
357void ERR_load_X509V3_strings(void);
358int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
359BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
360BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);
361void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a);
362
363int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp);
364GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length);
365GENERAL_NAME *GENERAL_NAME_new(void);
366void GENERAL_NAME_free(GENERAL_NAME *a);
367STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
368
369int i2d_SXNET(SXNET *a, unsigned char **pp);
370SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
371SXNET *SXNET_new(void);
372void SXNET_free(SXNET *a);
373
374int i2d_SXNETID(SXNETID *a, unsigned char **pp);
375SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length);
376SXNETID *SXNETID_new(void);
377void SXNETID_free(SXNETID *a);
378
379int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
380int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen);
381int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen);
382
383ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
384ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
385ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
386
387int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp);
388AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length);
389AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
390void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
391
392int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp);
393PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length);
394PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void);
395void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a);
396
397STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void);
398void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a);
399STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length);
400int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp);
401STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
402 STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist);
403STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
404 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
405
406int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
407OTHERNAME *OTHERNAME_new(void);
408OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
409void OTHERNAME_free(OTHERNAME *a);
410
411char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
412ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
413
414int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
415STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
416 unsigned char **pp, long length);
417void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
418STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
419
420int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
421STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
422void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a);
423STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length);
424
425int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp);
426POLICYINFO *POLICYINFO_new(void);
427POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length);
428void POLICYINFO_free(POLICYINFO *a);
429
430int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp);
431POLICYQUALINFO *POLICYQUALINFO_new(void);
432POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
433 long length);
434void POLICYQUALINFO_free(POLICYQUALINFO *a);
435
436int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp);
437USERNOTICE *USERNOTICE_new(void);
438USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length);
439void USERNOTICE_free(USERNOTICE *a);
440
441int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp);
442NOTICEREF *NOTICEREF_new(void);
443NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length);
444void NOTICEREF_free(NOTICEREF *a);
445
446int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp);
447STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void);
448void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a);
449STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
450 unsigned char **pp,long length);
451
452int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp);
453DIST_POINT *DIST_POINT_new(void);
454DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length);
455void DIST_POINT_free(DIST_POINT *a);
456
457int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp);
458DIST_POINT_NAME *DIST_POINT_NAME_new(void);
459void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
460DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
461 long length);
462
463int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp);
464ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
465void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
466ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
467 long length);
468
469STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void);
470void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
471STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
472 unsigned char **pp, long length);
473int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp);
474
475
476
477#ifdef HEADER_CONF_H
478GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
479void X509V3_conf_free(CONF_VALUE *val);
480X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
481X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
482int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
483int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
484int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
485int X509V3_add_value_bool_nf(char *name, int asn1_bool,
486 STACK_OF(CONF_VALUE) **extlist);
487int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
488int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
489void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
490#endif
491
492char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
493STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
494void X509V3_string_free(X509V3_CTX *ctx, char *str);
495void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
496void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
497 X509_REQ *req, X509_CRL *crl, int flags);
498
499int X509V3_add_value(const char *name, const char *value,
500 STACK_OF(CONF_VALUE) **extlist);
501int X509V3_add_value_uchar(const char *name, const unsigned char *value,
502 STACK_OF(CONF_VALUE) **extlist);
503int X509V3_add_value_bool(const char *name, int asn1_bool,
504 STACK_OF(CONF_VALUE) **extlist);
505int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
506 STACK_OF(CONF_VALUE) **extlist);
507char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
508ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
509char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
510char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
511int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
512int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
513int X509V3_EXT_add_alias(int nid_to, int nid_from);
514void X509V3_EXT_cleanup(void);
515
516X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
517X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
518int X509V3_add_standard_extensions(void);
519STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line);
520void *X509V3_EXT_d2i(X509_EXTENSION *ext);
521void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
522
523X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
524
525char *hex_to_string(unsigned char *buffer, long len);
526unsigned char *string_to_hex(char *str, long *len);
527int name_cmp(const char *name, const char *cmp);
528
529void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
530 int ml);
531int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
532int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
533
534int X509_check_purpose(X509 *x, int id, int ca);
535int X509_check_issued(X509 *issuer, X509 *subject);
536int X509_PURPOSE_get_count(void);
537X509_PURPOSE * X509_PURPOSE_get0(int idx);
538int X509_PURPOSE_get_by_sname(char *sname);
539int X509_PURPOSE_get_by_id(int id);
540int X509_PURPOSE_add(int id, int trust, int flags,
541 int (*ck)(const X509_PURPOSE *, const X509 *, int),
542 char *name, char *sname, void *arg);
543char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
544char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
545int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
546void X509_PURPOSE_cleanup(void);
547int X509_PURPOSE_get_id(X509_PURPOSE *);
548
549STACK *X509_get1_email(X509 *x);
550STACK *X509_REQ_get1_email(X509_REQ *x);
551void X509_email_free(STACK *sk);
552
553
554/* BEGIN ERROR CODES */
555/* The following lines are auto generated by the script mkerr.pl. Any changes
556 * made after this point may be overwritten when the script is next run.
557 */
558
559/* Error codes for the X509V3 functions. */
560
561/* Function codes. */
562#define X509V3_F_COPY_EMAIL 122
563#define X509V3_F_COPY_ISSUER 123
564#define X509V3_F_DO_EXT_CONF 124
565#define X509V3_F_DO_EXT_I2D 135
566#define X509V3_F_HEX_TO_STRING 111
567#define X509V3_F_I2S_ASN1_ENUMERATED 121
568#define X509V3_F_I2S_ASN1_INTEGER 120
569#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
570#define X509V3_F_NOTICE_SECTION 132
571#define X509V3_F_NREF_NOS 133
572#define X509V3_F_POLICY_SECTION 131
573#define X509V3_F_R2I_CERTPOL 130
574#define X509V3_F_S2I_ASN1_IA5STRING 100
575#define X509V3_F_S2I_ASN1_INTEGER 108
576#define X509V3_F_S2I_ASN1_OCTET_STRING 112
577#define X509V3_F_S2I_ASN1_SKEY_ID 114
578#define X509V3_F_S2I_S2I_SKEY_ID 115
579#define X509V3_F_STRING_TO_HEX 113
580#define X509V3_F_SXNET_ADD_ASC 125
581#define X509V3_F_SXNET_ADD_ID_INTEGER 126
582#define X509V3_F_SXNET_ADD_ID_ULONG 127
583#define X509V3_F_SXNET_GET_ID_ASC 128
584#define X509V3_F_SXNET_GET_ID_ULONG 129
585#define X509V3_F_V2I_ACCESS_DESCRIPTION 139
586#define X509V3_F_V2I_ASN1_BIT_STRING 101
587#define X509V3_F_V2I_AUTHORITY_KEYID 119
588#define X509V3_F_V2I_BASIC_CONSTRAINTS 102
589#define X509V3_F_V2I_CRLD 134
590#define X509V3_F_V2I_EXT_KU 103
591#define X509V3_F_V2I_GENERAL_NAME 117
592#define X509V3_F_V2I_GENERAL_NAMES 118
593#define X509V3_F_V3_GENERIC_EXTENSION 116
594#define X509V3_F_X509V3_ADD_VALUE 105
595#define X509V3_F_X509V3_EXT_ADD 104
596#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
597#define X509V3_F_X509V3_EXT_CONF 107
598#define X509V3_F_X509V3_EXT_I2D 136
599#define X509V3_F_X509V3_GET_VALUE_BOOL 110
600#define X509V3_F_X509V3_PARSE_LIST 109
601#define X509V3_F_X509_PURPOSE_ADD 137
602
603/* Reason codes. */
604#define X509V3_R_BAD_IP_ADDRESS 118
605#define X509V3_R_BAD_OBJECT 119
606#define X509V3_R_BN_DEC2BN_ERROR 100
607#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
608#define X509V3_R_DUPLICATE_ZONE_ID 133
609#define X509V3_R_ERROR_CONVERTING_ZONE 131
610#define X509V3_R_ERROR_IN_EXTENSION 128
611#define X509V3_R_EXPECTED_A_SECTION_NAME 137
612#define X509V3_R_EXTENSION_NAME_ERROR 115
613#define X509V3_R_EXTENSION_NOT_FOUND 102
614#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
615#define X509V3_R_EXTENSION_VALUE_ERROR 116
616#define X509V3_R_ILLEGAL_HEX_DIGIT 113
617#define X509V3_R_INVALID_BOOLEAN_STRING 104
618#define X509V3_R_INVALID_EXTENSION_STRING 105
619#define X509V3_R_INVALID_NAME 106
620#define X509V3_R_INVALID_NULL_ARGUMENT 107
621#define X509V3_R_INVALID_NULL_NAME 108
622#define X509V3_R_INVALID_NULL_VALUE 109
623#define X509V3_R_INVALID_NUMBER 140
624#define X509V3_R_INVALID_NUMBERS 141
625#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
626#define X509V3_R_INVALID_OPTION 138
627#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
628#define X509V3_R_INVALID_SECTION 135
629#define X509V3_R_INVALID_SYNTAX 143
630#define X509V3_R_ISSUER_DECODE_ERROR 126
631#define X509V3_R_MISSING_VALUE 124
632#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
633#define X509V3_R_NO_CONFIG_DATABASE 136
634#define X509V3_R_NO_ISSUER_CERTIFICATE 121
635#define X509V3_R_NO_ISSUER_DETAILS 127
636#define X509V3_R_NO_POLICY_IDENTIFIER 139
637#define X509V3_R_NO_PUBLIC_KEY 114
638#define X509V3_R_NO_SUBJECT_DETAILS 125
639#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
640#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
641#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
642#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
643#define X509V3_R_UNKNOWN_EXTENSION 129
644#define X509V3_R_UNKNOWN_EXTENSION_NAME 130
645#define X509V3_R_UNKNOWN_OPTION 120
646#define X509V3_R_UNSUPPORTED_OPTION 117
647#define X509V3_R_USER_TOO_LONG 132
648
649#ifdef __cplusplus
650}
651#endif
652#endif
653
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
deleted file mode 100644
index 3fd259ac32..0000000000
--- a/src/lib/libssl/LICENSE
+++ /dev/null
@@ -1,127 +0,0 @@
1
2 LICENSE ISSUES
3 ==============
4
5 The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
6 the OpenSSL License and the original SSLeay license apply to the toolkit.
7 See below for the actual license texts. Actually both licenses are BSD-style
8 Open Source licenses. In case of any license issues related to OpenSSL
9 please contact openssl-core@openssl.org.
10
11 OpenSSL License
12 ---------------
13
14/* ====================================================================
15 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 *
21 * 1. Redistributions of source code must retain the above copyright
22 * notice, this list of conditions and the following disclaimer.
23 *
24 * 2. Redistributions in binary form must reproduce the above copyright
25 * notice, this list of conditions and the following disclaimer in
26 * the documentation and/or other materials provided with the
27 * distribution.
28 *
29 * 3. All advertising materials mentioning features or use of this
30 * software must display the following acknowledgment:
31 * "This product includes software developed by the OpenSSL Project
32 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
33 *
34 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
35 * endorse or promote products derived from this software without
36 * prior written permission. For written permission, please contact
37 * openssl-core@openssl.org.
38 *
39 * 5. Products derived from this software may not be called "OpenSSL"
40 * nor may "OpenSSL" appear in their names without prior written
41 * permission of the OpenSSL Project.
42 *
43 * 6. Redistributions of any form whatsoever must retain the following
44 * acknowledgment:
45 * "This product includes software developed by the OpenSSL Project
46 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
49 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
51 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
52 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
53 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
54 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
55 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
57 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
58 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
59 * OF THE POSSIBILITY OF SUCH DAMAGE.
60 * ====================================================================
61 *
62 * This product includes cryptographic software written by Eric Young
63 * (eay@cryptsoft.com). This product includes software written by Tim
64 * Hudson (tjh@cryptsoft.com).
65 *
66 */
67
68 Original SSLeay License
69 -----------------------
70
71/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
72 * All rights reserved.
73 *
74 * This package is an SSL implementation written
75 * by Eric Young (eay@cryptsoft.com).
76 * The implementation was written so as to conform with Netscapes SSL.
77 *
78 * This library is free for commercial and non-commercial use as long as
79 * the following conditions are aheared to. The following conditions
80 * apply to all code found in this distribution, be it the RC4, RSA,
81 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
82 * included with this distribution is covered by the same copyright terms
83 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
84 *
85 * Copyright remains Eric Young's, and as such any Copyright notices in
86 * the code are not to be removed.
87 * If this package is used in a product, Eric Young should be given attribution
88 * as the author of the parts of the library used.
89 * This can be in the form of a textual message at program startup or
90 * in documentation (online or textual) provided with the package.
91 *
92 * Redistribution and use in source and binary forms, with or without
93 * modification, are permitted provided that the following conditions
94 * are met:
95 * 1. Redistributions of source code must retain the copyright
96 * notice, this list of conditions and the following disclaimer.
97 * 2. Redistributions in binary form must reproduce the above copyright
98 * notice, this list of conditions and the following disclaimer in the
99 * documentation and/or other materials provided with the distribution.
100 * 3. All advertising materials mentioning features or use of this software
101 * must display the following acknowledgement:
102 * "This product includes cryptographic software written by
103 * Eric Young (eay@cryptsoft.com)"
104 * The word 'cryptographic' can be left out if the rouines from the library
105 * being used are not cryptographic related :-).
106 * 4. If you include any Windows specific code (or a derivative thereof) from
107 * the apps directory (application code) you must include an acknowledgement:
108 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
109 *
110 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
111 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
112 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
113 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
114 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
115 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
116 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
117 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
118 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
119 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
120 * SUCH DAMAGE.
121 *
122 * The licence and distribution terms for any publically available version or
123 * derivative of this code cannot be changed. i.e. this code cannot simply be
124 * copied and put under another distribution licence
125 * [including the GNU Public Licence.]
126 */
127
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
deleted file mode 100644
index d85555a7e6..0000000000
--- a/src/lib/libssl/bio_ssl.c
+++ /dev/null
@@ -1,586 +0,0 @@
1/* ssl/bio_ssl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <errno.h>
63#include <openssl/crypto.h>
64#include <openssl/bio.h>
65#include <openssl/err.h>
66#include <openssl/ssl.h>
67
68static int ssl_write(BIO *h, const char *buf, int num);
69static int ssl_read(BIO *h, char *buf, int size);
70static int ssl_puts(BIO *h, const char *str);
71static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
72static int ssl_new(BIO *h);
73static int ssl_free(BIO *data);
74static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
75typedef struct bio_ssl_st
76 {
77 SSL *ssl; /* The ssl handle :-) */
78 /* re-negotiate every time the total number of bytes is this size */
79 int num_renegotiates;
80 unsigned long renegotiate_count;
81 unsigned long byte_count;
82 unsigned long renegotiate_timeout;
83 unsigned long last_time;
84 } BIO_SSL;
85
86static BIO_METHOD methods_sslp=
87 {
88 BIO_TYPE_SSL,"ssl",
89 ssl_write,
90 ssl_read,
91 ssl_puts,
92 NULL, /* ssl_gets, */
93 ssl_ctrl,
94 ssl_new,
95 ssl_free,
96 ssl_callback_ctrl,
97 };
98
99BIO_METHOD *BIO_f_ssl(void)
100 {
101 return(&methods_sslp);
102 }
103
104static int ssl_new(BIO *bi)
105 {
106 BIO_SSL *bs;
107
108 bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
109 if (bs == NULL)
110 {
111 BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
112 return(0);
113 }
114 memset(bs,0,sizeof(BIO_SSL));
115 bi->init=0;
116 bi->ptr=(char *)bs;
117 bi->flags=0;
118 return(1);
119 }
120
121static int ssl_free(BIO *a)
122 {
123 BIO_SSL *bs;
124
125 if (a == NULL) return(0);
126 bs=(BIO_SSL *)a->ptr;
127 if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
128 if (a->shutdown)
129 {
130 if (a->init && (bs->ssl != NULL))
131 SSL_free(bs->ssl);
132 a->init=0;
133 a->flags=0;
134 }
135 if (a->ptr != NULL)
136 OPENSSL_free(a->ptr);
137 return(1);
138 }
139
140static int ssl_read(BIO *b, char *out, int outl)
141 {
142 int ret=1;
143 BIO_SSL *sb;
144 SSL *ssl;
145 int retry_reason=0;
146 int r=0;
147
148 if (out == NULL) return(0);
149 sb=(BIO_SSL *)b->ptr;
150 ssl=sb->ssl;
151
152 BIO_clear_retry_flags(b);
153
154#if 0
155 if (!SSL_is_init_finished(ssl))
156 {
157/* ret=SSL_do_handshake(ssl); */
158 if (ret > 0)
159 {
160
161 outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
162 ret= -1;
163 goto end;
164 }
165 }
166#endif
167/* if (ret > 0) */
168 ret=SSL_read(ssl,out,outl);
169
170 switch (SSL_get_error(ssl,ret))
171 {
172 case SSL_ERROR_NONE:
173 if (ret <= 0) break;
174 if (sb->renegotiate_count > 0)
175 {
176 sb->byte_count+=ret;
177 if (sb->byte_count > sb->renegotiate_count)
178 {
179 sb->byte_count=0;
180 sb->num_renegotiates++;
181 SSL_renegotiate(ssl);
182 r=1;
183 }
184 }
185 if ((sb->renegotiate_timeout > 0) && (!r))
186 {
187 unsigned long tm;
188
189 tm=(unsigned long)time(NULL);
190 if (tm > sb->last_time+sb->renegotiate_timeout)
191 {
192 sb->last_time=tm;
193 sb->num_renegotiates++;
194 SSL_renegotiate(ssl);
195 }
196 }
197
198 break;
199 case SSL_ERROR_WANT_READ:
200 BIO_set_retry_read(b);
201 break;
202 case SSL_ERROR_WANT_WRITE:
203 BIO_set_retry_write(b);
204 break;
205 case SSL_ERROR_WANT_X509_LOOKUP:
206 BIO_set_retry_special(b);
207 retry_reason=BIO_RR_SSL_X509_LOOKUP;
208 break;
209 case SSL_ERROR_WANT_CONNECT:
210 BIO_set_retry_special(b);
211 retry_reason=BIO_RR_CONNECT;
212 break;
213 case SSL_ERROR_SYSCALL:
214 case SSL_ERROR_SSL:
215 case SSL_ERROR_ZERO_RETURN:
216 default:
217 break;
218 }
219
220 b->retry_reason=retry_reason;
221 return(ret);
222 }
223
224static int ssl_write(BIO *b, const char *out, int outl)
225 {
226 int ret,r=0;
227 int retry_reason=0;
228 SSL *ssl;
229 BIO_SSL *bs;
230
231 if (out == NULL) return(0);
232 bs=(BIO_SSL *)b->ptr;
233 ssl=bs->ssl;
234
235 BIO_clear_retry_flags(b);
236
237/* ret=SSL_do_handshake(ssl);
238 if (ret > 0) */
239 ret=SSL_write(ssl,out,outl);
240
241 switch (SSL_get_error(ssl,ret))
242 {
243 case SSL_ERROR_NONE:
244 if (ret <= 0) break;
245 if (bs->renegotiate_count > 0)
246 {
247 bs->byte_count+=ret;
248 if (bs->byte_count > bs->renegotiate_count)
249 {
250 bs->byte_count=0;
251 bs->num_renegotiates++;
252 SSL_renegotiate(ssl);
253 r=1;
254 }
255 }
256 if ((bs->renegotiate_timeout > 0) && (!r))
257 {
258 unsigned long tm;
259
260 tm=(unsigned long)time(NULL);
261 if (tm > bs->last_time+bs->renegotiate_timeout)
262 {
263 bs->last_time=tm;
264 bs->num_renegotiates++;
265 SSL_renegotiate(ssl);
266 }
267 }
268 break;
269 case SSL_ERROR_WANT_WRITE:
270 BIO_set_retry_write(b);
271 break;
272 case SSL_ERROR_WANT_READ:
273 BIO_set_retry_read(b);
274 break;
275 case SSL_ERROR_WANT_X509_LOOKUP:
276 BIO_set_retry_special(b);
277 retry_reason=BIO_RR_SSL_X509_LOOKUP;
278 break;
279 case SSL_ERROR_WANT_CONNECT:
280 BIO_set_retry_special(b);
281 retry_reason=BIO_RR_CONNECT;
282 case SSL_ERROR_SYSCALL:
283 case SSL_ERROR_SSL:
284 default:
285 break;
286 }
287
288 b->retry_reason=retry_reason;
289 return(ret);
290 }
291
292static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
293 {
294 SSL **sslp,*ssl;
295 BIO_SSL *bs;
296 BIO *dbio,*bio;
297 long ret=1;
298
299 bs=(BIO_SSL *)b->ptr;
300 ssl=bs->ssl;
301 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
302 return(0);
303 switch (cmd)
304 {
305 case BIO_CTRL_RESET:
306 SSL_shutdown(ssl);
307
308 if (ssl->handshake_func == ssl->method->ssl_connect)
309 SSL_set_connect_state(ssl);
310 else if (ssl->handshake_func == ssl->method->ssl_accept)
311 SSL_set_accept_state(ssl);
312
313 SSL_clear(ssl);
314
315 if (b->next_bio != NULL)
316 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
317 else if (ssl->rbio != NULL)
318 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
319 else
320 ret=1;
321 break;
322 case BIO_CTRL_INFO:
323 ret=0;
324 break;
325 case BIO_C_SSL_MODE:
326 if (num) /* client mode */
327 SSL_set_connect_state(ssl);
328 else
329 SSL_set_accept_state(ssl);
330 break;
331 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
332 ret=bs->renegotiate_timeout;
333 if (num < 60) num=5;
334 bs->renegotiate_timeout=(unsigned long)num;
335 bs->last_time=(unsigned long)time(NULL);
336 break;
337 case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
338 ret=bs->renegotiate_count;
339 if ((long)num >=512)
340 bs->renegotiate_count=(unsigned long)num;
341 break;
342 case BIO_C_GET_SSL_NUM_RENEGOTIATES:
343 ret=bs->num_renegotiates;
344 break;
345 case BIO_C_SET_SSL:
346 if (ssl != NULL)
347 ssl_free(b);
348 b->shutdown=(int)num;
349 ssl=(SSL *)ptr;
350 ((BIO_SSL *)b->ptr)->ssl=ssl;
351 bio=SSL_get_rbio(ssl);
352 if (bio != NULL)
353 {
354 if (b->next_bio != NULL)
355 BIO_push(bio,b->next_bio);
356 b->next_bio=bio;
357 CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
358 }
359 b->init=1;
360 break;
361 case BIO_C_GET_SSL:
362 if (ptr != NULL)
363 {
364 sslp=(SSL **)ptr;
365 *sslp=ssl;
366 }
367 else
368 ret=0;
369 break;
370 case BIO_CTRL_GET_CLOSE:
371 ret=b->shutdown;
372 break;
373 case BIO_CTRL_SET_CLOSE:
374 b->shutdown=(int)num;
375 break;
376 case BIO_CTRL_WPENDING:
377 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
378 break;
379 case BIO_CTRL_PENDING:
380 ret=SSL_pending(ssl);
381 if (ret == 0)
382 ret=BIO_pending(ssl->rbio);
383 break;
384 case BIO_CTRL_FLUSH:
385 BIO_clear_retry_flags(b);
386 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
387 BIO_copy_next_retry(b);
388 break;
389 case BIO_CTRL_PUSH:
390 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
391 {
392 SSL_set_bio(ssl,b->next_bio,b->next_bio);
393 CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
394 }
395 break;
396 case BIO_CTRL_POP:
397 /* ugly bit of a hack */
398 if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
399 {
400 BIO_free_all(ssl->wbio);
401 }
402 ssl->wbio=NULL;
403 ssl->rbio=NULL;
404 break;
405 case BIO_C_DO_STATE_MACHINE:
406 BIO_clear_retry_flags(b);
407
408 b->retry_reason=0;
409 ret=(int)SSL_do_handshake(ssl);
410
411 switch (SSL_get_error(ssl,(int)ret))
412 {
413 case SSL_ERROR_WANT_READ:
414 BIO_set_flags(b,
415 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
416 break;
417 case SSL_ERROR_WANT_WRITE:
418 BIO_set_flags(b,
419 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
420 break;
421 case SSL_ERROR_WANT_CONNECT:
422 BIO_set_flags(b,
423 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
424 b->retry_reason=b->next_bio->retry_reason;
425 break;
426 default:
427 break;
428 }
429 break;
430 case BIO_CTRL_DUP:
431 dbio=(BIO *)ptr;
432 if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
433 SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
434 ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
435 ((BIO_SSL *)dbio->ptr)->renegotiate_count=
436 ((BIO_SSL *)b->ptr)->renegotiate_count;
437 ((BIO_SSL *)dbio->ptr)->byte_count=
438 ((BIO_SSL *)b->ptr)->byte_count;
439 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
440 ((BIO_SSL *)b->ptr)->renegotiate_timeout;
441 ((BIO_SSL *)dbio->ptr)->last_time=
442 ((BIO_SSL *)b->ptr)->last_time;
443 ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
444 break;
445 case BIO_C_GET_FD:
446 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
447 break;
448 case BIO_CTRL_SET_CALLBACK:
449 {
450#if 0 /* FIXME: Should this be used? -- Richard Levitte */
451 BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
452 ret = -1;
453#else
454 ret=0;
455#endif
456 }
457 break;
458 case BIO_CTRL_GET_CALLBACK:
459 {
460 void (**fptr)();
461
462 fptr=(void (**)())ptr;
463 *fptr=SSL_get_info_callback(ssl);
464 }
465 break;
466 default:
467 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
468 break;
469 }
470 return(ret);
471 }
472
473static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
474 {
475 SSL *ssl;
476 BIO_SSL *bs;
477 long ret=1;
478
479 bs=(BIO_SSL *)b->ptr;
480 ssl=bs->ssl;
481 switch (cmd)
482 {
483 case BIO_CTRL_SET_CALLBACK:
484 {
485 SSL_set_info_callback(ssl,fp);
486 }
487 break;
488 default:
489 ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
490 break;
491 }
492 return(ret);
493 }
494
495static int ssl_puts(BIO *bp, const char *str)
496 {
497 int n,ret;
498
499 n=strlen(str);
500 ret=BIO_write(bp,str,n);
501 return(ret);
502 }
503
504BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
505 {
506 BIO *ret=NULL,*buf=NULL,*ssl=NULL;
507
508 if ((buf=BIO_new(BIO_f_buffer())) == NULL)
509 return(NULL);
510 if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
511 goto err;
512 if ((ret=BIO_push(buf,ssl)) == NULL)
513 goto err;
514 return(ret);
515err:
516 if (buf != NULL) BIO_free(buf);
517 if (ssl != NULL) BIO_free(ssl);
518 return(NULL);
519 }
520
521BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
522 {
523 BIO *ret=NULL,*con=NULL,*ssl=NULL;
524
525 if ((con=BIO_new(BIO_s_connect())) == NULL)
526 return(NULL);
527 if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
528 goto err;
529 if ((ret=BIO_push(ssl,con)) == NULL)
530 goto err;
531 return(ret);
532err:
533 if (con != NULL) BIO_free(con);
534 if (ret != NULL) BIO_free(ret);
535 return(NULL);
536 }
537
538BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
539 {
540 BIO *ret;
541 SSL *ssl;
542
543 if ((ret=BIO_new(BIO_f_ssl())) == NULL)
544 return(NULL);
545 if ((ssl=SSL_new(ctx)) == NULL)
546 {
547 BIO_free(ret);
548 return(NULL);
549 }
550 if (client)
551 SSL_set_connect_state(ssl);
552 else
553 SSL_set_accept_state(ssl);
554
555 BIO_set_ssl(ret,ssl,BIO_CLOSE);
556 return(ret);
557 }
558
559int BIO_ssl_copy_session_id(BIO *t, BIO *f)
560 {
561 t=BIO_find_type(t,BIO_TYPE_SSL);
562 f=BIO_find_type(f,BIO_TYPE_SSL);
563 if ((t == NULL) || (f == NULL))
564 return(0);
565 if ( (((BIO_SSL *)t->ptr)->ssl == NULL) ||
566 (((BIO_SSL *)f->ptr)->ssl == NULL))
567 return(0);
568 SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
569 return(1);
570 }
571
572void BIO_ssl_shutdown(BIO *b)
573 {
574 SSL *s;
575
576 while (b != NULL)
577 {
578 if (b->method->type == BIO_TYPE_SSL)
579 {
580 s=((BIO_SSL *)b->ptr)->ssl;
581 SSL_shutdown(s);
582 break;
583 }
584 b=b->next_bio;
585 }
586 }
diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf
deleted file mode 100644
index dbe8cbefe0..0000000000
--- a/src/lib/libssl/doc/openssl.cnf
+++ /dev/null
@@ -1,244 +0,0 @@
1#
2# OpenSSL example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6# This definition stops the following lines choking if HOME isn't
7# defined.
8HOME = .
9RANDFILE = $ENV::HOME/.rnd
10
11# Extra OBJECT IDENTIFIER info:
12#oid_file = $ENV::HOME/.oid
13oid_section = new_oids
14
15# To use this configuration file with the "-extfile" option of the
16# "openssl x509" utility, name here the section containing the
17# X.509v3 extensions to use:
18# extensions =
19# (Alternatively, use a configuration file that has only
20# X.509v3 extensions in its main [= default] section.)
21
22[ new_oids ]
23
24# We can add new OIDs in here for use by 'ca' and 'req'.
25# Add a simple OID like this:
26# testoid1=1.2.3.4
27# Or use config file substitution like this:
28# testoid2=${testoid1}.5.6
29
30####################################################################
31[ ca ]
32default_ca = CA_default # The default ca section
33
34####################################################################
35[ CA_default ]
36
37dir = ./demoCA # Where everything is kept
38certs = $dir/certs # Where the issued certs are kept
39crl_dir = $dir/crl # Where the issued crl are kept
40database = $dir/index.txt # database index file.
41new_certs_dir = $dir/newcerts # default place for new certs.
42
43certificate = $dir/cacert.pem # The CA certificate
44serial = $dir/serial # The current serial number
45crl = $dir/crl.pem # The current CRL
46private_key = $dir/private/cakey.pem# The private key
47RANDFILE = $dir/private/.rand # private random number file
48
49x509_extensions = usr_cert # The extentions to add to the cert
50
51# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
52# so this is commented out by default to leave a V1 CRL.
53# crl_extensions = crl_ext
54
55default_days = 365 # how long to certify for
56default_crl_days= 30 # how long before next CRL
57default_md = md5 # which md to use.
58preserve = no # keep passed DN ordering
59
60# A few difference way of specifying how similar the request should look
61# For type CA, the listed attributes must be the same, and the optional
62# and supplied fields are just that :-)
63policy = policy_match
64
65# For the CA policy
66[ policy_match ]
67countryName = match
68stateOrProvinceName = match
69organizationName = match
70organizationalUnitName = optional
71commonName = supplied
72emailAddress = optional
73
74# For the 'anything' policy
75# At this point in time, you must list all acceptable 'object'
76# types.
77[ policy_anything ]
78countryName = optional
79stateOrProvinceName = optional
80localityName = optional
81organizationName = optional
82organizationalUnitName = optional
83commonName = supplied
84emailAddress = optional
85
86####################################################################
87[ req ]
88default_bits = 1024
89default_keyfile = privkey.pem
90distinguished_name = req_distinguished_name
91attributes = req_attributes
92x509_extensions = v3_ca # The extentions to add to the self signed cert
93
94# Passwords for private keys if not present they will be prompted for
95# input_password = secret
96# output_password = secret
97
98# This sets a mask for permitted string types. There are several options.
99# default: PrintableString, T61String, BMPString.
100# pkix : PrintableString, BMPString.
101# utf8only: only UTF8Strings.
102# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
103# MASK:XXXX a literal mask value.
104# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
105# so use this option with caution!
106string_mask = nombstr
107
108# req_extensions = v3_req # The extensions to add to a certificate request
109
110[ req_distinguished_name ]
111countryName = Country Name (2 letter code)
112countryName_default = AU
113countryName_min = 2
114countryName_max = 2
115
116stateOrProvinceName = State or Province Name (full name)
117stateOrProvinceName_default = Some-State
118
119localityName = Locality Name (eg, city)
120
1210.organizationName = Organization Name (eg, company)
1220.organizationName_default = Internet Widgits Pty Ltd
123
124# we can do this but it is not needed normally :-)
125#1.organizationName = Second Organization Name (eg, company)
126#1.organizationName_default = World Wide Web Pty Ltd
127
128organizationalUnitName = Organizational Unit Name (eg, section)
129#organizationalUnitName_default =
130
131commonName = Common Name (eg, YOUR name)
132commonName_max = 64
133
134emailAddress = Email Address
135emailAddress_max = 40
136
137# SET-ex3 = SET extension number 3
138
139[ req_attributes ]
140challengePassword = A challenge password
141challengePassword_min = 4
142challengePassword_max = 20
143
144unstructuredName = An optional company name
145
146[ usr_cert ]
147
148# These extensions are added when 'ca' signs a request.
149
150# This goes against PKIX guidelines but some CAs do it and some software
151# requires this to avoid interpreting an end user certificate as a CA.
152
153basicConstraints=CA:FALSE
154
155# Here are some examples of the usage of nsCertType. If it is omitted
156# the certificate can be used for anything *except* object signing.
157
158# This is OK for an SSL server.
159# nsCertType = server
160
161# For an object signing certificate this would be used.
162# nsCertType = objsign
163
164# For normal client use this is typical
165# nsCertType = client, email
166
167# and for everything including object signing:
168# nsCertType = client, email, objsign
169
170# This is typical in keyUsage for a client certificate.
171# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
172
173# This will be displayed in Netscape's comment listbox.
174nsComment = "OpenSSL Generated Certificate"
175
176# PKIX recommendations harmless if included in all certificates.
177subjectKeyIdentifier=hash
178authorityKeyIdentifier=keyid,issuer:always
179
180# This stuff is for subjectAltName and issuerAltname.
181# Import the email address.
182# subjectAltName=email:copy
183
184# Copy subject details
185# issuerAltName=issuer:copy
186
187#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
188#nsBaseUrl
189#nsRevocationUrl
190#nsRenewalUrl
191#nsCaPolicyUrl
192#nsSslServerName
193
194[ v3_req ]
195
196# Extensions to add to a certificate request
197
198basicConstraints = CA:FALSE
199keyUsage = nonRepudiation, digitalSignature, keyEncipherment
200
201[ v3_ca ]
202
203
204# Extensions for a typical CA
205
206
207# PKIX recommendation.
208
209subjectKeyIdentifier=hash
210
211authorityKeyIdentifier=keyid:always,issuer:always
212
213# This is what PKIX recommends but some broken software chokes on critical
214# extensions.
215#basicConstraints = critical,CA:true
216# So we do this instead.
217basicConstraints = CA:true
218
219# Key usage: this is typical for a CA certificate. However since it will
220# prevent it being used as an test self-signed certificate it is best
221# left out by default.
222# keyUsage = cRLSign, keyCertSign
223
224# Some might want this also
225# nsCertType = sslCA, emailCA
226
227# Include email address in subject alt name: another PKIX recommendation
228# subjectAltName=email:copy
229# Copy issuer details
230# issuerAltName=issuer:copy
231
232# DER hex encoding of an extension: beware experts only!
233# obj=DER:02:03
234# Where 'obj' is a standard or added object
235# You can even override a supported extension:
236# basicConstraints= critical, DER:30:03:01:01:FF
237
238[ crl_ext ]
239
240# CRL extensions.
241# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
242
243# issuerAltName=issuer:copy
244authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/src/lib/libssl/doc/openssl.txt b/src/lib/libssl/doc/openssl.txt
deleted file mode 100644
index 5da519e7e4..0000000000
--- a/src/lib/libssl/doc/openssl.txt
+++ /dev/null
@@ -1,1235 +0,0 @@
1
2This is some preliminary documentation for OpenSSL.
3
4Contents:
5
6 OpenSSL X509V3 extension configuration
7 X509V3 Extension code: programmers guide
8 PKCS#12 Library
9
10
11==============================================================================
12 OpenSSL X509V3 extension configuration
13==============================================================================
14
15OpenSSL X509V3 extension configuration: preliminary documentation.
16
17INTRODUCTION.
18
19For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
20possible to add and print out common X509 V3 certificate and CRL extensions.
21
22BEGINNERS NOTE
23
24For most simple applications you don't need to know too much about extensions:
25the default openssl.cnf values will usually do sensible things.
26
27If you want to know more you can initially quickly look through the sections
28describing how the standard OpenSSL utilities display and add extensions and
29then the list of supported extensions.
30
31For more technical information about the meaning of extensions see:
32
33http://www.imc.org/ietf-pkix/
34http://home.netscape.com/eng/security/certs.html
35
36PRINTING EXTENSIONS.
37
38Extension values are automatically printed out for supported extensions.
39
40openssl x509 -in cert.pem -text
41openssl crl -in crl.pem -text
42
43will give information in the extension printout, for example:
44
45 X509v3 extensions:
46 X509v3 Basic Constraints:
47 CA:TRUE
48 X509v3 Subject Key Identifier:
49 73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
50 X509v3 Authority Key Identifier:
51 keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
52 X509v3 Key Usage:
53 Certificate Sign, CRL Sign
54 X509v3 Subject Alternative Name:
55 email:email@1.address, email:email@2.address
56
57CONFIGURATION FILES.
58
59The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
60which certificate extensions to include. In each case a line:
61
62x509_extensions = extension_section
63
64indicates which section contains the extensions. In the case of 'req' the
65extension section is used when the -x509 option is present to create a
66self signed root certificate.
67
68The 'x509' utility also supports extensions when it signs a certificate.
69The -extfile option is used to set the configuration file containing the
70extensions. In this case a line with:
71
72extensions = extension_section
73
74in the nameless (default) section is used. If no such line is included then
75it uses the default section.
76
77You can also add extensions to CRLs: a line
78
79crl_extensions = crl_extension_section
80
81will include extensions when the -gencrl option is used with the 'ca' utility.
82You can add any extension to a CRL but of the supported extensions only
83issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
84CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
85CRL entry extensions can be displayed.
86
87NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
88you should not include a crl_extensions line in the configuration file.
89
90As with all configuration files you can use the inbuilt environment expansion
91to allow the values to be passed in the environment. Therefore if you have
92several extension sections used for different purposes you can have a line:
93
94x509_extensions = $ENV::ENV_EXT
95
96and set the ENV_EXT environment variable before calling the relevant utility.
97
98EXTENSION SYNTAX.
99
100Extensions have the basic form:
101
102extension_name=[critical,] extension_options
103
104the use of the critical option makes the extension critical. Extreme caution
105should be made when using the critical flag. If an extension is marked
106as critical then any client that does not understand the extension should
107reject it as invalid. Some broken software will reject certificates which
108have *any* critical extensions (these violates PKIX but we have to live
109with it).
110
111There are three main types of extension: string extensions, multi-valued
112extensions, and raw extensions.
113
114String extensions simply have a string which contains either the value itself
115or how it is obtained.
116
117For example:
118
119nsComment="This is a Comment"
120
121Multi-valued extensions have a short form and a long form. The short form
122is a list of names and values:
123
124basicConstraints=critical,CA:true,pathlen:1
125
126The long form allows the values to be placed in a separate section:
127
128basicConstraints=critical,@bs_section
129
130[bs_section]
131
132CA=true
133pathlen=1
134
135Both forms are equivalent. However it should be noted that in some cases the
136same name can appear multiple times, for example,
137
138subjectAltName=email:steve@here,email:steve@there
139
140in this case an equivalent long form is:
141
142subjectAltName=@alt_section
143
144[alt_section]
145
146email.1=steve@here
147email.2=steve@there
148
149This is because the configuration file code cannot handle the same name
150occurring twice in the same section.
151
152The syntax of raw extensions is governed by the extension code: it can
153for example contain data in multiple sections. The correct syntax to
154use is defined by the extension code itself: check out the certificate
155policies extension for an example.
156
157In addition it is also possible to use the word DER to include arbitrary
158data in any extension.
159
1601.2.3.4=critical,DER:01:02:03:04
1611.2.3.4=DER:01020304
162
163The value following DER is a hex dump of the DER encoding of the extension
164Any extension can be placed in this form to override the default behaviour.
165For example:
166
167basicConstraints=critical,DER:00:01:02:03
168
169WARNING: DER should be used with caution. It is possible to create totally
170invalid extensions unless care is taken.
171
172CURRENTLY SUPPORTED EXTENSIONS.
173
174If you aren't sure about extensions then they can be largely ignored: its only
175when you want to do things like restrict certificate usage when you need to
176worry about them.
177
178The only extension that a beginner might want to look at is Basic Constraints.
179If in addition you want to try Netscape object signing the you should also
180look at Netscape Certificate Type.
181
182Literal String extensions.
183
184In each case the 'value' of the extension is placed directly in the
185extension. Currently supported extensions in this category are: nsBaseUrl,
186nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
187nsSslServerName and nsComment.
188
189For example:
190
191nsComment="This is a test comment"
192
193Bit Strings.
194
195Bit string extensions just consist of a list of supported bits, currently
196two extensions are in this category: PKIX keyUsage and the Netscape specific
197nsCertType.
198
199nsCertType (netscape certificate type) takes the flags: client, server, email,
200objsign, reserved, sslCA, emailCA, objCA.
201
202keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
203keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
204encipherOnly, decipherOnly.
205
206For example:
207
208nsCertType=server
209
210keyUsage=digitalSignature, nonRepudiation
211
212Hints on Netscape Certificate Type.
213
214Other than Basic Constraints this is the only extension a beginner might
215want to use, if you want to try Netscape object signing, otherwise it can
216be ignored.
217
218If you want a certificate that can be used just for object signing then:
219
220nsCertType=objsign
221
222will do the job. If you want to use it as a normal end user and server
223certificate as well then
224
225nsCertType=objsign,email,server
226
227is more appropriate. You cannot use a self signed certificate for object
228signing (well Netscape signtool can but it cheats!) so you need to create
229a CA certificate and sign an end user certificate with it.
230
231Side note: If you want to conform to the Netscape specifications then you
232should really also set:
233
234nsCertType=objCA
235
236in the *CA* certificate for just an object signing CA and
237
238nsCertType=objCA,emailCA,sslCA
239
240for everything. Current Netscape software doesn't enforce this so it can
241be omitted.
242
243Basic Constraints.
244
245This is generally the only extension you need to worry about for simple
246applications. If you want your certificate to be usable as a CA certificate
247(in addition to an end user certificate) then you set this to:
248
249basicConstraints=CA:TRUE
250
251if you want to be certain the certificate cannot be used as a CA then do:
252
253basicConstraints=CA:FALSE
254
255The rest of this section describes more advanced usage.
256
257Basic constraints is a multi-valued extension that supports a CA and an
258optional pathlen option. The CA option takes the values true and false and
259pathlen takes an integer. Note if the CA option is false the pathlen option
260should be omitted.
261
262The pathlen parameter indicates the maximum number of CAs that can appear
263below this one in a chain. So if you have a CA with a pathlen of zero it can
264only be used to sign end user certificates and not further CAs. This all
265assumes that the software correctly interprets this extension of course.
266
267Examples:
268
269basicConstraints=CA:TRUE
270basicConstraints=critical,CA:TRUE, pathlen:0
271
272NOTE: for a CA to be considered valid it must have the CA option set to
273TRUE. An end user certificate MUST NOT have the CA value set to true.
274According to PKIX recommendations it should exclude the extension entirely,
275however some software may require CA set to FALSE for end entity certificates.
276
277Extended Key Usage.
278
279This extensions consists of a list of usages.
280
281These can either be object short names of the dotted numerical form of OIDs.
282While any OID can be used only certain values make sense. In particular the
283following PKIX, NS and MS values are meaningful:
284
285Value Meaning
286----- -------
287serverAuth SSL/TLS Web Server Authentication.
288clientAuth SSL/TLS Web Client Authentication.
289codeSigning Code signing.
290emailProtection E-mail Protection (S/MIME).
291timeStamping Trusted Timestamping
292msCodeInd Microsoft Individual Code Signing (authenticode)
293msCodeCom Microsoft Commercial Code Signing (authenticode)
294msCTLSign Microsoft Trust List Signing
295msSGC Microsoft Server Gated Crypto
296msEFS Microsoft Encrypted File System
297nsSGC Netscape Server Gated Crypto
298
299For example, under IE5 a CA can be used for any purpose: by including a list
300of the above usages the CA can be restricted to only authorised uses.
301
302Note: software packages may place additional interpretations on certificate
303use, in particular some usages may only work for selected CAs. Don't for example
304expect just including msSGC or nsSGC will automatically mean that a certificate
305can be used for SGC ("step up" encryption) otherwise anyone could use it.
306
307Examples:
308
309extendedKeyUsage=critical,codeSigning,1.2.3.4
310extendedKeyUsage=nsSGC,msSGC
311
312Subject Key Identifier.
313
314This is really a string extension and can take two possible values. Either
315a hex string giving details of the extension value to include or the word
316'hash' which then automatically follow PKIX guidelines in selecting and
317appropriate key identifier. The use of the hex string is strongly discouraged.
318
319Example: subjectKeyIdentifier=hash
320
321Authority Key Identifier.
322
323The authority key identifier extension permits two options. keyid and issuer:
324both can take the optional value "always".
325
326If the keyid option is present an attempt is made to copy the subject key
327identifier from the parent certificate. If the value "always" is present
328then an error is returned if the option fails.
329
330The issuer option copies the issuer and serial number from the issuer
331certificate. Normally this will only be done if the keyid option fails or
332is not included: the "always" flag will always include the value.
333
334Subject Alternative Name.
335
336The subject alternative name extension allows various literal values to be
337included in the configuration file. These include "email" (an email address)
338"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
339registered ID: OBJECT IDENTIFIER) and IP (and IP address).
340
341Also the email option include a special 'copy' value. This will automatically
342include and email addresses contained in the certificate subject name in
343the extension.
344
345Examples:
346
347subjectAltName=email:copy,email:my@other.address,URL:http://my.url.here/
348subjectAltName=email:my@other.address,RID:1.2.3.4
349
350Issuer Alternative Name.
351
352The issuer alternative name option supports all the literal options of
353subject alternative name. It does *not* support the email:copy option because
354that would not make sense. It does support an additional issuer:copy option
355that will copy all the subject alternative name values from the issuer
356certificate (if possible).
357
358Example:
359
360issuserAltName = issuer:copy
361
362Authority Info Access.
363
364The authority information access extension gives details about how to access
365certain information relating to the CA. Its syntax is accessOID;location
366where 'location' has the same syntax as subject alternative name (except
367that email:copy is not supported). accessOID can be any valid OID but only
368certain values are meaningful for example OCSP and caIssuers. OCSP gives the
369location of an OCSP responder: this is used by Netscape PSM and other software.
370
371Example:
372
373authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
374authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
375
376CRL distribution points.
377
378This is a multi-valued extension that supports all the literal options of
379subject alternative name. Of the few software packages that currently interpret
380this extension most only interpret the URI option.
381
382Currently each option will set a new DistributionPoint with the fullName
383field set to the given value.
384
385Other fields like cRLissuer and reasons cannot currently be set or displayed:
386at this time no examples were available that used these fields.
387
388If you see this extension with <UNSUPPORTED> when you attempt to print it out
389or it doesn't appear to display correctly then let me know, including the
390certificate (mail me at steve@openssl.org) .
391
392Examples:
393
394crlDistributionPoints=URI:http://www.myhost.com/myca.crl
395crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
396
397Certificate Policies.
398
399This is a RAW extension. It attempts to display the contents of this extension:
400unfortunately this extension is often improperly encoded.
401
402The certificate policies extension will rarely be used in practice: few
403software packages interpret it correctly or at all. IE5 does partially
404support this extension: but it needs the 'ia5org' option because it will
405only correctly support a broken encoding. Of the options below only the
406policy OID, explicitText and CPS options are displayed with IE5.
407
408All the fields of this extension can be set by using the appropriate syntax.
409
410If you follow the PKIX recommendations of not including any qualifiers and just
411using only one OID then you just include the value of that OID. Multiple OIDs
412can be set separated by commas, for example:
413
414certificatePolicies= 1.2.4.5, 1.1.3.4
415
416If you wish to include qualifiers then the policy OID and qualifiers need to
417be specified in a separate section: this is done by using the @section syntax
418instead of a literal OID value.
419
420The section referred to must include the policy OID using the name
421policyIdentifier, cPSuri qualifiers can be included using the syntax:
422
423CPS.nnn=value
424
425userNotice qualifiers can be set using the syntax:
426
427userNotice.nnn=@notice
428
429The value of the userNotice qualifier is specified in the relevant section.
430This section can include explicitText, organization and noticeNumbers
431options. explicitText and organization are text strings, noticeNumbers is a
432comma separated list of numbers. The organization and noticeNumbers options
433(if included) must BOTH be present. If you use the userNotice option with IE5
434then you need the 'ia5org' option at the top level to modify the encoding:
435otherwise it will not be interpreted properly.
436
437Example:
438
439certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
440
441[polsect]
442
443policyIdentifier = 1.3.5.8
444CPS.1="http://my.host.name/"
445CPS.2="http://my.your.name/"
446userNotice.1=@notice
447
448[notice]
449
450explicitText="Explicit Text Here"
451organization="Organisation Name"
452noticeNumbers=1,2,3,4
453
454TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
455according to PKIX it should be of type DisplayText but Verisign uses an
456IA5STRING and IE5 needs this too.
457
458Display only extensions.
459
460Some extensions are only partially supported and currently are only displayed
461but cannot be set. These include private key usage period, CRL number, and
462CRL reason.
463
464==============================================================================
465 X509V3 Extension code: programmers guide
466==============================================================================
467
468The purpose of the extension code is twofold. It allows an extension to be
469created from a string or structure describing its contents and it prints out an
470extension in a human or machine readable form.
471
4721. Initialisation and cleanup.
473
474No special initialisation is needed before calling the extension functions.
475You used to have to call X509V3_add_standard_extensions(); but this is no longer
476required and this function no longer does anything.
477
478void X509V3_EXT_cleanup(void);
479
480This function should be called to cleanup the extension code if any custom
481extensions have been added. If no custom extensions have been added then this
482call does nothing. After this call all custom extension code is freed up but
483you can still use the standard extensions.
484
4852. Printing and parsing extensions.
486
487The simplest way to print out extensions is via the standard X509 printing
488routines: if you use the standard X509_print() function, the supported
489extensions will be printed out automatically.
490
491The following functions allow finer control over extension display:
492
493int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
494int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
495
496These two functions print out an individual extension to a BIO or FILE pointer.
497Currently the flag argument is unused and should be set to 0. The 'indent'
498argument is the number of spaces to indent each line.
499
500void *X509V3_EXT_d2i(X509_EXTENSION *ext);
501
502This function parses an extension and returns its internal structure. The
503precise structure you get back depends on the extension being parsed. If the
504extension if basicConstraints you will get back a pointer to a
505BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
506details about the structures returned. The returned structure should be freed
507after use using the relevant free function, BASIC_CONSTRAINTS_free() for
508example.
509
510void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
511void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
512void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
513void * X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
514
515These functions combine the operations of searching for extensions and
516parsing them. They search a certificate, a CRL a CRL entry or a stack
517of extensions respectively for extension whose NID is 'nid' and return
518the parsed result of NULL if an error occurred. For example:
519
520BASIC_CONSTRAINTS *bs;
521bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
522
523This will search for the basicConstraints extension and either return
524it value or NULL. NULL can mean either the extension was not found, it
525occurred more than once or it could not be parsed.
526
527If 'idx' is NULL then an extension is only parsed if it occurs precisely
528once. This is standard behaviour because extensions normally cannot occur
529more than once. If however more than one extension of the same type can
530occur it can be used to parse successive extensions for example:
531
532int i;
533void *ext;
534
535i = -1;
536for(;;) {
537 ext = X509_get_ext_d2i(x, nid, crit, &idx);
538 if(ext == NULL) break;
539 /* Do something with ext */
540}
541
542If 'crit' is not NULL and the extension was found then the int it points to
543is set to 1 for critical extensions and 0 for non critical. Therefore if the
544function returns NULL but 'crit' is set to 0 or 1 then the extension was
545found but it could not be parsed.
546
547The int pointed to by crit will be set to -1 if the extension was not found
548and -2 if the extension occurred more than once (this will only happen if
549idx is NULL). In both cases the function will return NULL.
550
5513. Generating extensions.
552
553An extension will typically be generated from a configuration file, or some
554other kind of configuration database.
555
556int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
557 X509 *cert);
558int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
559 X509_CRL *crl);
560
561These functions add all the extensions in the given section to the given
562certificate or CRL. They will normally be called just before the certificate
563or CRL is due to be signed. Both return 0 on error on non zero for success.
564
565In each case 'conf' is the LHASH pointer of the configuration file to use
566and 'section' is the section containing the extension details.
567
568See the 'context functions' section for a description of the ctx parameter.
569
570
571X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
572 char *value);
573
574This function returns an extension based on a name and value pair, if the
575pair will not need to access other sections in a config file (or there is no
576config file) then the 'conf' parameter can be set to NULL.
577
578X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
579 char *value);
580
581This function creates an extension in the same way as X509V3_EXT_conf() but
582takes the NID of the extension rather than its name.
583
584For example to produce basicConstraints with the CA flag and a path length of
58510:
586
587x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
588
589
590X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
591
592This function sets up an extension from its internal structure. The ext_nid
593parameter is the NID of the extension and 'crit' is the critical flag.
594
5954. Context functions.
596
597The following functions set and manipulate an extension context structure.
598The purpose of the extension context is to allow the extension code to
599access various structures relating to the "environment" of the certificate:
600for example the issuers certificate or the certificate request.
601
602void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
603 X509_REQ *req, X509_CRL *crl, int flags);
604
605This function sets up an X509V3_CTX structure with details of the certificate
606environment: specifically the issuers certificate, the subject certificate,
607the certificate request and the CRL: if these are not relevant or not
608available then they can be set to NULL. The 'flags' parameter should be set
609to zero.
610
611X509V3_set_ctx_test(ctx)
612
613This macro is used to set the 'ctx' structure to a 'test' value: this is to
614allow the syntax of an extension (or configuration file) to be tested.
615
616X509V3_set_ctx_nodb(ctx)
617
618This macro is used when no configuration database is present.
619
620void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
621
622This function is used to set the configuration database when it is an LHASH
623structure: typically a configuration file.
624
625The following functions are used to access a configuration database: they
626should only be used in RAW extensions.
627
628char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
629
630This function returns the value of the parameter "name" in "section", or NULL
631if there has been an error.
632
633void X509V3_string_free(X509V3_CTX *ctx, char *str);
634
635This function frees up the string returned by the above function.
636
637STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
638
639This function returns a whole section as a STACK_OF(CONF_VALUE) .
640
641void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
642
643This function frees up the STACK returned by the above function.
644
645Note: it is possible to use the extension code with a custom configuration
646database. To do this the "db_meth" element of the X509V3_CTX structure should
647be set to an X509V3_CTX_METHOD structure. This structure contains the following
648function pointers:
649
650char * (*get_string)(void *db, char *section, char *value);
651STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
652void (*free_string)(void *db, char * string);
653void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
654
655these will be called and passed the 'db' element in the X509V3_CTX structure
656to access the database. If a given function is not implemented or not required
657it can be set to NULL.
658
6595. String helper functions.
660
661There are several "i2s" and "s2i" functions that convert structures to and
662from ASCII strings. In all the "i2s" cases the returned string should be
663freed using Free() after use. Since some of these are part of other extension
664code they may take a 'method' parameter. Unless otherwise stated it can be
665safely set to NULL.
666
667char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
668
669This returns a hex string from an ASN1_OCTET_STRING.
670
671char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
672char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
673
674These return a string decimal representations of an ASN1_INTEGER and an
675ASN1_ENUMERATED type, respectively.
676
677ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
678 X509V3_CTX *ctx, char *str);
679
680This converts an ASCII hex string to an ASN1_OCTET_STRING.
681
682ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
683
684This converts a decimal ASCII string into an ASN1_INTEGER.
685
6866. Multi valued extension helper functions.
687
688The following functions can be used to manipulate STACKs of CONF_VALUE
689structures, as used by multi valued extensions.
690
691int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
692
693This function expects a boolean value in 'value' and sets 'asn1_bool' to
694it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
695strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
696"false", "N", "n", "NO" or "no".
697
698int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
699
700This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
701
702int X509V3_add_value(const char *name, const char *value,
703 STACK_OF(CONF_VALUE) **extlist);
704
705This simply adds a string name and value pair.
706
707int X509V3_add_value_uchar(const char *name, const unsigned char *value,
708 STACK_OF(CONF_VALUE) **extlist);
709
710The same as above but for an unsigned character value.
711
712int X509V3_add_value_bool(const char *name, int asn1_bool,
713 STACK_OF(CONF_VALUE) **extlist);
714
715This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
716
717int X509V3_add_value_bool_nf(char *name, int asn1_bool,
718 STACK_OF(CONF_VALUE) **extlist);
719
720This is the same as above except it adds nothing if asn1_bool is FALSE.
721
722int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
723 STACK_OF(CONF_VALUE) **extlist);
724
725This function adds the value of the ASN1_INTEGER in decimal form.
726
7277. Other helper functions.
728
729<to be added>
730
731ADDING CUSTOM EXTENSIONS.
732
733Currently there are three types of supported extensions.
734
735String extensions are simple strings where the value is placed directly in the
736extensions, and the string returned is printed out.
737
738Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
739or return a STACK_OF(CONF_VALUE).
740
741Raw extensions are just passed a BIO or a value and it is the extensions
742responsibility to handle all the necessary printing.
743
744There are two ways to add an extension. One is simply as an alias to an already
745existing extension. An alias is an extension that is identical in ASN1 structure
746to an existing extension but has a different OBJECT IDENTIFIER. This can be
747done by calling:
748
749int X509V3_EXT_add_alias(int nid_to, int nid_from);
750
751'nid_to' is the new extension NID and 'nid_from' is the already existing
752extension NID.
753
754Alternatively an extension can be written from scratch. This involves writing
755the ASN1 code to encode and decode the extension and functions to print out and
756generate the extension from strings. The relevant functions are then placed in
757a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
758called.
759
760The X509V3_EXT_METHOD structure is described below.
761
762strut {
763int ext_nid;
764int ext_flags;
765X509V3_EXT_NEW ext_new;
766X509V3_EXT_FREE ext_free;
767X509V3_EXT_D2I d2i;
768X509V3_EXT_I2D i2d;
769X509V3_EXT_I2S i2s;
770X509V3_EXT_S2I s2i;
771X509V3_EXT_I2V i2v;
772X509V3_EXT_V2I v2i;
773X509V3_EXT_R2I r2i;
774X509V3_EXT_I2R i2r;
775
776void *usr_data;
777};
778
779The elements have the following meanings.
780
781ext_nid is the NID of the object identifier of the extension.
782
783ext_flags is set of flags. Currently the only external flag is
784 X509V3_EXT_MULTILINE which means a multi valued extensions
785 should be printed on separate lines.
786
787usr_data is an extension specific pointer to any relevant data. This
788 allows extensions to share identical code but have different
789 uses. An example of this is the bit string extension which uses
790 usr_data to contain a list of the bit names.
791
792All the remaining elements are function pointers.
793
794ext_new is a pointer to a function that allocates memory for the
795 extension ASN1 structure: for example ASN1_OBJECT_new().
796
797ext_free is a pointer to a function that free up memory of the extension
798 ASN1 structure: for example ASN1_OBJECT_free().
799
800d2i is the standard ASN1 function that converts a DER buffer into
801 the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
802
803i2d is the standard ASN1 function that converts the internal
804 structure into the DER representation: for example
805 i2d_ASN1_IA5STRING().
806
807The remaining functions are depend on the type of extension. One i2X and
808one X2i should be set and the rest set to NULL. The types set do not need
809to match up, for example the extension could be set using the multi valued
810v2i function and printed out using the raw i2r.
811
812All functions have the X509V3_EXT_METHOD passed to them in the 'method'
813parameter and an X509V3_CTX structure. Extension code can then access the
814parent structure via the 'method' parameter to for example make use of the value
815of usr_data. If the code needs to use detail relating to the request it can
816use the 'ctx' parameter.
817
818A note should be given here about the 'flags' member of the 'ctx' parameter.
819If it has the value CTX_TEST then the configuration syntax is being checked
820and no actual certificate or CRL exists. Therefore any attempt in the config
821file to access such information should silently succeed. If the syntax is OK
822then it should simply return a (possibly bogus) extension, otherwise it
823should return NULL.
824
825char *i2s(struct v3_ext_method *method, void *ext);
826
827This function takes the internal structure in the ext parameter and returns
828a Malloc'ed string representing its value.
829
830void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
831
832This function takes the string representation in the ext parameter and returns
833an allocated internal structure: ext_free() will be used on this internal
834structure after use.
835
836i2v and v2i handle a STACK_OF(CONF_VALUE):
837
838typedef struct
839{
840 char *section;
841 char *name;
842 char *value;
843} CONF_VALUE;
844
845Only the name and value members are currently used.
846
847STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
848
849This function is passed the internal structure in the ext parameter and
850returns a STACK of CONF_VALUE structures. The values of name, value,
851section and the structure itself will be freed up with Free after use.
852Several helper functions are available to add values to this STACK.
853
854void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
855 STACK_OF(CONF_VALUE) *values);
856
857This function takes a STACK_OF(CONF_VALUE) structures and should set the
858values of the external structure. This typically uses the name element to
859determine which structure element to set and the value element to determine
860what to set it to. Several helper functions are available for this
861purpose (see above).
862
863int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
864
865This function is passed the internal extension structure in the ext parameter
866and sends out a human readable version of the extension to out. The 'indent'
867parameter should be noted to determine the necessary amount of indentation
868needed on the output.
869
870void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
871
872This is just passed the string representation of the extension. It is intended
873to be used for more elaborate extensions where the standard single and multi
874valued options are insufficient. They can use the 'ctx' parameter to parse the
875configuration database themselves. See the context functions section for details
876of how to do this.
877
878Note: although this type takes the same parameters as the "r2s" function there
879is a subtle difference. Whereas an "r2i" function can access a configuration
880database an "s2i" function MUST NOT. This is so the internal code can safely
881assume that an "s2i" function will work without a configuration database.
882
883==============================================================================
884 PKCS#12 Library
885==============================================================================
886
887This section describes the internal PKCS#12 support. There are very few
888differences between the old external library and the new internal code at
889present. This may well change because the external library will not be updated
890much in future.
891
892This version now includes a couple of high level PKCS#12 functions which
893generally "do the right thing" and should make it much easier to handle PKCS#12
894structures.
895
896HIGH LEVEL FUNCTIONS.
897
898For most applications you only need concern yourself with the high level
899functions. They can parse and generate simple PKCS#12 files as produced by
900Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
901private key and certificate pair.
902
9031. Initialisation and cleanup.
904
905No special initialisation is needed for the internal PKCS#12 library: the
906standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
907add all algorithms (you should at least add SHA1 though) then you can manually
908initialise the PKCS#12 library with:
909
910PKCS12_PBE_add();
911
912The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
913called or it can be directly freed with:
914
915EVP_PBE_cleanup();
916
917after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
918be called.
919
9202. I/O functions.
921
922i2d_PKCS12_bio(bp, p12)
923
924This writes out a PKCS12 structure to a BIO.
925
926i2d_PKCS12_fp(fp, p12)
927
928This is the same but for a FILE pointer.
929
930d2i_PKCS12_bio(bp, p12)
931
932This reads in a PKCS12 structure from a BIO.
933
934d2i_PKCS12_fp(fp, p12)
935
936This is the same but for a FILE pointer.
937
9383. High level functions.
939
9403.1 Parsing with PKCS12_parse().
941
942int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
943 STACK **ca);
944
945This function takes a PKCS12 structure and a password (ASCII, null terminated)
946and returns the private key, the corresponding certificate and any CA
947certificates. If any of these is not required it can be passed as a NULL.
948The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
949structure. Typically to read in a PKCS#12 file you might do:
950
951p12 = d2i_PKCS12_fp(fp, NULL);
952PKCS12_parse(p12, password, &pkey, &cert, NULL); /* CAs not wanted */
953PKCS12_free(p12);
954
9553.2 PKCS#12 creation with PKCS12_create().
956
957PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
958 STACK *ca, int nid_key, int nid_cert, int iter,
959 int mac_iter, int keytype);
960
961This function will create a PKCS12 structure from a given password, name,
962private key, certificate and optional STACK of CA certificates. The remaining
9635 parameters can be set to 0 and sensible defaults will be used.
964
965The parameters nid_key and nid_cert are the key and certificate encryption
966algorithms, iter is the encryption iteration count, mac_iter is the MAC
967iteration count and keytype is the type of private key. If you really want
968to know what these last 5 parameters do then read the low level section.
969
970Typically to create a PKCS#12 file the following could be used:
971
972p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
973i2d_PKCS12_fp(fp, p12);
974PKCS12_free(p12);
975
9763.3 Changing a PKCS#12 structure password.
977
978int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
979
980This changes the password of an already existing PKCS#12 structure. oldpass
981is the old password and newpass is the new one. An error occurs if the old
982password is incorrect.
983
984LOW LEVEL FUNCTIONS.
985
986In some cases the high level functions do not provide the necessary
987functionality. For example if you want to generate or parse more complex
988PKCS#12 files. The sample pkcs12 application uses the low level functions
989to display details about the internal structure of a PKCS#12 file.
990
991Introduction.
992
993This is a brief description of how a PKCS#12 file is represented internally:
994some knowledge of PKCS#12 is assumed.
995
996A PKCS#12 object contains several levels.
997
998At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
999CRL, a private key, encrypted or unencrypted, a set of safebags (so the
1000structure can be nested) or other secrets (not documented at present).
1001A safebag can optionally have attributes, currently these are: a unicode
1002friendlyName (a Unicode string) or a localKeyID (a string of bytes).
1003
1004At the next level is an authSafe which is a set of safebags collected into
1005a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
1006
1007At the top level is the PKCS12 structure itself which contains a set of
1008authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
1009contains a MAC which is a kind of password protected digest to preserve
1010integrity (so any unencrypted stuff below can't be tampered with).
1011
1012The reason for these levels is so various objects can be encrypted in various
1013ways. For example you might want to encrypt a set of private keys with
1014triple-DES and then include the related certificates either unencrypted or
1015with lower encryption. Yes it's the dreaded crypto laws at work again which
1016allow strong encryption on private keys and only weak encryption on other
1017stuff.
1018
1019To build one of these things you turn all certificates and keys into safebags
1020(with optional attributes). You collect the safebags into (one or more) STACKS
1021and convert these into authsafes (encrypted or unencrypted). The authsafes
1022are collected into a STACK and added to a PKCS12 structure. Finally a MAC
1023inserted.
1024
1025Pulling one apart is basically the reverse process. The MAC is verified against
1026the given password. The authsafes are extracted and each authsafe split into
1027a set of safebags (possibly involving decryption). Finally the safebags are
1028decomposed into the original keys and certificates and the attributes used to
1029match up private key and certificate pairs.
1030
1031Anyway here are the functions that do the dirty work.
1032
10331. Construction functions.
1034
10351.1 Safebag functions.
1036
1037M_PKCS12_x5092certbag(x509)
1038
1039This macro takes an X509 structure and returns a certificate bag. The
1040X509 structure can be freed up after calling this function.
1041
1042M_PKCS12_x509crl2certbag(crl)
1043
1044As above but for a CRL.
1045
1046PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
1047
1048Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
1049Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
1050structure contains a private key data in plain text form it should be free'd
1051up as soon as it has been encrypted for security reasons (freeing up the
1052structure zeros out the sensitive data). This can be done with
1053PKCS8_PRIV_KEY_INFO_free().
1054
1055PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
1056
1057This sets the key type when a key is imported into MSIE or Outlook 98. Two
1058values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
1059key that can also be used for signing but its size is limited in the export
1060versions of MS software to 512 bits, it is also the default. KEY_SIG is a
1061signing only key but the keysize is unlimited (well 16K is supposed to work).
1062If you are using the domestic version of MSIE then you can ignore this because
1063KEY_EX is not limited and can be used for both.
1064
1065PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
1066
1067Convert a PKCS8 private key structure into a keybag. This routine embeds the
1068p8 structure in the keybag so p8 should not be freed up or used after it is
1069called. The p8 structure will be freed up when the safebag is freed.
1070
1071PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
1072
1073Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
1074embedded and can be freed up after use.
1075
1076int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
1077int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
1078
1079Add a local key id or a friendlyname to a safebag.
1080
10811.2 Authsafe functions.
1082
1083PKCS7 *PKCS12_pack_p7data(STACK *sk)
1084Take a stack of safebags and convert them into an unencrypted authsafe. The
1085stack of safebags can be freed up after calling this function.
1086
1087PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
1088
1089As above but encrypted.
1090
10911.3 PKCS12 functions.
1092
1093PKCS12 *PKCS12_init(int mode)
1094
1095Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
1096
1097M_PKCS12_pack_authsafes(p12, safes)
1098
1099This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
1100
1101int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
1102
1103Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
1104that SHA-1 should be used.
1105
11062. Extraction Functions.
1107
11082.1 Safebags.
1109
1110M_PKCS12_bag_type(bag)
1111
1112Return the type of "bag". Returns one of the following
1113
1114NID_keyBag
1115NID_pkcs8ShroudedKeyBag 7
1116NID_certBag 8
1117NID_crlBag 9
1118NID_secretBag 10
1119NID_safeContentsBag 11
1120
1121M_PKCS12_cert_bag_type(bag)
1122
1123Returns type of certificate bag, following are understood.
1124
1125NID_x509Certificate 14
1126NID_sdsiCertificate 15
1127
1128M_PKCS12_crl_bag_type(bag)
1129
1130Returns crl bag type, currently only NID_crlBag is recognised.
1131
1132M_PKCS12_certbag2x509(bag)
1133
1134This macro extracts an X509 certificate from a certificate bag.
1135
1136M_PKCS12_certbag2x509crl(bag)
1137
1138As above but for a CRL.
1139
1140EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
1141
1142Extract a private key from a PKCS8 private key info structure.
1143
1144M_PKCS12_decrypt_skey(bag, pass, passlen)
1145
1146Decrypt a shrouded key bag and return a PKCS8 private key info structure.
1147Works with both RSA and DSA keys
1148
1149char *PKCS12_get_friendlyname(bag)
1150
1151Returns the friendlyName of a bag if present or NULL if none. The returned
1152string is a null terminated ASCII string allocated with Malloc(). It should
1153thus be freed up with Free() after use.
1154
11552.2 AuthSafe functions.
1156
1157M_PKCS12_unpack_p7data(p7)
1158
1159Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
1160
1161#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
1162
1163As above but for an encrypted content info.
1164
11652.3 PKCS12 functions.
1166
1167M_PKCS12_unpack_authsafes(p12)
1168
1169Extract a STACK of authsafes from a PKCS12 structure.
1170
1171M_PKCS12_mac_present(p12)
1172
1173Check to see if a MAC is present.
1174
1175int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
1176
1177Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
1178
1179
1180Notes.
1181
11821. All the function return 0 or NULL on error.
11832. Encryption based functions take a common set of parameters. These are
1184described below.
1185
1186pass, passlen
1187ASCII password and length. The password on the MAC is called the "integrity
1188password" the encryption password is called the "privacy password" in the
1189PKCS#12 documentation. The passwords do not have to be the same. If -1 is
1190passed for the length it is worked out by the function itself (currently
1191this is sometimes done whatever is passed as the length but that may change).
1192
1193salt, saltlen
1194A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
1195default length is used.
1196
1197iter
1198Iteration count. This is a measure of how many times an internal function is
1199called to encrypt the data. The larger this value is the longer it takes, it
1200makes dictionary attacks on passwords harder. NOTE: Some implementations do
1201not support an iteration count on the MAC. If the password for the MAC and
1202encryption is the same then there is no point in having a high iteration
1203count for encryption if the MAC has no count. The MAC could be attacked
1204and the password used for the main decryption.
1205
1206pbe_nid
1207This is the NID of the password based encryption method used. The following are
1208supported.
1209NID_pbe_WithSHA1And128BitRC4
1210NID_pbe_WithSHA1And40BitRC4
1211NID_pbe_WithSHA1And3_Key_TripleDES_CBC
1212NID_pbe_WithSHA1And2_Key_TripleDES_CBC
1213NID_pbe_WithSHA1And128BitRC2_CBC
1214NID_pbe_WithSHA1And40BitRC2_CBC
1215
1216Which you use depends on the implementation you are exporting to. "Export
1217grade" (i.e. cryptographically challenged) products cannot support all
1218algorithms. Typically you may be able to use any encryption on shrouded key
1219bags but they must then be placed in an unencrypted authsafe. Other authsafes
1220may only support 40bit encryption. Of course if you are using SSLeay
1221throughout you can strongly encrypt everything and have high iteration counts
1222on everything.
1223
12243. For decryption routines only the password and length are needed.
1225
12264. Unlike the external version the nid's of objects are the values of the
1227constants: that is NID_certBag is the real nid, therefore there is no
1228PKCS12_obj_offset() function. Note the object constants are not the same as
1229those of the external version. If you use these constants then you will need
1230to recompile your code.
1231
12325. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or
1233macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
1234reused or freed up safely.
1235
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt
deleted file mode 100644
index 61ccc5d7e0..0000000000
--- a/src/lib/libssl/doc/standards.txt
+++ /dev/null
@@ -1,121 +0,0 @@
1Standards related to OpenSSL
2============================
3
4[Please, this is currently a draft. I made a first try at finding
5 documents that describe parts of what OpenSSL implements. There are
6 big gaps, and I've most certainly done something wrong. Please
7 correct whatever is... Also, this note should be removed when this
8 file is reaching a somewhat correct state. -- Richard Levitte]
9
10
11All pointers in here will be either URL's or blobs of text borrowed
12from miscellaneous indexes, like rfc-index.txt (index of RFCs),
131id-index.txt (index of Internet drafts) and the like.
14
15To find the latest possible RFCs, it's recommended to either browse
16ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
17use the search mechanism found there.
18To find the latest possible Internet drafts, it's recommended to
19browse ftp://ftp.isi.edu/internet-drafts/.
20To find the latest possible PKCS, it's recommended to browse
21http://www.rsasecurity.com/rsalabs/pkcs/.
22
23
24Implemented:
25------------
26
27These are documents that describe things that are implemented in OpenSSL.
28
291319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
30 (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
31
321320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
33 TXT=32407 bytes) (Status: INFORMATIONAL)
34
351321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
36 TXT=35222 bytes) (Status: INFORMATIONAL)
37
382246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
39 (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
40
412268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
42 January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
43
442314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski.
45 March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL)
46
472315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
48 March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
49
502437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski,
51 J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes
52 RFC2313) (Status: INFORMATIONAL)
53
542459 Internet X.509 Public Key Infrastructure Certificate and CRL
55 Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999.
56 (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD)
57
58PKCS#8: Private-Key Information Syntax Standard
59
60PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
61
62
63Related:
64--------
65
66These are documents that are close to OpenSSL, for example the
67STARTTLS documents.
68
691421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
70 Encryption and Authentication Procedures. J. Linn. February 1993.
71 (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
72 STANDARD)
73
741422 Privacy Enhancement for Internet Electronic Mail: Part II:
75 Certificate-Based Key Management. S. Kent. February 1993. (Format:
76 TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
77
781423 Privacy Enhancement for Internet Electronic Mail: Part III:
79 Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
80 (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
81 STANDARD)
82
831424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
84 Certification and Related Services. B. Kaliski. February 1993.
85 (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
86
872487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman.
88 January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD)
89
902585 Internet X.509 Public Key Infrastructure Operational Protocols:
91 FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
92 bytes) (Status: PROPOSED STANDARD)
93
942595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
95 (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
96
972712 Addition of Kerberos Cipher Suites to Transport Layer Security
98 (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
99 (Status: PROPOSED STANDARD)
100
1012817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
102 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
103 STANDARD)
104
1052818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
106 (Status: INFORMATIONAL)
107
108 "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>
109
110
111To be implemented:
112------------------
113
114These are documents that describe things that are planed to be
115implemented in the hopefully short future.
116
1172560 X.509 Internet Public Key Infrastructure Online Certificate
118 Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
119 C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
120 STANDARD)
121
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
deleted file mode 100644
index 5050a13ef2..0000000000
--- a/src/lib/libssl/s23_clnt.c
+++ /dev/null
@@ -1,475 +0,0 @@
1/* ssl/s23_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "ssl_locl.h"
65
66static SSL_METHOD *ssl23_get_client_method(int ver);
67static int ssl23_client_hello(SSL *s);
68static int ssl23_get_server_hello(SSL *s);
69static SSL_METHOD *ssl23_get_client_method(int ver)
70 {
71#ifndef NO_SSL2
72 if (ver == SSL2_VERSION)
73 return(SSLv2_client_method());
74#endif
75 if (ver == SSL3_VERSION)
76 return(SSLv3_client_method());
77 else if (ver == TLS1_VERSION)
78 return(TLSv1_client_method());
79 else
80 return(NULL);
81 }
82
83SSL_METHOD *SSLv23_client_method(void)
84 {
85 static int init=1;
86 static SSL_METHOD SSLv23_client_data;
87
88 if (init)
89 {
90 memcpy((char *)&SSLv23_client_data,
91 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
92 SSLv23_client_data.ssl_connect=ssl23_connect;
93 SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
94 init=0;
95 }
96 return(&SSLv23_client_data);
97 }
98
99int ssl23_connect(SSL *s)
100 {
101 BUF_MEM *buf;
102 unsigned long Time=time(NULL);
103 void (*cb)()=NULL;
104 int ret= -1;
105 int new_state,state;
106
107 RAND_add(&Time,sizeof(Time),0);
108 ERR_clear_error();
109 clear_sys_error();
110
111 if (s->info_callback != NULL)
112 cb=s->info_callback;
113 else if (s->ctx->info_callback != NULL)
114 cb=s->ctx->info_callback;
115
116 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
117 s->in_handshake++;
118
119 for (;;)
120 {
121 state=s->state;
122
123 switch(s->state)
124 {
125 case SSL_ST_BEFORE:
126 case SSL_ST_CONNECT:
127 case SSL_ST_BEFORE|SSL_ST_CONNECT:
128 case SSL_ST_OK|SSL_ST_CONNECT:
129
130 if (s->session != NULL)
131 {
132 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);
133 ret= -1;
134 goto end;
135 }
136 s->server=0;
137 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
138
139 /* s->version=TLS1_VERSION; */
140 s->type=SSL_ST_CONNECT;
141
142 if (s->init_buf == NULL)
143 {
144 if ((buf=BUF_MEM_new()) == NULL)
145 {
146 ret= -1;
147 goto end;
148 }
149 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
150 {
151 ret= -1;
152 goto end;
153 }
154 s->init_buf=buf;
155 }
156
157 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
158
159 ssl3_init_finished_mac(s);
160
161 s->state=SSL23_ST_CW_CLNT_HELLO_A;
162 s->ctx->stats.sess_connect++;
163 s->init_num=0;
164 break;
165
166 case SSL23_ST_CW_CLNT_HELLO_A:
167 case SSL23_ST_CW_CLNT_HELLO_B:
168
169 s->shutdown=0;
170 ret=ssl23_client_hello(s);
171 if (ret <= 0) goto end;
172 s->state=SSL23_ST_CR_SRVR_HELLO_A;
173 s->init_num=0;
174
175 break;
176
177 case SSL23_ST_CR_SRVR_HELLO_A:
178 case SSL23_ST_CR_SRVR_HELLO_B:
179 ret=ssl23_get_server_hello(s);
180 if (ret >= 0) cb=NULL;
181 goto end;
182 /* break; */
183
184 default:
185 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
186 ret= -1;
187 goto end;
188 /* break; */
189 }
190
191 if (s->debug) { (void)BIO_flush(s->wbio); }
192
193 if ((cb != NULL) && (s->state != state))
194 {
195 new_state=s->state;
196 s->state=state;
197 cb(s,SSL_CB_CONNECT_LOOP,1);
198 s->state=new_state;
199 }
200 }
201end:
202 s->in_handshake--;
203 if (cb != NULL)
204 cb(s,SSL_CB_CONNECT_EXIT,ret);
205 return(ret);
206 }
207
208
209static int ssl23_client_hello(SSL *s)
210 {
211 unsigned char *buf;
212 unsigned char *p,*d;
213 int i,ch_len;
214
215 buf=(unsigned char *)s->init_buf->data;
216 if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
217 {
218#if 0
219 /* don't reuse session-id's */
220 if (!ssl_get_new_session(s,0))
221 {
222 return(-1);
223 }
224#endif
225
226 p=s->s3->client_random;
227 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
228
229 /* Do the message type and length last */
230 d= &(buf[2]);
231 p=d+9;
232
233 *(d++)=SSL2_MT_CLIENT_HELLO;
234 if (!(s->options & SSL_OP_NO_TLSv1))
235 {
236 *(d++)=TLS1_VERSION_MAJOR;
237 *(d++)=TLS1_VERSION_MINOR;
238 s->client_version=TLS1_VERSION;
239 }
240 else if (!(s->options & SSL_OP_NO_SSLv3))
241 {
242 *(d++)=SSL3_VERSION_MAJOR;
243 *(d++)=SSL3_VERSION_MINOR;
244 s->client_version=SSL3_VERSION;
245 }
246 else if (!(s->options & SSL_OP_NO_SSLv2))
247 {
248 *(d++)=SSL2_VERSION_MAJOR;
249 *(d++)=SSL2_VERSION_MINOR;
250 s->client_version=SSL2_VERSION;
251 }
252 else
253 {
254 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
255 return(-1);
256 }
257
258 /* Ciphers supported */
259 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
260 if (i == 0)
261 {
262 /* no ciphers */
263 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
264 return(-1);
265 }
266 s2n(i,d);
267 p+=i;
268
269 /* put in the session-id, zero since there is no
270 * reuse. */
271#if 0
272 s->session->session_id_length=0;
273#endif
274 s2n(0,d);
275
276 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
277 ch_len=SSL2_CHALLENGE_LENGTH;
278 else
279 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
280
281 /* write out sslv2 challenge */
282 if (SSL3_RANDOM_SIZE < ch_len)
283 i=SSL3_RANDOM_SIZE;
284 else
285 i=ch_len;
286 s2n(i,d);
287 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
288 RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
289 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
290 p+=i;
291
292 i= p- &(buf[2]);
293 buf[0]=((i>>8)&0xff)|0x80;
294 buf[1]=(i&0xff);
295
296 s->state=SSL23_ST_CW_CLNT_HELLO_B;
297 /* number of bytes to write */
298 s->init_num=i+2;
299 s->init_off=0;
300
301 ssl3_finish_mac(s,&(buf[2]),i);
302 }
303
304 /* SSL3_ST_CW_CLNT_HELLO_B */
305 return(ssl23_write_bytes(s));
306 }
307
308static int ssl23_get_server_hello(SSL *s)
309 {
310 char buf[8];
311 unsigned char *p;
312 int i;
313 int n;
314
315 n=ssl23_read_bytes(s,7);
316
317 if (n != 7) return(n);
318 p=s->packet;
319
320 memcpy(buf,p,n);
321
322 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
323 (p[5] == 0x00) && (p[6] == 0x02))
324 {
325#ifdef NO_SSL2
326 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
327 goto err;
328#else
329 /* we are talking sslv2 */
330 /* we need to clean up the SSLv3 setup and put in the
331 * sslv2 stuff. */
332 int ch_len;
333
334 if (s->options & SSL_OP_NO_SSLv2)
335 {
336 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
337 goto err;
338 }
339 if (s->s2 == NULL)
340 {
341 if (!ssl2_new(s))
342 goto err;
343 }
344 else
345 ssl2_clear(s);
346
347 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
348 ch_len=SSL2_CHALLENGE_LENGTH;
349 else
350 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
351
352 /* write out sslv2 challenge */
353 i=(SSL3_RANDOM_SIZE < ch_len)
354 ?SSL3_RANDOM_SIZE:ch_len;
355 s->s2->challenge_length=i;
356 memcpy(s->s2->challenge,
357 &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
358
359 if (s->s3 != NULL) ssl3_free(s);
360
361 if (!BUF_MEM_grow(s->init_buf,
362 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
363 {
364 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
365 goto err;
366 }
367
368 s->state=SSL2_ST_GET_SERVER_HELLO_A;
369 if (!(s->client_version == SSL2_VERSION))
370 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
371 s->s2->ssl2_rollback=1;
372
373 /* setup the 5 bytes we have read so we get them from
374 * the sslv2 buffer */
375 s->rstate=SSL_ST_READ_HEADER;
376 s->packet_length=n;
377 s->packet= &(s->s2->rbuf[0]);
378 memcpy(s->packet,buf,n);
379 s->s2->rbuf_left=n;
380 s->s2->rbuf_offs=0;
381
382 /* we have already written one */
383 s->s2->write_sequence=1;
384
385 s->method=SSLv2_client_method();
386 s->handshake_func=s->method->ssl_connect;
387#endif
388 }
389 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
390 (p[1] == SSL3_VERSION_MAJOR) &&
391 ((p[2] == SSL3_VERSION_MINOR) ||
392 (p[2] == TLS1_VERSION_MINOR)) &&
393 (p[5] == SSL3_MT_SERVER_HELLO))
394 {
395 /* we have sslv3 or tls1 */
396
397 if (!ssl_init_wbio_buffer(s,1)) goto err;
398
399 /* we are in this state */
400 s->state=SSL3_ST_CR_SRVR_HELLO_A;
401
402 /* put the 5 bytes we have read into the input buffer
403 * for SSLv3 */
404 s->rstate=SSL_ST_READ_HEADER;
405 s->packet_length=n;
406 s->packet= &(s->s3->rbuf.buf[0]);
407 memcpy(s->packet,buf,n);
408 s->s3->rbuf.left=n;
409 s->s3->rbuf.offset=0;
410
411 if ((p[2] == SSL3_VERSION_MINOR) &&
412 !(s->options & SSL_OP_NO_SSLv3))
413 {
414 s->version=SSL3_VERSION;
415 s->method=SSLv3_client_method();
416 }
417 else if ((p[2] == TLS1_VERSION_MINOR) &&
418 !(s->options & SSL_OP_NO_TLSv1))
419 {
420 s->version=TLS1_VERSION;
421 s->method=TLSv1_client_method();
422 }
423 else
424 {
425 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
426 goto err;
427 }
428
429 s->handshake_func=s->method->ssl_connect;
430 }
431 else if ((p[0] == SSL3_RT_ALERT) &&
432 (p[1] == SSL3_VERSION_MAJOR) &&
433 ((p[2] == SSL3_VERSION_MINOR) ||
434 (p[2] == TLS1_VERSION_MINOR)) &&
435 (p[3] == 0) &&
436 (p[4] == 2))
437 {
438 void (*cb)()=NULL;
439 int j;
440
441 /* An alert */
442 if (s->info_callback != NULL)
443 cb=s->info_callback;
444 else if (s->ctx->info_callback != NULL)
445 cb=s->ctx->info_callback;
446
447 i=p[5];
448 if (cb != NULL)
449 {
450 j=(i<<8)|p[6];
451 cb(s,SSL_CB_READ_ALERT,j);
452 }
453
454 s->rwstate=SSL_NOTHING;
455 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
456 goto err;
457 }
458 else
459 {
460 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
461 goto err;
462 }
463 s->init_num=0;
464
465 /* Since, if we are sending a ssl23 client hello, we are not
466 * reusing a session-id */
467 if (!ssl_get_new_session(s,0))
468 goto err;
469
470 s->first_packet=1;
471 return(SSL_connect(s));
472err:
473 return(-1);
474 }
475
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
deleted file mode 100644
index ad2d8dadf7..0000000000
--- a/src/lib/libssl/s23_lib.c
+++ /dev/null
@@ -1,236 +0,0 @@
1/* ssl/s23_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63static int ssl23_num_ciphers(void );
64static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
65static int ssl23_read(SSL *s, void *buf, int len);
66static int ssl23_peek(SSL *s, void *buf, int len);
67static int ssl23_write(SSL *s, const void *buf, int len);
68static long ssl23_default_timeout(void );
69static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
70static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
71const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
72
73static SSL_METHOD SSLv23_data= {
74 TLS1_VERSION,
75 tls1_new,
76 tls1_clear,
77 tls1_free,
78 ssl_undefined_function,
79 ssl_undefined_function,
80 ssl23_read,
81 ssl23_peek,
82 ssl23_write,
83 ssl_undefined_function,
84 ssl_undefined_function,
85 ssl_ok,
86 ssl3_ctrl,
87 ssl3_ctx_ctrl,
88 ssl23_get_cipher_by_char,
89 ssl23_put_cipher_by_char,
90 ssl_undefined_function,
91 ssl23_num_ciphers,
92 ssl23_get_cipher,
93 ssl_bad_method,
94 ssl23_default_timeout,
95 &ssl3_undef_enc_method,
96 ssl_undefined_function,
97 ssl3_callback_ctrl,
98 ssl3_ctx_callback_ctrl,
99 };
100
101static long ssl23_default_timeout(void)
102 {
103 return(300);
104 }
105
106SSL_METHOD *sslv23_base_method(void)
107 {
108 return(&SSLv23_data);
109 }
110
111static int ssl23_num_ciphers(void)
112 {
113 return(ssl3_num_ciphers()
114#ifndef NO_SSL2
115 + ssl2_num_ciphers()
116#endif
117 );
118 }
119
120static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
121 {
122 unsigned int uu=ssl3_num_ciphers();
123
124 if (u < uu)
125 return(ssl3_get_cipher(u));
126 else
127#ifndef NO_SSL2
128 return(ssl2_get_cipher(u-uu));
129#else
130 return(NULL);
131#endif
132 }
133
134/* This function needs to check if the ciphers required are actually
135 * available */
136static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
137 {
138 SSL_CIPHER c,*cp;
139 unsigned long id;
140 int n;
141
142 n=ssl3_num_ciphers();
143 id=0x03000000|((unsigned long)p[0]<<16L)|
144 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
145 c.id=id;
146 cp=ssl3_get_cipher_by_char(p);
147#ifndef NO_SSL2
148 if (cp == NULL)
149 cp=ssl2_get_cipher_by_char(p);
150#endif
151 return(cp);
152 }
153
154static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
155 {
156 long l;
157
158 /* We can write SSLv2 and SSLv3 ciphers */
159 if (p != NULL)
160 {
161 l=c->id;
162 p[0]=((unsigned char)(l>>16L))&0xFF;
163 p[1]=((unsigned char)(l>> 8L))&0xFF;
164 p[2]=((unsigned char)(l ))&0xFF;
165 }
166 return(3);
167 }
168
169static int ssl23_read(SSL *s, void *buf, int len)
170 {
171 int n;
172
173 clear_sys_error();
174 if (SSL_in_init(s) && (!s->in_handshake))
175 {
176 n=s->handshake_func(s);
177 if (n < 0) return(n);
178 if (n == 0)
179 {
180 SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
181 return(-1);
182 }
183 return(SSL_read(s,buf,len));
184 }
185 else
186 {
187 ssl_undefined_function(s);
188 return(-1);
189 }
190 }
191
192static int ssl23_peek(SSL *s, void *buf, int len)
193 {
194 int n;
195
196 clear_sys_error();
197 if (SSL_in_init(s) && (!s->in_handshake))
198 {
199 n=s->handshake_func(s);
200 if (n < 0) return(n);
201 if (n == 0)
202 {
203 SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
204 return(-1);
205 }
206 return(SSL_peek(s,buf,len));
207 }
208 else
209 {
210 ssl_undefined_function(s);
211 return(-1);
212 }
213 }
214
215static int ssl23_write(SSL *s, const void *buf, int len)
216 {
217 int n;
218
219 clear_sys_error();
220 if (SSL_in_init(s) && (!s->in_handshake))
221 {
222 n=s->handshake_func(s);
223 if (n < 0) return(n);
224 if (n == 0)
225 {
226 SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
227 return(-1);
228 }
229 return(SSL_write(s,buf,len));
230 }
231 else
232 {
233 ssl_undefined_function(s);
234 return(-1);
235 }
236 }
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
deleted file mode 100644
index f45e1ce3d8..0000000000
--- a/src/lib/libssl/s23_pkt.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* ssl/s23_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#define USE_SOCKETS
62#include <openssl/evp.h>
63#include <openssl/buffer.h>
64#include "ssl_locl.h"
65
66int ssl23_write_bytes(SSL *s)
67 {
68 int i,num,tot;
69 char *buf;
70
71 buf=s->init_buf->data;
72 tot=s->init_off;
73 num=s->init_num;
74 for (;;)
75 {
76 s->rwstate=SSL_WRITING;
77 i=BIO_write(s->wbio,&(buf[tot]),num);
78 if (i <= 0)
79 {
80 s->init_off=tot;
81 s->init_num=num;
82 return(i);
83 }
84 s->rwstate=SSL_NOTHING;
85 if (i == num) return(tot+i);
86
87 num-=i;
88 tot+=i;
89 }
90 }
91
92/* return regularly only when we have read (at least) 'n' bytes */
93int ssl23_read_bytes(SSL *s, int n)
94 {
95 unsigned char *p;
96 int j;
97
98 if (s->packet_length < (unsigned int)n)
99 {
100 p=s->packet;
101
102 for (;;)
103 {
104 s->rwstate=SSL_READING;
105 j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
106 n-s->packet_length);
107 if (j <= 0)
108 return(j);
109 s->rwstate=SSL_NOTHING;
110 s->packet_length+=j;
111 if (s->packet_length >= (unsigned int)n)
112 return(s->packet_length);
113 }
114 }
115 return(n);
116 }
117
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
deleted file mode 100644
index 050618235f..0000000000
--- a/src/lib/libssl/s23_srvr.c
+++ /dev/null
@@ -1,576 +0,0 @@
1/* ssl/s23_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "ssl_locl.h"
65
66static SSL_METHOD *ssl23_get_server_method(int ver);
67int ssl23_get_client_hello(SSL *s);
68static SSL_METHOD *ssl23_get_server_method(int ver)
69 {
70#ifndef NO_SSL2
71 if (ver == SSL2_VERSION)
72 return(SSLv2_server_method());
73#endif
74 if (ver == SSL3_VERSION)
75 return(SSLv3_server_method());
76 else if (ver == TLS1_VERSION)
77 return(TLSv1_server_method());
78 else
79 return(NULL);
80 }
81
82SSL_METHOD *SSLv23_server_method(void)
83 {
84 static int init=1;
85 static SSL_METHOD SSLv23_server_data;
86
87 if (init)
88 {
89 memcpy((char *)&SSLv23_server_data,
90 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
91 SSLv23_server_data.ssl_accept=ssl23_accept;
92 SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
93 init=0;
94 }
95 return(&SSLv23_server_data);
96 }
97
98int ssl23_accept(SSL *s)
99 {
100 BUF_MEM *buf;
101 unsigned long Time=time(NULL);
102 void (*cb)()=NULL;
103 int ret= -1;
104 int new_state,state;
105
106 RAND_add(&Time,sizeof(Time),0);
107 ERR_clear_error();
108 clear_sys_error();
109
110 if (s->info_callback != NULL)
111 cb=s->info_callback;
112 else if (s->ctx->info_callback != NULL)
113 cb=s->ctx->info_callback;
114
115 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
116 s->in_handshake++;
117
118 for (;;)
119 {
120 state=s->state;
121
122 switch(s->state)
123 {
124 case SSL_ST_BEFORE:
125 case SSL_ST_ACCEPT:
126 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
127 case SSL_ST_OK|SSL_ST_ACCEPT:
128
129 s->server=1;
130 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
131
132 /* s->version=SSL3_VERSION; */
133 s->type=SSL_ST_ACCEPT;
134
135 if (s->init_buf == NULL)
136 {
137 if ((buf=BUF_MEM_new()) == NULL)
138 {
139 ret= -1;
140 goto end;
141 }
142 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
143 {
144 ret= -1;
145 goto end;
146 }
147 s->init_buf=buf;
148 }
149
150 ssl3_init_finished_mac(s);
151
152 s->state=SSL23_ST_SR_CLNT_HELLO_A;
153 s->ctx->stats.sess_accept++;
154 s->init_num=0;
155 break;
156
157 case SSL23_ST_SR_CLNT_HELLO_A:
158 case SSL23_ST_SR_CLNT_HELLO_B:
159
160 s->shutdown=0;
161 ret=ssl23_get_client_hello(s);
162 if (ret >= 0) cb=NULL;
163 goto end;
164 /* break; */
165
166 default:
167 SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
168 ret= -1;
169 goto end;
170 /* break; */
171 }
172
173 if ((cb != NULL) && (s->state != state))
174 {
175 new_state=s->state;
176 s->state=state;
177 cb(s,SSL_CB_ACCEPT_LOOP,1);
178 s->state=new_state;
179 }
180 }
181end:
182 if (cb != NULL)
183 cb(s,SSL_CB_ACCEPT_EXIT,ret);
184 s->in_handshake--;
185 return(ret);
186 }
187
188
189int ssl23_get_client_hello(SSL *s)
190 {
191 char buf_space[11]; /* Request this many bytes in initial read.
192 * We can detect SSL 3.0/TLS 1.0 Client Hellos
193 * ('type == 3') correctly only when the following
194 * is in a single record, which is not guaranteed by
195 * the protocol specification:
196 * Byte Content
197 * 0 type \
198 * 1/2 version > record header
199 * 3/4 length /
200 * 5 msg_type \
201 * 6-8 length > Client Hello message
202 * 9/10 client_version /
203 */
204 char *buf= &(buf_space[0]);
205 unsigned char *p,*d,*dd;
206 unsigned int i;
207 unsigned int csl,sil,cl;
208 int n=0,j;
209 int type=0;
210 int v[2];
211#ifndef NO_RSA
212 int use_sslv2_strong=0;
213#endif
214
215 if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
216 {
217 /* read the initial header */
218 v[0]=v[1]=0;
219
220 if (!ssl3_setup_buffers(s)) goto err;
221
222 n=ssl23_read_bytes(s, sizeof buf_space);
223 if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */
224
225 p=s->packet;
226
227 memcpy(buf,p,n);
228
229 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
230 {
231 /*
232 * SSLv2 header
233 */
234 if ((p[3] == 0x00) && (p[4] == 0x02))
235 {
236 v[0]=p[3]; v[1]=p[4];
237 /* SSLv2 */
238 if (!(s->options & SSL_OP_NO_SSLv2))
239 type=1;
240 }
241 else if (p[3] == SSL3_VERSION_MAJOR)
242 {
243 v[0]=p[3]; v[1]=p[4];
244 /* SSLv3/TLSv1 */
245 if (p[4] >= TLS1_VERSION_MINOR)
246 {
247 if (!(s->options & SSL_OP_NO_TLSv1))
248 {
249 s->version=TLS1_VERSION;
250 /* type=2; */ /* done later to survive restarts */
251 s->state=SSL23_ST_SR_CLNT_HELLO_B;
252 }
253 else if (!(s->options & SSL_OP_NO_SSLv3))
254 {
255 s->version=SSL3_VERSION;
256 /* type=2; */
257 s->state=SSL23_ST_SR_CLNT_HELLO_B;
258 }
259 else if (!(s->options & SSL_OP_NO_SSLv2))
260 {
261 type=1;
262 }
263 }
264 else if (!(s->options & SSL_OP_NO_SSLv3))
265 {
266 s->version=SSL3_VERSION;
267 /* type=2; */
268 s->state=SSL23_ST_SR_CLNT_HELLO_B;
269 }
270 else if (!(s->options & SSL_OP_NO_SSLv2))
271 type=1;
272
273 if (s->options & SSL_OP_NON_EXPORT_FIRST)
274 /* Not only utterly confusing, but broken
275 * ('fractured programming'?) -- the details
276 * of this block nearly make it work
277 * as intended in this environment, but on one
278 * of the fine points (w.r.t. restarts) it fails.
279 * The obvious fix would be even more devastating
280 * to program structure; if you want the functionality,
281 * throw this away and implement it in a way
282 * that makes sense */
283 {
284#if 0
285 STACK_OF(SSL_CIPHER) *sk;
286 SSL_CIPHER *c;
287 int ne2,ne3;
288
289 j=((p[0]&0x7f)<<8)|p[1];
290 if (j > (1024*4))
291 {
292 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
293 goto err;
294 }
295
296 n=ssl23_read_bytes(s,j+2);
297 if (n <= 0) return(n);
298 p=s->packet;
299
300 if ((buf=OPENSSL_malloc(n)) == NULL)
301 {
302 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
303 goto err;
304 }
305 memcpy(buf,p,n);
306
307 p+=5;
308 n2s(p,csl);
309 p+=4;
310
311 sk=ssl_bytes_to_cipher_list(
312 s,p,csl,NULL);
313 if (sk != NULL)
314 {
315 ne2=ne3=0;
316 for (j=0; j<sk_SSL_CIPHER_num(sk); j++)
317 {
318 c=sk_SSL_CIPHER_value(sk,j);
319 if (!SSL_C_IS_EXPORT(c))
320 {
321 if ((c->id>>24L) == 2L)
322 ne2=1;
323 else
324 ne3=1;
325 }
326 }
327 if (ne2 && !ne3)
328 {
329 type=1;
330 use_sslv2_strong=1;
331 goto next_bit;
332 }
333 }
334#else
335 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_OPTION);
336 goto err;
337#endif
338 }
339 }
340 }
341 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
342 (p[1] == SSL3_VERSION_MAJOR) &&
343 (p[5] == SSL3_MT_CLIENT_HELLO) &&
344 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
345 || (p[9] == p[1])))
346 {
347 /*
348 * SSLv3 or tls1 header
349 */
350
351 v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
352 /* We must look at client_version inside the Client Hello message
353 * to get the correct minor version.
354 * However if we have only a pathologically small fragment of the
355 * Client Hello message, this would be difficult, we'd have
356 * to read at least one additional record to find out.
357 * This doesn't usually happen in real life, so we just complain
358 * for now.
359 */
360 if (p[3] == 0 && p[4] < 6)
361 {
362 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
363 goto err;
364 }
365 v[1]=p[10]; /* minor version according to client_version */
366 if (v[1] >= TLS1_VERSION_MINOR)
367 {
368 if (!(s->options & SSL_OP_NO_TLSv1))
369 {
370 s->version=TLS1_VERSION;
371 type=3;
372 }
373 else if (!(s->options & SSL_OP_NO_SSLv3))
374 {
375 s->version=SSL3_VERSION;
376 type=3;
377 }
378 }
379 else if (!(s->options & SSL_OP_NO_SSLv3))
380 {
381 s->version=SSL3_VERSION;
382 type=3;
383 }
384 }
385 else if ((strncmp("GET ", (char *)p,4) == 0) ||
386 (strncmp("POST ",(char *)p,5) == 0) ||
387 (strncmp("HEAD ",(char *)p,5) == 0) ||
388 (strncmp("PUT ", (char *)p,4) == 0))
389 {
390 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
391 goto err;
392 }
393 else if (strncmp("CONNECT",(char *)p,7) == 0)
394 {
395 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
396 goto err;
397 }
398 }
399
400 if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
401 {
402 /* we have SSLv3/TLSv1 in an SSLv2 header
403 * (other cases skip this state) */
404
405 type=2;
406 p=s->packet;
407 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
408 v[1] = p[4];
409
410 n=((p[0]&0x7f)<<8)|p[1];
411 if (n > (1024*4))
412 {
413 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
414 goto err;
415 }
416
417 j=ssl23_read_bytes(s,n+2);
418 if (j <= 0) return(j);
419
420 ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2);
421
422 p=s->packet;
423 p+=5;
424 n2s(p,csl);
425 n2s(p,sil);
426 n2s(p,cl);
427 d=(unsigned char *)s->init_buf->data;
428 if ((csl+sil+cl+11) != s->packet_length)
429 {
430 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
431 goto err;
432 }
433
434 *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
435 *(d++) = v[1];
436
437 /* lets populate the random area */
438 /* get the challenge_length */
439 i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
440 memset(d,0,SSL3_RANDOM_SIZE);
441 memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
442 d+=SSL3_RANDOM_SIZE;
443
444 /* no session-id reuse */
445 *(d++)=0;
446
447 /* ciphers */
448 j=0;
449 dd=d;
450 d+=2;
451 for (i=0; i<csl; i+=3)
452 {
453 if (p[i] != 0) continue;
454 *(d++)=p[i+1];
455 *(d++)=p[i+2];
456 j+=2;
457 }
458 s2n(j,dd);
459
460 /* COMPRESSION */
461 *(d++)=1;
462 *(d++)=0;
463
464 i=(d-(unsigned char *)s->init_buf->data);
465
466 /* get the data reused from the init_buf */
467 s->s3->tmp.reuse_message=1;
468 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
469 s->s3->tmp.message_size=i;
470 }
471
472 /* imaginary new state (for program structure): */
473 /* s->state = SSL23_SR_CLNT_HELLO_C */
474
475 if (type == 1)
476 {
477#ifdef NO_SSL2
478 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
479 goto err;
480#else
481 /* we are talking sslv2 */
482 /* we need to clean up the SSLv3/TLSv1 setup and put in the
483 * sslv2 stuff. */
484
485 if (s->s2 == NULL)
486 {
487 if (!ssl2_new(s))
488 goto err;
489 }
490 else
491 ssl2_clear(s);
492
493 if (s->s3 != NULL) ssl3_free(s);
494
495 if (!BUF_MEM_grow(s->init_buf,
496 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
497 {
498 goto err;
499 }
500
501 s->state=SSL2_ST_GET_CLIENT_HELLO_A;
502 if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
503 use_sslv2_strong ||
504 (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
505 s->s2->ssl2_rollback=0;
506 else
507 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
508 * (SSL 3.0 draft/RFC 2246, App. E.2) */
509 s->s2->ssl2_rollback=1;
510
511 /* setup the n bytes we have read so we get them from
512 * the sslv2 buffer */
513 s->rstate=SSL_ST_READ_HEADER;
514 s->packet_length=n;
515 s->packet= &(s->s2->rbuf[0]);
516 memcpy(s->packet,buf,n);
517 s->s2->rbuf_left=n;
518 s->s2->rbuf_offs=0;
519
520 s->method=SSLv2_server_method();
521 s->handshake_func=s->method->ssl_accept;
522#endif
523 }
524
525 if ((type == 2) || (type == 3))
526 {
527 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
528
529 if (!ssl_init_wbio_buffer(s,1)) goto err;
530
531 /* we are in this state */
532 s->state=SSL3_ST_SR_CLNT_HELLO_A;
533
534 if (type == 3)
535 {
536 /* put the 'n' bytes we have read into the input buffer
537 * for SSLv3 */
538 s->rstate=SSL_ST_READ_HEADER;
539 s->packet_length=n;
540 s->packet= &(s->s3->rbuf.buf[0]);
541 memcpy(s->packet,buf,n);
542 s->s3->rbuf.left=n;
543 s->s3->rbuf.offset=0;
544 }
545 else
546 {
547 s->packet_length=0;
548 s->s3->rbuf.left=0;
549 s->s3->rbuf.offset=0;
550 }
551
552 if (s->version == TLS1_VERSION)
553 s->method = TLSv1_server_method();
554 else
555 s->method = SSLv3_server_method();
556#if 0 /* ssl3_get_client_hello does this */
557 s->client_version=(v[0]<<8)|v[1];
558#endif
559 s->handshake_func=s->method->ssl_accept;
560 }
561
562 if ((type < 1) || (type > 3))
563 {
564 /* bad, very bad */
565 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
566 goto err;
567 }
568 s->init_num=0;
569
570 if (buf != buf_space) OPENSSL_free(buf);
571 s->first_packet=1;
572 return(SSL_accept(s));
573err:
574 if (buf != buf_space) OPENSSL_free(buf);
575 return(-1);
576 }
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
deleted file mode 100644
index 10d8d3b15a..0000000000
--- a/src/lib/libssl/s3_both.c
+++ /dev/null
@@ -1,588 +0,0 @@
1/* ssl/s3_both.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <string.h>
113#include <stdio.h>
114#include <openssl/buffer.h>
115#include <openssl/rand.h>
116#include <openssl/objects.h>
117#include <openssl/evp.h>
118#include <openssl/x509.h>
119#include "ssl_locl.h"
120
121/* send s->init_buf in records of type 'type' */
122int ssl3_do_write(SSL *s, int type)
123 {
124 int ret;
125
126 ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off],
127 s->init_num);
128 if (ret < 0) return(-1);
129 if (type == SSL3_RT_HANDSHAKE)
130 /* should not be done for 'Hello Request's, but in that case
131 * we'll ignore the result anyway */
132 ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
133
134 if (ret == s->init_num)
135 return(1);
136 s->init_off+=ret;
137 s->init_num-=ret;
138 return(0);
139 }
140
141int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
142 {
143 unsigned char *p,*d;
144 int i;
145 unsigned long l;
146
147 if (s->state == a)
148 {
149 d=(unsigned char *)s->init_buf->data;
150 p= &(d[4]);
151
152 i=s->method->ssl3_enc->final_finish_mac(s,
153 &(s->s3->finish_dgst1),
154 &(s->s3->finish_dgst2),
155 sender,slen,s->s3->tmp.finish_md);
156 s->s3->tmp.finish_md_len = i;
157 memcpy(p, s->s3->tmp.finish_md, i);
158 p+=i;
159 l=i;
160
161#ifdef WIN16
162 /* MSVC 1.5 does not clear the top bytes of the word unless
163 * I do this.
164 */
165 l&=0xffff;
166#endif
167
168 *(d++)=SSL3_MT_FINISHED;
169 l2n3(l,d);
170 s->init_num=(int)l+4;
171 s->init_off=0;
172
173 s->state=b;
174 }
175
176 /* SSL3_ST_SEND_xxxxxx_HELLO_B */
177 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
178 }
179
180int ssl3_get_finished(SSL *s, int a, int b)
181 {
182 int al,i,ok;
183 long n;
184 unsigned char *p;
185
186 /* the mac has already been generated when we received the
187 * change cipher spec message and is in s->s3->tmp.peer_finish_md
188 */
189
190 n=ssl3_get_message(s,
191 a,
192 b,
193 SSL3_MT_FINISHED,
194 64, /* should actually be 36+4 :-) */
195 &ok);
196
197 if (!ok) return((int)n);
198
199 /* If this occurs, we have missed a message */
200 if (!s->s3->change_cipher_spec)
201 {
202 al=SSL_AD_UNEXPECTED_MESSAGE;
203 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
204 goto f_err;
205 }
206 s->s3->change_cipher_spec=0;
207
208 p = (unsigned char *)s->init_buf->data;
209 i = s->s3->tmp.peer_finish_md_len;
210
211 if (i != n)
212 {
213 al=SSL_AD_DECODE_ERROR;
214 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
215 goto f_err;
216 }
217
218 if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
219 {
220 al=SSL_AD_DECRYPT_ERROR;
221 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
222 goto f_err;
223 }
224
225 return(1);
226f_err:
227 ssl3_send_alert(s,SSL3_AL_FATAL,al);
228 return(0);
229 }
230
231/* for these 2 messages, we need to
232 * ssl->enc_read_ctx re-init
233 * ssl->s3->read_sequence zero
234 * ssl->s3->read_mac_secret re-init
235 * ssl->session->read_sym_enc assign
236 * ssl->session->read_compression assign
237 * ssl->session->read_hash assign
238 */
239int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
240 {
241 unsigned char *p;
242
243 if (s->state == a)
244 {
245 p=(unsigned char *)s->init_buf->data;
246 *p=SSL3_MT_CCS;
247 s->init_num=1;
248 s->init_off=0;
249
250 s->state=b;
251 }
252
253 /* SSL3_ST_CW_CHANGE_B */
254 return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
255 }
256
257unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
258 {
259 unsigned char *p;
260 int n,i;
261 unsigned long l=7;
262 BUF_MEM *buf;
263 X509_STORE_CTX xs_ctx;
264 X509_OBJECT obj;
265
266 /* TLSv1 sends a chain with nothing in it, instead of an alert */
267 buf=s->init_buf;
268 if (!BUF_MEM_grow(buf,(int)(10)))
269 {
270 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
271 return(0);
272 }
273 if (x != NULL)
274 {
275 X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL);
276
277 for (;;)
278 {
279 n=i2d_X509(x,NULL);
280 if (!BUF_MEM_grow(buf,(int)(n+l+3)))
281 {
282 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
283 return(0);
284 }
285 p=(unsigned char *)&(buf->data[l]);
286 l2n3(n,p);
287 i2d_X509(x,&p);
288 l+=n+3;
289 if (X509_NAME_cmp(X509_get_subject_name(x),
290 X509_get_issuer_name(x)) == 0) break;
291
292 i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
293 X509_get_issuer_name(x),&obj);
294 if (i <= 0) break;
295 x=obj.data.x509;
296 /* Count is one too high since the X509_STORE_get uped the
297 * ref count */
298 X509_free(x);
299 }
300
301 X509_STORE_CTX_cleanup(&xs_ctx);
302 }
303
304 /* Thawte special :-) */
305 if (s->ctx->extra_certs != NULL)
306 for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
307 {
308 x=sk_X509_value(s->ctx->extra_certs,i);
309 n=i2d_X509(x,NULL);
310 if (!BUF_MEM_grow(buf,(int)(n+l+3)))
311 {
312 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
313 return(0);
314 }
315 p=(unsigned char *)&(buf->data[l]);
316 l2n3(n,p);
317 i2d_X509(x,&p);
318 l+=n+3;
319 }
320
321 l-=7;
322 p=(unsigned char *)&(buf->data[4]);
323 l2n3(l,p);
324 l+=3;
325 p=(unsigned char *)&(buf->data[0]);
326 *(p++)=SSL3_MT_CERTIFICATE;
327 l2n3(l,p);
328 l+=4;
329 return(l);
330 }
331
332/* Obtain handshake message of message type 'mt' (any if mt == -1),
333 * maximum acceptable body length 'max'.
334 * The first four bytes (msg_type and length) are read in state 'st1',
335 * the body is read in state 'stn'.
336 */
337long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
338 {
339 unsigned char *p;
340 unsigned long l;
341 long n;
342 int i,al;
343
344 if (s->s3->tmp.reuse_message)
345 {
346 s->s3->tmp.reuse_message=0;
347 if ((mt >= 0) && (s->s3->tmp.message_type != mt))
348 {
349 al=SSL_AD_UNEXPECTED_MESSAGE;
350 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
351 goto f_err;
352 }
353 *ok=1;
354 return((int)s->s3->tmp.message_size);
355 }
356
357 p=(unsigned char *)s->init_buf->data;
358
359 if (s->state == st1) /* s->init_num < 4 */
360 {
361 int skip_message;
362
363 do
364 {
365 while (s->init_num < 4)
366 {
367 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
368 4 - s->init_num, 0);
369 if (i <= 0)
370 {
371 s->rwstate=SSL_READING;
372 *ok = 0;
373 return i;
374 }
375 s->init_num+=i;
376 }
377
378 skip_message = 0;
379 if (!s->server)
380 if (p[0] == SSL3_MT_HELLO_REQUEST)
381 /* The server may always send 'Hello Request' messages --
382 * we are doing a handshake anyway now, so ignore them
383 * if their format is correct. Does not count for
384 * 'Finished' MAC. */
385 if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
386 skip_message = 1;
387 }
388 while (skip_message);
389
390 /* s->init_num == 4 */
391
392 if ((mt >= 0) && (*p != mt))
393 {
394 al=SSL_AD_UNEXPECTED_MESSAGE;
395 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
396 goto f_err;
397 }
398 if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
399 (st1 == SSL3_ST_SR_CERT_A) &&
400 (stn == SSL3_ST_SR_CERT_B))
401 {
402 /* At this point we have got an MS SGC second client
403 * hello (maybe we should always allow the client to
404 * start a new handshake?). We need to restart the mac.
405 * Don't increment {num,total}_renegotiations because
406 * we have not completed the handshake. */
407 ssl3_init_finished_mac(s);
408 }
409
410 ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, 4);
411
412 s->s3->tmp.message_type= *(p++);
413
414 n2l3(p,l);
415 if (l > (unsigned long)max)
416 {
417 al=SSL_AD_ILLEGAL_PARAMETER;
418 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
419 goto f_err;
420 }
421 if (l && !BUF_MEM_grow(s->init_buf,(int)l))
422 {
423 SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
424 goto err;
425 }
426 s->s3->tmp.message_size=l;
427 s->state=stn;
428
429 s->init_num=0;
430 }
431
432 /* next state (stn) */
433 p=(unsigned char *)s->init_buf->data;
434 n=s->s3->tmp.message_size;
435 while (n > 0)
436 {
437 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
438 if (i <= 0)
439 {
440 s->rwstate=SSL_READING;
441 *ok = 0;
442 return i;
443 }
444 s->init_num += i;
445 n -= i;
446 }
447 ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num);
448 *ok=1;
449 return s->init_num;
450f_err:
451 ssl3_send_alert(s,SSL3_AL_FATAL,al);
452err:
453 *ok=0;
454 return(-1);
455 }
456
457int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
458 {
459 EVP_PKEY *pk;
460 int ret= -1,i,j;
461
462 if (pkey == NULL)
463 pk=X509_get_pubkey(x);
464 else
465 pk=pkey;
466 if (pk == NULL) goto err;
467
468 i=pk->type;
469 if (i == EVP_PKEY_RSA)
470 {
471 ret=SSL_PKEY_RSA_ENC;
472 if (x != NULL)
473 {
474 j=X509_get_ext_count(x);
475 /* check to see if this is a signing only certificate */
476 /* EAY EAY EAY EAY */
477 }
478 }
479 else if (i == EVP_PKEY_DSA)
480 {
481 ret=SSL_PKEY_DSA_SIGN;
482 }
483 else if (i == EVP_PKEY_DH)
484 {
485 /* if we just have a key, we needs to be guess */
486
487 if (x == NULL)
488 ret=SSL_PKEY_DH_DSA;
489 else
490 {
491 j=X509_get_signature_type(x);
492 if (j == EVP_PKEY_RSA)
493 ret=SSL_PKEY_DH_RSA;
494 else if (j== EVP_PKEY_DSA)
495 ret=SSL_PKEY_DH_DSA;
496 else ret= -1;
497 }
498 }
499 else
500 ret= -1;
501
502err:
503 if(!pkey) EVP_PKEY_free(pk);
504 return(ret);
505 }
506
507int ssl_verify_alarm_type(long type)
508 {
509 int al;
510
511 switch(type)
512 {
513 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
514 case X509_V_ERR_UNABLE_TO_GET_CRL:
515 al=SSL_AD_UNKNOWN_CA;
516 break;
517 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
518 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
519 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
520 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
521 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
522 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
523 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
524 case X509_V_ERR_CERT_NOT_YET_VALID:
525 case X509_V_ERR_CRL_NOT_YET_VALID:
526 al=SSL_AD_BAD_CERTIFICATE;
527 break;
528 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
529 case X509_V_ERR_CRL_SIGNATURE_FAILURE:
530 al=SSL_AD_DECRYPT_ERROR;
531 break;
532 case X509_V_ERR_CERT_HAS_EXPIRED:
533 case X509_V_ERR_CRL_HAS_EXPIRED:
534 al=SSL_AD_CERTIFICATE_EXPIRED;
535 break;
536 case X509_V_ERR_CERT_REVOKED:
537 al=SSL_AD_CERTIFICATE_REVOKED;
538 break;
539 case X509_V_ERR_OUT_OF_MEM:
540 al=SSL_AD_INTERNAL_ERROR;
541 break;
542 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
543 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
544 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
545 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
546 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
547 al=SSL_AD_UNKNOWN_CA;
548 break;
549 case X509_V_ERR_APPLICATION_VERIFICATION:
550 al=SSL_AD_HANDSHAKE_FAILURE;
551 break;
552 default:
553 al=SSL_AD_CERTIFICATE_UNKNOWN;
554 break;
555 }
556 return(al);
557 }
558
559int ssl3_setup_buffers(SSL *s)
560 {
561 unsigned char *p;
562 unsigned int extra;
563
564 if (s->s3->rbuf.buf == NULL)
565 {
566 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
567 extra=SSL3_RT_MAX_EXTRA;
568 else
569 extra=0;
570 if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE+extra))
571 == NULL)
572 goto err;
573 s->s3->rbuf.buf=p;
574 }
575
576 if (s->s3->wbuf.buf == NULL)
577 {
578 if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE))
579 == NULL)
580 goto err;
581 s->s3->wbuf.buf=p;
582 }
583 s->packet= &(s->s3->rbuf.buf[0]);
584 return(1);
585err:
586 SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
587 return(0);
588 }
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
deleted file mode 100644
index eec45cfa48..0000000000
--- a/src/lib/libssl/s3_clnt.c
+++ /dev/null
@@ -1,1741 +0,0 @@
1/* ssl/s3_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/md5.h>
64#include <openssl/sha.h>
65#include <openssl/evp.h>
66#include "ssl_locl.h"
67
68static SSL_METHOD *ssl3_get_client_method(int ver);
69static int ssl3_client_hello(SSL *s);
70static int ssl3_get_server_hello(SSL *s);
71static int ssl3_get_certificate_request(SSL *s);
72static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
73static int ssl3_get_server_done(SSL *s);
74static int ssl3_send_client_verify(SSL *s);
75static int ssl3_send_client_certificate(SSL *s);
76static int ssl3_send_client_key_exchange(SSL *s);
77static int ssl3_get_key_exchange(SSL *s);
78static int ssl3_get_server_certificate(SSL *s);
79static int ssl3_check_cert_and_algorithm(SSL *s);
80static SSL_METHOD *ssl3_get_client_method(int ver)
81 {
82 if (ver == SSL3_VERSION)
83 return(SSLv3_client_method());
84 else
85 return(NULL);
86 }
87
88SSL_METHOD *SSLv3_client_method(void)
89 {
90 static int init=1;
91 static SSL_METHOD SSLv3_client_data;
92
93 if (init)
94 {
95 init=0;
96 memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
97 sizeof(SSL_METHOD));
98 SSLv3_client_data.ssl_connect=ssl3_connect;
99 SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
100 }
101 return(&SSLv3_client_data);
102 }
103
104int ssl3_connect(SSL *s)
105 {
106 BUF_MEM *buf;
107 unsigned long Time=time(NULL),l;
108 long num1;
109 void (*cb)()=NULL;
110 int ret= -1;
111 int new_state,state,skip=0;;
112
113 RAND_add(&Time,sizeof(Time),0);
114 ERR_clear_error();
115 clear_sys_error();
116
117 if (s->info_callback != NULL)
118 cb=s->info_callback;
119 else if (s->ctx->info_callback != NULL)
120 cb=s->ctx->info_callback;
121
122 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
123 s->in_handshake++;
124
125 for (;;)
126 {
127 state=s->state;
128
129 switch(s->state)
130 {
131 case SSL_ST_RENEGOTIATE:
132 s->new_session=1;
133 s->state=SSL_ST_CONNECT;
134 s->ctx->stats.sess_connect_renegotiate++;
135 /* break */
136 case SSL_ST_BEFORE:
137 case SSL_ST_CONNECT:
138 case SSL_ST_BEFORE|SSL_ST_CONNECT:
139 case SSL_ST_OK|SSL_ST_CONNECT:
140
141 s->server=0;
142 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
143
144 if ((s->version & 0xff00 ) != 0x0300)
145 {
146 SSLerr(SSL_F_SSL3_CONNECT, SSL_R_INTERNAL_ERROR);
147 ret = -1;
148 goto end;
149 }
150
151 /* s->version=SSL3_VERSION; */
152 s->type=SSL_ST_CONNECT;
153
154 if (s->init_buf == NULL)
155 {
156 if ((buf=BUF_MEM_new()) == NULL)
157 {
158 ret= -1;
159 goto end;
160 }
161 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
162 {
163 ret= -1;
164 goto end;
165 }
166 s->init_buf=buf;
167 }
168
169 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
170
171 /* setup buffing BIO */
172 if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
173
174 /* don't push the buffering BIO quite yet */
175
176 ssl3_init_finished_mac(s);
177
178 s->state=SSL3_ST_CW_CLNT_HELLO_A;
179 s->ctx->stats.sess_connect++;
180 s->init_num=0;
181 break;
182
183 case SSL3_ST_CW_CLNT_HELLO_A:
184 case SSL3_ST_CW_CLNT_HELLO_B:
185
186 s->shutdown=0;
187 ret=ssl3_client_hello(s);
188 if (ret <= 0) goto end;
189 s->state=SSL3_ST_CR_SRVR_HELLO_A;
190 s->init_num=0;
191
192 /* turn on buffering for the next lot of output */
193 if (s->bbio != s->wbio)
194 s->wbio=BIO_push(s->bbio,s->wbio);
195
196 break;
197
198 case SSL3_ST_CR_SRVR_HELLO_A:
199 case SSL3_ST_CR_SRVR_HELLO_B:
200 ret=ssl3_get_server_hello(s);
201 if (ret <= 0) goto end;
202 if (s->hit)
203 s->state=SSL3_ST_CR_FINISHED_A;
204 else
205 s->state=SSL3_ST_CR_CERT_A;
206 s->init_num=0;
207 break;
208
209 case SSL3_ST_CR_CERT_A:
210 case SSL3_ST_CR_CERT_B:
211 /* Check if it is anon DH */
212 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
213 {
214 ret=ssl3_get_server_certificate(s);
215 if (ret <= 0) goto end;
216 }
217 else
218 skip=1;
219 s->state=SSL3_ST_CR_KEY_EXCH_A;
220 s->init_num=0;
221 break;
222
223 case SSL3_ST_CR_KEY_EXCH_A:
224 case SSL3_ST_CR_KEY_EXCH_B:
225 ret=ssl3_get_key_exchange(s);
226 if (ret <= 0) goto end;
227 s->state=SSL3_ST_CR_CERT_REQ_A;
228 s->init_num=0;
229
230 /* at this point we check that we have the
231 * required stuff from the server */
232 if (!ssl3_check_cert_and_algorithm(s))
233 {
234 ret= -1;
235 goto end;
236 }
237 break;
238
239 case SSL3_ST_CR_CERT_REQ_A:
240 case SSL3_ST_CR_CERT_REQ_B:
241 ret=ssl3_get_certificate_request(s);
242 if (ret <= 0) goto end;
243 s->state=SSL3_ST_CR_SRVR_DONE_A;
244 s->init_num=0;
245 break;
246
247 case SSL3_ST_CR_SRVR_DONE_A:
248 case SSL3_ST_CR_SRVR_DONE_B:
249 ret=ssl3_get_server_done(s);
250 if (ret <= 0) goto end;
251 if (s->s3->tmp.cert_req)
252 s->state=SSL3_ST_CW_CERT_A;
253 else
254 s->state=SSL3_ST_CW_KEY_EXCH_A;
255 s->init_num=0;
256
257 break;
258
259 case SSL3_ST_CW_CERT_A:
260 case SSL3_ST_CW_CERT_B:
261 case SSL3_ST_CW_CERT_C:
262 case SSL3_ST_CW_CERT_D:
263 ret=ssl3_send_client_certificate(s);
264 if (ret <= 0) goto end;
265 s->state=SSL3_ST_CW_KEY_EXCH_A;
266 s->init_num=0;
267 break;
268
269 case SSL3_ST_CW_KEY_EXCH_A:
270 case SSL3_ST_CW_KEY_EXCH_B:
271 ret=ssl3_send_client_key_exchange(s);
272 if (ret <= 0) goto end;
273 l=s->s3->tmp.new_cipher->algorithms;
274 /* EAY EAY EAY need to check for DH fix cert
275 * sent back */
276 /* For TLS, cert_req is set to 2, so a cert chain
277 * of nothing is sent, but no verify packet is sent */
278 if (s->s3->tmp.cert_req == 1)
279 {
280 s->state=SSL3_ST_CW_CERT_VRFY_A;
281 }
282 else
283 {
284 s->state=SSL3_ST_CW_CHANGE_A;
285 s->s3->change_cipher_spec=0;
286 }
287
288 s->init_num=0;
289 break;
290
291 case SSL3_ST_CW_CERT_VRFY_A:
292 case SSL3_ST_CW_CERT_VRFY_B:
293 ret=ssl3_send_client_verify(s);
294 if (ret <= 0) goto end;
295 s->state=SSL3_ST_CW_CHANGE_A;
296 s->init_num=0;
297 s->s3->change_cipher_spec=0;
298 break;
299
300 case SSL3_ST_CW_CHANGE_A:
301 case SSL3_ST_CW_CHANGE_B:
302 ret=ssl3_send_change_cipher_spec(s,
303 SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
304 if (ret <= 0) goto end;
305 s->state=SSL3_ST_CW_FINISHED_A;
306 s->init_num=0;
307
308 s->session->cipher=s->s3->tmp.new_cipher;
309 if (s->s3->tmp.new_compression == NULL)
310 s->session->compress_meth=0;
311 else
312 s->session->compress_meth=
313 s->s3->tmp.new_compression->id;
314 if (!s->method->ssl3_enc->setup_key_block(s))
315 {
316 ret= -1;
317 goto end;
318 }
319
320 if (!s->method->ssl3_enc->change_cipher_state(s,
321 SSL3_CHANGE_CIPHER_CLIENT_WRITE))
322 {
323 ret= -1;
324 goto end;
325 }
326
327 break;
328
329 case SSL3_ST_CW_FINISHED_A:
330 case SSL3_ST_CW_FINISHED_B:
331 ret=ssl3_send_finished(s,
332 SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
333 s->method->ssl3_enc->client_finished_label,
334 s->method->ssl3_enc->client_finished_label_len);
335 if (ret <= 0) goto end;
336 s->state=SSL3_ST_CW_FLUSH;
337
338 /* clear flags */
339 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
340 if (s->hit)
341 {
342 s->s3->tmp.next_state=SSL_ST_OK;
343 if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
344 {
345 s->state=SSL_ST_OK;
346 s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
347 s->s3->delay_buf_pop_ret=0;
348 }
349 }
350 else
351 {
352 s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
353 }
354 s->init_num=0;
355 break;
356
357 case SSL3_ST_CR_FINISHED_A:
358 case SSL3_ST_CR_FINISHED_B:
359
360 ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
361 SSL3_ST_CR_FINISHED_B);
362 if (ret <= 0) goto end;
363
364 if (s->hit)
365 s->state=SSL3_ST_CW_CHANGE_A;
366 else
367 s->state=SSL_ST_OK;
368 s->init_num=0;
369 break;
370
371 case SSL3_ST_CW_FLUSH:
372 /* number of bytes to be flushed */
373 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
374 if (num1 > 0)
375 {
376 s->rwstate=SSL_WRITING;
377 num1=BIO_flush(s->wbio);
378 if (num1 <= 0) { ret= -1; goto end; }
379 s->rwstate=SSL_NOTHING;
380 }
381
382 s->state=s->s3->tmp.next_state;
383 break;
384
385 case SSL_ST_OK:
386 /* clean a few things up */
387 ssl3_cleanup_key_block(s);
388
389 if (s->init_buf != NULL)
390 {
391 BUF_MEM_free(s->init_buf);
392 s->init_buf=NULL;
393 }
394
395 /* If we are not 'joining' the last two packets,
396 * remove the buffering now */
397 if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
398 ssl_free_wbio_buffer(s);
399 /* else do it later in ssl3_write */
400
401 s->init_num=0;
402 s->new_session=0;
403
404 ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
405 if (s->hit) s->ctx->stats.sess_hit++;
406
407 ret=1;
408 /* s->server=0; */
409 s->handshake_func=ssl3_connect;
410 s->ctx->stats.sess_connect_good++;
411
412 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
413
414 goto end;
415 /* break; */
416
417 default:
418 SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
419 ret= -1;
420 goto end;
421 /* break; */
422 }
423
424 /* did we do anything */
425 if (!s->s3->tmp.reuse_message && !skip)
426 {
427 if (s->debug)
428 {
429 if ((ret=BIO_flush(s->wbio)) <= 0)
430 goto end;
431 }
432
433 if ((cb != NULL) && (s->state != state))
434 {
435 new_state=s->state;
436 s->state=state;
437 cb(s,SSL_CB_CONNECT_LOOP,1);
438 s->state=new_state;
439 }
440 }
441 skip=0;
442 }
443end:
444 if (cb != NULL)
445 cb(s,SSL_CB_CONNECT_EXIT,ret);
446 s->in_handshake--;
447 return(ret);
448 }
449
450
451static int ssl3_client_hello(SSL *s)
452 {
453 unsigned char *buf;
454 unsigned char *p,*d;
455 int i,j;
456 unsigned long Time,l;
457 SSL_COMP *comp;
458
459 buf=(unsigned char *)s->init_buf->data;
460 if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
461 {
462 if ((s->session == NULL) ||
463 (s->session->ssl_version != s->version) ||
464 (s->session->not_resumable))
465 {
466 if (!ssl_get_new_session(s,0))
467 goto err;
468 }
469 /* else use the pre-loaded session */
470
471 p=s->s3->client_random;
472 Time=time(NULL); /* Time */
473 l2n(Time,p);
474 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
475
476 /* Do the message type and length last */
477 d=p= &(buf[4]);
478
479 *(p++)=s->version>>8;
480 *(p++)=s->version&0xff;
481 s->client_version=s->version;
482
483 /* Random stuff */
484 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
485 p+=SSL3_RANDOM_SIZE;
486
487 /* Session ID */
488 if (s->new_session)
489 i=0;
490 else
491 i=s->session->session_id_length;
492 *(p++)=i;
493 if (i != 0)
494 {
495 memcpy(p,s->session->session_id,i);
496 p+=i;
497 }
498
499 /* Ciphers supported */
500 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
501 if (i == 0)
502 {
503 SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
504 goto err;
505 }
506 s2n(i,p);
507 p+=i;
508
509 /* COMPRESSION */
510 if (s->ctx->comp_methods == NULL)
511 j=0;
512 else
513 j=sk_SSL_COMP_num(s->ctx->comp_methods);
514 *(p++)=1+j;
515 for (i=0; i<j; i++)
516 {
517 comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
518 *(p++)=comp->id;
519 }
520 *(p++)=0; /* Add the NULL method */
521
522 l=(p-d);
523 d=buf;
524 *(d++)=SSL3_MT_CLIENT_HELLO;
525 l2n3(l,d);
526
527 s->state=SSL3_ST_CW_CLNT_HELLO_B;
528 /* number of bytes to write */
529 s->init_num=p-buf;
530 s->init_off=0;
531 }
532
533 /* SSL3_ST_CW_CLNT_HELLO_B */
534 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
535err:
536 return(-1);
537 }
538
539static int ssl3_get_server_hello(SSL *s)
540 {
541 STACK_OF(SSL_CIPHER) *sk;
542 SSL_CIPHER *c;
543 unsigned char *p,*d;
544 int i,al,ok;
545 unsigned int j;
546 long n;
547 SSL_COMP *comp;
548
549 n=ssl3_get_message(s,
550 SSL3_ST_CR_SRVR_HELLO_A,
551 SSL3_ST_CR_SRVR_HELLO_B,
552 SSL3_MT_SERVER_HELLO,
553 300, /* ?? */
554 &ok);
555
556 if (!ok) return((int)n);
557 d=p=(unsigned char *)s->init_buf->data;
558
559 if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
560 {
561 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
562 s->version=(s->version&0xff00)|p[1];
563 al=SSL_AD_PROTOCOL_VERSION;
564 goto f_err;
565 }
566 p+=2;
567
568 /* load the server hello data */
569 /* load the server random */
570 memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
571 p+=SSL3_RANDOM_SIZE;
572
573 /* get the session-id */
574 j= *(p++);
575
576 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
577 {
578 /* SSLref returns 16 :-( */
579 if (j < SSL2_SSL_SESSION_ID_LENGTH)
580 {
581 al=SSL_AD_ILLEGAL_PARAMETER;
582 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
583 goto f_err;
584 }
585 }
586 if (j != 0 && j == s->session->session_id_length
587 && memcmp(p,s->session->session_id,j) == 0)
588 {
589 if(s->sid_ctx_length != s->session->sid_ctx_length
590 || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
591 {
592 al=SSL_AD_ILLEGAL_PARAMETER;
593 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
594 goto f_err;
595 }
596 s->hit=1;
597 }
598 else /* a miss or crap from the other end */
599 {
600 /* If we were trying for session-id reuse, make a new
601 * SSL_SESSION so we don't stuff up other people */
602 s->hit=0;
603 if (s->session->session_id_length > 0)
604 {
605 if (!ssl_get_new_session(s,0))
606 {
607 al=SSL_AD_INTERNAL_ERROR;
608 goto f_err;
609 }
610 }
611 s->session->session_id_length=j;
612 memcpy(s->session->session_id,p,j); /* j could be 0 */
613 }
614 p+=j;
615 c=ssl_get_cipher_by_char(s,p);
616 if (c == NULL)
617 {
618 /* unknown cipher */
619 al=SSL_AD_ILLEGAL_PARAMETER;
620 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
621 goto f_err;
622 }
623 p+=ssl_put_cipher_by_char(s,NULL,NULL);
624
625 sk=ssl_get_ciphers_by_id(s);
626 i=sk_SSL_CIPHER_find(sk,c);
627 if (i < 0)
628 {
629 /* we did not say we would use this cipher */
630 al=SSL_AD_ILLEGAL_PARAMETER;
631 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
632 goto f_err;
633 }
634
635 if (s->hit && (s->session->cipher != c))
636 {
637 if (!(s->options &
638 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
639 {
640 al=SSL_AD_ILLEGAL_PARAMETER;
641 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
642 goto f_err;
643 }
644 }
645 s->s3->tmp.new_cipher=c;
646
647 /* lets get the compression algorithm */
648 /* COMPRESSION */
649 j= *(p++);
650 if (j == 0)
651 comp=NULL;
652 else
653 comp=ssl3_comp_find(s->ctx->comp_methods,j);
654
655 if ((j != 0) && (comp == NULL))
656 {
657 al=SSL_AD_ILLEGAL_PARAMETER;
658 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
659 goto f_err;
660 }
661 else
662 {
663 s->s3->tmp.new_compression=comp;
664 }
665
666 if (p != (d+n))
667 {
668 /* wrong packet length */
669 al=SSL_AD_DECODE_ERROR;
670 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
671 goto err;
672 }
673
674 return(1);
675f_err:
676 ssl3_send_alert(s,SSL3_AL_FATAL,al);
677err:
678 return(-1);
679 }
680
681static int ssl3_get_server_certificate(SSL *s)
682 {
683 int al,i,ok,ret= -1;
684 unsigned long n,nc,llen,l;
685 X509 *x=NULL;
686 unsigned char *p,*d,*q;
687 STACK_OF(X509) *sk=NULL;
688 SESS_CERT *sc;
689 EVP_PKEY *pkey=NULL;
690
691 n=ssl3_get_message(s,
692 SSL3_ST_CR_CERT_A,
693 SSL3_ST_CR_CERT_B,
694 -1,
695#if defined(MSDOS) && !defined(WIN32)
696 1024*30, /* 30k max cert list :-) */
697#else
698 1024*100, /* 100k max cert list :-) */
699#endif
700 &ok);
701
702 if (!ok) return((int)n);
703
704 if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
705 {
706 s->s3->tmp.reuse_message=1;
707 return(1);
708 }
709
710 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
711 {
712 al=SSL_AD_UNEXPECTED_MESSAGE;
713 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
714 goto f_err;
715 }
716 d=p=(unsigned char *)s->init_buf->data;
717
718 if ((sk=sk_X509_new_null()) == NULL)
719 {
720 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
721 goto err;
722 }
723
724 n2l3(p,llen);
725 if (llen+3 != n)
726 {
727 al=SSL_AD_DECODE_ERROR;
728 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
729 goto f_err;
730 }
731 for (nc=0; nc<llen; )
732 {
733 n2l3(p,l);
734 if ((l+nc+3) > llen)
735 {
736 al=SSL_AD_DECODE_ERROR;
737 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
738 goto f_err;
739 }
740
741 q=p;
742 x=d2i_X509(NULL,&q,l);
743 if (x == NULL)
744 {
745 al=SSL_AD_BAD_CERTIFICATE;
746 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
747 goto f_err;
748 }
749 if (q != (p+l))
750 {
751 al=SSL_AD_DECODE_ERROR;
752 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
753 goto f_err;
754 }
755 if (!sk_X509_push(sk,x))
756 {
757 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
758 goto err;
759 }
760 x=NULL;
761 nc+=l+3;
762 p=q;
763 }
764
765 i=ssl_verify_cert_chain(s,sk);
766 if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
767 {
768 al=ssl_verify_alarm_type(s->verify_result);
769 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
770 goto f_err;
771 }
772 ERR_clear_error(); /* but we keep s->verify_result */
773
774 sc=ssl_sess_cert_new();
775 if (sc == NULL) goto err;
776
777 if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
778 s->session->sess_cert=sc;
779
780 sc->cert_chain=sk;
781 /* Inconsistency alert: cert_chain does include the peer's
782 * certificate, which we don't include in s3_srvr.c */
783 x=sk_X509_value(sk,0);
784 sk=NULL;
785
786 pkey=X509_get_pubkey(x);
787
788 if ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))
789 {
790 x=NULL;
791 al=SSL3_AL_FATAL;
792 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
793 goto f_err;
794 }
795
796 i=ssl_cert_type(x,pkey);
797 if (i < 0)
798 {
799 x=NULL;
800 al=SSL3_AL_FATAL;
801 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
802 goto f_err;
803 }
804
805 sc->peer_cert_type=i;
806 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
807 if (sc->peer_pkeys[i].x509 != NULL) /* Why would this ever happen?
808 * We just created sc a couple of
809 * lines ago. */
810 X509_free(sc->peer_pkeys[i].x509);
811 sc->peer_pkeys[i].x509=x;
812 sc->peer_key= &(sc->peer_pkeys[i]);
813
814 if (s->session->peer != NULL)
815 X509_free(s->session->peer);
816 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
817 s->session->peer=x;
818 s->session->verify_result = s->verify_result;
819
820 x=NULL;
821 ret=1;
822
823 if (0)
824 {
825f_err:
826 ssl3_send_alert(s,SSL3_AL_FATAL,al);
827 }
828err:
829 EVP_PKEY_free(pkey);
830 X509_free(x);
831 sk_X509_pop_free(sk,X509_free);
832 return(ret);
833 }
834
835static int ssl3_get_key_exchange(SSL *s)
836 {
837#ifndef NO_RSA
838 unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
839#endif
840 EVP_MD_CTX md_ctx;
841 unsigned char *param,*p;
842 int al,i,j,param_len,ok;
843 long n,alg;
844 EVP_PKEY *pkey=NULL;
845#ifndef NO_RSA
846 RSA *rsa=NULL;
847#endif
848#ifndef NO_DH
849 DH *dh=NULL;
850#endif
851
852 n=ssl3_get_message(s,
853 SSL3_ST_CR_KEY_EXCH_A,
854 SSL3_ST_CR_KEY_EXCH_B,
855 -1,
856 1024*8, /* ?? */
857 &ok);
858
859 if (!ok) return((int)n);
860
861 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
862 {
863 s->s3->tmp.reuse_message=1;
864 return(1);
865 }
866
867 param=p=(unsigned char *)s->init_buf->data;
868
869 if (s->session->sess_cert != NULL)
870 {
871#ifndef NO_RSA
872 if (s->session->sess_cert->peer_rsa_tmp != NULL)
873 {
874 RSA_free(s->session->sess_cert->peer_rsa_tmp);
875 s->session->sess_cert->peer_rsa_tmp=NULL;
876 }
877#endif
878#ifndef NO_DH
879 if (s->session->sess_cert->peer_dh_tmp)
880 {
881 DH_free(s->session->sess_cert->peer_dh_tmp);
882 s->session->sess_cert->peer_dh_tmp=NULL;
883 }
884#endif
885 }
886 else
887 {
888 s->session->sess_cert=ssl_sess_cert_new();
889 }
890
891 param_len=0;
892 alg=s->s3->tmp.new_cipher->algorithms;
893
894#ifndef NO_RSA
895 if (alg & SSL_kRSA)
896 {
897 if ((rsa=RSA_new()) == NULL)
898 {
899 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
900 goto err;
901 }
902 n2s(p,i);
903 param_len=i+2;
904 if (param_len > n)
905 {
906 al=SSL_AD_DECODE_ERROR;
907 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
908 goto f_err;
909 }
910 if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
911 {
912 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
913 goto err;
914 }
915 p+=i;
916
917 n2s(p,i);
918 param_len+=i+2;
919 if (param_len > n)
920 {
921 al=SSL_AD_DECODE_ERROR;
922 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
923 goto f_err;
924 }
925 if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
926 {
927 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
928 goto err;
929 }
930 p+=i;
931 n-=param_len;
932
933 /* this should be because we are using an export cipher */
934 if (alg & SSL_aRSA)
935 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
936 else
937 {
938 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
939 goto err;
940 }
941 s->session->sess_cert->peer_rsa_tmp=rsa;
942 rsa=NULL;
943 }
944#else /* NO_RSA */
945 if (0)
946 ;
947#endif
948#ifndef NO_DH
949 else if (alg & SSL_kEDH)
950 {
951 if ((dh=DH_new()) == NULL)
952 {
953 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
954 goto err;
955 }
956 n2s(p,i);
957 param_len=i+2;
958 if (param_len > n)
959 {
960 al=SSL_AD_DECODE_ERROR;
961 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
962 goto f_err;
963 }
964 if (!(dh->p=BN_bin2bn(p,i,NULL)))
965 {
966 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
967 goto err;
968 }
969 p+=i;
970
971 n2s(p,i);
972 param_len+=i+2;
973 if (param_len > n)
974 {
975 al=SSL_AD_DECODE_ERROR;
976 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
977 goto f_err;
978 }
979 if (!(dh->g=BN_bin2bn(p,i,NULL)))
980 {
981 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
982 goto err;
983 }
984 p+=i;
985
986 n2s(p,i);
987 param_len+=i+2;
988 if (param_len > n)
989 {
990 al=SSL_AD_DECODE_ERROR;
991 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
992 goto f_err;
993 }
994 if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
995 {
996 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
997 goto err;
998 }
999 p+=i;
1000 n-=param_len;
1001
1002#ifndef NO_RSA
1003 if (alg & SSL_aRSA)
1004 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1005#else
1006 if (0)
1007 ;
1008#endif
1009#ifndef NO_DSA
1010 else if (alg & SSL_aDSS)
1011 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
1012#endif
1013 /* else anonymous DH, so no certificate or pkey. */
1014
1015 s->session->sess_cert->peer_dh_tmp=dh;
1016 dh=NULL;
1017 }
1018 else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
1019 {
1020 al=SSL_AD_ILLEGAL_PARAMETER;
1021 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1022 goto f_err;
1023 }
1024#endif /* !NO_DH */
1025 if (alg & SSL_aFZA)
1026 {
1027 al=SSL_AD_HANDSHAKE_FAILURE;
1028 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1029 goto f_err;
1030 }
1031
1032
1033 /* p points to the next byte, there are 'n' bytes left */
1034
1035
1036 /* if it was signed, check the signature */
1037 if (pkey != NULL)
1038 {
1039 n2s(p,i);
1040 n-=2;
1041 j=EVP_PKEY_size(pkey);
1042
1043 if ((i != n) || (n > j) || (n <= 0))
1044 {
1045 /* wrong packet length */
1046 al=SSL_AD_DECODE_ERROR;
1047 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
1048 goto f_err;
1049 }
1050
1051#ifndef NO_RSA
1052 if (pkey->type == EVP_PKEY_RSA)
1053 {
1054 int num;
1055
1056 j=0;
1057 q=md_buf;
1058 for (num=2; num > 0; num--)
1059 {
1060 EVP_DigestInit(&md_ctx,(num == 2)
1061 ?s->ctx->md5:s->ctx->sha1);
1062 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1063 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1064 EVP_DigestUpdate(&md_ctx,param,param_len);
1065 EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i);
1066 q+=i;
1067 j+=i;
1068 }
1069 i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
1070 pkey->pkey.rsa);
1071 if (i < 0)
1072 {
1073 al=SSL_AD_DECRYPT_ERROR;
1074 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
1075 goto f_err;
1076 }
1077 if (i == 0)
1078 {
1079 /* bad signature */
1080 al=SSL_AD_DECRYPT_ERROR;
1081 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1082 goto f_err;
1083 }
1084 }
1085 else
1086#endif
1087#ifndef NO_DSA
1088 if (pkey->type == EVP_PKEY_DSA)
1089 {
1090 /* lets do DSS */
1091 EVP_VerifyInit(&md_ctx,EVP_dss1());
1092 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1093 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1094 EVP_VerifyUpdate(&md_ctx,param,param_len);
1095 if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
1096 {
1097 /* bad signature */
1098 al=SSL_AD_DECRYPT_ERROR;
1099 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1100 goto f_err;
1101 }
1102 }
1103 else
1104#endif
1105 {
1106 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
1107 goto err;
1108 }
1109 }
1110 else
1111 {
1112 /* still data left over */
1113 if (!(alg & SSL_aNULL))
1114 {
1115 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
1116 goto err;
1117 }
1118 if (n != 0)
1119 {
1120 al=SSL_AD_DECODE_ERROR;
1121 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
1122 goto f_err;
1123 }
1124 }
1125 EVP_PKEY_free(pkey);
1126 return(1);
1127f_err:
1128 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1129err:
1130 EVP_PKEY_free(pkey);
1131#ifndef NO_RSA
1132 if (rsa != NULL)
1133 RSA_free(rsa);
1134#endif
1135#ifndef NO_DH
1136 if (dh != NULL)
1137 DH_free(dh);
1138#endif
1139 return(-1);
1140 }
1141
1142static int ssl3_get_certificate_request(SSL *s)
1143 {
1144 int ok,ret=0;
1145 unsigned long n,nc,l;
1146 unsigned int llen,ctype_num,i;
1147 X509_NAME *xn=NULL;
1148 unsigned char *p,*d,*q;
1149 STACK_OF(X509_NAME) *ca_sk=NULL;
1150
1151 n=ssl3_get_message(s,
1152 SSL3_ST_CR_CERT_REQ_A,
1153 SSL3_ST_CR_CERT_REQ_B,
1154 -1,
1155#if defined(MSDOS) && !defined(WIN32)
1156 1024*30, /* 30k max cert list :-) */
1157#else
1158 1024*100, /* 100k max cert list :-) */
1159#endif
1160 &ok);
1161
1162 if (!ok) return((int)n);
1163
1164 s->s3->tmp.cert_req=0;
1165
1166 if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
1167 {
1168 s->s3->tmp.reuse_message=1;
1169 return(1);
1170 }
1171
1172 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
1173 {
1174 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1175 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
1176 goto err;
1177 }
1178
1179 /* TLS does not like anon-DH with client cert */
1180 if (s->version > SSL3_VERSION)
1181 {
1182 l=s->s3->tmp.new_cipher->algorithms;
1183 if (l & SSL_aNULL)
1184 {
1185 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1186 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1187 goto err;
1188 }
1189 }
1190
1191 d=p=(unsigned char *)s->init_buf->data;
1192
1193 if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
1194 {
1195 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1196 goto err;
1197 }
1198
1199 /* get the certificate types */
1200 ctype_num= *(p++);
1201 if (ctype_num > SSL3_CT_NUMBER)
1202 ctype_num=SSL3_CT_NUMBER;
1203 for (i=0; i<ctype_num; i++)
1204 s->s3->tmp.ctype[i]= p[i];
1205 p+=ctype_num;
1206
1207 /* get the CA RDNs */
1208 n2s(p,llen);
1209#if 0
1210{
1211FILE *out;
1212out=fopen("/tmp/vsign.der","w");
1213fwrite(p,1,llen,out);
1214fclose(out);
1215}
1216#endif
1217
1218 if ((llen+ctype_num+2+1) != n)
1219 {
1220 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1221 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
1222 goto err;
1223 }
1224
1225 for (nc=0; nc<llen; )
1226 {
1227 n2s(p,l);
1228 if ((l+nc+2) > llen)
1229 {
1230 if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1231 goto cont; /* netscape bugs */
1232 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1233 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
1234 goto err;
1235 }
1236
1237 q=p;
1238
1239 if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
1240 {
1241 /* If netscape tolerance is on, ignore errors */
1242 if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
1243 goto cont;
1244 else
1245 {
1246 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1247 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
1248 goto err;
1249 }
1250 }
1251
1252 if (q != (p+l))
1253 {
1254 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1255 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
1256 goto err;
1257 }
1258 if (!sk_X509_NAME_push(ca_sk,xn))
1259 {
1260 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1261 goto err;
1262 }
1263
1264 p+=l;
1265 nc+=l+2;
1266 }
1267
1268 if (0)
1269 {
1270cont:
1271 ERR_clear_error();
1272 }
1273
1274 /* we should setup a certificate to return.... */
1275 s->s3->tmp.cert_req=1;
1276 s->s3->tmp.ctype_num=ctype_num;
1277 if (s->s3->tmp.ca_names != NULL)
1278 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1279 s->s3->tmp.ca_names=ca_sk;
1280 ca_sk=NULL;
1281
1282 ret=1;
1283err:
1284 if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
1285 return(ret);
1286 }
1287
1288static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
1289 {
1290 return(X509_NAME_cmp(*a,*b));
1291 }
1292
1293static int ssl3_get_server_done(SSL *s)
1294 {
1295 int ok,ret=0;
1296 long n;
1297
1298 n=ssl3_get_message(s,
1299 SSL3_ST_CR_SRVR_DONE_A,
1300 SSL3_ST_CR_SRVR_DONE_B,
1301 SSL3_MT_SERVER_DONE,
1302 30, /* should be very small, like 0 :-) */
1303 &ok);
1304
1305 if (!ok) return((int)n);
1306 if (n > 0)
1307 {
1308 /* should contain no data */
1309 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1310 SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
1311 }
1312 ret=1;
1313 return(ret);
1314 }
1315
1316static int ssl3_send_client_key_exchange(SSL *s)
1317 {
1318 unsigned char *p,*d;
1319 int n;
1320 unsigned long l;
1321#ifndef NO_RSA
1322 unsigned char *q;
1323 EVP_PKEY *pkey=NULL;
1324#endif
1325
1326 if (s->state == SSL3_ST_CW_KEY_EXCH_A)
1327 {
1328 d=(unsigned char *)s->init_buf->data;
1329 p= &(d[4]);
1330
1331 l=s->s3->tmp.new_cipher->algorithms;
1332
1333#ifndef NO_RSA
1334 if (l & SSL_kRSA)
1335 {
1336 RSA *rsa;
1337 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
1338
1339 if (s->session->sess_cert->peer_rsa_tmp != NULL)
1340 rsa=s->session->sess_cert->peer_rsa_tmp;
1341 else
1342 {
1343 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1344 if ((pkey == NULL) ||
1345 (pkey->type != EVP_PKEY_RSA) ||
1346 (pkey->pkey.rsa == NULL))
1347 {
1348 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
1349 goto err;
1350 }
1351 rsa=pkey->pkey.rsa;
1352 EVP_PKEY_free(pkey);
1353 }
1354
1355 tmp_buf[0]=s->client_version>>8;
1356 tmp_buf[1]=s->client_version&0xff;
1357 if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)
1358 goto err;
1359
1360 s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
1361
1362 q=p;
1363 /* Fix buf for TLS and beyond */
1364 if (s->version > SSL3_VERSION)
1365 p+=2;
1366 n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
1367 tmp_buf,p,rsa,RSA_PKCS1_PADDING);
1368#ifdef PKCS1_CHECK
1369 if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
1370 if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
1371#endif
1372 if (n <= 0)
1373 {
1374 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
1375 goto err;
1376 }
1377
1378 /* Fix buf for TLS and beyond */
1379 if (s->version > SSL3_VERSION)
1380 {
1381 s2n(n,q);
1382 n+=2;
1383 }
1384
1385 s->session->master_key_length=
1386 s->method->ssl3_enc->generate_master_secret(s,
1387 s->session->master_key,
1388 tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
1389 memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
1390 }
1391 else
1392#endif
1393#ifndef NO_DH
1394 if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1395 {
1396 DH *dh_srvr,*dh_clnt;
1397
1398 if (s->session->sess_cert->peer_dh_tmp != NULL)
1399 dh_srvr=s->session->sess_cert->peer_dh_tmp;
1400 else
1401 {
1402 /* we get them from the cert */
1403 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1404 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
1405 goto err;
1406 }
1407
1408 /* generate a new random key */
1409 if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
1410 {
1411 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1412 goto err;
1413 }
1414 if (!DH_generate_key(dh_clnt))
1415 {
1416 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1417 goto err;
1418 }
1419
1420 /* use the 'p' output buffer for the DH key, but
1421 * make sure to clear it out afterwards */
1422
1423 n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
1424
1425 if (n <= 0)
1426 {
1427 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1428 goto err;
1429 }
1430
1431 /* generate master key from the result */
1432 s->session->master_key_length=
1433 s->method->ssl3_enc->generate_master_secret(s,
1434 s->session->master_key,p,n);
1435 /* clean up */
1436 memset(p,0,n);
1437
1438 /* send off the data */
1439 n=BN_num_bytes(dh_clnt->pub_key);
1440 s2n(n,p);
1441 BN_bn2bin(dh_clnt->pub_key,p);
1442 n+=2;
1443
1444 DH_free(dh_clnt);
1445
1446 /* perhaps clean things up a bit EAY EAY EAY EAY*/
1447 }
1448 else
1449#endif
1450 {
1451 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1452 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
1453 goto err;
1454 }
1455
1456 *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
1457 l2n3(n,d);
1458
1459 s->state=SSL3_ST_CW_KEY_EXCH_B;
1460 /* number of bytes to write */
1461 s->init_num=n+4;
1462 s->init_off=0;
1463 }
1464
1465 /* SSL3_ST_CW_KEY_EXCH_B */
1466 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1467err:
1468 return(-1);
1469 }
1470
1471static int ssl3_send_client_verify(SSL *s)
1472 {
1473 unsigned char *p,*d;
1474 unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
1475 EVP_PKEY *pkey;
1476#ifndef NO_RSA
1477 unsigned u=0;
1478#endif
1479 unsigned long n;
1480#ifndef NO_DSA
1481 int j;
1482#endif
1483
1484 if (s->state == SSL3_ST_CW_CERT_VRFY_A)
1485 {
1486 d=(unsigned char *)s->init_buf->data;
1487 p= &(d[4]);
1488 pkey=s->cert->key->privatekey;
1489
1490 s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
1491 &(data[MD5_DIGEST_LENGTH]));
1492
1493#ifndef NO_RSA
1494 if (pkey->type == EVP_PKEY_RSA)
1495 {
1496 s->method->ssl3_enc->cert_verify_mac(s,
1497 &(s->s3->finish_dgst1),&(data[0]));
1498 if (RSA_sign(NID_md5_sha1, data,
1499 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1500 &(p[2]), &u, pkey->pkey.rsa) <= 0 )
1501 {
1502 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
1503 goto err;
1504 }
1505 s2n(u,p);
1506 n=u+2;
1507 }
1508 else
1509#endif
1510#ifndef NO_DSA
1511 if (pkey->type == EVP_PKEY_DSA)
1512 {
1513 if (!DSA_sign(pkey->save_type,
1514 &(data[MD5_DIGEST_LENGTH]),
1515 SHA_DIGEST_LENGTH,&(p[2]),
1516 (unsigned int *)&j,pkey->pkey.dsa))
1517 {
1518 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
1519 goto err;
1520 }
1521 s2n(j,p);
1522 n=j+2;
1523 }
1524 else
1525#endif
1526 {
1527 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR);
1528 goto err;
1529 }
1530 *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
1531 l2n3(n,d);
1532
1533 s->init_num=(int)n+4;
1534 s->init_off=0;
1535 }
1536 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1537err:
1538 return(-1);
1539 }
1540
1541static int ssl3_send_client_certificate(SSL *s)
1542 {
1543 X509 *x509=NULL;
1544 EVP_PKEY *pkey=NULL;
1545 int i;
1546 unsigned long l;
1547
1548 if (s->state == SSL3_ST_CW_CERT_A)
1549 {
1550 if ((s->cert == NULL) ||
1551 (s->cert->key->x509 == NULL) ||
1552 (s->cert->key->privatekey == NULL))
1553 s->state=SSL3_ST_CW_CERT_B;
1554 else
1555 s->state=SSL3_ST_CW_CERT_C;
1556 }
1557
1558 /* We need to get a client cert */
1559 if (s->state == SSL3_ST_CW_CERT_B)
1560 {
1561 /* If we get an error, we need to
1562 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
1563 * We then get retied later */
1564 i=0;
1565 if (s->ctx->client_cert_cb != NULL)
1566 i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
1567 if (i < 0)
1568 {
1569 s->rwstate=SSL_X509_LOOKUP;
1570 return(-1);
1571 }
1572 s->rwstate=SSL_NOTHING;
1573 if ((i == 1) && (pkey != NULL) && (x509 != NULL))
1574 {
1575 s->state=SSL3_ST_CW_CERT_B;
1576 if ( !SSL_use_certificate(s,x509) ||
1577 !SSL_use_PrivateKey(s,pkey))
1578 i=0;
1579 }
1580 else if (i == 1)
1581 {
1582 i=0;
1583 SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
1584 }
1585
1586 if (x509 != NULL) X509_free(x509);
1587 if (pkey != NULL) EVP_PKEY_free(pkey);
1588 if (i == 0)
1589 {
1590 if (s->version == SSL3_VERSION)
1591 {
1592 s->s3->tmp.cert_req=0;
1593 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
1594 return(1);
1595 }
1596 else
1597 {
1598 s->s3->tmp.cert_req=2;
1599 }
1600 }
1601
1602 /* Ok, we have a cert */
1603 s->state=SSL3_ST_CW_CERT_C;
1604 }
1605
1606 if (s->state == SSL3_ST_CW_CERT_C)
1607 {
1608 s->state=SSL3_ST_CW_CERT_D;
1609 l=ssl3_output_cert_chain(s,
1610 (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
1611 s->init_num=(int)l;
1612 s->init_off=0;
1613 }
1614 /* SSL3_ST_CW_CERT_D */
1615 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1616 }
1617
1618#define has_bits(i,m) (((i)&(m)) == (m))
1619
1620static int ssl3_check_cert_and_algorithm(SSL *s)
1621 {
1622 int i,idx;
1623 long algs;
1624 EVP_PKEY *pkey=NULL;
1625 SESS_CERT *sc;
1626#ifndef NO_RSA
1627 RSA *rsa;
1628#endif
1629#ifndef NO_DH
1630 DH *dh;
1631#endif
1632
1633 sc=s->session->sess_cert;
1634
1635 if (sc == NULL)
1636 {
1637 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR);
1638 goto err;
1639 }
1640
1641 algs=s->s3->tmp.new_cipher->algorithms;
1642
1643 /* we don't have a certificate */
1644 if (algs & (SSL_aDH|SSL_aNULL))
1645 return(1);
1646
1647#ifndef NO_RSA
1648 rsa=s->session->sess_cert->peer_rsa_tmp;
1649#endif
1650#ifndef NO_DH
1651 dh=s->session->sess_cert->peer_dh_tmp;
1652#endif
1653
1654 /* This is the passed certificate */
1655
1656 idx=sc->peer_cert_type;
1657 pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
1658 i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
1659 EVP_PKEY_free(pkey);
1660
1661
1662 /* Check that we have a certificate if we require one */
1663 if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
1664 {
1665 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
1666 goto f_err;
1667 }
1668#ifndef NO_DSA
1669 else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
1670 {
1671 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
1672 goto f_err;
1673 }
1674#endif
1675#ifndef NO_RSA
1676 if ((algs & SSL_kRSA) &&
1677 !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
1678 {
1679 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
1680 goto f_err;
1681 }
1682#endif
1683#ifndef NO_DH
1684 if ((algs & SSL_kEDH) &&
1685 !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
1686 {
1687 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
1688 goto f_err;
1689 }
1690 else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
1691 {
1692 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
1693 goto f_err;
1694 }
1695#ifndef NO_DSA
1696 else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
1697 {
1698 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
1699 goto f_err;
1700 }
1701#endif
1702#endif
1703
1704 if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
1705 {
1706#ifndef NO_RSA
1707 if (algs & SSL_kRSA)
1708 {
1709 if (rsa == NULL
1710 || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
1711 {
1712 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
1713 goto f_err;
1714 }
1715 }
1716 else
1717#endif
1718#ifndef NO_DH
1719 if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1720 {
1721 if (dh == NULL
1722 || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
1723 {
1724 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
1725 goto f_err;
1726 }
1727 }
1728 else
1729#endif
1730 {
1731 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1732 goto f_err;
1733 }
1734 }
1735 return(1);
1736f_err:
1737 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1738err:
1739 return(0);
1740 }
1741
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
deleted file mode 100644
index c32c06de32..0000000000
--- a/src/lib/libssl/s3_lib.c
+++ /dev/null
@@ -1,1379 +0,0 @@
1/* ssl/s3_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/md5.h>
114#include <openssl/sha.h>
115#include <openssl/objects.h>
116#include "ssl_locl.h"
117
118const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
119
120#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
121
122static long ssl3_default_timeout(void );
123
124OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
125/* The RSA ciphers */
126/* Cipher 01 */
127 {
128 1,
129 SSL3_TXT_RSA_NULL_MD5,
130 SSL3_CK_RSA_NULL_MD5,
131 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
132 SSL_NOT_EXP,
133 0,
134 0,
135 0,
136 SSL_ALL_CIPHERS,
137 SSL_ALL_STRENGTHS,
138 },
139/* Cipher 02 */
140 {
141 1,
142 SSL3_TXT_RSA_NULL_SHA,
143 SSL3_CK_RSA_NULL_SHA,
144 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
145 SSL_NOT_EXP,
146 0,
147 0,
148 0,
149 SSL_ALL_CIPHERS,
150 SSL_ALL_STRENGTHS,
151 },
152
153/* anon DH */
154/* Cipher 17 */
155 {
156 1,
157 SSL3_TXT_ADH_RC4_40_MD5,
158 SSL3_CK_ADH_RC4_40_MD5,
159 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
160 SSL_EXPORT|SSL_EXP40,
161 0,
162 40,
163 128,
164 SSL_ALL_CIPHERS,
165 SSL_ALL_STRENGTHS,
166 },
167/* Cipher 18 */
168 {
169 1,
170 SSL3_TXT_ADH_RC4_128_MD5,
171 SSL3_CK_ADH_RC4_128_MD5,
172 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
173 SSL_NOT_EXP,
174 0,
175 128,
176 128,
177 SSL_ALL_CIPHERS,
178 SSL_ALL_STRENGTHS,
179 },
180/* Cipher 19 */
181 {
182 1,
183 SSL3_TXT_ADH_DES_40_CBC_SHA,
184 SSL3_CK_ADH_DES_40_CBC_SHA,
185 SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
186 SSL_EXPORT|SSL_EXP40,
187 0,
188 40,
189 128,
190 SSL_ALL_CIPHERS,
191 SSL_ALL_STRENGTHS,
192 },
193/* Cipher 1A */
194 {
195 1,
196 SSL3_TXT_ADH_DES_64_CBC_SHA,
197 SSL3_CK_ADH_DES_64_CBC_SHA,
198 SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3,
199 SSL_NOT_EXP,
200 0,
201 56,
202 56,
203 SSL_ALL_CIPHERS,
204 SSL_ALL_STRENGTHS,
205 },
206/* Cipher 1B */
207 {
208 1,
209 SSL3_TXT_ADH_DES_192_CBC_SHA,
210 SSL3_CK_ADH_DES_192_CBC_SHA,
211 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
212 SSL_NOT_EXP,
213 0,
214 168,
215 168,
216 SSL_ALL_CIPHERS,
217 SSL_ALL_STRENGTHS,
218 },
219
220/* RSA again */
221/* Cipher 03 */
222 {
223 1,
224 SSL3_TXT_RSA_RC4_40_MD5,
225 SSL3_CK_RSA_RC4_40_MD5,
226 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
227 SSL_EXPORT|SSL_EXP40,
228 0,
229 40,
230 128,
231 SSL_ALL_CIPHERS,
232 SSL_ALL_STRENGTHS,
233 },
234/* Cipher 04 */
235 {
236 1,
237 SSL3_TXT_RSA_RC4_128_MD5,
238 SSL3_CK_RSA_RC4_128_MD5,
239 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_SSLV3,
240 SSL_NOT_EXP|SSL_MEDIUM,
241 0,
242 128,
243 128,
244 SSL_ALL_CIPHERS,
245 SSL_ALL_STRENGTHS,
246 },
247/* Cipher 05 */
248 {
249 1,
250 SSL3_TXT_RSA_RC4_128_SHA,
251 SSL3_CK_RSA_RC4_128_SHA,
252 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_SSLV3,
253 SSL_NOT_EXP|SSL_MEDIUM,
254 0,
255 128,
256 128,
257 SSL_ALL_CIPHERS,
258 SSL_ALL_STRENGTHS,
259 },
260/* Cipher 06 */
261 {
262 1,
263 SSL3_TXT_RSA_RC2_40_MD5,
264 SSL3_CK_RSA_RC2_40_MD5,
265 SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_SSLV3,
266 SSL_EXPORT|SSL_EXP40,
267 0,
268 40,
269 128,
270 SSL_ALL_CIPHERS,
271 SSL_ALL_STRENGTHS,
272 },
273/* Cipher 07 */
274 {
275 1,
276 SSL3_TXT_RSA_IDEA_128_SHA,
277 SSL3_CK_RSA_IDEA_128_SHA,
278 SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
279 SSL_NOT_EXP|SSL_MEDIUM,
280 0,
281 128,
282 128,
283 SSL_ALL_CIPHERS,
284 SSL_ALL_STRENGTHS,
285 },
286/* Cipher 08 */
287 {
288 1,
289 SSL3_TXT_RSA_DES_40_CBC_SHA,
290 SSL3_CK_RSA_DES_40_CBC_SHA,
291 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
292 SSL_EXPORT|SSL_EXP40,
293 0,
294 40,
295 56,
296 SSL_ALL_CIPHERS,
297 SSL_ALL_STRENGTHS,
298 },
299/* Cipher 09 */
300 {
301 1,
302 SSL3_TXT_RSA_DES_64_CBC_SHA,
303 SSL3_CK_RSA_DES_64_CBC_SHA,
304 SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
305 SSL_NOT_EXP|SSL_LOW,
306 0,
307 56,
308 56,
309 SSL_ALL_CIPHERS,
310 SSL_ALL_STRENGTHS,
311 },
312/* Cipher 0A */
313 {
314 1,
315 SSL3_TXT_RSA_DES_192_CBC3_SHA,
316 SSL3_CK_RSA_DES_192_CBC3_SHA,
317 SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
318 SSL_NOT_EXP|SSL_HIGH,
319 0,
320 168,
321 168,
322 SSL_ALL_CIPHERS,
323 SSL_ALL_STRENGTHS,
324 },
325
326/* The DH ciphers */
327/* Cipher 0B */
328 {
329 0,
330 SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
331 SSL3_CK_DH_DSS_DES_40_CBC_SHA,
332 SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
333 SSL_EXPORT|SSL_EXP40,
334 0,
335 40,
336 56,
337 SSL_ALL_CIPHERS,
338 SSL_ALL_STRENGTHS,
339 },
340/* Cipher 0C */
341 {
342 0,
343 SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
344 SSL3_CK_DH_DSS_DES_64_CBC_SHA,
345 SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
346 SSL_NOT_EXP|SSL_LOW,
347 0,
348 56,
349 56,
350 SSL_ALL_CIPHERS,
351 SSL_ALL_STRENGTHS,
352 },
353/* Cipher 0D */
354 {
355 0,
356 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
357 SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
358 SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
359 SSL_NOT_EXP|SSL_HIGH,
360 0,
361 168,
362 168,
363 SSL_ALL_CIPHERS,
364 SSL_ALL_STRENGTHS,
365 },
366/* Cipher 0E */
367 {
368 0,
369 SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
370 SSL3_CK_DH_RSA_DES_40_CBC_SHA,
371 SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
372 SSL_EXPORT|SSL_EXP40,
373 0,
374 40,
375 56,
376 SSL_ALL_CIPHERS,
377 SSL_ALL_STRENGTHS,
378 },
379/* Cipher 0F */
380 {
381 0,
382 SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
383 SSL3_CK_DH_RSA_DES_64_CBC_SHA,
384 SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
385 SSL_NOT_EXP|SSL_LOW,
386 0,
387 56,
388 56,
389 SSL_ALL_CIPHERS,
390 SSL_ALL_STRENGTHS,
391 },
392/* Cipher 10 */
393 {
394 0,
395 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
396 SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
397 SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
398 SSL_NOT_EXP|SSL_HIGH,
399 0,
400 168,
401 168,
402 SSL_ALL_CIPHERS,
403 SSL_ALL_STRENGTHS,
404 },
405
406/* The Ephemeral DH ciphers */
407/* Cipher 11 */
408 {
409 1,
410 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
411 SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
412 SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
413 SSL_EXPORT|SSL_EXP40,
414 0,
415 40,
416 56,
417 SSL_ALL_CIPHERS,
418 SSL_ALL_STRENGTHS,
419 },
420/* Cipher 12 */
421 {
422 1,
423 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
424 SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
425 SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3,
426 SSL_NOT_EXP|SSL_LOW,
427 0,
428 56,
429 56,
430 SSL_ALL_CIPHERS,
431 SSL_ALL_STRENGTHS,
432 },
433/* Cipher 13 */
434 {
435 1,
436 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
437 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
438 SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
439 SSL_NOT_EXP|SSL_HIGH,
440 0,
441 168,
442 168,
443 SSL_ALL_CIPHERS,
444 SSL_ALL_STRENGTHS,
445 },
446/* Cipher 14 */
447 {
448 1,
449 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
450 SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
451 SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
452 SSL_EXPORT|SSL_EXP40,
453 0,
454 40,
455 56,
456 SSL_ALL_CIPHERS,
457 SSL_ALL_STRENGTHS,
458 },
459/* Cipher 15 */
460 {
461 1,
462 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
463 SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
464 SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
465 SSL_NOT_EXP|SSL_LOW,
466 0,
467 56,
468 56,
469 SSL_ALL_CIPHERS,
470 SSL_ALL_STRENGTHS,
471 },
472/* Cipher 16 */
473 {
474 1,
475 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
476 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
477 SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
478 SSL_NOT_EXP|SSL_HIGH,
479 0,
480 168,
481 168,
482 SSL_ALL_CIPHERS,
483 SSL_ALL_STRENGTHS,
484 },
485
486/* Fortezza */
487/* Cipher 1C */
488 {
489 0,
490 SSL3_TXT_FZA_DMS_NULL_SHA,
491 SSL3_CK_FZA_DMS_NULL_SHA,
492 SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
493 SSL_NOT_EXP,
494 0,
495 0,
496 0,
497 SSL_ALL_CIPHERS,
498 SSL_ALL_STRENGTHS,
499 },
500
501/* Cipher 1D */
502 {
503 0,
504 SSL3_TXT_FZA_DMS_FZA_SHA,
505 SSL3_CK_FZA_DMS_FZA_SHA,
506 SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
507 SSL_NOT_EXP,
508 0,
509 0,
510 0,
511 SSL_ALL_CIPHERS,
512 SSL_ALL_STRENGTHS,
513 },
514
515/* Cipher 1E */
516 {
517 0,
518 SSL3_TXT_FZA_DMS_RC4_SHA,
519 SSL3_CK_FZA_DMS_RC4_SHA,
520 SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3,
521 SSL_NOT_EXP,
522 0,
523 128,
524 128,
525 SSL_ALL_CIPHERS,
526 SSL_ALL_STRENGTHS,
527 },
528
529#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
530 /* New TLS Export CipherSuites */
531 /* Cipher 60 */
532 {
533 1,
534 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
535 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
536 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
537 SSL_EXPORT|SSL_EXP56,
538 0,
539 56,
540 128,
541 SSL_ALL_CIPHERS,
542 SSL_ALL_STRENGTHS,
543 },
544 /* Cipher 61 */
545 {
546 1,
547 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
548 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
549 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
550 SSL_EXPORT|SSL_EXP56,
551 0,
552 56,
553 128,
554 SSL_ALL_CIPHERS,
555 SSL_ALL_STRENGTHS,
556 },
557 /* Cipher 62 */
558 {
559 1,
560 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
561 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
562 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
563 SSL_EXPORT|SSL_EXP56,
564 0,
565 56,
566 56,
567 SSL_ALL_CIPHERS,
568 SSL_ALL_STRENGTHS,
569 },
570 /* Cipher 63 */
571 {
572 1,
573 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
574 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
575 SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
576 SSL_EXPORT|SSL_EXP56,
577 0,
578 56,
579 56,
580 SSL_ALL_CIPHERS,
581 SSL_ALL_STRENGTHS,
582 },
583 /* Cipher 64 */
584 {
585 1,
586 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
587 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
588 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
589 SSL_EXPORT|SSL_EXP56,
590 0,
591 56,
592 128,
593 SSL_ALL_CIPHERS,
594 SSL_ALL_STRENGTHS,
595 },
596 /* Cipher 65 */
597 {
598 1,
599 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
600 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
601 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
602 SSL_EXPORT|SSL_EXP56,
603 0,
604 56,
605 128,
606 SSL_ALL_CIPHERS,
607 SSL_ALL_STRENGTHS,
608 },
609 /* Cipher 66 */
610 {
611 1,
612 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
613 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
614 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
615 SSL_NOT_EXP,
616 0,
617 128,
618 128,
619 SSL_ALL_CIPHERS,
620 SSL_ALL_STRENGTHS
621 },
622#endif
623
624/* end of list */
625 };
626
627static SSL3_ENC_METHOD SSLv3_enc_data={
628 ssl3_enc,
629 ssl3_mac,
630 ssl3_setup_key_block,
631 ssl3_generate_master_secret,
632 ssl3_change_cipher_state,
633 ssl3_final_finish_mac,
634 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
635 ssl3_cert_verify_mac,
636 SSL3_MD_CLIENT_FINISHED_CONST,4,
637 SSL3_MD_SERVER_FINISHED_CONST,4,
638 ssl3_alert_code,
639 };
640
641static SSL_METHOD SSLv3_data= {
642 SSL3_VERSION,
643 ssl3_new,
644 ssl3_clear,
645 ssl3_free,
646 ssl_undefined_function,
647 ssl_undefined_function,
648 ssl3_read,
649 ssl3_peek,
650 ssl3_write,
651 ssl3_shutdown,
652 ssl3_renegotiate,
653 ssl3_renegotiate_check,
654 ssl3_ctrl,
655 ssl3_ctx_ctrl,
656 ssl3_get_cipher_by_char,
657 ssl3_put_cipher_by_char,
658 ssl3_pending,
659 ssl3_num_ciphers,
660 ssl3_get_cipher,
661 ssl_bad_method,
662 ssl3_default_timeout,
663 &SSLv3_enc_data,
664 ssl_undefined_function,
665 ssl3_callback_ctrl,
666 ssl3_ctx_callback_ctrl,
667 };
668
669static long ssl3_default_timeout(void)
670 {
671 /* 2 hours, the 24 hours mentioned in the SSLv3 spec
672 * is way too long for http, the cache would over fill */
673 return(60*60*2);
674 }
675
676SSL_METHOD *sslv3_base_method(void)
677 {
678 return(&SSLv3_data);
679 }
680
681int ssl3_num_ciphers(void)
682 {
683 return(SSL3_NUM_CIPHERS);
684 }
685
686SSL_CIPHER *ssl3_get_cipher(unsigned int u)
687 {
688 if (u < SSL3_NUM_CIPHERS)
689 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
690 else
691 return(NULL);
692 }
693
694int ssl3_pending(SSL *s)
695 {
696 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
697 }
698
699int ssl3_new(SSL *s)
700 {
701 SSL3_STATE *s3;
702
703 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
704 memset(s3,0,sizeof *s3);
705
706 s->s3=s3;
707
708 s->method->ssl_clear(s);
709 return(1);
710err:
711 return(0);
712 }
713
714void ssl3_free(SSL *s)
715 {
716 if(s == NULL)
717 return;
718
719 ssl3_cleanup_key_block(s);
720 if (s->s3->rbuf.buf != NULL)
721 OPENSSL_free(s->s3->rbuf.buf);
722 if (s->s3->wbuf.buf != NULL)
723 OPENSSL_free(s->s3->wbuf.buf);
724 if (s->s3->rrec.comp != NULL)
725 OPENSSL_free(s->s3->rrec.comp);
726#ifndef NO_DH
727 if (s->s3->tmp.dh != NULL)
728 DH_free(s->s3->tmp.dh);
729#endif
730 if (s->s3->tmp.ca_names != NULL)
731 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
732 memset(s->s3,0,sizeof *s->s3);
733 OPENSSL_free(s->s3);
734 s->s3=NULL;
735 }
736
737void ssl3_clear(SSL *s)
738 {
739 unsigned char *rp,*wp;
740
741 ssl3_cleanup_key_block(s);
742 if (s->s3->tmp.ca_names != NULL)
743 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
744
745 if (s->s3->rrec.comp != NULL)
746 {
747 OPENSSL_free(s->s3->rrec.comp);
748 s->s3->rrec.comp=NULL;
749 }
750#ifndef NO_DH
751 if (s->s3->tmp.dh != NULL)
752 DH_free(s->s3->tmp.dh);
753#endif
754
755 rp=s->s3->rbuf.buf;
756 wp=s->s3->wbuf.buf;
757
758 memset(s->s3,0,sizeof *s->s3);
759 if (rp != NULL) s->s3->rbuf.buf=rp;
760 if (wp != NULL) s->s3->wbuf.buf=wp;
761
762 ssl_free_wbio_buffer(s);
763
764 s->packet_length=0;
765 s->s3->renegotiate=0;
766 s->s3->total_renegotiations=0;
767 s->s3->num_renegotiations=0;
768 s->s3->in_read_app_data=0;
769 s->version=SSL3_VERSION;
770 }
771
772long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
773 {
774 int ret=0;
775
776#if !defined(NO_DSA) || !defined(NO_RSA)
777 if (
778#ifndef NO_RSA
779 cmd == SSL_CTRL_SET_TMP_RSA ||
780 cmd == SSL_CTRL_SET_TMP_RSA_CB ||
781#endif
782#ifndef NO_DSA
783 cmd == SSL_CTRL_SET_TMP_DH ||
784 cmd == SSL_CTRL_SET_TMP_DH_CB ||
785#endif
786 0)
787 {
788 if (!ssl_cert_inst(&s->cert))
789 {
790 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
791 return(0);
792 }
793 }
794#endif
795
796 switch (cmd)
797 {
798 case SSL_CTRL_GET_SESSION_REUSED:
799 ret=s->hit;
800 break;
801 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
802 break;
803 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
804 ret=s->s3->num_renegotiations;
805 break;
806 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
807 ret=s->s3->num_renegotiations;
808 s->s3->num_renegotiations=0;
809 break;
810 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
811 ret=s->s3->total_renegotiations;
812 break;
813 case SSL_CTRL_GET_FLAGS:
814 ret=(int)(s->s3->flags);
815 break;
816#ifndef NO_RSA
817 case SSL_CTRL_NEED_TMP_RSA:
818 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
819 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
820 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
821 ret = 1;
822 break;
823 case SSL_CTRL_SET_TMP_RSA:
824 {
825 RSA *rsa = (RSA *)parg;
826 if (rsa == NULL)
827 {
828 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
829 return(ret);
830 }
831 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
832 {
833 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
834 return(ret);
835 }
836 if (s->cert->rsa_tmp != NULL)
837 RSA_free(s->cert->rsa_tmp);
838 s->cert->rsa_tmp = rsa;
839 ret = 1;
840 }
841 break;
842 case SSL_CTRL_SET_TMP_RSA_CB:
843 {
844 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
845 return(ret);
846 }
847 break;
848#endif
849#ifndef NO_DH
850 case SSL_CTRL_SET_TMP_DH:
851 {
852 DH *dh = (DH *)parg;
853 if (dh == NULL)
854 {
855 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
856 return(ret);
857 }
858 if ((dh = DHparams_dup(dh)) == NULL)
859 {
860 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
861 return(ret);
862 }
863 if (!(s->options & SSL_OP_SINGLE_DH_USE))
864 {
865 if (!DH_generate_key(dh))
866 {
867 DH_free(dh);
868 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
869 return(ret);
870 }
871 }
872 if (s->cert->dh_tmp != NULL)
873 DH_free(s->cert->dh_tmp);
874 s->cert->dh_tmp = dh;
875 ret = 1;
876 }
877 break;
878 case SSL_CTRL_SET_TMP_DH_CB:
879 {
880 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
881 return(ret);
882 }
883 break;
884#endif
885 default:
886 break;
887 }
888 return(ret);
889 }
890
891long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
892 {
893 int ret=0;
894
895#if !defined(NO_DSA) || !defined(NO_RSA)
896 if (
897#ifndef NO_RSA
898 cmd == SSL_CTRL_SET_TMP_RSA_CB ||
899#endif
900#ifndef NO_DSA
901 cmd == SSL_CTRL_SET_TMP_DH_CB ||
902#endif
903 0)
904 {
905 if (!ssl_cert_inst(&s->cert))
906 {
907 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
908 return(0);
909 }
910 }
911#endif
912
913 switch (cmd)
914 {
915#ifndef NO_RSA
916 case SSL_CTRL_SET_TMP_RSA_CB:
917 {
918 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
919 }
920 break;
921#endif
922#ifndef NO_DH
923 case SSL_CTRL_SET_TMP_DH_CB:
924 {
925 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
926 }
927 break;
928#endif
929 default:
930 break;
931 }
932 return(ret);
933 }
934
935long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
936 {
937 CERT *cert;
938
939 cert=ctx->cert;
940
941 switch (cmd)
942 {
943#ifndef NO_RSA
944 case SSL_CTRL_NEED_TMP_RSA:
945 if ( (cert->rsa_tmp == NULL) &&
946 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
947 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
948 )
949 return(1);
950 else
951 return(0);
952 /* break; */
953 case SSL_CTRL_SET_TMP_RSA:
954 {
955 RSA *rsa;
956 int i;
957
958 rsa=(RSA *)parg;
959 i=1;
960 if (rsa == NULL)
961 i=0;
962 else
963 {
964 if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
965 i=0;
966 }
967 if (!i)
968 {
969 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
970 return(0);
971 }
972 else
973 {
974 if (cert->rsa_tmp != NULL)
975 RSA_free(cert->rsa_tmp);
976 cert->rsa_tmp=rsa;
977 return(1);
978 }
979 }
980 /* break; */
981 case SSL_CTRL_SET_TMP_RSA_CB:
982 {
983 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
984 return(0);
985 }
986 break;
987#endif
988#ifndef NO_DH
989 case SSL_CTRL_SET_TMP_DH:
990 {
991 DH *new=NULL,*dh;
992
993 dh=(DH *)parg;
994 if ((new=DHparams_dup(dh)) == NULL)
995 {
996 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
997 return 0;
998 }
999 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1000 {
1001 if (!DH_generate_key(new))
1002 {
1003 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1004 DH_free(new);
1005 return 0;
1006 }
1007 }
1008 if (cert->dh_tmp != NULL)
1009 DH_free(cert->dh_tmp);
1010 cert->dh_tmp=new;
1011 return 1;
1012 }
1013 /*break; */
1014 case SSL_CTRL_SET_TMP_DH_CB:
1015 {
1016 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1017 return(0);
1018 }
1019 break;
1020#endif
1021 /* A Thawte special :-) */
1022 case SSL_CTRL_EXTRA_CHAIN_CERT:
1023 if (ctx->extra_certs == NULL)
1024 {
1025 if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1026 return(0);
1027 }
1028 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1029 break;
1030
1031 default:
1032 return(0);
1033 }
1034 return(1);
1035 }
1036
1037long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1038 {
1039 CERT *cert;
1040
1041 cert=ctx->cert;
1042
1043 switch (cmd)
1044 {
1045#ifndef NO_RSA
1046 case SSL_CTRL_SET_TMP_RSA_CB:
1047 {
1048 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1049 }
1050 break;
1051#endif
1052#ifndef NO_DH
1053 case SSL_CTRL_SET_TMP_DH_CB:
1054 {
1055 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1056 }
1057 break;
1058#endif
1059 default:
1060 return(0);
1061 }
1062 return(1);
1063 }
1064
1065/* This function needs to check if the ciphers required are actually
1066 * available */
1067SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1068 {
1069 static int init=1;
1070 static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1071 SSL_CIPHER c,*cp= &c,**cpp;
1072 unsigned long id;
1073 int i;
1074
1075 if (init)
1076 {
1077 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1078
1079 for (i=0; i<SSL3_NUM_CIPHERS; i++)
1080 sorted[i]= &(ssl3_ciphers[i]);
1081
1082 qsort( (char *)sorted,
1083 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1084 FP_ICC ssl_cipher_ptr_id_cmp);
1085
1086 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1087
1088 init=0;
1089 }
1090
1091 id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1092 c.id=id;
1093 cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1094 (char *)sorted,
1095 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1096 FP_ICC ssl_cipher_ptr_id_cmp);
1097 if ((cpp == NULL) || !(*cpp)->valid)
1098 return(NULL);
1099 else
1100 return(*cpp);
1101 }
1102
1103int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1104 {
1105 long l;
1106
1107 if (p != NULL)
1108 {
1109 l=c->id;
1110 if ((l & 0xff000000) != 0x03000000) return(0);
1111 p[0]=((unsigned char)(l>> 8L))&0xFF;
1112 p[1]=((unsigned char)(l ))&0xFF;
1113 }
1114 return(2);
1115 }
1116
1117SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have,
1118 STACK_OF(SSL_CIPHER) *pref)
1119 {
1120 SSL_CIPHER *c,*ret=NULL;
1121 int i,j,ok;
1122 CERT *cert;
1123 unsigned long alg,mask,emask;
1124
1125 /* Let's see which ciphers we can support */
1126 cert=s->cert;
1127
1128 sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
1129
1130#ifdef CIPHER_DEBUG
1131 printf("Have:\n");
1132 for(i=0 ; i < sk_num(pref) ; ++i)
1133 {
1134 c=(SSL_CIPHER *)sk_value(pref,i);
1135 printf("%p:%s\n",c,c->name);
1136 }
1137#endif
1138
1139 for (i=0; i<sk_SSL_CIPHER_num(have); i++)
1140 {
1141 c=sk_SSL_CIPHER_value(have,i);
1142
1143 ssl_set_cert_masks(cert,c);
1144 mask=cert->mask;
1145 emask=cert->export_mask;
1146
1147 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1148 if (SSL_C_IS_EXPORT(c))
1149 {
1150 ok=((alg & emask) == alg)?1:0;
1151#ifdef CIPHER_DEBUG
1152 printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
1153 c,c->name);
1154#endif
1155 }
1156 else
1157 {
1158 ok=((alg & mask) == alg)?1:0;
1159#ifdef CIPHER_DEBUG
1160 printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
1161 c->name);
1162#endif
1163 }
1164
1165 if (!ok) continue;
1166
1167 j=sk_SSL_CIPHER_find(pref,c);
1168 if (j >= 0)
1169 {
1170 ret=sk_SSL_CIPHER_value(pref,j);
1171 break;
1172 }
1173 }
1174 return(ret);
1175 }
1176
1177int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1178 {
1179 int ret=0;
1180 unsigned long alg;
1181
1182 alg=s->s3->tmp.new_cipher->algorithms;
1183
1184#ifndef NO_DH
1185 if (alg & (SSL_kDHr|SSL_kEDH))
1186 {
1187# ifndef NO_RSA
1188 p[ret++]=SSL3_CT_RSA_FIXED_DH;
1189# endif
1190# ifndef NO_DSA
1191 p[ret++]=SSL3_CT_DSS_FIXED_DH;
1192# endif
1193 }
1194 if ((s->version == SSL3_VERSION) &&
1195 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1196 {
1197# ifndef NO_RSA
1198 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1199# endif
1200# ifndef NO_DSA
1201 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1202# endif
1203 }
1204#endif /* !NO_DH */
1205#ifndef NO_RSA
1206 p[ret++]=SSL3_CT_RSA_SIGN;
1207#endif
1208#ifndef NO_DSA
1209 p[ret++]=SSL3_CT_DSS_SIGN;
1210#endif
1211 return(ret);
1212 }
1213
1214int ssl3_shutdown(SSL *s)
1215 {
1216
1217 /* Don't do anything much if we have not done the handshake or
1218 * we don't want to send messages :-) */
1219 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
1220 {
1221 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
1222 return(1);
1223 }
1224
1225 if (!(s->shutdown & SSL_SENT_SHUTDOWN))
1226 {
1227 s->shutdown|=SSL_SENT_SHUTDOWN;
1228#if 1
1229 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
1230#endif
1231 /* our shutdown alert has been sent now, and if it still needs
1232 * to be written, s->s3->alert_dispatch will be true */
1233 }
1234 else if (s->s3->alert_dispatch)
1235 {
1236 /* resend it if not sent */
1237#if 1
1238 ssl3_dispatch_alert(s);
1239#endif
1240 }
1241 else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
1242 {
1243 /* If we are waiting for a close from our peer, we are closed */
1244 ssl3_read_bytes(s,0,NULL,0,0);
1245 }
1246
1247 if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
1248 !s->s3->alert_dispatch)
1249 return(1);
1250 else
1251 return(0);
1252 }
1253
1254int ssl3_write(SSL *s, const void *buf, int len)
1255 {
1256 int ret,n;
1257
1258#if 0
1259 if (s->shutdown & SSL_SEND_SHUTDOWN)
1260 {
1261 s->rwstate=SSL_NOTHING;
1262 return(0);
1263 }
1264#endif
1265 clear_sys_error();
1266 if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1267
1268 /* This is an experimental flag that sends the
1269 * last handshake message in the same packet as the first
1270 * use data - used to see if it helps the TCP protocol during
1271 * session-id reuse */
1272 /* The second test is because the buffer may have been removed */
1273 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
1274 {
1275 /* First time through, we write into the buffer */
1276 if (s->s3->delay_buf_pop_ret == 0)
1277 {
1278 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1279 buf,len);
1280 if (ret <= 0) return(ret);
1281
1282 s->s3->delay_buf_pop_ret=ret;
1283 }
1284
1285 s->rwstate=SSL_WRITING;
1286 n=BIO_flush(s->wbio);
1287 if (n <= 0) return(n);
1288 s->rwstate=SSL_NOTHING;
1289
1290 /* We have flushed the buffer, so remove it */
1291 ssl_free_wbio_buffer(s);
1292 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1293
1294 ret=s->s3->delay_buf_pop_ret;
1295 s->s3->delay_buf_pop_ret=0;
1296 }
1297 else
1298 {
1299 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1300 buf,len);
1301 if (ret <= 0) return(ret);
1302 }
1303
1304 return(ret);
1305 }
1306
1307static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
1308 {
1309 int ret;
1310
1311 clear_sys_error();
1312 if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1313 s->s3->in_read_app_data=1;
1314 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1315 if ((ret == -1) && (s->s3->in_read_app_data == 0))
1316 {
1317 /* ssl3_read_bytes decided to call s->handshake_func, which
1318 * called ssl3_read_bytes to read handshake data.
1319 * However, ssl3_read_bytes actually found application data
1320 * and thinks that application data makes sense here (signalled
1321 * by resetting 'in_read_app_data', strangely); so disable
1322 * handshake processing and try to read application data again. */
1323 s->in_handshake++;
1324 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1325 s->in_handshake--;
1326 }
1327 else
1328 s->s3->in_read_app_data=0;
1329
1330 return(ret);
1331 }
1332
1333int ssl3_read(SSL *s, void *buf, int len)
1334 {
1335 return ssl3_read_internal(s, buf, len, 0);
1336 }
1337
1338int ssl3_peek(SSL *s, void *buf, int len)
1339 {
1340 return ssl3_read_internal(s, buf, len, 1);
1341 }
1342
1343int ssl3_renegotiate(SSL *s)
1344 {
1345 if (s->handshake_func == NULL)
1346 return(1);
1347
1348 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1349 return(0);
1350
1351 s->s3->renegotiate=1;
1352 return(1);
1353 }
1354
1355int ssl3_renegotiate_check(SSL *s)
1356 {
1357 int ret=0;
1358
1359 if (s->s3->renegotiate)
1360 {
1361 if ( (s->s3->rbuf.left == 0) &&
1362 (s->s3->wbuf.left == 0) &&
1363 !SSL_in_init(s))
1364 {
1365/*
1366if we are the server, and we have sent a 'RENEGOTIATE' message, we
1367need to go to SSL_ST_ACCEPT.
1368*/
1369 /* SSL_ST_ACCEPT */
1370 s->state=SSL_ST_RENEGOTIATE;
1371 s->s3->renegotiate=0;
1372 s->s3->num_renegotiations++;
1373 s->s3->total_renegotiations++;
1374 ret=1;
1375 }
1376 }
1377 return(ret);
1378 }
1379
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
deleted file mode 100644
index 9ab76604a6..0000000000
--- a/src/lib/libssl/s3_pkt.c
+++ /dev/null
@@ -1,1204 +0,0 @@
1/* ssl/s3_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <errno.h>
114#define USE_SOCKETS
115#include <openssl/evp.h>
116#include <openssl/buffer.h>
117#include "ssl_locl.h"
118
119static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
120 unsigned int len);
121static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
122 unsigned int len);
123static int ssl3_get_record(SSL *s);
124static int do_compress(SSL *ssl);
125static int do_uncompress(SSL *ssl);
126static int do_change_cipher_spec(SSL *ssl);
127
128/* used only by ssl3_get_record */
129static int ssl3_read_n(SSL *s, int n, int max, int extend)
130 {
131 /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
132 * packet by another n bytes.
133 * The packet will be in the sub-array of s->s3->rbuf.buf specified
134 * by s->packet and s->packet_length.
135 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
136 * [plus s->packet_length bytes if extend == 1].)
137 */
138 int i,off,newb;
139
140 if (!extend)
141 {
142 /* start with empty packet ... */
143 if (s->s3->rbuf.left == 0)
144 s->s3->rbuf.offset = 0;
145 s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
146 s->packet_length = 0;
147 /* ... now we can act as if 'extend' was set */
148 }
149
150 /* if there is enough in the buffer from a previous read, take some */
151 if (s->s3->rbuf.left >= (int)n)
152 {
153 s->packet_length+=n;
154 s->s3->rbuf.left-=n;
155 s->s3->rbuf.offset+=n;
156 return(n);
157 }
158
159 /* else we need to read more data */
160 if (!s->read_ahead)
161 max=n;
162
163 {
164 /* avoid buffer overflow */
165 int max_max = SSL3_RT_MAX_PACKET_SIZE - s->packet_length;
166 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
167 max_max += SSL3_RT_MAX_EXTRA;
168 if (max > max_max)
169 max = max_max;
170 }
171 if (n > max) /* does not happen */
172 {
173 SSLerr(SSL_F_SSL3_READ_N,SSL_R_INTERNAL_ERROR);
174 return -1;
175 }
176
177 off = s->packet_length;
178 newb = s->s3->rbuf.left;
179 /* Move any available bytes to front of buffer:
180 * 'off' bytes already pointed to by 'packet',
181 * 'newb' extra ones at the end */
182 if (s->packet != s->s3->rbuf.buf)
183 {
184 /* off > 0 */
185 memmove(s->s3->rbuf.buf, s->packet, off+newb);
186 s->packet = s->s3->rbuf.buf;
187 }
188
189 while (newb < n)
190 {
191 /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
192 * to read in more until we have off+n (up to off+max if possible) */
193
194 clear_sys_error();
195 if (s->rbio != NULL)
196 {
197 s->rwstate=SSL_READING;
198 i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb);
199 }
200 else
201 {
202 SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
203 i = -1;
204 }
205
206 if (i <= 0)
207 {
208 s->s3->rbuf.left = newb;
209 return(i);
210 }
211 newb+=i;
212 }
213
214 /* done reading, now the book-keeping */
215 s->s3->rbuf.offset = off + n;
216 s->s3->rbuf.left = newb - n;
217 s->packet_length += n;
218 s->rwstate=SSL_NOTHING;
219 return(n);
220 }
221
222/* Call this to get a new input record.
223 * It will return <= 0 if more data is needed, normally due to an error
224 * or non-blocking IO.
225 * When it finishes, one packet has been decoded and can be found in
226 * ssl->s3->rrec.type - is the type of record
227 * ssl->s3->rrec.data, - data
228 * ssl->s3->rrec.length, - number of bytes
229 */
230/* used only by ssl3_read_bytes */
231static int ssl3_get_record(SSL *s)
232 {
233 int ssl_major,ssl_minor,al;
234 int n,i,ret= -1;
235 SSL3_RECORD *rr;
236 SSL_SESSION *sess;
237 unsigned char *p;
238 unsigned char md[EVP_MAX_MD_SIZE];
239 short version;
240 unsigned int mac_size;
241 int clear=0,extra;
242
243 rr= &(s->s3->rrec);
244 sess=s->session;
245
246 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
247 extra=SSL3_RT_MAX_EXTRA;
248 else
249 extra=0;
250
251again:
252 /* check if we have the header */
253 if ( (s->rstate != SSL_ST_READ_BODY) ||
254 (s->packet_length < SSL3_RT_HEADER_LENGTH))
255 {
256 n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH,
257 SSL3_RT_MAX_PACKET_SIZE,0);
258 if (n <= 0) return(n); /* error or non-blocking */
259 s->rstate=SSL_ST_READ_BODY;
260
261 p=s->packet;
262
263 /* Pull apart the header into the SSL3_RECORD */
264 rr->type= *(p++);
265 ssl_major= *(p++);
266 ssl_minor= *(p++);
267 version=(ssl_major<<8)|ssl_minor;
268 n2s(p,rr->length);
269
270 /* Lets check version */
271 if (s->first_packet)
272 {
273 s->first_packet=0;
274 }
275 else
276 {
277 if (version != s->version)
278 {
279 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
280 /* Send back error using their
281 * version number :-) */
282 s->version=version;
283 al=SSL_AD_PROTOCOL_VERSION;
284 goto f_err;
285 }
286 }
287
288 if ((version>>8) != SSL3_VERSION_MAJOR)
289 {
290 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
291 goto err;
292 }
293
294 if (rr->length >
295 (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
296 {
297 al=SSL_AD_RECORD_OVERFLOW;
298 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
299 goto f_err;
300 }
301
302 /* now s->rstate == SSL_ST_READ_BODY */
303 }
304
305 /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
306
307 if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH))
308 {
309 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
310 i=rr->length;
311 n=ssl3_read_n(s,i,i,1);
312 if (n <= 0) return(n); /* error or non-blocking io */
313 /* now n == rr->length,
314 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
315 }
316
317 s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
318
319 /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
320 * and we have that many bytes in s->packet
321 */
322 rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
323
324 /* ok, we can now read from 's->packet' data into 'rr'
325 * rr->input points at rr->length bytes, which
326 * need to be copied into rr->data by either
327 * the decryption or by the decompression
328 * When the data is 'copied' into the rr->data buffer,
329 * rr->input will be pointed at the new buffer */
330
331 /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
332 * rr->length bytes of encrypted compressed stuff. */
333
334 /* check is not needed I believe */
335 if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
336 {
337 al=SSL_AD_RECORD_OVERFLOW;
338 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
339 goto f_err;
340 }
341
342 /* decrypt in place in 'rr->input' */
343 rr->data=rr->input;
344
345 if (!s->method->ssl3_enc->enc(s,0))
346 {
347 al=SSL_AD_DECRYPT_ERROR;
348 goto f_err;
349 }
350#ifdef TLS_DEBUG
351printf("dec %d\n",rr->length);
352{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
353printf("\n");
354#endif
355 /* r->length is now the compressed data plus mac */
356 if ( (sess == NULL) ||
357 (s->enc_read_ctx == NULL) ||
358 (s->read_hash == NULL))
359 clear=1;
360
361 if (!clear)
362 {
363 mac_size=EVP_MD_size(s->read_hash);
364
365 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
366 {
367 al=SSL_AD_RECORD_OVERFLOW;
368 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
369 goto f_err;
370 }
371 /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
372 if (rr->length < mac_size)
373 {
374 al=SSL_AD_DECODE_ERROR;
375 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
376 goto f_err;
377 }
378 rr->length-=mac_size;
379 i=s->method->ssl3_enc->mac(s,md,0);
380 if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
381 {
382 al=SSL_AD_BAD_RECORD_MAC;
383 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE);
384 ret= -1;
385 goto f_err;
386 }
387 }
388
389 /* r->length is now just compressed */
390 if (s->expand != NULL)
391 {
392 if (rr->length >
393 (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
394 {
395 al=SSL_AD_RECORD_OVERFLOW;
396 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
397 goto f_err;
398 }
399 if (!do_uncompress(s))
400 {
401 al=SSL_AD_DECOMPRESSION_FAILURE;
402 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
403 goto f_err;
404 }
405 }
406
407 if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra)
408 {
409 al=SSL_AD_RECORD_OVERFLOW;
410 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
411 goto f_err;
412 }
413
414 rr->off=0;
415 /* So at this point the following is true
416 * ssl->s3->rrec.type is the type of record
417 * ssl->s3->rrec.length == number of bytes in record
418 * ssl->s3->rrec.off == offset to first valid byte
419 * ssl->s3->rrec.data == where to take bytes from, increment
420 * after use :-).
421 */
422
423 /* we have pulled in a full packet so zero things */
424 s->packet_length=0;
425
426 /* just read a 0 length packet */
427 if (rr->length == 0) goto again;
428
429 return(1);
430f_err:
431 ssl3_send_alert(s,SSL3_AL_FATAL,al);
432err:
433 return(ret);
434 }
435
436static int do_uncompress(SSL *ssl)
437 {
438 int i;
439 SSL3_RECORD *rr;
440
441 rr= &(ssl->s3->rrec);
442 i=COMP_expand_block(ssl->expand,rr->comp,
443 SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length);
444 if (i < 0)
445 return(0);
446 else
447 rr->length=i;
448 rr->data=rr->comp;
449
450 return(1);
451 }
452
453static int do_compress(SSL *ssl)
454 {
455 int i;
456 SSL3_RECORD *wr;
457
458 wr= &(ssl->s3->wrec);
459 i=COMP_compress_block(ssl->compress,wr->data,
460 SSL3_RT_MAX_COMPRESSED_LENGTH,
461 wr->input,(int)wr->length);
462 if (i < 0)
463 return(0);
464 else
465 wr->length=i;
466
467 wr->input=wr->data;
468 return(1);
469 }
470
471/* Call this to write data in records of type 'type'
472 * It will return <= 0 if not all data has been sent or non-blocking IO.
473 */
474int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
475 {
476 const unsigned char *buf=buf_;
477 unsigned int tot,n,nw;
478 int i;
479
480 s->rwstate=SSL_NOTHING;
481 tot=s->s3->wnum;
482 s->s3->wnum=0;
483
484 if (SSL_in_init(s) && !s->in_handshake)
485 {
486 i=s->handshake_func(s);
487 if (i < 0) return(i);
488 if (i == 0)
489 {
490 SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
491 return(-1);
492 }
493 }
494
495 n=(len-tot);
496 for (;;)
497 {
498 if (n > SSL3_RT_MAX_PLAIN_LENGTH)
499 nw=SSL3_RT_MAX_PLAIN_LENGTH;
500 else
501 nw=n;
502
503 i=do_ssl3_write(s,type,&(buf[tot]),nw);
504 if (i <= 0)
505 {
506 s->s3->wnum=tot;
507 return(i);
508 }
509
510 if ((i == (int)n) ||
511 (type == SSL3_RT_APPLICATION_DATA &&
512 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
513 {
514 return(tot+i);
515 }
516
517 n-=i;
518 tot+=i;
519 }
520 }
521
522static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
523 unsigned int len)
524 {
525 unsigned char *p,*plen;
526 int i,mac_size,clear=0;
527 SSL3_RECORD *wr;
528 SSL3_BUFFER *wb;
529 SSL_SESSION *sess;
530
531 /* first check is there is a SSL3_RECORD still being written
532 * out. This will happen with non blocking IO */
533 if (s->s3->wbuf.left != 0)
534 return(ssl3_write_pending(s,type,buf,len));
535
536 /* If we have an alert to send, lets send it */
537 if (s->s3->alert_dispatch)
538 {
539 i=ssl3_dispatch_alert(s);
540 if (i <= 0)
541 return(i);
542 /* if it went, fall through and send more stuff */
543 }
544
545 if (len == 0) return(len);
546
547 wr= &(s->s3->wrec);
548 wb= &(s->s3->wbuf);
549 sess=s->session;
550
551 if ( (sess == NULL) ||
552 (s->enc_write_ctx == NULL) ||
553 (s->write_hash == NULL))
554 clear=1;
555
556 if (clear)
557 mac_size=0;
558 else
559 mac_size=EVP_MD_size(s->write_hash);
560
561 p=wb->buf;
562
563 /* write the header */
564 *(p++)=type&0xff;
565 wr->type=type;
566
567 *(p++)=(s->version>>8);
568 *(p++)=s->version&0xff;
569
570 /* record where we are to write out packet length */
571 plen=p;
572 p+=2;
573
574 /* lets setup the record stuff. */
575 wr->data=p;
576 wr->length=(int)len;
577 wr->input=(unsigned char *)buf;
578
579 /* we now 'read' from wr->input, wr->length bytes into
580 * wr->data */
581
582 /* first we compress */
583 if (s->compress != NULL)
584 {
585 if (!do_compress(s))
586 {
587 SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
588 goto err;
589 }
590 }
591 else
592 {
593 memcpy(wr->data,wr->input,wr->length);
594 wr->input=wr->data;
595 }
596
597 /* we should still have the output to wr->data and the input
598 * from wr->input. Length should be wr->length.
599 * wr->data still points in the wb->buf */
600
601 if (mac_size != 0)
602 {
603 s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
604 wr->length+=mac_size;
605 wr->input=p;
606 wr->data=p;
607 }
608
609 /* ssl3_enc can only have an error on read */
610 s->method->ssl3_enc->enc(s,1);
611
612 /* record length after mac and block padding */
613 s2n(wr->length,plen);
614
615 /* we should now have
616 * wr->data pointing to the encrypted data, which is
617 * wr->length long */
618 wr->type=type; /* not needed but helps for debugging */
619 wr->length+=SSL3_RT_HEADER_LENGTH;
620
621 /* Now lets setup wb */
622 wb->left=wr->length;
623 wb->offset=0;
624
625 s->s3->wpend_tot=len;
626 s->s3->wpend_buf=buf;
627 s->s3->wpend_type=type;
628 s->s3->wpend_ret=len;
629
630 /* we now just need to write the buffer */
631 return(ssl3_write_pending(s,type,buf,len));
632err:
633 return(-1);
634 }
635
636/* if s->s3->wbuf.left != 0, we need to call this */
637static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
638 unsigned int len)
639 {
640 int i;
641
642/* XXXX */
643 if ((s->s3->wpend_tot > (int)len)
644 || ((s->s3->wpend_buf != buf) &&
645 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
646 || (s->s3->wpend_type != type))
647 {
648 SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
649 return(-1);
650 }
651
652 for (;;)
653 {
654 clear_sys_error();
655 if (s->wbio != NULL)
656 {
657 s->rwstate=SSL_WRITING;
658 i=BIO_write(s->wbio,
659 (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
660 (unsigned int)s->s3->wbuf.left);
661 }
662 else
663 {
664 SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
665 i= -1;
666 }
667 if (i == s->s3->wbuf.left)
668 {
669 s->s3->wbuf.left=0;
670 s->rwstate=SSL_NOTHING;
671 return(s->s3->wpend_ret);
672 }
673 else if (i <= 0)
674 return(i);
675 s->s3->wbuf.offset+=i;
676 s->s3->wbuf.left-=i;
677 }
678 }
679
680/* Return up to 'len' payload bytes received in 'type' records.
681 * 'type' is one of the following:
682 *
683 * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
684 * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
685 * - 0 (during a shutdown, no data has to be returned)
686 *
687 * If we don't have stored data to work from, read a SSL/TLS record first
688 * (possibly multiple records if we still don't have anything to return).
689 *
690 * This function must handle any surprises the peer may have for us, such as
691 * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
692 * a surprise, but handled as if it were), or renegotiation requests.
693 * Also if record payloads contain fragments too small to process, we store
694 * them until there is enough for the respective protocol (the record protocol
695 * may use arbitrary fragmentation and even interleaving):
696 * Change cipher spec protocol
697 * just 1 byte needed, no need for keeping anything stored
698 * Alert protocol
699 * 2 bytes needed (AlertLevel, AlertDescription)
700 * Handshake protocol
701 * 4 bytes needed (HandshakeType, uint24 length) -- we just have
702 * to detect unexpected Client Hello and Hello Request messages
703 * here, anything else is handled by higher layers
704 * Application data protocol
705 * none of our business
706 */
707int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
708 {
709 int al,i,j,ret;
710 unsigned int n;
711 SSL3_RECORD *rr;
712 void (*cb)()=NULL;
713
714 if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
715 if (!ssl3_setup_buffers(s))
716 return(-1);
717
718 if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
719 (peek && (type != SSL3_RT_APPLICATION_DATA)))
720 {
721 SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_INTERNAL_ERROR);
722 return -1;
723 }
724
725 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
726 /* (partially) satisfy request from storage */
727 {
728 unsigned char *src = s->s3->handshake_fragment;
729 unsigned char *dst = buf;
730 unsigned int k;
731
732 /* peek == 0 */
733 n = 0;
734 while ((len > 0) && (s->s3->handshake_fragment_len > 0))
735 {
736 *dst++ = *src++;
737 len--; s->s3->handshake_fragment_len--;
738 n++;
739 }
740 /* move any remaining fragment bytes: */
741 for (k = 0; k < s->s3->handshake_fragment_len; k++)
742 s->s3->handshake_fragment[k] = *src++;
743 return n;
744 }
745
746 /* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
747
748 if (!s->in_handshake && SSL_in_init(s))
749 {
750 /* type == SSL3_RT_APPLICATION_DATA */
751 i=s->handshake_func(s);
752 if (i < 0) return(i);
753 if (i == 0)
754 {
755 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
756 return(-1);
757 }
758 }
759start:
760 s->rwstate=SSL_NOTHING;
761
762 /* s->s3->rrec.type - is the type of record
763 * s->s3->rrec.data, - data
764 * s->s3->rrec.off, - offset into 'data' for next read
765 * s->s3->rrec.length, - number of bytes. */
766 rr = &(s->s3->rrec);
767
768 /* get new packet if necessary */
769 if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
770 {
771 ret=ssl3_get_record(s);
772 if (ret <= 0) return(ret);
773 }
774
775 /* we now have a packet which can be read and processed */
776
777 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
778 * reset by ssl3_get_finished */
779 && (rr->type != SSL3_RT_HANDSHAKE))
780 {
781 al=SSL_AD_UNEXPECTED_MESSAGE;
782 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
783 goto err;
784 }
785
786 /* If the other end has shut down, throw anything we read away
787 * (even in 'peek' mode) */
788 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
789 {
790 rr->length=0;
791 s->rwstate=SSL_NOTHING;
792 return(0);
793 }
794
795
796 if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
797 {
798 /* make sure that we are not getting application data when we
799 * are doing a handshake for the first time */
800 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
801 (s->enc_read_ctx == NULL))
802 {
803 al=SSL_AD_UNEXPECTED_MESSAGE;
804 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
805 goto f_err;
806 }
807
808 if (len <= 0) return(len);
809
810 if ((unsigned int)len > rr->length)
811 n = rr->length;
812 else
813 n = (unsigned int)len;
814
815 memcpy(buf,&(rr->data[rr->off]),n);
816 if (!peek)
817 {
818 rr->length-=n;
819 rr->off+=n;
820 if (rr->length == 0)
821 {
822 s->rstate=SSL_ST_READ_HEADER;
823 rr->off=0;
824 }
825 }
826 return(n);
827 }
828
829
830 /* If we get here, then type != rr->type; if we have a handshake
831 * message, then it was unexpected (Hello Request or Client Hello). */
832
833 /* In case of record types for which we have 'fragment' storage,
834 * fill that so that we can process the data at a fixed place.
835 */
836 {
837 unsigned int dest_maxlen = 0;
838 unsigned char *dest = NULL;
839 unsigned int *dest_len = NULL;
840
841 if (rr->type == SSL3_RT_HANDSHAKE)
842 {
843 dest_maxlen = sizeof s->s3->handshake_fragment;
844 dest = s->s3->handshake_fragment;
845 dest_len = &s->s3->handshake_fragment_len;
846 }
847 else if (rr->type == SSL3_RT_ALERT)
848 {
849 dest_maxlen = sizeof s->s3->alert_fragment;
850 dest = s->s3->alert_fragment;
851 dest_len = &s->s3->alert_fragment_len;
852 }
853
854 if (dest_maxlen > 0)
855 {
856 n = dest_maxlen - *dest_len; /* available space in 'dest' */
857 if (rr->length < n)
858 n = rr->length; /* available bytes */
859
860 /* now move 'n' bytes: */
861 while (n-- > 0)
862 {
863 dest[(*dest_len)++] = rr->data[rr->off++];
864 rr->length--;
865 }
866
867 if (*dest_len < dest_maxlen)
868 goto start; /* fragment was too small */
869 }
870 }
871
872 /* s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
873 * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
874 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
875
876 /* If we are a client, check for an incoming 'Hello Request': */
877 if ((!s->server) &&
878 (s->s3->handshake_fragment_len >= 4) &&
879 (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
880 (s->session != NULL) && (s->session->cipher != NULL))
881 {
882 s->s3->handshake_fragment_len = 0;
883
884 if ((s->s3->handshake_fragment[1] != 0) ||
885 (s->s3->handshake_fragment[2] != 0) ||
886 (s->s3->handshake_fragment[3] != 0))
887 {
888 al=SSL_AD_DECODE_ERROR;
889 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
890 goto err;
891 }
892
893 if (SSL_is_init_finished(s) &&
894 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
895 !s->s3->renegotiate)
896 {
897 ssl3_renegotiate(s);
898 if (ssl3_renegotiate_check(s))
899 {
900 i=s->handshake_func(s);
901 if (i < 0) return(i);
902 if (i == 0)
903 {
904 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
905 return(-1);
906 }
907
908 if (!(s->mode & SSL_MODE_AUTO_RETRY))
909 {
910 if (s->s3->rbuf.left == 0) /* no read-ahead left? */
911 {
912 BIO *bio;
913 /* In the case where we try to read application data,
914 * but we trigger an SSL handshake, we return -1 with
915 * the retry option set. Otherwise renegotiation may
916 * cause nasty problems in the blocking world */
917 s->rwstate=SSL_READING;
918 bio=SSL_get_rbio(s);
919 BIO_clear_retry_flags(bio);
920 BIO_set_retry_read(bio);
921 return(-1);
922 }
923 }
924 }
925 }
926 /* we either finished a handshake or ignored the request,
927 * now try again to obtain the (application) data we were asked for */
928 goto start;
929 }
930
931 if (s->s3->alert_fragment_len >= 2)
932 {
933 int alert_level = s->s3->alert_fragment[0];
934 int alert_descr = s->s3->alert_fragment[1];
935
936 s->s3->alert_fragment_len = 0;
937
938 if (s->info_callback != NULL)
939 cb=s->info_callback;
940 else if (s->ctx->info_callback != NULL)
941 cb=s->ctx->info_callback;
942
943 if (cb != NULL)
944 {
945 j = (alert_level << 8) | alert_descr;
946 cb(s, SSL_CB_READ_ALERT, j);
947 }
948
949 if (alert_level == 1) /* warning */
950 {
951 s->s3->warn_alert = alert_descr;
952 if (alert_descr == SSL_AD_CLOSE_NOTIFY)
953 {
954 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
955 return(0);
956 }
957 }
958 else if (alert_level == 2) /* fatal */
959 {
960 char tmp[16];
961
962 s->rwstate=SSL_NOTHING;
963 s->s3->fatal_alert = alert_descr;
964 SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
965 BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
966 ERR_add_error_data(2,"SSL alert number ",tmp);
967 s->shutdown|=SSL_RECEIVED_SHUTDOWN;
968 SSL_CTX_remove_session(s->ctx,s->session);
969 return(0);
970 }
971 else
972 {
973 al=SSL_AD_ILLEGAL_PARAMETER;
974 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
975 goto f_err;
976 }
977
978 goto start;
979 }
980
981 if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
982 {
983 s->rwstate=SSL_NOTHING;
984 rr->length=0;
985 return(0);
986 }
987
988 if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
989 {
990 /* 'Change Cipher Spec' is just a single byte, so we know
991 * exactly what the record payload has to look like */
992 if ( (rr->length != 1) || (rr->off != 0) ||
993 (rr->data[0] != SSL3_MT_CCS))
994 {
995 i=SSL_AD_ILLEGAL_PARAMETER;
996 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
997 goto err;
998 }
999
1000 rr->length=0;
1001 s->s3->change_cipher_spec=1;
1002 if (!do_change_cipher_spec(s))
1003 goto err;
1004 else
1005 goto start;
1006 }
1007
1008 /* Unexpected handshake message (Client Hello, or protocol violation) */
1009 if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake)
1010 {
1011 if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
1012 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
1013 {
1014#if 0 /* worked only because C operator preferences are not as expected (and
1015 * because this is not really needed for clients except for detecting
1016 * protocol violations): */
1017 s->state=SSL_ST_BEFORE|(s->server)
1018 ?SSL_ST_ACCEPT
1019 :SSL_ST_CONNECT;
1020#else
1021 s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1022#endif
1023 s->new_session=1;
1024 }
1025 i=s->handshake_func(s);
1026 if (i < 0) return(i);
1027 if (i == 0)
1028 {
1029 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
1030 return(-1);
1031 }
1032
1033 if (!(s->mode & SSL_MODE_AUTO_RETRY))
1034 {
1035 if (s->s3->rbuf.left == 0) /* no read-ahead left? */
1036 {
1037 BIO *bio;
1038 /* In the case where we try to read application data,
1039 * but we trigger an SSL handshake, we return -1 with
1040 * the retry option set. Otherwise renegotiation may
1041 * cause nasty problems in the blocking world */
1042 s->rwstate=SSL_READING;
1043 bio=SSL_get_rbio(s);
1044 BIO_clear_retry_flags(bio);
1045 BIO_set_retry_read(bio);
1046 return(-1);
1047 }
1048 }
1049 goto start;
1050 }
1051
1052 switch (rr->type)
1053 {
1054 default:
1055#ifndef NO_TLS
1056 /* TLS just ignores unknown message types */
1057 if (s->version == TLS1_VERSION)
1058 {
1059 goto start;
1060 }
1061#endif
1062 al=SSL_AD_UNEXPECTED_MESSAGE;
1063 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
1064 goto f_err;
1065 case SSL3_RT_CHANGE_CIPHER_SPEC:
1066 case SSL3_RT_ALERT:
1067 case SSL3_RT_HANDSHAKE:
1068 /* we already handled all of these, with the possible exception
1069 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
1070 * should not happen when type != rr->type */
1071 al=SSL_AD_UNEXPECTED_MESSAGE;
1072 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_INTERNAL_ERROR);
1073 goto f_err;
1074 case SSL3_RT_APPLICATION_DATA:
1075 /* At this point, we were expecting handshake data,
1076 * but have application data. If the library was
1077 * running inside ssl3_read() (i.e. in_read_app_data
1078 * is set) and it makes sense to read application data
1079 * at this point (session renegotiation not yet started),
1080 * we will indulge it.
1081 */
1082 if (s->s3->in_read_app_data &&
1083 (s->s3->total_renegotiations != 0) &&
1084 ((
1085 (s->state & SSL_ST_CONNECT) &&
1086 (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1087 (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
1088 ) || (
1089 (s->state & SSL_ST_ACCEPT) &&
1090 (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
1091 (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
1092 )
1093 ))
1094 {
1095 s->s3->in_read_app_data=0;
1096 return(-1);
1097 }
1098 else
1099 {
1100 al=SSL_AD_UNEXPECTED_MESSAGE;
1101 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
1102 goto f_err;
1103 }
1104 }
1105 /* not reached */
1106
1107f_err:
1108 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1109err:
1110 return(-1);
1111 }
1112
1113static int do_change_cipher_spec(SSL *s)
1114 {
1115 int i;
1116 const char *sender;
1117 int slen;
1118
1119 if (s->state & SSL_ST_ACCEPT)
1120 i=SSL3_CHANGE_CIPHER_SERVER_READ;
1121 else
1122 i=SSL3_CHANGE_CIPHER_CLIENT_READ;
1123
1124 if (s->s3->tmp.key_block == NULL)
1125 {
1126 s->session->cipher=s->s3->tmp.new_cipher;
1127 if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
1128 }
1129
1130 if (!s->method->ssl3_enc->change_cipher_state(s,i))
1131 return(0);
1132
1133 /* we have to record the message digest at
1134 * this point so we can get it before we read
1135 * the finished message */
1136 if (s->state & SSL_ST_CONNECT)
1137 {
1138 sender=s->method->ssl3_enc->server_finished_label;
1139 slen=s->method->ssl3_enc->server_finished_label_len;
1140 }
1141 else
1142 {
1143 sender=s->method->ssl3_enc->client_finished_label;
1144 slen=s->method->ssl3_enc->client_finished_label_len;
1145 }
1146
1147 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
1148 &(s->s3->finish_dgst1),
1149 &(s->s3->finish_dgst2),
1150 sender,slen,s->s3->tmp.peer_finish_md);
1151
1152 return(1);
1153 }
1154
1155void ssl3_send_alert(SSL *s, int level, int desc)
1156 {
1157 /* Map tls/ssl alert value to correct one */
1158 desc=s->method->ssl3_enc->alert_value(desc);
1159 if (desc < 0) return;
1160 /* If a fatal one, remove from cache */
1161 if ((level == 2) && (s->session != NULL))
1162 SSL_CTX_remove_session(s->ctx,s->session);
1163
1164 s->s3->alert_dispatch=1;
1165 s->s3->send_alert[0]=level;
1166 s->s3->send_alert[1]=desc;
1167 if (s->s3->wbuf.left == 0) /* data still being written out */
1168 ssl3_dispatch_alert(s);
1169 /* else data is still being written out, we will get written
1170 * some time in the future */
1171 }
1172
1173int ssl3_dispatch_alert(SSL *s)
1174 {
1175 int i,j;
1176 void (*cb)()=NULL;
1177
1178 s->s3->alert_dispatch=0;
1179 i=do_ssl3_write(s,SSL3_RT_ALERT,&s->s3->send_alert[0],2);
1180 if (i <= 0)
1181 {
1182 s->s3->alert_dispatch=1;
1183 }
1184 else
1185 {
1186 /* If it is important, send it now. If the message
1187 * does not get sent due to non-blocking IO, we will
1188 * not worry too much. */
1189 if (s->s3->send_alert[0] == SSL3_AL_FATAL)
1190 (void)BIO_flush(s->wbio);
1191
1192 if (s->info_callback != NULL)
1193 cb=s->info_callback;
1194 else if (s->ctx->info_callback != NULL)
1195 cb=s->ctx->info_callback;
1196
1197 if (cb != NULL)
1198 {
1199 j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
1200 cb(s,SSL_CB_WRITE_ALERT,j);
1201 }
1202 }
1203 return(i);
1204 }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
deleted file mode 100644
index 258af84867..0000000000
--- a/src/lib/libssl/s3_srvr.c
+++ /dev/null
@@ -1,1777 +0,0 @@
1/* ssl/s3_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#define REUSE_CIPHER_BUG
60#define NETSCAPE_HANG_BUG
61
62
63#include <stdio.h>
64#include <openssl/buffer.h>
65#include <openssl/rand.h>
66#include <openssl/objects.h>
67#include <openssl/md5.h>
68#include <openssl/sha.h>
69#include <openssl/evp.h>
70#include <openssl/x509.h>
71#include "ssl_locl.h"
72
73static SSL_METHOD *ssl3_get_server_method(int ver);
74static int ssl3_get_client_hello(SSL *s);
75static int ssl3_check_client_hello(SSL *s);
76static int ssl3_send_server_hello(SSL *s);
77static int ssl3_send_server_key_exchange(SSL *s);
78static int ssl3_send_certificate_request(SSL *s);
79static int ssl3_send_server_done(SSL *s);
80static int ssl3_get_client_key_exchange(SSL *s);
81static int ssl3_get_client_certificate(SSL *s);
82static int ssl3_get_cert_verify(SSL *s);
83static int ssl3_send_hello_request(SSL *s);
84
85static SSL_METHOD *ssl3_get_server_method(int ver)
86 {
87 if (ver == SSL3_VERSION)
88 return(SSLv3_server_method());
89 else
90 return(NULL);
91 }
92
93SSL_METHOD *SSLv3_server_method(void)
94 {
95 static int init=1;
96 static SSL_METHOD SSLv3_server_data;
97
98 if (init)
99 {
100 memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
101 sizeof(SSL_METHOD));
102 SSLv3_server_data.ssl_accept=ssl3_accept;
103 SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
104 init=0;
105 }
106 return(&SSLv3_server_data);
107 }
108
109int ssl3_accept(SSL *s)
110 {
111 BUF_MEM *buf;
112 unsigned long l,Time=time(NULL);
113 void (*cb)()=NULL;
114 long num1;
115 int ret= -1;
116 int new_state,state,skip=0;
117
118 RAND_add(&Time,sizeof(Time),0);
119 ERR_clear_error();
120 clear_sys_error();
121
122 if (s->info_callback != NULL)
123 cb=s->info_callback;
124 else if (s->ctx->info_callback != NULL)
125 cb=s->ctx->info_callback;
126
127 /* init things to blank */
128 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
129 s->in_handshake++;
130
131 if (s->cert == NULL)
132 {
133 SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
134 return(-1);
135 }
136
137 for (;;)
138 {
139 state=s->state;
140
141 switch (s->state)
142 {
143 case SSL_ST_RENEGOTIATE:
144 s->new_session=1;
145 /* s->state=SSL_ST_ACCEPT; */
146
147 case SSL_ST_BEFORE:
148 case SSL_ST_ACCEPT:
149 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
150 case SSL_ST_OK|SSL_ST_ACCEPT:
151
152 s->server=1;
153 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
154
155 if ((s->version>>8) != 3)
156 {
157 SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_INTERNAL_ERROR);
158 return -1;
159 }
160 s->type=SSL_ST_ACCEPT;
161
162 if (s->init_buf == NULL)
163 {
164 if ((buf=BUF_MEM_new()) == NULL)
165 {
166 ret= -1;
167 goto end;
168 }
169 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
170 {
171 ret= -1;
172 goto end;
173 }
174 s->init_buf=buf;
175 }
176
177 if (!ssl3_setup_buffers(s))
178 {
179 ret= -1;
180 goto end;
181 }
182
183 /* Ok, we now need to push on a buffering BIO so that
184 * the output is sent in a way that TCP likes :-)
185 */
186 if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
187
188 s->init_num=0;
189
190 if (s->state != SSL_ST_RENEGOTIATE)
191 {
192 ssl3_init_finished_mac(s);
193 s->state=SSL3_ST_SR_CLNT_HELLO_A;
194 s->ctx->stats.sess_accept++;
195 }
196 else
197 {
198 s->ctx->stats.sess_accept_renegotiate++;
199 s->state=SSL3_ST_SW_HELLO_REQ_A;
200 }
201 break;
202
203 case SSL3_ST_SW_HELLO_REQ_A:
204 case SSL3_ST_SW_HELLO_REQ_B:
205
206 s->shutdown=0;
207 ret=ssl3_send_hello_request(s);
208 if (ret <= 0) goto end;
209 s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
210 s->state=SSL3_ST_SW_FLUSH;
211 s->init_num=0;
212
213 ssl3_init_finished_mac(s);
214 break;
215
216 case SSL3_ST_SW_HELLO_REQ_C:
217 s->state=SSL_ST_OK;
218 ret=1;
219 goto end;
220 /* break; */
221
222 case SSL3_ST_SR_CLNT_HELLO_A:
223 case SSL3_ST_SR_CLNT_HELLO_B:
224 case SSL3_ST_SR_CLNT_HELLO_C:
225
226 s->shutdown=0;
227 ret=ssl3_get_client_hello(s);
228 if (ret <= 0) goto end;
229 s->state=SSL3_ST_SW_SRVR_HELLO_A;
230 s->init_num=0;
231 break;
232
233 case SSL3_ST_SW_SRVR_HELLO_A:
234 case SSL3_ST_SW_SRVR_HELLO_B:
235 ret=ssl3_send_server_hello(s);
236 if (ret <= 0) goto end;
237
238 if (s->hit)
239 s->state=SSL3_ST_SW_CHANGE_A;
240 else
241 s->state=SSL3_ST_SW_CERT_A;
242 s->init_num=0;
243 break;
244
245 case SSL3_ST_SW_CERT_A:
246 case SSL3_ST_SW_CERT_B:
247 /* Check if it is anon DH */
248 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
249 {
250 ret=ssl3_send_server_certificate(s);
251 if (ret <= 0) goto end;
252 }
253 else
254 skip=1;
255 s->state=SSL3_ST_SW_KEY_EXCH_A;
256 s->init_num=0;
257 break;
258
259 case SSL3_ST_SW_KEY_EXCH_A:
260 case SSL3_ST_SW_KEY_EXCH_B:
261 l=s->s3->tmp.new_cipher->algorithms;
262
263 /* clear this, it may get reset by
264 * send_server_key_exchange */
265 if (s->options & SSL_OP_EPHEMERAL_RSA)
266 s->s3->tmp.use_rsa_tmp=1;
267 else
268 s->s3->tmp.use_rsa_tmp=0;
269
270 /* only send if a DH key exchange, fortezza or
271 * RSA but we have a sign only certificate */
272 if (s->s3->tmp.use_rsa_tmp
273 || (l & (SSL_DH|SSL_kFZA))
274 || ((l & SSL_kRSA)
275 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
276 || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
277 && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
278 )
279 )
280 )
281 )
282 {
283 ret=ssl3_send_server_key_exchange(s);
284 if (ret <= 0) goto end;
285 }
286 else
287 skip=1;
288
289 s->state=SSL3_ST_SW_CERT_REQ_A;
290 s->init_num=0;
291 break;
292
293 case SSL3_ST_SW_CERT_REQ_A:
294 case SSL3_ST_SW_CERT_REQ_B:
295 if (/* don't request cert unless asked for it: */
296 !(s->verify_mode & SSL_VERIFY_PEER) ||
297 /* if SSL_VERIFY_CLIENT_ONCE is set,
298 * don't request cert during re-negotiation: */
299 ((s->session->peer != NULL) &&
300 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
301 /* never request cert in anonymous ciphersuites
302 * (see section "Certificate request" in SSL 3 drafts
303 * and in RFC 2246): */
304 ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
305 /* ... except when the application insists on verification
306 * (against the specs, but s3_clnt.c accepts this for SSL 3) */
307 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)))
308 {
309 /* no cert request */
310 skip=1;
311 s->s3->tmp.cert_request=0;
312 s->state=SSL3_ST_SW_SRVR_DONE_A;
313 }
314 else
315 {
316 s->s3->tmp.cert_request=1;
317 ret=ssl3_send_certificate_request(s);
318 if (ret <= 0) goto end;
319#ifndef NETSCAPE_HANG_BUG
320 s->state=SSL3_ST_SW_SRVR_DONE_A;
321#else
322 s->state=SSL3_ST_SW_FLUSH;
323 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
324#endif
325 s->init_num=0;
326 }
327 break;
328
329 case SSL3_ST_SW_SRVR_DONE_A:
330 case SSL3_ST_SW_SRVR_DONE_B:
331 ret=ssl3_send_server_done(s);
332 if (ret <= 0) goto end;
333 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
334 s->state=SSL3_ST_SW_FLUSH;
335 s->init_num=0;
336 break;
337
338 case SSL3_ST_SW_FLUSH:
339 /* number of bytes to be flushed */
340 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
341 if (num1 > 0)
342 {
343 s->rwstate=SSL_WRITING;
344 num1=BIO_flush(s->wbio);
345 if (num1 <= 0) { ret= -1; goto end; }
346 s->rwstate=SSL_NOTHING;
347 }
348
349 s->state=s->s3->tmp.next_state;
350 break;
351
352 case SSL3_ST_SR_CERT_A:
353 case SSL3_ST_SR_CERT_B:
354 /* Check for second client hello (MS SGC) */
355 ret = ssl3_check_client_hello(s);
356 if (ret <= 0)
357 goto end;
358 if (ret == 2)
359 s->state = SSL3_ST_SR_CLNT_HELLO_C;
360 else {
361 /* could be sent for a DH cert, even if we
362 * have not asked for it :-) */
363 ret=ssl3_get_client_certificate(s);
364 if (ret <= 0) goto end;
365 s->init_num=0;
366 s->state=SSL3_ST_SR_KEY_EXCH_A;
367 }
368 break;
369
370 case SSL3_ST_SR_KEY_EXCH_A:
371 case SSL3_ST_SR_KEY_EXCH_B:
372 ret=ssl3_get_client_key_exchange(s);
373 if (ret <= 0) goto end;
374 s->state=SSL3_ST_SR_CERT_VRFY_A;
375 s->init_num=0;
376
377 /* We need to get hashes here so if there is
378 * a client cert, it can be verified */
379 s->method->ssl3_enc->cert_verify_mac(s,
380 &(s->s3->finish_dgst1),
381 &(s->s3->tmp.cert_verify_md[0]));
382 s->method->ssl3_enc->cert_verify_mac(s,
383 &(s->s3->finish_dgst2),
384 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
385
386 break;
387
388 case SSL3_ST_SR_CERT_VRFY_A:
389 case SSL3_ST_SR_CERT_VRFY_B:
390
391 /* we should decide if we expected this one */
392 ret=ssl3_get_cert_verify(s);
393 if (ret <= 0) goto end;
394
395 s->state=SSL3_ST_SR_FINISHED_A;
396 s->init_num=0;
397 break;
398
399 case SSL3_ST_SR_FINISHED_A:
400 case SSL3_ST_SR_FINISHED_B:
401 ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
402 SSL3_ST_SR_FINISHED_B);
403 if (ret <= 0) goto end;
404 if (s->hit)
405 s->state=SSL_ST_OK;
406 else
407 s->state=SSL3_ST_SW_CHANGE_A;
408 s->init_num=0;
409 break;
410
411 case SSL3_ST_SW_CHANGE_A:
412 case SSL3_ST_SW_CHANGE_B:
413
414 s->session->cipher=s->s3->tmp.new_cipher;
415 if (!s->method->ssl3_enc->setup_key_block(s))
416 { ret= -1; goto end; }
417
418 ret=ssl3_send_change_cipher_spec(s,
419 SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
420
421 if (ret <= 0) goto end;
422 s->state=SSL3_ST_SW_FINISHED_A;
423 s->init_num=0;
424
425 if (!s->method->ssl3_enc->change_cipher_state(s,
426 SSL3_CHANGE_CIPHER_SERVER_WRITE))
427 {
428 ret= -1;
429 goto end;
430 }
431
432 break;
433
434 case SSL3_ST_SW_FINISHED_A:
435 case SSL3_ST_SW_FINISHED_B:
436 ret=ssl3_send_finished(s,
437 SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
438 s->method->ssl3_enc->server_finished_label,
439 s->method->ssl3_enc->server_finished_label_len);
440 if (ret <= 0) goto end;
441 s->state=SSL3_ST_SW_FLUSH;
442 if (s->hit)
443 s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
444 else
445 s->s3->tmp.next_state=SSL_ST_OK;
446 s->init_num=0;
447 break;
448
449 case SSL_ST_OK:
450 /* clean a few things up */
451 ssl3_cleanup_key_block(s);
452
453 BUF_MEM_free(s->init_buf);
454 s->init_buf=NULL;
455
456 /* remove buffering on output */
457 ssl_free_wbio_buffer(s);
458
459 s->new_session=0;
460 s->init_num=0;
461
462 ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
463
464 s->ctx->stats.sess_accept_good++;
465 /* s->server=1; */
466 s->handshake_func=ssl3_accept;
467 ret=1;
468
469 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
470
471 goto end;
472 /* break; */
473
474 default:
475 SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
476 ret= -1;
477 goto end;
478 /* break; */
479 }
480
481 if (!s->s3->tmp.reuse_message && !skip)
482 {
483 if (s->debug)
484 {
485 if ((ret=BIO_flush(s->wbio)) <= 0)
486 goto end;
487 }
488
489
490 if ((cb != NULL) && (s->state != state))
491 {
492 new_state=s->state;
493 s->state=state;
494 cb(s,SSL_CB_ACCEPT_LOOP,1);
495 s->state=new_state;
496 }
497 }
498 skip=0;
499 }
500end:
501 /* BIO_flush(s->wbio); */
502
503 if (cb != NULL)
504 cb(s,SSL_CB_ACCEPT_EXIT,ret);
505 s->in_handshake--;
506 return(ret);
507 }
508
509static int ssl3_send_hello_request(SSL *s)
510 {
511 unsigned char *p;
512
513 if (s->state == SSL3_ST_SW_HELLO_REQ_A)
514 {
515 p=(unsigned char *)s->init_buf->data;
516 *(p++)=SSL3_MT_HELLO_REQUEST;
517 *(p++)=0;
518 *(p++)=0;
519 *(p++)=0;
520
521 s->state=SSL3_ST_SW_HELLO_REQ_B;
522 /* number of bytes to write */
523 s->init_num=4;
524 s->init_off=0;
525 }
526
527 /* SSL3_ST_SW_HELLO_REQ_B */
528 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
529 }
530
531static int ssl3_check_client_hello(SSL *s)
532 {
533 int ok;
534 long n;
535
536 n=ssl3_get_message(s,
537 SSL3_ST_SR_CERT_A,
538 SSL3_ST_SR_CERT_B,
539 -1,
540 SSL3_RT_MAX_PLAIN_LENGTH,
541 &ok);
542 if (!ok) return((int)n);
543 s->s3->tmp.reuse_message = 1;
544 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
545 {
546 /* Throw away what we have done so far in the current handshake,
547 * which will now be aborted. (A full SSL_clear would be too much.)
548 * I hope that tmp.dh is the only thing that may need to be cleared
549 * when a handshake is not completed ... */
550#ifndef NO_DH
551 if (s->s3->tmp.dh != NULL)
552 {
553 DH_free(s->s3->tmp.dh);
554 s->s3->tmp.dh = NULL;
555 }
556#endif
557 return 2;
558 }
559 return 1;
560}
561
562static int ssl3_get_client_hello(SSL *s)
563 {
564 int i,j,ok,al,ret= -1;
565 long n;
566 unsigned long id;
567 unsigned char *p,*d,*q;
568 SSL_CIPHER *c;
569 SSL_COMP *comp=NULL;
570 STACK_OF(SSL_CIPHER) *ciphers=NULL;
571
572 /* We do this so that we will respond with our native type.
573 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
574 * This down switching should be handled by a different method.
575 * If we are SSLv3, we will respond with SSLv3, even if prompted with
576 * TLSv1.
577 */
578 if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
579 {
580 s->first_packet=1;
581 s->state=SSL3_ST_SR_CLNT_HELLO_B;
582 }
583 n=ssl3_get_message(s,
584 SSL3_ST_SR_CLNT_HELLO_B,
585 SSL3_ST_SR_CLNT_HELLO_C,
586 SSL3_MT_CLIENT_HELLO,
587 SSL3_RT_MAX_PLAIN_LENGTH,
588 &ok);
589
590 if (!ok) return((int)n);
591 d=p=(unsigned char *)s->init_buf->data;
592
593 /* use version from inside client hello, not from record header
594 * (may differ: see RFC 2246, Appendix E, second paragraph) */
595 s->client_version=(((int)p[0])<<8)|(int)p[1];
596 p+=2;
597
598 /* load the client random */
599 memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
600 p+=SSL3_RANDOM_SIZE;
601
602 /* get the session-id */
603 j= *(p++);
604
605 s->hit=0;
606 if (j == 0)
607 {
608 if (!ssl_get_new_session(s,1))
609 goto err;
610 }
611 else
612 {
613 i=ssl_get_prev_session(s,p,j);
614 if (i == 1)
615 { /* previous session */
616 s->hit=1;
617 }
618 else if (i == -1)
619 goto err;
620 else /* i == 0 */
621 {
622 if (!ssl_get_new_session(s,1))
623 goto err;
624 }
625 }
626
627 p+=j;
628 n2s(p,i);
629 if ((i == 0) && (j != 0))
630 {
631 /* we need a cipher if we are not resuming a session */
632 al=SSL_AD_ILLEGAL_PARAMETER;
633 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
634 goto f_err;
635 }
636 if ((i+p) > (d+n))
637 {
638 /* not enough data */
639 al=SSL_AD_DECODE_ERROR;
640 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
641 goto f_err;
642 }
643 if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
644 == NULL))
645 {
646 goto err;
647 }
648 p+=i;
649
650 /* If it is a hit, check that the cipher is in the list */
651 if ((s->hit) && (i > 0))
652 {
653 j=0;
654 id=s->session->cipher->id;
655
656#ifdef CIPHER_DEBUG
657 printf("client sent %d ciphers\n",sk_num(ciphers));
658#endif
659 for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
660 {
661 c=sk_SSL_CIPHER_value(ciphers,i);
662#ifdef CIPHER_DEBUG
663 printf("client [%2d of %2d]:%s\n",
664 i,sk_num(ciphers),SSL_CIPHER_get_name(c));
665#endif
666 if (c->id == id)
667 {
668 j=1;
669 break;
670 }
671 }
672 if (j == 0)
673 {
674 if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
675 {
676 /* Very bad for multi-threading.... */
677 s->session->cipher=sk_SSL_CIPHER_value(ciphers,
678 0);
679 }
680 else
681 {
682 /* we need to have the cipher in the cipher
683 * list if we are asked to reuse it */
684 al=SSL_AD_ILLEGAL_PARAMETER;
685 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
686 goto f_err;
687 }
688 }
689 }
690
691 /* compression */
692 i= *(p++);
693 q=p;
694 for (j=0; j<i; j++)
695 {
696 if (p[j] == 0) break;
697 }
698
699 p+=i;
700 if (j >= i)
701 {
702 /* no compress */
703 al=SSL_AD_DECODE_ERROR;
704 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
705 goto f_err;
706 }
707
708 /* Worst case, we will use the NULL compression, but if we have other
709 * options, we will now look for them. We have i-1 compression
710 * algorithms from the client, starting at q. */
711 s->s3->tmp.new_compression=NULL;
712 if (s->ctx->comp_methods != NULL)
713 { /* See if we have a match */
714 int m,nn,o,v,done=0;
715
716 nn=sk_SSL_COMP_num(s->ctx->comp_methods);
717 for (m=0; m<nn; m++)
718 {
719 comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
720 v=comp->id;
721 for (o=0; o<i; o++)
722 {
723 if (v == q[o])
724 {
725 done=1;
726 break;
727 }
728 }
729 if (done) break;
730 }
731 if (done)
732 s->s3->tmp.new_compression=comp;
733 else
734 comp=NULL;
735 }
736
737 /* TLS does not mind if there is extra stuff */
738 if (s->version == SSL3_VERSION)
739 {
740 if (p > (d+n))
741 {
742 /* wrong number of bytes,
743 * there could be more to follow */
744 al=SSL_AD_DECODE_ERROR;
745 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
746 goto f_err;
747 }
748 }
749
750 /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must
751 * pick a cipher */
752
753 if (!s->hit)
754 {
755 s->session->compress_meth=(comp == NULL)?0:comp->id;
756 if (s->session->ciphers != NULL)
757 sk_SSL_CIPHER_free(s->session->ciphers);
758 s->session->ciphers=ciphers;
759 if (ciphers == NULL)
760 {
761 al=SSL_AD_ILLEGAL_PARAMETER;
762 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
763 goto f_err;
764 }
765 ciphers=NULL;
766 c=ssl3_choose_cipher(s,s->session->ciphers,
767 ssl_get_ciphers_by_id(s));
768
769 if (c == NULL)
770 {
771 al=SSL_AD_HANDSHAKE_FAILURE;
772 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
773 goto f_err;
774 }
775 s->s3->tmp.new_cipher=c;
776 }
777 else
778 {
779 /* Session-id reuse */
780#ifdef REUSE_CIPHER_BUG
781 STACK_OF(SSL_CIPHER) *sk;
782 SSL_CIPHER *nc=NULL;
783 SSL_CIPHER *ec=NULL;
784
785 if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
786 {
787 sk=s->session->ciphers;
788 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
789 {
790 c=sk_SSL_CIPHER_value(sk,i);
791 if (c->algorithms & SSL_eNULL)
792 nc=c;
793 if (SSL_C_IS_EXPORT(c))
794 ec=c;
795 }
796 if (nc != NULL)
797 s->s3->tmp.new_cipher=nc;
798 else if (ec != NULL)
799 s->s3->tmp.new_cipher=ec;
800 else
801 s->s3->tmp.new_cipher=s->session->cipher;
802 }
803 else
804#endif
805 s->s3->tmp.new_cipher=s->session->cipher;
806 }
807
808 /* we now have the following setup.
809 * client_random
810 * cipher_list - our prefered list of ciphers
811 * ciphers - the clients prefered list of ciphers
812 * compression - basically ignored right now
813 * ssl version is set - sslv3
814 * s->session - The ssl session has been setup.
815 * s->hit - session reuse flag
816 * s->tmp.new_cipher - the new cipher to use.
817 */
818
819 ret=1;
820 if (0)
821 {
822f_err:
823 ssl3_send_alert(s,SSL3_AL_FATAL,al);
824 }
825err:
826 if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
827 return(ret);
828 }
829
830static int ssl3_send_server_hello(SSL *s)
831 {
832 unsigned char *buf;
833 unsigned char *p,*d;
834 int i,sl;
835 unsigned long l,Time;
836
837 if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
838 {
839 buf=(unsigned char *)s->init_buf->data;
840 p=s->s3->server_random;
841 Time=time(NULL); /* Time */
842 l2n(Time,p);
843 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
844 /* Do the message type and length last */
845 d=p= &(buf[4]);
846
847 *(p++)=s->version>>8;
848 *(p++)=s->version&0xff;
849
850 /* Random stuff */
851 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
852 p+=SSL3_RANDOM_SIZE;
853
854 /* now in theory we have 3 options to sending back the
855 * session id. If it is a re-use, we send back the
856 * old session-id, if it is a new session, we send
857 * back the new session-id or we send back a 0 length
858 * session-id if we want it to be single use.
859 * Currently I will not implement the '0' length session-id
860 * 12-Jan-98 - I'll now support the '0' length stuff.
861 */
862 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
863 s->session->session_id_length=0;
864
865 sl=s->session->session_id_length;
866 *(p++)=sl;
867 memcpy(p,s->session->session_id,sl);
868 p+=sl;
869
870 /* put the cipher */
871 i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
872 p+=i;
873
874 /* put the compression method */
875 if (s->s3->tmp.new_compression == NULL)
876 *(p++)=0;
877 else
878 *(p++)=s->s3->tmp.new_compression->id;
879
880 /* do the header */
881 l=(p-d);
882 d=buf;
883 *(d++)=SSL3_MT_SERVER_HELLO;
884 l2n3(l,d);
885
886 s->state=SSL3_ST_CW_CLNT_HELLO_B;
887 /* number of bytes to write */
888 s->init_num=p-buf;
889 s->init_off=0;
890 }
891
892 /* SSL3_ST_CW_CLNT_HELLO_B */
893 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
894 }
895
896static int ssl3_send_server_done(SSL *s)
897 {
898 unsigned char *p;
899
900 if (s->state == SSL3_ST_SW_SRVR_DONE_A)
901 {
902 p=(unsigned char *)s->init_buf->data;
903
904 /* do the header */
905 *(p++)=SSL3_MT_SERVER_DONE;
906 *(p++)=0;
907 *(p++)=0;
908 *(p++)=0;
909
910 s->state=SSL3_ST_SW_SRVR_DONE_B;
911 /* number of bytes to write */
912 s->init_num=4;
913 s->init_off=0;
914 }
915
916 /* SSL3_ST_CW_CLNT_HELLO_B */
917 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
918 }
919
920static int ssl3_send_server_key_exchange(SSL *s)
921 {
922#ifndef NO_RSA
923 unsigned char *q;
924 int j,num;
925 RSA *rsa;
926 unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
927 unsigned int u;
928#endif
929#ifndef NO_DH
930 DH *dh=NULL,*dhp;
931#endif
932 EVP_PKEY *pkey;
933 unsigned char *p,*d;
934 int al,i;
935 unsigned long type;
936 int n;
937 CERT *cert;
938 BIGNUM *r[4];
939 int nr[4],kn;
940 BUF_MEM *buf;
941 EVP_MD_CTX md_ctx;
942
943 if (s->state == SSL3_ST_SW_KEY_EXCH_A)
944 {
945 type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
946 cert=s->cert;
947
948 buf=s->init_buf;
949
950 r[0]=r[1]=r[2]=r[3]=NULL;
951 n=0;
952#ifndef NO_RSA
953 if (type & SSL_kRSA)
954 {
955 rsa=cert->rsa_tmp;
956 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
957 {
958 rsa=s->cert->rsa_tmp_cb(s,
959 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
960 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
961 if(rsa == NULL)
962 {
963 al=SSL_AD_HANDSHAKE_FAILURE;
964 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
965 goto f_err;
966 }
967 CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
968 cert->rsa_tmp=rsa;
969 }
970 if (rsa == NULL)
971 {
972 al=SSL_AD_HANDSHAKE_FAILURE;
973 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
974 goto f_err;
975 }
976 r[0]=rsa->n;
977 r[1]=rsa->e;
978 s->s3->tmp.use_rsa_tmp=1;
979 }
980 else
981#endif
982#ifndef NO_DH
983 if (type & SSL_kEDH)
984 {
985 dhp=cert->dh_tmp;
986 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
987 dhp=s->cert->dh_tmp_cb(s,
988 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
989 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
990 if (dhp == NULL)
991 {
992 al=SSL_AD_HANDSHAKE_FAILURE;
993 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
994 goto f_err;
995 }
996
997 if (s->s3->tmp.dh != NULL)
998 {
999 DH_free(dh);
1000 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, SSL_R_INTERNAL_ERROR);
1001 goto err;
1002 }
1003
1004 if ((dh=DHparams_dup(dhp)) == NULL)
1005 {
1006 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
1007 goto err;
1008 }
1009
1010 s->s3->tmp.dh=dh;
1011 if ((dhp->pub_key == NULL ||
1012 dhp->priv_key == NULL ||
1013 (s->options & SSL_OP_SINGLE_DH_USE)))
1014 {
1015 if(!DH_generate_key(dh))
1016 {
1017 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1018 ERR_R_DH_LIB);
1019 goto err;
1020 }
1021 }
1022 else
1023 {
1024 dh->pub_key=BN_dup(dhp->pub_key);
1025 dh->priv_key=BN_dup(dhp->priv_key);
1026 if ((dh->pub_key == NULL) ||
1027 (dh->priv_key == NULL))
1028 {
1029 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
1030 goto err;
1031 }
1032 }
1033 r[0]=dh->p;
1034 r[1]=dh->g;
1035 r[2]=dh->pub_key;
1036 }
1037 else
1038#endif
1039 {
1040 al=SSL_AD_HANDSHAKE_FAILURE;
1041 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1042 goto f_err;
1043 }
1044 for (i=0; r[i] != NULL; i++)
1045 {
1046 nr[i]=BN_num_bytes(r[i]);
1047 n+=2+nr[i];
1048 }
1049
1050 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
1051 {
1052 if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
1053 == NULL)
1054 {
1055 al=SSL_AD_DECODE_ERROR;
1056 goto f_err;
1057 }
1058 kn=EVP_PKEY_size(pkey);
1059 }
1060 else
1061 {
1062 pkey=NULL;
1063 kn=0;
1064 }
1065
1066 if (!BUF_MEM_grow(buf,n+4+kn))
1067 {
1068 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
1069 goto err;
1070 }
1071 d=(unsigned char *)s->init_buf->data;
1072 p= &(d[4]);
1073
1074 for (i=0; r[i] != NULL; i++)
1075 {
1076 s2n(nr[i],p);
1077 BN_bn2bin(r[i],p);
1078 p+=nr[i];
1079 }
1080
1081 /* not anonymous */
1082 if (pkey != NULL)
1083 {
1084 /* n is the length of the params, they start at &(d[4])
1085 * and p points to the space at the end. */
1086#ifndef NO_RSA
1087 if (pkey->type == EVP_PKEY_RSA)
1088 {
1089 q=md_buf;
1090 j=0;
1091 for (num=2; num > 0; num--)
1092 {
1093 EVP_DigestInit(&md_ctx,(num == 2)
1094 ?s->ctx->md5:s->ctx->sha1);
1095 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1096 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1097 EVP_DigestUpdate(&md_ctx,&(d[4]),n);
1098 EVP_DigestFinal(&md_ctx,q,
1099 (unsigned int *)&i);
1100 q+=i;
1101 j+=i;
1102 }
1103 if (RSA_sign(NID_md5_sha1, md_buf, j,
1104 &(p[2]), &u, pkey->pkey.rsa) <= 0)
1105 {
1106 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
1107 goto err;
1108 }
1109 s2n(u,p);
1110 n+=u+2;
1111 }
1112 else
1113#endif
1114#if !defined(NO_DSA)
1115 if (pkey->type == EVP_PKEY_DSA)
1116 {
1117 /* lets do DSS */
1118 EVP_SignInit(&md_ctx,EVP_dss1());
1119 EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1120 EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1121 EVP_SignUpdate(&md_ctx,&(d[4]),n);
1122 if (!EVP_SignFinal(&md_ctx,&(p[2]),
1123 (unsigned int *)&i,pkey))
1124 {
1125 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
1126 goto err;
1127 }
1128 s2n(i,p);
1129 n+=i+2;
1130 }
1131 else
1132#endif
1133 {
1134 /* Is this error check actually needed? */
1135 al=SSL_AD_HANDSHAKE_FAILURE;
1136 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
1137 goto f_err;
1138 }
1139 }
1140
1141 *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
1142 l2n3(n,d);
1143
1144 /* we should now have things packed up, so lets send
1145 * it off */
1146 s->init_num=n+4;
1147 s->init_off=0;
1148 }
1149
1150 s->state = SSL3_ST_SW_KEY_EXCH_B;
1151 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1152f_err:
1153 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1154err:
1155 return(-1);
1156 }
1157
1158static int ssl3_send_certificate_request(SSL *s)
1159 {
1160 unsigned char *p,*d;
1161 int i,j,nl,off,n;
1162 STACK_OF(X509_NAME) *sk=NULL;
1163 X509_NAME *name;
1164 BUF_MEM *buf;
1165
1166 if (s->state == SSL3_ST_SW_CERT_REQ_A)
1167 {
1168 buf=s->init_buf;
1169
1170 d=p=(unsigned char *)&(buf->data[4]);
1171
1172 /* get the list of acceptable cert types */
1173 p++;
1174 n=ssl3_get_req_cert_type(s,p);
1175 d[0]=n;
1176 p+=n;
1177 n++;
1178
1179 off=n;
1180 p+=2;
1181 n+=2;
1182
1183 sk=SSL_get_client_CA_list(s);
1184 nl=0;
1185 if (sk != NULL)
1186 {
1187 for (i=0; i<sk_X509_NAME_num(sk); i++)
1188 {
1189 name=sk_X509_NAME_value(sk,i);
1190 j=i2d_X509_NAME(name,NULL);
1191 if (!BUF_MEM_grow(buf,4+n+j+2))
1192 {
1193 SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
1194 goto err;
1195 }
1196 p=(unsigned char *)&(buf->data[4+n]);
1197 if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1198 {
1199 s2n(j,p);
1200 i2d_X509_NAME(name,&p);
1201 n+=2+j;
1202 nl+=2+j;
1203 }
1204 else
1205 {
1206 d=p;
1207 i2d_X509_NAME(name,&p);
1208 j-=2; s2n(j,d); j+=2;
1209 n+=j;
1210 nl+=j;
1211 }
1212 }
1213 }
1214 /* else no CA names */
1215 p=(unsigned char *)&(buf->data[4+off]);
1216 s2n(nl,p);
1217
1218 d=(unsigned char *)buf->data;
1219 *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
1220 l2n3(n,d);
1221
1222 /* we should now have things packed up, so lets send
1223 * it off */
1224
1225 s->init_num=n+4;
1226 s->init_off=0;
1227#ifdef NETSCAPE_HANG_BUG
1228 p=(unsigned char *)s->init_buf->data + s->init_num;
1229
1230 /* do the header */
1231 *(p++)=SSL3_MT_SERVER_DONE;
1232 *(p++)=0;
1233 *(p++)=0;
1234 *(p++)=0;
1235 s->init_num += 4;
1236#endif
1237
1238 }
1239
1240 /* SSL3_ST_SW_CERT_REQ_B */
1241 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1242err:
1243 return(-1);
1244 }
1245
1246static int ssl3_get_client_key_exchange(SSL *s)
1247 {
1248 int i,al,ok;
1249 long n;
1250 unsigned long l;
1251 unsigned char *p;
1252#ifndef NO_RSA
1253 RSA *rsa=NULL;
1254 EVP_PKEY *pkey=NULL;
1255#endif
1256#ifndef NO_DH
1257 BIGNUM *pub=NULL;
1258 DH *dh_srvr;
1259#endif
1260
1261 n=ssl3_get_message(s,
1262 SSL3_ST_SR_KEY_EXCH_A,
1263 SSL3_ST_SR_KEY_EXCH_B,
1264 SSL3_MT_CLIENT_KEY_EXCHANGE,
1265 400, /* ???? */
1266 &ok);
1267
1268 if (!ok) return((int)n);
1269 p=(unsigned char *)s->init_buf->data;
1270
1271 l=s->s3->tmp.new_cipher->algorithms;
1272
1273#ifndef NO_RSA
1274 if (l & SSL_kRSA)
1275 {
1276 /* FIX THIS UP EAY EAY EAY EAY */
1277 if (s->s3->tmp.use_rsa_tmp)
1278 {
1279 if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
1280 rsa=s->cert->rsa_tmp;
1281 /* Don't do a callback because rsa_tmp should
1282 * be sent already */
1283 if (rsa == NULL)
1284 {
1285 al=SSL_AD_HANDSHAKE_FAILURE;
1286 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
1287 goto f_err;
1288
1289 }
1290 }
1291 else
1292 {
1293 pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1294 if ( (pkey == NULL) ||
1295 (pkey->type != EVP_PKEY_RSA) ||
1296 (pkey->pkey.rsa == NULL))
1297 {
1298 al=SSL_AD_HANDSHAKE_FAILURE;
1299 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
1300 goto f_err;
1301 }
1302 rsa=pkey->pkey.rsa;
1303 }
1304
1305 /* TLS */
1306 if (s->version > SSL3_VERSION)
1307 {
1308 n2s(p,i);
1309 if (n != i+2)
1310 {
1311 if (!(s->options & SSL_OP_TLS_D5_BUG))
1312 {
1313 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1314 goto err;
1315 }
1316 else
1317 p-=2;
1318 }
1319 else
1320 n=i;
1321 }
1322
1323 i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
1324
1325 al = -1;
1326
1327 if (i != SSL_MAX_MASTER_KEY_LENGTH)
1328 {
1329 al=SSL_AD_DECODE_ERROR;
1330 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
1331 }
1332
1333 if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
1334 {
1335 /* The premaster secret must contain the same version number as the
1336 * ClientHello to detect version rollback attacks (strangely, the
1337 * protocol does not offer such protection for DH ciphersuites).
1338 * However, buggy clients exist that send the negotiated protocol
1339 * version instead if the server does not support the requested
1340 * protocol version.
1341 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
1342 if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
1343 (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
1344 {
1345 al=SSL_AD_DECODE_ERROR;
1346 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);
1347 goto f_err;
1348 }
1349 }
1350
1351 if (al != -1)
1352 {
1353#if 0
1354 goto f_err;
1355#else
1356 /* Some decryption failure -- use random value instead as countermeasure
1357 * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
1358 * (see RFC 2246, section 7.4.7.1).
1359 * But note that due to length and protocol version checking, the
1360 * attack is impractical anyway (see section 5 in D. Bleichenbacher:
1361 * "Chosen Ciphertext Attacks Against Protocols Based on the RSA
1362 * Encryption Standard PKCS #1", CRYPTO '98, LNCS 1462, pp. 1-12).
1363 */
1364 ERR_clear_error();
1365 i = SSL_MAX_MASTER_KEY_LENGTH;
1366 p[0] = s->client_version >> 8;
1367 p[1] = s->client_version & 0xff;
1368 RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
1369#endif
1370 }
1371
1372 s->session->master_key_length=
1373 s->method->ssl3_enc->generate_master_secret(s,
1374 s->session->master_key,
1375 p,i);
1376 memset(p,0,i);
1377 }
1378 else
1379#endif
1380#ifndef NO_DH
1381 if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1382 {
1383 n2s(p,i);
1384 if (n != i+2)
1385 {
1386 if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
1387 {
1388 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
1389 goto err;
1390 }
1391 else
1392 {
1393 p-=2;
1394 i=(int)n;
1395 }
1396 }
1397
1398 if (n == 0L) /* the parameters are in the cert */
1399 {
1400 al=SSL_AD_HANDSHAKE_FAILURE;
1401 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
1402 goto f_err;
1403 }
1404 else
1405 {
1406 if (s->s3->tmp.dh == NULL)
1407 {
1408 al=SSL_AD_HANDSHAKE_FAILURE;
1409 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
1410 goto f_err;
1411 }
1412 else
1413 dh_srvr=s->s3->tmp.dh;
1414 }
1415
1416 pub=BN_bin2bn(p,i,NULL);
1417 if (pub == NULL)
1418 {
1419 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
1420 goto err;
1421 }
1422
1423 i=DH_compute_key(p,pub,dh_srvr);
1424
1425 if (i <= 0)
1426 {
1427 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1428 goto err;
1429 }
1430
1431 DH_free(s->s3->tmp.dh);
1432 s->s3->tmp.dh=NULL;
1433
1434 BN_clear_free(pub);
1435 pub=NULL;
1436 s->session->master_key_length=
1437 s->method->ssl3_enc->generate_master_secret(s,
1438 s->session->master_key,p,i);
1439 memset(p,0,i);
1440 }
1441 else
1442#endif
1443 {
1444 al=SSL_AD_HANDSHAKE_FAILURE;
1445 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);
1446 goto f_err;
1447 }
1448
1449 return(1);
1450f_err:
1451 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1452#if !defined(NO_DH) || !defined(NO_RSA)
1453err:
1454#endif
1455 return(-1);
1456 }
1457
1458static int ssl3_get_cert_verify(SSL *s)
1459 {
1460 EVP_PKEY *pkey=NULL;
1461 unsigned char *p;
1462 int al,ok,ret=0;
1463 long n;
1464 int type=0,i,j;
1465 X509 *peer;
1466
1467 n=ssl3_get_message(s,
1468 SSL3_ST_SR_CERT_VRFY_A,
1469 SSL3_ST_SR_CERT_VRFY_B,
1470 -1,
1471 512, /* 512? */
1472 &ok);
1473
1474 if (!ok) return((int)n);
1475
1476 if (s->session->peer != NULL)
1477 {
1478 peer=s->session->peer;
1479 pkey=X509_get_pubkey(peer);
1480 type=X509_certificate_type(peer,pkey);
1481 }
1482 else
1483 {
1484 peer=NULL;
1485 pkey=NULL;
1486 }
1487
1488 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
1489 {
1490 s->s3->tmp.reuse_message=1;
1491 if ((peer != NULL) && (type | EVP_PKT_SIGN))
1492 {
1493 al=SSL_AD_UNEXPECTED_MESSAGE;
1494 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
1495 goto f_err;
1496 }
1497 ret=1;
1498 goto end;
1499 }
1500
1501 if (peer == NULL)
1502 {
1503 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
1504 al=SSL_AD_UNEXPECTED_MESSAGE;
1505 goto f_err;
1506 }
1507
1508 if (!(type & EVP_PKT_SIGN))
1509 {
1510 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
1511 al=SSL_AD_ILLEGAL_PARAMETER;
1512 goto f_err;
1513 }
1514
1515 if (s->s3->change_cipher_spec)
1516 {
1517 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
1518 al=SSL_AD_UNEXPECTED_MESSAGE;
1519 goto f_err;
1520 }
1521
1522 /* we now have a signature that we need to verify */
1523 p=(unsigned char *)s->init_buf->data;
1524 n2s(p,i);
1525 n-=2;
1526 if (i > n)
1527 {
1528 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
1529 al=SSL_AD_DECODE_ERROR;
1530 goto f_err;
1531 }
1532
1533 j=EVP_PKEY_size(pkey);
1534 if ((i > j) || (n > j) || (n <= 0))
1535 {
1536 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
1537 al=SSL_AD_DECODE_ERROR;
1538 goto f_err;
1539 }
1540
1541#ifndef NO_RSA
1542 if (pkey->type == EVP_PKEY_RSA)
1543 {
1544 i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
1545 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
1546 pkey->pkey.rsa);
1547 if (i < 0)
1548 {
1549 al=SSL_AD_DECRYPT_ERROR;
1550 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
1551 goto f_err;
1552 }
1553 if (i == 0)
1554 {
1555 al=SSL_AD_DECRYPT_ERROR;
1556 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
1557 goto f_err;
1558 }
1559 }
1560 else
1561#endif
1562#ifndef NO_DSA
1563 if (pkey->type == EVP_PKEY_DSA)
1564 {
1565 j=DSA_verify(pkey->save_type,
1566 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
1567 SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
1568 if (j <= 0)
1569 {
1570 /* bad signature */
1571 al=SSL_AD_DECRYPT_ERROR;
1572 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
1573 goto f_err;
1574 }
1575 }
1576 else
1577#endif
1578 {
1579 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR);
1580 al=SSL_AD_UNSUPPORTED_CERTIFICATE;
1581 goto f_err;
1582 }
1583
1584
1585 ret=1;
1586 if (0)
1587 {
1588f_err:
1589 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1590 }
1591end:
1592 EVP_PKEY_free(pkey);
1593 return(ret);
1594 }
1595
1596static int ssl3_get_client_certificate(SSL *s)
1597 {
1598 int i,ok,al,ret= -1;
1599 X509 *x=NULL;
1600 unsigned long l,nc,llen,n;
1601 unsigned char *p,*d,*q;
1602 STACK_OF(X509) *sk=NULL;
1603
1604 n=ssl3_get_message(s,
1605 SSL3_ST_SR_CERT_A,
1606 SSL3_ST_SR_CERT_B,
1607 -1,
1608#if defined(MSDOS) && !defined(WIN32)
1609 1024*30, /* 30k max cert list :-) */
1610#else
1611 1024*100, /* 100k max cert list :-) */
1612#endif
1613 &ok);
1614
1615 if (!ok) return((int)n);
1616
1617 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
1618 {
1619 if ( (s->verify_mode & SSL_VERIFY_PEER) &&
1620 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
1621 {
1622 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1623 al=SSL_AD_HANDSHAKE_FAILURE;
1624 goto f_err;
1625 }
1626 /* If tls asked for a client cert, the client must return a 0 list */
1627 if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
1628 {
1629 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
1630 al=SSL_AD_UNEXPECTED_MESSAGE;
1631 goto f_err;
1632 }
1633 s->s3->tmp.reuse_message=1;
1634 return(1);
1635 }
1636
1637 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
1638 {
1639 al=SSL_AD_UNEXPECTED_MESSAGE;
1640 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
1641 goto f_err;
1642 }
1643 d=p=(unsigned char *)s->init_buf->data;
1644
1645 if ((sk=sk_X509_new_null()) == NULL)
1646 {
1647 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1648 goto err;
1649 }
1650
1651 n2l3(p,llen);
1652 if (llen+3 != n)
1653 {
1654 al=SSL_AD_DECODE_ERROR;
1655 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
1656 goto f_err;
1657 }
1658 for (nc=0; nc<llen; )
1659 {
1660 n2l3(p,l);
1661 if ((l+nc+3) > llen)
1662 {
1663 al=SSL_AD_DECODE_ERROR;
1664 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1665 goto f_err;
1666 }
1667
1668 q=p;
1669 x=d2i_X509(NULL,&p,l);
1670 if (x == NULL)
1671 {
1672 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
1673 goto err;
1674 }
1675 if (p != (q+l))
1676 {
1677 al=SSL_AD_DECODE_ERROR;
1678 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1679 goto f_err;
1680 }
1681 if (!sk_X509_push(sk,x))
1682 {
1683 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1684 goto err;
1685 }
1686 x=NULL;
1687 nc+=l+3;
1688 }
1689
1690 if (sk_X509_num(sk) <= 0)
1691 {
1692 /* TLS does not mind 0 certs returned */
1693 if (s->version == SSL3_VERSION)
1694 {
1695 al=SSL_AD_HANDSHAKE_FAILURE;
1696 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
1697 goto f_err;
1698 }
1699 /* Fail for TLS only if we required a certificate */
1700 else if ((s->verify_mode & SSL_VERIFY_PEER) &&
1701 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
1702 {
1703 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1704 al=SSL_AD_HANDSHAKE_FAILURE;
1705 goto f_err;
1706 }
1707 }
1708 else
1709 {
1710 i=ssl_verify_cert_chain(s,sk);
1711 if (!i)
1712 {
1713 al=ssl_verify_alarm_type(s->verify_result);
1714 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
1715 goto f_err;
1716 }
1717 }
1718
1719 if (s->session->peer != NULL) /* This should not be needed */
1720 X509_free(s->session->peer);
1721 s->session->peer=sk_X509_shift(sk);
1722 s->session->verify_result = s->verify_result;
1723
1724 /* With the current implementation, sess_cert will always be NULL
1725 * when we arrive here. */
1726 if (s->session->sess_cert == NULL)
1727 {
1728 s->session->sess_cert = ssl_sess_cert_new();
1729 if (s->session->sess_cert == NULL)
1730 {
1731 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1732 goto err;
1733 }
1734 }
1735 if (s->session->sess_cert->cert_chain != NULL)
1736 sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
1737 s->session->sess_cert->cert_chain=sk;
1738 /* Inconsistency alert: cert_chain does *not* include the
1739 * peer's own certificate, while we do include it in s3_clnt.c */
1740
1741 sk=NULL;
1742
1743 ret=1;
1744 if (0)
1745 {
1746f_err:
1747 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1748 }
1749err:
1750 if (x != NULL) X509_free(x);
1751 if (sk != NULL) sk_X509_pop_free(sk,X509_free);
1752 return(ret);
1753 }
1754
1755int ssl3_send_server_certificate(SSL *s)
1756 {
1757 unsigned long l;
1758 X509 *x;
1759
1760 if (s->state == SSL3_ST_SW_CERT_A)
1761 {
1762 x=ssl_get_server_send_cert(s);
1763 if (x == NULL)
1764 {
1765 SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR);
1766 return(0);
1767 }
1768
1769 l=ssl3_output_cert_chain(s,x);
1770 s->state=SSL3_ST_SW_CERT_B;
1771 s->init_num=(int)l;
1772 s->init_off=0;
1773 }
1774
1775 /* SSL3_ST_SW_CERT_B */
1776 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1777 }
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
deleted file mode 100644
index 900b4048a9..0000000000
--- a/src/lib/libssl/shlib_version
+++ /dev/null
@@ -1,2 +0,0 @@
1major=5
2minor=1
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
deleted file mode 100644
index 9de9e611ab..0000000000
--- a/src/lib/libssl/ssl.h
+++ /dev/null
@@ -1,1566 +0,0 @@
1/* ssl/ssl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL_H
60#define HEADER_SSL_H
61
62#ifndef NO_COMP
63#include <openssl/comp.h>
64#endif
65#ifndef NO_BIO
66#include <openssl/bio.h>
67#endif
68#ifndef NO_X509
69#include <openssl/x509.h>
70#endif
71#include <openssl/safestack.h>
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
77/* SSLeay version number for ASN.1 encoding of the session information */
78/* Version 0 - initial version
79 * Version 1 - added the optional peer certificate
80 */
81#define SSL_SESSION_ASN1_VERSION 0x0001
82
83/* text strings for the ciphers */
84#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
85#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
86#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
87#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
88#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
89#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
90#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
91#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
92#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
93#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
94
95#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
96#define SSL_MAX_SID_CTX_LENGTH 32
97
98#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
99#define SSL_MAX_KEY_ARG_LENGTH 8
100#define SSL_MAX_MASTER_KEY_LENGTH 48
101
102/* These are used to specify which ciphers to use and not to use */
103#define SSL_TXT_LOW "LOW"
104#define SSL_TXT_MEDIUM "MEDIUM"
105#define SSL_TXT_HIGH "HIGH"
106#define SSL_TXT_kFZA "kFZA"
107#define SSL_TXT_aFZA "aFZA"
108#define SSL_TXT_eFZA "eFZA"
109#define SSL_TXT_FZA "FZA"
110
111#define SSL_TXT_aNULL "aNULL"
112#define SSL_TXT_eNULL "eNULL"
113#define SSL_TXT_NULL "NULL"
114
115#define SSL_TXT_kRSA "kRSA"
116#define SSL_TXT_kDHr "kDHr"
117#define SSL_TXT_kDHd "kDHd"
118#define SSL_TXT_kEDH "kEDH"
119#define SSL_TXT_aRSA "aRSA"
120#define SSL_TXT_aDSS "aDSS"
121#define SSL_TXT_aDH "aDH"
122#define SSL_TXT_DSS "DSS"
123#define SSL_TXT_DH "DH"
124#define SSL_TXT_EDH "EDH"
125#define SSL_TXT_ADH "ADH"
126#define SSL_TXT_RSA "RSA"
127#define SSL_TXT_DES "DES"
128#define SSL_TXT_3DES "3DES"
129#define SSL_TXT_RC4 "RC4"
130#define SSL_TXT_RC2 "RC2"
131#define SSL_TXT_IDEA "IDEA"
132#define SSL_TXT_MD5 "MD5"
133#define SSL_TXT_SHA1 "SHA1"
134#define SSL_TXT_SHA "SHA"
135#define SSL_TXT_EXP "EXP"
136#define SSL_TXT_EXPORT "EXPORT"
137#define SSL_TXT_EXP40 "EXPORT40"
138#define SSL_TXT_EXP56 "EXPORT56"
139#define SSL_TXT_SSLV2 "SSLv2"
140#define SSL_TXT_SSLV3 "SSLv3"
141#define SSL_TXT_TLSV1 "TLSv1"
142#define SSL_TXT_ALL "ALL"
143
144/* 'DEFAULT' at the start of the cipher list insert the following string
145 * in addition to this being the default cipher string */
146#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
147
148/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
149#define SSL_SENT_SHUTDOWN 1
150#define SSL_RECEIVED_SHUTDOWN 2
151
152#ifdef __cplusplus
153}
154#endif
155
156#include <openssl/crypto.h>
157#include <openssl/lhash.h>
158#include <openssl/buffer.h>
159#include <openssl/bio.h>
160#include <openssl/pem.h>
161#include <openssl/x509.h>
162
163#ifdef __cplusplus
164extern "C" {
165#endif
166
167#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
168#define NO_SSL2
169#endif
170
171#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
172#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
173
174/* This is needed to stop compilers complaining about the
175 * 'struct ssl_st *' function parameters used to prototype callbacks
176 * in SSL_CTX. */
177typedef struct ssl_st *ssl_crock_st;
178
179/* used to hold info on the particular ciphers used */
180typedef struct ssl_cipher_st
181 {
182 int valid;
183 const char *name; /* text name */
184 unsigned long id; /* id, 4 bytes, first is version */
185 unsigned long algorithms; /* what ciphers are used */
186 unsigned long algo_strength; /* strength and export flags */
187 unsigned long algorithm2; /* Extra flags */
188 int strength_bits; /* Number of bits really used */
189 int alg_bits; /* Number of bits for algorithm */
190 unsigned long mask; /* used for matching */
191 unsigned long mask_strength; /* also used for matching */
192 } SSL_CIPHER;
193
194DECLARE_STACK_OF(SSL_CIPHER)
195
196typedef struct ssl_st SSL;
197typedef struct ssl_ctx_st SSL_CTX;
198
199/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
200typedef struct ssl_method_st
201 {
202 int version;
203 int (*ssl_new)(SSL *s);
204 void (*ssl_clear)(SSL *s);
205 void (*ssl_free)(SSL *s);
206 int (*ssl_accept)(SSL *s);
207 int (*ssl_connect)(SSL *s);
208 int (*ssl_read)(SSL *s,void *buf,int len);
209 int (*ssl_peek)(SSL *s,void *buf,int len);
210 int (*ssl_write)(SSL *s,const void *buf,int len);
211 int (*ssl_shutdown)(SSL *s);
212 int (*ssl_renegotiate)(SSL *s);
213 int (*ssl_renegotiate_check)(SSL *s);
214 long (*ssl_ctrl)(SSL *s,int cmd,long larg,char *parg);
215 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,char *parg);
216 SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
217 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
218 int (*ssl_pending)(SSL *s);
219 int (*num_ciphers)(void);
220 SSL_CIPHER *(*get_cipher)(unsigned ncipher);
221 struct ssl_method_st *(*get_ssl_method)(int version);
222 long (*get_timeout)(void);
223 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
224 int (*ssl_version)();
225 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
226 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
227 } SSL_METHOD;
228
229/* Lets make this into an ASN.1 type structure as follows
230 * SSL_SESSION_ID ::= SEQUENCE {
231 * version INTEGER, -- structure version number
232 * SSLversion INTEGER, -- SSL version number
233 * Cipher OCTET_STRING, -- the 3 byte cipher ID
234 * Session_ID OCTET_STRING, -- the Session ID
235 * Master_key OCTET_STRING, -- the master key
236 * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
237 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
238 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
239 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
240 * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
241 * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
242 * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
243 * }
244 * Look in ssl/ssl_asn1.c for more details
245 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
246 */
247typedef struct ssl_session_st
248 {
249 int ssl_version; /* what ssl version session info is
250 * being kept in here? */
251
252 /* only really used in SSLv2 */
253 unsigned int key_arg_length;
254 unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
255 int master_key_length;
256 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
257 /* session_id - valid? */
258 unsigned int session_id_length;
259 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
260 /* this is used to determine whether the session is being reused in
261 * the appropriate context. It is up to the application to set this,
262 * via SSL_new */
263 unsigned int sid_ctx_length;
264 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
265
266 int not_resumable;
267
268 /* The cert is the certificate used to establish this connection */
269 struct sess_cert_st /* SESS_CERT */ *sess_cert;
270
271 /* This is the cert for the other end.
272 * On clients, it will be the same as sess_cert->peer_key->x509
273 * (the latter is not enough as sess_cert is not retained
274 * in the external representation of sessions, see ssl_asn1.c). */
275 X509 *peer;
276 /* when app_verify_callback accepts a session where the peer's certificate
277 * is not ok, we must remember the error for session reuse: */
278 long verify_result; /* only for servers */
279
280 int references;
281 long timeout;
282 long time;
283
284 int compress_meth; /* Need to lookup the method */
285
286 SSL_CIPHER *cipher;
287 unsigned long cipher_id; /* when ASN.1 loaded, this
288 * needs to be used to load
289 * the 'cipher' structure */
290
291 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
292
293 CRYPTO_EX_DATA ex_data; /* application specific data */
294
295 /* These are used to make removal of session-ids more
296 * efficient and to implement a maximum cache size. */
297 struct ssl_session_st *prev,*next;
298 } SSL_SESSION;
299
300#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
301#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
302#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
303#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
304#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
305#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
306#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
307#define SSL_OP_TLS_D5_BUG 0x00000100L
308#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
309#define SSL_OP_TLS_ROLLBACK_BUG 0x00000400L
310
311/* If set, always create a new key when using tmp_dh parameters */
312#define SSL_OP_SINGLE_DH_USE 0x00100000L
313/* Set to also use the tmp_rsa key when doing RSA operations. */
314#define SSL_OP_EPHEMERAL_RSA 0x00200000L
315
316/* The next flag deliberately changes the ciphertest, this is a check
317 * for the PKCS#1 attack */
318#define SSL_OP_PKCS1_CHECK_1 0x08000000L
319#define SSL_OP_PKCS1_CHECK_2 0x10000000L
320#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
321/* SSL_OP_NON_EXPORT_FIRST looks utterly broken .. */
322#define SSL_OP_NON_EXPORT_FIRST 0x40000000L
323#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L
324#define SSL_OP_ALL 0x000FFFFFL
325
326#define SSL_OP_NO_SSLv2 0x01000000L
327#define SSL_OP_NO_SSLv3 0x02000000L
328#define SSL_OP_NO_TLSv1 0x04000000L
329
330/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
331 * when just a single record has been written): */
332#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
333/* Make it possible to retry SSL_write() with changed buffer location
334 * (buffer contents must stay the same!); this is not the default to avoid
335 * the misconception that non-blocking SSL_write() behaves like
336 * non-blocking write(): */
337#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
338/* Never bother the application with retries if the transport
339 * is blocking: */
340#define SSL_MODE_AUTO_RETRY 0x00000004L
341
342/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
343 * they cannot be used to clear bits. */
344
345#define SSL_CTX_set_options(ctx,op) \
346 SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,NULL)
347#define SSL_CTX_get_options(ctx) \
348 SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,NULL)
349#define SSL_set_options(ssl,op) \
350 SSL_ctrl(ssl,SSL_CTRL_OPTIONS,op,NULL)
351#define SSL_get_options(ssl) \
352 SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,NULL)
353
354#define SSL_CTX_set_mode(ctx,op) \
355 SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,NULL)
356#define SSL_CTX_get_mode(ctx) \
357 SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,NULL)
358#define SSL_set_mode(ssl,op) \
359 SSL_ctrl(ssl,SSL_CTRL_MODE,op,NULL)
360#define SSL_get_mode(ssl) \
361 SSL_ctrl(ssl,SSL_CTRL_MODE,0,NULL)
362
363#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
364
365typedef struct ssl_comp_st
366 {
367 int id;
368 char *name;
369#ifndef NO_COMP
370 COMP_METHOD *method;
371#else
372 char *method;
373#endif
374 } SSL_COMP;
375
376DECLARE_STACK_OF(SSL_COMP)
377
378struct ssl_ctx_st
379 {
380 SSL_METHOD *method;
381 unsigned long options;
382 unsigned long mode;
383
384 STACK_OF(SSL_CIPHER) *cipher_list;
385 /* same as above but sorted for lookup */
386 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
387
388 struct x509_store_st /* X509_STORE */ *cert_store;
389 struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
390 /* Most session-ids that will be cached, default is
391 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
392 unsigned long session_cache_size;
393 struct ssl_session_st *session_cache_head;
394 struct ssl_session_st *session_cache_tail;
395
396 /* This can have one of 2 values, ored together,
397 * SSL_SESS_CACHE_CLIENT,
398 * SSL_SESS_CACHE_SERVER,
399 * Default is SSL_SESSION_CACHE_SERVER, which means only
400 * SSL_accept which cache SSL_SESSIONS. */
401 int session_cache_mode;
402
403 /* If timeout is not 0, it is the default timeout value set
404 * when SSL_new() is called. This has been put in to make
405 * life easier to set things up */
406 long session_timeout;
407
408 /* If this callback is not null, it will be called each
409 * time a session id is added to the cache. If this function
410 * returns 1, it means that the callback will do a
411 * SSL_SESSION_free() when it has finished using it. Otherwise,
412 * on 0, it means the callback has finished with it.
413 * If remove_session_cb is not null, it will be called when
414 * a session-id is removed from the cache. After the call,
415 * OpenSSL will SSL_SESSION_free() it. */
416 int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
417 void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
418 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
419 unsigned char *data,int len,int *copy);
420 struct
421 {
422 int sess_connect; /* SSL new conn - started */
423 int sess_connect_renegotiate;/* SSL reneg - requested */
424 int sess_connect_good; /* SSL new conne/reneg - finished */
425 int sess_accept; /* SSL new accept - started */
426 int sess_accept_renegotiate;/* SSL reneg - requested */
427 int sess_accept_good; /* SSL accept/reneg - finished */
428 int sess_miss; /* session lookup misses */
429 int sess_timeout; /* reuse attempt on timeouted session */
430 int sess_cache_full; /* session removed due to full cache */
431 int sess_hit; /* session reuse actually done */
432 int sess_cb_hit; /* session-id that was not
433 * in the cache was
434 * passed back via the callback. This
435 * indicates that the application is
436 * supplying session-id's from other
437 * processes - spooky :-) */
438 } stats;
439
440 int references;
441
442/**/ void (*info_callback)();
443
444 /* if defined, these override the X509_verify_cert() calls */
445/**/ int (*app_verify_callback)();
446/**/ char *app_verify_arg; /* never used; should be void * */
447
448 /* default values to use in SSL structures */
449/**/ struct cert_st /* CERT */ *cert;
450/**/ int read_ahead;
451/**/ int verify_mode;
452/**/ int verify_depth;
453/**/ unsigned int sid_ctx_length;
454/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
455/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
456
457 int purpose; /* Purpose setting */
458 int trust; /* Trust setting */
459
460 /* Default password callback. */
461/**/ pem_password_cb *default_passwd_callback;
462
463 /* Default password callback user data. */
464/**/ void *default_passwd_callback_userdata;
465
466 /* get client cert callback */
467/**/ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);
468
469 /* what we put in client cert requests */
470 STACK_OF(X509_NAME) *client_CA;
471
472/**/ int quiet_shutdown;
473
474 CRYPTO_EX_DATA ex_data;
475
476 const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
477 const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
478 const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
479
480 STACK_OF(X509) *extra_certs;
481 STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
482 };
483
484#define SSL_SESS_CACHE_OFF 0x0000
485#define SSL_SESS_CACHE_CLIENT 0x0001
486#define SSL_SESS_CACHE_SERVER 0x0002
487#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
488#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
489/* This one, when set, makes the server session-id lookup not look
490 * in the cache. If there is an application get_session callback
491 * defined, this will still get called. */
492#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
493
494 struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
495#define SSL_CTX_sess_number(ctx) \
496 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
497#define SSL_CTX_sess_connect(ctx) \
498 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
499#define SSL_CTX_sess_connect_good(ctx) \
500 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
501#define SSL_CTX_sess_connect_renegotiate(ctx) \
502 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
503#define SSL_CTX_sess_accept(ctx) \
504 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
505#define SSL_CTX_sess_accept_renegotiate(ctx) \
506 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
507#define SSL_CTX_sess_accept_good(ctx) \
508 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
509#define SSL_CTX_sess_hits(ctx) \
510 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
511#define SSL_CTX_sess_cb_hits(ctx) \
512 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
513#define SSL_CTX_sess_misses(ctx) \
514 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
515#define SSL_CTX_sess_timeouts(ctx) \
516 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
517#define SSL_CTX_sess_cache_full(ctx) \
518 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
519
520#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
521#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
522#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
523#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
524#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
525#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
526#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
527#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
528#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
529#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
530
531#define SSL_NOTHING 1
532#define SSL_WRITING 2
533#define SSL_READING 3
534#define SSL_X509_LOOKUP 4
535
536/* These will only be used when doing non-blocking IO */
537#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
538#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
539#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
540#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
541
542struct ssl_st
543 {
544 /* protocol version
545 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
546 */
547 int version;
548 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
549
550 SSL_METHOD *method; /* SSLv3 */
551
552 /* There are 2 BIO's even though they are normally both the
553 * same. This is so data can be read and written to different
554 * handlers */
555
556#ifndef NO_BIO
557 BIO *rbio; /* used by SSL_read */
558 BIO *wbio; /* used by SSL_write */
559 BIO *bbio; /* used during session-id reuse to concatenate
560 * messages */
561#else
562 char *rbio; /* used by SSL_read */
563 char *wbio; /* used by SSL_write */
564 char *bbio;
565#endif
566 /* This holds a variable that indicates what we were doing
567 * when a 0 or -1 is returned. This is needed for
568 * non-blocking IO so we know what request needs re-doing when
569 * in SSL_accept or SSL_connect */
570 int rwstate;
571
572 /* true when we are actually in SSL_accept() or SSL_connect() */
573 int in_handshake;
574 int (*handshake_func)();
575
576 /* Imagine that here's a boolean member "init" that is
577 * switched as soon as SSL_set_{accept/connect}_state
578 * is called for the first time, so that "state" and
579 * "handshake_func" are properly initialized. But as
580 * handshake_func is == 0 until then, we use this
581 * test instead of an "init" member.
582 */
583
584 int server; /* are we the server side? - mostly used by SSL_clear*/
585
586 int new_session;/* 1 if we are to use a new session */
587 int quiet_shutdown;/* don't send shutdown packets */
588 int shutdown; /* we have shut things down, 0x01 sent, 0x02
589 * for received */
590 int state; /* where we are */
591 int rstate; /* where we are when reading */
592
593 BUF_MEM *init_buf; /* buffer used during init */
594 int init_num; /* amount read/written */
595 int init_off; /* amount read/written */
596
597 /* used internally to point at a raw packet */
598 unsigned char *packet;
599 unsigned int packet_length;
600
601 struct ssl2_state_st *s2; /* SSLv2 variables */
602 struct ssl3_state_st *s3; /* SSLv3 variables */
603
604 int read_ahead; /* Read as many input bytes as possible
605 * (for non-blocking reads) */
606 int hit; /* reusing a previous session */
607
608 int purpose; /* Purpose setting */
609 int trust; /* Trust setting */
610
611 /* crypto */
612 STACK_OF(SSL_CIPHER) *cipher_list;
613 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
614
615 /* These are the ones being used, the ones in SSL_SESSION are
616 * the ones to be 'copied' into these ones */
617
618 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
619 const EVP_MD *read_hash; /* used for mac generation */
620#ifndef NO_COMP
621 COMP_CTX *expand; /* uncompress */
622#else
623 char *expand;
624#endif
625
626 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
627 const EVP_MD *write_hash; /* used for mac generation */
628#ifndef NO_COMP
629 COMP_CTX *compress; /* compression */
630#else
631 char *compress;
632#endif
633
634 /* session info */
635
636 /* client cert? */
637 /* This is used to hold the server certificate used */
638 struct cert_st /* CERT */ *cert;
639
640 /* the session_id_context is used to ensure sessions are only reused
641 * in the appropriate context */
642 unsigned int sid_ctx_length;
643 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
644
645 /* This can also be in the session once a session is established */
646 SSL_SESSION *session;
647
648 /* Used in SSL2 and SSL3 */
649 int verify_mode; /* 0 don't care about verify failure.
650 * 1 fail if verify fails */
651 int verify_depth;
652 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
653 void (*info_callback)(); /* optional informational callback */
654
655 int error; /* error bytes to be written */
656 int error_code; /* actual code */
657
658 SSL_CTX *ctx;
659 /* set this flag to 1 and a sleep(1) is put into all SSL_read()
660 * and SSL_write() calls, good for nbio debuging :-) */
661 int debug;
662
663 /* extra application data */
664 long verify_result;
665 CRYPTO_EX_DATA ex_data;
666
667 /* for server side, keep the list of CA_dn we can use */
668 STACK_OF(X509_NAME) *client_CA;
669
670 int references;
671 unsigned long options; /* protocol behaviour */
672 unsigned long mode; /* API behaviour */
673 int first_packet;
674 int client_version; /* what was passed, used for
675 * SSLv3/TLS rollback check */
676 };
677
678#ifdef __cplusplus
679}
680#endif
681
682#include <openssl/ssl2.h>
683#include <openssl/ssl3.h>
684#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
685#include <openssl/ssl23.h>
686
687#ifdef __cplusplus
688extern "C" {
689#endif
690
691/* compatibility */
692#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
693#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
694#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
695#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
696#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
697#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
698
699/* The following are the possible values for ssl->state are are
700 * used to indicate where we are up to in the SSL connection establishment.
701 * The macros that follow are about the only things you should need to use
702 * and even then, only when using non-blocking IO.
703 * It can also be useful to work out where you were when the connection
704 * failed */
705
706#define SSL_ST_CONNECT 0x1000
707#define SSL_ST_ACCEPT 0x2000
708#define SSL_ST_MASK 0x0FFF
709#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
710#define SSL_ST_BEFORE 0x4000
711#define SSL_ST_OK 0x03
712#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
713
714#define SSL_CB_LOOP 0x01
715#define SSL_CB_EXIT 0x02
716#define SSL_CB_READ 0x04
717#define SSL_CB_WRITE 0x08
718#define SSL_CB_ALERT 0x4000 /* used in callback */
719#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
720#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
721#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
722#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
723#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
724#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
725#define SSL_CB_HANDSHAKE_START 0x10
726#define SSL_CB_HANDSHAKE_DONE 0x20
727
728/* Is the SSL_connection established? */
729#define SSL_get_state(a) SSL_state(a)
730#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
731#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
732#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
733#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
734#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
735
736/* The following 2 states are kept in ssl->rstate when reads fail,
737 * you should not need these */
738#define SSL_ST_READ_HEADER 0xF0
739#define SSL_ST_READ_BODY 0xF1
740#define SSL_ST_READ_DONE 0xF2
741
742/* Obtain latest Finished message
743 * -- that we sent (SSL_get_finished)
744 * -- that we expected from peer (SSL_get_peer_finished).
745 * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
746size_t SSL_get_finished(SSL *s, void *buf, size_t count);
747size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
748
749/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
750 * are 'ored' with SSL_VERIFY_PEER if they are desired */
751#define SSL_VERIFY_NONE 0x00
752#define SSL_VERIFY_PEER 0x01
753#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
754#define SSL_VERIFY_CLIENT_ONCE 0x04
755
756#define OpenSSL_add_ssl_algorithms() SSL_library_init()
757#define SSLeay_add_ssl_algorithms() SSL_library_init()
758
759/* this is for backward compatibility */
760#if 0 /* NEW_SSLEAY */
761#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
762#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
763#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
764#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
765#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
766#endif
767/* More backward compatibility */
768#define SSL_get_cipher(s) \
769 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
770#define SSL_get_cipher_bits(s,np) \
771 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
772#define SSL_get_cipher_version(s) \
773 SSL_CIPHER_get_version(SSL_get_current_cipher(s))
774#define SSL_get_cipher_name(s) \
775 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
776#define SSL_get_time(a) SSL_SESSION_get_time(a)
777#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
778#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
779#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
780
781#if 1 /*SSLEAY_MACROS*/
782#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
783 (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
784 (bp),(unsigned char **)(s_id))
785#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
786 bp,(unsigned char *)s_id)
787#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
788 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
789#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
790 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
791#define PEM_write_SSL_SESSION(fp,x) \
792 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
793 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
794#define PEM_write_bio_SSL_SESSION(bp,x) \
795 PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
796 PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
797#endif
798
799#define SSL_AD_REASON_OFFSET 1000
800/* These alert types are for SSLv3 and TLSv1 */
801#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
802#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
803#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
804#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
805#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
806#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
807#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
808#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
809#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
810#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
811#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
812#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
813#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
814#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
815#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
816#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
817#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
818#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
819#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
820#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
821#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
822#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
823#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
824#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
825
826#define SSL_ERROR_NONE 0
827#define SSL_ERROR_SSL 1
828#define SSL_ERROR_WANT_READ 2
829#define SSL_ERROR_WANT_WRITE 3
830#define SSL_ERROR_WANT_X509_LOOKUP 4
831#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
832#define SSL_ERROR_ZERO_RETURN 6
833#define SSL_ERROR_WANT_CONNECT 7
834
835#define SSL_CTRL_NEED_TMP_RSA 1
836#define SSL_CTRL_SET_TMP_RSA 2
837#define SSL_CTRL_SET_TMP_DH 3
838#define SSL_CTRL_SET_TMP_RSA_CB 4
839#define SSL_CTRL_SET_TMP_DH_CB 5
840/* Add these ones */
841#define SSL_CTRL_GET_SESSION_REUSED 6
842#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
843#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
844#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
845#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
846#define SSL_CTRL_GET_FLAGS 11
847#define SSL_CTRL_EXTRA_CHAIN_CERT 12
848
849/* Stats */
850#define SSL_CTRL_SESS_NUMBER 20
851#define SSL_CTRL_SESS_CONNECT 21
852#define SSL_CTRL_SESS_CONNECT_GOOD 22
853#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
854#define SSL_CTRL_SESS_ACCEPT 24
855#define SSL_CTRL_SESS_ACCEPT_GOOD 25
856#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
857#define SSL_CTRL_SESS_HIT 27
858#define SSL_CTRL_SESS_CB_HIT 28
859#define SSL_CTRL_SESS_MISSES 29
860#define SSL_CTRL_SESS_TIMEOUTS 30
861#define SSL_CTRL_SESS_CACHE_FULL 31
862#define SSL_CTRL_OPTIONS 32
863#define SSL_CTRL_MODE 33
864
865#define SSL_CTRL_GET_READ_AHEAD 40
866#define SSL_CTRL_SET_READ_AHEAD 41
867#define SSL_CTRL_SET_SESS_CACHE_SIZE 42
868#define SSL_CTRL_GET_SESS_CACHE_SIZE 43
869#define SSL_CTRL_SET_SESS_CACHE_MODE 44
870#define SSL_CTRL_GET_SESS_CACHE_MODE 45
871
872#define SSL_session_reused(ssl) \
873 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
874#define SSL_num_renegotiations(ssl) \
875 SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
876#define SSL_clear_num_renegotiations(ssl) \
877 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
878#define SSL_total_renegotiations(ssl) \
879 SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
880
881#define SSL_CTX_need_tmp_RSA(ctx) \
882 SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
883#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
884 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
885#define SSL_CTX_set_tmp_dh(ctx,dh) \
886 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
887
888#define SSL_need_tmp_RSA(ssl) \
889 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
890#define SSL_set_tmp_rsa(ssl,rsa) \
891 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
892#define SSL_set_tmp_dh(ssl,dh) \
893 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
894
895#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
896 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
897
898/* VMS uses only 31 characters for symbols. */
899#ifdef VMS
900#undef SSL_CTX_set_cert_verify_callback
901#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
902#undef SSL_CTX_use_certificate_chain_file
903#define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
904#undef SSL_CTX_set_default_verify_paths
905#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
906#undef SSL_get_ex_data_X509_STORE_CTX_idx
907#define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_data_X509_STOR_CTX_i
908#undef SSL_add_file_cert_subjects_to_stack
909#define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_sub_to_stack
910#undef SSL_add_dir_cert_subjects_to_stack
911#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack
912#endif
913
914#ifndef NO_BIO
915BIO_METHOD *BIO_f_ssl(void);
916BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
917BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
918BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
919int BIO_ssl_copy_session_id(BIO *to,BIO *from);
920void BIO_ssl_shutdown(BIO *ssl_bio);
921
922#endif
923
924int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
925SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
926void SSL_CTX_free(SSL_CTX *);
927long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
928long SSL_CTX_get_timeout(SSL_CTX *ctx);
929X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);
930void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
931int SSL_want(SSL *s);
932int SSL_clear(SSL *s);
933
934void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
935
936SSL_CIPHER *SSL_get_current_cipher(SSL *s);
937int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
938char * SSL_CIPHER_get_version(SSL_CIPHER *c);
939const char * SSL_CIPHER_get_name(SSL_CIPHER *c);
940
941int SSL_get_fd(SSL *s);
942const char * SSL_get_cipher_list(SSL *s,int n);
943char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
944int SSL_get_read_ahead(SSL * s);
945int SSL_pending(SSL *s);
946#ifndef NO_SOCK
947int SSL_set_fd(SSL *s, int fd);
948int SSL_set_rfd(SSL *s, int fd);
949int SSL_set_wfd(SSL *s, int fd);
950#endif
951#ifndef NO_BIO
952void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
953BIO * SSL_get_rbio(SSL *s);
954BIO * SSL_get_wbio(SSL *s);
955#endif
956int SSL_set_cipher_list(SSL *s, const char *str);
957void SSL_set_read_ahead(SSL *s, int yes);
958int SSL_get_verify_mode(SSL *s);
959int SSL_get_verify_depth(SSL *s);
960int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
961void SSL_set_verify(SSL *s, int mode,
962 int (*callback)(int ok,X509_STORE_CTX *ctx));
963void SSL_set_verify_depth(SSL *s, int depth);
964#ifndef NO_RSA
965int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
966#endif
967int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
968int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
969int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
970int SSL_use_certificate(SSL *ssl, X509 *x);
971int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
972
973#ifndef NO_STDIO
974int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
975int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
976int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
977int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
978int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
979int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
980int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
981STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
982int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
983 const char *file);
984int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
985 const char *dir);
986#endif
987
988void ERR_load_SSL_strings(void );
989void SSL_load_error_strings(void );
990char * SSL_state_string(SSL *s);
991char * SSL_rstate_string(SSL *s);
992char * SSL_state_string_long(SSL *s);
993char * SSL_rstate_string_long(SSL *s);
994long SSL_SESSION_get_time(SSL_SESSION *s);
995long SSL_SESSION_set_time(SSL_SESSION *s, long t);
996long SSL_SESSION_get_timeout(SSL_SESSION *s);
997long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
998void SSL_copy_session_id(SSL *to,SSL *from);
999
1000SSL_SESSION *SSL_SESSION_new(void);
1001unsigned long SSL_SESSION_hash(SSL_SESSION *a);
1002int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
1003#ifndef NO_FP_API
1004int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
1005#endif
1006#ifndef NO_BIO
1007int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
1008#endif
1009void SSL_SESSION_free(SSL_SESSION *ses);
1010int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
1011int SSL_set_session(SSL *to, SSL_SESSION *session);
1012int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
1013int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
1014SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
1015
1016#ifdef HEADER_X509_H
1017X509 * SSL_get_peer_certificate(SSL *s);
1018#endif
1019
1020STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
1021
1022#ifdef VMS
1023#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
1024#endif
1025
1026int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
1027int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
1028int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
1029void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
1030 int (*callback)(int, X509_STORE_CTX *));
1031void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
1032void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(),char *arg);
1033#ifndef NO_RSA
1034int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
1035#endif
1036int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
1037int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
1038int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
1039 unsigned char *d, long len);
1040int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
1041int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
1042
1043void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
1044void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
1045
1046int SSL_CTX_check_private_key(SSL_CTX *ctx);
1047int SSL_check_private_key(SSL *ctx);
1048
1049int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
1050 unsigned int sid_ctx_len);
1051
1052SSL * SSL_new(SSL_CTX *ctx);
1053int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
1054 unsigned int sid_ctx_len);
1055
1056int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
1057int SSL_set_purpose(SSL *s, int purpose);
1058int SSL_CTX_set_trust(SSL_CTX *s, int trust);
1059int SSL_set_trust(SSL *s, int trust);
1060
1061void SSL_free(SSL *ssl);
1062int SSL_accept(SSL *ssl);
1063int SSL_connect(SSL *ssl);
1064int SSL_read(SSL *ssl,void *buf,int num);
1065int SSL_peek(SSL *ssl,void *buf,int num);
1066int SSL_write(SSL *ssl,const void *buf,int num);
1067long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
1068long SSL_callback_ctrl(SSL *, int, void (*)());
1069long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);
1070long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
1071
1072int SSL_get_error(SSL *s,int ret_code);
1073const char *SSL_get_version(SSL *s);
1074
1075/* This sets the 'default' SSL version that SSL_new() will create */
1076int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
1077
1078SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1079SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1080SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1081
1082SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1083SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1084SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
1085
1086SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
1087SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
1088SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
1089
1090SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1091SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1092SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1093
1094STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
1095
1096int SSL_do_handshake(SSL *s);
1097int SSL_renegotiate(SSL *s);
1098int SSL_shutdown(SSL *s);
1099
1100SSL_METHOD *SSL_get_ssl_method(SSL *s);
1101int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
1102char *SSL_alert_type_string_long(int value);
1103char *SSL_alert_type_string(int value);
1104char *SSL_alert_desc_string_long(int value);
1105char *SSL_alert_desc_string(int value);
1106
1107void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
1108void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
1109STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
1110STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
1111int SSL_add_client_CA(SSL *ssl,X509 *x);
1112int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
1113
1114void SSL_set_connect_state(SSL *s);
1115void SSL_set_accept_state(SSL *s);
1116
1117long SSL_get_default_timeout(SSL *s);
1118
1119int SSL_library_init(void );
1120
1121char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
1122STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
1123
1124SSL *SSL_dup(SSL *ssl);
1125
1126X509 *SSL_get_certificate(SSL *ssl);
1127/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
1128
1129void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
1130int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
1131void SSL_set_quiet_shutdown(SSL *ssl,int mode);
1132int SSL_get_quiet_shutdown(SSL *ssl);
1133void SSL_set_shutdown(SSL *ssl,int mode);
1134int SSL_get_shutdown(SSL *ssl);
1135int SSL_version(SSL *ssl);
1136int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
1137int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
1138 const char *CApath);
1139#define SSL_get0_session SSL_get_session /* just peek at pointer */
1140SSL_SESSION *SSL_get_session(SSL *ssl);
1141SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
1142SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
1143void SSL_set_info_callback(SSL *ssl,void (*cb)());
1144void (*SSL_get_info_callback(SSL *ssl))();
1145int SSL_state(SSL *ssl);
1146
1147void SSL_set_verify_result(SSL *ssl,long v);
1148long SSL_get_verify_result(SSL *ssl);
1149
1150int SSL_set_ex_data(SSL *ssl,int idx,void *data);
1151void *SSL_get_ex_data(SSL *ssl,int idx);
1152int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1153 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1154
1155int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
1156void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
1157int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1158 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1159
1160int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
1161void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
1162int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1163 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1164
1165int SSL_get_ex_data_X509_STORE_CTX_idx(void );
1166
1167#define SSL_CTX_sess_set_cache_size(ctx,t) \
1168 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
1169#define SSL_CTX_sess_get_cache_size(ctx) \
1170 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
1171#define SSL_CTX_set_session_cache_mode(ctx,m) \
1172 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
1173#define SSL_CTX_get_session_cache_mode(ctx) \
1174 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
1175
1176#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
1177#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
1178#define SSL_CTX_get_read_ahead(ctx) \
1179 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
1180#define SSL_CTX_set_read_ahead(ctx,m) \
1181 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
1182
1183 /* NB: the keylength is only applicable when is_export is true */
1184#ifndef NO_RSA
1185void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
1186 RSA *(*cb)(SSL *ssl,int is_export,
1187 int keylength));
1188
1189void SSL_set_tmp_rsa_callback(SSL *ssl,
1190 RSA *(*cb)(SSL *ssl,int is_export,
1191 int keylength));
1192#endif
1193#ifndef NO_DH
1194void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
1195 DH *(*dh)(SSL *ssl,int is_export,
1196 int keylength));
1197void SSL_set_tmp_dh_callback(SSL *ssl,
1198 DH *(*dh)(SSL *ssl,int is_export,
1199 int keylength));
1200#endif
1201
1202#ifndef NO_COMP
1203int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
1204#else
1205int SSL_COMP_add_compression_method(int id,char *cm);
1206#endif
1207
1208/* BEGIN ERROR CODES */
1209/* The following lines are auto generated by the script mkerr.pl. Any changes
1210 * made after this point may be overwritten when the script is next run.
1211 */
1212void ERR_load_SSL_strings(void);
1213
1214/* Error codes for the SSL functions. */
1215
1216/* Function codes. */
1217#define SSL_F_CLIENT_CERTIFICATE 100
1218#define SSL_F_CLIENT_HELLO 101
1219#define SSL_F_CLIENT_MASTER_KEY 102
1220#define SSL_F_D2I_SSL_SESSION 103
1221#define SSL_F_DO_SSL3_WRITE 104
1222#define SSL_F_GET_CLIENT_FINISHED 105
1223#define SSL_F_GET_CLIENT_HELLO 106
1224#define SSL_F_GET_CLIENT_MASTER_KEY 107
1225#define SSL_F_GET_SERVER_FINISHED 108
1226#define SSL_F_GET_SERVER_HELLO 109
1227#define SSL_F_GET_SERVER_VERIFY 110
1228#define SSL_F_I2D_SSL_SESSION 111
1229#define SSL_F_READ_N 112
1230#define SSL_F_REQUEST_CERTIFICATE 113
1231#define SSL_F_SERVER_HELLO 114
1232#define SSL_F_SSL23_ACCEPT 115
1233#define SSL_F_SSL23_CLIENT_HELLO 116
1234#define SSL_F_SSL23_CONNECT 117
1235#define SSL_F_SSL23_GET_CLIENT_HELLO 118
1236#define SSL_F_SSL23_GET_SERVER_HELLO 119
1237#define SSL_F_SSL23_PEEK 237
1238#define SSL_F_SSL23_READ 120
1239#define SSL_F_SSL23_WRITE 121
1240#define SSL_F_SSL2_ACCEPT 122
1241#define SSL_F_SSL2_CONNECT 123
1242#define SSL_F_SSL2_ENC_INIT 124
1243#define SSL_F_SSL2_PEEK 234
1244#define SSL_F_SSL2_READ 125
1245#define SSL_F_SSL2_READ_INTERNAL 236
1246#define SSL_F_SSL2_SET_CERTIFICATE 126
1247#define SSL_F_SSL2_WRITE 127
1248#define SSL_F_SSL3_ACCEPT 128
1249#define SSL_F_SSL3_CALLBACK_CTRL 233
1250#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
1251#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
1252#define SSL_F_SSL3_CLIENT_HELLO 131
1253#define SSL_F_SSL3_CONNECT 132
1254#define SSL_F_SSL3_CTRL 213
1255#define SSL_F_SSL3_CTX_CTRL 133
1256#define SSL_F_SSL3_ENC 134
1257#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
1258#define SSL_F_SSL3_GET_CERT_VERIFY 136
1259#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
1260#define SSL_F_SSL3_GET_CLIENT_HELLO 138
1261#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
1262#define SSL_F_SSL3_GET_FINISHED 140
1263#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
1264#define SSL_F_SSL3_GET_MESSAGE 142
1265#define SSL_F_SSL3_GET_RECORD 143
1266#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
1267#define SSL_F_SSL3_GET_SERVER_DONE 145
1268#define SSL_F_SSL3_GET_SERVER_HELLO 146
1269#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
1270#define SSL_F_SSL3_PEEK 235
1271#define SSL_F_SSL3_READ_BYTES 148
1272#define SSL_F_SSL3_READ_N 149
1273#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
1274#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
1275#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
1276#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
1277#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
1278#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
1279#define SSL_F_SSL3_SETUP_BUFFERS 156
1280#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
1281#define SSL_F_SSL3_WRITE_BYTES 158
1282#define SSL_F_SSL3_WRITE_PENDING 159
1283#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
1284#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
1285#define SSL_F_SSL_BAD_METHOD 160
1286#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
1287#define SSL_F_SSL_CERT_DUP 221
1288#define SSL_F_SSL_CERT_INST 222
1289#define SSL_F_SSL_CERT_INSTANTIATE 214
1290#define SSL_F_SSL_CERT_NEW 162
1291#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
1292#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
1293#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
1294#define SSL_F_SSL_CLEAR 164
1295#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
1296#define SSL_F_SSL_CREATE_CIPHER_LIST 166
1297#define SSL_F_SSL_CTRL 232
1298#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1299#define SSL_F_SSL_CTX_NEW 169
1300#define SSL_F_SSL_CTX_SET_PURPOSE 226
1301#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
1302#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
1303#define SSL_F_SSL_CTX_SET_TRUST 229
1304#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
1305#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
1306#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
1307#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
1308#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
1309#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
1310#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
1311#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
1312#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
1313#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
1314#define SSL_F_SSL_DO_HANDSHAKE 180
1315#define SSL_F_SSL_GET_NEW_SESSION 181
1316#define SSL_F_SSL_GET_PREV_SESSION 217
1317#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
1318#define SSL_F_SSL_GET_SIGN_PKEY 183
1319#define SSL_F_SSL_INIT_WBIO_BUFFER 184
1320#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
1321#define SSL_F_SSL_NEW 186
1322#define SSL_F_SSL_READ 223
1323#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
1324#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
1325#define SSL_F_SSL_SESSION_NEW 189
1326#define SSL_F_SSL_SESSION_PRINT_FP 190
1327#define SSL_F_SSL_SESS_CERT_NEW 225
1328#define SSL_F_SSL_SET_CERT 191
1329#define SSL_F_SSL_SET_FD 192
1330#define SSL_F_SSL_SET_PKEY 193
1331#define SSL_F_SSL_SET_PURPOSE 227
1332#define SSL_F_SSL_SET_RFD 194
1333#define SSL_F_SSL_SET_SESSION 195
1334#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
1335#define SSL_F_SSL_SET_TRUST 228
1336#define SSL_F_SSL_SET_WFD 196
1337#define SSL_F_SSL_SHUTDOWN 224
1338#define SSL_F_SSL_UNDEFINED_FUNCTION 197
1339#define SSL_F_SSL_USE_CERTIFICATE 198
1340#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
1341#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
1342#define SSL_F_SSL_USE_PRIVATEKEY 201
1343#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
1344#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
1345#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
1346#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
1347#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
1348#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
1349#define SSL_F_SSL_WRITE 208
1350#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
1351#define SSL_F_TLS1_ENC 210
1352#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
1353#define SSL_F_WRITE_PENDING 212
1354
1355/* Reason codes. */
1356#define SSL_R_APP_DATA_IN_HANDSHAKE 100
1357#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
1358#define SSL_R_BAD_ALERT_RECORD 101
1359#define SSL_R_BAD_AUTHENTICATION_TYPE 102
1360#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
1361#define SSL_R_BAD_CHECKSUM 104
1362#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
1363#define SSL_R_BAD_DECOMPRESSION 107
1364#define SSL_R_BAD_DH_G_LENGTH 108
1365#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
1366#define SSL_R_BAD_DH_P_LENGTH 110
1367#define SSL_R_BAD_DIGEST_LENGTH 111
1368#define SSL_R_BAD_DSA_SIGNATURE 112
1369#define SSL_R_BAD_HELLO_REQUEST 105
1370#define SSL_R_BAD_LENGTH 271
1371#define SSL_R_BAD_MAC_DECODE 113
1372#define SSL_R_BAD_MESSAGE_TYPE 114
1373#define SSL_R_BAD_PACKET_LENGTH 115
1374#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
1375#define SSL_R_BAD_RESPONSE_ARGUMENT 117
1376#define SSL_R_BAD_RSA_DECRYPT 118
1377#define SSL_R_BAD_RSA_ENCRYPT 119
1378#define SSL_R_BAD_RSA_E_LENGTH 120
1379#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
1380#define SSL_R_BAD_RSA_SIGNATURE 122
1381#define SSL_R_BAD_SIGNATURE 123
1382#define SSL_R_BAD_SSL_FILETYPE 124
1383#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
1384#define SSL_R_BAD_STATE 126
1385#define SSL_R_BAD_WRITE_RETRY 127
1386#define SSL_R_BIO_NOT_SET 128
1387#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
1388#define SSL_R_BN_LIB 130
1389#define SSL_R_CA_DN_LENGTH_MISMATCH 131
1390#define SSL_R_CA_DN_TOO_LONG 132
1391#define SSL_R_CCS_RECEIVED_EARLY 133
1392#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
1393#define SSL_R_CERT_LENGTH_MISMATCH 135
1394#define SSL_R_CHALLENGE_IS_DIFFERENT 136
1395#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
1396#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
1397#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
1398#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
1399#define SSL_R_COMPRESSION_FAILURE 141
1400#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
1401#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
1402#define SSL_R_CONNECTION_TYPE_NOT_SET 144
1403#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
1404#define SSL_R_DATA_LENGTH_TOO_LONG 146
1405#define SSL_R_DECRYPTION_FAILED 147
1406#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
1407#define SSL_R_DIGEST_CHECK_FAILED 149
1408#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
1409#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092
1410#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
1411#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
1412#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
1413#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
1414#define SSL_R_HTTPS_PROXY_REQUEST 155
1415#define SSL_R_HTTP_REQUEST 156
1416#define SSL_R_INTERNAL_ERROR 157
1417#define SSL_R_INVALID_CHALLENGE_LENGTH 158
1418#define SSL_R_INVALID_COMMAND 280
1419#define SSL_R_INVALID_PURPOSE 278
1420#define SSL_R_INVALID_TRUST 279
1421#define SSL_R_LENGTH_MISMATCH 159
1422#define SSL_R_LENGTH_TOO_SHORT 160
1423#define SSL_R_LIBRARY_BUG 274
1424#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
1425#define SSL_R_MISSING_DH_DSA_CERT 162
1426#define SSL_R_MISSING_DH_KEY 163
1427#define SSL_R_MISSING_DH_RSA_CERT 164
1428#define SSL_R_MISSING_DSA_SIGNING_CERT 165
1429#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
1430#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
1431#define SSL_R_MISSING_RSA_CERTIFICATE 168
1432#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
1433#define SSL_R_MISSING_RSA_SIGNING_CERT 170
1434#define SSL_R_MISSING_TMP_DH_KEY 171
1435#define SSL_R_MISSING_TMP_RSA_KEY 172
1436#define SSL_R_MISSING_TMP_RSA_PKEY 173
1437#define SSL_R_MISSING_VERIFY_MESSAGE 174
1438#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
1439#define SSL_R_NO_CERTIFICATES_RETURNED 176
1440#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
1441#define SSL_R_NO_CERTIFICATE_RETURNED 178
1442#define SSL_R_NO_CERTIFICATE_SET 179
1443#define SSL_R_NO_CERTIFICATE_SPECIFIED 180
1444#define SSL_R_NO_CIPHERS_AVAILABLE 181
1445#define SSL_R_NO_CIPHERS_PASSED 182
1446#define SSL_R_NO_CIPHERS_SPECIFIED 183
1447#define SSL_R_NO_CIPHER_LIST 184
1448#define SSL_R_NO_CIPHER_MATCH 185
1449#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
1450#define SSL_R_NO_COMPRESSION_SPECIFIED 187
1451#define SSL_R_NO_METHOD_SPECIFIED 188
1452#define SSL_R_NO_PRIVATEKEY 189
1453#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
1454#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
1455#define SSL_R_NO_PUBLICKEY 192
1456#define SSL_R_NO_SHARED_CIPHER 193
1457#define SSL_R_NO_VERIFY_CALLBACK 194
1458#define SSL_R_NULL_SSL_CTX 195
1459#define SSL_R_NULL_SSL_METHOD_PASSED 196
1460#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
1461#define SSL_R_PACKET_LENGTH_TOO_LONG 198
1462#define SSL_R_PATH_TOO_LONG 270
1463#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
1464#define SSL_R_PEER_ERROR 200
1465#define SSL_R_PEER_ERROR_CERTIFICATE 201
1466#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
1467#define SSL_R_PEER_ERROR_NO_CIPHER 203
1468#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
1469#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
1470#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
1471#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
1472#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
1473#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
1474#define SSL_R_PUBLIC_KEY_NOT_RSA 210
1475#define SSL_R_READ_BIO_NOT_SET 211
1476#define SSL_R_READ_WRONG_PACKET_TYPE 212
1477#define SSL_R_RECORD_LENGTH_MISMATCH 213
1478#define SSL_R_RECORD_TOO_LARGE 214
1479#define SSL_R_RECORD_TOO_SMALL 1093
1480#define SSL_R_REQUIRED_CIPHER_MISSING 215
1481#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
1482#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
1483#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
1484#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
1485#define SSL_R_SHORT_READ 219
1486#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
1487#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
1488#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
1489#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
1490#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
1491#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
1492#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
1493#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
1494#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
1495#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
1496#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
1497#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
1498#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223
1499#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224
1500#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225
1501#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
1502#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
1503#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227
1504#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
1505#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
1506#define SSL_R_SSL_HANDSHAKE_FAILURE 229
1507#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
1508#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
1509#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
1510#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
1511#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
1512#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
1513#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
1514#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
1515#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
1516#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
1517#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
1518#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
1519#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
1520#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
1521#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
1522#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
1523#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
1524#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
1525#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
1526#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
1527#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
1528#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
1529#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
1530#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
1531#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
1532#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
1533#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
1534#define SSL_R_UNEXPECTED_MESSAGE 244
1535#define SSL_R_UNEXPECTED_RECORD 245
1536#define SSL_R_UNINITIALIZED 276
1537#define SSL_R_UNKNOWN_ALERT_TYPE 246
1538#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
1539#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
1540#define SSL_R_UNKNOWN_CIPHER_TYPE 249
1541#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
1542#define SSL_R_UNKNOWN_PKEY_TYPE 251
1543#define SSL_R_UNKNOWN_PROTOCOL 252
1544#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
1545#define SSL_R_UNKNOWN_SSL_VERSION 254
1546#define SSL_R_UNKNOWN_STATE 255
1547#define SSL_R_UNSUPPORTED_CIPHER 256
1548#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
1549#define SSL_R_UNSUPPORTED_OPTION 1091
1550#define SSL_R_UNSUPPORTED_PROTOCOL 258
1551#define SSL_R_UNSUPPORTED_SSL_VERSION 259
1552#define SSL_R_WRITE_BIO_NOT_SET 260
1553#define SSL_R_WRONG_CIPHER_RETURNED 261
1554#define SSL_R_WRONG_MESSAGE_TYPE 262
1555#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
1556#define SSL_R_WRONG_SIGNATURE_LENGTH 264
1557#define SSL_R_WRONG_SIGNATURE_SIZE 265
1558#define SSL_R_WRONG_SSL_VERSION 266
1559#define SSL_R_WRONG_VERSION_NUMBER 267
1560#define SSL_R_X509_LIB 268
1561#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
1562
1563#ifdef __cplusplus
1564}
1565#endif
1566#endif
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
deleted file mode 100644
index f8b56afb6b..0000000000
--- a/src/lib/libssl/ssl2.h
+++ /dev/null
@@ -1,269 +0,0 @@
1/* ssl/ssl2.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL2_H
60#define HEADER_SSL2_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/* Protocol Version Codes */
67#define SSL2_VERSION 0x0002
68#define SSL2_VERSION_MAJOR 0x00
69#define SSL2_VERSION_MINOR 0x02
70/* #define SSL2_CLIENT_VERSION 0x0002 */
71/* #define SSL2_SERVER_VERSION 0x0002 */
72
73/* Protocol Message Codes */
74#define SSL2_MT_ERROR 0
75#define SSL2_MT_CLIENT_HELLO 1
76#define SSL2_MT_CLIENT_MASTER_KEY 2
77#define SSL2_MT_CLIENT_FINISHED 3
78#define SSL2_MT_SERVER_HELLO 4
79#define SSL2_MT_SERVER_VERIFY 5
80#define SSL2_MT_SERVER_FINISHED 6
81#define SSL2_MT_REQUEST_CERTIFICATE 7
82#define SSL2_MT_CLIENT_CERTIFICATE 8
83
84/* Error Message Codes */
85#define SSL2_PE_UNDEFINED_ERROR 0x0000
86#define SSL2_PE_NO_CIPHER 0x0001
87#define SSL2_PE_NO_CERTIFICATE 0x0002
88#define SSL2_PE_BAD_CERTIFICATE 0x0004
89#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
90
91/* Cipher Kind Values */
92#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
93#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
94#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
95#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
96#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
97#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
98#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
99#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
100#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
101#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
102#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
103
104#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
105#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
106
107#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
108#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
109#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
110#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
111#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
112#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
113#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
114#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
115#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
116#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
117#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
118#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
119
120#define SSL2_TXT_NULL "NULL"
121
122/* Flags for the SSL_CIPHER.algorithm2 field */
123#define SSL2_CF_5_BYTE_ENC 0x01
124#define SSL2_CF_8_BYTE_ENC 0x02
125
126/* Certificate Type Codes */
127#define SSL2_CT_X509_CERTIFICATE 0x01
128
129/* Authentication Type Code */
130#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
131
132#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
133
134/* Upper/Lower Bounds */
135#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
136#ifdef MPE
137#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
138#else
139#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
140#endif
141#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
142
143#define SSL2_CHALLENGE_LENGTH 16
144/*#define SSL2_CHALLENGE_LENGTH 32 */
145#define SSL2_MIN_CHALLENGE_LENGTH 16
146#define SSL2_MAX_CHALLENGE_LENGTH 32
147#define SSL2_CONNECTION_ID_LENGTH 16
148#define SSL2_MAX_CONNECTION_ID_LENGTH 16
149#define SSL2_SSL_SESSION_ID_LENGTH 16
150#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
151#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
152#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
153
154#ifndef HEADER_SSL_LOCL_H
155#define CERT char
156#endif
157
158typedef struct ssl2_state_st
159 {
160 int three_byte_header;
161 int clear_text; /* clear text */
162 int escape; /* not used in SSLv2 */
163 int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
164
165 /* non-blocking io info, used to make sure the same
166 * args were passwd */
167 unsigned int wnum; /* number of bytes sent so far */
168 int wpend_tot;
169 const unsigned char *wpend_buf;
170
171 int wpend_off; /* offset to data to write */
172 int wpend_len; /* number of bytes passwd to write */
173 int wpend_ret; /* number of bytes to return to caller */
174
175 /* buffer raw data */
176 int rbuf_left;
177 int rbuf_offs;
178 unsigned char *rbuf;
179 unsigned char *wbuf;
180
181 unsigned char *write_ptr;/* used to point to the start due to
182 * 2/3 byte header. */
183
184 unsigned int padding;
185 unsigned int rlength; /* passed to ssl2_enc */
186 int ract_data_length; /* Set when things are encrypted. */
187 unsigned int wlength; /* passed to ssl2_enc */
188 int wact_data_length; /* Set when things are decrypted. */
189 unsigned char *ract_data;
190 unsigned char *wact_data;
191 unsigned char *mac_data;
192 unsigned char *pad_data;
193
194 unsigned char *read_key;
195 unsigned char *write_key;
196
197 /* Stuff specifically to do with this SSL session */
198 unsigned int challenge_length;
199 unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
200 unsigned int conn_id_length;
201 unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
202 unsigned int key_material_length;
203 unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
204
205 unsigned long read_sequence;
206 unsigned long write_sequence;
207
208 struct {
209 unsigned int conn_id_length;
210 unsigned int cert_type;
211 unsigned int cert_length;
212 int csl;
213 int clear;
214 unsigned int enc;
215 unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
216 int cipher_spec_length;
217 unsigned int session_id_length;
218 unsigned int clen;
219 unsigned int rlen;
220 } tmp;
221 } SSL2_STATE;
222
223/* SSLv2 */
224/* client */
225#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
226#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
227#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
228#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
229#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
230#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
231#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
232#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
233#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
234#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
235#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
236#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
237#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
238#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
239#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
240#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
241#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
242#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
243/* server */
244#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
245#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
246#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
247#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
248#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
249#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
250#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
251#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
252#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
253#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
254#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
255#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
256#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
257#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
258#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
259#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
260#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
261#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
262#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
263#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
264
265#ifdef __cplusplus
266}
267#endif
268#endif
269
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
deleted file mode 100644
index d3228983c7..0000000000
--- a/src/lib/libssl/ssl23.h
+++ /dev/null
@@ -1,83 +0,0 @@
1/* ssl/ssl23.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL23_H
60#define HEADER_SSL23_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/*client */
67/* write to server */
68#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
69#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
70/* read from server */
71#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
72#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
73
74/* server */
75/* read from client */
76#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
77#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
78
79#ifdef __cplusplus
80}
81#endif
82#endif
83
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
deleted file mode 100644
index 7ee1feaa67..0000000000
--- a/src/lib/libssl/ssl3.h
+++ /dev/null
@@ -1,429 +0,0 @@
1/* ssl/ssl3.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL3_H
60#define HEADER_SSL3_H
61
62#ifndef NO_COMP
63#include <openssl/comp.h>
64#endif
65#include <openssl/buffer.h>
66#include <openssl/evp.h>
67#include <openssl/ssl.h>
68
69#ifdef __cplusplus
70extern "C" {
71#endif
72
73#define SSL3_CK_RSA_NULL_MD5 0x03000001
74#define SSL3_CK_RSA_NULL_SHA 0x03000002
75#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
76#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
77#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
78#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
79#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
80#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
81#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
82#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
83
84#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
85#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
86#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
87#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
88#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
89#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
90
91#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
92#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
93#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
94#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
95#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
96#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
97
98#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
99#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
100#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
101#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
102#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
103
104#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
105#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
106#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
107
108#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
109#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
110#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
111#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
112#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
113#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
114#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
115#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
116#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
117#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
118
119#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
120#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
121#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
122#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
123#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
124#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
125
126#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
127#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
128#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
129#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
130#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
131#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
132
133#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
134#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
135#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
136#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
137#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
138
139#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
140#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
141#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
142
143#define SSL3_SSL_SESSION_ID_LENGTH 32
144#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
145
146#define SSL3_MASTER_SECRET_SIZE 48
147#define SSL3_RANDOM_SIZE 32
148#define SSL3_SESSION_ID_SIZE 32
149#define SSL3_RT_HEADER_LENGTH 5
150
151/* Due to MS stuffing up, this can change.... */
152#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32))
153#define SSL3_RT_MAX_EXTRA (14000)
154#else
155#define SSL3_RT_MAX_EXTRA (16384)
156#endif
157
158#define SSL3_RT_MAX_PLAIN_LENGTH 16384
159#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
160#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
161#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
162#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
163
164#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
165#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
166
167#define SSL3_VERSION 0x0300
168#define SSL3_VERSION_MAJOR 0x03
169#define SSL3_VERSION_MINOR 0x00
170
171#define SSL3_RT_CHANGE_CIPHER_SPEC 20
172#define SSL3_RT_ALERT 21
173#define SSL3_RT_HANDSHAKE 22
174#define SSL3_RT_APPLICATION_DATA 23
175
176#define SSL3_AL_WARNING 1
177#define SSL3_AL_FATAL 2
178
179#define SSL3_AD_CLOSE_NOTIFY 0
180#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
181#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
182#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
183#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
184#define SSL3_AD_NO_CERTIFICATE 41
185#define SSL3_AD_BAD_CERTIFICATE 42
186#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
187#define SSL3_AD_CERTIFICATE_REVOKED 44
188#define SSL3_AD_CERTIFICATE_EXPIRED 45
189#define SSL3_AD_CERTIFICATE_UNKNOWN 46
190#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
191
192typedef struct ssl3_record_st
193 {
194/*r */ int type; /* type of record */
195/*rw*/ unsigned int length; /* How many bytes available */
196/*r */ unsigned int off; /* read/write offset into 'buf' */
197/*rw*/ unsigned char *data; /* pointer to the record data */
198/*rw*/ unsigned char *input; /* where the decode bytes are */
199/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
200 } SSL3_RECORD;
201
202typedef struct ssl3_buffer_st
203 {
204 unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes (more if
205 * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */
206 int offset; /* where to 'copy from' */
207 int left; /* how many bytes left */
208 } SSL3_BUFFER;
209
210#define SSL3_CT_RSA_SIGN 1
211#define SSL3_CT_DSS_SIGN 2
212#define SSL3_CT_RSA_FIXED_DH 3
213#define SSL3_CT_DSS_FIXED_DH 4
214#define SSL3_CT_RSA_EPHEMERAL_DH 5
215#define SSL3_CT_DSS_EPHEMERAL_DH 6
216#define SSL3_CT_FORTEZZA_DMS 20
217#define SSL3_CT_NUMBER 7
218
219#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
220#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
221#define SSL3_FLAGS_POP_BUFFER 0x0004
222#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
223
224typedef struct ssl3_state_st
225 {
226 long flags;
227 int delay_buf_pop_ret;
228
229 unsigned char read_sequence[8];
230 unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
231 unsigned char write_sequence[8];
232 unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
233
234 unsigned char server_random[SSL3_RANDOM_SIZE];
235 unsigned char client_random[SSL3_RANDOM_SIZE];
236
237 SSL3_BUFFER rbuf; /* read IO goes into here */
238 SSL3_BUFFER wbuf; /* write IO goes into here */
239
240 SSL3_RECORD rrec; /* each decoded record goes in here */
241 SSL3_RECORD wrec; /* goes out from here */
242
243 /* storage for Alert/Handshake protocol data received but not
244 * yet processed by ssl3_read_bytes: */
245 unsigned char alert_fragment[2];
246 unsigned int alert_fragment_len;
247 unsigned char handshake_fragment[4];
248 unsigned int handshake_fragment_len;
249
250 /* partial write - check the numbers match */
251 unsigned int wnum; /* number of bytes sent so far */
252 int wpend_tot; /* number bytes written */
253 int wpend_type;
254 int wpend_ret; /* number of bytes submitted */
255 const unsigned char *wpend_buf;
256
257 /* used during startup, digest all incoming/outgoing packets */
258 EVP_MD_CTX finish_dgst1;
259 EVP_MD_CTX finish_dgst2;
260
261 /* this is set whenerver we see a change_cipher_spec message
262 * come in when we are not looking for one */
263 int change_cipher_spec;
264
265 int warn_alert;
266 int fatal_alert;
267 /* we allow one fatal and one warning alert to be outstanding,
268 * send close alert via the warning alert */
269 int alert_dispatch;
270 unsigned char send_alert[2];
271
272 /* This flag is set when we should renegotiate ASAP, basically when
273 * there is no more data in the read or write buffers */
274 int renegotiate;
275 int total_renegotiations;
276 int num_renegotiations;
277
278 int in_read_app_data;
279
280 struct {
281 /* actually only needs to be 16+20 */
282 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
283
284 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
285 unsigned char finish_md[EVP_MAX_MD_SIZE*2];
286 int finish_md_len;
287 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
288 int peer_finish_md_len;
289
290 unsigned long message_size;
291 int message_type;
292
293 /* used to hold the new cipher we are going to use */
294 SSL_CIPHER *new_cipher;
295#ifndef NO_DH
296 DH *dh;
297#endif
298 /* used when SSL_ST_FLUSH_DATA is entered */
299 int next_state;
300
301 int reuse_message;
302
303 /* used for certificate requests */
304 int cert_req;
305 int ctype_num;
306 char ctype[SSL3_CT_NUMBER];
307 STACK_OF(X509_NAME) *ca_names;
308
309 int use_rsa_tmp;
310
311 int key_block_length;
312 unsigned char *key_block;
313
314 const EVP_CIPHER *new_sym_enc;
315 const EVP_MD *new_hash;
316#ifndef NO_COMP
317 const SSL_COMP *new_compression;
318#else
319 char *new_compression;
320#endif
321 int cert_request;
322 } tmp;
323
324 } SSL3_STATE;
325
326/* SSLv3 */
327/*client */
328/* extra state */
329#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
330/* write to server */
331#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
332#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
333/* read from server */
334#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
335#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
336#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
337#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
338#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
339#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
340#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
341#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
342#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
343#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
344/* write to server */
345#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
346#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
347#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
348#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
349#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
350#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
351#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
352#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
353#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
354#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
355#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
356#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
357/* read from server */
358#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
359#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
360#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
361#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
362
363/* server */
364/* extra state */
365#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
366/* read from client */
367/* Do not change the number values, they do matter */
368#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
369#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
370#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
371/* write to client */
372#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
373#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
374#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
375#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
376#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
377#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
378#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
379#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
380#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
381#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
382#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
383#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
384#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
385/* read from client */
386#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
387#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
388#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
389#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
390#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
391#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
392#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
393#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
394#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
395#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
396/* write to client */
397#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
398#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
399#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
400#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
401
402#define SSL3_MT_HELLO_REQUEST 0
403#define SSL3_MT_CLIENT_HELLO 1
404#define SSL3_MT_SERVER_HELLO 2
405#define SSL3_MT_CERTIFICATE 11
406#define SSL3_MT_SERVER_KEY_EXCHANGE 12
407#define SSL3_MT_CERTIFICATE_REQUEST 13
408#define SSL3_MT_SERVER_DONE 14
409#define SSL3_MT_CERTIFICATE_VERIFY 15
410#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
411#define SSL3_MT_FINISHED 20
412
413#define SSL3_MT_CCS 1
414
415/* These are used when changing over to a new cipher */
416#define SSL3_CC_READ 0x01
417#define SSL3_CC_WRITE 0x02
418#define SSL3_CC_CLIENT 0x10
419#define SSL3_CC_SERVER 0x20
420#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
421#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
422#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
423#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
424
425#ifdef __cplusplus
426}
427#endif
428#endif
429
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
deleted file mode 100644
index dde8918fe0..0000000000
--- a/src/lib/libssl/ssl_algs.c
+++ /dev/null
@@ -1,107 +0,0 @@
1/* ssl/ssl_algs.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include <openssl/lhash.h>
62#include "ssl_locl.h"
63
64int SSL_library_init(void)
65 {
66#ifndef NO_DES
67 EVP_add_cipher(EVP_des_cbc());
68 EVP_add_cipher(EVP_des_ede3_cbc());
69#endif
70#ifndef NO_IDEA
71 EVP_add_cipher(EVP_idea_cbc());
72#endif
73#ifndef NO_RC4
74 EVP_add_cipher(EVP_rc4());
75#endif
76#ifndef NO_RC2
77 EVP_add_cipher(EVP_rc2_cbc());
78#endif
79
80#ifndef NO_MD2
81 EVP_add_digest(EVP_md2());
82#endif
83#ifndef NO_MD5
84 EVP_add_digest(EVP_md5());
85 EVP_add_digest_alias(SN_md5,"ssl2-md5");
86 EVP_add_digest_alias(SN_md5,"ssl3-md5");
87#endif
88#ifndef NO_SHA
89 EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
90 EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
91 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
92#endif
93#if !defined(NO_SHA) && !defined(NO_DSA)
94 EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
95 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
96 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
97 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
98#endif
99
100 /* If you want support for phased out ciphers, add the following */
101#if 0
102 EVP_add_digest(EVP_sha());
103 EVP_add_digest(EVP_dss());
104#endif
105 return(1);
106 }
107
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
deleted file mode 100644
index fa6456e4f5..0000000000
--- a/src/lib/libssl/ssl_asn1.c
+++ /dev/null
@@ -1,349 +0,0 @@
1/* ssl/ssl_asn1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/asn1_mac.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64#include "ssl_locl.h"
65
66typedef struct ssl_session_asn1_st
67 {
68 ASN1_INTEGER version;
69 ASN1_INTEGER ssl_version;
70 ASN1_OCTET_STRING cipher;
71 ASN1_OCTET_STRING master_key;
72 ASN1_OCTET_STRING session_id;
73 ASN1_OCTET_STRING session_id_context;
74 ASN1_OCTET_STRING key_arg;
75 ASN1_INTEGER time;
76 ASN1_INTEGER timeout;
77 ASN1_INTEGER verify_result;
78 } SSL_SESSION_ASN1;
79
80int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
81 {
82#define LSIZE2 (sizeof(long)*2)
83 int v1=0,v2=0,v3=0,v4=0,v5=0;
84 unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
85 unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
86 long l;
87 SSL_SESSION_ASN1 a;
88 M_ASN1_I2D_vars(in);
89
90 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
91 return(0);
92
93 /* Note that I cheat in the following 2 assignments. I know
94 * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
95 * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed.
96 * This is a bit evil but makes things simple, no dynamic allocation
97 * to clean up :-) */
98 a.version.length=LSIZE2;
99 a.version.type=V_ASN1_INTEGER;
100 a.version.data=ibuf1;
101 ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
102
103 a.ssl_version.length=LSIZE2;
104 a.ssl_version.type=V_ASN1_INTEGER;
105 a.ssl_version.data=ibuf2;
106 ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
107
108 a.cipher.type=V_ASN1_OCTET_STRING;
109 a.cipher.data=buf;
110
111 if (in->cipher == NULL)
112 l=in->cipher_id;
113 else
114 l=in->cipher->id;
115 if (in->ssl_version == SSL2_VERSION)
116 {
117 a.cipher.length=3;
118 buf[0]=((unsigned char)(l>>16L))&0xff;
119 buf[1]=((unsigned char)(l>> 8L))&0xff;
120 buf[2]=((unsigned char)(l ))&0xff;
121 }
122 else
123 {
124 a.cipher.length=2;
125 buf[0]=((unsigned char)(l>>8L))&0xff;
126 buf[1]=((unsigned char)(l ))&0xff;
127 }
128
129 a.master_key.length=in->master_key_length;
130 a.master_key.type=V_ASN1_OCTET_STRING;
131 a.master_key.data=in->master_key;
132
133 a.session_id.length=in->session_id_length;
134 a.session_id.type=V_ASN1_OCTET_STRING;
135 a.session_id.data=in->session_id;
136
137 a.session_id_context.length=in->sid_ctx_length;
138 a.session_id_context.type=V_ASN1_OCTET_STRING;
139 a.session_id_context.data=in->sid_ctx;
140
141 a.key_arg.length=in->key_arg_length;
142 a.key_arg.type=V_ASN1_OCTET_STRING;
143 a.key_arg.data=in->key_arg;
144
145 if (in->time != 0L)
146 {
147 a.time.length=LSIZE2;
148 a.time.type=V_ASN1_INTEGER;
149 a.time.data=ibuf3;
150 ASN1_INTEGER_set(&(a.time),in->time);
151 }
152
153 if (in->timeout != 0L)
154 {
155 a.timeout.length=LSIZE2;
156 a.timeout.type=V_ASN1_INTEGER;
157 a.timeout.data=ibuf4;
158 ASN1_INTEGER_set(&(a.timeout),in->timeout);
159 }
160
161 if (in->verify_result != X509_V_OK)
162 {
163 a.verify_result.length=LSIZE2;
164 a.verify_result.type=V_ASN1_INTEGER;
165 a.verify_result.data=ibuf5;
166 ASN1_INTEGER_set(&a.verify_result,in->verify_result);
167 }
168
169 M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
170 M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
171 M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
172 M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
173 M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
174 if (in->key_arg_length > 0)
175 M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
176 if (in->time != 0L)
177 M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
178 if (in->timeout != 0L)
179 M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
180 if (in->peer != NULL)
181 M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
182 M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4);
183 if (in->verify_result != X509_V_OK)
184 M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
185
186 M_ASN1_I2D_seq_total();
187
188 M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
189 M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
190 M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
191 M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
192 M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
193 if (in->key_arg_length > 0)
194 M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
195 if (in->time != 0L)
196 M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
197 if (in->timeout != 0L)
198 M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
199 if (in->peer != NULL)
200 M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
201 M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,
202 v4);
203 if (in->verify_result != X509_V_OK)
204 M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
205 M_ASN1_I2D_finish();
206 }
207
208SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
209 long length)
210 {
211 int version,ssl_version=0,i;
212 long id;
213 ASN1_INTEGER ai,*aip;
214 ASN1_OCTET_STRING os,*osp;
215 M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
216
217 aip= &ai;
218 osp= &os;
219
220 M_ASN1_D2I_Init();
221 M_ASN1_D2I_start_sequence();
222
223 ai.data=NULL; ai.length=0;
224 M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
225 version=(int)ASN1_INTEGER_get(aip);
226 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
227
228 /* we don't care about the version right now :-) */
229 M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
230 ssl_version=(int)ASN1_INTEGER_get(aip);
231 ret->ssl_version=ssl_version;
232 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
233
234 os.data=NULL; os.length=0;
235 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
236 if (ssl_version == SSL2_VERSION)
237 {
238 if (os.length != 3)
239 {
240 c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
241 goto err;
242 }
243 id=0x02000000L|
244 ((unsigned long)os.data[0]<<16L)|
245 ((unsigned long)os.data[1]<< 8L)|
246 (unsigned long)os.data[2];
247 }
248 else if ((ssl_version>>8) == 3)
249 {
250 if (os.length != 2)
251 {
252 c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
253 goto err;
254 }
255 id=0x03000000L|
256 ((unsigned long)os.data[0]<<8L)|
257 (unsigned long)os.data[1];
258 }
259 else
260 {
261 SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
262 return(NULL);
263 }
264
265 ret->cipher=NULL;
266 ret->cipher_id=id;
267
268 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
269 if ((ssl_version>>8) == SSL3_VERSION)
270 i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
271 else /* if (ssl_version == SSL2_VERSION) */
272 i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
273
274 if (os.length > i)
275 os.length=i;
276
277 ret->session_id_length=os.length;
278 memcpy(ret->session_id,os.data,os.length);
279
280 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
281 if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
282 ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
283 else
284 ret->master_key_length=os.length;
285 memcpy(ret->master_key,os.data,ret->master_key_length);
286
287 os.length=0;
288 M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
289 if (os.length > SSL_MAX_KEY_ARG_LENGTH)
290 ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
291 else
292 ret->key_arg_length=os.length;
293 memcpy(ret->key_arg,os.data,ret->key_arg_length);
294 if (os.data != NULL) OPENSSL_free(os.data);
295
296 ai.length=0;
297 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
298 if (ai.data != NULL)
299 {
300 ret->time=ASN1_INTEGER_get(aip);
301 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
302 }
303 else
304 ret->time=time(NULL);
305
306 ai.length=0;
307 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
308 if (ai.data != NULL)
309 {
310 ret->timeout=ASN1_INTEGER_get(aip);
311 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
312 }
313 else
314 ret->timeout=3;
315
316 if (ret->peer != NULL)
317 {
318 X509_free(ret->peer);
319 ret->peer=NULL;
320 }
321 M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
322
323 os.length=0;
324 os.data=NULL;
325 M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4);
326
327 if(os.data != NULL)
328 {
329 if (os.length > SSL_MAX_SID_CTX_LENGTH)
330 SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
331 ret->sid_ctx_length=os.length;
332 memcpy(ret->sid_ctx,os.data,os.length);
333 OPENSSL_free(os.data); os.data=NULL; os.length=0;
334 }
335 else
336 ret->sid_ctx_length=0;
337
338 ai.length=0;
339 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5);
340 if (ai.data != NULL)
341 {
342 ret->verify_result=ASN1_INTEGER_get(aip);
343 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
344 }
345 else
346 ret->verify_result=X509_V_OK;
347
348 M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
349 }
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
deleted file mode 100644
index 27e7fcc60a..0000000000
--- a/src/lib/libssl/ssl_cert.c
+++ /dev/null
@@ -1,757 +0,0 @@
1/*! \file ssl/ssl_cert.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@OpenSSL.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 */
106
107#include <stdio.h>
108
109#include "openssl/e_os.h"
110
111#ifndef NO_SYS_TYPES_H
112# include <sys/types.h>
113#endif
114
115#if !defined(WIN32) && !defined(VSM) && !defined(NeXT) && !defined(MAC_OS_pre_X)
116#include <dirent.h>
117#endif
118
119#ifdef NeXT
120#include <sys/dir.h>
121#define dirent direct
122#endif
123
124#include <openssl/objects.h>
125#include <openssl/bio.h>
126#include <openssl/pem.h>
127#include <openssl/x509v3.h>
128#include "ssl_locl.h"
129
130int SSL_get_ex_data_X509_STORE_CTX_idx(void)
131 {
132 static int ssl_x509_store_ctx_idx= -1;
133
134 if (ssl_x509_store_ctx_idx < 0)
135 {
136 ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
137 0,"SSL for verify callback",NULL,NULL,NULL);
138 }
139 return(ssl_x509_store_ctx_idx);
140 }
141
142CERT *ssl_cert_new(void)
143 {
144 CERT *ret;
145
146 ret=(CERT *)OPENSSL_malloc(sizeof(CERT));
147 if (ret == NULL)
148 {
149 SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
150 return(NULL);
151 }
152 memset(ret,0,sizeof(CERT));
153
154 ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
155 ret->references=1;
156
157 return(ret);
158 }
159
160CERT *ssl_cert_dup(CERT *cert)
161 {
162 CERT *ret;
163 int i;
164
165 ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
166 if (ret == NULL)
167 {
168 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
169 return(NULL);
170 }
171
172 memset(ret, 0, sizeof(CERT));
173
174 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
175 /* or ret->key = ret->pkeys + (cert->key - cert->pkeys),
176 * if you find that more readable */
177
178 ret->valid = cert->valid;
179 ret->mask = cert->mask;
180 ret->export_mask = cert->export_mask;
181
182#ifndef NO_RSA
183 if (cert->rsa_tmp != NULL)
184 {
185 ret->rsa_tmp = cert->rsa_tmp;
186 CRYPTO_add(&ret->rsa_tmp->references, 1, CRYPTO_LOCK_RSA);
187 }
188 ret->rsa_tmp_cb = cert->rsa_tmp_cb;
189#endif
190
191#ifndef NO_DH
192 if (cert->dh_tmp != NULL)
193 {
194 /* DH parameters don't have a reference count */
195 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
196 if (ret->dh_tmp == NULL)
197 {
198 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
199 goto err;
200 }
201 if (cert->dh_tmp->priv_key)
202 {
203 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
204 if (!b)
205 {
206 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
207 goto err;
208 }
209 ret->dh_tmp->priv_key = b;
210 }
211 if (cert->dh_tmp->pub_key)
212 {
213 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
214 if (!b)
215 {
216 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
217 goto err;
218 }
219 ret->dh_tmp->pub_key = b;
220 }
221 }
222 ret->dh_tmp_cb = cert->dh_tmp_cb;
223#endif
224
225 for (i = 0; i < SSL_PKEY_NUM; i++)
226 {
227 if (cert->pkeys[i].x509 != NULL)
228 {
229 ret->pkeys[i].x509 = cert->pkeys[i].x509;
230 CRYPTO_add(&ret->pkeys[i].x509->references, 1,
231 CRYPTO_LOCK_X509);
232 }
233
234 if (cert->pkeys[i].privatekey != NULL)
235 {
236 ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
237 CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
238 CRYPTO_LOCK_EVP_PKEY);
239
240 switch(i)
241 {
242 /* If there was anything special to do for
243 * certain types of keys, we'd do it here.
244 * (Nothing at the moment, I think.) */
245
246 case SSL_PKEY_RSA_ENC:
247 case SSL_PKEY_RSA_SIGN:
248 /* We have an RSA key. */
249 break;
250
251 case SSL_PKEY_DSA_SIGN:
252 /* We have a DSA key. */
253 break;
254
255 case SSL_PKEY_DH_RSA:
256 case SSL_PKEY_DH_DSA:
257 /* We have a DH key. */
258 break;
259
260 default:
261 /* Can't happen. */
262 SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
263 }
264 }
265 }
266
267 /* ret->extra_certs *should* exist, but currently the own certificate
268 * chain is held inside SSL_CTX */
269
270 ret->references=1;
271
272 return(ret);
273
274#ifndef NO_DH /* avoid 'unreferenced label' warning if NO_DH is defined */
275err:
276#endif
277#ifndef NO_RSA
278 if (ret->rsa_tmp != NULL)
279 RSA_free(ret->rsa_tmp);
280#endif
281#ifndef NO_DH
282 if (ret->dh_tmp != NULL)
283 DH_free(ret->dh_tmp);
284#endif
285
286 for (i = 0; i < SSL_PKEY_NUM; i++)
287 {
288 if (ret->pkeys[i].x509 != NULL)
289 X509_free(ret->pkeys[i].x509);
290 if (ret->pkeys[i].privatekey != NULL)
291 EVP_PKEY_free(ret->pkeys[i].privatekey);
292 }
293
294 return NULL;
295 }
296
297
298void ssl_cert_free(CERT *c)
299 {
300 int i;
301
302 if(c == NULL)
303 return;
304
305 i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
306#ifdef REF_PRINT
307 REF_PRINT("CERT",c);
308#endif
309 if (i > 0) return;
310#ifdef REF_CHECK
311 if (i < 0)
312 {
313 fprintf(stderr,"ssl_cert_free, bad reference count\n");
314 abort(); /* ok */
315 }
316#endif
317
318#ifndef NO_RSA
319 if (c->rsa_tmp) RSA_free(c->rsa_tmp);
320#endif
321#ifndef NO_DH
322 if (c->dh_tmp) DH_free(c->dh_tmp);
323#endif
324
325 for (i=0; i<SSL_PKEY_NUM; i++)
326 {
327 if (c->pkeys[i].x509 != NULL)
328 X509_free(c->pkeys[i].x509);
329 if (c->pkeys[i].privatekey != NULL)
330 EVP_PKEY_free(c->pkeys[i].privatekey);
331#if 0
332 if (c->pkeys[i].publickey != NULL)
333 EVP_PKEY_free(c->pkeys[i].publickey);
334#endif
335 }
336 OPENSSL_free(c);
337 }
338
339int ssl_cert_inst(CERT **o)
340 {
341 /* Create a CERT if there isn't already one
342 * (which cannot really happen, as it is initially created in
343 * SSL_CTX_new; but the earlier code usually allows for that one
344 * being non-existant, so we follow that behaviour, as it might
345 * turn out that there actually is a reason for it -- but I'm
346 * not sure that *all* of the existing code could cope with
347 * s->cert being NULL, otherwise we could do without the
348 * initialization in SSL_CTX_new).
349 */
350
351 if (o == NULL)
352 {
353 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
354 return(0);
355 }
356 if (*o == NULL)
357 {
358 if ((*o = ssl_cert_new()) == NULL)
359 {
360 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
361 return(0);
362 }
363 }
364 return(1);
365 }
366
367
368SESS_CERT *ssl_sess_cert_new(void)
369 {
370 SESS_CERT *ret;
371
372 ret = OPENSSL_malloc(sizeof *ret);
373 if (ret == NULL)
374 {
375 SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
376 return NULL;
377 }
378
379 memset(ret, 0 ,sizeof *ret);
380 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
381 ret->references = 1;
382
383 return ret;
384 }
385
386void ssl_sess_cert_free(SESS_CERT *sc)
387 {
388 int i;
389
390 if (sc == NULL)
391 return;
392
393 i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
394#ifdef REF_PRINT
395 REF_PRINT("SESS_CERT", sc);
396#endif
397 if (i > 0)
398 return;
399#ifdef REF_CHECK
400 if (i < 0)
401 {
402 fprintf(stderr,"ssl_sess_cert_free, bad reference count\n");
403 abort(); /* ok */
404 }
405#endif
406
407 /* i == 0 */
408 if (sc->cert_chain != NULL)
409 sk_X509_pop_free(sc->cert_chain, X509_free);
410 for (i = 0; i < SSL_PKEY_NUM; i++)
411 {
412 if (sc->peer_pkeys[i].x509 != NULL)
413 X509_free(sc->peer_pkeys[i].x509);
414#if 0 /* We don't have the peer's private key. These lines are just
415 * here as a reminder that we're still using a not-quite-appropriate
416 * data structure. */
417 if (sc->peer_pkeys[i].privatekey != NULL)
418 EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
419#endif
420 }
421
422#ifndef NO_RSA
423 if (sc->peer_rsa_tmp != NULL)
424 RSA_free(sc->peer_rsa_tmp);
425#endif
426#ifndef NO_DH
427 if (sc->peer_dh_tmp != NULL)
428 DH_free(sc->peer_dh_tmp);
429#endif
430
431 OPENSSL_free(sc);
432 }
433
434int ssl_set_peer_cert_type(SESS_CERT *sc,int type)
435 {
436 sc->peer_cert_type = type;
437 return(1);
438 }
439
440int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
441 {
442 X509 *x;
443 int i;
444 X509_STORE_CTX ctx;
445
446 if ((sk == NULL) || (sk_X509_num(sk) == 0))
447 return(0);
448
449 x=sk_X509_value(sk,0);
450 X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk);
451 if (SSL_get_verify_depth(s) >= 0)
452 X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
453 X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
454 /* We need to set the verify purpose. The purpose can be determined by
455 * the context: if its a server it will verify SSL client certificates
456 * or vice versa.
457 */
458
459 if(s->server) i = X509_PURPOSE_SSL_CLIENT;
460 else i = X509_PURPOSE_SSL_SERVER;
461
462 X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
463
464 if (s->ctx->app_verify_callback != NULL)
465 i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
466 else
467 {
468#ifndef NO_X509_VERIFY
469 i=X509_verify_cert(&ctx);
470#else
471 i=0;
472 ctx.error=X509_V_ERR_APPLICATION_VERIFICATION;
473 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK);
474#endif
475 }
476
477 s->verify_result=ctx.error;
478 X509_STORE_CTX_cleanup(&ctx);
479
480 return(i);
481 }
482
483static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list)
484 {
485 if (*ca_list != NULL)
486 sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
487
488 *ca_list=list;
489 }
490
491STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
492 {
493 int i;
494 STACK_OF(X509_NAME) *ret;
495 X509_NAME *name;
496
497 ret=sk_X509_NAME_new_null();
498 for (i=0; i<sk_X509_NAME_num(sk); i++)
499 {
500 name=X509_NAME_dup(sk_X509_NAME_value(sk,i));
501 if ((name == NULL) || !sk_X509_NAME_push(ret,name))
502 {
503 sk_X509_NAME_pop_free(ret,X509_NAME_free);
504 return(NULL);
505 }
506 }
507 return(ret);
508 }
509
510void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list)
511 {
512 set_client_CA_list(&(s->client_CA),list);
513 }
514
515void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list)
516 {
517 set_client_CA_list(&(ctx->client_CA),list);
518 }
519
520STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
521 {
522 return(ctx->client_CA);
523 }
524
525STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
526 {
527 if (s->type == SSL_ST_CONNECT)
528 { /* we are in the client */
529 if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
530 (s->s3 != NULL))
531 return(s->s3->tmp.ca_names);
532 else
533 return(NULL);
534 }
535 else
536 {
537 if (s->client_CA != NULL)
538 return(s->client_CA);
539 else
540 return(s->ctx->client_CA);
541 }
542 }
543
544static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
545 {
546 X509_NAME *name;
547
548 if (x == NULL) return(0);
549 if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
550 return(0);
551
552 if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
553 return(0);
554
555 if (!sk_X509_NAME_push(*sk,name))
556 {
557 X509_NAME_free(name);
558 return(0);
559 }
560 return(1);
561 }
562
563int SSL_add_client_CA(SSL *ssl,X509 *x)
564 {
565 return(add_client_CA(&(ssl->client_CA),x));
566 }
567
568int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
569 {
570 return(add_client_CA(&(ctx->client_CA),x));
571 }
572
573static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
574 {
575 return(X509_NAME_cmp(*a,*b));
576 }
577
578#ifndef NO_STDIO
579/*!
580 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
581 * it doesn't really have anything to do with clients (except that a common use
582 * for a stack of CAs is to send it to the client). Actually, it doesn't have
583 * much to do with CAs, either, since it will load any old cert.
584 * \param file the file containing one or more certs.
585 * \return a ::STACK containing the certs.
586 */
587STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
588 {
589 BIO *in;
590 X509 *x=NULL;
591 X509_NAME *xn=NULL;
592 STACK_OF(X509_NAME) *ret,*sk;
593
594 ret=sk_X509_NAME_new_null();
595 sk=sk_X509_NAME_new(xname_cmp);
596
597 in=BIO_new(BIO_s_file_internal());
598
599 if ((ret == NULL) || (sk == NULL) || (in == NULL))
600 {
601 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
602 goto err;
603 }
604
605 if (!BIO_read_filename(in,file))
606 goto err;
607
608 for (;;)
609 {
610 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
611 break;
612 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
613 /* check for duplicates */
614 xn=X509_NAME_dup(xn);
615 if (xn == NULL) goto err;
616 if (sk_X509_NAME_find(sk,xn) >= 0)
617 X509_NAME_free(xn);
618 else
619 {
620 sk_X509_NAME_push(sk,xn);
621 sk_X509_NAME_push(ret,xn);
622 }
623 }
624
625 if (0)
626 {
627err:
628 if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
629 ret=NULL;
630 }
631 if (sk != NULL) sk_X509_NAME_free(sk);
632 if (in != NULL) BIO_free(in);
633 if (x != NULL) X509_free(x);
634 return(ret);
635 }
636#endif
637
638/*!
639 * Add a file of certs to a stack.
640 * \param stack the stack to add to.
641 * \param file the file to add from. All certs in this file that are not
642 * already in the stack will be added.
643 * \return 1 for success, 0 for failure. Note that in the case of failure some
644 * certs may have been added to \c stack.
645 */
646
647int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
648 const char *file)
649 {
650 BIO *in;
651 X509 *x=NULL;
652 X509_NAME *xn=NULL;
653 int ret=1;
654 int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
655
656 oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp);
657
658 in=BIO_new(BIO_s_file_internal());
659
660 if (in == NULL)
661 {
662 SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
663 goto err;
664 }
665
666 if (!BIO_read_filename(in,file))
667 goto err;
668
669 for (;;)
670 {
671 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
672 break;
673 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
674 xn=X509_NAME_dup(xn);
675 if (xn == NULL) goto err;
676 if (sk_X509_NAME_find(stack,xn) >= 0)
677 X509_NAME_free(xn);
678 else
679 sk_X509_NAME_push(stack,xn);
680 }
681
682 if (0)
683 {
684err:
685 ret=0;
686 }
687 if(in != NULL)
688 BIO_free(in);
689 if(x != NULL)
690 X509_free(x);
691
692 sk_X509_NAME_set_cmp_func(stack,oldcmp);
693
694 return ret;
695 }
696
697/*!
698 * Add a directory of certs to a stack.
699 * \param stack the stack to append to.
700 * \param dir the directory to append from. All files in this directory will be
701 * examined as potential certs. Any that are acceptable to
702 * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
703 * included.
704 * \return 1 for success, 0 for failure. Note that in the case of failure some
705 * certs may have been added to \c stack.
706 */
707
708#ifndef WIN32
709#ifndef VMS /* XXXX This may be fixed in the future */
710#ifndef MAC_OS_pre_X
711
712int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
713 const char *dir)
714 {
715 DIR *d;
716 struct dirent *dstruct;
717 int ret = 0;
718
719 CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
720 d = opendir(dir);
721
722 /* Note that a side effect is that the CAs will be sorted by name */
723 if(!d)
724 {
725 SYSerr(SYS_F_OPENDIR, get_last_sys_error());
726 ERR_add_error_data(3, "opendir('", dir, "')");
727 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
728 goto err;
729 }
730
731 while((dstruct=readdir(d)))
732 {
733 char buf[1024];
734 int r;
735
736 if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
737 {
738 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
739 goto err;
740 }
741
742 r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name);
743 if (r <= 0 || r >= sizeof buf)
744 goto err;
745 if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
746 goto err;
747 }
748 ret = 1;
749
750err:
751 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
752 return ret;
753 }
754
755#endif
756#endif
757#endif
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
deleted file mode 100644
index f63163f26c..0000000000
--- a/src/lib/libssl/ssl_ciph.c
+++ /dev/null
@@ -1,1071 +0,0 @@
1/* ssl/ssl_ciph.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include <openssl/comp.h>
62#include "ssl_locl.h"
63
64#define SSL_ENC_DES_IDX 0
65#define SSL_ENC_3DES_IDX 1
66#define SSL_ENC_RC4_IDX 2
67#define SSL_ENC_RC2_IDX 3
68#define SSL_ENC_IDEA_IDX 4
69#define SSL_ENC_eFZA_IDX 5
70#define SSL_ENC_NULL_IDX 6
71#define SSL_ENC_NUM_IDX 7
72
73static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
74 NULL,NULL,NULL,NULL,NULL,NULL,
75 };
76
77static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
78
79#define SSL_MD_MD5_IDX 0
80#define SSL_MD_SHA1_IDX 1
81#define SSL_MD_NUM_IDX 2
82static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
83 NULL,NULL,
84 };
85
86#define CIPHER_ADD 1
87#define CIPHER_KILL 2
88#define CIPHER_DEL 3
89#define CIPHER_ORD 4
90#define CIPHER_SPECIAL 5
91
92typedef struct cipher_order_st
93 {
94 SSL_CIPHER *cipher;
95 int active;
96 int dead;
97 struct cipher_order_st *next,*prev;
98 } CIPHER_ORDER;
99
100static const SSL_CIPHER cipher_aliases[]={
101 /* Don't include eNULL unless specifically enabled */
102 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
103 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
104 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
105 {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
106 {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
107 {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
108 {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
109 {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
110
111 {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
112 {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
113 {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0},
114 {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
115 {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0},
116 {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
117
118 {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0},
119 {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
120 {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
121 {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
122 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
123 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
124 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
125
126 {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
127 {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
128 {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0},
129
130 {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0},
131 {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
132 {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
133 {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
134
135 {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
136 {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
137 {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
138
139 {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
140 {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
141 {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
142 {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
143 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
144 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
145 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
146 };
147
148static int init_ciphers=1;
149
150static void load_ciphers(void)
151 {
152 init_ciphers=0;
153 ssl_cipher_methods[SSL_ENC_DES_IDX]=
154 EVP_get_cipherbyname(SN_des_cbc);
155 ssl_cipher_methods[SSL_ENC_3DES_IDX]=
156 EVP_get_cipherbyname(SN_des_ede3_cbc);
157 ssl_cipher_methods[SSL_ENC_RC4_IDX]=
158 EVP_get_cipherbyname(SN_rc4);
159 ssl_cipher_methods[SSL_ENC_RC2_IDX]=
160 EVP_get_cipherbyname(SN_rc2_cbc);
161 ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
162 EVP_get_cipherbyname(SN_idea_cbc);
163
164 ssl_digest_methods[SSL_MD_MD5_IDX]=
165 EVP_get_digestbyname(SN_md5);
166 ssl_digest_methods[SSL_MD_SHA1_IDX]=
167 EVP_get_digestbyname(SN_sha1);
168 }
169
170int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
171 const EVP_MD **md, SSL_COMP **comp)
172 {
173 int i;
174 SSL_CIPHER *c;
175
176 c=s->cipher;
177 if (c == NULL) return(0);
178 if (comp != NULL)
179 {
180 SSL_COMP ctmp;
181
182 if (s->compress_meth == 0)
183 *comp=NULL;
184 else if (ssl_comp_methods == NULL)
185 {
186 /* bad */
187 *comp=NULL;
188 }
189 else
190 {
191
192 ctmp.id=s->compress_meth;
193 i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
194 if (i >= 0)
195 *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
196 else
197 *comp=NULL;
198 }
199 }
200
201 if ((enc == NULL) || (md == NULL)) return(0);
202
203 switch (c->algorithms & SSL_ENC_MASK)
204 {
205 case SSL_DES:
206 i=SSL_ENC_DES_IDX;
207 break;
208 case SSL_3DES:
209 i=SSL_ENC_3DES_IDX;
210 break;
211 case SSL_RC4:
212 i=SSL_ENC_RC4_IDX;
213 break;
214 case SSL_RC2:
215 i=SSL_ENC_RC2_IDX;
216 break;
217 case SSL_IDEA:
218 i=SSL_ENC_IDEA_IDX;
219 break;
220 case SSL_eNULL:
221 i=SSL_ENC_NULL_IDX;
222 break;
223 default:
224 i= -1;
225 break;
226 }
227
228 if ((i < 0) || (i > SSL_ENC_NUM_IDX))
229 *enc=NULL;
230 else
231 {
232 if (i == SSL_ENC_NULL_IDX)
233 *enc=EVP_enc_null();
234 else
235 *enc=ssl_cipher_methods[i];
236 }
237
238 switch (c->algorithms & SSL_MAC_MASK)
239 {
240 case SSL_MD5:
241 i=SSL_MD_MD5_IDX;
242 break;
243 case SSL_SHA1:
244 i=SSL_MD_SHA1_IDX;
245 break;
246 default:
247 i= -1;
248 break;
249 }
250 if ((i < 0) || (i > SSL_MD_NUM_IDX))
251 *md=NULL;
252 else
253 *md=ssl_digest_methods[i];
254
255 if ((*enc != NULL) && (*md != NULL))
256 return(1);
257 else
258 return(0);
259 }
260
261#define ITEM_SEP(a) \
262 (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
263
264static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
265 CIPHER_ORDER **tail)
266 {
267 if (curr == *tail) return;
268 if (curr == *head)
269 *head=curr->next;
270 if (curr->prev != NULL)
271 curr->prev->next=curr->next;
272 if (curr->next != NULL) /* should always be true */
273 curr->next->prev=curr->prev;
274 (*tail)->next=curr;
275 curr->prev= *tail;
276 curr->next=NULL;
277 *tail=curr;
278 }
279
280static unsigned long ssl_cipher_get_disabled(void)
281 {
282 unsigned long mask;
283
284 mask = SSL_kFZA;
285#ifdef NO_RSA
286 mask |= SSL_aRSA|SSL_kRSA;
287#endif
288#ifdef NO_DSA
289 mask |= SSL_aDSS;
290#endif
291#ifdef NO_DH
292 mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
293#endif
294
295#ifdef SSL_FORBID_ENULL
296 mask |= SSL_eNULL;
297#endif
298
299 mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
300 mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
301 mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
302 mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
303 mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
304 mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
305
306 mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
307 mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
308
309 return(mask);
310 }
311
312static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
313 int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list,
314 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
315 {
316 int i, list_num;
317 SSL_CIPHER *c;
318
319 /*
320 * We have num_of_ciphers descriptions compiled in, depending on the
321 * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
322 * These will later be sorted in a linked list with at most num
323 * entries.
324 */
325
326 /* Get the initial list of ciphers */
327 list_num = 0; /* actual count of ciphers */
328 for (i = 0; i < num_of_ciphers; i++)
329 {
330 c = ssl_method->get_cipher(i);
331 /* drop those that use any of that is not available */
332 if ((c != NULL) && c->valid && !(c->algorithms & mask))
333 {
334 list[list_num].cipher = c;
335 list[list_num].next = NULL;
336 list[list_num].prev = NULL;
337 list[list_num].active = 0;
338 list_num++;
339 /*
340 if (!sk_push(ca_list,(char *)c)) goto err;
341 */
342 }
343 }
344
345 /*
346 * Prepare linked list from list entries
347 */
348 for (i = 1; i < list_num - 1; i++)
349 {
350 list[i].prev = &(list[i-1]);
351 list[i].next = &(list[i+1]);
352 }
353 if (list_num > 0)
354 {
355 (*head_p) = &(list[0]);
356 (*head_p)->prev = NULL;
357 (*head_p)->next = &(list[1]);
358 (*tail_p) = &(list[list_num - 1]);
359 (*tail_p)->prev = &(list[list_num - 2]);
360 (*tail_p)->next = NULL;
361 }
362 }
363
364static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
365 int num_of_group_aliases, unsigned long mask,
366 CIPHER_ORDER *head)
367 {
368 CIPHER_ORDER *ciph_curr;
369 SSL_CIPHER **ca_curr;
370 int i;
371
372 /*
373 * First, add the real ciphers as already collected
374 */
375 ciph_curr = head;
376 ca_curr = ca_list;
377 while (ciph_curr != NULL)
378 {
379 *ca_curr = ciph_curr->cipher;
380 ca_curr++;
381 ciph_curr = ciph_curr->next;
382 }
383
384 /*
385 * Now we add the available ones from the cipher_aliases[] table.
386 * They represent either an algorithm, that must be fully
387 * supported (not match any bit in mask) or represent a cipher
388 * strength value (will be added in any case because algorithms=0).
389 */
390 for (i = 0; i < num_of_group_aliases; i++)
391 {
392 if ((i == 0) || /* always fetch "ALL" */
393 !(cipher_aliases[i].algorithms & mask))
394 {
395 *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
396 ca_curr++;
397 }
398 }
399
400 *ca_curr = NULL; /* end of list */
401 }
402
403static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
404 unsigned long algo_strength, unsigned long mask_strength,
405 int rule, int strength_bits, CIPHER_ORDER *list,
406 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
407 {
408 CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
409 SSL_CIPHER *cp;
410 unsigned long ma, ma_s;
411
412#ifdef CIPHER_DEBUG
413 printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
414 rule, algorithms, mask, algo_strength, mask_strength,
415 strength_bits);
416#endif
417
418 curr = head = *head_p;
419 curr2 = head;
420 tail2 = tail = *tail_p;
421 for (;;)
422 {
423 if ((curr == NULL) || (curr == tail2)) break;
424 curr = curr2;
425 curr2 = curr->next;
426
427 cp = curr->cipher;
428
429 /*
430 * Selection criteria is either the number of strength_bits
431 * or the algorithm used.
432 */
433 if (strength_bits == -1)
434 {
435 ma = mask & cp->algorithms;
436 ma_s = mask_strength & cp->algo_strength;
437
438#ifdef CIPHER_DEBUG
439 printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
440 printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
441#endif
442 /*
443 * Select: if none of the mask bit was met from the
444 * cipher or not all of the bits were met, the
445 * selection does not apply.
446 */
447 if (((ma == 0) && (ma_s == 0)) ||
448 ((ma & algorithms) != ma) ||
449 ((ma_s & algo_strength) != ma_s))
450 continue; /* does not apply */
451 }
452 else if (strength_bits != cp->strength_bits)
453 continue; /* does not apply */
454
455#ifdef CIPHER_DEBUG
456 printf("Action = %d\n", rule);
457#endif
458
459 /* add the cipher if it has not been added yet. */
460 if (rule == CIPHER_ADD)
461 {
462 if (!curr->active)
463 {
464 ll_append_tail(&head, curr, &tail);
465 curr->active = 1;
466 }
467 }
468 /* Move the added cipher to this location */
469 else if (rule == CIPHER_ORD)
470 {
471 if (curr->active)
472 {
473 ll_append_tail(&head, curr, &tail);
474 }
475 }
476 else if (rule == CIPHER_DEL)
477 curr->active = 0;
478 else if (rule == CIPHER_KILL)
479 {
480 if (head == curr)
481 head = curr->next;
482 else
483 curr->prev->next = curr->next;
484 if (tail == curr)
485 tail = curr->prev;
486 curr->active = 0;
487 if (curr->next != NULL)
488 curr->next->prev = curr->prev;
489 if (curr->prev != NULL)
490 curr->prev->next = curr->next;
491 curr->next = NULL;
492 curr->prev = NULL;
493 }
494 }
495
496 *head_p = head;
497 *tail_p = tail;
498 }
499
500static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p,
501 CIPHER_ORDER **tail_p)
502 {
503 int max_strength_bits, i, *number_uses;
504 CIPHER_ORDER *curr;
505
506 /*
507 * This routine sorts the ciphers with descending strength. The sorting
508 * must keep the pre-sorted sequence, so we apply the normal sorting
509 * routine as '+' movement to the end of the list.
510 */
511 max_strength_bits = 0;
512 curr = *head_p;
513 while (curr != NULL)
514 {
515 if (curr->active &&
516 (curr->cipher->strength_bits > max_strength_bits))
517 max_strength_bits = curr->cipher->strength_bits;
518 curr = curr->next;
519 }
520
521 number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
522 if (!number_uses)
523 {
524 SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
525 return(0);
526 }
527 memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
528
529 /*
530 * Now find the strength_bits values actually used
531 */
532 curr = *head_p;
533 while (curr != NULL)
534 {
535 if (curr->active)
536 number_uses[curr->cipher->strength_bits]++;
537 curr = curr->next;
538 }
539 /*
540 * Go through the list of used strength_bits values in descending
541 * order.
542 */
543 for (i = max_strength_bits; i >= 0; i--)
544 if (number_uses[i] > 0)
545 ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
546 list, head_p, tail_p);
547
548 OPENSSL_free(number_uses);
549 return(1);
550 }
551
552static int ssl_cipher_process_rulestr(const char *rule_str,
553 CIPHER_ORDER *list, CIPHER_ORDER **head_p,
554 CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
555 {
556 unsigned long algorithms, mask, algo_strength, mask_strength;
557 const char *l, *start, *buf;
558 int j, multi, found, rule, retval, ok, buflen;
559 char ch;
560
561 retval = 1;
562 l = rule_str;
563 for (;;)
564 {
565 ch = *l;
566
567 if (ch == '\0')
568 break; /* done */
569 if (ch == '-')
570 { rule = CIPHER_DEL; l++; }
571 else if (ch == '+')
572 { rule = CIPHER_ORD; l++; }
573 else if (ch == '!')
574 { rule = CIPHER_KILL; l++; }
575 else if (ch == '@')
576 { rule = CIPHER_SPECIAL; l++; }
577 else
578 { rule = CIPHER_ADD; }
579
580 if (ITEM_SEP(ch))
581 {
582 l++;
583 continue;
584 }
585
586 algorithms = mask = algo_strength = mask_strength = 0;
587
588 start=l;
589 for (;;)
590 {
591 ch = *l;
592 buf = l;
593 buflen = 0;
594#ifndef CHARSET_EBCDIC
595 while ( ((ch >= 'A') && (ch <= 'Z')) ||
596 ((ch >= '0') && (ch <= '9')) ||
597 ((ch >= 'a') && (ch <= 'z')) ||
598 (ch == '-'))
599#else
600 while ( isalnum(ch) || (ch == '-'))
601#endif
602 {
603 ch = *(++l);
604 buflen++;
605 }
606
607 if (buflen == 0)
608 {
609 /*
610 * We hit something we cannot deal with,
611 * it is no command or separator nor
612 * alphanumeric, so we call this an error.
613 */
614 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
615 SSL_R_INVALID_COMMAND);
616 retval = found = 0;
617 l++;
618 break;
619 }
620
621 if (rule == CIPHER_SPECIAL)
622 {
623 found = 0; /* unused -- avoid compiler warning */
624 break; /* special treatment */
625 }
626
627 /* check for multi-part specification */
628 if (ch == '+')
629 {
630 multi=1;
631 l++;
632 }
633 else
634 multi=0;
635
636 /*
637 * Now search for the cipher alias in the ca_list. Be careful
638 * with the strncmp, because the "buflen" limitation
639 * will make the rule "ADH:SOME" and the cipher
640 * "ADH-MY-CIPHER" look like a match for buflen=3.
641 * So additionally check whether the cipher name found
642 * has the correct length. We can save a strlen() call:
643 * just checking for the '\0' at the right place is
644 * sufficient, we have to strncmp() anyway.
645 */
646 j = found = 0;
647 while (ca_list[j])
648 {
649 if ((ca_list[j]->name[buflen] == '\0') &&
650 !strncmp(buf, ca_list[j]->name, buflen))
651 {
652 found = 1;
653 break;
654 }
655 else
656 j++;
657 }
658 if (!found)
659 break; /* ignore this entry */
660
661 algorithms |= ca_list[j]->algorithms;
662 mask |= ca_list[j]->mask;
663 algo_strength |= ca_list[j]->algo_strength;
664 mask_strength |= ca_list[j]->mask_strength;
665
666 if (!multi) break;
667 }
668
669 /*
670 * Ok, we have the rule, now apply it
671 */
672 if (rule == CIPHER_SPECIAL)
673 { /* special command */
674 ok = 0;
675 if ((buflen == 8) &&
676 !strncmp(buf, "STRENGTH", 8))
677 ok = ssl_cipher_strength_sort(list,
678 head_p, tail_p);
679 else
680 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
681 SSL_R_INVALID_COMMAND);
682 if (ok == 0)
683 retval = 0;
684 /*
685 * We do not support any "multi" options
686 * together with "@", so throw away the
687 * rest of the command, if any left, until
688 * end or ':' is found.
689 */
690 while ((*l != '\0') && ITEM_SEP(*l))
691 l++;
692 }
693 else if (found)
694 {
695 ssl_cipher_apply_rule(algorithms, mask,
696 algo_strength, mask_strength, rule, -1,
697 list, head_p, tail_p);
698 }
699 else
700 {
701 while ((*l != '\0') && ITEM_SEP(*l))
702 l++;
703 }
704 if (*l == '\0') break; /* done */
705 }
706
707 return(retval);
708 }
709
710STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
711 STACK_OF(SSL_CIPHER) **cipher_list,
712 STACK_OF(SSL_CIPHER) **cipher_list_by_id,
713 const char *rule_str)
714 {
715 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
716 unsigned long disabled_mask;
717 STACK_OF(SSL_CIPHER) *cipherstack;
718 const char *rule_p;
719 CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr;
720 SSL_CIPHER **ca_list = NULL;
721
722 /*
723 * Return with error if nothing to do.
724 */
725 if (rule_str == NULL) return(NULL);
726
727 if (init_ciphers) load_ciphers();
728
729 /*
730 * To reduce the work to do we only want to process the compiled
731 * in algorithms, so we first get the mask of disabled ciphers.
732 */
733 disabled_mask = ssl_cipher_get_disabled();
734
735 /*
736 * Now we have to collect the available ciphers from the compiled
737 * in ciphers. We cannot get more than the number compiled in, so
738 * it is used for allocation.
739 */
740 num_of_ciphers = ssl_method->num_ciphers();
741 list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
742 if (list == NULL)
743 {
744 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
745 return(NULL); /* Failure */
746 }
747
748 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
749 list, &head, &tail);
750
751 /*
752 * We also need cipher aliases for selecting based on the rule_str.
753 * There might be two types of entries in the rule_str: 1) names
754 * of ciphers themselves 2) aliases for groups of ciphers.
755 * For 1) we need the available ciphers and for 2) the cipher
756 * groups of cipher_aliases added together in one list (otherwise
757 * we would be happy with just the cipher_aliases table).
758 */
759 num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
760 num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
761 ca_list =
762 (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
763 if (ca_list == NULL)
764 {
765 OPENSSL_free(list);
766 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
767 return(NULL); /* Failure */
768 }
769 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
770 head);
771
772 /*
773 * If the rule_string begins with DEFAULT, apply the default rule
774 * before using the (possibly available) additional rules.
775 */
776 ok = 1;
777 rule_p = rule_str;
778 if (strncmp(rule_str,"DEFAULT",7) == 0)
779 {
780 ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
781 list, &head, &tail, ca_list);
782 rule_p += 7;
783 if (*rule_p == ':')
784 rule_p++;
785 }
786
787 if (ok && (strlen(rule_p) > 0))
788 ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail,
789 ca_list);
790
791 OPENSSL_free(ca_list); /* Not needed anymore */
792
793 if (!ok)
794 { /* Rule processing failure */
795 OPENSSL_free(list);
796 return(NULL);
797 }
798 /*
799 * Allocate new "cipherstack" for the result, return with error
800 * if we cannot get one.
801 */
802 if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
803 {
804 OPENSSL_free(list);
805 return(NULL);
806 }
807
808 /*
809 * The cipher selection for the list is done. The ciphers are added
810 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
811 */
812 for (curr = head; curr != NULL; curr = curr->next)
813 {
814 if (curr->active)
815 {
816 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
817#ifdef CIPHER_DEBUG
818 printf("<%s>\n",curr->cipher->name);
819#endif
820 }
821 }
822 OPENSSL_free(list); /* Not needed any longer */
823
824 /*
825 * The following passage is a little bit odd. If pointer variables
826 * were supplied to hold STACK_OF(SSL_CIPHER) return information,
827 * the old memory pointed to is free()ed. Then, however, the
828 * cipher_list entry will be assigned just a copy of the returned
829 * cipher stack. For cipher_list_by_id a copy of the cipher stack
830 * will be created. See next comment...
831 */
832 if (cipher_list != NULL)
833 {
834 if (*cipher_list != NULL)
835 sk_SSL_CIPHER_free(*cipher_list);
836 *cipher_list = cipherstack;
837 }
838
839 if (cipher_list_by_id != NULL)
840 {
841 if (*cipher_list_by_id != NULL)
842 sk_SSL_CIPHER_free(*cipher_list_by_id);
843 *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
844 }
845
846 /*
847 * Now it is getting really strange. If something failed during
848 * the previous pointer assignment or if one of the pointers was
849 * not requested, the error condition is met. That might be
850 * discussable. The strange thing is however that in this case
851 * the memory "ret" pointed to is "free()ed" and hence the pointer
852 * cipher_list becomes wild. The memory reserved for
853 * cipher_list_by_id however is not "free()ed" and stays intact.
854 */
855 if ( (cipher_list_by_id == NULL) ||
856 (*cipher_list_by_id == NULL) ||
857 (cipher_list == NULL) ||
858 (*cipher_list == NULL))
859 {
860 sk_SSL_CIPHER_free(cipherstack);
861 return(NULL);
862 }
863
864 sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
865
866 return(cipherstack);
867 }
868
869char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
870 {
871 int is_export,pkl,kl;
872 char *ver,*exp;
873 char *kx,*au,*enc,*mac;
874 unsigned long alg,alg2,alg_s;
875 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
876
877 alg=cipher->algorithms;
878 alg_s=cipher->algo_strength;
879 alg2=cipher->algorithm2;
880
881 is_export=SSL_C_IS_EXPORT(cipher);
882 pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
883 kl=SSL_C_EXPORT_KEYLENGTH(cipher);
884 exp=is_export?" export":"";
885
886 if (alg & SSL_SSLV2)
887 ver="SSLv2";
888 else if (alg & SSL_SSLV3)
889 ver="SSLv3";
890 else
891 ver="unknown";
892
893 switch (alg&SSL_MKEY_MASK)
894 {
895 case SSL_kRSA:
896 kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
897 break;
898 case SSL_kDHr:
899 kx="DH/RSA";
900 break;
901 case SSL_kDHd:
902 kx="DH/DSS";
903 break;
904 case SSL_kFZA:
905 kx="Fortezza";
906 break;
907 case SSL_kEDH:
908 kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
909 break;
910 default:
911 kx="unknown";
912 }
913
914 switch (alg&SSL_AUTH_MASK)
915 {
916 case SSL_aRSA:
917 au="RSA";
918 break;
919 case SSL_aDSS:
920 au="DSS";
921 break;
922 case SSL_aDH:
923 au="DH";
924 break;
925 case SSL_aFZA:
926 case SSL_aNULL:
927 au="None";
928 break;
929 default:
930 au="unknown";
931 break;
932 }
933
934 switch (alg&SSL_ENC_MASK)
935 {
936 case SSL_DES:
937 enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
938 break;
939 case SSL_3DES:
940 enc="3DES(168)";
941 break;
942 case SSL_RC4:
943 enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
944 :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
945 break;
946 case SSL_RC2:
947 enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
948 break;
949 case SSL_IDEA:
950 enc="IDEA(128)";
951 break;
952 case SSL_eFZA:
953 enc="Fortezza";
954 break;
955 case SSL_eNULL:
956 enc="None";
957 break;
958 default:
959 enc="unknown";
960 break;
961 }
962
963 switch (alg&SSL_MAC_MASK)
964 {
965 case SSL_MD5:
966 mac="MD5";
967 break;
968 case SSL_SHA1:
969 mac="SHA1";
970 break;
971 default:
972 mac="unknown";
973 break;
974 }
975
976 if (buf == NULL)
977 {
978 len=128;
979 buf=OPENSSL_malloc(len);
980 if (buf == NULL) return("OPENSSL_malloc Error");
981 }
982 else if (len < 128)
983 return("Buffer too small");
984
985 BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
986 return(buf);
987 }
988
989char *SSL_CIPHER_get_version(SSL_CIPHER *c)
990 {
991 int i;
992
993 if (c == NULL) return("(NONE)");
994 i=(int)(c->id>>24L);
995 if (i == 3)
996 return("TLSv1/SSLv3");
997 else if (i == 2)
998 return("SSLv2");
999 else
1000 return("unknown");
1001 }
1002
1003/* return the actual cipher being used */
1004const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
1005 {
1006 if (c != NULL)
1007 return(c->name);
1008 return("(NONE)");
1009 }
1010
1011/* number of bits for symmetric cipher */
1012int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
1013 {
1014 int ret=0;
1015
1016 if (c != NULL)
1017 {
1018 if (alg_bits != NULL) *alg_bits = c->alg_bits;
1019 ret = c->strength_bits;
1020 }
1021 return(ret);
1022 }
1023
1024SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
1025 {
1026 SSL_COMP *ctmp;
1027 int i,nn;
1028
1029 if ((n == 0) || (sk == NULL)) return(NULL);
1030 nn=sk_SSL_COMP_num(sk);
1031 for (i=0; i<nn; i++)
1032 {
1033 ctmp=sk_SSL_COMP_value(sk,i);
1034 if (ctmp->id == n)
1035 return(ctmp);
1036 }
1037 return(NULL);
1038 }
1039
1040static int sk_comp_cmp(const SSL_COMP * const *a,
1041 const SSL_COMP * const *b)
1042 {
1043 return((*a)->id-(*b)->id);
1044 }
1045
1046STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
1047 {
1048 return(ssl_comp_methods);
1049 }
1050
1051int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
1052 {
1053 SSL_COMP *comp;
1054 STACK_OF(SSL_COMP) *sk;
1055
1056 comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
1057 comp->id=id;
1058 comp->method=cm;
1059 if (ssl_comp_methods == NULL)
1060 sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
1061 else
1062 sk=ssl_comp_methods;
1063 if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
1064 {
1065 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
1066 return(0);
1067 }
1068 else
1069 return(1);
1070 }
1071
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
deleted file mode 100644
index 1ae3333407..0000000000
--- a/src/lib/libssl/ssl_err.c
+++ /dev/null
@@ -1,435 +0,0 @@
1/* ssl/ssl_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/ssl.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA SSL_str_functs[]=
68 {
69{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
70{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
71{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
72{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
73{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"},
74{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"},
75{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"},
76{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"},
77{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"},
78{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"},
79{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
80{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
81{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
82{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
83{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
84{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
85{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
86{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
87{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"},
88{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"},
89{ERR_PACK(0,SSL_F_SSL23_PEEK,0), "SSL23_PEEK"},
90{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"},
91{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"},
92{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
93{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
94{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
95{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
96{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
97{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0), "SSL2_READ_INTERNAL"},
98{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"},
99{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"},
100{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"},
101{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0), "SSL3_CALLBACK_CTRL"},
102{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"},
103{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"},
104{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
105{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"},
106{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
107{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
108{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
109{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
110{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
111{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
112{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"},
113{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
114{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
115{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"},
116{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"},
117{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"},
118{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"},
119{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"},
120{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"},
121{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"},
122{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"},
123{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"},
124{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"},
125{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"},
126{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"},
127{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
128{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
129{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
130{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
131{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
132{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
133{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"},
134{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"},
135{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0), "SSL_add_dir_cert_subjects_to_stack"},
136{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0), "SSL_add_file_cert_subjects_to_stack"},
137{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"},
138{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"},
139{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0), "SSL_CERT_DUP"},
140{ERR_PACK(0,SSL_F_SSL_CERT_INST,0), "SSL_CERT_INST"},
141{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0), "SSL_CERT_INSTANTIATE"},
142{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"},
143{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"},
144{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0), "SSL_CIPHER_PROCESS_RULESTR"},
145{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0), "SSL_CIPHER_STRENGTH_SORT"},
146{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"},
147{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0), "SSL_COMP_add_compression_method"},
148{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
149{ERR_PACK(0,SSL_F_SSL_CTRL,0), "SSL_ctrl"},
150{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
151{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
152{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0), "SSL_CTX_set_purpose"},
153{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"},
154{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
155{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"},
156{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
157{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
158{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0), "SSL_CTX_use_certificate_chain_file"},
159{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"},
160{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"},
161{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"},
162{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"},
163{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
164{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"},
165{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"},
166{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"},
167{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"},
168{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0), "SSL_GET_PREV_SESSION"},
169{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"},
170{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
171{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"},
172{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"},
173{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"},
174{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"},
175{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"},
176{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"},
177{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"},
178{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"},
179{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"},
180{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"},
181{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"},
182{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"},
183{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0), "SSL_set_purpose"},
184{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"},
185{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"},
186{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"},
187{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0), "SSL_set_trust"},
188{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"},
189{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"},
190{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"},
191{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"},
192{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"},
193{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"},
194{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"},
195{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"},
196{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"},
197{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"},
198{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"},
199{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"},
200{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"},
201{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
202{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"},
203{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"},
204{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"},
205{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"},
206{0,NULL}
207 };
208
209static ERR_STRING_DATA SSL_str_reasons[]=
210 {
211{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"},
212{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
213{SSL_R_BAD_ALERT_RECORD ,"bad alert record"},
214{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
215{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
216{SSL_R_BAD_CHECKSUM ,"bad checksum"},
217{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
218{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
219{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
220{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"},
221{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
222{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
223{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
224{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"},
225{SSL_R_BAD_LENGTH ,"bad length"},
226{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
227{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
228{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"},
229{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"},
230{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"},
231{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"},
232{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"},
233{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"},
234{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"},
235{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"},
236{SSL_R_BAD_SIGNATURE ,"bad signature"},
237{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"},
238{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"},
239{SSL_R_BAD_STATE ,"bad state"},
240{SSL_R_BAD_WRITE_RETRY ,"bad write retry"},
241{SSL_R_BIO_NOT_SET ,"bio not set"},
242{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"},
243{SSL_R_BN_LIB ,"bn lib"},
244{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"},
245{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"},
246{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"},
247{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"},
248{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"},
249{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"},
250{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"},
251{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"},
252{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"},
253{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"},
254{SSL_R_COMPRESSION_FAILURE ,"compression failure"},
255{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"},
256{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"},
257{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"},
258{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
259{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
260{SSL_R_DECRYPTION_FAILED ,"decryption failed"},
261{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
262{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
263{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
264{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"},
265{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
266{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
267{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},
268{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
269{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"},
270{SSL_R_HTTP_REQUEST ,"http request"},
271{SSL_R_INTERNAL_ERROR ,"internal error"},
272{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
273{SSL_R_INVALID_COMMAND ,"invalid command"},
274{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
275{SSL_R_INVALID_TRUST ,"invalid trust"},
276{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
277{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
278{SSL_R_LIBRARY_BUG ,"library bug"},
279{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"},
280{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"},
281{SSL_R_MISSING_DH_KEY ,"missing dh key"},
282{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"},
283{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"},
284{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"},
285{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"},
286{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"},
287{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"},
288{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"},
289{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"},
290{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"},
291{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"},
292{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"},
293{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"},
294{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"},
295{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"},
296{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"},
297{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"},
298{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"},
299{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"},
300{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"},
301{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"},
302{SSL_R_NO_CIPHER_LIST ,"no cipher list"},
303{SSL_R_NO_CIPHER_MATCH ,"no cipher match"},
304{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"},
305{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"},
306{SSL_R_NO_METHOD_SPECIFIED ,"no method specified"},
307{SSL_R_NO_PRIVATEKEY ,"no privatekey"},
308{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"},
309{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"},
310{SSL_R_NO_PUBLICKEY ,"no publickey"},
311{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"},
312{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"},
313{SSL_R_NULL_SSL_CTX ,"null ssl ctx"},
314{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"},
315{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"},
316{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"},
317{SSL_R_PATH_TOO_LONG ,"path too long"},
318{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
319{SSL_R_PEER_ERROR ,"peer error"},
320{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"},
321{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"},
322{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"},
323{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
324{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"},
325{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
326{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"},
327{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"},
328{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"},
329{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
330{SSL_R_READ_BIO_NOT_SET ,"read bio not set"},
331{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"},
332{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"},
333{SSL_R_RECORD_TOO_LARGE ,"record too large"},
334{SSL_R_RECORD_TOO_SMALL ,"record too small"},
335{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"},
336{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"},
337{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"},
338{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"},
339{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"},
340{SSL_R_SHORT_READ ,"short read"},
341{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
342{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
343{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
344{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
345{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
346{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"},
347{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"},
348{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"},
349{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
350{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"},
351{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"},
352{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"},
353{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
354{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
355{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"},
356{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
357{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"},
358{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
359{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
360{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
361{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"},
362{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"},
363{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ,"ssl session id context too long"},
364{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"},
365{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"},
366{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"},
367{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"},
368{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"},
369{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"},
370{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
371{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"},
372{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"},
373{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"},
374{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"},
375{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"},
376{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"},
377{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
378{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
379{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
380{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"},
381{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"},
382{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"},
383{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"},
384{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
385{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"},
386{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"},
387{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"},
388{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
389{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"},
390{SSL_R_UNEXPECTED_RECORD ,"unexpected record"},
391{SSL_R_UNINITIALIZED ,"uninitialized"},
392{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"},
393{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"},
394{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"},
395{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"},
396{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"},
397{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"},
398{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"},
399{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"},
400{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"},
401{SSL_R_UNKNOWN_STATE ,"unknown state"},
402{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
403{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
404{SSL_R_UNSUPPORTED_OPTION ,"unsupported option"},
405{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"},
406{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"},
407{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"},
408{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"},
409{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"},
410{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
411{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
412{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
413{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
414{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
415{SSL_R_X509_LIB ,"x509 lib"},
416{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"},
417{0,NULL}
418 };
419
420#endif
421
422void ERR_load_SSL_strings(void)
423 {
424 static int init=1;
425
426 if (init)
427 {
428 init=0;
429#ifndef NO_ERR
430 ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
431 ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
432#endif
433
434 }
435 }
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
deleted file mode 100644
index cc089a612b..0000000000
--- a/src/lib/libssl/ssl_err2.c
+++ /dev/null
@@ -1,70 +0,0 @@
1/* ssl/ssl_err2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/err.h>
61#include <openssl/ssl.h>
62
63void SSL_load_error_strings(void)
64 {
65#ifndef NO_ERR
66 ERR_load_crypto_strings();
67 ERR_load_SSL_strings();
68#endif
69 }
70
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
deleted file mode 100644
index 1fe85b6cb7..0000000000
--- a/src/lib/libssl/ssl_lib.c
+++ /dev/null
@@ -1,2074 +0,0 @@
1/*! \file ssl/ssl_lib.c
2 * \brief Version independent SSL functions.
3 */
4/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * All rights reserved.
6 *
7 * This package is an SSL implementation written
8 * by Eric Young (eay@cryptsoft.com).
9 * The implementation was written so as to conform with Netscapes SSL.
10 *
11 * This library is free for commercial and non-commercial use as long as
12 * the following conditions are aheared to. The following conditions
13 * apply to all code found in this distribution, be it the RC4, RSA,
14 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
15 * included with this distribution is covered by the same copyright terms
16 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17 *
18 * Copyright remains Eric Young's, and as such any Copyright notices in
19 * the code are not to be removed.
20 * If this package is used in a product, Eric Young should be given attribution
21 * as the author of the parts of the library used.
22 * This can be in the form of a textual message at program startup or
23 * in documentation (online or textual) provided with the package.
24 *
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
27 * are met:
28 * 1. Redistributions of source code must retain the copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 * 3. All advertising materials mentioning features or use of this software
34 * must display the following acknowledgement:
35 * "This product includes cryptographic software written by
36 * Eric Young (eay@cryptsoft.com)"
37 * The word 'cryptographic' can be left out if the rouines from the library
38 * being used are not cryptographic related :-).
39 * 4. If you include any Windows specific code (or a derivative thereof) from
40 * the apps directory (application code) you must include an acknowledgement:
41 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42 *
43 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
44 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
47 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
48 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
49 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * SUCH DAMAGE.
54 *
55 * The licence and distribution terms for any publically available version or
56 * derivative of this code cannot be changed. i.e. this code cannot simply be
57 * copied and put under another distribution licence
58 * [including the GNU Public Licence.]
59 */
60
61
62#include <assert.h>
63#include <stdio.h>
64#include <openssl/objects.h>
65#include <openssl/lhash.h>
66#include <openssl/x509v3.h>
67#include "ssl_locl.h"
68
69const char *SSL_version_str=OPENSSL_VERSION_TEXT;
70
71static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_meth=NULL;
72static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_ctx_meth=NULL;
73static int ssl_meth_num=0;
74static int ssl_ctx_meth_num=0;
75
76OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
77 /* evil casts, but these functions are only called if there's a library bug */
78 (int (*)(SSL *,int))ssl_undefined_function,
79 (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
80 ssl_undefined_function,
81 (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
82 (int (*)(SSL*, int))ssl_undefined_function,
83 (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
84 };
85
86int SSL_clear(SSL *s)
87 {
88 int state;
89
90 if (s->method == NULL)
91 {
92 SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
93 return(0);
94 }
95
96 s->error=0;
97 s->hit=0;
98 s->shutdown=0;
99
100#if 0 /* Disabled since version 1.10 of this file (early return not
101 * needed because SSL_clear is not called when doing renegotiation) */
102 /* This is set if we are doing dynamic renegotiation so keep
103 * the old cipher. It is sort of a SSL_clear_lite :-) */
104 if (s->new_session) return(1);
105#else
106 if (s->new_session)
107 {
108 SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR);
109 return 0;
110 }
111#endif
112
113 state=s->state; /* Keep to check if we throw away the session-id */
114 s->type=0;
115
116 s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
117
118 s->version=s->method->version;
119 s->client_version=s->version;
120 s->rwstate=SSL_NOTHING;
121 s->rstate=SSL_ST_READ_HEADER;
122#if 0
123 s->read_ahead=s->ctx->read_ahead;
124#endif
125
126 if (s->init_buf != NULL)
127 {
128 BUF_MEM_free(s->init_buf);
129 s->init_buf=NULL;
130 }
131
132 ssl_clear_cipher_ctx(s);
133
134 if (ssl_clear_bad_session(s))
135 {
136 SSL_SESSION_free(s->session);
137 s->session=NULL;
138 }
139
140 s->first_packet=0;
141
142#if 1
143 /* Check to see if we were changed into a different method, if
144 * so, revert back if we are not doing session-id reuse. */
145 if ((s->session == NULL) && (s->method != s->ctx->method))
146 {
147 s->method->ssl_free(s);
148 s->method=s->ctx->method;
149 if (!s->method->ssl_new(s))
150 return(0);
151 }
152 else
153#endif
154 s->method->ssl_clear(s);
155 return(1);
156 }
157
158/** Used to change an SSL_CTXs default SSL method type */
159int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
160 {
161 STACK_OF(SSL_CIPHER) *sk;
162
163 ctx->method=meth;
164
165 sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
166 &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
167 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
168 {
169 SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
170 return(0);
171 }
172 return(1);
173 }
174
175SSL *SSL_new(SSL_CTX *ctx)
176 {
177 SSL *s;
178
179 if (ctx == NULL)
180 {
181 SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
182 return(NULL);
183 }
184 if (ctx->method == NULL)
185 {
186 SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
187 return(NULL);
188 }
189
190 s=(SSL *)OPENSSL_malloc(sizeof(SSL));
191 if (s == NULL) goto err;
192 memset(s,0,sizeof(SSL));
193
194 if (ctx->cert != NULL)
195 {
196 /* Earlier library versions used to copy the pointer to
197 * the CERT, not its contents; only when setting new
198 * parameters for the per-SSL copy, ssl_cert_new would be
199 * called (and the direct reference to the per-SSL_CTX
200 * settings would be lost, but those still were indirectly
201 * accessed for various purposes, and for that reason they
202 * used to be known as s->ctx->default_cert).
203 * Now we don't look at the SSL_CTX's CERT after having
204 * duplicated it once. */
205
206 s->cert = ssl_cert_dup(ctx->cert);
207 if (s->cert == NULL)
208 goto err;
209 }
210 else
211 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
212 s->sid_ctx_length=ctx->sid_ctx_length;
213 memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
214 s->verify_mode=ctx->verify_mode;
215 s->verify_depth=ctx->verify_depth;
216 s->verify_callback=ctx->default_verify_callback;
217 s->purpose = ctx->purpose;
218 s->trust = ctx->trust;
219 CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
220 s->ctx=ctx;
221
222 s->verify_result=X509_V_OK;
223
224 s->method=ctx->method;
225
226 if (!s->method->ssl_new(s))
227 goto err;
228
229 s->quiet_shutdown=ctx->quiet_shutdown;
230 s->references=1;
231 s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
232 s->options=ctx->options;
233 s->mode=ctx->mode;
234 s->read_ahead=ctx->read_ahead; /* used to happen in SSL_clear */
235 SSL_clear(s);
236
237 CRYPTO_new_ex_data(ssl_meth,s,&s->ex_data);
238
239 return(s);
240err:
241 if (s != NULL)
242 {
243 if (s->cert != NULL)
244 ssl_cert_free(s->cert);
245 if (s->ctx != NULL)
246 SSL_CTX_free(s->ctx); /* decrement reference count */
247 OPENSSL_free(s);
248 }
249 SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
250 return(NULL);
251 }
252
253int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
254 unsigned int sid_ctx_len)
255 {
256 if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
257 {
258 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
259 return 0;
260 }
261 ctx->sid_ctx_length=sid_ctx_len;
262 memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
263
264 return 1;
265 }
266
267int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
268 unsigned int sid_ctx_len)
269 {
270 if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
271 {
272 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
273 return 0;
274 }
275 ssl->sid_ctx_length=sid_ctx_len;
276 memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
277
278 return 1;
279 }
280
281int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
282{
283 if(X509_PURPOSE_get_by_id(purpose) == -1) {
284 SSLerr(SSL_F_SSL_CTX_SET_PURPOSE, SSL_R_INVALID_PURPOSE);
285 return 0;
286 }
287 s->purpose = purpose;
288 return 1;
289}
290
291int SSL_set_purpose(SSL *s, int purpose)
292{
293 if(X509_PURPOSE_get_by_id(purpose) == -1) {
294 SSLerr(SSL_F_SSL_SET_PURPOSE, SSL_R_INVALID_PURPOSE);
295 return 0;
296 }
297 s->purpose = purpose;
298 return 1;
299}
300
301int SSL_CTX_set_trust(SSL_CTX *s, int trust)
302{
303 if(X509_TRUST_get_by_id(trust) == -1) {
304 SSLerr(SSL_F_SSL_CTX_SET_TRUST, SSL_R_INVALID_TRUST);
305 return 0;
306 }
307 s->trust = trust;
308 return 1;
309}
310
311int SSL_set_trust(SSL *s, int trust)
312{
313 if(X509_TRUST_get_by_id(trust) == -1) {
314 SSLerr(SSL_F_SSL_SET_TRUST, SSL_R_INVALID_TRUST);
315 return 0;
316 }
317 s->trust = trust;
318 return 1;
319}
320
321void SSL_free(SSL *s)
322 {
323 int i;
324
325 if(s == NULL)
326 return;
327
328 i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
329#ifdef REF_PRINT
330 REF_PRINT("SSL",s);
331#endif
332 if (i > 0) return;
333#ifdef REF_CHECK
334 if (i < 0)
335 {
336 fprintf(stderr,"SSL_free, bad reference count\n");
337 abort(); /* ok */
338 }
339#endif
340
341 CRYPTO_free_ex_data(ssl_meth,(char *)s,&s->ex_data);
342
343 if (s->bbio != NULL)
344 {
345 /* If the buffering BIO is in place, pop it off */
346 if (s->bbio == s->wbio)
347 {
348 s->wbio=BIO_pop(s->wbio);
349 }
350 BIO_free(s->bbio);
351 s->bbio=NULL;
352 }
353 if (s->rbio != NULL)
354 BIO_free_all(s->rbio);
355 if ((s->wbio != NULL) && (s->wbio != s->rbio))
356 BIO_free_all(s->wbio);
357
358 if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
359
360 /* add extra stuff */
361 if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
362 if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
363
364 /* Make the next call work :-) */
365 if (s->session != NULL)
366 {
367 ssl_clear_bad_session(s);
368 SSL_SESSION_free(s->session);
369 }
370
371 ssl_clear_cipher_ctx(s);
372
373 if (s->cert != NULL) ssl_cert_free(s->cert);
374 /* Free up if allocated */
375
376 if (s->ctx) SSL_CTX_free(s->ctx);
377
378 if (s->client_CA != NULL)
379 sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
380
381 if (s->method != NULL) s->method->ssl_free(s);
382
383 OPENSSL_free(s);
384 }
385
386void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
387 {
388 /* If the output buffering BIO is still in place, remove it
389 */
390 if (s->bbio != NULL)
391 {
392 if (s->wbio == s->bbio)
393 {
394 s->wbio=s->wbio->next_bio;
395 s->bbio->next_bio=NULL;
396 }
397 }
398 if ((s->rbio != NULL) && (s->rbio != rbio))
399 BIO_free_all(s->rbio);
400 if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
401 BIO_free_all(s->wbio);
402 s->rbio=rbio;
403 s->wbio=wbio;
404 }
405
406BIO *SSL_get_rbio(SSL *s)
407 { return(s->rbio); }
408
409BIO *SSL_get_wbio(SSL *s)
410 { return(s->wbio); }
411
412int SSL_get_fd(SSL *s)
413 {
414 int ret= -1;
415 BIO *b,*r;
416
417 b=SSL_get_rbio(s);
418 r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
419 if (r != NULL)
420 BIO_get_fd(r,&ret);
421 return(ret);
422 }
423
424#ifndef NO_SOCK
425int SSL_set_fd(SSL *s,int fd)
426 {
427 int ret=0;
428 BIO *bio=NULL;
429
430 bio=BIO_new(BIO_s_socket());
431
432 if (bio == NULL)
433 {
434 SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
435 goto err;
436 }
437 BIO_set_fd(bio,fd,BIO_NOCLOSE);
438 SSL_set_bio(s,bio,bio);
439 ret=1;
440err:
441 return(ret);
442 }
443
444int SSL_set_wfd(SSL *s,int fd)
445 {
446 int ret=0;
447 BIO *bio=NULL;
448
449 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
450 || ((int)BIO_get_fd(s->rbio,NULL) != fd))
451 {
452 bio=BIO_new(BIO_s_socket());
453
454 if (bio == NULL)
455 { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
456 BIO_set_fd(bio,fd,BIO_NOCLOSE);
457 SSL_set_bio(s,SSL_get_rbio(s),bio);
458 }
459 else
460 SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
461 ret=1;
462err:
463 return(ret);
464 }
465
466int SSL_set_rfd(SSL *s,int fd)
467 {
468 int ret=0;
469 BIO *bio=NULL;
470
471 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
472 || ((int)BIO_get_fd(s->wbio,NULL) != fd))
473 {
474 bio=BIO_new(BIO_s_socket());
475
476 if (bio == NULL)
477 {
478 SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
479 goto err;
480 }
481 BIO_set_fd(bio,fd,BIO_NOCLOSE);
482 SSL_set_bio(s,bio,SSL_get_wbio(s));
483 }
484 else
485 SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
486 ret=1;
487err:
488 return(ret);
489 }
490#endif
491
492
493/* return length of latest Finished message we sent, copy to 'buf' */
494size_t SSL_get_finished(SSL *s, void *buf, size_t count)
495 {
496 size_t ret = 0;
497
498 if (s->s3 != NULL)
499 {
500 ret = s->s3->tmp.finish_md_len;
501 if (count > ret)
502 count = ret;
503 memcpy(buf, s->s3->tmp.finish_md, count);
504 }
505 return ret;
506 }
507
508/* return length of latest Finished message we expected, copy to 'buf' */
509size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
510 {
511 size_t ret = 0;
512
513 if (s->s3 != NULL)
514 {
515 ret = s->s3->tmp.peer_finish_md_len;
516 if (count > ret)
517 count = ret;
518 memcpy(buf, s->s3->tmp.peer_finish_md, count);
519 }
520 return ret;
521 }
522
523
524int SSL_get_verify_mode(SSL *s)
525 {
526 return(s->verify_mode);
527 }
528
529int SSL_get_verify_depth(SSL *s)
530 {
531 return(s->verify_depth);
532 }
533
534int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
535 {
536 return(s->verify_callback);
537 }
538
539int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
540 {
541 return(ctx->verify_mode);
542 }
543
544int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
545 {
546 return(ctx->verify_depth);
547 }
548
549int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
550 {
551 return(ctx->default_verify_callback);
552 }
553
554void SSL_set_verify(SSL *s,int mode,
555 int (*callback)(int ok,X509_STORE_CTX *ctx))
556 {
557 s->verify_mode=mode;
558 if (callback != NULL)
559 s->verify_callback=callback;
560 }
561
562void SSL_set_verify_depth(SSL *s,int depth)
563 {
564 s->verify_depth=depth;
565 }
566
567void SSL_set_read_ahead(SSL *s,int yes)
568 {
569 s->read_ahead=yes;
570 }
571
572int SSL_get_read_ahead(SSL *s)
573 {
574 return(s->read_ahead);
575 }
576
577int SSL_pending(SSL *s)
578 {
579 return(s->method->ssl_pending(s));
580 }
581
582X509 *SSL_get_peer_certificate(SSL *s)
583 {
584 X509 *r;
585
586 if ((s == NULL) || (s->session == NULL))
587 r=NULL;
588 else
589 r=s->session->peer;
590
591 if (r == NULL) return(r);
592
593 CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
594
595 return(r);
596 }
597
598STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
599 {
600 STACK_OF(X509) *r;
601
602 if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
603 r=NULL;
604 else
605 r=s->session->sess_cert->cert_chain;
606
607 /* If we are a client, cert_chain includes the peer's own
608 * certificate; if we are a server, it does not. */
609
610 return(r);
611 }
612
613/* Now in theory, since the calling process own 't' it should be safe to
614 * modify. We need to be able to read f without being hassled */
615void SSL_copy_session_id(SSL *t,SSL *f)
616 {
617 CERT *tmp;
618
619 /* Do we need to to SSL locking? */
620 SSL_set_session(t,SSL_get_session(f));
621
622 /* what if we are setup as SSLv2 but want to talk SSLv3 or
623 * vice-versa */
624 if (t->method != f->method)
625 {
626 t->method->ssl_free(t); /* cleanup current */
627 t->method=f->method; /* change method */
628 t->method->ssl_new(t); /* setup new */
629 }
630
631 tmp=t->cert;
632 if (f->cert != NULL)
633 {
634 CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
635 t->cert=f->cert;
636 }
637 else
638 t->cert=NULL;
639 if (tmp != NULL) ssl_cert_free(tmp);
640 SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
641 }
642
643/* Fix this so it checks all the valid key/cert options */
644int SSL_CTX_check_private_key(SSL_CTX *ctx)
645 {
646 if ( (ctx == NULL) ||
647 (ctx->cert == NULL) ||
648 (ctx->cert->key->x509 == NULL))
649 {
650 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
651 return(0);
652 }
653 if (ctx->cert->key->privatekey == NULL)
654 {
655 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
656 return(0);
657 }
658 return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
659 }
660
661/* Fix this function so that it takes an optional type parameter */
662int SSL_check_private_key(SSL *ssl)
663 {
664 if (ssl == NULL)
665 {
666 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
667 return(0);
668 }
669 if (ssl->cert == NULL)
670 {
671 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
672 return 0;
673 }
674 if (ssl->cert->key->x509 == NULL)
675 {
676 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
677 return(0);
678 }
679 if (ssl->cert->key->privatekey == NULL)
680 {
681 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
682 return(0);
683 }
684 return(X509_check_private_key(ssl->cert->key->x509,
685 ssl->cert->key->privatekey));
686 }
687
688int SSL_accept(SSL *s)
689 {
690 if (s->handshake_func == 0)
691 /* Not properly initialized yet */
692 SSL_set_accept_state(s);
693
694 return(s->method->ssl_accept(s));
695 }
696
697int SSL_connect(SSL *s)
698 {
699 if (s->handshake_func == 0)
700 /* Not properly initialized yet */
701 SSL_set_connect_state(s);
702
703 return(s->method->ssl_connect(s));
704 }
705
706long SSL_get_default_timeout(SSL *s)
707 {
708 return(s->method->get_timeout());
709 }
710
711int SSL_read(SSL *s,void *buf,int num)
712 {
713 if (s->handshake_func == 0)
714 {
715 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
716 return -1;
717 }
718
719 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
720 {
721 s->rwstate=SSL_NOTHING;
722 return(0);
723 }
724 return(s->method->ssl_read(s,buf,num));
725 }
726
727int SSL_peek(SSL *s,void *buf,int num)
728 {
729 if (s->handshake_func == 0)
730 {
731 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
732 return -1;
733 }
734
735 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
736 {
737 return(0);
738 }
739 return(s->method->ssl_peek(s,buf,num));
740 }
741
742int SSL_write(SSL *s,const void *buf,int num)
743 {
744 if (s->handshake_func == 0)
745 {
746 SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
747 return -1;
748 }
749
750 if (s->shutdown & SSL_SENT_SHUTDOWN)
751 {
752 s->rwstate=SSL_NOTHING;
753 SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
754 return(-1);
755 }
756 return(s->method->ssl_write(s,buf,num));
757 }
758
759int SSL_shutdown(SSL *s)
760 {
761 /* Note that this function behaves differently from what one might
762 * expect. Return values are 0 for no success (yet),
763 * 1 for success; but calling it once is usually not enough,
764 * even if blocking I/O is used (see ssl3_shutdown).
765 */
766
767 if (s->handshake_func == 0)
768 {
769 SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
770 return -1;
771 }
772
773 if ((s != NULL) && !SSL_in_init(s))
774 return(s->method->ssl_shutdown(s));
775 else
776 return(1);
777 }
778
779int SSL_renegotiate(SSL *s)
780 {
781 s->new_session=1;
782 return(s->method->ssl_renegotiate(s));
783 }
784
785long SSL_ctrl(SSL *s,int cmd,long larg,char *parg)
786 {
787 long l;
788
789 switch (cmd)
790 {
791 case SSL_CTRL_GET_READ_AHEAD:
792 return(s->read_ahead);
793 case SSL_CTRL_SET_READ_AHEAD:
794 l=s->read_ahead;
795 s->read_ahead=larg;
796 return(l);
797 case SSL_CTRL_OPTIONS:
798 return(s->options|=larg);
799 case SSL_CTRL_MODE:
800 return(s->mode|=larg);
801 default:
802 return(s->method->ssl_ctrl(s,cmd,larg,parg));
803 }
804 }
805
806long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
807 {
808 switch(cmd)
809 {
810 default:
811 return(s->method->ssl_callback_ctrl(s,cmd,fp));
812 }
813 }
814
815struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
816 {
817 return ctx->sessions;
818 }
819
820long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
821 {
822 long l;
823
824 switch (cmd)
825 {
826 case SSL_CTRL_GET_READ_AHEAD:
827 return(ctx->read_ahead);
828 case SSL_CTRL_SET_READ_AHEAD:
829 l=ctx->read_ahead;
830 ctx->read_ahead=larg;
831 return(l);
832
833 case SSL_CTRL_SET_SESS_CACHE_SIZE:
834 l=ctx->session_cache_size;
835 ctx->session_cache_size=larg;
836 return(l);
837 case SSL_CTRL_GET_SESS_CACHE_SIZE:
838 return(ctx->session_cache_size);
839 case SSL_CTRL_SET_SESS_CACHE_MODE:
840 l=ctx->session_cache_mode;
841 ctx->session_cache_mode=larg;
842 return(l);
843 case SSL_CTRL_GET_SESS_CACHE_MODE:
844 return(ctx->session_cache_mode);
845
846 case SSL_CTRL_SESS_NUMBER:
847 return(ctx->sessions->num_items);
848 case SSL_CTRL_SESS_CONNECT:
849 return(ctx->stats.sess_connect);
850 case SSL_CTRL_SESS_CONNECT_GOOD:
851 return(ctx->stats.sess_connect_good);
852 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
853 return(ctx->stats.sess_connect_renegotiate);
854 case SSL_CTRL_SESS_ACCEPT:
855 return(ctx->stats.sess_accept);
856 case SSL_CTRL_SESS_ACCEPT_GOOD:
857 return(ctx->stats.sess_accept_good);
858 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
859 return(ctx->stats.sess_accept_renegotiate);
860 case SSL_CTRL_SESS_HIT:
861 return(ctx->stats.sess_hit);
862 case SSL_CTRL_SESS_CB_HIT:
863 return(ctx->stats.sess_cb_hit);
864 case SSL_CTRL_SESS_MISSES:
865 return(ctx->stats.sess_miss);
866 case SSL_CTRL_SESS_TIMEOUTS:
867 return(ctx->stats.sess_timeout);
868 case SSL_CTRL_SESS_CACHE_FULL:
869 return(ctx->stats.sess_cache_full);
870 case SSL_CTRL_OPTIONS:
871 return(ctx->options|=larg);
872 case SSL_CTRL_MODE:
873 return(ctx->mode|=larg);
874 default:
875 return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
876 }
877 }
878
879long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
880 {
881 switch(cmd)
882 {
883 default:
884 return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
885 }
886 }
887
888int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
889 {
890 long l;
891
892 l=a->id-b->id;
893 if (l == 0L)
894 return(0);
895 else
896 return((l > 0)?1:-1);
897 }
898
899int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
900 const SSL_CIPHER * const *bp)
901 {
902 long l;
903
904 l=(*ap)->id-(*bp)->id;
905 if (l == 0L)
906 return(0);
907 else
908 return((l > 0)?1:-1);
909 }
910
911/** return a STACK of the ciphers available for the SSL and in order of
912 * preference */
913STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
914 {
915 if ((s != NULL) && (s->cipher_list != NULL))
916 {
917 return(s->cipher_list);
918 }
919 else if ((s->ctx != NULL) &&
920 (s->ctx->cipher_list != NULL))
921 {
922 return(s->ctx->cipher_list);
923 }
924 return(NULL);
925 }
926
927/** return a STACK of the ciphers available for the SSL and in order of
928 * algorithm id */
929STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
930 {
931 if ((s != NULL) && (s->cipher_list_by_id != NULL))
932 {
933 return(s->cipher_list_by_id);
934 }
935 else if ((s != NULL) && (s->ctx != NULL) &&
936 (s->ctx->cipher_list_by_id != NULL))
937 {
938 return(s->ctx->cipher_list_by_id);
939 }
940 return(NULL);
941 }
942
943/** The old interface to get the same thing as SSL_get_ciphers() */
944const char *SSL_get_cipher_list(SSL *s,int n)
945 {
946 SSL_CIPHER *c;
947 STACK_OF(SSL_CIPHER) *sk;
948
949 if (s == NULL) return(NULL);
950 sk=SSL_get_ciphers(s);
951 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
952 return(NULL);
953 c=sk_SSL_CIPHER_value(sk,n);
954 if (c == NULL) return(NULL);
955 return(c->name);
956 }
957
958/** specify the ciphers to be used by default by the SSL_CTX */
959int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
960 {
961 STACK_OF(SSL_CIPHER) *sk;
962
963 sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
964 &ctx->cipher_list_by_id,str);
965/* XXXX */
966 return((sk == NULL)?0:1);
967 }
968
969/** specify the ciphers to be used by the SSL */
970int SSL_set_cipher_list(SSL *s,const char *str)
971 {
972 STACK_OF(SSL_CIPHER) *sk;
973
974 sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
975 &s->cipher_list_by_id,str);
976/* XXXX */
977 return((sk == NULL)?0:1);
978 }
979
980/* works well for SSLv2, not so good for SSLv3 */
981char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
982 {
983 char *p;
984 const char *cp;
985 STACK_OF(SSL_CIPHER) *sk;
986 SSL_CIPHER *c;
987 int i;
988
989 if ((s->session == NULL) || (s->session->ciphers == NULL) ||
990 (len < 2))
991 return(NULL);
992
993 p=buf;
994 sk=s->session->ciphers;
995 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
996 {
997 /* Decrement for either the ':' or a '\0' */
998 len--;
999 c=sk_SSL_CIPHER_value(sk,i);
1000 for (cp=c->name; *cp; )
1001 {
1002 if (len-- == 0)
1003 {
1004 *p='\0';
1005 return(buf);
1006 }
1007 else
1008 *(p++)= *(cp++);
1009 }
1010 *(p++)=':';
1011 }
1012 p[-1]='\0';
1013 return(buf);
1014 }
1015
1016int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
1017 {
1018 int i,j=0;
1019 SSL_CIPHER *c;
1020 unsigned char *q;
1021
1022 if (sk == NULL) return(0);
1023 q=p;
1024
1025 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1026 {
1027 c=sk_SSL_CIPHER_value(sk,i);
1028 j=ssl_put_cipher_by_char(s,c,p);
1029 p+=j;
1030 }
1031 return(p-q);
1032 }
1033
1034STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
1035 STACK_OF(SSL_CIPHER) **skp)
1036 {
1037 SSL_CIPHER *c;
1038 STACK_OF(SSL_CIPHER) *sk;
1039 int i,n;
1040
1041 n=ssl_put_cipher_by_char(s,NULL,NULL);
1042 if ((num%n) != 0)
1043 {
1044 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1045 return(NULL);
1046 }
1047 if ((skp == NULL) || (*skp == NULL))
1048 sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
1049 else
1050 {
1051 sk= *skp;
1052 sk_SSL_CIPHER_zero(sk);
1053 }
1054
1055 for (i=0; i<num; i+=n)
1056 {
1057 c=ssl_get_cipher_by_char(s,p);
1058 p+=n;
1059 if (c != NULL)
1060 {
1061 if (!sk_SSL_CIPHER_push(sk,c))
1062 {
1063 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
1064 goto err;
1065 }
1066 }
1067 }
1068
1069 if (skp != NULL)
1070 *skp=sk;
1071 return(sk);
1072err:
1073 if ((skp == NULL) || (*skp == NULL))
1074 sk_SSL_CIPHER_free(sk);
1075 return(NULL);
1076 }
1077
1078unsigned long SSL_SESSION_hash(SSL_SESSION *a)
1079 {
1080 unsigned long l;
1081
1082 l=(unsigned long)
1083 ((unsigned int) a->session_id[0] )|
1084 ((unsigned int) a->session_id[1]<< 8L)|
1085 ((unsigned long)a->session_id[2]<<16L)|
1086 ((unsigned long)a->session_id[3]<<24L);
1087 return(l);
1088 }
1089
1090int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
1091 {
1092 if (a->ssl_version != b->ssl_version)
1093 return(1);
1094 if (a->session_id_length != b->session_id_length)
1095 return(1);
1096 return(memcmp(a->session_id,b->session_id,a->session_id_length));
1097 }
1098
1099SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
1100 {
1101 SSL_CTX *ret=NULL;
1102
1103 if (meth == NULL)
1104 {
1105 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
1106 return(NULL);
1107 }
1108
1109 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
1110 {
1111 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1112 goto err;
1113 }
1114 ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
1115 if (ret == NULL)
1116 goto err;
1117
1118 memset(ret,0,sizeof(SSL_CTX));
1119
1120 ret->method=meth;
1121
1122 ret->cert_store=NULL;
1123 ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
1124 ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1125 ret->session_cache_head=NULL;
1126 ret->session_cache_tail=NULL;
1127
1128 /* We take the system default */
1129 ret->session_timeout=meth->get_timeout();
1130
1131 ret->new_session_cb=NULL;
1132 ret->remove_session_cb=NULL;
1133 ret->get_session_cb=NULL;
1134
1135 memset((char *)&ret->stats,0,sizeof(ret->stats));
1136
1137 ret->references=1;
1138 ret->quiet_shutdown=0;
1139
1140/* ret->cipher=NULL;*/
1141/* ret->s2->challenge=NULL;
1142 ret->master_key=NULL;
1143 ret->key_arg=NULL;
1144 ret->s2->conn_id=NULL; */
1145
1146 ret->info_callback=NULL;
1147
1148 ret->app_verify_callback=NULL;
1149 ret->app_verify_arg=NULL;
1150
1151 ret->read_ahead=0;
1152 ret->verify_mode=SSL_VERIFY_NONE;
1153 ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
1154 ret->default_verify_callback=NULL;
1155 if ((ret->cert=ssl_cert_new()) == NULL)
1156 goto err;
1157
1158 ret->default_passwd_callback=NULL;
1159 ret->default_passwd_callback_userdata=NULL;
1160 ret->client_cert_cb=NULL;
1161
1162 ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp);
1163 if (ret->sessions == NULL) goto err;
1164 ret->cert_store=X509_STORE_new();
1165 if (ret->cert_store == NULL) goto err;
1166
1167 ssl_create_cipher_list(ret->method,
1168 &ret->cipher_list,&ret->cipher_list_by_id,
1169 SSL_DEFAULT_CIPHER_LIST);
1170 if (ret->cipher_list == NULL
1171 || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
1172 {
1173 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
1174 goto err2;
1175 }
1176
1177 if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
1178 {
1179 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
1180 goto err2;
1181 }
1182 if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
1183 {
1184 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1185 goto err2;
1186 }
1187 if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
1188 {
1189 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1190 goto err2;
1191 }
1192
1193 if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
1194 goto err;
1195
1196 CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data);
1197
1198 ret->extra_certs=NULL;
1199 ret->comp_methods=SSL_COMP_get_compression_methods();
1200
1201 return(ret);
1202err:
1203 SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
1204err2:
1205 if (ret != NULL) SSL_CTX_free(ret);
1206 return(NULL);
1207 }
1208
1209static void SSL_COMP_free(SSL_COMP *comp)
1210 { OPENSSL_free(comp); }
1211
1212void SSL_CTX_free(SSL_CTX *a)
1213 {
1214 int i;
1215
1216 if (a == NULL) return;
1217
1218 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
1219#ifdef REF_PRINT
1220 REF_PRINT("SSL_CTX",a);
1221#endif
1222 if (i > 0) return;
1223#ifdef REF_CHECK
1224 if (i < 0)
1225 {
1226 fprintf(stderr,"SSL_CTX_free, bad reference count\n");
1227 abort(); /* ok */
1228 }
1229#endif
1230 CRYPTO_free_ex_data(ssl_ctx_meth,(char *)a,&a->ex_data);
1231
1232 if (a->sessions != NULL)
1233 {
1234 SSL_CTX_flush_sessions(a,0);
1235 lh_free(a->sessions);
1236 }
1237 if (a->cert_store != NULL)
1238 X509_STORE_free(a->cert_store);
1239 if (a->cipher_list != NULL)
1240 sk_SSL_CIPHER_free(a->cipher_list);
1241 if (a->cipher_list_by_id != NULL)
1242 sk_SSL_CIPHER_free(a->cipher_list_by_id);
1243 if (a->cert != NULL)
1244 ssl_cert_free(a->cert);
1245 if (a->client_CA != NULL)
1246 sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
1247 if (a->extra_certs != NULL)
1248 sk_X509_pop_free(a->extra_certs,X509_free);
1249 if (a->comp_methods != NULL)
1250 sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
1251 OPENSSL_free(a);
1252 }
1253
1254void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
1255 {
1256 ctx->default_passwd_callback=cb;
1257 }
1258
1259void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
1260 {
1261 ctx->default_passwd_callback_userdata=u;
1262 }
1263
1264void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg)
1265 {
1266 /* now
1267 * int (*cb)(X509_STORE_CTX *),
1268 * but should be
1269 * int (*cb)(X509_STORE_CTX *, void *arg)
1270 */
1271 ctx->app_verify_callback=cb;
1272 ctx->app_verify_arg=arg; /* never used */
1273 }
1274
1275void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
1276 {
1277 ctx->verify_mode=mode;
1278 ctx->default_verify_callback=cb;
1279 /* This needs cleaning up EAY EAY EAY */
1280 X509_STORE_set_verify_cb_func(ctx->cert_store,cb);
1281 }
1282
1283void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
1284 {
1285 ctx->verify_depth=depth;
1286 }
1287
1288void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
1289 {
1290 CERT_PKEY *cpk;
1291 int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
1292 int rsa_enc_export,dh_rsa_export,dh_dsa_export;
1293 int rsa_tmp_export,dh_tmp_export,kl;
1294 unsigned long mask,emask;
1295
1296 if (c == NULL) return;
1297
1298 kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
1299
1300#ifndef NO_RSA
1301 rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1302 rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
1303 (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
1304#else
1305 rsa_tmp=rsa_tmp_export=0;
1306#endif
1307#ifndef NO_DH
1308 dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1309 dh_tmp_export=(c->dh_tmp_cb != NULL ||
1310 (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
1311#else
1312 dh_tmp=dh_tmp_export=0;
1313#endif
1314
1315 cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
1316 rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
1317 rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1318 cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
1319 rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1320 cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
1321 dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1322 cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
1323 dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
1324 dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1325 cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
1326/* FIX THIS EAY EAY EAY */
1327 dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
1328 dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1329
1330 mask=0;
1331 emask=0;
1332
1333#ifdef CIPHER_DEBUG
1334 printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
1335 rsa_tmp,rsa_tmp_export,dh_tmp,
1336 rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
1337#endif
1338
1339 if (rsa_enc || (rsa_tmp && rsa_sign))
1340 mask|=SSL_kRSA;
1341 if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
1342 emask|=SSL_kRSA;
1343
1344#if 0
1345 /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
1346 if ( (dh_tmp || dh_rsa || dh_dsa) &&
1347 (rsa_enc || rsa_sign || dsa_sign))
1348 mask|=SSL_kEDH;
1349 if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
1350 (rsa_enc || rsa_sign || dsa_sign))
1351 emask|=SSL_kEDH;
1352#endif
1353
1354 if (dh_tmp_export)
1355 emask|=SSL_kEDH;
1356
1357 if (dh_tmp)
1358 mask|=SSL_kEDH;
1359
1360 if (dh_rsa) mask|=SSL_kDHr;
1361 if (dh_rsa_export) emask|=SSL_kDHr;
1362
1363 if (dh_dsa) mask|=SSL_kDHd;
1364 if (dh_dsa_export) emask|=SSL_kDHd;
1365
1366 if (rsa_enc || rsa_sign)
1367 {
1368 mask|=SSL_aRSA;
1369 emask|=SSL_aRSA;
1370 }
1371
1372 if (dsa_sign)
1373 {
1374 mask|=SSL_aDSS;
1375 emask|=SSL_aDSS;
1376 }
1377
1378 mask|=SSL_aNULL;
1379 emask|=SSL_aNULL;
1380
1381 c->mask=mask;
1382 c->export_mask=emask;
1383 c->valid=1;
1384 }
1385
1386/* THIS NEEDS CLEANING UP */
1387X509 *ssl_get_server_send_cert(SSL *s)
1388 {
1389 unsigned long alg,mask,kalg;
1390 CERT *c;
1391 int i,is_export;
1392
1393 c=s->cert;
1394 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
1395 alg=s->s3->tmp.new_cipher->algorithms;
1396 is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
1397 mask=is_export?c->export_mask:c->mask;
1398 kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1399
1400 if (kalg & SSL_kDHr)
1401 i=SSL_PKEY_DH_RSA;
1402 else if (kalg & SSL_kDHd)
1403 i=SSL_PKEY_DH_DSA;
1404 else if (kalg & SSL_aDSS)
1405 i=SSL_PKEY_DSA_SIGN;
1406 else if (kalg & SSL_aRSA)
1407 {
1408 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
1409 i=SSL_PKEY_RSA_SIGN;
1410 else
1411 i=SSL_PKEY_RSA_ENC;
1412 }
1413 else /* if (kalg & SSL_aNULL) */
1414 {
1415 SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR);
1416 return(NULL);
1417 }
1418 if (c->pkeys[i].x509 == NULL) return(NULL);
1419 return(c->pkeys[i].x509);
1420 }
1421
1422EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
1423 {
1424 unsigned long alg;
1425 CERT *c;
1426
1427 alg=cipher->algorithms;
1428 c=s->cert;
1429
1430 if ((alg & SSL_aDSS) &&
1431 (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
1432 return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
1433 else if (alg & SSL_aRSA)
1434 {
1435 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
1436 return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
1437 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
1438 return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
1439 else
1440 return(NULL);
1441 }
1442 else /* if (alg & SSL_aNULL) */
1443 {
1444 SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR);
1445 return(NULL);
1446 }
1447 }
1448
1449void ssl_update_cache(SSL *s,int mode)
1450 {
1451 int i;
1452
1453 /* If the session_id_length is 0, we are not supposed to cache it,
1454 * and it would be rather hard to do anyway :-) */
1455 if (s->session->session_id_length == 0) return;
1456
1457 if ((s->ctx->session_cache_mode & mode)
1458 && (!s->hit)
1459 && SSL_CTX_add_session(s->ctx,s->session)
1460 && (s->ctx->new_session_cb != NULL))
1461 {
1462 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
1463 if (!s->ctx->new_session_cb(s,s->session))
1464 SSL_SESSION_free(s->session);
1465 }
1466
1467 /* auto flush every 255 connections */
1468 i=s->ctx->session_cache_mode;
1469 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
1470 ((i & mode) == mode))
1471 {
1472 if ( (((mode & SSL_SESS_CACHE_CLIENT)
1473 ?s->ctx->stats.sess_connect_good
1474 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
1475 {
1476 SSL_CTX_flush_sessions(s->ctx,time(NULL));
1477 }
1478 }
1479 }
1480
1481SSL_METHOD *SSL_get_ssl_method(SSL *s)
1482 {
1483 return(s->method);
1484 }
1485
1486int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
1487 {
1488 int conn= -1;
1489 int ret=1;
1490
1491 if (s->method != meth)
1492 {
1493 if (s->handshake_func != NULL)
1494 conn=(s->handshake_func == s->method->ssl_connect);
1495
1496 if (s->method->version == meth->version)
1497 s->method=meth;
1498 else
1499 {
1500 s->method->ssl_free(s);
1501 s->method=meth;
1502 ret=s->method->ssl_new(s);
1503 }
1504
1505 if (conn == 1)
1506 s->handshake_func=meth->ssl_connect;
1507 else if (conn == 0)
1508 s->handshake_func=meth->ssl_accept;
1509 }
1510 return(ret);
1511 }
1512
1513int SSL_get_error(SSL *s,int i)
1514 {
1515 int reason;
1516 unsigned long l;
1517 BIO *bio;
1518
1519 if (i > 0) return(SSL_ERROR_NONE);
1520
1521 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
1522 * etc, where we do encode the error */
1523 if ((l=ERR_peek_error()) != 0)
1524 {
1525 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
1526 return(SSL_ERROR_SYSCALL);
1527 else
1528 return(SSL_ERROR_SSL);
1529 }
1530
1531 if ((i < 0) && SSL_want_read(s))
1532 {
1533 bio=SSL_get_rbio(s);
1534 if (BIO_should_read(bio))
1535 return(SSL_ERROR_WANT_READ);
1536 else if (BIO_should_write(bio))
1537 /* This one doesn't make too much sense ... We never try
1538 * to write to the rbio, and an application program where
1539 * rbio and wbio are separate couldn't even know what it
1540 * should wait for.
1541 * However if we ever set s->rwstate incorrectly
1542 * (so that we have SSL_want_read(s) instead of
1543 * SSL_want_write(s)) and rbio and wbio *are* the same,
1544 * this test works around that bug; so it might be safer
1545 * to keep it. */
1546 return(SSL_ERROR_WANT_WRITE);
1547 else if (BIO_should_io_special(bio))
1548 {
1549 reason=BIO_get_retry_reason(bio);
1550 if (reason == BIO_RR_CONNECT)
1551 return(SSL_ERROR_WANT_CONNECT);
1552 else
1553 return(SSL_ERROR_SYSCALL); /* unknown */
1554 }
1555 }
1556
1557 if ((i < 0) && SSL_want_write(s))
1558 {
1559 bio=SSL_get_wbio(s);
1560 if (BIO_should_write(bio))
1561 return(SSL_ERROR_WANT_WRITE);
1562 else if (BIO_should_read(bio))
1563 /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
1564 return(SSL_ERROR_WANT_READ);
1565 else if (BIO_should_io_special(bio))
1566 {
1567 reason=BIO_get_retry_reason(bio);
1568 if (reason == BIO_RR_CONNECT)
1569 return(SSL_ERROR_WANT_CONNECT);
1570 else
1571 return(SSL_ERROR_SYSCALL);
1572 }
1573 }
1574 if ((i < 0) && SSL_want_x509_lookup(s))
1575 {
1576 return(SSL_ERROR_WANT_X509_LOOKUP);
1577 }
1578
1579 if (i == 0)
1580 {
1581 if (s->version == SSL2_VERSION)
1582 {
1583 /* assume it is the socket being closed */
1584 return(SSL_ERROR_ZERO_RETURN);
1585 }
1586 else
1587 {
1588 if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
1589 (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
1590 return(SSL_ERROR_ZERO_RETURN);
1591 }
1592 }
1593 return(SSL_ERROR_SYSCALL);
1594 }
1595
1596int SSL_do_handshake(SSL *s)
1597 {
1598 int ret=1;
1599
1600 if (s->handshake_func == NULL)
1601 {
1602 SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
1603 return(-1);
1604 }
1605
1606 s->method->ssl_renegotiate_check(s);
1607
1608 if (SSL_in_init(s) || SSL_in_before(s))
1609 {
1610 ret=s->handshake_func(s);
1611 }
1612 return(ret);
1613 }
1614
1615/* For the next 2 functions, SSL_clear() sets shutdown and so
1616 * one of these calls will reset it */
1617void SSL_set_accept_state(SSL *s)
1618 {
1619 s->server=1;
1620 s->shutdown=0;
1621 s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
1622 s->handshake_func=s->method->ssl_accept;
1623 /* clear the current cipher */
1624 ssl_clear_cipher_ctx(s);
1625 }
1626
1627void SSL_set_connect_state(SSL *s)
1628 {
1629 s->server=0;
1630 s->shutdown=0;
1631 s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
1632 s->handshake_func=s->method->ssl_connect;
1633 /* clear the current cipher */
1634 ssl_clear_cipher_ctx(s);
1635 }
1636
1637int ssl_undefined_function(SSL *s)
1638 {
1639 SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1640 return(0);
1641 }
1642
1643SSL_METHOD *ssl_bad_method(int ver)
1644 {
1645 SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1646 return(NULL);
1647 }
1648
1649const char *SSL_get_version(SSL *s)
1650 {
1651 if (s->version == TLS1_VERSION)
1652 return("TLSv1");
1653 else if (s->version == SSL3_VERSION)
1654 return("SSLv3");
1655 else if (s->version == SSL2_VERSION)
1656 return("SSLv2");
1657 else
1658 return("unknown");
1659 }
1660
1661SSL *SSL_dup(SSL *s)
1662 {
1663 STACK_OF(X509_NAME) *sk;
1664 X509_NAME *xn;
1665 SSL *ret;
1666 int i;
1667
1668 if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
1669 return(NULL);
1670
1671 if (s->session != NULL)
1672 {
1673 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
1674 SSL_copy_session_id(ret,s);
1675 }
1676 else
1677 {
1678 /* No session has been established yet, so we have to expect
1679 * that s->cert or ret->cert will be changed later --
1680 * they should not both point to the same object,
1681 * and thus we can't use SSL_copy_session_id. */
1682
1683 ret->method = s->method;
1684 ret->method->ssl_new(ret);
1685
1686 if (s->cert != NULL)
1687 {
1688 if (ret->cert != NULL)
1689 {
1690 ssl_cert_free(ret->cert);
1691 }
1692 ret->cert = ssl_cert_dup(s->cert);
1693 if (ret->cert == NULL)
1694 goto err;
1695 }
1696
1697 SSL_set_session_id_context(ret,
1698 s->sid_ctx, s->sid_ctx_length);
1699 }
1700
1701 SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
1702 SSL_set_verify(ret,SSL_get_verify_mode(s),
1703 SSL_get_verify_callback(s));
1704 SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
1705
1706 SSL_set_info_callback(ret,SSL_get_info_callback(s));
1707
1708 ret->debug=s->debug;
1709 ret->options=s->options;
1710
1711 /* copy app data, a little dangerous perhaps */
1712 if (!CRYPTO_dup_ex_data(ssl_meth,&ret->ex_data,&s->ex_data))
1713 goto err;
1714
1715 /* setup rbio, and wbio */
1716 if (s->rbio != NULL)
1717 {
1718 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
1719 goto err;
1720 }
1721 if (s->wbio != NULL)
1722 {
1723 if (s->wbio != s->rbio)
1724 {
1725 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
1726 goto err;
1727 }
1728 else
1729 ret->wbio=ret->rbio;
1730 }
1731
1732 /* dup the cipher_list and cipher_list_by_id stacks */
1733 if (s->cipher_list != NULL)
1734 {
1735 if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
1736 goto err;
1737 }
1738 if (s->cipher_list_by_id != NULL)
1739 if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
1740 == NULL)
1741 goto err;
1742
1743 /* Dup the client_CA list */
1744 if (s->client_CA != NULL)
1745 {
1746 if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
1747 ret->client_CA=sk;
1748 for (i=0; i<sk_X509_NAME_num(sk); i++)
1749 {
1750 xn=sk_X509_NAME_value(sk,i);
1751 if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
1752 {
1753 X509_NAME_free(xn);
1754 goto err;
1755 }
1756 }
1757 }
1758
1759 ret->shutdown=s->shutdown;
1760 ret->state=s->state;
1761 ret->handshake_func=s->handshake_func;
1762 ret->server=s->server;
1763
1764 if (0)
1765 {
1766err:
1767 if (ret != NULL) SSL_free(ret);
1768 ret=NULL;
1769 }
1770 return(ret);
1771 }
1772
1773void ssl_clear_cipher_ctx(SSL *s)
1774 {
1775 if (s->enc_read_ctx != NULL)
1776 {
1777 EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
1778 OPENSSL_free(s->enc_read_ctx);
1779 s->enc_read_ctx=NULL;
1780 }
1781 if (s->enc_write_ctx != NULL)
1782 {
1783 EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
1784 OPENSSL_free(s->enc_write_ctx);
1785 s->enc_write_ctx=NULL;
1786 }
1787 if (s->expand != NULL)
1788 {
1789 COMP_CTX_free(s->expand);
1790 s->expand=NULL;
1791 }
1792 if (s->compress != NULL)
1793 {
1794 COMP_CTX_free(s->compress);
1795 s->compress=NULL;
1796 }
1797 }
1798
1799/* Fix this function so that it takes an optional type parameter */
1800X509 *SSL_get_certificate(SSL *s)
1801 {
1802 if (s->cert != NULL)
1803 return(s->cert->key->x509);
1804 else
1805 return(NULL);
1806 }
1807
1808/* Fix this function so that it takes an optional type parameter */
1809EVP_PKEY *SSL_get_privatekey(SSL *s)
1810 {
1811 if (s->cert != NULL)
1812 return(s->cert->key->privatekey);
1813 else
1814 return(NULL);
1815 }
1816
1817SSL_CIPHER *SSL_get_current_cipher(SSL *s)
1818 {
1819 if ((s->session != NULL) && (s->session->cipher != NULL))
1820 return(s->session->cipher);
1821 return(NULL);
1822 }
1823
1824int ssl_init_wbio_buffer(SSL *s,int push)
1825 {
1826 BIO *bbio;
1827
1828 if (s->bbio == NULL)
1829 {
1830 bbio=BIO_new(BIO_f_buffer());
1831 if (bbio == NULL) return(0);
1832 s->bbio=bbio;
1833 }
1834 else
1835 {
1836 bbio=s->bbio;
1837 if (s->bbio == s->wbio)
1838 s->wbio=BIO_pop(s->wbio);
1839 }
1840 (void)BIO_reset(bbio);
1841/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
1842 if (!BIO_set_read_buffer_size(bbio,1))
1843 {
1844 SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
1845 return(0);
1846 }
1847 if (push)
1848 {
1849 if (s->wbio != bbio)
1850 s->wbio=BIO_push(bbio,s->wbio);
1851 }
1852 else
1853 {
1854 if (s->wbio == bbio)
1855 s->wbio=BIO_pop(bbio);
1856 }
1857 return(1);
1858 }
1859
1860void ssl_free_wbio_buffer(SSL *s)
1861 {
1862 if (s->bbio == NULL) return;
1863
1864 if (s->bbio == s->wbio)
1865 {
1866 /* remove buffering */
1867 s->wbio=BIO_pop(s->wbio);
1868#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
1869 assert(s->wbio != NULL);
1870#endif
1871 }
1872 BIO_free(s->bbio);
1873 s->bbio=NULL;
1874 }
1875
1876void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
1877 {
1878 ctx->quiet_shutdown=mode;
1879 }
1880
1881int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
1882 {
1883 return(ctx->quiet_shutdown);
1884 }
1885
1886void SSL_set_quiet_shutdown(SSL *s,int mode)
1887 {
1888 s->quiet_shutdown=mode;
1889 }
1890
1891int SSL_get_quiet_shutdown(SSL *s)
1892 {
1893 return(s->quiet_shutdown);
1894 }
1895
1896void SSL_set_shutdown(SSL *s,int mode)
1897 {
1898 s->shutdown=mode;
1899 }
1900
1901int SSL_get_shutdown(SSL *s)
1902 {
1903 return(s->shutdown);
1904 }
1905
1906int SSL_version(SSL *s)
1907 {
1908 return(s->version);
1909 }
1910
1911SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
1912 {
1913 return(ssl->ctx);
1914 }
1915
1916#ifndef NO_STDIO
1917int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
1918 {
1919 return(X509_STORE_set_default_paths(ctx->cert_store));
1920 }
1921
1922int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
1923 const char *CApath)
1924 {
1925 return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
1926 }
1927#endif
1928
1929void SSL_set_info_callback(SSL *ssl,void (*cb)())
1930 {
1931 ssl->info_callback=cb;
1932 }
1933
1934void (*SSL_get_info_callback(SSL *ssl))(void)
1935 {
1936 return((void (*)())ssl->info_callback);
1937 }
1938
1939int SSL_state(SSL *ssl)
1940 {
1941 return(ssl->state);
1942 }
1943
1944void SSL_set_verify_result(SSL *ssl,long arg)
1945 {
1946 ssl->verify_result=arg;
1947 }
1948
1949long SSL_get_verify_result(SSL *ssl)
1950 {
1951 return(ssl->verify_result);
1952 }
1953
1954int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
1955 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
1956 {
1957 ssl_meth_num++;
1958 return(CRYPTO_get_ex_new_index(ssl_meth_num-1,
1959 &ssl_meth,argl,argp,new_func,dup_func,free_func));
1960 }
1961
1962int SSL_set_ex_data(SSL *s,int idx,void *arg)
1963 {
1964 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
1965 }
1966
1967void *SSL_get_ex_data(SSL *s,int idx)
1968 {
1969 return(CRYPTO_get_ex_data(&s->ex_data,idx));
1970 }
1971
1972int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
1973 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
1974 {
1975 ssl_ctx_meth_num++;
1976 return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1,
1977 &ssl_ctx_meth,argl,argp,new_func,dup_func,free_func));
1978 }
1979
1980int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
1981 {
1982 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
1983 }
1984
1985void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
1986 {
1987 return(CRYPTO_get_ex_data(&s->ex_data,idx));
1988 }
1989
1990int ssl_ok(SSL *s)
1991 {
1992 return(1);
1993 }
1994
1995X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
1996 {
1997 return(ctx->cert_store);
1998 }
1999
2000void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
2001 {
2002 if (ctx->cert_store != NULL)
2003 X509_STORE_free(ctx->cert_store);
2004 ctx->cert_store=store;
2005 }
2006
2007int SSL_want(SSL *s)
2008 {
2009 return(s->rwstate);
2010 }
2011
2012/*!
2013 * \brief Set the callback for generating temporary RSA keys.
2014 * \param ctx the SSL context.
2015 * \param cb the callback
2016 */
2017
2018#ifndef NO_RSA
2019void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
2020 int is_export,
2021 int keylength))
2022 {
2023 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
2024 }
2025
2026void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
2027 int is_export,
2028 int keylength))
2029 {
2030 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
2031 }
2032#endif
2033
2034#ifdef DOXYGEN
2035/*!
2036 * \brief The RSA temporary key callback function.
2037 * \param ssl the SSL session.
2038 * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
2039 * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
2040 * of the required key in bits.
2041 * \return the temporary RSA key.
2042 * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
2043 */
2044
2045RSA *cb(SSL *ssl,int is_export,int keylength)
2046 {}
2047#endif
2048
2049/*!
2050 * \brief Set the callback for generating temporary DH keys.
2051 * \param ctx the SSL context.
2052 * \param dh the callback
2053 */
2054
2055#ifndef NO_DH
2056void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
2057 int keylength))
2058 {
2059 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
2060 }
2061
2062void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
2063 int keylength))
2064 {
2065 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
2066 }
2067#endif
2068
2069#if defined(_WINDLL) && defined(WIN16)
2070#include "../crypto/bio/bss_file.c"
2071#endif
2072
2073IMPLEMENT_STACK_OF(SSL_CIPHER)
2074IMPLEMENT_STACK_OF(SSL_COMP)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
deleted file mode 100644
index 516d3cc5ae..0000000000
--- a/src/lib/libssl/ssl_locl.h
+++ /dev/null
@@ -1,609 +0,0 @@
1/* ssl/ssl_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_SSL_LOCL_H
113#define HEADER_SSL_LOCL_H
114#include <stdlib.h>
115#include <time.h>
116#include <string.h>
117#include <errno.h>
118
119#include "openssl/e_os.h"
120
121#include <openssl/buffer.h>
122#include <openssl/comp.h>
123#include <openssl/bio.h>
124#include <openssl/crypto.h>
125#include <openssl/evp.h>
126#include <openssl/stack.h>
127#include <openssl/x509.h>
128#include <openssl/err.h>
129#include <openssl/ssl.h>
130
131#define PKCS1_CHECK
132
133#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
134 l|=(((unsigned long)(*((c)++)))<< 8), \
135 l|=(((unsigned long)(*((c)++)))<<16), \
136 l|=(((unsigned long)(*((c)++)))<<24))
137
138/* NOTE - c is not incremented as per c2l */
139#define c2ln(c,l1,l2,n) { \
140 c+=n; \
141 l1=l2=0; \
142 switch (n) { \
143 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
144 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
145 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
146 case 5: l2|=((unsigned long)(*(--(c)))); \
147 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
148 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
149 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
150 case 1: l1|=((unsigned long)(*(--(c)))); \
151 } \
152 }
153
154#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
155 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
156 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
157 *((c)++)=(unsigned char)(((l)>>24)&0xff))
158
159#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
160 l|=((unsigned long)(*((c)++)))<<16, \
161 l|=((unsigned long)(*((c)++)))<< 8, \
162 l|=((unsigned long)(*((c)++))))
163
164#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
165 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
166 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
167 *((c)++)=(unsigned char)(((l) )&0xff))
168
169/* NOTE - c is not incremented as per l2c */
170#define l2cn(l1,l2,c,n) { \
171 c+=n; \
172 switch (n) { \
173 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
174 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
175 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
176 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
177 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
178 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
179 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
180 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
181 } \
182 }
183
184#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
185 (((unsigned int)(c[1])) )),c+=2)
186#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
187 c[1]=(unsigned char)(((s) )&0xff)),c+=2)
188
189#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
190 (((unsigned long)(c[1]))<< 8)| \
191 (((unsigned long)(c[2])) )),c+=3)
192
193#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
194 c[1]=(unsigned char)(((l)>> 8)&0xff), \
195 c[2]=(unsigned char)(((l) )&0xff)),c+=3)
196
197/* LOCAL STUFF */
198
199#define SSL_DECRYPT 0
200#define SSL_ENCRYPT 1
201
202#define TWO_BYTE_BIT 0x80
203#define SEC_ESC_BIT 0x40
204#define TWO_BYTE_MASK 0x7fff
205#define THREE_BYTE_MASK 0x3fff
206
207#define INC32(a) ((a)=((a)+1)&0xffffffffL)
208#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
209#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
210
211/*
212 * Define the Bitmasks for SSL_CIPHER.algorithms.
213 * This bits are used packed as dense as possible. If new methods/ciphers
214 * etc will be added, the bits a likely to change, so this information
215 * is for internal library use only, even though SSL_CIPHER.algorithms
216 * can be publicly accessed.
217 * Use the according functions for cipher management instead.
218 *
219 * The bit mask handling in the selection and sorting scheme in
220 * ssl_create_cipher_list() has only limited capabilities, reflecting
221 * that the different entities within are mutually exclusive:
222 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
223 */
224#define SSL_MKEY_MASK 0x0000001FL
225#define SSL_kRSA 0x00000001L /* RSA key exchange */
226#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
227#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
228#define SSL_kFZA 0x00000008L
229#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
230#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
231
232#define SSL_AUTH_MASK 0x000003e0L
233#define SSL_aRSA 0x00000020L /* Authenticate with RSA */
234#define SSL_aDSS 0x00000040L /* Authenticate with DSS */
235#define SSL_DSS SSL_aDSS
236#define SSL_aFZA 0x00000080L
237#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */
238#define SSL_aDH 0x00000200L /* no Authenticate, ADH */
239
240#define SSL_NULL (SSL_eNULL)
241#define SSL_ADH (SSL_kEDH|SSL_aNULL)
242#define SSL_RSA (SSL_kRSA|SSL_aRSA)
243#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
244#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
245
246#define SSL_ENC_MASK 0x0001Fc00L
247#define SSL_DES 0x00000400L
248#define SSL_3DES 0x00000800L
249#define SSL_RC4 0x00001000L
250#define SSL_RC2 0x00002000L
251#define SSL_IDEA 0x00004000L
252#define SSL_eFZA 0x00008000L
253#define SSL_eNULL 0x00010000L
254
255#define SSL_MAC_MASK 0x00060000L
256#define SSL_MD5 0x00020000L
257#define SSL_SHA1 0x00040000L
258#define SSL_SHA (SSL_SHA1)
259
260#define SSL_SSL_MASK 0x00180000L
261#define SSL_SSLV2 0x00080000L
262#define SSL_SSLV3 0x00100000L
263#define SSL_TLSV1 SSL_SSLV3 /* for now */
264
265/* we have used 001fffff - 11 bits left to go */
266
267/*
268 * Export and cipher strength information. For each cipher we have to decide
269 * whether it is exportable or not. This information is likely to change
270 * over time, since the export control rules are no static technical issue.
271 *
272 * Independent of the export flag the cipher strength is sorted into classes.
273 * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
274 * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
275 * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
276 * since SSL_EXP64 could be similar to SSL_LOW.
277 * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
278 * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
279 * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
280 * be possible.
281 */
282#define SSL_EXP_MASK 0x00000003L
283#define SSL_NOT_EXP 0x00000001L
284#define SSL_EXPORT 0x00000002L
285
286#define SSL_STRONG_MASK 0x0000007cL
287#define SSL_EXP40 0x00000004L
288#define SSL_MICRO (SSL_EXP40)
289#define SSL_EXP56 0x00000008L
290#define SSL_MINI (SSL_EXP56)
291#define SSL_LOW 0x00000010L
292#define SSL_MEDIUM 0x00000020L
293#define SSL_HIGH 0x00000040L
294
295/* we have used 0000007f - 25 bits left to go */
296
297/*
298 * Macros to check the export status and cipher strength for export ciphers.
299 * Even though the macros for EXPORT and EXPORT40/56 have similar names,
300 * their meaning is different:
301 * *_EXPORT macros check the 'exportable' status.
302 * *_EXPORT40/56 macros are used to check whether a certain cipher strength
303 * is given.
304 * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
305 * algorithm structure element to be passed (algorithms, algo_strength) and no
306 * typechecking can be done as they are all of type unsigned long, their
307 * direct usage is discouraged.
308 * Use the SSL_C_* macros instead.
309 */
310#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
311#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
312#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
313#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
314#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
315#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
316
317#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
318 ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
319#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
320#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
321 (c)->algo_strength)
322#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
323
324
325#define SSL_ALL 0xffffffffL
326#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
327 SSL_MAC_MASK)
328#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
329
330/* Mostly for SSLv3 */
331#define SSL_PKEY_RSA_ENC 0
332#define SSL_PKEY_RSA_SIGN 1
333#define SSL_PKEY_DSA_SIGN 2
334#define SSL_PKEY_DH_RSA 3
335#define SSL_PKEY_DH_DSA 4
336#define SSL_PKEY_NUM 5
337
338/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
339 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
340 * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
341 * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
342 * SSL_aRSA <- RSA_ENC | RSA_SIGN
343 * SSL_aDSS <- DSA_SIGN
344 */
345
346/*
347#define CERT_INVALID 0
348#define CERT_PUBLIC_KEY 1
349#define CERT_PRIVATE_KEY 2
350*/
351
352typedef struct cert_pkey_st
353 {
354 X509 *x509;
355 EVP_PKEY *privatekey;
356 } CERT_PKEY;
357
358typedef struct cert_st
359 {
360 /* Current active set */
361 CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
362 * Probably it would make more sense to store
363 * an index, not a pointer. */
364
365 /* The following masks are for the key and auth
366 * algorithms that are supported by the certs below */
367 int valid;
368 unsigned long mask;
369 unsigned long export_mask;
370#ifndef NO_RSA
371 RSA *rsa_tmp;
372 RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
373#endif
374#ifndef NO_DH
375 DH *dh_tmp;
376 DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
377#endif
378
379 CERT_PKEY pkeys[SSL_PKEY_NUM];
380
381 int references; /* >1 only if SSL_copy_session_id is used */
382 } CERT;
383
384
385typedef struct sess_cert_st
386 {
387 STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
388
389 /* The 'peer_...' members are used only by clients. */
390 int peer_cert_type;
391
392 CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
393 CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
394 /* Obviously we don't have the private keys of these,
395 * so maybe we shouldn't even use the CERT_PKEY type here. */
396
397#ifndef NO_RSA
398 RSA *peer_rsa_tmp; /* not used for SSL 2 */
399#endif
400#ifndef NO_DH
401 DH *peer_dh_tmp; /* not used for SSL 2 */
402#endif
403
404 int references; /* actually always 1 at the moment */
405 } SESS_CERT;
406
407
408/*#define MAC_DEBUG */
409
410/*#define ERR_DEBUG */
411/*#define ABORT_DEBUG */
412/*#define PKT_DEBUG 1 */
413/*#define DES_DEBUG */
414/*#define DES_OFB_DEBUG */
415/*#define SSL_DEBUG */
416/*#define RSA_DEBUG */
417/*#define IDEA_DEBUG */
418
419#define FP_ICC (int (*)(const void *,const void *))
420#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
421 ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
422#define ssl_get_cipher_by_char(ssl,ptr) \
423 ((ssl)->method->get_cipher_by_char(ptr))
424
425/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
426 * It is a bit of a mess of functions, but hell, think of it as
427 * an opaque structure :-) */
428typedef struct ssl3_enc_method
429 {
430 int (*enc)(SSL *, int);
431 int (*mac)(SSL *, unsigned char *, int);
432 int (*setup_key_block)(SSL *);
433 int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
434 int (*change_cipher_state)(SSL *, int);
435 int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
436 int finish_mac_length;
437 int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
438 const char *client_finished_label;
439 int client_finished_label_len;
440 const char *server_finished_label;
441 int server_finished_label_len;
442 int (*alert_value)(int);
443 } SSL3_ENC_METHOD;
444
445/* Used for holding the relevant compression methods loaded into SSL_CTX */
446typedef struct ssl3_comp_st
447 {
448 int comp_id; /* The identifier byte for this compression type */
449 char *name; /* Text name used for the compression type */
450 COMP_METHOD *method; /* The method :-) */
451 } SSL3_COMP;
452
453OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
454OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
455OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
456
457#ifdef VMS
458#undef SSL_COMP_get_compression_methods
459#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
460#endif
461
462
463SSL_METHOD *ssl_bad_method(int ver);
464SSL_METHOD *sslv2_base_method(void);
465SSL_METHOD *sslv23_base_method(void);
466SSL_METHOD *sslv3_base_method(void);
467
468void ssl_clear_cipher_ctx(SSL *s);
469int ssl_clear_bad_session(SSL *s);
470CERT *ssl_cert_new(void);
471CERT *ssl_cert_dup(CERT *cert);
472int ssl_cert_inst(CERT **o);
473void ssl_cert_free(CERT *c);
474SESS_CERT *ssl_sess_cert_new(void);
475void ssl_sess_cert_free(SESS_CERT *sc);
476int ssl_set_peer_cert_type(SESS_CERT *c, int type);
477int ssl_get_new_session(SSL *s, int session);
478int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
479int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
480int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
481 const SSL_CIPHER * const *bp);
482STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
483 STACK_OF(SSL_CIPHER) **skp);
484int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
485STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
486 STACK_OF(SSL_CIPHER) **pref,
487 STACK_OF(SSL_CIPHER) **sorted,
488 const char *rule_str);
489void ssl_update_cache(SSL *s, int mode);
490int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
491 SSL_COMP **comp);
492int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
493int ssl_undefined_function(SSL *s);
494X509 *ssl_get_server_send_cert(SSL *);
495EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
496int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
497void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
498STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
499int ssl_verify_alarm_type(long type);
500
501int ssl2_enc_init(SSL *s, int client);
502void ssl2_generate_key_material(SSL *s);
503void ssl2_enc(SSL *s,int send_data);
504void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
505SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
506int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
507int ssl2_part_read(SSL *s, unsigned long f, int i);
508int ssl2_do_write(SSL *s);
509int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
510void ssl2_return_error(SSL *s,int reason);
511void ssl2_write_error(SSL *s);
512int ssl2_num_ciphers(void);
513SSL_CIPHER *ssl2_get_cipher(unsigned int u);
514int ssl2_new(SSL *s);
515void ssl2_free(SSL *s);
516int ssl2_accept(SSL *s);
517int ssl2_connect(SSL *s);
518int ssl2_read(SSL *s, void *buf, int len);
519int ssl2_peek(SSL *s, void *buf, int len);
520int ssl2_write(SSL *s, const void *buf, int len);
521int ssl2_shutdown(SSL *s);
522void ssl2_clear(SSL *s);
523long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg);
524long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
525long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
526long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
527int ssl2_pending(SSL *s);
528
529SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
530int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
531void ssl3_init_finished_mac(SSL *s);
532int ssl3_send_server_certificate(SSL *s);
533int ssl3_get_finished(SSL *s,int state_a,int state_b);
534int ssl3_setup_key_block(SSL *s);
535int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
536int ssl3_change_cipher_state(SSL *s,int which);
537void ssl3_cleanup_key_block(SSL *s);
538int ssl3_do_write(SSL *s,int type);
539void ssl3_send_alert(SSL *s,int level, int desc);
540int ssl3_generate_master_secret(SSL *s, unsigned char *out,
541 unsigned char *p, int len);
542int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
543long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
544int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
545int ssl3_num_ciphers(void);
546SSL_CIPHER *ssl3_get_cipher(unsigned int u);
547int ssl3_renegotiate(SSL *ssl);
548int ssl3_renegotiate_check(SSL *ssl);
549int ssl3_dispatch_alert(SSL *s);
550int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
551int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
552int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
553 const char *sender, int slen,unsigned char *p);
554int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
555void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
556int ssl3_enc(SSL *s, int send_data);
557int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
558unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
559SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *have,
560 STACK_OF(SSL_CIPHER) *pref);
561int ssl3_setup_buffers(SSL *s);
562int ssl3_new(SSL *s);
563void ssl3_free(SSL *s);
564int ssl3_accept(SSL *s);
565int ssl3_connect(SSL *s);
566int ssl3_read(SSL *s, void *buf, int len);
567int ssl3_peek(SSL *s, void *buf, int len);
568int ssl3_write(SSL *s, const void *buf, int len);
569int ssl3_shutdown(SSL *s);
570void ssl3_clear(SSL *s);
571long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg);
572long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
573long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
574long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
575int ssl3_pending(SSL *s);
576
577int ssl23_accept(SSL *s);
578int ssl23_connect(SSL *s);
579int ssl23_read_bytes(SSL *s, int n);
580int ssl23_write_bytes(SSL *s);
581
582int tls1_new(SSL *s);
583void tls1_free(SSL *s);
584void tls1_clear(SSL *s);
585long tls1_ctrl(SSL *s,int cmd, long larg, char *parg);
586long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
587SSL_METHOD *tlsv1_base_method(void );
588
589int ssl_init_wbio_buffer(SSL *s, int push);
590void ssl_free_wbio_buffer(SSL *s);
591
592int tls1_change_cipher_state(SSL *s, int which);
593int tls1_setup_key_block(SSL *s);
594int tls1_enc(SSL *s, int snd);
595int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
596 const char *str, int slen, unsigned char *p);
597int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
598int tls1_mac(SSL *ssl, unsigned char *md, int snd);
599int tls1_generate_master_secret(SSL *s, unsigned char *out,
600 unsigned char *p, int len);
601int tls1_alert_code(int code);
602int ssl3_alert_code(int code);
603int ssl_ok(SSL *s);
604
605SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
606STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
607
608
609#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
deleted file mode 100644
index 6ec7a5cdb1..0000000000
--- a/src/lib/libssl/ssl_rsa.c
+++ /dev/null
@@ -1,815 +0,0 @@
1/* ssl/ssl_rsa.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bio.h>
61#include <openssl/objects.h>
62#include <openssl/evp.h>
63#include <openssl/x509.h>
64#include <openssl/pem.h>
65#include "ssl_locl.h"
66
67static int ssl_set_cert(CERT *c, X509 *x509);
68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
69int SSL_use_certificate(SSL *ssl, X509 *x)
70 {
71 if (x == NULL)
72 {
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
74 return(0);
75 }
76 if (!ssl_cert_inst(&ssl->cert))
77 {
78 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
79 return(0);
80 }
81 return(ssl_set_cert(ssl->cert,x));
82 }
83
84#ifndef NO_STDIO
85int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
86 {
87 int j;
88 BIO *in;
89 int ret=0;
90 X509 *x=NULL;
91
92 in=BIO_new(BIO_s_file_internal());
93 if (in == NULL)
94 {
95 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
96 goto end;
97 }
98
99 if (BIO_read_filename(in,file) <= 0)
100 {
101 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
102 goto end;
103 }
104 if (type == SSL_FILETYPE_ASN1)
105 {
106 j=ERR_R_ASN1_LIB;
107 x=d2i_X509_bio(in,NULL);
108 }
109 else if (type == SSL_FILETYPE_PEM)
110 {
111 j=ERR_R_PEM_LIB;
112 x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
113 }
114 else
115 {
116 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
117 goto end;
118 }
119
120 if (x == NULL)
121 {
122 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
123 goto end;
124 }
125
126 ret=SSL_use_certificate(ssl,x);
127end:
128 if (x != NULL) X509_free(x);
129 if (in != NULL) BIO_free(in);
130 return(ret);
131 }
132#endif
133
134int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
135 {
136 X509 *x;
137 int ret;
138
139 x=d2i_X509(NULL,&d,(long)len);
140 if (x == NULL)
141 {
142 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
143 return(0);
144 }
145
146 ret=SSL_use_certificate(ssl,x);
147 X509_free(x);
148 return(ret);
149 }
150
151#ifndef NO_RSA
152int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
153 {
154 EVP_PKEY *pkey;
155 int ret;
156
157 if (rsa == NULL)
158 {
159 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
160 return(0);
161 }
162 if (!ssl_cert_inst(&ssl->cert))
163 {
164 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
165 return(0);
166 }
167 if ((pkey=EVP_PKEY_new()) == NULL)
168 {
169 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
170 return(0);
171 }
172
173 CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
174 EVP_PKEY_assign_RSA(pkey,rsa);
175
176 ret=ssl_set_pkey(ssl->cert,pkey);
177 EVP_PKEY_free(pkey);
178 return(ret);
179 }
180#endif
181
182static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
183 {
184 int i,ok=0,bad=0;
185
186 i=ssl_cert_type(NULL,pkey);
187 if (i < 0)
188 {
189 SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
190 return(0);
191 }
192
193 if (c->pkeys[i].x509 != NULL)
194 {
195 EVP_PKEY *pktmp;
196 pktmp = X509_get_pubkey(c->pkeys[i].x509);
197 EVP_PKEY_copy_parameters(pktmp,pkey);
198 EVP_PKEY_free(pktmp);
199 ERR_clear_error();
200
201#ifndef NO_RSA
202 /* Don't check the public/private key, this is mostly
203 * for smart cards. */
204 if ((pkey->type == EVP_PKEY_RSA) &&
205 (RSA_flags(pkey->pkey.rsa) &
206 RSA_METHOD_FLAG_NO_CHECK))
207 ok=1;
208 else
209#endif
210 if (!X509_check_private_key(c->pkeys[i].x509,pkey))
211 {
212 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
213 {
214 i=(i == SSL_PKEY_DH_RSA)?
215 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
216
217 if (c->pkeys[i].x509 == NULL)
218 ok=1;
219 else
220 {
221 if (!X509_check_private_key(
222 c->pkeys[i].x509,pkey))
223 bad=1;
224 else
225 ok=1;
226 }
227 }
228 else
229 bad=1;
230 }
231 else
232 ok=1;
233 }
234 else
235 ok=1;
236
237 if (bad)
238 {
239 X509_free(c->pkeys[i].x509);
240 c->pkeys[i].x509=NULL;
241 return(0);
242 }
243
244 if (c->pkeys[i].privatekey != NULL)
245 EVP_PKEY_free(c->pkeys[i].privatekey);
246 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
247 c->pkeys[i].privatekey=pkey;
248 c->key= &(c->pkeys[i]);
249
250 c->valid=0;
251 return(1);
252 }
253
254#ifndef NO_RSA
255#ifndef NO_STDIO
256int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
257 {
258 int j,ret=0;
259 BIO *in;
260 RSA *rsa=NULL;
261
262 in=BIO_new(BIO_s_file_internal());
263 if (in == NULL)
264 {
265 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
266 goto end;
267 }
268
269 if (BIO_read_filename(in,file) <= 0)
270 {
271 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
272 goto end;
273 }
274 if (type == SSL_FILETYPE_ASN1)
275 {
276 j=ERR_R_ASN1_LIB;
277 rsa=d2i_RSAPrivateKey_bio(in,NULL);
278 }
279 else if (type == SSL_FILETYPE_PEM)
280 {
281 j=ERR_R_PEM_LIB;
282 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
283 ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
284 }
285 else
286 {
287 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
288 goto end;
289 }
290 if (rsa == NULL)
291 {
292 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
293 goto end;
294 }
295 ret=SSL_use_RSAPrivateKey(ssl,rsa);
296 RSA_free(rsa);
297end:
298 if (in != NULL) BIO_free(in);
299 return(ret);
300 }
301#endif
302
303int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
304 {
305 int ret;
306 unsigned char *p;
307 RSA *rsa;
308
309 p=d;
310 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
311 {
312 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
313 return(0);
314 }
315
316 ret=SSL_use_RSAPrivateKey(ssl,rsa);
317 RSA_free(rsa);
318 return(ret);
319 }
320#endif /* !NO_RSA */
321
322int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
323 {
324 int ret;
325
326 if (pkey == NULL)
327 {
328 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
329 return(0);
330 }
331 if (!ssl_cert_inst(&ssl->cert))
332 {
333 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
334 return(0);
335 }
336 ret=ssl_set_pkey(ssl->cert,pkey);
337 return(ret);
338 }
339
340#ifndef NO_STDIO
341int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
342 {
343 int j,ret=0;
344 BIO *in;
345 EVP_PKEY *pkey=NULL;
346
347 in=BIO_new(BIO_s_file_internal());
348 if (in == NULL)
349 {
350 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
351 goto end;
352 }
353
354 if (BIO_read_filename(in,file) <= 0)
355 {
356 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
357 goto end;
358 }
359 if (type == SSL_FILETYPE_PEM)
360 {
361 j=ERR_R_PEM_LIB;
362 pkey=PEM_read_bio_PrivateKey(in,NULL,
363 ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
364 }
365 else
366 {
367 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
368 goto end;
369 }
370 if (pkey == NULL)
371 {
372 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
373 goto end;
374 }
375 ret=SSL_use_PrivateKey(ssl,pkey);
376 EVP_PKEY_free(pkey);
377end:
378 if (in != NULL) BIO_free(in);
379 return(ret);
380 }
381#endif
382
383int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len)
384 {
385 int ret;
386 unsigned char *p;
387 EVP_PKEY *pkey;
388
389 p=d;
390 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
391 {
392 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
393 return(0);
394 }
395
396 ret=SSL_use_PrivateKey(ssl,pkey);
397 EVP_PKEY_free(pkey);
398 return(ret);
399 }
400
401int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
402 {
403 if (x == NULL)
404 {
405 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
406 return(0);
407 }
408 if (!ssl_cert_inst(&ctx->cert))
409 {
410 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
411 return(0);
412 }
413 return(ssl_set_cert(ctx->cert, x));
414 }
415
416static int ssl_set_cert(CERT *c, X509 *x)
417 {
418 EVP_PKEY *pkey;
419 int i,ok=0,bad=0;
420
421 pkey=X509_get_pubkey(x);
422 if (pkey == NULL)
423 {
424 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
425 return(0);
426 }
427
428 i=ssl_cert_type(x,pkey);
429 if (i < 0)
430 {
431 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
432 EVP_PKEY_free(pkey);
433 return(0);
434 }
435
436 if (c->pkeys[i].privatekey != NULL)
437 {
438 EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
439 ERR_clear_error();
440
441#ifndef NO_RSA
442 /* Don't check the public/private key, this is mostly
443 * for smart cards. */
444 if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
445 (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
446 RSA_METHOD_FLAG_NO_CHECK))
447 ok=1;
448 else
449#endif
450 {
451 if (!X509_check_private_key(x,c->pkeys[i].privatekey))
452 {
453 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
454 {
455 i=(i == SSL_PKEY_DH_RSA)?
456 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
457
458 if (c->pkeys[i].privatekey == NULL)
459 ok=1;
460 else
461 {
462 if (!X509_check_private_key(x,
463 c->pkeys[i].privatekey))
464 bad=1;
465 else
466 ok=1;
467 }
468 }
469 else
470 bad=1;
471 }
472 else
473 ok=1;
474 } /* NO_RSA */
475 }
476 else
477 ok=1;
478
479 EVP_PKEY_free(pkey);
480 if (bad)
481 {
482 EVP_PKEY_free(c->pkeys[i].privatekey);
483 c->pkeys[i].privatekey=NULL;
484 }
485
486 if (c->pkeys[i].x509 != NULL)
487 X509_free(c->pkeys[i].x509);
488 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
489 c->pkeys[i].x509=x;
490 c->key= &(c->pkeys[i]);
491
492 c->valid=0;
493 return(1);
494 }
495
496#ifndef NO_STDIO
497int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
498 {
499 int j;
500 BIO *in;
501 int ret=0;
502 X509 *x=NULL;
503
504 in=BIO_new(BIO_s_file_internal());
505 if (in == NULL)
506 {
507 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
508 goto end;
509 }
510
511 if (BIO_read_filename(in,file) <= 0)
512 {
513 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
514 goto end;
515 }
516 if (type == SSL_FILETYPE_ASN1)
517 {
518 j=ERR_R_ASN1_LIB;
519 x=d2i_X509_bio(in,NULL);
520 }
521 else if (type == SSL_FILETYPE_PEM)
522 {
523 j=ERR_R_PEM_LIB;
524 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
525 }
526 else
527 {
528 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
529 goto end;
530 }
531
532 if (x == NULL)
533 {
534 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
535 goto end;
536 }
537
538 ret=SSL_CTX_use_certificate(ctx,x);
539end:
540 if (x != NULL) X509_free(x);
541 if (in != NULL) BIO_free(in);
542 return(ret);
543 }
544#endif
545
546int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
547 {
548 X509 *x;
549 int ret;
550
551 x=d2i_X509(NULL,&d,(long)len);
552 if (x == NULL)
553 {
554 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
555 return(0);
556 }
557
558 ret=SSL_CTX_use_certificate(ctx,x);
559 X509_free(x);
560 return(ret);
561 }
562
563#ifndef NO_RSA
564int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
565 {
566 int ret;
567 EVP_PKEY *pkey;
568
569 if (rsa == NULL)
570 {
571 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
572 return(0);
573 }
574 if (!ssl_cert_inst(&ctx->cert))
575 {
576 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
577 return(0);
578 }
579 if ((pkey=EVP_PKEY_new()) == NULL)
580 {
581 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
582 return(0);
583 }
584
585 CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
586 EVP_PKEY_assign_RSA(pkey,rsa);
587
588 ret=ssl_set_pkey(ctx->cert, pkey);
589 EVP_PKEY_free(pkey);
590 return(ret);
591 }
592
593#ifndef NO_STDIO
594int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
595 {
596 int j,ret=0;
597 BIO *in;
598 RSA *rsa=NULL;
599
600 in=BIO_new(BIO_s_file_internal());
601 if (in == NULL)
602 {
603 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
604 goto end;
605 }
606
607 if (BIO_read_filename(in,file) <= 0)
608 {
609 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
610 goto end;
611 }
612 if (type == SSL_FILETYPE_ASN1)
613 {
614 j=ERR_R_ASN1_LIB;
615 rsa=d2i_RSAPrivateKey_bio(in,NULL);
616 }
617 else if (type == SSL_FILETYPE_PEM)
618 {
619 j=ERR_R_PEM_LIB;
620 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
621 ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
622 }
623 else
624 {
625 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
626 goto end;
627 }
628 if (rsa == NULL)
629 {
630 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
631 goto end;
632 }
633 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
634 RSA_free(rsa);
635end:
636 if (in != NULL) BIO_free(in);
637 return(ret);
638 }
639#endif
640
641int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
642 {
643 int ret;
644 unsigned char *p;
645 RSA *rsa;
646
647 p=d;
648 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
649 {
650 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
651 return(0);
652 }
653
654 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
655 RSA_free(rsa);
656 return(ret);
657 }
658#endif /* !NO_RSA */
659
660int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
661 {
662 if (pkey == NULL)
663 {
664 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
665 return(0);
666 }
667 if (!ssl_cert_inst(&ctx->cert))
668 {
669 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
670 return(0);
671 }
672 return(ssl_set_pkey(ctx->cert,pkey));
673 }
674
675#ifndef NO_STDIO
676int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
677 {
678 int j,ret=0;
679 BIO *in;
680 EVP_PKEY *pkey=NULL;
681
682 in=BIO_new(BIO_s_file_internal());
683 if (in == NULL)
684 {
685 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
686 goto end;
687 }
688
689 if (BIO_read_filename(in,file) <= 0)
690 {
691 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
692 goto end;
693 }
694 if (type == SSL_FILETYPE_PEM)
695 {
696 j=ERR_R_PEM_LIB;
697 pkey=PEM_read_bio_PrivateKey(in,NULL,
698 ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
699 }
700 else
701 {
702 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
703 goto end;
704 }
705 if (pkey == NULL)
706 {
707 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
708 goto end;
709 }
710 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
711 EVP_PKEY_free(pkey);
712end:
713 if (in != NULL) BIO_free(in);
714 return(ret);
715 }
716#endif
717
718int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
719 long len)
720 {
721 int ret;
722 unsigned char *p;
723 EVP_PKEY *pkey;
724
725 p=d;
726 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
727 {
728 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
729 return(0);
730 }
731
732 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
733 EVP_PKEY_free(pkey);
734 return(ret);
735 }
736
737
738#ifndef NO_STDIO
739/* Read a file that contains our certificate in "PEM" format,
740 * possibly followed by a sequence of CA certificates that should be
741 * sent to the peer in the Certificate message.
742 */
743int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
744 {
745 BIO *in;
746 int ret=0;
747 X509 *x=NULL;
748
749 in=BIO_new(BIO_s_file_internal());
750 if (in == NULL)
751 {
752 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
753 goto end;
754 }
755
756 if (BIO_read_filename(in,file) <= 0)
757 {
758 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB);
759 goto end;
760 }
761
762 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
763 if (x == NULL)
764 {
765 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
766 goto end;
767 }
768
769 ret=SSL_CTX_use_certificate(ctx,x);
770 if (ERR_peek_error() != 0)
771 ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
772 if (ret)
773 {
774 /* If we could set up our certificate, now proceed to
775 * the CA certificates.
776 */
777 X509 *ca;
778 int r;
779 unsigned long err;
780
781 if (ctx->extra_certs != NULL)
782 {
783 sk_X509_pop_free(ctx->extra_certs, X509_free);
784 ctx->extra_certs = NULL;
785 }
786
787 while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
788 != NULL)
789 {
790 r = SSL_CTX_add_extra_chain_cert(ctx, ca);
791 if (!r)
792 {
793 X509_free(ca);
794 ret = 0;
795 goto end;
796 }
797 /* Note that we must not free r if it was successfully
798 * added to the chain (while we must free the main
799 * certificate, since its reference count is increased
800 * by SSL_CTX_use_certificate). */
801 }
802 /* When the while loop ends, it's usually just EOF. */
803 err = ERR_peek_error();
804 if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
805 (void) ERR_get_error();
806 else
807 ret = 0; /* some real error */
808 }
809
810end:
811 if (x != NULL) X509_free(x);
812 if (in != NULL) BIO_free(in);
813 return(ret);
814 }
815#endif
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
deleted file mode 100644
index 7064262def..0000000000
--- a/src/lib/libssl/ssl_sess.c
+++ /dev/null
@@ -1,681 +0,0 @@
1/* ssl/ssl_sess.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/lhash.h>
61#include <openssl/rand.h>
62#include "ssl_locl.h"
63
64static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
65static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
66static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
67static int ssl_session_num=0;
68static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_session_meth=NULL;
69
70SSL_SESSION *SSL_get_session(SSL *ssl)
71/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
72 {
73 return(ssl->session);
74 }
75
76SSL_SESSION *SSL_get1_session(SSL *ssl)
77/* variant of SSL_get_session: caller really gets something */
78 {
79 SSL_SESSION *sess;
80 /* Need to lock this all up rather than just use CRYPTO_add so that
81 * somebody doesn't free ssl->session between when we check it's
82 * non-null and when we up the reference count. */
83 CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION);
84 sess = ssl->session;
85 if(sess)
86 sess->references++;
87 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION);
88 return(sess);
89 }
90
91int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
92 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
93 {
94 ssl_session_num++;
95 return(CRYPTO_get_ex_new_index(ssl_session_num-1,
96 &ssl_session_meth,
97 argl,argp,new_func,dup_func,free_func));
98 }
99
100int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
101 {
102 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
103 }
104
105void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx)
106 {
107 return(CRYPTO_get_ex_data(&s->ex_data,idx));
108 }
109
110SSL_SESSION *SSL_SESSION_new(void)
111 {
112 SSL_SESSION *ss;
113
114 ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
115 if (ss == NULL)
116 {
117 SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
118 return(0);
119 }
120 memset(ss,0,sizeof(SSL_SESSION));
121
122 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
123 ss->references=1;
124 ss->timeout=60*5+4; /* 5 minute timeout by default */
125 ss->time=time(NULL);
126 ss->prev=NULL;
127 ss->next=NULL;
128 ss->compress_meth=0;
129 CRYPTO_new_ex_data(ssl_session_meth,ss,&ss->ex_data);
130 return(ss);
131 }
132
133int ssl_get_new_session(SSL *s, int session)
134 {
135 /* This gets used by clients and servers. */
136
137 SSL_SESSION *ss=NULL;
138
139 if ((ss=SSL_SESSION_new()) == NULL) return(0);
140
141 /* If the context has a default timeout, use it */
142 if (s->ctx->session_timeout == 0)
143 ss->timeout=SSL_get_default_timeout(s);
144 else
145 ss->timeout=s->ctx->session_timeout;
146
147 if (s->session != NULL)
148 {
149 SSL_SESSION_free(s->session);
150 s->session=NULL;
151 }
152
153 if (session)
154 {
155 if (s->version == SSL2_VERSION)
156 {
157 ss->ssl_version=SSL2_VERSION;
158 ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
159 }
160 else if (s->version == SSL3_VERSION)
161 {
162 ss->ssl_version=SSL3_VERSION;
163 ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
164 }
165 else if (s->version == TLS1_VERSION)
166 {
167 ss->ssl_version=TLS1_VERSION;
168 ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
169 }
170 else
171 {
172 SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
173 SSL_SESSION_free(ss);
174 return(0);
175 }
176
177 for (;;)
178 {
179 SSL_SESSION *r;
180
181 RAND_pseudo_bytes(ss->session_id,ss->session_id_length);
182 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
183 r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions, ss);
184 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
185 if (r == NULL) break;
186 /* else - woops a session_id match */
187 /* XXX We should also check the external cache --
188 * but the probability of a collision is negligible, and
189 * we could not prevent the concurrent creation of sessions
190 * with identical IDs since we currently don't have means
191 * to atomically check whether a session ID already exists
192 * and make a reservation for it if it does not
193 * (this problem applies to the internal cache as well).
194 */
195 }
196 }
197 else
198 {
199 ss->session_id_length=0;
200 }
201
202 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
203 ss->sid_ctx_length=s->sid_ctx_length;
204 s->session=ss;
205 ss->ssl_version=s->version;
206 ss->verify_result = X509_V_OK;
207
208 return(1);
209 }
210
211int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
212 {
213 /* This is used only by servers. */
214
215 SSL_SESSION *ret=NULL,data;
216 int fatal = 0;
217
218 data.ssl_version=s->version;
219 data.session_id_length=len;
220 if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
221 goto err;
222 memcpy(data.session_id,session_id,len);
223
224 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
225 {
226 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
227 ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
228 if (ret != NULL)
229 /* don't allow other threads to steal it: */
230 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
231 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
232 }
233
234 if (ret == NULL)
235 {
236 int copy=1;
237
238 s->ctx->stats.sess_miss++;
239 ret=NULL;
240 if (s->ctx->get_session_cb != NULL
241 && (ret=s->ctx->get_session_cb(s,session_id,len,&copy))
242 != NULL)
243 {
244 s->ctx->stats.sess_cb_hit++;
245
246 /* Increment reference count now if the session callback
247 * asks us to do so (note that if the session structures
248 * returned by the callback are shared between threads,
249 * it must handle the reference count itself [i.e. copy == 0],
250 * or things won't be thread-safe). */
251 if (copy)
252 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
253
254 /* The following should not return 1, otherwise,
255 * things are very strange */
256 SSL_CTX_add_session(s->ctx,ret);
257 }
258 if (ret == NULL)
259 goto err;
260 }
261
262 /* Now ret is non-NULL, and we own one of its reference counts. */
263
264 if((s->verify_mode&SSL_VERIFY_PEER)
265 && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
266 || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
267 {
268 /* We've found the session named by the client, but we don't
269 * want to use it in this context. */
270
271 if (s->sid_ctx_length == 0)
272 {
273 /* application should have used SSL[_CTX]_set_session_id_context
274 * -- we could tolerate this and just pretend we never heard
275 * of this session, but then applications could effectively
276 * disable the session cache by accident without anyone noticing */
277
278 SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
279 fatal = 1;
280 goto err;
281 }
282 else
283 {
284#if 0 /* The client cannot always know when a session is not appropriate,
285 * so we shouldn't generate an error message. */
286
287 SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
288#endif
289 goto err; /* treat like cache miss */
290 }
291 }
292
293 if (ret->cipher == NULL)
294 {
295 unsigned char buf[5],*p;
296 unsigned long l;
297
298 p=buf;
299 l=ret->cipher_id;
300 l2n(l,p);
301 if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
302 ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
303 else
304 ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
305 if (ret->cipher == NULL)
306 goto err;
307 }
308
309
310#if 0 /* This is way too late. */
311
312 /* If a thread got the session, then 'swaped', and another got
313 * it and then due to a time-out decided to 'OPENSSL_free' it we could
314 * be in trouble. So I'll increment it now, then double decrement
315 * later - am I speaking rubbish?. */
316 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
317#endif
318
319 if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
320 {
321 s->ctx->stats.sess_timeout++;
322 /* remove it from the cache */
323 SSL_CTX_remove_session(s->ctx,ret);
324 goto err;
325 }
326
327 s->ctx->stats.sess_hit++;
328
329 /* ret->time=time(NULL); */ /* rezero timeout? */
330 /* again, just leave the session
331 * if it is the same session, we have just incremented and
332 * then decremented the reference count :-) */
333 if (s->session != NULL)
334 SSL_SESSION_free(s->session);
335 s->session=ret;
336 s->verify_result = s->session->verify_result;
337 return(1);
338
339 err:
340 if (ret != NULL)
341 SSL_SESSION_free(ret);
342 if (fatal)
343 return -1;
344 else
345 return 0;
346 }
347
348int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
349 {
350 int ret=0;
351 SSL_SESSION *s;
352
353 /* add just 1 reference count for the SSL_CTX's session cache
354 * even though it has two ways of access: each session is in a
355 * doubly linked list and an lhash */
356 CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
357 /* if session c is in already in cache, we take back the increment later */
358
359 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
360 s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
361
362 /* s != NULL iff we already had a session with the given PID.
363 * In this case, s == c should hold (then we did not really modify
364 * ctx->sessions), or we're in trouble. */
365 if (s != NULL && s != c)
366 {
367 /* We *are* in trouble ... */
368 SSL_SESSION_list_remove(ctx,s);
369 SSL_SESSION_free(s);
370 /* ... so pretend the other session did not exist in cache
371 * (we cannot handle two SSL_SESSION structures with identical
372 * session ID in the same cache, which could happen e.g. when
373 * two threads concurrently obtain the same session from an external
374 * cache) */
375 s = NULL;
376 }
377
378 /* Put at the head of the queue unless it is already in the cache */
379 if (s == NULL)
380 SSL_SESSION_list_add(ctx,c);
381
382 if (s != NULL)
383 {
384 /* existing cache entry -- decrement previously incremented reference
385 * count because it already takes into account the cache */
386
387 SSL_SESSION_free(s); /* s == c */
388 ret=0;
389 }
390 else
391 {
392 /* new cache entry -- remove old ones if cache has become too large */
393
394 ret=1;
395
396 if (SSL_CTX_sess_get_cache_size(ctx) > 0)
397 {
398 while (SSL_CTX_sess_number(ctx) >
399 SSL_CTX_sess_get_cache_size(ctx))
400 {
401 if (!remove_session_lock(ctx,
402 ctx->session_cache_tail, 0))
403 break;
404 else
405 ctx->stats.sess_cache_full++;
406 }
407 }
408 }
409 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
410 return(ret);
411 }
412
413int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
414{
415 return remove_session_lock(ctx, c, 1);
416}
417
418static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
419 {
420 SSL_SESSION *r;
421 int ret=0;
422
423 if ((c != NULL) && (c->session_id_length != 0))
424 {
425 if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
426 r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
427 if (r != NULL)
428 {
429 ret=1;
430 SSL_SESSION_list_remove(ctx,c);
431 }
432
433 if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
434
435 if (ret)
436 {
437 r->not_resumable=1;
438 if (ctx->remove_session_cb != NULL)
439 ctx->remove_session_cb(ctx,r);
440 SSL_SESSION_free(r);
441 }
442 }
443 else
444 ret=0;
445 return(ret);
446 }
447
448void SSL_SESSION_free(SSL_SESSION *ss)
449 {
450 int i;
451
452 if(ss == NULL)
453 return;
454
455 i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
456#ifdef REF_PRINT
457 REF_PRINT("SSL_SESSION",ss);
458#endif
459 if (i > 0) return;
460#ifdef REF_CHECK
461 if (i < 0)
462 {
463 fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
464 abort(); /* ok */
465 }
466#endif
467
468 CRYPTO_free_ex_data(ssl_session_meth,ss,&ss->ex_data);
469
470 memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
471 memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
472 memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
473 if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
474 if (ss->peer != NULL) X509_free(ss->peer);
475 if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
476 memset(ss,0,sizeof(*ss));
477 OPENSSL_free(ss);
478 }
479
480int SSL_set_session(SSL *s, SSL_SESSION *session)
481 {
482 int ret=0;
483 SSL_METHOD *meth;
484
485 if (session != NULL)
486 {
487 meth=s->ctx->method->get_ssl_method(session->ssl_version);
488 if (meth == NULL)
489 meth=s->method->get_ssl_method(session->ssl_version);
490 if (meth == NULL)
491 {
492 SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
493 return(0);
494 }
495
496 if (meth != s->method)
497 {
498 if (!SSL_set_ssl_method(s,meth))
499 return(0);
500 if (s->ctx->session_timeout == 0)
501 session->timeout=SSL_get_default_timeout(s);
502 else
503 session->timeout=s->ctx->session_timeout;
504 }
505
506 /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
507 CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
508 if (s->session != NULL)
509 SSL_SESSION_free(s->session);
510 s->session=session;
511 s->verify_result = s->session->verify_result;
512 /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
513 ret=1;
514 }
515 else
516 {
517 if (s->session != NULL)
518 {
519 SSL_SESSION_free(s->session);
520 s->session=NULL;
521 }
522
523 meth=s->ctx->method;
524 if (meth != s->method)
525 {
526 if (!SSL_set_ssl_method(s,meth))
527 return(0);
528 }
529 ret=1;
530 }
531 return(ret);
532 }
533
534long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
535 {
536 if (s == NULL) return(0);
537 s->timeout=t;
538 return(1);
539 }
540
541long SSL_SESSION_get_timeout(SSL_SESSION *s)
542 {
543 if (s == NULL) return(0);
544 return(s->timeout);
545 }
546
547long SSL_SESSION_get_time(SSL_SESSION *s)
548 {
549 if (s == NULL) return(0);
550 return(s->time);
551 }
552
553long SSL_SESSION_set_time(SSL_SESSION *s, long t)
554 {
555 if (s == NULL) return(0);
556 s->time=t;
557 return(t);
558 }
559
560long SSL_CTX_set_timeout(SSL_CTX *s, long t)
561 {
562 long l;
563 if (s == NULL) return(0);
564 l=s->session_timeout;
565 s->session_timeout=t;
566 return(l);
567 }
568
569long SSL_CTX_get_timeout(SSL_CTX *s)
570 {
571 if (s == NULL) return(0);
572 return(s->session_timeout);
573 }
574
575typedef struct timeout_param_st
576 {
577 SSL_CTX *ctx;
578 long time;
579 LHASH *cache;
580 } TIMEOUT_PARAM;
581
582static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
583 {
584 if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
585 {
586 /* The reason we don't call SSL_CTX_remove_session() is to
587 * save on locking overhead */
588 lh_delete(p->cache,s);
589 SSL_SESSION_list_remove(p->ctx,s);
590 s->not_resumable=1;
591 if (p->ctx->remove_session_cb != NULL)
592 p->ctx->remove_session_cb(p->ctx,s);
593 SSL_SESSION_free(s);
594 }
595 }
596
597void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
598 {
599 unsigned long i;
600 TIMEOUT_PARAM tp;
601
602 tp.ctx=s;
603 tp.cache=s->sessions;
604 if (tp.cache == NULL) return;
605 tp.time=t;
606 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
607 i=tp.cache->down_load;
608 tp.cache->down_load=0;
609 lh_doall_arg(tp.cache,(void (*)())timeout,&tp);
610 tp.cache->down_load=i;
611 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
612 }
613
614int ssl_clear_bad_session(SSL *s)
615 {
616 if ( (s->session != NULL) &&
617 !(s->shutdown & SSL_SENT_SHUTDOWN) &&
618 !(SSL_in_init(s) || SSL_in_before(s)))
619 {
620 SSL_CTX_remove_session(s->ctx,s->session);
621 return(1);
622 }
623 else
624 return(0);
625 }
626
627/* locked by SSL_CTX in the calling function */
628static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
629 {
630 if ((s->next == NULL) || (s->prev == NULL)) return;
631
632 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
633 { /* last element in list */
634 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
635 { /* only one element in list */
636 ctx->session_cache_head=NULL;
637 ctx->session_cache_tail=NULL;
638 }
639 else
640 {
641 ctx->session_cache_tail=s->prev;
642 s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
643 }
644 }
645 else
646 {
647 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
648 { /* first element in list */
649 ctx->session_cache_head=s->next;
650 s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
651 }
652 else
653 { /* middle of list */
654 s->next->prev=s->prev;
655 s->prev->next=s->next;
656 }
657 }
658 s->prev=s->next=NULL;
659 }
660
661static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
662 {
663 if ((s->next != NULL) && (s->prev != NULL))
664 SSL_SESSION_list_remove(ctx,s);
665
666 if (ctx->session_cache_head == NULL)
667 {
668 ctx->session_cache_head=s;
669 ctx->session_cache_tail=s;
670 s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
671 s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
672 }
673 else
674 {
675 s->next=ctx->session_cache_head;
676 s->next->prev=s;
677 s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
678 ctx->session_cache_head=s;
679 }
680 }
681
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
deleted file mode 100644
index 8e12461f3b..0000000000
--- a/src/lib/libssl/ssl_stat.c
+++ /dev/null
@@ -1,454 +0,0 @@
1/* ssl/ssl_stat.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61
62char *SSL_state_string_long(SSL *s)
63 {
64 char *str;
65
66 switch (s->state)
67 {
68case SSL_ST_BEFORE: str="before SSL initialization"; break;
69case SSL_ST_ACCEPT: str="before accept initialization"; break;
70case SSL_ST_CONNECT: str="before connect initialization"; break;
71case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
72case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break;
73case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
74case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
75case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
76case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
77#ifndef NO_SSL2
78case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
79case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
80case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
81case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
82case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
83case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
84case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
85case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
86case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
87case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
88case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
89case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
90case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
91case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
92case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
93case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
94case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
95case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
96case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
97case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
98case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
99case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
100case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
101case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
102case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
103case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
104case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
105case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
106case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
107case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
108case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
109case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
110case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
111case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
112case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
113case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
114case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
115case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
116#endif
117
118#ifndef NO_SSL3
119/* SSLv3 additions */
120case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
121case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
122case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break;
123case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break;
124case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break;
125case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break;
126case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break;
127case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break;
128case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break;
129case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break;
130case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break;
131case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break;
132case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break;
133case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break;
134case SSL3_ST_CW_CERT_C: str="SSLv3 write client certificate C"; break;
135case SSL3_ST_CW_CERT_D: str="SSLv3 write client certificate D"; break;
136case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break;
137case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break;
138case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break;
139case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break;
140
141case SSL3_ST_CW_CHANGE_A:
142case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break;
143case SSL3_ST_CW_CHANGE_B:
144case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break;
145case SSL3_ST_CW_FINISHED_A:
146case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break;
147case SSL3_ST_CW_FINISHED_B:
148case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break;
149case SSL3_ST_CR_CHANGE_A:
150case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break;
151case SSL3_ST_CR_CHANGE_B:
152case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break;
153case SSL3_ST_CR_FINISHED_A:
154case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break;
155case SSL3_ST_CR_FINISHED_B:
156case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break;
157
158case SSL3_ST_CW_FLUSH:
159case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break;
160
161case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break;
162case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break;
163case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break;
164case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break;
165case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break;
166case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break;
167case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break;
168case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break;
169case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break;
170case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break;
171case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break;
172case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break;
173case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break;
174case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break;
175case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break;
176case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break;
177case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break;
178case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break;
179case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
180case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
181case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
182case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
183#endif
184
185#if !defined(NO_SSL2) && !defined(NO_SSL3)
186/* SSLv2/v3 compatibility states */
187/* client */
188case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
189case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
190case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break;
191case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
192/* server */
193case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
194case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
195#endif
196
197default: str="unknown state"; break;
198 }
199 return(str);
200 }
201
202char *SSL_rstate_string_long(SSL *s)
203 {
204 char *str;
205
206 switch (s->rstate)
207 {
208 case SSL_ST_READ_HEADER: str="read header"; break;
209 case SSL_ST_READ_BODY: str="read body"; break;
210 case SSL_ST_READ_DONE: str="read done"; break;
211 default: str="unknown"; break;
212 }
213 return(str);
214 }
215
216char *SSL_state_string(SSL *s)
217 {
218 char *str;
219
220 switch (s->state)
221 {
222case SSL_ST_BEFORE: str="PINIT "; break;
223case SSL_ST_ACCEPT: str="AINIT "; break;
224case SSL_ST_CONNECT: str="CINIT "; break;
225case SSL_ST_OK: str="SSLOK "; break;
226#ifndef NO_SSL2
227case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
228case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
229case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
230case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break;
231case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break;
232case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break;
233case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break;
234case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break;
235case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break;
236case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break;
237case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break;
238case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break;
239case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break;
240case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break;
241case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break;
242case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break;
243case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break;
244case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break;
245case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break;
246case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break;
247case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break;
248case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break;
249case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break;
250case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break;
251case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break;
252case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break;
253case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break;
254case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break;
255case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break;
256case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break;
257case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break;
258case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break;
259case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break;
260case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break;
261case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break;
262case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break;
263case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
264case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
265#endif
266
267#ifndef NO_SSL3
268/* SSLv3 additions */
269case SSL3_ST_SW_FLUSH:
270case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
271case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break;
272case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break;
273case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break;
274case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break;
275case SSL3_ST_CR_CERT_A: str="3RSC_A"; break;
276case SSL3_ST_CR_CERT_B: str="3RSC_B"; break;
277case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break;
278case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break;
279case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break;
280case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break;
281case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break;
282case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break;
283case SSL3_ST_CW_CERT_A: str="3WCC_A"; break;
284case SSL3_ST_CW_CERT_B: str="3WCC_B"; break;
285case SSL3_ST_CW_CERT_C: str="3WCC_C"; break;
286case SSL3_ST_CW_CERT_D: str="3WCC_D"; break;
287case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break;
288case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break;
289case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break;
290case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break;
291
292case SSL3_ST_SW_CHANGE_A:
293case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break;
294case SSL3_ST_SW_CHANGE_B:
295case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break;
296case SSL3_ST_SW_FINISHED_A:
297case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break;
298case SSL3_ST_SW_FINISHED_B:
299case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break;
300case SSL3_ST_SR_CHANGE_A:
301case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break;
302case SSL3_ST_SR_CHANGE_B:
303case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break;
304case SSL3_ST_SR_FINISHED_A:
305case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break;
306case SSL3_ST_SR_FINISHED_B:
307case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break;
308
309case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break;
310case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break;
311case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
312case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
313case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
314case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
315case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
316case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
317case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;
318case SSL3_ST_SW_CERT_B: str="3WSC_B"; break;
319case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break;
320case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break;
321case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break;
322case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break;
323case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break;
324case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break;
325case SSL3_ST_SR_CERT_A: str="3RCC_A"; break;
326case SSL3_ST_SR_CERT_B: str="3RCC_B"; break;
327case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break;
328case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break;
329case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
330case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
331#endif
332
333#if !defined(NO_SSL2) && !defined(NO_SSL3)
334/* SSLv2/v3 compatibility states */
335/* client */
336case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
337case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
338case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break;
339case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
340/* server */
341case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
342case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
343#endif
344
345default: str="UNKWN "; break;
346 }
347 return(str);
348 }
349
350char *SSL_alert_type_string_long(int value)
351 {
352 value>>=8;
353 if (value == SSL3_AL_WARNING)
354 return("warning");
355 else if (value == SSL3_AL_FATAL)
356 return("fatal");
357 else
358 return("unknown");
359 }
360
361char *SSL_alert_type_string(int value)
362 {
363 value>>=8;
364 if (value == SSL3_AL_WARNING)
365 return("W");
366 else if (value == SSL3_AL_FATAL)
367 return("F");
368 else
369 return("U");
370 }
371
372char *SSL_alert_desc_string(int value)
373 {
374 char *str;
375
376 switch (value & 0xff)
377 {
378 case SSL3_AD_CLOSE_NOTIFY: str="CN"; break;
379 case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break;
380 case SSL3_AD_BAD_RECORD_MAC: str="BM"; break;
381 case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break;
382 case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break;
383 case SSL3_AD_NO_CERTIFICATE: str="NC"; break;
384 case SSL3_AD_BAD_CERTIFICATE: str="BC"; break;
385 case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break;
386 case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break;
387 case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break;
388 case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break;
389 case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break;
390 default: str="UK"; break;
391 }
392 return(str);
393 }
394
395char *SSL_alert_desc_string_long(int value)
396 {
397 char *str;
398
399 switch (value & 0xff)
400 {
401 case SSL3_AD_CLOSE_NOTIFY:
402 str="close notify";
403 break;
404 case SSL3_AD_UNEXPECTED_MESSAGE:
405 str="unexpected_message";
406 break;
407 case SSL3_AD_BAD_RECORD_MAC:
408 str="bad record mac";
409 break;
410 case SSL3_AD_DECOMPRESSION_FAILURE:
411 str="decompression failure";
412 break;
413 case SSL3_AD_HANDSHAKE_FAILURE:
414 str="handshake failure";
415 break;
416 case SSL3_AD_NO_CERTIFICATE:
417 str="no certificate";
418 break;
419 case SSL3_AD_BAD_CERTIFICATE:
420 str="bad certificate";
421 break;
422 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
423 str="unsupported certificate";
424 break;
425 case SSL3_AD_CERTIFICATE_REVOKED:
426 str="certificate revoked";
427 break;
428 case SSL3_AD_CERTIFICATE_EXPIRED:
429 str="certificate expired";
430 break;
431 case SSL3_AD_CERTIFICATE_UNKNOWN:
432 str="certificate unknown";
433 break;
434 case SSL3_AD_ILLEGAL_PARAMETER:
435 str="illegal parameter";
436 break;
437 default: str="unknown"; break;
438 }
439 return(str);
440 }
441
442char *SSL_rstate_string(SSL *s)
443 {
444 char *str;
445
446 switch (s->rstate)
447 {
448 case SSL_ST_READ_HEADER:str="RH"; break;
449 case SSL_ST_READ_BODY: str="RB"; break;
450 case SSL_ST_READ_DONE: str="RD"; break;
451 default: str="unknown"; break;
452 }
453 return(str);
454 }
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
deleted file mode 100644
index 6e33eec3e4..0000000000
--- a/src/lib/libssl/ssl_txt.c
+++ /dev/null
@@ -1,174 +0,0 @@
1/* ssl/ssl_txt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include "ssl_locl.h"
62
63#ifndef NO_FP_API
64int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
65 {
66 BIO *b;
67 int ret;
68
69 if ((b=BIO_new(BIO_s_file_internal())) == NULL)
70 {
71 SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
72 return(0);
73 }
74 BIO_set_fp(b,fp,BIO_NOCLOSE);
75 ret=SSL_SESSION_print(b,x);
76 BIO_free(b);
77 return(ret);
78 }
79#endif
80
81int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
82 {
83 unsigned int i;
84 char *s;
85
86 if (x == NULL) goto err;
87 if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
88 if (x->ssl_version == SSL2_VERSION)
89 s="SSLv2";
90 else if (x->ssl_version == SSL3_VERSION)
91 s="SSLv3";
92 else if (x->ssl_version == TLS1_VERSION)
93 s="TLSv1";
94 else
95 s="unknown";
96 if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err;
97
98 if (x->cipher == NULL)
99 {
100 if (((x->cipher_id) & 0xff000000) == 0x02000000)
101 {
102 if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0)
103 goto err;
104 }
105 else
106 {
107 if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0)
108 goto err;
109 }
110 }
111 else
112 {
113 if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
114 goto err;
115 }
116 if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
117 for (i=0; i<x->session_id_length; i++)
118 {
119 if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
120 }
121 if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
122 for (i=0; i<x->sid_ctx_length; i++)
123 {
124 if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
125 goto err;
126 }
127 if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
128 for (i=0; i<(unsigned int)x->master_key_length; i++)
129 {
130 if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
131 }
132 if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
133 if (x->key_arg_length == 0)
134 {
135 if (BIO_puts(bp,"None") <= 0) goto err;
136 }
137 else
138 for (i=0; i<x->key_arg_length; i++)
139 {
140 if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
141 }
142 if (x->compress_meth != 0)
143 {
144 SSL_COMP *comp;
145
146 ssl_cipher_get_evp(x,NULL,NULL,&comp);
147 if (comp == NULL)
148 {
149 if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
150 }
151 else
152 {
153 if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
154 }
155 }
156 if (x->time != 0L)
157 {
158 if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err;
159 }
160 if (x->timeout != 0L)
161 {
162 if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err;
163 }
164 if (BIO_puts(bp,"\n") <= 0) goto err;
165
166 if (BIO_puts(bp, " Verify return code: ") <= 0) goto err;
167 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
168 X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
169
170 return(1);
171err:
172 return(0);
173 }
174
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c
deleted file mode 100644
index 9745630a00..0000000000
--- a/src/lib/libssl/t1_clnt.c
+++ /dev/null
@@ -1,90 +0,0 @@
1/* ssl/t1_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include "ssl_locl.h"
65
66static SSL_METHOD *tls1_get_client_method(int ver);
67static SSL_METHOD *tls1_get_client_method(int ver)
68 {
69 if (ver == TLS1_VERSION)
70 return(TLSv1_client_method());
71 else
72 return(NULL);
73 }
74
75SSL_METHOD *TLSv1_client_method(void)
76 {
77 static int init=1;
78 static SSL_METHOD TLSv1_client_data;
79
80 if (init)
81 {
82 memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
83 sizeof(SSL_METHOD));
84 TLSv1_client_data.ssl_connect=ssl3_connect;
85 TLSv1_client_data.get_ssl_method=tls1_get_client_method;
86 init=0;
87 }
88 return(&TLSv1_client_data);
89 }
90
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
deleted file mode 100644
index a0758e9261..0000000000
--- a/src/lib/libssl/t1_enc.c
+++ /dev/null
@@ -1,648 +0,0 @@
1/* ssl/t1_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/comp.h>
61#include <openssl/md5.h>
62#include <openssl/sha.h>
63#include <openssl/evp.h>
64#include <openssl/hmac.h>
65#include "ssl_locl.h"
66
67static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
68 int sec_len, unsigned char *seed, int seed_len,
69 unsigned char *out, int olen)
70 {
71 int chunk,n;
72 unsigned int j;
73 HMAC_CTX ctx;
74 HMAC_CTX ctx_tmp;
75 unsigned char A1[HMAC_MAX_MD_CBLOCK];
76 unsigned int A1_len;
77
78 chunk=EVP_MD_size(md);
79
80 HMAC_Init(&ctx,sec,sec_len,md);
81 HMAC_Update(&ctx,seed,seed_len);
82 HMAC_Final(&ctx,A1,&A1_len);
83
84 n=0;
85 for (;;)
86 {
87 HMAC_Init(&ctx,NULL,0,NULL); /* re-init */
88 HMAC_Update(&ctx,A1,A1_len);
89 memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */
90 HMAC_Update(&ctx,seed,seed_len);
91
92 if (olen > chunk)
93 {
94 HMAC_Final(&ctx,out,&j);
95 out+=j;
96 olen-=j;
97 HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
98 }
99 else /* last one */
100 {
101 HMAC_Final(&ctx,A1,&A1_len);
102 memcpy(out,A1,olen);
103 break;
104 }
105 }
106 HMAC_cleanup(&ctx);
107 HMAC_cleanup(&ctx_tmp);
108 memset(A1,0,sizeof(A1));
109 }
110
111static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
112 unsigned char *label, int label_len,
113 const unsigned char *sec, int slen, unsigned char *out1,
114 unsigned char *out2, int olen)
115 {
116 int len,i;
117 const unsigned char *S1,*S2;
118
119 len=slen/2;
120 S1=sec;
121 S2= &(sec[len]);
122 len+=(slen&1); /* add for odd, make longer */
123
124
125 tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
126 tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
127
128 for (i=0; i<olen; i++)
129 out1[i]^=out2[i];
130 }
131
132static void tls1_generate_key_block(SSL *s, unsigned char *km,
133 unsigned char *tmp, int num)
134 {
135 unsigned char *p;
136 unsigned char buf[SSL3_RANDOM_SIZE*2+
137 TLS_MD_MAX_CONST_SIZE];
138 p=buf;
139
140 memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
141 TLS_MD_KEY_EXPANSION_CONST_SIZE);
142 p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
143 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
144 p+=SSL3_RANDOM_SIZE;
145 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
146 p+=SSL3_RANDOM_SIZE;
147
148 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
149 s->session->master_key,s->session->master_key_length,
150 km,tmp,num);
151 }
152
153int tls1_change_cipher_state(SSL *s, int which)
154 {
155 static const unsigned char empty[]="";
156 unsigned char *p,*key_block,*mac_secret;
157 unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
158 SSL3_RANDOM_SIZE*2];
159 unsigned char tmp1[EVP_MAX_KEY_LENGTH];
160 unsigned char tmp2[EVP_MAX_KEY_LENGTH];
161 unsigned char iv1[EVP_MAX_IV_LENGTH*2];
162 unsigned char iv2[EVP_MAX_IV_LENGTH*2];
163 unsigned char *ms,*key,*iv,*er1,*er2;
164 int client_write;
165 EVP_CIPHER_CTX *dd;
166 const EVP_CIPHER *c;
167 const SSL_COMP *comp;
168 const EVP_MD *m;
169 int _exp,n,i,j,k,exp_label_len,cl;
170
171 _exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
172 c=s->s3->tmp.new_sym_enc;
173 m=s->s3->tmp.new_hash;
174 comp=s->s3->tmp.new_compression;
175 key_block=s->s3->tmp.key_block;
176
177 if (which & SSL3_CC_READ)
178 {
179 if ((s->enc_read_ctx == NULL) &&
180 ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
181 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
182 goto err;
183 dd= s->enc_read_ctx;
184 s->read_hash=m;
185 if (s->expand != NULL)
186 {
187 COMP_CTX_free(s->expand);
188 s->expand=NULL;
189 }
190 if (comp != NULL)
191 {
192 s->expand=COMP_CTX_new(comp->method);
193 if (s->expand == NULL)
194 {
195 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
196 goto err2;
197 }
198 if (s->s3->rrec.comp == NULL)
199 s->s3->rrec.comp=(unsigned char *)
200 OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
201 if (s->s3->rrec.comp == NULL)
202 goto err;
203 }
204 memset(&(s->s3->read_sequence[0]),0,8);
205 mac_secret= &(s->s3->read_mac_secret[0]);
206 }
207 else
208 {
209 if ((s->enc_write_ctx == NULL) &&
210 ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
211 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
212 goto err;
213 dd= s->enc_write_ctx;
214 s->write_hash=m;
215 if (s->compress != NULL)
216 {
217 COMP_CTX_free(s->compress);
218 s->compress=NULL;
219 }
220 if (comp != NULL)
221 {
222 s->compress=COMP_CTX_new(comp->method);
223 if (s->compress == NULL)
224 {
225 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
226 goto err2;
227 }
228 }
229 memset(&(s->s3->write_sequence[0]),0,8);
230 mac_secret= &(s->s3->write_mac_secret[0]);
231 }
232
233 EVP_CIPHER_CTX_init(dd);
234
235 p=s->s3->tmp.key_block;
236 i=EVP_MD_size(m);
237 cl=EVP_CIPHER_key_length(c);
238 j=_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
239 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
240 /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
241 k=EVP_CIPHER_iv_length(c);
242 er1= &(s->s3->client_random[0]);
243 er2= &(s->s3->server_random[0]);
244 if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
245 (which == SSL3_CHANGE_CIPHER_SERVER_READ))
246 {
247 ms= &(p[ 0]); n=i+i;
248 key= &(p[ n]); n+=j+j;
249 iv= &(p[ n]); n+=k+k;
250 exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
251 exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
252 client_write=1;
253 }
254 else
255 {
256 n=i;
257 ms= &(p[ n]); n+=i+j;
258 key= &(p[ n]); n+=j+k;
259 iv= &(p[ n]); n+=k;
260 exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
261 exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
262 client_write=0;
263 }
264
265 if (n > s->s3->tmp.key_block_length)
266 {
267 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR);
268 goto err2;
269 }
270
271 memcpy(mac_secret,ms,i);
272#ifdef TLS_DEBUG
273printf("which = %04X\nmac key=",which);
274{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
275#endif
276 if (_exp)
277 {
278 /* In here I set both the read and write key/iv to the
279 * same value since only the correct one will be used :-).
280 */
281 p=buf;
282 memcpy(p,exp_label,exp_label_len);
283 p+=exp_label_len;
284 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
285 p+=SSL3_RANDOM_SIZE;
286 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
287 p+=SSL3_RANDOM_SIZE;
288 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
289 tmp1,tmp2,EVP_CIPHER_key_length(c));
290 key=tmp1;
291
292 if (k > 0)
293 {
294 p=buf;
295 memcpy(p,TLS_MD_IV_BLOCK_CONST,
296 TLS_MD_IV_BLOCK_CONST_SIZE);
297 p+=TLS_MD_IV_BLOCK_CONST_SIZE;
298 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
299 p+=SSL3_RANDOM_SIZE;
300 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
301 p+=SSL3_RANDOM_SIZE;
302 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
303 iv1,iv2,k*2);
304 if (client_write)
305 iv=iv1;
306 else
307 iv= &(iv1[k]);
308 }
309 }
310
311 s->session->key_arg_length=0;
312
313 EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
314#ifdef TLS_DEBUG
315printf("which = %04X\nkey=",which);
316{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
317printf("\niv=");
318{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
319printf("\n");
320#endif
321
322 memset(tmp1,0,sizeof(tmp1));
323 memset(tmp2,0,sizeof(tmp1));
324 memset(iv1,0,sizeof(iv1));
325 memset(iv2,0,sizeof(iv2));
326 return(1);
327err:
328 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
329err2:
330 return(0);
331 }
332
333int tls1_setup_key_block(SSL *s)
334 {
335 unsigned char *p1,*p2;
336 const EVP_CIPHER *c;
337 const EVP_MD *hash;
338 int num;
339 SSL_COMP *comp;
340
341 if (s->s3->tmp.key_block_length != 0)
342 return(1);
343
344 if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
345 {
346 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
347 return(0);
348 }
349
350 s->s3->tmp.new_sym_enc=c;
351 s->s3->tmp.new_hash=hash;
352
353 num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
354 num*=2;
355
356 ssl3_cleanup_key_block(s);
357
358 if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
359 goto err;
360 if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
361 goto err;
362
363 s->s3->tmp.key_block_length=num;
364 s->s3->tmp.key_block=p1;
365
366
367#ifdef TLS_DEBUG
368printf("client random\n");
369{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
370printf("server random\n");
371{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
372printf("pre-master\n");
373{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
374#endif
375 tls1_generate_key_block(s,p1,p2,num);
376 memset(p2,0,num);
377 OPENSSL_free(p2);
378#ifdef TLS_DEBUG
379printf("\nkey block\n");
380{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
381#endif
382
383 return(1);
384err:
385 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
386 return(0);
387 }
388
389int tls1_enc(SSL *s, int send)
390 {
391 SSL3_RECORD *rec;
392 EVP_CIPHER_CTX *ds;
393 unsigned long l;
394 int bs,i,ii,j,k,n=0;
395 const EVP_CIPHER *enc;
396
397 if (send)
398 {
399 if (s->write_hash != NULL)
400 n=EVP_MD_size(s->write_hash);
401 ds=s->enc_write_ctx;
402 rec= &(s->s3->wrec);
403 if (s->enc_write_ctx == NULL)
404 enc=NULL;
405 else
406 enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
407 }
408 else
409 {
410 if (s->read_hash != NULL)
411 n=EVP_MD_size(s->read_hash);
412 ds=s->enc_read_ctx;
413 rec= &(s->s3->rrec);
414 if (s->enc_read_ctx == NULL)
415 enc=NULL;
416 else
417 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
418 }
419
420 if ((s->session == NULL) || (ds == NULL) ||
421 (enc == NULL))
422 {
423 memmove(rec->data,rec->input,rec->length);
424 rec->input=rec->data;
425 }
426 else
427 {
428 l=rec->length;
429 bs=EVP_CIPHER_block_size(ds->cipher);
430
431 if ((bs != 1) && send)
432 {
433 i=bs-((int)l%bs);
434
435 /* Add weird padding of upto 256 bytes */
436
437 /* we need to add 'i' padding bytes of value j */
438 j=i-1;
439 if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
440 {
441 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
442 j++;
443 }
444 for (k=(int)l; k<(int)(l+i); k++)
445 rec->input[k]=j;
446 l+=i;
447 rec->length+=i;
448 }
449
450 if (!send)
451 {
452 if (l == 0 || l%bs != 0)
453 {
454 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
455 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR);
456 return(0);
457 }
458 }
459
460 EVP_Cipher(ds,rec->data,rec->input,l);
461
462 if ((bs != 1) && !send)
463 {
464 ii=i=rec->data[l-1]; /* padding_length */
465 i++;
466 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
467 {
468 /* First packet is even in size, so check */
469 if ((memcmp(s->s3->read_sequence,
470 "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
471 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
472 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
473 i--;
474 }
475 /* TLS 1.0 does not bound the number of padding bytes by the block size.
476 * All of them must have value 'padding_length'. */
477 if (i > (int)rec->length)
478 {
479 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
480 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
481 return(0);
482 }
483 for (j=(int)(l-i); j<(int)l; j++)
484 {
485 if (rec->data[j] != ii)
486 {
487 SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED);
488 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
489 return(0);
490 }
491 }
492 rec->length-=i;
493 }
494 }
495 return(1);
496 }
497
498int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
499 {
500 unsigned int ret;
501 EVP_MD_CTX ctx;
502
503 EVP_MD_CTX_copy(&ctx,in_ctx);
504 EVP_DigestFinal(&ctx,out,&ret);
505 return((int)ret);
506 }
507
508int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
509 const char *str, int slen, unsigned char *out)
510 {
511 unsigned int i;
512 EVP_MD_CTX ctx;
513 unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
514 unsigned char *q,buf2[12];
515
516 q=buf;
517 memcpy(q,str,slen);
518 q+=slen;
519
520 EVP_MD_CTX_copy(&ctx,in1_ctx);
521 EVP_DigestFinal(&ctx,q,&i);
522 q+=i;
523 EVP_MD_CTX_copy(&ctx,in2_ctx);
524 EVP_DigestFinal(&ctx,q,&i);
525 q+=i;
526
527 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
528 s->session->master_key,s->session->master_key_length,
529 out,buf2,12);
530 memset(&ctx,0,sizeof(EVP_MD_CTX));
531
532 return((int)12);
533 }
534
535int tls1_mac(SSL *ssl, unsigned char *md, int send)
536 {
537 SSL3_RECORD *rec;
538 unsigned char *mac_sec,*seq;
539 const EVP_MD *hash;
540 unsigned int md_size;
541 int i;
542 HMAC_CTX hmac;
543 unsigned char buf[5];
544
545 if (send)
546 {
547 rec= &(ssl->s3->wrec);
548 mac_sec= &(ssl->s3->write_mac_secret[0]);
549 seq= &(ssl->s3->write_sequence[0]);
550 hash=ssl->write_hash;
551 }
552 else
553 {
554 rec= &(ssl->s3->rrec);
555 mac_sec= &(ssl->s3->read_mac_secret[0]);
556 seq= &(ssl->s3->read_sequence[0]);
557 hash=ssl->read_hash;
558 }
559
560 md_size=EVP_MD_size(hash);
561
562 buf[0]=rec->type;
563 buf[1]=TLS1_VERSION_MAJOR;
564 buf[2]=TLS1_VERSION_MINOR;
565 buf[3]=rec->length>>8;
566 buf[4]=rec->length&0xff;
567
568 /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
569 HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash);
570 HMAC_Update(&hmac,seq,8);
571 HMAC_Update(&hmac,buf,5);
572 HMAC_Update(&hmac,rec->input,rec->length);
573 HMAC_Final(&hmac,md,&md_size);
574
575#ifdef TLS_DEBUG
576printf("sec=");
577{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
578printf("seq=");
579{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
580printf("buf=");
581{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
582printf("rec=");
583{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
584#endif
585
586 for (i=7; i>=0; i--)
587 {
588 ++seq[i];
589 if (seq[i] != 0) break;
590 }
591
592#ifdef TLS_DEBUG
593{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
594#endif
595 return(md_size);
596 }
597
598int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
599 int len)
600 {
601 unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
602 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
603
604 /* Setup the stuff to munge */
605 memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
606 TLS_MD_MASTER_SECRET_CONST_SIZE);
607 memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
608 s->s3->client_random,SSL3_RANDOM_SIZE);
609 memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
610 s->s3->server_random,SSL3_RANDOM_SIZE);
611 tls1_PRF(s->ctx->md5,s->ctx->sha1,
612 buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
613 s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE);
614 return(SSL3_MASTER_SECRET_SIZE);
615 }
616
617int tls1_alert_code(int code)
618 {
619 switch (code)
620 {
621 case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY);
622 case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
623 case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC);
624 case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED);
625 case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW);
626 case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
627 case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE);
628 case SSL_AD_NO_CERTIFICATE: return(-1);
629 case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE);
630 case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
631 case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
632 case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
633 case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
634 case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER);
635 case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA);
636 case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED);
637 case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR);
638 case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR);
639 case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION);
640 case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION);
641 case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
642 case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
643 case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
644 case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
645 default: return(-1);
646 }
647 }
648
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
deleted file mode 100644
index ca6c03d5af..0000000000
--- a/src/lib/libssl/t1_lib.c
+++ /dev/null
@@ -1,149 +0,0 @@
1/* ssl/t1_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
64
65static long tls1_default_timeout(void);
66
67static SSL3_ENC_METHOD TLSv1_enc_data={
68 tls1_enc,
69 tls1_mac,
70 tls1_setup_key_block,
71 tls1_generate_master_secret,
72 tls1_change_cipher_state,
73 tls1_final_finish_mac,
74 TLS1_FINISH_MAC_LENGTH,
75 tls1_cert_verify_mac,
76 TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
77 TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
78 tls1_alert_code,
79 };
80
81static SSL_METHOD TLSv1_data= {
82 TLS1_VERSION,
83 tls1_new,
84 tls1_clear,
85 tls1_free,
86 ssl_undefined_function,
87 ssl_undefined_function,
88 ssl3_read,
89 ssl3_peek,
90 ssl3_write,
91 ssl3_shutdown,
92 ssl3_renegotiate,
93 ssl3_renegotiate_check,
94 ssl3_ctrl,
95 ssl3_ctx_ctrl,
96 ssl3_get_cipher_by_char,
97 ssl3_put_cipher_by_char,
98 ssl3_pending,
99 ssl3_num_ciphers,
100 ssl3_get_cipher,
101 ssl_bad_method,
102 tls1_default_timeout,
103 &TLSv1_enc_data,
104 ssl_undefined_function,
105 ssl3_callback_ctrl,
106 ssl3_ctx_callback_ctrl,
107 };
108
109static long tls1_default_timeout(void)
110 {
111 /* 2 hours, the 24 hours mentioned in the TLSv1 spec
112 * is way too long for http, the cache would over fill */
113 return(60*60*2);
114 }
115
116SSL_METHOD *tlsv1_base_method(void)
117 {
118 return(&TLSv1_data);
119 }
120
121int tls1_new(SSL *s)
122 {
123 if (!ssl3_new(s)) return(0);
124 s->method->ssl_clear(s);
125 return(1);
126 }
127
128void tls1_free(SSL *s)
129 {
130 ssl3_free(s);
131 }
132
133void tls1_clear(SSL *s)
134 {
135 ssl3_clear(s);
136 s->version=TLS1_VERSION;
137 }
138
139#if 0
140long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
141 {
142 return(0);
143 }
144
145long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
146 {
147 return(0);
148 }
149#endif
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c
deleted file mode 100644
index 9bb36a7d1c..0000000000
--- a/src/lib/libssl/t1_meth.c
+++ /dev/null
@@ -1,88 +0,0 @@
1/* ssl/t1_meth.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63static SSL_METHOD *tls1_get_method(int ver);
64static SSL_METHOD *tls1_get_method(int ver)
65 {
66 if (ver == TLS1_VERSION)
67 return(TLSv1_method());
68 else
69 return(NULL);
70 }
71
72SSL_METHOD *TLSv1_method(void)
73 {
74 static int init=1;
75 static SSL_METHOD TLSv1_data;
76
77 if (init)
78 {
79 memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
80 sizeof(SSL_METHOD));
81 TLSv1_data.ssl_connect=ssl3_connect;
82 TLSv1_data.ssl_accept=ssl3_accept;
83 TLSv1_data.get_ssl_method=tls1_get_method;
84 init=0;
85 }
86 return(&TLSv1_data);
87 }
88
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c
deleted file mode 100644
index 996b7ca8e2..0000000000
--- a/src/lib/libssl/t1_srvr.c
+++ /dev/null
@@ -1,91 +0,0 @@
1/* ssl/t1_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include <openssl/rand.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include "ssl_locl.h"
66
67static SSL_METHOD *tls1_get_server_method(int ver);
68static SSL_METHOD *tls1_get_server_method(int ver)
69 {
70 if (ver == TLS1_VERSION)
71 return(TLSv1_server_method());
72 else
73 return(NULL);
74 }
75
76SSL_METHOD *TLSv1_server_method(void)
77 {
78 static int init=1;
79 static SSL_METHOD TLSv1_server_data;
80
81 if (init)
82 {
83 memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
84 sizeof(SSL_METHOD));
85 TLSv1_server_data.ssl_accept=ssl3_accept;
86 TLSv1_server_data.get_ssl_method=tls1_get_server_method;
87 init=0;
88 }
89 return(&TLSv1_server_data);
90 }
91
diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf
deleted file mode 100644
index b941b7ae15..0000000000
--- a/src/lib/libssl/test/CAss.cnf
+++ /dev/null
@@ -1,25 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ req ]
10default_bits = 512
11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no
14default_md = sha1
15
16[ req_distinguished_name ]
17countryName = Country Name (2 letter code)
18countryName_default = AU
19countryName_value = AU
20
21organizationName = Organization Name (eg, company)
22organizationName_value = Dodgy Brothers
23
24commonName = Common Name (eg, YOUR name)
25commonName_value = Dodgy CA
diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf
deleted file mode 100644
index 4e0a908679..0000000000
--- a/src/lib/libssl/test/CAssdh.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DH certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = CU
17countryName_value = CU
18
19organizationName = Organization Name (eg, company)
20organizationName_value = La Junta de la Revolucion
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Junta
24
diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf
deleted file mode 100644
index a6b4d1810c..0000000000
--- a/src/lib/libssl/test/CAssdsa.cnf
+++ /dev/null
@@ -1,23 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DSA certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Hermanos Locos
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Hermanos Locos CA
diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf
deleted file mode 100644
index eb24a6dfc0..0000000000
--- a/src/lib/libssl/test/CAssrsa.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# create RSA certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Hermanos Locos
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Hermanos Locos CA
24
diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf
deleted file mode 100644
index 8e170a28ef..0000000000
--- a/src/lib/libssl/test/Sssdsa.cnf
+++ /dev/null
@@ -1,27 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DSA certs - Server
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Tortilleras S.A.
21
220.commonName = Common Name (eg, YOUR name)
230.commonName_value = Torti
24
251.commonName = Common Name (eg, YOUR name)
261.commonName_value = Gordita
27
diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf
deleted file mode 100644
index 8c79a03fca..0000000000
--- a/src/lib/libssl/test/Sssrsa.cnf
+++ /dev/null
@@ -1,26 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# create RSA certs - Server
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Tortilleras S.A.
21
220.commonName = Common Name (eg, YOUR name)
230.commonName_value = Torti
24
251.commonName = Common Name (eg, YOUR name)
261.commonName_value = Gordita
diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf
deleted file mode 100644
index c89692d519..0000000000
--- a/src/lib/libssl/test/Uss.cnf
+++ /dev/null
@@ -1,28 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ req ]
10default_bits = 512
11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no
14default_md = md2
15
16[ req_distinguished_name ]
17countryName = Country Name (2 letter code)
18countryName_default = AU
19countryName_value = AU
20
21organizationName = Organization Name (eg, company)
22organizationName_value = Dodgy Brothers
23
240.commonName = Common Name (eg, YOUR name)
250.commonName_value = Brother 1
26
271.commonName = Common Name (eg, YOUR name)
281.commonName_value = Brother 2
diff --git a/src/lib/libssl/test/VMSca-response.1 b/src/lib/libssl/test/VMSca-response.1
deleted file mode 100644
index 8b13789179..0000000000
--- a/src/lib/libssl/test/VMSca-response.1
+++ /dev/null
@@ -1 +0,0 @@
1
diff --git a/src/lib/libssl/test/VMSca-response.2 b/src/lib/libssl/test/VMSca-response.2
deleted file mode 100644
index 9b48ee4cf9..0000000000
--- a/src/lib/libssl/test/VMSca-response.2
+++ /dev/null
@@ -1,2 +0,0 @@
1y
2y
diff --git a/src/lib/libssl/test/bctest b/src/lib/libssl/test/bctest
deleted file mode 100644
index bdb3218f7a..0000000000
--- a/src/lib/libssl/test/bctest
+++ /dev/null
@@ -1,111 +0,0 @@
1#!/bin/sh
2
3# This script is used by test/Makefile.ssl to check whether a sane 'bc'
4# is installed.
5# ('make test_bn' should not try to run 'bc' if it does not exist or if
6# it is a broken 'bc' version that is known to cause trouble.)
7#
8# If 'bc' works, we also test if it knows the 'print' command.
9#
10# In any case, output an appropriate command line for running (or not
11# running) bc.
12
13
14IFS=:
15try_without_dir=true
16# First we try "bc", then "$dir/bc" for each item in $PATH.
17for dir in dummy:$PATH; do
18 if [ "$try_without_dir" = true ]; then
19 # first iteration
20 bc=bc
21 try_without_dir=false
22 else
23 # second and later iterations
24 bc="$dir/bc"
25 if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix
26 bc=''
27 fi
28 fi
29
30 if [ ! "$bc" = '' ]; then
31 failure=none
32
33
34 # Test for SunOS 5.[78] bc bug
35 "$bc" >tmp.bctest <<\EOF
36obase=16
37ibase=16
38a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
39CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
4010F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
41C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
423BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
434FC3CADF855448B24A9D7640BCF473E
44b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
459209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
468B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
473ED0E2017D60A68775B75481449
48(a/b)*b + (a%b) - a
49EOF
50 if [ 0 != "`cat tmp.bctest`" ]; then
51 failure=SunOStest
52 fi
53
54
55 if [ "$failure" = none ]; then
56 # Test for SCO bc bug.
57 "$bc" >tmp.bctest <<\EOF
58obase=16
59ibase=16
60-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
619DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
6211B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
631239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
64AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
65F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
66B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
6702EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
6885EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
69A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
70E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
718C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
7204E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
7389C8D71
74AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
75928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
768A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
7737F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
78E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
79F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
809E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
81D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
825296964
83EOF
84 if [ "0
850" != "`cat tmp.bctest`" ]; then
86 failure=SCOtest
87 fi
88 fi
89
90
91 if [ "$failure" = none ]; then
92 # bc works; now check if it knows the 'print' command.
93 if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
94 then
95 echo "$bc"
96 else
97 echo "sed 's/print.*//' | $bc"
98 fi
99 exit 0
100 fi
101
102 echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2
103 fi
104done
105
106echo "No working bc found. Consider installing GNU bc." >&2
107if [ "$1" = ignore ]; then
108 echo "cat >/dev/null"
109 exit 0
110fi
111exit 1
diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c
deleted file mode 100644
index 06ccb3b310..0000000000
--- a/src/lib/libssl/test/methtest.c
+++ /dev/null
@@ -1,105 +0,0 @@
1/* test/methtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/rsa.h>
62#include <openssl/x509.h>
63#include "meth.h"
64#include <openssl/err.h>
65
66int main(argc,argv)
67int argc;
68char *argv[];
69 {
70 METHOD_CTX *top,*tmp1,*tmp2;
71
72 top=METH_new(x509_lookup()); /* get a top level context */
73 if (top == NULL) goto err;
74
75 tmp1=METH_new(x509_by_file());
76 if (top == NULL) goto err;
77 METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
78 METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
79 METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
80
81 tmp2=METH_new(x509_by_dir());
82 METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
83 METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
84 METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
85 METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
86
87/* tmp=METH_new(x509_by_issuer_dir);
88 METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
89 METH_push(top,METH_X509_BY_ISSUER,tmp);
90
91 tmp=METH_new(x509_by_issuer_primary);
92 METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
93 METH_push(top,METH_X509_BY_ISSUER,tmp);
94*/
95
96 METH_init(top);
97 METH_control(tmp1,METH_CONTROL_DUMP,stdout);
98 METH_control(tmp2,METH_CONTROL_DUMP,stdout);
99 exit(0);
100err:
101 ERR_load_crypto_strings();
102 ERR_print_errors_fp(stderr);
103 exit(1);
104 return(0);
105 }
diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem
deleted file mode 100644
index c47b27af88..0000000000
--- a/src/lib/libssl/test/pkcs7-1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
1-----BEGIN PKCS7-----
2MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
3SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
4AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
5eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
6MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
7bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
8ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
9FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
109XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
11BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
12bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
13BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
14j7Kie1x339mxW/w9VZNTUDQQweHh
15-----END PKCS7-----
diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem
deleted file mode 100644
index d55c60b94e..0000000000
--- a/src/lib/libssl/test/pkcs7.pem
+++ /dev/null
@@ -1,54 +0,0 @@
1 MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
2 AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
3 EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
4 cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
5 ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
6 MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
7 c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
8 bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
9 CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
10 Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
11 CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
12 ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
13 l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
14 HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
15 Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
16 c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
17 YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
18 dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
19 dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
20 LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
21 ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
22 biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
23 IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
24 AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
25 L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
26 HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
27 slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
28 ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
29 /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
30 aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
31 ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
32 OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
33 MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
34 Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
35 qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
36 sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
37 P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
38 A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
39 KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
40 Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
41 Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
42 hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
43 Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
44 dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
45 KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
46 dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
47 I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
48 ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
49 ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
50 ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
51 MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
52 /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
53 DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
54 b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c
deleted file mode 100644
index a172e393ca..0000000000
--- a/src/lib/libssl/test/r160test.c
+++ /dev/null
@@ -1,57 +0,0 @@
1/* test/r160test.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl
deleted file mode 100644
index acaf8f3c47..0000000000
--- a/src/lib/libssl/test/tcrl
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl crl'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testcrl.pem
12fi
13
14echo testing crl conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20#echo "p -> t"
21#$cmd -in fff.p -inform p -outform t >f.t
22#if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30#echo "t -> d"
31#$cmd -in f.t -inform t -outform d >ff.d2
32#if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37#echo "d -> t"
38#$cmd -in f.d -inform d -outform t >ff.t1
39#if [ $? != 0 ]; then exit 1; fi
40#echo "t -> t"
41#$cmd -in f.t -inform t -outform t >ff.t2
42#if [ $? != 0 ]; then exit 1; fi
43#echo "p -> t"
44#$cmd -in f.p -inform p -outform t >ff.t3
45#if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50#echo "t -> p"
51#$cmd -in f.t -inform t -outform p >ff.p2
52#if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61#cmp fff.p ff.p2
62#if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66#cmp f.t ff.t1
67#if [ $? != 0 ]; then exit 1; fi
68#cmp f.t ff.t2
69#if [ $? != 0 ]; then exit 1; fi
70#cmp f.t ff.t3
71#if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75#cmp f.p ff.p2
76#if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf
deleted file mode 100644
index faad3914a8..0000000000
--- a/src/lib/libssl/test/test.cnf
+++ /dev/null
@@ -1,88 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ ca ]
10default_ca = CA_default # The default ca section
11
12####################################################################
13[ CA_default ]
14
15dir = ./demoCA # Where everything is kept
16certs = $dir/certs # Where the issued certs are kept
17crl_dir = $dir/crl # Where the issued crl are kept
18database = $dir/index.txt # database index file.
19new_certs_dir = $dir/new_certs # default place for new certs.
20
21certificate = $dir/CAcert.pem # The CA certificate
22serial = $dir/serial # The current serial number
23crl = $dir/crl.pem # The current CRL
24private_key = $dir/private/CAkey.pem# The private key
25RANDFILE = $dir/private/.rand # private random number file
26
27default_days = 365 # how long to certify for
28default_crl_days= 30 # how long before next CRL
29default_md = md5 # which md to use.
30
31# A few difference way of specifying how similar the request should look
32# For type CA, the listed attributes must be the same, and the optional
33# and supplied fields are just that :-)
34policy = policy_match
35
36# For the CA policy
37[ policy_match ]
38countryName = match
39stateOrProvinceName = match
40organizationName = match
41organizationalUnitName = optional
42commonName = supplied
43emailAddress = optional
44
45# For the 'anything' policy
46# At this point in time, you must list all acceptable 'object'
47# types.
48[ policy_anything ]
49countryName = optional
50stateOrProvinceName = optional
51localityName = optional
52organizationName = optional
53organizationalUnitName = optional
54commonName = supplied
55emailAddress = optional
56
57####################################################################
58[ req ]
59default_bits = 512
60default_keyfile = testkey.pem
61distinguished_name = req_distinguished_name
62encrypt_rsa_key = no
63
64[ req_distinguished_name ]
65countryName = Country Name (2 letter code)
66countryName_default = AU
67countryName_value = AU
68
69stateOrProvinceName = State or Province Name (full name)
70stateOrProvinceName_default = Queensland
71stateOrProvinceName_value =
72
73localityName = Locality Name (eg, city)
74localityName_value = Brisbane
75
76organizationName = Organization Name (eg, company)
77organizationName_default =
78organizationName_value = CryptSoft Pty Ltd
79
80organizationalUnitName = Organizational Unit Name (eg, section)
81organizationalUnitName_default =
82organizationalUnitName_value = .
83
84commonName = Common Name (eg, YOUR name)
85commonName_value = Eric Young
86
87emailAddress = Email Address
88emailAddress_value = eay@mincom.oz.au
diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca
deleted file mode 100644
index 88c186b6ab..0000000000
--- a/src/lib/libssl/test/testca
+++ /dev/null
@@ -1,44 +0,0 @@
1#!/bin/sh
2
3SH="/bin/sh"
4PATH=../apps:$PATH
5export SH PATH
6
7SSLEAY_CONFIG="-config CAss.cnf"
8export SSLEAY_CONFIG
9
10/bin/rm -fr demoCA
11$SH ../apps/CA.sh -newca <<EOF
12EOF
13
14if [ $? != 0 ]; then
15 exit 1;
16fi
17
18SSLEAY_CONFIG="-config Uss.cnf"
19export SSLEAY_CONFIG
20$SH ../apps/CA.sh -newreq
21if [ $? != 0 ]; then
22 exit 1;
23fi
24
25
26SSLEAY_CONFIG="-config ../apps/openssl.cnf"
27export SSLEAY_CONFIG
28$SH ../apps/CA.sh -sign <<EOF
29y
30y
31EOF
32if [ $? != 0 ]; then
33 exit 1;
34fi
35
36
37$SH ../apps/CA.sh -verify newcert.pem
38if [ $? != 0 ]; then
39 exit 1;
40fi
41
42/bin/rm -fr demoCA newcert.pem newreq.pem
43#usage: CA -newcert|-newreq|-newca|-sign|-verify
44
diff --git a/src/lib/libssl/test/testcrl.pem b/src/lib/libssl/test/testcrl.pem
deleted file mode 100644
index 0989788354..0000000000
--- a/src/lib/libssl/test/testcrl.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN X509 CRL-----
2MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
3F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
4IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
5MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
6MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
7MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
8MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
9MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
10MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
11NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
12NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
13AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
14wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
15JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
16-----END X509 CRL-----
diff --git a/src/lib/libssl/test/testenc b/src/lib/libssl/test/testenc
deleted file mode 100644
index 0656c7f525..0000000000
--- a/src/lib/libssl/test/testenc
+++ /dev/null
@@ -1,54 +0,0 @@
1#!/bin/sh
2
3testsrc=Makefile.ssl
4test=./p
5cmd=../apps/openssl
6
7cat $testsrc >$test;
8
9echo cat
10$cmd enc < $test > $test.cipher
11$cmd enc < $test.cipher >$test.clear
12cmp $test $test.clear
13if [ $? != 0 ]
14then
15 exit 1
16else
17 /bin/rm $test.cipher $test.clear
18fi
19echo base64
20$cmd enc -a -e < $test > $test.cipher
21$cmd enc -a -d < $test.cipher >$test.clear
22cmp $test $test.clear
23if [ $? != 0 ]
24then
25 exit 1
26else
27 /bin/rm $test.cipher $test.clear
28fi
29
30for i in `$cmd list-cipher-commands`
31do
32 echo $i
33 $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
34 $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
35 cmp $test $test.$i.clear
36 if [ $? != 0 ]
37 then
38 exit 1
39 else
40 /bin/rm $test.$i.cipher $test.$i.clear
41 fi
42
43 echo $i base64
44 $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
45 $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
46 cmp $test $test.$i.clear
47 if [ $? != 0 ]
48 then
49 exit 1
50 else
51 /bin/rm $test.$i.cipher $test.$i.clear
52 fi
53done
54rm -f $test
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen
deleted file mode 100644
index c5f61b582b..0000000000
--- a/src/lib/libssl/test/testgen
+++ /dev/null
@@ -1,32 +0,0 @@
1#!/bin/sh
2
3T=testcert
4KEY=512
5CA=../certs/testca.pem
6
7/bin/rm -f $T.1 $T.2 $T.key
8
9PATH=../apps:$PATH;
10export PATH
11
12echo "generating certificate request"
13
14echo "There should be a 2 sequences of .'s and some +'s."
15echo "There should not be more that at most 80 per line"
16echo "This could take some time."
17
18echo "string to make the random number generator think it has entropy" >> ./.rnd
19
20../apps/openssl req -config test.cnf -new -out testreq.pem
21if [ $? != 0 ]; then
22echo problems creating request
23exit 1
24fi
25
26../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
27if [ $? != 0 ]; then
28echo signature on req is wrong
29exit 1
30fi
31
32exit 0
diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem
deleted file mode 100644
index e5b7866c31..0000000000
--- a/src/lib/libssl/test/testp7.pem
+++ /dev/null
@@ -1,46 +0,0 @@
1-----BEGIN PKCS7-----
2MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
3cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
4DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
5BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
6HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
7ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
8biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
9aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
10aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
11VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
12UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
13AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
14BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
15ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
16IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
17bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
18L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
19OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
20IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
21ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
22cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
23QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
24MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
25AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
26cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
27AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
28MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
29QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
30dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
31Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
32DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
33TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
34AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
352d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
3647ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
37MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
38QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
39AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
40ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
41BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
42ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
43MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
44sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
45XfZsaiiIgotQHjEA
46-----END PKCS7-----
diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem
deleted file mode 100644
index c3cdcffcbc..0000000000
--- a/src/lib/libssl/test/testreq2.pem
+++ /dev/null
@@ -1,7 +0,0 @@
1-----BEGIN CERTIFICATE REQUEST-----
2MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
3QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
4DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
5hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
6gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
7-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem
deleted file mode 100644
index aad21067a8..0000000000
--- a/src/lib/libssl/test/testrsa.pem
+++ /dev/null
@@ -1,9 +0,0 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
3Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
4rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
5oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
6mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
7rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
8mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
9-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem
deleted file mode 100644
index 7ffd008f66..0000000000
--- a/src/lib/libssl/test/testsid.pem
+++ /dev/null
@@ -1,12 +0,0 @@
1-----BEGIN SSL SESSION PARAMETERS-----
2MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
3bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
4ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
5YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
6A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
7LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
8CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
9TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
10hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
11CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
12-----END SSL SESSION PARAMETERS-----
diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss
deleted file mode 100644
index da62997a5f..0000000000
--- a/src/lib/libssl/test/testss
+++ /dev/null
@@ -1,90 +0,0 @@
1#!/bin/sh
2
3digest='-mdc2'
4reqcmd="../apps/openssl req"
5x509cmd="../apps/openssl x509 $digest"
6verifycmd="../apps/openssl verify"
7dummycnf="../apps/openssl.cnf"
8
9CAkey="keyCA.ss"
10CAcert="certCA.ss"
11CAreq="reqCA.ss"
12CAconf="CAss.cnf"
13CAreq2="req2CA.ss" # temp
14
15Uconf="Uss.cnf"
16Ukey="keyU.ss"
17Ureq="reqU.ss"
18Ucert="certU.ss"
19
20echo
21echo "make a certificate request using 'req'"
22$reqcmd -config $CAconf -out $CAreq -keyout $CAkey -new #>err.ss
23if [ $? != 0 ]; then
24 echo "error using 'req' to generate a certificate request"
25 exit 1
26fi
27echo
28echo "convert the certificate request into a self signed certificate using 'x509'"
29$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
30if [ $? != 0 ]; then
31 echo "error using 'x509' to self sign a certificate request"
32 exit 1
33fi
34
35echo
36echo "convert a certificate into a certificate request using 'x509'"
37$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
38if [ $? != 0 ]; then
39 echo "error using 'x509' convert a certificate to a certificate request"
40 exit 1
41fi
42
43$reqcmd -config $dummycnf -verify -in $CAreq -noout
44if [ $? != 0 ]; then
45 echo first generated request is invalid
46 exit 1
47fi
48
49$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
50if [ $? != 0 ]; then
51 echo second generated request is invalid
52 exit 1
53fi
54
55$verifycmd -CAfile $CAcert $CAcert
56if [ $? != 0 ]; then
57 echo first generated cert is invalid
58 exit 1
59fi
60
61echo
62echo "make another certificate request using 'req'"
63$reqcmd -config $Uconf -out $Ureq -keyout $Ukey -new >err.ss
64if [ $? != 0 ]; then
65 echo "error using 'req' to generate a certificate request"
66 exit 1
67fi
68
69echo
70echo "sign certificate request with the just created CA via 'x509'"
71$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
72if [ $? != 0 ]; then
73 echo "error using 'x509' to sign a certificate request"
74 exit 1
75fi
76
77$verifycmd -CAfile $CAcert $Ucert
78echo
79echo "Certificate details"
80$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
81
82echo
83echo The generated CA certificate is $CAcert
84echo The generated CA private key is $CAkey
85
86echo The generated user certificate is $Ucert
87echo The generated user private key is $Ukey
88
89/bin/rm err.ss
90exit 0
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
deleted file mode 100644
index a88e290c57..0000000000
--- a/src/lib/libssl/test/testssl
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/bin/sh
2
3echo test sslv2
4./ssltest -ssl2 || exit 1
5
6echo test sslv2 with server authentication
7./ssltest -ssl2 -server_auth -CApath ../certs || exit 1
8
9echo test sslv2 with client authentication
10./ssltest -ssl2 -client_auth -CApath ../certs || exit 1
11
12echo test sslv2 with both client and server authentication
13./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
14
15echo test sslv3
16./ssltest -ssl3 || exit 1
17
18echo test sslv3 with server authentication
19./ssltest -ssl3 -server_auth -CApath ../certs || exit 1
20
21echo test sslv3 with client authentication
22./ssltest -ssl3 -client_auth -CApath ../certs || exit 1
23
24echo test sslv3 with both client and server authentication
25./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
26
27echo test sslv2/sslv3
28./ssltest || exit 1
29
30echo test sslv2/sslv3 with server authentication
31./ssltest -server_auth -CApath ../certs || exit 1
32
33echo test sslv2/sslv3 with client authentication
34./ssltest -client_auth -CApath ../certs || exit 1
35
36echo test sslv2/sslv3 with both client and server authentication
37./ssltest -server_auth -client_auth -CApath ../certs || exit 1
38
39echo test sslv2 via BIO pair
40./ssltest -bio_pair -ssl2 || exit 1
41
42echo test sslv2 with server authentication via BIO pair
43./ssltest -bio_pair -ssl2 -server_auth -CApath ../certs || exit 1
44
45echo test sslv2 with client authentication via BIO pair
46./ssltest -bio_pair -ssl2 -client_auth -CApath ../certs || exit 1
47
48echo test sslv2 with both client and server authentication via BIO pair
49./ssltest -bio_pair -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
50
51echo test sslv3 via BIO pair
52./ssltest -bio_pair -ssl3 || exit 1
53
54echo test sslv3 with server authentication via BIO pair
55./ssltest -bio_pair -ssl3 -server_auth -CApath ../certs || exit 1
56
57echo test sslv3 with client authentication via BIO pair
58./ssltest -bio_pair -ssl3 -client_auth -CApath ../certs || exit 1
59
60echo test sslv3 with both client and server authentication via BIO pair
61./ssltest -bio_pair -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
62
63echo test sslv2/sslv3 via BIO pair
64./ssltest || exit 1
65
66echo test sslv2/sslv3 w/o DHE via BIO pair
67./ssltest -bio_pair -no_dhe || exit 1
68
69echo test sslv2/sslv3 with 1024bit DHE
70./ssltest -bio_pair -dhe1024 -v || exit 1
71
72echo test sslv2/sslv3 with server authentication
73./ssltest -bio_pair -server_auth -CApath ../certs || exit 1
74
75echo test sslv2/sslv3 with client authentication via BIO pair
76./ssltest -bio_pair -client_auth -CApath ../certs || exit 1
77
78echo test sslv2/sslv3 with both client and server authentication via BIO pair
79./ssltest -bio_pair -server_auth -client_auth -CApath ../certs || exit 1
80
81exit 0
diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem
deleted file mode 100644
index 8a85d14964..0000000000
--- a/src/lib/libssl/test/testx509.pem
+++ /dev/null
@@ -1,10 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
3BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
4MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
5RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
6AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
7/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
8Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
9zl9HYIMxATFyqSiD9jsx
10-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times
deleted file mode 100644
index 49aeebf216..0000000000
--- a/src/lib/libssl/test/times
+++ /dev/null
@@ -1,113 +0,0 @@
1
2More number for the questions about SSL overheads....
3
4The following numbers were generated on a pentium pro 200, running linux.
5They give an indication of the SSL protocol and encryption overheads.
6
7The program that generated them is an unreleased version of ssl/ssltest.c
8which is the SSLeay ssl protocol testing program. It is a single process that
9talks both sides of the SSL protocol via a non-blocking memory buffer
10interface.
11
12How do I read this? The protocol and cipher are reasonable obvious.
13The next number is the number of connections being made. The next is the
14number of bytes exchanged bewteen the client and server side of the protocol.
15This is the number of bytes that the client sends to the server, and then
16the server sends back. Because this is all happening in one process,
17the data is being encrypted, decrypted, encrypted and then decrypted again.
18It is a round trip of that many bytes. Because the one process performs
19both the client and server sides of the protocol and it sends this many bytes
20each direction, multiply this number by 4 to generate the number
21of bytes encrypted/decrypted/MACed. The first time value is how many seconds
22elapsed doing a full SSL handshake, the second is the cost of one
23full handshake and the rest being session-id reuse.
24
25SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
26SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
27SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
28SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
29SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
30SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
31SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
32
33SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
34SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
35SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
36SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
37SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
38SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
39
40SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
41SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
42SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
43SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
44SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
45SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
46SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
47
48SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
49SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
50SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
51SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
52SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
53SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
54SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
55
56What does this all mean? Well for a server, with no session-id reuse, with
57a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
58a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
59about 49 connections a second. Reality will be quite different :-).
60
61Remeber the first number is 1000 full ssl handshakes, the second is
621 full and 999 with session-id reuse. The RSA overheads for each exchange
63would be one public and one private operation, but the protocol/MAC/cipher
64cost would be quite similar in both the client and server.
65
66eric (adding numbers to speculation)
67
68--- Appendix ---
69- The time measured is user time but these number a very rough.
70- Remember this is the cost of both client and server sides of the protocol.
71- The TCP/kernal overhead of connection establishment is normally the
72 killer in SSL. Often delays in the TCP protocol will make session-id
73 reuse look slower that new sessions, but this would not be the case on
74 a loaded server.
75- The TCP round trip latencies, while slowing indervidual connections,
76 would have minimal impact on throughput.
77- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
78- the required number of bytes are processed.
79- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
80- A 512bit server key was being used except where noted.
81- No server key verification was being performed on the client side of the
82 protocol. This would slow things down very little.
83- The library being used is SSLeay 0.8.x.
84- The normal mesauring system was commands of the form
85 time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
86 This modified version of ssltest should be in the next public release of
87 SSLeay.
88
89The general cipher performace number for this platform are
90
91SSLeay 0.8.2a 04-Sep-1997
92built on Fri Sep 5 17:37:05 EST 1997
93options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
94C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
95The 'numbers' are in 1000s of bytes per second processed.
96type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
97md2 131.02k 368.41k 500.57k 549.21k 566.09k
98mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
99md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
100sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
101sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
102rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
103des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
104des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
105idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
106rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
107blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
108 sign verify
109rsa 512 bits 0.0100s 0.0011s
110rsa 1024 bits 0.0451s 0.0012s
111rsa 2048 bits 0.2605s 0.0086s
112rsa 4096 bits 1.6883s 0.0302s
113
diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7
deleted file mode 100644
index 15bbba42c0..0000000000
--- a/src/lib/libssl/test/tpkcs7
+++ /dev/null
@@ -1,51 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl pkcs7'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testp7.pem
12fi
13
14echo testing pkcs7 conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20echo "p -> p"
21$cmd -in fff.p -inform p -outform p >f.p
22if [ $? != 0 ]; then exit 1; fi
23
24echo "d -> d"
25$cmd -in f.d -inform d -outform d >ff.d1
26if [ $? != 0 ]; then exit 1; fi
27echo "p -> d"
28$cmd -in f.p -inform p -outform d >ff.d3
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> p"
32$cmd -in f.d -inform d -outform p >ff.p1
33if [ $? != 0 ]; then exit 1; fi
34echo "p -> p"
35$cmd -in f.p -inform p -outform p >ff.p3
36if [ $? != 0 ]; then exit 1; fi
37
38cmp fff.p f.p
39if [ $? != 0 ]; then exit 1; fi
40cmp fff.p ff.p1
41if [ $? != 0 ]; then exit 1; fi
42cmp fff.p ff.p3
43if [ $? != 0 ]; then exit 1; fi
44
45cmp f.p ff.p1
46if [ $? != 0 ]; then exit 1; fi
47cmp f.p ff.p3
48if [ $? != 0 ]; then exit 1; fi
49
50/bin/rm -f f.* ff.* fff.*
51exit 0
diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d
deleted file mode 100644
index 46e5aa2bd6..0000000000
--- a/src/lib/libssl/test/tpkcs7d
+++ /dev/null
@@ -1,44 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl pkcs7'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=pkcs7-1.pem
12fi
13
14echo "testing pkcs7 conversions (2)"
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20echo "p -> p"
21$cmd -in fff.p -inform p -outform p >f.p
22if [ $? != 0 ]; then exit 1; fi
23
24echo "d -> d"
25$cmd -in f.d -inform d -outform d >ff.d1
26if [ $? != 0 ]; then exit 1; fi
27echo "p -> d"
28$cmd -in f.p -inform p -outform d >ff.d3
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> p"
32$cmd -in f.d -inform d -outform p >ff.p1
33if [ $? != 0 ]; then exit 1; fi
34echo "p -> p"
35$cmd -in f.p -inform p -outform p >ff.p3
36if [ $? != 0 ]; then exit 1; fi
37
38cmp f.p ff.p1
39if [ $? != 0 ]; then exit 1; fi
40cmp f.p ff.p3
41if [ $? != 0 ]; then exit 1; fi
42
43/bin/rm -f f.* ff.* fff.*
44exit 0
diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq
deleted file mode 100644
index 0464c9d902..0000000000
--- a/src/lib/libssl/test/treq
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl req -config ../apps/openssl.cnf'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testreq.pem
12fi
13
14echo testing req conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20#echo "p -> t"
21#$cmd -in fff.p -inform p -outform t >f.t
22#if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -verify -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30#echo "t -> d"
31#$cmd -in f.t -inform t -outform d >ff.d2
32#if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -verify -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37#echo "d -> t"
38#$cmd -in f.d -inform d -outform t >ff.t1
39#if [ $? != 0 ]; then exit 1; fi
40#echo "t -> t"
41#$cmd -in f.t -inform t -outform t >ff.t2
42#if [ $? != 0 ]; then exit 1; fi
43#echo "p -> t"
44#$cmd -in f.p -inform p -outform t >ff.t3
45#if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50#echo "t -> p"
51#$cmd -in f.t -inform t -outform p >ff.p2
52#if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61#cmp fff.p ff.p2
62#if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66#cmp f.t ff.t1
67#if [ $? != 0 ]; then exit 1; fi
68#cmp f.t ff.t2
69#if [ $? != 0 ]; then exit 1; fi
70#cmp f.t ff.t3
71#if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75#cmp f.p ff.p2
76#if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa
deleted file mode 100644
index d6a4dd826d..0000000000
--- a/src/lib/libssl/test/trsa
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl rsa'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testrsa.pem
12fi
13
14echo testing rsa conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20#echo "p -> t"
21#$cmd -in fff.p -inform p -outform t >f.t
22#if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30#echo "t -> d"
31#$cmd -in f.t -inform t -outform d >ff.d2
32#if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37#echo "d -> t"
38#$cmd -in f.d -inform d -outform t >ff.t1
39#if [ $? != 0 ]; then exit 1; fi
40#echo "t -> t"
41#$cmd -in f.t -inform t -outform t >ff.t2
42#if [ $? != 0 ]; then exit 1; fi
43#echo "p -> t"
44#$cmd -in f.p -inform p -outform t >ff.t3
45#if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50#echo "t -> p"
51#$cmd -in f.t -inform t -outform p >ff.p2
52#if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61#cmp fff.p ff.p2
62#if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66#cmp f.t ff.t1
67#if [ $? != 0 ]; then exit 1; fi
68#cmp f.t ff.t2
69#if [ $? != 0 ]; then exit 1; fi
70#cmp f.t ff.t3
71#if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75#cmp f.p ff.p2
76#if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid
deleted file mode 100644
index 9e0854516c..0000000000
--- a/src/lib/libssl/test/tsid
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl sess_id'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testsid.pem
12fi
13
14echo testing session-id conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20#echo "p -> t"
21#$cmd -in fff.p -inform p -outform t >f.t
22#if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30#echo "t -> d"
31#$cmd -in f.t -inform t -outform d >ff.d2
32#if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37#echo "d -> t"
38#$cmd -in f.d -inform d -outform t >ff.t1
39#if [ $? != 0 ]; then exit 1; fi
40#echo "t -> t"
41#$cmd -in f.t -inform t -outform t >ff.t2
42#if [ $? != 0 ]; then exit 1; fi
43#echo "p -> t"
44#$cmd -in f.p -inform p -outform t >ff.t3
45#if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50#echo "t -> p"
51#$cmd -in f.t -inform t -outform p >ff.p2
52#if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61#cmp fff.p ff.p2
62#if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66#cmp f.t ff.t1
67#if [ $? != 0 ]; then exit 1; fi
68#cmp f.t ff.t2
69#if [ $? != 0 ]; then exit 1; fi
70#cmp f.t ff.t3
71#if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75#cmp f.p ff.p2
76#if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509
deleted file mode 100644
index 35169f3a43..0000000000
--- a/src/lib/libssl/test/tx509
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/bin/sh
2
3PATH=../apps:$PATH
4export PATH
5
6cmd='../apps/openssl x509'
7
8if [ "$1"x != "x" ]; then
9 t=$1
10else
11 t=testx509.pem
12fi
13
14echo testing X509 conversions
15cp $t fff.p
16
17echo "p -> d"
18$cmd -in fff.p -inform p -outform d >f.d
19if [ $? != 0 ]; then exit 1; fi
20echo "p -> n"
21$cmd -in fff.p -inform p -outform n >f.n
22if [ $? != 0 ]; then exit 1; fi
23echo "p -> p"
24$cmd -in fff.p -inform p -outform p >f.p
25if [ $? != 0 ]; then exit 1; fi
26
27echo "d -> d"
28$cmd -in f.d -inform d -outform d >ff.d1
29if [ $? != 0 ]; then exit 1; fi
30echo "n -> d"
31$cmd -in f.n -inform n -outform d >ff.d2
32if [ $? != 0 ]; then exit 1; fi
33echo "p -> d"
34$cmd -in f.p -inform p -outform d >ff.d3
35if [ $? != 0 ]; then exit 1; fi
36
37echo "d -> n"
38$cmd -in f.d -inform d -outform n >ff.n1
39if [ $? != 0 ]; then exit 1; fi
40echo "n -> n"
41$cmd -in f.n -inform n -outform n >ff.n2
42if [ $? != 0 ]; then exit 1; fi
43echo "p -> n"
44$cmd -in f.p -inform p -outform n >ff.n3
45if [ $? != 0 ]; then exit 1; fi
46
47echo "d -> p"
48$cmd -in f.d -inform d -outform p >ff.p1
49if [ $? != 0 ]; then exit 1; fi
50echo "n -> p"
51$cmd -in f.n -inform n -outform p >ff.p2
52if [ $? != 0 ]; then exit 1; fi
53echo "p -> p"
54$cmd -in f.p -inform p -outform p >ff.p3
55if [ $? != 0 ]; then exit 1; fi
56
57cmp fff.p f.p
58if [ $? != 0 ]; then exit 1; fi
59cmp fff.p ff.p1
60if [ $? != 0 ]; then exit 1; fi
61cmp fff.p ff.p2
62if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66cmp f.n ff.n1
67if [ $? != 0 ]; then exit 1; fi
68cmp f.n ff.n2
69if [ $? != 0 ]; then exit 1; fi
70cmp f.n ff.n3
71if [ $? != 0 ]; then exit 1; fi
72
73cmp f.p ff.p1
74if [ $? != 0 ]; then exit 1; fi
75cmp f.p ff.p2
76if [ $? != 0 ]; then exit 1; fi
77cmp f.p ff.p3
78if [ $? != 0 ]; then exit 1; fi
79
80/bin/rm -f f.* ff.* fff.*
81exit 0
diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem
deleted file mode 100644
index 0da253d5c3..0000000000
--- a/src/lib/libssl/test/v3-cert1.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
3NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
4dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
5ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
6ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
7ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
8miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
9AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
10Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
11DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
12MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
13AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
14X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
15WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
16-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem
deleted file mode 100644
index de0723ff8d..0000000000
--- a/src/lib/libssl/test/v3-cert2.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
3YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
4ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
5dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
6WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
7BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
8FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
96ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
10G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
11YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
12b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
13F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
14lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
15jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
16-----END CERTIFICATE-----
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
deleted file mode 100644
index cf92ae034f..0000000000
--- a/src/lib/libssl/tls1.h
+++ /dev/null
@@ -1,164 +0,0 @@
1/* ssl/tls1.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_TLS1_H
60#define HEADER_TLS1_H
61
62#include <openssl/buffer.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
69
70#define TLS1_VERSION 0x0301
71#define TLS1_VERSION_MAJOR 0x03
72#define TLS1_VERSION_MINOR 0x01
73
74#define TLS1_AD_DECRYPTION_FAILED 21
75#define TLS1_AD_RECORD_OVERFLOW 22
76#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
77#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
78#define TLS1_AD_DECODE_ERROR 50 /* fatal */
79#define TLS1_AD_DECRYPT_ERROR 51
80#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
81#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
82#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
83#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
84#define TLS1_AD_USER_CANCELLED 90
85#define TLS1_AD_NO_RENEGOTIATION 100
86
87/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
88 * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
89 * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
90 * shouldn't. */
91#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
92#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
93#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
94#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
95#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
96#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
97#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
98
99/* XXX
100 * Inconsistency alert:
101 * The OpenSSL names of ciphers with ephemeral DH here include the string
102 * "DHE", while elsewhere it has always been "EDH".
103 * (The alias for the list of all such ciphers also is "EDH".)
104 * The specifications speak of "EDH"; maybe we should allow both forms
105 * for everything. */
106#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
107#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
108#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
109#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
110#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
111#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
112#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
113
114
115#define TLS_CT_RSA_SIGN 1
116#define TLS_CT_DSS_SIGN 2
117#define TLS_CT_RSA_FIXED_DH 3
118#define TLS_CT_DSS_FIXED_DH 4
119#define TLS_CT_NUMBER 4
120
121#define TLS1_FINISH_MAC_LENGTH 12
122
123#define TLS_MD_MAX_CONST_SIZE 20
124#define TLS_MD_CLIENT_FINISH_CONST "client finished"
125#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
126#define TLS_MD_SERVER_FINISH_CONST "server finished"
127#define TLS_MD_SERVER_FINISH_CONST_SIZE 15
128#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
129#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
130#define TLS_MD_KEY_EXPANSION_CONST "key expansion"
131#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
132#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
133#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
134#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
135#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
136#define TLS_MD_IV_BLOCK_CONST "IV block"
137#define TLS_MD_IV_BLOCK_CONST_SIZE 8
138#define TLS_MD_MASTER_SECRET_CONST "master secret"
139#define TLS_MD_MASTER_SECRET_CONST_SIZE 13
140
141#ifdef CHARSET_EBCDIC
142#undef TLS_MD_CLIENT_FINISH_CONST
143#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/
144#undef TLS_MD_SERVER_FINISH_CONST
145#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/
146#undef TLS_MD_SERVER_WRITE_KEY_CONST
147#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
148#undef TLS_MD_KEY_EXPANSION_CONST
149#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/
150#undef TLS_MD_CLIENT_WRITE_KEY_CONST
151#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/
152#undef TLS_MD_SERVER_WRITE_KEY_CONST
153#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
154#undef TLS_MD_IV_BLOCK_CONST
155#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/
156#undef TLS_MD_MASTER_SECRET_CONST
157#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
158#endif
159
160#ifdef __cplusplus
161}
162#endif
163#endif
164